Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Akami folded, Kerbs is down (Score 4, Informative) 203

too expensive to stand by their client

He wasn't their (paying) client. He is a benefit to the infosec society, and was provided pro bono service in appreciation of and to assist his work.

This attack probably cost Akamai a significant amount of money, so it's reasonable that they'd cut it off for a while.

Comment Re: Conventional warfare is dead (Score 1) 192

So let me get this straight... First the enemy uses a high-power L-band radar to find every speck of reflective dust. Then they use "much more powerful" S-band radar to somehow identify things the S-band radar can't even see. Meanwhile, the "much more powerful" S-Band and the L-band radar are both bright shining beacons to any SEAD flights, who are equipped with surveillance gear that can tell the difference between an actual radar and a decoy.

The only way the radar helps is to feed targeting information to anti-aircraft weapons like SAM launchers. Unfortunately for the radar operators, the L-band radar will still be susceptible to the countermeasure techniques used against it last time, like chaff and ECM, and the S-band radar won't have enough response to determine where the aircraft is. It can guess, but the odds of a hit are low.

That really boils down the nature of warfare. You do everything you can to improve your odds. Stealth does not guarantee success; the enemy could fire blindly at every blip on an antique radar system, and might hit something. However, the odds of a successful mission are better using a stealthy F-35 than using a nonstealthy B52H, as your earlier comment proposed. Since the running cost of a F-35 is about four times that of a B52, the question becomes a matter of whether it's worth paying four times as much to improve the odds of getting your crew back alive. That in turn requires understanding just how effective stealth is. According to the first reference I found, the stealthy aircraft reflects about 1/10000th as much radiation in the S-band, which is still what would be used for targeting, even if your giant L-band array can tell the SAM to launch. Those look like pretty good odds to me.

Comment Re: Conventional warfare is dead (Score 1) 192

The original comment from the AC was that cruise missile range is relatively short, which in turn makes guidance easier. You then said that guidance isn't necessary, and now you're saying that all cruise missiles have guidance. It seems you're unfamiliar with cruise missiles in general.

Almost all cruise missiles have the ability to control their own flight. Some have the ability to be controlled by radio from an operator, but that's an "extra feature" thing that is really only for ease of deployment, and usually plays no tactical role whatsoever. The idea is that a missile can be launched early, and it doesn't need to be given a confirmed target until it's halfway there. No, there is not usually someone sitting there with a joystick actually flying the missile to its target. Such capabilities are typically only used in the climax of a Hollywood blockbuster.

Any distinction today between "guided" and "unguided" cruise missiles is more a distinction on the level of control the missile's avionics has. At one extreme is a purely ballistic missile, effectively fired from a rocket launcher and landing wherever gravity makes it run into the ground. At the other extreme, an advanced cruise missile can not just control its flight, but perform positive identification of the target before the strike.

The distinction is important when considering the technological capability of an enemy. Scavenger fighters like ISIS or rebel groups won't be able to afford an arsenal of modern missiles, but they might be able to stick an microcontroller on a rocket and make it land somewhat close to a target. This has a tactical impact, because the accuracy of weapons determines the radius of hazard around a target. If the enemy missiles are only accurate to within a 1-mile radius, it can be politically important to keep military installations 2 miles from civilian areas, to prevent any accusations of bringing the conflict closer to civilians. Conversely, if the enemy has the weaponry to make surgical strikes, locating a base near a city can improve supply logistics, and any civilian collateral damage can be be used to vilify the enemy... if they could do better, why didn't they?

Comment Re:Doesn't this encourage bad behavior? (Score 3, Informative) 109

good enough to make it past the USPTO (which is harder than people think)

Which in itself is part of the problem, though Slashdotters would rather just whine about the Big Bad Gubmint.

