Slashdot Mirror
Air Force Aims for Control of 'Any and All' Computers
Noah Shachtman on Wired.com's Danger Room reports that Monday, the Air Force Research Laboratory at Wright-Patterson AFB introduced a two-year, $11 million effort to put together hardware and software tools for 'Dominant Cyber Offensive Engagement.' 'Of interest are any and all techniques to enable user and/or root level access,' a request for proposals notes, 'to both fixed (PC) or mobile computing platforms ... any and all operating systems, patch levels, applications and hardware.' This isn't just some computer science study, mind you; 'research efforts under this program are expected to result in complete functional capabilities.' The Air Force has already announced their desire to manage an offensive BotNet, comprised of unwitting participatory computers. How long before they slip a root kit on you?
You know my fear is when I wake up one day and my cable, phones, and internet doesn't work because the US and some nerd terrorist group are caught up in some sort of cyber war. Knowing that war fair has finally started to use network assaults the same way they use stealth planes is really a sign of the times.
We all know that the internet is not secure, we all fight to keep it open. I assure you the last day we freely browse to other country sites will be the day we get a news worthy terrorist botnet attack that shuts down the likes of teh red cross. and gives the government a chance to sever the cables that connect us to the rest of teh world and insert some sort of keyed routers that you need a passport ID to traverse.
Or when Microsoft and Apple crumble and are forced to insert backdoors (I say "forced", because as sceptical as I am, I don't WANT to believe that they'd do it willingly, even if it is the case)...
Problem is (for them, not us), after this, any commits made to Linux or BSD or anything that don't seem to add anything, make unnecessary use of network commands or seem in any way unsafe will be set upon by every tinfoil hat freak out there, same with new contributors, so they'll have a really hard time doing this.
Are you serious? "Protect"? Just how they protect it against terrorism, communism and religions?
Personally I feel fear out of this since I run OS X nowadays and Apple aren't the most security aware and patch decisive* company/group/.. around. And I don't want to computer owned by the american government thank you, and preferably noone else either.
* (I tried to find some opposite to hesitate)
They are going to have to put in a chip in every single piece of hardware shipping out of every single manufacturer. That would be the only way to get something of this magnitude to work. Somehow I don't see all the manufactures and consumers getting on board with this. Any software solution to this would face too much trouble - I for one am not willing to let the government take cycles away for good or evil use. Its just not a good idea. 11 Million could probably go to better use elsewhere.
Prediction: The real iPhone killer is going to be sex robots from Japan. Think about it.
So the Air Force can do whatever the spooks (and their Bush crony masters) want, like fly surveillance drones, record and datamine us against satellite surveillance, and help the NSA filter every bit of our telecom.
Because these people hate the Constitution. They hate our freedoms and rights the Constitution instructs them to protect. They hate us. Because we get in the way of business, which is to spend on war the maximum amount Americans can make or borrow.
Feel safer?
--
make install -not war
http://home.comcast.net/~plutarch/PoliceState.html
Most systems have moved to automated patching. You can find Win98 boxes on the internet today, but that doesn't mean an attack you had 10 years ago will work today. It's a small subset, and continually getting smaller.
/. theme was saying how much more secure Linux is to Windows. At one point, Windows was pretty horrible. As it is today, Windows has really gotten a lot of their holes fixed and you rarely see this claim anymore (despite the "defectivebydesign" tags on every Microsoft article).
A popular
There are still plenty of holes that exist now, and I know who is programming tools to exploit them for the appropriate TLA. And I'm certain that many tools already exist! But doing this high-profile project is just a PLOY for an ongoing project disguised as a short study.
Humorously, I could see a lawsuit from this opening up the door for the first expansion of the 3rd Amendment since Engblom v. Carey if they did compromise the machines of US citizens to use in an offensive botnet. Arguably being forced to host Air Force activities on your private property violates the same kinds of rights that the 3rd Amendment protects.
