[liberationtech] SpyPhone: Pentagon Spooks Want New Tools for Mobile bExploitationb

[frank at journalistsecurity.net]

This piece is from Wired.

http://www.wired.com/dangerroom/2012/12/dia-devices/

SpyPhone: Pentagon Spooks Want New Tools for Mobile bExploitationb
BY SPENCER ACKERMAN12.13.122:56 PM


A U.S. soldier takes a picture with his cellphone, December 2010. The
Pentagonbs spy corps is looking for better tools to collect and sift
through data from mobile devices. Photo: U.S. Army
The Pentagon wants to upgrade its spy corps. And one of its first jobs
will be finding out whatbs on your iPhone.

If the Defense Intelligence Agency (DIA) gets its way, itbll send an
expanded cadre of spies around the world to scope out threats to the
U.S. military. And it wonbt just be a larger spy team, itbll be a
geekier one. The DIA wants btechnical exploitationb tools that can
efficiently access the data of people the military believes to be
dangerous once their spies collect it.

Thatbs according to a request for information the DIA sent to industry
on Wednesday. The agency wants better gear for btriage and automation,
advanced technical exploitation of digital media, advanced areas of
mobile forensics, software reverse engineering, and hardware
exploitation, reverse engineering, and mobile applications development &
engineering.b If DIA runs across digitized information, in other
words, it wants to make rapid use of it.

One of the emphasized cases here is bcaptured/seized media.b Think,
for instance, of all the flash drives, hard drives and CDs that Navy
SEALs seized during the raid that killed Osama bin Laden. Flynn wants to
understand both the text theybd contain, through bautomation support
to enable rapid triage,b and their subtexts or metadata, using
bsteganographyb tools to decipher coded messages and bdeep
analysis of malicious code/executables.b And thatbs on top of
bdeep hardware exploitation of complex media with storage capacityb
and reverse-engineering tools bto discover firmware artifacts.b


As data goes mobile, in peoplebs pockets and backpacks, so goes the
DIAbs focus. The agency wants bcustom solutions that allo[w]
exploitation of mobile devicesb like cellphones and tablets bnot
commonly seen or devices not supported by commercial kits or tools.b

All this is part of an overhaul the DIA is experiencing under the new
leadership of Army Lt. Gen. Michael Flynn. Flynn spearheaded a similar
push when he was the chief intelligence officer for the Joint Special
Operations Command, pushing its operatives to focus as much on snatching
a dead terroristbs hard drive as on killing him in the first place. At
DIA, Flynnbs part of the creation of an enlarged spy corps called the
Defense Clandestine Service, which is supposed to work alongside the CIA
to cultivate networks of snitches. Itbs already meeting some
resistance.

Internally, the DIA is heavily bureaucratic: About half of its 17,500
employees arenbt out in the dangerous parts of the world, theybre
based in and around Washington. Flynnbs hired six private security
contractors to train his employees in self-defense, rugged living and
other necessities of an expeditionary lifestyle, an effort worth $20
million. Just as substantially, Flynnbs congressional overseers are
dubious. The Senate version of next yearbs defense bill, approved last
week, prohibits the Pentagon from hiring any additional spies until it
can bdemonstrate that it can improve the management of clandestine
HUMINT,b a term for human intelligence.

But the technical exploitation tools DIA wants donbt have to wait for
any such demonstration. The current Defense spy corps can use them just
fine. And in keeping with Flynnbs history of rapidly pushing
information from the special operators who collect it to the analysts
who make sense of it, the wish list seeks tools to integrate all this
data binto local and national databasesb& and made readily available
to analysts from the tactical to national levels.b

If all of this sounds broad, that may be the point. The wide net DIA is
casting pertains to bcollection, transmission, prioritization,
analysis, and dissemination of collected/captured materiel, and advanced
technical exploitation tools application, configuration support, and
training functions to units worldwide.b Even if the Pentagon canbt
yet hire more spies, it can make the ones itbs already got much
geekier.


--
Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE