From: Owner-C4I-Pro@ (C4I-Pro-Digest) To: c4i-pro-digest Subject: C4I-Pro-Digest V2 #400 Reply-To: C4I-Pro-owner Sender: Owner-C4I-Pro@ Errors-To: Owner-C4I-Pro@ Precedence: bulk X-Warning: UNCLASSIFIED, NON-SENSITIVE, NON-PRIVACY ACT USE ONLY X-Disclaimer: C4I-Pro is an unofficial list run in a DoD school environment in the interest of an academic exchange of information and ideas as a means for advancement of C4I related issues. Views expressed in messages posted are those of the author and do not reflect the official policy or position of the Naval Postgraduate School, the Department of the Navy, or the Department of Defense. POC: . X-Information: For information on C4I-Pro (such as how to post messages and unsubscribe) send "info c4i-pro" in the body of a message to: . C4I-Pro-Digest Thursday, June 27 1996 Volume 02 : Number 400 c4i-pro Status of Comms for Minaiture UAVs? c4i-pro RE: C4I-Pro-Digest V2 #399 c4i-pro perimeter defense c4i-pro The Millennium comes early to GPS c4i-pro LOAC and Info Attack c4i-pro micro UAV FW: c4i-pro perimeter defense c4i-pro The Millennium and GPS FW: c4i-pro latest terrorist incident c4i-pro RE:Tales from the UK: Basel Part IV Re: c4i-pro perimeter defense c4i-pro Internet Bank Robbery c4i-pro Beware Ye, the Millenium cometh! c4i-pro Security Assessment ---------------------------------------------------------------------- Date: Wed, 26 Jun 1996 22:38:31 -1000 From: cesar@lava.net (Ed Cesar) Subject: c4i-pro Status of Comms for Minaiture UAVs? cesar@lava.net (Ed Cesar) Can someone tell me about plans for the miniature UAV Admiral Owens showed the press a few months ago? If miniature UAVs are actually being produced in large quantities, as the Admiral stated, what sensors, comm systems and architectures are planned for them? Which Battle Labs and Concept Developers are working on this and what documents are available that provide technical and operational details? Have any Tactics, Techniques, and Procedures (TTPs) been written? Many thanks, Ed Cesar, Retired US Army Signal Officer ------------------------------ Date: Thu, 27 Jun 96 08:11:42 -0400 From: pchris@mail04.mitre.org (Peter H. Christensen) Subject: c4i-pro RE: C4I-Pro-Digest V2 #399 pchris@mail04.mitre.org (Peter H. Christensen) >On Sat, 22 Jun 1996 RDThrasher@aol.com wrote: > >> RDThrasher@aol.com >> I'm going to take a shot at putting together a short "C4I reading list" >> that lists some of the classic works in the field. I've got a few ideas on >> what to include, but I'd love to hear what the folks on C4I-Pro think are >> the seminal C4I books that everyone in the C4I arena should read. Please >> drop me a note if you have any suggestions. Thanks. >> >> >> Cheers, >> >> >> Roger >> Roger, I recommend "Instruments of Darkness" by Alfred Price as an excellent book for those interested in Command and Control Issues. The book provides a history of Electronic Warfare, the principals of which are critical to effective maintenance or denial of Command and Control. Peter H. Christensen The MITRE Corporation Senior Member Technical Staff 234 S. Fraley Blvd. Suite 100 e-mail: pchris@mitre.org Dumfries, Va. 22026 Phone: 703-441-1775 ------------------------------ Date: Thu, 27 Jun 1996 08:33:03 +0000 (HELP) From: "David K. Probst" Subject: c4i-pro perimeter defense "David K. Probst" perimeter defense _________________ We could always ask Ed Harris of "The Rock" what he regards as an adequate perimeter defense. Or, the USAF could invite a Navy Seal team to answer the question, how could this attack have been prevented? Wide-area defense is not unheard of. When Clinton was consoling the Israelis recently, he promised to send some high-tech sensors to be deployed along the borders of the occupied territories. Some suggestions: - move the concrete barriers back one thousand meters, after you relocate - use technology at an even wider perimeter to make it slightly more difficult to drive tons of nitrogen-based explosive into your area - develop better intelligence on the Shiite population of Saudi Arabia - don't depend on others to defend you; do it yourself! David K. Probst P.S. John Deutch has decided that information warfare is too important to be left to ... anyone other than himself! (Cf. Deutch's plans for a "Cyberwar Center" within NSA). ------------------------------ Date: Thu, 27 Jun 96 09:36:16 EST From: "tom briggum" Subject: c4i-pro The Millennium comes early to GPS "tom briggum" Don't know the validity of the following, but it sounds authentic to me. Talk about your major C4I problem! ... Tom Briggum - --------------------------------------------------------------------- From: gwinn[SMTP:gwinn@ed.ray.com] Sent: Wednesday, June 26, 1996 11:48 AM To: osswgx Subject: The Millennium comes early to GPS I have good news and I have bad news. The good news is that GPS will not have a "Year 2000" problem. The bad news is that GPS System Time will roll over at midnight 21-22 August 1999, 132 days before the turn of the millennium. On 22 August 1999, unless repaired, many or all GPS receivers will claim that it is 6 January 1980, 23 August will become 7 January, and so on. I would expect that some manufacturers have already solved the problem, but many have not. The details: Section 3.3.4(b) (page 33) of the ICD-GPS-200 rev B (30 November 1987 issue) states that the GPS Week count starts at midnight 5-6 January 1980 UTC (Julian Date 2,444,244.500), and that the GPS Week field is modulo 1024. This means that the week count will roll over 1024/52= 19.69 years from then, or in 1980+19.7= 1999, only a few years from now. Specifically, first rollover will occur at Julian Date (2,444,244.5 + 7*1024)= 2,451,412.500, which is midnight 21-22 August 1999 UTC. I could find no mention of any field in any GPS message that would tell you which 1024-week cycle you were in. In the July 1993 update of ICD-GPS-200, a note has been added (also on page 33) saying that the week number *will* roll over, and that users must account for this, but no way to accomplish this is mentioned. I take this note as further evidence that there is no way to tell, given only the signal-in-space definition as of July 1993. I have gotten some email traffic indicating that, just as I had suspected, some manufacturers did realize that GPS would soon roll over, and were keeping it to themselves in the hope that the others would fall upon their swords. Not pretty. Our supplier was dumbfounded when I raised the issue, couldn't stop thanking me for pointing it out years before rollover. They clearly feel that it could have been a life-threatening disaster for them. Every GPS-related product they had ever made would have come back for repair, under warantee, all at once. Too close for comfort. And, discovered by luck. The firmware in all older units will have to be replaced. This would involve replacement of PROMs; some are socketed, some are soldered. New units presumably will know better than to claim dates from before they were manufactured, and/or will allow the user to directly or indirectly tell the firmware which 1024-week cycle to assume, without requiring replacement of that firmware at the second rollover, in 1980+(2*1024/52)= 2019 AD. Some of this equipment will still be in use then, long after the manufacturer has forgotten the product. However, in spite of everything, not everybody will get the message, so system software will forever have to have an independent idea of what year it is, to know when to disbelieve a receiver or receivers (they could all be wrong), and to handle arguments between various GPS receivers (if only some are wrong). Without a GPS Simulator, there is no way for users to test a GPS receiver for this problem. All most users can do is to ask their manufacturer for a solution, and also to imbue the system software with a suitable degree of skepticism about GPS eceivers' sense of time. My intent in posting this note is to alert the entire industry to the problem, allowing it to be solved with minimal disruption to all. As a technical matter, the solution is quite simple. It's the logistics that will take some years. Joe Gwinn ------------------------------ Date: Thu, 27 Jun 96 08:59:00 PDT From: "Calvin, James E., SSgt" Subject: c4i-pro LOAC and Info Attack "Calvin, James E., SSgt" We just had our annual Laws of Armed Conflict briefing yesterday and the speaker was unable to answer my question. Maybe some of you could lead me toward enlightenment here. The question deals with the following: One of the elements of being a lawful combatant is that you must openly wield your weapon. There are three other elements as well. But this first element lead me to ask, "If you engage in offensive information warfare operations, is your computer considered a openly wielded weapon?" I know that this entire realm of warfighting has the AFOSI reeling from new potential legal issues (i.e. Is this attack an act of war? Who is the sponsor? How may we respond? How do you distinguish a concentrated attack effort from seemingly random malicious attacks? How do you legally cover yourself when responding to an act of terrorism, warfare, criminality that may be initiated in the USA or off shore?). I am also aware