Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Military Secrets for Sale on Stolen USB Drives

samzenpus posted more than 8 years ago | from the find-the-battleship dept.

225

nTrfAce writes "Per a BBC Article, "US forces in Afghanistan are checking reports that stolen computer hardware containing military secrets is being sold at a market beside a big US base. Shopkeepers at a market next to Bagram base, outside Kabul, have been selling memory drives stolen from the facility, the Los Angeles Times newspaper says.""

cancel ×

225 comments

First Proust (0, Troll)

Big Nothing (229456) | more than 8 years ago | (#15119536)

First Proust: Desire makes everything blossom; possession makes everything wither and fade.

Mod Proust Funny (1, Insightful)

magetoo (875982) | more than 8 years ago | (#15119710)

I wish I had literature points right now...

Re:First Proust (1)

Durzel (137902) | more than 8 years ago | (#15119920)

Modding the OP Troll is a bit harsh, Proust is a nice variation on a theme. :)

Missing Classified Hard Drives (0, Interesting)

Anonymous Coward | more than 8 years ago | (#15119545)

One would have thought that something was afoot when the PC failed to boot? And would someone explain to me how a non US citizen got into the "secret" areas to be able to pick up a "secret" disk drive. This story if true is just plain stupid - someone should hang!

Re:Missing Classified Hard Drives (3, Funny)

x2A (858210) | more than 8 years ago | (#15119549)

Windows - it's that insecure, you don't even need physical access to a machine to steal it's componants! ;-)

Re:Missing Classified Hard Drives (2, Funny)

CockMonster (886033) | more than 8 years ago | (#15119795)

Linux! It's that great you don't have to be able to spell correctly. It just knows.

Stolen? (0)

Anonymous Coward | more than 8 years ago | (#15119576)

More like 'donated', so they can purchase more at inflated prices to keep bush and his mates in power....

Re:Missing Classified Hard Drives (2, Insightful)

Anonymous Coward | more than 8 years ago | (#15119679)

You normally don't use USB drives as boot drives.

Re:Missing Classified Hard Drives (1)

Fizzl (209397) | more than 8 years ago | (#15119789)

This story if true is just plain stupid - someone should hang!

I've heard that the language is evolving, but this is is just tricidilious! ;)

Re:Missing Classified Hard Drives (1)

jrmcferren (935335) | more than 8 years ago | (#15119800)

Bin Laden Steals USB Drive with Sensitive information. Film at 23:00 hours.

Strong encryption (3, Insightful)

VincenzoRomano (881055) | more than 8 years ago | (#15119547)

I hope that those soldiers were using strong encryption for file systems.
I hope that those soldiers were not storing sensible data on those drives.
I hope that those soldiers were not storing weird photos involving prisoners ...
Real world tends to be different from hopes!

Re:Strong encryption (5, Insightful)

meringuoid (568297) | more than 8 years ago | (#15119563)

I hope that those soldiers were not storing weird photos involving prisoners ...

If soldiers have been abusing prisoners, I'd prefer them to photograph themselves doing it and then store those photographs on disks which are later stolen and leaked to the press.

Otherwise, how will we ever know what our armed representatives abroad are doing in our names?

Re:Strong encryption (1)

hobbes75 (245657) | more than 8 years ago | (#15119590)

Why is this moderated as Flamebait ? The wish to publicise improper behaviour so that it may change to the better is hardly a flamebait in my eyes.

Re:Strong encryption (3, Funny)

ObsessiveMathsFreak (773371) | more than 8 years ago | (#15119716)

Otherwise, how will we ever know what our armed representatives abroad are doing in our names?

But shouldn't soliders have the right to strip prisioners naked and photgraph their anuses, without fear of government surveillance?

Re:Strong encryption (2, Funny)

x2A (858210) | more than 8 years ago | (#15119763)

not if it's goatse guy!

Re:Strong encryption (1)

audi100quattro (869429) | more than 8 years ago | (#15119838)

There are enough Orwell's running around our government, you don't really want to be added to that list...

Re:Strong encryption (1)

Anonymous Coward | more than 8 years ago | (#15119744)

Otherwise, how will we ever know what our armed representatives abroad are doing in our names?

Easy. Instead of relying on the onesided reports from US news sources try reading foreign newspapers. They're available on the web, many in English. Much as you probably don't want to believe it most of them actually tell the truth.

Re:Strong encryption (2, Insightful)

chrismcdirty (677039) | more than 8 years ago | (#15119802)

I really doubt that most of them tell the actual truth. Like in America, their job is to sell the news. Most of the time, they put a spin on it to please their citizens, or to upset their citizens. If the citizens hate Americans, they'd likely make their news biased against America.

For example, would you have me read British news concerning America? Iranian? French? Libyan? German? How am I, the ignorant American, supposed to know which ones are truly impartial, and which ones are putting their Anti-/Pro-American spin on the news, just like the news companies here in America?

Re:Strong encryption (3, Informative)

snoozebutton (570866) | more than 8 years ago | (#15119988)

By reading as many differing sources as possible, and making your own conclusions.

