Re: Begun this drone war has.

1

Christ. Yeah, no, if you get rid of it, and it comes back, that's definitely bad.


Posted by: Sifu Tweety | Link to this comment | 10- 7-11 4:09 PM
horizontal rule
2

Oh come on quit being a worry wort. Just because they can't figure out how to secure their weapon laden robots. What is the worst that could happen?


Posted by: CJB | Link to this comment | 10- 7-11 4:18 PM
horizontal rule
3

What Tweety said. What kind of idiot would think it's benign?


Posted by: gswift | Link to this comment | 10- 7-11 4:18 PM
horizontal rule
4

Meh. It's probably just Windows.


Posted by: Turgid Jacobian | Link to this comment | 10- 7-11 4:20 PM
horizontal rule
5

Oh, it's definitely windows. It's somebody who plugged a flash drive that happened to have malware on it into a windows computer on the internal, secure network, and it spread to all the base computers. But, um, you should probably have somebody who knows how to fix that.


Posted by: Sifu Tweety | Link to this comment | 10- 7-11 4:24 PM
horizontal rule
6

||
My friend just posted a copy of the complaint against him on FB. It reads: "Disorderly Conduct (threw glitter on Karl Rove)"
||>


Posted by: Natilo Paennim | Link to this comment | 10- 7-11 4:26 PM
horizontal rule
7

definitely bad

But, aren't a hell of a lot of "viruses" basically just hacker pranks?


Posted by: urple | Link to this comment | 10- 7-11 4:33 PM
horizontal rule
8

I mean, it's definitely bad, in that it shows our drones could theoretically be turned against us, maybe, or something like that, but that doesn't mean that this particular thing is necessarily or even especially likely to be malicious. Does it?


Posted by: urple | Link to this comment | 10- 7-11 4:35 PM
horizontal rule
9

7: keyloggers tend not to be pranks, no. keyloggers tend to be deployed by people interested in your bank and/or email passwords. It is entirely possible that this keylogger is only interested in the bank and/or email passwords of the missile-equipped death robots, but the fact that there's a keylogger installed on all the systems at the base and they can't get rid of it is very bad indeed.


Posted by: Sifu Tweety | Link to this comment | 10- 7-11 4:41 PM
horizontal rule
10

1. The keylogger can't call home.

2. Eliminating it requires reformatting the hard drive.

=>

Live with it for a while (while slowly reformatting hard drives).


Posted by: jim | Link to this comment | 10- 7-11 4:46 PM
horizontal rule
11

1. The keylogger can't call home.

This is an awfully optimistic assumption.


Posted by: emdash | Link to this comment | 10- 7-11 5:05 PM
horizontal rule
12

5.last is also the really serious bit. I don't love the idea, as reported in the article, that the security guys at Creech are basically googling for "how to remove keylogger."


Posted by: emdash | Link to this comment | 10- 7-11 5:08 PM
horizontal rule
13

10: it's possible that reformatting the hard drive wouldn't do the trick.


Posted by: Sifu Tweety | Link to this comment | 10- 7-11 5:10 PM
horizontal rule
14

Can't they just buy new drives? Government has fucktons of gun-buying money.


Posted by: Moby Hick | Link to this comment | 10- 7-11 5:13 PM
horizontal rule
15

Back in the early 2000s, my post-doc was funded by a DARPA program which was not titled Design Principles for Autonomous Swarms of Robot Death Machines. I remember social-engineering attacks very close to this being discussed at meetings, and the network security people basically going "People are always the weakest part of the system, so the less human control, the safer".

I am not sure whether to be relieved that their advice doesn't seem to have been followed.

5, 12: low-bid contractors.


Posted by: Cosma Shalizi | Link to this comment | 10- 7-11 5:15 PM
horizontal rule
16

14: Maybe it's actually a super double-secret backdoor stimulus program.


