The following anonymous submission has been sent to a number of sites (Appleinsider (http://www.appleinsider.com/article.php?id=395), Apple-X (http://www.apple-x.net/modules.php?op=modload&name=News&file=article&sid=842&mode=thread&order=1&thold=0), MacRumors (http://www.macrumors.com)):

Apple appears to be working with the guys at Symbiot (or as I call them, builder's of SkyNET http://www.symbiot.com). According to several rumors floating around over near 1 Infinite loop over the last couple of months, Apple has been seeding prototype Xserves (based on the G5) into Symbiot for use in creating a solution that 'Attacks Hackers Back'. I thought this was crap until this morning when I saw a press release from Symbiot in which Ron Okamoto, Appleâ??s vice-president of Worldwide Developer Relation said -- "Symbiot's iSIMS running on Xserve G5 creates a compelling value proposition for enterprise customers that want to STRIKE BACK AGAINST NETWORK-BASED ATTACKS"!

Rumor has it that Apple has secretly invested over $3M in the technology to give them a "Killer App" for enterprise customers (which they seriously lack). I did some vanity surfing and found that a few members of the management team are x-Apple employees. One from Apple R&D!

You guys should really cover this, several people (including me) have been thinking it was an April Fool's joke, apparently it's not! Apple is seemingly behind the biggest event in information security history!!!

So the question is -- will Steve Jobs solve all of Bill Gates security issues by building "SkyNET"? Wow! I can see it now, Microsoft can't protect their customers, but Apple will protect the entire Internet! Nice.


Accuracy/reliability unknown.

Seems incredible if true. And if true, does that mean there'll be a huge demand for xserves in nearly all large companies throughout the world?

be ready to be flooded with OSX-specific viruses as every hacker this side of Betelgeuse make is a point of class honor to crack the system

Most of it is true:

http://home.businesswire.com/portal/site/google/index.jsp?ndmViewId=news_view&newsId=20040318005766&newsLang=en

the investment is really the only "rumor"

arn

I've seen several people using PowerBooks and XServes as Network Sniffers. They say the MacOSX Networking in combination with the hardware to be of the best configuration for network sniffers available. Makes sense if you're going to be making some sort of network packet analysis software you'd want to run it on an excellent network sniffer.

skynet? april fools

lol

POWERMAC G5 CLUSTERS WILL BECOME SELF AWARE DECEMBER 2005 TRIGGERING WORLD WAR III AND DESTROYING ALL HUMANS USING MICROSOFT WINDOWS.

"Apple is seemingly behind the biggest event in information security history!!!"

: |

This guy is either a complete retard with no sense of perspective OR someone with an interest in getting this rumor out. Ever heard of RSA bub?

Idiot.

Prat

I don't know anything about SkyNet... but over here, we are starting to work on a prototype neural net processor. :p

Attack back? So, basically this software is promoting that old "Eye for and Eye" saying. If you ask me attacking back will only provoke hackers and possibly make the matter even worse.

Oh well. at least you have to try.

Domain Name: SYMBIOT.COM
Registrar: TUCOWS INC.
Whois Server: whois.opensrs.net
Referral URL: http://domainhelp.tucows.com
Name Server: NS1.OUTERNIC.NET
Name Server: NS2.OUTERNIC.NET
Status: ACTIVE
Updated Date: 10-mar-2004
Creation Date: 11-sep-1995
Expiration Date: 10-sep-2004

http://web.archive.org/web/*/www.symbiot.com

News.com is reporting this
http://news.com.com/2100-7349-5172032.html?tag=cd_top

I don't get how launching DOS attack on the attacker would help of course they don't say thats what they are gonna do but nevertheless usually hackers work by telling other computers to do the dirty work. Wonder how legal this would be.

Looks legit.

lol

POWERMAC G5 CLUSTERS WILL BECOME SELF AWARE DECEMBER 2005 TRIGGERING WORLD WAR III AND DESTROYING ALL HUMANS USING MICROSOFT WINDOWS.

I wouldn't want WWIII but the whole destroying everyone who uses Microsoft Windblows sounds quite nice! :D

A typical script kiddie will use other open machines to do the dirty work so it's harder to trace back to him. If this is true and it actually attacks back, it'll take the compromised machines offline by it's own attack, thus slowing the script kiddie down by forcing them to find new vulnerable machines. Of course nothing can stop a widespread DoS attack spread by a major worm or other windows vulnerability, but this could put an end to the small-scale ones (which can still do some damage). At least this is the way I see it working. I could be wrong; wouldn't be the first time!

I voted this story as a negative because attacking hackers is guaranteed to provoke more attacks. Apple & Symbiot's solution will most likely attack all the wrong servers since any hacker worth his salt would be one step ahead of their victum. It would be better to develop a better FireWall than this Skynet-like solution.

I am also concerned about all those Windows-only virus writers who will suddenly have a new target on their sights. I love my virus free PowerMac and I love even more telling every Apple-basher that "the Mac has NO viruses". Having said that, it is innevitable that some evil genius will release a virus for OS X one day.

SkyNet? Sounds phony. SkyNet was the name of the military network in the Terminator movies. You remember the one responsible for the destruction of the planet in a massive nuclear attack per the 3rd movie.

http://www.symbiot.com/media/pr.031804.pdf

seems true

http://www.symbiot.com/

I think it's a good idea. Sure it'll provoke more attacks, but this is what the system it meant to do. It's not a firewall that will give out, it's completely new technology.

