US Navy Solicits Zero Days

msm1267 writes: The US Navy posted a RFP, which has since removed from FedBizOpps.gov, soliciting contractors to share vulnerability intelligence and develop zero day exploits for most of the leading commercial IT software vendors. The Navy said it was looking for vulnerabilities, exploit reports and operational exploit binaries for commercial software, including but not limited to Microsoft, Adobe, [Oracle] Java, EMC, Novell, IBM, Android, Apple, Cisco IOS, Linksys WRT and Linux, among others. The RFP seemed to indicate that the Navy was not only looking for offensive capabilities, but also wanted use the exploits to test internal defenses.The request, however, does require the contractor to develop exploits for future released CVEs. "Binaries must support configurable, custom, and/or government owned/provided payloads and suppress known network signatures from proof of concept code that may be found in the wild," the RFP said.

Ask the NSA

[quenda]

So much for post-911 interagency cooperation. While one agency is inserting weaknesses, another is having to buy then on the open market. Though the Navy approach is probably cheaper.

Re:Ask the NSA

So much for post-911 interagency cooperation. While one agency is inserting weaknesses, another is having to buy then on the open market. Though the Navy approach is probably cheaper.

Navy ain't an agency baby.

Re:Ask the NSA

But they have many of the same powers, so in this instance the term agency is suitable

Re:Ask the NSA

[CaptainDork]

Ask China.

Re:Ask the NSA

Chinese Triads have probably a nice catalog, ready to serve the most demanding of data appetites.

Re:Ask the NSA

The Navy has historically done their own basic R&D in many areas, not strictly limited to ships on water. They've also has a pretty good track record of succeeding, too.

Re:Ask the NSA

[quenda]

The Navy is always fighting the last war. In 1939 they had too many battleships. Now they have too many aircraft carriers and too many SSBNs. This wastes massive resources. A good thing they are paying at least a little attention to newer threats.

Re:Ask the NSA

Now they have too many aircraft carriers and too many SSBNs.

Ah, the armchair admiral has arrived. What is the right number, you think?

Re:Ask the NSA

[quenda]

The US has ten carriers. China, Russia and France have one each.

Re:Ask the NSA

So four, if the US has manages to piss off France completely. Three if France just ignores the US, and two if they are still willing to help.

Re:Ask the NSA

[aaaaaaargh!]

For example, they invented Tor.

Re:Ask the NSA

[DanJ_UK]

That's almost as hilarious as the 50 or so the UK has had in its time.

We have 2 new ones under construction in the UK and we only realised after we started building them that we don't actually have any planes to put on the them yet while we wait for our FGR4 replacements and our F-35s from you guys.

Re:Ask the NSA

[CrimsonAvenger]

The USA has obligations in both the Pacific and Atlantic (and arguably the Indian) oceans.

Aircraft carriers don't yet have teleportation technology, so it takes a while to move them from one side of the world to the other.

So, we need enough in each ocean to handle any conceivable problem. Plus extras to deal with required time in port (while a CVN can stay at sea for very long periods, its non-nuclear escorts require rather more time in port) and yards (even CVNs require time in shipyards every few years, which takes them out of service for weeks to months at a time (to years at a time in some cases)).

Plus there's the thing we learned in ww2 - when you get into a fight, bring enough stuff to guarantee a win. In war there are no Good Sportsmanship consolation prizes....

Re:Ask the NSA

[CrimsonAvenger]

The Navy is always fighting the last war. In 1939 they had too many battleships.

Two things:

1) the US wasn't involved in a war in 1939.

2) the US had exactly the number of battleships as allowed by the Naval Treaties of the time. And the US had exactly the number of aircraft carriers as allowed by the same Naval Treaties. Note that having fewer BBs then would not have affected the number of CVs in any way, since both were limited by treaty.

Oh, and in spite of the US having "too many battleships", it looks like they managed to win that war just fine.

And an aside - did you know that the US was the only major naval power to not lose a single battleship/battlecruiser at sea during WW2? And yes, we used BBs in the Pacific (including most of the ones sunk at Pearl Harbor - Arizona and Oklahoma were the only ones not returned to service).

Re:Ask the NSA

[bill_mcgonigle]

So much for post-911 interagency cooperation. While one agency is inserting weaknesses...

Did you think the Congress was going to tell the NSA to stop doing unconstitutional things and then the US Government, as a whole, would just stop violating the Constitution? As long as there's free money being printed (or kept off books through arms and drug sales), the activities will always just hop to a different group, and the Congress can keep playing Whack-A-Mole until a supermajority is compromised.

Then we get to see the Prisoner's Dilemma play out with big guns.

