17D_guy

So it wasn't about hacking the mission as a rated operator vs a support Amn. It was about appearances.

To expand on the OPM hack. Watch the video and realize these are senior gov't employees in all facets of the force. They're the ones making decisions about how to implement cyber. They're in the AF too.. https://www3.blogs.rollcall.com/hill-blotter/opm-breach-includes-congressional-staffers/ Additionally Krebs does a good breakdown of the history of this. CLEARLY targeted, persistent, and skilled. I briefed this to leadership this week, they were not please. https://krebsonsecurity.com/2015/06/catching-up-on-the-opm-breach/

Are we going to do a separate thread for each of his (great) posts? Or can we do a consolidated thread?

I had a 2Lt who plugged a wireless mouse into his SIPR workstation once. Asked him to remove it, that per the "rules" it wasn't allowed. We were in a SCIF as well. He asked why, that all it passed was X/Y axis data and there was no information to be gotten off of that. I informed him as a lowly SSgt I didn't have the details as to why he couldn't, but the NSA wrote the rules. He said they didn't know what they were doing. I side that's fine, remove the mouse. There's a lot of cool stuff going on right now with side-channel analysis. Attacking systems and getting information about what's happening in a system from other means. TEMPEST was the start of everything in this realm. I generally try to be cool about these things. Wireless mouse on NIPR? I don't care. I've got a MSgt that I supervise that's got one right now actually. But a lot of the Pilots/Nav's roll into SCIF's here with their iPhones and bricks like it's no big deal. I was going to say Ops dudes since it would cover the back-end Intel guys, Ravens and other folks as well.. but it doesn't. It's mostly front end rated-bros... just thought about that. Not hating, an observation. Some of the rules are stupid. Some asses interpret them their own way to be a pain/powertrip/etc (Gravedigger's 2nd paragraph). But I can assure they're their for a reason when it comes to EMSEC. I've seen the same thing with the stacked classifications. Drives me nuts, but I'm a little older-school. I think a lot of the problem was mitigated with shielded-copper, fiber, and flat screen monitors that don't emit like the old CRT's. Also, the switch boxes should be NSA approved. There were... 2(?) approved when I was at Vandenberg for some of their systems to co-exist. That being said, I've seen images pulled off side-by-side ethernet connections that I didn't think would be there. Correct JRSS is a unicorn when it comes to DoD programatic function. Army's paying for it, AF's helping with a bunch of stuff. Navy has the NMCI and can sit in the corner until they learn how to cyber like adults. As much as it pains me to say it the move to a joint cyber environment is the right thing to do. It shouldn't be AF NIPR, Army NIPR.. Navy... vomit. Real savings in time, $$ and manpower can be leveraged with that. Security for the DoD networks can be vastly enhanced. The AF no-kidding leads the way in getting this done in some areas (AFNet, 24th AF, security) and the Army in others (DISA Email). Additionally, like the sky we don't (to my knowledge) have Air Force sections, Navy sections, etc. It's all under control of the CFACC. Same should be for Cyber, and JIE/JRSS is going to get us there. I'm tired as hell, so I hope this made sense.

Eh, I'll try to look into it. Clickers.. should be fine. Is your IA shop saying otherwise? Have them site the source as Warrior states. Note who says it's default no, vs yes. Murder them. Another thing to add to this is the oncoming JIE and JRSS - https://www.disa.mil/Initiatives/JRSS https://www.disa.mil/About/Our-Work/JIE I imagine this is akin to what prop guys felt like when jet engines came along. But you know.. minus the fun.

Don't have a lot of time to reply right now. You'll see the AF has been pushing for this sort of thing for awhile. I think I said in a earlier post that DISA said they were the arbiter of all things cloud.. then certified no cloud services besides their own. DoD CIO punched them in the dick and now they're moving on to approve other cloud providers. But don't think they don't have downtime (AWS and Google have both had outages). Sure, it's not the same as my/your base, but their business model is different, their mission is different, and their costs are different. If "we" low-ball it just like ESD, and other "Cyber Support Servcies" have been it won't be any better than what you've got now. Yep. Thanks. $400 to move that network drop in an office please.

So.. McCain decided BAH was too much for the DoD to cover while leadership's decrying the retirement, "rising" medical costs and the general poor return on investment all around on actual people. Here's section section 591, from the Senate version of the NDAA (S.1376) - Looks like blue-suit base support is over boys, time to go home.

CMSAF Reddit AMA #1 unanswered question - Why do we still have tops in blue? I get it.. he's a top dude and has to answer a certain way.. but man.. so much coolaid.

Christ on a pony, I'm starting to have this argument with "high speed" Airmen and Lt's. Would be nice if the CMSAF didn't look like he shaves with this damn stripes. I'm sure he just "bought it that way." I don't like the rim of my cap folded in, so I straighten by hand when I put it on. But those frenchified caps look live vomit. Ugh... It's amazing how the AF can't write a fucking regulation that isn't ambiguous, even when leadership said repeatedly during phase in what the goal for this was - Per 36-2903 - Per the label on the inside of the "blouse" I'm wearing - That's right, the label on the inside of the uniform is more directive than the AF regulation. When can us Cyber Ops folks have flight suits so we can step away from this bullshit "uniform"?

