Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Pentagon Confirms 2008 Computer Breach — 'Worst Ever'

timothy posted about 4 years ago | from the ok-ok-uncle-sam dept.

The Military 157

jowifi writes "The New York Times reports that the Pentagon has confirmed that, in 2008, a foreign agent instigated 'the most significant breach of US military computers ever' using a USB flash drive. While the breach was previously reported on Wired and the LA Times, this is the first official confirmation of the attack that led to the banning of USB drives on government computers."

cancel ×

157 comments

Sorry! There are no comments related to the filter you selected.

haha (-1, Flamebait)

Anonymous Coward | about 4 years ago | (#33386560)

bitches

Re:haha (-1, Offtopic)

Anonymous Coward | about 4 years ago | (#33386564)

Yea stupid americans.

Re:haha (-1, Offtopic)

Anonymous Coward | about 4 years ago | (#33386968)

You couldn't be more right. But in the interest of balance I feel the need to say, 'niggers'.

This is likely why MS has GPOs in W7 (4, Insightful)

mlts (1038732) | about 4 years ago | (#33386602)

This is likely why Windows 7 has explicit GPOs to either set USB flash drives read-only, or deny them the ability to mount whatsoever. Other programs that have this functionality are PGP Universal, and Symantec Endpoint Protection.

Now, if MS can put autoplay/autorun to rest six feet under with Clippy and Bob, that would be a good security advance.

Re:This is likely why MS has GPOs in W7 (3, Interesting)

rikkards (98006) | about 4 years ago | (#33386718)

The thing that is stupid about it is that sure block exes from being run from a USB, then the user will copy it to the machine and run it there.
BTW, GPOs from day one have had the ability to disable Autoplay and autorun.

Re:This is likely why MS has GPOs in W7 (4, Interesting)

Lehk228 (705449) | about 4 years ago | (#33386940)

there should be a way to restrict execution to only code signed by the owning organization's IT security.

Re:This is likely why MS has GPOs in W7 (0)

Anonymous Coward | about 4 years ago | (#33387074)

there should be a way to restrict execution to only code signed by the owning organization's IT security.

You mean like AppLocker?

Re:This is likely why MS has GPOs in W7 (3, Informative)

Mr 44 (180750) | about 4 years ago | (#33388218)

Like "Software Restriction Policies" [microsoft.com] in windows XP and AppLocker [microsoft.com] in Windows 7?

Re:This is likely why MS has GPOs in W7 (0)

Anonymous Coward | about 4 years ago | (#33388316)

Which wouldnt have stopped this breach as copying files would have to be in the allowed code.

Re:This is likely why MS has GPOs in W7 (0)

Anonymous Coward | about 4 years ago | (#33388514)

There is. It's called Software Restriction Policies [microsoft.com] .

Re:This is likely why MS has GPOs in W7 (4, Insightful)

Ethanol-fueled (1125189) | about 4 years ago | (#33387010)

There are ways to hide stuff like that from view on Windows. They magically show up when the USB device is plugged into a Linux box.

Related note: A similar piece of malware and the ensuing hassle is what prompted me to switch to Linux for good.

Re:This is likely why MS has GPOs in W7 (0, Troll)

aussieslovethecock (1840034) | about 4 years ago | (#33388544)

You can shove your "related note" up your ass, you little shit. No one gives two flying fucks about how much you love to suck-off Linus Torvalds and stroke his cock.

Re:This is likely why MS has GPOs in W7 (4, Insightful)

dgatwood (11270) | about 4 years ago | (#33387854)

There should never have been a way to enable autorun in the first place. The very notion of automatically executing code or installers form a piece of media without the user explicitly taking any action is antithetical to proper security.

Re:This is likely why MS has GPOs in W7 (0)

Anonymous Coward | about 4 years ago | (#33388634)

What you mean is:
  "is the antithesis of proper security."

Re:This is likely why MS has GPOs in W7 (0)

Anonymous Coward | about 4 years ago | (#33386866)

Now, if MS can put autoplay/autorun to rest six feet under with Clippy and Bob, that would be a good security advance.

...Already in W7 [technet.com] .

Re:This is likely why MS has GPOs in W7 (2, Interesting)

Anonymous Coward | about 4 years ago | (#33387900)

Doesn't help the government NMCI machines, which are still running XP.

Re:This is likely why MS has GPOs in W7 (3, Interesting)

rickb928 (945187) | about 4 years ago | (#33386932)

I have this dim recollection that we could do this with GPOs in Win XP.

And we could use ZenWorks to do it also. Much nicer editor, and volatile accounts are a blessing in school labs.

Disabling removable media isn't new, just overlooked.

Re:This is likely why MS has GPOs in W7 (1)

Darth_brooks (180756) | about 4 years ago | (#33387476)

XP has similar capabilities. We push GPO's that limit removable media to read only, so it's not a recent development.

