Military History | How To Make War | Wars Around the World Rules of Use How to Behave on an Internet Forum
Procurement Discussion Board
   Return to Topic Page
Subject: Another F-35 Failure
SYSOP    2/9/2012 6:05:31 AM
 
Quote    Reply

Show Only Poster Name and Title     Newest to Oldest
jaxn    amateurs or crooks   2/10/2012 1:09:54 AM
Having purchased uncountable weapons and weapon systems over the years, one might think that the Defense Department might have an idea of how to do so in an appropriate manner that is cost effective and efficient while not wasting crucial tax dollars earmarked for our nations defense and personnel.  Obviously this isn't the case.  I can only surmise that there is either illegal conspiracy to create cost overruns unnecessarily and bribery and missing funds going on or complete malfeasance and ignorance on the part of our Defense Department.  Should heads roll?  Absoltely.  Should there be prison terms for defense industry people?  Yup.  There is NO EXCUSE for the "business as usual" ridiculousness of this kind of problem still going on in this day and age.  As a taxpayer I am incensed at this lack of professionalism and shadowly procurement. 
 
Quote    Reply

JFKY    jaxn   2/10/2012 8:46:46 AM
Yeah please be outrageously outraged!  That is the point of much of the Defense reportage.  I lived thru the 1980's, where we couldn't buy anything either, whilst purchasing the finest aerial weapons in the world!
 
Quote    Reply

Loveissupreme    China's 5th column   2/10/2012 1:44:35 PM
I agree that there is a sickening amount of corruption among the defense contractors. At least during the Reagan defense build up cycle America received a good quantity of quality weapons systems that are still in use today. During the Bush W. build up cycle America hardly has anything to show for it.
 
One of China's biggest unintended allies is America's defense contractor's, which make capability cost prohibitive. They're lying thieves. 
 
Concurrency with the F-35 was a total failure.
 
One thing I read that is legitimate was the the Chinese hacked into computers loaded with secret F-35 design info and the Chinese even were able to listen in on conference calls as to the progress and status of many things. Substantial parts of the F-35 had to be redesigned and new software written because of this. 
 
Quote    Reply

wastral       2/10/2012 4:44:54 PM
The hacking of computers part is laughable.  They aren't tied to the internet.  They aren't allowed t obe when doing Military design. 
 
Do keep the BS flowing man.  
 
Quote    Reply

Reactive       2/12/2012 8:46:56 PM
The hacking of computers part is laughable.  They aren't tied to the internet.  They aren't allowed t obe when doing Military design. 
 
Do keep the BS flowing man.  
 
 
You call bs but you're actually rather full of it here.
 
 
Airgaps (ensuring a physical gap between networking and IT resources) are one thing, LM undoubtedly has one of the most advanced protocols in the world in this area - but this just means that a PRC bot or hacker can't directly access the it resources that contain the critical systems of the prime contractor - whatever procedures are used to sanitise information passing in or our of these airgaps you still have enormous issues when you have to replicate this incredible level of vigilance across literally hundreds of design teams and thousands of workstations/servers/etc. 
 
You will at least accept that on such an enormous project there will be data interchange going on between design teams - your airgap may provide a solution to selectively choose what data you are sending where, and encrypt/protect it accordingly, but to maintain integrity across the board each and every subcontractor and team working on the project has to be just as rigorous as the prime, in reality the level of continual scrutiny this requires is immense - it is actually exactly the sort of thing that people get sloppy about procedurally - and that's because it takes a lot of time and effort when you're dealing with tens of millions of files, tens of thousands of employees and a punishing schedule.
 
What has actually happened (specifically on this program) is that when LM reviewed its major subcontractor's systems they found that systems had indeed been compromised and specified procedures had not been adhered to. On the F-35, specifically, unknown quantities of data have indeed been stolen - yes, in all likelihood none of these are the complete set of system blueprints (a security procedure is to supply subcontractors only with the data they need for their respective projects) but it is obviously also true to say that in some instances these elements may be of extreme interest or use to an adversary such as the PRC.
 
I think you just have to have some sort of idea the astronomical amount of data involved in a project of this scale, even a project 1/100th of this scale, and how much time and effort it takes to protect that - to say that "the computers aren't connected to the internet" is about as redundant and pointless a statement as you could possibly make, especially in the post Stuxnet world where we have an example of a system that is designed explicitly to bridge an airgap using zero day exploits in MS software - that innocuous USB stick containing only innocent-looking non-executables actually contained invisible (to the OS) code that eventually managed to compromise and partially destroy a uranium enrichment operation.
 
And that's just assuming that the PRC doesn't happen to have anyone involved in the programme on its payroll - consider the level of vigilance needed to ensure no one can conceal a USB storage device on their person. Consider for just a second that many of the subcontractors working on the program have less experience of PRC hacking attempts than LM, that many overstressed employees will take shortcuts, that even with all security procedures followed to the letter there will always be flaws that can be exploited by an adversary with enough resources and you must inevitably come to the conclusion that any of any assumptions you could make about the integrity of data on a project as large as F-35 will probably be optimistic, perhaps in the extreme.
 
R
 
Quote    Reply

Toosh       2/13/2012 10:45:11 AM


The hacking of computers part is laughable.  They aren't tied to the internet.  They aren't allowed t obe when doing Military design. 

 

Do keep the BS flowing man.  

 

 

You call bs but you're actually rather full of it here.

 



 

Airgaps (ensuring a physical gap between networking and IT resources) are one thing, LM undoubtedly has one of the most advanced protocols in the world in this area - but this just means that a PRC bot or hacker can't directly access the it resources that contain the critical systems of the prime contractor - whatever procedures are used to sanitise information passing in or our of these airgaps you still have enormous issues when you have to replicate this incredible level of vigilance across literally hundreds of design teams and thousands of workstations/servers/etc. 

