http://blog.afcyber.usQuick BlogcastTue, 07 Feb 2012 13:53:41 GMThttp://blog.afcyber.us/2009/01/17/inauguration.aspx#comment-2029297OmegaWolf747There's no way a jammer could remotely stop a laptop from booting up.http://blog.afcyber.us/2009/01/17/inauguration.aspx#comment-2029297Tue, 28 Apr 2009 21:23:25 GMThttp://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1962149seth altonLeave it up to higher command to fuck something like this up. If they were going to use a commercial line, why didn't they use a T1 encryption device? WTF are these people thinking?http://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1962149Mon, 06 Apr 2009 21:46:51 GMThttp://blog.afcyber.us/2008/11/20/jointchiefs.aspx#comment-1962106Seth AltonLet me think, ATO is based off of a classified network, which means some dumb ass AF guy put his USB stick into a classified computer. #1 rule in IT administration, TRAIN YOUR USERS! 2. Get rid of the most security flawed OS and train administrators like me that SHOULD BE DOING THIS JOB ANYWAY!!! Send me to classes to use a Unix/Linux based OS, or come up with one specifically used for the military. AND DON'T GIVE ME THAT CRAP THAT YOU'D HAVE TO TEACH THE ENTIRE ARMED FORCES ON HOW TO USE MAC OS. WHY DO YOU THINK THAT THEY PUT IT IN ELEMENTARY SCHOOLS FOR CRYING OUT LOUD. AND THE LAST TWO MAC OS UPGRADES DON'T LOOK ALL THAT DIFFERENT LIKE VISTA DID FROM XP PRO. REMEMBER... IT WAS THE AF J-TAC WHO WAS THE ONLY GUY RUNNING AROUND IN A BRIGHT RED BERRET IN TRANSFORMERS. Leave the sophistication and the cryptographic talk to the Navy. They're good at it. Rangers lead the wayhttp://blog.afcyber.us/2008/11/20/jointchiefs.aspx#comment-1962106Mon, 06 Apr 2009 21:26:50 GMThttp://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1758616Alissa V. KnightJohn,<br /><br />Yep. Thank you. Question, can you send me the Investigative Boards Report (whatever is public)? Ive checked both the News Release and also the Reports site for the Army and I can't find it.<br /><br />Thanks for all your help.<br /><br />Alissahttp://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1758616Fri, 30 Jan 2009 01:59:52 GMThttp://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1758470Alissa V. KnightJohn, <br /><br />Can you email me? My email address is alissa.knight [at] cewar.org<br /><br />Thanks!<br />Alissa Knighthttp://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1758470Fri, 30 Jan 2009 01:09:58 GMThttp://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1758432Arq<P>The SIGINT details are X1, but, the rest of the document should only be collateral. I think it would be easy to sanitize. The executive summary wasn't even FOUO, that is why I didn't feel bad writing about it. Semper Gumby!</P> <P>-John</P> <P>--I'm editing this comment to add something.  The summary is in Part I of the investigative board's report.  Part I is always public.  Part II of the report is the one that is mostly collateral.  But I would think you already knew that!</P>http://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1758432Fri, 30 Jan 2009 00:58:31 GMThttp://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1758356Alissa V. KnightJohn,<br /><br />Fantastic article. You continue to remain our source for open-source intel like this. Question, I can't find this Army report anywhere and am siting it. Was it never released or is it classified? <br /><br />Thanks,<br />Alissa V. Knight<br />C2I Counter Intelligence<br />Special Operationshttp://blog.afcyber.us/2008/08/03/taliban.aspx#comment-1758356Fri, 30 Jan 2009 00:21:44 GMThttp://blog.afcyber.us/2008/11/20/jointchiefs.aspx#comment-1719925Mike DruckenmillerTwo Things.<br /><br />1. Can someone please provide me with a Link or a search Phrase to locate additional information of the differences in vulnerabilities between a USB Flash drive and an External USB Hard Drive?