Fiber-Optic Map: A Classified Dissertation? 299
An anonymous reader writes "So you spent all that time researching, compiling and formatting your dissertation ... now what if it became classified information? That's exactly what may end up happening to Sean Gorman's dissertation.
He's compiled a detailed map of American companies and the networks that bind it all together, right down to the very last fibre connection.
The government wants it classified in the interest of national security. Large financial institutions want it classified/destroyed in the interest of economic security. But terrorists would love for this to be published ... it would make their job so much easier." If Gorman can map the fiber network though, doesn't that mean someone else could do the same? Update: 07/09 13:06 GMT by T : Sorry, I blinked past the story as posted yesterday.
Re:Whoops (Score:3, Insightful)
Someone is sleeping.
A dupe, but so what ? (Score:2, Insightful)
Morons.
That's why it must be classified. (Score:5, Insightful)
And this is exactly why his work must be classified or destroyed. Remember, kids, most recent laws are here not to prevent the bad guys from doing something (by deffinition, they are bad and thus expected to break those laws), but to prevent the average citizen from doing something.
He can publish AND not go to jail (Score:4, Insightful)
Considering that it's the data in the program that is sensitive and was time-consuming to compile, the algorithms themselves are pretty harmless. Why not call his dissertation "A Method for Mapping National-Scale Fiber Optic Networks," get his degree, feed the source to his dog, and get a job with the NSA?
Re:Does he have to keep anything secret? (Score:5, Insightful)
Hopefully ... (Score:4, Insightful)
What About Australia? (Score:3, Insightful)
I reckon the continent is spanned by a couple of (a few if you're lucky) fibre optic cables. Chances are you don't even need a map to find them. Just follow the line of solar powered repeaters, one of the handful of roads or the single railway line. Alternatively, just look for the line of brightly coloured posts marking the cables, in an attempt to stop people accidentally digging them up!
Take your ditch digger into a remote area, carve a 100 metre ditch perpendicular to the road and bingo, one severed optical fibre cable.
Dupe? What's your point, people? (Score:4, Insightful)
But to everyone else bitching to hell and back about duplicate posts (in redundant, duplicate posts to begin with), I say:
Big. Freaking. Deal.
If you don't like it sooooo much--if you have such a problem with the content of Slashdot--STOP READING SLASHDOT. You're not paying anything, you're not forced to read any of the sections, and no one here owes you anything.
I don't understand why people who are pissed off so much by typos and accidental duplicate story posts (it's not like it's done on purpose) would continue coming here just to bitch about it in the comment threads. Oh, wait, this is
Mapping the network (Score:3, Insightful)
So, now anyone wanting to replicate Gorman's work will need to take the next 4-6 years off, have an advisor who will keep you from going down dead ends as Gorman's advisor probably did, get paid by someone (Mr. Bin Laden?) during that time, work in a newly, informational hostile environment, and keep updating your map even as you map new areas. Not a piece of cake.
Internet Durability? (Score:4, Insightful)
The Internet was designed to be durable. It is built with many points of failure and it is supposed to function even with many of those points disabled.
Why is it then that a backhoe operator in California can knock out Internet access or at least cripple traffic for the entire country?
Is it simply that there is not enough redundancy to make this possible? If that is the case, forget about supressing research like Gorman's and increase the infrastructure.
Regrettably, I must agree that spilling this information out into the public domain is not the best. Computer security concerns should be publicized, but physical security issues should not. They differ insofar as the means of resolving security issues. If some operating system has a vulnerability, it is repaired once and the patch gets disseminated to all affected systems. You cannot simply build a stronger door and pass that door around to all affected sites.
Nevertheless, we should make efforts to nullify the vulnerability so that when this information becomes public, the point is moot and a few bombs destroying some fiber will do nothing.
PhD quality research? (Score:4, Insightful)
I admit that this author is not alone--in the CS department where I work, "experimental" Ph.D. theses featuring poorly designed experiments or no scientific work at all (which appears to be the case above) are a constant problem.
Perhaps this is an accident of the youth of the field.
Security Through Obscurity (Score:5, Insightful)
Instead, the work should be used to increase our knowledge of our infrastructure so that we can know our own weaknesses. If we are aware of our weaknesses, we can then do something to protect them.
There are probably many legitimate applications that can be built using this knowledge. For instance, my company is launching a Web service which may someday have millions of users worldwide. It would be very nice to be able to analyze our nation's infrastructure for the most secure and reliable places to co-lo our servers.
Re:not suprising (Score:5, Insightful)
Stack a bunch of graphite, throw in some uranium and graphite rods with some controls to raise and lower then and vola! an atomic pile.