Posted by: JP Stormcrow | Link to this comment | 10- 7-11 5:17 PM
horizontal rule
17

My favorite part is

The virus, first detected nearly two weeks ago by the military's Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas

Really why hasn't it stopped you from flying missions. Our death robots have been infected by some unknown virus, but you know whatever.


Posted by: CJB | Link to this comment | 10- 7-11 5:21 PM
horizontal rule
18

The T-800 et seq. generation Terminators have bank and/or e-mail passwords? Actually, I can believe that.

"Ah you Sahrah Connah? What was youah first pet's name?"


Posted by: Flippanter | Link to this comment | 10- 7-11 5:22 PM
horizontal rule
19

15: I'm a little in love with the idea that no futuristic technology of destruction (nuclear weapons! flying robot death machines!) is so fearsome that it can't be defeated by thumb drives (which, in my imagination, invariably have pokemons screen-printed on them).


Posted by: Sifu Tweety | Link to this comment | 10- 7-11 5:23 PM
horizontal rule
20

Well, my favorite part is that I keep reading Creech as Cheech and thinking that the military-industrial complex is way cooler than I thought.


Posted by: Von Wafer | Link to this comment | 10- 7-11 5:24 PM
horizontal rule
21

[W]hich, in my imagination, invariably have pokemons screen-printed on them....

I believe the plural is just "Pokemon."


Posted by: Flippanter | Link to this comment | 10- 7-11 5:25 PM
horizontal rule
22

11: It's trying to call an IP address which doesn't exist on the SIPRNet.

Although by now the security guys will have set up a machine at that address to see what the keylogger says when it calls home.


Posted by: jim | Link to this comment | 10- 7-11 5:27 PM
horizontal rule
23

21: no sir.


Posted by: Sifu Tweety | Link to this comment | 10- 7-11 5:29 PM
horizontal rule
24

23: Gotta catch and chokehold 'em all?


Posted by: Flippanter | Link to this comment | 10- 7-11 5:31 PM
horizontal rule
25

There is a part of me that would like to think that there is a finite probability that this is part of a cover story associated with an elaborate double criss-cross ratfucking scheme being run by a wing of a super-competent Government security apparatus. But I think that part of me never got past being 10-years old.


Posted by: JP Stormcrow | Link to this comment | 10- 7-11 5:37 PM
horizontal rule
26

Well, my favorite part is that I keep reading Creech as Cheech and thinking that the military-industrial complex is way cooler than I thought.

"Hey man, how's the drone flyin'?"
"I think it's parked, man."


Posted by: Cryptic ned | Link to this comment | 10- 7-11 5:38 PM
horizontal rule
27

"Disorderly Conduct (threw glitter on Karl Rove)"

I guess there's no law on the books against fabulous conduct.


Posted by: beamish | Link to this comment | 10- 7-11 5:39 PM
horizontal rule
28

6: If he goes to jail, be sure to introduce him as "the man who did time for Rove."


Posted by: Moby Hick | Link to this comment | 10- 7-11 5:40 PM
horizontal rule
29

I find it odd that this has been publicized. Wouldn't one expect information about the existence of a major vulnerability in an important weapons system to be, you know, classified?


Posted by: Spike | Link to this comment | 10- 7-11 5:49 PM
horizontal rule
30

29: That is part of what makes one part of me think about 25. Officially the military is saying nothing.


Posted by: JP Stormcrow | Link to this comment | 10- 7-11 5:56 PM
horizontal rule
31

no futuristic technology of destruction (nuclear weapons! flying robot death machines!) is so fearsome that it can't be defeated by thumb drives (which, in my imagination, invariably have pokemons screen-printed on them).

Nah, it should be one of these.


Posted by: | Link to this comment | 10- 7-11 6:15 PM
horizontal rule
32

an elaborate double criss-cross ratfucking scheme being run by a wing of a super-competent Government security apparatus.

You mean like Stuxnet?

They do have the USB-drive-as-attack-vector in common.