Re:Strong encryption (4, Insightful)

RandoX (828285) | more than 8 years ago | (#15119808)

"The truth" is subjective.

Re:Strong encryption (0, Troll)

b3x (586838) | more than 8 years ago | (#15119776)

I couldnt agree more. Why should the US abuse prisoners behind close doors, when others are able to practice barbaric practices while bathed in the sympathy of the worlds press. The US needs to adopt a policy of hanging bodies of captives from bridges, releasing good quality videos of their beheadings, and just more interesting forms of abuse in general. It needs to be made clear that naked pyramids, barking dogs, and sleep deprivation isnt the worst that might happen to you when you attempt to kill US citizens. (but if you try to join a college fraternity you can expect those activities along with some butt-chugs and the consumption of vast quantities of alcohol or goldfish. i hear the abu ghraib hazing is all the rage)

Honestly, if they are gonna torture prisoners in my name, I wish they would be more mature about it ...

We have a military doctor over here in the UK .... (0)

Anonymous Coward | more than 8 years ago | (#15120022)

who is facing a court martial for refusing an order to return to Iraq. He has been there in action twice before, so we aren't talking about a 'lack of moral fibre'. In fact, since he would be going in a non-com position, and he knows he's going down for this refusal, I would rate his bravery as a lot higher than most of the soldiers out there.

His stated reason is that the occupation is illegal, and that the American forces behaviour out there is frequently indistinguishable from that of the Nazi occupiers of Europe.

'Otherwise, how will we ever know what our armed representatives abroad are doing in our names?'

On the flip side (1)

goldcd (587052) | more than 8 years ago | (#15120053)

with every leak of photos I now realise that not only are they abusing prisoners (in my name), but I've seemingly armed a complete bunch of retards.
At least if they kept the abuse quiet, whilst it would be equally bad, I'd know we only had abusive non-redneck-retards.

Re:Strong encryption (3, Informative)

Saven Marek (739395) | more than 8 years ago | (#15119572)

> I hope that those soldiers were using strong encryption for file systems.

Remember encryption isn't the be all and the end all. What happens when you lose your own keys?

And keys on a laptop itself, well that's all portable too. Laptop + usb key means nothing since you have to carry the encryption keys with you. Without doing that your data is useless, and carrying them with you means when the laptop is stolen, you have the key stolen with it.

Instant access to your data. If they have your key they also can unencrypt anything else of yours, so you have not just lost the USB drive but more than that. How much do you think an encryption for sale on the black market is?

Let me tell you it ain't cheap so there's profit to be made. Where there is profit there is motive. By using encryption you are adding additional motive to the thieves.

So why use the problems with encryption without the benefit? It doesn't make sense. Kapsky and Dilinger's 1999 paper addressed this issue on when widespread use of portable computing was just beginning.

Re:Strong encryption (1)

x2A (858210) | more than 8 years ago | (#15119779)

Losing your key is just like losing your data... it's not called "lost" for no reason. And what happens? You learn a lesson.

And no, encryption might not be 100%, but it's still more than 0%.

(But then I couldn't exactly be able to trust someone to look after information if they can't even look after physical objects)

Re:Strong encryption (1)

Baracat (966816) | more than 8 years ago | (#15119750)

Bah... Probably they will find on this HD's only porn...

Quickly Wiped (1)

x2A (858210) | more than 8 years ago | (#15119943)

Data could have been wiped first, to help them in their denial as to where they were stolen from (or that they were even stolen).

I'm no military fan... (4, Interesting)

Anonymous Coward | more than 8 years ago | (#15119550)

...but how do they know the 'secrets' are actually that and not some kind of decoy?

Re:I'm no military fan... (1)

slavemowgli (585321) | more than 8 years ago | (#15119624)

Short answer: they don't.

Good point (0)

Anonymous Coward | more than 8 years ago | (#15119633)

But also, who's to say that it is not some kind of psychological campaign from the Taleban themselves. Some bazaari's probably have connections with them and now the military and the media themselves are lapping the false information up. Terrorists have stolen our computers! OOGEY OOGEY BOOGEY!

Re:I'm no military fan... (5, Funny)

mrogers (85392) | more than 8 years ago | (#15119729)

Military Intelligence has released a list of the secrets that have been recovered and those that are still at large. Among the recovered secrets:

  • The B2 Stealth Bomber is just a decoy made out of balsa wood and black paper; smart bombs are actually delivered by UPS
  • Lee Harvey Oswald acted alone; the FBI and Secret Service were so embarrassed by their failure to protect the President from some wandering nutjob that they spent the next 30 years trying to create the impression there had been some kind of conspiracy
  • A 1989 Cheers episode that made reference to the Kennedy assassination was seized by the CIA minutes before it was scheduled to air; the tape went missing, and so far 11 American civilians have been killed in the effort to prevent it reaching a wider audience
  • Aging Cuban guerillas launched a successful coup in Washington DC while the nation's attention was focussed on the last episode of Sex and the City. President-for-Life Fidel Castro described it as "a good day to bury good news".