Obligatory (0)

Flea of Pain (1577213) | about 4 years ago | (#33386610)

Worst...Computer breach...Ever.

Re:Obligatory (2, Funny)

Flea of Pain (1577213) | about 4 years ago | (#33386622)

Damn. Parsing got rid of my comic book guy html tags.

Re:Obligatory (2, Informative)

idontgno (624372) | about 4 years ago | (#33386678)

That's OK. Maybe some day Slashcode will actually render <comic book guy> and </comic book guy> tags. About the time they decide to implement more than 2% of the HTML entity set.

Re:Obligatory (1)

Monkeedude1212 (1560403) | about 4 years ago | (#33386910)

With good reason

</marquee>

Re:Obligatory (1)

xiong.chiamiov (871823) | about 4 years ago | (#33387474)

That's OK. Maybe some day Slashcode will actually render <comic book guy> and </comic book guy> tags. About the time they decide to implement more than 2% of the HTML entity set.

Of course, by that time, everyone else will have been using Markdown (or similar) for 10 years.

The right reaction? (4, Insightful)

mangu (126918) | about 4 years ago | (#33386676)

the attack that led to the banning of USB drives on government computers.

This reminds me of the joke of the man that, having learned that his wife was fucking other men in the couch in the living room, moved the couch to the garage.

USB drives have a purpose for legal uses. Wouldn't it be better to improve their systems so that USB drives couldn't be used in harmful ways?

Re:The right reaction? (2, Interesting)

Anonymous Coward | about 4 years ago | (#33386704)

I have heard that the ban has since been lifted. I inferred from this that it was a temporary measure allowing them to get a secure solution in place.

Re:The right reaction? (0, Funny)

Anonymous Coward | about 4 years ago | (#33386920)

Hahaha! Unfortunately, that joke accurately depicts what the U.S. government does. Some retard tried to light his shoes on fire, so now everyone has to take their shoes off. Some retard tried to set his underwear on fire, so now Chertoff can sell his backscatter machines. Some retard is going to try a rectal bomb, and we can all predict what our government's brilliant response to that will be.

Re:The right reaction? (0, Flamebait)

couchslug (175151) | about 4 years ago | (#33388066)

"Some retard is going to try a rectal bomb,"

Not absurd, been done, and thanks to the Internet we know concealing something the size of a hand grenade (spoon taped so it doesn't snag) is quite practical:

http://www.strategypage.com/downloads/iedsrectalcavities.pdf [strategypage.com] (possibly NWS for pics of raghead who blew himself in half)

http://www.cbsnews.com/stories/2009/09/28/eveningnews/main5347847.shtml [cbsnews.com]

Re:The right reaction? (0, Offtopic)

H3xx (662833) | about 4 years ago | (#33387006)

Problem: Guns kill people

Solution: Revoke the 2nd Amendment and ban guns!

Problem: Humans are the weakest link in computer security.

Solution: Outlaw people.

Re:The right reaction? (-1, Troll)

hedwards (940851) | about 4 years ago | (#33387346)

There's a problem with your logic, guns are used far more often in the US for nefarious purposes than you give credit for. The most likely person to be killed with a firearm is the owner. The other problem is that the 2nd amendment as written doesn't apply to anybody, as there haven't been any regulated militias in the US in quite some time, nor has there been a pressing need for it.

Re:The right reaction? (1)

0123456 (636235) | about 4 years ago | (#33387720)

The most likely person to be killed with a firearm is the owner.

Well, yes, if you want to commit suicide and happen to have a gun, that's probably what you'll use. Most of us don't regard sucide as a 'nefarious purpose', particularly as anyone who's willing to shoot themselves can find numerous other reliable methods of killing themselves even if they don't have a gun.

I believe this is also the source of the infamous 'a cop is more likely to be killed with his own gun than kill a criminal', as cops have a high suicide rate and rarely kill criminals.

Re:The right reaction? (1)

not_hylas( ) (703994) | about 4 years ago | (#33388618)

@ 0123456

"... as anyone who's willing to shoot themselves can find numerous other reliable methods of killing themselves even if they don't have a gun."

http://games.adultswim.com/five-minutes-to-kill-yourself-adventure-online-game.html [adultswim.com]

Please, everyone, feel free to explore these options and test your theories.

Re:The right reaction? (0)

Anonymous Coward | about 4 years ago | (#33387764)

Are you running some daemon that scans slashdot for any mention of "guns", "second amendment", and so on? Because it seems like every time there's a thread on it, you show up with another misguided "regulated militia" post, despite being soundly refuted on several occasions.

- T

Re:The right reaction? (1)

codepunk (167897) | about 4 years ago | (#33387896)

The Supreme Court does not side with your theory.

Re:The right reaction? (4, Informative)

Dahamma (304068) | about 4 years ago | (#33387034)

From TFA...

