Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
The Military Government Networking Security United States IT Technology

Why Warriors, Not Geeks, Run US Cyber Command Posts 483

koterica writes "The Washington Post explains why the military prefers to have combat veterans rather than geeks running network security. '"It was supposed to be a war fighter unit, not a geek unit," said task force veteran Jason Healey, who had served as an Air Force signals intelligence officer. A fighter would understand, for instance, if an enemy had penetrated the networks and changed coordinates or target times, said Dusty Rhoads, a retired Air Force colonel and former F-117 pilot who recruited the original task force members. "A techie wouldn't have a clue," he said.'"
This discussion has been archived. No new comments can be posted.

Why Warriors, Not Geeks, Run US Cyber Command Posts

Comments Filter:
  • Umm (Score:4, Insightful)

    by Anonymous Showered ( 1443719 ) on Saturday September 25, 2010 @01:27PM (#33697824)

    Why not train the geeks to understand all the technical details?

    • Re:Umm (Score:5, Interesting)

      by Anonymous Coward on Saturday September 25, 2010 @01:29PM (#33697840)

      Well, why not train the warriors to understand all the geeky details?

      • Re:Umm (Score:5, Insightful)

        by Anonymous Showered ( 1443719 ) on Saturday September 25, 2010 @01:31PM (#33697852)

        I would like to think that true geeks learn at a quicker pace than most people, and are generally more adept at problem-solving.

        • by Presto Vivace ( 882157 ) <ammarshall@vivaldi.net> on Saturday September 25, 2010 @01:36PM (#33697890) Homepage Journal
          besides, it is not as if there are not plenty of geeky soldiers. I heard a presentation on how one outfit in Iraq downloaded all this free software because what they had was not sufficient for their needs and they did not have time to go through the procurement process, so they took the free software.
          • by Xaositecte ( 897197 ) on Saturday September 25, 2010 @02:37PM (#33698348) Journal

            this is generally a case of one guy being smart enough to "think outside the box" and having a supervisor \ commanding officer willing to encourage that instead of quashing it and putting him back in line.

            Said people also usually leave the military pretty quickly once their enlistment contract is up.

          • by HungryHobo ( 1314109 ) on Saturday September 25, 2010 @02:37PM (#33698352)

            Ok... reading that article made me cringe.
              Cyber Command has reunited the missions.

            Though the task force in the early years lacked clout, it did have some notable successes, veterans said. During Moonlight Maze, it issued the first military-wide order to change passwords, said Marc Sachs, who had been an Army engineer. And it instituted precautions to ensure that military networks would be protected against any "Y2K" calamity.

            On New Year's Eve 2000, a group of task force members watched a bank of clocks as first Japan, then Australia passed into the new millennium without incident. When that happened, they were confident the United States would follow suit, Sachs recalled.

            A few minutes after midnight, Campbell and several other members ascended to the DISA roof top. They gazed across the Potomac River and saw the lights in the capital city still blazing. They lit their cigars and watched the fireworks shoot across the sky.

            Their great successes: They changed passwords and their networks were not wiped out by the Y2K bug!
            Truly the US has the best "cyber-warfare" capabilities in the world!

            "The intelligence could be obtained through computers, satellites or other technology, or by more traditional means, he said, recalling the time he sent "a human agent into a foreign marketplace to buy a CD of hacker tools" to better understand a particular attack that had taken place. "

            Another triumph!
            they bought a bunch of password crackers, keygens, scanners and sniffers.
            Any bets on how much of it was really secret and how much of it was merely secret to people who haven't a clue about where such tools can be found normally?

            And don't forget, once "warriors" are in charge rather than real network security specialists every attack becomes the actions of whoever the favourite villain is rather than just another botnet herder or teen hacker.

            The attacks, dubbed Solar Sunrise, appeared to be coming from overseas, including from the United Arab Emirates. Intelligence officials thought Iraqi President Saddam Hussein might have ordered them.

            "It looked as though Saddam was about to take down massive amounts of infrastructure . . . because we were threatening to bomb him," recalled one former intelligence official. Tensions were building. President Bill Clinton was briefed. Senior officials convened another meeting in the Pentagon's "tank," the Joint Chiefs' conference room. The threat was no longer hypothetical, it seemed.

            Then the real culprits were identified: A pair of 16-year-old boys in California and a teenager from Israel who had exploited a known vulnerability in the Solaris (UNIX) operating system.

        • Re:Umm (Score:4, Insightful)

          by murdocj ( 543661 ) on Saturday September 25, 2010 @01:55PM (#33698034)

          You might like to think that. I might think that a warrior, who has to learn or die, learns at a quicker pace than most people, and is more adept at problem solving.

          By the way, I'm a geek, not a warrior. I'd love to think that geeks are smarter and maybe even sexier. I just haven't seen any evidence yet.

          • Re:Umm (Score:5, Insightful)

            by Moryath ( 553296 ) on Saturday September 25, 2010 @02:01PM (#33698088)

            I might think that a warrior, who has to learn or die, learns at a quicker pace than most people, and is more adept at problem solving.

