Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Air Force To Rewrite the Rules of the Internet

CmdrTaco posted more than 5 years ago | from the because-they-can dept.

The Internet 547

meridiangod writes "The Air Force is fed up with a seemingly endless barrage of attacks on its computer networks from stealthy adversaries whose motives and even locations are unclear. So now the service is looking to restore its advantage on the virtual battlefield by doing nothing less than the rewriting the 'laws of cyberspace.'" I'm sure that'll work out really well for them.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered


Only traitors will vote for Oook-oook Banana (-1, Troll)

ringbarer (545020) | more than 5 years ago | (#25615437)

September 16, 2011. Today it finally began! After all these years of talking-and nothing but talking-we have finally taken our first action. We are at war with the System, and it is no longer a war of words.
I cannot sleep, so I will try writing down some of the thoughts which are flying through my head.
It is not safe to talk here. The walls are quite thin, and the neighbors might wonder at a late-night conference. Besides, George and Katherine are already asleep. Only Henry and I are still awake, and he's just staring at the ceiling.
    I am really uptight. l am so jittery I can barely sit still. And I'm exhausted. I've been up since 5:30 this morning, when George phoned to warn that the arrests had begun, and it's after midnight now. I've been keyed up and on the move all day.
    But at the same time I'm exhilarated. We have finally acted! How long we will be able to continue defying the System, no one knows. Maybe it will all end tomorrow, but we must not think about that. Now that we have begun, we must continue with the plan we have been developing so carefully ever since the Gun Raids two years ago.
    What a blow that was to us! And how it shamed us! All that brave talk by patriots, "The government will never take my guns away," and then nothing but meek submission when it happened.
    On the other hand, maybe we should be heartened by the fact that there were still so many of us who had guns then, nearly 18 months after the Obama Act had outlawed all private ownership of firearms in the United States. It was only because so many of us defied the law and hid our weapons instead of turning them in that the government wasn't able to act more harshly against us after the Gun Raids.
    I'll never forget that terrible day: November 9, 2009. They knocked on my door at five in the morning. I was completely unsuspecting as I got up to see who it was.
    I opened the door, and four Negroes came pushing into the apartment before I could stop them. One was carrying a baseball bat, and two had long kitchen knives thrust into their belts. The one with the bat shoved me back into a corner and stood guard over me with his bat raised in a threatening position while the other three began ransacking my apartment.

    My first thought was that they were robbers. Robberies of this sort had become all too common since the Obama Act, with groups of Blacks forcing their way into White homes to rob and rape, knowing that even if their victims had guns they probably would not dare use them.
    Then the one who was guarding me flashed some kind of card and informed me that he and his accomplices were "special deputies" for the Northern Virginia Human Relations Council. They were searching for firearms, he said.
    I couldn't believe it. It just couldn't be happening. Then I saw that they were wearing strips of green cloth tied around their left arms. As they dumped the contents of drawers on the floor and pulled luggage from the closet, they were ignoring things that robbers wouldn't have passed up: my brand-new electric razor, a valuable gold pocket watch, a milk bottle full of dimes. They were looking for firearms!
    Right after the Obama Act was passed, all of us in the Organization had cached our guns and ammunition where they weren't likely to be found. Those in my unit had carefully greased our weapons, sealed them in an oil drum, and spent all of one tedious weekend burying the drum in an eight-foot-deep pit 200 miles away in the woods of western Pennsylvania.
    But I had kept one gun out of the cache. I had hidden my .357 magnum revolver and 50 rounds of ammunition inside the door frame between the kitchen and the living room. By pulling out two loosened nails and removing one board from the door frame I could get to my revolver in about two minutes flat if I ever needed it. I had timed myself.
    But a police search would never uncover it. And these inexperienced Blacks couldn't find it in a million years.
After the three who were conducting the search had looked in all the obvious places, they began slitting open my mattress and the sofa cushions. I protested vigorously at this and briefly considered trying to put up a fight.
    About that time there was a commotion out in the hallway. Another group of searchers had found a rifle hidden under a bed in the apartment of the young couple down the hall. They had both been handcuffed and were being forcibly escorted toward the stairs. Both were clad only in their underwear, and the young woman was complaining loudly about the fact that her baby was being left alone in the apartment.
    Another man walked into my apartment. He was a Caucasian, though with an unusually dark complexion. He also wore a green armband, and he carried an attach_ case and a clipboard.

