Vmyths.com

Hoaxes, myths,
urban legends

Columnists


Addictive
Update
Model

False
Authority
Syndrome


About us

Computer
security
humor

Truth about computer security hysteria
Truth About Computer Security Hysteria

As read by the author

VB2002 part 3: whole economies might die with the Internet

As read by the author Rob Rosenberger, Vmyths co-founder
Wednesday, 8 January 2003

[continued from part 2:
Maybe the Internet should die]
[Editor's note: it will help if you start at part 1 of this multi-part series.]

As read by the author (MP3) THE MUSINGS OF Jimmy Kuo (Network Associates) never got a chance to elevate the discussion at the VB2002 speakers' panel. Vesselin Bontchev (FRISK), sitting in the front of the audience in what I'd call the "mantle" position, grabbed the mic and slapped a timeline on Earth's destruction:

"Imagine a denial-of-service attack network directed against all online brokers," Bontchev mused. "If they are shut down for just a day, this will cause millions [of dollars] of damage."

Listen to VB2002 hysteria

03:36 Nachenberg:
(Is there a comment from Vesselin?)

03:39 Vesselin Bontchev (FRISK):
It can happen; it is likely to happen; it will happen. And it will happen not exactly in the way most people think of it. I mean, such things like the critical infrastructure, like the phone lines, the 911 lines, the hospitals, the banks and so on — these things are difficult to break into. Not impossible, but difficult. However, almost the same kind of damage can be caused a little bit more easily. For instance, imagine a denial-of-service attack network directed against all online brokers. There are that many now. If they are shut down for just a day, this will cause millions [of dollars] of damage.

04:20 Nachenberg:
Just a point there, that 25% of all online trading in the last year occurred-- or, sorry-- 25% of all trading occurred online. To give you an idea.

04:28 Bontchev:
And this is just an example. There are many other places which don't classify as [a] critical infrastructure, but the destruction of which will cause millions and billions [of dollars] of damage. It may be sufficient to take down whole economies.[1] And it will happen in the next 5-10 years.

PhewWhew! Strong words from Bontchev. Then again, he's no wimp: he spouts his opinions with conviction just like I do. Bontchev boldly declared a cyber-attack "may be sufficient to take down whole economies. And it will happen in the next 5-10 years."

Let's recall a bit of trivia, shall we?

The entire U.S. brokerage industry shut down for four days in September 2001. Many firms lost their Internet connections — oh, plus they lost their filing cabinets and I think some employees died. Experts feared a global price implosion when U.S. markets reopened. It occurred at a time when the industry struggled to (a) reorganize after the Internet bubble burst and (b) save at least some brokers' paychecks from the slaughter of web-based trading. The events of September 2001 gave Wall Street an excuse to lay off even more employees, plus it gave A.G. Edwards an excuse to dump their 115yr-old "no layoffs allowed" tradition.

Yes yes yes, I know it happened a looooong time ago to a minor financial subgroup in a country far far away, but think hard! You may remember it.

A chaos-riddled Wall Street survived the destruc­tion of zip code 10048 and massive layoffs and the loss of four days of trading in September 2001 — but they'll wail in agony if they lose Inter­net connec­tivity as of September 2002?

So let me see if I get this straight. A chaos-riddled Wall Street survived the complete destruction of zip code 10048 and the loss of four days of trading and massive layoffs in September 2001 — but they'll wail in agony if they lose Internet connectivity as of September 2002?

Hmph.

Man, I can't wait for Bontchev to enlighten a room full of NYC brokers. "You watched the World Trade Center implode? You lost friends in the tragedy? Your brokerage headquarters got squished? Bah! Al Qaeda may take down whole economies with a computer virus in 5-10 years and the antivirus industry can't do a thing to stop it!"

You know full well Bontchev would end up on an episode of Real TV. "Suddenly an angry white-collar mob rises up from their seats to attack him..."

As you continue to read or listen to these transcripts, you'll notice I didn't lose my patience when Bontchev predicted "whole economies" may fall "in the next 5-10 years." He merely confirmed what I've long suspected — his firm can't save us from the ravages of Osama bin Virus! Tsk, tsk.

Let me be the first to offer future condolences to FRISK's entire customer base.

Laugh if you want but I'm serious. FRISK can't protect its customers. Bontchev himself — arguably the antivirus cartel's most decorated cyber-soldier — told a VB2002 audience he can't even stop viruses from invading his own mother's PC. "False prophet! False prophet!"

Memo to Bontchev: I adequately protect my mommy's PC, you know.


I WON'T CRITIQUE moderator Carey Nachenberg (Symantec) just because he bolstered his panelists' inane opinions. I've moderated enough panels in my day and I've done the same thing. Conference organizers expect moderators to make the folks on stage look good without regard to their own views.

Nor will I applaud Nachenberg for asking out loud if I was "writing all this down." Perhaps he simply reacted to the nervous rumble of laughter in the audience. I made a joke about a "blended threat" cocktail and I gave Nachenberg a limited-edition jersey and I'll leave it at that. He did a fine job as moderator.

But Nachenberg did offer factstatistics to bolster his panelists' opinions. We may rightfully stab a fork in his food for thought.

I can't wait for these guys to enlighten a room full of NYC pilots & brokers. It'll end up on an episode of Real TV. "Suddenly an angry mob rises up from their seats to attack the panelists..."

Critics would argue Nachenberg doesn't know what he's talking about. ("Oh, and I suppose you do?" Yes.) Fully 100% of all trading has occurred online for at least two (if not three) decades!

Indeed, the NASDAQ itself only exists in the ethereal plane — its computer network opened for business in 1971 with no trading floor. When you see people "reporting live from the NASDAQ," they're really just standing in a television studio.

Far too many computer security experts think "online trading" got started when brokerage firms added a Java applet to their website. Bah! Serious investors installed a Bloomberg terminal in their home or office looooong before the Internet grew popular. Donaldson, Lufkin, & Jenrette took the concept of direct online trading to new heights in the late 1980s.

"But Rob, an ocean of paper littered the streets on 9/11/01 and you yourself call a broker to execute every trade." Correct. The U.S. Securities & Exchange Commission demands a lot of pulp and a lot of phones; their paranoia dates back to the crash of 1929 and it won't dissipate anytime soon. I can fax or email my broker, for example, but the SEC demands he must hear my voice to confirm it. Then he types my trade into a computer network...

"Okay, Rob, so what did the Internet bring to the brokerage table?" Obviously, a hundred million tulip bulb investors can now place their own trades directly into the computer network. Not so obviously, it removes the professional oversight of your portfolio. My broker's advice keeps me from flushing money down the toilet with the click of a mouse. I honestly believe a cybergeddon will do more good than harm for hordes of clueless micro-investors out there.

Hey! Is that the "25%" Nachenberg speaks of?

Memo to all you toilet flushers: jiggle the handle here instead.

[Continued in part 4:
Crush the Internet in
a matter of minutes
]

[Editor's note: second edition. This column was updated to correct a transcription error. Report any other transcription errors here. Rebuttals go here.]

''Osama bin Virus!'' comedy album

[second edition]

[continued in part 4:
Crush the Internet in
a matter of minutes
]

[Editor's note: This column was updated to correct a transcription error. Report any other transcription errors here. Rebuttals go here.]