
X-Force Command Cyber Tactical Operations Center - Tomte
https://www.ibm.com/security/services/managed-security-services/xforce-command-cyber-tactical-operations-center
======
nimbius
rather offtopic but this rolling marketing gag is powered by a Peterbuilt 579
(why is the logo blacked out??) and only weighs 23 tons. The 579 can easily
haul more than double this.
[https://www.peterbilt.com/trucks/highway/model-579](https://www.peterbilt.com/trucks/highway/model-579)

this is a class 8 truck which retails for around $150,000 new and has a 12
liter PACCAR MX13 engine with ~450HP and 1800FP of torque. Collision
mitigation, advanced cruise radar, and an all aluminum cab in standard or
automatic transmission.

however- on the infographic this says its powered by a Mercedes Actros? Do
they have another one of these things rolling around Europe as well?

Drivers can expect to see around 7mpg. Was this really a good investment on
the part of IBM? Do you explicitly need a cyber truck to come to your office
for security or do people use the internet these days? "X-Force Cyber Command"
sounds like something you'd see on sunday morning cartoons.

~~~
jimktrains2
Disclaimer: I know nothing and this is an honest questions.

I wonder if they intend to be able to use the tractor for power in situations
where external power is lacking. Powering, and more importantly and power-
hungry, cooling "23 tons" of equipment wouldn't be the lightest task.

~~~
nimbius
the solution is to outfit the truck with a custom rear diff with a power take-
off. Such configurations exist and are expensive, generally governing the
truck to 55mph or so after they are set up. You would also be running the
engine, which burns through expensive EPA media like CO2, NOX, and sulfur
scrubbers (which arent required if youre just running a generator.)

if i had to guess, most of that 40 some kilowatts of power generated is going
directly to HVAC. trailers are not insulated, so the heat from servers as well
as the hot air from the X-Force sales team will need to be managed.

Ideally you'd park this thing in an arena outfitted with 480 3 phase hookups.
Put the generator into bypass, and just use it to condition power you get from
the venue. Alternatively, flood a parking lot with fresh hot diesel fumes and
hope hypoxia works its magic to convince people IBM is serious.

------
aneutron
It's particularly in systems like these where they usually leave SSH w/
password login, or an oudated Teamviewer install. [1]

Realistically, I can see this working. For Disney. For use in action movies.
In fact, "23 tons of cyber capabilities" is exactly the thing I would expect
to hear from an action movie.

[1]: [https://www.pentestpartners.com/security-blog/pen-testing-
sh...](https://www.pentestpartners.com/security-blog/pen-testing-ships-a-year-
in-review/)

~~~
usrusr
Well, it's a setup for LARPing (see recent encrypted email thread)
cybersecurity with execs as a flashy sales pitch, so the film prop aesthetic
is the main feature. It's literally a roadshow. I'm just a bit disappointed
that the trailer can't deploy an autonomous Tesla Cybertruck manned by David
Hasselhoff.

~~~
aneutron
While I do agree with you on the IBM truck remarks, I find myself heavily
disagreeing with the "PGP / SMTP over TLS" is LARPing" gentleman.

For one, he makes the argument that it's all a theater. Is it broken ? Yes.
Does it provide some non-negligeable level of confidentiality ? Absolutely. Is
it "broken" in some way or another ? Yes. But that doesn't mean we should just
fall back to regular plain unencrypted email when PGP _MAKES MORE SENSE_. I
myself don't use PGP when it doesn't really make sense. But when sending a
security vulnerability, I'd say it's pretty safe to assume you're not LARPing
at that point. Sure, maybe they know you're sending a PoC. But that will at
least delay them for a couple of days (or hours if you're a high value
target).

A comment on that thread expressed exactly what I feel and what I assume what
most of security minded people feel: Sure, it is not perfect. But if I want
perfect-secrect (as perfect as it theoretically gets anyway), I'm going to use
Signal. But when your company has e-mail as the main communication form, it
doesn't make much sense to use another form of communication, it will hinder
productivity and obstruct your company's processes.