that we have developed and continue to develop network tracking software to help answer a few of these questions (IPOTS, for example). But if the enemy takes out the BNCC physically AND THEN info attack ops begin, where does that leave us? ------------------------------ Date: Thu, 27 Jun 1996 07:10:22 -0700 From: /247210/bfox/Bruce Fox Subject: c4i-pro micro UAV /247210/bfox/Bruce Fox Ed Cesar wrote: Can someone tell me about plans for the miniature UAV Admiral Owens showed the press a few months ago? If miniature UAVs are actually being produced in large quantities, as the Admiral stated, ..... The good Admiral was showing a plastic concept prototype of a study concept by Lincoln Labs for a micro-uav that the labs claim will take at least 5 years to be developed and has not been funded for even a demonstration yet. My attention was drawn to it when a news article in Oceanside CA showed him with this blivit in his fingers claiming that he was telling the Marines at Pendleton that this was on the way and they should get ready for it. Either Owens or the paper were wrong, most likely both, and it really hurts the credibility of leadership when this sort of stuff gets down to the troops. At this date, no one that I can find is working on or willing to fund a micro uav with a 1/2 hr flight time and down link to a platoon level handheld terminal of the terrain a mile away. By the way, the plastic concept prototype was a SOLID model of a possible outline, done from a stereolithography set. Anyway, that's about all I know about THAT. Regards, Fox sends. ------------------------------ Date: Thu, 27 Jun 96 11:45:00 PDT From: "Waylan, Craig, 1Lt, SAM-GNSF" Subject: FW: c4i-pro perimeter defense "Waylan, Craig, 1Lt, SAM-GNSF" Well David, I think I've gotta go agin 'ye here. The explosion left a crater 35' deep and 85' wide. The fact that it _only_ trashed one building 100' away is pretty impressive, IMHO. Okay, perhaps the perimeter itself was too close to the base facilities, but since I've never seen the lay of the land, I'll leave that argument to others. But one annoying thing I've noticed in a few press reports is that people are whining about why _this_ building, with quarters in it, was vulnerable, as opposed to some other building. Let me explain something: any time you have a perimeter, _something_ is going to be closest to it. In this instance, the short straw was drawn by a housing facility, occupied mostly at night. If it had been a facility run mostly during the day, guess what? The attack would have come during the day! No, the system isn't perfect; we lost good people. But at least we've learned _something_ since Beirut... But to bring this vaguely back towards the topic, I wonder how long a warning the base had. Aside from the recent bombs in other parts of Saudi, I have seen mention in news reports of threats being made to Dharan, one just hours before the attack. How credible were these threats? Did someone drop the ball, or are threats like this pretty regular over there? >P.S. John Deutch has decided that information warfare is too important to be >left to ... anyone other than himself! (Cf. Deutch's plans for a "Cyberwar >Center" within NSA). David, haven't you been listening? _Everything_ is too important to be left to anyone but Deutch!! :-) Lt Waylan ------------------------------ Date: Thu, 27 Jun 96 11:21:00 PDT From: "Henley, Mark" Subject: c4i-pro The Millennium and GPS "Henley, Mark" On Wednesday, 26 June, at 1148, Joe Gwinn wrote > "... The bad news is that GPS System Time will roll over at midnight > 21-22 August 1999, 132 days before the turn of the millennium. ..." Since a millennium is the unit that refers to a collection of 1,000 years, the first year on our present calendar would have to have been counted as year 0 in order for 'the new millennium' to begin on 1 January 2000. Think about it. I know that this type of disagreement at the century level has been documented to have occurred at the 1900/1901 time period, and I figure that it has also happened for many centuries prior. For those who need just any excuse to party, they'll do it on 1 Jan 2000 anyway. But for the more technically correct types that we normally have in the C4 world, we should try to be accurate as to when the new millennium really begins. (anybody got proof that the first year was zero ?) Mark Henley henley@lvs-emh.lvs.loral.com ------------------------------ Date: Wed, 26 Jun 96 14:51:00 PDT From: "Morris C. (GS-12), A6-SCX" Subject: FW: c4i-pro latest terrorist incident "Morris C. (GS-12), A6-SCX" Just how big of a perimeter do you think you need for a 5000+ lb bomb anyway. ciao, al ===================================== C.A.