infosec4breakfast

In the Beginning and the Current State of the Internet

Intro

This post is going to consist of my ramblings that will coincide with my first encounters with IT (in)security and some predictions I made when I was 13 years of age which have coincidentally come true (to some extent) due to my views of the internet at the time (which seemed to be fairly accurate for a 13 year old). I’ll then go into my views on a number of groups that I’m not exactly an expert on, but interest me highly and why they do.

In The Beginning

I was 13 years old and my cousin was on MSN messenger talking to another cousin of mine while I was sitting next to him. He was requested to accept a file transfer, which he did, from my other cousin on the other end. At the time I didn’t know this but the file was an executable with the very distinguishable Visual Basic 6 default icon. Once the transfer had finished he proceeded to open the file. At that instance all of his MSN windows were opened and a message was sent across each one in spanish which was apparently provocative.

This amazed me immensely, and I couldn’t wait to learn more. This sparked my interest in computers at the time to more than just a machine to play games on - which has brought me to where I am today to some extent. What I wanted to post about was my reaction to this. I had heard about the term “hackers” before but had never given it much thought, and that night it had me thinking. The result of my extended thought processes was a conversation with my cousin about the entire subject. One sentence which sticks out in my memory was a statement that I made: “The hacker’s are going to control the Internet in the future.” This does not coincide completely with the state of the internet of today, but it does to some extent.

Recent Events

Typically I keep up with the ongoings of the internet through a number of channels, these being blogs, twitter, and the like. Recently on http://slashdot.org/ I saw a story about GhostShell. Apparently they’ve released a whopping ~1.6 Million account details pertaining to major organizations and governmental agencies. What’s interesting is how many major organizations are in this list of accounts, and how major this leak is! These kind of leaks coincide directly with my statements as an adolescent.

I really don’t have to harp on the concept of Anonymous (and it’s branch offs), and hacktivism as a whole, but the amount of breaches in recent years have been astronomical and are directly associated with these groups. One aspect that I do see important to take note of is that the overall intent of the concept of “hacktivism”. As they mentioned in the interview with Softpedia, “DeadMellox” who is apparently a non-existent individual - according to their leak - talks about their operations as being non-malicious. Even though they’ve leaked an immense amount of information to the public (most of it being detrimental to the companies/organizations in question) these holes will be found, and will be patched accordingly. Whereas if another group had come along and found these vulnerabilities, it could have had a much larger impact to the organizations in question - especially government based contractors. Just a number of interesting aspects to think about.

Do hacker’s control the internet? Well that’s a question you have to ask yourself and the currently established security industry. What I see is that a lot of work needs to be done, new standards have to be developed, secure protocols have to be developed based on experience in the past. Of course all of these things are being currently considered, and more secure protocols are being developed (such as IPSec being enabled by default in IPv6) but these things need to happen faster, and be well done. Humans are insecure by nature, and we trust too much. This will always be the case for years to come, but hopefully organizations begin to become security oriented and focuse on secure goals, and not just making money. I will be contributing this through my communal efforts, and a security based career that I will be working toward in the coming years, and we’ll see where the state of the world/internet is in the years to come.

-Josh