Re:Ask the NSA

Well I just slept on it and woke up with the clear answer. Obama and Clinton are fretting about the government debt, but the easiest way to deal with that is printing money. Back in the 90's somebody said that government bonds are the most secure investment above all, because of the government's ability to print money. If they owe you x amount of dollars, they CAN pay you x amount of dollars any time by printing it on paper. Of course that action might devalue the currency kind of like the Zimbabwe dollar got devalued by just constantly printing it without any value backing it, but you can have your money. As long as the US$ is world reserve currency, it makes it a luxurious option to pay any debt by simply printing paper money, putting it into a suitcase and shipping it overseas to whoever you owe it to. Unlike the Z$ which had no backing - as in what's the value of 1 Zimbabwe dollar, right? whatever the market is willing to pay for it in goods and services - the US$ has a tremendous backing from China and the like willing to provide a lot of value for very little $, partly to make their stake or debt holdings worth a lot, or interest they receive worth a lot. This situation is why China is seeking a different world reserve currency, and if they succeed, the US$ might go the way of the Zimbabwe dollar where printing it is of no use, well, you can always pay of x amount of Zimbabwe dollar outstanding debt through it, but like quicksand, if runs away between your fingers as value storage medium, and messes up the internal economy or whatever is based on it. So in this sense the government debt is a nonissue, and the issue is economic competitiveness and joblessness, welfare and unemployment payments and inability for businesses to compete, because the cost of living - housing, here comes Obamacare mandatory bills, utilities, taxes, etc - does not allow them to pay the same labor cost as paid in the countries where the jobs are getting outsourced too. So in this sense deflating the dollar or inflating is irrelevant when it comes to US government debt, because the government can always order printing money. The Fed is supposedly a privately owned institution whose chiefs inform the government of what they are about to do but usually take no orders from the government, and it's a bit complicated along that line, but it's like any arbitrary law including nationalization of all railways under the USRA during WWI and then reprivatizing back in the 20's is possible for the government, and it's like if you need money to pay of government debt nationalize the Fed, order them to print the paper money, fill suitcases of it, put them on a boat and send it to China and say here, we paid off all of our debt, then you can raise interest rates back to normal, and then your only task is reigning in cost of living, such as housing - i.e. improper allocation of resources and too high rewards reaped, whereby banks are milking the economy too much, expecting to take 80 gallons of milk from a cow when it can only provide 79 gallons and some of it is supposed to go to the baby cows, similar gripes with mandatory insurance purchases at arbitrary prices, or natural monopoly or such as utility or other monopoly price abuse, which used to be the job of the government to regulate - so once you can lower the cost of living closer to the rest of the world, they might shut businesses down there and outsource from there to here because of better profitability, and more vibrant economy, better infrastructure, productivity, lack of necessity of bribes to officials for any kind of permits and roadblocks in the way of conducting a business, etc. If they do that and deflate the dollar, then my idea that it's gonna inflate and it's gonna be easier to pay it off later might be wrong, but it would be hard to foresee a minimum wage at $8 going to $5 to $2/hr etc, which is what we're talking about. I'm thinking it's headed upwards, simply because you never get a rent decrease from any landlord, you always get a rent increase, while prices like at Walmart, some

Re:Ask the NSA

I don't think they have an early prepayment penalty for debt held by foreign interests, right? So there is nothing wrong with printing all that 18 trillion, or whatever proportion of that is held by foreign interests, and paying it all off at once right now, so you can raise interest rates back to normal without taking a hit having to send interest payments along with it overseas.

Re:Ask the NSA

And when it comes to housing, everyone wants more milk, and it's in banks and real estate agents, owners and everyone's interest except purchasers to inflate housing cost, and they do a great job at it too until they send the whole thing into a make it or break it crash situation. Housing is by far the greatest item of the pareto analysis of my budget, and everyone has been participating in this pyramid scheme over it, where a price of real estate is only dependent on what future purchasers might be willing to pay for it, as the pyramid scheme goes on, and it gives rise to zero principal interest only house purchases as have been prevalent around silicon valley around the late 90's during the dotcom boom, where it was difficult to find a house for less than $800,000. During a time when Federal minimum wage was $4.25/hr, x2080 hrs/standard work year, giving a gross of $8500/yr annual income. Insanity, right? 100 years to pay off a home purchase price making minimum wage and all gross income diverted toward that payment, including none left in excess for interest payments, property taxes (which usually add up to the purchase price every 20 years, so in 100 years you'd also have to pay 5x more that price in property tax too.) What are these real estate people and banks thinking. Well, during the dotcom boom years of the "new economy" it made lots of sense. Shifting paradigms. That was a key bullshit phrase by suits in the late 90's trying to bag a high paying manager salary where all you have to do is dick with powerpoint slides and bla bla bla to each other in meetings all day, discussing the weather, and sales figures.

Re:Ask the NSA

I think I read somewhere that you can fit about $200,000 in a suitcase as $100 bills, because of the size and thickness of paper money. So you need 5 suitcases to fit $1 million, 5000 suitcases for $1 billion, and 5 million suitcases to fit $1 trillion. If you can fit 5 million suitcases on a tanker ship, that's 18 tanker ships each with 5 million suitcases loaded with $100 paper bills to send to China and pay off all of the $18 trillion government debt in one shot. And they talk about the war on cash and paper money? Oh come on. Like how else you gonna get money out of nothing in an electronic form. I know, go into a government owned bank computer, change the available funds to 18 trillion - the government can do anything, nationalize private property, enforce building code by demolishing houses, print paper money, change numbers in computers - and then send it to China via one lump sum paypal payment, as in, here buddy, all of our outstanding debt is paid off now.

