Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Linux Software

DoD Computer Forensics Lab to use Beowulf 86

Doran writes "The U.S. Dept. of Defense is showing off its new $15,000,000 Computer Forensics Lab and it looks like they'll be using a Beowulf cluster to gleen as much info as possible from the computers they confiscate. Here is the story from Nando. An interesting aside is that they seem to be using Clinton's 'approval' last week to allow sale of more powerful encryption software as a justification to ask for $80,000,000 more for the Center. " Beowulf cluster mentioned, but not Linux, oddly enough.
This discussion has been archived. No new comments can be posted.

DoD Computer Forensics Lab to use Beowulf

Comments Filter:
  • We all know Linux isn't good enough for the big time yet. Maybe they've clustered together a lot of real computers running real OSes using something like pvm?

    On a daily basis where I work, we use pvm to fork out jobs over different SGI and Sun systems, and it really kicks ass. (Unfortunately, due to NDAs and such I can't tell you what we do, but it is really nifty stuff!)

    Most government spokespeople are clueless, and probably got the terminology confused. I'm sure there are people somewhere (it is a large planet, ya know) who can't just use the term 'cluster' and call it a 'beowulf cluster' not realizing that the Linux minions are using the term 'beowulf'.

    Admittedly, I have heard, on good authority, that there are some black ops (read: NSA, Secret Service, NRO) gov't agencies that use Linux on some of their 'puters, but usually it is a very stripped down, quite customised 2.0 kernel and a userland that none of you would recognize. Of course, it isn't on production systems, but on the occasional development network. These machines are usually religated to doing nothing more than routing packets.

    If I had $15MM to spend on building a supercomputing facility, it sure as hell wouldn't be running Linux.

  • When I worked for the Univ of Cal library, I remember near the end of every fiscal year when the project was "come up with something to purchase" for no other reason than to ensure that the budget is not cut next year. After all, if you save a buck, you'll get one buck less next year. So why try to save? Gov't ENCOURAGES waste in this manner.
  • Is there even such a thing as shrink-wrapped software for FreeBSD? Packaging "freeware" is fairly meaningless, because so much is included already in the ports collection, and as for commercial proprietary softwre, even for Linux (a far larger market) there is only StarOffice, Applix and some ports of games (Loki's games, Q2), AFAIK, so there probably isn't much for FreeBSD.
    But I would have thought if you sell Linux distributions, you would sell Loki's games, as well, and I think you can run those on FreeBSD, but don't quote me on that.
  • I guess this silent "anti-linux-majority" must be all the people whose windows boxes I have to fix? You know, I'm getting tired of them.
  • And now, a typical Slashdot Response (TM)

    But will it run Linux?


    /* disclaimer: this is humor. If you don't get it, please hang up and try again. */

  • It's WASTE it or lose it. You'd think by now a bunch of self-important, ethically-challenged politicians could come with a better way to handle funding. But I guess as long as everyone gets their cut, there's no reason to push for change. And in the end, it's the taxpayers who get screwed...over and over and over.

  • The NSA's budget is huge, in the billions, and all they do is break and develop encryption. While part of that budget may go to developing intellectual capabilities, it would be very difficult to do modern cryptanalysis on such large scale without some very sophisticated hardware.

    Their proximity to the NSA probably has more to do with being able to take advantage of their years of experience.
  • If there is anything thats a standard in distributed/parallel computing its that you want as much optimization as possible. Not only would NT for this type of thing bloat the the unecesdary processes being done, but you have the blue screen issue as well. Since linux allows you to customize a kernel for the components that you need, there's little (or no) waste memory/cpu -wise. Plus its free. Wasting money/time/effort on an OS thats just obsolete for this kind of job would be nuts even for an NT zealot.
  • Your definition of "good use" I guess is different from mine. I'm not their accountant, but I was involved with a good bit of the initial expenditures, and I stand by my statement. I'm not claiming that every penny was optimized for maximum return, or that there was never any money spent on something unneccesary (especially use/lose funding) but at the same time there was a definite effort to see that every aquisition would add directly to the lab's capability. The very fact that there is _one_ DOD lab and not one Air Force lab, one Coast Guard lab, one Army lab, one Navy lab, and one Marine lab is in itself an unusually wise spending choice for our government. And if you're talking about the purpose the equipment is being used for, I repeat my earlier statement that putting pedophiles (and other criminals) behind bars is worthwhile.
  • Go here: http://www.vogon-international.com/
  • > If I had $15MM to spend on building a supercomputing facility, it sure as hell wouldn't be running Linux.

