USAF’s latest press release touts their 50,000th air sortie in Operation Noble Eagle — a mission flown right over my RV, coincidentally enough.

USAF logs its aircraft missions with extreme precision; we know this for a fact.  They can tell you exactly who flew exactly what type of mission for exactly what military operation on exactly what date at exactly what time for exactly how long in exactly which aircraft.  Want to know if a “tail swap” or a crew swap took place at the last minute?  Did the aircraft fly around restricted airspace or take on fuel from a tanker?  Don’t worry, USAF logged it.  They keep these records on file for decades.

USAF also logs its aircraft maintenance with extreme precision; we know this for a fact.  They can tell you exactly who performed an engine swap on exactly what date for exactly how long (!) on exactly which aircraft.  Want to know the serial numbers for the old & new engines?  Don’t worry, USAF logged it.  They keep these records on file for decades.

USAF logs its satellite missions and satellite maintenance with extreme precision, too.  They (should) also log every missile mission and missile maintenance with extreme precision.  Indeed, the Secretary of Defense fired USAF’s top brass for lapses of extreme precision in this realm.

USAF keeps detailed records even on things like a Predator ground station unit and a K-9 working dog.  If it’s a bona fide weapon system, USAF’s bureaucracy tracks it with extreme precision.

But on the day they flew that 50,000th Noble Eagle mission, USAF didn’t log very much at all about its cyberspace defense efforts.  They simply don’t know exactly who deleted exactly how many copies of exactly what virus from exactly which computer on exactly what date at exactly what base.

USAF uses Symantec antivirus software; we know this for a fact (although they insist this fact is for official use only).  Symantec’s antivirus product for Microsoft Vista — by default — only keeps its (very limited) log data for a very short time.  I’ll bet one day’s wage against Maj Gen William T. Lord that Air Force Cyberspace Command dismisses as transient data the very antivirus logs generated by the computers in his very office.

Mind you: USAF officially insists every desktop computer is a bona fide “weapon system” equal in stature to its fleets of air, space, and missile weapons.  Yet computers are the only weapon system they don’t care enough to document with extreme precision.

We can’t take the notion of a “cyberspace” mission seriously until USAF at least tracks its network & computer defense efforts with the extreme precision they demand for bona fide weapon systems.

Of course it begs the question — does USAF track cyberspace sorties with extreme precision?  Purely for the sake of argument, let’s suppose U.S. airmen helped Israel hack into Syria’s air defense system.  That would qualify in my book as at least one “sortie” in cyberspace.  If it’s a sortie, then:

1. Do those (highly classified) logs contain a record of exactly who flew exactly what type of mission for exactly what military operation on exactly what date at exactly what time for exactly how long on exactly which cyberspace weapon system?
2. Did a tail swap or a crew swap take place at the last minute?
3. Did the crew earn credit for their flying hours?
4. Did an interim country restrict its cyberspace, thereby forcing the crew to take an alternate route to the target?
5. If the nature of the mission required even the slightest modification to the weapon system, did the “digital wrench-turners” document it with extreme precision in that particular weapon system’s maintenance logs?
6. Will all of these logs remain on file for decades?

Let’s ask THE fundamental question, folks.  If USAF knows exactly how many air missions they’ve flown in Operation Noble Eagle … shouldn’t they also know exactly how many cyberspace missions they’ve flown in Operation Iraqi Freedom?

My oldest readers will remember when I had the audacity to dissect antivirus software for security flaws. From 1997 to 2000 I could gain root on millions of corporate servers and desktop PCs that relied on McAfee, Symantec, Trend Micro, and other antivirus programs. I eventually named it the “ADVEIS” rootkit, short for “antivirus dependent vulnerabilities in email infrastructure security.” I gave a lecture about my findings and then—

—well, no one really cared that I proved antivirus programs reek of security flaws. Not even the hackers. (That surprised me: I expected a dozen copycats to pop up.) But I didn’t care much either, so I shelved it and went on to the next great experiment.

Which brings me to today. This year’s “DEFCON” convention will hold a “Race to Zero” contest. Players will get a batch of viruses to hack on until someone can get a variant past all the antivirus products installed for the contest.

Reporters played up the DEFCON announcement; the antivirus vendors sneered. But to them I say “so what?” If you want to watch someone beat a dead horse, go right ahead, but it’s not news. This DEFCON contest does nothing that we haven’t seen already. Lesser-known hacker shindigs have held the same contests over the years.

DEFCON would impress me if they held a contest to acquire root via the antivirus software. But (sigh) I’m the only one around here who seems interested in thinking outside the box…