The China-Iran connection in missile proliferation can be seen in the sanctions recently applied to a company called North China Industries Corporation (NORINCO). The Chinese, as they always do, denied that NORINCO had done anything wrong, but the sanctions and lifting of sanctions has been going on since 2003, when NORINCO was sanctioned three times. Since then, they have become a "serial proliferator" which sounds bad when you say it out loud. [see http://info.hktdc.com/alert/us0320c.htm for the Chinese view ]. The Chinese Embassy released a statement threatening sanctions on a few companies doing business in Taiwan like Boeing, Lockheed Martin and Raytheon. That statement specifically mentions that it "could" stop sales of commercial aircraft in China, which would affect Lockheed and Boeing. [see http://www.china-embassy.org/eng/xw/t656463.htm ].
Chun Han Wong, in a Wall Street Journal article in December 2015 [http://www.wsj.com/articles/china-has-few-options-in-protesting-u-s-arms-sales-to-taiwan-1450373290] says there are few things that these companies sell to China, though I was surprised at a few he mentioned: " Raytheon Co. and Lockheed Martin Corp., the main contractors involved in the latest arms deal, have commercial interests in China. Lockheed Martin’s newly acquired unit Sikorsky Aircraft Corp. sells civilian helicopters in China, while Raytheon has sold civilian air-traffic control systems and provided consultancy services in the mainland. Neither firm immediately responded to requests to comment." No doubt they will not be commenting anytime soon. Boeing, as noted last week, announced layoffs of 4500, mostly in the commercial aircraft sector. You can look at that as a cause an effect relationship or a coincidence caused by world markets.
For myself, I want to know what happened to the hastily withdrawn sanctions on ZTE. ZTE was doing far more than anyone thought before this case was brought. The ZTE Internal documents clearly show what ZTE was doing, how they set up front companies to do the buying, and they knew what export rules they were violating. Why did the sanctions go away a week after they were announced? I suspect businesses used the "trade war" analogy to stop the sanctions, when China's trade war with us was precisely the reason they were imposed to begin with.
Thursday, March 31, 2016
Wednesday, March 30, 2016
The FBI vs Apple
A number of news stories have centered on the FBI and Apple fiasco as a triumph of civil liberties over national security. That is a ridiculous assumption. Civil liberties never win out over national security, but only here in the US can we openly discuss it.
No place in the world has these kinds of discussions in the open courts where everything you do is public. If the FBI couldn't get into the iPhone, that kind of case should have gone to the FISA court where the evidence can be classified. Only this administration gets fixated on doing national security in public where any of our enemies can see what is going on. They do that in the name of transparency which does not apply to national security issues like these - not just in the U.S. but in almost every other country in the world.
If Apple can't get into the phone of a terrorist, the fact that it can't shows a vulnerability in the U.S. Law enforcement and Intelligence Communities that can be exploited by other terrorists. Somebody must have misplaced the classification guides in the FBI to have this made public. Having the fact that it can be done bantered about in the press is equally an advantage to our adversaries. We don't hear the Russians, Chinese, French, Belgians, the Saudis or any of the other countries that have terrorists talking about what capabilities they have to undo the communications of their own. None of them ask for Apple's help; they demand it. Inside their own countries they aren't making public statements about the level of help they get, or don't get, from Apple, or any of their other vendors, but they do counter terrorism operations much the same as we do.
Apple is not being helped by all of this kind of open discussion, especially because it has opened the door for all of these little companies that do know how to crack the boxes to sell more products that help others do the job. Their marketing people are probably writing stories that allude to those capabilities in their products. Look at YouTube and see some of those results. This is a problem that the customers of these kinds of devices need to correct. Apple would like its customers to believe their data is safe, something that is good for the US.
The FBI is not being helped by these discussions and that may be the main reason why the suit was finally dropped. In a FISA court they would not have had to bring an action that was public and force Apple to take a stand on an issue that was transparently misguided. The Director must have known that, since he came from that background. I can't help but imagine he must have been pressured by somebody outside of the FBI to bring this case in an open court. Whoever encouraged that needs to go.
Tuesday, March 29, 2016
Another Chinese Browser Exposed
Citizen Lab at the University of Toronto has done another Chinese browser with the same results they got on Baidu's browser. Quoted below:
Similarly, the Windows version sends personally identifiable data, including the URL of all pages visited in the browser, a user’s hard drive serial number, MAC address, Windows hostname, and Windows user security identifier, also without encryption or with easily decrypted decryption.
So, are we supposed to believe this is a coincidence that the two browsers they checked were sendung this info back to China? When Baidu was asked if it was government policy, they declined to answer.
There is a good article in today's Wall Street Journal on this subject that is worth reading. It mentions three browers, Baidu, Tencent, and Alibaba. There seems little doubt this is government policy at work here.
Similarly, the Windows version sends personally identifiable data, including the URL of all pages visited in the browser, a user’s hard drive serial number, MAC address, Windows hostname, and Windows user security identifier, also without encryption or with easily decrypted decryption.
So, are we supposed to believe this is a coincidence that the two browsers they checked were sendung this info back to China? When Baidu was asked if it was government policy, they declined to answer.
There is a good article in today's Wall Street Journal on this subject that is worth reading. It mentions three browers, Baidu, Tencent, and Alibaba. There seems little doubt this is government policy at work here.
Monday, March 28, 2016
Xi and Obama to Chat
The two leaders are about to sit down next week to chat about nuclear matters at a summit in Washington D.C. You can bet there will be more about North Korea in those nuclear talks and a lot more about THAAD, a high altitude missile defense system. Let's make a deal.
The last deal we made with China was a hollow promise not to hack US businesses. This is kind of like asking a drug addict not to take anymore of that heroin. The Chinese economy was built on stealing by a variety of methods from Joint Ventures and forced teaming partners, to outright theft of trade secrets and patented material. That hasn't changed, though the White House now says "There is no evidence of hacking" which is probably true given our past experience with reporting of events and criminally prosecuting the people involved.
We have also made a nuclear deal with Iran that looks about as sound, and a previous agreement with North Korea. Ignoring this way of doing business is the best way to avoid fretting over it. We can make deals with China as long as we know they will only be honored until the Chinese find the need for it no longer exists, or the U.S. National elections take place, whichever comes first. In the case of hacking businesses that would not be quite as long. Nuclear weapons might be longer, but not by much.
I read the Hill today and they are accepting that the White House might be talking about implementing climate control measures first, thought I have yet to find the dreamer that fed that to the press. Not likely. Xi is here to talk about North Korea and get something in place before this administration is gone. No other President, coming from any of the existing candidates, is likely to feel quite so friendly to China, not even a Democrat.
The last deal we made with China was a hollow promise not to hack US businesses. This is kind of like asking a drug addict not to take anymore of that heroin. The Chinese economy was built on stealing by a variety of methods from Joint Ventures and forced teaming partners, to outright theft of trade secrets and patented material. That hasn't changed, though the White House now says "There is no evidence of hacking" which is probably true given our past experience with reporting of events and criminally prosecuting the people involved.
We have also made a nuclear deal with Iran that looks about as sound, and a previous agreement with North Korea. Ignoring this way of doing business is the best way to avoid fretting over it. We can make deals with China as long as we know they will only be honored until the Chinese find the need for it no longer exists, or the U.S. National elections take place, whichever comes first. In the case of hacking businesses that would not be quite as long. Nuclear weapons might be longer, but not by much.
I read the Hill today and they are accepting that the White House might be talking about implementing climate control measures first, thought I have yet to find the dreamer that fed that to the press. Not likely. Xi is here to talk about North Korea and get something in place before this administration is gone. No other President, coming from any of the existing candidates, is likely to feel quite so friendly to China, not even a Democrat.
The DarkNet vs Apple
The Justice Department has avoided a run-in with Apple by giving in and doing what they should have done before. But, it isn't just Apple that is working towards a safe-haven from government. The Dark Web, or DarkNet is doing the same thing. Criminals, at least the ones who don't get caught, need security and protection from law enforcement just as terrorists do, and those technologies are starting to converge. Apple was never leading this effort, in spite of what the exchanges between the FBI and Apple must sound like.
