Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
The Internet Privacy Security The Military

NYU Accidentally Exposed Military Code-breaking Computer Project To Entire Internet (theintercept.com) 75

An anonymous reader writes: A confidential computer project designed to break military codes was accidentally made public by New York University engineers. An anonymous digital security researcher identified files related to the project while hunting for things on the internet that shouldn't be, The Intercept reported. He used a program called Shodan, a search engine for internet-connected devices, to locate the project. It is the product of a joint initiative by NYU's Institute for Mathematics and Advanced Supercomputing, headed by the world-renowned Chudnovsky brothers, David and Gregory, the Department of Defense, and IBM. Information on an exposed backup drive described the supercomputer, called -- WindsorGreen -- as a system capable of cracking passwords.
This discussion has been archived. No new comments can be posted.

NYU Accidentally Exposed Military Code-breaking Computer Project To Entire Internet

Comments Filter:
  • Surprised (Score:4, Insightful)

    by p51d007 ( 656414 ) on Thursday May 11, 2017 @01:08PM (#54401083)
    Anything like this was even connected on the "internet".
    • Probably a back door left open that was used during development, initially including a redundant air-gap that some researcher got tired of connecting and disconnecting... it's not just the Muggles who're lazy.
    • Re:Surprised (Score:5, Informative)

      by _xeno_ ( 155264 ) on Thursday May 11, 2017 @01:39PM (#54401263) Homepage Journal

      If I'm reading the article correctly, the computer itself wasn't, the Slashdot headline is at best misleading. What was connected to the Internet was a backup drive containing documents that describe the password cracking computer.

      It's actually somewhat unclear if they even built the thing, these are more planning documents that describe how they would. If it exists, it presumably is properly isolated from the Internet, given that it's supposed to be used only by DOD and intelligence agencies.

    • by DickBreath ( 207180 ) on Thursday May 11, 2017 @01:55PM (#54401347) Homepage
      Don't be surprised. I'm sure they used an air gap. The air gap was in between some manager's ears.
    • Anything like this was even connected on the "internet".

      Could be a red herring.

  • a pathetic creature of meat and bone
  • I get a lot of crap for posting on Slashdot during business hours (4:30AM - 10:30PM), but I wouldn't be stupid enough to connect a military code-breaking computer to the Internet for posting on Slashdot.
  • I'm surprised the military and research institutions don't have a new research network by now. Maybe they do and I'm just not aware of it, and if so they messed up big time by not isolating this. Either way, someone violated protocol. Probably won't be the last time this will happen.
    • by Megol ( 3135005 )

      Of course there are alternative networks, it's just that they use the IP protocol(s) with private addresses and with secure routing.There isn't really a reason for a new ARPANET as the network standard already exists and is good enough requiring only standard security measures like air-gaping.

  • by hackel ( 10452 ) on Thursday May 11, 2017 @02:01PM (#54401399) Journal

    Anything developed using tax dollars MUST be made open source and freely available to all. It absolutely should, and *must*, be available on the internet.

    • by mspohr ( 589790 )

      Sounds like it already is...

    • No it does not. That is covered under 17 USC 105
      For most, but there are a bunch of exception, the US Government does not have copyright permission however they are protected by other laws, in addition the government is not required to publish or distribute most material.
      In this case where the software was written by a non-government entity there would be a copyright from that and then it was either transferred to the US government, in which case the US Government holds the copyright, or it was licensed i
    • Anything developed using tax dollars MUST be made open source and freely available to all. It absolutely should, and *must*, be available on the internet.

      It's pretty easy to come up with national security-related counterexamples. Code for weapons, let alone their designs.

    • Anything developed using tax dollars MUST be made open source and freely available to all. It absolutely should, and *must*, be available on the internet.

      Your main contribution to the debate seems to be using TWO entirely different methods of bold (followed by the near synonym "absolutely" and a second helpful repetition, this time of the word "available"—but I don't see these as your main contribution; did I mention your main contribution?)

      Also cute is how you managed to conceal the word "government"

  • Move along now. It's just the Setec Astronomy server.

  • Trump already leaked this to the Russians, and the Chinese stole it by themselves. The only ones left out of the loop are US allies, and that is because IBM wants to sell them the system instead of having them build their own.
  • I'd be more surprised if a group with the NSA's budget, talent, and goals didn't build a system to attack encryption with brute force.

    Combine massive computing power with clever ways of narrowing the target...for example, something like an advanced dictionary attack would improve the odds against encryption keys that a human has to remember. Most computers don't use very high quality random numbers, there's potential for weakened encryption there I'm sure.

    So if you have this system, you can give it your mos

Our policy is, when in doubt, do the right thing. -- Roy L. Ash, ex-president, Litton Industries

Working...