[AusNOG] NBN must avoid becoming 'failed state'

Mark Newton newton at internode.com.au
Mon Sep 20 19:49:06 EST 2010


On 20/09/2010, at 7:01 PM, Dobbins, Roland wrote:

> 
> On Sep 20, 2010, at 4:15 PM, Mark Newton wrote:
> 
>> It seems to me that you're drawing some kind of equivalency here between
>> violent bloody death and SYN floods.
> 
> I didn't draw that equivalency - Jason Bailey did.

Now you're being disingenuous.  Here's what you said:

> I can see another one:  'DDoS attack disrupts telemedicine session, patient dies, NBNCo says security "not our responsibility," Parliamentary inquiry commences.'
> Which one is more likely?

Are you now walking-back the suggestion that death-by-DDoS is
"more likely"?

Blame Jason Bailey for "starting it" if that's your schtick, but
accept that you upped the ante and contributed to the meme every 
bit as much as he did.

> And, to be fair, the time when Bad Things happening online can cause Bad Things to happen in the physical world is approaching.

Only if the physical world is ruled by complete idiots.

>> If it is happening -- if your hyperbole about death-by-DDoS is true --
> 
> Again, it was Jason Bailey's hyperbole, not mine.

That all depends on whether you're walking it back, doesn't it?
You haven't yet, so I'll continue to attribute your own words to
you.  That's normally how it's supposed to be done, right?

>> then I'll be asking serious questions about the medical operators who
>> were foolish and unethical enough to entrust life-critical functions
>> to a third-party network they can't control.
> 
> It happens every day in hospitals around the world - unpatched and unpatchable machines running Windows which are compromised with malware, entire hospital networks going down due to same.

Which "entire hospital networks" go down for /any reason/, let alone
patching, every day?

I was talking to a security manager in the Health Dept just last
week about this very issue, incidentally.  The threat is from 
USB keys, not external DDoS's, because these systems aren't
connected to external networks.

>> Give me another example ANYWHERE in the medical field where that happens.
>> Just one case where a doctor will entrust someone's life to something 
>> that s/he can't personally, obsessively, control.
> 
> Walk into any hospital making use of general-purpose computers running general-purpose operating systems to perform vital functions.  And there you are.

Can't find any.  Lots of stand-alone systems (running obsolete
unpatched OS's, sure).  And lots of systems that network to each
other but not to the outside world, so that they can be monitored
from a nurse's station or similar.

Perhaps I'll believe you when you can show me how to shut down
grandma's dialysis machine from my iPad while I'm watching TV.

But we're talking on an ISP operations list about ISPs, and if any
hospital security manager is doing their job then I'll be able to
count "vital functions" being performed by internet-connected systems
in hospitals on the fingers of zero hands.

>> NBNCo is, after all, supposed to be a private company.
>> 
>> (Right?  Or are we talking about a different NBN, one that isn't
>> reflected in current Government policy?)
> 
> NBNCo seem to think they're a Government Business Enterprise - are they mistaken?

Perhaps you don't understand what a Government Business Enterprise
is.

It's a company, registered with ASIC just like any other company,
whose shares just happen to be owned by the Government.

It has its own CEO, its own board, makes its own decisions, etc.
You even see the Minister testifying in the Senate about how he
doesn't control their hiring practices, and the CEO refusing to 
appear before the Parliament.  They're answerable to the govt
inasmuch as any company is answerable to its shareholders, but 
they get to make their own decisions just like HP and Cisco.

Now, you can make an argument about that being a load of codswallop,
and many of us might even believe it.

But, as written, and as intended, NBNCo is a company just like any
other, currently owned by the Commonwealth, but intended to be
sold to private shareholders no more than 5 years after "completion"
of its build.  And if you're intending to mount any arguments based
on a different understanding of what it is, it might be useful for
you to identify them as applying to a hypothetical imaginary NBN,
rather than the actual NBN with which those of us in this country
are presently confronted.

  - mark

--
Mark Newton                               Email:  newton at internode.com.au (W)
Network Engineer                          Email:  newton at atdot.dotat.org  (H)
Internode Pty Ltd                         Desk:   +61-8-82282999
"Network Man" - Anagram of "Mark Newton"  Mobile: +61-416-202-223








More information about the AusNOG mailing list