Behold, what your cyber force is doing -

CSAF talking to FoxNews about all the issues he's been talking about (people, planes and lack of pilots) https://www.foxnews.com/politics/2015/05/25/budget-cuts-impact-us-ability-to-fight-enemy-air-force-general-warns/

Mad Max ruled. Go see it.

Ah, the Cyber Mecca.

Do you think it's because the number couldn't be confirmed? I've had the bosses who didn't want $200+/-, >$200, etc. Wonder if it's a stupid spin off of that.

Don't know if we need more, but glad to see they're rolling in the other 1/2 the population that gets raped. This is like having to listen to all the Domestic Violence stuff like it only happens to the females and a chick would never beat, scratch, destroy property, lie or otherwise destroy a man's like.

Well at least those people are being returned to the bases.. oh wait. We get to put in tickets, just like the users! Except that the numbers keep changing.

Your Local Comm Sq and CYBERCOM will be closed this Christmas -

Was on JQP's facebook page. Thought it was pretty good - https://taskandpurpose.com/4-reasons-i-am-resigning-my-commission-as-a-naval-officer/

As stated the NMCI contract is awful. The Air Force will not play with the Navy on Cyber if NMCI is involved. They do not take any of it seriously and there's a number of.. problems that have occurred on their networks due to the lack of choke-con. Also, having to pay $450+ to move a workstation around the office is a little steep. I enjoyed this little article - https://www.airforcetimes.com/story/military/2015/04/13/whos-been-cut/25574185/ Mobility pilots.. ouch. But then in my corner, This is on top of the cuts the 33S AFSC faced for.. 5 years? I don't know, I wasn't an O then. There's a significant bathtub in the Cyber force. My Sq CC's almost guaranteed Col, not for outstanding performance or any other leadership metric, but because the attrition rates in the year groups are so high and all the other eligibles are leaving. I like my CC, so that's not a slight--that's straight from her. Also, base comm contracted out isn't bad as long as the contractor is responsive and you pay them. Vandenberg had contracted base comm and it was a great working relationship. One of the best I'd been involved with. Just like the ESD would have been if the contractor was paid and sized accordingly. Everyone's of the opinion, "It's simple geek stuff, how hard could it be?" Then the negotiations start and the cyber support service and infrastructure maintenance is constantly down-valued. Which is why in the other thread I said just because you don't value something, doesn't mean it's not important. Well, if the AF had valued the customer service, support, and requirements inherent with the ESD it would have succeeded. the AF didn't. The AF failed. Then the ESD failed. Where so many other businesses, large ones, have succeeded. Union Pacific has a consolidated help desk. It's 24/7, has 3~5 ring pick up requirements and services all of CONUS. They also pay very well to keep the "easy job" service technicians, focus on training and job advancements for top performers. I can't even get that kind of respect for my Amn on the base, let alone out of the behemoth that is mother-AF. Actually, that's not fair. The base here is really appreciative of the work my guys do. This valuing of "easy jobs" could be applied to all the support career-fields. How much would you guys pay for a full-up, competent finance and MPF? With NCO's who know what they're doing and know their job inside and out... like we used to have. That didn't have to write a request to a central processing agency and wait for a reply to do something? That could execute your DTS and other orders with little to no problems? Well, whatever you think, the AF decided we all could use an additional duty as our own MPF/Finance troop. Don't forget your IAO additional duty as well.

What? It's not that they don't know how to install hard drives. I guess I didn't communicate that well. Many warranties require certified technicians to install equipment. It's not always the case, but those nuances are the reality of the situation. You do have Airmen (both O&E) designing networks for base support that aren't up to industry standards. It's a lack of experience, and the fact that... we can't get people to that level in AD most of the time. It's also a problem with the increasing complexity of today's tech systems. We're having issues with that right now where the base network works, but we're trying to interface with a DISA service.. and we're unable to because of configuration issues. The ANG has a really big advantage here. I've worked with some ANG CCIE's, and the E&I teams used to be all ANG. The ANG can hire, and retain the pro's. I've got to try and build an Amn, that's got all the queep (and more) that we complain about, plus deployments and PCS's after 3~5 years to a base with mostly a different architecture. Also, we're not the Cyber Service. We're the Air Force and we excel at Cyber but lets not act like with the way we're currently arranged we're placing a real focus on the leadership Cyber (support). I can't speak for Cyber (offense). We're not penny pinching on aircraft weapons systems, but every Cyber initiative automatically gets a cut off the top and then the negotiations begin.

It's a long read. But this article goes into good detail about how the Great Firewall of China works. It also details the new state-cyber weapon (coined as the Great Cannon) that was used to take down github.com and greatfire.org https://citizenlab.org/2015/04/chinas-great-cannon/ It is also a good write up of enumeration and discovery on a foreign network and "cyber-minded" thinking that the Cyber-muckety mucks are talking about.

And then there's this - https://www.youtube.com/watch?v=AI6vn0HHTmU&feature=youtu.be

That's like the original run aircraft carriers the Navy's moving away from now.