    The Blacks greeted him deferentially and reported the negative result of their search: "No guns here, Mr. Tepper."
    Tepper ran his finger down the list of names and apartment numbers on his clipboard until he came to mine. He frowned. "This is a bad one," he said. "He has a racist record. Been cited by the Council twice. And he owned eight firearms which were never turned in."
    Tepper opened his attach_ case and took out a small, black object about the size of a pack of cigarettes which was attached by a long cord to an electronic instrument in the case. He began moving the black object in long sweeps back and forth over the walls, while the attach_ case emitted a dull, rumbling noise. The rumble rose in pitch as the gadget approached the light switch, but Tepper convinced himself that the change was caused by the metal junction box and conduit buried in the wall. He continued his methodical sweep.
    As he swept over the left side of the kitchen door frame the rumble jumped to a piercing shriek. Tepper grunted excitedly, and one of the Negroes went out and came back a few seconds later with a sledge hammer and a pry bar. It took the Negro substantially less than two minutes after that to find my gun.
    I was handcuffed without further ado and led outside. Altogether, four of us were arrested in my apartment building. In addition to the couple down the hall, there was an elderly man from the fourth floor. They hadn't found a firearm in his apartment, but they had found four shotgun shells on his closet shelf. Ammunition was also illegal.
    Mr Tepper and some of his "deputies" had more searches to carry out, but three large Blacks with baseball bats and knives were left to guard us in front of the apartment building.
The four of us were forced to sit on the cold sidewalk, in various states of undress, for more than an hour until a police van finally came for us.
    As other residents of the apartment building left for work, they eyed us curiously. We were all shivering, and the young woman from down the hall was weeping uncontrollably.
    One man stopped to ask what it was all about. One of our guards brusquely explained that we were all under arrest for possessing illegal weapons. The man stared at us and shook his head disapprovingly.
    Then the Black pointed to me and said: "And that one's a racist." Still shaking his head, the man moved on.
    Herb Jones, who used to belong to the Organization and was one of the most outspoken of the "they'll-never-get-my-gun" people before the Obama Act, walked by quickly with his eyes averted. His apartment had been searched too, but Herb was clean. He had been practically the first man in town to turn his guns over to the police after the passage of the Obama Act made him liable to ten years imprisonment in a Federal penitentiary if he kept them.
    That was the penalty the four of us on the sidewalk were facing. It didn't work out that way, though. The reason it didn't is that the raids which were carried out all over the country that day netted a lot more fish than the System had counted on: more than 800,000 persons were arrested.
    At first the news media tried hard to work up enough public sentiment against us so that the arrests would stick. The fact that there weren't enough jail cells in the country to hold us all could be remedied by herding us into barbed-wire enclosures outdoors until new prison facilities could be readied, the newspapers suggested. In freezing weather!
    I still remember the Washington Post headline the next day: "Fascist-Racist Conspiracy Smashed, Illegal Weapons Seized." But not even the brainwashed American public could fully accept the idea that nearly a million of their fellow citizens had been engaged in a secret, armed conspiracy.
    As more and more details of the raids leaked out, public restlessness grew. One of the details which bothered people was that the raiders had, for the most part, exempted Black neighborhoods from the searches. The explanation given at first for this was that since "racists" were the ones primarily suspected of harboring firearms, there was relatively little need to search Black homes.
    The peculiar logic of this explanation broke down when it turned out that a number of persons who could hardly be considered either "racists" or "fascists" had been caught up in the raids. Among them were two prominent liberal newspaper columnists who had earlier been in the forefront of the antigun crusade, four Negro Congressmen (they lived in White neighborhoods), and an embarrassingly large number of government officials.

    The list of persons to be raided, it turned out, had been compiled primarily from firearms sales records which all gun dealers had been required to keep. If a person had turned a gun in to the police after the Obama Act was passed, his name was marked off the list. If he hadn't it stayed on, and he was raided on November 9-unless he lived in a Black neighborhood.
    In addition, certain categories of people were raided whether they had ever purchased a firearm from a dealer or not. All the members of the Organization were raided.
    The government's list of suspects was so large that a number of "responsible" civilian groups were deputized to assist in the raids. l guess the planners in the System thought that most of the people on their list had either sold their guns privately before the Obama Act, or had disposed of them in some other way. Probably they were expecting only about a quarter as many people to be arrested as actually were.
    Anyway, the whole thing soon became so embarrassing and so unwieldy that most of the arrestees were turned loose again within a week. The group I was with-some 600 of us-was held for three days in a high school gymnasium in Alexandria before being released. During those three days we were fed only four times, and we got virtually no sleep.
    But the police did get mug shots, fingerprints, and personal data from everyone. When we were released we were told that we were still technically under arrest and could expect to be picked up again for prosecution at any time.
    The media kept yelling for prosecutions for awhile, but the issue was gradually allowed to die. Actually, the System had bungled the affair rather badly.
    For a few days we were all more frightened and glad to be free than anything else. A lot of people in the Organization dropped out right then and there. They didn't want to take any more chances.
    Others stayed in but used the Gun Raids as an excuse for inactivity. Now that the patriotic element in the population had been disarmed, they argued, we were all at the mercy of the System and had to be much more careful. They wanted us to cease all public recruiting activities and "go underground."
    As it turned out, what they really had in mind was for the Organization to restrict itself henceforth to "safe" activities, such activities to consist principally in complaining-better yet, whispering-to one another about how bad things were.
    The more militant members, on the other hand, were for digging up our weapons caches and unleashing a program of terror against the System immediately, carrying out executions of Federal judges, newspaper editors, legislators, and other System figures. The time was ripe for such action, they felt, because in the wake of the Gun Raids we could win public sympathy for such a campaign against tyranny.
    It is hard to say now whether the militants were right. Personally, I think they were wrong-although I counted myself as one of them at the time. We could certainly have killed a number of the creatures responsible for America's ills, but I believe we would have lost in the long run.
    For one thing, the Organization just wasn't well disciplined enough for waging terror against the System. There were too many cowards and blabbermouths among us. Informers, fools, weaklings, and irresponsible jerks would have been our undoing.
    For a second thing, I am sure now that we were overoptimistic in our judgment of the mood of the public. What we mistook as general resentment against the System's abrogation of civil rights during the Gun Raids was more a passing wave of uneasiness resulting from all the commotion involved in the mass arrests.
    As soon as the public had been reassured by the media that they were in no danger, that the government was cracking down only on the "racists, fascists, and other anti-social elements" who had kept illegal weapons, most relaxed again and went back to their TV and funny papers.
    As we began to realize this, we were more discouraged than ever. We had based all our plans-in fact, the whole rationale of the Organization-on the assumption that Americans were inherently opposed to tyranny, and that when the System became oppressive enough they could be led to overthrow it. We had badly underestimated the degree to which materialism had corrupted our fellow citizens, as well as the extent to which their feelings could be manipulated by the mass media.
    As long as the government is able to keep the economy somehow gasping and wheezing along, the people can be conditioned to accept any outrage. Despite the continuing inflation and the gradually declining standard of living, most Americans are still able to keep their bellies full today, and we must simply face the fact that that's the only thing which counts with most of them.
    Discouraged and uncertain as we were, though, we began laying new plans for the future. First, we decided to maintain our program of public recruiting. In fact, we intensified it and deliberately made our propaganda as provocative as possible. The purpose was not only to attract new members with a militant disposition, but at the same time to purge the Organization of the fainthearts and hobbyists-the "talkers."
    We also tightened up on discipline. Anyone who missed a scheduled meeting twice in a row was expelled. Anyone who failed to carry out a work assignment was expelled. Anyone who violated our rule against loose talk about Organizational matters was expelled.
    We had made up our minds to have an Organization that would be ready the next time the System provided an opportunity to strike. The shame of our failure to act, indeed, our inability to act, in 2009 tormented us and drove us without mercy. It was probably the single most important factor in steeling our wills to whip the Organization into fighting trim, despite all obstacles.
    Another thing that helped-at least, with me-was the constant threat of rearrest and prosecution. Even if I had wanted to give it all up and join the TV-and-funnies crowd, I couldn't. I could make no plans for a "normal," civilian future, never knowing when I might be prosecuted under the Obama Act. (The Constitutional guarantee of a speedy trial, of course, has been "reinterpreted" by the courts until it means no more than our Constitutional guarantee of the right to keep and bear arms.)
    So I, and I know this also applies to George and Katherine and Henry, threw myself without reservation into work for the Organization and made only plans for the future of the Organization. My private life had ceased to matter.
    Whether the Organization actually is ready, I guess we'll find out soon enough. So far, so good, though. Our plan for avoiding another mass roundup, like 2009, seems to have worked.
    Early last year we began putting a number of new members, unknown to the political police, into police agencies and various quasi-official organizations, such as the human relations councils. They served as our early-warning network and otherwise kept us generally informed of the System's plans against us.
    We were surprised at the ease with which we were able to set up and operate this network. We never would have gotten away with it back in the days of J. Edgar Hoover.
    It is ironic that while the Organization has always warned the public against the dangers of racial integration of our police, this has now turned out to be a blessing in disguise for us. The "equal opportunity" boys have really done a wonderful wrecking job on the FBI and other investigative agencies, and their efficiency is way down as a result. Still, we'd better not get over-confident or careless.
    Omigod! It's 4:00 AM. Got to get some sleep!