In an early step, the Defense Department banned the use of portable flash drives with its computers, though it later modified the ban.

Fixing the vulnerabilities takes time. It was just an emergency measure until they could investigate and come up with better policy.

Darn (1)

symbolset (646467) | about 4 years ago | (#33387848)

Now instead of an autorun that says 'do nothing' to launch my evil .exe, I have to plant a standard file format and an evil .dll on the pen.

That's like a whole extra step. It could take almost as long as typing this comment did.

Re:The right reaction? (5, Informative)

Beardo the Bearded (321478) | about 4 years ago | (#33387304)

They have.

Look, they have two completely separate computer networks. They've got a network that can access all the Classified Military Shit, and then they have the computers that can access Everything Bad in the Multiverse. (My terms, not theirs.) The two never meet. Never ever ever, and not even then.

99% of the time, you work with the Unclassified stuff. It's a PITA to work with Classified documents. You've got to go to a secure room, you can't make a copy unless you've signed off a billion times, you have to work on a special computer, you have to have a buddy / guard / watcher, and you've got to go through a debriefing after you've goofed around with it.

If your average worker / troop / contractor picked up a USB drive and put it into their EBitM network and it took over every machine in a billionth of a second and sent all the info on the EBitM network to China, Russia, and Zork the Evil, the risk to National Security would be zilch. Yeah, it would be a PITA to fix the compys, but it would be no worse than the same PITA you'd get in any large civilian network. The only difference is that it's a huge fucking PR nightmare. Think about how embarrassing it would be if Norton was taken down due to a worm. Now go up two orders of magnitude.

The computers you see the troops using are almost always personal property used for emailing back home, watching movies, playing games, and otherwise fucking around. The work computers are usually tied into the EBitM network and they use them for work. Unless you are one of The Anointed Few, you haven't even seen a computer that's handled Classified information.

Re:The right reaction? (2, Interesting)

hedwards (940851) | about 4 years ago | (#33387372)

If the two never meet, then how do you explain that data breech where they lost terabytes of information to the internet? I'm not sure why the classified DARPA stuff wouldn't be similarly secured.

Re:The right reaction? (4, Insightful)

guruevi (827432) | about 4 years ago | (#33387890)

After actually having implemented such a methods, it is noticed that nobody ever uses the classified network except for highly official stuff, when the project is done. It seems that all work in progress is just being saved on the non-classified network.

Trust me, I have implemented just about any security method in a variety of settings (medical, financial, ...). The fact remains that people can't be bothered to lock their screens when they step out because it's "too difficult" and "too complicated" let alone click the button to encrypt their e-mail or their USB sticks.

Re:The right reaction? (1)

shadowofwind (1209890) | about 4 years ago | (#33388654)

After actually having implemented such a methods, it is noticed that nobody ever uses the classified network except for highly official stuff, when the project is done. It seems that all work in progress is just being saved on the non-classified network.

I guess I shouldn't be surprised by anything, but I've never heard or seen any sign of people working with classified data on a non-classified network. Except for that Chinese guy who got charged for spying at Sandia.

Re:The right reaction? (0)

Anonymous Coward | about 4 years ago | (#33388694)

Unless you are one of The Anointed Few, you haven't even seen a computer that's handled Classified information.

Until the Air Force takes a publicity shot without checking that the area is sanitized and then throws it on their website.

Re:The right reaction? (0)

Anonymous Coward | about 4 years ago | (#33388438)

These were on MS systems. ZERO chance to EVER lock them down.

They should have ... (1)

SlashDev (627697) | about 4 years ago | (#33386686)

... watched the movie "The Recruit" when it came out.

Do they ban flash cards as well? (1)

GodfatherofSoul (174979) | about 4 years ago | (#33386692)

That seems to be a more reasonable security risk.

Re:Do they ban flash cards as well? (1)

oneiros27 (46144) | about 4 years ago | (#33387794)

Actually, I don't know that they've outright banned them, but since about that time, there's been a policy that US government owned removable storage is not to be used in non-government owned machines, and non-government owned storage is not be used in US government owned machines.

It wasn't just this incident that lead to it; there were incidents of people going to conferences and passing around USB sticks with the presentations, and then everyone coming back from their conference and putting a whole bunch of infected machines onto the network.

It's possible that the military's got even stricter rules on the matters, I don't really know, but for the agency I work for, the ban's on *all* writable removable media, to include external hard drives, cell phones that charge over USB, etc. (unless it's a government owned device).

BYOE (0)

Anonymous Coward | about 4 years ago | (#33386724)

"He also put a name — Operation Buckshot Yankee — to the Pentagon operation to counter the attack"

Who are we counter attacking? With what?

Re:BYOE (0)

Anonymous Coward | about 4 years ago | (#33387048)

Who are we counter attacking? With what?

Go back to smoking your bong; nothing for you to worry your little fuzzy head about.