The Second Circuit said: [W]e hold that property-based privacy interests protected by the Third Amendment are not limited solely to those arising out of fee simple ownership [of homes] but extend to those recognized and permitted by society as founded on lawful occupation or possession with a legal right to exclude others. The court was talking about state-owned rental properties where striking prison guards were evicted and replaced with National Guardsmen, but I can see an argument for extending this to being forced to host Air Force use of one's chattels within a home (or maybe even outside of a home since the same possessory "right to exclude others" exists). I don't see Scalia or Thomas buying the argument, but it would be fun to watch someone try and argue it before the rest of the court.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Hmm...not sure how many computers have downloaded America's Army, but how hard would it be to slip a botnet agent into a patch or download?
Of course, there's nothing to stop you from setting up some honey-pots, figuring out the control commands, and taking control of a large chunk of the botnet, since it *isn't* centralized. then turn it on the parts you don't control, or the central c&c computers, or other "targets of interest."
Or use it to create "false flag" attacks.
Or a few rounds of "Do you want to play a game?"
Kevin Smith on Prince
The Air Force's notion of a covert op is bombing someone using a stealth bomber. If they start that sort of computer attack, it'll almost certainly be part of a more general strike, and the ability to "deny responsibility" in that situation is worthless.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
I know I've seen this before. Military creates a botnet to control millions of computers around the world.
Does anyone remember how that turned out for us in the movie?
Not necessarily true. They take some soldiers who were wounded in battle and spend good of time and money to retrain them in certain fields... I know a guy who was a marine and never had any interest in computers at all. He took some shrapnel in the face, so they went and trained him in everything he could learn in networking, and now he's freaking great at it. The same could apply to many other aspects of technology.
The 3rd would be a stretch because no one is actually being quartered in a private home. The 4th also might not apply because gaining unauthorized access and use is neither a search nor an outright seizure (or they both might; a court would have to decide that, and it might make it all the way to SCOTUS). However, there are plenty of both state and federal laws regarding breaking into computers, and I doubt (or at least hope not) that any of them contain a clause that says "breaking into and hijacking computers is illegal, unless you're government or military."
That said, if they needed a botnet in time of war, all they'd have to do is ask. I could provide at least 2, and probably 4 or 5, computers for the express purpose of participation in a botnet to attack our enemies' networking infrastructure. I'm too old to join the army and fight; giving them some bandwidth and CPU cycles, I can do. I'm sure it wouldn't be that hard to get volunteers for such a project.
Yea it sounds like something to make people more afraid that they can vs. actually do. DAMNIT MY PDP 11 Just hacked into... And it wasn't even on or hooked up to a network!
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
The putative "high ground" you would have us claim here is: "We do not dabble in cyber hacking." If we take that position, and fancy ourselves morally superior for doing so, then the next (and inevitable) cyberwar will be over very very quickly.
More generally, Sun Tzu was right: a constant preparation for war is the only way to avoid one. Being beloved by other nations is not a useful goal, because their adoration is worth exactly zilch. It is cheaper instead to be feared, so that we don't then have to expend any resources fighting off an invasion -- be it cyber or physical, against us or against an ally.
Humans are not a peaceful species. Peaceful humans get devoured. Humans will leave you in peace only if you seem dangerous.
FATMOUSE + YOU = FATMOUSE
You are probably thinking about the Posse Comitatus Act (http://en.wikipedia.org/wiki/Posse_Comitatus_Act). However what that act really prohibits is the use of military forces as peace officers within US borders. Hacking into citizen's machines to use them as part of a botnet wouldn't fall under that.
A couple of people have brought up the Third Amendment (http://en.wikipedia.org/wiki/Third_Amendment_to_the_United_States_Constitution) which covers the quartering of soldiers in private homes. I am not a Constitutional lawyer but I'm guessing that doesn't really apply either in a strict literal sense or in the spirit of what the authors intended. The intent was purely in people being forced to quarter soldiers. There's no mention of whether or not the military has the right to seize assets they might need, which is closer to what they would be doing in this case.
If I had to guess (and I would have to) I would think the Fifth Amendment (http://en.wikipedia.org/wiki/Fifth_Amendment_to_the_United_States_Constitution) is probably more applicable. Its final clause is "nor shall private property be taken for public use, without just compensation". Hacking your system and using CPU cycles and bandwidth without permission would seem to constitute at least a form of taking of my property. They may not physically take it but they take control of it and even though I get it back later the clause doesn't say it's ok for them to take property as long as they bring it back.
