Slashdot Mirror
U.S. Military Seeks Skilled Hackers and Crackers
The Inphidel wrote, "Hackers, and maybe even crackers, the goverment wants YOU.
Seems the pentagon wants to make sure enough GEEKS are on hand to kick some technological [redacted]. Sounds like fun to me." Story at Wired; another one on the same topic at Yahoo! News was submitted by Doofus.
It's a trap!
X-Files enthusiasts, it is here we must make our united stand against diabolic government tricks.
------
If a tree falls on an anonymous coward yelling 'first post' in the forest, does anybody hear?
Military script kiddies!
"Dare we use our superior forces against our enemies to demonstrate how l33t we are? Is that fair?"
"Hell if I know, r00t the bastards!"
:-/
Ben
My usual seat in the cluetrain is at A HREF="http://pub4.ezboard.com/biwethey.ht
I would consider it fun, and heck, I'm not even a U.S. citizen!
Still, I find it hard to believe that they would just enlist people to hack from the continental U.S. alone. Many of the networks that would need to be hacked would be secure networks. Someone would have to go in and splice/tap lines or use something like a TEMPEST. This raises the quesion:
How are the geeks going to gain access to the secure networks?
I ask this because its really the closed/semi-closed networks that are of major importance (although as we know network security as a whole over the world is shoddy).
For some strange reason I envision people parachuting onto a building at night and splicing cat-5 cable into extra nodes... (I have probably been watching too many movies.)
Try to hack my 31337 firewall!
What are they going to do, spoof Saddam's homepage?
You know, I hear that Matthew Broderick is an Ace hacker. Maybe they should get him in on this.
We're on the road to Tycho.
It's obvious the US government wants the best minds working for them in criptology and cyberwarfare. This is a great position to work, because these people will receive a very good pay(at least I think so!), will have at their disposition the best equipment, laboratories and information and also an entry in the curriculum who certainly will give prestige.
But when these people suceeds in decrypting a secret code or penetrating and disrupting a foreign network who control communications and the electrical sector of a country, they are surely killing human beings as if they dropped a bomb in them. So if you think you can assume a position in the army, don't forget that you are taking a choice in my view immoral, because nothing can transform a war in a good cause(unless you believe in holy wars). If you are really a hacker with an ethical code(like RMS or ESR) then think twice before getting this job.
Oops! I forget to post as an Anonymous Coward! Now the US government will punish me to preach against military and war... But I'm lucky to live in Brazil, Uf!!!
"Learning, learning, learning - that is the secret of jewish survival" -- Ahad A'Ham
U H4V3 B33N 0WN3D, B1330000tCH!
We're on the road to Tycho.
This just adds fuel to the predictions that the next world war will be fought in cyberspace.
At the moment the term 'hackers' brings nice warm thoughts of late night tinkering on the net to geeks, and a distant, unknown, but not that menacing thought to system administrators. If the government start re-training them, aren't they going to turn into something more like guerilla soldiers?
It would give hackers a bad name - I mean, worse than now.
Yes, many hackers have un-tapped skills, but taking these jobs would just bring forward a new age in warfare.
Cyberwarfare isn't like conventional warfare, where one side can simply win on bigger firepower. The net has always claimed to be a level playing field. Surely three hackers working for a third-world government (providing a decent level of resources) are as powerful as whole teams of hackers in a western-world country? It comes down to the abilities of an individual.
What's being proposed here is getting hackers to disable the enemy's defenses. This would lead to hackers aiming to turn opponents weapons back on their own country. Think about it for a minute. The more missiles you've got ready to launch on-command, the more firecrackers you've got waiting to blow-up in your face. And who's got the biggest number of firecrackers on the planet?...
It seems the US are setting out to hold the dog by the ears.
insignificant sig
I personally have a hard time condoning any of this. First of all, I find the ethics of xackors to be questionable to start. Xacking a system isn't necessarily always wrong, but the the majority of the typical website tagging, snooping, and trashing has no ethical ground to stand on. Claims that if it was meant to be secure, then they should have secured it are as logical as claiming you should be allowed to break into a house because the door isn't made of reinforced steel.
But then the U.S. military wants to hire Xackors. This pushes the ethics from the realm of mischevous anarchy to malicious calculated coordinated intent: xacking for a major powerful government body for the purpose of maintaining its agenda. This is far more insideous than changing the front page of Microsoft to say "Bill Gates lick my balls". Actions taken on behave of any government's military have consequences that can easily end in the death of many people. Sure you might save lives in some cases but will you always know which actions you take will result in the preservation of like over the loss of it. Will be able to back down on a mission that you feel will result in needless death.
