Slashdot Mirror

← Back to Stories (view on slashdot.org)

Military Secrets for Sale on Stolen USB Drives

Posted by ryuzaki0 on from the find-the-battleship dept.

nTrfAce writes "Per a BBC Article, "US forces in Afghanistan are checking reports that stolen computer hardware containing military secrets is being sold at a market beside a big US base. Shopkeepers at a market next to Bagram base, outside Kabul, have been selling memory drives stolen from the facility, the Los Angeles Times newspaper says.""

11 of 225 comments (clear)

  1. I'm no military fan... by Anonymous Coward · · Score: 4, Interesting

    ...but how do they know the 'secrets' are actually that and not some kind of decoy?

    1. Re:I'm no military fan... by mrogers · · Score: 5, Funny
      Military Intelligence has released a list of the secrets that have been recovered and those that are still at large. Among the recovered secrets:

      • The B2 Stealth Bomber is just a decoy made out of balsa wood and black paper; smart bombs are actually delivered by UPS
      • Lee Harvey Oswald acted alone; the FBI and Secret Service were so embarrassed by their failure to protect the President from some wandering nutjob that they spent the next 30 years trying to create the impression there had been some kind of conspiracy
      • A 1989 Cheers episode that made reference to the Kennedy assassination was seized by the CIA minutes before it was scheduled to air; the tape went missing, and so far 11 American civilians have been killed in the effort to prevent it reaching a wider audience
      • Aging Cuban guerillas launched a successful coup in Washington DC while the nation's attention was focussed on the last episode of Sex and the City. President-for-Life Fidel Castro described it as "a good day to bury good news".
  2. Why? by bl00d6789 · · Score: 5, Insightful

    Let me be the first to ask: Why the hell is the military storing sensitive data on USB drives, which are prone to both theft and failure?

    1. Re:Why? by michaelhood · · Score: 4, Insightful

      Policy and practice are often quite distant from each other in reality. Especially in government; military or otherwise.

    2. Re:Why? by 1u3hr · · Score: 4, Insightful
      Let me be the first to ask: Why the hell is the military storing sensitive data on USB drives, which are prone to both theft and failure?

      Most likely it's just sneakernet; moving files from laptop to PC etc. After transferring the files they forget to wipe the USB stick. The army will probably try to stop this by mandating it not be done. Which will work for a while till troops rotate and a new batch come in. The only real solution is to physically disable USB ports, which would be difficult with the number of legitimate USB peripherals now. Otherwise everything needs to be transparently encrypted. The military fears losing access to critical data in battle more than possible security breaches though.

    3. Re:Why? by arivanov · · Score: 5, Interesting
      The army will probably try to stop this by mandating it not be done.

      Once upon a time it could force that it is not done. This is what levels of security above C and OSes like Trusted Solaris were all about. Not about being unhackable, but about it being impossible to copy data from a higher security container to a lower. Granted, someone with high enough security clearance and rights to declare his USB drive "secure" could have gotten past that as well, but the average PHB wannabie corporate ladder climber could not do anything about it. He could not "take work home".

      This is also coming back. The slashdot crowd keeps bitching about Vista DRM being Digital Wrongs Management and being mostly promoted by pigopolists. Once again wrong. Along with AD it will allow any corporation to force a mandatory encryption policy on all the data on all media in the house at the click of a mouse. Throw in this the usage of TPM chips on all Vista ready PCs and this will make any data that a corporation wants to make unrecoverable without proper access credential on a PC really unrecoverable. All of this centrally controlled. This will also result in much faster adoption of Vista in the enterprise than people can even think off, especially for mobile devices.

      This also means that if Linux is to compete for the desktop it will have to have the same features regardless of Stallmans desires. This is one thing on which Linus is absolutely right. The usage of DRM by pigopolists is a current fad which is only a minor fraction of its actual use. The real use of DRM is to enforce a security policy on data across an enterprise. Having this will be essential to the success of any OS out there in 2-3 years. Also, there is no problem with DRM being opensource. Essentially DRM is nothing but a crypto application. Same as with every good crypto - having the source should not allow one to break it.

      --
      Baker's Law: Misery no longer loves company. Nowadays it insists on it
      http://www.sigsegv.cx/
  3. Re:Strong encryption by meringuoid · · Score: 5, Insightful
    I hope that those soldiers were not storing weird photos involving prisoners ...

    If soldiers have been abusing prisoners, I'd prefer them to photograph themselves doing it and then store those photographs on disks which are later stolen and leaked to the press.

    Otherwise, how will we ever know what our armed representatives abroad are doing in our names?

    --
    Real Daleks don't climb stairs - they level the building.
  4. why/when. by rew · · Score: 5, Insightful

    Why and when are rules ignored?

    Here in the Netherlands, there has been a series of cases where sensitive information has leaked through stolen/lost hardware, and every time some official was breaking the rules.

    The rules were unworkable: DO NOT TAKE YOUR WORK HOME.

    So, no reading of a report on the train, no after-dinner report writing. Nothing. Ambitious people break the rules to perform better. So they take stuff home anyway. As long as the hardware doesn't get stolen, nothing is noticed. Big publicity when sensitive information makes it to the press.

    But if they were to start policing the policy, a lot of the ambitious people would eventually give in to the rules, and simply watch tv after dinner, and read the newspaper on the train. Results? Productivity drop.

    1. Re:why/when. by Darren.Moffat · · Score: 5, Insightful

      "Results? Productivity drop."

      I personally disagree, in my experience you actually in the longer term get a productivity increase. Why ? because the people are more relaxed and more refreshed with a balanced lifestyle that isn't all "work work work". People who constantly take work home are marters to the job or just really bad at planning.

  5. More details in the original LA Times article by rchatterjee · · Score: 5, Informative

    The BBC article is based on a LA Times article which contains more details like the fact that on the thumb drives they found a list of soldier's SSNs which which they were able to track down the soldier's home addresses.

    Original LA Times article

  6. Re:Strong encryption by RandoX · · Score: 4, Insightful

    "The truth" is subjective.