All in all, LARPing is a strong word. If anything, we should applaud the
effort confidentiality-minded people put up, and push for better protocols.

~~~
iudqnolq
You're probably aware, but the obvious counterargument people make to what
you've said is that for some people such as activists under repressive regimes
they would rather not be able to email than email under the mistaken belief
what they were sending is highly secure. TFA on that article said the risk is
non-technical users seeing technical users use PGP and assuming it's a good
option when there are high stakes.

~~~
aneutron
I hadn't thought about that possibility. But I think it's arguably more of a
cultural and informational, rather than a technical thing.

But I do agree that when the stakes are high, mistakes like these can mean
life or death. But again, that can be solved by trying to better the general
understanding of confidential communication systems.

~~~
iudqnolq
I agree with most of that, which is why I think LARPing is a fair metaphor. It
succinctly gets across that this is a cool thing for techies but not for
general usage when it's safety critical.

------
h2odragon
I wonder if they got the idea from the "Die Hard" movie? Says "20
worksations"... Even with the trailer folding out, that sounds crowded.
"gestural controlled" displays... and a telescoping light tower!

Everything necessary to convince the CEO that "Action is Being Taken" when
they're troubled by something "cyber" they can't be bothered to understand.

[https://www.ibm.com/downloads/cas/DXGD7N9K](https://www.ibm.com/downloads/cas/DXGD7N9K)

* Also, the "infographic" shows a different tractor than the pics.

------
scoutt
From the PDF in that page: _" Feel the adrenaline rush of an intense,
immersive, gamified experience with your entire cross-functional team."_

I get that when sending an OTA update to an entire fleet, and I am just using
a 2012 laptop.

~~~
aneutron
I had a similar thought when I read that : "Try live patching kernels in
production, that'll get you going"

------
headcanon
We're definitely going to laugh on how ridiculous and over-the-top this is,
but we live in an age of spectacle. If I'm getting a cybersecurity seminar or
training session, I'd rather it come rolling in like Gordon Ramsay than
something standard and boring.

If its entertaining, maybe people will pay attention to it more? Communication
can be an engineering problem too.

------
jsty
> The IBM® X-Force® Command Cyber Tactical Operations Center (C-TOC) provides
> the industry’s first mobile cyber range and watch floor, with 23 tons of
> cyber capabilities on wheels, wherever they are needed.

Nice to see good cyber-security is now so commodified we can sell it by the
tonne </sarcasm>

------
buildbuildbuild
It’s easy to roll eyes at this.

I’m curious if anyone knows of a situation where having a “cyber NOC”
situation room was actually useful?

Major corporations are building them and hiring “Cyber Resilience” teams. Is
it all fluff, or is my cynicism causing me to miss key enterprise threat
models and communication needs?

------
ssully
"Putting cybercrime on the road to ruin". Bless whoever had to type that
sentence and keep a straight face.

This is hilarious, but honestly sign me up for the job where I get to setup an
computer environment in the back of a semi. I don't think it will actually
lead to any good, but it should be fun.

~~~
h2odragon
Imagine the vibration and ventilation problems. I was thinking "how long to
unpack and set up once parked?" ... That number will be longer once this
vehicle ages and travels a bit. If one wanted to make a thing like this
operational _while mobile_ that would be an even more exciting challenge.

------
goatinaboat
If I was a hacker I would watch to see which companies bought these, knowing
they are clueless about network security and probably soft targets.

Soft targets with lots of money.