Re:Only traitors will vote for Oook-oook Banana (0, Informative)

Anonymous Coward | more than 5 years ago | (#25615923)

troll? sounds more like what may happen to me.

Disconnect (5, Insightful)

electrictroy (912290) | more than 5 years ago | (#25615499)

If they were smart, they would disconnect their computers from the public internet. People can't access hardware they can't access.

Re:Disconnect (2, Insightful)

electrictroy (912290) | more than 5 years ago | (#25615557)

People can't [hack] hardware they can't access.

Re:Disconnect (5, Funny)

Atriqus (826899) | more than 5 years ago | (#25615971)

Actually, I liked the previous version... it better illustrated the obviousness of the solution.

Re:Disconnect (1)

British (51765) | more than 5 years ago | (#25615983)

Even without a wireless keyboard & mouse + TEMPEST hacking?

Or wireless + remote desktop?

Re:Disconnect (5, Funny)

MrNaz (730548) | more than 5 years ago | (#25616167)

Because the Air Force can't catch people over the internet, that must mean that they are also vulnerable to vans with tinted windows in the car park of the armed forces branch head quarters with a 20" dish antenna mounted on top.

Re:Disconnect (2, Funny)

Firethorn (177587) | more than 5 years ago | (#25616237)

That's called 'Somebody makes a call' and 'Guys with automatic weapons show up to ask questions'.

Re:Disconnect (5, Informative)

Kagura (843695) | more than 5 years ago | (#25615611)

They actually are smart, and any computers accessing Secret information and above are NOT allowed to be hooked up to the internet or a network with access to the internet, EVER.

Re:Disconnect (4, Insightful)

morgan_greywolf (835522) | more than 5 years ago | (#25615847)

You're right, of course. But this isn't about computers with Secret information, which are a non-issue when it comes to the Internet -- those machines are on their own completely air-gapped network and secured behind locked doors, alarms and armed guards.

This is about the Air Force's services that are on the public Internet. The Air Force, like the other branches of the military and other government agencies, needs to interface with the public. One of their primary means of doing that these days is through their Internet presence.

Of course, sites in the .mil domain are going to constantly be hammered by cyber criminals, bored teenagers and even spammer gangs trying to bring down the sites.

The USAF would like to alter the permissive and decentralized nature of the Internet through technological and possibly political means to suit itself.

All I have to say is good luck with that and uh, get in line. Companies have tried and failed for years to mold the Internet in their own image. Companies with billions and billions of dollars to throw at the matter. Companies who were once powerful juggernauts and 800 lb. gorillas finding themselves becoming increasingly irrelevant...

Re:Disconnect (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25616055)

air-gapped network

I love the gay little computer terms you guys throw out on a daily basis. "See see! I know this phrase! I'm wunna youze guyz!"

Re:Disconnect (5, Insightful)

Swizec (978239) | more than 5 years ago | (#25616057)

Then there is that one company that started off very small and ended up changing the rules of the internet completely.

You know ... Google.

Re:Disconnect (0)

Anonymous Coward | more than 5 years ago | (#25616333)

Microsoft started out small too and it rewrote all the rules as well.

Re:Disconnect (5, Funny)

sam0737 (648914) | more than 5 years ago | (#25615987)

Someone, someday will carry lost a USB thumbdrive carrying the sensitive information.

Perhaps we need a new RFC, similar to this one [RFC1149] [faqs.org] , for USB thumbdrive.

Re:Disconnect (5, Insightful)

hey! (33014) | more than 5 years ago | (#25616073)

Correction: any computer which is supposed to be allowed to access Secret information is not allowed to be hooked up to the Internet. I suspect there is no way to enforce the rule as you state it without possibly divulging what is secret and what is not. For example if I'm monitoring a computer and find that a bunch of files have been deleted, I might look at one of the files I downloaded that was purged, and say, "hey, this memo implies the F35 can climb at over 330 meters/second."

What I'm saying is that it's best not to trust in systems to operate according to the rules.

Re:Disconnect (0)

Anonymous Coward | more than 5 years ago | (#25616273)

The problem is not that the SECRET systems are but that the UNCLASSIFIED are and you can glean a LOT of information from that.

Re:Disconnect (1)

blueg3 (192743) | more than 5 years ago | (#25615619)

"People can't access hardware they can't access."

Good tautology there.

They already do this. Machines that don't need Internet access don't have it, and the DoD has its own network for secure communication. Sometimes, though, you want to provide services on the public Internet, yet not have them hacked.

