Slashdot Mirror
Air Force Looking To Beef Up Spacecraft Network Security
coondoggie writes "How is spacecraft development — from the space parts supply chain to actual space operations — protected from those who would try to penetrate or disrupt the networks involved in that process? The U.S. Air Force Research Laboratory (AFRL) has put out a call for research to understand that security scenario. They say, 'we are much less concerned about information on the broader themes of cyber-security but rather those that pertain to the mission of the spacecraft, the spacecraft as a platform, the systems that constitute the spacecraft, the computers and their software, the busses and networks within, and the elements that interface to the spacecraft.'"
If you cannot control every single aspect of the spacecraft platform they had better just plan around having been compromised already.
What?... Spacecraft? Wasn't it Starcraft?
Wow, dude. I once played that old game too! We are like brothers, you and I.
Don't buy from China, develop and manufacture domestically instead?
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Or in other words, how do we hide the fact that this space craft is operated by an A.I. and its mission is to service radio transmitters used to interface with the human brain and central nervous system? Oh, and how do we hide all that tech from the media???
Did somebody just now get around to watching Independence Day?
The Cylons will get in and control all the systems right away if they are networked!
The NASA guys must be mad if they are even thinking about it.
Do not look at laser with remaining good eye.
Microsoft is well known for the security practices, if anyone wants the best security they can buy, go with Windows 8 RT. There are no known viruses or malware for the Operating System. Of course there are no applications either.
I don't know what rad-hardened storage is out there that can be used, but if security is critical, there is always the good old fashioned one time pad.
OTPs could be consumed directly for maximum security commands, or used as a way to encrypt a Diffie-Hellman session key generation for stuff that needs less security. The session key can be used without drawing down the random number pool.
Of course the ultimate downside of OTPs are that when the number pool is exhausted, you are fscked, so trying to use the pool as little as possible is important.
No one should be subjected to your joke.
How is spacecraft development â" from the space parts supply chain to actual space operations â" protected from those who would try to penetrate or disrupt the networks involved in that process?
Well, I'd start by asking Gary McKinnon... :p
Somebody's looking for a big bump in military spending, I think.
I wonder how high the percentage of Air Force brass that end up working as "consultants" in the defense industry to supplement their pensions from Uncle Sam? I wonder what they're expected to "deliver" to their new employees for those fat consultancy contracts?
You are welcome on my lawn.
oblig xkcd - http://xkcd.com/463/
From 2011: http://it.slashdot.org/comments.pl?sid=2368162&threshold=0&commentsort=0&mode=thread&cid=37016386
"Twirlip: Towards a 21st Century Worldwide Public Intelligence Desktop Platform for Collaborative Sensemaking, Analysis, Risk Assessment, and Horizon Scanning"
Around them, I also put together another proposal to collect and organize stories about security issues as a modernized "Risks Digest" using software like my wife desiged my wife wrote called "Rakontu":
http://www.rakontu.org/
Another spin on that from this month:
https://www.newschallenge.org/open/open-government/submission/civic-sensemaking-by-working-with-stories-using-rakontu/
With some more code links and a video here:
http://twirlip.com/
See also:
http://www.phibetaiota.net/2011/09/paul-fernhout-open-letter-to-the-intelligence-advanced-programs-research-agency-iarpa/
From 1999 to NASA, some ideas about rethinking our manufacturing infrastructure systematically and in an open source way:
http://www.kurtz-fernhout.com/oscomak/
And also to DARPA in 1999: ... I also don't think we have a significant choice. Such self-replicating and self-repairing systems will be developed eventually anyway, if only from commercial competitive pressures. The only thing we can do is slow down their development. Yet that has its own risks of our current infrastructure being overwhelmed by current weapons of mass destruction or sophisticated terrorism. Also, should such self-replicating technology be developed first clandestinely by an oppressive regime, the consequences for the United States could be disastrous."
