I remember years ago, mid/late 2000s I think, hearing a story about two security researchers - Japanese, IIRC - who were scanning and mapping the internets for whatever reason (probably looking for machines to pop). When you set out for such a project, one usually has their shit together; you aren’t just poking around the net on Windows 98 with no protection and screaming “Ph33r me I aRe l33t hax0rz”.
Anyway, they happened to be hitting a particular corporate netblock just then - I don’t recall which - and one of the researchers just happened to be at his console logged into one of the machines doing the scanning at that moment. He had a process monitor up which he was reviewing (for Windows people: think Task Manager, but command-line driven, and useful). He noticed something odd, I don’t recall if it was a strange process running, or if one was eating CPU cycles in a weird way or what, but he noticed something about the processes, and one particularly unusual process, was running as root…
That is all I vaguely remember about the story and do not recall what they did after that.
The point is, they were basically just pinging IP addresses. But as the story goes:
- they pinged an IP
- and the IP pwned them
I also don’t know if the story is true (or where I heard it from) but, if it is, then there is some scary shit out there on the Net.
I wonder if this was maybe part of the NSA’s MonsterMind program (or something similar), and if the researchers were probing the networks (or just this one) in such a way that the NSA’s AI took notice of them, and fired something back which pwned their boxen. I don’t know… none of us do. That is part of the problem. And, if AI are going to automatically attack boxen w/o any humans in the loop to preempt these actions, this is highly problematic as well.
I mean, how many times have you stayed up late into the night because some code didn’t work correctly? Or (for non-hackers), how many times have you fought with a computer because it did something stupid and it took you hours or days to fix? Code is shit and programmers make mistakes (sometimes “features”;-). What if the NSAs code is bad too? I don’t want some NSA bot automatically attacking me because my traffic looks peculiar. This is like being executed in the street by police for looking “suspicious” (maybe black).
Security and malware researchers have it even worse, because they are deliberately (but not maliciously) generating traffic that would get them fired upon. This is how they secure their businesses or create fixes for malware that are infecting us. Yet, because of these good deeds, they are treated as enemies of the State.
Then again, mayhaps the State views those who are technologically literate this way all along. Either way, this continued weaponization of the Network is bad news for everyone.