Re:I'm no military fan... (0)

Anonymous Coward | more than 8 years ago | (#15119811)

Whoever thought of this 'decoy' should get some spanking. A country where the lightswitch is a novelty, you expect somebody actually to care about usb drives? Get real. They are too busy not starving and getting high.

Why? (5, Insightful)

bl00d6789 (714958) | more than 8 years ago | (#15119558)

Let me be the first to ask: Why the hell is the military storing sensitive data on USB drives, which are prone to both theft and failure?

Re:Why? (4, Insightful)

michaelhood (667393) | more than 8 years ago | (#15119569)

Policy and practice are often quite distant from each other in reality. Especially in government; military or otherwise.

Re:Why? (4, Insightful)

1u3hr (530656) | more than 8 years ago | (#15119573)

Let me be the first to ask: Why the hell is the military storing sensitive data on USB drives, which are prone to both theft and failure?

Most likely it's just sneakernet; moving files from laptop to PC etc. After transferring the files they forget to wipe the USB stick. The army will probably try to stop this by mandating it not be done. Which will work for a while till troops rotate and a new batch come in. The only real solution is to physically disable USB ports, which would be difficult with the number of legitimate USB peripherals now. Otherwise everything needs to be transparently encrypted. The military fears losing access to critical data in battle more than possible security breaches though.

Re:Why? (5, Interesting)

arivanov (12034) | more than 8 years ago | (#15119678)

The army will probably try to stop this by mandating it not be done.

Once upon a time it could force that it is not done. This is what levels of security above C and OSes like Trusted Solaris were all about. Not about being unhackable, but about it being impossible to copy data from a higher security container to a lower. Granted, someone with high enough security clearance and rights to declare his USB drive "secure" could have gotten past that as well, but the average PHB wannabie corporate ladder climber could not do anything about it. He could not "take work home".

This is also coming back. The slashdot crowd keeps bitching about Vista DRM being Digital Wrongs Management and being mostly promoted by pigopolists. Once again wrong. Along with AD it will allow any corporation to force a mandatory encryption policy on all the data on all media in the house at the click of a mouse. Throw in this the usage of TPM chips on all Vista ready PCs and this will make any data that a corporation wants to make unrecoverable without proper access credential on a PC really unrecoverable. All of this centrally controlled. This will also result in much faster adoption of Vista in the enterprise than people can even think off, especially for mobile devices.

This also means that if Linux is to compete for the desktop it will have to have the same features regardless of Stallmans desires. This is one thing on which Linus is absolutely right. The usage of DRM by pigopolists is a current fad which is only a minor fraction of its actual use. The real use of DRM is to enforce a security policy on data across an enterprise. Having this will be essential to the success of any OS out there in 2-3 years. Also, there is no problem with DRM being opensource. Essentially DRM is nothing but a crypto application. Same as with every good crypto - having the source should not allow one to break it.

Re:Why? (2, Informative)

blowdart (31458) | more than 8 years ago | (#15119693)

Once upon a time it could force that it is not done.

Whilst not as fine grained as you are talking about you can completly disable USB drives, at least on Windows 2000, XP and Windows 2003 by tweaking file system permissions or the registry. Microsoft even detail it in a knowledge base article [microsoft.com] and it can be enforced by a domain policy if you're running AD.

Re:Why? (3, Informative)

Fred_A (10934) | more than 8 years ago | (#15119806)

You can do so in any Unix by not putting the users in the usb group and setting the permissions accordingly.

Or by not enabling the usb-storage driver.

MOD PARENT UP! (1)

fmobus (831767) | more than 8 years ago | (#15119695)

I wish I had mod points now...

Re:Why? (1)

value_added (719364) | more than 8 years ago | (#15119810)

The usage of DRM by pigopolists is a current fad which is only a minor fraction of its actual use. The real use of DRM is to enforce a security policy on data across an enterprise. Having this will be essential to the success of any OS out there in 2-3 years.

Sounds plausible, but there's a problem in your logic. Money.

How much money is there in enterprise-level security? Now compare that with the balance sheets of the music and the film industry. Seems to me that the weight and influence of the those industries far exceeds the interests or fiduciary responsibilities of security professionals.

Hardly a fad.

Why?-Enterprise Identity. (0)

Anonymous Coward | more than 8 years ago | (#15119870)

"How much money is there in enterprise-level security? "

The current "losses" of data by corporations to outside sources should tell you that it's a great deal. Just because "/." doesn't cover the subject on a nausuatingly regular basis doesn't mean it's not important.

"Now compare that with the balance sheets of the music and the film industry. Seems to me that the weight and influence of the those industries far exceeds the interests or fiduciary responsibilities of security professionals."

See my above comment and remember "out of sight, out of mind" is a poor way of arguing one's position. There are balance sheets that make the film and music sheets look like small potatoes.