Re:Ask the NSA

In an ideal world of self sufficient yeoman farmers nobody would be loaded to the max with mandatory bills and participating in an economy would be optional. In that case the economy would truly mean allocation of scarce resources the proper way, without creating intentional destruction. Sending out a phoenix bit via a Windows Update to usher people along to upgrade and buy newer versions, to keep making money, is equivalent to creating tractors that intentionally last only 15 years before they rust away instead of 40 that could be economically possible where making the next dollar is not so paramount, even inducing intentional destruction. You can spur the economy via destruction, such as going down a street and smashing every window out with bricks, to create jobs for contractors, who in turn pay income taxes or spend that money at other businesses. That is not the purpose of the economy. But one often has to wonder into such territory when everybody is slave to a dollar and cannot exist independently in absence of bills, where all the expenses are voluntarily taken on, and in time of necessity one can withdraw and go back to a natural state of no bills whatsoever self sufficiency, of growing his own food, getting his own water and having an outhouse to treat the sewage. Increased mandatory bills like Obamacare, minimum charges from utilities, etc, when the bulk of the population is urban is the root cause of all these issues, including lack of food supply security to urban zones. I grew up in a town, but in a time when all grocery store shelves were empty and if it were up to the economy and to the government to feed the people everyone would have starved, and it came down to the surrounding villages with all their outlying lands confiscated but enough garden space from the way the villages were built resiliently with houses spaced out far enough from each other, where the garden land was not confiscated, well that allowed to generate surplus food and sustain small urban populations when the government or economy peddlers intention was to exterminate. Self sufficiency is always the last fall back in any dire situation, and DIY is the only thing that can be resorted to when you can't trust the government or even lawyers or doctors to take care of you. And it works, unless the powers that be mount a total assault on it. Duh. Fuck Obamacare. Fuck mandatory existence fees. Where the fuck am I gonna pull that money out of as a fee for being alive. My anus?

Re:Ask the NSA

Being able to print money (or just simply create it out of nothing as bank account available fund numbers) and obtain value from it is like slavery in a very abstract sense, where the welfare people who don't have to work for it are the slave masters, their government printing the money and giving it to them to spend at Walmart, and the Made in China laborers producing the goods and underwriting the value of of that printed money, unlike the Zimbabwe dollar, which had no such slaves toiling aways underwriting it or backing its value. And the whole thing works, it keeps Chinese people busy and off the streets away from unemployment lines, and it sustains the welfare machine well over here. It's a funny world we live in, ehh?

Re:Ask the NSA

I had a bunch of posts here about printing money.

Before the https://en.wikipedia.org/wiki/Nixon_Shock it was not truly possible to print money without holding an equivalent reserve of gold or silver, or some tangible value in reserve, which could be demanded to redeem a certificate of paper money. Today we have https://en.wikipedia.org/?title=History_of_the_United_States_dollar#Fiat_standard which is pretty much like a share or stock in a company, which can issue new stock and dilute the ownership of the previous stock holders, or buy back stock to increase the other shareholder's value, directly affecting inflation of deflation, i.e. stock price. The value of each dollar can be controlled so to speak by issuing new stock to spur inflation (on top of what stock price fluctuations already happen naturally otherwise as far as the value of a dollar is concerned) or withholding money supply, sort of a stock repurchase, to tame inflation or generate deflation. So to pay for all that outstanding national debt, the situation is simple, issue new stock to "raise money" by generating inflation of the dollar or drop of the value of each shareholder already having a share in their hands, i.e. start up the printing presses. Before the Nixon shock and the Bretton-Woods System of no freely floating fiat money new money printed had to be backed by equal reserves held in storage in gold, silver, or whatever, copper, maybe even cows (which might die and disappear though, unlike copper. But in Africa cash is pretty much cows in a lot of places, the backbone of the economy, able to digest cellulose, such as sawdust and paper, or just thorny dry desert bushes or savannah grass that only ruminants are able to consume.)
So anyway if the Nixon Shock were undone and any currency printed worldwide backed with tangible value at some fixed rate that is changed periodically, with equivalent value held in reserve to back the money supply, China would have no incentive to seek a different world currency than the US dollar, such as, when I shop on ebay I constantly get Canadian dollar offers, just to eventually switch to Chinese yuan, which I do see offers in, and credit cards or what not might charge a currency exchange fee, but if China succeeds in establishing their fiat currency as the world reserve, they can be the slave masters by freely printing it and the worlds economy backing it. With a Bretton Woods system in place, where all printed money is backed by tangible value held in place, in gold, or silver, or even copper, inflation of money is difficult, or happens in baby steps at a very controlled rate, i.e. the value of a lb of gold is pretty much the same from 1776 to 2015, with minor fluctuations, something that cannot be said about the value of one dollar though, which inflated seriously over time, mostly because of interest requirements of money today securely in your hand is worth than uncertain money tomorrow, so there is a need for a positive interest rate, just to make sense of any investments and risk taking. So when each printed dollar must be backed by value held in reserves, printing new money out of control is not possible, and having others underwrite it with sweat equity and freely collecting after it is not possible, and then there is no incentive to seek alternate world currencies, because each are pegged, fixed, periodically revised, but backed with disciplined reserves of equivalent tangible value in gold and what not. Of course then the Enron style lying begins, saying yes, we printed the money and we have the reserves, but those reserves are "somewhere" and we forgot where we dug and hid the treasure away, but maybe tomorrow we'll remember. So in that sense it's an unworkbale system, unless you allow China to inspect reserves held backing the dollar with their auditors, and vice versa, the US inspect euro and yuan reserves, take samples that it's actual copper or gold. Of course the inspectors would have to be flown and trucked there blindfolded in a Faraday cage that blocks satellite signals just so each country does not know where the others hide their stash. The Bretton Woods system is a silly setup too, ehh?