Governments are much more intrusive than they were in the early days of the Internet when law enforcement and counter terrorism units had next to nothing in the way of tools or equipment to monitor. Now they have an array of software that monitor cell phones, Internet activity, and can track a person anywhere there is a cell tower. With a warrant, almost any jurisdiction can get cell phone numbers, geolocation, thermal imaging of a property, and the the data needed to map connections between all of the people in our family of crooks. Life is tough everywhere. But, as one of my graduate professors used to say, they spend as much time at their job as you do at yours. They look for ways to protect themselves from this technology.
The DarkNet is a different concept and the opposite idea from the Internet. Instead of just encrypting each transaction and storing data where no unauthorized person can get it, these nets are not visible to anyone unless the user knows where to go. There is a Daily Mail article from 2013 that speaks to the number of assassins who are available there [http://www.dailymail.co.uk/news/article-2454735/The-disturbing-world-Deep-Web-contract-killers-drug-dealers-ply-trade-internet.html ]. It would be difficult for contract killers or drug dealers to advertise on the Internet.
Besides sites like Silk Road, replaced by several with the same technologies, thieves now use bitcoins rather than banks, separating themselves from the monitoring laws for currency exchange. The number and different types of sites extend to terrorists like ISIS who have learned to avoid exposure to the Internet once a person has expressed an interest in their work. Unlike Apple, these are real bad guys. Our Justice Department needs to spend more time working on the kinds of things our enemies are doing and less on what technologists do to protect our personal data.
Governments are much more intrusive than they were in the early days of the Internet when law enforcement and counter terrorism units had next to nothing in the way of tools or equipment to monitor. Now they have an array of software that monitor cell phones, Internet activity, and can track a person anywhere there is a cell tower. With a warrant, almost any jurisdiction can get cell phone numbers, geolocation, thermal imaging of a property, and the the data needed to map connections between all of the people in our family of crooks. Life is tough everywhere. But, as one of my graduate professors used to say, they spend as much time at their job as you do at yours. They look for ways to protect themselves from this technology.
The DarkNet is a different concept and the opposite idea from the Internet. Instead of just encrypting each transaction and storing data where no unauthorized person can get it, these nets are not visible to anyone unless the user knows where to go. There is a Daily Mail article from 2013 that speaks to the number of assassins who are available there [http://www.dailymail.co.uk/news/article-2454735/The-disturbing-world-Deep-Web-contract-killers-drug-dealers-ply-trade-internet.html ]. It would be difficult for contract killers or drug dealers to advertise on the Internet.
Besides sites like Silk Road, replaced by several with the same technologies, thieves now use bitcoins rather than banks, separating themselves from the monitoring laws for currency exchange. The number and different types of sites extend to terrorists like ISIS who have learned to avoid exposure to the Internet once a person has expressed an interest in their work. Unlike Apple, these are real bad guys. Our Justice Department needs to spend more time working on the kinds of things our enemies are doing and less on what technologists do to protect our personal data.
Friday, March 25, 2016
China Trade and Presidential Politics
Economists have lately been discussing China and trade because our Presidential candidates have been threatening actions to limit that damage to our economy. The economic theory of this is that trade wars will be bad for both sides and cause untold doom to all of us. Economists are not looking at the cyber aspects when they make these claims; they only look at manufacturing - where jobs are going - and trade.
We have shown China's ability to steal proprietary trade information from almost every company in the US. Their government puts that information to use in their own economy by bid rigging, making goods from our designs, and undermining the security features of the Internet where most business is done. Some of their businesses are state owned enterprises and those are related to their government intelligence operations. They use them to spy.
The main component of the Chinese response to any accusation is denial. This latest round of Obama Administration indictments of hackers, included one that showed how and when the Chinese were stealing designs for aircraft and defense articles, which only tells a small part of the whole story.
One of the reasons the trade deficit is so unfavorable to the US is China's cheating. We need some economists who recognize how cheating affects trade, how we can stop it, and where our industries cooperation with Chinese industries has undermined our own business interests. We have some business leaders who benefit from these relationships, and value them more than our own economic well being. Let's put that on the table when we discuss trade with China.
We have shown China's ability to steal proprietary trade information from almost every company in the US. Their government puts that information to use in their own economy by bid rigging, making goods from our designs, and undermining the security features of the Internet where most business is done. Some of their businesses are state owned enterprises and those are related to their government intelligence operations. They use them to spy.
The main component of the Chinese response to any accusation is denial. This latest round of Obama Administration indictments of hackers, included one that showed how and when the Chinese were stealing designs for aircraft and defense articles, which only tells a small part of the whole story.
One of the reasons the trade deficit is so unfavorable to the US is China's cheating. We need some economists who recognize how cheating affects trade, how we can stop it, and where our industries cooperation with Chinese industries has undermined our own business interests. We have some business leaders who benefit from these relationships, and value them more than our own economic well being. Let's put that on the table when we discuss trade with China.
Thursday, March 24, 2016
Iranian Indictments
I was going to comment yesterday about the announcement to be made today concerning Iranian subjects who targeted banks and a New York dam, but I'm glad I waited. This announcement was like a parade of everyone from the top of the Justdice Department on down. It was actually nice that the FBI was able to identify these individuals specifically, down to "name and face" when they are so often just anonymous network names that make a person's reputation. The US can indict these people and put out international warrants for their arrest. This will limit travel they can make to countries friendly to the US. Everyone pretends this will be a new dawn in the cyber world, but know it won't be, anymore than the indictment of Chinese military officers would do that.
We should note that the incidents they are talking about happened in 2012 and 2013. In cyber years, that is an eternity. Those hackers probably found other work by now, or will shortly. There were not very many bank officials who did not know the source of the attacks, which seemed to be Russia at first, but later came back to Iran, though it took a few days. This would have put them on notice four years ago, and most of them probably forgot about it and went on to the next project. What the Justice Department said today was that it was Iran and we know who in Iran. That is important to know, but it also identifies the weaknesses in the ability to do attribution that will stand up in court. It takes a long time. It proves we need to be a lot better at attribution and develop some methods that are court worthy. Faster attribution is at the top of my list because we can't retaliate until we know the source of the attack. State-sponsored terrorism is not a criminal endeavor that can be prosecuted anywhere, though there are exceptions like the trial of Radovan Karadzic who got 40 years yesterday for his barbarism. Those indicted today would not get a sentence that long.
Should we put new sanctions on Iran - Oh, wait, we just did that a couple of weeks ago. Should we take back the billions of dollars we just gave them? Should we stop our business people from going ahead with the plans to help Iran reconstruct? Should we take away their ability to build a nuclear bomb? Those are all good things for another time. Today we can watch the US Department of Justice pretend it did something worthwhile so we can all feel better.
We should note that the incidents they are talking about happened in 2012 and 2013. In cyber years, that is an eternity. Those hackers probably found other work by now, or will shortly. There were not very many bank officials who did not know the source of the attacks, which seemed to be Russia at first, but later came back to Iran, though it took a few days. This would have put them on notice four years ago, and most of them probably forgot about it and went on to the next project. What the Justice Department said today was that it was Iran and we know who in Iran. That is important to know, but it also identifies the weaknesses in the ability to do attribution that will stand up in court. It takes a long time. It proves we need to be a lot better at attribution and develop some methods that are court worthy. Faster attribution is at the top of my list because we can't retaliate until we know the source of the attack. State-sponsored terrorism is not a criminal endeavor that can be prosecuted anywhere, though there are exceptions like the trial of Radovan Karadzic who got 40 years yesterday for his barbarism. Those indicted today would not get a sentence that long.
Should we put new sanctions on Iran - Oh, wait, we just did that a couple of weeks ago. Should we take back the billions of dollars we just gave them? Should we stop our business people from going ahead with the plans to help Iran reconstruct? Should we take away their ability to build a nuclear bomb? Those are all good things for another time. Today we can watch the US Department of Justice pretend it did something worthwhile so we can all feel better.
Xi -Obama Meeting on North Korea
Ben Blanchard, writing for Reuters [http://www.reuters.com/article/us-china-usa-diplomacy-idUSKCN0WQ08A] says China's leader will press Obama for a meeting on North Korea's nuclear testing. He says the meeting will be about Korea.
"On this issue, China's position is consistent. We are dedicated to the decentralization of the Korean peninsula," he told a news briefing."
Decentralization is an interesting term, to say the least, having more to do with getting the U.S out of South Korea than getting North Korea to stabilize and get out of the nuclear weapons delivery business. Xi is apparently not happy about the US applying independent sanctions against the North and talking about putting THAAD missile interceptors in South Korea. The article says this threatens China's security, which is diplomatic shorthand for something a little more serious than that. They must have really liked having the US put more ships into the South China Sea.
Xi is going to want to get all the activity he can before the US elections in November, when a new President will be selected. None of the candidates will have a foreign policy that will look good to China, and a few of them look downright unfriendly.
"On this issue, China's position is consistent. We are dedicated to the decentralization of the Korean peninsula," he told a news briefing."
Decentralization is an interesting term, to say the least, having more to do with getting the U.S out of South Korea than getting North Korea to stabilize and get out of the nuclear weapons delivery business. Xi is apparently not happy about the US applying independent sanctions against the North and talking about putting THAAD missile interceptors in South Korea. The article says this threatens China's security, which is diplomatic shorthand for something a little more serious than that. They must have really liked having the US put more ships into the South China Sea.
Xi is going to want to get all the activity he can before the US elections in November, when a new President will be selected. None of the candidates will have a foreign policy that will look good to China, and a few of them look downright unfriendly.
Wednesday, March 23, 2016
When the FBI Needed Help
There is an article in Government Executive today [Joon Ian Wong, An Israeli Company is Helping the FBI Unlock That iPhone] that describes what it says is the capabilities of a company in Israel that does data extraction and transfers from one phone to another (among other things). If you want to see it done, visit this website. [https://www.youtube.com/watch?v=wLmEwTYRv_U]
What is intriguing about this claim is that the technology has been around for some time, though it is not clear that these devices can bypass the security code on the iPhone. Maybe they can, and maybe they can't. Apple might be able to tell us about that.
What it does show is how much can be done with a simple device made for "law enforcement and government agencies". These kinds of devices are in our major cell phone vendors too. They can extract content from a cell phone, including address lists, something we all do when we trade up. Given the level of sophistication of the technology, we have to wonder what is going on here. I wrote about some of these kinds of things in my last book, The New Cyberwar, and they were not new then.
Apple and the FBI must both know about them.
What is intriguing about this claim is that the technology has been around for some time, though it is not clear that these devices can bypass the security code on the iPhone. Maybe they can, and maybe they can't. Apple might be able to tell us about that.
What it does show is how much can be done with a simple device made for "law enforcement and government agencies". These kinds of devices are in our major cell phone vendors too. They can extract content from a cell phone, including address lists, something we all do when we trade up. Given the level of sophistication of the technology, we have to wonder what is going on here. I wrote about some of these kinds of things in my last book, The New Cyberwar, and they were not new then.
Apple and the FBI must both know about them.
Tuesday, March 22, 2016
A Belgian Historical Note
In May, 1974, I made a trip to Belgium to help with some military work that was going on there. We landed at Antwerp's airport and taxied into the terminal. We noted among ourselves that there were armored vehicles on the runway and several special forces were walking around with sub-machine guns. We were not used to that, because in those days, there were no checkpoints at airports and TSA did not exist.
What we did see there was indicative of a group of domestic terrorists who were hijacking airplanes and killing innocent people on trains and in bombing attacks. They weren't Muslims and they weren't fighting in the Middle East. I was in training for hostage negotiation, and we found them difficult people to talk to because they didn't speak English and they were not in a negotiating mood anytime we ever saw them stick their heads up. These days, we wouldn't have been doing hostage negotiation with any of them, but they haven't changed much.
We can put a Muslim face on terrorism, but from what I saw then it was more about character than religion. These are people who think anyone who disagrees with them should die rather than be persuaded. We learned the same about them. The police could not convince them that the hostages should be allowed to live in exchange for a small piece of humanity the hostage takers were clearly lacking. The only way to free the hostages was the kill the folks taking them. Some people may not like where that takes us, but we learned those lessons the hard way.
What we did see there was indicative of a group of domestic terrorists who were hijacking airplanes and killing innocent people on trains and in bombing attacks. They weren't Muslims and they weren't fighting in the Middle East. I was in training for hostage negotiation, and we found them difficult people to talk to because they didn't speak English and they were not in a negotiating mood anytime we ever saw them stick their heads up. These days, we wouldn't have been doing hostage negotiation with any of them, but they haven't changed much.
We can put a Muslim face on terrorism, but from what I saw then it was more about character than religion. These are people who think anyone who disagrees with them should die rather than be persuaded. We learned the same about them. The police could not convince them that the hostages should be allowed to live in exchange for a small piece of humanity the hostage takers were clearly lacking. The only way to free the hostages was the kill the folks taking them. Some people may not like where that takes us, but we learned those lessons the hard way.
Unsealed Indictment Syrian Electronic Army
The Justice Departnment released a summary of a a previously sealed indictment against three people in the Syrian Electronic Army, Ahmad Umar Agha, 22, known online as “The Pro,” and Firas Dardar, 27, known online as “The Shadow.” All three were charged with a criminal conspiracy relating to: engaging in a hoax regarding a terrorist attack; attempting to cause mutiny of the U.S. armed forces; illicit possession of authentication features; access device fraud; unauthorized access to, and damage of, computers; and unlawful access to stored communications. Dardar and Peter Romar, 36, also known as Pierre Romar, were separately charged with multiple conspiracies relating to: unauthorized access to, and damage of, computers and related extortionate activities; receiving the proceeds of extortion; money laundering; wire fraud; violations of the Syrian Sanctions Regulations; and unlawful interstate communications. The court has issued arrest warrants for all three defendants.
According to allegations in the first complaint, beginning in or around 2011, Agha and Dardar engaged in a multi-year criminal conspiracy under the name “Syrian Electronic Army” in support of the Syrian Government and President Bashar al-Assad. The conspiracy was dedicated to spear-phishing and compromising the computer systems of the U.S. government, as well as international organizations, media organizations and other private-sector entities that the SEA deemed as having been antagonistic toward the Syrian Government. When the conspiracy’s spear-phishing efforts were successful, Agha and Dardar would allegedly use stolen usernames and passwords to deface websites, redirect domains to sites controlled or utilized by the conspiracy, steal email and hijack social media accounts. For example, starting in 2011, the conspirators repeatedly targeted computer systems and employees of the Executive Office of the President (EOP). Despite these efforts, at no time was an EOP account or computer system successfully compromised. Additionally, in April 2013, a member of the conspiracy compromised the Twitter account of a prominent media organization and released a tweet claiming that a bomb had exploded at the White House and injured the President. In a later 2013 intrusion, through a third-party vendor, the conspirators gained control over a recruiting website for the U.S. Marine Corps and posted a defacement encouraging U.S. marines to “refuse [their] orders.”
Today, the FBI announced that it is adding Agha and Dardar to its Cyber Most Wanted and offering a reward of $100,000 for information that leads to their arrest. Both individuals are believed to be residing in Syria. Anyone with information is asked to contact their nearest FBI field office or U.S. Embassy or consulate.
Monday, March 21, 2016
NSA Makes Grab for DoD Architecture
Department of Defense Instruction NUMBER 8530.01 March 7, 2016
This Instruction goes a long way towards defining a single network view - military systems at all levels, contractor systems that process government information both classified and unclassified, and cloud computing infrastructures that DoD can influence. The idea will be to manage and secure that single entity network, something I have advocated for many years.
While this is a good view to take, the control lies with Cyber Command, a military organization, and broadly defines affiliated networks as some belonging to commercial businesses affiliated with DoD. We went down that road when I was working for government, and our Congressional leaders quickly had words with the DoD community so that it would not extend its mandate to parts of the commercial infrastructure where it had no business going. DoD reversed course after that, at least until now, but they never give up.
This instruction goes a long way towards reestablishing the kind of network definition that Cyber Command wanted when General Alexander was its Director. General Alexander was also the Director of the National Security Agency (NSA), which kind of made a few people in Congress nervous. Rightfully so.
Applies to the DoDIN. The DoDIN includes DoD information technology (IT) (e.g., DoD-owned or DoD-controlled information systems (ISs), platform information technology (PIT) systems, IT products and services) as defined in DoDI 8500.01 (Reference (h)) and control systems and industrial control systems (ICSs) as defined in National Institute (NIST) Special Publication (SP) 800-82 (Reference (i)) that are owned or operated by or on behalf of DoD Components.
