The most recent Petya outbreak follows Wannacry by only a couple of months and uses the same exploit that it used. So, you have to ask what were the IT Directors of these companies thinking when the Wannacry closed down hospitals and infected places with seemingly random distribution? This was something that Microsoft had patched on an operating system that it no longer supported.
That means your IT Director not only was using an unsupported OS, but didn't patch it when the patch came out, didn't patch it when Wannacry ran rampant in world, and hadn't patched it since Petya came out. Now, it does not take a rocket scientist to think that this is not a security problem as much as a laziness on the operators of these systems. This is not paying attention to what is going on the world around you and not doing much of anything to prevent a known attack from being successful.
I used to wonder about this kind of thing until I was teaching a course to IRS leadership and used a study on anti-virus that said about 34% of people did not use anti-virus until they got hit by a virus and then 96% used it. It seemed intuitively obvious, but the audience was taking notes like crazy when I showed this study. It scared me. Didn't they have antivirus software on their systems? They knew what it was. We had a license for the entire organization. Still, many of them were not using it.
Part of this is education. Every organization needs a group that keeps up with current attack vectors in the environments they use. They should check to see that patches are made and updates loaded. They need to get supported stoftware in the inventory and stop using trial software and unsupported public domain software. It is due diligence for those who have not heard the term recently. From Webster's Dictionary : 1 law : the care that a reasonable person exercises to avoid harm to other persons or their property failed to exercise due diligence in trying to prevent the accident.
In most cases, that is just doing your job in the way most others in your profession do it. I would be thinking about that if I were on the board of some of the these companies that got hit this week.
Thursday, June 29, 2017
Wednesday, June 28, 2017
EU Scrambles on Google
Never has there been more scrambling than in the statements made by the EU over the ludicrous decision on Google. Today, Margrethe Vestager is saying the decision is in no way related to the fact that Google is a U.S company. She would have a difficult time showing that Apple and Google, her two main targets, were not chosen because they were made in the USA. This is a trade issue for the US and trade is the main ingredient of the new President's strategy for America First. The White House needs to show some initiative here.
Tripling the fine after it was decided was an obvious slam at the US. Maybe she thinks she can get away with this kind of thing because the EU is right about Google. Nobody believes that, even her. This was a trumped up charge to begin with, said to be pushed by Microsoft, which has avoided any such claim itself. That alone should be reason for questioning the decision. Microsoft's two main rivals are the targets. What a coincidence.
Maybe Google should think about rehoming some of its servers to Great Britain where it would get a better reception under Brexit. They tried that with China when that came off the rails, but China wouldnb't give up until Google left the field altogether. The EU doesn't have that kind of power.
This is a clear interference with commerce, and an intrusion into US business. It cannot be allowed to stand. Reciprocity should prevail.
Tripling the fine after it was decided was an obvious slam at the US. Maybe she thinks she can get away with this kind of thing because the EU is right about Google. Nobody believes that, even her. This was a trumped up charge to begin with, said to be pushed by Microsoft, which has avoided any such claim itself. That alone should be reason for questioning the decision. Microsoft's two main rivals are the targets. What a coincidence.
Maybe Google should think about rehoming some of its servers to Great Britain where it would get a better reception under Brexit. They tried that with China when that came off the rails, but China wouldnb't give up until Google left the field altogether. The EU doesn't have that kind of power.
This is a clear interference with commerce, and an intrusion into US business. It cannot be allowed to stand. Reciprocity should prevail.
Tuesday, June 27, 2017
Never Speak Ill of the Party
Liu Xiaobo has been a prisoner in his own country for nine years for signing a document called Charter 8 which proposes some modifications to the government of China. This is not something a person does lightly in that country, because preservation of the Party is the number one priority of the Central Government. These are the central principles of the document:
Freedom. Freedom is at the core of universal human values. Freedom of speech, freedom of the press, freedom of assembly, freedom of association, freedom in where to live, and the freedoms to strike, to demonstrate, and to protest, among others, are the forms that freedom takes. Without freedom, China will always remain far from civilized ideals.
While we may quibble about China's willingness to restrain North Korea, we are worrying about the wrong thing. It is a government that preserves itself at all cost, eliminates its enemies, and monitors it citizens closely to make sure they do not propose things like Charter 8. In a country like China, the Declaration of Independence would have gotten everyone who signed it a death sentence, as it may well have done for the original signers in the United States. If Great Britain had had the ability to censor that China has, we might still be under the stewardship of the UK.
In the meantime, Lieu has terminal cancer. We might wonder if he got the kind of care he needed, or if the terminal nature had more to do with Charter 8 than the nature of the disease.
Freedom. Freedom is at the core of universal human values. Freedom of speech, freedom of the press, freedom of assembly, freedom of association, freedom in where to live, and the freedoms to strike, to demonstrate, and to protest, among others, are the forms that freedom takes. Without freedom, China will always remain far from civilized ideals.
Human rights. Human rights are not bestowed by a state. Every person is born with inherent rights to dignity and freedom. The government exists for the protection of the human rights of its citizens. The exercise of state power must be authorized by the people. The succession of political disasters in China’s recent history is a direct consequence of the ruling regime’s disregard for human rights.
Equality. The integrity, dignity, and freedom of every person—regardless of social station, occupation, sex, economic condition, ethnicity, skin color, religion, or political belief—are the same as those of any other. Principles of equality before the law and equality of social, economic, cultural, civil, and political rights must be upheld.
Republicanism. Republicanism, which holds that power should be balanced among different branches of government and competing interests should be served, resembles the traditional Chinese political ideal of “fairness in all under heaven.” It allows different interest groups and social assemblies, and people with a variety of cultures and beliefs, to exercise democratic self-government and to deliberate in order to reach peaceful resolution of public questions on a basis of equal access to government and free and fair competition.
Democracy. The most fundamental principles of democracy are that the people are sovereign and the people select their government. Democracy has these characteristics: (1) Political power begins with the people and the legitimacy of a regime derives from the people. (2) Political power is exercised through choices that the people make. (3) The holders of major official posts in government at all levels are determined through periodic competitive elections. (4) While honoring the will of the majority, the fundamental dignity, freedom, and human rights of minorities are protected. In short, democracy is a modern means for achieving government truly “of the people, by the people, and for the people.”
Constitutional rule. Constitutional rule is rule through a legal system and legal regulations to implement principles that are spelled out in a constitution. It means protecting the freedom and the rights of citizens, limiting and defining the scope of legitimate government power, and providing the administrative apparatus necessary to serve these ends.While we may quibble about China's willingness to restrain North Korea, we are worrying about the wrong thing. It is a government that preserves itself at all cost, eliminates its enemies, and monitors it citizens closely to make sure they do not propose things like Charter 8. In a country like China, the Declaration of Independence would have gotten everyone who signed it a death sentence, as it may well have done for the original signers in the United States. If Great Britain had had the ability to censor that China has, we might still be under the stewardship of the UK.
In the meantime, Lieu has terminal cancer. We might wonder if he got the kind of care he needed, or if the terminal nature had more to do with Charter 8 than the nature of the disease.
Spy for China Caught by Faulty Phone
The Chinese intelligence services should be embarrassed by this latest arrest of Kevin Mallory. Mallory who is a U.S Citizen was arrested when the phone the Chinese Intelligence Serices gave him to transmit the documents he was providing failed to erase them as he thought they would. See article at ArsTechnica. That proved unfortunate for Mr. Mallory who was transmitting some Top Secret things to the Chinese and needed to be stopped. I hope he goes to jail forever, especially when the material he was giving them was of the highest level and further restricted beyond its classification. It was obvious from the email discovered on the phone that he did it for the money. That is really selling out your country.
Reciprocity for Google
So, the EU has levied a $2.7Billion fine on Google for favoring its own sites over those of its rivals, as if that is a crime. We need to establish that reciprocity for EU businesses that favor their own products over their rivals be treated the same in the United States. This is so blatently rediculous that I wonder why the White House has not spoken out about it.
I will repeat my previous post on Margarthe Vestager, who seems to be driving this runaway train:
Lately she has been spending a lot time with the press and public forums where she can explain the actions which were several years in the making. [ see Natasha Singer and James Kanter, Google's Steely Adversary, New York Times, 19 April 2015 ]. She tries hard to justify bringing these kind of charges against Google, but not many others doing exactly what Google does as a part of their commercial business. A more interesting slant on the whole thing comes from The Financial Times [Richard Waters, Christian Oliver and Alex Barker, How Google ended up 'on the wrong side of history']
So now, she takes on another U.S company, Apple, with the same crudeness shown in her keeping of that statue with the raised middle finger. She decides that Ireland cannot enter into a an arrangement with Apple and that because Ireland chose to do so, Apple will pay the price for it. It is almost as stupid as the case against Google. Success in this view of the world, deserves to be punished. I don't see her spending a lot of time on uniquely European monopolies like those in her home country or in France.
