It seems like Japan has cleared Huawei (no statement about ZTE was made) in an examination of their equipment. This story appeared in today's Wall Street Journal, but I found it improbable. It appears to be more wishful thinking and politics mixed into the business of Chinese and Japanese businesses.
First, there is no way to verify equipment used by any country in this type of advanced technology. What would a country be looking for? If there were special hardware modifications that made the equipment accessible by Chinese intelligence services, would the Japanese - or anybody else for that matter - be able to find it? Anyone who says "Yes" to that is dreaming. There are too many variables involved and too many places for that kind of modification to take place. It can be in hardware, firmware, or software and the means of intelligence collection might be introduced at a later date via software or firmware upgrades. The Chinese are not going to be stupid enough to give the Japanese intelligence-collection components that can be tested and discovered. Even when we know where those components are, they are very difficult to pinpoint.
So, why pretend to do this national security testing? The Japanese, particularly Softbank, have a lot of money invested in technology agreements that involve Chinese components from both companies. Finding a problem with Huawei or ZTE might limit the ability of Japanese network companies to continue down the path of 5G networks. The rest of the world, and the Japanese public in particular, must believe that these components are safe, whether they can be reliably tested or not. Better to say, "Yes, we tested them and we are confident they are safe" which kind of paraphrases the Softbank spokesperson's comments, than let others know they may not be as safe as they make out. A few years ago, David Sanger wrote an article for the New York Times that described what he said was the National Security Agency going into Huawei's networks and looking at what its leaders were doing. If that story is true, the US does not have doubts about what Huawei is doing. Maybe for Japan the business deals are worth more than the risk.
Friday, August 31, 2018
Reducing Recidivism by Training Prisoners
The Wall Street Journal ran an article two days ago that brought back memories. Prisons have decided the lack of programmers can be solved by moving prisoners into training programs that teach prisoners to code. I can almost predict a lower recidivism when that happens, but having tried this before, we should know there is a better understanding of how to make money in other ways from programming.
When we train people anywhere we assume these are a general population of people who are distributed somewhat equally across the social spectrum. About 5% of them will be bad people who should be in jail, but the other 95% are generally OK following a bell-shaped curve of criminal behavior. Prisons are not full of nice people, and do not contain a general population.
Most people do not go to prison for a first offense. They may not go to prison for a third offense. But, once they get there we know they have committed more than one crime. I went to the Corrections Institute at the University of Georgia many years ago when I was training for law enforcement. We learned about people in jails that did not fit the standard perception of prisoners in rehabilitative institutions. Some of the people in that community are habitual offenders and commit the largest share of crimes. They are in jail because they got caught, not because they are not good at their jobs. They have no desire to be rehabilitated. They just want to get better at their job. Teaching that group to program will move their crimes to an environment where catching them is much harder.
We have had states experiment with prisoners processing credit card transactions for various companies and programming for mostly state government functions. The bulk of the training takes place in California. I really don't think this is a good idea, and we need some statistics to find out how that has worked out. There were already crimes committed with credit cards in those prisons were they processing was taking place. I wonder if any have been detected in programming functions.
When we train people anywhere we assume these are a general population of people who are distributed somewhat equally across the social spectrum. About 5% of them will be bad people who should be in jail, but the other 95% are generally OK following a bell-shaped curve of criminal behavior. Prisons are not full of nice people, and do not contain a general population.
Most people do not go to prison for a first offense. They may not go to prison for a third offense. But, once they get there we know they have committed more than one crime. I went to the Corrections Institute at the University of Georgia many years ago when I was training for law enforcement. We learned about people in jails that did not fit the standard perception of prisoners in rehabilitative institutions. Some of the people in that community are habitual offenders and commit the largest share of crimes. They are in jail because they got caught, not because they are not good at their jobs. They have no desire to be rehabilitated. They just want to get better at their job. Teaching that group to program will move their crimes to an environment where catching them is much harder.
We have had states experiment with prisoners processing credit card transactions for various companies and programming for mostly state government functions. The bulk of the training takes place in California. I really don't think this is a good idea, and we need some statistics to find out how that has worked out. There were already crimes committed with credit cards in those prisons were they processing was taking place. I wonder if any have been detected in programming functions.
Linkedin has Chinese Fake Accounts
Today, Reuters has an exclusive interview with William Evanina, the U.S.chief of counter-intelligence, and in it he discusses the Chinese use of Linkedin to recruit people for intelligence work - mostly stealing technology from US companies. The Chinese seem to not be able to live without stealing and get their sources from social media.
Linkedin was famous for being slow to react to Iran's use of Linkedin, and now it is being publicly called out on Chinese doing the same kind of things. If you get the idea that Linkedin is not doing enough, I'm sure that was intended by this kind of public statement. This quote from the article says it all:
"Evanina said LinkedIn should look at copying the response of Twitter, Google and Facebook, which have all purged fake accounts allegedly linked to Iranian and Russian intelligence agencies." In other words, Linkedin didn't. By the way, I don't think any of these other social media channels did such a great job either, but they are doing better as the effort to rid ourselves of these fake accounts takes hold.
Linkedin was famous for being slow to react to Iran's use of Linkedin, and now it is being publicly called out on Chinese doing the same kind of things. If you get the idea that Linkedin is not doing enough, I'm sure that was intended by this kind of public statement. This quote from the article says it all:
"Evanina said LinkedIn should look at copying the response of Twitter, Google and Facebook, which have all purged fake accounts allegedly linked to Iranian and Russian intelligence agencies." In other words, Linkedin didn't. By the way, I don't think any of these other social media channels did such a great job either, but they are doing better as the effort to rid ourselves of these fake accounts takes hold.
Thursday, August 30, 2018
Congress Flailing Against Chinese Camps
There is a hard-to-believe story in the Wall Street Journal today about Congress in the US thinking about what they can do (read sanctions) about the camps established by the Chinese in Xinjiang. These camps are largely holding Muslims who are also Uighur. The Chinese claim these are for job training, so all these stories about political indoctrination are just made up. This leads us to believe the Uighur population have vivid imaginations.
On the other hand, we have some vivid imaginations in Congress, if this story is true. The Chinese are not going to care very much if the US sanctions someone over what is basically an internal problem for China. The Uighur have killed a number of people in some very imaginative ways, largely because they can't get guns or high explosives. We can be fairly sure they would kill more if they could. So, in the name of terrorist job education, they are put into camps where someone can keep an eye on them. Is there due process? Is there pervasive monitoring? What business is that of ours?
We frequently think because we believe in a certain type of behavior that everyone in the world must think along the same lines. You haven't been outside the US in many years if you believe that. Women are treated differently in many of our friends host countries. Animals are treated differently in many other countries, including those making the menu in some restaurants. Different countries handle terrorists differently, and they are rapidly becoming less tolerant of certain behaviors as a result.
I suggest China has some latitude on this and sanctions are not the best solution for getting them to come around to our way of thinking. Congress needs to rethink this matter a little more and figure out what the best course of action might be. Doing nothing does about the same as putting sanctions on a few people in China.
On the other hand, we have some vivid imaginations in Congress, if this story is true. The Chinese are not going to care very much if the US sanctions someone over what is basically an internal problem for China. The Uighur have killed a number of people in some very imaginative ways, largely because they can't get guns or high explosives. We can be fairly sure they would kill more if they could. So, in the name of terrorist job education, they are put into camps where someone can keep an eye on them. Is there due process? Is there pervasive monitoring? What business is that of ours?
We frequently think because we believe in a certain type of behavior that everyone in the world must think along the same lines. You haven't been outside the US in many years if you believe that. Women are treated differently in many of our friends host countries. Animals are treated differently in many other countries, including those making the menu in some restaurants. Different countries handle terrorists differently, and they are rapidly becoming less tolerant of certain behaviors as a result.
I suggest China has some latitude on this and sanctions are not the best solution for getting them to come around to our way of thinking. Congress needs to rethink this matter a little more and figure out what the best course of action might be. Doing nothing does about the same as putting sanctions on a few people in China.
China Withholding Disease Samples
I heard an interesting story on Fox News yesterday that I thought needed some verification. The story said China does not send strains of disease causing bacteria and viruses to the World Health Organization, or anybody else for that matter. They keep these to themselves. If they are looking to develop vaccines or work on prevention, one would think they could use the rest of the world’s help. This includes such really nasty diseases as SARS and H7N9. The mortality rates among victims (over 64 years of age) is 50%.
The New York Times notes these disease samples were “withheld from the United States” but it appears theses have been withheld from many countries. They are trying to link this to current trade problems with China when there is not a relationship between the two and it has been going on a lot longer than the trade disputes. SARS has been around for years.
