Slashdot Mirror

← Back to Stories (view on slashdot.org)

Meshnet Digital Armor To Protect Tanks

Posted by Zonk on from the web-facing-armor-plating dept.

An anonymous reader writes "General Dynamics Canada and Secure Computing have partnered to develop Meshnet, a hardware/software firewall designed to protect networks and digital devices inside tanks and other military vehicles from hostile computer and virus attacks. Without adequate protection a tech savvy enemy can infiltrate networks, manipulate information, and deny crews the data they need to participate in modern warfare. Exactly such an event happened last year to an Israeli crew, when hackers from Hezbollah eavesdropped on their communications. 'The system uses Secure Computing's off-the-shelf Sidewinder Security Appliance ... Sidewinder consolidates all major Internet security functions into a single system, providing "best-of-breed" antivirus and spyware network protection "against all types of threats, both known and unknown," according to Secure Computing.'"

10 of 164 comments (clear)

  1. Sanity check: by Jennifer+York · · Score: 5, Insightful
    Do anyone think the Hezbollah reference is a little bit odd? How does intrusion detection and firewalls stop someone from eavsdropping on communications? Please point out the reference that deatils how an Isreali tank was denied information, or misled by false information.

    This unsubstantiated BS as a justification for an obvious product placement requires more scrutiny. I don't doubt that there IS a chance that some enemy force could have the capability to "hack" a tank, but the "Exactly such an event happened last year to an Israeli crew" needs some evidence.

    --
    Dominant Meme
    1. Re:Sanity check: by ByOhTek · · Score: 3, Insightful

      So, lets say I'm connecting to my computer via SSH, and I'm a savvy individual, I notice a keyswitch, etc, and won't connect if I see something like that (suggesting a man in the middle).

      No you think "great, it'll be hard to evesdrop on my conversation, I'm running SSH, it's encrypted!"

      So, now some hacker comes along and wants to observe me. He *could* go after my SSH traffic, and try to decode it, but look! I'm not running a firewall or intrusion detection software. He figures (correctly in most cases), it will probably be easier to hack into my system, and put monitors there.

      So, without a firewall, he got in easier, and without an intrusion dection system, I didn't find out. I now have a "new" ssh client, that copies everything over to his/her system, all network traffic is sent in duplicate, the keylogger is collecting all my paswords, etc, etc, etc...

      --
      Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
    2. Re:Sanity check: by ArcherB · · Score: 2, Insightful

      The communication is wireless. Either they were not encrypted, did not frequency hop or were jammed. Probably a combination.

      --
      There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
  2. The 800 LB gorilla in the room... by tgatliff · · Score: 3, Insightful

    No one wants to suggest the obvious, which is systems like this should never require antivirus and spyware support. For mission critical systems, the only thing they should use is embedded devices where the only way to install additional software is by flashing the firmware on the device. Also, use of a hardened kernel would be nice...

  3. Re:Don't want to imagine by Sqweegee · · Score: 2, Insightful

    The easy option: Don't have any remote communication/data systems connected to vehicle control systems, unfortunately there's already a lot of hardware out there already.

    The solution the US military will come up with: Spend trillions setting up a super intelligent AI that can defeat hackers on the fly and control all military weapons on it's own to spare ever needing to send real troops into battle again... it will be named Skynet...

  4. Nice ad by Pedrito · · Score: 4, Insightful

    How do I get my products advertised as articles on Slashdot? I imagine that could be pretty lucrative. Who do I pay?

  5. Single Point of Failure by cyberbian · · Score: 2, Insightful

    Any security consultant worth his salt would be aghast at the military taking up a posture that allows for a single point of failure. Defense in depth is the current mechanism of choice... talk about putting all of your eggs in one basket.

    --
    if I claimed I was emperor just because some watery tart lobbed a scimitar at me they'd put me away!
  6. What is their "antivirus" protecting against? by argent · · Score: 2, Insightful

    Is the military so stupid they're actually using Windows-based software (or software running ANY consumer OS for that matter) in battlefields? If so, there's been a major drop in their design and code standards in the past few years.

    Also, what's the threat? "This was reportedly the case during Israel's incursion into South Lebanon last year, where Hezbollah hackers were allegedly able to monitor IDF communications, giving the guerrillas a leg up in attacking Israeli armor." sounds like ordinary signals intelligence. You don't fight that with firewalls and antivirus software, you fight it with encryption and electronic countermeasures like dummy sources to fight tracking and traffic analysis.

    1. Re:What is their "antivirus" protecting against? by argent · · Score: 2, Insightful

      If so, there's been a major drop in their design and code standards in the past few years.

      Really?

      Yeh, I know a lot of people who were working on mil-spec stuff back in the '80s and earlier, and their battlefield and avionic firmware was using languages and systems developed specifically for military use. Some of them were even dismissive of ADA. I think using C++ would have started a rebellion.

      I seem to recall a battleship that got stalled a few years back ...

      Yeh, an experimental one. After that fiasco, they went ahead into production?

  7. Yeah, you go with that. by khasim · · Score: 2, Insightful

    There are a lot of ways to hack into a system, it varies on the system.

    No, there are not. There are very few avenues to crack any system.

    #1. Attack the daemon listening on an open port.

    #2. Trojans.

    #3. Exploiting a vulnerability in an app when fed specific data (IE is a good example).

    #4. Viruses that attach themselves to other apps.

    The best answer that can be given without more information is simply - they try stuff until they get some indication of the quality of the user, and the OS. At which point, they pick their method and target.

    Yeah, you've just repeated yourself without explaining how the firewall is supposed to do anything.

    Cracking a Windows box is different from a Linux box which is different from a FreeBSD box which is different from a Solaris box.

    No, it is not. They all have the same, limited, avenues of attack. There is nothing "different" about that.