In Through The Out Door

Hugh Pickens writes “Former CIA counterterrorism analyst Stephen Lee has an interesting article in the Examiner asserting that the National Security Agency is ‘a secretive, hidebound culture incapable of keeping up with innovation,’ with a history of disregard for privacy and civil liberties. Lee says that for most of its sixty-year history, the NSA has been geared to cracking telecom and crypto gear produced by Soviet and Chinese design bureaus, but at the end of the cold war became ’stymied by new-generation Western-engineered telephone networks and mobile technologies that were then spreading like wildfire in the developing world and former Soviet satellite countries.’ When the NSA finally recognized that it needed to get better at innovation, it launched several mega-projects, tagged like ‘Trailblazer’ and ‘Groundbreaker,’ that have been spectacular failures, costing US taxpayers billions. More recently, the NY Times reported that the NSA has been breaking rules set by the Obama administration to peer even more aggressively into American citizens’ phone traffic and email inboxes. Whistleblower reports portray NSA domestic eavesdropping programs as unprofessional and poorly supervised, with intercept technicians ridiculing and mishandling recordings of citizens’ private ‘pillow talk’ conversations. Lee concludes that ‘if the Federal government must play a role, then Congress and President Obama should turn to another agency without a record of creating mistrust — perhaps even a new entity. Meanwhile, NSA should focus on listening in on America’s enemies, instead of being an enemy of Americans and their enterprises.’”

[From NSA Ill-Suited For Domestic Cybersecurity Role]

Gulags, Nukes and a Water Slide: Citizen Spies Lift North Korea’s Veil

With Sleuthing and Satellite Images, Mr. Melvin Fills the Blanks on a Secretive Nation’s Map

Military projects are infamous for delays and cost overruns. Ditto for just about everything we put into space. Combine the two in the form of military space programs and you would presumably have a recipe for disaster. So it’s no surprise to learn that various military satellite programs have been plagued with problems, many of which have been detailed in a report by the Government Accountability Office. For most of us, the programs in question are pretty well abstracted from our day-to-day experience, but one of them has found its way into our lives: the Global Positioning System. Has the Department of Defense’s problems put our gadgets at risk? The answer depends on how you define “risk.”

The GAO is a nonpartisan office that performs critical analyses of government programs, providing a sanity check on federal spending and management. In a report released on Wednesday, the GAO tackled the items the military puts in orbit and did not hold back on the criticism; the report is titled “DOD Faces Substantial Challenges in Developing New Space Systems,” and those substantial challenges are described in substantial detail.

Click here to read the rest of this article

PRC’s Kylin secure OS: Part of cyber-war or cyber-security?

Gen. Kevin Chilton, the head of STRATCOM, just declared that the Law of Armed Conflict will apply to cyberwar, and that the US won’t rule out conventional (read: kinetic) responses to cyber-attacks. This means that we consider state-supported ‘hackers’ to be subject to the Geneva Conventions and Customary International Law, including the rules of proportionality and distinction (i.e. if we catch them, we can try them for war crimes). Incidentally, it also means we consider non-state cyber-attackers to be illegal enemy combatants, which means we can do all kinds of nasty stuff to them.

U.S. Steps Up Effort on Digital Defenses

[From Cisco Puts More Security In The Cloud]

[From We Don't Want To Run U.S. Cybersecurity Efforts, NSA Chief Says]

The Wall Street Journal is reporting that cyber-spies have stolen several terabytes of data from the Joint Strike Fighter project

[From Data stolen from US Joint Strike Fighter project]

The existence and operation of massive, coordinated, government-affiliated online espionage networks is typically the province of television or the silver screen, rather than the subject of research. In the real world, even a direct link between online and offline action (Russia’s invasion of Georgia and the simultaneous online attacks against that country

are a good example) is not enough to automatically prove that the government behind the one is automatically behind the other. We’ve covered the rise of hacktivism previously on Ars; as more citizens

come online, we’ll undoubtedly see more of this type of crowdsourced aggression in the future.