Taut, taut! (0)

Anonymous Coward | more than 5 years ago | (#25615895)

Before you even replied, he commented that it was a typo. Now your comment just looks tautless.

Next time, pause for taut before you reply. I hope this taut you a lesson.

Re:Disconnect (4, Interesting)

evanbd (210358) | more than 5 years ago | (#25616019)

Sure they can. It just adds a step: get the hardware connected. Sometimes that can be accomplished through social engineering, sometimes well-meaning people do it for you, and sometimes people simply don't realize the connection existed in the first place. Of course, it does make things harder, and it is a valuable step... but it should not, under any circumstances, be assumed to be bulletproof by itself. You still need to worry about security against an attack.

Re:Disconnect (5, Insightful)

ChrisA90278 (905188) | more than 5 years ago | (#25616235)

Yes that is pretty much the first rule. any machine with senitive data is not hooked up to the Internet. Not even via a firewall. They call it an "air gap" but today with wireless the term is an anachronism but still you get the idea "no connection at all".

Computers that handle REALLY sensitive stuff can't even be connected to normal AC power systems or even to normal building ground wires.

Many of the computers have removable disk drives. That is where ALL of the drives can be removed without tools. The rule requires the drives to be removed and stored in a safe when not in use.

Believe me they do have a few smart people who understand security and they have a decent educational system in place where people have to go to class and read some papers before they can use systems that handle sensitive information. And they are required to re-take the classes periodically

But then there are always ideots and weven normal people forget and make mistakes. But then typically some guard is assigned the task to walk around a pull on safe handles and check that desks are clear and so on. Hell likely catch most of the mistakes

Re:Disconnect (2, Funny)

demachina (71715) | more than 5 years ago | (#25616267)

If they were smart they would post their problem on Slashdot and let all the nerds figure out a solution for them for free......

They've solved their own problem (5, Informative)

yttrstein (891553) | more than 5 years ago | (#25615509)

""[M]ost threats should be made irrelevant by eliminating vulnerabilities beforehand by either moving them 'out of band' (i.e., making them technically or physically inaccessible to the adversary), or 'designing them out' completely," the request for proposals adds."

Luckily for the Air Force, they don't actually have to do any work at all to make this happen, since it's been not only possible, but actually implemented since at least 1998, when RFC 2341 was written all about Virtual Private Networks.

Helpful Hint for the Air Force: Pay your private sector computer engineers more and you'll get the innovation you're looking for.

Re:They've solved their own problem (1)

areusche (1297613) | more than 5 years ago | (#25615651)

Easy. Stop outsourcing your IT and pay well. Sounds almost too easy.

Oh and move all important critical information off of a network that has access to the outside world and make the penalties for doing work at "home" well known.

Re:They've solved their own problem (5, Insightful)

sexconker (1179573) | more than 5 years ago | (#25615913)

How bout a private network.

Which is what all secret and above classifications use.

Physically disconnected from the internet.
Physically inaccessible by the plebes.

Code auditing, memory wiping, classification-based job scheduling (a machine works only on secret defense or only on top secret or only on top secret nuclear, or etc. jobs at a time, never mixing), secure attention keys, custom hardware, physical security, surveillance, custom hardware, etc.

I'd say that, for the shit that matters, they've got a pretty good setup. But let's listen to the internet nerds who think they know everything. They'll tell us how to fix it.

Re:They've solved their own problem (1)

Rogerborg (306625) | more than 5 years ago | (#25615945)

I prefer RFC 2541 [sunsite.dk] . The Mark 1 Air Gap is still the gold standard of security.

To be fair "physically inaccessible" shows that they sort of get it, but they wrap it up in so many buzzwords that it'll never get implemented.

Anonymous has not place on a military net. (2, Interesting)

FoolishBluntman (880780) | more than 5 years ago | (#25615513)

How about no spoofing as a good start. No changeable MAC addresses and Client side certs.

Re:Anonymous has not place on a military net. (1)

Z00L00K (682162) | more than 5 years ago | (#25615713)

Since the MAC address is local only to the segment where it is used that is of relatively limited use.

Client side certs are also a thing that isn't easy to spoof since they have to be signed to be useful. Any certs that are self-signed can easily be dismissed.

Network security is a lot about segmentation, and using routers with correct setups means that you can easily filter out spoofed addresses.

A bigger problem is all the proprietary protocols or encapsulated protocols circulating on a network. The big problem is that some of these protocols may be open to attacks of various kinds.

Re:Anonymous has not place on a military net. (1)

Bengie (1121981) | more than 5 years ago | (#25616363)

"[...]No changeable MAC addresses[...]"

You can output any combination of 1s and 0s through your network card, I'd like to see this one.

It worked for the Army! (5, Funny)

David Gerard (12369) | more than 5 years ago | (#25615523)

Remember that the 304th Military Intelligence Battalion declared Twitter a terrorist weapon [today.com] . God forbid they discover pen and paper. Or modulated farting, for that matter.

Re:It worked for the Army! (0, Offtopic)

solraith (1203394) | more than 5 years ago | (#25615587)

I'm trying to think of some terrible pun relating modulated farting to smoke signals, but I'm drawing a blank.

Re:It worked for the Army! (0)

Anonymous Coward | more than 5 years ago | (#25615695)

I'm trying to think of some terrible pun relating modulated farting to smoke signals, but I'm drawing a blank.

Better that than drawing a breath, eh?

Re:It worked for the Army! (0, Offtopic)

interiot (50685) | more than 5 years ago | (#25615943)

It took 5 years, but they finally trained operatives to intercept and understand modulated farting communications from terrorists. But then the terrorists starting using Navajo modulated farting, and well... their farts are just too smelly.

Re:It worked for the Army! (0)

Anonymous Coward | more than 5 years ago | (#25616225)


Farting and the AIR force? How can that not register on the pun-radar?

Re:It worked for the Army! (2, Insightful)

Enderandrew (866215) | more than 5 years ago | (#25615659)

No the Air Force listed Twitter as a tool that terrorists use.

There is a distinction. But thanks for playing.

