Was cyber-terrorism used against the Republic of Georgia?

Yes: Even low-level meddling is still meddling.
No: Knowing Putin, had the Russians bothered to make a cyber attack the Georgians would STILL be down.

Skip this one and see results

Was cyber-terrorism used against the Republic of Georgia?

Yes: Even low-level meddling is still meddling.

No: Knowing Putin, had the Russians bothered to make a cyber attack the Georgians would STILL be down.

Read comments in the Pulpit Poll Opinion Cloud

One of the great strengths of the Internet as a communication and entertainment medium has always been its lack of security, a fact that seems to pass over the heads of many "experts" today. Bob Kahn and Vint Cerf could easily have added robust security to TCP/IP, but they deliberately chose not to with the idea that innovation would be encouraged by making the Internet a wide-open space. It wasn't that they prohibited security, but pushed it up the stack, effectively making it other people's business. If your application required security, there was nothing keeping you from adding it, but on the other hand there were few, if any, hints about how best to do that. We were on our own and to a great extent we still are, which means there is a lot of bad stuff happening and probably always will be.

I could write column after column about Internet abuse, but my inspiration this week is actually quite prosaic. There is a fairly popular commercial website I heard about this week that has a novel way of making sure its ad revenue numbers are met. This site has its own ad sales team selling display space bringing in tens of millions of dollars per year in revenue. It is a good site and grandly profitable, but if for some reason revenue dips below target a little code kicks in and starts refreshing particular pages every 90 seconds, generating each time a new "hit" on that page's banner. The refreshes are tied directly to revenue and nothing else and it seems to me that what's happening is, well, theft.

Here's how these bozos can get away with a stunt like this. First, advertisers often don't really want to know the success of their ad campaigns to a fine level of granularity. They'd rather keep the ad game a sort of dark art because, frankly, they pretty much don't know what the heck they are doing anyway and ad buying is done by the lowest-level agency employees when it properly should be done by the highest. So if something is wrong they'd really rather not know about it, thanks. The second reason why this kind of stunt goes unpunished is because it doesn't happen all the time. The site generally provides good content and good service and they only kick in this little script when absolutely needed. So if a lot of people seem to be clicking on ads but few are actually buying, well it comes back to that black art, doesn't it? And finally, the Internet isn't as sophisticated an ad space yet as are magazines, for example, where the Audit Bureau of Circulations does a pretty good job of keeping track of how many people actually read ads. The Internet, though some would claim otherwise, doesn't really have a comparable operation to the ABC, but it probably should.

This is not the first time I have heard of a scam like this, but it is the first time I've heard it applied to a big and respected operation. There are lessons to be learned here by publishers, advertisers, and readers alike.

More bad Internet behavior apparently took place over the last several days during the Russian invasion of the Republic of Georgia, where the Russian government was accused of cyber-terrorism. This is a good time to define "cyber-terrorism," which to me means the deliberate attack on network infrastructure with the goal of causing harm, destruction, and possibly theft. There can be little doubt about the baldly geopolitical nature of the Russian invasion, but what happened on the bits-and-bytes level I wouldn't call terrorism, more like graffiti.

The affected Georgian websites were informational and were quickly moved to servers in the U.S. Whether the bad guys were employed by the Russian government, Russian Mafia, or were just high school kids as some have suggested, what they did wasn't terrorism. No systems or networks were destroyed, no bank accounts plundered, no command and control systems crushed. If the Russians had intended there to be a cyber component of this invasion you can bet they would have done a better job of pulling it off.

And the attacks, such as they were, weren't strictly from one side, according to this report I got from Moscow:

"Starting in the first hours of Georgia's armed attack on Tskhinvali, Georgian hackers began the war on the Internet. The servers of leading Russian mass media, including the website http://www.mk.ru, were subjected to DDoS attacks. But specialists in information security and our hackers won an unqualified victory in the Internet war. "These attacks were reported to us," Vitaliy Kamlyuk, an expert of the Kaspersky Laboratory for Computer Security, reported to Moskovskiy Komsomolets. "According to our information, the DDoS attack was organized on Friday. At that time requests from computer zombies were sent to the servers of Russian information resources, including http://www.mk.ru. These (zombies) are machines infected with viruses that one or several hackers have joined into a whole network. They sent innumerable requests, which caused a short-term glitch in the work of several sites and editorial offices. But to our knowledge these attacks did not have great success. The systems administrators of the information sites were able to deal with the virtual attack quite quickly. We are continuing to monitor the situation. Our partners also continue to intently watch the development of this cyber-war."

Cyber war? I don't think so.

I had yet another indication this week that the Internet is still a frontier and that came when there was information I desperately needed and nobody had yet thought to provide in a way that was useful to me. This may seem silly, but there are people who claim that the best ideas have already been taken when it comes to Internet businesses, yet every day I look for something and can't find it. In each case that's a business opportunity lost, because if I'm looking for something there are probably thousands of others looking too.

This week, like millions of Americans, I was looking for cheap fuel. I packed my wife and three kids in our 1996 34-foot Winnebago motor home for a 1,600-mile cruise up the U.S. East Coast and back. The Winnie clocked in at SIX miles per gallon, so obviously I was on the hunt continuously for the cheapest gas I could get. Armed with a notebook computer and a fairly reliable cellular data connection, my wife riding shotgun surfed all the gas sites from Charleston, South Carolina to Scranton, Pennsylvania, and back while I did the driving. There was plenty of data available and it proved pretty reliable, but the question never answered by any site we could find was, "where's the best place on my route for me to stop for gas?" You can get gas prices by ZIP code (gasbuddy.com is great) or along your route (aaa.com is the best), but no site looked at my route, checked all the data and did what I really needed, which was to just tell me where to stop. Instead they expected me to click on every station or input every ZIP code, write it all down on a piece of paper and make my own damned decision.

Not my style.

Here is a terrific mash-up opportunity that you'd think would have been written back when gas was $2 per gallon. Ironically, I can get this very information for my airplane on my delightful Flight Cheetah display, but in this instance cars are apparently not so advanced.

Someone please hurry up and get such a service going before I take my kids on another trip.