Death wears bunny slippers
July 7, 2010 10:55 AM   Subscribe

At least our warfighters can look kewl.
posted by Goofyy at 10:59 AM on July 7, 2010

http://morningglory2.files.wordpress.com/2006/10/136px-2crssi.jpg
posted by billybobtoo at 11:03 AM on July 7, 2010

Who gets to design military patches? I have a really hard time believing that a lot of these are actually officially-sanctioned, but I don't really know much about the military.

Fun post, BTW.
posted by KGMoney at 11:07 AM on July 7, 2010

Great post. I just can't help but wonder if having a breakable code on the seal will be bad for morale.
posted by doublehappy at 11:11 AM on July 7, 2010

If had the job of designing military logo and patches, I too would go out of my way to make them outlandishly ominous and sinister.
posted by The Whelk at 11:19 AM on July 7, 2010

Why not go straight for the endgame and put a Langford basilisk on it?
posted by ROU_Xenophobe at 11:24 AM on July 7, 2010 [1 favorite]

This made me think of this patch.
posted by arcticseal at 11:25 AM on July 7, 2010 [4 favorites]

An eye in a pyramid casting rays onto the Earth! Nobody could possibly see that as being sinister!
posted by Electric Dragon at 11:26 AM on July 7, 2010 [2 favorites]

Great post.
posted by WPW at 11:26 AM on July 7, 2010

What does that seal have my banking password on it.
posted by Elmore at 11:33 AM on July 7, 2010

At least our warfighters can look kewl.

You jest but the "serious reason" link does use "war fighter".
posted by smackfu at 11:42 AM on July 7, 2010

I wish I could buy a grab bag of random military patches.
posted by mecran01 at 11:44 AM on July 7, 2010 [2 favorites]

That's the code one needs to enter into the computer in the hatch every 108 minutes so the electromagnet radiation doesn't destroy the world!! It was changed from 4 8 15 16 23 42!!! AHHH!! AHHH!!! SOMEONE GO ENTER THE CODE!!!

(Can also be used as lotto numbers.)
posted by Skygazer at 12:13 PM on July 7, 2010

And here's the guy who literally wrote the book on the subject, Trevor Paglen (disclosure: he's a client).
posted by twsf at 12:14 PM on July 7, 2010

The link to the binned Info Awareness Office logo says that "scientia est polentia," which means, of course, "Knowledge is corn meal mush."
posted by Emperor SnooKloze at 12:14 PM on July 7, 2010 [5 favorites]

Trevor Paglen's book is really worth checking out. There used to be an ebay seller who sold the patches, but I'm not sure he's still carrying them.
posted by drezdn at 12:18 PM on July 7, 2010

Awesome post.

Tucked inside the shuttle’s payload bay was a classified National Reconnaissance Office (NRO) communications satellite—known as Quasar—that would be used to relay data between intelligence spacecraft in low Earth orbit. But the Quasar payload, although highly classified, also served as a cover story for an even more exotic payload—a stealthy satellite inspection spacecraft, often referred to as “Prowler”, designed to sneak up on other satellites undetected, photographing and measuring them in various ways.

Never heard of this Prowler thing. Would like to subscribe to its newsletter.
posted by circular at 12:21 PM on July 7, 2010 [1 favorite]

try this one

https://www.cia.gov/news-information/cia-the-war-on-terrorism/busterspin_preview.jpg
posted by Postroad at 12:25 PM on July 7, 2010

lets design a MeFi badge for the blue, the green and the grey? ;p
posted by infini at 12:32 PM on July 7, 2010 [1 favorite]

Having read the explanation, I really like the Death in bunny slippers patch.
posted by shakespeherian at 1:00 PM on July 7, 2010 [2 favorites]

You jest but the "serious reason" link does use "war fighter".

That's the proper term in US government circles. It's easier to say than "Soldier, Sailor, Marine, or Airman."
posted by mr_roboto at 1:13 PM on July 7, 2010 [1 favorite]

whats wrong with warriors?
posted by infini at 1:25 PM on July 7, 2010

Alright let's not do this two places at once.
posted by shakespeherian at 1:33 PM on July 7, 2010 [1 favorite]

Designing unit patches is an organic thing, most of the time. When a unit is "created", there's always some kid, a company clerk, or the "artistic" guy that gets detailed to paint all the signs (and sometimes the rocks lining the pathways), who the Captain or Colonel will look at and say "Design me a unit patch."

This will get the poor schmuck off details for a week or two while he designs a bitching patch. Then, the officers will start chiming in with "You can't do that" or "I saw a patch like that in the [some foreign country] army/navy/special forces."

