Monthly Archives: September 2019

History, Security

US Federal Gov Passes Cyber Hunt Bills

Leave a comment

Senate Bill 315 has just passed following House Bill 1158 earlier this week.

DHS Cyber Hunt and Incident Response Teams Act of 2019

Already it has Senator Schumer of New York literally screaming that he is…

AIMED AT PROTECTING UPSTATE NEW YORK SCHOOLS FROM MALICIOUS RANSOMWARE.

The SB315 list of authorized tasks for a DHS hunt and response team is as follows:

“(A) assistance to asset owners and operators in restoring services following a cyber incident;

“(B) identification and analysis of cybersecurity risk and unauthorized cyber activity;

“(C) mitigation strategies to prevent, deter, and protect against cybersecurity risks;

“(D) recommendations to asset owners and operators for improving overall network and control systems security to lower cybersecurity risks, and other recommendations, as appropriate; and

“(E) such other capabilities as the Secretary determines appropriate.

Call me pedantic but using the word hunt in the title (as in kill, typically in reference to the 2011 Lockheed Martin militaristic model for response) seems a bit over the top.

In the 1990s the USAF used to talk openly about their kill chain and the role of hunt. Here’s an example from 1994 Theater Missile Defense (TMD) appropriations transcripts (p 251):

The key functions of the TMD kill chain are to detect, track, target, engage, and assess…

Ten years later the U.S. government was working on what it called a hunter-killer program to fly into remote territory and destroy sources of threat.

The U.S. Air Force is probing the aerospace industry for its concepts for a new class of armed, long-endurance unmanned aircraft, called Hunter-Killer

By 2011 (remember that Lockheed Martin paper publication date?) the U.S. government was claiming hunter-killer programs using kill-chain were a huge success:

…special operations forces have honed their ability to conduct manhunts, adopting a new targeting system known as “find, fix, finish, exploit, analyze, and disseminate.” They have adopted a flatter organizational structure and collaborated more closely with intelligence agencies, allowing special operations to move at “the speed of war”…

The hunt model was lauded as a form of authorization, streamlining towards smaller secretive teams trusted with quick and lethal capabilities “over the fence” as Harvard lawyers infamously had envisioned decades ago.

And thus the information security industry naturally became susceptible to this military mindset, adopting hunt language not least of all because USAF veterans were landing jobs in civilian security firms and bringing a killer vocabulary along.

As ominous as the militant “kill” steps sound to unleash upon an upstate New York school, in computer software terms they remain basically incident response activities. Probably they could have fit easily under a public-private Computer Emergency Readiness Team (CERT) expansion without invoking “hunt” authorization.

It does seem possible “E” leaves the door open for much broader remit including active defense and hack back for hunt teams to go after attackers, though, at “the speed of” cyberwar.

Another Echo company (Army 160th) already has kind of established that reputation.

So maybe I’m underestimating what is going to be done by DHS here, and hunt will become an operative word for kill chains even inside schools where kids are meant to be learning and experimenting.

What DHS “echo company” could look like, as they hunt in US schools for ransomware.
Security

Will Russia trust Mandrake /e/ on a Google Sailfish?

Leave a comment

One of the lesser known stories in the American mobile technology space is Sailfish OS by Jolla. For whatever reason it never seems to get any press, unless you count this sideways glance in ZDnet

I have seen all too many failed attempts to compete with Android and iOS. But I’m impressed by Duval’s privacy-first approach, which builds on the existing successful Android platform. Instead of trying to replace it, he’s making the best of it. I think with privacy being more of a concern for users and hardware vendors looking for Google-free operating systems, /e/ may be successful where so many others have failed.

Ok, first of all to be fair, I am assuming these non-specific phrases include Sailfish OS. It is a Linux-based OS (i.e. Meego derivation, following N9 Linux-based phones from 2011) that successfully replaced Android in 2013 and ran an emulation engine for Android. Does the author believe it failed?

Despite being in America I’ve used it since basically v1.0.1 (called an “Android love fest” by TheReg) on dedicated Jolla hardware as well as Sony phones and it’s great! One of the amazing things about the Android emulation was how it allowed app stores to be multi-master.

It wasn’t as slick as the Nokia firmware-based regional packages that came before it, but Jolla allowed users to choose apps from stores completely disconnected from Google, never touching American soil for that matter.

Second, there’s some kind of weird thing going on at Google where in 2017 their HTC-based phone was codename Sailfish. This new /e/ OS lists Sailfish as one of the phones it will run on already. Perhaps you could call this some kind of coincidence but it’s hard to believe it is random since…

Third, in 2016 the Russian government announced Sailfish was their preferred platform. At that time the name only referred to one thing:

…after a thorough review of several open source based options, the Ministry publicly expressed support for Sailfish OS, which was chosen as the platform for further development.

This came up again recently as Russia has been using the self-harming trade policies under the current US administration as a way to promote Sailish-based mobile development versus American tech companies.

