Slashdot Mirror

← Back to Stories (view on slashdot.org)

State Department Developing Cyber Toolkit

Posted by samzenpus on from the like-a-thief-in-the-night dept.

An anonymous reader writes "The U.S. State Department, known for its recent RFID passport embarassment, seems to have developed a key tool in the Department of Homeland Security's cyber toolkit for federal agencies. There's not much out there on it other than mention of a tool called SandStorm in a recent press release from State's Bureau of Diplomatic Security. According to the site, "SandStorm simultaneously collects, correlates, and analyzes data on multiple computer systems and departs, leaving no trace of its activities. The White House is championing this cyber tool and the Department of Homeland Security has selected it as a cornerstone application for a cyber toolkit being made available to all Federal agencies." Sounds scary to me, but may be a step in the right direction."

24 of 269 comments (clear)

  1. what? by markybob · · Score: 5, Funny

    a step in what direction? hell?

  2. Re:Definitely Beneficial by markybob · · Score: 5, Insightful

    because this america, not china. our property is supposed to be free from search without a warrant. it has something to do with the constitution...

  3. Motives for telling? by victorhooi · · Score: 5, Interesting
    heya,

    Looks interesting...I give it 20 minutes before a copy is up on the torrent...*grins*. Then the script-kiddies can all go use it to spy on each other and prove their "1337-ness"...

    Althought, truth be told - why exactly is the government telling us this? I mean, for all we know, they could have been developing these sorts of computer surveillance programs for years...in fact, they probably have. So why tell us about it now, in a highly-publicised press release? Or are they just trying to be seen to doing something, and seeming like they're on the cutting edge of technology? So maybe in truth they're actually quite clueless, and this program is nothing more than a hashed-up, worthless keylogger that looks like sample code from "Windows Internals"?

    One wonders about their motives for this news release, though...

    cya, Victor

  4. Not scary by katana · · Score: 5, Funny

    In fact, it sounds really cool. In fact, *everything* sounds cool with "cyber" in it. No seriously, try it. Cyber jail. Cyber llama. Cyber tubgirl.

    Told you so.

  5. They that can give up essential by chris_sawtell · · Score: 5, Insightful
    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."

    Ben Franklin wrote those words over 200 years ago.

    They apply today just as much as they did then.

    Somebody needs to remind the current incumbent of the White House about his nation's history.

    1. Re:They that can give up essential by Master+of+Transhuman · · Score: 4, Insightful


      He obviously meant that there IS no such thing as "permanent safety" (and there isn't short of being Transhuman and even then you probably have to worry about interstellar gamma ray bursts). Anybody who thinks the US government can make anybody "safe" from anything is a total idiot. They can't even keep the Prez safe as several Prez's have proven by taking bullets.

      And there are no such things as "inessential liberties" since by definition if you are not free to do what you want, you are simply not free. Political freedom is like being pregnant - you either are or you aren't. You either submit to the state in one or more respects, or you don't.

      What you are NEVER free from, however, is the consequences of your free actions - which isn't relevant to the discussion because we are discussing political freedom, not physical or social cause and effect.

      --
      Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
  6. We have heard of such backdoors before... by NZheretic · · Score: 4, Informative
    From the "Transcript of Internet Caucus Panel Discussion. Re: Administration's new encryption policy.
    Date: September 28, 1999.
    Source: Tech Law Journal recorded the event, transcribed the audio recording, and then converted it into HTML.
    Weldon statement:

    Schwartz: Congressman Weldon, thank you very much for being here. Do you have any questions.

    Rep. Curt Weldon: Thank you. Let me see if I can liven things up here in the last couple of minutes of the luncheon. First of all, I apologize for being late. And I thank Bob and the members of the caucus for inviting me here.

    Pardon me if I seem a little bit confused to our panel, but, I am, and have been, with the change in direction which has occurred. But before I begin, let me say at the outset one of my biggest projects for the past four years has been to build what is becoming the first smart region in America, linking up all of the institutions within a four state region -- Pennsylvania, Delaware, New Jersey, and Maryland -- _____. In fact, over the weekend, I hosted the Minister _____, who is the Minister of Information Technology for Malaysia. As we signed an ____ with them for uplink downlink ties between our hub initiative in the four states, and the new Malaysian super-computing corridor project that they are building in Malaysia. So, I am a strong advocate for the use of information technology.