Re:Why? (2, Interesting)

plankrwf (929870) | more than 8 years ago | (#15119579)

How else to spread sensitive information?
At least this way, no president needs to leak [nysun.com] anything himself

Re:Why? (0)

Anonymous Coward | more than 8 years ago | (#15119614)

Let me be the first to ask: Why the hell is the military storing sensitive data on USB drives, which are prone to both theft and failure?

That's nothing. A former Director of the CIA [wikipedia.org] had the habit of carrying classified data around unencrypted on memory cards and floppy disks. This was so he could transfer data to his home computer, which he would also use to access the Internet.

Re:Why? (1)

necromcr (836137) | more than 8 years ago | (#15119699)

Quite simple! When in danger, swallow the data!

Re:Why? (1)

mcvos (645701) | more than 8 years ago | (#15119722)

Why the hell is the military storing sensitive data on USB drives, which are prone to both theft and failure?

More importantly, why is the sensitive data not encrypted? You'd expect that people handling sensitive information receive some sort of training in how to handle that inofmration.

Alas, similar things have been happening in the Netherlands during the last couple of years: a public prosecutor throwing his PC with unencrypted info about criminal cases in the trash, a USB stick with sensitive military info left in a taxi, that sort of thing. And what I'm mainly upset about isn't even that people are sloppy with the hardware; that sort of thing can always happen (even if it shouldn't), but that they're not forced to use software that can only store their data in encrypted format.

Re:Why? (1)

Anonymous Coward | more than 8 years ago | (#15119749)

Pretty common military security procedure. The hard-drives with classified information must be stored and often accessed on a secure area. Using USB drives enables reusing the PC for other purposes, thus reducing cost.

Computers used to be expensive, so DoD and contractors try to maximize their use. Before USB, replaceable HD were being used.

Re:Why? (1)

advocate_one (662832) | more than 8 years ago | (#15119939)

Pretty common military security procedure. The hard-drives with classified information must be stored and often accessed on a secure area. Using USB drives enables reusing the PC for other purposes, thus reducing cost

No it bloody doesn't... once classified data has been processed on the PC (whether it was on a USB disk or not) that PC is classed as classified itself. That's because temporary files get stored on the local hard disk... that's why machines used to process secret data have to have their hard disks in removeable caddies so that the hard disks can be secured when the PC is not in use... it's a bit impractical to secure the PC's themselves in secure cabinets, but you can at least lock the hard disks away...

Also, any USB stick/drive that is connected to the PC at the time that secret data is being processed must also be treated a classified afterwards. If you print off any classified data to a printer, that printer could be classed as classified afterwards as well... An awfull lot of real printers (not crappy winprinters) use hard disks to store the temporary data while printing the pages. My HP PSC1310 actually is running some form of Linux on an internal hard disk... I found this out cos when installing Debian the other day, I had the printer connected and switched on and the debian installer saw the ext2 partitioned disc via USB and gave me the option to install Debian to it...

Re:Why? (0)

Anonymous Coward | more than 8 years ago | (#15119769)

which are prone to both theft and failure?

well two things....

1 if they had 1/8th of a brain everything on the USB drive would be encrypted. But wait this is the United States military here, the footsoldiers on the ground are not our best and brightest.

2 - I have several USB thumb drives that have well over 10,000 read/write cycles on them have been through washing machines multiple times and still work fine. I have NEVER had a usb thumb drive fail... a usb external drive that uses the low grade laptop harddrives are another matter, those fail all the time due to the really low quality of laptop hard drives.

Finally, if the military had competent IT and leadership the entire infrastructure would be designed from the ground up for security. 2 part security (code + physical key) on EVERYTHING without excuse. If you want to access a CDROM you need your physical key and the correct passphrase for that CD's contents.

Unfortunately from a friend of mine who just came back.... the military IT infrastructure is very much like AOL... bad security, bad practices, bad technical skills, bad all around.

Many GI's have german sattelite internet access to bypass the crap quality IT infastructure as well as enjoying the great german Sattelite TV do disguise the fact they have illigitmate Internet access.. Yes the Base security is that freaking bad. Spies can be in the middle of it all and easily broadcast their findings back home... luckily we are not fighting a skilled enemy just a bunch of whack-jobs that only know crude killing and blowing themselves up.

Re:Why? (1)

FiveDollarYoBet (956765) | more than 8 years ago | (#15119865)

Why the hell is the military storing sensitive data on USB drives, which are prone to both theft and failure?

How about....
Why are local nationals allowed on base?
Why are they not being searched thoroughly enough when they leave?

Re:Why? (2)

Martin Foster (4949) | more than 8 years ago | (#15119915)

I had the opportunity to visit a Canadian Government IT tradeshow given in Ottawa. One of the firms marketing their devices specialized in USB/Portal drives which had finger print scanners built-in. According to the salesman these things were selling like hotcakes, especially in the US military.

As mentioned before, they tend to be used for things like sneaker nets, where bandwidth requirements of the data inside (G2/Int) would simply bog down the communications network. This is especially critical your using VHF/HF radios to pass on your voice/data communications.

