Feeds

back to article CIA used 'illegal, inaccurate code to target kill drones'

The CIA is implicated in a court case in which it's claimed it used an illegal, inaccurate software "hack" to direct secret assassination drones in central Asia. The target of the court action is Netezza, the data warehousing firm that IBM bid $1.7bn for on Monday. The case raises serious questions about the conduct of Netezza …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge
WTF?

Two things come out of this story:

Two things come out of this story:

1. When procuring custom software, *always* insist on Source Code, right from the outset. You are the one with the money, and there's always someone else out there who will oblige.

2. The world would benefit from an international treaty banning the use of unstaffed aircraft as weapons.

11
25
Grenade

Really?

1. When procuring custom software, *always* insist on Source Code, right from the outset

So a company is to give up it's trade secrets (and therefore how it makes money) to the customer, so said customer can fuck off to the bloke down the road who'll do it for a bottle of whisky and a night with 2 cheaper hookers?

2. The world would benefit from an international treaty banning the use of unstaffed aircraft as weapons

So that rules out cruise missiles then. Best left to irattional,jumpy, adrenaline fuelled sky jocks then. Wow feel safer already.

Thank fuck your not in any sort of position of power.

26
12
FAIL

Re: Really?

"So a company is to give up it's trade secrets (and therefore how it makes money) to the customer, so said customer can fuck off to the bloke down the road who'll do it for a bottle of whisky and a night with 2 cheaper hookers?"

Erm, if someone is paying you, they can certainly insist on the source code. If you don't want to provide it, then maybe they should be doing business with someone who will provide the code. As for the puerile remarks about whisky and hookers, there are legal frameworks for preventing people "fuck[ing] off to the bloke down the road".

"Thank fuck your not in any sort of position of power."

Your what? Really, indeed.

11
14
Silver badge
FAIL

But it isn't a secret

"So a company is to give up it's trade secrets (and therefore how it makes money) to the customer, so said customer can fuck off to the bloke down the road who'll do it for a bottle of whisky and a night with 2 cheaper hookers?" -- the only dignified respons I can give this is, "bollocks".

If I am paying you for the software, then what is inside it is by definition *not* a secret from me.

7
6
Anonymous Coward

@A J Stiles

You're right. Two things do come out of this story.

Firstly, killing people is a really shitty business which no amount of complicated legal wrangling, re-definition of terms, or general mucking about with language is going to change.

Secondly, if - as sometimes stated - we only really advance technologically when we're busily killing each other that's a shining endorsement of neither humankind, nor technology.

As far as I can tell this whole story is a case of three sets of people who make killing machines having a squabble about who should get paid and how: Frankly I don't care. I'd rather they threw all their fuckery-foo into the sea because the world doesn't need more assholes with guns and ammunition no matter what the justification is.

Someone's going to lose their life because of this shit and all the USA seems bothered about is who might be embarrassed, as if it's just a case of someone having pissed their pants at school.

How fucking pathetic can you be.

9
1
Thumb Down

Not a secret?

Oh but it is. Very much so. That's why there are usually clauses in EULAs prohibiting reverse engineering etc. You may specificy *what* it does but *how* it does it is very much how I make my living, and I'm not in a sharing mood unless you're willing to pay me to compensate for the risk I'm taking in putting my livehood in your hands.

9
2

> insist on the source code

Yep, the customer can most certainly insist on the source code, and even on copyright assignation or privileges which would also be needed if anyone else were to work on it.. However if the price without source code is a fraction of the price with sourcecode and rights, as would not be unreasonable, then the customer may well decide they don't need the sourcecode that badly after all.

6
1
Pint

I'll have

The Windows source code, a pound off ATI graphics driver and a beer please.

If companies can sell proprietary software, why can't these people. I can only imagine the next season of Robot Wars using this software to really give the crowd a buzz...saw

2
1

depends on the contract

in general, if you contract a company to write some software on your behalf, you are perfectly entitled to the sourcecode, if you want it.

it will likely cost you considerably more than just getting the software itself though.

6
0
FAIL

@A J Stiles

Are you sure that the software was commissioned by Netezza?

