

A Cyber-Attack on an American City - Angostura
http://perens.com/works/articles/MorganHill/

======
sunir
When I was a young hacker (I presume readers of _Hacker_ News will understand
my meaning of this term), I had a reputation for finding out how to crash any
system--a useful skill when building fault-tolerant real-time distributed
systems.

The president of the software company I was at suggested that "no doubt _you_
could break into our new secure file system and down, but please don't." I
told him that if I _really, really_ needed to bring down his fancy new server,
I would go get the fire axe, break down the door, and kick the server over.

Everyone focuses on securing the bits, but no one worries about the wires.
It's disturbing hearing about this kind of attack.

~~~
aptimpropriety
>Everyone focuses on securing the bits, but no one worries about the wires.
It's disturbing hearing about this kind of attack.

There's a distinct difference between obtaining information and destroying it.
While being an anarchist can be useful to some extent, getting 'inside' is far
more useful to the thoughtful deviant.

That being said, still agree with your point. It's still frightening how much
said anarchists can shake up the world.

~~~
bct
Where do anarchists come into this? I hope you're not using that word as a
synonym for "saboteur".

------
arjunnarayan
The extent of the infrastructure vulnerabilities that Perens talks about (not
to mention the recent US power grid attacks) really highlights how unprepared
civil government is in the face of dedicated attackers. Its all fine and dandy
when your servers are the latest hardened SELinux, but when someone cuts your
cables, you're really on the out. (You could try communicating via RFC 1149).
I suspect that "disaster management" today really means wait for the military
to come and take over...

~~~
ryanwaggoner
+1 for RFC 1149 :)

------
wallflower
> The old Bell System used to arrange cables in a ring around a city, so that
> a cut in any one location could be routed around. It's not clear how much
> modern telephone companies have continued that practice.

I remember being fascinated in one otherwise boring computer networking class
by the self-healing concept of SONET fiber optic networks. I didn't know it
was pre-dated by copper wire.

On a piece of scrap paper, draw two concentric rings. Draw bridge points (a
line bisecting both of the two rings) at ten or twelve points along the rings.
Draw CW-direction arrows on the inner ring and CCW-direction on the outer.
Simulate a cable cut by erasing part of the two rings. SONET will
automatically heal itself by detecting the cut and bridging its traffic at the
closest bridge point and going the opposite direction until it goes all the
way around and hits the cable cut from the other direction (and auto-bridges
and forms a new closed comm loop)

SONET would not have helped, as it is too expensive to be deployed outside a
metro area (redundancy).

"Self-Healing Ring Architectures for SONET Network Applications"
[http://www.doc.ic.ac.uk/~nd/surprise_96/journal/vol2/dm9/art...](http://www.doc.ic.ac.uk/~nd/surprise_96/journal/vol2/dm9/article2.html)

~~~
varjag
The modern solution to that is RSTP, or somtimes, similar proprietary
protocols. It also works on arbitrary networks, not just ring topologies. We
use RSTP for failover in tunnel control and emergency systems here in Norway,
usually arranged into hierarchial ring-like structures.

~~~
wallflower
Would RSTP have survived this situation (eight cables cut)? I think it was a
single point of failure though (no other branches for the graph).

~~~
varjag
I was addressing the poster's point about SONET. Of course no recovery
solution will survive if the graph is really split into parts.

In case of the tunnels there normally isn't a single point you can slash and
bring down the whole system. The failover requirements, recovery times etc are
dictated by national road authority and fire safety regulations.

~~~
varjag
The poster being you of course :)

------
quoderat
"Email from others in your office should continue to operate."

We use hosted Exchange where I currently work. Sounds good until you actually
want to do anything useful. Today, I got in a battle with their support
because I wanted to forward email from one email address to another -- which
they wouldn't let me do because I wasn't an "administrator" of one of the
domains from which I wanted to forward email, even though I am the network
infrastructure manager for the entire company.

So, having this service out in the cloud turned what would have been a two
minute job if I'd had a local Exchange server into a five-hour battle with
tech support (which I eventually lost because I gave up). In my limited
experience so far, cloud computing is ok until you actually need to do
something useful.

------
LogicHoleFlaw
This story makes me want to go get my ham radio certification. I've taken the
training courses but just not taken the test. I need to get on that.

------
10ren
And the internet was supposed to route around damage...

One way to do this is to make wifi laptops and mobile phones into routers - an
ad hoc network <http://en.wikipedia.org/wiki/Mobile_ad-hoc_network>

So far, research in this is academic/hobbiest.

