Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Approves First 802.11b Product for Secret Data

Posted by michael on from the modprobe-orinoco dept.

joehoya writes "I realize this is a couple of days old, but the National Security Agency recently certified the Harris Corp's Secnet-11 as the first 802.11b system permitted to carry US SECRET level data. See press release. The system integrates NSA crypto with commercial chipset based 802.11b PCMCIA cards and access points to create a secure wireless LAN. Unfortunately, you and I won't be able to buy them, as they are only available to organizations with an NSA COMSEC account."

12 of 252 comments (clear)

  1. How is this unfortunate? by drinkypoo · · Score: 4, Interesting
    It's already possible to "leverage" "existing technologies" in order to do secure communications using "commodity hardware".

    Or, in English (and not marketdroidspeak) you can have perfectly secure communications over existing 802.11 as long as you encrypt at the protocol level rather than the hardware (link? I need to study my OSI seven layer network burrito) level. So why do we care about this anyway?

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  2. Public or private key? by thirty-seven · · Score: 4, Interesting

    I wasn't able to find this in the press release. Does anyone know if the encryption algorithm would be public key based, or would it be DEC or something like that?

    --

    Atheism is a religion to the same extent that not collecting stamps is a hobby.

  3. /me hopes this will make it out to the market by EvilOpie · · Score: 3, Interesting

    I hope that at some point technology like this makes it out to the hands of the average consumer. It's good to see that at least someone is trying to make wireless access more secure. It would be nice to be able to pick up a secure wireless product at some point, and use it out of the box without worries of it being insecure.

    But until then, there's always VPN or SSH tunnels. And as an added bonus, you can impliment SSH tunnels for free. (even for web and other traffic... not just SSH data)

    --
    -Through the server, over the router, off the firewall... Nothing but 'Net!
  4. But it only works with Windows.......... by jcrb · · Score: 5, Interesting


    who is fooling who here? None of the OSes (only Windows versions) it works with are certified for TOP SECRET data.... guess its pretty useless till someone does the linux port eh? :)

    --
    -jon
  5. Possible Use for detecting detecting software? by lpret · · Score: 3, Interesting

    In a recent article we discussed the futility of implementing a detector detector in a network. This seems that this would be one use that would actually help as an extra layer of defense.

    --
    This is my digital signature. 10011011001
    1. Re:Possible Use for detecting detecting software? by sakeneko · · Score: 3, Interesting
      In a recent article [slashdot.org] we discussed the futility of implementing a detector detector in a network. This seems that this would be one use that would actually help as an extra layer of defense.

      Stratum8 Networks , perhaps? (Disclaimer -- I work there, so I'm not unbiased.) :)

      --

      Catherine

  6. why not in software? by mocktor · · Score: 5, Interesting

    impressive stuff... from what the datasheet says this all looks to be implemented hardware on the card - but given the low-level facilities of the chipsets on consumer-grade 802.11 cards is there any reason why some bright coder can't do a similar thing in driverspace?

  7. There's that secure wireless oxymoron again by kbielefe · · Score: 4, Interesting
    At my work we deal with a lot of secret and/or export controlled material. There are areas at my work set aside for foreign customers that we aren't even allowed to run a wired LAN connection to. If you want to run some software over there, you have to put it on a floppy or CD and carry it over from your desk. This can be a real pain when trying to find an elusive bug. Maybe it was just easier than getting the security measures approved to connect the LAN.

    If they have good reason at all to be that paranoid about a wired LAN, I think it won't take long for this "secure" wireless thing to come back and bite the NSA.

    --
    This space intentionally left blank.
  8. MAIN NSA COMSEC ACCOUNT by Istealmymusic · · Score: 3, Interesting

    The main NSA COMSEC Account is 880099, and its address follows:

    Middle River Facility
    Building A-W Dock 2
    2800 Eastern Boulevard
    Middle River, MD 21220
    --
    "The lesson to be learned is not to take the comments on slashdot too literally." --Vinnie Falco, BearShare
  9. This is great! by LittleLebowskiUrbanA · · Score: 3, Interesting

    My unit sets up networks in the field (I'm a Marine) and most of the work involves running a fiber backbone and running CAT5 to each and every computer in the fieldHQ (tents). We had looked into running wireless but of course the security was non-existent. Maybe now, we can spend more time training the junior Marines on real networking, not running a CAT5 drops to some officer who "has" to check his email. My platoon will be looking into this tomorrow, I can assure you.

    --
    This guy is way out there
  10. So what? Even the phone book is classified! by pvera · · Score: 4, Interesting

    This is a non-event. And secret is not a life-or-death classification level, as anything that is considered remotely important will automagically get tagged with TS + keyword.

    --
    Pedro
    ----
    The Insomniac Coder
  11. Most readers missing the point... by drunkrussian · · Score: 5, Interesting

    To get something approved for processing at the SECRET level is a moderately big deal for those who work with such data. For the outside world, it's not the last word on the quality of the system.

    You can't, for example, get a Linux box approved to process SECRET information (at least, last I checked). Windows is approved, however. Yet, for the commercial user, I would say that Linux is more secure than Windows. What matters is how the system is set up. I'm kind of surprised that there's any demand for wireless networking at the SECRET level. With few exceptions, a classified box has to be physically disconnected from all other machines and operate only from hard drives with no communications software on them. There was an article on cnn.com today about a hacker who got access to sensitive but not classified information on military networks. The reason he didn't get access to classified information is because of the way it's protected.

    And forget about anything at the TOP SECRET level or above. We have a room at the office that does work at the TS level. If you bring a disk in there, you can't leave with it. If you bring a hard drive in there, it can't leave the room. Once a computer goes in there, it can't leave either. Well, that's not entirely true...security chops them up into little tiny pieces, waves magnets over them, and does some other magic to make them completely clean before they can leave. They're certainly never useable again. They even destroy the monitors before removing them from the room, in case an image might be burned into them.

    Anyway. People who deal with SECRET information will probably be interested in this article, and I'm sure life will go on with no change for those who don't.