From the article:

"The partnership between the two firms strengthened, and in August 2008 Netezza acquired exclusive rights to distibute[sic] Geospatial"

Company A has already written a piece of software, and they sell company B the right to _distribute_ it.

Are you saying company B should now have source code rights?

4
0
Silver badge

Advancement

"Secondly, if - as sometimes stated - we only really advance technologically when we're busily killing each other that's a shining endorsement of neither humankind, nor technology."

Of course that is bollocks. Tech advances happen all the time.

War does speed the process up because people don't get so hung up on safety/testing. If a product has some problems but gives a military advantage then it will get used.

For example consider a hypothetical case where someone invents a new way to make parachutes twice as fast and half the cost, but there is glitch whereby one in a thousand parachutes fails to open. That new parachute would get deployed pretty smartly during a big war because the benefits of doubling your parachutists outweighs the costs of killing 1/1000 parachutists. The numbers even work for parachutists since doubling the number of people in a group way more than doubles your chances of survival.

Where this breaks down is during a protracted low-key war that is far away. The majority of people are not in war mode and think with health and safety mindsets. They'd want that 1/1000 glitch to be found, fixed and tested before the new parachutes get deployed. The nett result is a longer war and more paratrooper deaths.

Militarily it makes sense to deploy with the known 1-13m error and fix it off-line. That gives you the use of an improved (though imperfect) tech. When you're exploding a huge warhead, 1-13m error is probably insignificant anyway.

2
1
Terminator

Don't have escrow where you live?

Here in the USA the source code is placed in escrow with a trusted third party.

1
0
Anonymous Coward

missed the point (and the target)...

"Militarily it makes sense to deploy with the known 1-13m error and fix it off-line."

Yes it makes sense if you dont care about killing civillians. Infact it makes sense to deploy even if it kills 100 civillians for every 1 soldier... Militarily.

But that is the whole kcufing point. It is not the Military's version of "makes sense" that is causing the outrage here.

1
1
Silver badge

Values

There is a little principle called "Life before property". According to which, the life of even the lowliest human being is worth infinitely more than the secrecy of your precious Source Code.

0
0
Anonymous Coward

orly?

WOW. So you know exactly how Photoshop works? or MS Word?

you must be a GENIUS.

0
0
WTF?

Errr... guess again

If you think the government will let you supply them compiled code without the source to stick on their TS network, you're dumber than a box of rocks. Code is a mandatory requirement, after all they paid for and for that matter, they want to make sure it doesn't have anything in it that it shouldn't, like for example unauthorized overrides or back doors. DoD work is in a completely different realm than commercial work. Our job is to make the other guy die for his country, not make as much money as possible.

0
0
Silver badge

No

I have neither Photoshop nor MS Word installed on any of my machines.

I do, however, have the GIMP and OpenOffice.org -- along with the Source Code from which I compiled them.

0
0

true ... but

as far as I know escrow software isn't available to the customer unless the supplier has gone bust.

0
0

SO you know...

Whats inside Windows? Or your favourite browser?

I think not.

And the reason not is that the code is not yours, you have only paid a licence fee to use the software.

0
0

unmanned aircraft vs missile?

Prey what really is the difference? We've been using missiles since WW2, seems a little late to put that gene back in the bottle. And in honesty a missile isn't much different to an airborne torpedo which goes back even further....

0
0

Clearly only in fantasy land

This has never held water.... try stealing something from a rich man and notice you get far more time 'inside' than the average murderer.

0
0
Silver badge

And the Bush legacy continues ...

No doubt the extreme right will blame it on Obama, despite the fact that these wheels were set into motion long before he had anything resembling political power ...

Waste, America.

7
4

But...

...Obama is in charge now, right? So the further use, and the recently increased use, of drones for assassination is down to him. Not that I am against it.

Of course, the CIA really shouldn't have let George Bush personally vet and pass software for their weapons systems.

3
1
Silver badge
FAIL

Not against it, eh?

Compare:

"President Obama has significantly expanded use of clandestine drone assassinations [operating in countries not at war with US], despite heavy criticism from the UN and others."

"Comrade Stalin has significantly expanded use of clandestine NKVD assassination [operating in countries not at war with the USSR], despite heavy criticism from the UN and others."