"DARPA Progam Manager Position on Self-Replicating technology"
https://groups.google.com/forum/?hl=en&fromgroups=#!msg/virgle/feS-LaqnFyM/z0sqkvvCx2QJ
"We of course need to minimize military tensions around the world through arms control, international aid, and setting a good example. This delays the culmination of these other trend to war, but in my opinion will not prevent them because of ever-present potential for a small group of unstable people to use weapons of mass destruction.
From 1987 for grad studies on improving security via self-replicating space habitats:
http://www.pdfernhout.net/princeton-graduate-school-plans.html
A long string of failed proposals. :-)
Well, at least I can still try to promote great ideas by others that have met with more success: :-)
"A Conceptual Framework for System Fault Tolerance"
http://hissa.nist.gov/chissa/SEI_Framework/framework_1.html
And I can keep on working towards those other ideas as very limited spare time permits.
I guess I am mostly just a creation of 1960s-1970s TV about our future in space -- to keep banging my head against the wall of space and security for decades? :-) Star Trek, The Starlost, Space 1999, Silent Running, Battlestar Galactica, Buck Rogers, Lost In Space, Thunderbirds, and so on... And way too many sci-fi novels. :-)
A 21st century issue: the irony of technologies of abundance in the hands of those still thinking in terms of scarcity.
If the enemy does not know the prefix command code of our spacecraft, then they cannot remotely command it to lower its shields.
Wow, dude.
I prefer Diablo.
Unlike other cyberattacks, that one probably needs the attacker to show up. You need a good antenna, which I suspect is visible from spy satellites. If attack can be attributed reliably, then ballistic defense is possible.
Better include Faraday cages against EMP.
You gotta admit that first dogfight scene in Battlestar Galactica is pretty shocking. Someone at AFOSR must've just watched it.
Don't you need a spacecraft....before you can even consider how to secure its communications?
I only look human.
My mother is a halfling and my dad is an ogre, so that makes me an Ogreling
THIS is why he's doing it & proof of it, here -> http://interviews.slashdot.org/comments.pl?sid=3585927&cid=43295193 when others pointed out Jeremiah Cornelius forgot to submit one of the "first post spams" (masquerading as myself, by posting as AC & using some old posts of mine or other b.s. he put up), & JC mistakenly submitted one of the impersonations of myself as his registered 'luser' name here on /. forums.
Pretty pitiful actually, but like every up to no good idiot does? He screwed up & submitted it under his registered 'luser' name here, instead of his ac submittals he's been doing.
* Jeremiah Cornelius: DO YOURSELF, and the rest of us, A GIANT FAVOR MAN: Seek professional psychiatric help!
(Since Jeremiah Cornelius obviously can't get over the fact he made a spelling error on what it is HE ALLEGEDLY DID FOR A LIVING? That's not MY fault... it's HIS!)
APK
P.S.=> I seriously must have dusted JC (in his mind @ least) for his BAD spelling error & it "got his goat"...
I.E.-> Catching what he claimed to do as a job, for YEARS he left "PENETRATION" (correct) spelled as "PENTRATION" (incorrect) on his resume on LinkedIn & I pointed it out as he & his friends trolled me as usual (webmistressrachel, gmhowell, & crew (probably ALL JC no doubt using alterate emails or TOR to do it as a possible - I've caught "them & theirs" doing it before, ala Barbara, not Barbie = TomHudson (same person))).
So THAT is what has gotten his goat in a technical debate & his "geek angst" could only come up with *trying* to "impersonate me" in every news thread on /. for the month of March 2013 so far!
(Just to attempt to 'discredit me' as a spammer here obviously)
Doing so, by posting that "$10,000 challenge" &/or reposts of my old posts on hosts file value to end users into EVERY SINGLE NEWS ARTICLE POSTED on /. ...
It's all I can think of that *might* cause such a mentally troubled 'reaction' like the Jeremiah Cornelius is doing & there's NO QUESTION he's the one doing this spamming of nearly every posted article masquerading as myself...!
... apk