As I've frequently mentioned, all of this cybersecurity is worse than the hackers.
That is, when the security even knows what it's doing at all:
Thanks again to John C Dvorak and his awesome blog!There are so many ridiculous aspects to a NY Times story from this weekend about a nearly decade-long relationship between the US government and what appears to be a con man who conned them out of tens of millions of dollars that it's hard to know where to start, so let's break it down in sections:
Conned
First off, the crux of the story is that a guy named Dennis Montgomery seems to have concocted an elaborate con on the US government that worked for years. He created some software, supposedly originally designed to help colorize movies, but it was later pitched for its capability to (I'm not joking) read coded messages in the "crawl bar" on Al Jazeera which (it was claimed) provided clues to planned terrorist attacks. Various US government agencies basically kept handing over millions and millions of dollars to Mr. Montgomery and partners. Some of those former partners now admit that Montgomery's technology was a hoax, and his presentations included doctored videos and test results.
Known, but still purchasing
Next up, there's the news that the CIA figured all of this out way back in 2003 and knew the software was useless, but the government was still paying millions of dollars in new contracts for it and using the software at least until 2009, when it was supposedly used to "detect" Somali terrorist plans during Obama's inauguration -- terrorist plans that later turned out not to exist at all.
And, it wasn't just the CIA that had figured this out. The NY Times report notes that the media -- including reports from both Bloomberg and (of all places) Playboy -- had previously called out "hints of fraud by Mr. Montgomery." Separately, a Pentagon report notes that the government had paid an astounding $285 billion in just three years to contractors accused of fraud or wrongdoing.
Feeling safer?
Relied on the info to make big decisions
What's really scary is how much the government seemed to rely on bogus info from this system that the CIA knew didn't work. In one case, it actually caused an international incident:
In December 2003, Mr. Montgomery reported alarming news: hidden in the crawl bars broadcast by Al Jazeera, someone had planted information about specific American-bound flights from Britain, France and Mexico that were hijacking targets.
C.I.A. officials rushed the information to Mr. Bush, who ordered those flights to be turned around or grounded before they could enter American airspace.
"The intelligence people were telling us this was real and credible, and we had to do something to act on it," recalled Asa Hutchinson, who oversaw federal aviation safety at the time. Senior administration officials even talked about shooting down planes identified as targets because they feared that supposed hijackers would use the planes to attack the United States, according to a former senior intelligence official who was at a meeting where the idea was discussed. The official later called the idea of firing on the planes "crazy."
The French then conducted a study, and also concluded that the technology Mr. Montgomery used was a total hoax, and told the Bush administration, leading them to claim "we got played," though it didn't stop the federal government from continuing to buy the technology for at least another five years.
Oh, also there were no actual repercussions to this massive international incident. The guy at the CIA who had been one of the main supporters of the technology, Donald Kerr, got promoted after this. Another CIA official noted that not only was no one blamed for this massive misstep, but "they acted like it never happened."
FBI's improper search
In 2006, the FBI began investigating things, after Mr. Montgomery and his then business partner had a dispute and split up. There were claims that Montgomery had illegally copied data from the company when he left, and it was during this investigation that employees apparently told the FBI that "Montgomery had manipulated tests in demonstrations with military officials to make it appear that his video recognition software had worked." So, once again, the government discovered the hoax... but, the whole investigation was dropped after a court determined that the FBI screwed up by conducting "an improper search" of Montgomery's home. So the technology lived on, and was still being purchased and used by government agencies.
Patenting software that doesn't work
Oh yeah, did we mention that Montgomery "patented" this apparent hoax of a technology? The NY Times mentions this in passing. In doing a quick search, I've turned up a bunch of different patents from Montgomery and others who worked with him.
Nice to see that you can patent fraudulent systems, huh?
Cover up
Oh yeah, the biggest point in all of this is that the Federal government is working over time to cover this entire story up. It still hasn't admitted to any of this. It hasn't taken Montgomery to court at all (he's facing other legal problems related to passing bad checks at casinos). However, the Justice Department is apparently working overtime to keep this story totally secret:
The Justice Department, which in the last few months has gotten protective orders from two federal judges keeping details of the technology out of court, says it is guarding state secrets that would threaten national security if disclosed. But others involved in the case say that what the government is trying to avoid is public embarrassment over evidence that Mr. Montgomery bamboozled federal officials.
Once again, it appears the government is using secrecy and totally bogus claims of "national security" to hide embarrassing details, rather than for any legitimate reason. This is an unfortunate result of giving the government too much power to declare things as "secret" with little to no oversight. It clearly will abuse that power to hide mistakes, rather than admit them and maybe even learn from them. Instead, we allow a con artist to cost tax payers tens of millions of dollars, and then the government tries to brush it all under the rug.
And, yes, all of this really should make you wonder about all of those claims from politicians supporting the renewals on the Patriot Act and other such legislation, who claim that the government has protected us from multiple terrorist attack attempts. While I'm sure there have been some attempts, it does make you wonder how many such "thwarted" attempts included the ones that were apparently totally made up by Montgomery.
http://goo.gl/7xsQS" onclick="window.open(this.href);return false;
Posted: Tue Feb 08, 2011 8:09 pm