    But my other hat is to chair the Research Committee for National Security. And when Bob introduced his bill three years ago, my door was pounded incessantly by the Defense Secretary and his staff, by the Director of the CIA, and by the head of the NSA, and I would note for the record neither the CIA nor the NSA is here today.

    Who is actually speaking for them today, I might add? OK.

    NSA and CIA came in, and in a very intense way, lobbied me personally, and I am not a computer expert, nor am I a lawyer, and they asked me to give access to my subcommittee and the full Armed Services Committee to look at the security implications of the change in Bob's legislation. I respect Bob. I think that he is an outstanding member. But I felt that I owed it to my committee, and my responsibility to Congress to listen to what the administration was going to tell me.

    We arranged a series of classified hearings and briefings. And, as with any Member of Congress expressing concern about the ability for our forces involved in a hostile environment to be able to respond quickly, ____ back to 1991 in Desert Storm where my understanding is that our commanders in the field had Saddam Hussein's commands before his own command officers had them, because of our ability to intercept and break the codes of Saddam's military. I want to make sure that we have that capability in the future. I responded in a very positive way to the argument that was being made by the CIA, by the NSA, and by DOD. And we took some very tough positions.

    In fact, Ron Dellums and I offered the amendment last year that had only one dissenting vote in the House, and this year passed by a vote of 48 to 6.

    In the past year none of those briefings have changed. And the people who have come to me as a Member of the National Security Committee, there has been no lessening of their impression of the threat. Yet all of a sudden I am told, and John Hamre, I think, he made the courtesy of calling me in advance, that there was a change.

    Now, I agree with the gentleman from the White House, for the administration, that it was coincidence that this happened the day before Vice President Gore went to Silicon Valley. I agree that that was just a coincidence.

    But the point is that when John Hamre briefed me, and gave me the three key points of this change, there are a lot of unanswered questions. He assured me that in discussions that he had had with people like Bill G

  7. Eventually by Hao+Wu · · Score: 4, Insightful
    The government will eventually realize that computer technology is bigger than any federal agency.

    Hence, they will likely create a new one, the Department of Computing (not part of the FCC) in order to grow themselves, tax society, and control private citizens. Just like they do for everything else.

    Of course it will be sold as "building bridges" or "advancing technology", etc... Something for our childrens' future, no doubt.

    --
    I suggest you read Slashdot
  8. Re:Definitely Beneficial by Anonymous Coward · · Score: 3, Interesting
    Not sure why the submitter of this article thinks its a scary thought.
    I'll tell you why. Because a disproportionate number of Slashdot readers believe that any technology that is largely used for benign purposes, but can potentially be abused by the government (e.g., SandStorm to gather private information), must be suppressed at all costs. But the same group also believes that any technology that is largely abused for illegal purposes, but can potentially be used for benign purposes (e.g., BitTorrent for distributing Linux ISO's) must be protected at all costs.

    Don't try to understand the logic. It's illogical. Just understand that this is the prevailing state of mind for many folks.
  9. unlawful search and seizure by RY · · Score: 3, Insightful

    Now the DHS can "collect, correlate, and analyze data on multiple computer systems" with no warrant. A true American patriot has nothing to hide from the government. Right Comrades.
    The White House and Department of Homeland Security are such champions of constitutional rights.

    By the way the root kit is hidden in powerpoint files.....

    I've got to go answer a knock at the door; my ride to a black prison is here.

  10. Ah, but? by Anonymous Coward · · Score: 3, Funny

    Will it run on Linux?

    1. Re:Ah, but? by Tekoneiric · · Score: 4, Funny

      Will it run on the Amiga OS?

