From: (Information Warfare Mailing List)
Subject: IW Mailing List 951125

Moderator's notes:

In the original posting soliciting interested parties, we requested ... 
"It would be most valuable to include your concept of what IW is all
about..." We would still be interested in hearing this from those who
mistook it as a request for personal information. 

From the responses to date, it seems clear that there are many views on
the subject.  It might be worthwhile to have examples of what list
members consider to be IW attacks.  I'll start out with some possible PM
examples to get the debate going. 

	1 - The Japanese repeated invocation of the rape of a Japanese
	school girl by a US soldier as part of an ongoing effort to ...
	remove the US military presence?  Now augmented by the Japanese
	indignation over the use of the CIA to spy on the Japanese
	during negotiations (the Japanese have been doing the same thing
	to the rest of the world for a long time according to my sources).

	2 - The news broadcasts describing the jets containing a lot of
	US technology now sold by Israel to China - this coming up just
	after the assasination ...  to build sympathy for treating all
	mid-east nations equally? To embarass Israel's government into
	not going back to the hard line?

	3 - The US claims of Kadaffi sponsoring the German discotek
	bombing (during the Raegan administration) to get the US public
	to support middle-east action against Kadaffi?

From Sat Nov 25 04:50:28 1995
Subject: Information Warfare

I have a professional interest in all aspects of security, particularly 
those aspects relating to hostile activity within and without the
organization I work for: virus distribution, password cracking, unwarranted
probing, denial of service, misappropriation or tapping of confidential
information, destruction of data etc.

	David Harley
	Central Computing Unit
	Imperial Cancer Research Fund
From: (Chris Swanepoel)
Date: Sat, 25 Nov 95 8:04:14 SAT

My company develops firewalls and that includes encryption 
tools , other tricks, etc.
I am as always interested in what your list has to offer.

Chris Swanepoel
Sysadmin for MIKOMTEK division, the CSIR of SA
Date: 24 Nov 1995 23:04:38 -0800

Will permissable topics include the current war on e-mail spam?  Bits
and pieces have arose on other mailing lists, but they've been
somewhat offtopic for the list.

In a former life I worked on C3I systems with TRW Defense, so I'm
still interested if that's the kind of warfare you mean.

-- baur
From sikpuppy@Maestro.COM Sat Nov 25 10:09:55 1995

... I was hired by the military.  They trained me to be a radio
intercept operator.  I was real good so they said they wanted to train
me on computers.  I did'nt know what a computer was, but I bit the bone. 
So I learned to distinguish between different kinds of signals with a
computer.  Ah was real good agin.  So they trained me to be a
cryptographer (which is a person who makes codes and breaks codes).  A
cryptogram is a bit different from a code though. 

Then they sent me leaping about with a mobile military intelligence unit.
Survival depended on not being caught.  They showed me real good how not 
to get caught. So I learned how to lie real good.

During all of this I got first hand experience on electronic intercept,
disguising signals to look like natural phenomena, and breaking codes.
Got a lot experience with Van Eck radiation too, both decoding it and 
preventing it. In fact a lot of the intercept and cracking that the 
military showed me how to do a few years ago is what high school hackers 
are showing each other how to do now.  Both the technology and the 
techniques have migrated from the military to the general public.

Exactly two years ago I started cracking systems, purely as educational 
research.  Turned out to be pretty easy and a lot of fun.  None of these 
systems was in the USA.  Then I was hired to connect a large organization 
to the Internet in a secure manner.  I built and ran two firewall prototypes 
and then told them to buy a TIS Gauntlet because it was better and cheaper
than I could do.

Then I was asked to work on their network security and I still do that 
part-time, using sniffers extensively to watch who is doing what on which 
systems. Recently I was asked to work full time on a large new financial 
system so I might not be doing network security much longer. 

My definition of Information Warfare:

Obtaining confidential information by:
 social engineering (skillful lying);
 researching public information;
 trash diving;
 cracking systems;
 trading KeWl WaReZ for information;
 sniffing data off the wire;
 electronic intercept.

Using this information for:
 defence planning;
 gaining competetive advantage;
 gaining economic advantage;
 gaining political advantage;
 undermining trust in religious authority;
 undermining trust in government authority.