It's traditionally been, and remains to be, difficult to get a patent. As a result, patent law is structured such that once a patent is approved, it's almost certainly some kind of groundbreaking new technology. Then if someone else end up with the same technology, they must certainly have copied the patent, and it's effectively the burden of the defendant to show that their design process excluded the duplicated patent, effectively requiring proving a negative and undermining the public good for which the patent system was created. In essence, the patent system is assumed to be infallible, so its failures have a significant impact.

I've put some consideration into a system in which the first step in any patent lawsuit is a mandatory reevaluation of the patent claims, paid for by the USPTO (and amortized into filing fees), and waivable if the reevaluation was done recently enough to remain relevant to current societal standards. Part of that evaluation would weigh whether the patent is really a specific application, or a new technology that will have wide use. In essence, once a patent is granted, it's only partially valuable until it's been tested in court, and its value as a commodity (especially for trade between NPEs) depends significantly on the likelihood of the patent to stand up to a fresh examination. On the other hand, a novel patent with specific demonstrable products would be more likely to survive a trial, so it would be more valuable to investors interested in creating products.

Comment Re: Conventional warfare is dead (Score 1) 192

You ought to try reading TFA. The long-wave radar might be able to detect that something's there, but it's the modern computation power that might possibly be able to identify the particular signature of a new plane, rather than raising alerts for every bird or chaff that happens to be in the vicinity.

That means it's not going to be a part of the old weapons systems. Only major powers like Russia or China would likely be able to use the technology on a battlefield, and they're unlikely to enter a direct open conflict with America or its allies. It certainly won't be readily available to insurgents like we're fighting now in the Middle East, and it won't be the old scrap left behind if a modern base is abandoned. Even if the technology is used in battle, it is pretty easily identified, and destroyed as part of an initial campaign for air superiority.

Comment Re: Conventional warfare is dead (Score 1) 192

...That's a guided cruise missile, then. In modern parlance, an "unguided" cruise missile is something like the old German V-1, which would travel a certain distance in a certain direction, then fall and blow up where it landed, but had no practical ability to correct its course during flight beyond basic stabilization.

Comment Re: Conventional warfare is dead (Score 1) 192

even one cruise nuke on Russian soil would have sent the message

I'm not sure what message you intend to send, but the one that's received is "America broke treaties first", and that opens the morality floodgates. Any other nuclear-armed military can then feel free to launch their nukes, in defense of their Russian ally against the suspected ally of the evil USA.

Comment Re: Conventional warfare is dead (Score 1) 192

An unguided cruise missile is a tactical disaster in a modern war. They are only useful against civilian or very large military targets, because they can be blown off course by wind or other interference, and lack the course-correction a guidance system would provide. If you're a belligerent like Germany in WWII, you can happily point them at your British enemy and watch the civilian casualty count rise as their morale falls. Unfortunately, if you're at least pretending to follow the rules of ware (as almost all nations do today), that risk to civilians acts against your best interests.

Modern warfare tactics also include the use of aerial refueling, effectively extending the F-35 range to 600 miles beyond where you or an ally have air superiority. That drastically changes the effective use of the aircraft.

Comment Re: Conventional warfare is dead (Score 1) 192

If the enemy has Soviet radar and SAM equipment from the 70s and 80s, which is now available readily and cheaply to anyone with a grudge against the USA, a B52H can deliver approximately 0 times the bomb load of any modern stealthy aircraft, with a 55% higher cost per flight hour before disintegration.

That's why the LRS-B program started, to build the upcoming B-21.

Comment Re: No good dead goes unpunished (Score 4, Insightful) 71

That's not how it works... that's not how any of it works.

If you want to be a non-criminal hacker, but can't get permission from someone who doesn't care about security, you don't hack them. Period. You don't get to attack someone without invitation and keep your shiny clean reputation. This guy is getting screwed because he allegedly broke the law.

