Slashdot Mirror
Real Cyber-Spying
phr1 writes: "Kevin Poulsen has an article at The Register about a USAF sergeant arrested for emailing classified info to "Country A" (apparently Libya). The guy was something of a bozo, using free webmail accounts from locations near his home to email the stuff. It's an interesting read about a legitimate (for once) cyber-bust."
hmm, so they do have some backdoors in the encryption used.
(Or they just got the key from the first email.)
The referenced article had a link to the best demo I've seen so far about the US Government's "separate" internet called Intelink that links intellegence agencies. This is where our spy got his material he tried to sell - online, not from an old-style combination safe. Intelnet is supposed to be totally isolated from the "regular" internet (yeah, right, anybody got a connecting URL?) but it's got 250,000+ users. How can the security on this thing be airtight enough to entrust US secrets to it? A few nights ago I watched the Nova rerun about Bletchley Park breaking the Nazi Enigma code and the point was made over and over that the Brits got toeholds into breaking the code by flaws in the way the Germans in the field actually used the Enigma on a day-to-day basis. Aren't we setting ourselves up for exactly the same thing with a quarter-million users out there? Yo, some Slashdot user who has access to this thing - tell us what administrative security is in force! Also, this guy went to his public library and logged onto free email accounts to transfer his information - what should he have done? What is the next way a spy will use the regular internet as an anonymous deaddrop more successfully than Sgt Regan?
Your secret key being lost does not make the encryption readable. From the PGP FAQ:
l #3 .10
http://www.uk.pgp.net/pgpnet/pgp-faq/faq-03.htm
3.10 If my secret key ring is stolen, can my messages be read?
No, not unless they have also stolen your secret pass phrase, or if your pass phrase is susceptible to a brute-force attack. Neither part is useful without the other. You should, however, revoke that key and generate a fresh key pair using a different pass phrase. Before revoking your old key, you might want to add another user ID that states what your new key id is so that others can know of your new address.
As someone who lives in the D.C. area, I run into alot of retired 20yr/career military types who are "double dipping" (local vernacular for someone taking a pension while working). I didn't realize spying was an option.
... moreover, to do it in a town which is chock full of feds looking for the big bust. Man, this guy did everything but walk in front of the Hoover building with a sandwhich board that read "Hi I'm Brian. Come Spy with Me".
What I find most interesting is whow BAD a spy this guy was. Going back to the same account nine times ? Especially regularly using, and repeatedly ging back to local public libraries, where all activity is recorded and logged for just such abuses ? Where the library's access to the network is often via some other local government agency or educational institution ?
And the list of stupidity goes on. Including continuing with the same Modus Operendi after making the initial contact via the internet
The entire incident is mind boggling and makes me wonder what type of security they're NOT teaching our USAF boys in blue.
healyourchurchwebsite.com - WWJB?
What the article doesn't adequately address is the issue of just how the FBI first got wind of Regan's activity. It's an interesting question, one that should give pause to anyone considering providing information to third parties as a way of supplementing a meager government pension.
Come to think of it, the initial discovery steps are never addressed in the popular reporting of spy incidents, and since most cases either never make it to court or contain "sensitive material" that is not accessible to those not in the loop (that usually involves defense lawyers). Somehow though, I get the impression that foreign agencies are so thoroughly penetrated by American intelligence that spying against the US is a death wish. You will be sold out by your contact in Moscow or Tripoli who probably makes $100 a month and dreams of nothing better than retiring in the States with an American government pension. Either that, or the powers that be monitor all communications to an extent that even Slashdot readers would find unbelievable, so that anything even remotely secret that goes over the wire or the ether is read, catalogued and forwarded to the competent authorities.
I'm no foreigner so don't nuke me for what I'm about to say......... I would HOPE that our members of "US Intelligence" would be somewhat knowledgeable when it came to the topic of encryption. I am under the assumption that this bum's messages were not cracked by a government employee but rather some "cracker" with a trivial brute force method. From personal experience, only a small handful of people involved with the government would have the brain power to attempt such a feat. (let alone think they could get away with it scott-free.)
Now this is "military intelligence" at its finest.
No one ever mentioned the idea, if the criminal was smart, we probably wouldn't know about it and he would be living comfortable some place.
If we don't make light of everything, we are just stumbling in the dark - Blank