Schneier on Security

> adequate fencing

or a fire wall...

A seeded honeypot could be used to spoof the protocol and cause the packets to get dropped.

Or they could exploit this packet loss problem:

http://www.faqs.org/qa/rfcc-6022.html

Solitary confinement works too!

Perhaps its a job for a DoS using

http://www.pestproducts.com/birdx/BXxpellerSUPERPRO.htm

"Coverage
Up to 6 acres (3.2 hectares) at full volume."

mount them in the guard towers.... probably need four or eight of these for the entire are that you need to cover

____________________________________________________________________
Lewis Donofrio Sr. Windows / Unix Systems Administrator 734-355-0592

This does not appear to be a security problem with the protocol described in RFC 1149.
It a bit like blaming the telephone system when its used by criminals.

Don't worry, I doubt they could carry more than 3 1/2 oz of fluid.

> adequate fencing will prevent the
> protocol from running
They tried an air gap - it didn't help.

But using CAT-5 seems to take care of it.

The RFC1149 has been implemented once, and they did encounter a few problems themselves :)

http://www.blug.linux.no/rfc1149/

What? A Pigeon carrying a jumbo frame?

It could grip it by the husk!

It's not a question of where he grips it! It's a simple question of weight ratios!

Wait a minute! Supposing two Pigeons carried it together?

No, they'd have to have it on a line.

Well, simple! They'd just use a strand of creeper!

What, held under the dorsal guiding feathers?

Well, why not?

Aren't carrier pigeons extinct?

Can someone edit the Wikipedia article on Carrier Pigeons (http://en.wikipedia.org/wiki/Carrier_pigeon) to reflect this new implementation? (The 2001 Norwegian implementation is already listed in the article.)

Bogwitch - I believe its no more than 256 milligrams

http://tinyurl.com/3l2tpc

**SNIPPED**
* Q: What is the typical MTU for an RFC 1149 transmission?
* A: From RFC 1149, Carrier Pigeon Internet Protocol: "The MTU is variable, and paradoxically, generally increases with increased carrier age. A typicall MTU is 256 milligrams"
* Credit: Joe Nygard
**SNIPPED**

--Happy Friday...
__________________________________Lewis Donofrio Sr. Windows / Unix Systems Administrator 734-355-0592

One of the classic counter-measures against carrier pigeons was using falcons.

As for C. Roy's question about carrier pigeons being extinct. The birds aren't but the use of the birds for routine delivery of messages is generally gone.

I recollect Switzerland being the last country to disband its military carrier pigeon unit. That was in the mid-1990s. One Swiss soldier reported said that the pigeons did have their advantages. If captured while transporting a pgieon, the soldier could claim he was transporting a pet or livestock. Also, if one was facing starvation, one can eat the pigeon, not so with an electronic communications device.

@C. Roy
You're thinking of the Passenger Pigeon.

@John
Yeah, that was my first thought, but then I realised that the vulnerability was that the prison guards discovered the transactions.

Also, you'd need a serious pigeon launch capability to implement a Ping of Death DoS.

@Dave B.

Launching a DOS would be a lot easier with a good botnet, but I expect that even the average consumer would recognize when their system was being used for that. The pigeon crap on their keyboard would be a dead giveaway.

jeff

But the REAL question is :

can it carry a large tube of toothpaste or not ?

that, freaks me out!

@derf

Are you suggesting pigeons migrate?

I prefer OWLs, Hawks, and Falcons to an electronic distress sound generator. Carefully placed rubber snakes also make a good deterrent.

@ J.D. Abolins & Dave B.

Ah, ok. Thanks!

The real question is whether or not it could carry a thumb drive across the border. So much for seizing that laptop....

Roxanne, I like how you think.

Need a way to share a secret key? Use this method with a tamper-evident seal. Place a USB key with 2GB of random text and use the XOR function for unbreakable encryption. If an attacker only was looking at the network, they would be out of luck.

All this talk of DoS attacks with pigeons reminds me of the Alfred Hitchcock movie "The Birds" which is just plain scary...

Because he for saw the perfect answer to Bruce's security theater competition when Bruce was (possibly) still in nappies.

8)

@ derf & Castle Guard:

African or European?

@John: This does not appear to be a security problem with the protocol described in RFC 1149.

It's not a problem for the traffic carried via RFC1149. However, it shows that RFC1149 implementations have a covert channel which an attacker can leverage.

You might also be able to detect if the covert channel is in use because of congestion between the legitimate and covert payloads. But a smart attacker will limit their payload so that you don't see any noticeable effect.

From the article...

"Officers were alerted to the scheme at a prison near Sao Paulo, when they noticed some of the birds experiencing difficulty flying."

A-ha! They did detect congestion caused by the covert payload!!!

Now if only I could just encrypt drugs in real life...

@ Andrea S.

If the Internet itself is the addictive thing (and I think it may be) encryption would be counter-productive.

Uh Oh, Steve. with that double post, now we all know that you've been the one making all those "anonymous" comments all these years.

Wouldn't the "shot blast" effect be an effective DoS (Dead or Scared) attack.

You aim your packet generation device at a vulnerable point along the carrier path and activate it when you detect traffic. I would suggest a point near the route endpoint being most effective due to the lack of intelligence on the origin of the packet and the concentrating effect of the single destination. The route endpoint is also closer to home comforts and so has fewer logistical issues.

A packet collision will cause effective carrier loss and provide data to analyze. Even a miss will most probably disrupt the carrier due to the built in Carrier Integrity Preservation System (CIPS). This weakness due to carrier self preservation is further enhanced due to its long term memory capabilities and Forward Looking Collision Avoidance. (FLCA*)

What is open for debate is the selection of packet size for the DoS attack. Due to the low carrier bandwidth and small packet size of the payload I would recommend smaller offensive packets with higher dispersal (bird shot).

* FLCA is an enhancement on FEC. It is designed to preserve the carrier rather than the integrity of the payload so that the channel stays open for retries. Unfortunately the engineers did not foresee the effects of CIPS.

I just read in AOPA Pilot (magazine) that the first air-to-air military combat was in 1870 (Franco-Prussian war) when the Prussians deployed trained hawks against French battlefield communications performed according to RFC1149

1) Micro SD card.

2) RFC 1149 protocol discovered to be surprisingly robust in defeating certain wireless countermeasures.

3) RFC 1149 protocol able to defeat certain wired countermeasures, including barbed wire and razor wire.

4) Excess packet size can result in dropped packets.

A firewall would bring multiple benefits: no more contraband, and the guards get roast pigeon for dinner...

I love it! I remember the first time I read that RFC and thought that
someday someone would exploit it. I just don't understand how the
media (birds) are trained in this scenario... the problem seems to me
how do you get the bi-directional flow? I can understand inbound or
outbound traffic... but bidirectional seems hard to achieve.

ok, so they found the pigeons. but did they check the snakes and lizards?

ok, so they found the pigeons. but did they check the snakes and lizards?

ok, so they found the pigeons. but did they check the snakes and lizards?

OT, but you'll sure all love this one:

http://it.slashdot.org/article.pl?sid=08/06/29/1745256

@me:

So, following a proven official procedure, should now be punished everybody selling magazines containing photos so that these cigarette terrrists won't be able to continue their mishaps

@Steve:
> Use this method with a tamper-evident seal.

Unless we make assumptions about the limitations of the attacker's manufacturing capabilities, a tamper-evident seal requires either that the device be verified by the same person who applied it (not so useful for sending messages), or that there exists a secret pre-shared between applier and verifier. Otherwise, the attacker can just substitute the whole device, with a fresh seal.

> Place a USB key with 2GB of random text and use the XOR function for unbreakable encryption.

Sorry Steve, a Flash drive is a terrible way to implement a one-time pad. One of the necessary design features of a OTP is the ability to irrevocably erase key stream as soon as it is used. But because of wear levelling algorithms, it is difficult to overwrite data on a flash memory device; from the file system level, the only guaranteed way to do it is to overwrite the entire device. If you write your own driver and get bare-metal access, and IF wear levelling was implemented in drivers rather than in chip firmware, then at least you can erase just one block at a time -- still very inefficient if you just received a 50 word message, since the block size is a minimum of 16 kB and usually much larger.

If you can't find a tamper evident seal, would a man in the middle proof walrus suffice?

Those carrier pigeons have not vanished.
In the low counties (Belgium and the Netherlands) there are still many thousands of pigeon breeders with pigeons that are used for "racing". They are put somewhere in the field to fly back home. The distances those pigeons have to fly are up to several hundreds of miles. There is one point. The birds only know one destination, back home. They have to be transported first. I was told that they tend to prefer to fly from South to North. The other way around doesn't seem to work well.
take a look at :
http://www.driesenduiven.centerall.com/

More reliable than the new e-voting machines. Maybe we can start voting by carrier pigeon. Fly me to the polls.

Maybe they should hire hawkers for a Denial of Service attack.