We, as individuals, have to make ethical choices for ourselves. If you are a xackor then I hope you give it up for more constructive past times, but I'll settle for you not accepting a military offer.
-no broken link
Quoting from the yahoo article...
"Those same tools would likely be a bigger threat to our systems than to those of any potential opponent,'' said Kawika Dagui of the Financial Information Protection Center, a Washington-based industry trade group. "
Who said they won't look for flaws in our own systems too? Im sure the door would swing both ways on how we could use their skills.
I'd really like to know what competitive salary and benefits the Air/SpaceForce (who I believe have wrestled the prize of tech-defense from the others) will offer to attract talented people from industry. Given that the insurance and big 5 accounting firms are snatching up people with half a clue about network security would the military be competitive? Perhaps they would appeal to old fashioned patriotism (which excludes all the imported talent from India/China/etc) but essentially they are trying to convince the defense firms (who do most of the balls-busting code on real-time systems) to give up their engineers. I've heard a rumor that the national labs are chock a block full of talented programmers but its hard to see them giving up 6 figure incomes and a cushy academic style job to babysit the defense system. Better still for their talents to go into a good robust design.
Fundamentally I would ask the fundamental question to what extent is a heavy-hardware offensive-oriented force necessary. While it's nice to had some muscle to back up world posturing, there are many other demands for public funds (education, health, legal aid, etc). The point about computers is that it reduces transaction costs and according to transaction economic theory, the key factors are price, opportunity and safeguards. With improved information (which includes laws, social habits, conventions, etc), safeguards can be reduced thus decreasing the price/cost for everyone. If CNN can identify potential conflicts and make world opinion unplatable for tin-pot dictators, perhaps there is less need for the iron fist and more for velvet diplomacy (not that I'm accusing the US of being particularly talented in this area either).
Anyway, if people are interested in outside opinions, take a look at Cato's policy analysis, or foreign studies to broaden your views on defense matters.
LL
It never fails to amaze me how slow the government is to catching on to new technology or new trends within society. They should have used these kinds of tactics long ago. I mean think of all the brain power (resources) we are letting go to waste. Its no wonder why there are so many hackers, I mean what do you do when you get bored? You usually start messing around in things that get you into trouble. All that these hackers are, are extremely intelligent individuals who have become bored with life around them. They are looking for a challenge so they start hacking at bigger and bigger targets such as the Pentagon. We need to harness this excess of brainpower and employ it in our national defence or other similar tasks. Hackers and crackers are usually not criminal at heart they just need to focus their energy into more productive activities. I applaud the US government on taking a stand in their quest for computer and security whizzes. I mean lets face it these guys are the best. If they can hack into a secure site like the US military or the Whitehouse then obviously they are the best. So why not pay them what they are worth otherwise they will use their talents in other places. Its simply a matter of harnessing our resources, and one of America's greatest resources is its highly intelligent crackers and hackers.
Nathaniel P. Wilkerson
NPS Internet Solutions, LLC
"register your domain for only $55"
Turn me loose boss!
I'm the perfect agent to bring down WINDOWS
Actually, I'm no super-guru or anything. You could put me in Q&A testing as the ultimate stability tester. Turn me loose on the system and see what I can fsck up. If it CAN be fscked up, I WILL find a way to do it! Usually, completely by accident.
Oh no!
BAD HAIKU INSPIRATION!:
A government job
Sit on my butt and break things
That's my kinda job
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
During WWII the Britts employed a large number of math geeks (Including Alan Turing) to decrypt the German codes. (Enigma etc). This probably won the war for the allies. It was also responsable for some of the first computers.
Erlang Developer and podcaster
I wold consider defeting Hitler and Nazi Germany a very good and Moral cause. While war is never pleasent it is sometimes better than the altertives. Like letting tyrants kill millions of people.
But I should also say that my Grandparents live in a building with a fair number of people who have numbers on their arm and who havent worn a short sleve shirt since 1945.
Erlang Developer and podcaster
Will one have to submit a portfolio of previous cracking work?
11.0010010000111111011010101000100010000101101000
Oops, Sir, I have accidentally launched our enemy's nuclear warheads while trying to degrade their launch system...
Hmmm... with all these military articles lately, looks like these two might become regular characters:
Private Jones: Sir, the enemy has just brought up a web server revealing the truth about the motivations for our war. Permission to prosecute?
Sergeant Smith: Go ahead... give 'em hell!
PJ: OK... submitting enemy URL to Slashdot now.
Five minutes later...
PJ: Target eliminated, sir. Total DOS.
SS: Good work, son. There's a medal in this for you.
Good... bad... I'm the one with the gun.
ProofReading Markup Language - and yes, I find typos.