Re:Ask the NSA

The way out of this mess is of course going back to the old ways of "money" before it was printed on paper: coinage. With coinage the backing of value is carried within the money itself and there is no ambiguity about whether printed money is backed by a stash hidden somewhere, that would also be a prime target for foreign countries to keep track of on each other and go for in case a conflict breaks out. The solution is the same as Greespan has been touting: the elimination of paper money. There is a war on cash by banks these days, but the real war is actually on coinage, the small change money. Computer numbers and credit card numbers will always be fiat money, without tangible value backing with certainty, but even in the present era we have non-fiat money in the form of pennies, nickels, dimes, quarters, and lately half dollars and dollar coins too. It would not be too hard to issue $100 coins in gold or platinum, iridium, palladium, ruthenium, osmium, rhenium, etc, and in the $10-$20 range, which is presently the major workhorse of cash, widia (wi diamante, like diamond) "carbide" (i.e. tungsten carbide in cobalt or nickel matrix), which is presently used as steel drillbits (it's able to rip through raw steel at high speed) and it's extremely abrasion resistant. One of the issues with gold and platinum coinage would of course be the wear factor, that it would slowly wear away and be dispersed into the environment, but still, it's a good way to store nest eggs, like in a safe, or just at home. Of course banks would not want people banking DIY at home, that would remove working capital from their hands, so what are you gonna do? As long as they pay a decent interest rate on deposits - say 2-3%, that should be enough incentive in a low inflation era for people to deposit their gold or rhenium coinage for that income they'd get from it. But gold coinage is a good insurance against inflation. People have always had the right to collect metal coinage, and, especially as inflation makes the old issue ones many ten times their face value, store their wealth in it, as an inflation safe investment, better than a CD at a bank, which, under a world war or zombie apocalypse, or simply Obama asset freeze, kind of like it was instituted in Cyprus 2 years ago when the russian billionares depositing their money there tax free tried to do a bank run, so there is never a safe bank deposit compared to a gold coin you can hold in your hand, hide under your pillow or dig away in a secret location. In any case, if currency all was nonfiat carrying intrinsic value, then sending 18 tanker ships to China loaded with $100 face value platinum or tungsten carbide coins with $20 intrinsic value might be welcome by the Chinese, because that $20 guarantees that the face value is more stable too, and that they are probably getting their full debt repayment, moreover during a currency crash they'd get at least 20% back. That's a whole different situation from sending them paper money. And as inflation grows, that $20 intrinsic value should outgrow the $100 face value, like old silver quarters and dollars issues before 1950 presently do. Backing coinage with value carried within, even if not up to full face value, should cut down international currency war tensions. It's a much better way then the Bretton Woods system of printing paper money and promising not to lie about having a stash of gold, platinum or tungsten carbide to back it hidden somewhere, with giving you the rights to convert it to that, and ask for that gold or platinum. Obama could still make free money by controlling the global currency mints, (or the Chinese if they can push the yuan onto everyone by force) by buying $20 value platinum, minting a $100 coin from it, and then buying more platinum on that $100, (the face value always has to be higher than intrinsic value to be able to absorb inflation for a good while, few decades, to allow a positive interest rate and make investments and entrepreneurial risk taking worthwhile, else, with 0% interest, guaranteed by intrinsic value