Quite a few DoD regulations use this kind of language. They define something for a reader just once at the beginning, and use acronyms after that. By the end, nobody is really sure what the policy says. This applies to commercial cloud services and to defense contractors under the National Industrial Security Program, which are not just DoD contractors, but any agency that participates. Almost all agencies do. It also adds unclassified information called CUI which it had no policy basis to add. The NISP covers only classified information.
I certainly hope Congress is paying attention to this. It is a clear grab by NSA for most of the agencies in the Federal architecture and a few parts that clearly are not part of it. If they win, they will have a clear path to controlling all Federal systems.
U.S. Backs Down on ZTE
The U.S., after only a few days following its public announcement of sanctions on ZTE, has backed down. It has already said it will lift sanctions against the company after the Chinese government complained, even though it was clear that ZTE and other Chinese companies were actively involved in setting up front companies to skirt US export controls to Iran. These countries were acting under the umbrella of the central government and with its tacit agreement.
The language used in the government statements is similar to that used ind the Iran nuclear deal: we will trust that you will comply with the agreement, and we will verify. Sanctions will "snap back" in the event they don't work. If you believe any of that, hold up your hand.
This agreement was obviously done by the same State Department that did the Iran nuclear deal. The whole mess is an admission that the US either will not, or cannot do anything about enforcing sanctions. Whichever it is, the situation only gets worse by the minute.
The language used in the government statements is similar to that used ind the Iran nuclear deal: we will trust that you will comply with the agreement, and we will verify. Sanctions will "snap back" in the event they don't work. If you believe any of that, hold up your hand.
This agreement was obviously done by the same State Department that did the Iran nuclear deal. The whole mess is an admission that the US either will not, or cannot do anything about enforcing sanctions. Whichever it is, the situation only gets worse by the minute.
Thursday, March 17, 2016
Never Say No
When I was a young military officer, one of my advisors gave me some advice on how to say no without saying no. Most of you know this trick: Always say, "Yes, but..." It served me well over the years, and it looks like it serves China well in international relations. Russia has never been very good at it.
Two stories in today's Wall Street Journal are good examples, an opinion piece called Iran's U.N. Free Pass and Jay Solomon's article U.S. Imposes Fresh Sanctions on North Korea. The Journal points out that attempts to control Iran's missile development through any kind of international effort are pointless. Russian vetoed any moves by the rest of the world to use sanctions against Iran for their latest missile test launches, which Iran claims are not violating any U.N. Resolutions. The North Korean sanctions are not doing any better at achieving the results expected years ago. North Korea now has the weapons and still works on a delivery system. The difference is, China went along with sanctions against North Korea and Russia doesn't for Iran. China has the better way. The UN seems to have no way.
The difference is, China says yes to sanctions, but does pretty much what it wants to support North Korea's development. Russia says no to the Iranian sanctions and most all the countries who favor sanctions against Iran protest their blockage. China says yes and the world thinks they are cooperating. Only this time, the US has even started to sanction Chinese businesses that support North Korea's programs. That seems never to have worked before, but this time, it will. We just have to have hope.
So, unless we change our approach to doing something about it, we are going to end up with two proxies with nuclear weapons and the ability to deliver them. One even has the slogan of Death to Israel, which we have all heard before, but carries a little more significance when painted on the side of a missile. The other threatens the US directly.
Perhaps we might think about what we want the outcome of sanctions to be and work towards that end by any and all means necessary. As North Korea's little sojourns into cyber attacks have shown, they don't just talk about doing things. They actually do them. We can ask Otto Warmbler, a 21-year old who got 15 years of hard labor for taking a political poster. If anyone doubts that Iran will be any different, look at all the trouble they cause now in the Middle East. If it is true that the attended the testing of North Korea's last bomb, as reported by several press outlets, then we could have two of the world's worst regimes cooperating while the rest of world talks. Is this what we want?
Two stories in today's Wall Street Journal are good examples, an opinion piece called Iran's U.N. Free Pass and Jay Solomon's article U.S. Imposes Fresh Sanctions on North Korea. The Journal points out that attempts to control Iran's missile development through any kind of international effort are pointless. Russian vetoed any moves by the rest of the world to use sanctions against Iran for their latest missile test launches, which Iran claims are not violating any U.N. Resolutions. The North Korean sanctions are not doing any better at achieving the results expected years ago. North Korea now has the weapons and still works on a delivery system. The difference is, China went along with sanctions against North Korea and Russia doesn't for Iran. China has the better way. The UN seems to have no way.
The difference is, China says yes to sanctions, but does pretty much what it wants to support North Korea's development. Russia says no to the Iranian sanctions and most all the countries who favor sanctions against Iran protest their blockage. China says yes and the world thinks they are cooperating. Only this time, the US has even started to sanction Chinese businesses that support North Korea's programs. That seems never to have worked before, but this time, it will. We just have to have hope.
So, unless we change our approach to doing something about it, we are going to end up with two proxies with nuclear weapons and the ability to deliver them. One even has the slogan of Death to Israel, which we have all heard before, but carries a little more significance when painted on the side of a missile. The other threatens the US directly.
Perhaps we might think about what we want the outcome of sanctions to be and work towards that end by any and all means necessary. As North Korea's little sojourns into cyber attacks have shown, they don't just talk about doing things. They actually do them. We can ask Otto Warmbler, a 21-year old who got 15 years of hard labor for taking a political poster. If anyone doubts that Iran will be any different, look at all the trouble they cause now in the Middle East. If it is true that the attended the testing of North Korea's last bomb, as reported by several press outlets, then we could have two of the world's worst regimes cooperating while the rest of world talks. Is this what we want?
Monday, March 14, 2016
China Faces Worse then US
Misery loves company, but in Andrew Browne's synopsis of China's current set of economic problems [ For Bejing, Policitcal Goals Trump Economics, The Wall Street Journal, 8 March 2016 ] it seems the Chinese have more than their fair share of misery. They suffer from "colossal industrial overcapacity, soaring corporate debt, plunging profits, declining factory prices. His reluctance to draw blood underscores a critical change that has come over a Chinese leadership that once had a reputation for pursuing economic goals with ruthless pragmatism. Today, politics trumps economics." What he doesn't add is the current 5-year goal for the economy did not decline to compensate for any of these problems. This goal is really going to put the squeeze on middle and top managers who will have to produce more with already over capacity production. People will be jumping off buildings again - except that pragmatism has finally calmed that down. They don't want a repeat of that time.
These are mostly things that come from a managed economy, which at times, some people in our own government have pushed for. It is the "government knows better" syndrome that comes from people in government telling us they can figure out what we should do for ourselves better than we can. Europe has been trying the same things for centuries longer than US. People seem to be naturally opposed to this kind of thinking. The harder the government works to maintain its position, the more likely to be the strains of conflict. The world is coming to a time when the elected governments are coming under pressure to change rather than maintain that kind of control. Germany is feeling that heat right now.
China has the internal mechanisms in its telecommunications infrastructure to keep that under control. They find, isolate and manage people who don't like the status quo. When they leave the country, the Chinese government comes and gets them to get them back under that control. They have a very effective system for keeping a lid on disaffection. The methods are ruthless.
We don't, and many of our friends can say the same. Our disaffected make news every days in political railing in a way that other countries not only don't understand, but don't appreciate either. When we ask ourselves which system we would rather live under, most will say they want stability and a smooth, efficient government to manage it. That is what China says too - harmony for all.
So, the only real difference is how that is enforced. Democracy is a terrible form of government, but we have to know that it is better than the alternatives. We might wish for something better, neater and cleaner, but an old Chinese curse says May all your wishes come true.
These are mostly things that come from a managed economy, which at times, some people in our own government have pushed for. It is the "government knows better" syndrome that comes from people in government telling us they can figure out what we should do for ourselves better than we can. Europe has been trying the same things for centuries longer than US. People seem to be naturally opposed to this kind of thinking. The harder the government works to maintain its position, the more likely to be the strains of conflict. The world is coming to a time when the elected governments are coming under pressure to change rather than maintain that kind of control. Germany is feeling that heat right now.
