Or, more oddities in the Cyberwar stakes. I can’t help thinking that the cyberwar stuff, much like conventional terrorism, is vastly overblown as a threat to national security, or indeed anything. A case in point is the normally very sensible Bruce Schneier with a short recommendation of a New Yorker piece about the crashing of a EP-3E Aries II in 2001 in China.

So, to recap: the pane is monitoring Chinese comms, crashes, and so is physcially in the hands of the Evil Hordes of Fu Manchu who naturally take it to pieces. Apparently this included operating system created and controlled by the N.S.A., and the drivers needed to monitor encrypted Chinese radar, voice, and electronic communications

Certainly, from the reports, it appears that whoever spend zillions of dollars on this expensive system failed to think of the possbility of it falling into enemy hands, and the cunning plan to destroy sensitive instruements in the event of capture was to pour coffee on them. This is imbecility of such a high order that only military intelligence could have done it.

But more than that, the NY gushes that the Chinks were

reverse-engineering the plane’s N.S.A.-supplied operating system… Mastering it would give China a road map for decrypting the Navy’s classified intelligence and operational data.

But… why? Surely even people as dumb as military intelligence wouldn’t be putting whatever Sekrit encryption system they use for their own data into a plane they are flying over mainland China? What would be the point? The plane, after all, is gathering a pile of Evil Empire data. That data doesn’t need any specially strong encryption. And even if it did: why would disclosure of the encryption method matter? Just because I lose my PGP password doesn’t make anyone else’s PGP-ed data any less secure. And anyway, the intelligance gathering only needs *en*cryption not *de*cryption.

The NY piece goes on to directly state that whatever came out of this plane allowed the Chinese to decrypt US secrets a few years alter, and that makes absolutely no sense whatsoever.

The only sensible thing in the entire piece appears to be a comment by Brian W. Point 3 of that comment makes some kind of sense – just possibly, the crypto keys are buried in some hardware (not that the NY article mentions this possibility). But but but – still, why? Perhaps, not to save the intercept data but to communicate back to base? But even then, were that so, you’d know that was the bit you had to destroy.

None of this makes any sense – apologies if I’ve been a bit incoherent here but the NY piece seems so obviously nonsensical that it is hard to know where to start.

Comments

  1. #1 silence
    2010/10/26

    The only thing which might make sense is that having a live copy of the hardware and software gave the Chinese a chance to sit down with it and experiment intensively. That makes finding bugs to exploit a lot easier.

    Part of the problem may be that Seymour Hersh is fairly old, and might not be technically literate in the engineering details sense.

  2. #2 cbp
    2010/10/26

    “If China had reverse-engineered the EP-3E’s operating system, all such systems in the Navy would have to be replaced, at a cost of hundreds of millions of dollars.”

    I can’t think about the above sentence any more because there isn’t enough room on my forehead for my eyebrows to go any further.

  3. #3 dhogaza
    2010/10/26

    Part of the problem may be that Seymour Hersh is fairly old, and might not be technically literate in the engineering details sense.

    He’s not an engineer, but is a very competent journalist who usually has very good inside sources.

    And I find it difficult to believe he wouldn’t run the finished product past those sources.

    Strange stuff.

    The only thing which might make sense is that having a live copy of the hardware and software gave the Chinese a chance to sit down with it and experiment intensively. That makes finding bugs to exploit a lot easier.

    This makes some sense. After all, the article talks about reverse-engineering the operating system perhaps giving the Chinese a *road map* for decrypting naval messages, nothing more.

    Also …

    Mastering it would give China a road map for decrypting the Navy’s classified intelligence and operational data.

    This is a pretty general statement – is the operating system used for secure communications throughout the navy? That would make it expensive to replace, and playing with the operating system might give you clues as to what’s being encrypted and in what order, and also things like key selection algorithms and the like.

    Tim sez this:

    The plane, after all, is gathering a pile of Evil Empire data. That data doesn’t need any specially strong encryption.

    Yeah, but neither is there any particular reason to write custom code just for these missions if there’s SOP in place for destroying gear, etc. You seem to be assuming this is some sort of one-off bit of code or used in this specific context only. The general nature of the statement I’ve quoted above makes me wonder if the system’s much more widely used.

    OK, I’ve skimmed bits of the article. It’s pretty obvious that the system is widely used in naval communications and other operational stuff (the communications stuff is what would interest the chinese).

    I’ll have to read the rest but Hersh’s sources, as usual, do seem real. I’m sure the material’s also been filtered to some extent in such a way that it fits the narrative without giving much away, and quite likely with some misdirection thrown in – “OK, how can I tell this story in a way that sounds reasonable without giving away too much in the way of technically accurate information?”.

  4. #4 Hank Roberts
    2010/10/26

    > flying over mainland China?
    Nope, out over the ocean.
    Yes, close enough to anticipate a forced landing though.
    http://www.google.com/search?q=aircraft+“China+Sea”+collision

    > coffee
    Military coffee.

  5. #5 David B. Benson
    2010/10/26

    Not just military coffee,

    US Navy coffee.

  6. #6 hibob
    2010/10/26

    Well, one way to get Congress to spring for a brand new communications system and associated toys is to say the current generation is irretrievably compromised …

  7. #7 Dunc
    2010/10/27

    He’s not an engineer, but is a very competent journalist who usually has very good inside sources.

    “Very good inside sources” are half the problem when dealing with “intelligence” matters. Deception is their business – you think they wouldn’t lie to a journalist? Hard to tell who’s using whom.

  8. #8 dhogaza
    2010/10/27

    Deception is their business – you think they wouldn’t lie to a journalist? Hard to tell who’s using whom.

    Oh, I’m certain there are some lies in there, even if the overall narrative is true. But given Sy Hersh’s track record, it’s pretty clear that his bullshit detector is quite effective.

    I wouldn’t bet against Hersh, for the same reason I don’t bet against slot machines. He’s not always been right, but he’s far more often right than wrong.

  9. #9 dhogaza
    2010/10/27

    I am curious as to why including coffee in a list of “things you might have nearby that can be used to disable electronics” is “imbecilic”. Try pouring coffee on your laptop.

    [Pour as much coffee as you like on yuor laptop, dunk the whole thing in a vat of it if you must: the hard drive will be readable afterwards and most of the electronics will be fine once dried -W]

    And this … “… the cunning plan to destroy sensitive instruements in the event of capture was to pour coffee on them.” is inaccurate, as the pentagon is quoted as stating the crew had carried out its destruction protocol, which included (implies “not limited to”) use of a fire ax and “even coffee”. However, I imagine that pouring coffee would more effectively destroy “sensitive instruments” than insensitive ones, no?

    [I exaggerated for effect. But any plan so primitive that it inculdes pouring coffee n kit is stupid and ill thought out -W]

    The military does enough stupid shit on its own (for instance, *not* following protocol and allowing gear to be captured unharmed, in this case) without any need for misrepresentation …

  10. #10 Andrew
    2010/10/27

    Oh, those dastardly evil Chinese dismantling secret US equipment falling into their hands. If the reverse happened, i.e. top secret Chinese equipment fell into US hands, the US would immediately return it to China untouched in due respect to their God-Given Property Rights.

  11. #11 chek
    2010/10/27

    Absolutely right Andrew.
    The only reason that western intelligence shipped that MiG-25 that landed in Japan in 1976 back home in its component pieces was that once it was realised it wasn’t constucted of expensive, exotic materials like western Mach 3 aircraft, they were concerned that a return flight might have been too fast for the pilot’s own safe return.

    That’s the trouble with the West – Health & Safety gone mad.

  12. #12 Dunc
    2010/10/28

    Pour as much coffee as you like on yuor laptop, dunk the whole thing in a vat of it if you must: the hard drive will be readable afterwards and most of the electronics will be fine once dried

    Yup. The drive is hermetically sealed, for one thing…

    I’m really surprised they don’t have hard-drives with auto-destruct features. Injecting a small quantity of an abrasive powder into the drive whilst it’s spinning should render it permanently unreadable, no matter what reconstruction techniques you throw at it.

  13. #13 David B. Benson
    2010/10/28

    William’s main post is wrong about the flight plan. The flight was well off the coast of China, crusing along under autopilot when struck by the foolish Chinese pilot’s fighter plane. The US Navy pilot was then planning to divert to the Phillipines (once he had the patrol plane under control again, that is). He then decided the damage was too severe and instead went to an airport on Hainan Island.

    When I flew an Air India flight just off Hainan Island in the previous century, there were no airports there, just rice paddies.

    [Yes, sorry, I should have made it clear that I knew that. I don't see that it matters, though. Does it change anything? -W]

  14. #14 David B. Benson
    2010/10/28

    William — To me it means that the patrol plane was standardly equipped with standard US Navy communications gear and that no special destruction plans were in place, nor equipment therefore provided.

    [I think that is a good point, which I'd missed earlier - this wasn't just a surveilance plane (perhaps) it might also have been doing std inter-fleet comms or somesuch. SO yes, it could have had a full set of crypt/decrypt stuff on board. But: that doesn't alter two points (a) that if the physical hardware was sekrit, they needed a competent (not special; there should be a std plan) plan for destroying it if captured (b) that the capture shouldn't have compromised anything elsewhere; all that should have been neeed was a change of keys -W]

    Anyway, it looks to me that the US Navy used that incident as a reason (pretext?) to replace everything which might possibly have been compromised. Its the military way, yaknow.

    [That may be the real story; gross profligacy -W]

  15. #15 Jesse
    2010/11/01

    ‘But more than that, the NY gushes that the Chinks were… ‘

    Please avoid that kind of thing. I know it seems nitpicky, but some of your readers may well have been the targets of such. Ask them how it feels.

    PC gone mad, you say. But really, it wasn’t clear on first reading how you were using it, and my rule is to avoid that kind of thing entirely if I can. You wouldn’t use the N-word in a similar context — or you’d be mighty careful. (It took me a couple of readings to get the ‘irony’ — but to a lot of non-whites it can look like an attempt to dress up your real feelings).

    [Yes, it was intended as irony. The general rule is I'll only do that for powerful groups who wno't care. But in this case you're probably right -W]