Posted by: Spike | Link to this comment | 10- 7-11 6:24 PM
horizontal rule
33

29, 30: Having just finished reading Top Secret America by Priest and Arkin (journalism! get it while you can!), I have the very strong impression that leaking secrets is a feature, not a bug, as far as those on the inside are concerned.


Posted by: Cosma Shalizi | Link to this comment | 10- 7-11 6:37 PM
horizontal rule
34

31: From the same site, there's this. Which just makes me wonder how hard it would be to find a disgruntled/financially strapped code-monkey working for Ironkey.


Posted by: Cosma Shalizi | Link to this comment | 10- 7-11 6:41 PM
horizontal rule
35

34: that's a riot. And you use it to transfer data between your secure military network and... what, exactly?


Posted by: Sifu Tweety | Link to this comment | 10- 7-11 6:45 PM
horizontal rule
36

Another secure military network...


Posted by: JP Stormcrow | Link to this comment | 10- 7-11 6:56 PM
horizontal rule
37

Wikileaks?


Posted by: fake accent | Link to this comment | 10- 7-11 6:57 PM
horizontal rule
38

First comment at the story: "The big problem is that the drones keep ordering refueling boom enlargement kits, and four of them tried to fly to Nigeria to collect on a half-million gallons of jet fuel that was left there by a former Minister of Aviation."


Posted by: apostropher | Link to this comment | 10- 7-11 7:31 PM
horizontal rule
39

yeah, let's just keep our death-missle deploying drones on missions even though we know they're infected with some virus we are unable to remove. what the fucking fuck? and it's a keylogger?//?!!1! I would, um, like leave, ground the drones for a while. what's the harm? I have to say the triple cross by asshole portions of the security apparat seems likely. why just tell everyone "we got haxxored." hey, I know, I'll ask someone!


Posted by: alameida | Link to this comment | 10- 8-11 12:43 AM
horizontal rule
40

Get a Mac.


Posted by: Alex | Link to this comment | 10- 8-11 4:29 AM
horizontal rule
41

re: 40

Tbh, I'm sort of shocked this is run from Windows PCs. I suppose I just assumed that under the hood was a unix box, or some sort of dedicated embedded OS. And if they were windows based, wtf would they have USB ports? Or be accessible from PCs that did have USB ports? We have better security in a fucking library.


Posted by: nattarGcM ttaM | Link to this comment | 10- 8-11 4:45 AM
horizontal rule
42

Reading the article I see they used removable hard drives, but ffs, there are better ways to do this.


Posted by: nattarGcM ttaM | Link to this comment | 10- 8-11 4:49 AM
horizontal rule
43

Actually, Ironkeys are used in my (non-military) part of the government complex. I'd just assumed they won the contract.


Posted by: Aaron Burr | Link to this comment | 10- 8-11 4:50 AM
horizontal rule
44

41, 42:

Classified systems used to use unix boxen. But (1) they're more expensive than PCs, (2) the users (US enlisted men/women) need specialized training to use them, whereas they already know how to use PCs, (3) there are unix commands that US enlisted men/women should not be trusted with.

While red and black networks are cryptographically isolated, there is a need to move data from the unclassified side to the classified. Some data is born unclassified but used classified -- weather data is the classical example; it comes from sensors connected to the unclassified network, is analyzed by uncleared people in unclassified facilities, but people piloting drones need it on their classified systems. So there has to be some path that data takes from unclassified systems to classified ones. And any path that data takes, malware can come along: one-way fiber, removable hard drives, thumb drives, it doesn't matter.

39:

Keyloggers are probably the least harmful malware in this situation. A virus that crashed the machine or erased files at random would do much more damage. The keylogger is just going to sit there collecting data which it can't send to anyone (paths up exist; paths down require active human participation, like that alleged of Bradley Manning). That it is a keylogger rather than something actively damaging suggests that its presence is an accident, rather than that the drone wars begun have.


Posted by: jim | Link to this comment | 10- 8-11 5:57 AM
horizontal rule
45

44: "there are unix commands that US enlisted men/women should not be trusted with."

Any system that lets you have that much power, it's like you know these magic spells but you're not quite sure what they do.

Once while attempting to change my own password in all my code, I instead somehow managed to change the ownership of all of someone else's files so they belonged to me. Oops...

Then there's the time my boss was trying to delete his own tables on a server, and ended up deleting everyone's data. Took about a month to recover from that one.


Posted by: Benquo | Link to this comment | 10- 8-11 10:52 AM
horizontal rule
46

In conclusion, UNIX is fun!


Posted by: Benquo | Link to this comment | 10- 8-11 10:53 AM
horizontal rule
47

41: they run entire Navy warships on Windows. There was a big scandal about a decade ago when a bluescreen of death left a destroyer dead in the water for a while.


Posted by: Sifu Tweety | Link to this comment | 10- 8-11 10:56 AM
horizontal rule
48

I suppose I can sort of see 2 and maybe 3,* but not 1. Why are they more expensive?

re: 45

I've also done 'rm -r /foldername' at some point, and then realised I've typo'd and done 'rm -r / foldername'.

* although I'm not sure why they've be in a shell, with super user access, rather than using whatever GUI based apps are running on top.


Posted by: nattarGcM ttaM | Link to this comment | 10- 8-11 10:57 AM
horizontal rule
49

rm -rf *


Posted by: opinionated root | Link to this comment | 10- 8-11 11:00 AM
horizontal rule
50

48: You are of course correct - all that is required is that the designers know how to use UNIX, not the pilots.


Posted by: Benquo | Link to this comment | 10- 8-11 11:18 AM
horizontal rule
51

I've also done 'rm -r /foldername' at some point, and then realised I've typo'd and done 'rm -r / foldername'.

Not as bad, but I've thought I was doing "rm -rf ~/folder" but actually was doing "rm -rf ~ /folder" more than once.


Posted by: nosflow | Link to this comment | 10- 8-11 11:53 AM
horizontal rule
52

48,51: That's why I usually do "ls ~/folder" or whatever, and then "rm !*" as the following command (!* being the "repeat previous arguments" shorthand in the shells I use), rather than rm directly. That way, I get to see what the system thinks I'm going to delete before I delete it.


Posted by: Dave W. | Link to this comment | 10- 8-11 6:50 PM
horizontal rule
53

there are unix commands that US enlisted men/women should not be trusted with.

I seriously don't understand this. Why is this not true of any computer system? And isn't the answer, for any OS, to not give those users permissions to run the things you don't want them to run? "rm -rf /" isn't so dangerous if you don't have root access....


Posted by: essear | Link to this comment | 10- 8-11 7:02 PM
horizontal rule
54

53: Even without root, you may have legitimate read/write access inside the folders in question. And at least in UNIX, the power to create is the power to destroy.

It is technically possible to destroy way too much stuff in a GUI OS as well, but you're more likely to notice that you've selected your C:/ drive in Windows before pressing delete, than you are to notice that you've added a stray space or from one level too low, when typing in a command in UNIX.


Posted by: Benquo | Link to this comment | 10- 8-11 8:05 PM
horizontal rule
55

*Added a stray space or run the command from one level too low


Posted by: Benquo | Link to this comment | 10- 8-11 8:06 PM
horizontal rule
56

54: But that's an argument that some people should not be trusted with command-line interfaces, and only allowed to interact with GUIs. That argument doesn't distinguish between Unix and Windows, since either one allows you to do things with a GUI or with a command line.


Posted by: essear | Link to this comment | 10- 8-11 8:12 PM
horizontal rule
57

56: True. I've just usually seen UNIX implemented as a command line terminal interface, and Windows implemented with, well, windows. It's still possible to use a command line in Windows?


