The army's supposedly coming out with the OICW in 2004, which has a bunch of new features, including a range of up to 1000 meters (the M16 has a max. range of 400, and thats with really good training)
Given that the M16 and the OICW are both chambered in.223/5.56NATO, there's no way it's going to be good for 1000 meters, as that's a limitation of the cartridge design not the gun. The OICW is also a bullpup design, but still has a short barrel, decreasing maximum effective lethal range. The OICW uses the same magazines as the M16. Even.308/7.62NATO isn't really good to 1000 meters because of it's vulnerability to wind interference.
The OICW is a waste. Give any soldier the choice between a set of combat gear or the scorpion suit, and he'll choose the combat gear. Give him a choice between the OICW or an M16, and he'll choose the M16. Why? Because when your life is on the line complex systems fail more often than simple systems and they can also get in the way. When you're on the battlefield and people are shooting at you, you want to be able to shoot back. When you have to reboot your gun or your combat helmet is on the frits, these are bad things. Moving to the latest new fangled gadgets does not make a successful armed force.
This is why smart guns will be a flop. The Glock firearm design is currently the most popular modern design on the market because it is a simple design that works. It has very few moving parts compared to other semi-auto pistols, and that means it tends to be much more reliable than other designs. When you start introducing computer controls, fingerprint scanners, and the like things get much more complicated much quicker and I personally would hate to lose my life because my smartgun crashed while someone was kicking down my door.
The most venerable machine gun designs were from guys who weren't working for the government. Guys like John Moses Browning who designed the majority of the military machine guns in US history and many still in use today. The.50 BMG (BMG = Browning Machine Gun) guns you saw mounted on those armored vehicles in Iraq were a Browning design. And it was Gene Stoner who developed the original AR-10 machine gun, which was redesigned into the M16. Now the US has outlawed the kind of work Browning and Stoner did, and given the excessive excise tax required to become a Class II manufacturer, it's unlikely that you'll ever have that kind of innovation again. Trying to build a machine gun makes you a federal felon with an instant 10 years at Club Fed, and we're talking the pound you in the butt prison, not some country club.
Today's combat weapons are made by large military contractors who move at a snails pace. Browning was turning out multiple designs per year. You'd think with all the backing these big defense contractors have, they could at least keep up.
Until they start putting authentication at Layer 2 in WiFi, this is a really dumb idea. Given that 802.11 control messages are unauthenticated, it's going to be really neat to actually be able to DoS people's cell phones. The next time some idiot talking on the phone while driving nearly runs you off the road, you can literally cut off his phone. The same in movie theaters. Maybe this isn't such a bad idea after all.
All it takes is sending WiFi deauth control messages to the broadcast MAC and your phone won't be able to associate with the network, nor will any WiFi device in the vicinity. There's already code that exists to do this now on Linux for 802.11b, and it wouldn't take much for someone to write code on their own to do it with libradiate.
WiFi would be great technology, if the IEEE hadn't been boneheaded about securing layer 2.
I don't trust any "real world" shootout that doesn't show how the IDS were plugged into the network, how they determined an attack, and other such key points. You can't just say "we plugged it in and nothing worked." IDS are much more complicated than that. How and where were they plugged into the network fabric? Were they using switch port mirroring or passive ethernet taps at the uplinks? How do they know these attacks happened without initiating them themselves? That last one is the biggest single problem with "real world" testing. Unless you're launching the attacks yourself you do not know, and unless I missed it, they were relying on attacks to just happen out of the blue.
Now, they do raise some important issues with the backend storage of events and the need for clarity with the false positives and false negatives, but many of these can be dealt with by implementation of a real-time security console that does some form of event correlation from multiple security devices that says "The IDS sees this as a problem, the firewall sees it as a problem, and the target sees it as a problem. It's probably a problem. RED ALERT!" It's a much more intelligent way of dealing with events than just forwarding each one to a pager.
We've always said security is a process which must be maintained and firewalls/IDS systems are not a panacea to network security. As someone who's been responsible for a large scale IDS roll-out at Enron Broadband Services, where we were ISS' single largest customer for RealSecure before everything went to hell, I feel confident saying that Network IDS is a very useful tool, provided you keep it out of the hands of people who have absolutely no clue what they're doing with it, like the three gentlemen who are responsible for this article.
You're right, it is. That's why a lot of us like the BSD license more than the GPL and it's "free software" variations. Not that the GPL doesn't have a place, but when it says "Free software," I want it to be free in all ways.
He didn't just write ping. He was also responsible for implementing raw ICMP sockets in the 4.2b BSD source, which not only allows ping to work, but traceroute as well. Muuss also wrote TTCP, as well as invented the concept of the default gateway. He was also one of the first people advocating widespread use of TCP/IP and UNIX among government entities that were outside DARPA. Without guys like Postel, Stevens, and now Muuss, it's very likely that UNIX, TCP/IP and the modern Internet as we know it wouldn't be the same. Check here for his achievements in his own words at Internet-history.org.