It is widespread that OSX has no viruses. I doubt a machine/creation like that of skynet will provoke hardly any reaction. If any I'd say one or two. Because developing a virus for a Unix system takes some brains. Not that it's impossible, just most virus writers tend to be A) not that smart or B)ummm, something else ;P but you get the point. I see a big problem with 10.3 over 10.2 is that 10.3 will let you delete root owned files w/o the use of Terminal. A dialogue box pops up and asks for your root password. Disabling that should take care of some viruses that may arise. (since it'd be easy to spoof a naïve mac user into typing their root pass thus giving a virus permission to do a sudo rm -R /System)

Category: 3rd Party Software
Link: Apple working closely with Symbiot Security (http://www.macbytes.com/link.php?sid=20040319201119)
Posted on MacBytes.com (http://www.macbytes.com)

Approved by Mudbug

SkyNet? Sounds phony. SkyNet was the name of the military network in the Terminator movies. You remember the one responsible for the destruction of the planet in a massive nuclear attack per the 3rd movie.

oh yeah, skynet is just a nick name. it's iSIMS. Intelligent Security Infrastructure Management System

well, it's a wednesday, which is close to apple super tuesday!
seriously, this should be cool stuff.

edit- ;)

well, it's a wednesday, which is close to apple super tuesday!
seriously, this should be cool stuff.

No, this is not cool stuff. If it does what they report it to do it you might as well cancel your internet feed now. It will destroy the net as we know it.
This has to be the most moronic, brain dead, stupid, illegal, damaging, destructive device to ever be conceived to be hooked up to a network. These a$$hats will be sued into oblivion as soon as the first one is turned on. This has got to be a hoax. No company could possible create a device this damaging and this ill conceived and expect it to A) sell. and B) not expect the entire NANOG and NOG groups to bomb their offices into dust.
This is an absolutely destructive device akin to a nuclear warhead for networks. Insane.

No, this is not cool stuff. If it does what they report it to do it you might as well cancel your internet feed now. It will destroy the net as we know it.
This has to be the most moronic, brain dead, stupid, illegal, damaging, destructive device to ever be conceived to be hooked up to a network. These a$$hats will be sued into oblivion as soon as the first one is turned on. This has got to be a hoax. No company could possible create a device this damaging and this ill conceived and expect it to A) sell. and B) not expect the entire NANOG and NOG groups to bomb their offices into dust.
This is an absolutely destructive device akin to a nuclear warhead for networks. Insane.
calm down. it was sarcasm. i forgot the wink at the end. :rolleyes:

SkyNet? Sounds phony. SkyNet was the name of the military network in the Terminator movies. You remember the one responsible for the destruction of the planet in a massive nuclear attack per the 3rd movie.

Not only is SkyNet from the Terminator series, but so is Symbiot (as well as from several other sources such as Spiderman (think Venom)). While everyone is buying into the story, most are reporting that the people at SkyNet have never seen Terminator. They seem to think that these two names are just a coincidence (one name, maybe; both, very unlikely).

Do you all remember those fake IBM adds a year or two ago (the company that had a time machine or some other magic product)? Also, don't you all think it's strange that the HUGE IBM POWER processor event is also on March 31, the day that SkyNet is supposed to go online?

My vote is that this is either another advertising hoax by IBM or it might be Apple (the company is based in Austin, TX, they brag about Xserves, and most of the people listed as working (or about half of them) come from Apple.

I find it hard to believe the naming scheme, and it seems way too unlikely that many businesses would buy into a scheme where they would be held liable for counterattacking a computer (which is illegal in much of the world, even if done from a country where it is allowable).

Read their website and supporting information. It looks real, but maybe I am just hoping that it's fake.

Well, if that isn't unnerving.

After reading through their PDFs, I'm rather wary of any network security company using terms like "Rules of Engagement", "information Warfare", and "the art of war".

On one hand, they've got a good point that holeing up and building a wall around yourself isn't necessarily the most effective way to prevent ongoing hack attempts--you can plug the leaks as fast as they're discovered, but that doesn't change the fact that the same guy is doing the hammering on the dam. The FBI does prosecute a few virus writers, but they ought to be going after more, and with a more coordinated effort.

And, again to these guys credit, they seem to be far more interested in retailiating against hostile corporations or governments, rather than individual hackers--they aren't looking for script kiddie DDoSers, but rival corporations doing information espionage and governments doing infrastructrue attacks.

That said, this still has the same potential for catastrophe as any other case of escalating hostilities--once you start the war, it never ends. We should all be very, very afraid, and I don't know what Apple could be thinking getting on board something like this, unless it's a hoax (which doesn't seem to be the case).

Here's the choice paragraphs from their whitepaper on exactly what sort of responses they're talking; there's a lot of obfuscating language, but if you read carefully it's pretty clear what they're talking about:

These symmetric methods are generally automated by executive policy, with override by operations management. In the practical art of war, they are considered dispersive ground. Additional levels of symmetric response apply invasive techniques, which require the authorization of management for specific arming orders. Invasive techniques can be categorized as: (1) non-destructive; (2) destructive but recoverable; and (3) destructive, non-recoverable – again with respect to proportional response to the hostile acts.

Asymmetric responses require executive findings based on multiple attributions and prior failed attempts at resolution through the upstream providers and local jurisdictions. In these cases, the operations center may call for a variety of efforts, including: (1) escalated multilateral profiling and blacklisting of upstream providers; (2) distributed denial of service counterstrikes; (3) special operations experts applying invasive techniques; and (4) combined operations which apply financial derivatives, publicity disinformation, and other techniques of psychological operations. These operations are conducted with appropriate consideration for restrictions on point targets and phase lines in the battlespace.

