Remember When Russia’s Enemy Helped the Mujahadeen Neutralize Russia’s Most Effective Weapon?
“Bluster”! “Exaggeration”!
Those are some of the words Joe Lieberman and some more credible people are using to dismiss Iran’s claim that it has accessed the data from the Sentinel drone it brought down last year.
Aside from “independent experts” pointing out the obvious fact that Iran could have gotten details about the Sentinel’s use to surveil Osama bin Laden’s compound from public reports (though how would it have gotten the specific dates?), the US security establishment has offered no detailed explanation of how Iran got the data it claims to have taken from the drone.
General Hajizadeh cited as evidence data that he said was extracted from the drone’s computer hard drives revealing its operations in the months before it went down in Iran — either because it was shot down, as Iranian officials have claimed, or because it experienced a technical failure, as the Americans have said.
The drone, he said, had undergone repairs in California in October 2010 and returned to Afghanistan in November 2010, where American officials have acknowledged it operated, though without specifying where its missions took it. He added that the drone’s computer memory revealed that it had flown over the compound in Pakistan where Osama bin Laden was killed in an American raid in May 2011.
“Had we not accessed the plane’s softwares and hard disks, we wouldn’t have been able to achieve these facts,” General Hajizadeh said, according to the news agency Fars.
The White House and American intelligence officials declined Sunday to comment on the new claims, though independent experts expressed skepticism. They noted that the information about the drone’s activities — including its use in the Bin Laden raid — could have been drawn from public reports about the sophisticated aircraft.
That may not entirely confirm that the data cited by Iran is accurate, but it sure doesn’t refute it.
That said, all these experts bewailing “bluster” have not mentioned the more obvious explanation behind Iran’s claim–even though just three days ago the news was filled with reports of Russia and China asking for information on the drone and much of the coverage of this latest fact acknowledges that in their stories.
Consider: while the OBL surveillance (though not the timing) was publicly reported, the maintenance records cited by the Iranians probably aren’t. But those details are more likely to be available not in the drone itself, but on Lockheed’s networks, which were hacked (though Lockheed claims no data was compromised) last year; everyone blames China for that hack. And if China has been able to access drone data off our networks like they’ve been able to access all our other weapons development data, then it would presumably make it a lot easier to break the encryption on the Sentinel drone itself.
Our fear-mongering about Iran, as well as our overthrow of Qaddafi and efforts to overthrow Assad, has far more to do with efforts to shore up Saudi–and therefore US–hegemony in the key oil-producing region of the world than nukes. And while China has been cozying up to the Saudis in ways that ought to make us rethink our unquestioning pursuit of Saudi goals, our efforts to eliminate any counter-weight to Saudi power in the region is a real threat to China (not to mention our ability to wage war in the African countries China has spent a decade cultivating by pressing a few buttons in Nevada). Precisely the same kind of threat we judged Russian expansion into Afghanistan to be in 1979 when we started funneling money–and ultimately, some years later, Stinger missiles–to the mujahadeen. The Stinger missiles took away Russia’s air superiority and with it their ambitions to keep Afghanistan and ultimately, their commitment to empire more generally.
So while it may comfort the public to be told Iran could never manage to reverse engineer our drone, the possibility that China and Iran may be making real progress in neutralizing our favorite new weapon would presumably worry the national security establishment. Just in time for Iran to enter negotiations and in such a way that the implicit threat from China is understood.
These blustery experts should have listened to me when I warned that China’s ability to access our defense networks with ease was far more dangerous than Bradley Manning and his Lady Gaga CD.
“These blustery experts should have listened to me when I warned that China’s ability to access our defense networks with ease was far more dangerous than Bradley Manning and his Lady Gaga CD.”
Absolutely.
This is quite a bonanza for Iran. You could say it is aiding the enemy, and providing material support to terrorists. That is clever, giving Iran a hard drive with classified info. Maybe there was “stealth technology” on this Drone provided to Iran. If it flew over the Military Base at Abottabad, it had to be stealthy.
Once again the question, is this another Failure or is it some fiendishly clever Spy Op. I am guessing Fail.
And the info warriors at “Foreign Policy”are telling us to be very afraid. Al Qaeda has not been destroyed. They have only been on vacation.
Plus, Al Qaeda and Iran might become allies. It could happen. Really it could. And Also Foreign Policy tells us that the “Arab Spring”, democracy for the Mideast, is a bad thing.
nice long view.
