U.S. Gov't Sponsors InfoSec Defense Training

Anomolous Cow Herd writes: "CNN is reporting that the U.S. government is awarding scholarships to a select few computer science students to study information security, with the caveat that they must agree to work for a government agency for at least two years afterwards. This is in response to the general state of paranoia that has ensued since 9/11, with 'cybersecurity' as a high priority. Considering that a vast majority of government agencies run on Windows NT and derivatives, it's no wonder that they consider the eventual graduating class of 180 'doesn't have a chance.'"

FYI: Free COMPSEC training materials on CD

You can request free computer security training information (mostly on CD) from DISA.

http://iase.disa.mil/eta/index.html

NSA

[Loki_1929]

Just thought I'd point out that the NSA has been running similar programs for a while. I actually looked into them when I was in college, but then I realized I was looking at Big Brother and asking for a part in the book 1984... on the wrong side.

On a lighter note, after hearing that Intel is trying to claim the word 'inside' as its own, I decided to do a little investigating as to exactly what is inside. Take a look.

CIA, etc

[Alien54]

I seems to me that the CIA had this sort of deal going for a while. I know that this sort of thing has been routine for the military for a long while.

Here in the link, for example, to the CIA College Intern Page.

so basically, sounds like non news item.

Maybe these are the guys who bugged a student press office at Quaker Campus a while back? Although i mention this with a something of a tongue in cheek spirit, to be serious, that incident does seem to be more of a local job using radio shack parts.

REAL security [Re: Bash boy, bash]

[octogen]

We should not ask whether UNIX is or is not more or less secure than Windows NT, we should ask whether a specific derivate of UNIX can be made more secure than Windows NT can be made.

You are all mainly talking about application level security.

How many exploits are there on Windows NT - for IIS, for LANServer, for other NT services, for hacking the registry?
How many exploits are there for Linux - for Sendmail, for BIND, for telnet and even for SSH?
You mentioned OpenBSD, so let's take some look at OpenBSD. Its DEFAULT install is secure.
What about adding third-party software? What happens, when you've got Sendmail installed, and someone manages to hack uid 0 by exploiting some vulnerability in the Sendmail daemon?

All of these exploits are application level vulnerabilities.
The real problem with operating systems is, that they highly depend on application level security. Even OpenBSD is NOT really a secure Operating System - it's just a really secure software distribution.
OSes themselves may not be vulnerable - but their highly privileged application make them vulnerable.

However, for some derivates of Unix and specific setups of Unices, this is no longer true, while for Windows NT/2000/XP it is still true - and that is, why some Unices actually are more secure than NT, because their OS Kernels offer really strong security below the application level (user space).

Did you ever take a look at Trusted Solaris, at AIX/CMW, or at Argus' Pitbull for Solaris or AIX?

Sure, if some application is vulnerable to being exploited, it will still be vulnerable when running on one of these OSes - but it doesn't matter that much, because these Operating Systems are locked up from inside the OS kernel.
On 'normal' Unices, you simply attack some process, which has root privileges, and all system security is gone because of root's omnipotent superuser privileges.
On the OSes mentioned above, you do not run any process with root-like privileges, because you simply don't need to - instead, you've got a large set of privileges to allow some very specific privileged operations (like using a restricted port or changing the root directory), so what do you want to attack in order to get access to the Operating system itself?

On an Argus-enhanced Solaris box, for example, Sendmail would be running in its own compartment and with the PV_ASN_PORT privilege in it's effective privilege set.
If someone would successfully attack Sendmail, he/she would...
a) ...be locked down into sendmail's compartment
b) ...probably lose all of sendmails privileges when exec()'ing another binary, because the other binary does not have these privileges in its proxy privilege set
c) ...not be able to access configuration files, because they are probably protected by an integrity label
d) ...not be able to read secret information, because MAC's sensivity label would not allow it
e) ...not be able to gain any further privileges, even if he/she could exploit highly privileges binaries, because these privileges are not in the session's limiting privilege set

Provided that these Trusted Operating Systems are correctly configured, the only way to hack into one of them is to attack the OS kernel itself.

So, how many exploits can you find for the Pitbull-enhanced AIX kernel?

More information:
Trusted Solaris
Argus Systems

kind regards from Austria,
octogen

setting some things straight

[ironleaf]

The program only accepts U.S. born applicants; more information on the Iowa State fellowships is available as is information on the program as a whole. Most of the core training at Iowa State is in Computer Engineering classes: CprE530(protocols), CprE531(security), CprE532(warfare/hacking), CprE533(crypto) and CprE534(ethics). If you take a look at the ISU fellowship specs, I think you'll agree that this is a decent way of paying for school and serving your country at the same time. I agree with the previous post that this is basically ROTC for geeks. ;-)

Re:Good for Linux?

[nathanm]

Granted, the US government runs mainly under Windows systems

No they don't. Maybe for desktops, some workstations, a few file servers, and the occasional public web server, but the US govt uses lots of different systems. There are still many systems running on old proprietary mainframes, plenty of Novell (even as old as version 3) networks, and a whole lot of Unix systems.

Also, all classified systems run only on Trusted operating systems and software, which meet criteria for a specific level in the Orange Book from the NSA. According to this, the latest version of Windows that was certified is NT 4.0 with SP 6a and the C2 update, in Nov 1999.

Happening here

[Lish]

I'm a grad student in CprE/Security at Iowa State, one of the schools administering this program; I was too far along in my studies to apply. Some notes:

1. This started before 9/11. This is not in response to terrorist threats, but rather a real nderstanding that critical infrastructure is at risk.

2. There are both 2-year fellowships for grad students and scholarships for undergraduates. They cover full tuition, room, board, books and fees, plus a stipend.

3. It works a lot like a ROTC scholarship: we give you two years of support, you owe us two years of work after you graduate. Which in security isn't a bad tradeoff; guaranteed job plus very resume-boosting experience. Yeah, you can make more money elsewhere, but it's a good job.

If you want more information about actually applying, you can look at the program webpage here, or the ISU Information Assurance Program site here.