            Bullshit. Sad but true, soldiers are taught two contradictory things: "return fire" and "follow the Rules of Engagement." This leads to all sorts of trouble, especially since the "Rules of Engagement" for Iraq and Afghanistan are thicker than a copy of Tolstoy's War And Peace in 10-point font.

            Add to that the fact that this is not a front-line duty. They're not going to be sitting there personally shot if they don't get something right. What's needed is specialists adept at detecting network intrusion, checking over the logfiles, ensuring that there aren't holes in security in the first place. This isn't reflex action, this is deliberative effort.

            • Re:Umm (Score:4, Insightful)

              by Registered Coward v2 ( 447531 ) on Saturday September 25, 2010 @04:21PM (#33699084)

              I might think that a warrior, who has to learn or die, learns at a quicker pace than most people, and is more adept at problem solving.

              Bullshit. Sad but true, soldiers are taught two contradictory things: "return fire" and "follow the Rules of Engagement." This leads to all sorts of trouble, especially since the "Rules of Engagement" for Iraq and Afghanistan are thicker than a copy of Tolstoy's War And Peace in 10-point font.

              Actually, they aren't contradictory; one defines when you can do the other; and you are over-simplifying the situation. The military has leaders who guide actions and troops that do things.

              Add to that the fact that this is not a front-line duty. They're not going to be sitting there personally shot if they don't get something right. What's needed is specialists adept at detecting network intrusion, checking over the logfiles, ensuring that there aren't holes in security in the first place. This isn't reflex action, this is deliberative effort.

              The key point is, as with any situation, you need someone who identifies what is happening (the geek grunts) and someone who can put it into context (the warrior leaders). In this situation, the geeks are doing the grunt work and leaders deciding interpreting what has happened and deciding what to do next; as in any military situation.

          • by dbIII ( 701233 ) on Saturday September 25, 2010 @07:48PM (#33700366)
            This "warrior" shit is quite stupid when what we really want is soldiers instead of the berzerk dumb vikings Rumsfeld wanted when he shut down all those training courses. It's going to take a few years to recover from his attempt to "change the culture".
            Some of the most intelligent technical people I know are ex-military from a few years back. It takes all types, and the military used to know that. I really can't see a non-political reason why the usual practice of rotating people around to give them the experience they need was not followed instead of having the team above. If you want a good radar technician with infantry experience then you give that good technician the experience instead of expecting quick results the other way.
            It just looks like the politics of somebody seeing on part of the force as "worthless" and putting their own guys in. Nothing to see here apart from poor management.
        • by account_deleted ( 4530225 ) on Saturday September 25, 2010 @03:09PM (#33698562)
          Comment removed based on user account deletion
      • Primarily because system/network security takes longer to train someone in than half a dozen "warrior" MOSs put together. Take it from a guy who's done both.
      • Same reason numerous engineers go into technical management.

        You can teach an engineer to manage, for the most part you can't teach managers engineering.

        There have to be some technical people in the military that could be promoted from within into these positions rather than just a throttle jockey.

      • by Anonymous Coward

        American "warriors" haven't even had much success with their warmaking abilities over the past 60 or so years.

        It was mostly European scientists who won WWII for the Americans, thanks to their development of nuclear technology.

        The Korean War was basically a draw. In many ways, it was an outright loss for the Americans, since they've had to keep troops stationed there for decades now, and this is quite costly.

        The Vietnam War was indisputably a major loss.

        The Cold War was initially thought to be an American "w

        • The Korean War was basically a draw. In many ways, it was an outright loss for the Americans, since they've had to keep troops stationed there for decades now, and this is quite costly.

          By that logic, the Revolutionary War was a loss, because we've needed a US-based military for 200 years.

        • by morgan_greywolf ( 835522 ) on Saturday September 25, 2010 @02:37PM (#33698340) Homepage Journal

          It was mostly European scientists who won WWII for the Americans, thanks to their development of nuclear technology.

          Oppenheimer was an American born in New York City. Einstein took the oath to achieve American citizenship in 1940.

          The Korean War was basically a draw. In many ways, it was an outright loss for the Americans, since they've had to keep troops stationed there for decades now, and this is quite costly.

          By that logic, the Cypriots must have the most powerful military in the world.

          The Cold War was initially thought to be an American "win", but it was more due to problems within the USSR, rather than anything America did.

          Not really. The problems within the USSR were largely caused by pressures due to their participation within the Cold War. In a sense, the U.S. won the Cold War by out-producing the Soviets.

          The First Gulf War can barely be considered a war, given that their enemy was almost non-existent, and had itself been subject to a decade of devastating war just before.

          The First Gulf War was nothing but a display of muscle to show Saddam Hussein that he didn't know who he was messing with.

          The Second Gulf War was a complete failure.

          It depends on how you define success. If by "success" you mean did the U.S. achieve regime change? No failure there. If by "success" do you mean did the U.S. achieve peace in Iraq? If so, I'm fairly sure that was never a goal of the U.S. military.

          The War in Afghanistan has been nothing but a disaster, as well.

          Again, no. The goals in Afghanistan were: 1) overthrow the Taliban (check) 2) bring various members of Al Qaeda to justice (check) 3) capture Osama Bin Laden. The status of the 3rd item is, at best, inconclusive, but the other 2 goals have been largely achieved.