Re:Ask the NSA

Well I saw scrap carbide on ebay for $9 + $3 S/H for 1 lb, which means 1lb of coinage currency as carbide would not carry that much intrinsic value, so you'd still have to resort to putting some iridium or what not into it to make it worth a lot. And that wearing it away and dispersing of precious resources like iridium into the environment from which it's difficult to recover in a concentrated form would be a constant issue. With carbide thats extremely wear resistant and not as rare as iridium, still, who wants to carry around more than 1/4 lb of coinage while going shopping for say $150 on you in cash coinage? Even with carbide it's best to keep it where it's used for its special talent purposes, such as ripping through raw steel at high speed, and, as long as you don't have a currency hell like the Zimbabwe dollar did, paper money and very abundant and corrosion resistant copper-nickel coinage for which it can be exchanged, works quite well. Btw I grew up in an ex commie country witnessing the joke of a communist economy with nickel plated steel small coins that stuck to a magnet, and also rusted away with the nickle plate peeling in various places, and aluminum larger coin that never rusted, but constantly wore away to a flat disk and you could no longer make out or see the features, except maybe like 25% on one side, so the US coins are like luxurious enough already when it comes to currency, and the paper part makes it light, low weight, to carry a lot of value in a small space, as long as that value is trusted and accepted and stable. But the above long winded discussion is something to think about and digest so when you're faced with a sudden currency hell and need to put a quick stop to it, pull all your reserves of precious metals and such, and issue $100 coins in it, change the fiat money into a currency with backing in person (does not need the Bretton-Woods system of international auditors blindfolded led to the stash backing paper money, in a Faraday cage to avoid satellite tracking and discovery by other countries where you hide the stash that backs the paper money, and even if they see you have trillions of value stockpiled somewhere and they underwrite it as genuine, not fake gold or silver or whatever, they still don't have a way to track how much paper money was issued under its backing, as people hide some paper money at home without informing anyone else of how much paper money they are hiding at home, like the government or the foreign auditors, so they could compare the total value of the stash vs. the total outstanding shares printed against it), so anyway, giving money trust by backing most of its value in person in precious metals is a way to put a sudden halt to any kind of zimbabwe hyperinflation, and the cost is wearing away scarce resources and dispersing them slowly into the environment, but it's well worth it under such circumstances of necessity.

Re:Ask the NSA

Or it can even be a way to moderate or tame desires to become the global currency to replace the US dollar giving ability to print it freely and have other people back it with work or whatnot. I keep seeing ebay deals only in Canadian dollars, and sometimes I bought but I much prefer US$ than Canadian, Australian or even yuan - a lot of the best deals are Made in China, like insanely low prices, but I think I yet to buy anything in yuan and pay like a currency exchange fee to credit cards, but if anyone else can get the right to control the dominant established world currency and print genuine unforged paper money in it with full rights, it's like they go print the money and everyone else works for it and provides value, kind of like slave owners "owned" the people and the land and gathered all the income from them and the other people did all the work for it. So everyone is aware of the situation, and you cannot really say that, say the treasury is not allowed to print dollar bills, that does not make sense, and if the chinese go and print a lot of yuan that may get some value within their internal economy where it does drop in value, but it's like an easily obtained subliminal tax from the different provinces concentrated up in the hands of whoever printed it, say in Beijing, it's a way to extract value from remote places in China without much effort, and should it be highly sought around the world, such as in South America, printing it and people over there providing a lot of value for printed yuan paper money would be a way to extract value to China from South America, money for nothing, chicks for free, that's the way to do it. So to mitigate such struggles in currency, and easy way to, even if not eliminate the problem, but to tame it is to put say $20 worth of precious metals backing $100 in person, so whoever is printing it does exert some effort and does hand over value, and yeah, they could still use that $80 difference to buy more gold or platinum worth $20 to make more $100 coins, but having to jump that hoop would suddenly drive up gold and platinum prices anyway, so it puts a limit on how fast you can "shit new coinage like diarrhea" from the minting presses, limited by availability of sudden bulk purchases of precious metals, unlike with paper money, where you can turn up the presses and shit 18 trillion worth of currency in no time and nobody can tell you just did. And of course issuing currency worth $100 backed by $99 value in a hyperinflation world instantly puts a halt to that inflation. The problem with the Zimbabwe dollar was the abundance, there was too much paper cash in everybody's hands and nothing to buy on it. The president paid everyone in printed cash, but in a poor country, everybody swimming in paper money their basement full of piles of it, trying to buy something scarce like a hammer or a nail for it, it instantly diluted the value. A policy of the Fed has been withholding or tightening the money supply, as in, not drowning everyone in free cash and nobody giving anything for it in exchange, and the situation gets exacerbated with welfare where any random housing cost is paid for by the government by changing numbers in a bank account, in a way, issuing new money as opposed to what the Fed is trying to do to limit the supply of money, but luckily, for now, China is willing to underwrite all that by giving you great deals for that printed or issued money in the form of very low prices for Made in China stuff at Walmart, and presently they are stockpiling it for themselves, but they do get pissed about it, when in turn they have to take that $1.50 they provided a lot of value for, and when they try to shop in the US for the same thing they have to pay $15 or $75, all because the housing cost in the US does not allow the same thing to be made for $1.50. But as long as they keep working, saving it up in their bank accounts and only spending it at home, not trying to come shop with it over here, you can prolong the situation. They did bring their savings to the US though during the housing

Re:Ask the NSA

And when the Fed restricts the money supply - such as, they receive worn out paper currency and they destroy it and they don't print or issue equivalent new ones - it's like they are returning value to remote regions, say that cash was obtained form New Mexico by giving them something in return, and now it's destroyed, it's like you just gave them that stuff for free, together with increasing the value of all outstanding money, like a stock repurchase, as opposed to when you issue money, like you issue stock, you both dilute all outstanding share values backed by the company value estimate, and you get free value from it concentrated in your hands, sort of like, whatever you buy on it from New Mexico, you got that for free from them into Washington. It's like a way to collect tax from there, and diluting the outstanding values at the same time, because they are not really paying a tax or willingly sharing their income, so instead the "loss" is spread uniformly across the board over all outstanding shares of whoever holds dollars on their hands.