And the first antibiotics...bread mold in a dish...
Often a breakthrough simply comes from someone organizing what has been out there for years.
Since when.. (Score:5, Insightful)
Ministry of Truth, Rule #3 (Score:4, Insightful)
My guess as to how he did it. (Score:4, Insightful)
Not too novel or ingenious, just tedious. Will the US ban traceroute now?
Re:Dupe? What's your point, people? (Score:3, Insightful)
Maybe instead of complaining that this one is a dupe, we should be complaining that yesterday's headline and description were lacklustre and ignorable.
What about the proliferation of knowledge? (Score:5, Insightful)
"He should turn it in to his professor, get his grade -- and then they both should burn it," said Richard Clarke, who until recently was the White House cyberterrorism chief.
Knowledge should be used to empower. Knowledge should be passed along from generation to generation. It is our knowledge that makes this (or any country) worthy of defending.
How about finding ways to better secure our national infrastructure instead of "persecuting" researchers. What's next? The Bush administration will outlawing thinking?
Maybe I am just overreacting, but the above quote from this article reminds me of The Burning of the Library of Alexandria [ehistory.com].
easy killer - a bit ot but relevant.. (Score:5, Insightful)
yes, isnt their *just a little* paranoia in that statement? What is more likely, that A) the World-trade-center event was rather isolated and abhorent or B) There are vast numbers of Evil Terrorists(tm) plotting from within America just waiting -- literally foaming at the mouth in breathless anticipation -- of this kind of information in order to plot their Next Terrorist Attack(tm).
Really, you yanks need to get out more. The rest of the world deals with these kinds of criminals ALL THE TIME(!) and you dont see them in a paranoid funk do you? Your wife/mother/daughter is more likely to be raped and killed by your husband/father/son than they are to die bc of the Next Terrorist Attack(tm). You gonna lock up anyone who looks cross-eyed?
I understand the world trade center was a very tragic and emotional event, but really -- CALM THE HELL down and start to think rationally again. Your government/military has your nation whipped in such a lather that *YOU* are *really* a greater threat to World Peace than any Evil Terrorist(tm).
It was not OK for the US to invade Afghanistan because they cant/wont extradite osama binladen*. It was not OK for the US to invade Iraq because they didnt like sadam hussein*. It will not be OK the next time the US decides to invade %somewhere%.
*setting up these straw-men, and demonizing them was a propaganda tactic meant to shift the public's views of these events... instead of understanding the events as Germany->Poland style invasions, justifying them as "go after this Real Evil Dude(tm)" is pretty straight-forward propaganda... the fictional rationale is irrelvant really. The bottom line is that the USA just invaded/occupied two nations in the last few years. These subtleties may be lost on the domestic audience, but the rest of the world A) doesnt buy it and B) sees the USA as a rogue nation... but I digress.
PS to the Brits amoungst us; please toss Blair out of office for this misdead - but dont elect the god-darn conservatives in his place, they will only be worse.
Re:He can publish AND not go to jail (Score:3, Insightful)
Yep. And for any other location, dial up the number on the "call before you dig" sign and you can sometimes even get a telco to send you a fairly detailed map.
Re:not suprising (Score:2, Insightful)
A earthquake danger chart for the Portland OR metro area is just a map and other data but it's a research project. Low temprature rock formations of Eastern Oregon aren't that revolutionary or unprecedented.
From the articles I've read on this guy and this subject he is the first one to put it all togeather in one place, sounds unprecedented to me.
Re:This part (Score:3, Insightful)
The public should have every right to know what is in their neighborhoods. "Does all that openness still make sense?" Yup, sure does - as soon as you start hiding facts from the public, you start weakening the country. Our government supposedly couldn't stop the attacks in New York with advance information - now you expect them to police every supposed 'weak point' in the country, while classifying that information?
The less we know, the more hysteria and crap we can be fed.
Re:not suprising (Score:2, Insightful)
So apparently you missed the part in the Washington Post that states...
Using mathematical formulas, he probes for critical links, trying to answer the question "If I were Osama bin Laden, where would I want to attack?"
What he has done is to probe and test the layers of infrastructure for weakness and try to determine the econominc impact if those weaknesses were to be exploited. Any boob can use GIS software to layer all of the different infrastructures on a pretty map. To analyze all of the layers and then tie them together so as to come up with the mathmatical formulas to determine what would happen if.... Now that sounds like it would take some smarts.
Re:Internet Durability? (Score:3, Insightful)
It takes time, money and engineering to build a reliable network. Back in the days of the Bell System, a great deal of effort was expended in improving the reliability of the hardware and the network. There were redundant paths, load balancing and excess capacity built into the network. Huge amounts of money were spent on making electronic switching systems, and the associated software, extremely reliable.