          • Re: (Score:3, Insightful)

            by iluvcapra ( 782887 )

            Oppenheimer was an American born in New York City. Einstein took the oath to achieve American citizenship in 1940.

            Oppenheimer was an astrophysicist who was hired for his administrative abilities, Einstein had nothing to do with the atom bomb program, aside from signing a letter (which he did not write). Niels Bohr, Enrico Fermi, Teller, Ulam, Von Newmann, Bethe all left Europe and became Americans, it is true, but it's important to recognize they came to America for essentially negative reasons -- their ho

          • Re: (Score:3, Insightful)

            by sqrt(2) ( 786011 )

            In a sense, the U.S. won the Cold War by out-producing the Soviets.

            This is a myth perpetuated by some on the right and in the military. The Soviet Union collapsed under its own mismanagement, incompetence, imperialism, and paranoia (sound like another country you know of?). The US did very little to actually hasten the collapse except for exist as a scapegoat they could blame all their problems on without actually addressing any internal issues. Moreover, the USSR was never a credible threat to US national

          • by hedwards ( 940851 ) on Saturday September 25, 2010 @06:07PM (#33699822)
            No, the second gulf war was a complete and utter failure. We sent troops in to prevent Al Qaeda from gaining WMDs from Saddam. We lost thousands of lives on our side and they lost at least 10x as many and the objective turned out to be completely pointless, as Saddam didn't have any WMDs and he wasn't in any sort of talks with Al Qaeda.

            In other words we lost a huge number of our personnel for nothing at all, that's about as big a failure as you're going to get. Worse is the fact that after we invaded, then we got terrorists going in. And it gave us a huge black eye with the folks that we needed to get on our side.

            I suppose that it could've ended up without any state at all there and they could've got WMDs, but that's really not any worse, considering that now we've got Iran using their weapons to menace other nations as a result of our incompetence.
    • Re:Umm (Score:4, Funny)

      by mfh ( 56 ) on Saturday September 25, 2010 @01:29PM (#33697842) Homepage Journal

      Geeks cannot be trained. We are all hatched.

      • the sky is blue; I write in C.

        (huh??)

        • by Temposs ( 787432 )

          GP made a reference to Starcraft. In Starcraft, Terran fighting units are "trained". The Zerg race, which is a race of bug-like creatures, "hatches" its fighting units out of eggs.

          So, GP is implying that geeks are of the Zerg race. :-)

    • Re:Umm (Score:5, Funny)

      by zill ( 1690130 ) on Saturday September 25, 2010 @01:40PM (#33697922)
      We have flame-wars about OS, distribution, editor, and even browser.

      What do you think would happen in those flame-wars when we get our hands on stealth bombers and ICBMs?
      • Re: (Score:3, Funny)

        by Moryath ( 553296 )

        Nothing. The geeks would all be too busy figuring out ways to get the stealth bomber and ICBM onboard computers to run Pong, Tetris and then Super Mario Bros.

    • Re: (Score:3, Insightful)

      by CarpetShark ( 865376 )

      Why not train the geeks to understand all the technical details?

      Because geeks have a mind of their own?

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      You can train a geek to understand all the technical details but military has no use for people who questions authority and with a tendency to rebel.

      • Re:Umm (Score:5, Insightful)

        by couchslug ( 175151 ) on Saturday September 25, 2010 @02:23PM (#33698270)

        "You can train a geek to understand all the technical details but military has no use for people who questions authority and with a tendency to rebel."

        No, the military has little use for self-centered cunts, because there is sound reason for the authority structure.

        My solution would be to train both groups together so the geeks get combat time (real, not fapping in some FOB) and send the "warriors" (WTF ever happened to calling soldiers "soldiers"?) for tech training so NEITHER group thinks the sun shines out their arse.

        • Re:Umm (Score:4, Insightful)

          by VoidCrow ( 836595 ) on Saturday September 25, 2010 @04:12PM (#33699018)

          > No, the military has little use for self-centered cunts, because there is sound reason for the authority structure.

          Absolutely. The authority structure is a part of the support mechanism for the self-centered cunts at the top, courtesy of the deluded cunts who believe in them.

        • Re: (Score:3, Informative)

          by xaoslaad ( 590527 )
          Army calls their people 'soldiers', Marines usually refer to theirs as 'warriors'. It is generally a bad idea to call a Marine soldier. I know when I was in I would have taken serious offense to it. I can't tell you how Army feels about being called warriors, never interacted much with anyone but Navy and Marines.
    • I don't understand the assumption that geeks have to be wussies. I'm certainly not a wuss on the intellectual level. Physically I'd get my ass beat down but intellectually I can hold my own with anybody.

    • Re: (Score:3, Insightful)

      by DerekLyons ( 302214 )

      Why not train the geeks to understand all the technical details?

      Because it's not all about the details - it's a mindset, an attitude. It can't be taught, but it can be learned by example and by living it. But the real problem is that geeks tend to ignore things like personal hygiene and the social graces because they don't see them as useful skills - which makes them equally unlikely to absorb the lessons of the military mindset.