Re:It worked for the Army! (0)

Anonymous Coward | more than 5 years ago | (#25616259)

In other news, the 304th Military Intelligence Battalion has discovered that terrorists use email

Re:It worked for the Army! (1)

jdfox (74524) | more than 5 years ago | (#25616287)

No the Air Force listed Twitter as a troll that terrorists use.

There, fixed that for ya.

Re:It worked for the Army! (0)

Anonymous Coward | more than 5 years ago | (#25616323)

Well, twitter is indeed a tool. So they are at least partially correct.

Re:It worked for the Army! (0)

Anonymous Coward | more than 5 years ago | (#25615703)

That was a really dumb link.

Re:It worked for the Army! (0)

4D6963 (933028) | more than 5 years ago | (#25616021)

That was a really dumb link.

It wasn't the link that was dumb but what it pointed to.

Re:It worked for the Army! (1, Funny)

Anonymous Coward | more than 5 years ago | (#25615869)

Or modulated farting, for that matter.

Polictical speeches, punditry, injecting rumors, diplomacy, etc, etc, etc have been well known for some time but still seem to slip under the radar of most citizens including far too many in the military. Answers given to many questions at polictical interviews or debates are perhaps best described as "modulated farting", they stink but are worded to distract you from the stench of their non-answers and they of course come from an a**hole.

Uh-huh, good luck with that (0)

Anonymous Coward | more than 5 years ago | (#25615525)

With apologies to Billy Bob Thornton - "Wish in one hand, shit in the other. See which fills up first."

Rule 35 (1)

oojimaflib (1077261) | more than 5 years ago | (#25615537)

If you can imagine it, there's some government out to stop it being on the internet.

Re:Rule 35 (1)

Z00L00K (682162) | more than 5 years ago | (#25615767)

Not only that, but also ISP:s are out to cut down the openness of the internet in order to be able to sell just their own services at a high price.

there's nothing wrong here (5, Interesting)

circletimessquare (444983) | more than 5 years ago | (#25615571)

for an organization the size of the air force, and with the mandate it has, there is nothing laughable or overly ambitious about say, creating and implementing your own supersecure protocol, and supporting it within its subnet

and, if successful, watch it leave its military surroundings, be adapted by universities, then corporations, then the general public

kind of like the internet itself

somebody is going to do this at some point, considering the various shortcomings of our present dominant protocol suite

that it would be the military to do it first makes sense

Re:there's nothing wrong here (4, Insightful)

moderatorrater (1095745) | more than 5 years ago | (#25615739)

I would have more faith in this endeavor if it were the NSA implementing it rather than the air force, although the air force is the second most likely agency/group to pull it off. From what I've seen and heard, the air force has a lot of technically skilled people in programming and hardware that would be able to pull this off.

Re:there's nothing wrong here (0)

Anonymous Coward | more than 5 years ago | (#25615991)

Yeah, I mean, they MacGuyvered their own supercomputer to operate their topsecret ancient alien teleportation device underneath NORAD, they can probably do this ;)

Re:there's nothing wrong here (2, Interesting)

Random BedHead Ed (602081) | more than 5 years ago | (#25616049)

If the NSA did it, it would have a back door. I'd rather have the Air Force do it and ask the NSA to try to crack it.

Re:there's nothing wrong here (4, Interesting)

Ethanol-fueled (1125189) | more than 5 years ago | (#25615967)

there is nothing laughable

But this [cnn.com] is very laughable, as is this [cnn.com] and this [crime-research.org] . Now imagine what we don't know about!

Re:there's nothing wrong here (1)

ThwartedEfforts (2976) | more than 5 years ago | (#25616165)

for an organization the size of the air force, and with the mandate it has, there is nothing laughable or overly ambitious about say, creating and implementing your own supersecure protocol, and supporting it within its subnet

They're doing it with IPv6, right?

Internet + secure (3, Informative)

buchner.johannes (1139593) | more than 5 years ago | (#25615583)

The only useful and meaningful thing they could do, is implement a secure internet protocol (i.e. with the missing session and presentation layers) and provide a good interface to the internet. Then the inherited insecurity of network protocols could be avoided from the beginning.

If it is done right, has advantages and is promoted and laid open to others, it might catch on and replace parts of the internet step by step.
Will probably not be faster than the IPv6 transition, but hey, they made the internet, why not make another one ;-)

Laws can not reach internet phenomena, they are too slow, and when they do, it doesn't matter anymore.

Re:Internet + secure (2, Funny)

buchner.johannes (1139593) | more than 5 years ago | (#25615707)

After reading the article, e.g. quoting

Enabling Air Force servers to evade or dodge electronic attacks, somehow.

Its funny how they think so much in materials entering materials when talking about a electronic/information tech issue. Like the server could jump to the side when it sees a malicious packet coming ...

Reprise of the evil bit. (3, Funny)

Anonymous Coward | more than 5 years ago | (#25615605)


Penny Arcade (5, Funny)

Sasayaki (1096761) | more than 5 years ago | (#25615657)

As usual, Penny Arcade predicted the future. (http://www.penny-arcade.com/comic/2007/07/16/)

Technician: Our webs are down, sir. We can't log in!

Agent: Which webs?

Technician: All of them.

Technician: They've penetrated our code walls. They're stealing the Internet!

Agent: We'll need to hack all IPs simultaneously.

Re:Penny Arcade (4, Informative)

Anonymous Coward | more than 5 years ago | (#25615857)

Here's a hint for future postings.
Enclosing your URL in parentheses prevents Slashdot from creating an automatic hyperlink. This is annoying, as it means that I have to copy and paste rather than just clicking. It's the difference between:
http://www.penny-arcade.com/comic/2007/07/16/ [penny-arcade.com]
on the screen.

