Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
The Military Government Security The Internet News

Obama Helicopter Security Breached By File Sharing 408

Hugh Pickens writes "A company that monitors peer-to-peer file-sharing networks has discovered a potentially serious security breach involving President Barack Obama's helicopter. 'We found a file containing entire blueprints and avionics package for Marine One, which is the president's helicopter,' says Bob Boback, CEO of Tiversa, a security company that specializes in peer-to-peer technology. Tiversa was able to track the file, discovered at an IP address in Tehran, Iran, back to its original source. 'What appears to be a defense contractor in Bethesda, Md., had a file-sharing program on one of their systems that also contained highly sensitive blueprints for Marine One,' says Boback, adding that someone from the company most likely downloaded a file-sharing program, typically used to exchange music, without realizing the potential problems. 'I'm sure that person is embarrassed and may even lose their job, but we know where it came from and we know where it went.' Iran is not the only country that appears to be accessing this type of information through file-sharing programs. 'We've noticed it out of Pakistan, Yemen, Qatar and China. They are actively searching for information that is disclosed in this fashion because it is a great source of intelligence.'"
This discussion has been archived. No new comments can be posted.

Obama Helicopter Security Breached By File Sharing

Comments Filter:
  • Well... (Score:5, Funny)

    by Anonymous Coward on Sunday March 01, 2009 @09:18AM (#27029441)

    So where's the torrent?

  • by TaoPhoenix ( 980487 ) <TaoPhoenix@yahoo.com> on Sunday March 01, 2009 @09:20AM (#27029453) Journal

    Gee. That's a nice balanced summary, ahead of the histrionic response of "OMG file sharers are breaching national security!"

    • Re: (Score:3, Insightful)

      by nametaken ( 610866 )

      My question is more like, who the hell is still using that sort of old-an-busted P2P software (bearshare, kazaa, etc) that does autosharing of folder contents like that? And really, someone with blueprints and such for marine one?

      Someone tell that guy/gal it's 2009.

      • by eean ( 177028 )

        Yea these people should be more then just fired in my opinion. Ignorance is no excuse for breaking any law, I don't see why breaching national security is any different. Scooter Libby didn't have to serve any jail time, but hopefully the new president takes things more seriously.

    • Re: (Score:2, Insightful)

      Comment removed based on user account deletion
      • by phorest ( 877315 ) on Sunday March 01, 2009 @10:49AM (#27030031) Journal

        There's even more profit in REPLACING the now 'breached' current presidential helicopter fleet over these blueprints.
        Don't even think that this has primary IT implications.
        This is more about giving the polititians cover to continue the cost overruns.

        Lockheed-Martin signed a contract four years ago to build 28 new helicopters for $6.1 billion. Numerous Pentagon-mandated changes have ballooned the price tag to $11.2 billion - meaning each of the new choppers would cost $400 million, or as much as Air Force One.

        Marine One Upgrade Plan Stirs Debate [kdka.com]

        A helicopter (one) that costs as much as (one) Boeing 747!

        Wow...

      • Re: (Score:3, Funny)

        by darkpixel2k ( 623900 )

        Yes, this is absolutely a lobbying ploy. How the hell do they know "exactly which computer the information came from" unless they had direct access to the defense contractor's computers?

        It was pretty easy. The first 15 computers we walked up to said "Press CTRL+ALT+DEL to login". The 16th computer was already logged in as "DEFCONTR\administrator" and had the Kazaa icon in the systray.

    • by nine-times ( 778537 ) <nine.times@gmail.com> on Sunday March 01, 2009 @10:11AM (#27029763) Homepage

      I don't think there's anything unfair about the summary. P2P applications are a security risk, and I know I don't allow my users to install them on their work computers.

      Let me put it this way: Any time you're setting a computer up to be a server on the Internet, it's always a security risk. There are risks associated with bugs and things like that, but also (and perhaps more importantly) there are risks associated with misconfiguration. This is very relevant for P2P applications, which might come configured by default to share files that you don't want to share.

      So yes, if people with high security clearances are installing Kazaa on their work computers and sharing out all their documents, then "OMG file sharers are breaching national security!"

      • Re: (Score:3, Insightful)

        by yoshi_mon ( 172895 )

        Yes every time you do anything actually there is risk. Walk out on the sidewalk? Risk. Light a fire? Risk. Put a computer on the internet? Risk.

