Israeli Hubris? Meet Nemesis. Nemesis? Hubris.
This surfaced on DefenseTech today, and I couldn't possibly write it up until now. There were two, count 'em two, apparent new Microsoft 0-Day vulnerabilities to deal with. One was a new IE vulnerability which was exploited by leveraging a flaw in Vector Markup Language processing. The second was a flaw in Microsoft PowerPoint that first showed up in the form of a Trojan!
Turns out the second item, the Trojan exploiting the PowerPoint flaw, wasn't a 0-Day after all, but I didn't know that until an hour ago.
If the first item worries you, and it should if you're using Internet Explorer, here's Microsoft Security Advisory (925568), which gives you two workarounds which look like they may not have drastic enough side effects to render IE unusable.
The second item is covered if you've installed the MS06-012 patch. It's also likely mitigated by antivirus signatures if yours are dated no earlier than 09/19/2006. If you want full biblios on either or both issues, I can accommodate you.
Suffice to say, you aren't helpless against either of these if you pilot a Windows box. There are ways of shoring up your Windows systems available now, even though no formal patch exists for the IE vulnerability yet.
But I digress.
These latest transgressions of MS are as nothing compared to the ghastly screwup the Israeli Defence Force apparently pulled during their recent ill-fated war with Hizbullah. That was one for the books. Codebreaking or comedy, take your pick.
Sheesh.
The trail of breadcrumbs from DefenseTech lead me to an utterly incredible story at Newsday.com.
Read and be amazed.
Hezbollah cracked the code
Technology likely supplied by Iran allowed guerrillas to stop Israeli tank assaultsBY MOHAMAD BAZZI
Newsday Middle East CorrespondentSeptember 18, 2006
AITA SHAAB, Lebanon -- Hezbollah guerrillas were able to hack into Israeli radio communications during last month's battles in south Lebanon, an intelligence breakthrough that helped them thwart Israeli tank assaults, according to Hezbollah and Lebanese officials.
Using technology most likely supplied by Iran, special Hezbollah teams monitored the constantly changing radio frequencies of Israeli troops on the ground. That gave guerrillas a picture of Israeli movements, casualty reports and supply routes. It also allowed Hezbollah anti-tank units to more effectively target advancing Israeli armor, according to the officials.
"We were able to monitor Israeli communications, and we used this information to adjust our planning," said a Hezbollah commander involved in the battles, speaking on the condition of anonymity. The official refused to detail how Hezbollah was able to intercept and decipher Israeli transmissions. He acknowledged that guerrillas were not able to hack into Israeli communications around the clock.
The Israeli military refused to comment on whether its radio communications were compromised, citing security concerns. But a former Israeli general, who spoke on the condition of anonymity, said Hezbollah's ability to secretly hack into military transmissions had "disastrous" consequences for the Israeli offensive.
"Israel's military leaders clearly underestimated the enemy and this is just one example," he said.
Dodging the efforts
Like most modern militaries, Israeli forces use a practice known as "frequency-hopping" - rapidly switching among dozens of frequencies per second - to prevent radio messages from being jammed or intercepted. It also uses encryption devices to make it difficult for enemy forces to decipher transmissions even if they are intercepted. The Israelis mostly rely on a U.S.-designed communication system called the Single Channel Ground and Airborne Radio System.
Hezbollah's ability to intercept and decode Israeli transmissions underscores how the Shia group had higher military capabilities than many Israeli and U.S. officials thought.
Much of Hezbollah's capability is believed to have come from its two main backers, Iran and Syria.
During 34 days of fighting, which ended Aug. 14 under a cease-fire brokered by the United Nations, Hezbollah repeatedly surprised Israel by deploying new types of missiles and battlefield tactics.
"The Israelis did not realize that they were facing a guerrilla force with the capabilities of a regular army," said a senior Lebanese security official who asked not to be identified. "Hezbollah invested a lot of resources into eavesdropping and signals interception."
