Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoD Computer Forensics Lab to use Beowulf

Posted by Hemos on from the beowulf-clustering-for-everyone dept.

Doran writes "The U.S. Dept. of Defense is showing off its new $15,000,000 Computer Forensics Lab and it looks like they'll be using a Beowulf cluster to gleen as much info as possible from the computers they confiscate. Here is the story from Nando. An interesting aside is that they seem to be using Clinton's 'approval' last week to allow sale of more powerful encryption software as a justification to ask for $80,000,000 more for the Center. " Beowulf cluster mentioned, but not Linux, oddly enough.

5 of 86 comments (clear)

  1. Maybe Linux not mentioned b/c it's not Linux by Communomancer · · Score: 3

    As much as I love Linux, I hate to be the one to have to point this out, but the "reason" Linux may not be mentioned is that Linux may not actually be used.

    Beowulf is an OS-independent architecture; PVM and MPI, for example, both run on multiple OSes (even including Win32, IIRC). Now, I'm sure that it's probably running on some form of Unix, but it could just as well be FreeBSD or Solaris as Linux.

    Just thought I'd clarify the point a bit.

    --
    "UNIX" is never having to say you're sorry.
  2. Re:My question is.... by D3TH · · Score: 3

    You need to read the article a little better. This lab isn't just about cut up floppies..... It's a complete digital evidence handling facility. You might be amazed if you knew how much a blood evidence processing facility costs to stand up, for example. I am intimatly familiar with the lab, and know that the money being spent is being put to "good use". The technique for disk-splicing was originally developed to successfully prosecute a murderer. And besides the script kiddies which have been taken out of action, there are a large number of pedophiles, rapists, spies, and just about every other type of criminal you can think of that has been taken down with the help of the lab (which has been in operation (and using Linux) for over 4 years). And yes, the cluster runs Linux.

    --
    ---
  3. Re:My question is.... by Zoltar · · Score: 3

    You are correct, I'm sure they are thinking about many other things other than going after gangs of skript kiddies, but this is probably what John Q. Public wants to hear. I would guess they are concerned with international cyber-warfare as much as anything, but they don't want to scare the un-informed public so they say stuff like:

    "We have a multi-milllion dollar computer center to rid the country from crackers to make sure you can safely buy books from Amazon.com" And the public reads that and feels good about everything.

    OTOH, if they said:

    "We are terrified that a third world country could initiate a form of cyber-warfare on us and wreak havok with our computers and we really don't know what to do, so we are building this multi-million dollar computer center to try to combat that and hopefully drive some competent people to come to work for the government...etc"

    Well...you get the idea..They tell us what they think we want to hear, but I also think they can use this for recruiting purposes to get quality computer hackers to come to work for uncle sam. (Which is not a bad thing)

  4. No surprise. by Apuleius · · Score: 4

    It's not just cracking codes. If you have to find files containing evidence somewhere amidst all those MP3's, those clock cycles running grep and find begin to add up.

    Also, if you're scanning someone's drive for illegal images, it helps to automate a process so a human being doesn't have to mark which are illegal and which are netscape-cached Slashdot icons, for example.

    Finally, in case of a nuked drive, it's useful to the feds to be able to dd if=confiscated-drive of=beowulf and then let it chug along.

    And all of that beats this situation:

    NYT article that says law enforcement agencies routinely seize hundreds of thousands of dollars worth of computers and hard drives as evidence, but have so few computer experts that confiscated equipment can gather dust for months or years until someone decides whether or not they contain criminal information.

  5. If you really want to hide stuff from the Feds... by Paul+Crowley · · Score: 5

    ...you'll need plausible deniability. In other words, you'll need the Steganographic File System just released for Linux. It provides a uniquely powerful form of information hiding: you can type in a passphrase that reveals a certain amount of the disk, and there's no way of telling whether there are other, deeper passphrases that would reveal more. This means that there's no legal duress that can force you to reveal your most secret data.

    However, if the attacker is using rubber hose cryptanalysis, it means there's nothing you can do to convince them, once and for all, that the passphrase you've given them is the real, true, final passphrase. Could be painful...
    --

    --
    Xenu loves you!