"Pay my troops no mind; they're just on a fact-finding mission."

Category Archives: Intelligence

Information Security Defense In Depth Lessons (from a Bronze-Age Fort)

On a side note, the vast majority of computers in a botnet, the people infected with keyword loggers, adware, rootkits, ect, are simply unwilling to treat a computer like a device that should be secured. It’s instead treated like a multi-functional television. Convenience/accessibility always outweighs security concerns. Most of the computer security industry is about creating the illusion of security, because people want to feel safe more than the care about securing things. AV software that tries to target based off of known signatures is faulty because there’s a never ending stream of new variants. You’re better off using GMER to keep track of processes and clear out rootkits, and do all the OS/browser/flash/java/ect updates, and only allow manual execution of flash/java. The key is that they don’t want to raise your suspicions.

If the Internet is primitive, then its security is prehistoric. Cerf’s and Mockapetris’s future visions of the Internet will rely on that changing. Read on to see what Bronze Age wisdom Dun Aengus can impart that will help security evolve in the Digital Age.

Open Your Perimeter Only When and Where Necessary. Dun Aengus ranges over 14 acres; if laid out in a straight line, its walls would stretch more than a mile. Yet Cotter says there would have been only one or two doorway openings in the walls. In terms of security, entrances are obviously weaknesses since they require the least effort to penetrate. Fewer portals meant fewer weak points, or, if you prefer, vulnerabilities.

Compare that to today, when many damaging worms succeed simply because ports, the virtual equivalent of doorways, are unnecessarily left open.

Sometimes Security Must Trump Efficiency. Dun Aengus’s location was highly inconvenient for people whose business was the business of survival. Fishing and trading (requiring access to boats) meant long trips down the sloped land, far from the protection of the fort (and then long trips back); the lack of a fresh water supply forced inhabitants to collect rainwater; metals and other raw materials used to make tools and weapons, or jewelry and other goods for trading, were mined far away and then transported to be forged or crafted locally.

Control Traffic. Since the architects of Dun Aengus assumed attacks would come, they designed the fort so that attacks would be as difficult as possible. Fort entrances faced downslope, forcing enemies to charge uphill. Doorways were narrow, hard to find and, when you did find them, had high stone thresholds. You couldn’t just run through. Once you did get through, more walls would force you to turn right, thus exposing your weapon-carrying arm to attack. If you managed to keep going, you’d eventually reach the massive band of chevaux-de-frise (upturned stones jutting in every direction), which would certainly slow you down. Cotter found that the chevaux-de-frise at Dun Aengus was mapped out with flat stones before it was created, and its distance from the inner enclosure was consistent with chevaux-de-frise at other sites40 meters. “Forty meters,” Cotter says dramatically, “is a human’s missile-throwing range.” Link

Games Criminals Play – How You Can Profit By Knowing Them

US Army Open Source Intelligence Link Directory

RAND: Assessing Military Information Operations in Afghanistan, 2001-2010

LittleSis – Snooping on the people in power

Lists, links and known associates – The people’s Gestapo

Osama bin Laden didn’t use encryption

Over the long term we’re forcing them to get wise and step up their technological game. Much like what happened in Iraq, we killed or arrested all the dumb hot headed terrorists, selecting heavily for the calculating kind. But we also put most of the experienced bomb makers away and took away traditional materials, so the bombs became more amateurish. Selecting for less technical skill, because of the training time and materials cost. Technology has always been the Achilles heel of the Islamic terrorists.

Osama bin Laden didn’t use encryption to protect the thousands of files stored in the Pakistani compound where he was killed. 17 of the 6,000 documents have now been publicly released.

“Bin Ladin’s frustration with regional jihadi groups and his seeming inability to exercise control over their actions and public statements is the most compelling story to be told on the basis of the 17 de-classified documents. “Letters from Abbottabad” is an initial exploration and contextualization of 17 documents that will be the grist for future academic debate and discussion.” Link

also (lol @ the closed source homebrew program):

Woolwich Crown Court was told that Bangladeshi Islamic activists who were in touch with Karim had rejected the use of common modern systems such as PGP or TrueCrypt in favour of a system which used Excel transposition tables, which they had invented themselves.

But the underlying code system they used predated Excel by two millennia. The single-letter substitution cipher they used was invented by the ancient Greeks and had been used and described by Julius Caesar in 55BC.

Karim, an IT specialist, had used PGP, but for storage only.

Despite urging by the Yemen-based al Qaida leader Anwar Al Anlaki, Karim also rejected the use of a sophisticated code program called “Mujhaddin Secrets”, which implements all the AES candidate cyphers, “because ‘kaffirs’, or non-believers, know about it so it must be less secure”. Link

Research Beyond Google – Resources

Top 10 data mining mistakes


Paul Fernhout: Open Letter to the Intelligence Advanced Programs Research Agency (IARPA)

Everything You Wanted to Know About Data Mining but Were Afraid to Ask

Beyond Prediction – Strategic Foresight

Target Analysis Process CARVER FM 34-36

%d bloggers like this: