[CII] Advocatus Diaboli

Felix 'FX' Lindner fx at recurity-labs.com
Wed Dec 2 17:02:54 UTC 2009 

On Wed, 2 Dec 2009 06:57:07 -0700 (PDT) "Joe St Sauver"
<joe at oregon.uoregon.edu> wrote:
> Felix mentioned:
> 
> #If you need it more clearly cut, how about a full failure of BGP
> #routing software. Let's suppose someone finds a flaw in the route
> #selection algorithms of BGP->RoutingTable. It's relatively unlikely
> #but would cause the effect I'm looking at.
> 
> I'm not sure that *any* new BGP vulnerability is required for
> BGP-based failures... The sheer vulnerability of BGP to hostile
> announcement of more specific routes is already sufficient to make
> BGP a major potential point of failure. See, for example,
> http://www.uoregon.edu/~joe/fall2006mm/

Sure, but it would be too well known a problem to convey the idea
behind the experiment. I wanted to skip the "but we know how to filter"
discussion with Tier1 operators ;)

> #> Satellite communications can take over but do you remember how slow
> #> that can get?
> #
> #On top of it, everyone gets to see your down-link, so you may not be
> #happy with that option or cause confidentiality problems that you did
> #not have before, making this option worthless to you.
> 
> I'd flag *both* throughput *and* latency issues. Satellite is not a 
> fungible replacement for fiber either for applications that are highly
> interactive, or for applications that need to quickly move large
> files.

Agreed, but wouldn't it still be the most widely used alternative
anyway?

> Encryption can potentially reduce the eavesdropping issue.

If you can get your key distribution figured out in an emergency ;)

> #Suspension has been the tool of choice in any event that could
> #negatively affect stock prices lately.
> 
> Suspensions are... interesting... in a world where there are multiple 
> exchanges in operation, particularly when it comes to how pending
> orders are handled following a suspension. Consider, for example:
> 
> -- I submit an order to sell a couple thousand shares of <foo>, but
> while that order is pending, the exchange crashes.
> 
> -- The price of that stock begins to drop precipitously (for example,
>    hypothetically assume that <foo> provided the systems that
> crashed :-))
> 
> -- Do I endeavor to sell those shares "again" on a different exchange
>    that is still up? If so, can I positively cancel the pending 
>    transaction on the original exchange? (Or could I end up selling
>    the same shares twice?)
> 
> -- If my primary exchange "loses" my original transaction, and I
> don't use an alternative exchange that's still up, is it possible that
>    I might end up not selling any of my shares at all?
> 
> -- What if my primary exchange honors my original transaction, but
>    does so at the (now far lower) price that is in effect at the 
>    time the exchange comes back up?

Indeed interesting, but isn't that what settlements are for? As long as
both trading partners didn't settle your transaction, it didn't happen
AFAIK.

> #But as long as the VoIP systems don't use the Internet
> #for transport (which, AFAIK, they don't), you should be able to call
> #your people in the same town.
> 
> VoIP providers do use packet networks for transport. Trivial example:
> many consumer-grade VoIP users connect over existing consumer
> broadband connections, and VoIP providers routinely use packet
> transport for long haul trunks.

Packet transport != Internet. 

We already concluded that most private networks would still work, which
would also hold true for the connection of the consumer-grade VoIP user
over broadband to the provider's next data center. That's why I
mentioned "same town", as long haul using encapsulation over the
Internet would probably be a problem.

> #So, assumed medical institutions have routed all their stuff over the
> #Internet and it doesn't work anymore, what impact would that have on
> #their ability to perform their function (i.e. doctors working)? I
> #don't see how that lack of Internet would limit them.
> 
> Most pharmacies, including most hospital pharmacies, limit the
> quanitity of drugs they carry at any given time (huge number of SKUs,
> wasting asset that goes bad if not used by expiration date, some
> products cost (literally) thousands of dollars/dose (example: a
> single syringe/single dose of Neulasta, a drug used to boost white
> blood cell counts in patients undergoing chemotherapy for cancer, can
> cost US$7,000), etc.). And then there are things like
> radiopharmaceuticals, which again are ordered on an as-needed basis,
> or medical gases (oxygen, obviously, but also gaseous anesthesia
> agents, and even liquid helium to cool some advanced imaging
> devicees). 
> 
> As a result, as a business decision, pharmacies order and receive new
> (and critically needed) supplies of drugs literally on a daily basis.
> That sort of "just-in-time" inventory processing requires tight
> supply chain integration that would quickly become impossible if the
> Internet were to go away.
> 
> And it's not just drugs... consider medical and surgical supplies
> (there's a tremendous amount of stuff that gets used for any
> procedure or examination, ranging from Tyvek gowns and drapes, to
> gloves and masks, sterilizing agents, housekeeping supplies, x-ray
> film, contrast agents, casting supplies for broken bones, orthopedic
> implants and screws, urine specimen cups, blood collection tubes,
> tongue depressors, swabs, you name it). Non-pharmaceutical medical
> and surgical supplies are HUGE as a supply chain issue. 

But again, wouldn't placing the order by phone or even messenger
(the intern in his car) still take place?

> #> Military
> #
> #Same applies here, what function of the military organisation will
> #fail without Internet transport? 
> 
> The same b*tch that all too often keeps fighting men and women from
> doing their jobs: logistics (supply). Moving fuel, ammunition, food
> and medicine to keep up with a highly mobile fighting force is
> largely coordinated over the network these days. 

I am tempted to agree here, since I can imagine the military actually
relying on the Internet for logistics (which would be a bad decision,
especially for them). 

Do we have any evidence that this is in fact the case?

> Likewise, sharing tactical intelligence gets a whole lot harder if the
> network isn't up, just to mention a second example.

How so? Isn't the military the one group that has many different
communication methods at its disposal?

cheers
FX

-- 
Recurity Labs GmbH           | Felix 'FX' Lindner 
http://www.recurity-labs.com | fx at recurity-labs.com 
Wrangelstrasse 4             | Fon: +49 30 69539993-0
10997 Berlin                 | PGP: A740 DE51 9891 19DF 0D05  
Germany                      |      13B3 1759 C388 C92D 6BBB
HRB 105213 B, Amtsgericht Charlottenburg, GF Felix Lindner

More information about the CII mailing list