I hope Apple does what Tim Cook alluded to yesterday, and bring home most of that money they were stashing over there. Now, maybe Google can too. It will serve the EU right to have the outcome be a wholesale withdrawal of capital from their countries. Fine a few of them who think their products are worth protecting in a very competitive market. Why should se stand for this?
Oh, wait a minute, Ireland is in the Brexit deal and can do what it wants soon enough. They won't be in the EU. She and the rest of the over-regulating mass of paid bureaucrats can play this game among themselves.
I will repeat my previous post on Margarthe Vestager, who seems to be driving this runaway train:
Lately she has been spending a lot time with the press and public forums where she can explain the actions which were several years in the making. [ see Natasha Singer and James Kanter, Google's Steely Adversary, New York Times, 19 April 2015 ]. She tries hard to justify bringing these kind of charges against Google, but not many others doing exactly what Google does as a part of their commercial business. A more interesting slant on the whole thing comes from The Financial Times [Richard Waters, Christian Oliver and Alex Barker, How Google ended up 'on the wrong side of history']
This article says it took a long time to bring charges because Ms Vestager's predecessor, Joaquin Almunia, slow-rolled the whole thing because he "... grew convinced the anti-Google campaign was largely driven by arch-rival Microsoft, leading him to discount some compalints. Collegues recall him grumbling: if Steve Balmer of Mircrosoft has a problem, why is he sending proxies to see me?" He also had his staff expressing doubts about the strength of the case, on the basis that the arguments were too novel.
The FT article leads us to believe that Edward Snowden's disclosures has a lot to do with Germany turning on the heat with Google and it partly came from a belief in Europe that the U.S. was managing too much of the Internet. This latter being something that comes up from time to time, especially when the Russians engage on the issue. Putin expressed his opinion when he said the Internet was a "CIA project" without any explanation of what he meant.
As to what she really is, the NY Times has more understanding of the real person. She sharply cut Denmark's social benefits, especially unemployment. A group of unemployed builders gave her a life-sized sculpture of a hand with the middle finger raised, and she keeps it in her office. That must surprise a lot of visitors. I don't know many government employees who could get away with something like that. A reporter who covers her said she "is seen as a very tough, cold-hearted politician." The kind who would bring charges against Google for doing what every search engine does, especially one managed by a business. I don't find many Google products mentioned in Bing, Microsoft's own. Yahoo doesn't give equal prominance to Google products. Why would they? When the U.S. decided not to pursue anti-trust charges against Google, they were right. While the Europeans might find it the equivalent of a crime to put their own products first, we certainly don't. If they want to play this game, we should do the same to them.
I hope Apple does what Tim Cook alluded to yesterday, and bring home most of that money they were stashing over there. Now, maybe Google can too. It will serve the EU right to have the outcome be a wholesale withdrawal of capital from their countries. Fine a few of them who think their products are worth protecting in a very competitive market. Why should se stand for this?
Oh, wait a minute, Ireland is in the Brexit deal and can do what it wants soon enough. They won't be in the EU. She and the rest of the over-regulating mass of paid bureaucrats can play this game among themselves.
Sunday, June 25, 2017
Vanishing Records
It is always curious to find records gone missing from government offices, when there are such elaborate rules to be sure they don't. Just as a couple of examples, Director Comey is missing some notes he took with him when he left the FBI, and the National Security Council is missing the documents pertaining to the "unmasking" of a previous head of that agency. Those are important records to investigators, and although the records management process is supposed to be designed to protect them and make them available, it failed to do so - up until now anyway.
The NSC has slightly different rules on retention, but not different enough to make records recovery as difficult as it now appears to be. "This record group is for the records of the independent office within the White House, headed by the National Security Advisor, and staffed to assist the President in the development of national security policies and programs." It then goes on to say that because of classification difficulties, it is often easier to review documents through the Department of State. I hasten to add that not all of the relevant records are in either place. The unmasking leaves an unmistakable paper trail. The FBI will have records of anything its Director did on his computer. It is almost impossible to hide the records needed to establish a case, but it will be hard to determine how far up the knowledge and actions actually went. That is the real reason those records are so difficult to come by right now.
The NSC has slightly different rules on retention, but not different enough to make records recovery as difficult as it now appears to be. "This record group is for the records of the independent office within the White House, headed by the National Security Advisor, and staffed to assist the President in the development of national security policies and programs." It then goes on to say that because of classification difficulties, it is often easier to review documents through the Department of State. I hasten to add that not all of the relevant records are in either place. The unmasking leaves an unmistakable paper trail. The FBI will have records of anything its Director did on his computer. It is almost impossible to hide the records needed to establish a case, but it will be hard to determine how far up the knowledge and actions actually went. That is the real reason those records are so difficult to come by right now.
Friday, June 23, 2017
The San Andreas Fault
When I first saw the San Andreas Fault I thought it was a ditch dug out by people trying to drain the land. It didn't look like a fault line of potential earthquake disasters so great they made movies about the potential damages. But, lately I have been thinking about it more because of the weirdness emanating from the west. They must be living under more intense pressure than I originally thought.
First was the high-speed rail, partially funded by the Chinese even though it appeared to go nowhere, and lttle has been done on it. Anytime we see money going into a project and nothing coming out, there is a good chance the money is being used for something else besides what we thought it was for.
Second, the Governor of California went to China to negotiate his own climate arrangement and the Premier actually met with him - at least for photos.
Third we find out that California is giving taxpayer money to illegal aliens so they can hire lawyers to defend themselves in deportation cases. This was very much like allowing illegals to go to school with in-state tuition. They seem to be spending state money to help people who are not only not state citizens, they aren't U.S citizens either. I'm applying for grants right now to go to the University of Southern California, where I actually paid to go when I was younger.
Fourth, some Hollywood types have decided to encourage those misguided people out there who might want to assassinate the President of the United States. I kind of draw the line there and withdrew the grant requests. Madonna said it when she was here for the inaugural parade. Mr. Depp who is slipping a lot in popularity demonstrated why yesterday by doing the same thing.
Now there is a travel ban imposed on some states California does not agree with. Texas is one of them. What makes them think they are so much better than the rest of us?
Last, I heard Nancy Polosi talking about herself yesterday [the "I am a master political strategist speech] and was pretty sure living under all that stress for so long has finally caused those people out there to break.
We always called California the land of fruit and nuts, but that was years ago. I long for those days again.
First was the high-speed rail, partially funded by the Chinese even though it appeared to go nowhere, and lttle has been done on it. Anytime we see money going into a project and nothing coming out, there is a good chance the money is being used for something else besides what we thought it was for.
Second, the Governor of California went to China to negotiate his own climate arrangement and the Premier actually met with him - at least for photos.
Third we find out that California is giving taxpayer money to illegal aliens so they can hire lawyers to defend themselves in deportation cases. This was very much like allowing illegals to go to school with in-state tuition. They seem to be spending state money to help people who are not only not state citizens, they aren't U.S citizens either. I'm applying for grants right now to go to the University of Southern California, where I actually paid to go when I was younger.
Fourth, some Hollywood types have decided to encourage those misguided people out there who might want to assassinate the President of the United States. I kind of draw the line there and withdrew the grant requests. Madonna said it when she was here for the inaugural parade. Mr. Depp who is slipping a lot in popularity demonstrated why yesterday by doing the same thing.
Now there is a travel ban imposed on some states California does not agree with. Texas is one of them. What makes them think they are so much better than the rest of us?
Last, I heard Nancy Polosi talking about herself yesterday [the "I am a master political strategist speech] and was pretty sure living under all that stress for so long has finally caused those people out there to break.
We always called California the land of fruit and nuts, but that was years ago. I long for those days again.
Slight Cultural Differences With China
Several news outlets carried the same story yesterday about the Yulin Dog Festival and I just blew right by most of them because we have so many dog festivals in our area. One takes up the entire town of Reston and includes other pets too, but dogs are most common. But I saw parts of Tucker Carlson on Fox last night and stopped long enough to find out why he was covering it. It doesn't seem like Tucker's kind of story.
So, it turns out that the real title of this event is the Yulin Dog Meat Festival, and cruelty to animals takes on a whole new meaning when the locals there come up with novel ways of killing and eating their dogs. Really ugly stuff. The BBC and Bloomberg were aghast at the idea of this kind of festival and why it still exists, making me think they have never been to South East Asia before.