      The other problem is that a key part of the 'military mindset' tool k

  • Bullshit (Score:5, Insightful)

    by PakProtector ( 115173 ) <cevkiv@@@gmail...com> on Saturday September 25, 2010 @01:28PM (#33697828) Journal

    That is entirely what that sounds like.

    • Military social structure uses bizarre and arbitrary rights of passage, shibboleths, coded jargon (like "war fighter," because too many people think they know what a "soldier" is, means, and does), and social signifiers in order to maintain hierarchy and moral legitimacy. Shocking.
    • Re: (Score:3, Insightful)

      by gandhi_2 ( 1108023 )

      Not that you would know.

      There are things that you would have to have been in the culture for a while to understand. Yesterdays story about the predator code showed a lot of smart people don't know shit about laser-guided missiles.

      It may be easier to teach tech to warriors than it is to make warriors out of techs. YMMV obviously.

      • Re:Bullshit (Score:5, Insightful)

        by TheLink ( 130905 ) on Saturday September 25, 2010 @01:45PM (#33697966) Journal
        But running network security? If the emphasis is "warrior" for the job, good luck to them.

        Maybe that explains why Gary McKinnon and others managed to hack into so many military computers.

        I know enough about cars to know whether my mechanic is bullshitting me or to know when to send my car for servicing. But I'm not good enough at it to do his job well.
      • Re:Bullshit (Score:4, Insightful)

        by poetmatt ( 793785 ) on Saturday September 25, 2010 @01:49PM (#33697992) Journal

        In both situations it becomes the same thing. You have someone familiar with the combat perspective and someone with the tech perspective.

        What does it matter which comes first? This is like a chicken and egg argument which doesn't make any sense.

        • I love me some "warrior" MOS guys but it really, really matters. You want someone coming into the job already possessing the necessary skills, because training a system/network security expert up to competence would take years.
          • Re: (Score:3, Insightful)

            by poetmatt ( 793785 )

            and so would expecting some IT dude to be able to pick up military terminology without previous experience.

            it goes both ways.

      • Re: (Score:3, Interesting)

        "Warriors are capering heroes, good only for dying when they meet trained troops." The equivalent in the network security realm is the flashy wannabe uberhacker vs. the solid network administrator who gets the job done. It doesn't really matter where the military gets the people, only that they're more of the latter than the former -- whether that's on the battlefield, or sitting behind a desk.

    • Re:Bullshit (Score:5, Interesting)

      by iamhassi ( 659463 ) on Saturday September 25, 2010 @01:47PM (#33697980) Journal
      It is. I'm on /. and I was a tech geek in the military, MOS 74B [ebscohost.com]

      I don't think he understands that civilians enlisting for those positions were techies before they joined the military. Just because I can type like the wind and work my way around a linux distro doesn't mean I can't shoot a M16A2 or M4
      • Right, but think about the length of AIT for someone who's a dead noob but got a good ASVAB score. The skills really need to exist first.
      • >>I don't think he understands that civilians enlisting for those positions were techies before they joined the military. Just because I can type like the wind and work my way around a linux distro doesn't mean I can't shoot a M16A2 or M4

        And vice versa, not all "real soldiers" are idiot jarheads. While there's a lot of it, with the time I spent in and around the air force, the officers (almost) always impressed me with their professionalism and commitment to learning. The best leaders know enough abou

    • by crovira ( 10242 ) on Saturday September 25, 2010 @01:50PM (#33698008) Homepage

      figuring out what a piece of obscured code actually does when connected to the internet, loading itself into a page making it past a firewall, unpacking itself in RAM, going through all of your cookies and sending those back to an IP address, loading the next snooping segment and going through your mail client, and on and on.

      Surely its a lot harder to figure out what that alphabet soup of nonsense abbreviations mean.

      Oh wait, you've never seen an assembler dump with all of the nonsense it creates with actual variable names being referred to as the program-base address + offset locations ... Get the idea?

      How asinine...

      • by jd ( 1658 ) <imipakNO@SPAMyahoo.com> on Saturday September 25, 2010 @02:58PM (#33698494) Homepage Journal

        Does it matter what the acronyms mean? If you are given some string S, and that string has a SHA256 hash value of H(S), and the system is later found to have a value of S' with a hash value of H(S'), where H(S) and H(S') are not equal, what the effing hell do you care what those strings mean? S and S' are not the same. It doesn't matter how long or complex S and S' are, it doesn't matter if they're in an alphabet you don't understand, it doesn't even matter if the author is from Alpha Centauri. You can still do the comparison.

        Ok, so let's say that there are some rules that go along with it. XY = YX except when preceded by A or followed by B, for example. Pfft. A competent geek can break strings down into the legal substrings following logic so far beyond "normal" comprehension as to appear beyond belief. (For example, it doesn't matter if LAT:LONG is given as LONG:LAT if the two fields are named, "3 north" = "north 3" except when followed by "west" and no units, and so on.) Each substring can be hashed independently, or sorted into some sort of natural order and then hashed. A geek can do this far, far, far better than any non-geek, as illustrated by the fact that ordering rules and substitution are the two areas of maths non-geeks complain about the most. If they can't handle basic algebra in a classroom, they expect us to believe they can handle it under fire?