They are also used to carry around orders as a lot of briefing rooms now have projectors and computers even in the field. Simply put, the same uses you and I have for such devices the military will find useful as well.

That being said, the norm for such devices with any critical information is to have them stored in appropriate storage containers based on classification. For example, a CONFIDENTIAL document needs only to be stored steel container with a specific vault, while a COSMIC TOP SECRET document would need a vault. Interestingly enough the classicisation remains on such devices even after the file has been removed.

Re:Why? (1)

Antique Geekmeister (740220) | more than 8 years ago | (#15120049)

Why write on paper rather than on stone blocks? Because it's cheaper and portable! Seriously, some actual use of USB drives shows how handy they are for storing data in a place where electricity is unreliable and laptops are prone to failure with a repair time of weeks or months. How to protect them from theft is a real problem, of course.

But a $10 USB drive can hold a soldier's email from home, some music to share with their friends, their transfer orders, a map of the local area's targets for the next day, and the combination for the food locker. Like paper and pencil, they're just too useful to deny to the troops: the key is to make sure they're used properly.

Junis did it. (0)

Anonymous Coward | more than 8 years ago | (#15119575)

I guess retro computing has its limits after all.

why/when. (5, Insightful)

rew (6140) | more than 8 years ago | (#15119586)

Why and when are rules ignored?

Here in the Netherlands, there has been a series of cases where sensitive information has leaked through stolen/lost hardware, and every time some official was breaking the rules.

The rules were unworkable: DO NOT TAKE YOUR WORK HOME.

So, no reading of a report on the train, no after-dinner report writing. Nothing. Ambitious people break the rules to perform better. So they take stuff home anyway. As long as the hardware doesn't get stolen, nothing is noticed. Big publicity when sensitive information makes it to the press.

But if they were to start policing the policy, a lot of the ambitious people would eventually give in to the rules, and simply watch tv after dinner, and read the newspaper on the train. Results? Productivity drop.

Re:why/when. (0)

Anonymous Coward | more than 8 years ago | (#15119597)

Clearly, they need to retrofit their paradigms by thinking outside the box.

Re:why/when. (1)

Hal_Porter (817932) | more than 8 years ago | (#15119948)

No, retrofitting paradigms and thinking outside the box are old fashioned. This isn't the 1980's anymore.

They need a Revolution in Paradigms. My company would be happy to organise training for say $10K per person hour. We have courses on Medieval Counterinsurgency Techniques, and Depopulation By Firepower(tm) too.

Re:why/when. (3, Interesting)

plankrwf (929870) | more than 8 years ago | (#15119603)

This is a known problem indeed. (Someone modd parent up, I haven't gotten modpoints right now).
I remember a case at a client in which we had to mail a very sensitive, very important document very quickly.
Turned out we couldn't mail it using the clients own mailsystem, as... it didn't allow Word-attachments (or Zip or ...) to be sent along...
In the end we ended up taking the document on a floppy (yes, this was some years ago), to a 'learning centre' computer which was attached to the internet, and we ended up mailing it with... hotmail...
Roel

Re:why/when. (2, Interesting)

cocotoni (594328) | more than 8 years ago | (#15119829)

I don't want to sound like I come from that Monty Python sketch, but that is nothing.

Long time ago we had to transfer some sensitive data between two military bases. The data was saved to a floppy (8" floppy at that), put in sealed envelope, in the locked suitcase chained to the carriers wrist, into APC, to the airport, helicopter, APC, and straight to us. The whole nine yards.

And then we found that the caporal on the other end found it bizzare that there was something shuffling in the envelope, and to secure it better he put a couple of staples through the envelope. And through the disk.

Since the data was both sensitive and urgent (no time for the whole nine yards again), we ended by transferring it using modem over unsecured phone carrier.

Re:why/when. (2, Funny)

Ohreally_factor (593551) | more than 8 years ago | (#15119857)

And then we found that the corporal on the other end found it bizzare that there was something shuffling in the envelope, and to secure it better he put a couple of staples through the envelope. And through the disk.

Security thru immobilization!

Similar issues in the UK (2, Funny)

Firefalcon (7323) | more than 8 years ago | (#15119659)

Similarly we've had several reports in the press about MI5/6 agents/staff leaving their laptops in Taxi's - whenever data is portable it is at risk of loss or theft...

Re:why/when. (5, Insightful)

Darren.Moffat (24713) | more than 8 years ago | (#15119664)

"Results? Productivity drop."

I personally disagree, in my experience you actually in the longer term get a productivity increase. Why ? because the people are more relaxed and more refreshed with a balanced lifestyle that isn't all "work work work". People who constantly take work home are marters to the job or just really bad at planning.

Re:why/when. (-1, Flamebait)

Pieroxy (222434) | more than 8 years ago | (#15119738)

Hi,

The world you live in seems quite nice.

Let us know when you're back into our real one.

Re:why/when. (0)

Anonymous Coward | more than 8 years ago | (#15119866)

The world you live in seems quite nice.