The idea of detecting a direct hack attempt in real time is great; the idea of direct upstream blacklisting or legal threats is also a good idea; DDoS counterstrikes, special ops counterinvasions, and "publicity disinformation" and "other techniques of psychological operations" sounds like the paranoid fantasy of some war-crazed Pentagon official who's been reading too much Phillip K. Dick. Scary stuff, and not a place any corporation in their right mind should be wanting to go.

[Edit: This also reminds me a bit of misguided attempts at a "war on terror"--you can't fight lone wolves with brute force. "War" on the Internet is not the Cold war or WWII, it's shoplifting, carbombing, and homebrew biological weapons.]

lol

POWERMAC G5 CLUSTERS WILL BECOME SELF AWARE DECEMBER 2005 TRIGGERING WORLD WAR III AND DESTROYING ALL HUMANS USING MICROSOFT WINDOWS.

Judgment Day nears...

:p

Attack back? So, basically this software is promoting that old "Eye for and Eye" saying. If you ask me attacking back will only provoke hackers and possibly make the matter even worse.

Oh well. at least you have to try.

since most DoS attacks come from infected slave machiens i dont get how this will attack the hackers back. seems more like it will attack the already under attack.

very little seems known at this point.

Anyone remember Aismo?

Honda said they believe he could be the next firefighter or used in other dangerous situations (military).

Progress I say. Keep it coming.

Anyone remember Aismo?

Honda said they believe he could be the next firefighter or used in other dangerous situations (military).

Progress I say. Keep it coming.

I AM A CYBERNETIC ORGANISM POWERED BY A G5 SUPERCOMPUTER
anyway

I don't think this is a hoax the internet archives has the site dating back to a few years. if its a hoax its a pretty drawn out elaborate hoax.

Anyone remember Aismo?

Honda said they believe he could be the next firefighter or used in other dangerous situations (military).

Progress I say. Keep it coming.

Compared to Asimo, Aibo is advancing far more quickly relative to its analogue. Sony's dog robot is more doglike than Honda's man robot is manlike.

lol

POWERMAC G5 CLUSTERS WILL BECOME SELF AWARE DECEMBER 2005 TRIGGERING WORLD WAR III AND DESTROYING ALL HUMANS USING MICROSOFT WINDOWS.


Now, now, remember, we should hate the Windows, but love the Windows user...

;)

Usually it doesn't take a full scaled DoS attack to to stop a minor irritant. I was doing some testing where I had tcpdump running quite a bit and started seeing how often I was getting port scanned. I found that returning a short burst of pings usually stopped the scan.

Granted this looks like it's targeted for deployment at places like SCO or the RIAA, but for the little guys its often enough to let them know they've been noticed...

Anyone remember when "out of office" replies were too stupid to know who they'd notified already and you'd get two drones continually telling each other no one was home? Imagine that on a huge scale. Part of me wants to laugh, part of me wants to ...well... laugh but in a head shaking, the world is insane, kinda way...

The first time a system like this goes out of control and attacks the wrong person, there's gonna be hell to pay.

Or think of all those movies where some terrorist tries to convince two countries that their worst enemy just attacked them to trigger a large scale conflict. Now imagine systems like this at say, SCO and Novell. Someone hacks Novell and triggers a counter attack from SCO, which triggers a counter attack from Novell.

"War is neither glamorous nor fun. There are no winners, only losers. There are no good wars, with the following exceptions: The American Revolution, World War II, and the Star Wars Trilogy."-- Bart Simpson

when it say it attacks back it probably means it shuts down the computer or temporarily disables it or dissconects it from the internet or somthing it would never do anything perminent like delete the HD.

trust apple to do this :cool:

I'm reading all your posts and I'm majorly confused! Most of you are going off on a complete rant about a load of crap.

First of all, its not called SkyNet, its what the rumor guy 'likes to call it'. The application is called iSIMS.

Secondly, they are using xServes, as it says on their own website - this doesn't necessarily mean Apple have any involvement other than shipping and handling :p

Thirdly, some of you are getting excited because you think this application will "take over the world." Um... am I the only one who thinks this is completely unlikely? Afterall, its only an Application on a computer with an OFF switch. It's not as if this app runs anywhere, feeding on host to host - then I'd be worried, it would be as unstopable as the internet.

Anyway, sorry to spoil some of you fantascies on whether this app will hunt down and dismember (:p) Windows users. Well, not directly it wont - sales of Xserves might go up, then we're all happy!

[QUOTE=SpaceMagic]I'm reading all your posts and I'm majorly confused! Most of you are going off on a complete rant about a load of crap.
QUOTE]

i agree, i mean you really have to stop freaking out.

first of all, i didnt see anything that led me to believe that this program would seek out the hacker machine and disable it, i took it as the system will attack the offending program, using AI to figure out what its screwing up and correct it. or being able to have automated virus definition updates or something.

the name thing is like someone said before, a nickname

and everyone thinks this is a april fools joke, but april fools jokes tend to be released on, you know, april fools day

just my random thoughts

Am I the only one who gets this?

iSIMS works by launching DOS attacks against the DOS attackers. Of course, the attackers never attack directly, they attack through compromised computers.

Now what do all the computers that are getting attacked by these response DOSs have in common? Two words. Microsoft Windows.

Apple shall take over the world! The Mac shall dominate!

(The above was intended to be taken as sarcasm. Please repond to it as such.)