Still vulnerable (1, Troll)

Bryansix (761547) | about 4 years ago | (#33386770)

Since the US Armed Forces, DoD, et al. still use Windows it would be prudent for all of them to employ BitLocker or whole drive encryption even on the unclassified computers. The reason being is that I just made a flash drive today that can still blank out the local system admin password on any windows computer in existance (unless they have BitLocker or TruCrypt).

Re:Still vulnerable (0)

Anonymous Coward | about 4 years ago | (#33387094)

Congrats, did the guy at geek squad tell you how to do that one? The rest of us did this a while ago.

Re:Still vulnerable (1)

Bryansix (761547) | about 4 years ago | (#33387272)

Congrats because we take business from Geek Squad every day. They suck for business support. We specialize in SMB clients and provide real service.

Re:Still vulnerable (4, Funny)

Beardo the Bearded (321478) | about 4 years ago | (#33387326)

It's always someone's first day. It took you years to get to the point you could even post on /.

Re:Still vulnerable (1)

Monkeedude1212 (1560403) | about 4 years ago | (#33387136)

The reason being is that I just made a flash drive today that can still blank out the local system admin password on any windows computer in existance (unless they have BitLocker or TruCrypt).

Assuming you have a way to physically access the computer.

Locking the box inside a steel cage could also keep you out, with the added benefit of being harder to physically steal. But then again, TruCrypt and Bitlocker have the added benefit of making the drive much more difficult to access in the event it does get stolen.

And the cons are of course locking in a steel cage means you don't get to use CD's or USB sticks - and of course Encrypting the drive means you can't use a flash drive to reset the admin password should there be an entire turnover of the IT staff.

There is never a perfect solution to IT, this I've learned.

Re:Still vulnerable (2, Interesting)

hedwards (940851) | about 4 years ago | (#33387416)

That was my thought, why are they allowing physical access to the USB ports without properly monitoring the devices being allowed to be used in the machines. Physical access to the keyboard and mouse is enough of a security risk as it is, but allowing people to plug in strange USB devices without first inspecting them strikes me as irresponsible. Admittedly, people do have to do their work, but I'm not sure why they weren't being required to scan the information on the drive before connecting it up to a secured computer.

There's no reason why the check point computer even needs to be connected to the net at all if you're willing to do manual updates to the security software via disk.

Where there's a USB port ... there's a way (4, Interesting)

PolygamousRanchKid (1290638) | about 4 years ago | (#33386776)

A US Army dental surgeon told me that their computers were "fixed", so they could not copy pictures of their operations to any external media. The surgeons needed anonymous pictures of operations that they had performed, for preparing for their careers after their service. Like, applying for a job somewhere.

One of them figured a way to use the USB port in the Canon printer that they had. They could toss pictures at the printer, and land them on the USB stick. Circumventing any blocks on the PCs from accessing the PCs' USB ports.

So any unprotected port is, well, a potential source of a leak.

Re:Where there's a USB port ... there's a way (0)

Anonymous Coward | about 4 years ago | (#33387050)

This is a dumb question, but I'll ask anyway. Is it safe to assume that the government locks down the BIOS to prevent booting from a live-CD distro of Linux? Once an unscrupulous individual loads their own OS, mounting their own USB devices or the computer's file system would be trivial.

Re:Where there's a USB port ... there's a way (3, Funny)

countSudoku() (1047544) | about 4 years ago | (#33387068)

That's a good work-around!

So any unprotected [USB] port is, well, a potential source of a leak.

Along with any camera, copier, cell phone, human with a memory, network accessible device, etc. Every kind of access restriction can be circumvented. *Every* kind.

I would suggest mounting all laptops in cement, then chaining the cement block down to the cube frame structure. Close off all connectivity, embed in a Faraday Cage, then keep anyone, including the approved user, from accessing it, and you're all set! Bob's your uncle! Otherwise, expect your data to escape. Because it will. :) Have a nice day!

More Self-Serving Hype (3, Insightful)

yourpusher (161612) | about 4 years ago | (#33386782)

Rob Rosenberger at VMyths notes: [vmyths.com]

et’s cut to the chase. U.S. Deputy Defense Secretary William J. Lynn III wrote an op-ed for a commercial publication in which he claims a single USB thumb drive caused the worst military data breach in history. And according to Wikipedia, that one little USB stick led to the creation of the Pentagon’s new Cyber Command.
[. . .]

I’ll bet it took so long only because it was a classified operation. This malware would have blown over in a week if DoD-CERT had issued an email saying “hey, there’s a new virus running around, please scan your PCs for agent.btz.”

{sniff} I can definitely smell a lot of groupthink here. Not to mention hype, which goes hand in hand with groupthink.

