Air Force Aims for Control of 'Any and All' Computers

Noah Shachtman on Wired.com's Danger Room reports that Monday, the Air Force Research Laboratory at Wright-Patterson AFB introduced a two-year, $11 million effort to put together hardware and software tools for 'Dominant Cyber Offensive Engagement.' 'Of interest are any and all techniques to enable user and/or root level access,' a request for proposals notes, 'to both fixed (PC) or mobile computing platforms ... any and all operating systems, patch levels, applications and hardware.' This isn't just some computer science study, mind you; 'research efforts under this program are expected to result in complete functional capabilities.' The Air Force has already announced their desire to manage an offensive BotNet, comprised of unwitting participatory computers. How long before they slip a root kit on you?

Re:The big problem with this...

[powerlord]

I disagree.

Usually the types of holes stay consistent, and a hole can go unnoticed for quite a while (take a look at the recent Debian issue).

Yes, this is the sort of thing that needs to evolve over time, but even then, the computers you want to compromise may not have the latest patches and updates (may not be in the position to get them, may not be undergoing regular maintenance, may be deemed to critical to risk on untested patches leaving them vulnerable which the patches are tested, or the company may have simply EOL the OS/software and there may be no patch to get).

If you were right, and all holes were patched and fixed, leaving computers invulnerable, then there wouldn't be a problem today with malicious botnets being used to send spam, perform DDoS attacks, and for use in Phishing and other Fraud/Identity theft schemes.

USA = United States of Advertising

The land of the free: where nothing is. But you're free to blog about it unless your voice is heard too clearly by the majority of blockheads.

How many marijuana spotting drones are YOUR tax dollars paying for today?

Your country is closer to Communist China's philosophies than you think, but you're too busy working and consuming to care.

Rise, Bill Hicks, Rise from your grave! We have no one like Hicks or John Lennon to rally and speak to the people. SLAVES!

Re:SETI@Home

[r_jensen11]

Umm, America's Army is produced by the US Army, not the USAF. Hell, the US Army logo is everywhere in that game. Two very separate branches of the US armed forces.

Re:Open Farce

[Ungrounded+Lightning]

Better get a few pairs of eyes to start guarding the guards. Since the NSA is a spying organization, it kind of seems silly to take them at their word about trying to make Linux more secure.

The open security community has been turning a jaundiced eye on NSA ever since its existence was leaked.

As far as I can tell, trapdoor algorithms and public-key cryptography in the public sector were developed based on speculation on the sort of thing NSA MIGHT have built into what became DES.

(Eventually - about the end of DES' design lifetime - it turned out that the funny symmetries that were noticed in the NSA-prescribed S-boxes were apparently a defense against a type of cryptoanalysis that the public sector hadn't reinvented yet. NSA has a dual charter: Spy on everybody else, but protect info in the US, both public and private sector, from bad guys foreign and domestic. Apparently they were actually living up to the nicer side of the coin. THAT time. B-) )
I'm sure the private sector crypto researchers will continue keeping a sharp eye out for shenanigans. (But it doesn't hurt to publish a reminder now and then. B-) )