DARPA Commits To Funding Useful Hacking Projects 44
Hugh Pickens writes "Fahmida Y. Rashid reports that the Defense Advanced Research Projects Agency will fund new cyber-security proposals under the new Cyber-Fast Track project intended to cut red tape for hackers to apply for funding for projects that would help the Defense Department secure computer networks, says Peiter Zatko, a hacker known as Mudge who was one of the seven L0pht members who testified before a Senate committee in 1998 that they could bring down the Internet in 30 minutes and is now a program manager for the agency's information innovation office. Anything that could help the military will be considered, including bug-hunting exercises, commodity high-end computing and open software tools and projects with the potential to 'reduce attack surface areas, reverse current asymmetries' are of particular interest. Under the Cyber-Fast Track initiative, DARPA will fund between 20 to 100 projects annually. Open to anybody, researchers can pitch DARPA with ideas and have a project approved and funded within 14 days of the application."
Honey Pot? (Score:2, Offtopic)
Re: (Score:3)
The US government is comprised of humans. Humans have proven to be untrustworthy.
On the other hand, some humans are also trustworthy. Shit. How can I apply both of these into one absurd gross generalisation?
Re: (Score:2)
A 56k using UFO hunter used a perl script to glide around a set of wide open MS "mil" US networks.
The CIA has In-Q-Tel like fronts to seek any useful project at any price and nobody will know.
DARPA has.... like fronts and nobody will know.
The US has usually found solutions to its language, math, computer, crypto, science ect. issues very quickly, with less press and with lots of cash.
Yet now we are to believe the US suffers from unique bug related, surfac
Re: (Score:2)
Well, they did just lose their "AAA" credit rating..
Re: (Score:2)
You mean like the Pentagon did in Iraq?
Finally (Score:1)
For the cost of a few cruise missiles humanity will be left with something of value from the defense budget.
Hopefully this becomes a superfund for cleaning up vulnerabilities by the best and the brightest. With all the money wasted every year we should not agonize over tiny sums being expedited to people who will catch the bugs and disclose to the public.
The cybercrime gangs are well funded. The bughunters are not.
Prevention is much cheaper and much more friendly towards civil liberties than is having a cyb
Mudge? This might actaully work then. (Score:5, Interesting)
If you recall,there was a campaign to make Mudge the USA cyber-czar back when Obama created that post. The guy knows what he's doing, and even now that he's in big-government stuff, the community still trusts him.
Infinite Military Money (Score:3)
The military/intel is totally protected from our debt crisis, no matter how distantly related to protecting us any of its expenses might be. That's why the majority of our debt is owed for past military/intel budgets - so it costs 50% more in interest than what was appropriated on paper. And now that the debt has gotten our credit rating downgraded, it will cost us even more in interest - along with all our borrowing that it's dragged along with it.
So the smart people will turn all their projects into military/intel projects. Which will gradually turn the US into not just a hopeless debtor, but an exclusively warmongering hopeless debtor.
Re: (Score:1)
Re: (Score:1)
Re: (Score:3)
Like "why are we invading Iraq when it had nothing to do with the 9/11/2001 attacks"?
Those of us who did ask that question were drowned out by the majority of voters who insisted on re-electing Bush/Cheney instead of impeaching and imprisoning them.
Re: (Score:2)
Well, what's actually more true is that "in a democracy, the people get the government they deserve". Maybe that means we deserve the government we get.
As far as holding public office being the only way to change it, that's clearly not true. Indeed the biggest problem in America's democracy is that our republic, the elected people, are not the ones who make change. They're lackeys to the people who do make the change. And those people are not only the rich. Plenty of not rich (outside their expenses-paid po
Re: (Score:2)
In what area? Iraq? No jumped-up mullah in Iraq or anywhere else except Afghanistan did anything to us on 9/11/2001. GWB showed the UN and the world that even when the US was hideously attacked, all he cared about was invading a country that had nothing to do with it. So his cronies could make $TRILLIONS and grab as much power for as long as they could, while smashing our obligations to protect us. All of which is precisely Binladen and his fellow assholes wanted.
And so you voted for Bush twice, giving us t
Re: (Score:2)
Just make sure (Score:1)
That is all well and good. (Score:1)
But what is DARPA, or anyone else for that matter, about making sure chips made in china don't have bugs built in?
I /refuse/ to purchase an item that is known to me to have chips made in china because I believe it to be compromised.
How can one be sure that the hardware in the devices made there are not bugged?
Non Americans (Score:2)
Social Semantic Desktop for Sensemaking on Threats (Score:2)
http://sourceforge.net/projects/pointrel/ [sourceforge.net]
At least I could spin it that way... :-)
And have:
"The need for FOSS intelligence tools for sensemaking etc."
http://groups.google.com/group/openmanufacturing/msg/2846ca1b6bee64e1 [google.com]
Where do I apply? :-)
Re: (Score:2)
I see where to apply, a link in one of the articles:
https://www.fbo.gov/?s=opportunity&mode=form&id=406db188e0e1935a806c143a5603eb48&tab=core&_cview=0 [fbo.gov]
If slashdot allowed longer tittle I woudl have called it: "Social Semantic Desktop for Sensemaking on Threats AND OPPORTUNITIES"
We'll see if they like some variation on:
http://groups.google.com/group/openmanufacturing/msg/2846ca1b6bee64e1 [google.com]
"Summary: This note is essentially about how civilians could benefit by have a
Re: (Score:2)
I wrote this up last month as a proposal abstract for an IARPA soliciation, but I have not sent it (someone who had been with the CIA and does public intelligence said it would be pointless essentially as the US intelligence community is so broken). Anyway, I though I'd post it here, as I've written it already, and it seems a shame to waste it, and because it is what I'd like to do maybe for this solicitation. Any constructive feedback would be appreciated. Maybe DARPA might be interested in it if not IARP
I have a brilliant idea! (Score:2)
I'm going to seek a $20k grant to advise police agencies against having their website developed by BJM marketing.
In case you are wondering what the hell I'm talking about: http://www.computerworld.com/s/article/9218961/AntiSec_hackers_dump_data_after_hacking_police_websites [computerworld.com]
Why not insist on free and open source? (Score:2)
From the reuters article: "Addressing a key issue for hackers doing government projects, they will be allowed to keep the commercial intellectual property rights while giving the Defense Department use of the project."
Major problem with entire solicitation design (Score:2)
I skimmed through the solicitation. It has people paid on achieving milestones they set out in advance (and they say ideally for two month or four month working time frames). Essentially, they are insisting on a waterfall development model. That makes difficult any basic research and general creativity in exploring topic areas. I guess someone could get around that a bit by promising a report or something, but that is probably not what they are looking for.
In general it is a rule of thumb in some projects b
Re: (Score:2)
It's a joke with lot of truth to it. My undergrad adviser said he used this model sometimes (he's 90 or so now, so probably OK to mention this). He said he would essentially get a grant for work he had already (mostly) done, and then use much of the money to do the next thing. So, you are right, it's an interesting and sometimes successful model.
A much deeper problem is that the people good at looking good may not be the same people good at doing stuff. As someone suggested recently (forget where, maybe on
Hudson says.... (Score:1)
Re: (Score:2)
There may be a xenomorph involved.
Social Media Protocals (Score:2)
Open Protocols for Social Media would be very helpful..
Think along the lines of Diaspora and Google+ but within a military context, where each command/outfit, etc. needs to own it's own data, various aspects of data needs to shared (nor not shared) based on a firm but flexible set of permissions and you have a fairly ideal way of allowing modern war fighting use social tools; all of those still on secure networks but having a wide range of secure sharing. This could include pushing data out to non secure ne