Trumpin tullimullistus: Androidista tuli pelinappula… ”Kohta mennään kuilun reunan jälkeen lujaa alas” (Trump customs shock: Android became a pawn… “Soon we’ll go down the edge of the abyss”)

And fourth, if success is based on users making privacy a concern, then surely Sailfish (the non-Google one) should already have registered as a win. And that’s not even to mention that it was Linux from the start.

In other words, I appreciate that there’s another Android Appstore non-Android phone with privacy in mind, being developed by the Mandrake founder. More options sounds great to me! Although his sense of history does worry me.

“The 80s have been the most exciting period in computing so far, in my opinion,” he said. “Well, I can’t talk about the 60s and 70s period.”

However, at this point I’d like to see a simple comparison table with Sailfish: Ideas stolen by Google? Endorsed by Russian government? Runs on OEM hardware that Google resells?

Finally, the article on /e/ also mentioned how it would run on Samsung devices. If that’s a goal, I figured I should pull out this history chart showing the development of Samsung’s non-Android OS that their mobile devices can run already:

Sailing, Security

Russian Military Downplays Defeat by Female Walrus

Leave a comment

Russian Geographical Society used one of its modern landing crafts in a way a mother walrus didn’t appreciate, so most news outlets are describing how she attacked their boat, sinking it and sending the Russian military running for their lives.

Naturally the Russian military made a statement that reported the opposite:

“Serious troubles were avoided thanks to the clear and well co-ordinated actions of the Northern Fleet servicemen, who were able to take the boat away from the animals without harming them.”

Definitely avoided any serious troubles there. “Able to take the boat away” from threats is double-speak for sinking. Aha, you can’t attack Russian boat, because there is no boat. Troubles avoided! Swim faster comrades, it is very cold.

Maybe something was lost in translation when Russians said they thought they were up to the tusk (pun intended).

A first-person account in Russian media said their boat was done in and a video shows them trying to poke the walrus with a gaff, which probably just made her more angry.

“The walrus was not injured. We just shoved her off. Our boat was damaged – sections three and five. Barely made it to shore” said Leonid. (Морж не пострадал. Мы его просто отпихнули. А лодка пробита — три секции и пяти. Еле доплыли до берега, сообщает Леонид.)

Speaking of being lost…

The area in question supposedly is on Wilczek Island, (Остров Вильчека) in the southeastern end of Franz Josef Land, Arkhangelsk Oblast, Russia. Maybe it’s somewhere else?

I have yet to find a western map anywhere listing a “Cape Geller” (мысе Геллера). Who was Geller?

Poetry, Security

USAF StormBreaker Smart Bomb

Leave a comment

GPS has been known unreliable for a very long time. Ten years ago I wrote about it here, and more recently participated in tests that successfully fooled Tesla navigation systems such that it made a car drive erratically and abruptly exit a highway.

Trouble in navigation probably is why the USAF is announcing new technology on bombs that optimistically gets described as the kind of cutting-edge millimeter waves and lasers you might find on driver-less-cars.

While the GBU-39 used Global Positioning System (GPS) satellites as the guidance method, the StormBreaker when operational will use GPS plus a millimeter wave radar and a semi-active laser as a seeker package.

Stormbreaker bomb (arguably a drone) after launch from USAF jet. Claimed by Raytheon to maintain target accuracy even during inclement weather or GPS failures

I’ll wager the backstory here is that GPS bombs were being not-so-smart after all (mass civilian casualties). Terms like “smart” and “seeker” only go so far when the things dropped from a plane, or flying themselves, blow up the wrong people.

Who can forget the 1950s version of pin point accuracy on bombs intended to destroy North Korea that killed USAF crews instead? And let’s not forget Igloo White bombing in the 1970s that not only missed targets but also cooked the books to be considered a success.

More to the point (pun not intended), Human Rights Watch (HRW) in 2017 launched investigations and lodged formal complaints about the GBU-39

“They told us it was a mistake by the coalition, and after the war we will talk about it,” Hasan said of Iraqi officials whom he contacted for help. “Why would they make a mistake like this? They have all the technology. This is not a small mistake.”

Another east Mosul resident, Jasim Mohammed Ali, said his son and six grandsons were killed by what he believes was a coalition airstrike that destroyed his home on Nov. 17.

The coalition is still investigating the strike based on a complaint by Human Rights Watch, which — along with other experts The Times consulted — identified munition parts in the wreckage of Ali’s house as a GBU-39 small-diameter bomb, a guided munition used by coalition forces.

So the good news might be that bombs are going to be far more accurate and kill the right targets.

“An increase of 82 percent in child casualties compared with the previous four years” has been linked in Afghanistan to aerial attacks and remnant explosives.

I haven’t found yet that kind of reference in the USAF press release on why they felt the need to improve “smart” bomb targeting systems. It just seems like a logical jump from the HRW criticisms.

Also consider the USAF and other customers of US arms still have a lot of GBU-39 left to drop (as HRW reported again this year) so maybe they want to wait 30-40 years before declassifying real reasons as some rappers already have guessed.

The pilots said their bombs lit Baghdad like a Christmas tree
It was the Christian thing to do you see
they didn’t mention any casualties
no distinction between the real and the proxy
only football analogies