Christ. Yeah, no, if you get rid of it, and it comes back, that's definitely bad.
Oh come on quit being a worry wort. Just because they can't figure out how to secure their weapon laden robots. What is the worst that could happen?
What Tweety said. What kind of idiot would think it's benign?
Meh. It's probably just Windows.
Oh, it's definitely windows. It's somebody who plugged a flash drive that happened to have malware on it into a windows computer on the internal, secure network, and it spread to all the base computers. But, um, you should probably have somebody who knows how to fix that.
||
My friend just posted a copy of the complaint against him on FB. It reads: "Disorderly Conduct (threw glitter on Karl Rove)"
||>
definitely bad
But, aren't a hell of a lot of "viruses" basically just hacker pranks?
I mean, it's definitely bad, in that it shows our drones could theoretically be turned against us, maybe, or something like that, but that doesn't mean that this particular thing is necessarily or even especially likely to be malicious. Does it?
7: keyloggers tend not to be pranks, no. keyloggers tend to be deployed by people interested in your bank and/or email passwords. It is entirely possible that this keylogger is only interested in the bank and/or email passwords of the missile-equipped death robots, but the fact that there's a keylogger installed on all the systems at the base and they can't get rid of it is very bad indeed.
1. The keylogger can't call home.
2. Eliminating it requires reformatting the hard drive.
=>
Live with it for a while (while slowly reformatting hard drives).
1. The keylogger can't call home.
This is an awfully optimistic assumption.
5.last is also the really serious bit. I don't love the idea, as reported in the article, that the security guys at Creech are basically googling for "how to remove keylogger."
10: it's possible that reformatting the hard drive wouldn't do the trick.
Can't they just buy new drives? Government has fucktons of gun-buying money.
Back in the early 2000s, my post-doc was funded by a DARPA program which was not titled Design Principles for Autonomous Swarms of Robot Death Machines. I remember social-engineering attacks very close to this being discussed at meetings, and the network security people basically going "People are always the weakest part of the system, so the less human control, the safer".
I am not sure whether to be relieved that their advice doesn't seem to have been followed.
5, 12: low-bid contractors.
14: Maybe it's actually a super double-secret backdoor stimulus program.
My favorite part is
The virus, first detected nearly two weeks ago by the military's Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas
Really why hasn't it stopped you from flying missions. Our death robots have been infected by some unknown virus, but you know whatever.
The T-800 et seq. generation Terminators have bank and/or e-mail passwords? Actually, I can believe that.
"Ah you Sahrah Connah? What was youah first pet's name?"
15: I'm a little in love with the idea that no futuristic technology of destruction (nuclear weapons! flying robot death machines!) is so fearsome that it can't be defeated by thumb drives (which, in my imagination, invariably have pokemons screen-printed on them).
Well, my favorite part is that I keep reading Creech as Cheech and thinking that the military-industrial complex is way cooler than I thought.
[W]hich, in my imagination, invariably have pokemons screen-printed on them....
I believe the plural is just "Pokemon."
11: It's trying to call an IP address which doesn't exist on the SIPRNet.
Although by now the security guys will have set up a machine at that address to see what the keylogger says when it calls home.
23: Gotta catch and chokehold 'em all?
There is a part of me that would like to think that there is a finite probability that this is part of a cover story associated with an elaborate double criss-cross ratfucking scheme being run by a wing of a super-competent Government security apparatus. But I think that part of me never got past being 10-years old.
Well, my favorite part is that I keep reading Creech as Cheech and thinking that the military-industrial complex is way cooler than I thought.
"Hey man, how's the drone flyin'?"
"I think it's parked, man."
"Disorderly Conduct (threw glitter on Karl Rove)"
I guess there's no law on the books against fabulous conduct.
6: If he goes to jail, be sure to introduce him as "the man who did time for Rove."
I find it odd that this has been publicized. Wouldn't one expect information about the existence of a major vulnerability in an important weapons system to be, you know, classified?
