Infiltrated
We asked a Marine officer recently back from the Triangle of Death in Iraq to describe the abilities of Iraqi forces and whether Sunnis are joining in any significant numbers.

The officer answered, "I honestly don't know, but I do know that all of the units in my area of the Triangle of Death are infiltrated and are constantly being purged only to be reinfiltrated."

Green zone
The mayor of Baghdad told The Washington Times this week he'd like to see shrinkage of the 3-square-mile green zone where the American command and embassy have set up shop.

An insider tells us there are some in the Army who would like to see a leaner operation, too. "There are too many support people," this source said. "People are walking into each other. ... There is very little privacy."

The problems go deeper. "The working relationship has not been established" among all the agencies that operate within the protected zone, the source said.

Ungrateful
At the time the Italians negotiated with terrorists for the release of communist journalist Giuliana Sgrena, there was an active search on for her by American special operations forces.

Miss Sgrena has been a vociferous critic of U.S. forces in Iraq.

"We had [counterterrorism] people looking for her," a defense source said. "They were willing to risk their lives and all you hear from her is criticism of American troops."

China breaks code?
The U.S. code-breaking community is worried about China's advances in cracking U.S. codes.

Three Chinese cryptologists last month reported they had found a way to crack a U.S. government-approved information security system known as SHA-1, or Secure Hash Algorithm-1.

The SHA-1 encryption is used widely within the U.S. government, including the Pentagon and U.S. intelligence community. It is currently the Federal Information Processing Standard and has been since 1994. Put simply, SHA-1 is a security authentication device that is used to verify the integrity of digital media, and to make sure that data or messages, such as secure e-mail, are not changed during transmission.

Chinese researchers, Xiaoyuan Wang, Yiqun Lisa Yin and Hongbo Yu reported in a paper Feb. 13 that they had "developed new techniques that are very effective" for breaking SHA-1 code, without using time-consuming "brute force" attacks.

The National Institute of Standards and Technology (NIST), which made SHA-1 a federal standard, said in a statement that it could not confirm the Chinese code-breaking but noted that the three researchers are "reputable" specialists with cryptographic expertise.

NIST said the new "attack" or code-breaking "is of particular importance in digital signature applications, such as time-stamping, and notarization."

But the institute sought to play down the implications of the Chinese claim, stating that the method described in the paper will be "difficult to carry out in practice."

Still, the U.S. government is phasing out SHA-1 over the next five years. "Due to advances in computing power, NIST already planned to phase out SHA-1 in favor of the larger and stronger hash functions (SHA-224, SHA-256, SHA-384 and SHA-512) by 2010," the statement said.

Disclosure of the code break followed China's publication of a defense white paper in December that identifies the use of information technology as a central element of Chinese military doctrine.

U.S. defense officials say China's military believes its cyber-soldiers can successfully cripple the U.S. military by attacking key computer-run infrastructures and other information networks.

Daniel E. Spisak, a private security engineer, said China is capable of building its own SHA-1 "cracker" using computers. "This could potentially allow them to access sensitive systems," he said. "However, from what small knowledge I do have of how secure data links get set up for some kinds of DOD projects, I think it would be very difficult to exploit the SHA-1 [code break] to their advantage." The danger, he noted in an e-mail, is that China could exploit a security lapse in U.S. government networks and systems. Mr. Spisak said as long as U.S. government computers are properly protected by multiple layers of defense and authentication mechanisms, "one can ensure it is sufficiently difficult to gain illegal access to sensitive networks and systems even with one part failing."

But if proper security precautions are not taken, "then all bets could be off," he said.

Bruce Schneier, a cryptography and security specialist, said the Chinese breakthrough is not alarming. But he noted that within the U.S. National Security Agency there is an old saying: "Attacks always get better; they never get worse."

Rummy on counterspying
Richard Haver, until recently a senior Pentagon intelligence adviser, revealed last week the philosophy of Defense Secretary Donald H. Rumsfeld in dealing with the problem of foreign spies.

Mr. Haver told a conference on counterintelligence at the Bush School at Texas A&M University that Mr. Rumsfeld urged CIA Director George J. Tenet several years ago to go on the attack against foreign intelligence services.

"The secretary had a very simplistic view of this; complex, but simple in its straightforwardness, which is typical of him," Mr. Haver said in a speech.

"The best defense is a good offense," Mr. Haver said of the Rumsfeldian view. "If you are sitting back, waiting for the enemy to attack you, it will happen. If you want effective counterintelligence, the principal element of that is the capability of your system to attack the adversary intelligence service before they attack you."

Foreign spies have limited resources to focus on a large target, he noted. But "if you are inside that system, if you understand what they're doing before they do it, then you can mount good defense."

Getting at foreign intelligence agencies is the job of the CIA and other human-intelligence-gathering agencies, including the Office of the National Counterintelligence Executive, which revealed a new offensive counterintelligence strategy at the conference.

"You never really win this battle," Mr. Haver said. "One victory doesn't mean the war is over. Until we reach nirvana, the battle will continue as long as we have secrets."

Naples
Michael A. Ledeen, a terrorism specialist at the American Enterprise Institute, is working on a book about Naples. He considers its tomato-based cuisine the best among Italy's food-centric regions.

He did find time this week to talk to us about the dilemma coalition members face when a countryman is taken hostage. Do you pay ransom and feed the insurgency? Or do you stick to principle and see the hostage beheaded? The issue has arisen with news that the Italian government paid millions of dollars for the release of communist journalist Giuliana Sgrena.

"It's a terrible problem" said Mr. Ledeen, author of "The War Against the Terror Master." "Obviously, if you pay money you encourage them to kidnap more people. On the other hand, in practical terms, it is very difficult for democratically elected politicians to refuse to do everything possible to save their people. So there you have it. I can't find it in myself to criticize a government that does all it can to save its citizen because that's always their obligation."

Pantano update
Marine 2nd Lt. Ilario Pantano should take some solace from words spoken this week by White House press secretary Scott McClellan. The Marines have charged Lt. Pantano with two counts of premeditated murder. He fatally shot two Iraqi insurgents who he says moved toward him after their arrest outside a bomb-making factory.

Commenting on Army sentries shooting at the car of Italian journalist Giuliana Sgrena, Mr. McClellan said, "It is a dangerous road and it is a combat zone that our coalition forces are in. Oftentimes, they have to make split-second decisions to protect their own security."