Quite seriously, I think March 31st will be an interesting day, Apple or no Apple. Symbiot has been focusing on creating a huge stir around the internet with their white paper On the Rules of Engagement (http://www.symbiot.com/media/iwROE.pdf) [PDF]. An interesting read.

SkyNet? Sounds phony. SkyNet was the name of the military network in the Terminator movies. You remember the one responsible for the destruction of the planet in a massive nuclear attack per the 3rd movie.

Nooo, haven't seen it yet, now you spoiled it for me.... :mad:

Ya Ya YaIn these cases, the operations center may call for a variety of efforts, including: (1) escalated multilateral profiling and blacklisting of upstream providers; (2) distributed denial of service counterstrikes; (3) special operations experts applying invasive techniques; and (4) combined operations which apply financial derivatives, publicity disinformation, and other techniques of psychological operations. Ya YA YA

! !AHHHHHHHHHHHHHHHH! !ATTACK! !ATTACK! !ATTACK! ! AHHHHHHHHHHHHHHHHHHH! !

Woops I got carried away. Sorry about that. Ah, what? Oh I choose #3) destructive, non-recoverable. Uh, sorry bout that I guess. Well I get get going to the spa now......

Those of you wondering why people are concerned, remember that DoS attacks, whether provoked or unprovoked are illegal in much of the world. It's also hard to find the source many times, so it could target unsuspecting bystanders or intermediary parties.

Also, if I owned the data pipes (bandwidth), I'd hate to see two sides escalate these DoS attacks. Can you imagine if several companies with these services got drawn into counterstrikes at the same time.

I know that Symbiot says they can identify sources to counterstrike, but really, how many people that are doing the activities they describe don't try to cover their tracks?

I read through their releases, including the white paper, and BOY is that a bunch of marketing hype. Do you folks even understand what they're talking about?

I sure don't, and that is exactly my point. They could be talking about something as banal as a system that is networked between multiple organizations using their product, that keeps tabs on what IPs attacks are coming from, blocks those addresses from their customers, and then reports the addresses to the admins of those systems. The rest is marketing-speak. Warfare? hah.

It certainly does seem to be generating interest, which I'm sure was exactly the point.


---
http://thewired.blogs.com/teotwawki
the techno-mediated cultural conspiracy

I read through their releases, including the white paper, and BOY is that a bunch of marketing hype. Do you folks even understand what they're talking about?

I sure don't, and that is exactly my point. They could be talking about something as banal as a system that is networked between multiple organizations using their product, that keeps tabs on what IPs attacks are coming from, blocks those addresses from their customers, and then reports the addresses to the admins of those systems. The rest is marketing-speak. Warfare? hah.

It certainly does seem to be generating interest, which I'm sure was exactly the point.


In interviews, they have expressly talked about launching counterstrikes that could include retaliatory attacks that would disable other computers. They express it very similarly to the War on Terror. And there is one of the major problems: let's say a rogue group (think Al Qaeda) attacks a company (U.S.A.) and the company launches a counterstrike against the server (Afghanistan) and perceived allies of the attacker (Iraq). The original attacker is still out there while many other people (of varying degrees of innocence) are drawn into the war. It still doesn't reach the source.

skynet? isn't that the government program/system that almost destroyed the world in T3? (btw, that was arnold's best work since kindergarten cop)

let's say a rogue group (think Al Qaeda) attacks a company (U.S.A.) and the company launches a counterstrike against the server (Afghanistan) and perceived allies of the attacker (Iraq).

And then the Symbiot guys start lying to us, and app keeps dedicating bandwidth to "Iraq" and "Afghanistan" servers at a rate of a billion GB/month, with no plan for leaving them alone post-attack, and they never find any evidence that the hack came from there anyway. Awesome.

[QUOTE=SpaceMagic]I'm reading all your posts and I'm majorly confused! Most of you are going off on a complete rant about a load of crap.
QUOTE]

i agree, i mean you really have to stop freaking out.

first of all, i didnt see anything that led me to believe that this program would seek out the hacker machine and disable it, i took it as the system will attack the offending program, using AI to figure out what its screwing up and correct it. or being able to have automated virus definition updates or something.

the name thing is like someone said before, a nickname

and everyone thinks this is a april fools joke, but april fools jokes tend to be released on, you know, april fools day

just my random thoughts

idiot. every post with a terminator reference is a friggin joke. humor, you should try it.

And then the Symbiot guys start lying to us, and app keeps dedicating bandwidth to "Iraq" and "Afghanistan" servers at a rate of a billion GB/month, with no plan for leaving them alone post-attack, and they never find any evidence that the hack came from there anyway. Awesome.

except for that hack from afghanistan that brought down two of the biggest servers in the world.

Ever heard of RSA bub?

Yes, I've heard of it. It's nearly (well, depending on your definition of "nearly") obsolete.

IMO, despite not being feasible yet, quantum cryptography and quantum computing have already taken the #1 and #2 spots. Your main point (that this guy doesn't know what he's talking about) still stands.

~J

idiot. every post with a terminator reference is a friggin joke. humor, you should try it.

moron...if you acutally read my post you would have discovered that i dedicated exactly one sentence the people talking about the name, and i didnt even mention terminator. the people who i was talking about freaking out were the ones saying that this would end the internet as we know it, that the companies who bought this product would get the pants sued off them and that it would provoke more hacker attacks and osx specific attacks.

how about you formulate your own opinion and post about that instead of acting like a pea-brained jackass

by the wayi do have a sense of humor, i thought the terminator stuff about the system becoming self-aware and taking over the world hilarious, the only reason i even mentioned it was to address the people using it to discredit the rumor.

except for that hack from afghanistan that brought down two of the biggest servers in the world.