I've worked with red teams. If you're going to ignore their findings, you're better off not hiring them in the first place. See, red teams keep records. Those records can be subpoenaed, and if it turns out that you were told about a vulnerability and chose to ignore it, it's your ass on the line. Insurance companies won't pay for damages, approvals get revoked, and SLAs start invoking their failure clauses. It's a huge price tag that's almost always bigger that the price to fix the findings.

Comment Re: I think... (Score 1) 387

There is also the absurd notion that any success stories of internal reporting would also be kept internal. The NSA isn't particularly likely to say "Hey everybody, we did some stuff we can't tell you about, but it was unethical, so now we are doing it differently."

"We're naming Bob as the analyst of the month for his report on how the HOT GRITS project invaded the personal privacy of Natalie Portman. Remember to ask the Petrification Ethics Review Board for approval before coating any actresses."

Comment Re: I think... (Score 1) 387

To my knowledge, the folks who actually understand such things do not say actually say that about Hillary Clinton's email server. In her case, the facts are much less clear. The key words in section 798 are "knowingly and willfully". Where Snowden knew he was leaking classified information and was a willing participant, Hillary did at least try to keep some basic (if ultimately inadequate) security on the server contents.

There is also an argument to be made that Clinton did not herself "knowingly and willfully" send any classified emails. As I understand, the only publicly released information does not mention who sent what. Rather, the classified emails may have only been sent to Hillary, making her an unwilling participant.

It is also important to understand how easy it is to accidentally include classified information in a collaborative medium like email. Let us suppose, hypothetically, that it would be outright classified to say "the President's favorite dessert is vanilla cake with chocolate frosting". It may be unclassified to say "the President prefers vanilla cake" and also unclassified to say "the President prefers chocolate frosting", but putting both together becomes a classified discussion. In the context of an email chain, especially when a participant may not read the entire chain thoroughly, it is very easy to imagine a discussion first mentioning the preference for vanilla cake, then a later reply separately adding the frosting preference. Nobody knowingly released classified information, but the classified information is there.

However, a wider-reaching law is section 793, which covers removal from the "proper place of custody". Walking into a secure environment and carrying out classified information without proper authorization would violate this law, and there are a number of cases that have been prosecuted under this section. Again, though, there's little evidence that Clinton personally mishandled classified information that was later found on her server. There is a clause in the law covering "gross negligence", but that dishonor would likely fall to whoever was in charge of securing the server, rather than the person who asked for it.

In short, Comey's assessment is pretty succinct. Hillary Clinton was careless and probably should have known better than to run a personal server, but there's not enough evidence to make a decent case against her.

Comment Re: I think... (Score 4, Insightful) 387

18 U.S.C. 798. Note how that law has no mention of malicious intent. It doesn't matter whether Snowden had noble intentions when he broke the law; it is still a violation. This is in contrast to other laws he may have broken (like 18 U.S.C 2381) which require making the case that Snowden's goal was to aid the enemies of the United States.

That distinction is important when Snowden claims that he won't get a "fair trial". In a trial, the question is whether the defendant broke the law. A fair trial means the defendant has a fair chance to defend himself. Regarding section 798, Snowden could argue that he wasn't really the one who leaked the information, or could claim that he was misled to believe that Glenn Greenwald was authorized to receive the information, or he could argue that the whole affair is an elaborate conspiracy to frame him. Unfortunately, he's already quite publicly stated that he took classified material about communications intelligence and made it available to the public. He still can get a fair trial just as soon as he sets foot on American soil, but "fair" and "likely to win" are two very different things.

Snowden's motives can then be used during sentencing to argue for a lighter sentence, and that would probably be fairly successful, since the NSA has directly and indirectly admitted some wrongdoing on their own behalf. On the other hand, despite Snowden's claims, there's very little (unclassified) evidence that he actually tried to pursue any legal alternatives, and there's a growing amount of evidence that Snowden's leak benefited foreign parties. That part of the trial will be far more difficult to predict.

Slashdot Top Deals

If you're not part of the solution, you're part of the precipitate.