Slashdot Mirror
The army's supposedly coming out with the OICW in 2004, which has a bunch of new features, including a range of up to 1000 meters (the M16 has a max. range of 400, and thats with really good training)
.223/5.56NATO, there's no way it's going to be good for 1000 meters, as that's a limitation of the cartridge design not the gun. The OICW is also a bullpup design, but still has a short barrel, decreasing maximum effective lethal range. The OICW uses the same magazines as the M16. Even .308/7.62NATO isn't really good to 1000 meters because of it's vulnerability to wind interference.
.50 BMG (BMG = Browning Machine Gun) guns you saw mounted on those armored vehicles in Iraq were a Browning design. And it was Gene Stoner who developed the original AR-10 machine gun, which was redesigned into the M16. Now the US has outlawed the kind of work Browning and Stoner did, and given the excessive excise tax required to become a Class II manufacturer, it's unlikely that you'll ever have that kind of innovation again. Trying to build a machine gun makes you a federal felon with an instant 10 years at Club Fed, and we're talking the pound you in the butt prison, not some country club.
Given that the M16 and the OICW are both chambered in
The OICW is a waste. Give any soldier the choice between a set of combat gear or the scorpion suit, and he'll choose the combat gear. Give him a choice between the OICW or an M16, and he'll choose the M16. Why? Because when your life is on the line complex systems fail more often than simple systems and they can also get in the way. When you're on the battlefield and people are shooting at you, you want to be able to shoot back. When you have to reboot your gun or your combat helmet is on the frits, these are bad things. Moving to the latest new fangled gadgets does not make a successful armed force.
This is why smart guns will be a flop. The Glock firearm design is currently the most popular modern design on the market because it is a simple design that works. It has very few moving parts compared to other semi-auto pistols, and that means it tends to be much more reliable than other designs. When you start introducing computer controls, fingerprint scanners, and the like things get much more complicated much quicker and I personally would hate to lose my life because my smartgun crashed while someone was kicking down my door.
The most venerable machine gun designs were from guys who weren't working for the government. Guys like John Moses Browning who designed the majority of the military machine guns in US history and many still in use today. The
Today's combat weapons are made by large military contractors who move at a snails pace. Browning was turning out multiple designs per year. You'd think with all the backing these big defense contractors have, they could at least keep up.
Until they start putting authentication at Layer 2 in WiFi, this is a really dumb idea. Given that 802.11 control messages are unauthenticated, it's going to be really neat to actually be able to DoS people's cell phones. The next time some idiot talking on the phone while driving nearly runs you off the road, you can literally cut off his phone. The same in movie theaters. Maybe this isn't such a bad idea after all.
All it takes is sending WiFi deauth control messages to the broadcast MAC and your phone won't be able to associate with the network, nor will any WiFi device in the vicinity. There's already code that exists to do this now on Linux for 802.11b, and it wouldn't take much for someone to write code on their own to do it with libradiate.
WiFi would be great technology, if the IEEE hadn't been boneheaded about securing layer 2.
I don't trust any "real world" shootout that doesn't show how the IDS were plugged into the network, how they determined an attack, and other such key points. You can't just say "we plugged it in and nothing worked." IDS are much more complicated than that. How and where were they plugged into the network fabric? Were they using switch port mirroring or passive ethernet taps at the uplinks? How do they know these attacks happened without initiating them themselves? That last one is the biggest single problem with "real world" testing. Unless you're launching the attacks yourself you do not know, and unless I missed it, they were relying on attacks to just happen out of the blue.
Now, they do raise some important issues with the backend storage of events and the need for clarity with the false positives and false negatives, but many of these can be dealt with by implementation of a real-time security console that does some form of event correlation from multiple security devices that says "The IDS sees this as a problem, the firewall sees it as a problem, and the target sees it as a problem. It's probably a problem. RED ALERT!" It's a much more intelligent way of dealing with events than just forwarding each one to a pager.
We've always said security is a process which must be maintained and firewalls/IDS systems are not a panacea to network security. As someone who's been responsible for a large scale IDS roll-out at Enron Broadband Services, where we were ISS' single largest customer for RealSecure before everything went to hell, I feel confident saying that Network IDS is a very useful tool, provided you keep it out of the hands of people who have absolutely no clue what they're doing with it, like the three gentlemen who are responsible for this article.
JosephYou're right, it is. That's why a lot of us like the BSD license more than the GPL and it's "free software" variations. Not that the GPL doesn't have a place, but when it says "Free software," I want it to be free in all ways.
He didn't just write ping. He was also responsible for implementing raw ICMP sockets in the 4.2b BSD source, which not only allows ping to work, but traceroute as well. Muuss also wrote TTCP, as well as invented the concept of the default gateway. He was also one of the first people advocating widespread use of TCP/IP and UNIX among government entities that were outside DARPA. Without guys like Postel, Stevens, and now Muuss, it's very likely that UNIX, TCP/IP and the modern Internet as we know it wouldn't be the same. Check here for his achievements in his own words at Internet-history.org.