Tim May wrote:

However, there are a couple of *obvious* errors. My supposition is that he "pulled his punches" a little, choosing to gloss over certain things which would have made the "terrorist" essentially impossible to detect. (The most glaring error, which he surely knew better about, was to assert that NSA could break any cipher if given enough time and computer power.)

I would assume that anyone considering the potential of infrastructural warfare attacks in a dramatic setting would have to handicap the moves of the opposition force--the mechanisms of tradecraft in the modern age are such that the anti- and counter-terror forces are whistling in the dark as they pass the graveyard. Steve Schear wrote:

Any intelligent terrorist knows that explosives are old hat. Perhaps this is an opportunity for CPs to join in and re-write the book with a more factual basis and outcome, are re-publish on-line. I volunteer to OCR.

From the Introduction: "So as not to alarm the reader, let me advise you that this paper is intended as an informal presentation of the material, very much in the spirit of 'let us conspire!' What has been sorely lacking in

The modern terrorist or opposition force will use whatever makes them the most effective--if that means, on the cost/benefit curve, that they use explosives, then by all means they will. Terrorism evolves under pressures much the way any other social element does; in this case, evolutionary pressures are those of environment and predators. As the security increases or improves, terrorists have historically advanced as well (guns to explosives when airport security improved, and the coming shift to chemical or biological weapons, as thermal neutron analysis comes on-line). Predators, such as intelligence or law enforcement, merely serve to cull the herd a bit, which is why you see fewer but more effective terrorist attacks, even as narrowly defined in the recent U.S. State Dept. reports. As for publication or other expansion on the subject matter, let me point out my own work on the topic (always pro strong crypto, pro cypherpunks, incidentally). Infrastructural warfare is a field that should interest cypherpunks-- it has been my strongest argument for getting government out of the security and cryptography business for a number of years now. Feel free to reference the URL: http://www.geocities.com/CapitolHill/4843/ Particularly of interest to cypherpunks (or anyone with an interest in how to run an untraceable opposition force that could give most of the infrastructure a good thrashing): Waging IWAR (1997) treatments of the infrastructural warfare (IWAR) subject matter has been a practical, personal approach of thinking about, planning, and waging IWAR operations. Given the nature of most of the professionals acting as documentarists, the published materials are strong on theory and speculation, and short on practical guidelines. I shall attempt to begin to fill that gap, and I hope the reader will accept a temporary 'partnership in crime' as we work through the problems facing an opposition force (OpFor) together. This paper is be broken into four sections: -Definitions, assumptions, and theory; the conceptual basis of IWAR is important to review; -Exploration of OpFor as a practical matter; -A set of IWAR potential operations, for which I have chosen a variety of examples; -Defense-In-Depth, battling IWAR." Infrastructural Warfare Threat Model (1997) Abstract: A threat model is essential to proving the validity of the threat posed by infrastructural and information warfare (I2WAR); exploration of the scope/activities of the threat are essential to understanding the threat and mounting a defense against it. An opposition force' is postulated and explored for its intent, organization, communications, recruiting, armament, intelligence gathering and analysis, and funding. A methodology for defining the infrastructure and dependencies is proposed. I2WAR is defined as conflict oriented around denial of service attacks on physical infrastructure elements (including targets such as communications, public utilities, financial organizations, transportation mechanisms, public facilities/events, emergency management services, commerce, and government), denial of service attacks on virtual' infrastructure elements (information warfare), psychological warfare operations (attacks on decision processes), and technologically augmented political warfare (agitation, subversion, rioting; propaganda). Conclusions are drawn, including suggestions for a defense-in-depth. Battle for the Soul of Information Warfare: Pearl Harbor vs. the Hashishim (1997) Abstract: Infowar has at least two distinct camps, each operating with different basic assumptions on the threat. As these assumptions are critical to threat modeling and defense strategies, comparing the differences is essential. The assumptions of the Pearl Harbor' mass denial-of-service infowar attack are contrasted with those of the Hashishim,' subtle efforts of perversion; the historical case is presented to demonstrate the reasoning regarding the labels. Contrasted are assumptions regarding opposition force approach, intent, focus, targets, scale of attack, resources of opposition force, management, command and control, organization, funding, intelligence, defensive focus, and political view of the problem. Considering the Net as an Intelligence Tool (1996) An exploration of the fitness of the net for intelligence gathering and operational support; this is usually an assumption made by many of the theorists on the subject, but I thought a detailed explanation worth engaging in. Michael Wilson 5514706@mcimail.com