(AL) Morris, GS-12, AFETS Systems Integration Specialist DSN 965-2727/morrisc@a6.centaf.af.mil ===================================== ---------- From: owner-c4i-pro To: c4i-pro Subject: c4i-pro latest terrorist incident Date: Wednesday, June 26, 1996 14:29PM "David K. Probst" latest terrorist incident _________________________ Perhaps my Monday-morning quaterbacking after _every_ incident is a bit irritating. I confess to near-total ignorance at this time. Still, a reasonable assumption is that there was a monumental failure in perimeter defense. I think Navy Seal teams and Army Rangers offer advice about fatally weak perimeters. There is doctrine and technology for WIDE-AREA perimeter defense. In moving to a Joint Force, is interservice rivalry and God-knows-whatever command-and-control weaknesses still the order of the day in the "second troubled" service? When someone tells you that your chin is hanging right out there just waiting for a sucker punch, do you shuffle papers? David K. Probst ------------------------------ Date: 27 Jun 96 13:31:57 EDT From: David Kennedy <76702.3557@compuserve.com> Subject: c4i-pro RE:Tales from the UK: Basel Part IV David Kennedy <76702.3557@CompuServe.COM> ------------------------------------------------- FORWARDED MESSAGE - Orig: 26-Jun-96 22:06 Subject: Reply to: A Reply to Winn's Latest From: winkler@ncsa.com ------------------------------------------------- Please post the following to the appropriate lists. LACC, etc Thanks, Ira Concerning the controversy about the bank thefts, there is a lot of confusion about what can and cannot occur. In the first place, every major bank has direct access to commercial networks so that their customers and EFTs can get/go through. Banks rely on connectivity. These commercial networks allow access to almost any company or anyone. So yes, outsiders can get connections to bank systems. From there it is straight computer hacking, and typical countermeasures to combat the vulnerabilities. Yes, Switzerland would cooperate with prosecuting multi-million dollar bank thefts. Why bother with Switzerland anyway, when there are so many banks in countries that will turn a blind eye to the activity? Any discussions of HERF weapons are ridiculous. Unless there was a bomb used, somebody would have to get relatively close to the target. They would have to drive up, launch the HERF attack and run. A HERF gun powerful enough to take down a bank, would also take out the vehicle that it is being transported in. Unless they pulled up in a horse drawn carriage or something similar, the perpetrators would be trapped by their own stupidity. Remote attacks are possible enough, so why bother with HERF stuff. I am not saying that the attacks are or are not true. What I am saying is that they are possible. However, if you hear things like using a Swiss Bank to cover their tracks, or HERF guns, or NSA officials being quoted, it leaves things very suspect. Again, there are many possible attack scenarios that should not be discounted by security professionals. The big key is that when people start talking about James Bond type tactics, be skeptical. Real computer related crimes, including financial crimes, are accomplished through very known and common methods. Ira Winkler ------------------------------ Date: Thu, 27 Jun 1996 12:20:01 -0700 From: gdavis@slip.net (Glenn Davis) Subject: Re: c4i-pro perimeter defense gdavis@slip.net (Glenn Davis) very sorry for the misunderstanding, i outright stole that phrase for my personal signature, though i wasn't sure who from, thanks but this reply contains that which i wish to quote in SOURCES thanks gd At 08:33 AM 6/27/96 +0000, David K. Probst wrote: >"David K. Probst" > >perimeter defense >_________________ > >We could always ask Ed Harris of "The Rock" what he regards as an adequate >perimeter defense. Or, the USAF could invite a Navy Seal team to answer >the question, how could this attack have been prevented? > >Wide-area defense is not unheard of. When Clinton was consoling the Israelis >recently, he promised to send some high-tech sensors to be deployed along the >borders of the occupied territories. > >Some suggestions: > > - move the concrete barriers back one thousand meters, after you relocate > > - use technology at an even wider perimeter to make it slightly more > difficult to drive tons of nitrogen-based explosive into your area > > - develop better intelligence on the Shiite population of Saudi Arabia > > - don't depend on others to defend you; do it yourself! > >David K. Probst > >P.S. John Deutch has decided that information warfare is too important to be >left to ... anyone other than himself! (Cf. Deutch's plans for a "Cyberwar >Center" within NSA). > > > -SOURCES- eJournal - a division of DSO, Inc. 