2013-06-14

Co.Labs

Is Rubber Cement Seriously The NSA’s Anti-Thumbdrive Strategy?

Yes, seriously--that’s been the NSA’s anti-leak tactic since 2008. But the news gets worse. Today's thumb drives are based on industry standards established by Intel, which is about to increase the bus speeds of these devices by a factor of about 40. Huge files like map tiles, video, audio, and PDF dossiers are more open to leaks than ever.



In November 2008, the NSA experienced a major network security breach at the hands of a miscreant with a thumbdrive. The deputy secretary of defense at the time, William Lynn III, responded by having all the computers on NSA bases collected and their ports sealed with rubber cement. That’s according to the New Yorker, which goes on to say:

Lynn termed it a “wakeup call” and a “turning point in U.S. cyber defense strategy.” He compared the present moment to the day in 1939 when President Franklin D. Roosevelt got a letter from Albert Einstein about the possibility of atomic warfare.

First of all, rubber cement? Are you guys serious? There are ways to disable USB ports that are simpler and more scaleable. Two seconds of Googling and: Here’s a help doc about how to prevent users from connecting a USB storage device using Microsoft Windows Group policy. Let's hope they're at least using stronger rubber cement than the stuff that brought down a $4.6 million dollar drone in February this year, when a tacked-on chip came unglued.

Further, this "atomic age" analogy is too binary to capture the actual risk here. The atom bomb marked a major paradigm shift in defense. But advances in computing spur paradigm shifts in government and business practically every year. This week Intel showed off a new Thunderbolt thumb drive that can transfer data at speeds of around 10 Gbps, or about double that of USB 3.0. Let's assume that NSA computers are of an earlier vintage than most consumer machines and run USB 2.0--and the latest version of USB is about 10x faster than 2.0.

That means this new thumb drive can, most likely, move data about 20 times as fast as the one that Edward Snowden used in Hawaii, and probably with much greater capacity. (Then again, Snowden apparently "studied computing" in college, so perhaps he was toting a newer high-capacity drive for geek cred; then again, he is said to have never completed the coursework.)

Today, most cheap thumb drives hold around 16GB, or about one-eighth the capacity of Intel's new drive. And Intel just announced Thunderbolt 2, which will double the speed of today's Thunderbolt ports.

In another six to nine months, the sheer data capacity available to a leaker will increase hugely--but the speed at which they can steal stuff will go up by a factor of about 40. That means that stealing large files--map tiles, video, high-res imagery, audio recordings, and massive document dumps--will be even easier.

If the NSA plans to keep its operation airtight in that kind of consumer technology environment, it will need a lot more rubber cement.

[Image: Flickr user Robootb]


Article Tags: tech to fool the NSA





Add New Comment

14 Comments

  • David McReynolds

    Physical access is all that is needed. Ergo, making the USB port physically inaccessible is far more secure than making it logically inaccessible. Although, a good epoxy resin would be even better.

    Just set the group policy? Grow up.

  • James LaBarre

    If they're running MSWindows, I'd be far more concerned about *that* than their USB ports...

  • DFS

    Yes, group policy is more effective than physically disabling a piece of hardware, just like a firewall is more secure than physical isolation, right?

    /sarcasm

  • Drdetroitdanchap

    American People working hard to create their own prison. Pull your heads into the sunshine. The NSA/MIC/DHS/BANKERS have killed FAR more Americans, and destroyed far more American property, then all the "terrorists" ever dreamt of doing. All those weapons and heinous  things you are cheering and so proud of, are going to be turned on you(r families).

  • SomeDoDguy

    I work  with a number of DoD/NSA/MI/etc. people in the IT field.  Let me just say that the 'rubber cemet' was a local phenomenon.  The collection of USB drives was not (all information on them need to be sanitized).  The USB drives/CD drives/*all* external port accesses have gone through an extensive screening to be locked down at the OS and NOS level.  Physical access (e.g. rubber cement) is just some Non-Technical director listening some 'Good Idea Fairy' tellinghim how 'physical access is total access' (which is partially true, but stupid in this case).  I will just say that A. The threat is real.  B. smarter people are working on the problem. and C. @JEFF  YEAH! Get your CERT in IA and GET A JOB FOR LIFE!!!   

  • JEFF

    There is a lack of IA qualified personnel with clearances gte your cert and get a job right now.

  • Robertjohnson

    This article is retarded.  How long do you think it is going to take them to get "new" usb technology?  Most of the PCs that are used aren't the newest.  Server technology typically lags behind with stable hardware that is vetted with the PC market.  You people talking about an admin can limit this and limit that.  Typically they are talking about keeping people with admin access from doing something bad.  You don't give people who aren't trusted access to the data you don't want leaked.  The comment that is the most correct is that if they try to keep you from doing something your just going to figure out how to do it a different way.  If people were taking HD video then this speed and size would matter.  We are talking documents mostly.  If they have access to something and the mind to do it they typically aren't going to be limited by the speed of the medium.

  • SunnyJS

    As a neurological rehabilitation instructor I've spent a great deal of time with the human brain (model for your AI), observing patients and students learning, and over the years watching both the health sciences and AI computer sciences grapple with manipulation of the human/AI brain networks.  There are obvious network capabilities, computer exam sites use them all the time to prevent downloading or limit it to administrator computers desk tops only.  Employees would have to request download and the administrator would clear and do it.  The idea of sticking "gum" into the port is something a low tech like myself thinks literally and the high techs need to replicate.  I'm more curious as a brain science observer about the disconnect going on here between "classroom/academic" training and the underground (for lack of a better term) tech-hackers highly specific and metacognitively trained geeks.  Who doesn't know that the rewiring of the human brain is being done from months going forward by the use of all the tech gadgets/games/interactions?  The idea that Snowden is an outlier based on his formal education is astounding to me.  We are raising them by the gazillions and the leaders of our systems don't seem to get that.

  • Jon Champaigne

    most boards have extra sas, sata, and or ide ports that you could use to the same ends -- there are no more secrets. 

  • Guest

    I worked for a national laboratory during a shutdown from a security leak involving a thumb drive. Several days into a ban on classified work a team came around and "Gorilla Glued" all of the USB ports in our $4000+ workstations. Brilliant. Of course since we couldn't do any work we all just sat around thinking of different ways we could get information out if we wanted to.

    No amount of rubber cement will stop a dedicated insider threat.

  • Thetech

    3 layer approach, physical,hardware and software. All you need to do is drop a box of thumb drives in the parking lot with a virus on it, or a thumb drive with a fancy keychain. sooner or later an employee will plug one it.

    Sometimes you need to rethink and get to the root of the problem