No, it was chicken feed. Repeat after me: it was not that big a deal.

And no, I'm not being insensitive. These things happen. We shouldn't ignore them, but we also shouldn't blow them out of proportion.

And we shouldn't discuss them on a tech forum.

~J

Ok, first off, this could all be marketing hype--everything they describe is indeed in very broad terms--and it could well just be to stir up interest. Though if a higher-up at Apple is plugging them a bit, it certainly implies that they're more than a productless company with a fancy-sounding whitepaper.

But anyway, if you actually read through what they're saying, here's a simple English translation of what they seem to be describing:

They intend to deploy their products at companies who are worried about hackers from other companies--not so much rogue college kids--and governments/terrorist organizations messing with them. Hence the whole "information warfare" analogy.

When a hack/interference (DoS) attack happens, their software is supposed to detect and classify it's type and threat level in real time. That's part of it's "power". Then, the logic is that the Internet is too spread out to wait for legal action--if you're being hacked in the US by a company from England using an ISP in Taiwan, it's a pain to get anything done in a timely fashion. In theory.

If the threat is a first time attempt or not very severe (script kiddie), the system theoretically makes a call using a set of policies the user has set up. This is what they mean by "symmetric responses"; generally blocking a port scan and reporting that IP address to some organizaton (apparently some sort of blacklist run by this company). Depending on the severity of the attempt, the system can then be further (manually) authorized to do an "invasive response", apparently consisting of an automated attempt to hack the offending computer and mess with them, or maybe delete some data if it was something really bad.

From the sound of it, the first course with an attack like this would just be standard blocking and reporting; one expects that would cover standard hijacked DDoS machines or AOL lusers and the like.

When there are a series of attacks, and standard methods of dealing with them have not worked (trying to get them shut down by an upstream provider or local legal methods--say, the DoSer is using a "spam friendly" ISP who refuses to do anything, or the Chinese government doesn't care), then things get "asymmetric".

At that point, the first step is to blacklist the upstream provider. If that's not enough, you can DDoS the offender (apparently using a system set up by this company, which sounds like it might use all of the installed systems together--sort of a "you scratch my back, I'll scratch yours" system). If that's not enough, you can get some professional hackers to hack them back, and then sue them/spread public misinformation about the company/and "psychological operations", whatever the heck that means.

Nowhere do they seem to be stupid enough to have their system automatically attack somebody until it's been proven that you've got somebody making a direct effort to attack you, and even then only when a human has specifically given authorization to do it--they state quite clearly that nothing invasive or offensive will happen without human authorization.

On the other hand, they do seem to be advocating some uncomfortably large-scale (we're talking about companies, not governments), generally "bad form" (it's business, not war), and more than likely downright illegal (on an INTERNATIONAL scale) actions. I do not take things like this lightly, and I don't see any reasonable corporation wanting to stick their faces in that kind of a hornet's nest unless everybody else does, too. At which point, you've got an open battleground, not a friendly international network.

Not to sound like an indiot or a lunitic I kinda like the whole iSIMS idea. I did some reading on the symbiot web site (not a whole lot to read). It seems to me that they implement the idea of offensive security in a responsable and intellegant way. It seem like they implement it with stong infliance from the DoD rules of ingagement and SUN TZU Art of War. It also seems to have some human influance and a resonable amout of checks and balances. I would love to see it in action or even deploy it on my own network. Running it on an XServe G5 only sweetens the deal.

This is the full-proof way of defeating a hacker.

Get his/her IP address.
Find out where he/she lives.
Bring a baseball bat.
Break their skull.

what IF this is true? the riaa could end up noticing this and end up using xserves that run it

There are many problems with this.

First off and foremost, the rumored SkyNet works off a Multinet tesk system, taking more than one resource for each calculation. Most people know that apple is a big fan of UIS (unitarian information system). They not only promote UIS, but invest lots in it. The main reason being that it is the best way to cover their tracks, being an all in one computer AND software company. Preprogramed computers WILL and DO work better on UIS systems. There is no reason why apple would be backing something that goes against a net file core they are promoting and investing in.

Second, Symbiot would most likely not opt to use Xserve since they have a modified BIOS. Symbiot needs a total data back traking with the type of developing and researching they do. They would be losing money for every Xserve they purchased because of loss of sponcership. and even if they were donated like some say, they would still be putting their entire filesystem at risk by mixing and matching file systems.

Thirdly, Apple put a ton of money into InfltraServ two years ago and lost big time. i doubt they would be willing to risk a loss on something simular.

those are just my opinions.

read between the lines people.. what this means is that

G5 POWERBOOKS ARE COMING!

had to say it had to say it....


Would be cool though...

what IF this is true? the riaa could end up noticing this and end up using xserves that run it

Well, given how 'dark ages' their thinking is, I doubt it. They seem more prone to sue than to prevent.

On the other hand, if they do use it, I wouldn't think hacking the RIAA site would be a good way to thwart them anyway.

Of course, your response was probably sarcasic, so likely you can ignore this...

:)

except for that hack from afghanistan that brought down two of the biggest servers in the world.

Except that the majority of the hacks that crashed those servers really came from Saudi Arabia, not Afghanistan, but no one wants to talk about that because Saudi Arabia is our ally.

Now, now, remember, we should hate the Windows, but love the Windows user...

;)



man, you got me laughing on that one. remember that SNL at the Mr. Belvedier (sp? no clue) fan's club?

my bet is that it's a well-executed poke at the war on terror. people here are getting it.
td

As much as I'd like to see any advance on the war on worms, did anyone else check-up on this company?