In general, it's a bad idea anyway because parentheses are valid in a URL. Parsers which try to automatically hyperlink URLs may get confused by the trailing ')'. For this same reason, despite the rules of English suggesting it, you should avoid punctuation immediately following a URL.

prevent IP spoofing - save the world (5, Insightful)

iceco2 (703132) | more than 5 years ago | (#25615669)

actually there is a very simple measure ISPs can take to prevent many attacks.
and that is to prevent their customers from spoofing the source IP in their IP packets.
If governments (starting with the US) would pressure(force by law) ISPs to do this, it can be done with out much technological difficulties.
This anti-spoofing measure can be implemented on many levels, so that even if a certain ISP does not co-operate other ISPs could prevent its customers from spoofing any IP which does not belong to the problematic ISP. This in itself helps protect against IP spoofing.

Without IP spoofing attackers are more easily identified and blocked.

Re:prevent IP spoofing - save the world (1)

Zenaku (821866) | more than 5 years ago | (#25616339)

It has been a long time since my network engineering classes, so do regard this as a genuine question from someone who simply doesn't know, and correct my impression if I am mistaken about the basics.

But I'm not clear on how exactly an ISP could prevent its customers from spoofing the source address in their packets. I thought the inherent security flaw in the IP protocol was the fact that you pretty much have to take each packets word for where it came from. What alternate mechanism do you see them using to verify the "real" source of a given packet?

It is not like they have a single dedicated physical line from their router to each customer's house, where traffic coming in on a given physical port can only have come from one place. (But hey, if they did, I bet my bandwidth would be a lot better)!

ohnoes!!! (0)

Anonymous Coward | more than 5 years ago | (#25615689)

Wait til the AF finds out every PC on their network are broadcasting their IP addresses...

Pure Genius (1)

LeotheQuick (657964) | more than 5 years ago | (#25615775)

"If you're not blue, you can't come in."

Using color codes for internet traffic - brilliant!

"Hanson is also interested in finding ways to dodge electronic attacks"

Do a barrel roll!

Re:Pure Genius (1)

Todd Knarr (15451) | more than 5 years ago | (#25616293)

His "blue" comment makes sense. It's how I run my wireless network: unencrypted at the 802.11a level, but the physical connection terminates at the gateway machine and the only traffic allowed in through that interface is that needed to negotiate and maintain an IPSec VPN connection. The IPSec server, meanwhile, will only negotiate a connection with someone presenting a certificate signed by my CA cert. If I don't know your machine, you don't get access. If you need access, you talk to me and I'll get you a certificate you can use.

Yes, I could enable security at the physical level. I prefer to drive home the point that the wireless portion is untrusted, potentially compromised at any and all times, and you configure your machine to live in that environment safely right from the start.

Blue is military-speak for friendly (1)

HighOrbit (631451) | more than 5 years ago | (#25616351)

"Blue" in the military means "friendly". It comes from military maps, where unit symbols depicted as color blue are friendly forces and unit symbols in red are enemy forces. For example, if you look in just about any book about the American Civil War, you will alway see by convention that United States forces are blue and Confederate forces red. I belive this convention has been adopted by NATO.

So when he says "If you're not blue, you can't come in.", I suppose he means that they will have some sort of positive identification to determine who the requester is and if a connection is accepted or refused.

all that bork barrel spending (1, Troll)

Tyrannicsupremacy (1354431) | more than 5 years ago | (#25615785)

and the us air force is no match for a mere 100,000,000 chinese children being forced to hack them using computers that probably still have turbo buttons?

The best method of defense (1)

root777 (1354883) | more than 5 years ago | (#25615789)

From the article "Enabling Air Force servers to evade or dodge electronic attacks, somehow" Like they say ... the most secure computer is the one that is unplugged.

good concepts, bad headline (4, Interesting)

Tom (822) | more than 5 years ago | (#25615807)

If you actually RTFA, you see that they aren't bonkers. Quite to the contrary. See this quote, for example:

"[M]ost threats should be made irrelevant by eliminating vulnerabilities beforehand by either moving them 'out of band' (i.e., making them technically or physically inaccessible to the adversary), or 'designing them out' completely," the request for proposals adds.

Yeah, absolutely. Remember that this is the military we're talking about. These are the guys who are the "customers" of stuff like the NSA's formally verifiable code project. These are the guys who still use 10 year old computers because those are hardened and tested to military standards. If they upgrade to 5 year old computers, the gain in speed will offset pretty much any performance penalty that security methods that don't fly in the commercial world because of said performance penalties, could cause.

These are also the guys who do a ton of things badly.

So it'll be interesting to watch.

Re:good concepts, bad headline (1)

negRo_slim (636783) | more than 5 years ago | (#25616189)

These are the guys who still use 10 year old computers because those are hardened and tested to military standards.

I tried to verify that claim via Google and the best thing I could find was the exact opposite [panasonic.com] of that statement:

Panasonic Computer Solution Companyâ(TM)s hardware providers help develop cutting-edge technology to address rapidly growing needs, including data storage, power backup, in-vehicle mounting, mobile display, deployable kits and rugged add-ons.

It's just a marketing page for sure... But where exactly do you suppose they use 10 year old tech other than in custom built kit for physical systems.

Rewrite the rules? (0)

Anonymous Coward | more than 5 years ago | (#25615809)

How can you rewrite something non-existing?

creators polishing planet/population rescue kode (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25615863)

it's newclear powered, & way user friendly, as well as tamper proof.

greed, fear & ego (in any order) are unprecedented evile's primary weapons. those, along with deception & coercion, helps most of us remain (unwittingly?) dependent on its' life0cidal hired goons' agenda. most of yOUR dwindling resources are being squandered on the 'wars', & continuation of the billionerrors stock markup FraUD/pyramid schemes. nobody ever mentions the real long term costs of those debacles in both life & any notion of prosperity for us, or our children, not to mention the abuse of the consciences of those of us who still have one. see you on the other side of it. the lights are coming up all over now. conspiracy theorists are being vindicated. some might choose a tin umbrella to go with their hats. the fairytail is winding down now. let your conscience be yOUR guide. you can be more helpful than you might have imagined. there are still some choices. if they do not suit you, consider the likely results of continuing to follow the corepirate nazi hypenosys story LIEn, whereas anything of relevance is replaced almost instantly with pr ?firm? scriptdead mindphuking propaganda or 'celebrity' trivia 'foam'. meanwhile; don't forget to get a little more oxygen on yOUR brain, & look up in the sky from time to time, starting early in the day. there's lots going on up there.