    And why not? Save enough money on the computer, and you get offices instead of cubicles.

  • I was just waiting for that AC who used to say "Just imagine a Beowulf cluster of these!!!" in *every* thread. For once, he'd be on topic. Mostly. :)
  • I'm sorry but we do not all know that linux isn't good enough for the big time yet.

    www.google.com=big time
  • At least we have it written into our constitution that a congressional term must elapse before the new salaries take effect. If the voters don't like it, then they can exercise their opinion and vote the offenders out of office.
  • <beging off-topic rant> Their proximity to the NSA probably has more to do with being able to take advantage of their years of experience.

    you're right. I certainly wouldn't know. That makes sense to me. Then again, we won't know until they flat-out tell us. Otherwise, we'll continue to speculate as we already have.
    <end off-topic rant>
    Personally though, I'm glad that they have a Beowulf cluster.. that's great. and I hope it runs some form of OSS; Debian, FreeBSD, Linux, Unix, etc.. or, if they feel that a decision of that nature would be too intelligent for them to make, then as long as they don't use Windows, I'm happy.
    Of course, I also realize that their job is not to please me, but.... you know...

    <my $0.02 worth>
  • I was looking at the pictures on their site when I spotted this [dcfl.com].

    Look at the shelf just above the soldier's head. It *looks* like a Red Hat box, but a bit grainy so it's hard to tell.

    What do ya'll think?


    Talispy
  • My fear is:

    "Beowulf? Oh, Microsoft has this 'Wolfpack' thing... that must be what they meant."

    Anyone else wonder about this?
  • but simply Beowulf Clusters, simply because it is more challenging to convince (even) a politician to give you $80M to get a lot of copies of a free OS running on really inexpensive hardware. Even 128 nice quad Xeon boxes aren't going to cost you more than a couple of million.
  • software and they can't afford to piss off anyone by mentioning Linux. Or the author of the article is biased. Either way, it's a sad situation.
  • Linux is no longer new. People know about Linux, the media doesn't need to bash them over the head with it constantly. The important part is what it does, not what it is. Important to us, important to the public, and important to the people creating this system.
    ---
  • I'll check out my local CompUSA. I hadn't seen FreeBSD there before, but I hadn't been looking for it.

    Is this just a shrink wrapped copy of the CDs from Walnut Creek or something? Or is somebody supporting a FreeBSD shrink-wrapped release as Red Hat and others support their releases of Linux. Is there, for example, installation support on the phone?

    If not, it sure seems like someone is missing a business opportunity. Seems like BSDI could get into this business rather easily, although they'd have to recognize that it competes with their current offerings. Still, they are probably best able to really support FreeBSD. If they don't do it, someone else may eventually get a head start in this market and compete with them and that wouldn't be good for BSD/OS. If *BSD doesn't start getting some serious mindshare and shelfspace, it may end up so marginalized by Linux that it would become to Free Operating Systems what OS/2 became to PC Operating Systems.

    One thing you said that I have to take issue with is:

    For example: micros~1 gave away IE, but in the store people paid top dollar for it.

    Boy, I don't remember people paying top dollar for IE in stores. In fact, I remember it being a giveaway in bundles, mostly. Like, buy FrontPage and get IE for free. I recall a lot of stores selling IE for like $9.95 with a rebate offer of $9.95 (Free after Rebate!).

    I always had the impression that Micros~1 was selling IE in stores so they could claim that they weren't really giving it away just to destroy NetScape. I could be wrong.