The enigma machine was cracked by the British working in Bletchley Park (sp?) outside London. To be precise, the variant of the machine with 3 rotating tumblers and a patch board was cracked. There were other variants which were not cracked.
This is approximately how it was done:
1. The French obtained through espoinage in the early days of the war an instruction book of how to use the machine. After the French and British were not able to find anything in it to significantly assist their attacks on the enigma, the book eventually found its way to a Polish team of scientists.
2. One Polish guy had an insight on a weakness which had eluded others studying it. This weakness was a combination of the enigma design and the German standard operating procedure. The team passed the work on to the British because (a) they couldn't continue in Poland, and (b) the weakness still required a lot of brute-force checking - ie. automation was required. The British had Turing et. al. working for them. (c) the German codes changed every day, so this attack had to be run on the first interceptions of the day, every day, to be able to read the rest of the day's messages.
3. UNKNOWN TO THE ENGINEERS/MATHEMATICIANS, some code books for particular months were captured. The "management" decided to keep this info from the engineers, and to persist with the daily automated cracking as a defence against the majority of the time when they didn't have the books of keys.
So in summary, the cracking of the enigma machine was the result of a clever mathematical insight, and operational predictability to do with the initial alignment of the tumblers. This made possible a brute force attack, which was automated with banks of electro-mechanical "computers".
You remind me of my friend who kept saying "Social Insecurity" instead of Social Security. It was a valiant attempt to sound critical of a flawed behemoth which is a part of all our lives, but he just ended up sounding like an idiot.
The lesson: New words and phrases are best coined unintentionally.
Three Step Plan:
1. Take over the world.
2. Get a lot of cookies.
3. Eat the cookies.
Hmm... I wonder what the government will do if it discovers a fatal security bug in a widely used application through this project?
:(
:).
I mean, if they tell everybody about it, then that really does not help them in attacking anyone...
However, if they don't tell anyone, then they have this situation:
A) There is a fatal security problem in a widely used application.
B) Knowing this gives them an advantage if they should at any time wish to be aggressive towards anyone else.
C) Software is global; People all over the world tend to use the same software, nomatter where they are physically situated.
D) If someone else knows of this problem, they will have the exact same advantage as the US army does, should this someone choose to be hostile towards american computer installations.
E) The US army knows that since they found the bug, it's possible to find this bug.
F) Any cracker/hacker in the world has a small chance of finding this fatal flaw; it's not a question of wheter this bug will be discovered by someone, it's a question of when.
-------
If all of the above is true, then by logic the below must also be true (assuming my logic is not somehow flawed, of course):
1) The US army will be witholding information that would benefit not only America as a whole, but everyone in the world that uses this software (ok, by a small degree, but still).
2) Keeping this information secret only gives the US army a transient advantage, as this bug will eventually be discovered by someone else.
3) If terroists smarten up and begin cracking instead of blowing stuff up (or behaps blowing stuff up through their cracking), then if they find this bug, they will not hesitate to exploit the possibilities this opens to them.
Imagine a terroist cracker finding a fatal flaw that works in all versions of Windows. This flaw allows him to break in and do whatever he wants to any Windows maschine.
Now, I happen to know that atleast we have an american battleship somewhere that runs windows NT... He'd have total control of this thing for atleast a few minutes, perhaps hours if he's very lucky and skilled.
Imagine what a terroist might like to do with such a ship...
Also, he'd probably be able to access alot of confidential information, perhaps even getting access to all the other security bugs and techniques the US army never told anyone about!
I just don't understand how people can think combat over the net can be a good thing. It leaves every country in the world very vulnerable. It opens up the possibility that one person, with enough information, acting completely on his won, can take down alot of stuff.
A group of skilled hackers could do to a country what some people thought the Y2K bug would do to the world (ok, let's say a small country
All that this requires is that they find enough security errors in programs in wide use, preferably an OS.
Of course, this hasn't happened yet, which would seem to indicate that it will never happen.
I don't find that argument very good, as this simply tells us that the crackers we are facing today are not really out to sabotage larger areas.
However, alot of people really, really hate (in the strongest sense possible) the US. Imagine if all fundamentalists suddenly stopped training for physical combat, and instead began learning cracking... There are alot of fundamentalists in the world, you know... And, well, fundamentalists are not known for showing restraint when they have the ability to cause harm to things and people in the USA, or anyone else they happen not to like.
Therefore, I really think what the US army should be consearned about is defending themselves. Security of computer installations is a matter of national security (for any country), and global stability.
If everyone has great defences, aggression will logically be less beneficial, and it won't be as much of a problem.
This issue will become more and more important as everyone gets more and more dependant upon technology.
Bjarke Roune
I can just see this now..