Tucker mentioned [rightly] that this is a sure sign that the Chinese are not like us, and they are not like us in a lot more ways than we recognize. I don't think the rest of the world is going to notice that they kill and eat what we call pets, but at least for one day, they have. You can bet that the censorship people will be killing that story in China, and killing any further notices on the Yulin Dog Meat Festival. They are not like us. Anything that might detract from the images they want to portray to the outside world is filtered out "for your own good". I wish they had censored that one sooner.
So, it turns out that the real title of this event is the Yulin Dog Meat Festival, and cruelty to animals takes on a whole new meaning when the locals there come up with novel ways of killing and eating their dogs. Really ugly stuff. The BBC and Bloomberg were aghast at the idea of this kind of festival and why it still exists, making me think they have never been to South East Asia before.
Tucker mentioned [rightly] that this is a sure sign that the Chinese are not like us, and they are not like us in a lot more ways than we recognize. I don't think the rest of the world is going to notice that they kill and eat what we call pets, but at least for one day, they have. You can bet that the censorship people will be killing that story in China, and killing any further notices on the Yulin Dog Meat Festival. They are not like us. Anything that might detract from the images they want to portray to the outside world is filtered out "for your own good". I wish they had censored that one sooner.
Thursday, June 22, 2017
Acting in a Position
I felt sorry for the DHS rep who testified yesterday before the Senate Intelligence Committee. She was "acting" in her position, meaning she had not gotten the job permanently yet and she was testifying on the Russian intrusions into State election systems. This is a really difficult topic with lots of press coverage and divided politics. This is a tough position to be in because you cannot possibly know about all the decisions that were made before you became acting, and you have to learn the details of events that someone else may have covered before you. The Senators even toned down some of their questions because they it does little good - and may cause some political harm - to beat up a witness that was not high enough up in the food chain to be responsible for decisions that were made. One of the guys who was, the previous Director of Homeland Security, was testifying at a House Commitee hearing at the same time. That is poor scheduling, and did not help anyone improve their understanding of the issues.
We are also dealing with some pretty sensitive issues that are not open session discussions. How can the poor Acting Director speak in public about which state election systems the Russians were trying to get into? How can they talk openly about the techniques that were used by a foreign power to penetrate government systems? As time went on, it was obvious in both hearing that some of the states and the Democratic National Committee did not want help when told about the hacking. Less than half even agreed to work with Homeland Security.
What one Senator wanted to know was were the ones who didn't want the help the same as the ones who got hacked? We know the DNC certainly was. Good question for the open forum but they didn't have, or didn't want to talk about, that part.
Having been in that position with State governments and military units who don't want to hear that they are being hacked, I can tell you it is a helpless feeling. We cannot force some of these people to do the right thing, even to do what we point out to them they need to do in a real national emergency like the one created by Russian meddling in the US election. The real question which was asked in the House Committee was why President Obama, who knew about this meddling, did not do more to make it public inside and outside government. The excuse that he didn't want it to appear to be political is rediculous when coming from a man who actively campaigned for Mrs Clinton. There was something else involved. I certainly hope they get that question answered.
We are also dealing with some pretty sensitive issues that are not open session discussions. How can the poor Acting Director speak in public about which state election systems the Russians were trying to get into? How can they talk openly about the techniques that were used by a foreign power to penetrate government systems? As time went on, it was obvious in both hearing that some of the states and the Democratic National Committee did not want help when told about the hacking. Less than half even agreed to work with Homeland Security.
What one Senator wanted to know was were the ones who didn't want the help the same as the ones who got hacked? We know the DNC certainly was. Good question for the open forum but they didn't have, or didn't want to talk about, that part.
Having been in that position with State governments and military units who don't want to hear that they are being hacked, I can tell you it is a helpless feeling. We cannot force some of these people to do the right thing, even to do what we point out to them they need to do in a real national emergency like the one created by Russian meddling in the US election. The real question which was asked in the House Committee was why President Obama, who knew about this meddling, did not do more to make it public inside and outside government. The excuse that he didn't want it to appear to be political is rediculous when coming from a man who actively campaigned for Mrs Clinton. There was something else involved. I certainly hope they get that question answered.
Wednesday, June 21, 2017
U.S Running out of Options with North Korea
Sue Mi Terry, a former CIA analyst on North Korea, was on Fox Business this afternoon and said some things that were interesting to anyone following the North.. She first said China will not do more than they are doing now, and have a long history of undermining sanctions and keeping the North moving along. But, she thinks the U.S. is out of viable options and can only put more sanctions on Chinese businesses doing work for the North. That hasn't worked very well in the past, in case you haven't noticed. That is because Chinese companies have used every trick in the book to get around them.
Then she reminded everyone of something we knew but forgot: When Kim Jong Un goes after his adversaries in North Korea he removes the families of his enemies - all of the family members - back 3 generations. That is not a rational person, but demonstrate the kind of ruthlessness that makes for not having any enemies in the population. He will have support for whatever he wants to do. That part is scary to think about, if this guy wakes up one day and says, "Let's make a statement" and throws one of those missiles our way. Maybe we are out of options, but sanctions are not the first idea that would come into my head.
Then she reminded everyone of something we knew but forgot: When Kim Jong Un goes after his adversaries in North Korea he removes the families of his enemies - all of the family members - back 3 generations. That is not a rational person, but demonstrate the kind of ruthlessness that makes for not having any enemies in the population. He will have support for whatever he wants to do. That part is scary to think about, if this guy wakes up one day and says, "Let's make a statement" and throws one of those missiles our way. Maybe we are out of options, but sanctions are not the first idea that would come into my head.
President Poroshenko Talks to Press
I was impressed with the Ukrainian President yesterday because he managed to get himself on several public interviews and did well in all of them. He is articulate and a good spokesman for his country. He did mention a couple of things of note. First, the number of Russian regular army forces in his country is down by about half. Since the Russians deny having any there, that number should not be too encouraging. They might just be getting better at hiding the ones they have. No more Facebook pictures probably would be one thing they might do better. But he said they were down from 8,000 or so, to 3,000 so that would be an improvement.
Second, he seems genuinely friendly with President Trump, and that may be reciprocated. He was also meeting with the heads of Defense and State afterwards, so the US has devoted considerable time to him. Like all good business managers, these are people who know you don't have to do as much as the public thinks. You just have to pay attention and focus resources. That strategy will pay off in the long run.
The press, what there was of it, linked the imposition of Russian sanctions with this visit. The two have nothing to do with one another, but that was not surprising. No good deed goes unpunished in this press world. I noticed the Guardian article was written by correspondents in Moscow. How is that for a slant?
Second, he seems genuinely friendly with President Trump, and that may be reciprocated. He was also meeting with the heads of Defense and State afterwards, so the US has devoted considerable time to him. Like all good business managers, these are people who know you don't have to do as much as the public thinks. You just have to pay attention and focus resources. That strategy will pay off in the long run.
The press, what there was of it, linked the imposition of Russian sanctions with this visit. The two have nothing to do with one another, but that was not surprising. No good deed goes unpunished in this press world. I noticed the Guardian article was written by correspondents in Moscow. How is that for a slant?
China and U.S. At War
Andrew Browne leads off today's Wall Street Journal with an article having a provocative title: What are the Odds of a U.S.-China War? That will get a lot of people's attention.
Browne is looking at the notion that China is headed for war if the theory of Graham Allison, Harvard Professor of some note [Destined for War ] hold true. His book is so popular that Xi mentioned it in one of his speeches, trying to discredit the idea. That is not small praise.
I won't go into all the details of the Allison book, which is well worth reading, but I would say the historical views of war do not hold up very well in today's kind of war. We are mixing ideas of war that no longer exist.
Today's wars are more oriented to the Political Warfare that started, in the main, right after World War II. The second edition of my first book on Chinese Information War will have some details on this kind of war, but not as much as I would like to have. Most of the areas of Political Warfare are classified [state secrets] and are not going to show up in print anywhere. Nearly every country denies being involved in this kind of activity.
China and Russia are both playing this game. Russia is meddling in almost everyones' political business, including the United States. China is too, without getting much of the credit for how and what they are doing. They are smart about how they do it and follow the laws of the country they are in - until they get caught doing otherwise.
Where I do disagree with the majority is in the definition of war. We continue to hang onto the idea that war has to be what is described this way in Black's Law Dictionary "A contest by force between two or more nations, carried on for any purpose, or armed conflict of sovereign powers or declared and open hostilities, or the state of nations among whom there is an interruption of pacific relations, and a general contention by force, authorized by the sovereign…. War does not exist merely because of an armed attack by the military forces of another nation until it is a condition recognized or accepted by political authority of government which is attacked, either through an actual definition of war or other acts demonstrating such position.” I tend to believe Information War has overtaken this kind of war and going back into history to describe what is happening today is not always the best way.
