The NSA has a history of keeping very serious faults in security to themselves [1].
It's like the government detected a structural problem in bridges and then decides not to fix it because that could make it harder to destroy other countries' bridges.
This is absolutely false. The NSA asked IBM to not reveal that security against differential attacks was a design goal. They did not, as you suggest, allow the weakness to be present in DES (go read the Wikipedia article you cite again).
The NSA did make changes to the S-boxes used in DES at the last minute, and would not comment on the nature of the changes. Many people speculate this was the introduction of a backdoor. Last year at RSA a speaker from the NSA revealed that the (now 35 year old) changes served two purposes: 1. it actually fixed a weakness they had found, but did not want to disclose the details of. 2. scared the Russians into not trusting the now hardened algorithm and instead relying on older systems that they had attacks against.
This is very silly. As Cody would tell you, the Onity flaw he found was so basic (it is the electronic equivalent of the Bic cap trick that unlocked Kryptonite locks) that any EE grad working at DoD or NSA would have had it instantly. The idea that there'd be some huge conspiracy involving the government reaching out to private firms to enable them to break into trivially breakable locks rings false.
You should simply assume that the government has always, always, always been technically capable enough to break into hotel rooms undetected.
Two years before Cody's talk, an unknown entity (assumed by local police to be Mossad), used a third party device to reprogram VingCard hotel door locks in the field as part of the assassination of Mahmoud Al-Mabhouh in Dubai.
I imagine this is even somewhat of a litmus test for a powerful govt.-like organization in any area- the ability to find out where a foreign representative is staying, know when they're out, and search their room.
I'm not really all that concerned by the project itself. This is what the NSA is for (protecting US communications and finding ways to attack communication systems). However, I would like to know who NAMES these things? "Perfect Citizen", really?!
It's not like they needed 28 people, assigned 28 feds to work on the project and then hired 28 contractors so the feds didn't have to do anything, but that appears to be what you are implying.
Like most large organizations, the government has tons of different projects going on at the same time. When they take on a new project, sometimes they use actual federal employees, sometimes they use contractors with federal oversight. Sometimes they use a mix of both feds and contractors. It usually depends on what kind of funding they can get approved. They do not often hire more people than they need for a particular project, because right now it's pretty hard to get money for anything, and most politicians remain grossly uninformed about the significance of anything having to do with computers.
It's a fact that an enormous amount of taxpayers' money that gets wasted each year, but pen testing vital SCADA systems across the U.S. doesn't seem like a waste of time to me. I know that the article mentioned nessus, netcat, and nmap, but the tools that are used in the security world don't matter nearly as much as the people who are using them. Also, do you think that the NSA is really going to tell you every single piece of software that they are using for penetration testing? They were merely giving examples.
The program as described in the article is something I can get behind. This is the first time I've said that about a federal program in as long as I can remember. But $91 million? Really?
Two thoughts come to mind. First, even when they get it right, they get it wrong. Second, I wonder how many other, non-disclosed, activities are being funded with that money.
Because it is 2012, and every networked digital system in the world uses IP, and every business in the world has an Internet connection the same way every business in the world has a phone. Incidentally: there is nothing new under the sun: these same critical systems used to be exposed via the phone network.
I don't know what they're saying, but yes, I assure you, there is crazy stuff that is one or two pivot hosts away from an Internet attacker.
Critical infrastructure systems should be treated as on par with above-top-secret when it comes to network access. ie airgap to less secure networks, no-lone zones, no place to plug in external devices, serious change control, etc.