      --
      *It's not what you can do for the Dark Side but what the Dark Side can do for you!*
  11. Re:Definitely Beneficial by Skrekkur · · Score: 5, Insightful

    Do you have any idea what how slim the chances really are to be killed by terrorists in the US? Even after 9/11 it's next to none. You are far more likely to be in a car accident, die of cancer, get a heart attack or being shot by a family member. This terrorist "threat" is no reason to take away our freedoms and slowly install a police state where the citizens are the "threat". Sure we cannot just ignore the threat but I for one prefer a little "unsafer" world over privacy invading security

  12. Re:Serious? by symbolic · · Score: 5, Insightful


    Remember how the existence of Eschelon was denied until some British guy confirmed that it did in fact, exist? Remember the cheesy "agreement" that the US would not be collecting data on its own citizens, but would have every opportunity to access such data from that collected by any of the four other Eschelon participants? There is absolutely no reason to believe that it WON'T be used on U.S.-owned sites. Even worse, there's absolutely nothing that will stop them, if they so choose.

  13. "Sandstorm" is a commercial product by Animats · · Score: 4, Interesting

    What they're actually talking about is the NetIntercept Appliance from Sandstorm Enterprises. This is also the FBI's replacement for Carnivore.

    1. Re:"Sandstorm" is a commercial product by Helevius · · Score: 3, Informative

      Wrong -- RTFA and check out the capabilities listed in the two presentations:

      Free to DHS & federal government
      From Dept. of State [and DHS US-CERT]
      Like EnCase Enterprise edition
      Network forensics "grep"
      Examine system state
      Remotely search multiple systems - files, ports, processes, file headers, hashes, MACs, ADS
      Search all files changed in this time frame
      Search all files with this hash regardless of name
      155KB agent runs, then deletes itself
      Windows only
      Fairly forensically safe - does not change file MACs
      Root kit detection to come later

      The key points are "155KB agent runs, then deletes itself" and "Windows only". SandStorm Enterprises did not create this product.

      Helevius

  14. they spout ish like this for wanna be terroists... by xTantrum · · Score: 5, Insightful
    They must...
    According to the site, "SandStorm simultaneously collects, correlates, and analyzes data on multiple computer systems and departs, leaving no trace of its activities
    How the hell can a goverment - who has so much internal bickering and bureacracy going on, can't even co-ordinate an efficient rescue mission after a hurricane on their OWN SOIL, AFTER THEY JUST GOT TAKEN OUT BY TERROISTS and had ample warnings, and implement RFID tags in passports knowing the security risks and exploits available - expects us to believe they can actually take their collective heads out of their ass and deliver on this. C'mon get your shit togather first on the home front, like savings lives, increasing awareness for science education, available cheap broadband..yada, yada, yada - then come talk to me about this. It really comes down to this. I DON'T BELIEVE YOU! see my sig
    --
    $action = empty(PHP) ? backToC() : unset(PHP) ; "when the concrete cases are understood, the abstractions are readily
  15. Beneficial does not mean prudent. by headkase · · Score: 4, Insightful

    Come on buddy, mentioning terrorists is like the latest fad in political correctness subscribers - you must agree or your helping the terrorists. Yes, terrorists use the Internet to communicate, but, so do literally billions of people who are not terrorists. Should they be spied upon benignly at first and maybe less so when abuse(s) finally occur? It's still not as simple as that however as the Internet is used to commit far more crimes a day than terrorists use it for so there should be some kind of forensic tools available to ordering agencies like law enforcement but the use of the software needs oversight and it morally shouldn't be a blanket system unless the risks truly justify that all the way back to the voters in opinion. This kind of thing creeps me out, its could be the software equivalent of the Stasi in old East Germany.

    --
    Shh.
  16. Re:Sandstorm isnt racist...yeah right... by msuarezalvarez · · Score: 3, Funny

    That, and he used arabic numbers to write his telephone number...

  17. Re:Definitely Beneficial by LaurenBC · · Score: 3, Insightful

    Who says it won't be ? Who will stop them from using it on anyone they please.. You trust the government ? I don't.

    --
    I don't need this, I've got a Master's Degree in folklore and mythology!
  18. What's a cyer-tubgirl? by NoMaster · · Score: 3, Funny

    One wearing a 7-of-9 costume...

    --
    What part of "a well regulated militia" do you not understand?
  19. Re:Definitely Beneficial by rpetre · · Score: 5, Funny

    With the internet being the defacto standard for terrorist communication

    In other news, air just became the defacto standard for terrorist respiration.

