US Drone Fleet Hit By Computer Virus

New submitter Golgafrinchan passes along this quote from an article at Wired: "A computer virus has infected the cockpits of America's Predator and Reaper drones, logging pilots' every keystroke as they remotely fly missions over Afghanistan and other warzones. The virus, first detected nearly two weeks ago by the military's Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech's computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the U.S. military's most important weapons system.'"

duh

[Aighearach]

Don't run windoze on bombs!

Or aircraft carriers!

Will we never learn??

Re:duh

[Pentium100]

Why? Windows crash and burn all the time, isn't that what a bomb is supposed to do?

Also, I doubt that this virus is just a random one, it most likely was created with the target in mind, so if Linux was used then the virus would have been created for Linux.

Re:

[Dr Max]

Also when these drones become self aware I'll sleep a lot better knowing i have the arsenal of windows malware at my side, and for once in your life you might be grateful for a blue screen of death.

Re:

[Pentium100]

Like stuxnet was ? :)

Of course there is always the possibility that the virus was a common one, then it means that whoever is responsible for security is even more incompetent than i originally thought.

Re:

[SplashMyBandit]

Well, considering the drone comms were unencrypted for a long time it is no suprise. Iraqi insurgents and later the Afghan Taliban were apparently able to get cheap equipment to tap into the unencrypted feeds. A ridiculous design decision if you ask me to not encrypt (didn't they even imagine going up against an opponent with with dedicated Electronic Warfare units either?).

Re:

[AmiMoJo]

The reason for not encrypting is that distributing the keys was too difficult. If a random group of soldiers is attacked and asks for a drone to come in and give them an aerial view it is better to just transmit unencrypted video than to worry about having the right access card or key, and it also reduces the complexity, cost and weight of the equipment needed to view. Even if your opponent can see the video the camera will be pointed at them and not give much useful info on the other side.

You can think of

Re:

[gandhi_2]

I don't know what kind of soldiers, radios, or encryption YOU are talking about but in the Army I am in, comsec keys are often theatre-wide. At least division-wide. Stealing a filled radio (or ANCD, SKL) does indeed compromise EVERY unit's comms. Which is why the keys are changed often, and losing a filled device is a sad-face event for the poor sucker that does.

Your point though, about being able to send it to dissimilar branches with dissimilar equipment types is true.

Re:

[Electricity Likes Me]

Isn't this what X509 was basically born to solve?

You want video from the drone, you transmit your public key to it, it verifies the signature against the master key and if it matches sends the data.

Re:

[Joce640k]

Uh - wipe and repartition the disk including overwriting the mbr and install a clean system....

...at which point it gets reinfected via the same mechanism that infected it before.

Re:

[Mes]

1. Bid for large military project
2. Use Windows as the primary platform.
3. Everyone Profits!

Re:

[Aighearach]

Hell, in Linux a simple rootkit can work just by editing the system commands like ls.

That is as simple to detect as installing TripWire.

Re:

[tgd]

And its equally easy to detect in Windows. In real-time, not in a scheduled scan.

So what is your point?

Re:

[Aighearach]

I remember when my ex-gf was working at TripWire and they were having all sorts of problems due to "alternate data streams" that were difficult for the software to find, because windows would hide them.

Re:duh

[Culture20]

Hell, in Linux a simple rootkit can work just by editing the system commands like ls.

That is as simple to detect as installing TripWire.

And keeping your checksum values on non-writable disks (like CDs), and using another computer to regularly scan your computer offline, and maybe throw some known changes in occasionally. Because if tripwire is replaced with a program that just says "yup, checksum's good. no need to worry", then it's no better than a sleeping security guard.

Re:

[silas_moeckel]

Lol my backup system takes care of that. I want to see a virus that can infect the system and a san at the same time though a VM barrier. A real hacker sure but some script kiddie not so much.

Re:

[bberens]

Not that it directly relates to your post which was kind of participating in a threadjack.. but I think it's safe to assume the types of people who might be putting viruses on US predator drones are not script kiddies.

Re:

[element-o.p.]

And keeping your checksum values on non-writable disks (like CDs)...

Not just the checksum, but statically compiled commands used to run the Tripwire-like program. If the detection program uses, for example, the 'find' command to find all of the files on the system* then a competent attacker could always corrupt the 'find' program to ignore '/usr/local/bin/.myHiddenRootkitDirectory/*' and you'll be none the wiser.

