If true, the bill here is Billions of dollars.  Dollars spent on extending the lives of aircraft slated to be replaced by the F-35, dollars spent on the engineering rework to change the design of the F-35, and dollars spending on how to counter the possible improvements to Chinese systems due to their adoption of American technology.  And for some reason, I doubt Lockheed, the Prime Contractor for the F-35 is opening up their checkbook to cover these costs.

I hope that this report is untrue and that the Chinese didn’t delay the F-35.  If so, then we still have a lot of unanswered questions as to why the F-35 is so late and over budget.  It was suppose to be a low-risk cheap jet, and it has mushroomed to be the DoD’s most expensive program… EVER.  Not good, with or without Chinese help.

The article does a good job of calling this what it is, a farse.  There is no way that either China, Russia, or any other nuclear equipped nation will sit aside while a conventional warhead is sailing overhead to strike some target.  The DoD is trying to make this new conventional warhead to fly a different trajectory, as to indicate to our allies and potential adversaries “Hey, trust us, it isn’t a nuke”.  While it may be a conventional warhead, but how will anyone beside the DoD know?  If you can make a worhead fly this unique trajectory, why can’t it be a nuclear warhead?

Being able to hit a target in a moments notice is a mixed blessing.  I’m reminded of the discussion during Dr. Strangelove where they discuss the benefits of bombers over ICBM’s.  The arguement was that bombers took longer, and that was a good thing.  Time allows the US and Russia (in Dr. Strangelove) to open up diplomancy and to try to calm things down.  This doesn’t happen if the immediate answer is and ICBM launch.

So, if we have this capability, what becomes the role of diplomancy.  In addition, we’ll be tempted to use this on the terrorist in a mountain cave.  Is that guy really worth it?  To launch a conventional ICBM or SLBM will cost millions per launch.  Is this guy really worth that price?  Is this guy worth the possible nuclear response?  I would seriously doubt it, but there may be specific cases where it is worth it.

If money was no object, if we had a sound foreign policy, strong diplomatic capabilities, and if everyone trusted us, then this could be a good idea.  In reality, it isn’t.  We don’t have enough money to keep being the World’s Policeman, so why do we want to go down this route.  It is hard to imaging that this type of weapon would not only start, but end a conflict.  This would be just the opening round to an extended conflict involving thousands of American soldiers.  If it was possible to avoid war through the use of this weapon, I’d be a big fan… but I just don’t see it.

At best, this is going to be a huge work program for the Military Industrial Complex similar in scope and cost as SDI.  At worse, this will get us into an accidental nuclear war and end our civilization.  With those being two of many plausible outcomes, we should be wary of going down this path.  Let’s hope that the budget hawks will stop it in its tracks before we waste millions of our precious dollars.

At the S4 Conference SCADA systems were put under the wire brush and found as insecure as those websites targeted by Firesheep.  Iran learned the hard way that SCADA isn’t secure with Stuxnet.

SCADA is designed by industrial engineers for industrial engineers, and not by computer security experts… and it shows.  At the conference flaw after flaw was exposed which if exploited could cost billions and even cost lives.  Unlike a Facebook account, SCADA controls physical processes and when something goes wrong, bad physical things can happen.  The conference attendees speculated that there will be a Firesheep moment for SCADA and that the industry will have to react.

I agree and disagree.  I do think that if I were to buy a new SCADA system, I’d be able to find a wide range of improved security offered.  I also think that I’d find systems that were upgradable and that could be easily patched in the future against evolving threats.  What I don’t see is any reasonable expectation that the existing fielded systems will ever be fixed.  The flaws extend beyond the server farm and into small control boxes scattered around power plants and industrial sites.  This is more like IE 6 than Firesheep.  No matter how much Microsoft has tried, IE 6 still lives on.  It will take touching every single flawed box and potentially redesigning every single system to secure them.  Firesheep was countered by using SSL at the servers.  If countering required each user to replace their laptop, we would still hear about Firesheep.

I don’t know if there will ever be an event that causes industry to touch all of those boxes and to upgrade them.  Those boxes are a sunk cost and they just work.. so why change them.  It will be easier for industry to implement procedural changes to reduce (but not eliminate) the risk.  Some industries such as nuclear power plants may make the effort, but will the dairy farm?  Additionally, I doubt that any warranty associated with these boxes included this.  They work as designed, so therefore the fact that they were designed without sufficient security isn’t something likely covered under warranty.

The people that wrote Stuxnet were targeting a specific set of SCADA controllers and intentionally prevented their software from attacking outside of a narrow set of parameters.  They were unable to prevent collateral damage, but they did go out of their way to do so.  The worse case scenario for the SCADA industry (both manufactures and users) is someone releasing a variant of Stuxnet that is as discriminating as a nuclear weapon.  Remember the Conficker virus?  You know, the one that infected 15 million windows computers.  It didn’t care who you were.  Now, put the Stuxnet payload on something as nondescript as that, and you’ll get the worlds attention.  You will also cause physical damage across a wide range of industries.

It is unlikely that the industry will recall their boxes and replace them for free.  It is also unlikely that most industries will pay to replace their SCADA systems with newer secure ones.  The best we can hope for is that industries start building response plans for when their SCADA systems are compromised.  At some point some virus is going to be released into the wild that does impact SCADA.  It may be something that was designed to target a small population, but who’s controls were poorly designed.  It may be something designed to show off the skills of some 15 year old hacker… I don’t know… but it will happen.  The question isn’t if or when, but how will industries respond and how well are those contingency plans written.

Well, they just got a donated drone, and are now using it to track the whaling fleet.  This is pretty cool.  This is also an interesting use of the technology that probably wasn’t thought of by the drone inventors.  It makes me wonders where this technology may go in the future.  What would happen if Occupy Wallstreet had a drone overhead constantly, alerting them as to what the police were doing?  How would constant monitoring change police tactics?  Does the police shoot down the drone before evicting the protestors?

In this case, Sea Shepherd and the Japanese whalers are in international waters so there is not police that will claim jurisdiction.  I have to wonder how the Japanese will respond?  Will they even try to shoot down the drone?  I would doubt that they have anything on board the ship that will effectively shoot down a drone.  Maybe they could get lucky with a harpoon, but I doubt it.

This is an interesting development in this multi-year conflict between Sea Shepherd and the Japanese whaling fleet.  As the technology continues to develop it will continue to influence this battle.  Just wait until someone decides to bring along torpedoes.

But, this is not the GPS manufacture’s fault as Lightsquare will have you believe.  GPS receivers are just that, receivers.  They only listen for the GPS signal that is broadcasted from the satellites above.  The GPS signal is very weak, and therefore the receivers must be sensitive to pick them up the signal.  If Lightsquare is broadcasting too close to the GPS frequencies, or on the GPS frequencies, of course these sensitive receivers will pick it up.  Welcome to basic radio theory.  GPS receivers have been around for many years, and have evolved.  In the beginning it took a long time to pick up a satellite and only a few could be picked up at a time.  That wasn’t good enough for either military or commercial use (no good if your GPS only starts working after you arrived at your destination), so they pushed up the sensitivity and improved the processing.  Now they have GPS receivers that can find your location quickly, just like we want it.  The outcome of this is that a small buffer is needed around the frequencies to ensure that they aren’t accidentally interfered with.  That is the price we pay to have a GPS system that works, and that is the frequencies that Lightsquare wants to use.

Sorry Lightsquare.  Much of our civil infrastructure, consumer electronics, and military systems rely on GPS.  If your systems are going to interfere with them then you lose.  If your system was already deployed and GPS was new, then the roles would be reversed.  You are the one coming late to the frequency party and therefore get stuck dealing with the outcome of several years of evolution of GPS.

I like what Lightsquare is trying to do, and I do hope that they can find some frequency band that will work for them.  However, the GPS bands must remain off-limits.  It is unfortunate for any company that has a good idea, and believe that they have a right to develop systems that border on the GPS, that their plans get screwed.  The Government did a poor job of laying down a foundation for frequency management.  There was no way to do it well, given that no one had any idea as to how wireless technology would evolve.  The FCC has done its best with what it has, but it is stuck with many legacy decisions and systems that abuse the frequencies they are given.  At some point we’ll have to make the same transition as we did with standard to digital televisions, but this time with military radios, satellite communications, and commercial wireless devices.  It will be a challenge and will likely take several hundred years to complete.  Until then, Lightsquare and others like them are stuck with what we have, no matter how unfair it may seam.