I can see two reasons for doing what they are doing. First, they are so focused on dominating markets that they let people die until they develop a vaccine that works. That assures the market will buy from them. Yes, that is an ugly thought, but a logical idea that China is not above.
Second, to prevent the use of any virulent strains as an offensive weapon, intentionally spread by enemies. Having worked with the CDC and WHO on different things in the past, they don’t even think like that. They just want to stop disease wherever that is possible. They don’t really care who comes up with the cure. Cures eliminate strains being used as weapons and makes perfect sense if they intend to not use them themselves. The alternative is not a very pleasant thought.
The New York Times notes these disease samples were “withheld from the United States” but it appears theses have been withheld from many countries. They are trying to link this to current trade problems with China when there is not a relationship between the two and it has been going on a lot longer than the trade disputes. SARS has been around for years.
I can see two reasons for doing what they are doing. First, they are so focused on dominating markets that they let people die until they develop a vaccine that works. That assures the market will buy from them. Yes, that is an ugly thought, but a logical idea that China is not above.
Second, to prevent the use of any virulent strains as an offensive weapon, intentionally spread by enemies. Having worked with the CDC and WHO on different things in the past, they don’t even think like that. They just want to stop disease wherever that is possible. They don’t really care who comes up with the cure. Cures eliminate strains being used as weapons and makes perfect sense if they intend to not use them themselves. The alternative is not a very pleasant thought.
Qatar and Influence
Qatar's Influence campaign is not much different than what any public relations firm in Washington D.C. does. It looks very familiar to anyone who lives and works around this area. Every country has causes it favors and to get through to government leaders, countries use these firms to steer attitudes, values and beliefs towards their own goals. It is a long-term process. They influence who they can; they neutralize as much contrary comment as they can, and they disrupt or dispute comments made by those with conflicting opinions. The Wall Street Journal lays all this out today in a story about Qatar and a campaign to influence the Trump Administration. Let's call this a classic case study on what worked well to achieve an objective, because that is what it is.
For some, like Alan Dershowitz, the feeling of being duped carries over to this day. Having been there, it is not hard to sympathize. I once got an invitation to visit a foreign country and an offer to meet someone I really wanted to meet. Because of my security clearances, I reported to my government leaders. They said, "Don't be ridiculous. You aren't going there." It was all over in a few seconds, but I already knew what the answer would be anyway, so I wasn't too disappointed. They never contacted me again after that, and no doubt knew I would not be coming before extending the invitation.
Well known public figures get these kinds of invitations all the time, and one probably looks a lot like all the others. Only they can be more than just a friendly invite. They can be manipulation, as this article accurately points out. This kind of appeal often goes hand-in-hand with espionage inside the host country.
The public relations and lobbying firms call it "influence" not manipulation. It is easy to see it their way, since they are not usually pushing very hard on their campaigns. People see through that pretty quickly. When it becomes obvious why the invitation is being made, the ability to influence is lessened. China, Russia, Iran and Qatar influence programs are all cut from the same cloth because they cooperate and learn from one another. Of course, those firms downtown are not part of that mix, are they?
For some, like Alan Dershowitz, the feeling of being duped carries over to this day. Having been there, it is not hard to sympathize. I once got an invitation to visit a foreign country and an offer to meet someone I really wanted to meet. Because of my security clearances, I reported to my government leaders. They said, "Don't be ridiculous. You aren't going there." It was all over in a few seconds, but I already knew what the answer would be anyway, so I wasn't too disappointed. They never contacted me again after that, and no doubt knew I would not be coming before extending the invitation.
Well known public figures get these kinds of invitations all the time, and one probably looks a lot like all the others. Only they can be more than just a friendly invite. They can be manipulation, as this article accurately points out. This kind of appeal often goes hand-in-hand with espionage inside the host country.
The public relations and lobbying firms call it "influence" not manipulation. It is easy to see it their way, since they are not usually pushing very hard on their campaigns. People see through that pretty quickly. When it becomes obvious why the invitation is being made, the ability to influence is lessened. China, Russia, Iran and Qatar influence programs are all cut from the same cloth because they cooperate and learn from one another. Of course, those firms downtown are not part of that mix, are they?
Wednesday, August 29, 2018
Reuters Report on Iran's Influence Campaign
Reuters has an exclusive today on the scope of the Iran Influence Campaign, designed to foster positive attitudes, and beliefs about the Iran Nuclear Deal and other issues. They had content in 11 different languages. Social media has not done well at identifying these entities but has responded when they were pointed out. Twitter said it had deleted a total of 770 accounts. Google reported their efforts earlier.
"A Reuters analysis has identified 10 more sites and dozens of social media accounts across Facebook, Instagram, Twitter and YouTube." The use of al-Manar TV run by Hezbollah, was an unpleasant surprise. Just for information about obfuscation of source material, this article is well worth reading. The Iranians went undetected for several years, so either nobody was looking for them, or they were really good at concealing their sources. See also post on FireEye report.
"A Reuters analysis has identified 10 more sites and dozens of social media accounts across Facebook, Instagram, Twitter and YouTube." The use of al-Manar TV run by Hezbollah, was an unpleasant surprise. Just for information about obfuscation of source material, this article is well worth reading. The Iranians went undetected for several years, so either nobody was looking for them, or they were really good at concealing their sources. See also post on FireEye report.
Tuesday, August 28, 2018
Justice Delayed
It always amazes me that prosecutions for disclosures of classified information take so long. Reality Winner (a name we would have to think was a pseudonym were it not real) was arrested over a year ago, plead guilty, and negotiated a agreement that gave her 63 months in jail. That is for information that was TS/SCI. It really takes too long.
When I worked for DoD I had to support the preparation of a couple of these cases and it is amazing the kinds of things that we had to go through to establish all the elements of the case. We had to call people who could testify to the classification and why the material was classified at that level. We had to show the security agreement that was signed by the subject, the security education reminders that a subject could not give classified information to an unauthorized person. The list went on and on and it took forever to get all these elements together and present them to the US Attorney. All that was done before the information was shared with the subject's attorney who looked at them for a few seconds and recommended a plea deal. Certainly we could focus on this area to streamline the law to reduce the amount of paper that had to be reproduced to show a person who holds a position with the government, and has a Top Secret clearance, and signs off on annual briefings (everyone does this). Lawmakers spend too much time trying to make complications and exceptions rather than focus on the process and cut it back to what is really necessary.
When I worked for DoD I had to support the preparation of a couple of these cases and it is amazing the kinds of things that we had to go through to establish all the elements of the case. We had to call people who could testify to the classification and why the material was classified at that level. We had to show the security agreement that was signed by the subject, the security education reminders that a subject could not give classified information to an unauthorized person. The list went on and on and it took forever to get all these elements together and present them to the US Attorney. All that was done before the information was shared with the subject's attorney who looked at them for a few seconds and recommended a plea deal. Certainly we could focus on this area to streamline the law to reduce the amount of paper that had to be reproduced to show a person who holds a position with the government, and has a Top Secret clearance, and signs off on annual briefings (everyone does this). Lawmakers spend too much time trying to make complications and exceptions rather than focus on the process and cut it back to what is really necessary.
China and Russia Hack Religion
AP has a story today about Russian hacking of the Orthodox Church leadership, which is as much about the Ukraine as Russia. It is nothing new for Russia to hack any political entity, especially one that will take power away from Russian religious leaders and put it in the Ukrainians' hands. Hacking these leaders just tells the Russians what they are planning and gives them time to head that off. Apparently, they are in over their heads on this one because knowing has not stopped the church from moving away from Russian Orthodox leadership. Maybe they know something we don't.
This is not a new endeavor since the Chinese have hacked the Dalai Lama, leader of Tibetan Buddhism, for the last 10 years. They gained access to his personal letters and hundreds of planning documents. To get this information, they hacked a number of embassies around the world, focusing on people who communicated with the leader. They knew his plans before his allies did.
The leaders of Russia and China have different approaches to this since Russia is still largely Orthodox; Russia wants to preserve the Russian Orthodox leadership in Russia. China is officially atheist, and co-ops as many of their religious leaders as possible. They are under China's control or they find it difficult to serve. When China appointed three bishops to the Catholic church, the Pope excommunicated them. Since then, the Pope has been forced to accept two of those same people back into the fold. You can bet the Chinese were hacking the Holy See, right along with the Dalai Lama.
I suppose there are no bounds in intelligence collection, but I have heard that argument before. There are bounds to getting caught doing intelligence collection. Remember Angela Merkel's cell phone? When the Russians and Chinese hack religious leaders, and get caught, they quickly make a few hundred hard-core enemies who look to those leaders for religious guidance.