The poor designer can't win at this point, unless he actively looks for points of ignorance in his superior's knowledge, and then exploits them. This is, as you can imagine, a dangerous game.
posted by pjern at 1:39 PM on July 7, 2010 [6 favorites]

I like that if you look closely at the Cyber Command logo you see that the eagle's wing is made partially transparent exposing the 3D wireframe on which it is built.
posted by Babblesort at 1:53 PM on July 7, 2010

So, the code on that first patch is apparently (from comments at your link) the MD5 hash of the following awesome mission statement: "USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries." I don't even know where to begin with that punctuation.
posted by chalkbored at 2:33 PM on July 7, 2010 [1 favorite]

Fantastic post. Thank you for this.
posted by zarq at 2:33 PM on July 7, 2010

So, the code on that first patch is apparently...


It's no "Helping Children Through Research and Development ( Hi, Everyone, Let's Pitch In 'N' Get Cracking Here In Louisiana Doing Right, Eh? Now Then, Hateful, Rich, Overbearing Ugly Guys Hurt Royally Every Time Someone Eats A Radish, Carrot, Hors d'oeuvre, And Never Does Dishes. Eventually, Victor Eats Lunch Over Peoria Mit Ein Neuesberger Tod)"
posted by drezdn at 2:48 PM on July 7, 2010 [1 favorite]

Go to: MD5 decrypter: http://www.md5decrypter.com/
Enter Code: 9ec4c12949a4f31474f299058ce2b22a

Results:
Md5 Hash: 9ec4c12949a4f31474f299058ce2b22a

Normal Text: USCYBERCOM plans, coordinates, integrates, synchronizes
and conducts activities to: direct the operations and defense of specified
Department of Defense information networks and; prepare to, and when
directed, conduct full spectrum military cyberspace operations in order to
enable actions in all domains, ensure US/Allied freedom of action in
cyberspace and deny the same to our adversaries.

That wasn't particularly difficult.
posted by zarq at 2:49 PM on July 7, 2010 [10 favorites]

Step 1: Someone else encrypts it on that site.
posted by smackfu at 3:07 PM on July 7, 2010

I like the patches of the space missions of the future.
posted by Omon Ra at 3:17 PM on July 7, 2010

MD5? Really? Why did they put an unsecure digest on their seal?
posted by zsazsa at 3:54 PM on July 7, 2010

That wasn't particularly difficult.

Okay, now the game is to find something snarky and rude that results in a hash collision.
posted by Avelwood at 6:05 PM on July 7, 2010 [3 favorites]

That wasn't particularly difficult.

From user JohnFly commenting on the Wired story (no permalink, but the comment was made at 7/7/10 4:35pm) :

I called the phone # for us cyber command and just asked… They said it is the MD5 of the mission statement.

I don’t know the exact spacing or capitalization they used but thats the answer straight from the US gov.

posted by mhum at 6:11 PM on July 7, 2010

Curiously, this also hashes: "Be sure to drink more Ovaltine."
posted by ZenMasterThis at 6:43 PM on July 7, 2010 [2 favorites]

Who gets to design military patches? I have a really hard time believing that a lot of these are actually officially-sanctioned, but I don't really know much about the military.

I don't know how officially sanctioned they were but I used to see "Commie Busters" patches similar to this one worn by bomber and missile crews.
posted by MikeMc at 6:50 PM on July 7, 2010

(If you're having trouble verifying the md5 hash, note that the text has no newlines. Not even at the end)

echo -n 'USCYBERCOM plans, coordinates,' \
'integrates, synchronizes and conducts activities to:' \
'direct the operations and defense of specified' \
'Department of Defense information networks and;' \
'prepare to, and when directed, conduct full spectrum' \
'military cyberspace operations in order to enable' \
'actions in all domains, ensure US/Allied freedom of' \
'action in cyberspace and deny the same to our adversaries.' \
| md5

posted by autopilot at 7:53 PM on July 7, 2010

ZenMasterThis is actually quite close to the actual secret message. When encrypted with the onetime pad of f0adb36d26f6a67f009ef873ad87dc43 the secret message is revealed."DrinkURovaltine!"
posted by autopilot at 8:04 PM on July 7, 2010

For the last time, hashing is not the same thing as encrypting; they are fundamentally different in that hashing discards information. It is wrong to speak of reversing a hash as decrypting because for any given hash there are an infinite number of strings that generate that hash, whereas when you have an encrypted message there is an exact one-to-one mapping between the original text and the encrypted text. It's just that in most cases people don't care about nonsense strings of random garbage and fixate on one in particular that happens to be coherent as an English word or phrase because that is most likely the one that was used to generate the hash.
posted by Rhomboid at 9:14 PM on July 7, 2010 [2 favorites]

Yeah, yeah, but they sure cross paths a lot. Calm down.
posted by ryanrs at 11:52 PM on July 7, 2010

From the IAO logo page:

For the record, the IAO logo was designed to convey the mission of that office; i.e., to imagine, develop, apply, integrate, demonstrate, and transition information technologies, components, and prototype, closed-loop information systems that will counter asymmetric threats by achieving total information awareness useful for preemption, national security warning, and national security decision making.

