[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Navy hacked by Air Force?
[email protected] (Fred Cohen) said:
FC> Not my mistake - [email protected]'s mistake - only my correction. And it
FC> wasn't a correction to an error in this forum - the error appeared
FC> in the Risks forum - the Cypherpunks posting (which I posted) was
FC> the corrected one. Am I supposed to correct mistakes in other
FC> forums made by other people when I post to Cypherpunks? (let me
FC> see... in 1928, a mistake was made on page 73 of the New York Times
FC> related to cryptography, ...)
1) The correction makes a difference in the credibility of the
statement, as you must have felt, since you made the change. Saying
that a reporter called a 40-ish Navy captain a 'whizzkid' is foolish,
while questioning the reasonableness of a reporter calling a 20-ish Air
Force captain a 'whizzkid' is a difference of opinion (see below).
Since you said it was the 'actual text', you should have posted the
actual text, not your correction of it. If they sent out two messages,
one correcting the other, I find it somewhat difficult to believe that
they didn't at least preface it with a "sorry, we goofed" tag.
FC> Even with only 4 years of service (after graduating from College),
FC> 25-27 years old is no longer whizzkid age in my book.
2) As I said before, had I remained in ROTC, I would have been 24 when
I was eligible to make captain.
3) At 26, I was still being referred to, by non computer-savvy people,
in terms comprable to 'whizzkid'.
FC> But even more
FC> importantly, the readers who commented on this one error ignored the
FC> main body of facts in the posting in favor of creating a conspiracy
FC> theory. Next we find out from yet another story that at least part
FC> of the original story posted to Risks was in error. According to
FC> the second independent source, the Captain was working with the
FC> Navy's support and knowledge. How much do you want to bet that the
FC> story changes again by Tuesday?
4) The original story said that it was a "secret experiment" conducted
in front of "Pentagon VIPs" "at the Electronic Systems Centre at Hanscom
Air Force Base". Saying that the Navy was informed that this test would
be made, or that Navy personnel were among the watching VIPs, is
unremarkable, and does not call into question the original report.
There were many security 'surveys' conducted against my systems by AFIWC
(sorry, I don't remember the name of the specific group that does the
surveys, but it's part of AFCERT) which I was unaware of which were
authorized by the Air Force - in fact, I wouldn't be surprised if the
"young Air Force captain" was from that group.
5) The second independent source backs up the report that the connection
was made through the Internet, involving email connectivity, and with a
personal computer and modem, all of which were specifically denied in
the message from IW.
Now that I've addressed ALL of the points in the 'denial' from
IW, do you see why I characterized it as a military smokescreen? The
only thing in it which remains unchallenged is that the original report
is inaccurate in detail, and that there is a question as to whether
someone in their mid-20s is a 'whizzkid'.
--
#include <disclaimer.h> /* Sten Drescher */
To get my PGP public key, send me email with your public key and
Subject: PGP key exchange
Key fingerprint = 90 5F 1D FD A6 7C 84 5E A9 D3 90 16 B2 44 C4 F3
Junk email is NOT appreciated. If I want to buy something, I'll find
you.