Lynn suffers from a short memory span. We know this because he thinks the Pentagon got “a wake-up call” when agent.btz slithered into classified networks. If Lynn’s brain had more RAM, he would recall the Melissa virus did EXACTLY the same thing in 1999. It infected classified U.S. networks at a depth & scope even I myself would label “impressive.”

So why this story? Well (from the same source):

You can see I’ve got a healthy dose of skepticism over Lynn’s “Buckshot Yankee” revelation. And I’m not alone: Wired filed a story with the headline “Insiders Doubt 2008 Pentagon Hack Was Foreign Spy Attack.”

Waitaminit. GCN’s breathless story includes the phrase “Lynn said Wednesday in a teleconference with reporters.” You mean to say he gabbed with the media on top of all the hype he wrote in an official capacity for a commercial publication? {sniff} I smell a book deal in the works when Lynn’s boss retires next year.

Flash Drives (1)

Reason58 (775044) | about 4 years ago | (#33386788)

I know for sure that USB drives (flash and otherwise) have been banned on DoD systems for quite a while before 2008. Perhaps other government sectors didn't have this rule in place, but more likely it was simply not being enforced.

Re:Flash Drives (1)

PhxBlue (562201) | about 4 years ago | (#33386938)

And I know for sure that you're wrong. Personal flash drives have been banned on DOD systems, but government-purchased flash drives were perfectly okay to use.

Re:Flash Drives (0)

Anonymous Coward | about 4 years ago | (#33387062)

Also, one was supposed to disable the ability to mount drives over USB on systems that did not require this functionality, even before 2008.

Re:Flash Drives (1)

Reason58 (775044) | about 4 years ago | (#33387230)

Where are you seeing that this was a DoD approved device? You may be correct that it was not technically a rule for all flash drives, but no Army, Air Force, or civilian location where I worked allowed their use at all.

Re:Flash Drives (1, Interesting)

Anonymous Coward | about 4 years ago | (#33387462)

USB drives were at one time used to transfer between air-gapped networks when CD/DVD transfers would burn through media too often. I can attest to this.

Re:Flash Drives (0)

Anonymous Coward | about 4 years ago | (#33388158)

The decision to allow flash drives was left to the individual agencies. Our agency purchased thousands of flash drives for official use before the ban. After the ban, we started buying thousands of USB hard drives because magnetic media was never banned. There so many basic security problems that banning flash drives is stepping over dollars to pick up dimes. Stupid knee-jerk reaction that has only made administration more difficult, not any of our systems more secure.

Re:Flash Drives (1)

matchhead650 (1680550) | about 4 years ago | (#33388230)

You never worked in Iraq then, because it was common usage to use personal and government flash drives on government computers during that time. Personal flash drives were not prefered, however they were still used by many indivisuals, myself included. Now they are banned by the local IT policy, as far as DOD or DA policy I don't know what the current policy is. The problem is that a flash drive that was not supposed to be on the classified network, was used on a classified machine and you know the rest.

Re:Flash Drives (0)

Anonymous Coward | about 4 years ago | (#33388426)

Government purchased USB drives are allowed on government computers where I work.

Haven't I seen this movie before? (2, Interesting)

boddhisatva (774894) | about 4 years ago | (#33386798)

Same guy that stole the plans to defend South Korea from attack by the North with a thumb drive? There are solutions guys and they're not very difficult. How about this one, which I stole from "Cryptanomicon": Anything electronic going in or out goes through security. Personnel drop such things off at the entrance and then walk through a very large, strong magmetic field. Same thing leaving. Just like the airport only if you forget to drop off your watch, it gets fried.

Re:Haven't I seen this movie before? (1)

Lehk228 (705449) | about 4 years ago | (#33386978)

my little 4 gig USB drive would become a dangerous projectile long before a magnetic field actually hurt it. my SD cards won't even do that.


unless you intend to use a powerful and oscillating electrical field, which will also kill anyone with a pacemaker or metal implant.

Re:Haven't I seen this movie before? (3, Funny)

PitaBred (632671) | about 4 years ago | (#33387222)

Didn't you read? He said magmetic field. I assume it has to do with magma, maybe burning the user alive. That sounds pretty secure to me.

Re:Haven't I seen this movie before? (1)

tsm_sf (545316) | about 4 years ago | (#33388060)

Your ideas intrigue me and I wish to subscribe to your newsletter.

Re:Haven't I seen this movie before? (1)

hedwards (940851) | about 4 years ago | (#33387468)

I was a bit surprised, but you're indeed correct about that. Not only that, but it's questionable as to whether the hard disk would be effected either. Theoretically you could amp up the magnetic field enough to destroy the SD card, from what I gather you'd also be removing the iron from the blood vessels with a magnetic field that strong.Busting the Biggest PC Myths [pcworld.com]

If the data is that sensitive you're better off with metal detectors and good old fashioned cavity searches.