  20. Re:Serious? by Alphabet+Pal · · Score: 4, Insightful
    Even worse, there's absolutely nothing that will stop them, if they so choose.

    Actually, we could stop them, easily. As Winston observes in Orwell's 1984, "if the Proles united, they would get rid of Big Brother like a bull shaking flies off of its back". But we won't. We're all afraid of something. When Ian Clarke created Freenet, did we unite in support of him? Mention Freenet on here and see how long it takes somebody to say "nobody's on Freenet except pedophiles. If you have nothing to hide, you have nothing to fear." If we truly didn't want to be spied on, we wouldn't be, but the truth is that the vast majority of us (even on tin-foil-hat-dot here) do.

    --
    Because you can't spell "slaughter" without "laughter"
  21. Re:Definitely Beneficial by ScentCone · · Score: 3, Interesting

    Do you have any idea what how slim the chances really are to be killed by terrorists in the US? Even after 9/11 it's next to none. You are far more likely to be in a car accident, die of cancer, get a heart attack or being shot by a family member.

    Do you really think - really - that the only thing we're worried about here is direct death or injury of individuals, personally, by some weapon that is flown, blown up, or shot at them? The impact of 9/11 was pretty horrible for the thousands of dead and their families - but pretty much everyone in the country was impacted, as well. The economics of another serious attack - even a conventional one as before - will be mammoth. The impact of something like a Japan-style Sarin gas attack or two, or of something radiological, will be (just as the bad guys would hope) incredibly costly and disruptive. I can't even imagine something smallpox-ish, in terms of the social freak-out mess.

    I live in the DC area and interact with people on the working end of these problems. They're frustrated at how hard it is to fight this crap, but they're even more frustrated at how willingly people paint them as some sort of bad X-Files villains as they do their jobs. Of all the people I've met and talked to, the only common thread that should alarm most of us is their tales of un-fireable incompetent co-workers. There are paper pushers, academics/analysts, operatives, and other people working in all of the three-letter-agencies that are just as dumb, bull-headed, whiny, annoying, distracted by the problems with their drug-using teenagers, etc. as there are in the rest of the world.

    Part of the problem is the near impossibility of retaining quality (real quality) people on a government paycheck - especially in areas where the cost of living is off the charts. Living essentially hand-to-mouth in a town where a cheesy two-bedroom townhouse in a bad neighborhood costs half a million dollars, and your 15-mile round trip communute takes over two hours ... it's hard to shrug that off (at, say, $45k/year) and spend your time in the office making perfect decisions about how some guy at the Agency should work with some guy from State to draw the line between sniffing a laptop that someone carries, sometimes while visiting in the US, and sometimes back to Syria where he deals in chemicals and transportation.

    Developing the tools to know what we need to know is a technical problem. Deciding when and how to use them is a policy problem. I don't sense the police state that you do, perhaps mostly because I'm life-long friends with people who are now in law enforcement and intel, and know that most of the black-helicopter hand wringing is so wildly misplaced as to be just plain funny.

    BTW, to put the word "threat" in quotes implies that there simply isn't one. There is, and I'll be curious to hear your take on whether or not, in the wake of the next hit, enough intel was being gathered before hand in an attempt to stop it. Did you catch the news in Australia the other day? 17 guys, stockpiled with chemicals, bomb-making gear and plans, and in what appears to be a two-party race to see who could execute the first serious in-the-name-of-Allah mass casualties in that country first. Major intel gathering, including cyber surveilance of several flavors, was the only reason that Sydney or Melbourne didn't get exactly what just happened in Amman yesterday. And if you think that the only impact on the Jordanian economy is the death and injuries to a couple hundred people, you're way, way wrong. Your initial point (about the odds of any one person being killed by a terrorist) is an often-repeated rhetorical canard that (not out of ignorance, because you have to know better) deliberately pretends that both the intent and impact of terror is person-to-person damage. Wake up, man. Or spend next week in Amman and ask the merchants, the cabbies, the food service people, and everyone else what the odds are that the terrorists only hurt the 57 people that died.

    --
    Don't disappoint your bird dog. Go to the range.