  • Both? (Score:5, Insightful)

    by HalAtWork ( 926717 ) on Saturday September 25, 2010 @01:33PM (#33697858)
    Why can't they be both? I'm sure people are fully capable of understanding tactics as well as programming. The designers of games such as Metal Gear Solid 2 undertook SWAT training to create more realistic AI, and the designers of America's Army clearly had to understand military training and combat situations.
  • His comment (Score:5, Insightful)

    by Voulnet ( 1630793 ) on Saturday September 25, 2010 @01:33PM (#33697864)
    His comment is proof enough that he should be nowhere near the controls of this Command Post.
  • Or Maybe? (Score:5, Insightful)

    by Comen ( 321331 ) on Saturday September 25, 2010 @01:35PM (#33697876)

    Should it not read "Why Asshole Warriors not Geeks run the world?"

  • Maybe so but .. (Score:5, Insightful)

    by AftanGustur ( 7715 ) on Saturday September 25, 2010 @01:35PM (#33697882) Homepage

    A techie would understand if the mailserver were suddenly starting to make base 64 encoded TXT DNS requests to a server in Taiwan or if there was an unusual high number of HTTP requests leaving the network that resulted in a 503 or 302 response.

    A Techie would understand how to exploit the kerberos ticket system and how to look for signs of, and reduce, such abuse on the network.

    A techie would also more likely understand what anomalies could be a sign of a breach and what was more likely a software error.

    • Re: (Score:3, Insightful)

      by gandhi_2 ( 1108023 )

      Or a techie could run the school to teach warriors all about this stuff.

    • Re:Maybe so but .. (Score:5, Insightful)

      by l0ungeb0y ( 442022 ) on Saturday September 25, 2010 @01:47PM (#33697982) Homepage Journal

      Maybe, but they'd also be more inclined to blame-storming and proving they were right while the shitstorm goes critical. I myself being a techie having dealt with many start-ups, it's clear that most techies have too much ego and lack the discipline to shut the fuck up and work as a truly tight-knit team to meet an objective on a moments notice.

      These men aren't mere grunts. They are trained and skilled military men who have demonstrable technical aptitude and skill.
      Like many things in the world, it CAN be both things, not just one or the other. So stop pretending these guys aren't as technically qualified as you.

      • Re: (Score:3, Interesting)

        by Anonymous Coward

        So stop pretending these guys aren't as technically qualified as you.

        They aren't. You know why? Because I taught them everything that they know, but I didn't teach them everything that I know.

      • Re: (Score:3, Informative)

        by hedwards ( 940851 )
        But, they probably aren't. I'm sure if you ask around, there's a surprising number of people who at 18 already had years of experience dealing with technical systems. You're not going to do a crash course and catch somebody up in even several years. It's just not going to happen. Hell, by the time I was of enlistment age, I already had the better part of a decade under my belt dealing with computers. And that was back when AOL was huge, OSX didn't exist and a person could wear a turtle neck without worrying
    • A fighter would understand, for instance, if an enemy had penetrated the networks and changed coordinates or target times

      Only if the enemy wasn't skilled enough to leave in the correct coordinates and target times, and just slightly change and obfuscate the code to the point where the warrior wouldn't understand that different coordinates or target times were being loaded at the last critical point.

    • It would seem to me that you need an interdisciplinary approach. Doesn't a platoon have a variety of people with different specializations? Not everyone necessarily has the same gun, there may be over half with the same rifle, but there are people that operate other equipment, maybe you have maybe two people that operate the mortar, someone on the radio and so on. You want people trained to use the equipment in question, and that training should be on what to look for. The examples given don't seem like

    • by MoogMan ( 442253 )

      A non-technical manager of a technical department will never be able to make the type of informed decision that a previously technical manager would be able to.

      That's why companies like Google and Amazon are performing and scaling so well - because their IT management structure were geeks too.

  • by wdhowellsr ( 530924 ) on Saturday September 25, 2010 @01:42PM (#33697934)
    The reality is that this is a military operation and there is no such thing as an out of chain command post. The President currently has the ability to shut down the Internet especially if National Security is at risk. That order would have to follow military chain of command and I would prefer a soldier with real-world experience than a cubicle geek. Also the need to immediately respond to a scuttle order that destroys all of your toys would be followed much more quickly by a soldier. I hate to say that I would actually pause for a few seconds trying to save at least some of my hacks and code source, who wouldn't.
    • Re: (Score:2, Flamebait)

      by spire3661 ( 1038968 )
      If i was in charge of operating a kill switch waiting for the kill command, there would never be a moment where my data was at risk to be lost. MY entire infrastructure would be built around the premise that it is all lost in one keystroke. NO, i wouldn't pause as a geek, because I would have prepared in advance. In short, you are an idiot and falsely presume that a soldier will take his national security job more seriously then a civilian in the same position and gravity of situation.
  • by foniksonik ( 573572 ) on Saturday September 25, 2010 @01:42PM (#33697938) Homepage Journal

    If the attackers are warriors trained to infiltrate networks to look for or alter data then by all means use warriors to defend. Otoh if the attackers are geeks trying to disable or subvert the network itself use geeks to defend.