Re:Ask the NSA

That's why I posted that railroad tycoon game on youtube. It makes it really easy to understand issuing stock, repurchasing stock - including repurchasing all the way to become the sole owner of all stock no longer subject to other investor scrutiny on performance (like Dell recently went from being publicly traded to a private company, where they don't have to disclose their books to the public - though there are still private stock shares dealt with with disclosure of the revenue and profits in that private sphere, or private local mini-stock-market, but not with the public at large like it happens with the markets on Wall Street, so the way Dell went private is probably by making bulk repurchases of all publicly held stock with their stash of cash pile on their hands, until there were zero left being traded publicly so now they can close their books and no longer have to file income reports, cut that cost of theirs or even auditor requirements, like with Enron, that was audited, funds hidden in a shell-game, stock prices inflated, and then easy money extracted from those inflated stock prices by issuing new stock) - , short selling, buying on margin, and how it's impossible to create or even run a company without stocks and bonds and financial tools available - there are some commie scenarios where the stock market functionality is suspended, and it's like being in a straitjacket paralyzed, you know you could make money right now if you only had the funds to build a station, tracks and buy trains, but lacking availability of loans and investments, you have to wait til you can save up little by little and the years go by fast and you never have enough time to complete the scenario objectives by the deadline. By the way one unscrupulous way to be able to repurchase all public shares in Railroad Tycoon game is to intentionally crash the stock price by selling all your stock first at high price, stopping the trains with cargo just before they enter their destination cities, and hold them there for 2 years, and right before the board of directors fire you as a chairman (if you don't already have 51% share of stocks, in which case you can just "assume chairmanship" right back), so after 2 years of losses the stock price is crashed, and you can repurchase many shares, say now the stock price crashed to $10/share and it used to be $50 two years ago when you sold it and stopped all the trains to not make any deliveries and generate any income, making it appear to the stock market that you're struggling and the company is doomed, so often a single crash like this over 2 years, or two of them one for two years, run for 5 years, crash again for 2 years, often gets you the objective achieved, such as the gold medal dependent on achieving certain level or personal net worth. Of course such subtle takeover or ownership percentage manipulation behaviors are not as stark in the real world as stopping a locomotive right at the gates of a delivery city for two years to crash the stock price, but self interest is a strong driving force and people do subtle things in their own personal interest at the expense of others. It's a very educational game, both the good, the bad and the ugly of capitalism comes through through it in a funny way, but I don't think anyone can come up with anything better than a world full of investments and financial dealings, and the major issues are really the failures of regulators, including not having enough spies inside companies to know what's going on, such as one tycoon doing unscrupulous things that does not benefit the public in order to enrich himself and get on the list of billionaires. There are ways to get on it in decent ways, and in indecent ways. But everybody is at it, jumping up and down for dollars like a dog for a piece of bacon, and you can never have enough of it, sometimes by necessity.

Re:Ask the NSA

One of the things about nonfiat money such as currency minted in gold, and having a high embedded value within the currency itself, say 95% face value, that, unlike with paper money where you can suddenly shit an infinite amount from the presses and deliver 5 tanker ships to a foreign country to pay off debt, via, sort of issuance of new stock and diluting prior shareholder value, i.e. driving up inflation, with a currency minted in pure gold, as you try to suddenly mint a large amount, and have to acquire that gold, the price of gold would go up above the face value, so you can only do it at a moderate rate. And when the embedded value equals the face value, say 99%, not 20%, it's like your currency is gold itself, you're bartering everything in gold, and you no longer have an independently freely floating currency like a dollar, even if the coin says dollar, but if it's minted at a 100% embedded value, same with the chinese yuan or european euro, then all currency is equivalent being gold itself and there is no reason to struggle to become the world currency. Of course you only have to meet it halfway or as close as necessary to mitigate making the effort worth to takeover as the world currency, or, if you want to boycott, you can always make your own currency gold or platinum or whatnot, silver, osmium, etc. But with currency issued it pure gold, new issuing and having to acquire the gold to mint, which drives up the price of gold itself, not vs. the dollar which, minted in gold will simply be the value of gold, but vs. other goods and services, such as cattle, bushels of corn, pork rinds, tons of fertilizer, etc. So when you mint nonfiat currency at near face value, the newly issued coinage actually drives up the present price and value of that currency, without really affecting the far future price much, simply because minting it drives up the gold price required to mint it, temporarily, which should slowly settle down, unless minting continues, and if it does, then true, it may lead to some kind of sudden crash situation later in the future. As long as gold is scarce - such as we don't find gigatons of it at the core of the Moon via a big dig, but we only find nickel whose abundance would drop nickel prices, and via that, renewable storage battery prices - so as long as gold is scarce, currency stability of the dollar pegged against it, or embodied into it, is kind of guaranteed, better than any kind of freely floating paper money, and as long as it's scarce, inflation is absent. There is probably a certain minting rate vs. % face value, say 80%, that hold inflation at zero for the near future, because issuing new stock to acquire funds without giving over value (such as paper stocks diluting prior shareholder value, and issuing gold coinage at 20% face value is somewhat like issuing paper money at 0.0000001% face value (the paper is good for toilet paper, there is "some" intrinsic value), so that 80% you still freely acquire, which drives up inflation and dilution of the value of the dollar. So there has to be some kind of % face value, say 68% or 89% or whatever, at which issuing new currency and acquiring that leftover 32% or 11% freely is compensated by the near term rise of the price of gold due to increased market demand to issue, so the near term inflation is zero, and the long term inflation is just what it would have been if 32% or 11% of value was issued out of nothing, so later there is a more sudden crash, but in the near term you can hide the fact that you just issued a ton of non-fully-fiat currency, while if you issue at full face value, 99% or 100% in gold, then issuing new money temporarily causes a deflation because the relative price of gold increases temporarily, and in the long term it would still inflate back to present value, long term inflation would be absolutely pegged to zero, as long as we assume the price of gold never moves, it's rock solid, on supply/demand, because it's always scarce, and there is a steady demand for it, simply because it's always scarce and it's a corrosion proof