  • I have a few local stores that I visit.... one of them is extremelely pro-linux (There are many many more pro-windows stores, though. 'Linux? Is that for the new G3? Cause we don't sell Mac stuff...')
    Anyway, they have a mall display cabinet out in front of the store which has RedHat, Caldera, and Debian on it. Inside are rows and rows and rows of reference books, and there's a big bin of Tux dolls, and yet another rack of penguin paraphernalia. The microsoft products are the ones tucked in the corner of the store. Oh, and the best thing? They only sell equipment that works under a linux system. Other things that aren't compatible are in the M$-Corner. Oh, and the best thing? If you have a network card, and you want to DL something big like Star Office, just go on over and plug into their xDSL connection. They don't mind at all. I LOVE THESE GUYS!
  • The picture for linux material is this:

    http://www.dcfl.com/mac.jpg

    The shelf has a plethora of worthless books on linux and that unmentionable OS. It's great to see my tax dollars being wasted on that crap. What happens is that someone hears about the latest next-greatest computer development, and rushes out and buys whatever has "Unleashed" or "in 21 days" on the title just as a way of calming the anxiety. I'd much rather buy them a few beers and tell them to look it up the web.

    Also check out:
    http://www.dcfl.com/sgi.jpg
    There are some sun monitors to the left.

    Can anyone identify the equipment on the left hand side here, and on the shelf ? Looks like a stack of disks.
    http://www.dcfl.com/vogon2.jpg
    Oh wait, if there's a file named vogon2.jgp then maybe . . . let me try hand keying the URL instead of clicking links . . .
    http://www.dcfl.com/vogon.jpg

    oh yeah -- much better view.

    (wanna bet there's a machine named vogon on their net ?)

    (If you stick a "2" in front of the ".jpg" on a couple of the others, you can get more unlinked pics. Nothing interesting, more of the same -- mac2.jpg has an imac box in it. Or just a poster ? It's definitely an imac keyboard.)

    And finally, and ultra 60 -- nice machine, I'm using one now. I don't think that's Sun's default environment, either ;)
    http://www.dcfl.com/sun.jpg

    This whole set of pictures kind of makes be nervous though. I feel like I'm shoulder surfing. I hope these guys thought about the fact that anything they put on the web might be viewed by the objects of their investigations -- I've got a yellow sticky note on my monitor right now with the passwords to half a dozen accounts written on it, and I sure wouldn't want some idiot making a company web page to wander in and snap a jpeg of that and post it on the web.

    Hmm. I made myself think. I should hide that.
  • Utopia

    Shangri-La

    Perfection

    RedHat, Caldera, and Debian . .an entire store filled with Linux products/paraphernalia and services . . it's perfect! Just WHO IS this forward thinking company that's poised for the 12st century?? Are they a publicly traded company ??

  • You bring up an interesting point about FreeBSD. As a matter of fact, this particular Comp USA (in the Milwaukee, WI burbs) had a distro of FreeBDS well placed on the shelves along with the others. I was happy to see the selection so well laid out.

    Of course, if you're reading this, you're aware that the internet is the distribution channel of choice. However, don't underestimate the importance of well placed shrink wrapped boxes in retail space, and it's effect on a companies bottom line. For example: micros~1 gave away IE, but in the store people paid top dollar for it. What suprised me most was a bundle from Adobe which included Golive,Photoshop, and Illustrator for over 1,200.00 dollars US!

    All of the functions can be achieved with open source distros, but the "wow, that paper clip is kewl" crowd will happily doll out a few green back because "that box is just kewl". What does this mean for Linux? With Linux now being well placed in retail space, It means more retail dollars to the Linux community.

    Has anyone else seen Linux on the shelf in the local 'puter store ? Do that have more than one Distro? Are they making more room for Linux, and pushing the micros~1 products over in the corner ?

  • Well, in America, you don't have to prove you didn't do anythign wrong, they have to prove you did.
  • I guess its too early for everyone to start drooling over the Beowulf cluster again.. almost every reply to a story I read on /. mentions the Beowulf Cluster =) *drools for the sake of drooling*
  • Did you really think I was talking about government thugs?

