Create an Account
username: password:
  MemeStreams Logo

Spontaneous Sociability and The Enthymeme


Picture of Rattle
Rattle's Pics
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Rattle's topics
   Sci-Fi/Fantasy Literature
  Tech Industry
  Telecom Industry
Health and Wellness
   Using MemeStreams
Current Events
  War on Terrorism
Local Information
  SF Bay Area
   SF Bay Area News
  Nano Tech
  International Relations
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
   Intellectual Property
   Computer Security
   PC Hardware
   Computer Networking
   Software Development
    Open Source Development
    Perl Programming
    PHP Programming
   Web Design
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!

Current Topic: Security

Sic Semper Tyrannis 2007: Sale on Negroponte Move
Topic: Security 7:28 am EST, Jan  7, 2007

The following quoted material is a post by UPI intelligence corespondent Richard Sale on Ret. Colonel W. Patrick Lang's Sic Semper Tyrannis blog. Sale does not reveal any of his sources, so there are questions about its accuracy. This is some of the only speculation I've seen about the Negroponte move, and it seems to be getting attention from a number of intelligence focused blogs, such as ex-CIA analyst Larry Johnson's No Quarter.

This post by Larry Johnson about the changes in the intelligence community leadership is also recommended reading.

The general theme I've seen in all this commentary is that the intelligence community leadership is taking a firm swing in the direction of being under the DoD. Throughout all of it, there is a negative view of the Bush Administration's leadership choices, with all fingers pointing at Dick Cheney. The speculation is that the Bush Administration wants the intelligence community to produce the information it wants, rather than what it feels is correct, a la the pre-Iraq war intelligence. This isn't the least bit shocking.

Talk about weaknesses within the State Department pertaining to understanding of the Middle East has been abound for quite some time now. If nothing else, the Negroponte move is addressing those concerns.

My gut feeling is that there is a big piece of the picture missing, and sometime this week an interesting angle to this story will emerge. Maybe someone will go on the record with some details about the alleged domestic spying spat... (Update: It might be easier to connect the dots than I thought. Let's hope the Senate does so during confirmation hearings.)

Contrary to the bland stories in The New York Times and Washington Post of Friday, Negroponte did not go voluntarily to State from his job as director of intelligence. In fact, there was tremendous administration pressure to get him out of his current job. The chief cause of the quarrel involved Negroponte's balking at at request from Vice President Cheney to increase domestic collection by the National Security Agency on U.S. citizens.

Negroponte flatly refused, Cheney bridled, and from then on the pressure built to get rid of him. (The White House did not return phone calls, but there is nothing new is that.)

The Bush people, chiefly Cheney and the president, were already annoyed by the fact that the Negroponte group has been busy producing drafts of reports that predict utter disaster in Iraq and which are utterly opposed to any increase of troops. Cheney and Bush both flared in wrath over this. Of course, intelligence is simply evaluate... [ Read More (0.3k in body) ]

Sic Semper Tyrannis 2007: Sale on Negroponte Move

Defense Tech: Pentagon Pays Screenwriters, Eyes MemeStreams
Topic: Security 6:31 am EST, Jan  4, 2007

The Air Force is bankrolling a Hollywood screenwriting class. A screenwriting class for PhDs. No, seriously.

Now, the government has dabbled in the movie business before. The CIA, for instance, produced an animated version of Animal Farm. After 9/11, the BBC notes, Die Hard screenwriter Steve de Souza was one of two dozen writers and directors who were "commissioned to brainstorm with Pentagon advisers" about possible terror plots. The Army currently works with a bunch of Hollywood types at USC to build next-generation simulators.

And this isn't the only unusual source the Pentagon is tapping for its know-how. As USA Today reports, Defense Department officials are growing increasingly interested in Craigslist, YouTube, and other fast-moving start-ups, for ideas about how terror groups operate.

Read the original DefenseTech article for quotes from relevant articles. DefenseTech is a great blog, which I suggest reading regularly.

If the DoD is increasingly interested in technology companies for ideas about how terrorist groups operate, they should contact The Industrial Memetics Institute. We know a thing or two about a thing or two. We have "cells" in several states, maintain no physical offices, require all "operatives" to be able to communicate using strong encryption, and have our own media outlet. However, none of it is "underground" because there is no need. We are very much a "scene" interested in security...