China has the internal mechanisms in its telecommunications infrastructure to keep that under control. They find, isolate and manage people who don't like the status quo. When they leave the country, the Chinese government comes and gets them to get them back under that control. They have a very effective system for keeping a lid on disaffection. The methods are ruthless.
We don't, and many of our friends can say the same. Our disaffected make news every days in political railing in a way that other countries not only don't understand, but don't appreciate either. When we ask ourselves which system we would rather live under, most will say they want stability and a smooth, efficient government to manage it. That is what China says too - harmony for all.
So, the only real difference is how that is enforced. Democracy is a terrible form of government, but we have to know that it is better than the alternatives. We might wish for something better, neater and cleaner, but an old Chinese curse says May all your wishes come true.
Sunday, March 13, 2016
WhatsApp Gets Apple Treatment
In the New York Time today, Matt Apuzzo [Messaging App Is Latest Front in Tech Debate] says the Apple treatment is coming to this app which encrypts messages and can't be read even when law enforcement has a court order. As I said in my previous post, there are a whole lot of things that are encrypted, from hard disks to flash drives and Apple was just the first of cases to be considered.
What Justice is trying to make is a law that doesn't now exist to require vendors to provide a means to decrypt things they provide encryption for. That would be a law similar to the one China enacted that requires any company operating in China to provide the means of encryption to the government. This is counter terrorism legislation made up to look like something less intrusive than it really is. The Chinese call it "draft legislation" while enforcing it, so it is really hard to tell what the real law looks like. China keeps this kind of thing intentionally vague so that it can be interpreted by government officials who might not be lawyers. We seem to do the opposite and neither of these approaches is probably the right one unless you are a Communist government that monitors its people on the Internet.
Justice has a point when they say a company should not do anything for China that it doesn't do for the U.S. Only that is a bilateral way of thinking in a multilateral world. They shouldn't be doing it for China either. China would just kick them out and make their lives difficult in the meantime by putting a few officials in jail or harassing them.
We have had laws that say encryption cannot extend across certain countries (I seem to remember France being one of them) and when Apple came along, everyone forgot about it. Vodafone published a list of countries it allows access to when it does business in their borders. Some of them have direct access to ISPs and Vodaphone can't stop them (the rest of the carriers are doing it too, but Vodaphone was nice enough to tell us).
There are a lot of hypocrites in this debate - on both sides. Justice has it's share of them trying to manufacture a law from nothing. The vendors have some who are willing to follow laws that they know allow other countries to monitor everything we do. We could do the same, but have always chosen a different way. We need a law, if we really want one, that requires vendors to provide the means to decrypt anything used in this country that might be encrypted by any means. Let's hear Congress debate that one.
We already have laws on encryption that are not being enforced, and the alternative is to enforce them. What we get from that is not what we want either, since privacy and security have more importance since they were written (a long time after the 1700's I should add). This is a Justice Department that can't figure out whether it can indict Hillary Clinton for her private e-mail server( the Attorney General said she wasn't sure about it). But it can bring an action against Apple and get the President to back them up. Hypocritical, yes.
What Justice is trying to make is a law that doesn't now exist to require vendors to provide a means to decrypt things they provide encryption for. That would be a law similar to the one China enacted that requires any company operating in China to provide the means of encryption to the government. This is counter terrorism legislation made up to look like something less intrusive than it really is. The Chinese call it "draft legislation" while enforcing it, so it is really hard to tell what the real law looks like. China keeps this kind of thing intentionally vague so that it can be interpreted by government officials who might not be lawyers. We seem to do the opposite and neither of these approaches is probably the right one unless you are a Communist government that monitors its people on the Internet.
Justice has a point when they say a company should not do anything for China that it doesn't do for the U.S. Only that is a bilateral way of thinking in a multilateral world. They shouldn't be doing it for China either. China would just kick them out and make their lives difficult in the meantime by putting a few officials in jail or harassing them.
We have had laws that say encryption cannot extend across certain countries (I seem to remember France being one of them) and when Apple came along, everyone forgot about it. Vodafone published a list of countries it allows access to when it does business in their borders. Some of them have direct access to ISPs and Vodaphone can't stop them (the rest of the carriers are doing it too, but Vodaphone was nice enough to tell us).
There are a lot of hypocrites in this debate - on both sides. Justice has it's share of them trying to manufacture a law from nothing. The vendors have some who are willing to follow laws that they know allow other countries to monitor everything we do. We could do the same, but have always chosen a different way. We need a law, if we really want one, that requires vendors to provide the means to decrypt anything used in this country that might be encrypted by any means. Let's hear Congress debate that one.
We already have laws on encryption that are not being enforced, and the alternative is to enforce them. What we get from that is not what we want either, since privacy and security have more importance since they were written (a long time after the 1700's I should add). This is a Justice Department that can't figure out whether it can indict Hillary Clinton for her private e-mail server( the Attorney General said she wasn't sure about it). But it can bring an action against Apple and get the President to back them up. Hypocritical, yes.
Russian Spies in the Banking Sector
We never seem to get the whole story in a summary of a case that is released to the public, but this one is a little different. Justice has a press release [https://www.justice.gov/opa/pr/russian-national-pleads-guilty-connection-conspiracy-work-russian-intelligence] on one Zhenya Buryakov that is very interesting.
"Evgeny Buryakov, aka Zhenya, 41, pleaded guilty today to conspiring to act in the United States as an agent of the Russian Federation without providing prior notice to the Attorney General."
We might miss that without looking closely, since pleading guilty to being an unregistered agent doesn't even sound like spying. I went back to the original indictment at [ https://www.justice.gov/sites/default/files/opa/press-releases/attachments/2015/01/26/buryakov_et_al_complaint.pdf ] and some stories by the Times and Guardian that are a little better at explaining what this is all about. Buryakov was a spy working for Russia's SVR, in particular a unit called Directorate ER, which is collecting on economic issue. In this case that meant focusing on alternative energy sources.
Buryakov was finding other people to help him spy, including some who were being recorded by the FBI as a part of their investigation. His cover was the New York Trade Mission of the Russian Federation in the United States. He recruited people, took collection tasking from the SVR, and sent back a regular stream of intelligence reports to Moscow from "a secure office in Manhattan used by SVR agents to send and receive intelligence reports and assignments from Moscow Center...."
Somebody has to write a book about this because it sounds so much like a Cold War spy drama jazzed up to a modern economic war scenario. This Cold War has been going on for some time and most of our citizens have missed it. The Russians and Chinese are both stealing from us and using that information to better their own economies. We allow a number of foreign banks to operate in the U.S. and this provides ample opportunity for other spies to do the same type of thing. China has four of the top ten banks in the world and the Federal Reserve is allowing some of them to buy U.S. bank branches [see http://www.americanbanker.com/bankthink/little-to-fear-much-to-gain-from-chinese-banks-1050841-1.html ] . That is what we call fair trade.
"Evgeny Buryakov, aka Zhenya, 41, pleaded guilty today to conspiring to act in the United States as an agent of the Russian Federation without providing prior notice to the Attorney General."
We might miss that without looking closely, since pleading guilty to being an unregistered agent doesn't even sound like spying. I went back to the original indictment at [ https://www.justice.gov/sites/default/files/opa/press-releases/attachments/2015/01/26/buryakov_et_al_complaint.pdf ] and some stories by the Times and Guardian that are a little better at explaining what this is all about. Buryakov was a spy working for Russia's SVR, in particular a unit called Directorate ER, which is collecting on economic issue. In this case that meant focusing on alternative energy sources.
Buryakov was finding other people to help him spy, including some who were being recorded by the FBI as a part of their investigation. His cover was the New York Trade Mission of the Russian Federation in the United States. He recruited people, took collection tasking from the SVR, and sent back a regular stream of intelligence reports to Moscow from "a secure office in Manhattan used by SVR agents to send and receive intelligence reports and assignments from Moscow Center...."
Somebody has to write a book about this because it sounds so much like a Cold War spy drama jazzed up to a modern economic war scenario. This Cold War has been going on for some time and most of our citizens have missed it. The Russians and Chinese are both stealing from us and using that information to better their own economies. We allow a number of foreign banks to operate in the U.S. and this provides ample opportunity for other spies to do the same type of thing. China has four of the top ten banks in the world and the Federal Reserve is allowing some of them to buy U.S. bank branches [see http://www.americanbanker.com/bankthink/little-to-fear-much-to-gain-from-chinese-banks-1050841-1.html ] . That is what we call fair trade.