Besides radio transmissions, the official said Hezbollah also monitored cell phone calls among Israeli troops. But cell phones are usually easier to intercept than military radio, and officials said Israeli forces were under strict orders not to divulge sensitive information over the phone.
Hezbollah eavesdropping teams had trained Hebrew speakers who could quickly translate intercepted Israeli transmissions and relay the information to local commanders, the Hezbollah official said. Even before the war, the group had dozens of translators working in its southern Beirut offices to monitor Israeli media and phone intercepts.
Mistakes happen
With frequency-hopping and encryption, most radio communications become very difficult to hack. But troops in the battlefield sometimes make mistakes in following secure radio procedures and can give an enemy a way to break into the frequency-hopping patterns. That might have happened during some battles between Israel and Hezbollah, according to the Lebanese official. Hezbollah teams likely also had sophisticated reconnaissance devices that could intercept radio signals even while they were frequency-hopping.
During one raid in southern Lebanon, Israeli special forces said they found a Hezbollah office equipped with jamming and eavesdropping devices. Israeli officials said the base also had detailed maps of northern Israel, lists of Israeli patrols along the border and cell phone numbers for Israeli commanders.
That raid highlighted the ongoing spy war between Hezbollah and Israel. Since Israeli troops withdrew from southern Lebanon in May 2000 - after an 18-year occupation and guerrilla war with Hezbollah - the militia has stepped up its espionage efforts against Israel. According to Israeli military officials, a special Hezbollah unit recruits Israeli Arabs and others to spy for it. The agents are assigned to obtain maps, monitor Israeli patrols, gather cell phone numbers and photograph military facilities. This information is used to draw up detailed maps and files that could be used to direct Hezbollah's rocket and missile attacks.
"After the Israeli withdrawal in 2000, each side competed to spy on the other," said Nizar Qader, a retired Lebanese army general who is now an independent military analyst. "This intelligence-gathering was essential to fighting a war ... Hezbollah appears to have collected better information than the Israelis."
OK. My take on this from an information security perspective?
YOU HAVE GOT TO BE KIDDING ME.
Look, when infosec people talk about ciphers that are "practically unbreakable", what they mean is really, really simple.
If the cipher system was put in place by pros and maintained by people exercising standards of prudence which qualify as "due diligence", then it really doesn't matter who you are. NSA, Mossad, French Secret Service, FSB. It just doesn't matter. Unless the defense fumbles very, very badly, you haven't a chance of breaking their crypto in this lifetime. It really doesn't matter how many supercomputers and Beowulf clusters you have lined up.
And it probably doesn't matter how much of the plaintext your great-grandkids with their quantum computers can read. By then, the content will have gone stale.
So given that, here is question burning in my head right at this moment.
Just how many ghastly mistakes did the Israelis have to stack atop one another in order to allow Hizbullah to break their commo security?
Forget about "frequency hopping". That Israeli commo should have been bulletproof even if Hizbullah had caught every last byte in transmission as if they had wiretapped it off a copper landline. Even if the frequency-hopping had gone completely to the Devil and the Devil had gone mad.
Look, I know the Israelis blew that war as badly as a pawn-pusher going up against Kasparov. But this one is just mind-boggling. You don't have to get inside anybody's OODA Loop in order to keep your crypto secure. You don't have to be John Boyd or Guderian or even Johnny von Neumann. You just have to get it right when it's bloody well spelled out step by step. It doesn't take genius. You don't even have to know what number theory is, for Pete's sake; this stuff has been shrink-wrapped for a decade and more. Ye gods and little fishes, it's been Open Source for a dozen years now. That why Phil Zimmerman came within a hair's breadth of going to jail, back in the early 1990s.
I'm sitting here, for the first time in a while now, realizing in a sort of horrified Black Epiphany that there is an organization in the world which is collectively even more block-of-wood stupid than the wretched Marching Moron average of the Bush Administration. Although how this could be is a complete mystery. Just how stupid was Ehud Olmert, really? How dumb was Dan Halutz? I know he was an Israeli Air Force braggart with an ego bigger than Grant's Tomb. But really!