'Beyond Intelligence -- Truth' (tm) http://www.dso.com/sources/ 601 Van Ness Suite E3425 San Francisco, Ca 94102 Fx. 415-775-3082 V. 415-775-9785 If any clause, sentence, paragraph, or section of this message shall be held to be inoperative, invalid, unconstitutional, or just plain stupid, it shall not be deemed to affect the operability, validity, constitutionality, or obvious brilliance of any of the remaining parts of this message. ------------------------------ Date: Fri, 28 Jun 1996 07:24:41 +1300 From: Gregoire Seither Subject: c4i-pro Internet Bank Robbery Gregoire Seither In response to the Internet Bank Robbery story that was posted recently, I consulted with out Techpool working for various accounting software consultancies, their answer is: Thats all pretty interesting really and does sound plausable enough. Though to place the offending software you would have to know the backdoors to the O/S. An insider job in so far as the programmers of the original software are often the only people who know these backdoors. As far as I can tell and what was conveyed to me when I worked at microsoft, NT has a backdoor, the latest version of pgp (U.S) has a backdoor and most O/S have these doors. A bank would be much easier to hack than many other insttuitions as they have so many different bit's of software that link together. This though suggests that it is the network software which has been hacked. The fact that the backup systems didn't work and that they could close down the system totally and restore it would suggest also that it is the network software that has been hacked. I know from friends who program that they will often build into software a little personal door, they don't mention it to anyone but they know it's there. my guess is that a couple of programmmers got together over a game of doom one night, said lets put a door or two into the software, said you cover me I'll cover you. I know someone who will pay big money for the information so that were then home free and they can do with that information what they like. Almost untracable in some ways. Or perhaps they have genuinely hacked the software though I doubt that. Who knows, but having done tech support for accounting software I believe that the banks would pay the money rather than risk loseing the data, that for me is the least far fetched aspect of the stories. So security is not someone from OUTSIDE trying to get IN, very often it is someone from INSIDE opening the gate. ------------------------------ Date: Fri, 28 Jun 1996 07:33:47 +1300 From: Gregoire Seither Subject: c4i-pro Beware Ye, the Millenium cometh! Gregoire Seither "Civ Donovan F. Sanderson" > >Do you have any idea what would happen if you set the date on your > >computer to 10 minutes before midnight, 31 December 1999 and waited > >15 minutes? Be careful before you try this. Make sure everything is > >backed up. See below some related info that just came my way. On an Apple Macintosh NOTHING would happen as from the very beginning the Macintosh OS has correctly handled all isues related to the Year 2000 - The original 128K Mac in 1984 used a 32-bit value to store micorsecondas starting at 12:00:00 am January 1 1904. This means that the last date represented in this 32-bit value is 6:28:15 am, February 6, 2040. The current date and time utilites use a 64-bit signed value. This covers dates from 30081 BC to 29940 AD. We have run a series of tests on databases, code elements and list sorting with sorting between elements dated 1904 and others dated 2004 and the sort came out OK. So, at least on our site of the Platform, the Millenium Scare seems to be under control. I suspect ANYWAY that the year 2000 is not an issue on any PowerPC-RISK based unit as all use a 64-bit signed value to determine the date. Am I right or is Macintosh (again) the leader in the field? Apple Technote 1049 about this subject is obtainable from the friendly guys at ------------------------------ Date: Fri, 28 Jun 1996 07:42:42 +1300 From: Gregoire Seither Subject: c4i-pro Security Assessment Gregoire Seither "David K. Probst" wrote > Top secret technology for tracking nuclear submarines > has been stolen from a French naval base by MI6, > Britain's foreign intelligence service, after a French > civilian engineer was paid thousands of pounds to betray > one of his country's