Subject: IW Mailing List iw/951215
Moderator's Note:
	The war game almost has enough players to commence. If we get
	another 6 candidate players over the weekend, we will try to
	schedule the game for next week.  To sign up, send email to - when we reach threshold, we will begin mailing
	to the volunteers.
Subject: Re: IW Mailing List iw/951214
Date: Fri, 15 Dec 1995 12:04:20 +0300 (MSK)
From: Alexander Gagin 

> >From: "G.Adamopoulos" 
> After having an artillery (sp?) of nuclear weapons that are able to
> blast the whole planet, the game turns to aim to the enemy's psychology ...

Today nuclear weapon has the most impact on military infrastructure, but
it can't be applied - the reason for this is well known.  There is a
clear vision that Informational Weapon (a term much liked by Russian
military people) wins as a means to impact military infrastructure.  And
its usage will not have as catastrophic results for ecology and life as
nuclear.  It can even be used to C2 a nuclear weapon and suspend its
usage by enemy forces.  So there's a question: Will it be applied?
Surely.  I think that's a major stage in weapons evolution: it breaks
the principle that there are no winners in a Third World War.  A winner
may exist if the TWW is an InfoWar. 

> Date: 14 Dec 1995 14:19:17
> >From: "Mike Brown" 
>...  "Information Warfare" on the other hand, is combat in the
> cyberspace -- an effort to deny the adversary the use of portions of the
> information space while simultaneously protecting one's own. 

War in cyberspace is fiction.  IW is a lifecost issue when it interacts
with real world.  InfoWeapons are not in the real world and not in the
cyberworld - they are at the frontier between them. 

> > (Dr. Frederick B. Cohen)
> > ... Based on postings to this list to date, my summary of IW is: "Conflict
> > where IT is the weapon, the target, the objective, or the method." ...
> Stuart Lay 
> I would disagree in the sense I would limit this definition more.  I
> agree when Dr Cohen says that IT (Information Technology?) is the
> target, but not in the other cases.  If, for instance, one were to use a

I first thought of IT as a method and a target as method.  But when I
thought more, I understood: to define IW I need to define war.  And if I
consider war as actions directed to force an enemy to obey, and consider
weapons as tools to wage war, then IT is mostly a target. 
Date: Thu, 14 Dec 1995 23:33:56 -0500
Subject: US Civil War encryption  inquires:

>Bruce Sterling's mention of the balloons in 18th-19th century warfare
>reminded me.  Not that long ago I ran across a collection of Federal
>telegraph intercepts in the "Official Records" they had picked up from
>Rebel telegraphs around Richmond in early 1865.  Does anyone know if
>they would have been encrypted?

Well, whether or not those specific intercepts you mentioned were
encrypted, both the Union and Confederacy did employ encryption of
telegraph communiques during the Civil War.  To my knowledge, encryption
appears to have been utilized principally for high-level transmissions. 
Time and translation speed remained prohibitive for most tactical

For more on military-telegraph balloons, helio-telegraphy, the capture
of telegraphic operators, and cryptography in the US Civil War, consult
this fascinating text:

	The Military Telegraph during the Civil War in the United
	States: with an exposition..._ by William Rattle Plum, 1868;
	Dewey 973.7 P73M.  or microfiche (MIC) LAC 22395

By the way, if any of you possess *verifiable* info on extinct forms of
military/intelligence communication, we are fiendishly interested in
hearing what you might uncover.  Thanks. 
Date: Fri, 15 Dec 1995 08:25:26 -0500
From: Jerry Sands 
Subject:  IW Mailing List iw/951214 -Reply

Hacking into a computer by the Navy may be new to Sick Puppy, but the
Army has been doing it for about 20 years.  Whether the penetration is
done via dial-up telephone or through an Internet firewall does not
really make a whole lot of difference if the penetration is successful. 
[Moderator's Note: some documentation in support of this would be useful]

Irrespective of who did what when in regard to core wars and viruses,
there are numerous styles and approaches to malicious code.  So after we
dispense with all the extraneous chaff what do we have?

The act of taking control of all or part of another's information
systems appears to be a legitimate part of IW.  Denial of use also is a
part of IW, but let's temper that a bit - air strikes and nuclear wepons
can result in denial of use, but that is not what we are talking about -
so enough [...] about nukes and conventional warfare weapons.  Denial of
use could be caused by eating up CPU cycles on another's computer [by]
doing something useless.  [...] In the process [you] deny the use of the
system [to its owner]. 