Hitler would love this...

'Nuff said.

Nothing new

[evilrip]

This is nothing new at all, sadly. Things like this have directly lead to less openness amongst hackers an has lead to an influx of shady interests trying to gain favor. From the bottom of my heart I sincerely hope you burn in this thing they call hell if you sell these monkeys these weapons of mass destruction to make a buck. They have no clue what power they wield.

That's Not How You Do It

[Greyfox]

1. Get government to create a security rating (required for government contracts) that requires software audit reports.
2. Have companies submit reports to you as part of the process.
3. Charge companies for the security rating and reviewing their reports.
4. Profit AND build a repository of zero-days.

Why....

[Luthair]

does every agency and division of the military need to do this? Seems like the classic not invented here syndrome and a colossal waste of tax payer money.

Re:Why....

[ShanghaiBill]

does every agency and division of the military need to do this? Seems like the classic not invented here syndrome and a colossal waste of tax payer money.

The Soviets are our adversary. Our enemy is the navy. -- Curtis LeMay, General, USAF

Re:Why....

Of course the Chair Force would be opposed to the Navy. The former likes to fly desks, and the latter likes to ship.

Security and 1984

[Iamthecheese]

Little is more Orwellian among our government's many exploits than its attempts to break into our computer systems.

The ever-present security camera? That's bad, but it's still out in public. It's on the street, maybe in the stores. They're not in your home, not yet. Rubber stamp warrants? That's worse: It allows targeted invasions of privacy. But at least it requires a the resources of a human with a paycheck and his own sense of morals. But breaking into computer systems? They're in our pockets, in our homes, and have access to every bit of our modern lives. From shopping lists to love letters to medicine prescriptions they contain whole lives. Snippets from every trip you've taken are encoded there.

And a program doesn't have a sense of right and wrong. It will never refuse to spy on ethical grounds. It won't bring things up to the attention of oversight committees. It won't make anonymous calls to the ethics line. It won't refuse to work, leak information, or demand orders in writing. A program will quietly do as its told, wherever it can. Above all prying surveillance I believe ubiquitous IT access by the government needs to be contained.

"share"?

[turkeydance]

no. not that.

Navy?

[codepigeon]

My first thought was why in the world would the navy want these capabilities, but then I remembered reading a story here that discussed the use of windows NT to run a ship. I suppose the navy is looking for the ability to take out opponent ships control computers?

Re:Navy?

No, this is just SOP with the armed services. Some time ago, the Air Force put together a cyber command structure so now the Navy wants one. Bailiwick and all that.

Re:Navy?

No, this is just SOP with the armed services. Some time ago, the Air Force put together a cyber command structure so now the Navy wants one. Bailiwick and all that.

Historically, you got that backwards.
The Air Force has wanted to do what the Navy has been doing since forever, but the USAF has always been the red-headed stepchild and pretty much ignored or shot down.

Re:Navy?

... or shot down.

I see what you did there!

You think they trust NSA?

Ask the NSA

You trust the NSA?

I can't speak for anyone but I suspect the Navy brass do not trust the NSA either

This has been happening since day one

[Taco+Cowboy]

How many years it officially took the hackers to stumble across the existence of the embedded NSA backdoor inside MS Windows??

Way before the news of that 'discovery' was told to the world, a friend of mine found it, but was told to 'shut up or else' by his then boss

Apparently they (and many other people) already knew about it for quite a while, but none of them bother to tell the world about it

One wonders if/how Microsoft, Apple, Oracle, etc.