No, It Isn't Your Imagination
There is a good article in the Wall Street Journal called Car Makers Test Technology to Make You Pay Attention to the Road by By ELIZABETH DWOSKIN and MIKE RAMSEY March 11, 2016
Just in case on your drive to work you thought everyone around you was on a cell phone or texting someone, you can get solace in finding out that they are. The other comforting thing was they are more likely to have an accident than you are, assuming you aren't driving and texting too. The surprise is that there are worse things you can do in a car than text. The data comes from Virginia Tech, where a lot of good data does come from.
Dialing a phone and reading text are more than twice as likely to cause an accident than talking on the phone, which only causes you to become an obstruction to anyone who is behind you. That lady who slows down to 35 in a 55 mph zone is not going to be in the accident but she will cause it. Texting itself is not quite so dangerous as reading texts sent to you.
It should occur to you that driving and doing any of these things is not very safe. I hope you aren't reading this one on the way to work. A woman next to me yesterday was eating a sandwich with both hands, but that turns out to be fairly safe compared to some of the other things. The safest behavior is something called "personal hygiene". That guy shaving on the way in, or the woman putting on lipstick, doesn't have to worry quite so much anymore.
Technology is supposed to make your life better, but cell phones in cars are only good if you actually use the hands-free features of your car. We actually had to get the Audi dealer to pair our phones the first time because the instructions were not very clear. We found it difficult to eat that sandwich and hold the phone up to our ears, without the hands-free working.
Just in case on your drive to work you thought everyone around you was on a cell phone or texting someone, you can get solace in finding out that they are. The other comforting thing was they are more likely to have an accident than you are, assuming you aren't driving and texting too. The surprise is that there are worse things you can do in a car than text. The data comes from Virginia Tech, where a lot of good data does come from.
Dialing a phone and reading text are more than twice as likely to cause an accident than talking on the phone, which only causes you to become an obstruction to anyone who is behind you. That lady who slows down to 35 in a 55 mph zone is not going to be in the accident but she will cause it. Texting itself is not quite so dangerous as reading texts sent to you.
It should occur to you that driving and doing any of these things is not very safe. I hope you aren't reading this one on the way to work. A woman next to me yesterday was eating a sandwich with both hands, but that turns out to be fairly safe compared to some of the other things. The safest behavior is something called "personal hygiene". That guy shaving on the way in, or the woman putting on lipstick, doesn't have to worry quite so much anymore.
Technology is supposed to make your life better, but cell phones in cars are only good if you actually use the hands-free features of your car. We actually had to get the Audi dealer to pair our phones the first time because the instructions were not very clear. We found it difficult to eat that sandwich and hold the phone up to our ears, without the hands-free working.
Friday, March 11, 2016
Apple Attacked Again
News stories today have identified a new tactic by the Justice Department to go after Apple's security system, only this time they may have a point. Justice has said that Apple has turned over information on iPhones in China almost as often as the have previously in the US. They moved data stores to servers in China as required by some of their new laws. Some of their other new laws require turning over encryption technologies and source code for certain types of businesses. They are far more aggressive in how they secure their Internet than we are.
Apple is basically saying this argument is bogus, when it is not likely to be so. I thought this would eventually come up since Apple has avoided talking about what steps it takes to comply with Chinese law. So far, only IBM has admitted to meeting the new requirements that these laws introduce. My guess is, Apple doesn't have a choice, but they can't be two-faced about it either.
Yes, it is true we don't have a law like China's, so maybe the circumstances are different, but we have to decide if we need a law because of Apple, Mircrosoft, Facebook, et al. Be careful what you wish for. A long time ago, Willis Ware at RAND said we could stop computer crime by putting an informant in every data center. Only, we don't want to get caught putting an informant in every center and that is our dilemma. We don't want to do what we would have to do to achieve the result. So, Justice tries to shoehorn in an old law that doesn't apply.
Apple is basically saying this argument is bogus, when it is not likely to be so. I thought this would eventually come up since Apple has avoided talking about what steps it takes to comply with Chinese law. So far, only IBM has admitted to meeting the new requirements that these laws introduce. My guess is, Apple doesn't have a choice, but they can't be two-faced about it either.
Yes, it is true we don't have a law like China's, so maybe the circumstances are different, but we have to decide if we need a law because of Apple, Mircrosoft, Facebook, et al. Be careful what you wish for. A long time ago, Willis Ware at RAND said we could stop computer crime by putting an informant in every data center. Only, we don't want to get caught putting an informant in every center and that is our dilemma. We don't want to do what we would have to do to achieve the result. So, Justice tries to shoehorn in an old law that doesn't apply.
A Cause of Death
Mikhail Lesin, one of the founding fathers of Russia Today was found dead in a Washington D.C. Hotel and almost everyone knows the cause of death was blunt force trauma. As the US papers have said recently, that doesn't mean he was beaten to death. It could be a fall or other form of accident, but there is a lot of trauma to account for. He didn't fall out of bed. Nobody knows. Several papers also said Russia Today said he died of a heart attack. As it turns out that is true. In November, RT said just that, almost before the ink had dried on his death certificate. In a story yesterday they said the same thing everyone else is saying.
This reminds me of the Ukraine where stories appear and disappear with the pace of press reports. The Russians are always first to report, and they report what they want people to believe, not necessarily what actually happened. A significant number of people will continue to believe the first story they read, and never go back to new stories that follow.
The story here is credibility. How do we believe anything RT says, when it so blatantly distorts the news to fit what the Kremlin wants its own people to believe? There is some satisfaction in the knowledge that even the Russians do not believe what they read there.
This reminds me of the Ukraine where stories appear and disappear with the pace of press reports. The Russians are always first to report, and they report what they want people to believe, not necessarily what actually happened. A significant number of people will continue to believe the first story they read, and never go back to new stories that follow.
The story here is credibility. How do we believe anything RT says, when it so blatantly distorts the news to fit what the Kremlin wants its own people to believe? There is some satisfaction in the knowledge that even the Russians do not believe what they read there.
Thursday, March 10, 2016
What We Can Learn from McAfee
I wanted to ask a simple question today: How do I scan an external drive using McAfee anti-virus. The company is owned by Intel. It was an adventure not finding out, but what I did learn was not something I really wanted to know.
First, when help desk people are not speaking good English and using a cheap phone system, it is very hard to understand what they are asking. I had to repeat myself often, but it wasn't for that reason only.
The first person on the line told me I had a license and it was valid. I knew that already. I wasn't calling about the license. The second person told me I had a license and it was valid, then asked my why I was calling. You need tech support he said.
The third person was nice but went through the same things and asked me if I had a Mac. My license was for a Mac. You have a Mac and this section does not do Macs, so I will transfer you.
The fourth person was actually a Mac person and understood the question, but was asking quite a few questions that weren't relevant to scanning a hard drive. She didn't want to tell me how to scan an external disk, or she didn't know.
I asked her why she was asking all these questions about my system when all I wanted was to know how to scan an external drive. She said she didn't have to have all that information and I could just log into a website called logme-in at a URL she game me. I said, "Wait, you want me to log into a website that is used to give you control of my system, and all I want to know is how to scan an external hard drive?"
"Yes, we can help walk you through it if you do that."
No. That is worse than not getting help from the vendor. Somebody who obviously isn't in this country wants me to turn over control of my computer to them so they can walk me through a procedure that should be easy. They want to know more about my system than just the OS version I have (was it wired or wireless and others). I just read about the problems with Baidu sucking data about the computer and nearby networks. It sounded just like them.
I hung up and cancelled my subscription to McAfee. My fond memories of my time in the government when McAfee was used on most every computer I had, are gone now. I can't imagine some of the places I worked using any company with a help desk outside the U.S. and having them remotely control the computers that the government owns. Either things have changed a lot at McAfee, or they put on a different face when dealing with individual purchasers. It really does not matter to me anymore.
First, when help desk people are not speaking good English and using a cheap phone system, it is very hard to understand what they are asking. I had to repeat myself often, but it wasn't for that reason only.