~~~
ThePadawan
Well, maybe not that much money. After all, they just gave most of it to IBM.

~~~
clSTophEjUdRanu
IBM is basically the corporate equivalent of assisted living? Old corporations
turn to IBM to drain their finances until they die of old age?

------
rhexs
This thing always made me laugh. It’s actually quite genius considering most
of IBMs customers are going to eat it up, but goddamn imagine making a
favorable decision on a multimillion dollar security contract because your
exec team liked IBMs adult “cyber” escape room.

------
cstross
Someone's been watching Knight Rider re-runs, amirite?

(Thinking particularly of the tractor/trailer rig they use as K.I.T.T.'s
mothership.)

[https://en.wikipedia.org/wiki/Knight_Rider_%281982_TV_series...](https://en.wikipedia.org/wiki/Knight_Rider_%281982_TV_series%29)

------
lawnchair_larry
This is just silly irrelevant marketing. I’m not sure why we are advertising
it on HN.

~~~
ASalazarMX
I guess because it's silly, that's very unusual for IBM.

~~~
api
[https://www.youtube.com/watch?v=w0ChoHNEgRI](https://www.youtube.com/watch?v=w0ChoHNEgRI)

------
api
Does it have RISC technology? Because RISC technology is going to change
everything.

------
ericcholis
This is 100% intentional hype. This is designed to be deployed at a trade show
or outside corp headquarters. The video states that they built a "cyber
security range" in ~2016, which generated 2,000 customers. This SOC is to
showcase capabilities and sell whatever IBM is bundling. It also allows them
to charge for on site incident response training.

I'm sure somebody somewhere will need to call IBM and have them drive a SOC to
them in an emergency. Which, I'm sure, IBM will happily charge them a small
fortune for. But this is marketing.

------
recrudesce
If that turned up outside your office unannounced because it was being used as
part of a red team, it might kinda throw the whole red team operation.

"GOTTA BE STEALTHY !!!" _rolls up in a massive truck_

------
lukestateson
I can totally understand why they need a moving truck for their operation
center.

It's a lot easier to find a fast working wifi when passing through all those
coffee shops.

------
alfalfasprout
All the comments seem to be trashing IBM for this, but it's kinda cool! I mean
sure, this is silly and impractical (a moving truck with a bunch of foldable
chairs and laptops would do just fine) but that wasn't really the point,
right?

In theory, there may be someone somewhere that needs something like this but
this is intended as a cool demonstration piece.

~~~
sagebird
The internet has solved the problem of computer researchers needing to be
somewhere.

------
dmos62
> "THE HIGH PRICE OF A NEW DAWN! X-Force is the CIA of the mutant world — one
> half intelligence branch, one half special ops. In a perfect world, there
> would be no need for an X-Force. We’re not there…yet."

[https://www.youtube.com/watch?v=OMZi6nMqK8Y](https://www.youtube.com/watch?v=OMZi6nMqK8Y)

------
auiya
I expect this kind of nonsense from US Cybercommand, but fun to see IBM
getting into the tacti-cool LARP'ing scene too.

------
throwaway88889
If you watch the video you can see that this is just a training and education
tool. It's a simulator. Which honestly I do not think is a bad idea.The state
of security in many places is horrible. People are being too harsh about this.

------
klingonopera
...if anything, they really should've named it "Tactical Cyber Operations
Command Center".

...on second thought, I think I know why they didn't.

------
tiernano
wait... this looks like "training" not proper production stuff... guess it
cant be production... it would take IBM an age to roll this to an environment
suffering a breach... it has to be training... looks interesting though...

~~~
ASalazarMX
> it would take IBM an age to roll this to an environment suffering a breach

No problem, that's where we use the X-Force Command Cyber Tactical Operations
Center Helicopter.

------
aug_aug
Can't wait to hear about the first app hack in which they remote start this
thing and turn the heat on full blast!

It would be really cool if you had kids and you could point to that beast as
your office. I bet they have cool t-shirts too. And stickers.

------
C1sc0cat
Still think Sarges truck in Agents of Shield looked cooler.

------
nrclark
This looks perfect for when you need IBM to help you cyber.

------
roywiggins
what next, a cyber MRAP?

~~~
auiya
You laugh but...
[https://twitter.com/RenditionSec/status/1093998957464817664](https://twitter.com/RenditionSec/status/1093998957464817664)

------
sagebird
International Boomer Machines