[Burz]

...respond to government requests for zero-days, whether official or unofficial.

and yet real secuirty research is all but outlawed

[onproton]

I am finding it harder and harder to accept that the people in charge of these types of programs aren't aware of just how glaringly hypocritical they are. I can't help but be reminded of the quote:

We grow up in a controlled society, where we are told that when one person kills another person, that is murder, but when the government kills a hundred thousand, that is patriotism.
- Howard Zinn

Find a zero day and report it to someone who might fix it, that is criminal. Find a zero day and report it to the navy, you've done a service for your country. There is a unfortunate disconnect when the things the government does in the name of keeping us safe, end up making us all decidedly less safe in the end.

This is how you do it now

You cant disadvantage foreign companies/intelligence agencies by creating new rules, without them suing you under the new proposed trade treaties.

I would have made $x but you changed the rules, pay up!!

Re:One wonders if/how Microsoft, Apple, Oracle, et

If they want to keep their business going internationally, they'd better not give them anything without a fight. Especially now considering that Snowden's leaks made a lot of people, both inside and outside the US, wary of US made software / hardware.

Actually, I wonder why they would want to post such a thing to begin with? The best thing for them (the US) would be to give lip service to reforms while moving and re-securing their espionage activities out of the public eye. By posting this request to the web, they are effectively giving everyone inside and outside the US more proof that the US is not their friend / ally / etc. when it comes to technology, and that anyone and everyone, regardless of where they are, should avoid US technology products and services AT ALL COSTS. "US technology is ABSOLUTELY NOT TRUSTWORTHY AT ALL, it is ALL co-opted by us for our own purposes, and WE WILL USE IT TO OUR ADVANTAGE, we don't care if you know about it or not." That is what the US is saying with this post, and it will come back to bite them when other countries come in to capitalize on the untrustworthiness of the US and seek to replace them.

The sad thing is as a result, the US will utterly destroy it's technology sector and any influence over international technology development and manufacturing it had. It's my opinion, but I foresee future layoffs and more unemployment for US technology workers, as the bad behavior of the US government causes increasing international mandates for any serious development effort to occur completely outside of the US and it's jurisdiction as a security measure.

outsource to china

outsource to china because it is cheaper

Liberty/security

[mwvdlee]

So now that the government is making life a little less secure, does that mean we also get back some liberty?

Re: Liberty/security

No. We have a strict no returns / exchanges policy.

- The Government

"Responsible" disclosure

Does anyone still believe that "responsible disclosure" helps anybody other than the attackers and the marketing department?

Full disclosure is the only responsible form of disclosure. The term "responsible disclosure" is like the "Democratic People's Republic of Korea".

How does it work

Could a warship hack another ship and/or land based business? How would that work?

Would be bad if US Navy first provokes someone by hacking their stuff, and if hacked in return (maybe exploiting some automated response), they open fire. I just know too little about the technical stuff here to make this sound really plausible.

Wow ...

[gstoddart]

So when the US Navy and other government agencies are publicly looking to develop exploits ... I think they've pretty much said "go ahead and hack us".

"Because we're the Navy and therefore allowed" suggests you now have a giant target on you.

So I sincerely hope the black hats of the world take up the challenge. You can't piss and moan when other entities do it, and not all of your stuff will be properly hardened.

Time to make popcorn, and settle in and wait for someone to decide to burn the Navy's computers to the ground.

This shit is precisely why consumer devices need to have solid, robust crypto which hasn't been crippled so that assholes like this can spy on us. Time to stop pretending we trust them.

Navy did signals intelligence first

[raymorris]

The navy has been doing signals intelligence for a hundred years or so. Ships do two interesting things - they communicate with their allied forces via radio using giant antennae, and they loiter close to enemy territory, and therefore enemy communications. It's only natural that they would point their large antennae at the enemy, and they've been doing so since just after radio was invented.

The navy also legitimately brings large numbers of personnel into foreign ports on a regular basis. It's only natural to give some of those sailors varying degrees of training in keeping your eyes and ears open while on foreign soil. Thus, the Office of Naval Intelligence has long been a significant part of our foreign intelligence capability.

Navy has long done this. They hang out near foreig

[raymorris]

The navy has been doing signals intelligence for a very long time. Ships communicate with their allied forces via radio using giant antennae, and they loiter close to enemy territory, and therefore enemy communications. It's only natural that they would point their large antennae at the enemy, and they've been doing so since just after radio was invented.

The navy also legitimately brings large numbers of personnel into foreign ports on a regular basis. It's only natural to give some of those sailors varying degrees of training in keeping your eyes and ears open while on foreign soil. Thus, the Office of Naval Intelligence has long been a significant part of our foreign intelligence capability.

Excellent

More of this, please: government funding of security research that must produce a CVE.

so far you get 50x more for sharing 0day with spooks than with the vendor, and that's only compared to top vendors like Google. Shit vendors like Cisco will give you $0, threaten the conference you're addressing to kill your talk, and then try to get you prosecuted---it is a recruiting pitch of NSA, "you can do what you love without legal worry," basically military-industrial cooperative blackmail. But even without that there is an enormous premium on being evil, like an early-retirement level premium.

Novell?

[forty-2]

Are they also soliciting attack vectors for SCO, VMS, BeOS & CP/M?

Re:One wonders if/how Microsoft, Apple, Oracle, et

Here's an account on our internal Bug tracker. Have at 'er.