Slashdot Mirror

← Back to Stories (view on slashdot.org)

Air Force Aims for Control of 'Any and All' Computers

Posted by timothy on from the we'd-rather-kill-them-off-by-peaceful-means dept.

Noah Shachtman on Wired.com's Danger Room reports that Monday, the Air Force Research Laboratory at Wright-Patterson AFB introduced a two-year, $11 million effort to put together hardware and software tools for 'Dominant Cyber Offensive Engagement.' 'Of interest are any and all techniques to enable user and/or root level access,' a request for proposals notes, 'to both fixed (PC) or mobile computing platforms ... any and all operating systems, patch levels, applications and hardware.' This isn't just some computer science study, mind you; 'research efforts under this program are expected to result in complete functional capabilities.' The Air Force has already announced their desire to manage an offensive BotNet, comprised of unwitting participatory computers. How long before they slip a root kit on you?

19 of 468 comments (clear)

  1. new meme by isotope23 · · Score: 5, Funny

    new meme -

    Imagine an AirWolf cluster of these......

    --
    Service guarantees Citizenship! Questions Guarantee GITMO.... Amerika Uber Alles!
    1. Re:new meme by Anonymous Coward · · Score: 5, Funny

      Since we're talking about the military, shouldn't it be, "Imagine a clusterfuck of these"?

  2. Who comes up with ideas like this? by bsDaemon · · Score: 5, Insightful

    This must be the ultimate example of "solutions" to engineering problems coming from a manager and not an engineer. I bet they'd like a pony while they're at it.

    You know they'll get what they want out of commercial OSs by putting pressure on the vendors. Linux and the BSDs are too much of a moving target, and OpenBSD is run out of Canada anyway. If ever there was an article that needed to be tagged 'goodluckwiththat,' this would be it.

    1. Re:Who comes up with ideas like this? by bennomatic · · Score: 5, Funny

      I love your "pony" comment. A couple of months ago, I was on a conference call with a client, a large defense contractor whose name sounds like it might refer to a hole in the ground where sweet, sticky bee-made syrup comes from, and I used that line. They said, "We would like to see X and Y done by Z date," and I said, "I understand, and similarly, I would very much like a pony."

      My boss called me two seconds after the conf call ended. Since I saw the caller ID, I knew what was coming, and I answered the phone, "Was that inappropriate?" "Yes," was the answer, "but very funny. Don't do it again."

      --
      The CB App. What's your 20?
  3. If you ask me.... you didn't but.... by zappepcs · · Score: 5, Insightful

    I'd say this was as illegal an idea as malicious botnets. My computer cpu cycles are NOT for sale to the US Government, or any government. They can have them when they pry them from my dead cold pc case...

    --
    Support NYCountryLawyer RIAA vs People
  4. Eleven million? Good luck. by mckinnsb · · Score: 5, Insightful

    Establishing total and completely control across all hardware and operating systems, all patch levels, etc?

    I admire your optimism, USAF, but $11 million dollars is simply not going to make that happen -if it can even be done. Software companies have enough trouble just getting their *own* software to work installed on *willing systems*, and some of the bigger ones spend that kind of money just getting it to work on one operating system withing a reasonable set of constraints.

    Take into account the fact that you will also be most likely using pre-existing exploits, which will be repaired swiftly by responsible developers that watch security RSS feeds, and this is a red herring task. If you are talking about spending 11 million dollars on doing your own research towards establishing remote control by examining source code or reverse engineering to find new exploits, then honestly, you aren't just crazy- you are batshit crazy. You're going to need a whole hell of a lot of money to do that.

  5. The big problem with this... by bugnuts · · Score: 5, Insightful

    ... is a taxpayer money sink.

    Over time, systems change. That means after this two-year study and eleventy-million dollars later, it's worth very little a year down the road. In three years, we're virtually guaranteed to have nothing for the efforts, except a statement saying "Oh, we learned a lot, and now need continuing funding. Please give us more money."

    Although many holes in software exist for a long time, they are generally patched within a couple months once discovered, usually sooner. And as soon as the military activates one of these holes, it'll be analyzed and patched. That will remove one of their finite resources.

    100% control of all platforms and systems is beyond ludicrous. They might as well wish they could read minds, teleport, and find Carmen Sandiego. Or at least Osama.

  6. They wouldn't do that... by Jafafa+Hots · · Score: 5, Funny

    it would be unethical!

    --
    This space available.
  7. Re:SETI@Home by SatanicPuppy · · Score: 5, Insightful

    The whole botnet thing just shows how absurdly out of touch they are. A botnet is a tool created by a bunch of guys who have limited computer resources in a bid to increase those resources.