It is also called EU.

Let us know when you're back into our real one.

No thanks.

Re:why/when. (0)

Anonymous Coward | more than 8 years ago | (#15119889)

Finally, a good justification for reading /. I'm not working, so that I can create balance in my life and thereby increase my productivity. It's brilliant!!

Re:why/when. (2, Funny)

forgotten_my_nick (802929) | more than 8 years ago | (#15119666)

Reminds me of a friend of mine who had to support an application for the the Israeli military. Over the phone they finally realised that he needed to be at the machine to fix it. Took months getting approval.

When he finally got approved he was allowed enter as far some guard post, at which point another guy came out and talked to him through a fence. He never once saw the machine.

Re:why/when. (1)

Vo0k (760020) | more than 8 years ago | (#15119707)

Well, what will cause more serious drop to the productivity of the government, no afterhours for the ambitious or a gas bomb killing off 98% of the government members when the security information is leaked and the bomb hidden in the parliament building, thanks to some ambitious security officer's laptop stolen?

I bet this all could be avoided by enforcing proper use of strong encryption. Ok, the hardware got stolen but the thief won't break the cipher. No biggie. Otherwise, it could be easily considered treason and collaboration with the enemy. "I lost these documents" or "someone stole them from me" would be the first excuse for someone who sold them.

Re:why/when. (1)

x2A (858210) | more than 8 years ago | (#15119906)

"or a gas bomb killing off 98% of the government members when the security information is leaked and the bomb hidden in the parliament building"

OR the combined melodrama of a cowering public that believes that 98% of government members are going to be within fatal range of a gas bomb at one time, a scenario that would obviously go undetected if it weren't for data being stolen...

No don't tell me, I wanna guess

Re:why/when. (2, Funny)

Fred_A (10934) | more than 8 years ago | (#15119818)

Why is everybody whining when this is obviously a great win for western values? The afghans have gotten from raising sheep to stealing and sellinf government property in only a few years ! They are now obviously a fully fledged western capitalistic society.

Good. (1)

electrosoccertux (874415) | more than 8 years ago | (#15119819)

Good. Then the people wishing to have a life and a family can still be competetive. Requiring them to match the level of work of the more "productive" workers (the ones spending more of their life on work) isn't fair to the ones who can't. I simply don't care if the guys want to spend more life working; they're not only endangering other people by toting their information everywhere, they're making it harder for people unable to work so much to stay attractive to their employer.

Tell you what, I'm your banker. How about I take your debit information with me everywhere I go? Don't worry, I'm doing it so that I can make sure your account is balanced and accurate. I won't lose it, and my friend won't get to see it, even though its on my unencrypted USB key that might fall off my keychain like my last one did.

The issue here isn't productivity; that's work done per amount time. What you were speaking of was simply an increase in time spent working. I don't care if Joe Government gets payed more money because he's working long hours, he's endangering my information. Am I get compensated any for this? He's not cutting me an some of the surplus on his paycheck. Were he doing so, I wouldn't be so inclined to say "tough."

Microsoft USB drives... (1, Funny)

Anonymous Coward | more than 8 years ago | (#15119595)

I was wondering why my free Microsoft USB drive hasn't arrived yet. It's so obvious it's fulfilling it's patriotic duty as an information decoy. With that move, I don't think MS will be harrased by regulations n' stuff.

Yet another chill pill moment (3, Interesting)

Xiph (723935) | more than 8 years ago | (#15119608)

The stuff that's stolen is probably not aimed getting highly sensitive data, but at getting a bit of cash from selling the hardware:
"He reportedly said he was selling the items for their value as hardware alone."
that lack of organization also suggest the problem isn't huge, a claim also supported by
"Coalition officials regularly survey bazaars across Afghanistan for the presence of contraband materials, but thus far have not uncovered sensitive or classified items"

So it's not large scale, hyperterrorsquads selling supersensitive secret soldier material to themselves. but rather small bits of pieces, that together will probably seem as just that. small bits of pieces. It is however always unfortunate that personal and classified information is handled carelessly, but if we can't even handle this properly at home, why should it be any better in Afghanistan.
I'll give the answer right here: First, get better at handling information security at home, before you start using the technology abroad.
Don't give sensitive material to people who haven't been screened on how they handled it (I thought this was already a goal the tried to achieve)

Yet another status moment (0)

Anonymous Coward | more than 8 years ago | (#15119723)

I'm surprised that Afghanistan has the infrasructure to support stolen computer hardware. So much for third-world status.

Re:Yet another chill pill moment (0)

Anonymous Coward | more than 8 years ago | (#15119797)

Quote:

that lack of organization also suggest the problem isn't huge, a claim also supported by

        "Coalition officials regularly survey bazaars across Afghanistan for the presence of contraband materials, but thus far have not uncovered sensitive or classified items"


Wow, I am really surprised that when the vendor sees a group of white people coming towards his stall he hides the usb drives... Shit what's next? Terrorists carrying concealed weapons?

