As I've mentioned before, in the world of Information Security I consider myself to be a Padawan: a learner who has not yet reached Jedi status. One of the things that is necessary for a young Padawan is constant guidance from the Jedi Masters to ensure that he or she does not start down the dark path. After all, you might think that what you're doing is right, but in fact you may be wrong. Consider the words of Master Yoda: "Difficult to see, the Dark Side is."
I'm spending the day beating myself up because I used my Jedi powers in a way that I'm not sure was right. The situation involves a Dark Jedi, meaning someone that has knowledge of computer systems and security that has turned to the Dark Side. Luckily for me, this Dark Jedi was not an Information Security professional or I might have had an even more difficult time defeating him in combat. The thing is, the whole time I was trying to zero in on him and gather the evidence required by my employer, he was able to stop me at every turn. Pretty good considering that he didn't even know I was trying to get into his computer. And so when my other options had failed, I turned to something I call the Jedi Mind Trick, Social Engineering. I'll write a more detailed post about the Jedi Mind Trick another time, suffice to say that it is a powerful force and can be easily misused. And that's where I find myself today, wondering if I misused the Jedi Mind Trick.
I wish that I could explain the situation in more detail, but of course I cannot because of the confidential nature of my work. To boil it down, I was asked to install software on a computer without being detected. I want to make it clear that I was authorized by my employer to install monitoring software purchased by my employer on a computer that is owned by my employer. I guess I just feel bad because I shook the guys hand and smiled in his face while I stabbed him in the back. I prefer to do these things without looking at the target or getting to know the target. That way I can keep it all business in my head. When I figured out that this was going to take more of a personal touch, I even devised a plan to get someone else to do the face to face part. However, that isn't how it worked out and in the end I lied to this dude so that I could start gathering information that may affect his employment. So I guess the question I'm wrestling with is whether or not I did something that was of the Dark Side?
My first inclination is to say no. After all, I was just doing my job. And if he hadn't done the things that he did I wouldn't have had to do any of this. I guess you could say that he made me lie to him. There are a couple of problems with this line of thinking. For one thing, whenever I say that someone made me do something that I feel bad about, I'm usually trying to rationalize some behavior that I know is wrong. The other concern I have with my approach is that I might have taken the quick and easy path, in other words the dark path, when there was a better solution available. Did I take enough time to search for a solution before I resorted to using the Jedi Mind Trick to blind him? I do believe that I had to get my hands on the computer to install the software. There were too many roadblocks to do this remotely. I also believe that it was imperative that he not know that the monitoring software was put in place. Most importantly, I don't believe that I had patience as an option. I could have waited for him to get sloppy and leave his computer at work, but I didn't have that kind of time.
I guess in the end I'm going to judge that what I did was right. I didn't go vigilante and install this monitoring software, and I only resorted to the Jedi Mind Trick after exhausting my other options. Sometimes even a Jedi has to kill people. What makes it acceptable is that the Jedi neither enjoys it, nor seeks out opportunities to do it. I didn't go looking for this guy, but when he crossed my path I did what I had to do. Now I am meditating on the days events to ensure that I haven't taken any steps toward the Dark Side. I guess I just wish that I had someone else to validate my decision and tell me that what I did was right. I know that there are some Jedi powers that are used by both Light Side and Dark Side beings, and the Jedi Mind Trick is one of them. So I think the lesson to be learned here is that one should always take a long look in the mirror after using a power that could have a Dark Side use and make sure that you haven't started down the path of corruption.
Showing posts with label dark side. Show all posts
Showing posts with label dark side. Show all posts
Wednesday, July 2, 2008
Wednesday, June 25, 2008
Information Security Jedi: Dark Side Beings
I've been running a series of blog entries comparing the practice of information security in our world to the Jedi order of the Star Wars Universe. In my previous post I talked about the light side beings of the Star Wars Universe, namely the various ranks of the Jedi order. This time I'd like to talk more about the dark side of the Force and the beings that make use of it.
The dark side of the Force is basically the evil side. It is the side of the force that is associated with anger, aggression, fear, and suffering. The powers of the dark side are typically attack oriented. For example, a Jedi might master battle techniques that focus on rallying the troops, healing people, or enhancing their own physical abilities. A dark side being might master battle techniques such as choking an opponent, shooting lightning at an opponent, or literally draining the life from an opponent.
So who were the dark side beings in the Star Wars Universe? Well there were several. The dark side equivalent of the Jedi order would be Sith, which has many parallels with the Jedi. But if you thought the Jedi were few in number, then you'll be shocked at the small number of Sith. Most of the time there were only two of them because of the Rule of Two. It turns out that when Sith really enjoy killing the hell out of each other, so when you get Sith in sufficient numbers they start killing each other and they can't focus on killing Jedi. So a bad dude named Darth Bane made up a rule that there would only be two Sith at a time. The Master and the Apprentice. That way they could focus on killing Jedi and they wouldn't spend as much time killing each other.