Posted by: Benquo | Link to this comment | 10- 8-11 9:21 PM
horizontal rule
58

Yeah, there's a "Command Prompt" under Accessories. I don't think it's widely used.


Posted by: teofilo | Link to this comment | 10- 8-11 9:24 PM
horizontal rule
59

58: I use it for getting a .txt file listing of all the files in a folder and that's about it.


Posted by: Moby Hick | Link to this comment | 10- 8-11 9:25 PM
horizontal rule
60

58: I use a command prompt all the time under Windows, though usually through a pseudo-Unix Cygwin window rather than a raw Command Prompt. That way, I get most of the Unix utilities available under Windows.


Posted by: Dave W. | Link to this comment | 10- 8-11 11:23 PM
horizontal rule
61

I'm a lifelong mac user but my brother and sister, who used pcs to play extensive text based adventure games in the 90s, still use the command shit allthe time on their computer. I laugh at them, like, dude, I last did that in 1986 when I was learning basic.


Posted by: alameida | Link to this comment | 10- 9-11 12:45 AM
horizontal rule
62

I used command-lines all the time in Windows. It's still faster, and more intuitive for certain things, if that's the way you work. Ditto on the Mac, where I do a lot in a shell. Being able to do things like loop through folders carrying out operations on files is something that Windows still struggles with unless you use the command-line. It's a bit easier to do it GUI style on the Mac as you have Automator, but I still find it easier to just do it from a prompt.


Posted by: nattarGcM ttaM | Link to this comment | 10- 9-11 2:42 AM
horizontal rule
63

16: backdoor stimulus program

Are funds allocated for the harvesting of low hanging fruit?


Posted by: Mister Smearcase | Link to this comment | 10- 9-11 5:17 AM
horizontal rule
64

Guess I should learn some DOS, then.


Posted by: Benquo | Link to this comment | 10- 9-11 9:22 AM
horizontal rule
65

re: 64

Or do what Dave W. suggests and use cygwin. That way anything you do will translate over onto Macs and Unix command prompts, too. [More or less]


Posted by: nattarGcM ttaM | Link to this comment | 10- 9-11 9:27 AM
horizontal rule
66

63: That's a secret. In fact I managed to conceal it from myself.


Posted by: JP Stormcrow | Link to this comment | 10- 9-11 9:39 AM
horizontal rule
67

Tangentially: Does anyone offer really good courses in becoming an effective power user for things like UNIX, and common apps like Excel? I know how to do some basic stuff, but the people I've worked with who are real experts cann do a lot more a lot faster. I could teach myself, but I frankly don't have the time or energy to do it on top of work and school, while I could easily afford to take a vacation day to go to an intensive course. Could probably expense it too...


Posted by: Benquo | Link to this comment | 10- 9-11 2:32 PM
horizontal rule
68

re: 67

I used to teach the Excel one at my university [casual work when I was a grad student] and it was pretty good. I didn't write it, I was just using someone else's material. I'd guess most decent sized colleges do something similar, so I'd expect there's a community college type venue providing them near you?

For unix, what about something like:

http://www.ee.surrey.ac.uk/Teaching/Unix/

[as a starting point. It does look a bit old]


Posted by: nattarGcM ttaM | Link to this comment | 10- 9-11 2:40 PM
horizontal rule
69

Some people claim to type unix commands backwards, in order to preclude pressing ENTER too soon on a rm -rf or similarly dangerous operation. A nice hack, but reversing everything will take you some time.


Posted by: Alex | Link to this comment | 10-10-11 2:24 AM
horizontal rule
70

re: 69
I don't do that, but I have done something similar to Dave's tip in 52. Piping the output of an ls or find command initially just to the screen, and then to 'exec rm'.


Posted by: nattarGcM ttaM | Link to this comment | 10-10-11 3:55 AM
horizontal rule
71

68: Thanks. I look forward to acquiring magic powers.


Posted by: Benquo | Link to this comment | 10-10-11 7:52 AM
horizontal rule