Well for god's sake... (0)

Anonymous Coward | more than 8 years ago | (#15119620)

...just buy the stuff back.

More details in the original LA Times article (5, Informative)

rchatterjee (211000) | more than 8 years ago | (#15119622)

The BBC article is based on a LA Times article which contains more details like the fact that on the thumb drives they found a list of soldier's SSNs which which they were able to track down the soldier's home addresses.

Original LA Times article [latimes.com]

SSNs (2, Insightful)

Anonymous Coward | more than 8 years ago | (#15119641)

SSN should stand for Supposedly Secret Number.

Everybody knows your SSN. Every employer you've had, every school you've been to, everybody you've applied for credit from, every company that's provided a service like long distance to you. Also, every firm any of those organizations have contracted out their data handling to.

Fewer people know what shoe size you wear.

Re:SSNs (1)

Animaether (411575) | more than 8 years ago | (#15119954)

Indeed.. which used to make me wonder why people are supposedly so protective of their social security number. But from reading plenty of Slashdot (not sure that's healthy, I know) it seems as though having a SSN is like having the master key to all information you could ever possibly want on a person, without further authentication required.

So it seems to me that people knowing your SSN isn't bad per se, it's the fact that with -just- the SSN, they can do things they really shouldn't be able to.

It's like credit card vs debit card, in a way...
If you have all the info on a credit card, you can happily shop away online, book tickets over the phone, etc. This is what SSN is seems to be.
If you have somebody's debit card PIN number... well lucky you, but you'll still also need the card itself (or a copy, but that's another discussion). This is what SSN should be (not a card, per se.. but certainly further authentication requirements).

That is a much better article (0)

Anonymous Coward | more than 8 years ago | (#15119674)

Good lord, the BBC article is a piece of watered down crap compared to that one. Good find. I wish the /. submitters would look into other sources before just submitting anything. Makes you think they did it just for the flame war...

Re:More details in the original LA Times article (1)

Voltageaav (798022) | more than 8 years ago | (#15119740)

Re:More details in the original LA Times article (1)

Ohreally_factor (593551) | more than 8 years ago | (#15119955)

A computer drive sold openly Wednesday at a bazaar outside the U.S. air base here holds what appears to be a trove of potentially sensitive American intelligence data, including the names, photographs and telephone numbers of Afghan spies informing on the Taliban and Al Qaeda.


It's a good thing those foreigners can't read English. Looks like we dodged a bullet on this one.

Great... just what our soldiers need! (2, Funny)

tomcres (925786) | more than 8 years ago | (#15119767)

Poor guys... Now their addresses are in the hands of the entrepreneurs in Kabul... they're going to be getting tons of junk mail for "Habib's Roof and Tile" and "Afghan National Platinum MasterCard"... :(

Amusing comment in _Slate_ (2, Insightful)

Black Parrot (19622) | more than 8 years ago | (#15119627)

Re:Amusing comment in _Slate_ (2, Insightful)

NeoSkandranon (515696) | more than 8 years ago | (#15120063)

But how far does $15 go in Kabul?

Far enough to make it worth the informant's while I'd guess.

What's new? (1)

Scott Swezey (678347) | more than 8 years ago | (#15119644)

Forgive my little bit of flaming here... but what's new? Just yesterday we had an article saying that all kinds of information about air force one, from layout's (and secret service agent locations in the plane) to information on the counter measure systems it has. And that was on a government website.

Our government has a long way to go to fix it its own security issues before it can even start worry about outsiders compromising its security (I know there was another article recently about it scoring D's and F's in various departments...)

Re:What's new? (0)

Anonymous Coward | more than 8 years ago | (#15119781)

> Forgive my little bit of flaming here... but what's new?
Well, firstly, what youre mentioning was on a web-site. This is on USB.
To top that off, the web-site wasnt selling. The stand was.
USB is spelled as follows: USB
Web-site s spelled differently as here: Web-site.

Dont take my word for it :)

Re:What's new? (1)

Bromskloss (750445) | more than 8 years ago | (#15119945)

Just yesterday we had an article saying that all kinds of information about air force one, from layout's (and secret service agent locations in the plane) to information on the counter measure systems it has. And that was on a government website.
Do you have a pointer to where it was? (Or where it can be found now.) The closest I have gotten is to the Guardian website.

The hardware was STOLEN (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15119645)

The report states the hardware was "stolen" and I'm sure many Afgans don't read English otherwise they would do more with what they've stolen.

Certain government organisations have really bad networks and capacities to move documents from one person's PC/laptop to another which is why people inside use USB keys.

Also when you are at certain level you are allowed to take your work home or work from home, and some of the laptops given out to such employees leave a lot to be desired in performance which is why people email documents to themselves or copy files to USB keys.

A blind eye is turned to all this unless of course something gets lost and leaked to the papers.

sad thing is... (1)

whathappenedtomonday (581634) | more than 8 years ago | (#15119703)

noone will ever be held responsible, so nothing will change. it will happen again and again and again, with all sorts of data. see here, more "leaked infos": Security lapse reveals secrets of Air Force One [guardian.co.uk]

They just can't keep it tight (1)

Neuropol (665537) | more than 8 years ago | (#15119704)

I just also heard on NPR the other morning that Boeing is under fire for selling jets that contain the same military guidance chip found in one of our STA missiles.

Good Points Above (3, Funny)

jbenwell (318892) | more than 8 years ago | (#15119713)

Good points above, but there are a couple of things that I would like to know:

1. How big are the drives? I find that my 256MB one fills up all the time. If these are 512MB or more, I may want one.

2. How much? I can get a (new) 1GB drive at Costo for $60 (Canadian), so I'd hope these (used) ones are going for less then that.

Re:Good Points Above (1)

Martin Foster (4949) | more than 8 years ago | (#15119947)

If its anything like the ones they were trying to sell here. You'd have your average thumb drive of small sizes to hardened portable hard drives which can carry well over 20Gb of space. In either case these had built in finger print scanner.

What really tickles me in this scenario... (1)

Cold-NiTe (968026) | more than 8 years ago | (#15119733)

...is that the market where these things are being sold at is right beside the base.

What that tells me is that these things aren't being sold with the thought that they may hold valuable information and that the insurgents will pay a high price for them. It's that they're just another product and the Afghans who happen upon them are selling them as such. I guess small miracles save lives.

Soviet Russia (1, Funny)

icklepenguin (968031) | more than 8 years ago | (#15119736)

In Soviet Russia, military secrets sell you!

A corrupt black market economy? (2, Funny)

Rogerborg (306625) | more than 8 years ago | (#15119748)

Mission accomplished!

asking for it (2, Funny)

Errtu76 (776778) | more than 8 years ago | (#15119772)

Hm. Invading a country. Letting the invaded people work for you at your base with your stuff. And now there's stuff missing you say? Really? Who would've thought ....

They aren't just 'stolen'. (1)

drspliff (652992) | more than 8 years ago | (#15119774)

In situations like this you have to remember that things are rarely stolen, they rarely dissapear, and rarely get disposed of properly.

So there's G.I. John out in Iraq on almost basic army salary, and poor Mohammed running his market stall and a thriving economy for small items (I've even heard of trucks just 'going missing', then ending up miles away carting opium/hashish/people around the country).

G.I. John can't sell this stuff directly because he'd get his ass kicked by sarge, but once it gets passed onto the iraqi retailers there's almost no tracing it.

At the end of the day, there are always going to be a few corrupt people selling army goods, but for fucks sakes atleast wipe the drives before selling them (so you atleast try and avoid jail time).

Re:They aren't just 'stolen'. (0)

Anonymous Coward | more than 8 years ago | (#15119824)

"I've even heard of trucks just 'going missing', then ending up miles away carting opium/hashish/people around the country"

Man, that's nothing, I used to sell ecstasy from a captured apache chopper...

I bought one of these (1)

sl4shd0rk (755837) | more than 8 years ago | (#15119775)

This is all I could get off it though.

---
Date: Tue, 12 2003 21:54:35
From: DiamondDonny
To: George
Subject: too easy?

dude - go to google. Type in : weapons of mass destruction.
Dont hit search tho press the I'm feeling lucky button.

Date: Tue, 12 2003 22:03:15
From: George
To: DiamondDonny
Subject: RE: too easy?

> dude - go to google. Type in : weapons of mass destruction.
> Dont hit search tho press the I'm feeling lucky button.

wtf? Why didn't we think of using google for this before?

Or could this be deliberate misinformation (1)

tjstork (137384) | more than 8 years ago | (#15119828)

For example, if you kept leaking keys and established their credibility, you could start making up keys about high value targets coming to Afghanistan in order to draw out insurgents. For example, you could leak a key saying Rumsfeld will be at Bagram in July, will do a one day road tour, along this road, and let the insurgents come out in numbers and pay them back with cluster munitions.

We just assume they are secrects (2, Insightful)

Thecarpe (697076) | more than 8 years ago | (#15119967)

We just assume the information is some military secret. There is a distict possibility that the information on those drives is nothing more than family pictures or some other relatively mundane piece of information. I have friends in the FBI who have thumb drives and I just assume that the information on them is classified, but in truth, I know that it is probably a collection of pictures of them at the local bar or on vacation that they are toting to the local photo lab for processing. Nothing like a good reason to freak out though, right?!

We'll find out on CNN sometime that the drives contained Osama's location, Sadam's smoking gun, Slobadan Milosevich's memoirs, and Jimmy Hoffa's remains...oh, and the location of Salmon Rushdie's appartment that he shares with Elvis, the Loch Ness Monster and Bigfoot.

Why is the 'enemy' allowed to roam our bases? (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#15120008)

I have a more basic question about base security. Why is a potential enemy (or more likely, petty criminal) allowed to roam (i.e. subcontracted to) an overseas US military base, supposedly to collect trash, and hence have the physical opportunity to steal these drives and risk the lives of US personel and its allies?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...