*You don't want to limit your search to files that have already been checksummed, because one of the things that you can find is that new, compromised files ha

Re:

[mortonda]

Hell, in Linux a simple rootkit can work just by editing the system commands like ls.

That is as simple to detect as installing TripWire.

If it is a kernel rootkit, tripwire won't find it unless your boot to a readonly medium to run the scan...

Re:duh

[BitZtream]

No, its really not. A rootkit would make TripWire thing the binaries had not been modified. Thats what rootkits do, they hide every trace of themselves so that they are undetectable. Or at least thats the theory, theres always a way to detect them but it usually (for good ones) requires scanning the data in a known clean machine.

IDS systems don't work with the kernel tells the IDS that the file is the original and even delivers the original bytes to the IDS in order to fool it. The kernel returns the original data for any read of the file, any memory mapping attempt, anything you try to do to get it at the data other than what the rootkit wants you to do.

Root kits make the kernel lie to an IDS, making it useless. You can't scan an infected machine by asking it for data (local app or network share, doesn't matter). You have to ask another known clean machine to do the scanning on the data directly without any other untrusted code in the process.

Finally, the rootkit can also just make tripwire pretend to return ALL GOOD MASTER!.

Please don't ever claim you know about security.

Re:

[Aighearach]

A rootkit would make TripWire thing the binaries had not been modified.

Easy to say. Another thing that is easy to say, I'm going to ride off on magic flying unicorn that can make any two files have the same hash (any type!) just by touching them both with its horn.

fire up OS from cdrom, then run tripwire/checksums

[mrflash818]

A rootkit would make TripWire thing the binaries had not been modified. Thats what rootkits do, they hide every trace of themselves so that they are undetectable. Or at least thats the theory, theres always a way to detect them but it usually (for good ones) requires scanning the data in a known clean machine.

IDS systems don't work with the kernel tells the IDS that the file is the original and even delivers the original bytes to the IDS in order to fool it. The kernel returns the original data for any read

Re:duh

[fuzzyfuzzyfungus]

While your general point is valid: against targeted attackers the ratios for "desktops cracked, by platform" are pretty irrelevant"; there is more to it:

A game console, many smartphones, tivos, etc. do checks of the OSes they run. If the signature doesn't check, the device doesn't boot. Better implemenations(newer xbox360s, for instance, pretty much have to be voltage glitched to get past that.

If you are going to be strapping some hellfire missiles to something, you really, really shouldn't be running an OS/architecture so stock that desktop or corporate penetration and bug numbers are terribly relevant...

Re:duh

[Nefarious Wheel]

If you were serious about platform security, you wouldn't be running on an OS at all. You'd have one single application that included its own device drivers. Costly, yes -- but also very secure if you write the lot yourself. Just don't open any doors at all.

Re:

[vawwyakr]

Are we sure they are even using windows? I mean in all likelihood they are but I couldn't find anything in the article (including the picture) to confirm.

Re:

[Pence128]

Check the lower right monitor, it's XP.

How do they know it's a virus?

[mcmonkey]

This could just be the drones following their human pilots for when the drones start flying themselves. #skynet

Other way around

[Toe, The]

No, I sincerely doubt this is some mysterious computer intelligence taking over our military.

BUT... this is clearly the path to skynet. What we are seeing is what pretty much all of us already understood: when you have increasingly autonomous killbots, disaster becomes a question of "when" not "if."

Re:Other way around

[Nadaka]

There is no more autonomous a kill bot than a human being.

Re:

[NiteShaed]

when you have increasingly autonomous killbots, disaster becomes a question of "when" not "if."

You say this as if it's a problem. Everybody knows that each Killbot has a preset kill limit. I'll simply send wave after wave of my own men in against them until they hit their limit and then freeze in place. G'uh.

No anti-virus?

[Jeng]

Ok, so I understand that these computers are to never be connected to the internet, but why does that mean that they don't put security software on them?

Yes, they would have to do updates manually, and it's a low risk situation, but it is a prime target for foreign adversaries and allies alike.

Re:

[MozeeToby]

Who said there isn't anti-virus software on these computers? If keeping a Windows machine sterile was as easy as installing and keeping update AV software the world would be a slightly better, or at least less stressful, place.