You've never had coworkers disappear only to find out later they moved close to NSA headquarters and they've now got money out the wazoo, have you? The _really_ good computer folk get paid a lot of money to do neat things by you and me (well, me anyway; not sure if you're from the U.S.). Even if they were only getting paid the same, they'd probably still do it because it's interesting work, and you can't beat a government job for benefits and stability.
You never heard of a chain gang? You haven't heard of China's prison labor? Forced labor is unethical under most codes of ethis, and is immoral, but is most certainly not against everyone's codes of ethics.
The thief's code of ethics says that stealing is necessary. His code of ethics forbits leaving something where it might be stolen.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
Under the Computer Misuse Act, you'd be breaking the law, even if you *are* the US Air Force.
Legal papers or lead? Your choice...
Current work on Linux per-process capabilities, role-based access controls and mandatory access controls may render the concept of "root" or a "superuser" under Linux obsolete. What would you need such a user account for? But if there is no superuser, in the traditional sense of the term, then there is no account on the system that would grant the air force (or anyone else) total control of that system. Control would be properly segmented and independently managed, limiting the value of such an attack. Well, it would need to be via the kernel, if no user had those access rights, and it would need to be via a user that could load things into the kernel, and it would need to make use of some exploitable kernel bug that bypassed the security modules.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
All the Air Force has to do is to bring some pressure on the PCI based NIC manufacturers to embed some IPMI equivalent functionality and they're done. A project like this could be done for under $1 Million. And would give you a backdoor into a lot of places.
There's one little problem with that though. 3COM is essentially owned and now run out of Communist China. Their Chinese CEO even had the audacity to move there recently, while still claiming that it's an American company. Hah.
And guess who is one of the biggest suppliers to the U.S. government, as far as networking tech goes? Yep. That 3COM.
I say "good luck" to the Air Force. I think the Chinese have already beaten them in this game.
That is actually an excellent plan.
/. tradition:
Sell the computers to schools at half price with a clause in the contract that requires them not to reflash the BIOS (where the botnet is stored). That way you have computers distributed all around the country, and you could have about 40 thousand Dells. Buy up OLPCs, infect them, send them to the children in Africa, etc and the attacked country can't just block the US.
So in the grand
Step 1: Buy computers and infect with US Army botnet.
Step 2: Sell/give computers to schools around the world
Step 3: Sell advertising space on the boot splash screen.
Step 4: ??? (spam your enemies to death)
Step 5: Profit.
They ARE out to get you simply because They are in it for themselves and they don't care about you.
Slip one on my PC and I'll sue them for half of their annual budget. If they touch my PC without a court order, they'll be neck deep in shit so fast they have no idea. And yes, I can afford the legal costs.
If you mod me down, I *will* introduce you to my sister!
not at all - it will go into the CPUs.
accidental downloading of large bits of "spam" will contain encrypted data which, when the CPU notices that the network interfaces (or the nearby electro-magnetic spectrum) are blipping up-and-down in some not-exactly-random pattern, begins to interpret the SPAM (or EM noise) in some morse-code-like way that activates the CPU to "phone home".
suddenly all the DRM in your hard drive and motherboard which is normally used for DMCA coercion, gets activated for other purposes.
given that the encryption in the DRM is at a level higher than the highest level specified by the DoD for ultra-top-secret material, it will of course be perfect for taking over your computer.
overall i wish i was entirely joking about this, but it unfortunately makes far too cohesive a story.
let's call it a joke, anyway. ha ha.
But if there's one thing that armed services habitually put more effort in to than preparing for war, it's engaging in bureaucratic cold wars between themselves. And if one branch of the US government puts their hand up to do "cyber-war", you can bet your bottom dollar that half a dozen others will want a piece of it too.
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
it's kinda funny that slashdot's negative response to this is really only because it's the Air Force. It must be the mark of coders/engineers that we (myself included) obviously think it's an architecture flaw; a different part of the system should be tasked with this responsibility.
If rumor got out that the NSA had active plans for this, we'd all put our armchair hacker hats on and be posting ways to make it better.