Spying and Technology: Robert Philip Hanssen

spludge writes: "The affidavit for the arrest of Robert Philip Hanssen, an FBI agent that spied for Russia for 15 years, makes fascinating reading. It reads like a spy novel with some neat technology references! In the affidavit Hanssen (aka "B") is portrayed as a computer expert with programming knowledge. The affidavit includes mentions of: the use of Palm VII's for communication, encryption techniques, track 40 floppy writing (?), a new NSA technique for surveillance (we aren't told what it is) and programs to automatically destroy computer data when it is compromised."

Tips for future spies

[w00ly_mammoth]

1) Do not use prominent newspapers like the Washington Post to post classified ads as a signal to your contact. Instead, make a clever goatse.cx post as an AC - you will never be traced. Most surveillance agents browse /. at the +1 level, and even if they don't, there's no way they'd spot you out from the thousands of ACs.

2) Do not use real bridges and lamp-posts as drop-off points. Instead, join the blue team on a Team Fortress server and arrange to meet a red team dude on the bridge in 2fort5. Just nod (nobody pays that much attention) and drop off your backpack on the bridge. Watch out for the enemy snipers on the tower! They could be real intelligence agents...

Other options include spraying a wall with bullets in counterstrike or q3. The marks wear off pretty quickly and are impossible to log. No chance of detection there.

3) Use Windows for all your "work". You are guaranteed to lose your files, even the ones you want to keep.

4) Can't think of any more. oh well, add to the list...

w/m

In Real Life...

[rjh]

... there's an (alleged) traitor named Robert Hanssen, a senior FBI agent.

... there's a (convicted) serial murderer named Robert Hansen, who was born and raised in Iowa.

... and an FBI agent named John Douglas was instrumental in the capture of Robert Hansen.

... and there's a Slashdotter (me) named Robert Hansen.

... whose best friend in high school was named John Douglas.

I'm telling you, I think I'm going to have to go commit a crime against humanity or something in order to live up to the high standards my other namesakes have left for me. :)

What happened is far from amusing

[__aakpxi9117]

While I love hearing about spy stories as much as the next guy, what happened here is nothing to boast about... In movies, James Bond and other famous spies lead thrilling lives and are always saving the world from evil. In reality, spies cause death. People die because of information spies pick-up, from knowledge that so-so is a spy for this country, to atomic weapons secrets that leave this world in fear of destruction. I really think this subject should be looked upon with thoughts more torwards reality and less torwards the picture-perfect super-spy senarios hat come out of hollywood. In real life the good-guys get killed too.

CBM disk format

[caveman]

Like a lot of the stuff Commodore put out back then, it was before it's time. Windows still hasn't learned from some of their innovations.

The disk format used on the 1541 and its predecessors (1540, 4040, etc.) was a technological marvel of it's day. Only thirty-five tracks, single sided, variable number of sectors per track, and the directory in the middle on track 18. Each sector was written in GCR format, allowing far higher data density than acheived on the IBM 9-sector format.

If they developed it further, we'd have had 82-track, double sided, double density floppies, holding more than a megabyte, and the 3.5" floppy might not be here today.

The wonderful thing about GCR as opposed to MFM encoding is that MFM wastes an awful lot of space with phase changes. GCR records more actual data, but each group code (the five bits that translate to four bits of actual data) is designed such that you never get more than eight 1-bits in a row, or more than two 0-bits in a row. This way you are guaranteed a phase change within a certain period, so the signal from the read head is kept 'moving'. The practical upshot of all this is that you can crank the GCR encoded data out onto the diskette at a faster rate than plain old MFM.

Putting the directory in the middle of the disk, along with the block allocation bitmap, lowered the average seek time, as the head a less distance to travel. The Amiga continued this, putting the disk home block, from which everything grew outwards, onto track 40.