The first person on the line told me I had a license and it was valid. I knew that already. I wasn't calling about the license. The second person told me I had a license and it was valid, then asked my why I was calling. You need tech support he said.
The third person was nice but went through the same things and asked me if I had a Mac. My license was for a Mac. You have a Mac and this section does not do Macs, so I will transfer you.
The fourth person was actually a Mac person and understood the question, but was asking quite a few questions that weren't relevant to scanning a hard drive. She didn't want to tell me how to scan an external disk, or she didn't know.
I asked her why she was asking all these questions about my system when all I wanted was to know how to scan an external drive. She said she didn't have to have all that information and I could just log into a website called logme-in at a URL she game me. I said, "Wait, you want me to log into a website that is used to give you control of my system, and all I want to know is how to scan an external hard drive?"
"Yes, we can help walk you through it if you do that."
No. That is worse than not getting help from the vendor. Somebody who obviously isn't in this country wants me to turn over control of my computer to them so they can walk me through a procedure that should be easy. They want to know more about my system than just the OS version I have (was it wired or wireless and others). I just read about the problems with Baidu sucking data about the computer and nearby networks. It sounded just like them.
I hung up and cancelled my subscription to McAfee. My fond memories of my time in the government when McAfee was used on most every computer I had, are gone now. I can't imagine some of the places I worked using any company with a help desk outside the U.S. and having them remotely control the computers that the government owns. Either things have changed a lot at McAfee, or they put on a different face when dealing with individual purchasers. It really does not matter to me anymore.
Tuesday, March 8, 2016
ZTE Sells Technology to Iran
In my first book I talked about two companies that the U.S. was watching, Huawei and ZTE. After five years, we find out they are still being watched for good reason.
ZTE is about to receive sanctions which will limit its ability to buy technology in the U.S. [ Juro Osawa and Eva Dou, U.S. to Place Trade Restrictions on China's ZTE, The Wall Street Journal, 7 March 2016 ] The Commerce Department which enforces these sanctions said ZTE acted "contrary to the national security and foreign policy interests of the United States”.
"Authorities allege ZTE broke export rules by supplying Iran with U.S.-made high-tech goods and said they uncovered plans by ZTE to use a series of shell companies 'to illicitly reexport controlled items to Iran in violation of U.S. export control laws.'"
The Commerce Department published internal documents of ZTE Corp marked "Top Secret, Highly Confidential" to substantiate its claim that ZTE knew what it was doing when it funneled hardware and software from Microsoft, Oracle, IBM, and Dell to Iran. The first document is well worth reading. It clearly shows ZTE knew what the export rules required, and knew there would be trouble if they were discovered trying to skirt them. Group Z described in this document is North Korea, Vietnam and Cuba. ZTE at the time of their writing, was exporting U.S. produced products to Iran, Sudan, North Korea, Syria and Cuba. They outline the methods used to avoid detection in all of these countries.
http://www.bis.doc.gov/index.php/about-bis/newsroom
This may prove difficult for ZTE which is a large cell phone supplier in the U.S.
ZTE is about to receive sanctions which will limit its ability to buy technology in the U.S. [ Juro Osawa and Eva Dou, U.S. to Place Trade Restrictions on China's ZTE, The Wall Street Journal, 7 March 2016 ] The Commerce Department which enforces these sanctions said ZTE acted "contrary to the national security and foreign policy interests of the United States”.
"Authorities allege ZTE broke export rules by supplying Iran with U.S.-made high-tech goods and said they uncovered plans by ZTE to use a series of shell companies 'to illicitly reexport controlled items to Iran in violation of U.S. export control laws.'"
The Commerce Department published internal documents of ZTE Corp marked "Top Secret, Highly Confidential" to substantiate its claim that ZTE knew what it was doing when it funneled hardware and software from Microsoft, Oracle, IBM, and Dell to Iran. The first document is well worth reading. It clearly shows ZTE knew what the export rules required, and knew there would be trouble if they were discovered trying to skirt them. Group Z described in this document is North Korea, Vietnam and Cuba. ZTE at the time of their writing, was exporting U.S. produced products to Iran, Sudan, North Korea, Syria and Cuba. They outline the methods used to avoid detection in all of these countries.
http://www.bis.doc.gov/index.php/about-bis/newsroom
This may prove difficult for ZTE which is a large cell phone supplier in the U.S.
What Does Turkey Know that We Don't?
It may be a little bit unusual for a major newspaper like the Wall Street Journal to publish an editorial criticising the conduct of a government leader, anywhere other than the United States, but this one is about Turkey and it made me wonder. [Erdogan's Press Assualt at http://www.wsj.com/articles/ergodans-press-assault-1457308765].
The main point of the criticism lies in our ability to see free speech differently than Turkey. A court effectively shut down the highest circulation newspaper in the country and blocked its reporters from getting access to the systems needed to publish. The editorial ends with this note:
"Mr. Erdogan now rules Turkey much as his geopolitical rival, Vladimir Putin, rules Russia. One lesson, for established democracies as much as new ones, is to beware of popular authoritarians who promise to punish the press...."
A Reuters story on the same court order saw the whole situation differently. Ayla Jean Yackley seemed to think the court order was a loss to Erdogan, who wanted schools closed down that were operated by Islamic cleric Fethullah Gulen, who lives in the U.S. So what kind of schools does a cleric who lives here, operate in Turkey? 60 Minutes did a story on them, and to our surprise there are many in the United States. [http://www.cbsnews.com/news/us-charter-schools-tied-to-powerful-turkish-imam/3]. They are Islamic schools, as one would suspect given his Imam title. There are lots of Islamic schools in Turkey, but not many in the U.S.
So, look at a description of the tenants of this organization published by the Center for Security Policy. [ https://www.centerforsecuritypolicy.org/wp-content/uploads/2015/12/Gulen_Final.pdf]. This organization characterizes them as "Islamic supremacism guised as Turkish nationalism". Some of the descriptions of their doctrine are not very friendly towards the religious beliefs of its host country. According to this document, when they tried to get a school set up in my county, the school board would not approve its operation. We are pretty conservative here in Virginia, but anyone reading some of the stuff published by this group might think twice before sending their children to schools run by it.
One of the nice things about freedom of the press is the differences of opinion that allow focus on different aspects of an issue. We might want to look more closely as what was really behind that court order to close and manage a newspaper.
The main point of the criticism lies in our ability to see free speech differently than Turkey. A court effectively shut down the highest circulation newspaper in the country and blocked its reporters from getting access to the systems needed to publish. The editorial ends with this note:
"Mr. Erdogan now rules Turkey much as his geopolitical rival, Vladimir Putin, rules Russia. One lesson, for established democracies as much as new ones, is to beware of popular authoritarians who promise to punish the press...."
A Reuters story on the same court order saw the whole situation differently. Ayla Jean Yackley seemed to think the court order was a loss to Erdogan, who wanted schools closed down that were operated by Islamic cleric Fethullah Gulen, who lives in the U.S. So what kind of schools does a cleric who lives here, operate in Turkey? 60 Minutes did a story on them, and to our surprise there are many in the United States. [http://www.cbsnews.com/news/us-charter-schools-tied-to-powerful-turkish-imam/3]. They are Islamic schools, as one would suspect given his Imam title. There are lots of Islamic schools in Turkey, but not many in the U.S.
So, look at a description of the tenants of this organization published by the Center for Security Policy. [ https://www.centerforsecuritypolicy.org/wp-content/uploads/2015/12/Gulen_Final.pdf]. This organization characterizes them as "Islamic supremacism guised as Turkish nationalism". Some of the descriptions of their doctrine are not very friendly towards the religious beliefs of its host country. According to this document, when they tried to get a school set up in my county, the school board would not approve its operation. We are pretty conservative here in Virginia, but anyone reading some of the stuff published by this group might think twice before sending their children to schools run by it.
One of the nice things about freedom of the press is the differences of opinion that allow focus on different aspects of an issue. We might want to look more closely as what was really behind that court order to close and manage a newspaper.
