"the military has known about the vulnerability for more than a decade, but assumed adversaries would not be able to exploit it"
yep: "assumed adversaries would not be able to exploit it"
that's the golden nugget buried within an ap story about pentagon acknowledgments that our our nifty-difty high-tech weaponry in afghanistan and iraq isn't quite as far ahead of its targets than arrogance and complacency would have it.
i've always been extremely uncomfortable with the cowboy attitude that initiated and seems to pervade our escapades in iraq and afghanistan. we have the finest fighting force the world has ever seen, doing yeoman's work against some of the foulest and most evil characters this world has ever known, and, yet, in charge of the whole CF is a bunch of yahoos that don't seem to know the first thing about what they're trying to do, or why they're trying to do it.
not underestimating an enemy is sun tzu 101. taking out its means of support and supply are, too. (e.g. don't declare war in the first place if the act of declaring war gives your enemies the backing with which to fight back, as has been commented recently in the right side of lowell blog). folks have been writing and demonstrating the importance of this stuff in conflicts since recorded history, and, i'm sure they were talking about it long before that.
"pentagon spokesman bryan whitman said the military continually evaluates the technologies it uses and quickly corrects any vulnerabilities found." yet, just above, earlier in the story, "one defense official noted that upgrading the encryption in the drones is a lengthy process because there are at least 600 unmanned vehicles along with thousands of ground stations to address". gee, 10 years, and a "lengthy process"... seems somebody should have been able to put those two and two together before now, eh?
IED's are the perfect strategy--they cost those who use them very, very little, and then cost anyone who is beset by them billions upon billions to try to defend against them. methinks we ought to find some military strategists who understand that kind of math, and can figure out ahead of time that a few laptops and off-the-shelf communications software packages can possibly mitigate the effectiveness of our big-ticket explosive preferences, like predator drones and smart bombs.
*sigh*
edited to add: today's headline from seoul is that somebody hacked in an got ahold of joint us/south korea defense plans which were apparently left where some anonymous bad guys (quite probably north korea) could get at them. (the story has it that a south korean military officer connected his military computer to the internet without dismounting an unprotected usb drive, but who ever knows the truth about such things).
anybody who doesn't believe his enemy is at least as smart as he/she is will always learn the truth sooner or later.
that's the golden nugget buried within an ap story about pentagon acknowledgments that our our nifty-difty high-tech weaponry in afghanistan and iraq isn't quite as far ahead of its targets than arrogance and complacency would have it.
i've always been extremely uncomfortable with the cowboy attitude that initiated and seems to pervade our escapades in iraq and afghanistan. we have the finest fighting force the world has ever seen, doing yeoman's work against some of the foulest and most evil characters this world has ever known, and, yet, in charge of the whole CF is a bunch of yahoos that don't seem to know the first thing about what they're trying to do, or why they're trying to do it.
not underestimating an enemy is sun tzu 101. taking out its means of support and supply are, too. (e.g. don't declare war in the first place if the act of declaring war gives your enemies the backing with which to fight back, as has been commented recently in the right side of lowell blog). folks have been writing and demonstrating the importance of this stuff in conflicts since recorded history, and, i'm sure they were talking about it long before that.
"pentagon spokesman bryan whitman said the military continually evaluates the technologies it uses and quickly corrects any vulnerabilities found." yet, just above, earlier in the story, "one defense official noted that upgrading the encryption in the drones is a lengthy process because there are at least 600 unmanned vehicles along with thousands of ground stations to address". gee, 10 years, and a "lengthy process"... seems somebody should have been able to put those two and two together before now, eh?
IED's are the perfect strategy--they cost those who use them very, very little, and then cost anyone who is beset by them billions upon billions to try to defend against them. methinks we ought to find some military strategists who understand that kind of math, and can figure out ahead of time that a few laptops and off-the-shelf communications software packages can possibly mitigate the effectiveness of our big-ticket explosive preferences, like predator drones and smart bombs.