  • by l3v1 ( 787564 )
    "A techie wouldn't have a clue," he said.

    If we're really taking on which training and backgrond would be better, then I say a tech training atop a military training might work, but a military training atop a tech training would be much better in such situations. I do not believe the colonels' lines have any real merit in this case. At the least, it's very hard to believe.

    They gazed across the Potomac River and saw the lights in the capital city still blazing. They lit their cigars and watched the fir
  • by Animats ( 122034 ) on Saturday September 25, 2010 @01:49PM (#33697996) Homepage

    That's appropriate. Military command training (at least in the US) focuses on making the right decisions under pressure with contradictory information. The big questions are military: who is the enemy? What are they trying to accomplish? What are their capabilities? What else is going on that benefits from this? Is this is a diversion or the main attack?

    The military view of this is quite different from the civilian view. In the civilian sector, there's an ongoing stream of minor attacks to be fended off. Most computer security efforts focus on that. The military thinks of that as people throwing rocks over the fence - an annoyance to be dealt with, but not a serious enemy. They're much more worried about the threat that you don't detect until the enemy pulls the trigger on it.

    • I can understand about military situations being distinctly different from civilian ones. But this seems really dumb. What you want is people who can see patterns in stuff happening that nobody else would notice. You want human intrusion detection.

      The most dangerous cyber attacks are very subtle. I think talent and familiarity with the technical details are much more important than the ability to make quick decisions under intense pressure.

      The ability to make decisions under a lot of pressure can be an

  • by Silverhammer ( 13644 ) on Saturday September 25, 2010 @01:51PM (#33698012)
    The petulance and deluded self-importance of many replies here are all the proof we need that geeks are not suited to the serious business of war.
    • Re: (Score:3, Informative)

      by hedwards ( 940851 )
      Or a reflection of the fact that the DoD has had a series of exploits which even a moderately qualified sysadmin would've been able to prevent. The attacks may have, and probably would've, happened anyways, but it would've taken at least some technical competence. I mean, honestly, a network definitely isn't secure if it hasn't got a password at all.

      It's really, really hard not to feel superior to that sort of incompetence.
  • The real reason probably has a lot more to do with the fact that we're even sitting around here on a Saturday afternoon questioning the decision. Geeks tend to think they're smarter than everyone else (just because its usually true, doesn't mean it always is), tend to question authority, and hate to be told what to do. If you give a geek a little bit of authority, they tend to get extremely dictatorial over their small little domain.

    How likely is it that "true geeks" would really be able to fit into a mil

    • Re: (Score:3, Insightful)

      by zbobet2012 ( 1025836 )

      The real reason probably has a lot more to do with the fact that we're even sitting around here on a Saturday afternoon questioning the decision. Geeks tend to think they're smarter than everyone else (just because its usually true, doesn't mean it always is), tend to question authority, and hate to be told what to do. If you give a geek a little bit of authority, they tend to get extremely dictatorial over their small little domain.

      The entire point is that this kind of stero-typing is both counterproductive and flat out stupid. The ability to make decisions under pressure has nothing to do with stuff like that. Many famous generals are noted for there intellectual pursuits. Does that make them "not suited to a chain of authority"? Infact spec-ops guys (say like McChrystal) are notorious for the disrespect for chains of command. Yet they are highly successful warriors.

  • by PPH ( 736903 ) on Saturday September 25, 2010 @02:00PM (#33698078)

    The military doesn't like geek or engineering types. They like veterans because of the training and conditioning they've received in following orders. This isn't just the military. It's common in many corporate settings as well.

    Give a problem to a soldier and they'll charge at it until its fixed. If its a machine gun nest, they'll keep charging until they run out of bodies. No questions asked. Give a similar problem to a geek and they'll examine the problem and devise a solution that keeps their ass from getting shot off. And they'll push back if the orders don't make sense.

    I have a number of friends who are ex-military (Korea, Vietnam and Gulf War). Some of them are brilliant, having gone on to receive PhDs, members of Mensa, etc. And they'll all sit around and bitch about command fuck-ups, inexperienced lieutenants and the number of friends lost due to errors on the battlefield. But ask them to picture a hypothetical situation where they are given an order about how to accomplish a goal. But the order is poorly conceived and will get themselves and their squad killed. But they have a better and safer way to accomplish the task. What do they do? Inevitably, the ex-military folks get this blank look and respond, "Follow orders".

    That's the kind of training the commanders (and the PHBs) want.

    • by zbobet2012 ( 1025836 ) on Saturday September 25, 2010 @02:06PM (#33698140)

      Some of them are brilliant

      So your entire post contradicts itself in short. Being a warrior, being conditioned to follow orders has nothing to do with whether or not you are good at math and enjoy hard science. There are many, many people who are both. Trying to "sub-divide" it so that you are either a geek or a warrior is really, really stupid.

      • Re: (Score:3, Insightful)

        by Skapare ( 16644 )

        His whole point is that when it finally comes down to following orders, even if they are totally fucked up, the soldier will follow the orders.

        FYI, one can be both a geek and a soldier. They will follow orders when under the command.