Re:Haven't I seen this movie before? (0)

Anonymous Coward | about 4 years ago | (#33387202)

Personnel drop such things off at the entrance and then walk through a very large, strong magmetic field.

You do realize that flash memory is non-magnetic, don't you, and wouldn't be erased by a magnetic field? Even if you tried to use high-powered microwaves or EMP to cook such devices, it's a simple matter to shield them, and you probably wouldn't want your personnel to suffer such exposure as part of their jobs.

It's pretty much impossible to keep people from carrying miniaturized digital storage around with them. For example, I have a tiny flash drive that is just a sliver of plastic that slips into a USB port (not even a full connector, just a thin strip) and has 4 Gb on it. Works great, and I use it for backups of my critical personal files (real estate and bank documents, etc.) and hide it where nobody will ever find it. It is tiny, and I could find any number of places to carry it on my person, ways that would be undetectable without the kind of in-depth physical search that you wouldn't subject your regular employees to on a daily basis. I have a couple of micro-SD cards that are even tinier, and have adapters that let them plug into a USB port. Portable flash is here to stay, is only getting faster and more dense with time, and is a fact of life that security personnel are just going to have to deal with. Period.

Let's face it, any kind of secure facility simply needs to have its policies set to disallow such devices from even being mountable, and honestly, given the speed of networks nowadays, shouldn't permit anything important to be stored or copied to a given computer's local storage. It should not even be possible to open the case of a machine in such an environment: the Feds ought to be able to afford physically-hardened equipment that can't be easily cracked, and would disable itself if opened improperly (while simultaneously screaming for help.)

Yes, yes, sneakernet has its place, but not in a secure workplace. That goes for WAPs, cell phones, MP3 players, and bluetooth devices of any kind. The vast majority of people who sit at desks or in cubicles and work on a computer all day simply don't need camera phones, MP3 players, digital picture frames or anything else that has a computer interface and flash memory.

Not the worst ever... (4, Funny)

d474 (695126) | about 4 years ago | (#33386870)

In 1983, a high school kid named David Lightman hacked his way into DOD computer @ Norad called the W.O.P.R. which almost resulted in an all out nuclear war between the U.S.A. and Russia. I believe they made a movie about it.

So until I hear a story that tops that, keep your "worst ever" superlatives to yourself. Oh, wait...

Re:Not the worst ever... (0)

Anonymous Coward | about 4 years ago | (#33388350)

Almost resulted? Dude, you don't know the half of it. Remember Back to the Future? The McFly story as told in the movie is only a tangential anecdote whereas the actual meat of the story (which was quashed for obvious reasons) is directly related
to the W.O.P.R. time-loop incident.

Was it Windows, again? (2, Insightful)

devent (1627873) | about 4 years ago | (#33386872)

So, what system the computer were running? Why is that information never in this news reports? Are they assuming that computers just runs, without any software on it? Don't they know that computers usually have an operation system on it to be useful?

I really had it now. I clicked through the pages and agent.btz is mentioned. Nobody had mentioned that's a Windows worm Worm:W32/Agent.BTZ http://www.f-secure.com/v-descs/worm_w32_agent_btz.shtml [f-secure.com] Platform is Windows 32, of course. Why is nobody is mentioning the operation system? Why is nobody blaming Microsoft? Oh George W. Bush was briefed on it, was he briefed on it that the worm is only useful on Windows systems and that his military is vulnerable?

His article appeared intended partly to raise awareness of the threat to United States cybersecurity — “the frequency and sophistication of intrusions into U.S. military networks have increased exponentially,” he wrote — and partly to make the case for a larger Pentagon role in cyberdefense.

How about they mentioning that's it's increased on Windows and that Linux and other systems are save and sound? How about they ditched this system which proved times after times after times to be the only system that is vulnerable?

Re:Was it Windows, again? (2, Funny)

Anonymous Coward | about 4 years ago | (#33387144)

Dude, chill. Your English is breaking up.

+1 Funny (2, Funny)

PerfectionLost (1004287) | about 4 years ago | (#33387406)

Hilarious

Re:Was it Windows, again? (0)

Anonymous Coward | about 4 years ago | (#33387238)

The theory that an all Linux environment would be secure is false in the real world. All operating systems and applications are vulnerable to varying degrees. Windows is only the most heavily targeted and hence the most heavily exploited. Network defense in our vulnerability ridden world calls for highly skilled, motivated teams of network defenders to actively fight against the ever evolving attackers.

Re:Was it Windows, again? (1)

0123456 (636235) | about 4 years ago | (#33387740)

The theory that an all Linux environment would be secure is false in the real world. All operating systems and applications are vulnerable to varying degrees.

But Linux won't be owned just by putting a USB stick in the slot. Sure, there might be USB driver bugs, but that's very different to autorunning software off the stick, or loading DLLs from the stick when you browse that directory.

Re:Was it Windows, again? (1)

antifoidulus (807088) | about 4 years ago | (#33388614)

The windows security model is so incredibly incoherent and pointlessly complicated that its essentially worthless. Locking down a windows box is a laborious and error prone process, for instance in XP there are at least THREE different places where you set firewall policies and the ways they interact and overrule each other are incredibly complicated. The only reason for this pointless complexity is so that Microsoft can sell more MCSEs.

Compare this with Linux and iptables. I have essentially one text file that I have to manage*(ok for TCP connections there is also hosts.deny/allow) to configure the firewall. One, not three.

Re:Was it Windows, again? (1)

polaris20 (893532) | about 4 years ago | (#33387290)

As much as I'm not a fan of Windows, it's the target, not the OS that's the problem. OS X and Linux can be circumvented too, if the prize is worth it. Anyone who doesn't realize that is a fool.

Re:Was it Windows, again? (1)

hedwards (940851) | about 4 years ago | (#33387480)

Given that eventually somebody found an exploit in the OpenBSD base install, I'd say it's a given that with enough of an incentive you can find one in any OS, it just takes longer for some than for others.

Re:Was it Windows, again? (0)

Anonymous Coward | about 4 years ago | (#33387808)

> As much as I'm not a fan of Windows, it's the target, not the OS that's the problem. OS X and Linux can be circumvented too, if the prize is worth it. Anyone who doesn't realize that is a fool.

And any house can be invaded by a high-level enough thief. Don't leave your door unlocked just because of it...

For most, changing the prize is not feasible (e.g., the lives of your dear ones), but changing the OS is.

Using Linux and feeling 100% secure is wrong.

Not migrating from Windows to [Linux|*BSD|*nix] is worse.

Re:Was it Windows, again? (2, Insightful)

WindBourne (631190) | about 4 years ago | (#33388478)

Considering that there are more https servers with CC info on them running Linux/Unix, I would say that your logic is incorrect. The simple fact is, that ppl/crackers go after the EASY systems.

For example, why go to a house, with a burgler alarm, no windows, doors that you have to pick, that has $100 million if you can go to anther house that has basically no alarm, has open backdoors, and has only $1 million, though they MIGHT have a key to get into the OTHER Place, though you also get to the 100 million EASY? And even better yet, is finding the same easy system that has no money BUT also might contain the key to the above 100 million system.

I will take the one that is easy to get into to. So do the blackhats.

So your argument is security through obscurity (1)

Sycraft-fu (314770) | about 4 years ago | (#33388684)

Well there's multiple problems with that, as applied to the government:

1) If the idea is to go to the less used system because it is more secure, that means changing any time your system isn't so minor. In fact they'd be much better to write their own OS, with no relation to any existing one, than to use Linux. Linux does have a fair bit of use and does get owned (our research labs get their poorly secured Linux boxes owned from time to time) and of course the government is a big user so them switching would make it a much larger target.

2) You are advocating a monoculture. The government does use UNIX, just not exclusively. So if the argument is "Switch all to one system," then you've created an environment easier to break in to. With multiple kinds of OSes, there is hope that a fault in one is not a fault in all. Switch everything to Linux and that all goes away.

3) While the government doesn't like getting a worm, that isn't their real concern. Their real concern is espionage. That means facing a well motivated, financed, and focused adversary. They'll break in to Linux if that's what it takes. The SVR isn't going to say "Oh shit, they aren't running Windows, oh well just leave off it then." They'll look for Linux weaknesses, and write attacks targeting that if that's what it takes.

4) There are real needs in terms of apps and so on, not all of which Linux can meet well (if at all). Even Office would be an example of this. OpenOffice is NOT the equivalent of MS Office. If you think it is that only demonstrates you've never used an office suite for anything more than simple activities. No shame in that, many don't need to, but many do, the government being one of them.

Also if you think that sites that hold CCs don't get owned you've got your head in the sand. Online sites get owned all the time and yes, many of them run Linux. Hell a payment processor got hit last year. My bank couldn't tell me who (privacy laws) but informed me my card was being replaced because it had been processed by that company.

Sorry, but systems get hacked. Trying for obscurity isn't a good solution. I'm not saying "All Windows all the time," but "All Linux all the time," is just as stupid.

Re:Was it Windows, again? (1)

JamesP (688957) | about 4 years ago | (#33387626)

They should have gone with AIX or Solaris on PPC / Sparc

Re:Was it Windows, again? (1)

aussieslovethecock (1840034) | about 4 years ago | (#33388590)

oh my god when will you fucking linux fanboys ever shut the fuck up already? no one gives two fucking shits about your insignificant penguin empire. Windows rules the market. Get the FUCK over it, bitch.

USB drive on sensitive computers... (1)

geogob (569250) | about 4 years ago | (#33386874)

I didn't follow the original story back then, but I find somewhat surprising what I read here. USB drives allowed on a sensitive system containing sensitive informations seems like a bad idea how ever you present it. But having one universal port for everything is a problem for sensituve application. You can only block its use for data link on the software level, which will eventually be bypassed.

It will always be possible to retrieve information from the system, sometimes with considerable amount of work. But allowing USB drives just make it too easy and too likely to happen...

Re:USB drive on sensitive computers... (0)

Anonymous Coward | about 4 years ago | (#33386948)

Actually, that is not true. You can physically disable the data connections on a USB port. The problem is that keyboards and mice and CAC readers are all USB devices that need the data paths to function.

Re:USB drive on sensitive computers... (1)

dskoll (99328) | about 4 years ago | (#33387086)

On Linux, you could compile kernels without support for USB mass storage devices. But I'm not sure that would be sufficient; maybe user-level USB access could be (ab)used to manipulate flash drives. Still, it'd make things a lot harder for the average attacker than a Windoze box.

Re:USB drive on sensitive computers... (0)

Anonymous Coward | about 4 years ago | (#33387288)

Removing the USB kernel module is superior to compiling a new kernel in the DoD realm, since vendor support for the OS (though never used or useful) would be broken if a custom kernel is used.

Re:USB drive on sensitive computers... (1)

LinuxIsGarbage (1658307) | about 4 years ago | (#33388434)

On windows you can delete usbstor.sys or disable driver in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR

Re:USB drive on sensitive computers... (1)

KahabutDieDrake (1515139) | about 4 years ago | (#33387240)

Actually, it's trivial to disable USB in a windows system. I mean disable it at the system level. Further, it's not hard to disable it at the hardware level either. Some crazy glue will go a long way to making those ports useless.

That being said, there are always ways around such efforts, especially if you have physical access.

Log their identity when USB storage is detected. (0)

Anonymous Coward | about 4 years ago | (#33386988)

AFAIK, Everybody that uses a Pentagon computer uses a Common Access Card (CAC) that usually inserts in the keyboard. When you remove your CAC, you are logged out. In theory, nobody should ever be able to use a computer while logged into another user's account without their knowledge.

Although I believe all USB storage devices are banned from military computers, How difficult would it be to create a script to capture the user's ID info from the CAC and write it to a log file so offenders can be caught and prosecuted? It may not necessarily prevent a crime, but it would certainly help prosecutions after a crime is committed.

Re:Log their identity when USB storage is detected (1)

matchhead650 (1680550) | about 4 years ago | (#33388278)

I can't speak for the pentagon, but none of the computers I have used that require a CAC for log on log you out or lock the computer when the CAC is removed.

Ban Microsoft and your done (0)

Anonymous Coward | about 4 years ago | (#33386990)

nuf said

Oblig (0, Offtopic)

xenapan (1012909) | about 4 years ago | (#33387060)

Hey AT&T ima let you finish but the Pentagon had the worst data breach EVER! Worst data breach ever!

Government contractors.. (1)

Paracelcus (151056) | about 4 years ago | (#33387448)

The Gummermint in their infinite wisdom has decided that they will no longer hire Tech people as permanent employees (there are exceptions) so their has been an explosion of revolving door "new people" who have to be allowed to sit at a desk, in the building, at a console for up to six months until their security clearances come through. Can you say "social networking"?, I know you can!

Hi, Foobar, can I sit at your terminal, you know, just to check my Foobar account, is that OK? (check & mate).

Re:Government contractors.. (1)

JamesP (688957) | about 4 years ago | (#33387640)

Hi, Foobar, can I sit at your terminal, you know, just to check my Foobar account, is that OK? (check & mate).

Let me guess, it's Alice and Bob again.

Darn those two!

Re:Government contractors.. (2, Informative)

David_W (35680) | about 4 years ago | (#33387924)

Let me guess, it's Alice and Bob again.

Nah, it's Mallory.

Incredible software developments or hot air? (0, Redundant)

jordan_robot (1830144) | about 4 years ago | (#33387762)

USB ports, how boring... This is what I'm more interested in - FTFA:

Against the array of threats, Mr. Lynn said, the National Security Agency had pioneered systems — “part sensor, part sentry, part sharpshooter” — that are meant to automatically counter intrusions in real time.

Sounds almost next gen A.I. ish. If it weren't for the "pioneered" part, I'd just think he was talking about plain jane intruder detection systems.

Do we think these systems are really as advanced as insinuated? Or is it just puffing up for P.R. & intimidation? If these systems really are that awesome, how long before this tech trickles into the civilian world? Government software engineering can't be outpacing "civilian" efforts by that much, can it? --- Hey, what they hell do I know? I'm just a guy on a couch.

Re:Incredible software developments or hot air? (1)

cj_nologic (1649427) | about 4 years ago | (#33387942)

Hey, what they hell do I know? I'm just a guy on a couch.

watch it - if you sit there too long you'll die.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>