I tried to locate them via US West Dex, errr...I mean QuestDex, errr...DexOnline (or whatever it is this month). I can't find them by their address or doing a reverse look-up via the phone number. Tried the same in the YellowPages.com and also no-go.

Not good so far...to me it sounds like an elaborate hoax.

wtf is all that?! you say skynet and i'm thinkin the terminators are coming. i'll be in some remote, isolated spot in alaska, so call me when the terminators are gone ;)

Judgment Day nears...

:p

Please keep Ahnold in Collyfornia.

thanks! :D

here it the text of the offical release:
® Symbiot, Inc. 8501 N. MoPac, Suite 300 Austin, TX 78759 Intelligent Security Infrastructure Management
FOR IMMEDIATE RELEASE Symbiot Selects Xserve G5 for iSIMS Deployment er in the field of ced that it has serve G5’s dual 64-nchmarks,” said , and reliability of tse applications.” le network assets prise customers to e countermeasures. 30 gigaflops of rfect fit for the e,” said Ron Okamoto, Apple’s vice-president of Worldwide Developer Relations. “Symbiot’s iSIMS running on Xserve G5 creates a compelling value proposition for enterprise nth. Symbiot’s f their subscription t Symbiot ty Infrastructure nt Systems (iSIMS) marketplace. With the aid of proprietary artificial intelligence (AI) software, Symbiot's iSIMS (intelligent SIMS) analyzes network patterns to provide real-redictive tools for managing and responding to security events. Symbiot's iSIMS software ith existing firewalls, intrusion detection systems, and intrusion prevention Company and product names may be trademarks of the respective companies with which they are associated. Contact: Francis X. Milano Symbiot, Inc. 512-233-1911 ### AUSTIN, TEXAS – March 18, 2004 – Symbiot, Inc., an emerging leadIntelligent Security Infrastructure Management Systems (iSIMS), today announselected Apple Computer’s Xserve G5 for deploying iSIMS in the enterprise. “Symbiot’s customers will appreciate the speed and performance of Xbit processors, which produced noticeable improvements in our performance beMichael W. Erwin, president of Symbiot, Inc. “The speed, computational power hese machines make them a natural choice for business-critical enterpriSymbiot’s iSIMS utilizes artificial intelligence to automatically profiand determine the significance of security threats in real-time. It enables enteraccurately identify malicious attackers in order to plan and execute appropriat “With dual PowerPC G5 processors, Xserve G5 delivers more than processing power per system, is easy to manage and affordable, making it a peenterpris customers that want to strike back against network-based attacks.” Symbiot’s iSIMS software is scheduled for release at the end this mocurrent customers will receive a free iSIMS upgrade for Xserve G5 as part of their agreements.

It's got to be some kinda network geek joke :P Can you IMAGINE the legality of what they're proposing?

So, say I'm using a windows computer (god help me) and somehow (hmmm, let me think) a DDoS worm thingy gets onto it - so iSIMMS checks me out and DoS's ME! Through no fault of my own, I'm disconnected from the internet - with no way to download any kind of virus fix...

Hmm, I can hear you all laughing at me now - cos I'm trying to be cool and understand it all, but actually it IS a joke that I just don't get...

Why so afraid of virus, its funny to see how fearfull people are now a days, everything makes them afraid, I personally welcome a good virus for MAC, lets see if it can be really done and lets make the OS even harder to do that, lets be for real sooner or later we either take a stand and make an OS as anti virus as possible or just unhook our computers from the internet.
Scary cats.


I voted this story as a negative because attacking hackers is guaranteed to provoke more attacks. Apple & Symbiot's solution will most likely attack all the wrong servers since any hacker worth his salt would be one step ahead of their victum. It would be better to develop a better FireWall than this Skynet-like solution.

I am also concerned about all those Windows-only virus writers who will suddenly have a new target on their sights. I love my virus free PowerMac and I love even more telling every Apple-basher that "the Mac has NO viruses". Having said that, it is innevitable that some evil genius will release a virus for OS X one day.

Hey your computer is used for attacks and your one of the many who leaves their Wi-Fi open why not take responsibility, same here, you don't drive without out a lincense and not take resposibility. If your on line and your unable to know what is going on then get software that will. Don't have the money then you sure can't be able to pay for the dsl or cable you have so get off. Go back to modem power. :-P

DoS are getting to be a joke and cost a lot to companies, but are the people trying to fix it hell no, I find stuff in peoples computers all the time when I do house calls. At least half of the people I have service in the Miami, FL area have had no Anti-Virus software or Anti-spyware. What is there excuse, I did not know, well ignorance is no substitu for messing everyone elses day.


It's got to be some kinda network geek joke :P Can you IMAGINE the legality of what they're proposing?

I'm using a windows computer (god help me) and somehow (hmmm, let me think) a DoS worm thingy gets onto it - so iSIMMS checks my out and DoS's ME! Through no fault of my own, I'm not disconnected from the internet - with no way to download any kind of virus fix...

Hmm, I can hear you all laughing at me now - cos I'm trying to be cool and understand it all, but actually it IS a joke that I just don't get... :D

In the press release it meantions Xserve G5 several times, but nowhere does it say Mac OS X. Could easily be Linux on G5. I haven't read through the symbiot website so may be wrong.

Of course, the hoax side of things is another interesting marketing question. Particularly if what someone mentioned about Symbiot, Skynet, and March 31 all being related to T3... could be a fun press conference IBM is moving towards.