    • by codepunk ( 167897 ) on Saturday September 25, 2010 @02:19PM (#33698246)

      You are correct, I am a 10 yr combat veteran and your explanation is exactly why I would never work a Govt / Military position again. It is a virtual breeding ground of stupidity something I am very glad to be free of.

    • by dafoomie ( 521507 ) <dafoomie@hot m a i l . com> on Saturday September 25, 2010 @02:27PM (#33698284) Homepage

      You follow orders because you don't have the big picture. It may be that the manner in which you accomplish your objective is more important than the outcome, something that you're not aware of could easily depend on how and not if.

      The common failure among us geeks is that we tend to think we know more than everyone else. You don't always have all of the information in front of you, and thats an absolute necessity for the military.

    • by jamrock ( 863246 ) on Saturday September 25, 2010 @04:57PM (#33699336)

      Give a problem to a soldier and they'll charge at it until its fixed. If its a machine gun nest, they'll keep charging until they run out of bodies. No questions asked.

      I don't know where to begin to address this ridiculous idea. I served in the U.S. Army Infantry in the 80's and I'm willing to bet that I know a hell of a lot more combat veterans than you do. This notion that the military wants mindless automatons who follow orders without question is so utterly at odds with the the training I received that it's laughable. One of the most prized characteristics a soldier or Marine can possess is the ability to improvise, especially under pressure (read: people shooting at you).

      Contrary to popular belief fostered by countless poorly made war movies, combat units don't exist merely to break things and hurt people. It's about the mission, and they accomplish their mission by the threat of force, and failing that, by its application. The major reason fighting men and women put themselves in harm's way is not out of some sense of bravado or a thirst for glory. It's for the bonds of brotherhood they feel with their comrades and the reluctance to let them down by not doing their jobs.

      Many geeks tend to be loners, and in my experience have an inflated sense of superiority over those they consider to possess a lesser intellect. They tend to have zero understanding of the leap of faith required to put their very lives in someone else's hands, and conversely to accept that the lives of their buddies depend on their performing their part, no matter the personal dangers they may face. People who have never served don't truly understand the willingness to sacrifice for the greater good: the lives of your brothers; the successful completion of your mission; the knowledge that your mission is an essential part of a greater effort.

      I had the privilege of serving with many true warriors, men who desire peace above all and truly believed that a warrior's role is to end war, and if it's necessary to fight, to accomplish their mission with the minimum of bloodshed. These men adhered to the philosophy that the ultimate expression of the warrior ethic is to mold themselves through hard training, sacrifice, and an almost ascetic self-discipline, into weapons that a potential adversary would be loath to face, thereby avoiding conflict altogether. Nations start wars for one reason, and one reason only: because they think they can win. True warriors frown on wars of aggression and consider the outbreak of war to be a dramatic failure of political leadership, on one or both sides. In my experience, being both a warrior and a pacifist is not a dichotomy. And let me add that not all warriors carry weapons. Warriors are those willing to sacrifice for something greater. Firefighters, cops, nurses, teachers, EMT's count many warriors among their number, and in my view Richard Stallman is absolutely a warrior.

      Give a similar problem to a geek and they'll examine the problem and devise a solution that keeps their ass from getting shot off. And they'll push back if the orders don't make sense.

      Any leader worth his salt will also devise a solution that minimizes the danger to his men, while also accomplishing the mission. On July 1st, 1916, the opening day of the Battle of the Somme, the British Army marched across no man's land, rifles at the ready, dress-right-dress in perfect formation, toward the German positions. The acres of barbed wire channeled them into tight masses towards the few gaps, which German machine gunners had already ranged. The British suffered 26,000 casualties that day, the worst one-day loss in their long military history. Even though the high command were fully aware that 17th Century-style mass attacks were useless against automatic weapons, they discounted the machine guns and refused to alter their traditional tactics. Notably, one young British officer ordered his men to advance across t

  • The warriors are hungry for blood, and they are making up a fake threat of a "cyber war" to keep themselves occupied. Replace them with geeks, and the world will suddenly be safe again.
  • by Dahamma ( 304068 ) on Saturday September 25, 2010 @02:07PM (#33698150)

    What I don't understand in the slightest is why the article or /. responses are making a distinction between "veteran" and "techie"?? A veteran is someone with military training and experience. A "techie" (another stupid vague term) is someone with technical training. It seems obvious to me that the right person for this job is someone who falls into both categories, and given the technology used today in the military, there should be plenty of those.

    While the quote from the office was pretty stupid, it was also the only real mention of the term "geek" in the article. His point was he wanted competent technical people who also had military training, not "techie" civilians. And if I go in for laser eye surgery, I'd prefer the experienced ophthamologist perform it, not the guy who built the laser.

  • Works, assuming... (Score:4, Insightful)

    by Todd Knarr ( 15451 ) on Saturday September 25, 2010 @02:11PM (#33698186) Homepage

    It works, assuming that the military commander understands that this is both a military and a technical situation. If he sees something that raises a red flag to a military eye, he needs to call the techies' attention to it and have them determine whether it's something the tech ought to be doing or if it's really a problem (which shouldn't take the techies long). By the same token, though, he also has to listen to the techies and, when they see something that doesn't look like something the tech should be doing, pay attention to them and determine whether there's a military reason it's doing that or if it's really a sign of a problem. And if there's a military reason and the techies say "No! If someone's doing that, it's going to open up holes.", listen to them. They know the tech, just like the military guy knows the military side of things, and you can't/shouldn't dismiss the idea that someone on the military side's just being network-clueless and doing the network equivalent of telling a sentry to not demand identification from any HMVs with a general's star painted on them because a general's coming in for an inspection and you don't want to inconvenience him.