    I wasn't.
  • Yes, there is an anti-Linux conspiracy.

    Thing is, it's made up of what Nixon used to call the "Silent Majority." By this I mean all the hundreds and hundreds of thousands of people who use Windows 95 or 98 to do their daily computing. They don't dink around with the interface, they don't tweak the registry, and they assuredly don't install packages more than one time, or (heaven forbid) install and then remove packages.

    Because of this, their machines run fine thank-you-very-much and they think the people decrying Windows stability and reliability are doofuses without lives. If they've even heard about the people decrying Windows.

    My new girlfiend lives in southern Iowa, and going down there, it seemed like everyone and her grandmother has a machine hooked to the 'net. I mean, it's incredibly mainstream. Guess what OS they are running? They'd be confused if you suggested there was any reason to run anything else.

    I'm sure there are angry little minorities of people in rural southern Iowa who are mad that the 35 games and assorted calendars, screen-savers, and whizzbanger toys they downloaded and installed, which all had conflicting DLL files, etc., made their Windows systems less than reliable. Their moms probably yell at them a lot for screwing up the family computer. And yes, they are likely to then want to rebel by installing something else.

    The silent majority doesn't run Linux, though. Not in your most toked-out dreams.
  • Yes. It makes perfect sense to me.

    Using the Steganographic File System basically identifies you as somebody with something to hide. It doesn't matter what it is, it doesn't matter if it makes you guilty or not. The world is not made up out of warm fuzzy inquisitors who give out chocolate bars to people who confess their secrets promptly. It's full of power-mongers and spooks who want to know NOW what you were doing digging around on their server, and want to know NOW what you're hiding that you got off their server on your hard drive. Rubber hoses, to the max, and you're dreaming if you thing there will a Judge at the end of that tunnel.

    Clue: Nope!

    Have fun setting up a system where you can't prove you didn't do anything wrong. Wave bye-bye before they haul you off in the van.

  • So when your dog rubs up against the panel that the button is mounted on.....
  • Consider the following -
    "Defense Department officials also acknowledged that the lab's proximity to the nearby National Security Agency, the government's premier code-breaking organization, was a primary factor in deciding its location.
    That statement makes me wonder if the NSA is jealous of this new DoD setup. I can see it now, knock, knock "Hi this is Joe from next door can I borrow a few million cycles?"
  • How about using PGP to further encrypt files? Remember that for the US government, the "most powerful encryption software" only goes up to 128-bit RSA Lab closed-source technology. PGP, on the other hand, is astronomically much more powerful. I bet it would be quite frustrating for the FBI's $15 M cluster to be stumped by a file encrypted with a 4096-bit key made with PGPFreeware. You can get your copy at http://www.pgp.com/ [pgp.com]
  • The DCFL is not a supercomputing facility. It is a computer forensics lab that has a supercomputer. that $15 mill. was refering to the facility as a whole, not just the Beowulf. Although impressive, the beowulf is just one small piece of the pie.
  • If $15M was spent to reconstruct a floppy, we would have a problem. BUT IT WASNT. tools to splice a disk are mildly inexpensive, mostly just a good microscope. $15M is the expense of the whole lab, whose scope is MUCH larger, any OS, any media, any size.
  • in response to your comment "but I also think they can use this for recruiting purposes to get quality computer hackers to come to work for uncle sam." Who's to say thay didnt? now I got ya thinkin!
  • Haha, Get an account, chicken man! :)
  • by Anonymous Coward
    Here is the lab's homepage [dcfl.com]. Their printed literature has a picture of the Beowulf cluster. I believe it runs Redhat 5.2 with Beowulf kernel mods.
  • 1) Yes, the data is encrypted.

    2) The space with your "extra" data in it looks exactly like free space. Ths means that for normal use mounting the drive read-write, you have to use your most secret passphrase or you'll trash some of your "extra" data.

    The site appears to be back up.
    --
  • I couldn't get through to your site, it appears to be slashdotted. (go figure!) Anyway I have a few questions...