The Bell monopoly is gone. So are the economic conditions that made it possible to spend all that money on reliability. Today, the emphasis is on fast, cheap and disposable. Telephones are no longer designed to last decades. Single points of failure are acceptable if they result in consolidation and costs savings. Experienced workers have been downsized and replaced with cheap contractors.
Many of the people who design IP networks have no interest in reliability beyond "it works most of the time". Single points of failure abound in their networks, which are usually built from mediocre hardware running software that is in perpetual beta test.
Look at the popularity of VOIP and PC based switches. People are eager, even if they don't think about it, to trade reliability for cash. Why spend big bucks on a purpose-built PBX when we can do it on a PC running Windows with some add-ons? Why spend money on backup power, redundancy and failure tolerance?
Reliability costs money and there are damn few people who are willing to pay the price. That is reflected in the marketplace for hardware, software and communications services.
Re:not suprising (Score:2, Insightful)
I really think that this security stuff is getting out of hand. Suppose a man with a backhoe just digs by accident. Its a daily occurance. Nobody except the liablity issues for the digger has any fit over it because there are so many redundant channels for data.
This is classic foolishness to classify such a map. The Internet was invented out of US DOD efforts to make communications web linked to make destruction of single or many routes irrelevant.
Terrorists attacking key nodes at the 50 top sites at the same time would probably not even slow stuff down much. Americans really need to be looking at the real reasons for such classification. The reasons probably are more terristic than the terrorists intentions.
Re:Internet Durability? (Score:1, Insightful)
Re:not suprising (Score:3, Insightful)
Bin Laden does not want to kill people, what he wants is to destroy any threat to Islamic beliefs that he may perceive. Since he sees the USA (and other nations)as a threat to Islam, he has declared jihad against this country. The Islamic faith is against killing just like any other religion, but also like any other religion, killing can/is rationalized for the perceived greater good of the religous community and beliefs. So when you make an assinine statement like Bin Laden wants to KILL PEOPLE, you just make yourself sound like an idiot. As for the "hacker terroist", where does the Washington post article say anything about hacking? I do recall another section of the Washington post article that states:
He can drill into a cable trench between Kansas and Colorado and determine how to create the most havoc with a hedge clipper.
Gee I need to dump all of my electronic equipment and go out and get me one of those new hi-tech hedge clippers. Boy can I do some seriuos hacking then. I'll be the envy of all the l33t haX0rs everywhere. His disertation has nothing to do with hacking and anyone who reads that into it, needs to get out of their mommy and daddy's basement a little more often. It is all about finding weak points in the various infrastructures, and what the economic impacts would be if they were to be exploited. The reasons people are concerned are also stated in the article. Even your reply hinted at it:
he real motives are hinted at in the news story -- executives want the fragility of their systems kept secret because it's embarrassing.
Not only is it embarassing, but imagine how much it will cost to fix, or even how much it will cost if somebody (like a terrorist or even a competitor) were to take advantage of that vulnerablity. Now multiply that by every single organization that utilizes all of the different infrastructures. Now you might begin to understand the chaos it may create. That is in all probability why the Feds want to classify it. If Terrorist or religous zealots were to be able to have access to all of this data in a nice neat package then they would have a hell of a war plan. One of the most important rules of warfare is to attack economic centers. To oversimplify it, No money = No threat. So in response to your statement:
He doesn't care about interrupting your porn download, or even bank transactions
In actuality Bin Laden does care. The Pr0n industry is a multi-billion dollar industry that feeds many other industries, especially in the banking and Credit Card transaction areas. Any business, bank, or finacial organization that process Pr0n transactions would be effected if Bin Laden was to knock out any portion of that industry (or any multi-billion dollar industry that requires electronic banking and CC transactions). It's called a domino effect. So now if Bin Laden can knock down other industries on top of the Pr0n industry, then the dominos will fall faster. The faster you can take the money away, the faster you will win the war. Why do you think the Federal government has been working deligently to shutdown the "money" network of Al-Quada? Don't get me wrong, I do not believe the disertation should be classified. I mean if it was all built from legally obtained public information, then there is nothing stopping someone else (Especially well funded religous zealots that know how to take better advantage of the government beuarcracies than most Americans do) from doing the same. That would then lead to the next question, what other information should be classified? Should we classify everything? Where do you draw the line? I hope he gets to publish, and make a boat load of cash going to companies and the government to point out their weak spots so they can be fixed. If this doesn't scare the sh*t out of the companies and government to fix the problems, then nothing will ever convince them to corret them.
So no
Re:not suprising (Score:1, Insightful)