Browne is looking at the notion that China is headed for war if the theory of Graham Allison, Harvard Professor of some note [Destined for War ] hold true. His book is so popular that Xi mentioned it in one of his speeches, trying to discredit the idea. That is not small praise.
I won't go into all the details of the Allison book, which is well worth reading, but I would say the historical views of war do not hold up very well in today's kind of war. We are mixing ideas of war that no longer exist.
Today's wars are more oriented to the Political Warfare that started, in the main, right after World War II. The second edition of my first book on Chinese Information War will have some details on this kind of war, but not as much as I would like to have. Most of the areas of Political Warfare are classified [state secrets] and are not going to show up in print anywhere. Nearly every country denies being involved in this kind of activity.
China and Russia are both playing this game. Russia is meddling in almost everyones' political business, including the United States. China is too, without getting much of the credit for how and what they are doing. They are smart about how they do it and follow the laws of the country they are in - until they get caught doing otherwise.
Where I do disagree with the majority is in the definition of war. We continue to hang onto the idea that war has to be what is described this way in Black's Law Dictionary "A contest by force between two or more nations, carried on for any purpose, or armed conflict of sovereign powers or declared and open hostilities, or the state of nations among whom there is an interruption of pacific relations, and a general contention by force, authorized by the sovereign…. War does not exist merely because of an armed attack by the military forces of another nation until it is a condition recognized or accepted by political authority of government which is attacked, either through an actual definition of war or other acts demonstrating such position.” I tend to believe Information War has overtaken this kind of war and going back into history to describe what is happening today is not always the best way.
Monday, June 19, 2017
Russian Fake News Leaks
A Report worth reading is the new one by Citizen's Lab at the University of Toronto. They do some good work but this one is timely and interesting in the context of all the leaks we seem to be having here in the United States. The technique uses a fake story supposedly by real journalists, and variations on that theme - a lot of variations. This from the intro:
- Documents stolen from a prominent journalist and critic of the Russian government were manipulated and then released as a “leak” to discredit domestic and foreign critics of the government. We call this technique “tainted leaks.”
- The operation against the journalist led us to the discovery of a larger phishing operation, with over 200 unique targets spanning 39 countries (including members of 28 governments). The list includes a former Russian Prime Minister, members of cabinets from Europe and Eurasia, ambassadors, high ranking military officers, CEOs of energy companies, and members of civil society.
- After government targets, the second largest set (21%) are members of civil society including academics, activists, journalists, and representatives of non-governmental organizations.
- We have no conclusive evidence that links these operations to a particular Russian government agency; however, there is clear overlap between our evidence and that presented by numerous industry and government reports concerning Russian-affiliated threat actors.
The report goes into some detail on how this was done and the extent of the operations, but is not firmly making the Russian government to blame. Either the Russians are getting better at this, which we would expect, or we are getting less able to determine the sources of this kind of propaganda. Note: The report is written in Canada so the government is their government.
Cyber "Accidents"
In 1980, I wrote a letter to Robert Courtney who was the Security Director at IBM, asking him about a technique I proposed to penetrate IBM computers. He wrote back a nice letter which I thought was unusual, but a pleasant surprise to a young guy in security. In it he said "Yes, your technique will work, but you may have the wrong focus. We lose more data by accident than we lose on purpose." I taught that concept for years after. Now, as I hear the same thing coming from Amazon and Microsoft, I think we are missing something by attributing some data losses to "accidents".
US Military data held by Booze Allen Hamilton, including passwords and sensitive files were found in an insecure location at Amazon. Booze says it was put there "by accident" and was removed when discovered. That is only a small part of the BBC story, which is worth reading. It does not sound like an accident at all, and Booze did not react very fast to closing it off. A similar thing happened to Microsoft where files were discovered in publically accessible locations and those too contained passwords and sensitive files.
Maybe they don't like the idea that hackers save files in their clouds and come for them when they have time. Treating these incidents like "accidents " is crazy. They are ignoring the larger problem that hackers have gotten into someone else's data and that data was exposed to the Internet - that part of it may have been an accident, but stealing and storing the data somewhere they can easily get it was not.
These are coverups. As the Chinese and Russians double their efforts to steal from cloud services, they have learned that once in, data from lots of places will be available to them. Clouds are not more secure as people would have you believe - well, not people in general, cloud vendors say that.
They are no more secure than any other institutional vendor would be, and we have no oversight into what they are doing with that data or how it is being protected. The vendors do not want you to hear that the sites are being successfully attacked, so these exposures of data become accidents when they are anything but.
US Military data held by Booze Allen Hamilton, including passwords and sensitive files were found in an insecure location at Amazon. Booze says it was put there "by accident" and was removed when discovered. That is only a small part of the BBC story, which is worth reading. It does not sound like an accident at all, and Booze did not react very fast to closing it off. A similar thing happened to Microsoft where files were discovered in publically accessible locations and those too contained passwords and sensitive files.
Maybe they don't like the idea that hackers save files in their clouds and come for them when they have time. Treating these incidents like "accidents " is crazy. They are ignoring the larger problem that hackers have gotten into someone else's data and that data was exposed to the Internet - that part of it may have been an accident, but stealing and storing the data somewhere they can easily get it was not.
These are coverups. As the Chinese and Russians double their efforts to steal from cloud services, they have learned that once in, data from lots of places will be available to them. Clouds are not more secure as people would have you believe - well, not people in general, cloud vendors say that.
They are no more secure than any other institutional vendor would be, and we have no oversight into what they are doing with that data or how it is being protected. The vendors do not want you to hear that the sites are being successfully attacked, so these exposures of data become accidents when they are anything but.
Sunday, June 18, 2017
Russian Meddling in other things too
The Russians seem to have found a formula for attacking any plans to make their lives more difficult, even in places where most of the world has been less forceful. Take the case of little Montenegro which is joining NATO, in spite of a campaign by Russia to keep them out and have their own politicos in place there. They are blamed by Montenegro's government for an attempted coup in October and probably doing much more than that. When Putin looks West, he sees more than the Ukraine in his reach. He sounds more and more like China when he talks about his future.
The Telegraph says the coup was to result in the assassination of Milo Djukanovic the sitting President. This comes from sources in Whitehall. The team of Russians included people from Russian intelligence, but also may have included a for-hire CIA alumnus. The Russians were trying to make it look like the US was involved.
These guys are spending a lot of time and effort trying to influence world events by some very nasty methods. We need to look closer at what they are continuing to do in the United States and not just the current focus on what the Trump campaign may have been doing. There are not enough political sanctions to deal with the kinds of things they may be up to.
The Telegraph says the coup was to result in the assassination of Milo Djukanovic the sitting President. This comes from sources in Whitehall. The team of Russians included people from Russian intelligence, but also may have included a for-hire CIA alumnus. The Russians were trying to make it look like the US was involved.
These guys are spending a lot of time and effort trying to influence world events by some very nasty methods. We need to look closer at what they are continuing to do in the United States and not just the current focus on what the Trump campaign may have been doing. There are not enough political sanctions to deal with the kinds of things they may be up to.
Friday, June 16, 2017
Defense Department Report on China
The U.S. Defense Department's Annual Report on China was not well received in Defense circles in China, and not even mentioned by any of the mainstream press in the U.S. But, it is worth reading by anyone interested in China.
Some interesting things you might learn from this report:
The Chinese military strategy supports the Commuunist Party and keeps it in power. Every aspect of the country's political, economic and military policy support the Party and keeps the Chairman in power. The writers of this report did a good job putting that aspect together.
The push in UAVs documents the Chinese developments in armed (air-to-ground) drones, surveillance drones - including armed ones, and deployed them to the South China Sea.
The Chinese are still working on more sophisticated long-range (that can reach the United States) and medium range missiles. They have extensive additions to their space program.
The Navy is rapidly expanding.
China still uses cyber attacks to infiltrate and steal information about the defense industrial base, military forces, and strategies. I'm not sure what the Obama Adminstration got them to stop doing, but this was not it.
It is a long report but well put together.
Some interesting things you might learn from this report:
The Chinese military strategy supports the Commuunist Party and keeps it in power. Every aspect of the country's political, economic and military policy support the Party and keeps the Chairman in power. The writers of this report did a good job putting that aspect together.
The push in UAVs documents the Chinese developments in armed (air-to-ground) drones, surveillance drones - including armed ones, and deployed them to the South China Sea.
The Chinese are still working on more sophisticated long-range (that can reach the United States) and medium range missiles. They have extensive additions to their space program.
