Slashdot Mirror
Air Force Launches Encrypted IM Service
nomrniceguy writes "U.S. Air Force's Print News Today announces a new instant messaging service for enlisted people stationed abroad to communicate with their families and loved ones. Users cannot send images, audio or other documents through the system. Messages are also encrypted to prevent unauthorized access."
Can't send pictures, huh?
Anyone have a copy of uuencode laying around for them?
You can never go home again... but I guess you can shop there.
This will protect their vital messages such as HeY SeXaY and WhAt R U N2?
B a11 U /an B, |_o|_
Users cannot send images, audio or other documents through the system uue or yenc?
Mongrel News all the news that fits and froths
They should be more worried about soliders posting their digital camera photos to public sites than what could be hacked through instant messages...
This instant messaging service has been in use for a couple of years now. However it was limited to military and contractors. Now it's open to family members. The airman has to sponsor you by entering in your email address, and then you receive login instructions.
How am I supposed to fit a pithy, relevant quote into 120 characters?
No media, huh? I guess that means we can go back to using our imaginations to visualize the horrors reported back by our soldiers abroad.
On a lighter note, it's nice to see that they will have an easily surveilled method to connect with family from abroad.
Does it run on Linux?
"I assumed blithely that there were no elves out there in the darkness"
What's wrong with Jabber, AIM, MSN, or any other chat medium? Sure they might not have encryption (unless the Jabber server has SSL enabled), but then again, I'm sure there's some rule that says that the soldiers shouldn't be sharing secrets or mission critical information with anyone but themselves...
...right? So why the need for encryption to keep the "I hope I'll be home soon, how's the family?" messages private? Unless I'm missing something...
Text only, eh? To the multitudes, I present two functions, base64_encode and base64_decode.
:-p
Email is still all text and probably always will be
Colin Dean Go a year without DRM
I guess that rules out links, w3m, and lynx.
Think it works with Firefox or Mozilla?
It would be interesting to know how secure the encryption really is. Traditional 128-bit SSL? And does the Air Force get to censor the communication?
How encrypted is this? Can military censors read this? What's to stop someone blabbing about deployments or positions?
Computers are useless. They can only give you answers.
-- Pablo Picasso
it allows them to offer an approved solution to soldiers without them having to spend time researching all the other possibilities.
The Kruger Dunning explains most post on
Anyone know why the AF would come up with their own system? Is it just to be able to backdoor it for security reasons?
Agile Artisans
And yet they have blogs.
They state in the article that initially the users could chat to people on other IM networks, but the functionality was removed because these networks allowed users to send&recieve files etc.
So why the hell didn't they just disable this feature and keep the gateways in??
Supplied by akamai.com ?
a l. download.akamai.com/11372/DoD%20Warning%20Statemen t.htm
See the links throughout
http://www.my.af.mil/
to, for example (Privacy Policy)
http://a248.e.akamai.net/7/248/7850/v001/ftptri
Stephan
http://stephan.sugarmotor.org
No matter what kind of encryption technology they have implemented for their IM; if the soldiers are going to use the webbrowsers in cybercafes in the foreign land. Then god help them. I have been here in KSA (Kingdome of Saudi Arabia) for six month now. All the MS-Windows systems in cybercafes are full of spywares, keyloggers and whats not. Most of these problems due to administratative rights given to all the clients who need just a browser. No matter what technology one uses over netwrok but its very difficult to get rid off key loggers. After experiencing all that crap I bought a dial-up internet connections cards (Nesma and Zajoul)... both the connections are pretty slow for me though.. compared to my home country dial-up.. Now I can browse through Firefox with antivirus and personal firewall on.... Pretty safe feeling now. I get atleast one incoming connection to my system from the external internet every five minutes. I suspect these are from other dailup users(probably infected) only. Withought a firewall and unpatched MS-Windows system you will be a deadduck in hour or so. I think they should give them secure client machines also. That will help them in better way. I read about the massive bandwidht they are enjoying in this IRAQ war. If they are routed through their own satellites then nothing like it.
but it sure sounds like an improvement considering the second gulf war was coordinated though.... microsoft comic chat... no really, you cant make stuff like this up!.(search for "alien" in the text... I kid you not!)
IRC, the protocol voted "script kiddies choice" for ten years in a row, is what powered the critical communication infrasteructure. Combined with a microsoft client that adds comic characters. Also the database used for collecting and assigning ground targets for bombers.... access.
You can Paypal it right here.
It may just be my copy of Firefox, but the link at the bottom of that article (to the actual AF website) throws up a dodgy server certificate warning.