    Why the fuck would the United States Air Force want a botnet, when they could have the real thing? A tightly integrated computer network with near unlimited bandwidth, satellites, super computers, massive clustering, and secure, integrated control.

    Botnet. Jesus. Someone take the freaking tech magazines away from the air force brass before they start doing social networking or some crap.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  8. what they want and what they'll get rarely match by Danny+Rathjens · · Score: 5, Insightful

    I bet when the military was studying psychic remote viewing and psychic assassination the project goal was for completely functional capabilities as well. How did that turn out? ;)

  9. Yeah, sure. by atomicthumbs · · Score: 5, Funny

    Good luck hacking my laptop. It runs BeOS.

    --
    http://pinopsida.com
  10. I can think of a few reasons by spun · · Score: 5, Insightful

    Why would the USAF want a botnet? One, a botnet is distributed and harder to block than a centralized computing facility, or even a reasonably distributed one. Two, a botnet can grow as needed. When fighting an enemy botnet, this could prove very necessary.

    Not that I'm condoning any of this, mind you. Just saying, I don't think the Air Force brass are all total idiots.

    --
    - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
    1. Re:I can think of a few reasons by trolltalk.com · · Score: 5, Interesting

      Of course, there's nothing to stop you from setting up some honey-pots, figuring out the control commands, and taking control of a large chunk of the botnet, since it *isn't* centralized. then turn it on the parts you don't control, or the central c&c computers, or other "targets of interest."

      Or use it to create "false flag" attacks.

      Or a few rounds of "Do you want to play a game?"

      --
      Kevin Smith on Prince
  11. I think you don't know what "hard-kill" means. by sideshow · · Score: 5, Funny
    It's just zeros and ones. You can TALK tough, but when a 5 cent CD foils your "hard-kill" on my "information" you're really just wasting time and effort.

    "Soft-kill" would mean destroying you computer and therefor rendering you ineffective. "Hard-kill" would mean shooting you in the face and therefor rendering you dead.

    --

    Hollow words will burn and hollow men will burn.

  12. 3rd Amendment fun? by Valdrax · · Score: 5, Interesting
    Chances are that they'll want to try to compromise foreign systems and not US systems to use in a botnet to avoid legal liability within the country.

    Humorously, I could see a lawsuit from this opening up the door for the first expansion of the 3rd Amendment since Engblom v. Carey if they did compromise the machines of US citizens to use in an offensive botnet. Arguably being forced to host Air Force activities on your private property violates the same kinds of rights that the 3rd Amendment protects.

    The Second Circuit said:

    [W]e hold that property-based privacy interests protected by the Third Amendment are not limited solely to those arising out of fee simple ownership [of homes] but extend to those recognized and permitted by society as founded on lawful occupation or possession with a legal right to exclude others. The court was talking about state-owned rental properties where striking prison guards were evicted and replaced with National Guardsmen, but I can see an argument for extending this to being forced to host Air Force use of one's chattels within a home (or maybe even outside of a home since the same possessory "right to exclude others" exists). I don't see Scalia or Thomas buying the argument, but it would be fun to watch someone try and argue it before the rest of the court.
    --
    If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
  13. dear air force morons: by circletimessquare · · Score: 5, Insightful

    you don't defeat your enemies by engaging in their tactics. that just makes you the moral equivalent of your enemy, thereby nullifying any moral high ground you claim to have, thereby nullifying any reason any citizen of your country or ally of your country would side with you

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  14. Third Amendment, anyone? by RJCantrell · · Score: 5, Insightful

    The third amendment to the US Constitution reads: "No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law." This idea is so important that the founders put it in before trial by jury or cruel and unusual punishment. Aside from the "because we said so" Bush regime's retorts, is there any way that involuntary botnet participation could be even slightly legal?

  15. From experience... by Anonymous Coward · · Score: 5, Insightful

    I've worked at an Air Force Research Laboratory for the past 3 years. I can guarantee you nothing will come of this, it is a giant waste of taxpayer dollars, and no one should be worried about their privacy (just their pocket books).

    Now the previous comments about them spending $11m and then 3 years later asking for $11m is close but also wrong. They will ask for at least double that, every 3 years (take a look at their POMs in the future), indefinitely...

  16. Re:SETI@Home by hesiod · · Score: 5, Interesting

    Not necessarily true. They take some soldiers who were wounded in battle and spend good of time and money to retrain them in certain fields... I know a guy who was a marine and never had any interest in computers at all. He took some shrapnel in the face, so they went and trained him in everything he could learn in networking, and now he's freaking great at it. The same could apply to many other aspects of technology.