At least Stalin could not be embarrassed by lousy and overpaid state employees trying to crack one off playing Software Management Gurus.

2
0

True enough...

You can't blame the last guy if you've not at least tried to do something about it.

0
0
Happy

Drone targetting accuracy...

...should have got Chloe to do it...

3
0

Jesus!

I can kind of envision a CIA staffer thinking that up to 13 metres error for supposed 'smart' ordnance is acceptable, but a IT salesman? I mean, I though they were paragons of virtue, untainted by the impurities of greed...

8
1

Salesmen

Well they did tell them!

To be fair, 13m out when you're dropping 100lb of RDX on someone is still going to end in a successful, yet messy outcome. The only real difference is which particular passers-by happen to die at the same time.

The term surgical strike when using anti tank rounds is hardly accurate after all...

The sad thing is I imagine that rather than suspending their actions until the issue was fixed, the CIA just upped the lb-age on their on their weps to make doubly sure of a kill, ensuring more deaths of non-targetted people.

5
1
Gold badge
Alien

@Dan 10

"I can kind of envision a CIA staffer thinking that up to 13 metres error for supposed 'smart' ordnance is acceptable, but a IT salesman? I mean, I though they were paragons of virtue, untainted by the impurities of greed..."

Hmm. The sarcasm is strong in this one.

4
1
WTF?

I don't know what the most amazing part of this story is

But I think it may well be the idea that someone working on spatial technology for armed UAVs was not competent in the correct way to do numerical computing without arseing up the floats and getting rounding errors.

OTOH what's the blast radius on the rockets these thing pack ? Somewhere between 1 and 13 meters by any chance ?

2
1

I can tell you the not-so amazing parts

1. The code worked fine on one chipset.

2.. They decided to use a cheaper chipset (because a one-time purchase of a chip represents a major investment, in a device that drops a couple of hundred thousand dollars of explosives on someone, each time it flies).

3. Floating point errors crept in, because people couldn't get it to work with the new chipset.

4. They decided to lie about the results, or ignore the errors.

The disgusting thing about the armaments industry, is that the death and slaughter actually happens as a side-affect of a series of rounding errors, generated by a process largely driven by greed, emotion and personal favour.

10
1

skip

the most amazing part of the story is that pointy finger guy's photo

4
0

Louie Anderson

The guy that looks like Louie Anderson?

0
0

This is utterly unacceptable

They might kill the WRONG innocent civilian bystanders.

6
3
Silver badge
WTF?

Confusing

Let me see if I got the story straight:

- CIA wants a targeting software as precise as possible, but ended up accepting an imprecision of up to 13 meters, hoping it is precise enough in most case

- Netezza did whatever it could to make the CIA happy, including ripping imperfect code from IISi

- IISi... was not willing to deliver an imperfect solution? Is complaining about the code grab? They are also complaining that the CIA is using a solution that might kill innocents?

I would have thought that the ordinance is powerful enough that 13 meters is an insignificant error... And it is unlikely that the CIA is going to say "OMG we might kill innocent people with such an imprecision, we have to wait until the boffins get it down to 1 meter"

3
6
Anonymous Coward

1 - 13 m

From a practical/military point of view an error of 1 - 13 m probably isn't a show stopper against a soft target like a mud brick building, HE bombs are area weapons after all.

The only downside is collateral damage and the Americans don't seem to mind that too much going on past performance in Afghanistan and Iraq.

5
2
Megaphone

Title.

The American >Government and Military< don't seem to mind "collateral damage".

Many American Citizens have issues with it.

Please remember that the former and the later are not the same.

7
1
Troll

For who?

But I thought the US Governement was for the people, by the people. That would make them the same.

1
1
Silver badge

The latter want the former there

I'm sure many individuals in the American government and military don't like collateral damage either.

Clearly the majority of Americans don't care. America is one of those democracy things where people choose their government and thereby choose their actions.

The Americans also have the right to bear arms so that they can rise up against any government that goes too far off base. They are not doing that, so clearly they don't care about the matter that much.