Re:

[kelemvor4]

Who said there isn't anti-virus software on these computers? If keeping a Windows machine sterile was as easy as installing and keeping update AV software the world would be a slightly better, or at least less stressful, place.

Where does it say these machines are even windows machines? Other than in the comments (much like here) I don't see any reference to windows in TFA. Didn't see anything about OS on the wikipedia entry for them.

Re:

[mspohr]

If there's a virus, it must be Windows.

Re:

[catmistake]

Its undeniable that for all practical puposes, GP is correct. Sure... talk about exceptions... but lets have a parade when a real person in the real world, and not some security researcher, gets a virus on their linux/os x/bsd box. Take 10K Windows users with user-level security consciousness, and 10K linux and 10K OS X users oblivious to security issues... put them in a room with the Internet, and take a look a month or a year later... and what you have is 20K users oblivious to security, with no issues, a

Re:No anti-virus?

[Nom du Keyboard]

Ok, so I understand that these computers are to never be connected to the internet, but why does that mean that they don't put security software on them?

If these computers are never connected to the Internet, then how are they sending out the results of their logging?

Re:No anti-virus?

[MozeeToby]

Unless someone really screwed the pooch, the results are never getting back to the virus writers. These computers are classified, that means no connection to the net, no writable media drives, many places even epoxy the USB ports so at least it's obvious if someone tries to use it. Specific steps are taken when moving data off them to prevent any data except what was requested is removed. At least, that is how it is in the private world working on classified material. Cases like Manning being able to get a dump of the entire international cable DB would indicate that the government holds itself to a much lower standard than it holds contractors.

Re:

[BitZtream]

Unless someone really screwed the pooch, the results are never getting back to the virus writers

Unless of course the guy/girl who planted the virus is internal ... which of course is a safe assumption since you know, the virus clearly IS there, so it had to be brought in by someone internal ... unless it was connected to the internet.

So either way, if a virus can be placed on the systems, the data can be snuck off the systems using likely the same method. Maybe not real time, but none the less it could come off.

Screwed the pooch?

[DragonHawk]

Unless someone really screwed the pooch...

It's a weapons platform that's been compromised by mainstream malware. From that alone, the pooch is jolly well being gang-banged.

Re:

[sjames]

Obviously, somebody DID screw the pooch. Otherwise, how did the keylogger get on these machines in the first place. If there was a route for the virus to get on them, there is likely a route for the logged data to get off of them.

Re:

[Jeng]

I'd reply with a copy and paste from the TFA, but that would be around half the article, just read the TFA and it is explained there.

Re:

[Anonymous Cowar]

They do, Host Based Security System (cited in TFS) is the official name given to the Department of Defense (DOD) commercial-off-the-shelf (COTS) suite of software applications used within the DOD to monitor, detect and counter attacks against the DOD computer networks and systems. [wikipedia.org]

Re:

[SleazyRidr]

Obligatory: http://xkcd.com/463/ [xkcd.com]

Re:

[Zerth]

Why aren't they running off of livecds? Then every time they reboot, yay fresh system.

Unless the system that is making the CDs is infected, but then you've just got one system to clean.

Re:

[blair1q]

They are supposed to have a procedure whereby everything that could be loaded anywhere gets scanned for possible infection. Standard practice for that sort of operation, in the military, government, or (competently configuration-managed) business.

Clearly, someone wasn't following the procedure, or their scan didn't know about this bug, or the bug came in out-of-band.

On Chip

[amiga3D]

The operating system should be embedded on a read only chip in these things. It's ridiculous to leave something like this vulnerable to a virus. It's aggravating to have to change the chip every time you want to upgrade but it's the best way of being sure it's secure. The system should be read only.

Re:

[Jeng]

The virus may be being spread by detachable hard drives that contain map information, they need to be updated frequently.

Yes, it would be nice if the OS itself didn't get infected, but you still need to dis-infect the drives that you plug into it either way.

Re:

[MozeeToby]

detachable hard drives

This is, in and of itself, concerning to me. Where I work you will be reprimanded for plugging writable media into a classified computer (and that's assuming you can dig all the epoxy out of the port in the first place), the idea that it's standard practice doesn't bode well for their security quite frankly.