    What would keep someone from confiscating your drive, dd'ing the whole thing to their own system and reading through it at their leisure with a hex editor? Is the hidden data encrypted in some manner?

    Also, couldn't the bad guys just take a look at the capacity of the drive, subtract how much space they had access to and calculate the amount of data still hidden to them. They wouldn't know *what* was still hidden, but they'd know it was there, right?

    PS: You probably have really obvious answers for these questions, but your site was /.ed, so I couldn't rtfm, remember!
  • An interesting tangential point (well, not open source related) is how all the other neat stuff in the lab works, and how you would go about making things *really* unrecoverable... There is an interesting paper on the subject [auckland.ac.nz] available form Auckland university. Worth a read.
  • Time to be pedantic: Beowulfs are defined as running on open source software. Piles of PC's, on the other hand, might run other OS's.

    See beowulf.org
  • Used to work there. As far as your other question, I can't speak for the guys at fort meade, but the DOD lab has a very good relationship with most of the other intelligence and law-enforcement agencies. You are correct that there have historically been some problems between different agencies, but that has generally been a question of personality conflict rather than true interagency problems. As far as I know, because the charters are so different for the DOD and the other agencies, there is very little duplication of effort. In fact, the main reason for the DOD lab in the first place was to centralize this type of capability in one place rather than duplicating it for each branch of the service, which was the previous way of doing things.
  • "Although Ferguson and others declined to discuss specific cases already under way, they described as rare those involving encrypted files. "

    Good scramblers make data recovery in a reasonable amount of time unworkable. They might be able to break it if you only keep the good stuff hidden, but if you keep 2-3 gb of mp3s and text files that say "haw-haw"(Nelson laugh) in the same directory, well, Time rears its everpresent head and they don't get evidence till your bones rot in the ground.

    Why do you think the FBI/CIA/NSA fought so hard to keep encryption under conrol?

  • I believe there is a mild difference between "more powerful encryption software" and "powerful encryption software". Of course, every part of the U.S. government will use just about any excuse to get more funding, from what I've noticed. What do you expect from the same country where members of Congress decide upon their own salary? Ugh.

  • Most corporate business works the same way. It's a method to avoid wasting money.. For example, say you're the manager of a bakery in a grocery store, and corporate gives you the numbers you have to conform to in order to stay "within budget".. You have to meet goals for sales, profit margin, and labor. Say your corporate man wants you to stay under 20% labor (just an example), and the first quarter you end at around 19.96% or something. You made it, but just barely. This encourages your corporate man to keep the goal the same (go over your goal.. bad things happen). You end the next quarter with 18%, however, and your corporate man thinks you have become "more efficient", and he could better deploy that money elsewhere. Hence, next quarter your goal is, you guessed it, 18%.

    Not to say that this kind of mentality is necessarily all that intelligent (the people who decide the budgets other people should conform to rarely have /any/ experience doing the job of the people they are slapping these "goals" with, but hey.. that's life), but it's certainly not all that uncommon, and definitely not restricted to the government hive-mind. :)

  • So far I have concocted a couple of theories: 1) this is such a well-crafted troll that only one moderator has thus far noticed.. the others got suckered in or 2) there is an anti-Linux conspiracy at work.. I suspect the latter. Ha!

    At any rate, could someone please define for me "the big time"? I remember reading an article not too long ago mentioning that Linux is now being deployed to monitor the phone lines in /two whole states/ in order to make sure they stay up and all that (by the phone company, of course..), and that they have a couple of "hot boxes" (their words, not mine) "just in case".. but that they've never had to use them. This seems a /little/ like "the big time" to me. Anyone care to disagree? Or are your phone lines just not a big deal anymore?

    Yes, I forgot the silly link to the article. It was called "Linux Babysits Phone Lines" or something like that. I think I saw it on Linux.com, though I could be entirely mistaken (if I saw it on Slashdot, like I said, I forgot where I saw it, so leave me alone :). If anyone cares to post the link, it might prove.. helpful.

