Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
The Internet Network

A Secretive Pentagon Program That Started on Trump's Last Day in Office Just Ended. The Mystery Has Not. (washingtonpost.com) 85

Posted by msmash from the how-about-that dept.
A Pentagon program that delegated management of a huge swath of the Internet to a Florida company in January -- just minutes before President Trump left office -- has ended as mysteriously as it began, with the Defense Department this week retaking control of 175 million IP addresses. New submitter echo123 shares a report: The program had drawn scrutiny because of its unusual timing, starting amid a politically charged changeover of federal power, and because of its enormous scale. At its peak, the company, Global Resource Systems, controlled almost 6 percent of a section of the Internet called IPv4. The IP addresses had been under Pentagon control for decades but left unused, despite being potentially worth billions of dollars on the open market.

Adding to the mystery, company registration records showed Global Resource Systems at the time was only a few months old, having been established in September 2020, and had no publicly reported federal contracts, no obvious public-facing website and no sign on the shared office space it listed as its physical address in Plantation, Fla. The company also did not respond to requests for comment, and the Pentagon did not announce the program or publicly acknowledge its existence until The Washington Post reported on it in April. And now it's done. Kind of.

On Tuesday, the Pentagon made a technical announcement -- visible mainly to network administrators around the world -- saying it was resuming control of the 175 million IP addresses and directing the traffic to its own servers. On Friday the Pentagon told The Post that the pilot program, which it previously had characterized as a cybersecurity measure designed to detect unspecified "vulnerabilities" and "prevent unauthorized use of DoD IP address space," was over. Parts of the Internet once managed by Global Resource Systems, the Pentagon said, now were being overseen by the Department of Defense Information Network, known by the acronym DODIN and part of U.S. Cyber Command, based at Fort Meade.
This discussion has been archived. No new comments can be posted.

A Secretive Pentagon Program That Started on Trump's Last Day in Office Just Ended. The Mystery Has Not. More

A Secretive Pentagon Program That Started on Trump's Last Day in Office Just Ended. The Mystery Has Not.

Comments Filter:

  • This was just a test (Score:3)

    by mveloso ( 325617 ) on Friday September 10, 2021 @07:11PM (#61783777)

    Does anything in the dod assume control of the ip space? This was a good test to see. I suspect they're worried about dependencies that are so embedded that they're invisible.

  • "A section of the Internet"? (Score:4, Insightful)

    by istartedi ( 132515 ) on Friday September 10, 2021 @07:13PM (#61783779) Journal

    Seriously, Slashdot? Do you know where you are? Do you mean "controlled 6% of the IPv4 addresses", because anybody here should know what that means. What do you think a "section of the Internet" is? Is that like, a really big tube or something? I honestly don't know if the editors are trolling on purpose just to get the page views this will generate from people commenting on how silly it sounds.

  • One possiblity (Score:5, Interesting)

    by raymorris ( 2726007 ) on Friday September 10, 2021 @07:19PM (#61783803) Journal

    One possiblity that comes to mind is what *I* would do with a million unused IPs. I'd monitor it for exploit attempts / scans, malware trying spread to new hosts, etc. I'd also watch for responses generated by people spoofing the IPs.

    I'd probably save all the traffic for a few months, then spend a year or more digging through the data to see what can be learned.

    • Re: (Score:1, Troll)

      by e3m4n ( 947977 )
      you seriously think there are 175 million unused IPs in the IPv4 space? Try banning regions anymore. Just when you think you've banned all the cunts from APNIC and EURONIC, the fail2bans start rolling in again. Whats this? ARIN fucking gave china another fucking /16 of our userspace? fuuuuck.

    • Re:One possiblity (Score:5, Interesting)

      by Dagger2 ( 1177377 ) on Friday September 10, 2021 @07:43PM (#61783841)

      I can think of something else: it would be possible to monitor inbound traffic for signs that someone is squatting on the IP space in question. The DoD is kinda famous for having tons of "unused" IP space (not really unused, just not used on internet-connected networks) that's "okay" (not really okay) to squat on.

      Given that they specifically described this secretive program as being designed to "prevent unauthorized use of DoD IP address space" I feel reasonably confident I'm not the only one with that idea.

      • That's entirely possible. Of course it's easy to see which IPs are routable from the internet. Similarly if it was routable across a large swath of the DoD networks. But if it's not advertised for routing, you wouldn't know who is using it.

        It's entirely possible that they got word of specific uses of it that were worrisome.

      • Re: One possiblity (Score:5, Insightful)

        by NagrothAgain ( 4130865 ) on Friday September 10, 2021 @07:55PM (#61783867)
        Ya, basically they used this company to advertise their space via BGP and siphoned up whatever traffic came their way. They don't care if people "squat" on their space internally, but get pretty pissy if you start leaking routes.

  • Trying to transfer IP ownership? (Score:3)

    by klipclop ( 6724090 ) on Friday September 10, 2021 @07:29PM (#61783819)
    Did they try to transfer billions of dollars of IP space to some shell company? (did ARIN ownership get changed?) Or were they just advertising it on behalf of the pentagon? Sketchy either way.