-=:( I tell lies.  Computer security is just an illusion.  I tell lies ):=-
From: "Kari Laine" 
Date:          Sat, 25 Nov 1995 17:01:37 +0002

I am working as a technical director for a data security company LAN
Vision Oy, Finalnd.  Our products originate from uti-maco GmbH, Germany
and S&S International PLC, England.  Information Warfare is a special
interest to me.  Back to your question of what I understand IW is all

IW is not a new concept.  Same principles how to use information as a
weapon has been used throughout history.  BUT tools and ways how to
conduct IW has evolved and we are now living times when IW has much
bigger potential for or should I say against society than before.  Tools
to gather, analyse, react and dissipate information are so effective
that it makes me wonder where are we heading. 

IW infrastructure is problematic.  In conventional weapons you can try
to control the destructive potential by treatys agreeing abandon
factories and plants.  IW infrastructure is the same facilities needed
for societys normal information purposes.  So there is no way to control
the potential of IW easily. 

I am eager to learn more of the subject via this posting list. 

Kari Laine
LAN Vision Oy       Tel. +358-0-502 1947
Date: Sat, 25 Nov 1995 07:42:35 -0800
From: Bruce Sterling 

... cancelbunnies or massive electromagnetic pulse bursts from outer

From: (Thomas Svensson)
Date: Sat, 25 Nov 95 20:01:28 SNT

My opinion about what IW is ???

Perhaps it is everything that is a threat to the civilian and military
society that use information as a weapon.
Date: Sat, 25 Nov 95 22:04:20 IST
From: (Rony Shapiro)

I'm interested in IW as defined in the Toffler's book "War and

Moderator's note:
	War and Anti-War
	Survival at the Dawn of the 21st Century
	Little, Brown, and Company, 1993
	Alvin and Heidi Toffler

From the introduction:
	"This book is about wars and anti-wars to come.  It is for the
Bosnian child whose face has been half ripped away by explosives, and
for his mother staring with glazed eyes at what is left.  It is for all
the innocents of tomorrow who will both kill and die for reasons they do
not understand.  It is a book about peace.  Which means it is a book
about war in the startling new conditions we are creating as we race
together into an alien future.
	The thesis of this book is clear - but as yet little understood:
the way we make war reflects the way we make wealth - and the way we
make anti-war must reflect the way we make war.
	At the highest level, antiwars involve the strategic
applications of military, economic, and informational power to reduce
the violence so often associated with change on the world stage.
	Anti-wars must match the wars they are intended to prevent.
Date: Sat, 25 Nov 1995 20:58:18 -0500

Anyway, I think IW is an evolving thing.  Right now, offensive IW is an
a way to manipulate/influence/affect/disrupt the C4 loop of an enemy or
potential enemy.  That is doing things to (1) confuse him or give him an
incorrect picture of the battlefield (or potential battlefield), (2)
manipulate the enemy into making a decision (or not making one as the
case may be) that you would prefer he make (to suit your own
objectives), (3) cause the enemy to implement non-optimum tactics or
strategy, etc. 

There are a lot of things that are given the iW label which probably are
not yet operative - from this perspective I pretty much follow the
writings of Dr Martin Libicki. 
Moderator's note:
	Dr. Martin Libicki

Professor at the National Defense University and author of numerous
pieces on IW.  Some of his work is available on the NDU Web site.

Date: Sat, 25 Nov 1995 17:40:26 -0800
From: (J. Eric Townsend)

I'm intersted in IW as a tool for propaganda.

From: "Marcus J. Ranum" 
Date: Sat, 25 Nov 1995 20:29:55 -0500 (EST)

	My concept of what IW is all about? As far as I can see, it's
a catch-all label for a number of intelligence activities that are as
old as the hills, for industrial espionage, and for state-sponsored
terrorism. It has a zingy sound, though, and in the post-cold-war era
with budget cuts looming, a lot of cold warriors are re-aligning with
new job markets, including IW and its associated hype. From all the
"examples" I've heard of IW I've yet to see a cost effective application
of it from either an attacker or defender's perspective.
Date: Sat, 25 Nov 1995 19:24:00 -0500
From: *Hobbit* 

My take on IW? Not sure at the moment, but various denials of service
come immediately to mind as actions to just confuse or disable the
opponent; more subtle breaking/entering/copying/trojanizing/etc as more
difficult but possibly more effective...