Slashdot Mirror
Two Android Apps Used In Combat By US Troops Contained Severe Vulnerabilities (zdnet.com)
According to a Navy Inspector General report, U.S. military troops used two Android apps that contained severe vulnerabilities in live combat scenarios. "The two apps are named KILSWITCH (Kinetic Integrated Low-Cost Software Integrated Tactical Combat Handheld) and APASS (Android Precision Assault Strike Suite)," reports ZDNet. From the report: Both apps work by showing satellite imagery of surroundings, including objectives, mission goals, nearby enemy and friendly forces. The two apps work as a modern-day replacement for radios and paper maps and allow troops to use a real-time messaging client to coordinate with other military branches, and even call in air-strike support with a few simple screen taps, according to a DARPA press release and accompanying YouTube video. The apps have been under development since 2012 and starting 2015, they have been made generally available to all U.S. troops via a public app store managed by the National Geospatial-Intelligence Agency. But according to a Navy Inspector General report from March that was made public today, both apps contained vulnerabilities that could have allowed enemy forces access to troops' information.
The heavily redacted report doesn't detail the nature of the two vulnerabilities, but it does point out that the Navy had failed to control the distribution of these two applications, and later failed to act in warning troops of the danger they were in for almost a year. The report says that the two apps, KILSWITCH and APASS, were never meant or approved to be deployed in live combat zones. But the two apps, because of their flashy features and easier to use interface, became wildly popular among U.S. troops, but also other military branches, including foreign allied forces.
The heavily redacted report doesn't detail the nature of the two vulnerabilities, but it does point out that the Navy had failed to control the distribution of these two applications, and later failed to act in warning troops of the danger they were in for almost a year. The report says that the two apps, KILSWITCH and APASS, were never meant or approved to be deployed in live combat zones. But the two apps, because of their flashy features and easier to use interface, became wildly popular among U.S. troops, but also other military branches, including foreign allied forces.
"call in air-strike support with a few simple screen taps" ...
"The two apps, KILSWITCH and APASS, were never meant or approved to be deployed in combat zones."
So it has an "airstrike" button, but it was never meant to be used in war zones. Where, exactly was it meant to be used? I suppose it would be useful for handling used car dealers and pay day lenders?
For every 10 triggerpuller "Failed jock-strap douche bags" as you put it, there is a literal army of support personnel. An infantryman is not fooling around with tech like this, that's commos job, and the reason their not all dead is in part because commo don't fuck around with toys like this.
As a commo guy who has deployed to Afghanistan during OEF, I can tell you... The toys are all compromised. Every piece of tech not deemed mission critical is 100% owned by all of the pirated entertainment that gets shuffled around in theater. Every soldier on an outpost has a laptop with enough pirated holywood content on it to shame even the most unabashed pirate back home. It's all traded like baseball cards, and run on any damn thing with a screen that can be found.
Cam rips are "publicly" screened in the USO lounge in Khandahar. There are some real tools that get real field usage, but your not going to read about them on slashdot.
I was given the chance to"Demo" a lot of this kind of toy. At the end of the day they all have the same problem. Reliability. Real fighting men don't use these stupid toys for the same reason they take the scope off their rifle when qualifying with it. They can't be trusted when it counts.
Also, fuck you, you whimpy little bitch. The failed jockstrap douche eating dirt on the other side of the planet is why your ass is still speaking english.
You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
Have gnu, will travel.
They get their software from a public app store? Do they get targeted ads during combat?
Yemen. Other people's war zones don't count.
Seven puppies were harmed during the making of this post.
Why would they even allow these apps on equipment that is also used to watch pirated entertainment? This sort of equipment should be locked down, with stuff like Bluetooth (and sometimes WiFi) physically disabled, USB ports locked, and connectivity restricted to the tactical network or whatever. You’ll have a hard time getting compromised apps on these terminals to exploit that weakness, let alone getting your apps to phone home. And that’s nothing new, rules for equipment running stuff at a certain level of classification already exist. If someone decided to distribute this app, which displays objectives, troop positions, fire missions etc. to every soldier on BYOD devices or open military issued ones, then someone “done messed up but good.”
As for soldiers using them, you’re only partly right. They will use these toys if they are deemed useful (the article suggests that this is the case). However if something gets in the way, the software doesn’t work, the network is down or there is a hardware issue, they will drop them in a heartbeat and fall back on other tools. Its not an aversion to high tech (on the contrary, they are just as eager to try new things as the rest of us are). Rather, it’s a low tolerance for defects. In the field, one does not have the time to fiddle around with iffy equipment.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...