Exploiting the information in another's system without the owner
knowledge or consent would also be a part of IW.  This could be
accomplished in the usual ways: authorized user who is a agent (on the
take), an unauthorized internal person (for $$ or drugs, etc), or an
outside who hacks, spoofs, or penetrates physically or electronically. 
Date: Fri, 15 Dec 1995 10:07:57 -0500
From: (Jerry Leichter)
Subject: Re: IW Mailing List iw/951214 : Undetectability

Michael Wilson <> writes:

> Undetectable is certainly the right word for me.  One programmer
> locked in a room with a net connect, the right tools, no associates,
> no previous history, and a burning rage he never talks about, is
> undetectable in advance. 

This is nonsense; we need to get away from this romantic image of the
lone genius who takes on the world. 

The reality is very different.  *Actual* attacks against *actual*
systems defended using time-honored security techniques - at least
time-honored every- where but on the Net! - depend on access to a great
deal of contingent information.  [...] A secure environment is so
arranged that getting *any* of this information is difficult; getting
*all* of it is just about impossible.  The advantage is on the side of
the defenders: *You* as attacker win only if you evade *all* their
traps; *they* as defenders win if *any one* of them works. 

Beyond that, there are "meta-traps": Traps on the means of gaining
access to some of that information.  Call the company that makes the id
cards and ask for information, and unless you get *all* the details
right, if they are any good, they'll let the target know that someone's
been asking around.  Same for the alarm company.  Same for the outfit
that provides the guards. 

Agreed, most "secure" installations don't go this far.  They don't have
to, because sophisticated attacks are so difficult, time-consuming, and
expensive that they are rarely worth it.  There are more incredibly
clever "Mission Impossible" type attacks in a typical week of network
television than actually took place in the world in the last 5 years. 

So how about our hacker alone in a room? Just what is he doing, sitting
there isolated from the reality of the system he is attacking? "Just
thinking?" How is that going to tell him the details of network
configuration, where monitors are connected, what files have alarm ACL's
on them? How's he going to determine if his target is running a version
of sendmail with some particular nasty hole - or a patched version that
tracks and reports an attack if someone tries to *use* that particular

Against a properly defended system, our hacker has two choices: Probe
the *real* system for *real* information, facing a risk of being
detected each time; or keep ranting at the walls. 

One of the *weaknesses* of current information protection technologies
is that we don't do as good a job of building such "probe detectors" in
as we do in traditional systems.  Partly it's because of hubris, a
belief in the technical "magic bullet" that will render the system
absolutely secure without all this business of getting one's hands
dirty.  (The mantra that "security through obscurity isn't security" is
part of this.  On the contrary, properly implemented "security through
obscurity" is better known as "defense in depth".)

Partly, it's because the problem is just plain hard: An attacker can
bring to bear many simultaneous attacks in the information world,
rapidly producing huge amounts of noise, confusion, "fog", within which
he may be able to hide his probes successfully.  Defenders, in
principle, have information technology available to them to sort all
this stuff out, but the techniques to do so are barely understood -
"trusted system" often translates to "produces more logging information
in a minute than our entire staff can analyze in an hour".  But that's
beginning to change: In information war, just as in any other kind of
war, we should expect the balance between offense and defense to shift
repeatedly over time. 

"Lone undetectable hacker who wages war against the world" is a myth,
along with such things as "strategic bombing wins the war with no ground
fighting and no losses" and "guerilla tactics are unbeatable" and
"nuclear weapons make war obsolete".  The world is much more complicated
than that. 
From: "Swartz, Don (SSgt) ~U" 
Subject: IW Definition
Date: Fri, 15 Dec 95 13:10:00 PST

In IW Mailing List iw/951214, "Mike Brown"  said:

> Information warfare is not the use of information in warfare. ...
> "Information Warfare" ... is combat in the
> cyberspace -- an effort to deny the adversary the use of portions of the
> information space while simultaneously protecting one's own.

I feel that this explanation is the best that I have seen in that it gives a 
boundary to the term "IW".  I would include using the portions of cyberspace 
utilized by the adversary for one's own gain as part of IW.