we note that yahoo deletes some of its' (relevant) stories sooner than others. maybe they're short of disk space, or something?
(deleted, still in google cache)http://biz.yahoo.com/ap/080708/cheney_climate.html
(talk about cowardlly race fixing/bad theater/fiction?) http://money.cnn.com/2008/09/19/news/economy/sec_short_selling/index.htm?cnn=yes
(the teaching of hate as a way of 'life' synonymous with failed dictatorships) http://news.yahoo.com/s/ap/20081004/ap_on_re_us/newspapers_islam_dvd;_ylt=A0wNcwWdfudITHkACAus0NUE
(some yoga & yogurt makes killing/getting killed less stressful) http://news.yahoo.com/s/ap/20081007/ap_on_re_us/warrior_mind;_ylt=A0wNcw9iXutIPkMBwzGs0NUE
(the old bait & switch...your share of the resulting 'product' is a fairytail nightmare?)

is it time to get real yet? A LOT of energy is being squandered in attempts to keep US in the dark. in the end (give or take a few 1000 years), the creators will prevail (world without end, etc...), as it has always been. the process of gaining yOUR release from the current hostage situation may not be what you might think it is. butt of course, most of US don't know, or care what a precarious/fatal situation we're in. for example; the insidious attempts by the felonious corepirate nazi execrable to block the suns' light, interfering with a requirement (sunlight) for us to stay healthy/alive. it's likely not good for yOUR health/memories 'else they'd be bragging about it? we're intending for the whoreabully deceptive (they'll do ANYTHING for a bit more monIE/power) felons to give up/fail even further, in attempting to control the 'weather', as well as a # of other things/events.


'The current rate of extinction is around 10 to 100 times the usual background level, and has been elevated above the background level since the Pleistocene. The current extinction rate is more rapid than in any other extinction event in earth history, and 50% of species could be extinct by the end of this century. While the role of humans is unclear in the longer-term extinction pattern, it is clear that factors such as deforestation, habitat destruction, hunting, the introduction of non-native species, pollution and climate change have reduced biodiversity profoundly.' (wiki)

"I think the bottom line is, what kind of a world do you want to leave for your children," Andrew Smith, a professor in the Arizona State University School of Life Sciences, said in a telephone interview. "How impoverished we would be if we lost 25 percent of the world's mammals," said Smith, one of more than 100 co-authors of the report. "Within our lifetime hundreds of species could be lost as a result of our own actions, a frightening sign of what is happening to the ecosystems where they live," added Julia Marton-Lefevre, IUCN director general. "We must now set clear targets for the future to reverse this trend to ensure that our enduring legacy is not to wipe out many of our closest relatives."

"The wealth of the universe is for me. Every thing is explicable and practical for me .... I am defeated all the time; yet to victory I am born." --emerson
consult with/trust in yOUR creators. providing more than enough of everything for everyone (without any distracting/spiritdead personal gain motives), whilst badtolling unprecedented evile, using an unlimited supply of newclear power, since/until forever. see you there?

"If my people, which are called by my name, shall humble themselves, and pray, and seek my face, and turn from their wicked ways; then will I hear from heaven, and will forgive their sin, and will heal their land."--chronicles

Rewrite the rules of the Air Force (2, Interesting)

Anonymous Coward | more than 5 years ago | (#25615871)

Instead of letting them try to push us around, we the geeks can turn the tables and re-write government [metagovernment.org] based on open source philosophy.

The plan for transition is practical, and folks like those running the Air Force will never see it coming until it is far too late for them to do anything about it.

USAF Cyberweenie here... (0)

Anonymous Coward | more than 5 years ago | (#25615905)

Posting AC, obvious, etc...

I'm stationed at the base where the "Cyber Command" was supposed to be stood up, and I'm involved with the administration and support of Secret and above level networks.

I can say with some certainty that a lot of the higher-ups involved with the process of the "Cyber Command" not only don't know what the hell they're doing or even talking about, and most of the big brass involved see their "leadership" of this expansion of the AF's role as a way to make themselves look like pioneers on the same level as Doolittle. It's really a whole bunch of brigadier generals chasing that second star, and a lot of yes-men colonels chasing their first.

That being said, the AF's handling of classified networks is actually pretty excellent. Obviously going into details is strictly verboten, but I can say that the policies and procedures are second to none (after working with several fortune 500 companies and using their best and most secure as a baseline comparison), which is exactly as it should be. We are literally talking about national secrets, here.

solution .. (1)

rs232 (849320) | more than 5 years ago | (#25615921)

* Making hostile traffic inoperable on Air Force networks.

* Locating and identifying once-anonymous hackers.

* Enabling Air Force servers to evade or dodge electronic attacks, somehow.

Use PKI [networkworld.com] over VPN [howstuffworks.com] to carry all Air Force traffic and reject everything else. The VPN solution would run on customized hardened nodes spread across the globe. These would provide multiple redundant paths and the ability to reject 'electronic attacks', 'hostile traffic' and 'anonymous hackers' ...

It's about time! (0, Redundant)

Locke2005 (849178) | more than 5 years ago | (#25615927)

So, they are finally going to mandate use of the "evil bit" as described in RFC 3514 on April 1, 2003?

The only rule I remember is (1)

Cajun Hell (725246) | more than 5 years ago | (#25616033)

Wait until after business hours before you start that long FTP transfer. Anything over a hundred kilobytes can wait until night.

Attack and defend? (3, Insightful)

evanbd (210358) | more than 5 years ago | (#25616097)

So they want to simultaneously change the underlying network fabric in order to make their systems unattackable, and also be able to successfully attack any other system at any time? Does no one there see a disconnect between these goals?

The Rules are Simple (2, Funny)

dmomo (256005) | more than 5 years ago | (#25616117)

First Rule: Don't talk about Internet
Second Rule: Don't talk about Internet
Third Rule: ???
Fourth Rule: Profit

Air Force Po'grammers!! (1)

TheCybernator (996224) | more than 5 years ago | (#25616123)

by doing nothing less than the rewriting the 'laws of cyberspace.'

who will do the rewriting?

