Cyberattack FUD

Vadim Antonov avg at
Sat Nov 23 00:31:30 UTC 2002

On Thu, 21 Nov 2002, David Schwartz wrote:

> 	Suppose, for example, we'd had closed cockpit doors. The 9/11 terrorists 
> would have threatened the lives of the passengers and crew to induce the 
> pilots to open the doors. The pilots would have opened the doors because the 
> reasoning until that time was that you did whatever the hostages told you to 
> do until you could get the plane on the ground.
> 	It was the rules of engagement that failed. Nothing more, nothing less.

In the "regular" skyjacking the attackers want to get ransom, or divert an
airplane to someplace.  They'll get cooperation from pilots, too - without
any need to be present in the cockpit.  So if it is known that the policy
is not to let anyone in, no matter what happens to passengers, the
attackers wouldn't even try.  In fact, they don't, on airlines which have
this policy.  Letting deranged people in cockpit, in fact, places _all_
passengers at risk of an unintended crash (imagine an attacker getting
agitated and killing pilots, or simply pulling knobs - there were
incidents when _little kids_ allowed to cockpit crashed the commercial

The rules of engagement were patently absurd 
> >and then by making life truly miserable for
> >those who wish or have to travel, in a fit of post-disaster paranoia.
> 	The airline industry did that?

Your mileage may wary, but I do not find pleasure in being stripped in
public just because I've got long hair.  As I result I'm avoiding all air
travel, if I can. I'm sure a lot of other people do that too.

> >It is not enemies who are savvy, it is managers who are stupid.  Like, the
> >"crash airplane into some high-value target" scenario was well-aired more
> >than decade ago
> Not the "crash jetliner full of passengers into high-value target"
> scenario.

Heh. Our friends Chechens told than in a TV interview back in 1995 that
they intend to do precisely that.  They identified Kremlin as a target,
though.  And Israelis as a matter of fact assume that attackers are on a
suicide mission.  And the fact that US does not exactly inspire adoration 
in mid-Eastern parts of the world isn't any news, too.
> If you were able to make the decision to shoot down or not shoot down the two 
> jetliners before either struck a building, knowing only that they were not 
> responding and probably hijaacked, what would you have done?

I'd have doors in place, so as to avoid the whole situation. As I told, it 
is the standard procedure (keep cockpit doors closed) in much of the world 
outside US.

> 	Again, it's the rules of engagement that failed.

Rules are formulated by someone, they are not God-given.  That someone is 
patently incompetent - in both failing to notice explicit early warnings, 
and failing to follow on the best practices of his peers.
> 	So tell me what they should have done differently. Not allowed knives on the 
> plane? The terrorists would have used their bare hands. Strip searched every 
> passenger? Arm their pilots -- they weren't allowed to.

I repeat: have doors closed, period. As for "they weren't allowed" part - 
don't be ridiculous.  This is an oligopoly situation, and so they pretty 
much can get their terms from the government - just look at those 
multibillion handouts. 

> > I hope that US airlines
> >go out of business and El Al moves in; isn't that what competition is
> >supposed to be about?
> 	Except that there is no competition. Airlines don't get to make their own 
> security rules, they're largely preempted by the government ownership and 
> control of airports and the FARs.

It takes two to tango. If those large businesses cannot get the reasonable
rules from the government, their lobbying groups are incompetent (and so
they deserve to go out of business).  More likely, they didn't ask.

Competition is not only about having seats filled - it is also about
dealing with governments, courts, media, etc.

> >The same holds for the Internet (with special thanks to the toothless
> >antimonopoly enforcement which allowed operating systems to become a
> >monoculture).
> 	This is a great bit of double-think. It has nothing to do with the fact that 
> people overwhelmingly prefer to have compatible operating systems, it's the 
> fact that nobody forced them to diversify against their will.

Huh?  MS was found guilty of monopolistic practices - repeatedly.  They 
also are quite ruthless in going out and strangling competition (just 
watch their anti-Linux FUD campaign).  If you think they are deterred, 
just take a look at the Palladium thingie - a sure-fire public domain OS 

In fact, given the enormous positive network externalities associated with 
the operating systems, it would make a lot of sense to the government to 
level the playing field with affirmative action - for example, by 
differential taxation of dominant and sub-dominant vendors.  The 
government procurement could've been more intent on having second supplier 
of compatible OS software, too - that'd force MS to publish detailed specs 
on all interfaces, and prevent them from playing proprietary lock-in 
games.  Or give up government market altogether.

People overwhelmingly do not care what's inside; they buy _applications_; 
and given the overwhelmingly monopolistic presense of OS vendor on the 
market the app vendors have little reason to develop for non-MS market.
Of course, the position of MS as the monopoly vendor is supported by the 
fact that majority of other vendors only have Windows versions of their 
apps. To secure that unassailable position, MS excludes other parties from 
developing compatible platforms for running these applications by 
deliberately hiding, obscuring, and tweaking the APIs.

I'm sorry to say, but the "free" market (not that there ever been one) 
does not always produce sustainable results; and the task of government 
regulators is to identify those situations and act to prevent them.  In 
this case, the situation was easy to spot, but the reaction was quite 
botched by stupid (if not to say - incompetent) things, like overly 
talkative judge.


More information about the NANOG mailing list