That repair data is mot re likely to be obtained from Lockheed’s plant than the drone is not necessarily true.That sort of kit could well have embedded test equipment which would log when and what plug-in accessed it.Which doesn’t explain how the data they accessed identified the location. So your assessment is probably partly true.
The part I love is China hires the best hackers in China to go after others secrets and we put them in jail if we can catch them;) Go figure.
I loved Paul rant from the other day, how true.
http://www.paulcraigroberts.org/2012/04/19/unplugging-americans-from-the-matrix/
@Frank33:
Plus, Al Qaeda and Iran might become allies. It could happen. Really it could
I doubt it and yes yesterdays enemies is today friends but not among these two.
Foreign Policy tells us that the “Arab Spring”, democracy for the Mideast, is a bad thing.
I guess they have drank the cool aid found it pleasurable, how sad for them
I suspect that the Iranians might have been able to put a lot of this together just from metadata, even if all the files are encrypted. Embedded systems engineers are notorious for creating file names that include dates or other information like site ids. OTOH, if I were the Iranians, I would be using a cutout to pump the data to Amazon’s cloud computing system for decryption. I am unconvinced that the “self-destruct” scenarios really work in a size and mass constrained system like a drone.
They seem to be assuming that no one in Iran has the skills or knowledge to understand technology more recent than 1980.
You’re right EW, but by definition the blowhards were not going to listen.
All of the above sounds about right. What you’ve hypothesized, chetolian@4, Wm Ockham@7, and P J Evans@8. I’d add the compromise of the drone flight controllers to the mix. It is possible they could tie the drone back to individual flight data right off the operator’s console. Access there might have already helped with drone acquisition.
With the Russians and Chinese having an interest there are a lot of capabilities and information sources. Both have been technically very good when they choose to invest the resources. Once they’ve got their hands on the drives it’s really a question of how hard they are willing to work to get at the data. And, as P J notes, despite the way our propaganda sells it, the Iranians are not dumb either.
It’s always easier if you can get at stuff before it’s encrypted, or behind it. Data downloaded or transmitted from the drones to compromised Lockheed systems could provide that access, as could infected controllers.
The arrogance (blustery expert trait) that embraced trivial levels of communications security on drones for almost 15 years was mind boggling. That wasn’t the first case, we are security bimbo recidivists. How well were the on-board systems secured?
That drone has been around for a few years. When were the systems spec’d? Security almost always carries a price in performance, capacity, weight and energy. All of which could be issues in a drone. How many corners got cut? Certifying new hardware/software is a pain in the butt and time consuming, that can be a barrier to upgrading.
You have it scary right on the threat posed by massive information system compromise. As scary is the potential for exploit caused by globalized outsourcing of components, firmware and drivers.
When they were assembling them on the next line over from the Ipads might the thoughtful Chinese have added a little something to disk controllers to make drives easier for them to access? Chinese tumbdrives that shipped with rootkits pre-installed are an example.
With potential compromise at the hardware level, massive systems breaches, and the Narus (Israeli designed – surely no back doors there) systems NSA uses, all of the TIA frightfulness and our massive military/security state could be just a huge false front waiting to collapse. That could put a new meaning to the “Hollow” in “Beef Hollow Rd”, and revive “Where’s the beef?”.
All hat and no cattle hasn’t changed much. Like you said, “blustery experts”.
It’s very likely that the maintenance logs are totally isolated from the operational systems of the drone and that the designers didn’t recognize the necessity of hardening access to the maintenance data.
Thus they may have access to potentially embarrassing data but not to the functional code that actually operates the drone or interface data (communications frequencies, encryption codes, command codes) that would seriously compromise the entire drone fleet. That is until we perform software updates that obsolete the knowledge they have gained.
After that would be flight code that could be used in development of new aircraft with inherently unstable designs (like the B2). That would be extremely useful to the Chinese and the Russians.
Beyond access to the computer systems, physical access provides them a means to probe for vulnerabilities. Either for detecting or more easily compromising drones in the future. For instance are there tell-tale radar signatures that uniquely identify the drone as an aircraft even though it may have the radar appearance of say a sparrow? If they wanted to shoot a drone down what would be the best place to target while doing minimal damage?
As far as on board systems security is concerned consider that we have had hardware based encryption for many years in the commercial world and so its implementation costs should be minimal both in actual costs and weight/power/implementation costs. Specifically I’m referring to AES and TPM security.