    As far as spokespeople getting terminology wrong.. They /still/ call crackers the one name they certainly do /not/ deserve. If they get anything else wrong on top of that, I won't be too damn surprised, if you know what I mean.

    Let's see.. "Linux minions".. Yup, definitely a conspiracy..

  • Well, obviously. My point being that the grand majority of people who sit on here long enough to get moderator access probably don't run Windows (at least not as their OS of choice :).

    I was suggesting conspirators of a different brand.. Ones who run an OS comporable to Linux, not one that is more popular with the average end-user (guess which..?).

  • by Communomancer ( 8024 ) on Saturday September 25, 1999 @03:38AM (#1660404)
    As much as I love Linux, I hate to be the one to have to point this out, but the "reason" Linux may not be mentioned is that Linux may not actually be used.

    Beowulf is an OS-independent architecture; PVM and MPI, for example, both run on multiple OSes (even including Win32, IIRC). Now, I'm sure that it's probably running on some form of Unix, but it could just as well be FreeBSD or Solaris as Linux.

    Just thought I'd clarify the point a bit.
  • by D3TH ( 15279 ) on Saturday September 25, 1999 @04:28AM (#1660405) Homepage
    You need to read the article a little better. This lab isn't just about cut up floppies..... It's a complete digital evidence handling facility. You might be amazed if you knew how much a blood evidence processing facility costs to stand up, for example. I am intimatly familiar with the lab, and know that the money being spent is being put to "good use". The technique for disk-splicing was originally developed to successfully prosecute a murderer. And besides the script kiddies which have been taken out of action, there are a large number of pedophiles, rapists, spies, and just about every other type of criminal you can think of that has been taken down with the help of the lab (which has been in operation (and using Linux) for over 4 years). And yes, the cluster runs Linux.
  • by Zoltar ( 24850 ) on Saturday September 25, 1999 @03:58AM (#1660406)
    You are correct, I'm sure they are thinking about many other things other than going after gangs of skript kiddies, but this is probably what John Q. Public wants to hear. I would guess they are concerned with international cyber-warfare as much as anything, but they don't want to scare the un-informed public so they say stuff like:

    "We have a multi-milllion dollar computer center to rid the country from crackers to make sure you can safely buy books from Amazon.com" And the public reads that and feels good about everything.

    OTOH, if they said:

    "We are terrified that a third world country could initiate a form of cyber-warfare on us and wreak havok with our computers and we really don't know what to do, so we are building this multi-million dollar computer center to try to combat that and hopefully drive some competent people to come to work for the government...etc"

    Well...you get the idea..They tell us what they think we want to hear, but I also think they can use this for recruiting purposes to get quality computer hackers to come to work for uncle sam. (Which is not a bad thing)
  • by Apuleius ( 6901 ) on Saturday September 25, 1999 @03:37AM (#1660407) Journal
    It's not just cracking codes. If you have to find files containing evidence somewhere amidst all those MP3's, those clock cycles running grep and find begin to add up.

    Also, if you're scanning someone's drive for illegal images, it helps to automate a process so a human being doesn't have to mark which are illegal and which are netscape-cached Slashdot icons, for example.

    Finally, in case of a nuked drive, it's useful to the feds to be able to dd if=confiscated-drive of=beowulf and then let it chug along.

    And all of that beats this situation:

    NYT article that says law enforcement agencies routinely seize hundreds of thousands of dollars worth of computers and hard drives as evidence, but have so few computer experts that confiscated equipment can gather dust for months or years until someone decides whether or not they contain criminal information. [slashdot.org]
  • ...you'll need plausible deniability. In other words, you'll need the Steganographic File System [cam.ac.uk] just released for Linux. It provides a uniquely powerful form of information hiding: you can type in a passphrase that reveals a certain amount of the disk, and there's no way of telling whether there are other, deeper passphrases that would reveal more. This means that there's no legal duress that can force you to reveal your most secret data.

    However, if the attacker is using rubber hose cryptanalysis, it means there's nothing you can do to convince them, once and for all, that the passphrase you've given them is the real, true, final passphrase. Could be painful...
    --

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...