What happened to OC? - CLOSED Carnage?!
Sign in to follow this  
Followers 0
Weps

National Security, Is It Really Secure?

637459011.jpg

 

American's are fairly familiar with the term "National Security". A concept normally associated with the security of the United States and it's interests. The concept has been in practice since the early days of the Second World War, through the Cold War, to this current time.

 

Do you think as time has moved forward that US National Security has strengthened or weakened? If so, why and how. 

WaeV, Takka, Kalipsan and 1 other like this

Share this post


Link to post
Share on other sites

Tiddy-bits:

From seeing the intense network of shit that's been built up to "defend this country" over the past few years, I'd say national security has strengthened so much, the organizations and technology that have been brought about to reinforce it are no longer utilized simply for security. There is a chain of command that is seemingly disconnected, but simultaneously stays solid and stern, and operates far beyond the nation it was designed for. The public doesn't know how high up it goes, and I'm willing to bet that the people who oversee much of this don't know themselves. One could say that it could be weakened over time, due to the fact that the systems put in place are so complex that some threats (as well as targets) may be overseen, but as the future dawns upon us, even more systems will be put into place to prevent this from happening.

 

This grid that has been built up, and currently still being built upon, could be the first signs of the Singularity occurring before us; a world changing event that many in this world won't see coming until the world itself is locked down.

Floofies, Kavawuvi and WaeV like this

xgd0s9.jpg

Share this post


Link to post
Share on other sites

From seeing the intense network of shit that's been built up to "defend this country" over the past few years, I'd say national security has strengthened so much, the organizations and technology that have been brought about to reinforce it are no longer utilized simply for security. There is a chain of command that is seemingly disconnected, but simultaneously stays solid and stern, and operates far beyond the nation it was designed for. The public doesn't know how high up it goes, and I'm willing to bet that the people who oversee much of this don't know themselves. One could say that it could be weakened over time, due to the fact that the systems put in place are so complex that some threats (as well as targets) may be overseen, but as the future dawns upon us, even more systems will be put into place to prevent this from happening.

 

This grid that has been built up, and currently still being built upon, could be the first signs of the Singularity occurring before us; a world changing event that many in this world won't see coming until the world itself is locked down.

 

 

 

puff-puff-pass-my-nugguh.png

Risk and Floofies like this

If it flies, floats, or fucks, rent it.

Share this post


Link to post
Share on other sites

I don't think anyone would argue that anything is perfectly secure, however that's not necessarily a bad thing. There's obviously only so much you can do about security before you have to make major sacrifices for it. Additionally, the more fault tolerant something is, the harder it can be for it to adapt to changing problems, while threats have no such hindrance. Most security is reactionary, because that's the most reliable way to make effective improvements, however just a reactionary approach doesn't get you that far.

 

I think the nations security has strengthened, if only because the resource spending has made a sharp increase since 9/11. With greater resources, it should be able to do a better job of reacting, but not necessarily preventing new threats.


Oddly, this is familiar to you... as if from an old dream.  

Share this post


Link to post
Share on other sites

Security is only good until you exploit the human element. Defectors are the biggest concern in terms of dealing with national security. You can put all the countermeasures you want in place, but it's the people who run and maintain the counter-measures you have to be suspicious of. Edward Snowden is a perfect example of this. Some would label him a traitor for leaking documents that only people with a security clearance are authorized to view, but at the same time, I'd like to believe it's serving some kind of justice by exposing the unwarranted spying and profiling of people without due process. The fact social media has allowed agencies to infiltrate their networks willingly really raises the question of trust. Even those who don't openly talk about their affiliation with those agencies. Some call it paranoia to be tinfoil over the use of social networks, but I think it's being responsible over your own information and dignity.

 

Things being automated and outside of human control is where I draw the line. If a cluster of servers with filtering software is going to determine my status as a potential threat to the US, we seriously need to create or revise rights for internet usage in a way where the individuals are under reasonable suspicion to warrant data collection and a process in which these agencies can request the data they want to pull. A system of checks and balances to where no gray areas are exploited and companies are legally obligated to keep the data confidential under any circumstances unless required by law and within the rights of the citizens in which they want to pull the data.

 

Another example of security exploitation would be in the software world. While I enjoy the quality and ease of use proprietary software provides, there is a good reason to not trust it. I have noticed as of recent that security auditors aren't really public when auditing software that relates to user's identity and personal well being, however, they are open to talk about conventional/skiddy exploits they found, which tends to make the most noise in the tech media world. They are mostly confined to mailing lists and then never heard from again. This is especially questionable in the topic of trust, because there are many examples which I will list below in cases where certain security protocols were roadblocked by NSA or other agencies. The major one I can pull right now would be SSL. For those who don't know, SSL is used for nearly everything on the web, for encryption and authentication. I'm not going to go into massive detail, but the design behind SSL is so ridiculously complex and tedious to audit that many interest groups just gave up trying to understand it. NSA reportedly told foreigners at an international conference that they could not discuss the design until they left the room due to national security reasons. That in itself rings a lot of bells.