Saturday, March 5, 2016
U.S. Navy Ships to South China Sea
The Navy Times [ http://www.navytimes.com/story/military/2016/03/03/stennis-strike-group-deployed-to-south-china-sea/81270736/]. and Fox News [http://www.foxnews.com/world/2016/03/04/us-navy-deploys-several-ships-to-south-china-sea.html]. have reported on Thursday that the US will send a fairly large carrier strike group to the South China Sea. This will include an aircraft carrier, two cruisers, and two destroyers which will join two others already there.
China must have known the US would do something about their continuous buildup of the islands in that area, but I doubt that they were too surprised at the numbers of ships that were coming. They have hacked our military networks for years and have a good idea of what our military forces are up to. That is a large fleet that is hard to hide and it takes weeks to get to where they are going. When they get there, we are going to see some interesting tests of diplomacy-by-boat.
The last time we ratcheted up our engagements with them, they sailed some ships of their own close enough to Alaska to get our attention. They waited until the President of the United States was visiting there, so they would be close enough to make their point. The Navy is already saying "We do this routine patrol all the time" which is true enough by itself, but during those patrols we didn't have a nuclear powered aircraft carrier as long as 3 football fields sailing with them. Not to mention the arsenal of weapons that goes on it. This is a powerful ship with global reach, right into the backyard of China's disputed area.
We can expect China to do what they did the last time and start getting into our territorial waters, and those of our allies, on a more regular basis. They won't stop building up the South China Sea, and they won't talk about demilitarization of the islands. The Chinese just keep on keeping on. They built those islands from nothing but water and little strips of land. Now they have runways as long as the ones at Dulles Airport. They aren't going to give them up. What does that aircraft carrier do then?
All of this started to happen over 7 years ago and all the US did was talk. Putting that fleet in then would have had a chance of keeping China from building up that area. Now, it is going to put good men in a bad situation.
China must have known the US would do something about their continuous buildup of the islands in that area, but I doubt that they were too surprised at the numbers of ships that were coming. They have hacked our military networks for years and have a good idea of what our military forces are up to. That is a large fleet that is hard to hide and it takes weeks to get to where they are going. When they get there, we are going to see some interesting tests of diplomacy-by-boat.
The last time we ratcheted up our engagements with them, they sailed some ships of their own close enough to Alaska to get our attention. They waited until the President of the United States was visiting there, so they would be close enough to make their point. The Navy is already saying "We do this routine patrol all the time" which is true enough by itself, but during those patrols we didn't have a nuclear powered aircraft carrier as long as 3 football fields sailing with them. Not to mention the arsenal of weapons that goes on it. This is a powerful ship with global reach, right into the backyard of China's disputed area.
We can expect China to do what they did the last time and start getting into our territorial waters, and those of our allies, on a more regular basis. They won't stop building up the South China Sea, and they won't talk about demilitarization of the islands. The Chinese just keep on keeping on. They built those islands from nothing but water and little strips of land. Now they have runways as long as the ones at Dulles Airport. They aren't going to give them up. What does that aircraft carrier do then?
All of this started to happen over 7 years ago and all the US did was talk. Putting that fleet in then would have had a chance of keeping China from building up that area. Now, it is going to put good men in a bad situation.
Friday, March 4, 2016
The Terrorist Watch List
Over the years, we have seen a number of stories about the inaccuracy of the terror watch list(s), and from time to time, innocent people end up on that list because their names are close to someone who should be. Judicial Watch, one of Hillary Clinton's favorite groups, put out some interesting analysis based on e-mail sent in Homeland Security, that indicates the terrorist watchlist was modified to allow more persons with terrorist ties to enter the country. It wasn't about inaccuracy of data, which would have been a better excuse.
http://www.judicialwatch.org/press-room/press-releases/judicial-watch-homeland-security-records-reveal-officials-ordered-terrorist-watch-list-scrubbed/?utm_source=SilverpopMailing&utm_medium=email&utm_campaign=Judicial%20Watch%20Tipsheet%20-%20Template%202%20(11)&utm_content=
http://www.judicialwatch.org/press-room/press-releases/judicial-watch-homeland-security-records-reveal-officials-ordered-terrorist-watch-list-scrubbed/?utm_source=SilverpopMailing&utm_medium=email&utm_campaign=Judicial%20Watch%20Tipsheet%20-%20Template%202%20(11)&utm_content=
Wednesday, March 2, 2016
A White House with No Secrets
In a Wall Street Journal article last week, there [Adam Entous, Cabinet Splits on Accord in Syria] is proof positive that discussions of secrets in the White House will eventually find their way into the public, no matter how sensitive they may be.
This particular article is about Syria, where the Russians have decided to take a stand and defend an unpopular government leader. The Russians haven't denied their actions flying planes clearly marked and dropping bombs everywhere. They are eliminating any chance of getting a moderate government in Syria and doing it in the name of "counter terrorism". Assad's enemies are obviously terrorists.
The gist of the Journal article is that there are splits between the State Department and Defense and CIA over how to react to the Russians. Defense and CIA want more aggressive action against the Russians and State which is afraid we would be pulled into a proxy war with Russia. The source for the article says the Russian bombing strikes on rebels supplied and trained by the CIA has caused consternation at the Agency.
This is usually the patter of a "whiner" who is losing an argument against the weight of others. He, or she, goes to the press and makes this argument public in the hope of having public opinion sway the politics. It seems to be a little more in this case, since as the article points out, "Ms Rice, Mr. McDonough and other senior national security officials at the White House have voiced skepticism in the past about the CIA effort". This is a pointed attack on the support which may have been given by CIA to rebels fighting Assad. This is not the kind of thing to be discussed with a reporter under any circumstances, yet someone did.
First, this is the only country in the world that exposes this kind of thing to public scrutiny. I can't imagine the Russians having something like the internal discussions on who should be supported in the Ukraine coming out on the front page of a newspaper. They have some sense about what to talk to the press about and what not. Apparently, the people going to these classified meetings in the White House do not.
Second, talking about things that are classified with a reporter is a crime. These kinds of operations are very highly classified and seldom even get on the private email servers of those at the State Department. Most of them know better than to take a discussion like this to the press.
Let's stop accepting excuses that "everybody does it" because not everybody does. These are Top Secret discussions that don't need to be disclosed to anyone, but especially to the Russians who will know for sure they were bombing the right people. If there are disagreements in the White House then keep them there and keep that quiet. When someone goes to the press with something like this, find out who they are and take away their security clearance. Then, make sure they don't attend anymore White House meetings.
This particular article is about Syria, where the Russians have decided to take a stand and defend an unpopular government leader. The Russians haven't denied their actions flying planes clearly marked and dropping bombs everywhere. They are eliminating any chance of getting a moderate government in Syria and doing it in the name of "counter terrorism". Assad's enemies are obviously terrorists.
The gist of the Journal article is that there are splits between the State Department and Defense and CIA over how to react to the Russians. Defense and CIA want more aggressive action against the Russians and State which is afraid we would be pulled into a proxy war with Russia. The source for the article says the Russian bombing strikes on rebels supplied and trained by the CIA has caused consternation at the Agency.
This is usually the patter of a "whiner" who is losing an argument against the weight of others. He, or she, goes to the press and makes this argument public in the hope of having public opinion sway the politics. It seems to be a little more in this case, since as the article points out, "Ms Rice, Mr. McDonough and other senior national security officials at the White House have voiced skepticism in the past about the CIA effort". This is a pointed attack on the support which may have been given by CIA to rebels fighting Assad. This is not the kind of thing to be discussed with a reporter under any circumstances, yet someone did.
First, this is the only country in the world that exposes this kind of thing to public scrutiny. I can't imagine the Russians having something like the internal discussions on who should be supported in the Ukraine coming out on the front page of a newspaper. They have some sense about what to talk to the press about and what not. Apparently, the people going to these classified meetings in the White House do not.
Second, talking about things that are classified with a reporter is a crime. These kinds of operations are very highly classified and seldom even get on the private email servers of those at the State Department. Most of them know better than to take a discussion like this to the press.
Let's stop accepting excuses that "everybody does it" because not everybody does. These are Top Secret discussions that don't need to be disclosed to anyone, but especially to the Russians who will know for sure they were bombing the right people. If there are disagreements in the White House then keep them there and keep that quiet. When someone goes to the press with something like this, find out who they are and take away their security clearance. Then, make sure they don't attend anymore White House meetings.
Subscribe to:
Posts (Atom)