Reader Comments (rss)

(Flattened / Threaded)

•  

  

  Anonymous Coward, May 14th, 2008 @ 9:19am

  
  

  All encryption is decipherable.
  All equipment is or can be potentially compromised.
  All ur bases r belong 2 us.
  
  Clearly this breakdown of government contractors needs to be investigated and addressed, but one large lesson learned is the value of end-to-end encryption. Cryptography that stays technologically ahead of attempts to thwart it.
  
  I hate to say that "obscurity" is the best solution, but if we continue to shake up our encryption protocols, dilute sensitive information in a flood of nonsensical garbage and challenge authenticity ultimately end to end, the equipment in the middle of a cloud is less of an attractive target.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Anonymous Coward, May 14th, 2008 @ 10:28am

  
  

  Re:

  Nothing wrong with obscurity. Just as long as it is not the only solution. There is nothing wrong with it being a part of the solution. People act as though it's a bad word all together.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  ranon, May 14th, 2008 @ 9:21am

  
  

  If the military finds that the routers are substandard then they should return them, or get compensation from the FIRST contractor. The military has nothing to do with any sub contractors.
  
  If they can enforce good quality with the first contractor, then they will get a good product, whatever the number of subcontractors.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Overcast, May 14th, 2008 @ 9:22am

  
  

  Let's trust everything to computers!! Bank Accounts, Energy Production, National Defense, Vote Tallies..
  
  sounds like a bad Sci-Fi, huh?

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Pedro Mack, May 14th, 2008 @ 9:27am

  
  

  Outside of the security implications, how great is it that the government is overpaying for these services/products by such a huge margin, that four levels of markups can be charged along the way, while still coming in at a price that the government is willing to pay?

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Doc, May 14th, 2008 @ 9:34am

  
  

  So Bruce Willis was right "Live Free or Die Hard"... it's a Fire Sale!

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Hank, May 14th, 2008 @ 9:58am

  
  

  worse yet.....

  What's really scary is that most equipment and work on overseas bases is provided by the host country.
  
  When I was stationed in Korea I worked with Top Secret, intelligence gathering, computer systems that were basically the key to any war time decision making.
  When we needed new equipment or needed any infrastructure work done we had to use Korean contractors. We did an upgrade of the entire system about halfway through my tour and most of the work was done by Korean contractors. Tell me how much sense that makes. Do you honestly think that they haven't planted equipment that allows them to see what we are working on?
  
  Our govt acts as though they are concerned with national security yet they give away the keys to kingdom all the time. This stuff going on with fake routers doesn't surprise me one bit.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  TW Burger, May 14th, 2008 @ 10:30am

  
  

  Re: worse yet.....

  It's the same in Iraq and Afghanistan. Locals are hired for kitchen, laundry, and janatorial jobs and the MI officers stand around confused as to why motar attacks on the bases tend to be so accurate...
  
  In 'Ghan they hire a local contractor to wire the metal storage containers that were converted to apartments (don't ask) and the whole thing is done with one color of wire, cables running through puddles, and no grounding.
  
  I will not let a local anywhere near my communications networks and I buy the equipment myself and inspect each unit personally.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  NRK, May 14th, 2008 @ 10:53am

  
  

  Re: Re: worse yet.....

  Your are the exception... most Gov agencies hire it done, and if it works, and sometimes when it doesn't, writes a check. Then the equipment is out-of-site out-of-mind until there is a problem and then it is too late to go back to the contractor.
  
  We had the same problem in Viet Nahm hiring locals who would pace off the size of the compound and any high-value targets. Next day the mortars would come in with pin-point accuracy.
  
  To have integrity, the military need to do it all, that is why we have cooks, bakeries, laundry units, etc. in the military, and the soldiers have to take their turn at gurad, shit burning, etc.
  
  Some day we will study the lessons learned from pat conflicts and apply them to current one...
  
  nrk

   

  [ reply to this | link to this | view in chronology ]

•  

  

  chris (profile), May 14th, 2008 @ 11:17am

  
  

  Re: worse yet.....

  maybe things have relaxed a bit since i was in the service in the 90's, but when it comes to classified materials the equipment that is cleared for classified is clearly marked and the equipment that is not cleared for classified material is also clearly marked. there are separate networks (data and voice) for classified material.
  
  information about the systems that handle classifed material (hardware vendors, versions of unix, etc.) is also classified, so if the phony brand name of the equipment was leaked, chances are it was for non-classified (though possibly still sensitive) material.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Jake, May 14th, 2008 @ 11:31am

  
  

  Re: worse yet.....

  Using the same suppliers and contractors as the South Korean government would be the best bet in that situation; if their security's been compromised by agents from the North you're screwed anyway.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  N1ck0, May 14th, 2008 @ 10:08am

  
  

  Registration

  Whats also pretty bad is Cisco has a pretty good registration system for their equipment. And like most higher end network equipment, Cisco maintains records of what vendor has sold what S/Ns. Yes in some circumstances registration is a bit cumbersome, but in most cases equipment needs to be registered with the inventory system anyway...its not that much of a stretch for supply officers to query the databases and confirm IDs with OEM on a routine basis.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Davey, May 14th, 2008 @ 11:22am

  
  

  Been there. Called the cops.

  My IT manager here at *.gov (where we have substantial security concerns) has been sold counterfeit equipment. However, we bought it directly and saw it for what it was. A call to the U.S. Marshall's office straightened everything right out. IMHO, Federal acquisition regulations are partially responsible for taking the buying decisions out of the hands of people who might know what they're getting, and putting it in the hands of folks that want low bid. Procurement agents are notorious for using their own (uninformed) judgement when buying technology (e.g. "This item is NOT 'or equal' dammit!")

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Technical Purchasing Manager, May 14th, 2008 @ 1:36pm

  
  

  Re: Been there. Called the cops.

  Brilliant Davey. Thanks, I needed a good laugh today.
  
  Definition:e.g = for example: as an example; "take ribbon
  snakes, for example"
  
  Your e.g. is an opinion, not an example. It contains hostile emphasis and swearing in just seven words. Good thing your opinion is humble. Keep it that way.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Nasch, May 15th, 2008 @ 12:00pm

  
  

  Re: Re: Been there. Called the cops.

  Lighten up, dude. He was giving an example of something that might be said after purchasing agents make a bad purchase. If someone's phrasing on a blog post isn't perfect, you don't have to point it out every time if you can still tell what he's trying to say.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Nasch, May 15th, 2008 @ 12:02pm

  
  

  Re: Re: Been there. Called the cops.

  I just looked at your name, Technical Purchasing Manager, and now I realize you made that post not just because you're neurotically pedantic (though you may be), but because you were feeling attacked. In other words, this is probably based on emotion and not reason, so never mind.

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Anonymous Coward, May 14th, 2008 @ 5:20pm

  
  

  PHB: How do you reboot this thing again ?
  Dlbrt: Like I told you, turn it upside down and shake,

   

  [ reply to this | link to this | view in chronology ]

•  

  

  Rekrul, May 14th, 2008 @ 7:49pm

  
  

  They probably got a really good price on the counterfeit routers. Maybe they only paid $200,000 each for them instead of $500,000 each...

   

  [ reply to this | link to this | view in chronology ]

Add Your Comment