Best of luck Lightsquare, but stay away from my GPS… it is often the only thing that knows where I’m going… and I’d like to get there someday.

The Super Committee failed.  Our deficit is beyond reason and growing fast.  Our government is struggling with trying to cut expenses and raise income.  Perhaps now we can finally look at the TSA with an objective eye, and make some common sense changes.  Wired had a good article summarizing TSA’s performance as “Insider: $56 Billion Later, Airport Security is Junk”.  It is a good read and they make some excellent arguments.  For this discussion, I’m going to limit the discussion to TSA and airports.  They really have a responsibility outside of just airports, but that is where most of the easy changes can take place.

First of all, what is the objective of the TSA?  It should be to prevent airplanes from being highjacked, blown-up, or shot down.  This is good, but the reality is that you can never foresee every possible threat, and there is no way to prevent everything.  This is an effort in risk management, and the best we can hope for is to catch and prevent stupid and/or crazy folks that attempt to either highjack or blow-up an aircraft.  You may be able to prevent the stupid terrorist/criminals from accomplishing their objectives, and while doing so, you may raise the difficulty level for the more capable terrorists such that they target less defended targets (which exists everywhere).

So, what should we do with the TSA?  Here’s my recommendations:

1. Reduce passenger screening back to pre-9/11 levels.  Stick with the basics, an ID check and a metal detector.  Let us keep our shoes on, and allow liquids back on the plane.  Let me keep my laptop in the bag.  Focus on preventing a bunch-up of passengers which is a more attractive target than blowing up a plane.  Keep guns and large knives off the plane and prevent the obvious stupid and/or crazies from acting out on the plane.
2. Keep the hardened cockpit doors.  This is one of the few things that the TSA did that makes sense.  If someone can’t get to the cockpit, then they can’t highjack the airplane.
3. Educate travelers that it is still their responsibility to violently suppress anyone trying to highjack the plane.  The passengers and flight attendants are the first and last defense against someone acting out on an airplane.  After 9/11 this was clear and I even had pilots remind passengers of this… now, so many years later, we may be forgetting this.  Just put out some reminders, I think most travelers would understand it.
4. Increase the background checks of airport and airline employees.  Anyone that has unfettered access to the aircraft should be checked.  It is much easier to damage or sabotage an aircraft from anywhere but the passenger cabin.  I’d be more worried about a rouge employee than a crazy passenger.
5. Monitor the area around the airport better.  Here’s a hard one.  If someone was going to try to shoot down a commercial aircraft, they aren’t necessarily going to be on the airport.  They could be next to the airport, or even a few miles away.  They just need to be in the path of the aircraft when the aircraft is low enough to be hit by whatever they are shooting at it.  Accomplishing this effectively will be nearly impossible, so the best you could hope is to have some cameras monitor the likely areas and to dispatch folks to investigate if something suspicious happens.  So, when that van suddenly stops at the end of the runway and folks jump out, you send someone out to see what is going on.  The best you can hope for is to increase the terrorist risk so they don’t try it.  I wouldn’t put too much into this area, but you might be able to catch the obvious if you are lucky.
6. Most importantly, educate travelers that there is a risk and that TSA can’t prevent everything and that it isn’t going to try.  Just admit to the public that something bad may happen and that that sucks, but it is a fact of life.  If they understand that every dime spent on the TSA is a dime not spent on education, or another dime added to our deficit, they would understand.  The TSA doesn’t produce anything.  They do not contribute at all to our Gross National Product.  If people are treated like adults and they understand the risk and costs associated with minimizing every risk, I don’t think you’d get a huge backlash from folks when the TSA backs off from their very expensive tactics.

So, there are some of my ideas.  They pretty much match up with what others are saying.  I don’t know if the politicians have the willpower to dramatically reduce the scale and cost of the TSA without giving their political opponents the “they are soft on terrorism” stick to beat them up with.  It is simple common sense that addresses the reality of the situation.  It may be an uphill battle to apply some common sense here, but given our financial situation, it is worth making the effort.

Rich goes on asking how this could happen.  Well, I don’t have any inside information on how OSHA did this application but I can hypothesize how this happened.  Rich goes on how he’d like the system to work, and I applaud him for that vision.  Now, let me work through the likely steps that resulted in this piece of crap.