No, this is not cool stuff. If it does what they report it to do it you might as well cancel your internet feed now. It will destroy the net as we know it.
This has to be the most moronic, brain dead, stupid, illegal, damaging, destructive device to ever be conceived to be hooked up to a network. These a$$hats will be sued into oblivion as soon as the first one is turned on. This has got to be a hoax. No company could possible create a device this damaging and this ill conceived and expect it to A) sell. and B) not expect the entire NANOG and NOG groups to bomb their offices into dust.
This is an absolutely destructive device akin to a nuclear warhead for networks. Insane.

Finally, a little reason in this thread. My God people, reading most of these comments, it's as if any company that uses an Apple product can do no wrong in your eyes. Think about it objectively, and if any other security company proposed doing something so drastic and damaging to the internet, everyone would be up in arms.

We are not living in biblical times where the law says an eye for an eye. The first company that deploys such a device designed to DoS a hacker back, will end up being sued for millions of dollars by Comcast or some other cable ISP. Think about it: script kiddies don't launch attacks from their own workstations. They use some unfortunate luser's computer that got compromised with a Trojan. Let's say they launch an attack from Joe Sixpack's compromised Windows machine attached to a Comcast cable internet connection. Now, Skynet (another unfortunate business decision, naming it such an ominous and negative name) attacks back, and their DoS not only knocks out internet service to Joe Sixpack, but also takes down every other cable customer in his neighborhood, and costs Comcast several thousand dollars (probably tens of thousands) figuring out what is wrong and finally blocking the DoS at their core routers or something. Comcast is going to sue the company that launched the DoS attack. And some silly "self defense" argument is not going to hold up in court.

Just because you commit a crime against me does not give me the right to resort to "vigilante justice" and commit crimes against you.

I'm surprised anyone at Apple would even want to be associated with a company that is so obviously selling snake oil.

sooner or later we either take a stand and make an OS as anti virus as possible or just unhook our computers from the internet.
Scary cats.

I went on the road today with my PowerBook - and no internet connection. Do you realise how boring computing is with no internet?!?!? Scary indeed!

Now, Skynet (another unfortunate business decision, naming it such an ominous and negative name)

Did you even read any of the previous posts? "Skynet" is a nickname that the person who posted this rumor came up with. It's not what the company is calling it. :rolleyes:

Well as long as they get around the legal issues...because a DNS response to a suspected attack is very likely to have collateral damage if Hackers are smart and are spoofing their packets...

IMHO I think there is more intelligence in this product then to simple have it go around trying to "take out" computers. I do not think that would happen until a very extended period of attacks and coutner measures, and after all other efforts have failed. I think the principle for the product is sound, however they are not offering many technical details. That should change at release. From reading the documents, this product is basically going to be placed on the upper tier of the network security infrastructure. Gathering data through the sensor agents installed on the firewalls, and intrusion detection systems, and other CVP or stand-alone systems such as anti-virus and spam prevention systems that are already implemented at many companies. These log files are indeed huge. So intro the AI, it will read the log files and try to assess the activity in those logs. I would imagine that the primary function would be to use this intelligence to create policies (A firewall term for sets of rules that determine actions to be taken on packets, such as allow and log short, or drop and log long, or encrypt and NAT, etc.) then use the effector agents installed on the firewalls to push those policies. Then wait for futher activity. Theoretically if someone is spoofing addresses and you stop the initial attack, then the machine switches to a new IP address, this product would detect this through the collected data from the firewalls, and IDS system and push a new policiy to block that address, much faster then a person could do this. You probably could have the product push the policies for you, or create the policies, then wait for verification to apply them. One of their statements is that it should be highly configurable. It doesn't go into detail on upstream. It might simple have a database of ISP's and/or discover the information through whois or other means, then create report for you to use, like here is the attackers information, this is ISP that they are initially traveling through, and here is the list of everywhere the traffic is flowing through, here are the names and phone numbers of the administrators for those ISP (Which should be publicly available on the Internet when they register the domain namespace. So call them and see if they can shut it down, at least they can look through the database of subcribers and make a better determiniation of where it is coming from. These are things that we do manually for our clients all the time. I think what they have also added. Is that when the ISP simply will not respond or take action, such is the case for alot of activity coming from Asia, and the attacks continue even with efforts from the firewall, that to stop pushing policies to your firewalls ever 30 seconds, it will take action to try to stop it. If the ISP is not responsible enough to stop a proven attacker, should be enough info from the logs the system has gathered, then will they care if that particular system is receiving the same attacks as it is dishing out? This should never come to this point in areas where the ISP's are responsible enough to respond to these situations.

Many companies have already taken that stance, that if you are not responsible for devices that you place on the internet, then they don't want to hear from you. Big examples would be the blacklists and open relay databases that many security systems utilize. This system could probably automate this requests as well. For example it detects email being relayed, it reports this to an ORDB that your security system subcribes to. The company managing the ORDB takes the information runs it open relay tests and verifies that the suspect email system in not configured correctly. Then they add the IP address to the ORDB. Any company subcribing to that data base will automatically deny email coming from that IP address. Eventually as happens with some of our clients, they will realize that the email is being dropped, from ndr's being received by their users, and check into, they will find that their system is configured as an open relay and take responsability to stop that, which they should have done in the first place. They then called the company running the ORDB and report the probelm as being fixed, the ORDB managers verify this and remove them from the database, and everyone receives their email again. One less misconfigured server on the internet. Another example of something that many companies don't take responsibility for is reverse dns records. The RFC states that should be a corresponding prt record for the a record registered for your email servers. In other words, my email system is receiving an SMTP connection from you on a IP address and you say you are mail.company.com. I should be able to verify through legitimate DNS sources that your IP address is resolveable to mail.company.com before exepting email from your system, rather then just assuming you are who you say. However registration of ptr records often gets ignored. I would imagine that this system would follow many of the guidelines for internet use, and aid in legitimate means to defend your network. Primarily I think it will do what its name stands forit will sit at the top tier of companies existing security infrastructure, and it will inteligently manage that companies existing security infrastructure. iSIMS intilligent Security Infrastructure Management Systems.