The Navy is rapidly expanding.
China still uses cyber attacks to infiltrate and steal information about the defense industrial base, military forces, and strategies. I'm not sure what the Obama Adminstration got them to stop doing, but this was not it.
It is a long report but well put together.
Tuesday, June 13, 2017
The Tyrany of Investigations
It might surprise you that investigations, including that of the Special Prosecutor, may not be good for our country and the people who do them might even know that is true. We have reason to fear them, as others before us have done. This quote from the American Museum of Natural History summarizes the point:
"The current investigations are an incomparably greater danger to our society than those few Communists in our country ever could be. These investigations have already undermined to a considerable extent the democratic character of our society."
The person who said that was thinking of the Russians when he said Communist because that is about all the world knew about Communism in those days. He correctly perceived that continuing to have an incessant stream of Hollywood writers, people in government, and anyone else who would fit in the category became the subject of Senator McCarthy. I remember it because in the third grade we were writing essays on what a great country this was, and I won the essay contest. My first writing award. I didn't know those Hollywood types would get their revenge.
Anyway, dear friends, the person who wrote those words was Albert Einstein who said he was not bothered at all at being called a Communist, even though he wasn't one. He did say, if he were one, he would not be deterred from saying so. I mention this because this is where we are going with the number and type of investigation going on. It will not be OK to have any associations with the Russians again, but they could care less on that point. Their leadership was KGB then and a similar organization now. It took years to get this under control but McCarthy fed the a beast that was encouraged by his fellow Congressmen and a good part of the American public. They knew it was a bad idea, but as time went on, it became big enough that stopping it was became too hard. We are not too late, Gentlemen.
Russia's New Democracy
I used to wonder how a country like Russia or China could call itself a democracy, until I leaned that calling itself anything is less important than behavior. The Russians are ramping up for a big election, only it won't be like the one they interfered with in the United States. In ours, had it been the same kind of democracy, Hillary Clinton would have arrested Donald Trump, harassed his organizers, planted false stories about the positions he had taken, and beat up a few people in the news media writing favorable things about him.
Yesterday, Alexis Navalny, the anti-corruption advocate in Russia was arrested again. It seems like such a pointless activity running into the wall of the State which is not going to give very much ground. You have to admire a guy who is principled. The last time he did this his supporters and anyone walking by, got detained [see previous post ] and roughed up a little, kind of like what happened to the Trump Campaign in Chicago. Given the rhetoric we have coming out of Washington these days, I wonder if a few people are thinking those Chicago thugs may have had the right idea.
Yes, politics is ugly, and you can't put lipstick on the Russian pig and call it democracy. That is probably why they want the US to be disrupted and internally fighting until their election is over. Look the other way, and this will all be over soon enough. There is some of that in this country - maybe a little too much.
There is not enough decorum when a US Senator speaks the F word in a public speech, or a comedian thinks a decaptitaed head is a joke. These are people who do not know how to behave, but that is what the Russians are saying about Navanly.
I saw decorum in action several times when I worked in Congress. It is subtle. When a person does something that is bad behavior, you don't make a fuss about it and spend time making the issue worse. You cut off funds, move them to committees where they can't speak about anything anyone cares about, and don't offer them any support when it comes time to be reelected. These things require patience, perserverence, and directed political will, but they work and don't cause the kinds of disruptions we see in both countries right now.
Yesterday, Alexis Navalny, the anti-corruption advocate in Russia was arrested again. It seems like such a pointless activity running into the wall of the State which is not going to give very much ground. You have to admire a guy who is principled. The last time he did this his supporters and anyone walking by, got detained [see previous post ] and roughed up a little, kind of like what happened to the Trump Campaign in Chicago. Given the rhetoric we have coming out of Washington these days, I wonder if a few people are thinking those Chicago thugs may have had the right idea.
Yes, politics is ugly, and you can't put lipstick on the Russian pig and call it democracy. That is probably why they want the US to be disrupted and internally fighting until their election is over. Look the other way, and this will all be over soon enough. There is some of that in this country - maybe a little too much.
There is not enough decorum when a US Senator speaks the F word in a public speech, or a comedian thinks a decaptitaed head is a joke. These are people who do not know how to behave, but that is what the Russians are saying about Navanly.
I saw decorum in action several times when I worked in Congress. It is subtle. When a person does something that is bad behavior, you don't make a fuss about it and spend time making the issue worse. You cut off funds, move them to committees where they can't speak about anything anyone cares about, and don't offer them any support when it comes time to be reelected. These things require patience, perserverence, and directed political will, but they work and don't cause the kinds of disruptions we see in both countries right now.
Making A Name for Your Company
I was reminded today by a series of articles like the one about something called "Crashoverride", which most of my readers have never heard of. It was supposedly discovered in the Ukraine which has been plagued by Russian hackers of all sorts. Its purpose is to disrupt electrical utilities.
Sometimes we can point to things that were done to make a name for a company, like Mandiant's following of Chinese Army hackers getting into U.S businesses, which turned out well for everyone involved. We got to prove the Chinese government was involved, and Mandiant got sold, making money for their owners. It was a good thing for everyone.
In this case, however, we should think more clearly about how a company talks about certain things which threaten our country's power grid. I used to be on the President's Critical Infrastructure Protection Committee where we did talk about things like this - what was known about it, how it was produced and who likely made it. Those were secret things that we did not want the world to know because it causes the developers to work harder at improving their product so it can't be detected and works better than before. This is not the kind of thing we want to improve.
We used to get help from some government offices when this kind of thing came up. They would go and talk to people who were trying to discuss this kind of thing in the public domain. I kind of wonder what happened to that kind of effort. It seems to have gone away.
Sometimes we can point to things that were done to make a name for a company, like Mandiant's following of Chinese Army hackers getting into U.S businesses, which turned out well for everyone involved. We got to prove the Chinese government was involved, and Mandiant got sold, making money for their owners. It was a good thing for everyone.
In this case, however, we should think more clearly about how a company talks about certain things which threaten our country's power grid. I used to be on the President's Critical Infrastructure Protection Committee where we did talk about things like this - what was known about it, how it was produced and who likely made it. Those were secret things that we did not want the world to know because it causes the developers to work harder at improving their product so it can't be detected and works better than before. This is not the kind of thing we want to improve.
We used to get help from some government offices when this kind of thing came up. They would go and talk to people who were trying to discuss this kind of thing in the public domain. I kind of wonder what happened to that kind of effort. It seems to have gone away.
Monday, June 12, 2017
Link to Affidavit for Reality Winner
The Justice Department published the affidavit for Reality Winner. It shows several things that are noteworthy:
1. She said she copied and forwarded the Top Secret document to the news service and she knew that was wrong.
2. She knew she did not have a need-to-know for the document she took, but downloaded it anyway. One might ask why the network she was on did not notice that she did it.
3. The document had been folded, indicating it was printed, then folded to not show the contents before it was removed. In most places I worked in the government it was harder to walk out of a facility with a document than it seemed to be here.
There will undoubtedly be a security review given the circumstances, and it is not going to go well for anyone in the business.
1. She said she copied and forwarded the Top Secret document to the news service and she knew that was wrong.
2. She knew she did not have a need-to-know for the document she took, but downloaded it anyway. One might ask why the network she was on did not notice that she did it.
3. The document had been folded, indicating it was printed, then folded to not show the contents before it was removed. In most places I worked in the government it was harder to walk out of a facility with a document than it seemed to be here.
There will undoubtedly be a security review given the circumstances, and it is not going to go well for anyone in the business.
Sunday, June 11, 2017
Chinese Criticized US Military Report
The Chinese never miss a chance to put their own message on any opinion that differs from their own, no matter how small it may seem. As Josh Chin wrote last week, China has criticized a report on the Chinese military and the aggressiveness they have shown outside of China. The Defense Minister immediately issued a statement saying they were just taking care of the defense of their country, without mentioning that the borders also included portions of the world they do not own and are claimed by other countries. There is a false and misleading logic that goes with this, characterized many years ago by the Russians- What's mine is mine, and what's yours is negotiable.
In some respects, the Chinese are winning this war of words by overwhelming the Internet with statements of their own that carry their narrative that the East and South China Sea are theirs, thus anything done to protect their land and the territorial waters around it is acceptable. Of course, the logic is faulty if you believe they do not own the South China Sea. We don't.
So, we need a more aggressive stance against their words. Beefing up the Voice of America is a start, but it is going to have to ramp up fast and grow quickly to have any affect. In the meantime, the Chinese will be hacking whoever they can to stop VOA from getting its message out. You can bet they have already started. They never miss a chance to manage information.