This is not a new endeavor since the Chinese have hacked the Dalai Lama, leader of Tibetan Buddhism, for the last 10 years. They gained access to his personal letters and hundreds of planning documents. To get this information, they hacked a number of embassies around the world, focusing on people who communicated with the leader. They knew his plans before his allies did.
The leaders of Russia and China have different approaches to this since Russia is still largely Orthodox; Russia wants to preserve the Russian Orthodox leadership in Russia. China is officially atheist, and co-ops as many of their religious leaders as possible. They are under China's control or they find it difficult to serve. When China appointed three bishops to the Catholic church, the Pope excommunicated them. Since then, the Pope has been forced to accept two of those same people back into the fold. You can bet the Chinese were hacking the Holy See, right along with the Dalai Lama.
I suppose there are no bounds in intelligence collection, but I have heard that argument before. There are bounds to getting caught doing intelligence collection. Remember Angela Merkel's cell phone? When the Russians and Chinese hack religious leaders, and get caught, they quickly make a few hundred hard-core enemies who look to those leaders for religious guidance.
Monday, August 27, 2018
Fentanyl with Love - from China
The Chinese are the source of most of the illegal fentanyl in the U.S. That drug is more dangerous than heroin, and harder to detect. It is producing more deaths than heroin too. I don't know why the Chinese would encourage an epidemic of drug use that is not well controlled and traceable back to them. They invite trouble on two fronts.
First, drugs are dangerous when they get traction in any country. Making drugs in your country is going to create an opportunity for the same kinds of drug kingpins to make a profit closer to home. Bloomberg reported exactly that. Chinese arrests are up and concerns mounts on this dangerous drug, but what drives the production is profitability of this special drug. Much better than heroin, it is cheaper to produce and distribute. For much of the time it was being imported, it was not illegal.
Second, illegal drugs make for corruption. Local officials need to cooperate with manufacturing, packaging and distribution. In this case, delivery seems to be by the US Postal Service and US transport companies operating in China. This almost sounds crazy. The drug cartels in Mexico must be envious of such an arrangement.
The Chinese are arrogant about their ability to control and monitor their population because they are the best in the world at censorship. They believe they can control this production by monitoring the raw materials and communications between the customers and the distributors of goods. I have watched some drug dealers over the years and wonder if the Chinese are as good as they think they are. The dark web can spring off a branch or two of pretty good sales and distribution companies that are harder to detect in the US. It seems like the Chinese could prevent these sites from springing up by watching for them. Maybe they can. One thing about criminals, they spend the same amount of time at their jobs as we do at ours. They are good at what they do. Let's see if the Chinese can do anything about this epidemic of their own creation.
First, drugs are dangerous when they get traction in any country. Making drugs in your country is going to create an opportunity for the same kinds of drug kingpins to make a profit closer to home. Bloomberg reported exactly that. Chinese arrests are up and concerns mounts on this dangerous drug, but what drives the production is profitability of this special drug. Much better than heroin, it is cheaper to produce and distribute. For much of the time it was being imported, it was not illegal.
Second, illegal drugs make for corruption. Local officials need to cooperate with manufacturing, packaging and distribution. In this case, delivery seems to be by the US Postal Service and US transport companies operating in China. This almost sounds crazy. The drug cartels in Mexico must be envious of such an arrangement.
The Chinese are arrogant about their ability to control and monitor their population because they are the best in the world at censorship. They believe they can control this production by monitoring the raw materials and communications between the customers and the distributors of goods. I have watched some drug dealers over the years and wonder if the Chinese are as good as they think they are. The dark web can spring off a branch or two of pretty good sales and distribution companies that are harder to detect in the US. It seems like the Chinese could prevent these sites from springing up by watching for them. Maybe they can. One thing about criminals, they spend the same amount of time at their jobs as we do at ours. They are good at what they do. Let's see if the Chinese can do anything about this epidemic of their own creation.
Never Go Where There is Extradition
There is a rule among international criminals with warrants on them that they should be careful about where they go on vacation. This is part of the Justice Department press release:
"According to court documents, Ruslan Yeliseyev, 42, of Odessa, Ukraine, made his living selling stolen financial information on underground Russian-speaking criminal websites. The information that Yeliseyev sold, which had been stolen from approximately 40,000 hacked computers, included over 62,000 credit card numbers as well as usernames and passwords to victims’ online banking accounts. Yeliseyev was arrested while vacationing in Israel in 2016 and subsequently extradited to the United States. "
This has happened before in such wonderful vacation spots as Montenegro. But let me remind you that it works for other countries almost as well as for the US. The Russians charged a few Ukrainian politicians with crimes tried in abstentia so they could not defend themselves. Then they posted Red Notices on Interpol so they could get arrested by anyone who didn't understand the political nature of the charges and the trial. This is a corrupt perversion of the intent of Red Notice postings, but the Russians have never been put off by that.
"According to court documents, Ruslan Yeliseyev, 42, of Odessa, Ukraine, made his living selling stolen financial information on underground Russian-speaking criminal websites. The information that Yeliseyev sold, which had been stolen from approximately 40,000 hacked computers, included over 62,000 credit card numbers as well as usernames and passwords to victims’ online banking accounts. Yeliseyev was arrested while vacationing in Israel in 2016 and subsequently extradited to the United States. "
This has happened before in such wonderful vacation spots as Montenegro. But let me remind you that it works for other countries almost as well as for the US. The Russians charged a few Ukrainian politicians with crimes tried in abstentia so they could not defend themselves. Then they posted Red Notices on Interpol so they could get arrested by anyone who didn't understand the political nature of the charges and the trial. This is a corrupt perversion of the intent of Red Notice postings, but the Russians have never been put off by that.
China Leaves No Doubt On North Korea
In case anyone was wondering, China controls North Korea's actions, including the development of nuclear weapons and rockets to get them to the U.S. We got to see this play out when North Korea was dragging its feet over doing much more than superficial things like exchange visits and sending a few remains back to the U.S. Then, the North decided to back off any further promised things that take more steps towards the real goal - de-nuclearization a word most people forgot soon after the first meeting between the US and the North.
Their reluctance closely followed the tariffs put on Chinese goods. The more tariffs, the less cooperation. Yes, we see the connection here. The Chinese don't do things unless they get a return for their actions, even when the continued progress by the North is not in their best interests. This one is not.
US warships looked at ways to stop the buildup in other ways, and the Chinese did not like that very much. Only the new hawks in the US White House understood the connection and knew the Chinese were not going to listen to anything that did not result in a lessening of US presence in the area. Having a "rouge" like North Korea doing their bidding allowed China to say "that rascal does all kinds of things we can't control" when everyone in diplomatic circles knew better. North Korea only exists because China allows it. It is in their interests to allow a bellicose neighbor to threaten to blow up a US city, even knowing it was an incredible threat. They didn't have a rocket that could reach the US, and a weapon that would fit on it. Retaliation for such an act would be swift and severe. It was not a credible thing to threaten until the North had a weapon and a missile that would take it to the US.
It was easy for the Chinese to get the desired delay in US buildups in forces to get North Korea to agree to "talks", and back off of them when the US put more tariffs on their goods. This did not involve North Korea - no tariffs fell on them, though sanctions, which neither Russia nor China follow, pretend to.
Let's finally recognize that China controls the actions of North Korea and could change their behavior anytime they want to. As such, they are responsible for what the North does. Retaliation has to fall on the father and the son.
Their reluctance closely followed the tariffs put on Chinese goods. The more tariffs, the less cooperation. Yes, we see the connection here. The Chinese don't do things unless they get a return for their actions, even when the continued progress by the North is not in their best interests. This one is not.
US warships looked at ways to stop the buildup in other ways, and the Chinese did not like that very much. Only the new hawks in the US White House understood the connection and knew the Chinese were not going to listen to anything that did not result in a lessening of US presence in the area. Having a "rouge" like North Korea doing their bidding allowed China to say "that rascal does all kinds of things we can't control" when everyone in diplomatic circles knew better. North Korea only exists because China allows it. It is in their interests to allow a bellicose neighbor to threaten to blow up a US city, even knowing it was an incredible threat. They didn't have a rocket that could reach the US, and a weapon that would fit on it. Retaliation for such an act would be swift and severe. It was not a credible thing to threaten until the North had a weapon and a missile that would take it to the US.
It was easy for the Chinese to get the desired delay in US buildups in forces to get North Korea to agree to "talks", and back off of them when the US put more tariffs on their goods. This did not involve North Korea - no tariffs fell on them, though sanctions, which neither Russia nor China follow, pretend to.
