Big Bad Beowulfs Again

Robert G. Brown rgb at phy.duke.edu
Mon May 15 11:12:34 PDT 2000 

On Sat, 13 May 2000, jok707s at mail.smsu.edu wrote:

> Let us assume that a hostile group is trying to disable as much of the web as 
> possible, all at once, in a coordinated attack.  (Maybe they read the 
> Unabomber Manifesto and they were really impressed by it; maybe they have some 
> other ideological ax to grind.)  They design their beowulf, from the ground 
> up, with this intent in mind.  They have on each node (and the server) the 
> biggest hard drive that they can attach, and they use this space for storing 
> all the relevant weaknesses that they gather from various sources: their own 
> scanning, hacker sites, CERT reports, Cybernotes issues, &c.  They are 
> extremely patient and careful, gathering and analysing the material for 
> several years without being detected.  When they finally feel that they are 
> ready, they launch a global attack which is not only varied in its methods 
> (combining DOS, email bombing, directory manipulations within cracked 
> firewalls, web site sabotage, &c, &c), but which is also designed to be 
> synergistic: the problems generated in one area should cause &/or aggravate 
> problems in other areas.
> 
> Now my question is: would the computing power of a beowulf be helpful in the 
> preparation &/or the execution of such an attack?  Would the analysis of the 
> interconnected weaknesses of the individual networks on the Internet be the 
> kind of task that can be helped out by parallel computing?  If so, how much 
> and in what ways?  Would the actual launching of the attack be subject to the 
> same bandwidth limitations as a pure DOS attack?

If various foreign powers wanted to conduct a cyber-war, they could have
been working on this in much this way for years, except that a beowulf
would never play more than an incidental role in such an effort.  That
is, all of this goes on more or less continuously already and a
"beowulf" per se is not particularly useful for facilitating it. One
would probably be better off with a network of "cybercommandos" loosely
coordinated with a "war room" that might have some sort of decryption
facility that might or might not be a beowulf.

So I still refuse to see a realistic doom-n-gloom scenario that can be
sanely attached to "beowulfery" per se beyond their ability to
(sometimes) facilitate decryption.  They might be a tool net-accessible
to a cybercommando squad, but would by no means be a core technology of
their effort.  A real cyberwar is far more likely to consist of
cybercommandos distributed throughout the world's universities (that
generally have nice fat pipes for net access and lots of weakly
administered sites to prey on for breakouts) and that have accounts with
all the major ISP's and that perhaps run three or four "shell" companies
that are nominally internet startups but are really just an excuse for
buying a set of fat pipes into the net from which to launch a
coordinated DoS attack designed to manipulate the market or interfere
with communications during some key "event".

The Internet was DESIGNED to be redundant and robust.  Attacks from any
single point of presence would almost certainly be rapidly noticed and
quashed before they did any real damage.

This is the key flaw in your continuing argument.  A beowulf is by its
fundamental nature a centralized resource -- a "named supercomputer"
where the act of naming implies a degree of localization both from the
point of view of networking topology and access and probably spatially
as well.  A beowulf generally sits in just one room.  Any credible
attack on the net MUST be delocalized to have any hope of success.  The
Net might be stung to death by bees, but it isn't about to be mauled by
a Beowulfish Dragon, however powerful, and it isn't really all that
useful for coordinating a distributed hive of bees.

> Another question: has anyone actually wargamed this with one or more real 
> beowulf clusters?  Of course, we can't try out the global attack for real--but 
> has anyone simulated a small version?  Do we have *any* actual empirical data 
> on the potential harmful uses of beowulfs?  Has the NIPC tried anything like 
> this?  If anyone knows of any unclassified info on this, I'd appreciate it.

I repeat for the umptieth time.  To the best of my knowledge (and, it
appears, to the best of the knowledge of nearly everybody who has
responded) "beowulfs" per se have virtually no potential for any harmful
purpose that goes significantly beyond the ability of ANY workstation
with equivalent bandwidth in its connection to the internet except:

  a) Designing nuclear devices, or doing other kinds of hard science
that can be used for ill -- genetic research aimed at supporting
biological warfare has been mentioned but even doing materials science
research on better tank armor might count.  Beowulfs are DESIGNED to do
numerical calculations of the particular sort that hard scientists need
to do, and are obviously blind to the kind of science being done and its
ultimate uses.  One might as well blame textbooks in physics and
mathematics as beowulf clusters in this context.

  b) Doing cryptographical calculations of various sorts.  This is all
after-the-fact evil.  In order to crack a code, one has to get the
encrypted document to crack.  Beowulves won't help the former, and are
overkill for the latter as any sort of cluster or LAN will generally
work just as well.

Since this is really boring and unrewarding work, no, to the best of my
knowledge, nobody has wargamed it out.  Although who knows what the NSA
has wasted money upon?  

What's to game?  Crypt-cracking has, I expect, precisely known
parallelization properties and scaling relations so there are no
surprises in store.  Give me twice as many systems and I'll crack
passwords just about precisely twice as fast (as I and many others have
verified and demonstrated, if this can be called "gaming it out").  As
far as designing nuclear devices, I personally don't think that it would
be very difficult for most decent physicists to set up, and I also think
that most decent physicists would never dream of doing so quite aside
from the fact that it is likely against a law or two somewhere.  

It certainly wouldn't be treated like a "game" if one did set up a
beowulf to do so, although I'd guess that there are plenty of countries
(New Zealand, for example, which hosts the "Nuclear Weapons Frequently
Asked Questions" list) where it's probably perfectly legal to do it if
you want.  Even here, if one could show that one had no access to
classified information at any point, it isn't clear that one could be
prosecuted, however bad judgement such an effort showed.

    rgb    

Robert G. Brown	                       http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567  Fax: 919-660-2525     email:rgb at phy.duke.edu

More information about the Beowulf mailing list