Researchers in Toronto, however, may have actually discovered and tracked a hacking effort that can be traced back to a foreign intelligence network—China’s, in this case—over the past ten months. The team, which is affiliated with

the Munk Centre for International Studies, has published an extensive report on the activities of what they dub GhostNet. Their investigation took place from June 2008 through March

of 2009, and focused on allegations that the Chinese had engaged in systemic online espionage activities against the Tibetan community. GhostNet was spread through the use of a wide variety of Trojans, many of which were controlled through a program nicknamed gh0st RAT (Remote Access Tool).

Click here to read the rest of this article

[From Chinese cyberespionage network runs across 103 nations]

IT news might be bad in almost every corner of the industry, but one industry segment seems better fit to ride out the recession than most. Sales of security appliances to various business sectors in Western Europe grew revenue a total of 14.4 percent in 2008 as compared to 2007, but that growth slacked off a bit in the fourth quarter; sales rose only 10.1 percent. Those are solid numbers in any economic climate, and particularly in this one.

The increase in total revenue was not spread evenly across the top five vendors. Fortinet reported 29.5

percent revenue growth from 2007-2008, followed by Cisco (20.5 percent) and “other” (18.7 percent). Nokia and Secure Computing eked out smaller gains of 6.6 percent and 2.3 percent,

respectively, while Juniper fell off a cliff. Company revenue dropped 17 percent year-on-year, which helps explain why everyone else grew at such a high rate.

Click here to read the rest of this article

[From Report: IT not scrimping on security during recession]

Wednesday, at an event in Santa Clara, Sun Microsystems and the Internet Archive announced a joint effort to move the Archive’s growing, three-petabyte (about 150 Libraries of Congress) data store into one of Sun’s Modular Datacenters—the famous datacenter in a shipping container, which we’ve covered previously.

The Archive, which also hosts the ever-popular Wayback Machine, currently runs on a custom storage architecture. But, in keeping with the group’s mission of open access to information, they opted to move it to a Sun MD that’s based on Sun Fire x4500 servers and ZFS.

Click here to read the rest of this article

[From Sun puts Internet Archive in a box, but will it stay there?]

Experts: U.S. needs to defend its “cyber turf”

[From News: Experts: U.S. needs to defend its "cyber turf"]

“Google engineers say it was not expensive and required only a small team of developers to enable all of the company’s applications to support IPv6, a long-anticipated upgrade to the Internet’s main communications protocol. ‘We can provide all Google services over IPv6,’ said Google network engineer Lorenzo Colitti during a panel discussion held in San Francisco Tuesday at a meeting of the Internet Engineering Task Force (IETF). Colitti said a ’small, core team’ spent 18 months enabling IPv6, from the initial network architecture and software engineering work, through a pilot phase, until Google over IPv6 was made publicly available. Google engineers worked on the IPv6 effort as a 20% project — meaning it was in addition to their regular work — from July 2007 until January 2009.

[From Google Engineers Say IPv6 Is Easy, Not Expensive]

The dirty little secret about patching routers is that many enterprises don’t bother — for fear of the fallout any changes to their Cisco router software could have on the rest of their infrastructure. But the recent discovery of a way to easily hack these devices has put pressure on organizations to change their ways and patch. This article in Dark Reading gives tips on how to patch without taking down the network, including input from Cisco’s own director of IT on how Cisco itself handles router patching.

[From Cisco Router Hack Inspires New Patching Religion ]

The vulnerability is in the program for unpacking JAR archives and merely visiting a crafted website may allow the exploit. An update is available to fix the problem

[From Security vulnerability in Sun's Java environment]

Cisco has published the details of several vulnerabilities in its IOS network operating system, some of which could allow a remotely exploited denial of service condition

[From Cisco patches several vulnerabilities in IOS]

XenServer 5

OneSwarm

$100 Linux wall-wart launches