Variable sectors per track (ranging from 21 on tracks 01-17, 19 on tracks 18-24, 17 on tracks 25-30, and 16 on tracks 31-35 (I'm guessing a little here)) allowed for greater data density without compromising data integrity on the inner tracks by exceeding the amount that could be reliably stored there. Hard disks today use a similar method, which is why the number of blocks on a disk might not equal the multiplied up values of cylinders, heads, and sectors. (LBA mode vs. CHS mode).

Of course, the thing about the CBM drives that made them the most fun drives to play with was the onboard 6502 processor with its 2k of memory, allowing you to download and execute code in the drive, speeding it up, flashing error messages in morse code on the LED, or even playing music using the stepper motor. (Actually, we used to do that with RL02's too, but it's equally unrecommended ;-)

By 'eck. Them were t' days.

We should get M$'s Allchin to comment

[puppetluva]

Was this traitor using proprietary software or "un-american" free software to do this double-crossing?

I certainly hope all of the other agents are using taxpayer-supported, Microsoft owned, C2 Secure (cough) copies of Windows.

A thought: maybe we should start infiltrating M$ with free-software double-agents that sneak around and plant bug-fixes everywhere. . .

Re:double standards

[Fnkmaster]

It's not a double standard. You don't seem to understand that foreign policy is not an ethical regime, because there is no general, ethical standard between nations with entirely different cultural standards. With nations we consider basically to be "allies" we are usually a little more lighthanded with our spying practices. With enemies more heavyhanded. The fact is, when you step into the world of espionage you are taking a pledge to represent your country's interests above all else. Failure to do that is presumed to be treason and to imply death. Remember that this man DIRECTLY caused the death of two others (enemy double agents - that's right, "bad guys" who were now working as "good guys" for us).

"Bad" is defined in this context as representing another nation's interests over our own, especially when that nation is considered a risk to our nation. That is basically the limit of moral considerations in espionage. Remember the goal here - to make sure that a nation that will use its power to do less evil unto the world than others maintains its edge. That, my friends, is the USA despite all the tripe you hear on Slashdot. As bad as some things the US Government does are, we are still a liberal democracy, and as such are far, far more beholden to the common interest than a converted Communist/Stalinist superpower like Russia with a chip on its shoulder about becoming a dominant player so it can help its buddies, like the Serbs, and sell arms to terrorists and rogue nations. Sounds great, huh?

So before you start blabbing about double standards understand the moral and ethical framework these people MUST operate in and realize that your life may depend on it (whether or not you are yourself an American citizen).

Re:Track 40 floppy writing is... cont.

[Domini]

The same goes for track 80 (and 81-82?) on my old Amiga. There used to be copy-protect schemes which used these tracks, and thus there were LOTS of programs that could read them. Basically every kid in those days knew about the extra tracks... but then, non of those kids were spy catchers...

Another way of floppy copy protection was to make half-written tracks, when yielded a random different result each time they were read. The software would read this a couple of times, and bomb out if it got a consistent result. This was pretty hard to duplicate with a nibble-copy, and could only be done by damaging that part of the floppy

What motivates spies

[dingbat_hp]

I find it easier to understand why one would spy for the US than the USSR. The US _loves_ spies -- maybe it's too many Bond films, but there's a cultural perception that spies are secretly heroic and motivated by a sense of higher moral purpose. After they finally escape and defect, they're feted as either heroes or merely fascinating and rewarded with well-paid lecture tours. In England, they even sprung the clearly guilty George Blake from prison, because some Guardian-reading liberals felt sorry for him.

In the East, spying is evil disloyalty whoever does it, and a "loyal" spy is regarded as barely any better than an enemy agent. There's a Russian phrase for it that translates as "Not Quite Dead Yet", meaning that even the most loyal and decorated of their own agents is only one step away from political disfavour, imprisonment and purging. Any sensible Worker would merely keep their head down and ignore the whole immoral process.

Of course, my own loyalty to the Communist International and the impending Dictatorship of the Proleteriat would outweigh any mere capitalist greed. We of Geeknatz have already destroyed faith in your stock market system with our hugely inflated boo.com's and lastminute.com's. Importing real Budweiser beer; beer that tastes of beer, not just malted rice, will destroy faith in your military-brewski complex. When your Mickey Mouse is out of copyright in 2004, we shall destroy your capitalist marketing system entirely.