1. Somewhere near the top of OSHA a Senior Executive Service (SES) manager decided that OSHA “needed an App”.  Everyone in Government is doing Apps, and OSHA is not going to let everyone have one but themselves.
2. The poor manager assigned to this task has no technical or coding background.  He or She is a mid-level manager, just trying to put food on the table.  When he asks the Boss “What do you want the App to do?”, the answer is something like “I don’t care, just make an App and leave me alone about it.”  Here’s the first major problem… there is no actual reason for the App, and no one has thought this through.
3. The manager must now write a Request for Proposal (RFP) for the development of the App.  This process takes about six months if you are lucky, and you must go through multiple legal and contracting reviews.  Any creativity or vision will be stripped out of the RFP as too risky or unusual.  The RFP will have language such as “The Contractor shall produce an App that provides users information about OSHA”.  There won’t be any mock-ups, diagrams, or use-cases… it is all just words.
4. The RFP will be a Firm Fixed Price (FFP) contract which allows the Government from taking any risk, or requiring constant management of the contract to ensure that everything is going according to plan.  A FFP contract means that the Government provides the contractor (ERG in this case) a flat fee for the App.  If it costs ERG $600 to make the App, then the rest is profit.
5. The RFP “goes out on the street” for proposal.  The Government waits for about thirty or sixty days for responses.  Contractors will write a proposal and the proposal that is “technically acceptable, lowest costs” wins.  Now, there are two poison pills for new and smaller companies.  The first is that they are judged on “past performance”.  So, if you don’t have any, it counts against you.  In reality no past performance equals a neutral score, but you can’t take biases out of the people reviewing the proposals.  Secondly, the RFP contains a lot of boiler-plate requirements which are very costly to satisfy.  Only companies that have made it their business to get Government contracts get Government contracts.  It is just too difficult for others to break into the business, but occasionally it does happen.  Most often a company will leverage one type of contract for another.  So, if a company runs an IT Help Desk, they will suddenly consider them a software development house, with the often predicted bad results.
6. The contractor will take as much time to do the work as possible, even if they aren’t really working on it.  For  a FFP contract, you don’t want to deliver too early.  That would give the Government the chance to complain and force changes.  But if you wait until just before the end of the “period of performance”, there isn’t enough time for the Government to react, so they just accept what was delivered.
7. Finally, but the time the App is actually delivered the SES has moved on to another job, and the new SES’s response is “we have an App, why?, okay… might as well publish it”.

There you go, from poorly defined requirements to a somewhat functional App.  This is not how it can happen, but this is how the system is designed to work.  It could be redesigned and changed, but that requires an act of congress, and they haven’t really demonstrated their capabilities to pass well thought out and written laws lately.

Rich also goes into the inability to gain the source code.  The default data rights for such a contract are Government Purpose Rights (GPR).  GPR is kind of like open source, but only within Government channels.  This assumes there the mid-level manager understands something about data rights.  If not, the contractors will likely try to slip in even more restrictive data rights in their proposals.  If the manager is a rebel, they could push for “unlimited rights” which would all OSHA to release the code, but that really takes a lot of effort, and assumes that one of these companies is even willing to accept that contract clause.

Rich makes some good points in his rant.  Unfortunately, the established government contracting process has been established to maximize profit while minimizing productivity.  In many ways it is a works program.  Now, I’m sure that isn’t the true stated purpose of it, but is how it ends up.  I would like to see the system change, but I’m not sure writing my congressman will help in this case.

Now, this guy isn’t stupid.. thick headed at times yes, but not stupid.  If smart people not only feel that privacy is dead, but then don’t blink an eye about giving up more privacy or more rights, then I think we have a big problem.  My reaction was to ask him to think about what we should do to restore our rights instead of being happy with giving them up.

I’m reminded of the ongoing debate about GPS trackers and the Government having the authority to request your phone records to include location information without a court order.  I was happy to see at least one judge today declare that such requests are unconstitutional and require a warrant.