What's the patch for the special room full of morons who write these sorts of mission statements?
posted by obiwanwasabi at 12:55 AM on July 8, 2010

for any given hash there are an infinite number of strings that generate that hash

For cryptographically secure^* N-bit hash functions, the chance that more than one of a given pool of strings will generate the same hash is pretty much negligible until the number of strings in the pool is around 2^N/2. For a 512-bit hash like SHA512, you'd expect to start seeing collisions once your collection of input strings grew to 2²⁵⁶ ~= 10⁷⁷ members.

A billion trillion (10²¹) computers, each doing nothing but feed unique strings through SHA512 at a billion trillion strings per second for a trillion years (3x10¹⁹ seconds), would achieve less than a thousand-trillionth part of the work required to find a duplicate SHA512 hash code.

So if you have reason to believe that the 512-bit code you're looking at is in fact the result of somebody having fed some string into SHA512, you can be quite sure that there is, in fact, only one existing string whose hash that could be. Whether or not it's a coherent word or phrase or document doesn't really matter.

It is wrong to speak of reversing a hash as decrypting

If we're going to be pedantic, it is wrong to speak of reversing a hash, period. The whole point of cryptographically secure hashes is that reversing them is not computationally feasible.

But if all you're talking about is the relationship between a plaintext input and its cryptographically secure hash, it is in practice quite reasonable to consider the hash to be a compressed encryption of the plaintext - albeit one for which no decryption key is available. Even though it's perfectly true that the mapping from input to hash code is theoretically many-to-one, in practice it will never, ever be other than one to one.

^*MD5 has been broken (given an MD5 hash code, there's a computationally feasible algorithm for coming up with a string that generates that hash), so this line of argument doesn't actually apply to MD5.
posted by flabdablet at 4:30 AM on July 8, 2010 [1 favorite]

obiwanwasabi: "What's the patch for the special room full of morons who write these sorts of mission statements?"

These are all totally government/military-speak. Every official mission statement, commendation, information release of any kind sounds very similar. I'm pretty sure the training for writing those involves teaching you how to write in vaguely-comprehensible sentences using as many buzz words and lists as possible. Bonus points for obscure acronyms.

Parsing these things during commendation, promotion, and retirement ceremonies is always difficult. Imagine a guy reading a two page version of that mangled sentence structure in as monotone a voice as possible. At least when it's written down you get to slow down, reread, and deconstruct it to wring whatever meaning you can from it.
posted by This Guy at 4:46 AM on July 8, 2010

it is in practice quite reasonable to consider the hash to be a compressed encryption of the plaintext - albeit one for which no decryption key is available

It's not reasonable to do that because the two concepts are totally distinct and separate -- one destroys information and is one-way, the other is completely reversible. The only way that you can frame hashing as if it were something like encryption is because the message happens to contain some English words, but if I hashed a block of pure entropy of unknown length and gave you the resulting hash and then discarded the original it would be fundamentally impossible to ever know what that original block contained even with unlimited computing power and time. With a cipher I may still face a computationally intractable situation but at least the necessary information to reconstruct the message still exists and has not been destroyed, and is instantly available if I have the key.
posted by Rhomboid at 5:33 AM on July 8, 2010

Death wears bunny slippers

ON OCCASION. THEY ARE REMARKABLY COMFORTABLE.
posted by quin at 7:46 AM on July 8, 2010 [8 favorites]

My analysis of the Cyber Command logo reveals: All your secret codes are belong to us.
posted by bryon at 9:03 AM on July 8, 2010 [1 favorite]

@Rhomboid I'm not sure what you mean by "an exact one to one mapping". Consider one-time padding (this is generally considered 'encryption'); without the key, it is impossible to recover the original plaintext, and it is possible to construct a key that will recover arbitrary data (of the same length) from the ciphertext. Would you consider this to be a 'hash' because of these properties?

Likewise, with something more practical like RSA, you could extract all sorts of garbage by using arbitrary exponents (if you know the public key) and mod factors (if you don't) instead of, say, attacking the public key.

