"Q: Where do you see Russia fitting into this as it comes onto the scene?

Rogers: I don’t. Russia will continue to disintegrate. The Soviet Union has already broken up into 15 countries. Putin controls Petersburg, Moscow, a few airports, et cetera, but Russia never has been a homogeneous [nation] - I mean, in the Soviet Union there were 124 - the "official" number was 124 - ethnic, linguistic, religious, historic and national groups. 

It’s broken up into 15 states. It’ll be 50 … it’ll be 100 [states] before it’s over. Ukraine may break up next. Who knows who’ll break up [after that]? Maybe even parts of Russia. 

To the bulls who say I’m wrong, my rejoinder is this: Let me ask you about Chechnya. The Russians have been trying to deal with Chechnya for 15 years with no success. 

Chechnya’s the size of Connecticut. Chechnya has a million-and-a-half people. If they can’t handle Chechnya, how is the Soviet Union, or Russia, going to handle these other places that are pulling away? 

There’s capitalism there, but it’s outlaw capitalism. If you’re good with dealing with the Mafia, you can probably make a fortune, if you’re on the ground [there]. For the most part, they have a lot of natural resources, which has been great. 

They have huge foreign reserves, but they’re stripping the assets. 

They’re not reinvesting for the most part in productive capacity. They’re stripping the assets. You know, oil production has peaked in Russia, even though there could conceivably be gigantic amounts of oil there somewhere. Nearly everything has peaked, because they have been stripping the assets, rather than reinvesting. "

In development for more than 30 years, the research is beginning to bear fruit, and may soon spawn more powerful bombs, warheads that tear apart stone and concrete, mines that can be set to stun or kill, and grenades that can swat rockets or mortar rounds out of the sky like flies.

"You can get effects that are more precisely tailored to a particular target," says John Pike, director of Washington military research group GlobalSecurity.org. "And you're able to get a greater effect out of a smaller munition."

Reactive materials are combinations of materials that are normally stable, but, when subjected to sudden shock -- such as striking a target -- release a large amount of energy. Depending on the composition and warhead design, the energy can be released as heat, a blast or a combination of the two. Unlike conventional explosives, RMs cannot be set off by fuses. Technically, they are classified as flammable solids, and they are less hazardous to transport and store than explosives.

While they're more energetic than explosives, RMs are not intended to be a substitute. Instead, they will replace warhead components normally made of metal.

An analysis of U.S. military procurement papers and defense contractor presentations, as well as interviews with companies working on the technology, suggests that a wave of munitions using reactive materials may be headed for a battlefield near you.

The material can dramatically magnify the yield of conventional bombs, and do away with the waste embodied by a bomb's inert metal skin. The U.S. Air Force's 5,000 BLU-122 bunker buster, for example, contains just 780 pounds of explosives; the other 80 percent is the bomb's thick steel casing. DARPA's Reactive Munition program (.doc) aims to replace that steel with RMs, to create a bomb with a blast four times as powerful. Alternatively, a new bomb could be half the size of existing weapons but twice as powerful.

Conventional warheads could also benefit from an RM makeover. For centuries, shells have blasted out steel shrapnel, small pieces of metal that cause damage with their high speed. Defense contractor Alliant Techsystems is developing a warhead called BattleAxe for the Air Force that uses fragments made of RM instead of metal. Those fragments will explode on impact, making the warhead far more effective against soft targets like trucks.

RM shrapnel is also being touted as the ideal way of shooting down incoming rockets and mortar bombs (.pdf).

A radar-guided defense pod can automatically engage incoming rockets or other threats using RM-based grenades. Weapons designers suggest that RMs can be five to ten times as effective as the existing inert shrapnel for this task. Moreover, RM shrapnel can be engineered to burn out at a set distance, so there is no hazard to nearby friendly forces.

Bullets can even be made of RM. The Navy's new electromagnetic railgun has been criticized because it can only fire solid slugs, not the usual explosive shells. However, documents reveal that tungsten-based RM rounds are being developed for the weapon. These will explode on impact, making the railgun effective against buildings, ships and vehicles.

Shaped charges are another application where RMs can increase the effectiveness of existing designs. In a shaped charge, a hollow metal cone is surrounded by explosive material, which is then detonated, forcing the blast through the small end of the cone.

"The action is analogous to stamping on an open toothpaste tube, ejecting the liquid contents," says Douglas Millard of British defense contractors QinetiQ.

Replace the metal liner with RM, and the explosive power of that jet will increase dramatically.

"Such reactions are highly exothermic and therefore lead to the release of large amounts of energy, which is in addition to the kinetic energy within the jet," Millard says. "An increase in the energy coupled into the target occurs and this results in the creation of greater damage to the target."

QinetiQ is marketing an RM-based shaped charge called Connex for oil-well perforation in the civil market. Meanwhile, the U.S. Army is developing a demolition charge called Bam Bam that blasts a jet of RM deep into stone or concrete, producing massive damage

One version of the Bam Bam charge is intended for demolishing bridges and other structures. An alternative version blasts broader, shallower craters in roads or runways, making them useless.