 

You will at least accept that on such an enormous project there will be data interchange going on between design teams - your airgap may provide a solution to selectively choose what data you are sending where, and encrypt/protect it accordingly, but to maintain integrity across the board each and every subcontractor and team working on the project has to be just as rigorous as the prime, in reality the level of continual scrutiny this requires is immense - it is actually exactly the sort of thing that people get sloppy about procedurally - and that's because it takes a lot of time and effort when you're dealing with tens of millions of files, tens of thousands of employees and a punishing schedule.

 

What has actually happened (specifically on this program) is that when LM reviewed its major subcontractor's systems they found that systems had indeed been compromised and specified procedures had not been adhered to. On the F-35, specifically, unknown quantities of data have indeed been stolen - yes, in all likelihood none of these are the complete set of system blueprints (a security procedure is to supply subcontractors only with the data they need for their respective projects) but it is obviously also true to say that in some instances these elements may be of extreme interest or use to an adversary such as the PRC.

 

I think you just have to have some sort of idea the astronomical amount of data involved in a project of this scale, even a project 1/100th of this scale, and how much time and effort it takes to protect that - to say that "the computers aren't connected to the internet" is about as redundant and pointless a statement as you could possibly make, especially in the post Stuxnet world where we have an example of a system that is designed explicitly to bridge an airgap using zero day exploits in MS software - that innocuous USB stick containing only innocent-looking non-executables actually contained invisible (to the OS) code that eventually managed to compromise and partially destroy a uranium enrichment operation.

 

And that's just assuming that the PRC doesn't happen to have anyone involved in the programme on its payroll - consider the level of vigilance needed to ensure no one can conceal a USB storage device on their person. Consider for just a second that many of the subcontractors working on the program have less experience of PRC hacking attempts than LM, that many overstressed employees will take shortcuts, that even with all security procedures followed to the letter there will always be flaws that can be exploited by an adversary with enough resources and you must inevitably come to the conclusion that any of any assumptions you could make about the integrity of data on a project as large as F-35 will probably be optimistic, perhaps in the extreme.

 

R

As if you're in a position to know whats really going on. LOL !!!!!!!!!!!!!!!!!!!! The buffoons here are too much.

 
Quote    Reply

Toosh       2/13/2012 11:03:19 AM


The hacking of computers part is laughable.  They aren't tied to the internet.  They aren't allowed t obe when doing Military design. 

 

Do keep the BS flowing man.  

 

 

You call bs but you're actually rather full of it here.

 



 

Airgaps (ensuring a physical gap between networking and IT resources) are one thing, LM undoubtedly has one of the most advanced protocols in the world in this area - but this just means that a PRC bot or hacker can't directly access the it resources that contain the critical systems of the prime contractor - whatever procedures are used to sanitise information passing in or our of these airgaps you still have enormous issues when you have to replicate this incredible level of vigilance across literally hundreds of design teams and thousands of workstations/servers/etc. 

 

You will at least accept that on such an enormous project there will be data interchange going on between design teams - your airgap may provide a solution to selectively choose what data you are sending where, and encrypt/protect it accordingly, but to maintain integrity across the board each and every subcontractor and team working on the project has to be just as rigorous as the prime, in reality the level of continual scrutiny this requires is immense - it is actually exactly the sort of thing that people get sloppy about procedurally - and that's because it takes a lot of time and effort when you're dealing with tens of millions of files, tens of thousands of employees and a punishing schedule.

 

What has actually happened (specifically on this program) is that when LM reviewed its major subcontractor's systems they found that systems had indeed been compromised and specified procedures had not been adhered to. On the F-35, specifically, unknown quantities of data have indeed been stolen - yes, in all likelihood none of these are the complete set of system blueprints (a security procedure is to supply subcontractors only with the data they need for their respective projects) but it is obviously also true to say that in some instances these elements may be of extreme interest or use to an adversary such as the PRC.

 

I think you just have to have some sort of idea the astronomical amount of data involved in a project of this scale, even a project 1/100th of this scale, and how much time and effort it takes to protect that - to say that "the computers aren't connected to the internet" is about as redundant and pointless a statement as you could possibly make, especially in the post Stuxnet world where we have an example of a system that is designed explicitly to bridge an airgap using zero day exploits in MS software - that innocuous USB stick containing only innocent-looking non-executables actually contained invisible (to the OS) code that eventually managed to compromise and partially destroy a uranium enrichment operation.

 

And that's just assuming that the PRC doesn't happen to have anyone involved in the programme on its payroll - consider the level of vigilance needed to ensure no one can conceal a USB storage device on their person. Consider for just a second that many of the subcontractors working on the program have less experience of PRC hacking attempts than LM, that many overstressed employees will take shortcuts, that even with all security procedures followed to the letter there will always be flaws that can be exploited by an adversary with enough resources and you must inevitably come to the conclusion that any of any assumptions you could make about the integrity of data on a project as large as F-35 will probably be optimistic, perhaps in the extreme.

 

R

As if you're in a position to know whats really going on. LOL !!!!!!!!!!!!!!!!!!!! The buffoons here are too much.

 
Quote    Reply

Reactive       2/15/2012 11:56:53 AM
They were general comments on data security that apply to almost every industry that requires integrity of IP - you made a comment with zero information content that is essentially irrelevant - if you think what I wrote was incorrect but lack the capability to explain why that is in all likelihood a reflection on you rather than me. 
 
 
Quote    Reply



 Latest
 News
 
 Most
 Read
 
 Most
 Commented
 Hot
 Topics