most closely guarded secrets to an > MI6 front company which posed as a technical defence > consultancy and publishing house. > > Date on this? Verification of this? > Relation to repeated break-ins at FAN Toulon last summer in which laptops > with ASW training disks (and documents and photos) were stolen? The excellent and well informed french investigative weekly "Le Canard Enchaine" reported on this last summer, quoting a report that stated that - in one case - the computer files where on a laptop that was left in a car on a public parking lot while the com-officer was having lunch!!! Talk about security! The same thing happenend to a french juge who was working on high level maffia-corruption in public works contracts. His laptop with ALL his files on was left overnight in his car parked in front of his Paris appartment and subsequently stolen (the laptop, not the car). When you have lived for longer thant two days in Paris you know that you never leave ANYTHING in your car overnight. The guy is either an idiot or has been bribed! While studiying at Paris VI Science University in 1983 where some sensible research is done, North Korean and Vietnamese "Guest" Researchers had full free access to the labs (each researcher was issued a set of keys opening the relevant doors and for "commodity" copies of other keys were commonly exchanged among fellow researchers from other labs). When we published a concern about that in the lab newsletter we were heckled for being "Red-scared" and paranoiac. Tolbiac University came back from Easter Break one year (I think 1978) to find that some labs had been "burglarized" and all files and papers systematically stolen. If I remember well the break was traced to a Vietnamese Guest Student who subsequently was never seen again. Finally, during my practical training, I stumbled across a multimedia company that was a subcontractor to MATRA Weapon Division (Rockets...) They were in charge of making a interactive videodisk that explained how to set-up, arm and maintain one of their Missiles. The videotapes (duly marqued CONFIDENTIEL) were on shelves freely accessible to anyone working overtime, offices were not locked...) I do not know how the situation is in the US, but in the french scientific comunity there is no awareness of tactical or commercial intelligence threats, most researchers dismiss it as paranoia... until the Japanese come up with a clone of their concept! > Rightly or wrongly, I worry about the amount of weapons data that Clinton > is giving Chirac in light of a long history of security breaches. Oh so true! We French are not more corrupt than others, we are just too often sloppy and less aware of threats. And we also have a tradition of sympathy towards anarchistic pranks (breaking into systems,cheating the government, fooling the army is such fun!) which can be easily exploited by people with other agendas. With France joining NATO and new threats emerging from islamic radicalism well implanted in France, one should worry about security breaches on that front. Especially since our army and intelligence services do not really seem up to scratch. Remember the Bosnian Vice Prez who got shot while under safe-keeping in a french armored vehicle? Remember our marvelous blunders in NZ (Rainbow Warrior) and the Gulf War (Daran bombing...)? Remember Natinal Hero Colonel Bigeard saying: "The slit eyed Viet-Minh bastards will never get artillery up those hills, Dien Bien Phu is perfectly safe..." On the home front we have not even been able to catch a bunch of misguided frenc-arab youths who bombed Paris last years, essentially because - again as "Le Canard Enchaine" reported, rivaling Police and Gendarmerie spent more time misleading each other than tracking terrorists. President Chirac (who is not a great Intelligence guy himself and prone to blunders - as again seen during his recent Swiss visit where he had no idea of who his counterparts were and releid heavily on his private staff for guidance) is surrounded by geriatric counselors (Foccard and Pons by all Saints !!!) who still live in a colonial 1950's world where all you have to do is send a gunboat and rock the natives to maintain the "grandeur de la France" There is a big educational work to be made here. The exellent work Olivier SCHMIDT and his team make at http://www.blythe.org/Intelligence/ is a step in that direction. As Charles K. Probst rightfully suggest: SECURITY means EDUCATING the users to be SAFE. Just like in AIDS-Prevention campaigns! ------------------------------ End of C4I-Pro-Digest V2 #400 *****************************