In some respects, the Chinese are winning this war of words by overwhelming the Internet with statements of their own that carry their narrative that the East and South China Sea are theirs, thus anything done to protect their land and the territorial waters around it is acceptable. Of course, the logic is faulty if you believe they do not own the South China Sea. We don't.
So, we need a more aggressive stance against their words. Beefing up the Voice of America is a start, but it is going to have to ramp up fast and grow quickly to have any affect. In the meantime, the Chinese will be hacking whoever they can to stop VOA from getting its message out. You can bet they have already started. They never miss a chance to manage information.
Texting Becomes a Disaster
According to an article this week , Facebook is working on a way to "telepathically" enter text. If I wasn't sure before that Facebook had gone off the deep end, I am now. To me, this is almost the same thing as putting truth serum in our city water. Nobody would like the result. Technology is taking us down a road that we should not be traveling.
There are more than a few people who are irritated with Donald Trump's Tweets, but they are nothing compared to what we would have if text could be entered from the brain. Ever had a bad thought about your Mother-in-Law (not me) ? Ever think that public servant who sits behind the counter at Motor Vehicles is an idiot? Ever want to do physical harm to the kids playing that loud music at midnight on the weekend? Texting without thought produces a way to think those thoughts out loud.
We already have gone too far with social media in producing a generation of people who think they can say what they want anytime they want and it is OK with the world. This is how we get Kathy Griffin's escapade with a head of President Trump, which is still being sold on Amazon, comes to be and it is only the beginning as people put their computers in a mode to accept verbal inputs. Shoot first and ask questions later will take on a whole new meaning. Those thoughts will be looked at differently by people who read them.
I can see diplomats sending emails between themselves that start wars. I can see bullying take on a whole new meaning. I can see Facebook looking back at what they have done wondering how anyone could be that stupid. I won't let one of those automated response systems like Amazon's or Apple's Siri in my house. They will bring trouble with them, and the kind of trouble they bring is an inability to think and write.
There are more than a few people who are irritated with Donald Trump's Tweets, but they are nothing compared to what we would have if text could be entered from the brain. Ever had a bad thought about your Mother-in-Law (not me) ? Ever think that public servant who sits behind the counter at Motor Vehicles is an idiot? Ever want to do physical harm to the kids playing that loud music at midnight on the weekend? Texting without thought produces a way to think those thoughts out loud.
We already have gone too far with social media in producing a generation of people who think they can say what they want anytime they want and it is OK with the world. This is how we get Kathy Griffin's escapade with a head of President Trump, which is still being sold on Amazon, comes to be and it is only the beginning as people put their computers in a mode to accept verbal inputs. Shoot first and ask questions later will take on a whole new meaning. Those thoughts will be looked at differently by people who read them.
I can see diplomats sending emails between themselves that start wars. I can see bullying take on a whole new meaning. I can see Facebook looking back at what they have done wondering how anyone could be that stupid. I won't let one of those automated response systems like Amazon's or Apple's Siri in my house. They will bring trouble with them, and the kind of trouble they bring is an inability to think and write.
Friday, June 9, 2017
Take Good Notes
Many years ago I had occasion to meet the Security Officer of a place where a Defense contractor had sold secrets of his work to the Russians. The movie, The Falcon and the Snowman was made about it later. There were two people involved, Christopher Boyce and Andrew Dalton Lee, who were selling things about spy satellites. Those secrets were held by the company the Security Officer worked for. You can imagine his day was not going very well when people started showing up to "investigate" what had happened to give these two access to data about spy satellites that they could sell. It was a long year for him.
His advice was to always, in meetings with senior management, take good notes. He had told his managers many times that they needed to tighten up security but they thought it was not important enough and too expensive to do what was supposed to be done. There was nothing he could do about some of that, and he could fall on his sword over it, go somewhere else, or take good notes. That was somewhat where many government officials are when their political leaders - of both parties - decide to do things that will damage the national security of our country. They can tell them the consequences, based on their own experience, but they can't make them do what they should do.
I had occasion to remember his best piece of advice day before yesterday when I was watching the Senate Intelligence Committee roast the leaders of our country for no good reason. That part is political, and I must say they handled it well.
In questions that followed, Director of National Intelligence, Dan Coats, said he never took notes at any of his meetings. That surprised me a little until I thought about it. He can have notes taken or he can write things up when he gets back to the office, but he will never have unprotected notes. These are, as the President Trump personal lawyer said, "privileged communications " a term some people do not seem to know much about.
Yes, they asked the Security Officer for those notes and did not give them back, but when the firings started he still had a job and many of his senior managers didn't. What Ex-Director Comey forgot was that his notes would not help him there. At that level, all the appointments are "exempt" i.e you don't have employment rights and you serve at the pleasure of the President. The Congress is very understanding of that even though they pretend otherwise sometimes. Congress has the same rules for all of its employees. I loved working in that environment because it helped focus on what the leadership wanted. You could get things done.
It is important to take good notes, protect them, and make them part of an official record at times. The Memorandum for the Record is just as functional as notes, and serves the same purpose. I have written many of them over time, and believe me, a person knows when to write one. But, I never considered my notes to be my personal property, to be give over to someone who would give them to the press - not for any reason, even revenge. I left my notes with my office when I left, something that surprised them when it shouldn't have. The Security Officer there handed them back to me and said I could keep them. I told her my security agreement said I was to return them. She should have known better. I wonder if Mr. Comey gave his notes back when he left?
His advice was to always, in meetings with senior management, take good notes. He had told his managers many times that they needed to tighten up security but they thought it was not important enough and too expensive to do what was supposed to be done. There was nothing he could do about some of that, and he could fall on his sword over it, go somewhere else, or take good notes. That was somewhat where many government officials are when their political leaders - of both parties - decide to do things that will damage the national security of our country. They can tell them the consequences, based on their own experience, but they can't make them do what they should do.
I had occasion to remember his best piece of advice day before yesterday when I was watching the Senate Intelligence Committee roast the leaders of our country for no good reason. That part is political, and I must say they handled it well.
In questions that followed, Director of National Intelligence, Dan Coats, said he never took notes at any of his meetings. That surprised me a little until I thought about it. He can have notes taken or he can write things up when he gets back to the office, but he will never have unprotected notes. These are, as the President Trump personal lawyer said, "privileged communications " a term some people do not seem to know much about.
Yes, they asked the Security Officer for those notes and did not give them back, but when the firings started he still had a job and many of his senior managers didn't. What Ex-Director Comey forgot was that his notes would not help him there. At that level, all the appointments are "exempt" i.e you don't have employment rights and you serve at the pleasure of the President. The Congress is very understanding of that even though they pretend otherwise sometimes. Congress has the same rules for all of its employees. I loved working in that environment because it helped focus on what the leadership wanted. You could get things done.
It is important to take good notes, protect them, and make them part of an official record at times. The Memorandum for the Record is just as functional as notes, and serves the same purpose. I have written many of them over time, and believe me, a person knows when to write one. But, I never considered my notes to be my personal property, to be give over to someone who would give them to the press - not for any reason, even revenge. I left my notes with my office when I left, something that surprised them when it shouldn't have. The Security Officer there handed them back to me and said I could keep them. I told her my security agreement said I was to return them. She should have known better. I wonder if Mr. Comey gave his notes back when he left?
Thursday, June 8, 2017
China as Privacy Advocate
In a country where censorship is a new art form, privacy is supposed to be the reason Apple has come under fire for allowing some private data to be stolen from the iPhone. Now, there is an irony that is hard to pass up.
According to the Wall Street Journal article today police in China have "detained" 22 people associated with Apple or its third party services. There was an apparent theft of data from iPhones for which, under the Cybersecurity laws of China, is a two-fold crime. First the thieves are responsible for their idiocy; second, Apple is responsible for its design that allows unauthorized insiders to get data from the phones. I have always advocated for this kind of liability clause in vendor software but never thought it would catch on. In China, it has, but for all the wrong reasons.
After what we see here, you can bet that Apple still hasn't completely turned over its source code for the iPhone. The new slant to get them to do so is that Apple is not keeping the data of Chinese citizens safe from prying eyes. Oh, please. This has to be the most hypocritical excuse for having them give more access to their proprietary code. Apple knows where that will lead, since Chinese smart phones are getting traction in the world markets. Now they soon will be using IOS, or some Chinese variation- if they arren't already. They have done that with Windows 10, with Microsoft's help.
We really need to see this for what it is: the Chinese use laws of their own invention to facilitate stealing source code, undermining the workings of competitive products to their own, and winning in the world markets of goods and services through unfair competition. They manage to convince business leaders and government officials in the U.S that they do it for the good of the citizens of China. It is Economic Warfare and they are winning.