<br /><br />2. Has anyone found out how to completely disable to "Sync" Fuction in Windows Media that allows it to remain aware of Media Changes and attempt to Sync even when AutoPlay has been succesfully disabled for all drives?<br /><br />Discussion:<br />I know that Windows mounts an External USB Hard drive as a "permanent" drive and mounts "most" USB Flash drives as "removable".<br /><br />I suspect that some AV software doesn't handle them the same resulting in increased vulenrabilities for USB "removable" toys?<br /><br />I also suspect that the Windows "awareness" and application handshaking that allows Windows Media to attempt to Sync a drive is also at the core of the vulerabilities for such media?<br /><br />So far I have not found anyway to make *all* Media Change Events "manual".<br /><br />Could just remove Windows Media...<br /><br />But, that wouldn't eliminate the flaw in the OS that makes it work!<br /><br />Thanks,<br /><br />Mike Sr.http://blog.afcyber.us/2008/11/20/jointchiefs.aspx#comment-1719925Sun, 18 Jan 2009 12:59:22 GMThttp://blog.afcyber.us/2009/01/17/inauguration.aspx#comment-1719888MikeSeems a little harsh not to allow laptops to even boot up...<br /><br />I can see taking down or jamming all 2.4 Ghz comm links...<br /><br />But, preventing a laptop from even booting, especially with WiFi turned off, seems a bit SciFi.<br /><br />We are too dependent upon "open" (non-secured) networks. This must change.<br /><br />The American Public has no concept of what can be done to and with an unsecured system.<br /><br />Even my fellow tech aware ET's have such a cavalier attitude that I shudder...<br /><br />Operating without at least WPA, a Personal Firewall and up to date AV is simply ludicrous.<br /><br />But, it is this "unaware techno-mania" that is making US as a Nation so vulnerable.<br /><br />I am sorry to see extreme measures having to be taken at President Elect Obama's Inauguration.<br /><br />I didn't vote for him. But, losing His personal connectivity, I can definately identify with.<br /><br />I hope you guys have several full EW suites up and running both the active and passives.<br /><br />Best Wishes... Yours is NOT a job I'd volunteer for.<br /><br />Mike Sr.http://blog.afcyber.us/2009/01/17/inauguration.aspx#comment-1719888Sun, 18 Jan 2009 12:29:02 GMThttp://blog.afcyber.us/2008/11/20/jointchiefs.aspx#comment-1623790Michael DruckenmillerI had a thought that this might be the case...<br /><br />The word is Complicity...<br /><br />Unless you're a "spook". Then it's called intelligence gathering.<br /><br />Again, except for the very big hole that Media Player grants all removable media, especially on the USB Bus...<br /><br />Still, turning off AutoPlay/Autorun for all drives might have, should have, stopped a "standard" Autorun/Autoplay "bug".<br /><br />The fact the niether Symantec or McAfee have come to their senses and included both Rootkit Detection and USB Firewalling in their AV apps is insane!<br /><br />I know that even an old app like Sygate Personal Firewall had to be very carefully tweaked to get Active Sync to work at home with my PDA.<br /><br />So, I know the technology and knowledge exists...<br /><br />So... We are left with Heartbreak, Grief and Death...<br /><br />BTW, if I wanted to do this intentionally just getting rid of USB access wouldn't be enough.<br /><br />Sneaker Net lives and the troops will always find a way to get their apps and Data to and from a system...<br /><br />I have too many off Network Lab Systems to not have some form of Sneaker Net.<br /><br />But, I have always been very proactive with my non-network systems because I can, so I do.<br /><br />The education and involvement of the end user remains the "nail" the allows the shoe to be thrown and the battle lost....<br /><br />Mike Sr.http://blog.afcyber.us/2008/11/20/jointchiefs.aspx#comment-1623790Wed, 17 Dec 2008 00:14:12 GMT