        The problem is that the word 'risk' without anything else is used often by fear mongers to push an agenda. Are all the people that use P2P software to distribute FOSS putting themselves at risk? Yes. But it's ok, it's a known and controlled risk. Just like when I walk out on the sidewalk I know not to run into oncoming traffic.

        If you don't qualify what thi

    • Re: (Score:3, Insightful)

      by couchslug ( 175151 )

      Boring.

      The parent helos (H-3 variants, UH-60) construction is common knowledge and so it how to shoot one down.

      Many H-3 variants were shot down during the Viet Nam war and plinking Blackhawks has been proven practical with RPGs (which cannot be jammed or spoofed) since Mogadishu.

      Hit the tail rotor, gearbox, or important accessories like the aircrew and you'll have a nice smoking hole without benefit of P2P.

    • by Rary ( 566291 )

      The general issue of secure documents found to be available on P2P networks is a serious issue, and not even remotely close to being something new. Slashdot has talked about it before, so this is old news.

      This particular case is notably non-newsworthy. I mean, seriously, it's a freakin' helicopter. WTF are "the ter'rists" going to get out of looking at its blueprints?

      First Terrorist: I've analyzed the blueprints for Obama's helicopter and discovered that if we fire a rocket launcher at it, we could blow it

  • by denzacar ( 181829 ) on Sunday March 01, 2009 @09:20AM (#27029455) Journal

    Tiversa was able to track the file, discovered at an IP address in Tehran, Iran, back to its original source.
    .
    .
    'We've noticed it out of Pakistan, Yemen, Qatar and China. They are actively searching for information that is disclosed in this fashion because it is a great source of intelligence.'

    If you use p2p file sharing software to steal music and TV shows - terrorists win.

  • Wow. I wouldn't want to be him / her about now.

    • Re: (Score:3, Insightful)

      by nurb432 ( 527695 )

      employee?? The company should be toast.

      • specifically, the network engineer that set up their routers and firewalls should be toasted, medium well on a spit

        • No doubt! I work at a large school district, and our machines are locked down tighter than the machines we used in Army intelligence (minus the strong crypto and CAC [wikipedia.org] readers). We can't even install Flash for our web browsers because it's seen as a "risk" (which is ridiculous, as we don't even have anything anyone would WANT on any of our machines). How is this bozo installing P2P apps on a work machine... or worse, why is he putting classified info on a personal machine?
          • by JamesP ( 688957 )

            No doubt! I work at a large school district, and our machines are locked down tighter than the machines we used in Army intelligence (minus the strong crypto and CAC [wikipedia.org] readers).

            Probably because the army realised noone can work properly on a locked-down windows machine.

            Granted if it's only word/email/whatever, then it may work, otherwise, if, you know, people need _real_tools_, _real_programs_, etc, not gonna happen.

            Especially if you have to wait for it to be "approved" by the morons at IT.

            I know that, if I ever have to hire an IT manager my first question will be "which browser do you use". Anything that begin with an I, and I'll just say "next!"

    • Comment removed based on user account deletion
      • Getting framed sucks... but what if it's all part of a setup?

        Wasn't there some discussion about Obama wanting a new helicopter but "for the good of the nation" "considering today's economy" (nudge nudge, wink wink*) he decided against buying new helicopters.

        But now that the security been breached, well, he just *has* to have a shiny new one, right?

        (*What's a few hundred million dollars for a helicopter when we're committing to spending more money than the entire world's GDP, as computed using GAAP standards

  • Obligatory (Score:5, Funny)

    by lixee ( 863589 ) on Sunday March 01, 2009 @09:25AM (#27029479)
    Torrent link, please?
  • by Wrath0fb0b ( 302444 ) on Sunday March 01, 2009 @09:30AM (#27029519)

    I'm pretty sure that stupid/careless employees can leak sensitive information through P2P on any OS. I'm not aware that any of the OSX/nix installs search any less widely for shared folders than the Windows versions.

    Stupidity is definitely OS-independent.

    • by gmuslera ( 3436 )

      I'm pretty sure that stupid/careless employees can leak sensitive information through P2P on any OS. I'm not aware that any of the OSX/nix installs search any less widely for shared folders than the Windows versions.