RMs will also transform another mutation called the Explosively Formed Penetrator, a modified version of the shaped charge. Instead of producing a narrow, short-range jet, the Penetrator fires an aerodynamic slug of metal over a long distance. It's best known as a favored weapon of insurgents in Iraq. Again, replacing the metal with RM makes a much deadlier weapon -- after punching through armor, the slug releases energy like a grenade going off.

If you're a weapons designer, RMs also offer amazing flexibility. Alliant Techsystems is building a variable landmine (.pps) -- a so-called "dial-a-yield" weapon that can produce a range of different effects.

At the lowest setting, most of the output would be light -- a dazzling warning that would be impossible to miss. A higher setting would produce intense heat, creating a "discomfort zone" to drive off intruders. The third setting produces a nonlethal blast, like the concussion stun grenades used by Special Forces. If lethal force is called for, the mine could be set to produce either inert shrapnel or reactive shrapnel that explodes on impact.

RM munitions may face legal challenges. Under the St. Petersburg Declaration of 1868, the use of explosive projectiles with a weight of less than 400 grams is forbidden, as is using incendiary ammunition, like napalm, against personnel. But RMs are not technically explosive or incendiary, and although the effect on human targets might cause protests from some groups, they are likely to be accepted, human rights experts say.

"Like any weapon, it would have to go through a lengthy effectiveness and then legal review, " says Marc Garlasco, senior military analyst at Human Rights Watch. "If used in the open against military targets, it does not seem to have any obvious problems at first blush."

However, there may be technology issues too. Although the developers sound very upbeat in all their descriptions of RM munitions, producing material that will reliably release energy only when required is extremely challenging.

"The fact that they've been working on it so long and don't seem to have fielded anything yet suggests that there may be a problem with the technology," GlobalSecurity's Pike says.

Normally new weapons are fielded rapidly if there is a military demand -- assuming they work. So far, RMs have not made it into the field, and the technology may not be as mature as developers suggest.

But Pike also notes that there has been an unprecedented surge in munitions development over the last few years, with "all kinds of weird stuff" being developed.

So after decades of being kept very quiet, reactive materials may soon be making a lot of noise.

---

Check out Danger Room for more on reactive materials.

Quite clearly, web browsing from within these ISPs now depends on the correct functioning of the “Layer 7 switch” and Phorm’s “Anonymiser” machine. This should not be too much of a concern. Network engineers are used to designing out “single points of failure“. Thus, for example, the BT schematics obtained by The Register show parallel systems and cross-coupling of components, so that a single failure will not take out the system. Add in the fact that what are apparently single machines will almost certainly be clusters fronted by intelligent load-balancing devices, and the system is expensive, but extremely resilient.

However, there’s another rather less obvious issue that needs to be addressed.

The bouncing of all web requests back and forth with HTTP 307 redirections means that the system is critically dependent upon the correct resolving of the webwise.net domain. If, for whatever reason, the domain name system (DNS) didn’t return the correct answer when asked for the IP address of webwise.net, then everyone at that ISP would find that their browsing was seriously affected.

If the incorrect address came back as 127.0.0.1 then the customers wouldn’t be able to reach any websites at all — if it came back as the IP address of a machine in downtown St Petersburg, then that site could redirect their web sessions at will — and there’s likely some criminals in that city with some innovative ideas of what could happen next.

So the webwise.net domain has suddenly been promoted to become part of the Critical National Infrastructure (CNI).

The domain is currently hosted at GoDaddy, an american registrar. Last summer the rock-phish gang spent a week running phishing attacks not just against banks, as they usually do, but also against GoDaddy. The immediate reaction was that the criminals wanted to use captured credentials to purchase domain names for free — but wiser heads pointed out that with the login details for a GoDaddy account you were in full control of any domain names that had already been bought : the security of the websites of thousands of major companies (and a great many banks) was resting on the security of eight-character registrar login passwords.

However, firms that have considered the risk don’t buy $10 domain names, but spend rather more, and their registrar will insist on rigorous security checks before altering any details. We must obviously assume that webwise.net is not at risk from registrar phishing in this simplistic way.

The more likely way of subverting what webwise.net resolves to is called “DNS cache poisoning”. There are several ways of doing this (this Wikipedia article provides a helpful summary), most of which shouldn’t work if the ISP has configured their DNS server correctly.

However fundamental weaknesses in the DNS protocol (relying on 16bit values matching to show authenticity) means that DNS forgery attacks can only be made harder, not prevented altogether. Making it harder may currently be sufficient to make phishing attackers use simpler methods — but if the prize is the disruption of web browsing for millions of people…?

There are things that the ISPs can do to improve security — such as each of them making themselves authoritative for webwise.net, which should address the DNS forgery issue. Let’s hope that they haven’t overlooked this.

[[with acknowledgments to Matt Johnson and others involved in understanding this particular design risk]]

...federal law enforcement officials who need to know have already learned the identities of those responsible for running the Storm worm network, but that U.S. authorities have thus far been prevented from bringing those responsible to justice due to a lack of cooperation from officials in St. Petersburg, Russia, where the Storm worm authors are thought to reside.