There goes any hint of faith I may have had in this being secure.
How many people can read hex if only you and dead people can read hex?
Somehow I don't think that this is really encrypted. Well... encrypted so that enemies can't intercept it, yes... but not encrypted so that the Air Force itself can't read what's being transmitted. Somehow I doubt they'd leave the risk of transmitting sensitive data with no way to see what's happening completely open to the entire Air Force.
- dshaw
as the rude AC noted, this is a web based IM program, not a VOIP telephony program. So, sotp using your karma-bonus to post factually incorrect first posts.
Meh. its not Base64 and sure as heck isn't UUEnc.
I am in the Air Force, a 2E251, job title is "Computer, Network, Cryptographic, and Switching Systems Journyman". here is how i can best explain why it is encrypted and why we cannot use regular IM products (aim, icq, etc etc...) It isn't that classified or top secret messages are being transmitted across this system, it's simply to keep the enemy from deducing simple things and protecting the members families. Think of it this way, if you have 100 people from the same network ID talking about hopping on a plane for a "Big Mission" the enemy might beable to figure out what's going on. another good reason for encryption is so that when members are like, "Boy, i can't wait to go home for christmas and go to grandma's so and so's house this year" what's to keep enemy's/Terrorists from taking from there grandma's name, finding out where she lives, and then kidnaps her to black mail you, or just out right kill her to hurt the morale of all troops in the sand box. also, due to AFI regulations, regular IM programs are not authorized for use on Air Force Systems, plain and simple, for those exact security reasons. i was in Iraq/Oman for a while back in the summer of 03, and i used this program alot. Thank you all, and i hope this was useful.
President Bush Supporter
Yeah. I'm sure no other country in the world is trying to listen in on US conversations, nor are there any countries in the world who try to protect themselves from other countries doing the same to them. It's exclusively a USA-only thing.
Fucking morons.
This far into the discussion and no one's made an "AIM High!" joke yet? C'mon, people.
Yeah, right!
This
[i]The only one i can see is that they can chat with there families [/i] [BR] I thought that was kind-of the purpose of IM in the first place, to chat with friends/family.
I browse on +1 so AC's need not respond, I won't see it.
I've been spending WAY too much time on a phpBB. shoot me now.
I browse on +1 so AC's need not respond, I won't see it.
wich they could do just as well with the myriad of other IMs already in existens
Actually all commercial IM's are blocked by the military. The reason givin was a bandwidth thing.
Some days I get the sinking feeling Orwell was an optimist.
does anybody know if the IMs are moderated by a security team in a similar manner to written letters to prevent servicemen and women from accidentally releasing sensitive information?
now, don't get me wrong, censorship is almost always bad, but in the military it is a necessary evil to prevent a mole from leaking information. this information would only be useful to a terrorist and be used to put our enlisted men and women in harms way.
Encryption is useless if one of the people on either end blabs something they shouldn't. Sensitive information should not be transmitted to family members. Period. In other words, the whole encryption thing is a bit pointless...
-- If you try to fail and succeed, which have you done? - Uli's moose
I'm in the air force and I actually get deployed to the base that this client was beta tested. things are pretty restricted there. Here's a synopsis of what it is like.
being that going off base to go to cyber cafes and use the internet there is really not reaslistic to do everyday, maybe not even once a month, our only choice is to use the internet connection provided on base. Don't get me wront i think it's great for them to give us this luxury in a war zone, but we get the internet through the local internet companies and there is also this filter called "websense" which filters out half of the internet. most people who have a desk job have a computer thats hooked up to the internet. there is also a place where any joe blow airman can go to and use a computer for a timed 20 minutes (sometimes when it wasn't buisy the people there would let you stay on as long as you want).
There is another option which alot of people dread and thats to get internet in your room (trailer room really.) This sounds nice, however, the same restrictions that apply to the base apply to your computer in your room. Not only that but before you can get on the network you need to give up your computer (usually a laptop) for a week or so, so the computer guys can wipe your Hard drive clean and install windows xp, and set it all up so that you only have basic user rights.
So all the email from back in the states is blocked off, you can't install any programs, well you could but after you get your computer back from the computer guys it pretty much a government computer hooked up to a government system, and doing anything to comprimise security of the system would mean trouble for you, and I'm not talking about a letter from your ISP trouble either. I'm sure there's ways around this, i have a few ideas myself, but i would rather not ruin my carrer over this.
Anyways to make a long story short, the only i could get in contact with my girlfriend and family (besides my 2 15 minute phone calls per week) was through the Email that was given to me and goes through the base exchange server.