    Unlike a lot of the rest of the military, techies work best when they know what the goal is and why you want that goal accomplished, and what the restrictions on methods are and why they're there. We've proven in business time and time again that forcing them to just do whatever non-technical management tells them to do results in systems that utterly fail to do the job they're supposed to be doing (even though they meet every single requirement to perfection). There's a reason for the closing line to the filk: "It's just what we asked for, but not what we want!".

  • by DarthVaderDave ( 978825 ) on Saturday September 25, 2010 @03:48PM (#33698830)
    I guess what scares me is how out of touch these 'experts' are. I, for one won't be sleeping better.... Mostly because none of these guys understand a 'geek' would build a firewall an enemy couldn't penetrate, detect the hack, backtrace the IP and deploy units to capture the enemy. (Or do the geeks have to do that to?). Essentially you're putting this decision in the hands of people who don't know enough to make this decision. Truth is they don't know enough to know they don't know enough.
  • Nonsense (Score:5, Informative)

    by Tanuki64 ( 989726 ) on Saturday September 25, 2010 @04:24PM (#33699108)
    I am a 'geek'. Actually I am a freelancer who worked on a few military projects. Did I understand what I did from a military point of view? Nope, not a bit. I did not need to. A little bit simplified my work boiled down to: If you receive a message, which contains a value between x and y display a red icon, else display it in green. <--- Really simplified.

    Does this mean I am generally unable to understand the reasons behind those requirements? Of course not. I just did not care. Not my job.

    On another non-military project I got the task to help to develop some traffic simulation models. There I did quite a few consistency checks for the incoming data. Guess my customer was stupid to give me the job. According to the article (no, I did not the original) some old war veteran should have been much better suited for this task and might have been cheaper.

    A fighter would understand, for instance, if an enemy had penetrated the networks and changed coordinates or target times, said Dusty Rhoads, a retired Air Force colonel and former F-117 pilot who recruited the original task force members. "A techie wouldn't have a clue," he said.'"

    Utter nonsense. If those changes can be determined by statistical or other algorithms then this most likely belongs to the tasks where a computer outperforms a human being considerably. To develop such a system is geek work. If not, it does not matter who does the guesswork. Rolling dices would probably as good.

  • by Jawnn ( 445279 ) on Saturday September 25, 2010 @05:04PM (#33699388)
    I know, we don't like to actually read TFA, but they did say something about their "war fighters" being more adept at detecting whether the enemy had "...penetrated the networks and changed coordinates or target times..."
    It sounds like they have determined that the only way a breach could be detected is if someone had actually gotten in and broken some of their toys. Given that assumption, flawed as it may be, having the guys who are proficient with the toys watch over said toys makes sense. They are already intimately familiar with them and would arguably be best equipped to notice anything out of the ordinary. Of course, this line of thinking is badly flawed. Network security is a unique and, at the highest level, rather esoteric skill set. Throwing missile techs at the job is deeply and dangerously stupid.
  • Whereas a Techi ... (Score:3, Interesting)

    by Tjp($)pjT ( 266360 ) on Saturday September 25, 2010 @07:58PM (#33700416)

    A fighter would understand, for instance, if an enemy had penetrated the networks and changed coordinates or target times, said Dusty Rhoads, a retired Air Force colonel and former F-117 pilot who recruited the original task force members. "A techie wouldn't have a clue," he said.'

    Whereas a techie would know that for the last 3 months they failed to penetrate the network and their target was to access the coordinates or target times ... Our To a hammer everything looks like a nail. What we want to do is prevent the successful attacks, not detect a successful attack and the "warriors" don't generally have a clue to distinguish between a spam phishing attack and a coordinated attempt to break security.

    "The FUD of war."(tm) Tjp

  • by holophrastic ( 221104 ) on Saturday September 25, 2010 @08:27PM (#33700552)

    If your idea of security is in noticing a malicious modification, good luck to you. I hope your data-set is really small, and your attacker is really stupid.
    Which soldier is going to know that 47.345 should actually be 47.346? You're just betting that the attacker is making large obvious changes.

    The techie's not going to care what the number is. The techie is simply going to see if the number is different than it was before -- or if anyone broke in in the first place.

    Intrusion-detection is rarely, if ever, about checking to see if the content data has changed.

  • by bezenek ( 958723 ) on Saturday September 25, 2010 @10:32PM (#33700986) Journal

    Why do we bother to hire real doctors to work in medical units? Aren't they going to have trouble figuring out whether or not someone was shot? Shouldn't we train military people to operate on wounded soldiers?

    Sheesh! This is yet another case of the average person thinking technical people spend years learning what they know and somehow they are not valuable experts the way other specialists are.

    -Todd

If all else fails, lower your standards.

Working...