  • Makes sense (Score:5, Interesting)

    by hdyoung ( 5182939 ) on Friday September 10, 2021 @07:31PM (#61783821)
    Trump and his crew were placing loyalists in the military and prepping irregulars to riot in the capital to keep him in power. Friends of mine who actually knew some things about the US military were VERY worried at what was happening. In any other country, we would call this for what it actually was: a right-wing coup attempt that had a great deal of support from many Republicans.

    It makes total sense that they would be prepping for more internet control and manipulation as well. Part of the toolkit of every semi-sophisticated autocrat bent on subverting a democracy.

    I used to vote a mix of R and D. This is why 2021 has changed my vote. Quite possibly permanently. I simply wont abide a coup attempt. The other party has earned my vote for decades, at the very least, by simply being mediocre and NOT engaging in a coup attempt. Easiest vote they ever earned.

    • Re: (Score:3)

      by e3m4n ( 947977 )
      you know there are other parties. if even 5% of the population would vote for them they would get national recognition.
      • Facebook and the two party system each continues due to a similar momentum -- "That's where everybody is."

        • It continues because the political system of Winner Take All effectively stabilizes around a two party system. When new issues appear, the two parties divvy it up. In other countries, a 5% party would actually have representation in parliament, in America a 20% party has zero representation outside of a handful of state legislators.

          Suggestions for fixing this, like ranked choice voting, open primaries, and so forth, do not do much at all to diminish the two party system but instead tend to push the partie

          • This is a problem. The two party system, while perhaps well intended, is harming us. I am not sure how to fix it. But we need to talk about it. We need to explore fixes. Anything that gives other parties more options.

      • Re:Makes sense (Score:4, Interesting)

        by Darinbob ( 1142669 ) on Friday September 10, 2021 @09:31PM (#61784013)

        Our alternative parties tend to not be centrist parties though. Libertarians are off on an alternate dimensions instead of left vs right, so maybe the average as center. Greens somewhat tend to "green" issues bu they have enough who just want to yank it left that it's definitely left of Democrats. And all those wierdos like American Independent Party, Constitution Party, and other angry old guy parties are definitely far right. Then there are the goofballs, the Natural Law party which is 100% transcendental meditation guys, etc. Not sure what party Angelina is, but she's practically mainstream compared to some. The older Reform party started out as a party about reform but it got hijacked badly by the right wing and it fans seemed to eventually evolve into the Tea Party and stopped wanted to be an alternative party but instead have successfully taken over an existing one.

      • Well, yes. The way things are structured.

        Voting for a 3rd party in the national election would basically hand over the country to the GOP.

    • Re: Makes sense (Score:4, Interesting)

      by reanjr ( 588767 ) on Friday September 10, 2021 @08:12PM (#61783893) Homepage

      I'm right there with you. I try to vote L, but when none are available, I used to mix R/D based on if I thought the incumbent was doing good. I tended to vote more R than D.

      Going forward, I won't vote R again. I might think about it after this entire cohort of R's is retired. They permanently lost my swing vote.

      I'll be voting for lots of Democrats going forward, since Libertarians don't run for lots of seats.

      • Re: Makes sense (Score:4, Insightful)

        by speedlaw ( 878924 ) on Friday September 10, 2021 @10:33PM (#61784107) Homepage
        Fascism or mild incompetence ? I'll take the mild incompetence every time. You can't pull an R lever any more, it's the insurrection party.

        • Re: (Score:1)

          by mrbax ( 445562 )

          Fascism or mild incompetence ? I'll take the mild incompetence every time.

          Equating Joe Biden to a mild incompetent is like saying that Donald Trump is mildly narcissistic.

          But here's the thing: when you fly on an airplane, you don't care about the pilot's narcissism. Competence is all that counts.

          You can't pull an R lever any more, it's the insurrection party.

          Don't be ridiculous. On one hand, you can't find even a handful of elected Republicans who condoned the 6 January activities. On the other hand, e

          • Of course, we all recall when the pussy hat folks built a scaffold to hang the VP...or broke into the Chambers and posed for photos...and of course, the Reps who showed them the lay of the land the day before (the intercepts are out there, only we in the cheap seats don't have them). Still wonder why an acting something told the Cap PD to dress light like it was a classical music concert or something. This is why the Big Lie works....keep repeating it....

          • No one's buying that shit you're shoveling.

  • Follow the money

  • Makes me wonder (Score:4, Interesting)

    by aerogems ( 339274 ) on Friday September 10, 2021 @08:44PM (#61783939)

    Given it's the Trump administration, my initial thought is it's just another grifter given that administration was just grifters the whole way down. Either they set up this company themselves, or a buddy did, and then they rammed through this transfer more or less literally at the last minute. Probably hoping that it would go unnoticed and could then those IP addresses would be used as part of some money making scam. The wheels of government turning as slowly as they do, it just took them this long to go through all the proper steps to undo it.

    However, if any network admins have any other possible explanations, I'd be interested in hearing them. I know we'll likely never know the true reason, but it'd be nice to know there are at least some possibilities beyond just greed.

  • the one thing the Orange Conman was expert at.

  • Trump (Score:3)

    by backslashdot ( 95548 ) on Friday September 10, 2021 @08:53PM (#61783951)

    Trump allowed his China virus to bamboozle us .. he hired all the wrong fools .. if Trump comes back what other tricks will he succumb to. What other morons will he select and then fire after it's too late?

  • Non-paywall (Score:4, Informative)

    by sysrammer ( 446839 ) on Friday September 10, 2021 @09:08PM (#61783973) Homepage

    https://www.msn.com/en-us/news... [msn.com]

  • They loaned 175 million IP addresses to that company that needed them at 5% APR. Now the addresses have been returned with interest, so they have a whole lot more in their pool of IPs.

  • (Picard facepalm)

    I'm going to go take a hydrologically-charged shower, and then watch photonically-charged TV.

  • Fake news hit piece on Trump, as usual (Score:3, Insightful)

    by schwit1 ( 797399 ) on Saturday September 11, 2021 @05:41AM (#61784455)

    “The decision to launch and the scheduling of the DDS pilot effort was agnostic of administration change. The effort was planned and initiated in the Fall of 2020. It was launched in mid-January 2021 when the required infrastructure was in place.

    • First of Fall 2020 is vague. If the decision was made after November would have different implications than before November. Second, regardless of the timing, this was a "test" that was executed in less than six months. It takes longer to sign off on a PO with the government. Transferring 6% of the world's IPv4 addresses should have taken longer and more oversight.

  • I'd like to cross reference it to the source IP of various political spammers this year.

    • Re: (Score:3)

      by dissy ( 172727 )

      Do we have that IP range available?
      I'd like to cross reference it to the source IP of various political spammers this year.

      Yes, Global resource systems is AS8003 and was directly peered to Telia in sweden under AS1299
      https://bgp.he.net/AS8003#_asinfo [he.net]

      They were announcing all of 7.0.0.0/8 , 11.0.0.0/8, and 22.0.0.0/8 (all DoD / DNIC) and many chunks within the 6.0.0.0/8 (Army / USAISC)

  • Everybody takes a souvenir back home, usually a stapler, but poor billionaires take a stuff worth a few billions, because they don't know what a stapler is.

  • It doesn't matter that Biden did nothing to stop it.

  • Packet Forensics (Score:4, Interesting)

    by hAckz0r ( 989977 ) on Saturday September 11, 2021 @01:39PM (#61785535)

    The big question here is why would DOD want so many Internet accessible addresses? For their own computation they could simply set up many data centers without the need for even a single internet addressable machine, so why not just use private IP addresses?

    Since the Tampa Bay Times determined that the need was for "Packet Forensics" my guess is this is for a global scale network filter needed to monitor specific overseas communications by diverting that major trunks of traffic through a facility of decryptors for listening into selected conversations. One could simply divert specific internet pathways through their own systems, split out, tap into those conversations, and then continue those packets on their way to the proper destination. We know there are flaws in the Internet routing protocols big enough that you could drive a bus through which allow diverting major trunks of the traffic around "problem areas" on the Internet, and if one wanted to single out a specific conversation you would need many addressable IP addresses to split those trunks into many smaller streams of data so that they could keep up without packet latency issues that would give themselves away. They would indeed require many smaller machines to share the load in order to pull out the specific conversations that they wanted. Decrypting those conversations would be difficult unless there was a known flaw in that specific algorithm or a way to force the re-keying of that specific conversation in a way to give them a way to decipher the key.

    https://www.tampabay.com/news/... [tampabay.com]

    • Re: (Score:1)

      by rrking ( 1408679 )
      DOD Didnt go and get these addresses, They already owned them from Day 1 of the Internet. They just did not make them all routable once we switch to CIDR routing. All they were doing here is advertising the all to a honeypot server. But along the way they inventoried and monitored and told the DOD entities of mis configured Routes and such Once they completed the contract they handed back to DOD control going fwd

    • Re: (Score:2)

      by dissy ( 172727 )

      The big question here is why would DOD want so many Internet accessible addresses? For their own computation they could simply set up many data centers without the need for even a single internet addressable machine, so why not just use private IP addresses?

      Technically they were not given Internet addresses, they were given Arpanet addresses, and they weren't actually "given", the DoD was one of the dozen core organizations that created the thing and it was those same handful of organizations that together allocated IP blocks.

      It's the same reason that if you built a house with your own two hands, then you invited people to live there, it would be YOU who dictates which room(s) are yours, and absolutely no one would consider that to be a problem.

      At that time th

  • Everybody Take their tin foil hats off, DOD has large A Blocks of addresses. Once we switched to using Subnet masks to route traffic they only Advertised the portions they were using actively. They hired a company to go out and inventory the un used IP blocks in their owned larger blocks. That company advertised routes that route all the traffic back to their Cyber Security Honeypot servers. Now that they have the proper advertisements done they took it back over. This is so China and Russia cant do th

Slashdot Top Deals

E = MC ** 2 +- 3db

Close