Air Force Po'grammers? :)

I think the rules will be rewritten, someday (1)

FourthAge (1377519) | more than 5 years ago | (#25616137)

Most of the article seems to be sensible; improve the security of internal air force networks, etc. Can't argue with that. But here:

"You can control your own networks, rewrite your own laws," says Rick Wesson, CEO of the network security firm Support Intelligence. "You can't rewrite everybody else's."

Of course, the Air Force does have a way to rewrite the rules of the entire Internet, although it won't be free. They can get the US government to mandate a change for public networks in the US. That change might affect other countries, who would need to adopt the new standard in order to stay compatible.

A change that I'm expecting is the forced adoption of security certificates. Someday, all Internet traffic will be encrypted, and routers will not permit traffic unless it has been signed by a certificate that has, in turn, been approved by an authority. It's not hard to imagine that this would be proposed as a solution to stop crackers, pirates, paedophiles, spammers, and (of course) terrorists.

To some extent, it might even work! Spam would be harder, so would piracy. Certainly, the days of mass piracy on TPB would be over: online piracy would move to VPNs, which would have to be small, as large ones would be easily detected by traffic analysis. Spammers and crackers would need to steal valid certificates, which could be difficult, as users would most likely rely on their TPM to sign packets for them. The real disadvantage is that Internet users would not be anonymous, which has many unpleasant implications.

You know, they could... (1)

DJ_Maiko (1044980) | more than 5 years ago | (#25616143)

...I dunno, stop using Windows servers as their main architectural backbone for one. After all what is their $50 million/year technology budget buying, outdated windows licenses?

In a speech last night in Cincinnati, Barack Obama said he'd be going over the budget line-by-line. You don't think he's gonna stumble across their IT budget w/the line item labeled "Bill Gates - $50 million/year" & not go "WTF?!!!"

Re:You know, they could... (1)

exabrial (818005) | more than 5 years ago | (#25616247)

And if you actually believe a politician is going to do anything he says, you are an idiot.

fools and bigger fools (1)

cellocgw (617879) | more than 5 years ago | (#25616185)

I'm not sure which old story to refer to here.
The guys who cracked PlayStation3 in a couple weeks?
The various top DoD and White House officials who took classified computers home to play with?
The various spooks and spook wannabes who dumped sensitive stuff into voicemail boxes, or Yahoo mail, or whatever it was, off their crackberries?

Security remains only as good as the control over the folks who have access.
"Now, before leaving the controlled area for the day, please look into this bright light..."

Rule 34? (0)

Anonymous Coward | more than 5 years ago | (#25616231)

So what's going to be the new rule 34?

I'm confused and skeptical. (1)

fuzzyfuzzyfungus (1223518) | more than 5 years ago | (#25616245)

I have no doubt that the Air Force has the resources to, with suitable leadership and direction, implement seriously secure systems. They have serious secrets to protect, and don't need to fall for the "But $HORRIBLY_INSECURE_SOMETHING is a best of breed industry standard(tm)!" stuff.

That said, though, their "Rewrite the laws of Cyberspace" idea gets a giant WTF. With a lot of security improvements, the task is difficult; but the way forward is relatively clear(ie using PKI for everything, auditing the hell out of stuff, etc. are time consuming and nontrivial; but well understood). Ideas like "dodging rather than blocking attacks" just seem meaningless. The whole plan seems to be:
1. Heretofore unimagined security magic.
2. Air Force Computer are secure.(profit)

Maybe they actually have heretofore unimagined security magic; but they don't want to talk about it; but the whole thing seems dubious.

Replace TCP/IP (3, Interesting)

hey (83763) | more than 5 years ago | (#25616343)

Its not so crazy that they would replace TCP/IP with something else fairly similar for their internal use.

Windows (2, Interesting)

ezwip (974076) | more than 5 years ago | (#25616349)

Aren't we sentencing some guy for logging into Windows computers from over in Europe that had no pass and ran the Windows Operating System? Maybe we should stop playing all these games and have Microsoft rebuild their operating system correctly as not to have hundreds of thousands of zombie computers online. How many of those Zombies run Apple or Linux? What's that you say less then 1%, or perhaps the answer is none at all? The government built the internet but can't secure it? We need 500 different anti virus programs because one specific operating system is incompetent at security? Send the users to jail you say because we can't stop kids from ignoring laws? Who woulda thunk it?

USAF History of Redefinition (0, Offtopic)

DynaSoar (714234) | more than 5 years ago | (#25616375)

"I'm sure that'll work out really well for them."

Why shouldn't it? They seem to do rather well when they decide to redefine things.

After an unfortunate incident in New Mexico involving something that definitely wasn't a UFO, they produced Air Force Regulation 200-2, the rules for reporting UFOs, including as a matter of course the necessary definitions of all things UFOish. With that regulation firmly in place, they created Project Blue Book to investigate UFOs. Blue Book concluded, as they always have before and after Blue Book, that UFOs don't exist. Having defined UFOs out of existence, they maintain AFR 200-2 to keep UFOs defined away.

Should any UFOs happen to appear and be shown to actually exist, we can only conclude that the owner/operator of such a craft has either not yet heard of AFR 200-2, or is unable to read it. Defending the planet then will not require an ex-fighter pilot US president ordering a computer virus to be delivered to their mothership. Instead, all that will need to be done is establish communication and reading AFR 200-2 (and possibly the Blue Book conclusion studies) to them.

A more prosaic example is the Air Force manual regarding testing of fuels and the components therein. They define "mogas" (motor vehicle gasoline) as having too little benzene to be a health risk. The equivalent civilian fuel contains 100 to 1000 times more benzene than the level considered a health risk. This works so well that USAF orders its mogas from the same civilian suppliers that deliver to gas stations, but their redefinition protects service members working on fuel systems from benzene exposure. Unfortunately, civilian employees get hazardous duty pay for working in situations where they're exposed to benzene in mogas, because their labor union prevents the AF testing manual and its definitions from protecting them adequately.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account