According to the Wall Street Journal article today police in China have "detained" 22 people associated with Apple or its third party services. There was an apparent theft of data from iPhones for which, under the Cybersecurity laws of China, is a two-fold crime. First the thieves are responsible for their idiocy; second, Apple is responsible for its design that allows unauthorized insiders to get data from the phones. I have always advocated for this kind of liability clause in vendor software but never thought it would catch on. In China, it has, but for all the wrong reasons.
After what we see here, you can bet that Apple still hasn't completely turned over its source code for the iPhone. The new slant to get them to do so is that Apple is not keeping the data of Chinese citizens safe from prying eyes. Oh, please. This has to be the most hypocritical excuse for having them give more access to their proprietary code. Apple knows where that will lead, since Chinese smart phones are getting traction in the world markets. Now they soon will be using IOS, or some Chinese variation- if they arren't already. They have done that with Windows 10, with Microsoft's help.
We really need to see this for what it is: the Chinese use laws of their own invention to facilitate stealing source code, undermining the workings of competitive products to their own, and winning in the world markets of goods and services through unfair competition. They manage to convince business leaders and government officials in the U.S that they do it for the good of the citizens of China. It is Economic Warfare and they are winning.
Wednesday, June 7, 2017
Looking to China's Leadership in Climate
Jerry Brown, Governor of California, met last week with Xi Jinping, Chairman of the Communist Party and President of China, presumably to talk about how China and California can cooperate in reducing emissions in places other than Los Angeles and Beijing. Both of these places could use some help in that regard, but going to China to seek cooperation is like going to Iran to help stop terrorism. Andrew Browne, one of my favorite China analysts, looks at the futility of the Chinese leading anyone in the global warming world, anytime soon [see Don’t Count on China as Next Climate Crusader - The Wall Street Journal, today].
We have to remember that China is a great friend of the Governor. It is pumping money into the Great Railroad to nowhere and helping him in his political campaigns. There will no doubt be more of the same, and the Governor's trip to China probably has a lot more to do with that than with its leadership in climate control. Browne [the author] is considerably more astute about the prospects for China's help in reducing coal emissions or relying on green energy sources. His article has a picture of a park in Beijing that is shrouded in a heavy mist while its citizens wear masks to keep the pollutants out of their lungs.
Los Angeles and Bakersfield have the fourth worst air pollution of any cities in the country, leaving us to conclude that he might spend more time working on his on state instead of flying to China to get their cooperation. He probably spent taxpayer money on that trip, but got more than that back in Chinese investments in California. We saw a good example of how it works with Rodrigo Duterte in the Philippines who managed to get the money for public works projects (just like California) as a payoff for cooperation with China's view of the world. That puts Governor Brown in good company.
We have to remember that China is a great friend of the Governor. It is pumping money into the Great Railroad to nowhere and helping him in his political campaigns. There will no doubt be more of the same, and the Governor's trip to China probably has a lot more to do with that than with its leadership in climate control. Browne [the author] is considerably more astute about the prospects for China's help in reducing coal emissions or relying on green energy sources. His article has a picture of a park in Beijing that is shrouded in a heavy mist while its citizens wear masks to keep the pollutants out of their lungs.
Los Angeles and Bakersfield have the fourth worst air pollution of any cities in the country, leaving us to conclude that he might spend more time working on his on state instead of flying to China to get their cooperation. He probably spent taxpayer money on that trip, but got more than that back in Chinese investments in California. We saw a good example of how it works with Rodrigo Duterte in the Philippines who managed to get the money for public works projects (just like California) as a payoff for cooperation with China's view of the world. That puts Governor Brown in good company.
Monday, June 5, 2017
FT Puts Chinese Puzzle Together
This past weekend edition of the Financial Times has a good article [Chinese puzzle behind rise of king dealmaker] on the ownership of HNA Group. In 99 of a 100 topics I can think of, ownership of companies is rarely an issue worth discussing, but this one is.
HNA is a conglomerate in the Chinese tradition of putting together things that can make money and damn the idea that you need a business plan, or a line of business to make them work. The businesses are as diverse as property developers, regional national air carriers, Hilton Hotels, and Deutshe Bank, where it is the largest shareholder. It loans money and solicits funds through companies it owns. It also, my own research shows, is related to a Clinton Foundation friend though the Hainan Cihang Charitable Foundation which owns 15% of the company and Barbara Carlson Gage 1998 GST Exempt Family Trust, which sought and received an exemption from anti-trust restrictions in the US in 2016. Wendy Nelson from that Trust was an invitee to the 2009 Clinton Global Initiative.
The curious thing about the FT analysis is the ownership of almost all of the controlling shares in the Hainan Traffic Administration, which is not be what it sounds like. Leave it to the Chinese to make a company sound like something it isn't. Relationship Science says there is a company by that name [ Hainan Traffic Administration Holding Company Ltd, which does investments in real estate, information technology and energy. This company ties all the major share holders together. The article says it used to have one well-known foreign investor, a major Clinton friend, in the roles of its shareholders, George Soros, who has since sold off those assets.
If you have ever wondered why we can never figure out who gives what money to whom and how corporations in China differ from those in the US, this is a great case study. If you ever wondered where the Chinese make their political investments, you will not find out by reading what is in the public press.
HNA is a conglomerate in the Chinese tradition of putting together things that can make money and damn the idea that you need a business plan, or a line of business to make them work. The businesses are as diverse as property developers, regional national air carriers, Hilton Hotels, and Deutshe Bank, where it is the largest shareholder. It loans money and solicits funds through companies it owns. It also, my own research shows, is related to a Clinton Foundation friend though the Hainan Cihang Charitable Foundation which owns 15% of the company and Barbara Carlson Gage 1998 GST Exempt Family Trust, which sought and received an exemption from anti-trust restrictions in the US in 2016. Wendy Nelson from that Trust was an invitee to the 2009 Clinton Global Initiative.
The curious thing about the FT analysis is the ownership of almost all of the controlling shares in the Hainan Traffic Administration, which is not be what it sounds like. Leave it to the Chinese to make a company sound like something it isn't. Relationship Science says there is a company by that name [ Hainan Traffic Administration Holding Company Ltd, which does investments in real estate, information technology and energy. This company ties all the major share holders together. The article says it used to have one well-known foreign investor, a major Clinton friend, in the roles of its shareholders, George Soros, who has since sold off those assets.
If you have ever wondered why we can never figure out who gives what money to whom and how corporations in China differ from those in the US, this is a great case study. If you ever wondered where the Chinese make their political investments, you will not find out by reading what is in the public press.
Social Media and Radical Islam
The papers today were full of stories about how the world needs to crack down on social media's spread of information about violence and jihad like the latest incident on London Bridge. It reminds me of the early days of public television news broadcasts which were seen as something more than just raw news. In some parts of the world it hasn't changed much. When you are overseas and see news that carries pictures of dead children lying in the street, you can get the idea that the Western news is probably right in being politically correct on some things. It took a long time to get to a point that the public broadcasting networks decided to police their own rather than face government legislation that was coming down the road. A wise choice at the time.
The first set of stories out today mentions that the U.S Congress is starting to talk about getting a handle on social media, something I'm sure the social media industry already knew and was starting to try to diffuse by doubling its efforts to review its live features that show suicides and rapes of total strangers. This is not something we want our children looking at. The other question about terrorism and jihad of radical Muslims is a little harder to define.
It is clear enough when a social media outlet says get cars and knives and attack non-Muslims during the month of Ramadan, which some of these ISIS sites have done. There is no doubt that this kind of message needs to get off social media, but the fact that it has been going on for years with nobody doing anything is a clear representation of how difficult a problem that is. Some of the sites that inhabit the Internet are slightly more subtle than that. Encouraging fidelity to one's faith is permissible almost anywhere. Encouraging the killing of people who are not of that faith is forbidden almost everywhere because we all know where that leads. It is a definable problem but the solution may not make you happy.
Years ago, Willis Ware said you could stop computer crime by putting an informant in every data center (which would have worked in those days) but it might not be worth the result. Yes, we can stop this kind of thing from being posted on the Internet but the way chosen by Russia, China and a third of the world's countries is censorship. The Federal government decides what is allowed and what is not - then every social media company and every service provider monitors part of that to ensure the prohibition of banned material. People who violate the rules can be arrested. That is what will be proposed by some.
Free speech advocates have gone too far in the direction of allowing all speech, when they know there are limits that have to be imposed. That 37-year old man who sends texts to my neighbors daughter who is 15 does not have a free speech right. That Jihaadist does not have a right to propose killing anyone of another faith. But, it would take an army of censors to find even a small amount of this stuff. China has hundreds of thousands of these kinds of people, and if you don't mind what goes with it, you will be better off with having it.