There were other dark side users that a Jedi had to fear besides just the Sith. The dark side of the Force tempts everyone that is sensitive to the Force, and the stronger you are with the Force, the stronger the call of the dark side will become. So one thing the Jedi had to deal with were other Jedi that fell to the dark side. They didn't formally join the Sith, but they did become corrupted and became a threat to the galaxy.
You see, the thing you have to know about the dark side is that if you give in to the temptation to use the dark side, then the call of the dark side becomes even stronger. Since you gave in to the dark side at the previous level of temptation, you now face an even greater probability of falling to the temptation a second time. And a third, and a fourth and so on. Eventually, a person can become addicted to the power of the dark side. Then some Jedi has to say "hey man, that's not cool! You need to quit with all the dark side stuff." The the corrupted Jedi says "hey screw you man, you don't know me!" Then they fight, and one of them dies.
Then there were people that were sensitive to the Force but had never been formally trained in the ways of the Force. So they usually developed a few powers that made them a threat to other beings in the galaxy and the Jedi would have to come in and deal with them.
Now that we've talked about the dark side users in the Star Wars Universe, let's talk about the dark side users in the information security field. I think it's best to work from the bottom up on this one, so lets look at the force sensitive dark side users that have not been formally trained. I think it's not a stretch to compare these to the script kiddies that we have to deal with today. Script kiddies discovered that they have some interest in information security, but without guidance they have turned to the dark side of the Force to learn more about information security. Another untrained dark side user is the curious user on your network. They go snooping around and might damage systems in the process. For the most part, a well trained Jedi or Padawan should be able handle a script kiddie, but it would be foolish and arrogant to stop seeing them as a threat. A script kiddie can and will hurt you. They will develop more skills and because they are addicted to the dark side, they will destroy your networks just to prove to themselves that they can.
What about the dark Jedi; the ones that were once followers of the light and became corrupted? I think this is the information security professional that starts using the dark side to police the networks that he was assigned to protect. Have you ever been tempted to search a users private folders for contraband without following proper procedure? Maybe that worked for you, so now you start gathering tcpdumps of people's computers without permission (which is an illegal wiretap). Soon you've become a security threat that needs to be dealt with. Sometimes a dark Jedi can be redeemed, other times they have to be fired.
Now we start talking about the really serious threats, the Sith. In the Star Wars Universe there were only two of them at a time, but in our world there is an army of them. I like to think of the Sith Apprentices as the professional hackers that create malware, run botnets, and steal identities. They are only interested in gaining more power and money, just like a Sith lord, and they are very powerful. They will use elements of the Force not used by the dark Jedi and they will use every avenue of attack available to them. They will destroy your network if they believe that they can make more money doing so. Also, don't let yourself be fooled into thinking that a Sith Apprentice is less of a threat than a Sith Master. A well trained Sith Apprentice can be nearly as powerful as his Master, and should be dealt with as carefully as the master.
Sith Masters are rare in our world, but not as rare as they are in the Star Wars Universe. A Sith Master is probably the most dangerous black hat hacker you will ever come across in your information security career. So what makes a Master? Well, much like being a Master Jedi, I think a Sith Master is basically a Sith Apprentice that has amassed so much power that he is recognized by Jedi and Sith alike as a Master of his trade. These are truly evil people that will steal the identities of millions of people and sell them for his own personal profit. He builds giant botnets that spew spam across the Internet, threatening to eliminate the utility of this network, just to put more money in his pockets. Just like a Sith Apprentice, these Masters will use any technique available to them to increase their power. The only difference is that they already have incredible power that they can bring to bear. I would like to also point out a particular kind of Sith Master that you should be particularly fearful of. I have mentioned that Sith Masters are the pinnacle of evil in the information security world. As a Jedi you would do well to remember that evil is a point of view, and sometimes you will be viewed as the evil one. Some Sith Masters are government-sponsored hackers that are not necessarily evil people. These hackers have incredible power because they are immune from prosecution and they have the resources of a government to help them identify vulnerable targets and new avenues of attack. I say that these people are not necessarily evil people because they are attacking your network in service to their government. Most of them would probably not drain the savings accounts of retired people just to put it in their own pocket.
Hopefully this information will help you to know your enemy. You should think carefully about the information that you protect and ask yourself what kind of dark side beings you're likely to encounter. Of course, you can never be sure that the person scanning your network isn't a Sith Master, but maybe you don't need to strip search the exterminator if you're only protecting the church mailing list. Remember the lessons of the Jedi Masters that have come before you, and always heed the warning that once you give in to the dark side of the Force, you have started down a dangerous path.
The dark side of the Force is basically the evil side. It is the side of the force that is associated with anger, aggression, fear, and suffering. The powers of the dark side are typically attack oriented. For example, a Jedi might master battle techniques that focus on rallying the troops, healing people, or enhancing their own physical abilities. A dark side being might master battle techniques such as choking an opponent, shooting lightning at an opponent, or literally draining the life from an opponent.