Let's finally recognize that China controls the actions of North Korea and could change their behavior anytime they want to. As such, they are responsible for what the North does. Retaliation has to fall on the father and the son.
Wednesday, August 22, 2018
Iranian Influence Campaign
FireEye has a great summary of its investigation of Iran's use of fake news sites to disseminate stories that support Iran's positions on mostly political issues. The report is simple and easy to read, but not very technical. They promise to publish more as it becomes available. The targets were in the US, UK, Latin America and the Middle East. They were definitely covering the waterfront on this one.
There were two main organizations involved, Liberty Front Press and Instituto Manquehue. The article says this about what these groups were doing: " Broadly speaking, the intent behind this activity appears to be to promote Iranian political interests, including anti-Saudi, anti-Israeli, and pro-Palestinian themes, as well as to promote support for specific U.S. policies favorable to Iran, such as the U.S.-Iran nuclear deal (JCPOA). " There is a nice graphic of the relationship between the different entities involved and their targets, but it is general and not the usual tracking diagrams that investigators put together. It is good enough to know that a more detailed map is probably available if it is needed.
If the Iranians are going to this much trouble to sell people on the Iran nuclear agreement they must think this agreement is good for them. A lot of people do not. They want to change attitudes and beliefs about this agreement. Note they did not target the EU. Sometimes, who you do not target tells us as much as who you do.
Added: Google says it removed 39 YouTube Channels that were owned by Iran. They apparently used the research done by FireEye to make this amazing discovery.
There were two main organizations involved, Liberty Front Press and Instituto Manquehue. The article says this about what these groups were doing: " Broadly speaking, the intent behind this activity appears to be to promote Iranian political interests, including anti-Saudi, anti-Israeli, and pro-Palestinian themes, as well as to promote support for specific U.S. policies favorable to Iran, such as the U.S.-Iran nuclear deal (JCPOA). " There is a nice graphic of the relationship between the different entities involved and their targets, but it is general and not the usual tracking diagrams that investigators put together. It is good enough to know that a more detailed map is probably available if it is needed.
If the Iranians are going to this much trouble to sell people on the Iran nuclear agreement they must think this agreement is good for them. A lot of people do not. They want to change attitudes and beliefs about this agreement. Note they did not target the EU. Sometimes, who you do not target tells us as much as who you do.
Added: Google says it removed 39 YouTube Channels that were owned by Iran. They apparently used the research done by FireEye to make this amazing discovery.
Whack-a-Mole at Facebook
Facebook is taking another run at the Russian accounts, and finding some Iranian ones at the same time. They terminate these accounts, and by tomorrow they are dealing with a new set, made by the same people with new personas. It is the "feel good" kind of response that computer security people used to get when they caught someone distributing pornographic material on a business computer. It means absolutely nothing, but it sure feels good.
First, you can't find these people by algorithm. It requires some good old fashioned intelligence work, which they may be getting benefit of, though the small numbers of accounts belie that. Facebook has nearly 2.2 Billion users and they have removed some (the numbers reported this time vary from 200 or less, so there is still some lack of understanding of how these are computed). Regardless, there are not very many. Finding the root suppliers and putting them out of business is harder but worthwhile.
Second, the individual accounts are not that important. We used to look for the cause of an incident at a higher level of abstraction, so when one of our groups that we monitored found pornography on a system, we looked for the same images across our networks. We figured the person selling this stuff was not selling it to this one guy (it always is a guy too, ladies). The Russians are able to produce a lot of letters and pictures but they are basically lazy too. They don't keep producing unique material for each account. Eventually, we traced the pornographic material back to a single source who was using our own computers to distribute (by subscription) 2000 images a day. We then took hashes of his images and searched across more networks. That led back to another distributor. Going after the distributors works better but it doesn't stop pornography any better than we can stop the Russians from starting new accounts and keeping those that survive scrutiny. This whack-a-mole strategy means the Russians get better at what they do or they don't survive. This Darwinian approach makes them good at what they do.
Third, disruption of the Russian covert operations cannot be done by Facebook, Twitter, Instagram, et al. This is our social media fighting a government, or several governments in this case. They will never win. Our governments have to act to stop this by disrupting the operations at the source. Until then, whack-a-mole feels good without doing anything worthwhile.
First, you can't find these people by algorithm. It requires some good old fashioned intelligence work, which they may be getting benefit of, though the small numbers of accounts belie that. Facebook has nearly 2.2 Billion users and they have removed some (the numbers reported this time vary from 200 or less, so there is still some lack of understanding of how these are computed). Regardless, there are not very many. Finding the root suppliers and putting them out of business is harder but worthwhile.
Second, the individual accounts are not that important. We used to look for the cause of an incident at a higher level of abstraction, so when one of our groups that we monitored found pornography on a system, we looked for the same images across our networks. We figured the person selling this stuff was not selling it to this one guy (it always is a guy too, ladies). The Russians are able to produce a lot of letters and pictures but they are basically lazy too. They don't keep producing unique material for each account. Eventually, we traced the pornographic material back to a single source who was using our own computers to distribute (by subscription) 2000 images a day. We then took hashes of his images and searched across more networks. That led back to another distributor. Going after the distributors works better but it doesn't stop pornography any better than we can stop the Russians from starting new accounts and keeping those that survive scrutiny. This whack-a-mole strategy means the Russians get better at what they do or they don't survive. This Darwinian approach makes them good at what they do.
Third, disruption of the Russian covert operations cannot be done by Facebook, Twitter, Instagram, et al. This is our social media fighting a government, or several governments in this case. They will never win. Our governments have to act to stop this by disrupting the operations at the source. Until then, whack-a-mole feels good without doing anything worthwhile.
Tuesday, August 21, 2018
Hanged by the Belt and Road
The Editorial Board of the Wall Street Journal has a great article today on the consequences of Pakistan taking money from the Chinese. "That debt has ballooned as Islamabad borrowed from Chinese banks to finance the China Pakistan Economic Corridor, a $62 billion scheme to build transport and energy projects. The program is a showcase for China’s Belt and Road Initiative, a push to build infrastructure in Asia, Europe and Africa." So, the leadership has to deal with a financial crisis of its predecessor's doing.
As I said in the Chinese Information War, the Chinese work a little more like the Mafia than a benevolent country. It's the old "make them an offer they can't refuse" approach, except that unlike the IMF or the US the money is actually supposed to be repaid at usury rates. What the US is doing now is saying to the IMF, we should not be allowing the IMF to give money to countries paying these kinds of rates to Chinese investors when they borrow to pay up. When they can't pay, the Chinese are more than glad to accept something of value - like a port facility- as payment. The debts never get less at these rates, and eventually they own the store. This is extortion, in case you forgot.
As I said in the Chinese Information War, the Chinese work a little more like the Mafia than a benevolent country. It's the old "make them an offer they can't refuse" approach, except that unlike the IMF or the US the money is actually supposed to be repaid at usury rates. What the US is doing now is saying to the IMF, we should not be allowing the IMF to give money to countries paying these kinds of rates to Chinese investors when they borrow to pay up. When they can't pay, the Chinese are more than glad to accept something of value - like a port facility- as payment. The debts never get less at these rates, and eventually they own the store. This is extortion, in case you forgot.
Microsoft VS the Russians
Microsoft had a post yesterday that attracted a lot of press coverage. It concerns an attempt by Russians to take over domains and draw people to them. Microsoft says this time it is the Russians and they are after Congress and Conservative groups. The Chinese have been doing this for years and nobody raised a fuss, including Microsoft, which had bogus domains operated by China. It was Google who took on China on this one by not accepting certificates issued by China's NIC. Microsoft had the same problems with bogus certs and chose to put them on the certificate revocation list. That does nothing.
In any area of computer security, we tend to focus on things that are "hot" at the time. The past couple of years it has been the Russians. Before that, it was the Chinese. I remember the Eastern European gangs being hot at one time. Does anyone remember all the fake accounts on AOL? Does anyone remember AOL?
I used to be critical of security functions when the focus on things that are the hot item of the day. They are using IPs, tools and techniques to focus on certain areas that have been discovered by other security groups who publish reports. They are surprised to find the same folks in their systems, using those same IPs and techniques. They get some satisfaction from finding these people when they shouldn't.
The real trick in security is to find the new tools, the different IPs and technique, and stay ahead of the game. Even that is not what should be done, but it is all that a normal security office can do. We know who the groups are that are doing these kinds of things. They change their tools and upgrade their techniques as fast as we can discover them. They are as good at their jobs as we are at ours. Does anyone want to change this game, or just let it go on as it is?
