RTFA: http://www.youtube.com/watch?v=t849CYRd2Ak

Air Force Cyber Command Recruiting Video

Via Wired Danger Room and Boingboing.

According to this page:

The mission of the United States Air Force is to deliver sovereign options for the defense of the United States of America and its global interests — to fly and fight in Air, Space, and Cyberspace…

As Airmen, it is our calling to dominate Air, Space, and Cyberspace. If we can decisively and consistently control these commons, then we will deter countless conflicts. If our enemies underestimate our resolve; then we will fly, fight, and destroy them.

What I dig is how knowledge-working wunderkind have become avatar-warriors in the battlefield of our global information network… and with recruiting videos like the one above, who’s to say that this isn’t actually the case?

I mean, come on: millions of attacks per day? I can vouch that anyone with a few web servers is attacked hundreds of times per day. But are we talking “attacks” like state-sponsored attacks and declarations of war? Obviously not declarations of war, but these are attacks nonetheless, where a non-zero quantity are probably sponsored by “foreign governments”.

So our web servers are like sovereign information islands? …and are we in the midst of a global information war at this very moment? It’s interesting to consider that the Internet Protocol is largely agnostic towards the content it carries… The packets delivering this post are traveling alongside other packets that might be “malicious.”

Right? Well, here’s a quote from a recent post to Bugtraq:

Security Assessment of the Internet Protocol Aug 14 2008 07:10PM
…
The United Kingdom’s Centre for the Protection of National Infrastructure has just released the document “Security Assessment of the Internet Protocol”, on which I have had the pleasure to work during the last year or so.

The motivation to produce this document is explained in the Preface of the document as follows:

- —- cut here —-
The TCP/IP protocols were conceived during a time that was quite different from the hostile environment they operate in now. Yet a direct result of their effectiveness and widespread early adoption is that much of today’s global economy remains dependent upon them.

While many textbooks and articles have created the myth that the Internet Protocols (IP) were designed for warfare environments, the top level goal for the DARPA Internet Program was the sharing of large service machines on the ARPANET. As a result, many protocol specifications focus only on the operational aspects of the protocols they specify and overlook their security implications.

Though Internet technology has evolved, the building blocks are basically the same core protocols adopted by the ARPANET more than two decades ago. During the last twenty years many vulnerabilities have been identified in the TCP/IP stacks of a number of systems. Some were flaws in protocol implementations which affect only a reduced number of systems. Others were flaws in the protocols themselves affecting virtually every existing implementation. Even in the last couple of years researchers were still working on security problems in the core protocols.

The discovery of vulnerabilities in the TCP/IP protocols led to reports being published by a number of CSIRTs (Computer Security Incident Response Teams) and vendors, which helped to raise awareness about the threats as well as the best mitigations known at the time the reports were published.

The document itself is available from http://www.cpni.gov.uk/Products/technicalnotes/3677.aspx.

That’s right – TCP/IP isn’t exactly agnostic itself, since packets can be forged for malicious purposes… is anything on the Internet safe? …is even the underlying fabric flawed? …or is this somehow a “feature”? Clearly, there are some people who consider this to be a threat – a vector…

Increasingly, it appears that these people are popping up in quantities from government entities, like the US Air Force. …is it really appropriate to use a clever play on words to justify the assumption of a “cyber-warrior” role? I’m referring to the “air, space, cyber-space” pun. After all, ARPANET wasn’t related to the Air Force at all – it was a Department of Defense project.

Is this all just fear-mongering along the lines of Lessig’s Cyber-9/11 quote?

A number of readers are sending in links to a video from the Fortune Brainstorm Tech conference last month, in which Lawrence Lessig recounts a conversation over dinner with Richard Clarke, the former government counter-terrorism czar. Remembering that the Patriot Act was dropped on Congress just 20 days after 9/11 — the Department of Justice had had it sitting in a drawer for years — Lessig asked Clarke if DoJ had a similar proposed law, an “i-Patriot Act,” to drop in the event of a “cyber-9/11.” Clarke responded, “Of course they do. And Vint Cerf won’t like it.”

Vint Cerf, by the way, was one of the primary inventors of TCP/IP:

Cerf’s first job after obtaining his B.S. in Mathematics from Stanford University was at IBM, where he worked for less than two years as a systems engineer supporting QUIKTRAN.[1] He left IBM to attend graduate school at UCLA where he earned his master’s degree in 1970 and his PhD in 1972[8]. During his graduate student years, he studied under Professor Gerald Estrin, worked in Professor Leonard Kleinrock’s data packet networking group that connected the first two nodes of the predecessor[9] to the Internet (the ARPANet [9]), and “contributed to a host-to-host protocol” for the ARPANet[10]. While at UCLA, he also met Robert E. Kahn, who was working on the ARPANet hardware architecture[10]. After receiving his doctorate, Cerf became an assistant professor at Stanford University from 1972-1976, where he “conducted research on packet network interconnection protocols and co-designed the DoD TCP/IP protocol suite with Kahn.[10]