2
1
Anonymous Coward

13 metres

Even if a target is within the weapon blast radius, if they are behind one or more walls, the probability of a kill are likely to be substantially reduced. A 13 metre error could even place a weapon in the wrong building - not what one would call a surgical strike.

Given that this type of attack has been used to attack targets in Pakistan, a country with which the USA is not at war, collateral damage might be fairly important. If this was not the case, they would have simply carpet bombed Waziristan.

2
0

Clearly...

"The complex case, which has so far received scant press attention..."

More likely, the majority of Americans don't even know about this, and plenty of other similar situations. Defense reporting generally doesn't make it into the trough of our mainstream media.

1
0

Democracy...

A falacy, a lie, and not even remotely matching the governed with the governing.

Don't forget for example Mr Blair - overwhelming power in the UK parliament from 25% of the votes cast.... and they are arguing here over whether to fix that!

One day we will have real democracy - the sort where the people control what the government do, until then we have elections.

1
0
Gold badge
FAIL

Lots of Fail to go round I think

The Developers

"It's going to take a long time to port this"

How much assembler did you use for this package?

x86 is not exactly an *obscure* hardware architecture and given the rather floating point heavy nature of GIS stuff I'd like to think they had a test suite of tricky problems to check the quality of a port.

The hardware suppliers.

"The answer is yes, provided you have the money."

The client

"Skippy" does not look like a guy who take "no" for an answer, even when it should be given and he should accept it.

Call it the "Carter Burke" school of management. *any* requirement accepted to get/keep deal -> FUBAR.

1
1

The Developers

If you read the article, it sounds like they did port it to the x86, test it with their wonderful set of tricky problems and figured out it didn't work. They had a look at the issues and decided is was weird floating point compatibility stuff and they would need some time to fix it.

Hardly a big fail.

The big fail is the other guys who ported it to the x86 (in a day?), tested it, figured out it didn't work but god knows why, and put it into action anyway.

6
0

Thumbs up...

...purely for the "Carter Burke" reference!

0
0
Alert

Endian-ness

PowerPC chips are big-endian and x86 chips are little-endian. This alone can cause serious headaches when porting floating-point code.

http://en.wikipedia.org/wiki/Endianness#Floating-point_and_endianness

0
0
Gold badge
Happy

@Shooter

When most people think of greedy defense con-tractors shipping half finished equipment Ronny Cox's character in Robo Cop "Dick Jones," comes readily to mind (BTW ED209 problem was modeled on the US Army's "Sgt Yorke" anti aircraft gun programme fiasco).

Jones is a bad guy but he *knows* he's a bad guy. He does bad things because they pay and he reckons that "Only idiots and little people go to jail."

Burke is much more delusional and possibly more convincing as a result. He just want's what he feels his hard work entitles him to.

Unfortunately he feels that includes *everything*.

He really sees *nothing* wrong in what he has done other than he might have made a few "Errors of judgment."

One kind of corporate executive might be reformed (or rather discouraged) if they believed in the risk of swift and effective law enforcement (for example by a unit of incorruptible and nearly un-killable cyborgs)

The other would never change. Only some "Terminal therapy" would cure their behavior.

0
0

blast radius

http://www.wired.com/dangerroom/2009/06/why-was-pakistan-drone-strike-so-deadly/

This article suggests a 200 ft (60 m) blast radius for a Mk82 bomb launched from a drone, I don't think being out by 42 ft (13 m) is going to make much difference.

2
2

Great big bombs do not an "assassination" make

If they could fix the targeting, the warhead would only need to be the size of a hand grenade.

These guys kept the bad figures out of their sales pitch because they didn't want to damage their marketing collateral - because, it turns out, the only thing they were marketing, was collateral damage. People should be ready volunteer, to be someone else's collateral, before saying any of that is okay.

0
0
Silver badge
WTF?

Two faced US Government defender of Hollywood rights used palgerised software

It is surprising that the biggest proponent of enhanced action against those distributing Hollywood films on-line is guilty of using copied/plagerised software.

Another example of US government hypocrisy.

The CIA was also a big player in bringing drugs north from Mexico whilst the DEA was busy fighting the trade. Some morals.

7
3

Page:

This topic is closed for new posts.