I tried using the email like a IM, the only thing is it is not very reliable, that is there would be some times where i would be talking away and nothing for a half and hour and then boom, like 20 messages all at once. not to mention times when the server is actually down. It got to be pretty flustering after a while.
I know that when I'm deployed I'm at war, and things like this make the air force pretty spoiled, and resented by the other services, but hey, That's why i joined the air force.
bottom line is I think this is a great service for us and I can't express how grateful i am for this. I hope that this will spread throughout all the military.
Actually, the reason they more likely had in mind was incidents like this.
Web-based, SSL encrypted system. I've personally used it and find it sub-par. It's not designed to compete with AIM, et al. It can't.
What it does have going for it is that the AF has tight control over its network. You can't install MSN messenger, AIM, YIM, Trillian etc. without getting picked up by the admins. And the ports are already blocked. Being a web-based client, it doesn't require an installation, nor does it take up any extra ports.
Regarding encryption and monitoring, the AF can monitor, but don't assume it does. There's enough going on without bothering to sort through every love not and chat conversation between Airman Snuffy and his girl. If there's reason to suspect espionage, it'll be watched. But if any info is going out through this hunk of dren called Bantu, I'd be surprised.
Honestly, it's no big news inside the AF. The Air Force Portal (my.af.mil) has enjoyed some success, but it's still a solution looking for a problem in some ways.
Essentially UNIX talk (or ntalk), over an SSH tunnel?
Kinda sad.
/~mikeg
It's hex. You've got all your basic hex digits there [0-9][a-f] and nothing else. I have no idea beyond that.
Grouping the hex into bytes doesn't help either.. since 14 isn't a letter in ASCII... Not UTF8 either. Maybe UTF16, but I doubt it.
The testing and certification process is so onerous and lengthy (up to 10 years) that a system can be hopelessly obsolete by the time it finally is certified, if it makes it. Then there's the abuse of the labels "classified", "secret", and so forth to cover up problems. Known flaws in security related software are often kept secret from everyone-- enemies, rival companies, critics and auditors and security experts, not to mention the users. Very convenient for the vendors and their sponsors. Diebold security anyone?
There is the paranoid refusal to use something just because it's from outside the US-- it might have malicious code. And there are the export controls that try to keep technology in the US, implicitly assuming the US is the leader in this area. Ironic that the effect is the loss of US leadership as experts set up elsewhere (OpenBSD in Canada, for example).
And if all that isn't bad enough, the military pushes this idea of responsibility, as in "held responsible" and possibly even sent to jail should any breach in security occur. That makes military base system admins very conservative and risk adverse.
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
Re-inventing the wheel at tax-payers' expense
is not my idea of frugal gov't use of tax $'s
I'd have jumped on the Skype bandwagon; it rocks for free!
http://www.jabber.com/index.cgi?CONTENT_ID=460 I reckon this is Jabber Incs technology which they licenced recently to USJFCOM. If it's not well I'll be wrong! Fairy
Right, like AIM/ICQ is a stripped version of Skype? Don't think so. I agree with garbletext. Way to try to sound funny and end up coming off as an ass.
OS, Web Server and Hosting History for www.my.af.mil
http://www.my.af.mil was running AkamaiGHost on Linux when last queried at 24-Dec-2004 05:38:53 GMT
So if you strip the Voice out of a Voice Over IP program, tell me what you end up with? I'm trying to picture a VOIP program that doesn't do VOIP. I can't imagine it does anything. Next you'll tell me kDevelop is a stripped version of OpenOffice
DarkMantle I been bored, so I started a blog.
Will this new instant message service perhaps be named IcbM?
And it used to work. -- Alejandro Escalante Medina http://alexdinamo.homeip.net/weblog
This isn't about WWII type security. This is about GWII where unwanted pictures have spread around and appeared in newspapers. Very embarassing for both the military and the government.
See my journal, I write things there
anything that it can't decode in real-time (or in the future via archives) for any given use.
As for the suggestion to use UU en/decode or other binary-to-text converters: It's potential use was most probably thought of, which in turn would prompt the creation of a script that would scan through and moderate (or flag for review by IT personnel) those messages which contained headers for programs such as UUencode, PGP, etc.
Like every system, there will always be ways around its security measures. However, there should be no reason why the terminals being used by the soldiers can't be kept free of spyware, keyloggers, and the like (ie. re-imaging workstations at the end of the day.) Either way, the military brass will still have access to the information being sent by soldiers, but would severely limit access to information (and thereby its abuse) by those outside of the group charged with running the system.
God bless the men and women of the United States Armed Forces!!