So who were the dark side beings in the Star Wars Universe? Well there were several. The dark side equivalent of the Jedi order would be Sith, which has many parallels with the Jedi. But if you thought the Jedi were few in number, then you'll be shocked at the small number of Sith. Most of the time there were only two of them because of the Rule of Two. It turns out that when Sith really enjoy killing the hell out of each other, so when you get Sith in sufficient numbers they start killing each other and they can't focus on killing Jedi. So a bad dude named Darth Bane made up a rule that there would only be two Sith at a time. The Master and the Apprentice. That way they could focus on killing Jedi and they wouldn't spend as much time killing each other.
There were other dark side users that a Jedi had to fear besides just the Sith. The dark side of the Force tempts everyone that is sensitive to the Force, and the stronger you are with the Force, the stronger the call of the dark side will become. So one thing the Jedi had to deal with were other Jedi that fell to the dark side. They didn't formally join the Sith, but they did become corrupted and became a threat to the galaxy.
You see, the thing you have to know about the dark side is that if you give in to the temptation to use the dark side, then the call of the dark side becomes even stronger. Since you gave in to the dark side at the previous level of temptation, you now face an even greater probability of falling to the temptation a second time. And a third, and a fourth and so on. Eventually, a person can become addicted to the power of the dark side. Then some Jedi has to say "hey man, that's not cool! You need to quit with all the dark side stuff." The the corrupted Jedi says "hey screw you man, you don't know me!" Then they fight, and one of them dies.
Then there were people that were sensitive to the Force but had never been formally trained in the ways of the Force. So they usually developed a few powers that made them a threat to other beings in the galaxy and the Jedi would have to come in and deal with them.
Now that we've talked about the dark side users in the Star Wars Universe, let's talk about the dark side users in the information security field. I think it's best to work from the bottom up on this one, so lets look at the force sensitive dark side users that have not been formally trained. I think it's not a stretch to compare these to the script kiddies that we have to deal with today. Script kiddies discovered that they have some interest in information security, but without guidance they have turned to the dark side of the Force to learn more about information security. Another untrained dark side user is the curious user on your network. They go snooping around and might damage systems in the process. For the most part, a well trained Jedi or Padawan should be able handle a script kiddie, but it would be foolish and arrogant to stop seeing them as a threat. A script kiddie can and will hurt you. They will develop more skills and because they are addicted to the dark side, they will destroy your networks just to prove to themselves that they can.
What about the dark Jedi; the ones that were once followers of the light and became corrupted? I think this is the information security professional that starts using the dark side to police the networks that he was assigned to protect. Have you ever been tempted to search a users private folders for contraband without following proper procedure? Maybe that worked for you, so now you start gathering tcpdumps of people's computers without permission (which is an illegal wiretap). Soon you've become a security threat that needs to be dealt with. Sometimes a dark Jedi can be redeemed, other times they have to be fired.
Now we start talking about the really serious threats, the Sith. In the Star Wars Universe there were only two of them at a time, but in our world there is an army of them. I like to think of the Sith Apprentices as the professional hackers that create malware, run botnets, and steal identities. They are only interested in gaining more power and money, just like a Sith lord, and they are very powerful. They will use elements of the Force not used by the dark Jedi and they will use every avenue of attack available to them. They will destroy your network if they believe that they can make more money doing so. Also, don't let yourself be fooled into thinking that a Sith Apprentice is less of a threat than a Sith Master. A well trained Sith Apprentice can be nearly as powerful as his Master, and should be dealt with as carefully as the master.
Sith Masters are rare in our world, but not as rare as they are in the Star Wars Universe. A Sith Master is probably the most dangerous black hat hacker you will ever come across in your information security career. So what makes a Master? Well, much like being a Master Jedi, I think a Sith Master is basically a Sith Apprentice that has amassed so much power that he is recognized by Jedi and Sith alike as a Master of his trade. These are truly evil people that will steal the identities of millions of people and sell them for his own personal profit. He builds giant botnets that spew spam across the Internet, threatening to eliminate the utility of this network, just to put more money in his pockets. Just like a Sith Apprentice, these Masters will use any technique available to them to increase their power. The only difference is that they already have incredible power that they can bring to bear. I would like to also point out a particular kind of Sith Master that you should be particularly fearful of. I have mentioned that Sith Masters are the pinnacle of evil in the information security world. As a Jedi you would do well to remember that evil is a point of view, and sometimes you will be viewed as the evil one. Some Sith Masters are government-sponsored hackers that are not necessarily evil people. These hackers have incredible power because they are immune from prosecution and they have the resources of a government to help them identify vulnerable targets and new avenues of attack. I say that these people are not necessarily evil people because they are attacking your network in service to their government. Most of them would probably not drain the savings accounts of retired people just to put it in their own pocket.
Hopefully this information will help you to know your enemy. You should think carefully about the information that you protect and ask yourself what kind of dark side beings you're likely to encounter. Of course, you can never be sure that the person scanning your network isn't a Sith Master, but maybe you don't need to strip search the exterminator if you're only protecting the church mailing list. Remember the lessons of the Jedi Masters that have come before you, and always heed the warning that once you give in to the dark side of the Force, you have started down a dangerous path.
Subscribe to:
Posts (Atom)