Schneier on Security
A blog covering security and security technology.
« The DNS Vulnerability |
| TSA Proud of Confiscating Non-Dangerous Item »
July 29, 2008
World War II Deception Story
Great security story from an obituary of former OSS agent Roger Hall:
One of his favorite OSS stories involved a colleague sent to occupied France to destroy a seemingly impenetrable German tank at a key crossroads. The French resistance found that grenades were no use.
The OSS man, fluent in German and dressed like a French peasant, walked up to the tank and yelled, "Mail!"
The lid opened, and in went two grenades.
Hall's book about his OSS days, You're Stepping on My Cloak and Dagger, is a must-read.
Posted on July 29, 2008 at 1:50 PM
• 28 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Thanks, I needed a good laugh.
Again, the best solution was the simple one.
The Germans have a centuries-old reputation for orderliness.
An old joke: the French and German trenches are only a dozen yards apart. A German yells "Hey, Pierre!" Half the French soldiers stand up and are cut down by machine gun fire. Another German yells "Hey, Marcel!" and the other half stand up and die. The last surviving Frenchman (whose name has been lost to history) vows revenge, rigs the triggers of all the French machine guns with string and screams "HEY, FRITZ!" All of the germans stand up and say "sorry, we heff no Fritz here, can ve help you?"
No... the way *I* heard the old joke was:
For quite a while, the British had this routine where they'd shout "Hey, Fritz!" over the trenches - a German soldier named Fritz would stand up, say "Ja?" and so of course: *bang*.
The Germans got a bit sick of this, so they hatched a counter-plan. They called out "Hey, Tommy!"
No movement, but a reply was shouted back: "Is that you, Fritz?"
Wenn ist das Nunstück git und Slotermeyer? Ja! ... Beiherhund das Oder die Flipperwaldt gersput.
The worst part is that I broke out laughing in the middle of work after reading that last comment. That joke is dangerous! If I actually knew German, I'd be dead by now.
Sad to hear. I actually wasn't even sure he was still alive.
I second the book recommendation-- a great inside look at real spy training, and absolutely hilarious.
Ah, those were the days...when bad guys drove seemingly impenetrable tanks while good guys dressed as peasants and had to use their wits with improvised explosives. Funny how things change.
I second Petréa, the book is hilarious.
Good story and joke!
Security can make this happen all to easy!
Probably the same with some *BSD systems, you got mail...
Not many humans can live well with full on paranoia, and distrust. Hence strict rules help, but even still, humans are *easy* to hack and break down.
XXX:State of the Union, movie had a tank jacking, cool.
Ah, classic spoofed packets... ^_^
"Ah, those were the days...when bad guys drove seemingly impenetrable tanks while good guys dressed as peasants and had to use their wits with improvised explosives. Funny how things change."
How did they change?
Comment above was mine. Now I realize it must have been sarcasm, sorry.
Nowadays the occupying army in tanks and armored vehicles who don't speak the language are the good guys.
@bad Jim: I guess that's debatable.
Too bad the story seems as realistic as the Pierre, Fritz and Tommy story..
Or were the Germans so good in logistics that their mail got delivered to their tanks by French peasants who speak perfect German (well, believable in eastern France), and who would be trusted to carry military mails.. Too hard to believe for me
This exact same trick is (or was)regularly used for drug busts on houses/flats that have been steel-doored and generally fortified by dealers or growers. Dress up as a postie, bring a big box that requires the door to be opened to accept, and Bob's your uncle. I've done similar spoofs on TA exercises.
I find this story pretty easy to beleive. Mail delivery in a combat zone can happen at any time of day or night, you can't hear very well inside a steel shell, and after six years of occupation I'm sure most Frenchmen could manage to pronounce one convincing word of German.
The OSS and the SOE (eqiivalent British oganisation) were not spys.
They were effectively terrorist organisations whose members were sent behind enemy lines to carry out illegal assasinations and sabotage operations.
Those who were caught by the Germans were shot by firing squad in accordance with international law and all OSS/OSI operatives knew and acceptated this before they went on thier missions.
Because they were our terrorists on our side fighting for a rightious cause it is polite to refer to them as spys.
@Nocturn, Davi: Oh, I assumed he was referring to nowadays in the US when every city of more than 5,000 has a SWAT team constantly riding around in armored vehicles and shooting people for inadvertently resisting when they bust down the door unannounced at 0230 to deliver an overdue library book notice.
I wonder what would happen to an Iraqi peasant if he tries to deliver some mail to an American tank, and at night.. lol.
I want to believe..
The peasent calling out "Mail!" -- I would not consider this packet spoofing (alone), but social engineering...
No, it's not really social engineering, unless there are parts of the story that were left out. At this point, from the simple details, the commander opened the door at a simple word, meaning that it was already routine. No SE was required, so it was purely packet spoofing.
Early on in the war, when tank commanders weren't used to routinely getting mail, when mail only came from military couriers... if the OSS agent had to convince the tank commander that he really did have mail, then that would have been social engineering.
He should have yelled, "Land shark!" :)
Spies are terrorists and Soldiers murderers.
Not polite, but many people find these statements debatable even though they're true.
@Suspicious - I wouldn't be in the slightest bit surprised to discover that attempts in a similar vein have been made by both sides in Iraq. Deception is as old as warfare itself, and while this is a brazen example, it's really no different from Churchill knocking on the door of Calais during Operation Fortitude - while chucking a couple of grenades onto the Normandy beaches.
>Spies are terrorists and Soldiers
>Not polite, but many people find these
>statements debatable even though
Only true to someone who reads George Orwell as a training manual for how to manipulate language.
No reasonable definition of the words can cause any confusion, or debate. They are different.
>Soldiers are Murderers
Not true. State sanctioned murder is never called murder by the state.
No different than "suicide by police" where someone makes the police to commit deadly force.
If opposiing forces did not commit threatening movements there would be no one to "murder", correct?
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.