I understand your basic argument (information can be recovered from the ciphertext using a key, where the key is not specific to the plaintext, while hashes can basically only be attacked probabilistically) but I think you might be driving a bit too hard.
posted by parkan at 2:03 PM on July 8, 2010

Also, to speculate a little further, it's not necessarily true that a hash will destroy information: if you had an upper bound on the size of the plaintext and a hash function that was guaranteed to be free of collisions in that search space (perfect hash), you could use it as a reversible compression function.
posted by parkan at 2:13 PM on July 8, 2010

It's garbage-in, garbage-out if you don't have the right key, yes. Perhaps I should have said a one to one mapping between plaintext and key to ciphertext. I wouldn't consider a cipher without a key to be a hash because it has none of the properties of a hash, namely that all inputs are mapped to a fixed set of outputs, because if that were true it would no longer be a cipher. And of course there are perfect hashes but they are rarely used in cryptology because they do not have the desired properties of a secure hash.
posted by Rhomboid at 7:09 PM on July 8, 2010

if I hashed a block of pure entropy of unknown length and gave you the resulting hash and then discarded the original it would be fundamentally impossible to ever know what that original block contained even with unlimited computing power and time. With a cipher I may still face a computationally intractable situation but at least the necessary information to reconstruct the message still exists and has not been destroyed, and is instantly available if I have the key.

The nice thing about "in principle" arguments are that those on either side can wave their hands as furiously as they like in support of their principles, while almost willfully failing to see that sometimes the principles don't actually matter.

In my view, there's really no important practical difference between "unlimited" computing power and time, and computing power and time bound by the limits of physics. It will always remain possible to construct hash codes of sufficient length to make cracking them permanently unfeasible in practice.

Perhaps I should have said a one to one mapping between plaintext and key to ciphertext.

I return to the point I originally made, which is that in practice there is a one to one mapping between any given chunk of plaintext and its secure hash. The chance of this statement being incorrect is of about the same order as the chance that you might suddenly suffocate as all the air molecules near your head decide to occupy a space ten feet to the left of you, for roughly the same reason.

The destruction-of-information line of argument doesn't do much for me, either. The operation of encryption, followed by the discarding of the decryption key, does destroy information, every bit as securely as hashing does. In fact you could use the resulting data pretty much anywhere you'd use a secure hash, for the same purposes.

As parkan points out, if I encrypted a block of pure entropy of unknown length with a one time pad and gave your the resulting encrypted text and then discarded the key, it would be fundamentally impossible to ever know what the original block contained even with unlimited computing power and time.

There are strong parallels between encryption and hashing, and in some contexts it's perfectly reasonable to consider them equivalent.
posted by flabdablet at 2:16 AM on July 9, 2010

if you had an upper bound on the size of the plaintext and a hash function that was guaranteed to be free of collisions in that search space (perfect hash), you could use it as a reversible compression function.

In fact you don't need a perfect hash to make this work, just a good-enough hash. SHA512 will work just fine.

Reversing the compression function is done by key-value lookup in a database containing the original uncompressed texts, where the key is the SHA512 hash of the value you're looking up. It's cute because you can be quite sure^*, having received an uncompressed value from such a database, that it is uncorrupted - you simply hash it again and see if the result matches the key you used to look it up.

Anybody who seriously believes that key-value lookup is "cheating" because it's not mathematically equivalent to some function or other just needs to think harder about it or learn more mathematics or both.

^*For any reasonable value of sure. The probability of something getting stuffed up from a SHA512 collision are far, far smaller than the chances that the database client will catch fire during the lookup operation.
posted by flabdablet at 5:30 AM on July 9, 2010

Anybody who seriously believes that key-value lookup is "cheating" because it's not mathematically equivalent to some function or other just needs to think harder about it or learn more mathematics or both.

It's cheating because it means it's completely useless for sending an arbitrary message to someone over an insecure channel, which is the whole reason that we have ciphers and the basis for my suggestion that hashing and encrypting are two distinct concepts that shouldn't be muddled.

If you're seriously trying to claim that SHA is a 'cute' compression algorithm then I'm not sure there's anything more to be said here.
posted by Rhomboid at 6:00 AM on July 9, 2010

It's cheating because it means it's completely useless for sending an arbitrary message to someone over an insecure channel

So is any encryption method, without some kind of out-of-band key exchange.

I will go so far as to agree that a database containing all potentially useful messages probably does constitute a fairly inconvenient shared key.
posted by flabdablet at 8:56 AM on July 9, 2010

If I worked at USCYBERCOM I'd spend all my spare time scratching off letters to make it U____BERCOM...
posted by Ogre Lawless at 11:14 AM on July 9, 2010