W4R3Z K1DD13: 3y3 w1ll h4x0r th3 3n3my
Army d00d: Okay, your target is the Iraq Military Command.
W4R3Z K1DD13: 3y3 w1ll punt th3m
Army d00d: Uhh.. they don't use AOL
W4R3Z K1DD13 0h, 0k4y... 3y3 w1ll s3nd th3m 4 w1nd0ws v1rus
Army d00d: they're not using windows, they're using a unix server
W4R3Z K1DD13: 0h gn0! l3mm3 g0 f1nd 4n 3xpl0it
Army d00d: Out! Get the hell out of here, your not a hacker... your a lame ass script kiddie
--
Insert Witty Sig Here
One of the most important parts of the GNU license and open source definition is that you cannot place clauses in a license that restrict the distribution of the software to specific groups.
Now, consider which kind software a developing nation is going to prefer. What's reliable, secure, free, and mostly unhindered by export law?
You got it. In the not so distant future, these "cyber-soldiers" will be trying to break and subvert the very stuff we write and give away. They may even, posing as real hackers, try to sneak trojans into some software to make their jobs easier. And you certainly can't expect them to tell us about the security flaws they find.
And if the military finds it is too hard to break the worldwide infrastructure of open source software, they may just pressure the bureaucrats into making laws that restrict its distribution. Hey, it happened to encryption, right? And supercomputers. And certain types of radio equipment.
We should protest this sort of thing now, before it comes back to bite us on the ass.
Well, I'm not actually American, but thanks anyway! :-) Dodger - Irish thru & thru.
(why is it that the US can have nuclear missiles in northern Canada, but the Russians can't have them in Cuba?)
Unless you have access to info that hasn't been made public, the only nuclear missiles in northern (or any other part of) Canada were Bomarcs and Genies, SAMs and AAMs respectively for shooting down bombers.
The missiles that (in part) prompted the basing of nukes in Cuba were Jupiter IRBMs based in Turkey, which in fact the US quietly withdrew as part of the deal that settled the Cuban missile crisis. (Of course they were largely obsolete by then anyway, with the development of e.g. Titan and Polaris ICBMs).
-- Alastair
Background: Eight months ago I was supposed to be working in the Air Force Information Warfare Center at Kelly Air Force Base in San Antonio. I don't how many of you know the defense chain as it applies to cyberspace but the AFIWC runs point on all cyberwarfare operations for the United States.
Patriotism? I have had five uncles and my grandfather all serve their country in varying wartime capacities. I do have a sense of patriotism and what my country has given me if was using some of the skills that I have learned well I was going to my darnest to help. BTW, getting a Top Secret security clearance and play with things nobody had ever seen was another perk of the job. I wasn't alone though in feeling that way. The others selected for the internships inside the AFIWC and who I talked to were some of the best and brightest America had to offer including a guy who was weened on Unix and had been working with Linux since 94 with a speciality in penetration, a genetics student, a student at Stanford who could blow the doors off coding as well as others. I'll be the first to admit setting up hardware and networks was why I was there and while not glamourous, I do my job very well.
Unfortunantly, if you are in the military you would know this but most do not the agency in charge of background checks the DSS or Defense Security Service has been so backlogged and mismanaged over the past few years none of us who were told we were interning actually did. That's a bitter spot for me and the others but hopefully it will hold out soon. It does make me angry but given the chance I would still like to go back and have that summer at the AFIWC. I think it would have been a very unique learning experience.
One other thing, those that have feeling hacking for the man is wrong. The world is a very ugly and dangerous place. The Chinese have been developing cyberwarfare and we still dont know the extent of their knowledge. Many small 3rd world countries are throwing a bone to cyberwarfare because its the cheapest way of bringing down the U.S.. You don't need guns or missiles you just need a direct modem link into the U.S. power grid. Their are alot of countries that hate the U.S. and would love to do damage to it especially with the anonimity afforded by electronic warfare so dont bash anyone that wants to protect your family whether it be your family dying in a car accident because the power was turned off as they were going through a light, some maniac who thinks it would be fun to grab credit card numbers from an ecommerce site and use them to finance weapons purchases or any other thing your mind can think of or might not think of will happen eventually. Winn Schwauta one of the foremost experts in the security realm has been predicting an electronic Pearl Harbor for a long time. The only questions remain are will the gun implacements on our side be ready and how much damage will someone do when there not isolated to just Hawaii.
If you would like to read about the trials and tribulations of the DSS, you can read the following article in the archives of USA Today
Goto the archives and use the keyword search
security clearance and military and backlog
Goto the 13K document on 06-03-1999 Sorry it only keeps the last search you did in memory