All your brand belong to us !

Track 40 floppy writing and Wozniak

[Sleeper+Service]

There was an interesting keynote speech at O'Reilly OpenSource last year about copy protection & the old Apple Macs, I think.

Steve Wozniak was apparently extremely annoyed that people were perverting his lovely computer by writing funny disk formats that simple file copying wouldn't work on.

So he goes away and builds a little bit of extra gubbins on to the disk controller and writes a few extra bits of code to get a nibble copier working. Viola! He can copy disks in any format, because he can read the individual bits from each track.

But... how can Woz protect his own disks, he wonders? He sits and scratches his head for a few days, then writes some more code, this time to alter the burst timing used to write bits. a zero is something like a 4(some unit of time) burst and a 1 is an 8(unit) burst.

The Mac filesystem can detect simple bit errors and will retry a few times, so Steve decides to write a few 6(unit) bursts at tactical places - 50% of the time, they'll get read incorrectly and the Mac will retry and 50% it'll read correctly and everything will be fine. When it has to retry, it's a 50% chance it'll get it right the second time and so on...

When you nibble copy them however, the copier will read the disk once, and won't understand the bits and so won't notice the errors and retry, so where there was a "wobbly" bit, there's now a bit fixed in the wrong position.

Hurrah! Woz had uncopyable disks.

But how could he copy them for his own use..?

Well, he realises that if you heat the material enough, you get electromagnetic(?) transference between one of his special-format disks and a fresh disk. (This is apparently some property of magnets in general).

For about a week, Woz is hardly seen - he's sitting in his office with a hair-dryer trying to heat the disks up enough to transfer the data. He has a big pile of molten floppies next to him...

Apologies to Steve Wozniak and anyone who attended at O'Reilly OpenSource 2000 for the hideously innaccurate transcription of the tale... :)

Hanssen

[El+Cabri]

In other news, the FBI has not yet commented on reports that civilians touring the FBI HQ had actually conducted Philip Hanssen's screening interview.

Technological whiz

[Ukab+the+Great]

He can even upload space station instructions to androids. How do you think the rebels got the plans for the death star so easily?

track 40

spludge wrote: track 40 floppy writing (?)

Guess you weren't around in the 80's... 5 1/4" diskettes are usually formatted to have 40 tracks, numbered 0-39. But the disk drives can usually seek to track 40 or 41 without a problem. This lets you hide secret shit that DISKCOPY.EXE and so on won't pick up.

AFAIK it was first used as a rather weak copy protection scheme (you saw this a lot on the C64, at least...) and later on as a way to transmit viruses between floppies.

(Disk-based copy protection got more sophisticated, and used deliberately written errors, misalignment of the head, etc. in a vain attempt to confound the "pirate" copying programs.)

Interesting to see this used with some success against the feds... maybe they could have learnt a bit more from the phreaks after all. *grin*

forgetting about "innocent until proven guilty"?

[zyqqh]

> ... Robert Philip Hanssen, an FBI agent
> that spied for Russia for 15 years,...

Uhm. There's a certain principle in western law, commonly known as "innocent until proven guilty." Making implicit assumptions as to the otherwise on front page /. story isn't exactly a nice thing to do (not that /. claims journalistic credibility, but a lot of people tend to assume it).

He's done this already...

[mav[LAG]]

Maybe not with Quake but definitely in another game. Consider the cryptic yet almost understandable meanings of the following phrases:

• Somone set up us the bomb
• We get signal
• Main screen turn on
• How are you gentlemen !!
• All your base are belong to us

Go and read the correspondence between Hanssen and his KGB controllers and note how these phrases convey the exact meaning of what correspondence passed between them.

The last phrase is definitely the most disturbing. Was it sent before he was caught or after? I think we should be told.