Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Afterbytes with Marcus Ranum - Russian Stealth Fighters

Moscow, Russia (CNN) -- Russia tested its fifth-generation Sukhoi fighter jet in the Russian Far East on Friday. The plane, provisionally called T-50, is the country's first fighter jet based on the stealth technology and is viewed by military experts as the Russian answer to the American F-35 and F-22 jets.

References: Russia tests its first stealth fighter jet

Congratulations, Sergey, for flying the new T-50 Russian Stealth fighter - the one that is not based on the Joint Strike Fighter plans that allegedy are being stolen from the US by Chinese cyber-spies.

Do I need to belabor the obvious, or have I already made my point?

For those of you who need back-fill, it ought to be pretty clear that the leaks which brought us Russian stealth technlogy (no, they did not invent it themselves) are neither recent nor related to the alleged Chinese "cyberwar" that we've been hearing so much about. Experienced security practitioners have been saying for years that technology intelligence is a strategic problem, and that it's not a simple matter of 180,000 script kiddies running exploits against Google. It's a serious problem, and it involves embedded intelligence assets compromising extremely expensive advanced development efforts. I don't want to seem snarky, but I'll bet that a lot of the stealth technology in the T-50 comes from the Los Angeles area, not Tibilisi.

When we see "see" Chinese stealth aircraft will they be chalked up to the leak of the Joint Strike Fighter plans, or to the leak that brought us the T-50? As a taxpayer, I have to wonder if our extremely expensive-to-develop stealth technology has been auctioned with "Buy It Now" on Ebay, or something. Fortunately, super-powers aren't likely to be going mano-a-mano any time soon, but life is going to suck for some people when the North Koreans get a Paypal account and buy a copy.

Meanwhile, the computer security "old guard" has been consistenty banging the drum about insider threat, counter-intelligence, need to know, reducing the scope of accsess to sensitive technologies, and so forth, until we're ready to scream. We have been saying, "what, do you think we're dealing with amateurs?" while you're being regaled with accounts of Google getting swamped with a human wave of 180,000 script kiddies. What do you think matters: strategic technologies or Google's advertiser database?

It used to be that when I said "I told you so!" I got a warm feeling, but now I just feel dumb and helpless.

Subscribe to the Tenable Blog

Try for Free Buy Now

Try Tenable.io Vulnerability Management


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.