Chapter 4

MRAP

Mine-Resistant Ambush Protected is a term for United States military light tactical vehicles produced as part of the MRAP program that are designed specifically to withstand improvised explosive device (IED) attacks and ambushes.

Learn more:

• https://en.wikipedia.org/wiki/MRAP
• https://asc.army.mil/web/portfolio-item/cs-css-mine-resistant-ambush-protected-mrap-vehicle-mrap/

Threat model

Threat modeling is a process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified, enumerated, and mitigations can be prioritized.

Learn more:

• https://en.wikipedia.org/wiki/Threat_model
• https://securityintelligence.com/posts/what-is-threat-modeling-and-how-does-it-impact-application-security/
• https://owasp.org/www-community/Application_Threat_Modeling

Jersey barrier

A Jersey barrier, Jersey wall, or Jersey bump is a modular concrete or plastic barrier employed to separate lanes of traffic.

Learn more:

• https://en.wikipedia.org/wiki/Jersey_barrier
• https://otwsafety.com/how-jersey-barriers-got-their-name/ (fun facts about)

RPG

Not a Role-Playing Game (here). A rocket-propelled grenade (often abbreviated RPG) is a shoulder-fired missile weapon that launches rockets equipped with an explosive warhead. Fun fact: The term “rocket-propelled grenade” is a backronym; it stems from the Russian language РПГ which stands for ручной противотанковый гранатомёт (transliterated as “ruchnoy protivotankovy granatomyot”, which has the initials “RPG”), meaning “handheld anti-tank grenade launcher”, the name given to early Russian designs. Typical range is around several hundred meters.

Learn more:

• https://en.wikipedia.org/wiki/Rocket-propelled_grenade
• https://en.wikipedia.org/wiki/RPG-7

MRE

The Meal, Ready-to-Eat – commonly known as the MRE – is a self-contained, individual field ration in lightweight packaging bought by the United States Department of Defense for its service members for use in combat or other field conditions where organized food facilities are not available.

Learn more:

• https://en.wikipedia.org/wiki/Meal,_Ready-to-Eat
• https://www.mreinfo.com/

FOB

A Forward Operating Base (FOB) is any secured forward operational level military position, commonly a military base, that is used to support strategic goals and tactical objectives.

Learn more:

• https://en.wikipedia.org/wiki/Forward_operating_base
• https://military.wikia.org/wiki/Forward_Operating_Base_Grizzly (FOB Grizzly mentioned in the book)
• https://en.wikipedia.org/wiki/Forward_Operating_Base_Grizzly

PX

A type of retail store operating on United States military installations worldwide. Originally akin to trading posts, they now resemble department stores or strip malls. PX is US Army terminology. US Air Force uses Base Exchange (BX), US Navy uses Navy Exchange (NEX), Marine Corps calls it Marine Corps Exchange (MCX).

Learn more:

• https://military.wikia.org/wiki/Base_Exchange
• https://en.wikipedia.org/wiki/Base_exchange

Battlefield intelligence

Is described in the US Army document “Intelligence Preparation of the Battlefield”. More:

• https://home.army.mil/wood/application/files/8915/5751/8365/ATP_2-01.3_Intelligence_Preparation_of_the_Battlefield.pdf

Unique identifiers of tire-pressure sensors

Tire-pressure sensors installed on most of the cars have unique ID numbers configured at the factory. More:

• https://en.wikipedia.org/wiki/Direct_TPMS#Registration_of_direct_TPMS_IDs
• https://blog.caristaapp.com/what-is-tpms-id-registration-2cfc452bb6d4
• https://www.standardbrand.com/media/1646/st10235idl-may14_jtf_id-locator.pdf
• https://obdstation.com/tpms-reset-tool/

Everything after the slash

Masha says: “I itched to get their Google searches, but that was hard because Google had better security than every other service they visited – strong SSL certificates that hid everything after the slash, so all I could see from my vantage point was https://google.com/ – and then… nothing.”

This happens when you visit sites that use HTTPS (secure HTTP) and hence, use SSL/TLS certificates. Even if somebody (in this case Masha) intercepts the traffic between you and your provider, they will see only the domain name of the server you are accessing. Everything else in your URL (search queries, usernames, etc.) will be hidden.

Learn more:

• https://security.stackexchange.com/questions/7705/does-ssl-tls-https-hide-the-urls-being-accessed
• https://security.stackexchange.com/questions/4388/are-urls-viewed-during-https-transactions-to-one-or-more-websites-from-a-single
• https://stackoverflow.com/questions/499591/are-https-urls-encrypted

MAC address

Masha automatically corrects her boss when she says: “max address”. MAC stands for “media access control” and MAC address means the low-level address assigned to a network card. Sometimes MAC address is called “physical address” or “hardware address”. Usually it is represented as a series of hexadecimal numbers separated by colons, like this: 00:0a:95:9d:68:16. Usually MAC address identifies a physical device (computer or phone) pretty well (as opposed to IP address that could be different in different networks). MAC address can be changed by the OS, but that only stays until the next reboot.

Learn more:

• https://en.wikipedia.org/wiki/MAC_address
• https://whatismyipaddress.com/mac-address
• https://whatismyipaddress.com/change-mac https://www.howtogeek.com/192173/how-and-why-to-change-your-mac-address-on-windows-linux-and-mac/

Hoberman sphere

An isokinetic structure patented by Chuck Hoberman that resembles a geodesic dome, but is capable of folding down to a fraction of its normal size by the scissor-like action of its joints.

Learn more:

• https://en.wikipedia.org/wiki/Hoberman_sphere