 

 

http://en.wikipedia.org/wiki/Dual_EC_DRBG

 

http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html

 

http://arstechnica.com/security/2014/01/how-the-nsa-may-have-put-a-backdoor-in-rsas-cryptography-a-technical-primer/

 

http://www.ietf.org/mail-archive/web/cfrg/current/msg03701.html

 

https://www.google.com/patents/US8396213

 

I am still trying to find one email archive of the mentioned situation described above. Hopefully I will have this shortly.

 

Edit: Found it!

 

http://www.mail-archive.com/[email protected]/msg12325.html

 

https://en.wikipedia.org/wiki/John_Gilmore_(activist)

In other circumstances I also found situations where NSA employees

explicitly lied to standards committees, such as that for cellphone

encryption, telling them that if they merely debated an

actually-secure protocol, they would be violating the export control

laws unless they excluded all foreigners from the room (in an

international standards committee!). The resulting paralysis is how

we ended up with encryption designed by a clueless Motorola employee

-- and kept secret for years, again due to bad NSA export control

advice, in order to hide its obvious flaws -- that basically XOR'd

each voice packet with the same bit string! Their "encryption"

scheme for the control channel, CMEA, was almost as bad, being

breakable with 2^24 effort and small numbers of ciphertexts:

https://www.schneier.com/cmea-press.html

To this day, no mobile telephone standards committee has considered

or adopted any end-to-end (phone-to-phone) privacy protocols. This is

because the big companies involved, huge telcos, are all in bed with

NSA to make damn sure that working end-to-end encryption never becomes

the default on mobile phones.

Edited by iTails
Kvasir and WaeV like this

System Administrator (Well Rounded) | AWS | Azure | Microsoft 365

Share this post


Link to post
Share on other sites

iTails knows what he's talking about. Social engineering is also one of the most basic security concepts you can learn when taking basic (like A+ and N+) technology courses.

Share this post


Link to post
Share on other sites

iTails knows what he's talking about. Social engineering is also one of the most basic security concepts you can learn when taking basic (like A+ and N+) technology courses.

 

OPSEC and PERSEC should be a priority for everyone. I'm no Borne, but social engineering and data collection is so damned easy to preform on the general public. 

 

Like I said, I'm no Borne, nor am I, by an stretch of the imagination specialized in anything IT related, literally everything I know that's industry related is self-taught (often looked down on by those with a higher education).

 

I had no interest in computers until I was about 15, I purchased my first personally owned computer when I was 18 (we had a family PC), found out about torrenting, which fascinated me. From that point forward I've pushed my learning, download this, download that, oh shit that's awesome, eh this program sucks balls.

 

As my interest grew, I learned, often the hard way, especially about the black side of technology, which startled and intrigued me. Eventually I ended up purchasing an Acer netbook (I saw one in a movie and just had to have one), by that time I had learned quite a bit, to include how to protect what was mine, the first thing I did was encrypt the drive and password protect BIOS.

 

I became heavily involved in the private torrent community, I had actually planned on investing in a seedbox and had access to multiple private indexes....

 

I also spent a lot of time using FF for a variety of things, including exploring TOR and I2P, gopher protocol, newsgroups, and whatever else I discovered. I became quite obsessed with protecting my system. I actually compiled a "guide" on accessing Tor's Hidden Services and how to utilize various programs and addons to protect yourself. 

 

I've done all kinds of crap using social engineering and data collection, mostly for my own benefit and out of boredom. To put an ending on this novel...if a guy like me can do it...just think what someone with serious skills can do. 

Kvasir, WaeV and Solaris like this

Share this post


Link to post
Share on other sites

OPSEC and PERSEC should be a priority for everyone. I'm no Borne, but social engineering and data collection is so damned easy to preform on the general public. 

 

Like I said, I'm no Borne, nor am I, by an stretch of the imagination specialized in anything IT related, literally everything I know that's industry related is self-taught (often looked down on by those with a higher education).

 

I had no interest in computers until I was about 15, I purchased my first personally owned computer when I was 18 (we had a family PC), found out about torrenting, which fascinated me. From that point forward I've pushed my learning, download this, download that, oh shit that's awesome, eh this program sucks balls.

 

As my interest grew, I learned, often the hard way, especially about the black side of technology, which startled and intrigued me. Eventually I ended up purchasing an Acer netbook (I saw one in a movie and just had to have one), by that time I had learned quite a bit, to include how to protect what was mine, the first thing I did was encrypt the drive and password protect BIOS.

 

I became heavily involved in the private torrent community, I had actually planned on investing in a seedbox and had access to multiple private indexes....

 

I also spent a lot of time using FF for a variety of things, including exploring TOR and I2P, gopher protocol, newsgroups, and whatever else I discovered. I became quite obsessed with protecting my system. I actually compiled a "guide" on accessing Tor's Hidden Services and how to utilize various programs and addons to protect yourself. 

 

I've done all kinds of crap using social engineering and data collection, mostly for my own benefit and out of boredom. To put an ending on this novel...if a guy like me can do it...just think what someone with serious skills can do. 

Yep, subversion and social engineering is probably the deadliest weapon a person can use. It takes a long time, but it's worth it if your ruling government is still pulling the strings.

 

I don't agree with this guy on everything, but it's a pretty damn good summary of how propaganda works in nearly any society.

 

 

Weps likes this

System Administrator (Well Rounded) | AWS | Azure | Microsoft 365

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0
  • Recently Browsing   0 members

    No registered users viewing this page.