Obama Helicopter Security Breached By File Sharing 408
Hugh Pickens writes "A company that monitors peer-to-peer file-sharing networks has discovered a potentially serious security breach involving President Barack Obama's helicopter. 'We found a file containing entire blueprints and avionics package for Marine One, which is the president's helicopter,' says Bob Boback, CEO of Tiversa, a security company that specializes in peer-to-peer technology. Tiversa was able to track the file, discovered at an IP address in Tehran, Iran, back to its original source. 'What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One,' says Boback, adding that someone from the company most likely downloaded a file-sharing program, typically used to exchange music, without realizing the potential problems. 'I'm sure that person is embarrassed and may even lose their job, but we know where it came from and we know where it went.' Iran is not the only country that appears to be accessing this type of information through file-sharing programs. 'We've noticed it out of Pakistan, Yemen, Qatar and China. They are actively searching for information that is disclosed in this fashion because it is a great source of intelligence.'"
Topical BS (Score:3, Interesting)
Is it just me, or does this whole thing seem a bit too topical? I can see this meeting taking place at the Tiversa head office.
CEO - "We need to drum up business! What's a good angle to increase our visibility?"
Marketing Droid One - "Evil powers are undermining our National Security© is tried and true, Sir."
Marketing Droid Two - "It's consistently scored highly in all of our focus groups."
CEO - "That was with the last administration! We an angle for today people!" (makes slicing hand gesture)
Up and Coming Sycophant - "I know! The helicopter! We can say that someone stole the plans to the President's helicopter!"
CEO - "That might just work. Tie that in to the usual National Security line and send out a press release!"
Re:takes 2 to tango (Score:5, Interesting)
Nope. Everyone is assuming this is a torrent because it is the most popular form of file sharing. Many of the old school peer to peer file sharing apps *by default* shared your documents folder. You could turn it off, but most people don't.
Many confidential files have been leaked this way. http://www.eweek.com/c/a/Security/Citigroup-Customer-Data-Leaked-on-LimeWire/
There used to even be guides to tell you what were common digital camera prefixes so you could do a search for CIM*.jpg or DSC*.jpg and browse people's private folders.
If you were a company or nation involved in espionage, getting on a p2p network and searching for files with obvious names would be a good place to start.
http://bizsecurity.about.com/b/2008/07/08/limewire-and-working-at-home.htm
It isn't just limewire of course, that's just the first one I could remember from years ago. There's also eMule and many others.
In addition to firing the person responsible, the entire IT staff should be reviewed if not fired. My guess though is that this is some ceo who specifically told IT that he was exempt from the security rules. C*Os are the biggest security risk because they tell people that the security rules don't apply to them. Remember that cdw? commercial about the boss who infects an entire office because he let's his kid use the company network?
I want properly configured SELinux (Score:2, Interesting)
There are a few sensitive files in my home directory, such as my private key in ~/.ssh and a few configuration files that contains passwords in clear text. I really don't want these files to be shared inadvertently, yet they are currently treated as ordinary files by the SELinux on my Fedora 10 system, so any process running under my account can access these files. Of course I can still relabel the files and change my SELinux policy, but this is beyond the ability of most people. It is a shame that SELinux, with its huge potential, is so hard to use that it still provides very little security for an ordinary user.
The solution.. (Score:5, Interesting)
None of these ideas are foolproof, someone dumb enough would eventually screw up anyway. But that is not the point, the point is that there are simple engineering steps that can be taken to reduce the amount of inadvertantly shared data.
Deliberate. (Score:4, Interesting)
Funny how this should happen so recently after Obama and McCain publically agreed that the plan to replace the aging Marine One fleet should be cancelled...
http://www.nytimes.com/2009/02/24/us/politics/24chopper.html [nytimes.com]
Re:Deliberate. (Score:5, Interesting)
Here's more. The new Marine One fleet was to be built not by Sikorsky, as has always been the case, but by an Italian manufacturer Finmeccanica. Apparently the bidding and selection process itself was suspect, and pilots objected. This may also be why Obama wants the project reviewed. The article below posits a particular theory about the apparently crooked deal with Finmeccanica, which may or may not be correct, but the facts remain regardless of their interpretation:
http://www.alternet.org/audits/127832/ [alternet.org]
Re:takes 2 to tango (Score:3, Interesting)
Re:Cue the Hysteria... (Score:3, Interesting)
>>>why are the idiots storing their sensitive information in a WINDOWS MACHINE!?
Uh, most defense contractors use Windows machines connected to a Windows network. I could go into work right now and by sorting through the publicly-shared Q: drive, find all kinds of schematics and information. Probably most of it I'm not supposed to know, and yet it's there for every engineer/technician to read.
Then if I did something stupid, like load Kazaa and point it to the Q: drive, boom, instant sharing with the whole world.
Re:"windows" article tag biased (Score:4, Interesting)
I have never known a p2p app to run as "nobody" on linux. I'm quite the linux advocate, but this is just plain misleading. It is possible to deliberately setup a separate account to run your p2p apps, but none of the major distros do this for you automatically.
On the other hand, it should be fairly trivial to configure some default selinux or apparmor policies that restrict things like p2p apps and prevent them from accessing your documents without explicit permission. Again, though, I don't know of any distro that does this.
P2P installed by malware? (Score:3, Interesting)
Comment removed (Score:4, Interesting)
Re:President gets a new Marine One (Score:1, Interesting)
You forgot the third conspiracy alternative: They aren't the plans of either Marine One at all.
Arguably, anyone able to make use of them would probably be able to tell if they were bullshit unless the faking is really well made.
Re:The U.S. government is a corrupt killer for mon (Score:3, Interesting)