      Dont remember any p2p program for linux that shares by default the home dir, much less the Documents folder (when is there, anyway). Sharing the Documents folder or the user dir could look reasonable in windows world (where you dont have practically everything that matters in that dir). but in *nix is a big enough security hole to not include that default behaviour in p2p programs.

      Stupidity is definitely OS-independent.

      Some vulnerabilities make you think that choosing certain OSs could be a symptom of stupidity, specially if you have so very sen

  • by v1 ( 525388 ) on Sunday March 01, 2009 @09:31AM (#27029523) Homepage Journal

    A lot of these P2P apps share your entire home or your entire computer by default when you first install them, it's up to you to go in and shut that stuff off, or at least define a specific folder to share from rather than the default.

    Tagging this with "windows" isn't fair - it can affect any other system equally, this isn't a software problem, it's a user or developer issue. For example, I've worked on numerous macs with Limewire installed on them that are sharing all the user's music automatically by default.

  • from TFA: Rep. Jason Altmire, D-Pa., said he would ask Congress to investigate how to prevent this from happening again.

    And you're going to do WHAT? Stop using defense contractors? Train the entire world on common sense? good luck!

  • Now the government has an excuse to completely ban Peer 2 Peer. I'm sure its complete bullshit, but it wouldnt be the first time the government lied to us about "terrorism" in order to gain financially and politically.

  • Topical BS (Score:3, Interesting)

    by El Torico ( 732160 ) on Sunday March 01, 2009 @09:36AM (#27029551)

    Is it just me, or does this whole thing seem a bit too topical? I can see this meeting taking place at the Tiversa head office.

    CEO - "We need to drum up business! What's a good angle to increase our visibility?"
    Marketing Droid One - "Evil powers are undermining our National Security© is tried and true, Sir."
    Marketing Droid Two - "It's consistently scored highly in all of our focus groups."
    CEO - "That was with the last administration! We an angle for today people!" (makes slicing hand gesture)
    Up and Coming Sycophant - "I know! The helicopter! We can say that someone stole the plans to the President's helicopter!"
    CEO - "That might just work. Tie that in to the usual National Security line and send out a press release!"

  • There are a few sensitive files in my home directory, such as my private key in ~/.ssh and a few configuration files that contains passwords in clear text. I really don't want these files to be shared inadvertently, yet they are currently treated as ordinary files by the SELinux on my Fedora 10 system, so any process running under my account can access these files. Of course I can still relabel the files and change my SELinux policy, but this is beyond the ability of most people. It is a shame that SELin

    • I'd like every program I run to be in a sandbox. For example, not having access to a single file without my permission.
    • Simple end user protocol: Don't put confidential data online. I have several nodes that have no connection, and I don't even have kitty-porn on them. My data is damn near secure on those. Actually I was real annoyed when I was unable to locate a non-wi-fi-ready variant of a motherboard recently. Asus had it in the catalog but none of the retailers seemed to think that anyone might not want to broadcast their shit.

  • by marco.antonio.costa ( 937534 ) on Sunday March 01, 2009 @09:45AM (#27029603)

    Wow. BitTorrent is really freaking the control freaks out isn't it? I guess the Pirate Bay trial must be going worse than they thought....

  • by nurb432 ( 527695 ) on Sunday March 01, 2009 @09:45AM (#27029609) Homepage Journal

    Should be *banned* for security areas. If you need 'outside' for a valid reason you provide a dedicated machine for that purpose.

    Its pretty simple. That company should be fired, not just the fool that caused the leak.

    And i don't care what OS it runs, anything less then the above is plain reckless.

    • Re: (Score:3, Insightful)

      by igb ( 28052 )
      I've never understood the provision of paths from `inside' to `outside' in any work environment. We wash everything through application relays with RFC 1918 on the inside and no NAT. It's not perfect: a _lot_ tunnels through HTTP, for example, and we're fairly permissive with CONNECT to our proxies. But at least we have logs of every connection.
    • by Dun Malg ( 230075 ) on Sunday March 01, 2009 @11:21AM (#27030261) Homepage

      Should be *banned* for security areas. If you need 'outside' for a valid reason you provide a dedicated machine for that purpose.

      Its pretty simple. That company should be fired, not just the fool that caused the leak.

      And i don't care what OS it runs, anything less then the above is plain reckless.