The knifes in London last week are only a small part of a larger problem that we had better think about before we start drafting legislation or adding to the social media oversight of media companies. The media companies are partly to blame for not regulating themselves, but I'm not sure we want to go off into the mandated censorship realm too quickly. That may be where we are going right now.
The first set of stories out today mentions that the U.S Congress is starting to talk about getting a handle on social media, something I'm sure the social media industry already knew and was starting to try to diffuse by doubling its efforts to review its live features that show suicides and rapes of total strangers. This is not something we want our children looking at. The other question about terrorism and jihad of radical Muslims is a little harder to define.
It is clear enough when a social media outlet says get cars and knives and attack non-Muslims during the month of Ramadan, which some of these ISIS sites have done. There is no doubt that this kind of message needs to get off social media, but the fact that it has been going on for years with nobody doing anything is a clear representation of how difficult a problem that is. Some of the sites that inhabit the Internet are slightly more subtle than that. Encouraging fidelity to one's faith is permissible almost anywhere. Encouraging the killing of people who are not of that faith is forbidden almost everywhere because we all know where that leads. It is a definable problem but the solution may not make you happy.
Years ago, Willis Ware said you could stop computer crime by putting an informant in every data center (which would have worked in those days) but it might not be worth the result. Yes, we can stop this kind of thing from being posted on the Internet but the way chosen by Russia, China and a third of the world's countries is censorship. The Federal government decides what is allowed and what is not - then every social media company and every service provider monitors part of that to ensure the prohibition of banned material. People who violate the rules can be arrested. That is what will be proposed by some.
Free speech advocates have gone too far in the direction of allowing all speech, when they know there are limits that have to be imposed. That 37-year old man who sends texts to my neighbors daughter who is 15 does not have a free speech right. That Jihaadist does not have a right to propose killing anyone of another faith. But, it would take an army of censors to find even a small amount of this stuff. China has hundreds of thousands of these kinds of people, and if you don't mind what goes with it, you will be better off with having it.
The knifes in London last week are only a small part of a larger problem that we had better think about before we start drafting legislation or adding to the social media oversight of media companies. The media companies are partly to blame for not regulating themselves, but I'm not sure we want to go off into the mandated censorship realm too quickly. That may be where we are going right now.
Friday, June 2, 2017
Public Corruption
There is an interesting article in the Wall Street Journal about the number of public corruption cases in China and how the high-profile military leaders are suddenly finding themselves in jail for accepting bribes or gifts in exchange for some favors. Xi is cracking down on his seniors who persist in continuing their behavior even though they have been told not to do it. In most instances I would not care about this one way or another about this kind of thing, but on this one I do have some sympathy for China's leader. Nobody is exempt from the behavior of their government officials, but doing something about it is important to the future of a country.
The FBI is supposed to keep statistics on this kind of crime but doesn't seem to have them in a place where they can be easily found. The IRS does a better job, strange as that might seem. The level of these cases is considerably lower than the ones the Chinese are announcing - though there are probably a good many more happening than the ones they have announced. We don't have the big cases like the ones China is having and that is a bad thing, not a good one. I wish we had a better record in this area.
If you watch the news, you are unavoidably hearing a lot about the kind of things that make for public corruption. Two governors of Virginia were being investigated, as was the former National Security Advisor, and a couple of people from the White House in the last two administrations. Given the press coverage, we would think their could be several indictments at any moment. Only, the track record is not very good when it comes to these kinds of cases. Yes, we have a former Congressman, John Hastert, who was paying off someone, the head of an NGO who bribed the President of the U.N. General Assembly, some really messy State legislators involved in all kinds of things like weapons trafficking, a few government contractors who mostly were bribing government officials, and the government officials they were bribing. Not the kind of thing that is of national interest, and most of you have already forgotten about the ones I mentioned here.
So, just a matter of interest, this may be an area where the Chinese are ahead of us. We can probably do better, but the politicians are a little nervous about opening the flood gates to do the investigations. They are looking everywhere, except for where they might find something of interest. The FBI will tell you they don't have the resources for all the cases that come up. The same with State prosecutors. Maybe that would be an area that could be included in the budgets for the future. That would be nice, however unlikely.
The FBI is supposed to keep statistics on this kind of crime but doesn't seem to have them in a place where they can be easily found. The IRS does a better job, strange as that might seem. The level of these cases is considerably lower than the ones the Chinese are announcing - though there are probably a good many more happening than the ones they have announced. We don't have the big cases like the ones China is having and that is a bad thing, not a good one. I wish we had a better record in this area.
If you watch the news, you are unavoidably hearing a lot about the kind of things that make for public corruption. Two governors of Virginia were being investigated, as was the former National Security Advisor, and a couple of people from the White House in the last two administrations. Given the press coverage, we would think their could be several indictments at any moment. Only, the track record is not very good when it comes to these kinds of cases. Yes, we have a former Congressman, John Hastert, who was paying off someone, the head of an NGO who bribed the President of the U.N. General Assembly, some really messy State legislators involved in all kinds of things like weapons trafficking, a few government contractors who mostly were bribing government officials, and the government officials they were bribing. Not the kind of thing that is of national interest, and most of you have already forgotten about the ones I mentioned here.
So, just a matter of interest, this may be an area where the Chinese are ahead of us. We can probably do better, but the politicians are a little nervous about opening the flood gates to do the investigations. They are looking everywhere, except for where they might find something of interest. The FBI will tell you they don't have the resources for all the cases that come up. The same with State prosecutors. Maybe that would be an area that could be included in the budgets for the future. That would be nice, however unlikely.
Thursday, June 1, 2017
Hacking Around & Yevgeny Nikulin
Almost every hacker these days seems to be accused of hacking the Democratic National Committee, and maybe that is because they all have. Apparently, the DNC was not that hard to get into. But, this one is a little different because there may be something to the accusations. Both the Russians and the Amcricans want this guy. That alone would make him interesting.
Radio Free Europe (RFE) has the initial story yesterday and the Washington Post Europe and others had it at the same time. The Post story claims Yevgeny Nikulin told a story of an FBI agent approaching him to testify that he hacked the DNC. In exchange for this testimony he would get a trip to the U.S, money and presumably anonymity forever, or something like that. RFE seems to have taken out the politics of this and mentions only that he was wanted for lifting info from LinkedIn and businesses. The Russians want him for similar things and do not want the US to have him. So, we know a couple of things. First this guy has been caught hacking several times since 2009, so he has been around, i.e one of the usual suspects. Two, we know he was hacking in more than one country, unless of course the Russians found out that he was being investigated and issued an Interpol warrant to keep him from falling into anyone else's hands. This is the old "my warrant came first trick" in case you had not heard of it. The Czech court did not seem to buy that and started down a path that will put him in the United States. There is still a ways to go on that, so we will see how it works out.
His attorney has opted for a political defense. His client is a pawn in the US persecution of Russia over the interference in the national election. I guess that doesn't hold up very well on review. I would like to say that I hacked the DNC, but I didn't and would be hard pressed to qualify since letting my skills go over the years, but a bunch of people out there seemed to be getting blamed for it. Like I said, either they all did it, or this is just a smoke screen to cover up the fact that they don't know who did.
Radio Free Europe (RFE) has the initial story yesterday and the Washington Post Europe and others had it at the same time. The Post story claims Yevgeny Nikulin told a story of an FBI agent approaching him to testify that he hacked the DNC. In exchange for this testimony he would get a trip to the U.S, money and presumably anonymity forever, or something like that. RFE seems to have taken out the politics of this and mentions only that he was wanted for lifting info from LinkedIn and businesses. The Russians want him for similar things and do not want the US to have him. So, we know a couple of things. First this guy has been caught hacking several times since 2009, so he has been around, i.e one of the usual suspects. Two, we know he was hacking in more than one country, unless of course the Russians found out that he was being investigated and issued an Interpol warrant to keep him from falling into anyone else's hands. This is the old "my warrant came first trick" in case you had not heard of it. The Czech court did not seem to buy that and started down a path that will put him in the United States. There is still a ways to go on that, so we will see how it works out.
His attorney has opted for a political defense. His client is a pawn in the US persecution of Russia over the interference in the national election. I guess that doesn't hold up very well on review. I would like to say that I hacked the DNC, but I didn't and would be hard pressed to qualify since letting my skills go over the years, but a bunch of people out there seemed to be getting blamed for it. Like I said, either they all did it, or this is just a smoke screen to cover up the fact that they don't know who did.
Subscribe to:
Posts (Atom)