Re:

[GameboyRMH]

THIS

I don't know what's scarier, the fact that these things run Windows, the fact that the ports weren't sealed off or the fact that some doofus who doesn't know how to check for Autorun viruses and/or wasn't a computer professional didn't see a problem with plugging a flash drive in there.

Re:

[element-o.p.]

How do you propose to update maps or download mission data, then? If it's got the ability to transmit and receive information in any form whatsoever, then it's got the ability to be hacked, and without the ability to transmit or receive data in some form, a Predator or Reaper drone is less useful than my Air Hogs Hawk Eye helicopter...which for anything beyond goofing off inside my house, is pretty useless.

Re:

[MozeeToby]

You use non-writable media. Burned DVD-R is generally the preferred method. Yes, you can get a virus onto a system using a DVD, but you cannot get data off from it which is where the real fear lies.

Talk about clueless IT

[Anonymous Coward]

“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”

If someone this incompetent was running a corporate network they'd have their ass on the street faster than they could say "network traffic analysis."

Re:

[localman57]

If someone this incompetent was running a corporate network they'd have their ass on the street faster than they could say "network traffic analysis."

You don't know that. They're not Bank Of America. They may not be able to decide to take everything offline at once, or sufficiently partition the system to prevent reinfection. If the damage done by the virus is less important than keeping the systems online and keeping the drones flying, you keep them online, while you figure it out, even if it means you have to backtrack. Remember that Stuxnet was infecting computers from the PLC boxes outward. Not a typical infection vector.

Re:

[stephanruby]

Let's assume for a second that the guy is indeed competent (I know, it's a huge assumption on my part, but bear with me for a moment).

What else could be happening? If it keeps on coming back, may be the virus (or a slightly different version of the virus) is already part of the back up that's being restored. May be, it was part of the original hardware all along, or part of the original image on the installation disks? Or may be, there is someone with access that keeps on infecting those computers over and

Re:

[couchslug]

The whole idea of "wiping it off" is silly. Destroy suspect hard disks instead of trying to save them. The cost is trivial.

Just to clarify

[Baloroth]

When they say the drones were infected, what they mean is that the computers controlling the drones (located in the US and which are, apparently, running Windows...) were infected with a keylogger, probably spread through flash drives. Whether this actually compromises security at all is unknown (keyloggers generally assume you are connected to the Internet, which these computers aren't.) They don't have much security on the drone computers because they aren't hooked up to the Internet, and they would (apparently) rather educate their users than bother with antivirus, for whatever reason (although they do have a security system on the network which detected the virus. I would imagine it also should have stopped the virus).

Re:

[Locutus]

I would think that such a system would be considered a "critical system" and therefore not allow any type of direct external data input unless through a secure and protected means. Oh wait, we're talking about US DoD contracts and back room deals so design is secondary and they think using Windows is using advanced technology.

As the drones start dropping from the sky almost killing the ground soldiers, one soldier says pointing to the little girl, "Great! That's just great! Put her in charge then."

LoB

Not Business As Usual

[FurtiveGlancer]

To be fair to the hardworking acquisition troops in DoD, the Predator and Reaper were demonstrated and fielded through a short-cut process for fielding new capabilities quickly. When the normally thorough system design process is "streamlined" (or bypassed) to rapidly field a new capability, bad stuff can and does happen. Thus, the acquisition axiom, 'When you want it real bad, that's usually how you get it." As an example, of all the recorded predator losses through 2009, only ~3% were lost to enemy act

Re:

[shutdown -p now]

Note that a system-wide keylogger pretty much has to work at a level low enough that it can inject input instead of intercepting it. So if they've got that kind of thing, they really got pwned - and next payload coming their way may be less inclined to play nice.

They should be Closed Systems

[gurps_npc]

That is, no one should be allowed to load any program that is not vetted by the manufacturer.

So I am betting that the manufacturer got hit, and had the virus infect them at the factory, possibly installing itself as an 'update'.

It should not be that hard to remove - wipe and revert to an earlier version.

Unless of course they lost the earlier versiosn.

Re:

[localman57]

Or if the drones can't talk to the earlier version. It's common with embedded systems to upgrade the remote firmware and PC software at the same time as your protocols change.

You don't understand!

[Weaselmancer]

Skynet IS the virus!