      THey undoubtedly already do the above. I would lay money that this guy "brought work home" on a USB flash drive and put it on his home computer. I do something similar at work. I have 2 machines side by side, one with network access, one isolated with all my development tools on it. I transfer the applications I write to the "live" side with a flash drive. In my case it doesn't matter, because there's nothing sensitive on our network (our IT dept is just full of dickheads who lock down all the networked machines). In this contractor's case, the employee will probably lose his clearance and be canned. DoD security regulations are there for exactly this reason.

  • So now that they have the plans for Marine One. They can save bundles in R&D and finally build Ayatollah One.

    Couldn't resist. :)

  • The solution.. (Score:5, Interesting)

    by bjourne ( 1034822 ) on Sunday March 01, 2009 @09:55AM (#27029661) Homepage Journal
    This is not a new problem, for years it has been trivial to search for passwords.txt and find hundreds of email passwords, credit card numbers and other sensitive information. Even if this is a PEBKAC issue, there are still several things that could be done to mitigate or cure the problem:
    • Special NIC:s that drops non-VPN traffic.
    • Hardware firewalls that drop all outgoing traffic except for HTTP and SMTP.
    • P2P software that disallows sharing of files less than say 1mb in size. Or disallow sharing of plain text files or other documents. Usually, people are sharing media or archived software. If a .ppt file is shared, then in 99 cases out of 100, it wasn't supposed to be shared.

    None of these ideas are foolproof, someone dumb enough would eventually screw up anyway. But that is not the point, the point is that there are simple engineering steps that can be taken to reduce the amount of inadvertantly shared data.

    • Do these programs even tell you in any plain manner that they are sharing the contents of the computer? I get the impression that they don't, that you have to know that it defaults to "open kimono mode" (i.e., it shares your entire computer) and specifically turn it off in the settings.

    • Heh. Amusing indeed. [google.com]
  • This is why (Score:5, Insightful)

    ... and this is why you have draconian policies in many companies about installing ANY unapproved software. I've seen people complain about "just let me do my job" and install anything they want, but the fact of the matter is that it only takes one dumb-ass like this to wreak major havoc.

    • Re: (Score:3, Insightful)

      Comment removed based on user account deletion
    • Actually, I would dare to say it's the people's fault for storing sensitive files in the Documents folder in the first place.

      Sensitive data should be read from a network drive only when needed, and there should be a log with who opened it, who saved it and so on, much like a SVN/CVS whatever.

      Also, a very important rule that every company should teach programmers and employees is NEVER STORE DOCUMENTS ON THE BOOT PARTITION.

      If for some reason Windows goes berserk/crashes/you get infected with a virus, the eas

      • Actually, I would dare to say it's the people's fault for storing sensitive files in the Documents folder in the first place.

        It doesn't matter where they're stored. If it's accessible, then it's accessible, whether it's on a network drive or a local drive. There's nothing that stops P2P apps from accessing network drives and searching for documents.

    • Yep (Score:3, Insightful)

      by Sycraft-fu ( 314770 )

      Also I've discovered that quite often, the reason people want the ability to install software is precisely because they want shit they know they shouldn't have at work.

      I work for a university, so there isn't a hard and fast rule on admin for users. We'd like that nobody has it, because there's less problems, but due to various reasons including academic freedom and research groups owning their own systems, we have to allow it when professors request it.

      Now you might assume that the reason a grad student wou

    • ... and this is why you have draconian policies in many companies about installing ANY unapproved software.

      Which is quite a reasonable policy provided it is coupled with a mechanism for rapidly turning around sensible requests for new software, and truly is driven by security considerations rather than control-freakery and the need to secure middle management jobs in the procurement department.

      Oh, and also provided it is applied to the Pointy Haired Boss as well as the proles - because (a) they may be the ones doing the dumb-ass things, and (b) if they have to wait 6 months for the software update they need th

  • by RobertLTux ( 260313 ) <robert@nosPaM.laurencemartin.org> on Sunday March 01, 2009 @10:10AM (#27029755)

    So whats the high/low on this person having a GitMo vacation??

  • People who don't understand what they are doing are also making huge mistakes!

    In our consumer-safety world, we blame the manufacturers/publishers of products for when their use results in harm of some kind. We do this with cars, refrigerators, shoes and drugs. Somehow we have yet to address this problem with software... or more precisely, we have EULA'd ourselves out of any recourse on the matter.