Defense Tech: Pentagon Pays Screenwriters, Eyes MemeStreams

27B Stroke 6 | DHS Privacy Office Wishes You a WhiteWash Xmas With Two Delayed Reports
Topic: Security 5:40 pm EST, Dec 22, 2006

The Department of Homeland Security Privacy Office dropped two long delayed reports the Friday morning before Christmas – either as presents to civil liberties advocates or as a way to inflate their 2006 performance numbers – depending upon your degree of cynicism. One report (.pdf) concerns an anti-terrorism information sharing system known as the MATRIX, which got funding from the federal government. The ACLU asked the office to look into the program in May 2004. The other concerns (.pdf) Secure Flight and its invasive and undisclosed use of massive amounts of commercial data in early 2005 to test whether a centralized air passenger screening system that used data held by private data brokers would be more effective than the current name checks done by airlines.

Both reports date back to the office's first chief privacy officer, Nuala O'Connor Kelly. After she left in September 2005, her deputy Maureen Cooney took over, but had so little power that it was rumored she could not even hire interns without approval from the Department. The office is intended to have a measure of independence, and reports to Congress yearly, but it cannot force agencies within Homeland Security to turn over documents.

Neither report has much interesting to reveal, besides that they have nothing interesting to reveal. The Government Accountability Office issued its findings on how Secure Flight administrators abused the Privacy Act on July 22, 2005.

The GAO found (.pdf) that: "During the course of our ongoing review of the Secure Flight program, we found that TSA did not fully disclose to the public its use of personal information in its fall 2004 privacy notices as required by the Privacy Act."

That's a very nice way of saying the program administrators broke the law.

27B Stroke 6 | DHS Privacy Office Wishes You a WhiteWash Xmas With Two Delayed Reports

Boing Boing: Russia spy HQ has giant batman mural in floor
Topic: Security 2:02 am EST, Dec 14, 2006

What can possibly be said about this? Russian Intelligence uses Batman's symbol on their logo. They have a giant mural of it on their lobby floor, no less.

No wonder some people have such a hard time keeping a firm grip on reality. Reality doesn't have a firm grip on reality. Reality is pretty damn deranged all by itself.

So what kind of signals do FSB operatives use to communicate with each other? Do they include giant spotlights? If you start shining the Batman signal over Foggy Bottom, will people start freaking out and locking down buildings?

Boing Boing: Russia spy HQ has giant batman mural in floor

FBI still can't hack it's own ass
Topic: Security 3:40 pm EST, Dec  5, 2006

The FBI faces a $56.7 million funding gap as it builds a new computer system to replace a problem-riddled database of investigation files, Justice Department auditors said Monday.

With careful oversight, the Sentinel program still could be successful, auditors from the department's inspector general's office concluded. Even so, the Bush administration's funding request for this year's share of the $425 million system, set for completion in 2009, falls short of what the bureau said it needs keep it on track.

The FBI asked for an estimated $150 million in the fiscal year that began October 1; the White House approved spending $100 million. Congress is not expected to approve the FBI's funding until next year.

Although the FBI expects to have about $50 million left over from earlier work on Sentinel and other bureau projects, auditors warned that pulling money from other programs "may have an adverse affect on the FBI's mission capabilities," the auditors said.

The funding concerns over Sentinel follow the FBI's decision last year to scrap a botched $170 million project to build a paperless case management system. FBI Director Robert Mueller abandoned the project, called Virtual Case File, after consultants said it was obsolete and riddled with problems.

Incoming Senate Judiciary Chairman Patrick Leahy, D-Vermont., questioning whether the funding gap would bring cuts to the FBI's counter-terrorism programs, said "mismanagement of this project seems to know no bounds."

"I remain seriously concerned about the handling of this project," Leahy said. "The American people cannot afford another fiasco."

It's often said that when it comes to technical issues, the FBI couldn't hack it's own ass. It appears, this continues to be the case.

I've covered this debacle before. Last time around, they were letting SAIC and their own inability to scope their needs drag them through the dirt. This time around, mismanagement continues to appear to be the root cause of the problem.

I'd sure love to hear an insider's perspective on this...

FBI still can't hack it's own ass

Open-Source Spying
Topic: Security 6:40 pm EST, Dec  3, 2006

When he was hired by the DIA, he told me recently, his mind boggled at the futuristic, secret spy technology he would get to play with ... If the everyday Internet was so awesome, just imagine how much better the spy tools would be.

But when he got to his cubicle, his high-tech dreams collapsed. "The reality," he later wrote ruefully, "was a colossal letdown."

In this essay for the NYT Sunday magazine, Clive Thompson refers to the white paper by Calvin Andrus, The Wiki and the Blog: Toward a Complex Adaptive Intelligence Community, which was recommended here back in July. (Also at CSI. Slides here.)

Following the threads from this article ...

Next up: the ouster of neocon Zalmay Khalilzad, the manipulative pro-consul in Baghdad, and his replacement by Ryan Crocker, a long-time Arabist who recently served as U.S. ambassador to Syria.