Hackers will be terminated. :p :D

I do house calls and fix this type of thing regularly, as well. Honestly, one of the biggest problems is the "casual computer user" who would have previously just been using a dial-up modem for his/her Internet access. With all the discounts on DSL and cable, though (plus the promise that it frees up your phone line), these people are signing up for high speed access left and right. Machines on dial-up modems usually don't have major spyware/adware/virus infections, simply because those programs can't successfully download themselves completely on a user's PC before he/she finishes checking email or looking at a few web pages and hangs up.

In my city, DSL is only about $4 a month more than the phone company's dial-up Inet access, so some people using it really don't have lots of extra cash for things like firewalls and antivirus software. Still, I see most of the people making *some* attempt to block spyware and virii. They just don't know which tools are good and which aren't. At least 2 customers tried to fix their own problems by downloading "anti spyware" utilities offered as free downloads on the net, only to find out those programs are fakes, which actually further infect your machine! Many others spent the money on Symantec/Norton Anti-Virus, yet it didn't catch a couple "trojan horse downloader" programs, which got in their machines and started downloading/installing more virii/spyware as fast as they could, in the background! (I ended up running Avast or AVG antivirus to remove the hidden trojan horses.)

The virus problem truly has gotten out of hand on the Windows platform, and it currently goes far beyond simply "ignorant users not using anti-virus software". Many systems are so badly infected, I can't get all the virii removed even after running 4 or 5 different anti-virus packages and spyware removers on them. (And I've been doing PC support for a living for 14 years now - so what makes you think a novice, casual user will be able to do it?)


Hey your computer is used for attacks and your one of the many who leaves their Wi-Fi open why not take responsibility, same here, you don't drive without out a lincense and not take resposibility. If your on line and your unable to know what is going on then get software that will. Don't have the money then you sure can't be able to pay for the dsl or cable you have so get off. Go back to modem power. :-P

DoS are getting to be a joke and cost a lot to companies, but are the people trying to fix it hell no, I find stuff in peoples computers all the time when I do house calls. At least half of the people I have service in the Miami, FL area have had no Anti-Virus software or Anti-spyware. What is there excuse, I did not know, well ignorance is no substitu for messing everyone elses day.
:D

...Many systems are so badly infected, I can't get all the virii removed even after running 4 or 5 different anti-virus packages and spyware removers on them. (And I've been doing PC support for a living for 14 years now - so what makes you think a novice, casual user will be able to do it?)

Well, I'd say that it should never be allowed to reach that point, and when it does, then it's time to reformat and reinstall. In my experience, that's a sure-fire way to get rid of all such problems.

(While, I must add that I've had a user who I do tech support go through and perform the reformat and reinstall himself, because he didn't want to pay me to do it, and he managed to copy several infected files over with his backup. After his reformat and reinstall he proceeded to also reinstall a couple of viruses on his machine, before reinstalling the antivirus software - despite my advice to install the aV software before anything else.)

In any event, there's clearly no easy solution. At least not for most people. For me, and most of us here, the easy solution is just not to own Windows machines. "No thank you, I'm on a Mac only diet..." ;)

to whoever sent this in you need toi listen to my good friend mr. Mackey
"ahh drugs are bad dont do drugs mmkay"
maybe we should change the have you evcer been drunk thread at ur comp to have you ever smoked crack at ur comp

I went on the road today with my PowerBook - and no internet connection. Do you realise how boring computing is with no internet?!?!? Scary indeed!

I had to laugh at that. :) I travel several times a year, and find it boring when I have to use dial-up. I don't even open my PowerBook if there isn't any way to connect to the internet, it's beyond boring without it.

to whoever sent this in you need toi listen to my good friend mr. Mackey
"ahh drugs are bad dont do drugs mmkay"
maybe we should change the have you evcer been drunk thread at ur comp to have you ever smoked crack at ur comp

You know fugazi!?!?!?!
Awesome!

One possibility no one has yet mentioned: it is illegal to drive a car or SUV or whatever if it is known to be unsafe, and might injure others. In some countries, it is illegal not to help strangers in certain situations - if they are being mugged, for example.

How about if it were made a legal requirement to take at least *some* basic preventive measures against your comp becoming a zombie or virus forwarder? On pain of being susceptble to attacks from the kind of defensive measures this thread is discussing.

I guess this would be jumped on in the US, but other countries may have a less broad definition of what constitutes invasion of privacy.

And something has to be done. Virus related problems are only going to increase.

Hmm... It's April 1st here, and I can't see anything about the mysterious March 31st release on http://www.symbiot.com/. The countdown has stopped, though.

it's at 2h, 48m right now, I'm really curious to find out what this is all about.

Well now the site has a lot more content and picks but who knows if it's real...

The phone number works and has a phone system with directory. This would lead me to believe that this is not a hoax or someone has way to much money and time.

Given the number of references to them in various articles that I've read from various sources, I think we can consider them confirmed legit.

~J