    People want to share stuff on the P2P (which doesn't always mean bittorrent... it can also mean other protocol

  • Deliberate. (Score:4, Interesting)

    by lawrenceb ( 106971 ) <ldb@@@outsourcethinking...com> on Sunday March 01, 2009 @10:15AM (#27029791)

    Funny how this should happen so recently after Obama and McCain publically agreed that the plan to replace the aging Marine One fleet should be cancelled...

    http://www.nytimes.com/2009/02/24/us/politics/24chopper.html [nytimes.com]

    • Re:Deliberate. (Score:5, Interesting)

      by cicho ( 45472 ) on Sunday March 01, 2009 @10:31AM (#27029905) Homepage

      Here's more. The new Marine One fleet was to be built not by Sikorsky, as has always been the case, but by an Italian manufacturer Finmeccanica. Apparently the bidding and selection process itself was suspect, and pilots objected. This may also be why Obama wants the project reviewed. The article below posits a particular theory about the apparently crooked deal with Finmeccanica, which may or may not be correct, but the facts remain regardless of their interpretation:

      http://www.alternet.org/audits/127832/ [alternet.org]

  • planted fakes? (Score:3, Insightful)

    by Bobtree ( 105901 ) on Sunday March 01, 2009 @10:19AM (#27029811)

    If I worked for US counterintelligence you can bet I would develop and plant fake leaks that sound just like this sort of thing. Then again, I may be giving too much credit. Occam's Razor prevails.

  • by julian67 ( 1022593 ) on Sunday March 01, 2009 @10:22AM (#27029843)
    plz seed
  • And suddenly your sources were out ...

    I am really astonished by what can call itself a "defense contractor" in the USA. Most other places probably have similar idiocy in place but this is just laughable at best. You entrust a company with the security of your files (let alone the nation) and they can't set up Kazaa so it won't share "C:\Documents and Settings\All Users\National Secrets"? Wow ... and I thought the credit crisis was a problem of epic proportions.
  • by eiapoce ( 1049910 ) on Sunday March 01, 2009 @10:45AM (#27030001)

    Don't worry, I am sure the Iranian ISP has a three strikes policy and terrorists will be soon cut off the internet.

  • by Max Threshold ( 540114 ) on Sunday March 01, 2009 @11:32AM (#27030385)
    What are the chances this P2P source was installed by malware? Is there anything active in the wild that does that?
  • What sort of security depends on the secrecy of a helicopter's blueprints? Honestly.

    • What sort of security depends on the secrecy of a helicopter's blueprints? Honestly.

       
      Pretty much any kind of security. Keeping the blueprints secret means keeping the capabilities (range, speed, altitude) secret as well as keeping the nature of any active or passive defenses secret.
       
      Now I know the Slashdot hivemind will respond with their usual rote mantra - "but security through obscurity is bad"... But on this, they are completely wrong. (Mostly because their notions of security consist of repeating what they've read by various talking heads.) Security through obscurity, as one layer of an overall security plan, is extremely valuable because the black hats cannot prepare in advance to meet a countermeasure which they are unaware of.

  • by moxley ( 895517 ) on Sunday March 01, 2009 @11:36AM (#27030423)

    I am so tired of this sort of sensationalized reporting.

    It's all part of an agenda, as I see it, about the "horrors of p2p technologies."

    So let me get this straight, (at least, according to the headline).

    "File Sharing" actually "breached" Obama's helicopter. How did file sharing accomplish such a feat?
    Did file sharing hire some elite spies? Maybe some mossad agents?

    What I think is that a company that manufactures products to snoop of file sharers has a great headline to
    promote their business.

    What the article REALLY amounts to, is that some defense contractor fucked up by not following security procedures.
    if he had left them on a table at McDonalds the outcome could have been the same.

  • That means we can finally all build ourselves our own presidential helicopter!
  • Comment removed (Score:4, Interesting)

    by account_deleted ( 4530225 ) * on Sunday March 01, 2009 @12:03PM (#27030617)
    Comment removed based on user account deletion
  • Amazing... (Score:4, Funny)

    by Sensible Clod ( 771142 ) on Sunday March 01, 2009 @12:55PM (#27031069) Homepage
    Almost 200 comments, and not a single ROFLcopter...

    You guys are slipping...

To be is to program.

Working...