When our Founding Fathers … uh… founded this Country we didn’t live in an electronic jungle.  Privacy was easy as closing the door.  Today, we have mobile tracking devices in our pockets, and we send all of our communications over the internet where it is easily accessible.  IF the Founding Fathers were writing the Constitution today I would have to believe that they would place strict limits on the Federal Governments ability to wiretap, request ISP records, place GPS trackers and so on.  I’d find it hard that they would just prevent the Government from searching your “papers” as it is currently written.  The Colonists left England to escape a heavy handed Government.

But instead, we have a Government that is constantly trying to push the boundaries of what is Constitutional.  They want more and more powers to avoid requesting warrants and there is even speculation on a secret interpretation of the Patriot Act.  Shouldn’t these folks fall on the side of the Constitution and placing limits on Government?  Why does the Government want so much power?  With all of the abuses that we know of, do we really want the Government (or business for that matter) to know where we have been moment to moment, everything we’ve done online, every email we’ve sent, and so on?  I would like to think not.

While privacy may be dead in practice, I like it.  Instead of bemoaning the loss of privacy, why aren’t we working to restore privacy in America?  Privacy is not a human, not a living thing that once dead can’t be brought back to life (zombies excluded).  It is a concept and principal, and if loss, can be found again and restored.  We can make changes to our existing laws and social norms to bring back privacy, we just have to make the decision to do so.  We can start by erring on the side of privacy and the 4th Amendment.

Maybe it is a pipe dream, but America was built on dreams.

I suspect there is a fair amount of lying or “reinterpretation of the request” that already happens, but it should never be sanctioned.  I’m glad to see the rule dropped and while it won’t guarantee protections from lying, it will at least be better than with sanctioned lying.  The Government is disliked by many of the folks it suppose to protect because of the cloak of secrecy that has risen over the past ten or twenty years.  Even with all of the campaign promises of transparency, there is more secrecy than ever.  But we should never give anyone the right to lie.  If you can’t or won’t tell us, be honest about it.

These systems operate on a classified network. So, either the bad guy has access to the classified network and introduced the malware there (not a happy thought), or someone broke the rules and transferred media from the internet to the classified network (another no-no).  Now, there are always exceptions to the rules, but in those cases all media should have been scanned prior to connecting them to the classified network.  So, what happened here?  Someone screwed up.  Someone didn’t follow the rules assuming that they didn’t apply to them, or that what they were doing at the moment was too critical to slow down and follow the rules.  Maybe the system they use to scan media was broken, or perhaps it wasn’t loaded with the right virus signatures.  Either way, something went wrong.

Secondly, why don’t that have a clean system to backup from?  This is a weapon system, not a video game.  In the article they go on about how they had to build the system from scratch again and again, always resulting in the same re-infection?  Why?  Doesn’t the system have a clean backup?  With the advent of virtual machines, snapshots, backup tapes, replication, and so on… you’d think they should be able to backup without a problem.  Now, the exception would be if the virus is hiding in some firmware and if that is the case, they are in more trouble that they realize.

I guess the real last question is why are they using Windows at all?  Why is the military using a commercial grade operating system that is the largest target on the planet for viruses to run a critical weapon system?  Shouldn’t this be on SELinux?  I bet the decision was made in the name of convenience and cost savings… so, how convenient is it now?  Saving money?  We need to realize that if IT systems are weapon systems, then we need to treat them as such.  This isn’t the same as my PC at home.  People generally don’t die if my PC goes up in smoke at home, but what happens if someone through the virus learns how to insert commands to a Reaper.  How does it look when the Reaper fires a missile at friendly troops… and we learn that it was the result of someone highjacking the system.  If they can highjack people using their bank’s website, they could certainly do this… and learning the system through a keylogger is the first step in that direction.

The Predator program has been an insane success.  It went from a science project to a major weapon system overnight.  Had it gone through the traditional acquisition cycle, it would have likely failed.  However, in its rush to be fielded, they took shortcuts such as their selection of operating systems.  It might be time now to rethink this.  If you are going to go with Windows, then you need to secure it correctly.  If you are a critical system, then you need to be able to boot from a clean backup.  Yes, this means more engineering and more costs, without any obvious operational value… but it also means that you can continue to operate through these type of issues.  Mission availability and robustness should be a valued operational characteristic.  I doubt that this incident will cause anything to be changed.  I just hope that it won’t take one of our UAV’s to be highjacked and the death of friendly troops to finally make us change how the system is designed and used.