Thomas Fingar [2] "manages the production of the President's Daily Brief." He's an SES and an old China hand. He spoke in August, giving a talk entitled Intelink and Beyond: Dare to Share.

"I think in the future you'll press a button and this will be the NIE," said Michael Wertheimer, assistant deputy director of national intelligence for analysis.

In 2004 Wertheimer wrote in the Washington Post:

To succeed we must demand far less near-term intelligence product from the Signals Intelligence community, give it control of its resources and allow it to plan for a disruptive future, a future that is presaged by videos that show an Afghan warlord exhorting his terrorist followers not to use satellite phones for fear of American capture.

He spoke recently at InfoTech 2006; his presentation, Technology Transformation for Analysis: Year One Report, isn't really online, but others at the conference are here.

According to Michael Wertheimer, who held the most senior technical position at th... [ Read More (0.7k in body) ]

Open-Source Spying

27B Stroke 6 - Its not over for Soghoian.
Topic: Security 3:38 pm EST, Nov 30, 2006

Despite news yesterday that the Justice Department has closed its investigation of the graduate student behind the controversial fake boarding pass generator, Christopher Soghoian may not be out of legal jeopardy yet.

It appears I was too quick to declare a happy ending to the Christopher Soghoian story.

The TSA should be spending more time addressing the issues Soghoian called attention to, then investigating Soghoian. If they officially press charges against him, we should not have any problem making them look like incompetent fools in the media.

27B Stroke 6 - Its not over for Soghoian.

Christopher Soghoian is no longer under investigation
Topic: Security 2:58 pm EST, Nov 28, 2006

The short version of things, is that they've stopped the investigation, due to a lack of evidence of criminal intent on my part. They've given me back my passports, my computers, and I'll be getting the rest of my stuff back shortly. Essentially, I'm a free man - with no charges filed.

This story has a happy ending. Well, mostly happy. There are still major problems with airport security. Click through for the full story.

This quote from Chris in Wired 's coverage strikes a common meme:

"The message it sends to the community is that if you do security research, someday the FBI will come knock on your door."

Brian Krebs at the Washington Post's Security Fix blog is also covering Chris Soghoian breaking his silence.

Christopher Soghoian is no longer under investigation

Justice Recalls Treats Laced With Poison - New York Times
Topic: Security 8:16 pm EST, Nov 17, 2006

A discussion of recent threats to judges’ safety, at a bar association conference in suburban Dallas last week, became startlingly specific when Sandra Day O’Connor, the retired Supreme Court justice, recounted that each justice had received in the mail “a wonderful package of home-baked cookies” that contained “enough poison to kill the entire membership of the court.”

The sender, Barbara Joan March of Bridgeport, Conn., pleaded guilty to 14 counts of “mailing injurious articles.” The 14 recipients included the nine justices; the chiefs of staff of the Army, Navy, and Air Force; and the director and deputy director of the Federal Bureau of Investigation. The packages, containing either candy or baked goods, were laced with rat poison.

All mail received at the Supreme Court is screened, and the tainted packages never reached the justices, said Kathleen Arberg, the court’s public information officer. The danger posed by the packages was immediately apparent. Each contained a typewritten letter stating either, “I am going to kill you,” or, “We are going to kill you,” and adding, “This is poisoned.”

Justice Recalls Treats Laced With Poison - New York Times

Schneier on Security: Forge Your Own Boarding Pass
Topic: Security 1:33 pm EST, Nov  2, 2006

Soghoian claims that he wanted to demonstrate the vulnerability. You could argue that he went about it in a stupid way, but I don't think what he did is substantively worse than what I wrote in 2003. Or what Schumer described in 2005. Why is it that the person who demonstrates the vulnerability is vilified while the person who describes it is ignored? Or, even worse, the organization that causes it is ignored? Why are we shooting the messenger instead of discussing the problem?

The way to fix it is equally obvious: Verify the accuracy of the boarding passes at the security checkpoints. If passengers had to scan their boarding passes as they went through screening, the computer could verify that the boarding pass already matched to the photo ID also matched the data in the computer. Close the authentication triangle and the vulnerability disappears.

The problem is real, and the Department of Homeland Security and TSA should either fix the security or scrap the system. What we've got now is the worst security system of all: one that annoys everyone who is innocent while failing to catch the guilty.

Bruce Schneier has chimed in on TSAGATE. This essay can be found on his weblog or published in Wired. The message coming out of the security community seems to unanimously contain the same basic ideas: The TSA needs to fix the problem and not shoot the messenger.

Schneier on Security: Forge Your Own Boarding Pass

(Last) Newer << 1 - 2 - 3 - 4 - 5 >> Older (First)
Powered By Industrial Memetics