US Cyber Command Wants Greater Attack Mentality

superglaze writes "Lieutenant General Robert J Elder, Jr, a senior figure in US Air Force Cyber Command (AFCYBER), has told ZDNet UK that communication issues are hampering the division's co-ordination. 'IT people set up traditional IT networks with the idea of making them secure to operate and defend,' said Elder. 'The traditional security approach is to put up barriers, like firewalls — it's a defense thing — but everyone in an operations network is also part of the [attack] force. We're trying to move away from clandestine operations. We're looking for real physics — a bigger bang resulting in collateral damage.'"

First strike & offense capablity.

[John+Sokol]

I am waiting for them to call me and my buddies.

First they need older hackers, not script kiddies.
Black hats, or at least former black hats.

Lot's of Jolt Cola, Cold Pizza and some dark dungeon supplied with what ever mind altering substances needed and a steady supply of nerdy Asian girls to look after them.

Also the boxed set of all Stargate, Star Wars, Star Trek, Battlestar Galactica and.. Na on second thought, we'll just grab them off Bit Torrent. Same for the HDTV, UPS delivery off some stolen credit card, old habits die hard.

Maybe more useful would be legal immunity/amnesty, from all of the collateral damage from relaxing hobbies like taking down the RIAA or Microsoft in the process, (oops).

But seriously, a License to hack anything domestic and foreign with total immunity as long at it's primarily against the enemy would be totally cool, I think a lot of us who had to give up the black hat because we have kids and just can't afford to go to prison, would be all over this.

Why domestic, I almost don't want to say this publicly but the best way to get in is start in.
http://www.c-program.com/kt/reflections-on-trusting.html

Anyhow you can't play by the rules, if they think you can launch and offensive attack without some pre-preparation your wrong.

Making an offensive toolkit is fantasy. By definition this is script kiddie and lame.

> where vulnerabilities are introduced into chipsets during manufacturing that an adversary can then exploit, and electronics vulnerabilities.

I have been told years ago that this is already being done at Taiwanese fabs to us.
Chips were designed to be resonant at some Ghz ranges and would be equivalent to an EMP when hit.
This is done at the fab without changes to the chip design but layer thicknesses that is something the fab has total control over.

These attacks should be in any OS, Router, or any other electronic devices that get sold and without the knowledge if it manufactures either. This would hackers the greatest flexibility to exploit them when needed. They key is to make sure it's not detectable or exploitable by other hackers.
An example would be to hack into Microsoft and muck with their distro before it goes out.

Of course with Microsoft and Apple, this would already seem to be unnecessary.