Wow

[ShooterNeo]

Ok, so you get some interns in a room and ask them to draw on the whiteboard the things to consider when designing a remote controlled killer robot.

What do you suppose the FIRST thing any intern is going to write up there in terms of things you need to worry about?

Make SURE the enemy can't hack your robots and turn them against you!

Well, when you start writing up how to accomplish that, you would want
            1. A completely secure system for authenticating commands sent from the control system. The only form of encryption that is completely secure is one time pad.
            2. NO POSSIBLE WAY for someone to load viruses or gain access to the control system!!! That means NO network access to anything but the systems that send and receive signals from the drone! And one heck of a hardware filter on those information packets!

Best comment in TFA

[arielCo]

The big problem is that the drones keep ordering refueling boom enlargement kits, and four of them tried to fly to Nigeria to collect on a half-million gallons of jet fuel that was left there by a former Minister of Aviation.

Military Intelligence

[tmosley]

These drones are so vulnerable, their use in combat is totally laughable. Iraqi insurgents could intercept their communications with $26 software! Two years ago! Their shit is apparently totally unencrypted, and as such, has now been exploited to the point where they are now able to infiltrate the control software.

http://online.wsj.com/article/SB126102247889095011.html?mod=WSJ_hp_us_mostpop_read [wsj.com]

Next thing you know, these guys will turn the whole damn fleet of drones against us. Just what I wanted my tax dollars going toward, free fucking aerial suicide bombers for al Qaeda, drug cartels, and script kiddies.

Re:Military Intelligence

[Jeng]

They are not hacking the control software, all they are doing is receiving an unencrypted video feed.

You do not get anywhere close to being able to hack a drone just because you receive something similar to a TV station. You wouldn't be able to hack a TV station though a TV signal and you can't hack a drone though it's video feed.

Re:

[tmosley]

They were able to receive the video feed two years ago. The same video feed received by the controllers. This means they had access to a data line going to the controller. In two years, they were able to exploit this widely known vulnerability to install a keylogger on the control station. What will happen in two more years, with all of the information gathered from there?

All because they are so stupid they can't even encrypt their damn signal.

Also note that you can't hack a TV station via a TV fe

TFA is a very nice compendium...

[foma84]

...of military security holes'n'breaches.
It definetly deserves a read, or at least a glimpse. It's not just stuxnet and finely crafted computer warfare, it may be plain old viruses and tojans we deal with every day.

Spread by removable drives? How hard is this?

[bradley13]

This isn't exactly a new attack vector. Banks don't let people plug removable drives into sensitive systems - why does the US government?

You know what happened - either Joe private plugged his private pr0n collection into a classified computer, or else he took a classified drive home to use privately. Either was, really bad news.

If you've just got to have removable storage, then you pay for special connectors, so they are incompatible with anything else. Then you cast the guts in epoxy, so no solder jockey can change out the connector. This is not rocket science.

Re:Spread by removable drives? How hard is this?

[mclearn]

Actually, TFA believes that the vector was a removable drive by which they periodically update their map collections.

Use of the drives is now severely restricted throughout the military. But the base at Creech was one of the exceptions, until the virus hit. Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives. Drone units at other Air Force bases worldwide have now been ordered to stop their use.

Re:

[roc97007]

Areed. We did the things you describe back in the eighties. (Although back then "removable" meant the drive was on a sturdy cart with wheels.)

Re:

[marcosdumay]

As your system needs updates in data, it must have a system to constantly put data in it. Whatever you make it of, pen drives, network, punched cards, paper and scanner, it will be a vector for intrusion, and there is no way to turn it off.

Re:

[asdfghjklqwertyuiop]

Why on earth does plugging a flash drive into a USB port necessarily need to cause a security compromise? Just don't execute anything from the drive. It really isn't that hard.

This is why the good lord made Eproms.

[gestalt_n_pepper]

At least, that's the word on the street.

Time to admit that security matters?

[MaXintosh]

It seems like there's this cultural attitude out there that cybersecurity (hate that term) is a bit of an overblown joke, and that the worst malicious agents could do is steal our nation's porn collection or some such. Really, between stuxnet and now this, I really hope that people take home the message that targeted computer security threats can do a lot of damage in the national-security sense.

I really would be surprised if it turns out that this looks like it was developed by insert-country-that-doesn't

This has happened before..