29: That is part of what makes one part of me think about 25. Officially the military is saying nothing.
no futuristic technology of destruction (nuclear weapons! flying robot death machines!) is so fearsome that it can't be defeated by thumb drives (which, in my imagination, invariably have pokemons screen-printed on them).
Nah, it should be one of these.
an elaborate double criss-cross ratfucking scheme being run by a wing of a super-competent Government security apparatus.
You mean like Stuxnet?
They do have the USB-drive-as-attack-vector in common.
29, 30: Having just finished reading Top Secret America by Priest and Arkin (journalism! get it while you can!), I have the very strong impression that leaking secrets is a feature, not a bug, as far as those on the inside are concerned.
31: From the same site, there's this. Which just makes me wonder how hard it would be to find a disgruntled/financially strapped code-monkey working for Ironkey.
34: that's a riot. And you use it to transfer data between your secure military network and... what, exactly?
Another secure military network...
First comment at the story: "The big problem is that the drones keep ordering refueling boom enlargement kits, and four of them tried to fly to Nigeria to collect on a half-million gallons of jet fuel that was left there by a former Minister of Aviation."
yeah, let's just keep our death-missle deploying drones on missions even though we know they're infected with some virus we are unable to remove. what the fucking fuck? and it's a keylogger?//?!!1! I would, um, like leave, ground the drones for a while. what's the harm? I have to say the triple cross by asshole portions of the security apparat seems likely. why just tell everyone "we got haxxored." hey, I know, I'll ask someone!
re: 40
Tbh, I'm sort of shocked this is run from Windows PCs. I suppose I just assumed that under the hood was a unix box, or some sort of dedicated embedded OS. And if they were windows based, wtf would they have USB ports? Or be accessible from PCs that did have USB ports? We have better security in a fucking library.
Reading the article I see they used removable hard drives, but ffs, there are better ways to do this.
Actually, Ironkeys are used in my (non-military) part of the government complex. I'd just assumed they won the contract.
41, 42:
Classified systems used to use unix boxen. But (1) they're more expensive than PCs, (2) the users (US enlisted men/women) need specialized training to use them, whereas they already know how to use PCs, (3) there are unix commands that US enlisted men/women should not be trusted with.
While red and black networks are cryptographically isolated, there is a need to move data from the unclassified side to the classified. Some data is born unclassified but used classified -- weather data is the classical example; it comes from sensors connected to the unclassified network, is analyzed by uncleared people in unclassified facilities, but people piloting drones need it on their classified systems. So there has to be some path that data takes from unclassified systems to classified ones. And any path that data takes, malware can come along: one-way fiber, removable hard drives, thumb drives, it doesn't matter.
39:
Keyloggers are probably the least harmful malware in this situation. A virus that crashed the machine or erased files at random would do much more damage. The keylogger is just going to sit there collecting data which it can't send to anyone (paths up exist; paths down require active human participation, like that alleged of Bradley Manning). That it is a keylogger rather than something actively damaging suggests that its presence is an accident, rather than that the drone wars begun have.
44: "there are unix commands that US enlisted men/women should not be trusted with."
Any system that lets you have that much power, it's like you know these magic spells but you're not quite sure what they do.
Once while attempting to change my own password in all my code, I instead somehow managed to change the ownership of all of someone else's files so they belonged to me. Oops...
Then there's the time my boss was trying to delete his own tables on a server, and ended up deleting everyone's data. Took about a month to recover from that one.
41: they run entire Navy warships on Windows. There was a big scandal about a decade ago when a bluescreen of death left a destroyer dead in the water for a while.
I suppose I can sort of see 2 and maybe 3,* but not 1. Why are they more expensive?
re: 45
I've also done 'rm -r /foldername' at some point, and then realised I've typo'd and done 'rm -r / foldername'.
* although I'm not sure why they've be in a shell, with super user access, rather than using whatever GUI based apps are running on top.
