Slashdot Mirror
State Department Developing Cyber Toolkit
An anonymous reader writes "The U.S. State Department, known for its recent RFID passport embarassment, seems to have developed a key tool in the Department of Homeland Security's cyber toolkit for federal agencies. There's not much out there on it other than mention of a tool called SandStorm in a recent press release from State's Bureau of Diplomatic Security. According to the site, "SandStorm simultaneously collects, correlates, and analyzes data on multiple computer systems and departs, leaving no trace of its activities. The White House is championing this cyber tool and the Department of Homeland Security has selected it as a cornerstone application for a cyber toolkit being made available to all Federal agencies." Sounds scary to me, but may be a step in the right direction."
Looks interesting...I give it 20 minutes before a copy is up on the torrent...*grins*. Then the script-kiddies can all go use it to spy on each other and prove their "1337-ness"...
Althought, truth be told - why exactly is the government telling us this? I mean, for all we know, they could have been developing these sorts of computer surveillance programs for years...in fact, they probably have. So why tell us about it now, in a highly-publicised press release? Or are they just trying to be seen to doing something, and seeming like they're on the cutting edge of technology? So maybe in truth they're actually quite clueless, and this program is nothing more than a hashed-up, worthless keylogger that looks like sample code from "Windows Internals"?
One wonders about their motives for this news release, though...
cya, Victor
Don't try to understand the logic. It's illogical. Just understand that this is the prevailing state of mind for many folks.
What they're actually talking about is the NetIntercept Appliance from Sandstorm Enterprises. This is also the FBI's replacement for Carnivore.
Do you have any idea what how slim the chances really are to be killed by terrorists in the US? Even after 9/11 it's next to none. You are far more likely to be in a car accident, die of cancer, get a heart attack or being shot by a family member.
... it's hard to shrug that off (at, say, $45k/year) and spend your time in the office making perfect decisions about how some guy at the Agency should work with some guy from State to draw the line between sniffing a laptop that someone carries, sometimes while visiting in the US, and sometimes back to Syria where he deals in chemicals and transportation.
Do you really think - really - that the only thing we're worried about here is direct death or injury of individuals, personally, by some weapon that is flown, blown up, or shot at them? The impact of 9/11 was pretty horrible for the thousands of dead and their families - but pretty much everyone in the country was impacted, as well. The economics of another serious attack - even a conventional one as before - will be mammoth. The impact of something like a Japan-style Sarin gas attack or two, or of something radiological, will be (just as the bad guys would hope) incredibly costly and disruptive. I can't even imagine something smallpox-ish, in terms of the social freak-out mess.
I live in the DC area and interact with people on the working end of these problems. They're frustrated at how hard it is to fight this crap, but they're even more frustrated at how willingly people paint them as some sort of bad X-Files villains as they do their jobs. Of all the people I've met and talked to, the only common thread that should alarm most of us is their tales of un-fireable incompetent co-workers. There are paper pushers, academics/analysts, operatives, and other people working in all of the three-letter-agencies that are just as dumb, bull-headed, whiny, annoying, distracted by the problems with their drug-using teenagers, etc. as there are in the rest of the world.
Part of the problem is the near impossibility of retaining quality (real quality) people on a government paycheck - especially in areas where the cost of living is off the charts. Living essentially hand-to-mouth in a town where a cheesy two-bedroom townhouse in a bad neighborhood costs half a million dollars, and your 15-mile round trip communute takes over two hours
Developing the tools to know what we need to know is a technical problem. Deciding when and how to use them is a policy problem. I don't sense the police state that you do, perhaps mostly because I'm life-long friends with people who are now in law enforcement and intel, and know that most of the black-helicopter hand wringing is so wildly misplaced as to be just plain funny.
BTW, to put the word "threat" in quotes implies that there simply isn't one. There is, and I'll be curious to hear your take on whether or not, in the wake of the next hit, enough intel was being gathered before hand in an attempt to stop it. Did you catch the news in Australia the other day? 17 guys, stockpiled with chemicals, bomb-making gear and plans, and in what appears to be a two-party race to see who could execute the first serious in-the-name-of-Allah mass casualties in that country first. Major intel gathering, including cyber surveilance of several flavors, was the only reason that Sydney or Melbourne didn't get exactly what just happened in Amman yesterday. And if you think that the only impact on the Jordanian economy is the death and injuries to a couple hundred people, you're way, way wrong. Your initial point (about the odds of any one person being killed by a terrorist) is an often-repeated rhetorical canard that (not out of ignorance, because you have to know better) deliberately pretends that both the intent and impact of terror is person-to-person damage. Wake up, man. Or spend next week in Amman and ask the merchants, the cabbies, the food service people, and everyone else what the odds are that the terrorists only hurt the 57 people that died.
Don't disappoint your bird dog. Go to the range.