[ilsaloving]

It's easy enough to fix. All you have to do is shut down the drones, flush the systems, and then restore from the protected archives in the core!

Would have never expected it...

[Nethemas the Great]

Nope never ever would I have expected the deployment of remote controlled anything to become suseptible to tamper. I also would have never ever expect the MIC to come up with anything other than hardened systems especially when human lives are on the line. This must have been a fluke...

So here I go getting modded "troll"...

[roc97007]

Let's get past the pro/anti Windows bias just for a moment. Clear your mind, see operating systems just as operating systems and not religion.

Now, if most (certainly not all, but most) computer virii were written for a particular OS, why would you use that OS in a secure surveillance or weapons application? Why would you not specify an OS that did the job, but had far fewer (or no) viruses already out in the wild? Wouldn't that go further towards avoiding infection than procedures regarding removable dri

Can't resist:

[Dunbal]

box of Kleenex $4

USB key $5

Satellite military uplink $150/hr

Hellfire missile $68,000

Predator MQ-1 Drone, $40 million

Being able to rain firey death from 10,000km away onto unsuspecting Afghan targets while a the same time masturbating on the internet: priceless

Re:

[Immostlyharmless]

Because if they were iDrones they'd cost us 50% more, really not be any more secure from someone determined to get in, you'd have to have someone with even more special training to work on it, and you'd have to send it back to the manufacturer to get the batteries replaced.

Course, it would *look* cooler....

Not a Windows issue

[Corson]

Whether or not those computers run Windows is not the issue. The issue is, how on Earth did that virus get on specialized and restricted US military control systems?

Forget Schwarzenegger, think Matthew Broderick

[DragonHawk]

So in The Terminator, humanity is destroyed when the power-mad AI "Skynet" launches nuclear missiles. That's been the popular conception of computer-driven destruction ever since.

Here we have computers controlling flying killer robots. Said computers have been compromised by malware. This was detected weeks ago, the malware is still a threat, and they're still flying them .

I'm starting to really believe that WarGames will be the more accurate prediction. Humanity won't be destroyed by machines which tr

So what this really means is...

[3seas]

They can be hacked...

Speaking of "Drone"

[xrayspx]

Each pilot sits in a small room with a rack full of gear wheezing away all day? Eech. This is why I don't move my desk into an IDF closet.

I remember hearing an interview on NPR not more than a few weeks ago which raised this exact issue, and in which it was brushed aside as utterly impossible, of course... "We have AIR GAPS, nothing can cross the air gaps!" Or something to that effect. I think they were talking about the video interception at the time. Meanwhile, they could ask Pfc Manning about ho

The source must be porn. FTFA:

[PolygamousRanchKid]

“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection

Unintentional pun . . . ? I think not!

"Pvt. Beetle Bailey here to educate the user!"

[sfled]

"Infected via flash drives." "Educate the user."

Oh bullshit! Never, _ever_ trust a user.

Seriously, I worked IT at a call center. The first thing you did with the machines when they came in was log in to the BIOS, disable ports like COM & USB, and set a BIOS password. If the thing was shipped to us with a floppy or cd/dvd drive (they were ordered bare but sometimes Gateway f-d up), we would remove the hardware before putting them in service. They were also imaged for whatever floor they were scheduled to be on (outsourced call center - Comcast, ATT&T, Sprint, Hughes Sat.) and out they went.

Once, a Bell South supervisor memo'd and called upper management and said he had to have USB to save and transfer reports, etc. And BOOM, a virus went through the Bell South floor like shit through a goose. That was the end of "educating the user."

Never, ever trust a luser.

Surfing porn at work.

[utkonos]

The only explanation for this is that those drone pilots were surfing porn in another window while their drones were on their way to and on the way back from bombing runs. Everyone knows that if you don't look at porn on your computer, you'll never get viruses or malware.

This is why

[geekoid]

you write your own OS for military hardware.

Re:

[wierd_w]

That would be against the apple developer's agreement. :)

I mean jeeze, you aren't even allowed to make porn on idevices, and wmds are straight out.

Re:

[localman57]

Look for Apple's iBomb to be delivered in time for Christmas to address these concerns.

I expect the 4GS to arrive well before Christmas. Oh...wait.. you literally meant a bomb.

In that case "Remind me to drop a bomb next time I'm in Tora Bora".

