Chinese checkers; Checking out Skype; JTRS in plain English
Chinese checkers
Chinese President Hu Jintao made nice with Bill Gates during his U.S. visit last week. He promised that companies in his country would engage in a novel practice — buying rather than pirating Microsoft software. Microsoft estimates that 90 percent of its software used in China is pirated.
We suggest Hu make nice with the Defense Department by halting probes of DOD networks, such as the large-scale scans of Marine Corps networks in Okinawa and southern California earlier this year.
We picked up reports that the Marines detected more than 30,000 FTP scan and access attempts against those networks over a short period. All those probes traced back to Chinese IP addresses.
At about the same time, the Joint Task Force-Global Network Operations detected malicious e-mail sent to DOD users. Each message had a Word attachment containing a macro that could automatically change or delete files or cause a computer to communicate with an outside Web site. In this case, JTF-GNO found that the macro would tell an infected computer to phone home to a Chinese IP address.
Because China maintains tight control of its Internet domains — with gear purchased from blue chip U.S. network hardware companies — it’s hard to imagine those probes were conducted by bored Chinese teenagers.
Call me a cynic — or a realist — but I bet those probes were conducted by Chinese military or intelligence agencies, although Hu might have persuaded those Chinese network checkers to knock it off during his visit last week.
Checking out Skype
Sometimes DOD needs to defend its networks from themselves.
Although running commercial peer-to-peer applications is supposed to be a real no-no on DOD networks, the JTF found earlier this year that several Navy Marine Corps Intranet (NMCI) and Marine Corps hosts had installed and were using the Skype P2P voice-over-IP application.
Skype has at least three known vulnerabilities that hackers can exploit to execute malicious codes. But the JTF determined that the culprits were not PFCs looking for a way to make cheap phone calls. Marines were running an official test to see if Skype would be a good VOIP solution.
The Marine Corps Computer Emergency Response Team, we hear, quickly put an IP block on Marine networks to block connections to the Skype site.
One wonders why the Marines don’t just follow the lead of the Naval Sea Systems Command HQ at the Washington Navy Yard, which has 4,500 Cisco VOIP seats and 1,736 Avaya seats on NMCI at a cost of $1.4 million for fiscal 2006.
JTRS in plain English
We salute Vic Popik, ops director for the Joint Tactical Radio System Program Executive Office at the Space and Naval Warfare Systems Command, for doing something never done in the troubled project’s history — explaining its problems and deficiencies in plain English without bureaucratic doublespeak.
Popik, in a presentation to an industry gathering last month, said JTRS development and fielding suffered because of:
- Flawed acquisition strategies.
- Unrealistic schedule demands that resulted in an unexecutable program.
- The inability of contractor/government teams to manage cost, schedule and requirements growth.
- The lack of an enterprise approach to acquisition and systems engineering practices.
That’s not all, folks. Popik said a major problem with JTRS was that DOD originally conceived of it as a legacy radio replacement program but then let it evolve into a network-centric radio program without considering the impact.
When Popik finishes his Spawar work, we would like to see him take a similar approach to the delayed and over-budget Transformational Satellite program, which we predict will turn into the JTRS of this decade.
Intercept something? Send it to bbrewin@ fcw.com.