*sigh*
edited to add: today's headline from seoul is that somebody hacked in an got ahold of joint us/south korea defense plans which were apparently left where some anonymous bad guys (quite probably north korea) could get at them. (the story has it that a south korean military officer connected his military computer to the internet without dismounting an unprotected usb drive, but who ever knows the truth about such things).
anybody who doesn't believe his enemy is at least as smart as he/she is will always learn the truth sooner or later.
posted by kad barma at 5:32 PM
2 Comments:
Here is a comment from the Chairman of the Joint Chiefs of Staff: "All of that hacking and getting into military systems of great and continuing concern. That particular issue has been fixed, and there was no damage to any particular systems—can't go into any more detail than that."
Wired would probably dispute that.
Here is a comment by someone on the ground. It is a little flip, but I think it provides some reality on the question of if this opening can be exploited.
QUOTE
I would add that without an MGRS [Military Grid Reference System] map reference, and sometimes with one, it is difficult to determine what exactly is being observed in the UAV feed. I wager I've spent as much time watching UAV feeds as anyone. The soda straw analogy is apt.
Given that 95% of Iraqis I worked with couldn't locate their village on an overhead map, I'm not too worried. I doubt the highly educated and literate Afghans are doing better. Besides, they already know when tactical UAV's are overhead, the sound is like a lawnmower in the distance. Take away the local video transmission and you take away the ground soldier's ability to use it.
Reminds me of the OIF 1 debate over use of commercial motorola radios by soldiers because the Army didn't provide comms at the time to dismounted patrols. Many were concerned the enemy would intercept and exploit. While possible, little actionalble intel was discussed, and if the unit practiced "old school" comsec guidelines risk could be mitigated. In my opinion at the time, the confusion resulting from having dismounted elements without comms moving in urban battlespace out of direct sight from each other outweighed the potential dangers of possible radio intercepts.
UNQUOTE
I guess I am with the idea that getting the information out there is more important than encrypting it. The ability of the other side to exploit this information may be limited.
The soda straw analogy is great. Try looking at things through your soda straw the next time you are out. It takes a lot of important context out of the picture. As I learned flying airplanes, if you know where you are you can navigate to the next point. If you don't know where you are, it all looks strange. The upshot is you are lost.
I remember one day flying a training mission using imagery from an overhead system. Well, it turns out they showed up with the photo after we launched, but when we got back I was looking at the photo and noticed they had the "North" arrow pointing "South". If I hadn't already been to the target that would not have been obvious and the photo might have been a bit confusing as I rolled out of my pop-up from ground level to dive onto the target and simulate delivering my ordnance.
There is also the problem of sharing information. I think that we should be sharing as much data as we can with those we work with. That said, do we wish to spend bandwidth with encryption? And, do we wish to share our encryption processes with everyone? Brits and Canadians—no problem. French might raise an eyebrow. Pakistanis and Afghanis might be a direct feed—in some cases—to the Taliban.
All that said, in the long run, and there is always a long run, someone, somewhere, is thinking about how to exploit this capability at some time and place that is inconvenient to us. Thus, we should be looking to the future and seeing what we can do to encrypt if and when we need to.
Regards — Cliff
It's exactly the implications of that sarcastic and profoundly arrogant "highly literate" comment that concerns me most of all.
My ex father-in-law was a builder, and he once told me a story about a board of health inspector whose children, by the way, I'm sure, now work at the Pentagon. The two of them were out on a site confirming setbacks for a septic installation, and, being oh-so-smart, the oh-so-smart health inspector insisted on holding what my father-in-law jokingly referred to as the "smart" end of the tape measure. (So as to be able to read the numbers himself and not have to rely on the lying, cheating builder who was obviously trying to pull a fast one). So my ex father-in-law just bunches up the first few feet of the tape measure in his fist when applying his "ignorant" end of the measure to one end of the measurement.
Funniest part to me is that the guy on the other end of the measure never stopped to wonder how his opponent was going to respond once he got ahold of the "smart" end. It's like that with our high tech gadgets. Now that we have them, our first arrogant assumption is that our opponents won't be able to figure out what to do with it. "Oh, it's like looking through a straw". Yep, right up until they figure out fish-eye lenses or some other work-around. (And, I have to tell you, I've met some brilliant people who haven't been able to read, and I'm sure there are a lot of "illiterate" Afghans who are at least as smart as we arrogant Americans, even if they've never been to school.
It's remarkable how motivating life-and-death can be to bring out the smarts in people.
Post a Comment
Links to this post:
Create a Link
<< Home