48: You are of course correct - all that is required is that the designers know how to use UNIX, not the pilots.
I've also done 'rm -r /foldername' at some point, and then realised I've typo'd and done 'rm -r / foldername'.
Not as bad, but I've thought I was doing "rm -rf ~/folder" but actually was doing "rm -rf ~ /folder" more than once.
48,51: That's why I usually do "ls ~/folder" or whatever, and then "rm !*" as the following command (!* being the "repeat previous arguments" shorthand in the shells I use), rather than rm directly. That way, I get to see what the system thinks I'm going to delete before I delete it.
there are unix commands that US enlisted men/women should not be trusted with.
I seriously don't understand this. Why is this not true of any computer system? And isn't the answer, for any OS, to not give those users permissions to run the things you don't want them to run? "rm -rf /" isn't so dangerous if you don't have root access....
53: Even without root, you may have legitimate read/write access inside the folders in question. And at least in UNIX, the power to create is the power to destroy.
It is technically possible to destroy way too much stuff in a GUI OS as well, but you're more likely to notice that you've selected your C:/ drive in Windows before pressing delete, than you are to notice that you've added a stray space or from one level too low, when typing in a command in UNIX.
*Added a stray space or run the command from one level too low
54: But that's an argument that some people should not be trusted with command-line interfaces, and only allowed to interact with GUIs. That argument doesn't distinguish between Unix and Windows, since either one allows you to do things with a GUI or with a command line.
56: True. I've just usually seen UNIX implemented as a command line terminal interface, and Windows implemented with, well, windows. It's still possible to use a command line in Windows?
Yeah, there's a "Command Prompt" under Accessories. I don't think it's widely used.
58: I use it for getting a .txt file listing of all the files in a folder and that's about it.
58: I use a command prompt all the time under Windows, though usually through a pseudo-Unix Cygwin window rather than a raw Command Prompt. That way, I get most of the Unix utilities available under Windows.
I'm a lifelong mac user but my brother and sister, who used pcs to play extensive text based adventure games in the 90s, still use the command shit allthe time on their computer. I laugh at them, like, dude, I last did that in 1986 when I was learning basic.
I used command-lines all the time in Windows. It's still faster, and more intuitive for certain things, if that's the way you work. Ditto on the Mac, where I do a lot in a shell. Being able to do things like loop through folders carrying out operations on files is something that Windows still struggles with unless you use the command-line. It's a bit easier to do it GUI style on the Mac as you have Automator, but I still find it easier to just do it from a prompt.
16: backdoor stimulus program
Are funds allocated for the harvesting of low hanging fruit?
re: 64
Or do what Dave W. suggests and use cygwin. That way anything you do will translate over onto Macs and Unix command prompts, too. [More or less]
63: That's a secret. In fact I managed to conceal it from myself.
Tangentially: Does anyone offer really good courses in becoming an effective power user for things like UNIX, and common apps like Excel? I know how to do some basic stuff, but the people I've worked with who are real experts cann do a lot more a lot faster. I could teach myself, but I frankly don't have the time or energy to do it on top of work and school, while I could easily afford to take a vacation day to go to an intensive course. Could probably expense it too...
re: 67
I used to teach the Excel one at my university [casual work when I was a grad student] and it was pretty good. I didn't write it, I was just using someone else's material. I'd guess most decent sized colleges do something similar, so I'd expect there's a community college type venue providing them near you?
For unix, what about something like:
http://www.ee.surrey.ac.uk/Teaching/Unix/
[as a starting point. It does look a bit old]
Some people claim to type unix commands backwards, in order to preclude pressing ENTER too soon on a rm -rf or similarly dangerous operation. A nice hack, but reversing everything will take you some time.
re: 69
I don't do that, but I have done something similar to Dave's tip in 52. Piping the output of an ls or find command initially just to the screen, and then to 'exec rm'.
68: Thanks. I look forward to acquiring magic powers.