Re:

[Moheeheeko]

Soon our enemies will fear sleek white plastic with rounded corners falling from the sky.

Re:

[ColdWetDog]

Soon our enemies will fear sleek white plastic with rounded corners falling from the sky.

What is the terminal velocity of an unladen iPhone?

Re:

[Jeng]

Doubt it, Israel is more likely. Even if they are one of our allies, I don't believe they are an ally we should trust completely, much like how we view China.

Besides, I doubt that Iran can get good quality help with something like this, especially since they would most likely have to know a good amount of how the internal security is set up. Russia isn't stupid enough to help them with something like this, neither is China.

Re:

[BitZtream]

I doubt that Iran can get good quality help with something like this

Really? You don't think with the resources of an oil rich country that they couldn't buy someone domestic or foreign to do it for them? Are you retarded or just still asleep or something?

I'm not saying they did it, but you can't think that way about countries of any size at all, at that level all of them have enough resources to buy someone capable of doing it, or just kidnapping them and forcing them to do it without money. Most of the guys who write botnet software would more than likely be all over th

Re:Iran Payback ?

[jd]

I'm not sure it matters who it is. What matters is that if you can intercept a keystroke, you can inject one, and that if you log sequences you know command sequences. That knowledge never needs to go anywhere outside the virus - if the virus catalogs how to do X, Y and Z then an unauthorized user merely needs to tell the virus that it is to replay the sequence to do X, Y or Z. The user doesn't need to know anything other than what macro does what.

For most nations, it just doesn't make sense to do this with any current mission - that we know of, at least. Scripting a drone attack only makes sense if the drone has attacked a point that the person who wrote the virus will want to attack in the future. This is great if you're a nation defending against an attacker overrunning your positions, since you can get the attacker's weapons to attack the attacker. But no current target nation has the capacity for such a strategy and even if they did it would be pointless. It wouldn't be useful at all in Libya, for example, and the draw-down in Afghanistan means the probability of there ever being a meaningful target is next to zero.

Israel is a remote possibility - they've the knowledge - and there are doubtless drone surveillance missions that the Israelies could turn into attacks and keep plausible denial. However, it's exceedingly remote. Most of their threats don't distinguish between the US and Israel, so plausible denial is pointless, and they've enough support to be able to obtain all the US-made drones they want. There's no obvious added value.

The Mexican drug cartels are hampered by drones, but not usually by the high-end military ones, and being able to launch a replay would be absolutely pointless. If they were to have the kind of savvy needed, it would more likely go into a logic bomb that would cripple the drone. It's just possible they'd want to divert a drone to some site of theirs so that they could use it for their own purposes, but you'd not want a logger for that. Makes no sense. Besides which, if they had that kind of skill, they wouldn't need cheap cop drones.

China? Maybe, but again if they wanted a Predator they'd be better off with a logic bomb that disabled the radios and landed the UAV somewhere they could pick it up from. They wouldn't use loggers because there'd be nothing worth logging.

This isn't making sense. The story so far is too illogical. Those with the skills would be doing something different, those who want to do what is claimed don't have the skills.

Re:

[jd]

Military drones would presumably use something like Windows CE. (Non-classified drones do, from what little experience I have in the field.) Which, to be fair, would likely run a reasonable range of Windows programs. However, it's not fully compatible and cross-compilers are something of a necessity. It's possible it could be a generic binary but I'm going to guess that a custom build is the more likely.

Re:

[Locutus]

Except that because they are Windows based computers, the probability is very high that these are infected with your standard Windows virus instead of a custom one designed specifically to get into these computers. Therefore, it's unlikely there's any threat.

Probably some pilot got bored during down time and wanted to show his buds his pics of his girlfriend.

LoB

Re:

[Culture20]

My bet is the virus is on the clone image for their machines. Too many clone image makers don't do the paranoid clean-room thing.

Re:

[ColdWetDog]

You're forgetting that Apple computers are the only available defense against aliens. You don't want to use these weapons for mere earthlings.

Re:

[Dunbal]

Probably using the free version of FSUIPC too, the cheap bastards.

Re:

[couchslug]

They chased the motivated, volunteer geeks away during the 1990s because their actual AFSCs were other career fields.

Most AF computer maintainers are essentially Admin paper-pushers at the lower levels.