This is behind the debates going on in this new Administration. We can change the rules of the game but we better be really good when we do. It is going to elevate the arms race for better security and better attack scenarios when the intelligence services of the world are fine with the status quo. They are going to have to work a lot harder.
In any area of computer security, we tend to focus on things that are "hot" at the time. The past couple of years it has been the Russians. Before that, it was the Chinese. I remember the Eastern European gangs being hot at one time. Does anyone remember all the fake accounts on AOL? Does anyone remember AOL?
I used to be critical of security functions when the focus on things that are the hot item of the day. They are using IPs, tools and techniques to focus on certain areas that have been discovered by other security groups who publish reports. They are surprised to find the same folks in their systems, using those same IPs and techniques. They get some satisfaction from finding these people when they shouldn't.
The real trick in security is to find the new tools, the different IPs and technique, and stay ahead of the game. Even that is not what should be done, but it is all that a normal security office can do. We know who the groups are that are doing these kinds of things. They change their tools and upgrade their techniques as fast as we can discover them. They are as good at their jobs as we are at ours. Does anyone want to change this game, or just let it go on as it is?
This is behind the debates going on in this new Administration. We can change the rules of the game but we better be really good when we do. It is going to elevate the arms race for better security and better attack scenarios when the intelligence services of the world are fine with the status quo. They are going to have to work a lot harder.
Who is Really Hacking the Elections?
It was a little strange yesterday to hear about John Bolton’s comments concerning election hacks by Iran, North Korea, and “maybe China” which got very little press coverage after it was said by an Israeli spokesman. Either the press does not see this as credible, or it doesn’t fit their narrative that it was the Russians, and only the Russians.
I have said a number of times that Russia was not the only country trying to hack the US elections. The Chinese did it first, over 10 years ago, hacking the campaigns of both Obama and McCain. Nobody seemed to care about this at the time, nor do any of the press outlets seem to remember. As far as anyone knows, these were intelligence collection so the information they got was not published in newspapers or TV. It seems to be the Russians who found favor in making the kind of information public, disrupting a lot of those who hacked and never talked about it. They even disrupted their own intelligence service when they were caught in the Democratic National Committee. That was clumsy. I always thought there was something strange about that. These kinds of operations are usually done by one part of the intelligence service and not by more than one, to avoid that very thing.
Now we find out that several countries may have been involved. This tends to cloud attribution, political narratives, and motivations. We are looking so hard for Russians that we stopped looking for the others who are doing this. It is so easy that any country can do it. Our politicians need to devote a lot more money to computer security. It isn’t a priority to them, and it should be.
I have said a number of times that Russia was not the only country trying to hack the US elections. The Chinese did it first, over 10 years ago, hacking the campaigns of both Obama and McCain. Nobody seemed to care about this at the time, nor do any of the press outlets seem to remember. As far as anyone knows, these were intelligence collection so the information they got was not published in newspapers or TV. It seems to be the Russians who found favor in making the kind of information public, disrupting a lot of those who hacked and never talked about it. They even disrupted their own intelligence service when they were caught in the Democratic National Committee. That was clumsy. I always thought there was something strange about that. These kinds of operations are usually done by one part of the intelligence service and not by more than one, to avoid that very thing.
Now we find out that several countries may have been involved. This tends to cloud attribution, political narratives, and motivations. We are looking so hard for Russians that we stopped looking for the others who are doing this. It is so easy that any country can do it. Our politicians need to devote a lot more money to computer security. It isn’t a priority to them, and it should be.
Monday, August 20, 2018
Censorship in Social Media
There seems to be some confusion today about what social media should do to censor its own content. This being after Twitter and others decided to cut off Alex Jones and his INFOWAR stream of nonsense. Now, some of the same people who were clamoring for censorship have decided the social media are not very good at it. Not a surprise to anyone.
We have already forgotten what this effort to sanitize social media was really about. Russia hired some people to run ads and support divisive issues in our social media channels. It was not just the content of this material that was at issue, but the source of it. It was Russian intelligence services who were doing it and not some lady in Iowa who thought Black Lives Matter needed more help in its organizing. Focusing on that would be a better approach. This is not a free speech issue, since the Russian intelligence services don't get rights under the US Constitution, even though they claim them.
Social media did a lousy job of trying to discover what accounts had been established by Russian firms. They used payment in rubles as one of the measures of sources of funding, and otherwise grossly underestimated the extent of the trouble. Let's face it - they really didn't want to know how much of this was going on. They saw themselves as not being responsible for content unless it went over the legal line of child porn or ISIS propaganda. They didn't do very well with either one of those either.
That's because social media still sees itself as not responsible for content. Whether we believe they should be is something that has to be debated because it is not a simple matter. It is a little like automobile vendors being responsible for the driving habits of those who buy their cars, or gun dealers getting the blame for how their guns are used. At the same time, we don't want the Russians doing what they did or ISIS continuing to do their pieces. But let's not confuse this with free speech.
Social media cannot do what they need to do without some help, which they do not want. This is about foreign governments making up issues to present to the world's people who use social media, as part of an Information Warfare campaign. In order to do that, social media outlets need to know who these people are and get them off their outlets, a much harder problem. They kill one account and those same people get new accounts. It is a whack-a-mole game for them. Even intelligence services find it hard to keep up with this kind of attack, but they are the only ones trying to do that. IF the social media wants to make progress they are going to have to work together to ban certain sponsored activities from their media. The only way they can do that is start their own intelligence service to identify the targets, or use the ones governments allow them to use. They don't like either option, but we are not going to live with the results of their clumsy attempts to clean up a problem they are not capable of identifying or doing anything about.
We have already forgotten what this effort to sanitize social media was really about. Russia hired some people to run ads and support divisive issues in our social media channels. It was not just the content of this material that was at issue, but the source of it. It was Russian intelligence services who were doing it and not some lady in Iowa who thought Black Lives Matter needed more help in its organizing. Focusing on that would be a better approach. This is not a free speech issue, since the Russian intelligence services don't get rights under the US Constitution, even though they claim them.
Social media did a lousy job of trying to discover what accounts had been established by Russian firms. They used payment in rubles as one of the measures of sources of funding, and otherwise grossly underestimated the extent of the trouble. Let's face it - they really didn't want to know how much of this was going on. They saw themselves as not being responsible for content unless it went over the legal line of child porn or ISIS propaganda. They didn't do very well with either one of those either.
That's because social media still sees itself as not responsible for content. Whether we believe they should be is something that has to be debated because it is not a simple matter. It is a little like automobile vendors being responsible for the driving habits of those who buy their cars, or gun dealers getting the blame for how their guns are used. At the same time, we don't want the Russians doing what they did or ISIS continuing to do their pieces. But let's not confuse this with free speech.
Social media cannot do what they need to do without some help, which they do not want. This is about foreign governments making up issues to present to the world's people who use social media, as part of an Information Warfare campaign. In order to do that, social media outlets need to know who these people are and get them off their outlets, a much harder problem. They kill one account and those same people get new accounts. It is a whack-a-mole game for them. Even intelligence services find it hard to keep up with this kind of attack, but they are the only ones trying to do that. IF the social media wants to make progress they are going to have to work together to ban certain sponsored activities from their media. The only way they can do that is start their own intelligence service to identify the targets, or use the ones governments allow them to use. They don't like either option, but we are not going to live with the results of their clumsy attempts to clean up a problem they are not capable of identifying or doing anything about.
Sunday, August 19, 2018
Election Meddling or Something Else
Reuters has an exclusive story today with an interesting twist. Election meddling is being claimed by two losers of California primaries, with an addition that the FBI is probing their claims of potential manipulation of election results. Both the candidates lost to their own party's candidates in primaries, so there was no claim that one party undermined the other.
I find this interesting from a couple of perspectives. First, the losers went to the Democratic National Committee to get help on investigating the cases and got none. It was "too expensive" to hire a security firm to do an investigation, estimated to cost about $50,000 each for two cases. If you take a look at the figures, this wasn't about money, as much as priorities. One of the candidates, Min raised over $1,000,000. So $50,000 wasn't that much. I don't find the "too much" very credible. He only got 17% of the vote.
I think we are going to see more of this. A person loses the election and complains afterwards that his systems were hacked. Call in the FBI and delay the whole process and make losing sound like something other than what it was.
I find this interesting from a couple of perspectives. First, the losers went to the Democratic National Committee to get help on investigating the cases and got none. It was "too expensive" to hire a security firm to do an investigation, estimated to cost about $50,000 each for two cases. If you take a look at the figures, this wasn't about money, as much as priorities. One of the candidates, Min raised over $1,000,000. So $50,000 wasn't that much. I don't find the "too much" very credible. He only got 17% of the vote.
I think we are going to see more of this. A person loses the election and complains afterwards that his systems were hacked. Call in the FBI and delay the whole process and make losing sound like something other than what it was.
Friday, August 17, 2018
Philippines Claims Islands in South China Sea
The Philippines is not backing off the South China Sea and has criticized China for staking claim to places and threatening aircraft and ships passing though those spaces. In an article today, Reuters quoting a Chinese representative, indicating "China urges the relevant party to meet China halfway, and jointly protect the present good situation that has not come easily in the South China Sea." No kidding.
The UN already ruled on this issue and the Philippines started that complaint. By the UN's reckoning the Chinese have no right to those islands, and building them is an offence to the rights of the Philippines in international trade. There is no middle way, and whether it is a good thing or not depends on where you sit. The US and Philippines don't think it is such a good thing. China has raised the stakes every year by militarizing the islands after saying they wouldn't. Now they give the US reason to believe they may be practicing attacking US ships and other targets. They are raising the stakes again. China bought off the Philippines President for several years, but that good will is slowly running out, as is the largess.
The UN already ruled on this issue and the Philippines started that complaint. By the UN's reckoning the Chinese have no right to those islands, and building them is an offence to the rights of the Philippines in international trade. There is no middle way, and whether it is a good thing or not depends on where you sit. The US and Philippines don't think it is such a good thing. China has raised the stakes every year by militarizing the islands after saying they wouldn't. Now they give the US reason to believe they may be practicing attacking US ships and other targets. They are raising the stakes again. China bought off the Philippines President for several years, but that good will is slowly running out, as is the largess.
Chinese Counterfeiting Unabated
The Justice Department announced today that they are indicting 22 people for bringing counterfeit goods from China into the US. The press release says those goods were ...Trafficked Items that Included Fake Louis Vuitton and Tory Burch Handbags, Michael Kors Wallets, Hermes Belts and Chanel Perfume. The value of these goods was estimated to be $450 million. The classes of criminals included the importers, distributors, and internal shippers who apparently knew the goods were counterfeit.
The Chinese, in spite of promising to do better, have not. They are still cranking out a variety of goods blatantly counterfeited. This case took place in the US but there are many places in the world selling the same products. This is a different kind of intellectual property theft, but it is still IP and trademark theft. The Chinese were doing this for more than 50 years. My Marketing professor showed us Parker Pens that were imported from China. He bought all of his in the Middle East.
The Chinese, in spite of promising to do better, have not. They are still cranking out a variety of goods blatantly counterfeited. This case took place in the US but there are many places in the world selling the same products. This is a different kind of intellectual property theft, but it is still IP and trademark theft. The Chinese were doing this for more than 50 years. My Marketing professor showed us Parker Pens that were imported from China. He bought all of his in the Middle East.
Thursday, August 16, 2018
Something is Amiss
The Editorial Board of the Wall Street Journal did not like the President's action to revoke the security clearance of the former CIA Director, John Brennan. They thought it would be better just to declassify the FISA warrant application so the US people could see for themselves what was really going on. There has to be more than this than the simple analysis by the Editorial Board.
I always wondered if Brennan got his public statements approved before they were said out loud to the public. No government would allow a former employee to say some of the things he had said, which leads me to conclude that he didn't ask for permission. Since he had the types of clearances that required that, he was playing on the edge to begin with. He played the "I know something you don't know" game for a long time, insinuating that the President was directly involved with the Russians and therefore had a presidency that was not legitimate. If he knew that for sure from material he had read at the CIA, the information would have been classified at the highest levels and certainly not releasable to the press or public. Somebody would have warned him to not do that anymore, yet there seems to be no let up of any kind.
Beyond that, I wonder what the White House knows about Brennan's post Director actions, and what involvement he had in the preparation of the FISA warrant application. By now, several Congressmen with access to the un-redacted warrant and the FBI's classified portion of the I.G. report have been discussing the aspects with the White House. They know what is really going on, but we don't. Something is really amiss here. The Editorial Board starts with an unusual, but accurate statement:
"John Brennan is one of the fiercest partisans ever to serve as CIA director." The US certainly does not need that precedent for others to follow. Just a reminder that two people signed a memorandum that allowed dissemination of highly classified information within the Obama Administration - far more than had ever been done before. Those two were John Brennan and Loretta Lynch.
I always wondered if Brennan got his public statements approved before they were said out loud to the public. No government would allow a former employee to say some of the things he had said, which leads me to conclude that he didn't ask for permission. Since he had the types of clearances that required that, he was playing on the edge to begin with. He played the "I know something you don't know" game for a long time, insinuating that the President was directly involved with the Russians and therefore had a presidency that was not legitimate. If he knew that for sure from material he had read at the CIA, the information would have been classified at the highest levels and certainly not releasable to the press or public. Somebody would have warned him to not do that anymore, yet there seems to be no let up of any kind.
Beyond that, I wonder what the White House knows about Brennan's post Director actions, and what involvement he had in the preparation of the FISA warrant application. By now, several Congressmen with access to the un-redacted warrant and the FBI's classified portion of the I.G. report have been discussing the aspects with the White House. They know what is really going on, but we don't. Something is really amiss here. The Editorial Board starts with an unusual, but accurate statement:
"John Brennan is one of the fiercest partisans ever to serve as CIA director." The US certainly does not need that precedent for others to follow. Just a reminder that two people signed a memorandum that allowed dissemination of highly classified information within the Obama Administration - far more than had ever been done before. Those two were John Brennan and Loretta Lynch.
Cyber Attack Rules Changing
According to press reports today (e.g. the WSJ) the US President has signed a new Executive Order on cyber changing the rules expressed in Presidential Policy Directive 20. What the Journal article says is the President is seeking to deter election interference and theft of intellectual property through more "forceful responses". This will make a lot of people in the Defense Department and a few Congressmen happy, but the proof will be in the administration of the programs that come from it and not the statement of a policy the allows for cyber responses.
The Obama Administration believed a response to a cyber attack did not have to be a cyber attack by the U.S. Sanctions, and similar actions would be just as good in deterring attacks by our adversaries. How did that work out? Not so good.
The North Koreans attacked Sony; the Russians tried to undermine the national elections in 2016; the Iranians attacked US banks, and a bunch of hackers continue to make a living at criminal enterprises based in places they cannot seem to be extradited. A more forceful response is a good idea but the least of our concerns.
In my last testimony on the Hill I was asked a question about the wisdom of a more aggressive response to some of the incidents we have had. I said we are not ready to do any such thing. There are quite a few hotshots in the government who think we can strike in ways that will deter others from doing further attacks, but I think it will encourage better attacks, not an end to them. This is not a government-only war. Our businesses are not ready to respond to attacks, as their track record with protecting proprietary information would show. They will get pummeled, and our government cyber forces are no better.
All anyone has to do is read the string of Inspector General reports over the last few years and know that government security is not doing the job. There are exceptions. Some companies are very good, and a couple of government agencies are great. The counter attacks will not be directed at them. We better be careful about what the folks at Cyber Command think they can do, because they consistently overestimated their capability and underestimated the infrastructure's ability to resist attacks.
The Obama Administration believed a response to a cyber attack did not have to be a cyber attack by the U.S. Sanctions, and similar actions would be just as good in deterring attacks by our adversaries. How did that work out? Not so good.
The North Koreans attacked Sony; the Russians tried to undermine the national elections in 2016; the Iranians attacked US banks, and a bunch of hackers continue to make a living at criminal enterprises based in places they cannot seem to be extradited. A more forceful response is a good idea but the least of our concerns.
In my last testimony on the Hill I was asked a question about the wisdom of a more aggressive response to some of the incidents we have had. I said we are not ready to do any such thing. There are quite a few hotshots in the government who think we can strike in ways that will deter others from doing further attacks, but I think it will encourage better attacks, not an end to them. This is not a government-only war. Our businesses are not ready to respond to attacks, as their track record with protecting proprietary information would show. They will get pummeled, and our government cyber forces are no better.
All anyone has to do is read the string of Inspector General reports over the last few years and know that government security is not doing the job. There are exceptions. Some companies are very good, and a couple of government agencies are great. The counter attacks will not be directed at them. We better be careful about what the folks at Cyber Command think they can do, because they consistently overestimated their capability and underestimated the infrastructure's ability to resist attacks.
Wednesday, August 15, 2018
Understanding the Surveillance State
For a good article on surveillance by Chinese government entities, read the Reuters From laboratory in far west, China's surveillance State spreads quietly. I have been studying this for so long, I forget that surveillance is oppression of the worst kind. This article puts that in perspective because the examples are not Muslim terrorists or gang members. These are the business people who work and travel in the Uighur areas of the North-west. Apparently, the Chinese liked the results of the clamp down on the Uighur that they are applying the same principles in other parts of the country, putting anyone travelling to that area under intense scrutiny. In China, there is no privacy. What the average person gets in exchange for giving up their privacy is something called "harmony", the peacefulness that comes from knowing your government is watching you - and everybody else too.
Tencent Crashes
Well, Facebook lost a lot of its value, but it didn't compare to Tencent, which from January to now has lost 29% of its share value. As the Journal points out today, that loss is roughly the entire value of Walt Disney Co. At least part of that was inflicted by government regulators who chopped a popular game, Monster Hunter: World. The Chinese say there were too many complaints about this game. There is nothing wrong with it that I can see, and it is a lot better than having human beings exploding after being hit by a rocket attack.
Tuesday, August 14, 2018
Hong Kong Protests Speaker at Press Club
There was a lot of reporting on the speech of Andy Chan, founder of the Hong Kong National Party which will no doubt be one the way out of favor. But, the Hong Kong Free Press puts a different slant on the story actually quoting some of the protestors who showed up at the door of the Press Club. The HKFP says there were almost 200, but most reports gave the number around 50.
The Free Press quoted a group called the Voice of Loving Hong Kong as saying independence advocates should move. The logic of that fails to inspire anyone. Another group leader was quoted as saying the government should invoke Article 23 which is a national security law says: Article 23 of the Basic Law provides that Hong Kong “shall enact laws on its own to prohibit any act of treason, secession, sedition [or] subversion against the [central government], or theft of state secrets, to prohibit foreign political organisations or bodies from conducting political activities in [Hong Kong], and to prohibit political organisations or bodies of [Hong Kong] from establishing ties with foreign political organisations or bodies”. Hong Kong never passed their own Article 23 legislation and when they tried in 2003, there were revolts in the streets.
The Chinese are too thin-skinned to allow one person to speak on the subject of independence of Hong Kong. Unless they believe this message is going to cause a revolution in Hong Kong, they have no reason to make a mountain out of this mole hill. Maybe one person can make a difference.
The Free Press quoted a group called the Voice of Loving Hong Kong as saying independence advocates should move. The logic of that fails to inspire anyone. Another group leader was quoted as saying the government should invoke Article 23 which is a national security law says: Article 23 of the Basic Law provides that Hong Kong “shall enact laws on its own to prohibit any act of treason, secession, sedition [or] subversion against the [central government], or theft of state secrets, to prohibit foreign political organisations or bodies from conducting political activities in [Hong Kong], and to prohibit political organisations or bodies of [Hong Kong] from establishing ties with foreign political organisations or bodies”. Hong Kong never passed their own Article 23 legislation and when they tried in 2003, there were revolts in the streets.
The Chinese are too thin-skinned to allow one person to speak on the subject of independence of Hong Kong. Unless they believe this message is going to cause a revolution in Hong Kong, they have no reason to make a mountain out of this mole hill. Maybe one person can make a difference.
Steel and Aluminum Tariffs Don't Bother China
China's aluminum production was year-over-year 12% higher last month. Steel is up too, in spite of anti-smog regulations that seem to only be important when there is less money to be made in production. That is why we still an see smog so thick it is damaging to the health of millions of people. Tariffs don't seem to stop the production of these staples of manufacturing.
New Explanation for Uighur Camps
I loved the variety of ways the Chinese have chosen to say they are not keeping the Uighur in Gulags for Muslims. This latest one today is that these camps are really vocational schools for criminals so they can help rehabilitate themselves. I think Stalin described his camps the same way, so they didn't have to look far for a new way to describe what is definitely a prison by any other name.
The UN must have very solid evidence of these camps because the Chinese first impulse was to deny they have any such thing. Now they have come around to an alternative approach - twice. They usually don't do that unless they know their "official position" is not holding up under scrutiny from the outside. Making the Uighur criminals is a novel way of saying the practice of religion, unless it conforms to state norms, is a crime. They have done this before with a number of groups, usually starting with the idea that they are cults, not religious groups. Then they ban access to any website that mentions them, effectively cutting off any chance for additional recruits. Then they arrest those they can find and send them to jail or rehabilitation. It does not take long for the groups to disappear.
The UN must have very solid evidence of these camps because the Chinese first impulse was to deny they have any such thing. Now they have come around to an alternative approach - twice. They usually don't do that unless they know their "official position" is not holding up under scrutiny from the outside. Making the Uighur criminals is a novel way of saying the practice of religion, unless it conforms to state norms, is a crime. They have done this before with a number of groups, usually starting with the idea that they are cults, not religious groups. Then they ban access to any website that mentions them, effectively cutting off any chance for additional recruits. Then they arrest those they can find and send them to jail or rehabilitation. It does not take long for the groups to disappear.
Monday, August 13, 2018
Record in a Sensitive Area?
We have the story today of Omarosa Manigault-Newman who claims to have recorded a conversation in one of the most sensitive locations in the US. This is not believable in two respects, first that she knew better than to record anything in that area. She had security briefings and the sensitivity of the things going on in that room that might impact national security. I hope the White House has her security clearance suspended by this afternoon, and revoked after her hearing is over. There is no excuse for this kind of activity.
Second, you have to wonder why the White House did not detect this device and have her removed before any recording was made. I always had devices that would detect cell phones and recorders and never allowed meetings without them turned on. There were too frequent times when individuals would be caught with a cell phone still on. They could have been recording. Less so with recording devices because there is only one purpose for those and a person knows better than to get caught with one.
One of the most unusual cases in our area was a hospital just down the road from where I live. A patient was recording the doctors instruction and a nurse came by and took the recorder away underneath the cart the patient was being transported on. It recorded the conversation of the doctors operating on him, with comments on how much of a hypochondriac he was. He sued and won. My wife had surgery there and the procedures were pretty rigorous to make sure nobody had one coming into the treatment rooms or surgeries. Too late. These are the kinds of things a good security person knows. You can give the hospital some slack for not taking better care. The White House should know better.
Second, you have to wonder why the White House did not detect this device and have her removed before any recording was made. I always had devices that would detect cell phones and recorders and never allowed meetings without them turned on. There were too frequent times when individuals would be caught with a cell phone still on. They could have been recording. Less so with recording devices because there is only one purpose for those and a person knows better than to get caught with one.
One of the most unusual cases in our area was a hospital just down the road from where I live. A patient was recording the doctors instruction and a nurse came by and took the recorder away underneath the cart the patient was being transported on. It recorded the conversation of the doctors operating on him, with comments on how much of a hypochondriac he was. He sued and won. My wife had surgery there and the procedures were pretty rigorous to make sure nobody had one coming into the treatment rooms or surgeries. Too late. These are the kinds of things a good security person knows. You can give the hospital some slack for not taking better care. The White House should know better.
China Warns US Aircraft
BBC has a nice report on what the US military faces every day in the South China Sea. They repeated a trip into disputed territory (the first time, about 10 years ago, they used a private plane) only this time they rode on a US aircraft. They recorded the interchanges with US pilots where the US was warned to keep away. The Chinese were pretty professional with the US aircraft, but less so with a Philippine pilot who was told to get out and stay out in much less polite fashion.
It is interesting to actually hear these exchanges rather than hear about them.
It is interesting to actually hear these exchanges rather than hear about them.
Chinese Deny Uighur Camps
There are more questions in the Chinese response to the claim by the UN that China holds a million people in camps reminiscent of Mao and Stalin, similar to the Gulags. China admits that many people required "re-education" but denying the existence of the kind of camps the UN claimed existed. This is a splitting of hairs that sounds stupid to the average person. Yes, we have camps that are needed to retrain people who have been influenced by extremists, but we don't have detention camps. Please....
A Chinese spokesperson was quoted in the article as saying: “On freedom of religious belief, Xinjiang guarantees citizens freedom of religious belief and protects normal religious activities,” he said.
“Those deceived by religious extremism ... shall be assisted by resettlement and re-education,” he added.
Resettlement and re-education, but no camps....
Then, we have to wonder why, in the same area of the country, one of the largest mosques was going to be shut down before protests gave it some more time. Most of the articles have pictures of the place and it is certainly a huge mosque. The Chinese are claiming the mosque did not have proper permits, but it does not look like it is done with construction which took awhile to complete.
One both counts the Chinese relate a series of incredible arguments that don't hold up on even the most casual examinations. They may be able to manage the news, but they need a credible story to tell to make it worth telling these stories. The Chinese are blatantly opposed to organized religion. The Catholics have a difficult time and finally yielded to the controls China wanted. The Muslims are going though the same thing. Getting Imams appointed by the state might be a bridge too far for some Muslims. It's not like the Chinese to carry these kind of arguments along without some credible story that proves their point. This approach sounds like fantasy.
A Chinese spokesperson was quoted in the article as saying: “On freedom of religious belief, Xinjiang guarantees citizens freedom of religious belief and protects normal religious activities,” he said.
“Those deceived by religious extremism ... shall be assisted by resettlement and re-education,” he added.
Resettlement and re-education, but no camps....
Then, we have to wonder why, in the same area of the country, one of the largest mosques was going to be shut down before protests gave it some more time. Most of the articles have pictures of the place and it is certainly a huge mosque. The Chinese are claiming the mosque did not have proper permits, but it does not look like it is done with construction which took awhile to complete.
One both counts the Chinese relate a series of incredible arguments that don't hold up on even the most casual examinations. They may be able to manage the news, but they need a credible story to tell to make it worth telling these stories. The Chinese are blatantly opposed to organized religion. The Catholics have a difficult time and finally yielded to the controls China wanted. The Muslims are going though the same thing. Getting Imams appointed by the state might be a bridge too far for some Muslims. It's not like the Chinese to carry these kind of arguments along without some credible story that proves their point. This approach sounds like fantasy.
Saturday, August 11, 2018
A Million Uighurs in Camps
As what seems to be a follow-up to the story yesterday by Marco Rubio, BBC and the Reuters have both picked up a story saying a million Uighurs are in camps run by China's central government. The information comes from the UN Committee on the Elimination of Racial Discrimination. China denies that any such camps exist.
A million people are too hard to hide. We should probably believe the Uighurs and the UN on this one, and wonder why the Chinese don't own up to having this large number in 're-education' camps. People in these camps are said to be poorly fed and housed, tortured, and forced to chant slogans of loyalty to the Party. This sounds more like Stalin or Mao than anyone recent, but it must not be enough to monitor everyone in the region as those individuals have been. They are watched all the time. Their travel is controlled. There are profiles prepared on anyone with an inclination to speak up on the kind of overkill being used on them every day. The Chinese are not particularly fond of Muslims, or anyone with a professed religion that they can call extreme. So, in the name of religious extremism they press hard to make sure these people do not cause trouble.
A million people are too hard to hide. We should probably believe the Uighurs and the UN on this one, and wonder why the Chinese don't own up to having this large number in 're-education' camps. People in these camps are said to be poorly fed and housed, tortured, and forced to chant slogans of loyalty to the Party. This sounds more like Stalin or Mao than anyone recent, but it must not be enough to monitor everyone in the region as those individuals have been. They are watched all the time. Their travel is controlled. There are profiles prepared on anyone with an inclination to speak up on the kind of overkill being used on them every day. The Chinese are not particularly fond of Muslims, or anyone with a professed religion that they can call extreme. So, in the name of religious extremism they press hard to make sure these people do not cause trouble.
Friday, August 10, 2018
China Puts Heat on Muslims
In contrast to my post yesterday about the unwillingness of some liberals to express any negative views of Muslim extremists, China has no such qualms, and there is no need to include the qualifier "extremist". There is a chilling story in the Wall Street Journal today about how the treatment of Uyghurs, written by Marco Rubio.
He claims that some one million people may be in "re-education camps" and many of them are from the Xinjiang Uyghur Autonomous Region. Arrest rates for Uyghurs who are 1.5% of China's population, are running at 21%.
He sees the need for action, recommending the following" The U.S. should apply Global Magnitsky Act sanctions against Xinjiang Communist Party Secretary Chen Quanguo. A Politburo member, he first gained experience with repression in Tibet. His tenure as party chief in Xinjiang has coincided with the proliferation of re-education camps, and he is seen as an innovator in his dark craft."
I'm not exactly sure what this would accomplish. China doesn't react to outside pressure on internal matters, and this one has another side. There were a series of attacks on civilians where people where killed with knives and hatchets. China wants to avoid this kind of event as much as the U.S. There capability to monitor communications, track individuals, and financial transactions makes it difficult to hide in China. There are only a small minority of Muslims doing this kind of thing, but China does call it like it is. These are radical Muslim extremists and need to be stopped.
He claims that some one million people may be in "re-education camps" and many of them are from the Xinjiang Uyghur Autonomous Region. Arrest rates for Uyghurs who are 1.5% of China's population, are running at 21%.
He sees the need for action, recommending the following" The U.S. should apply Global Magnitsky Act sanctions against Xinjiang Communist Party Secretary Chen Quanguo. A Politburo member, he first gained experience with repression in Tibet. His tenure as party chief in Xinjiang has coincided with the proliferation of re-education camps, and he is seen as an innovator in his dark craft."
I'm not exactly sure what this would accomplish. China doesn't react to outside pressure on internal matters, and this one has another side. There were a series of attacks on civilians where people where killed with knives and hatchets. China wants to avoid this kind of event as much as the U.S. There capability to monitor communications, track individuals, and financial transactions makes it difficult to hide in China. There are only a small minority of Muslims doing this kind of thing, but China does call it like it is. These are radical Muslim extremists and need to be stopped.
Thursday, August 9, 2018
Reporting on Terror Training
I heard a story on Fox News today and thought a radical Muslim camp in New Mexico was a training ground for children who were being taught to use military style weapons to shoot up schools.
If you read the same story in the Washington Post you would not know the operators of the site were Muslim, radical or not. The only part of the story that was the same is the operators were training children to shoot guns. We used to do that at Boy Scout training.
CNN does mention that the trainers were related to the "controversial" Imam in New York, and quotes him as saying he didn't know anything about this camp. If you read that story alone, you would be shocked by the Fox story when you saw it later.
Let's try to look at this as a factual news story. Is it relevant that the people at this camp were Muslims training children to shoot up schools? I think it was. Unlike the Obama White House, we should be calling this kind of activity what it is, radical Muslim extremism. It is the kind of thing that needs to be reported as it is, not edit out those parts that are not to the liking of any part of the political spectrum. That is self censorship, which benefits few who may want to know what the people in New Mexico are really up to.
There will be a few people who will bemoan the unfairness of claiming someone is doing something bad until they have not been convicted in court, but newspapers do not carry that qualifier that all the Justice Department press releases carry: Being arrested does not imply guilt of the suspect. News outlets never bother with that. But they are willing to self-censor the idea that radical Muslims might gather a bunch of children together and teach them to kill other children in schools. That is politics over their own professional standards.
If you read the same story in the Washington Post you would not know the operators of the site were Muslim, radical or not. The only part of the story that was the same is the operators were training children to shoot guns. We used to do that at Boy Scout training.
CNN does mention that the trainers were related to the "controversial" Imam in New York, and quotes him as saying he didn't know anything about this camp. If you read that story alone, you would be shocked by the Fox story when you saw it later.
Let's try to look at this as a factual news story. Is it relevant that the people at this camp were Muslims training children to shoot up schools? I think it was. Unlike the Obama White House, we should be calling this kind of activity what it is, radical Muslim extremism. It is the kind of thing that needs to be reported as it is, not edit out those parts that are not to the liking of any part of the political spectrum. That is self censorship, which benefits few who may want to know what the people in New Mexico are really up to.
There will be a few people who will bemoan the unfairness of claiming someone is doing something bad until they have not been convicted in court, but newspapers do not carry that qualifier that all the Justice Department press releases carry: Being arrested does not imply guilt of the suspect. News outlets never bother with that. But they are willing to self-censor the idea that radical Muslims might gather a bunch of children together and teach them to kill other children in schools. That is politics over their own professional standards.
Wednesday, August 8, 2018
BBC's Surprise
BBC seemed to be surprised yesterday when China cut off access to its website. All it did was convert to HTTPS which makes a somewhat secure connection to the site from a user's computer. The Chinese do not like any connection they can't monitor, or redirect, so they cut them off. You have to think about this for a bit to let the implications sink in.
The more secure a site - or a business- becomes, the less the Chinese like it. They have banned VPNs for business networks, exposing any communications to monitoring. that includes proprietary business plans, pricing, intellectual property, and a lot of other things businesses don't want their competitors or government to know. In this case, the Chinese government is a competitor.
By blocking BBC and a number of others doing the same thing, they indicate their willingness to monitor who gets access to outside news. But, what the Great Cannon, the companion to the Great Firewall, does is provide the capability to intercept and tag anyone who goes to that site. It can modify content of the communication, corrupt it, or manipulate it to do things other than provide news. Ask the New York Times how that works, since they were the first detected victims. It isn't good enough to control their own news outlets; they want to try to influence all the others too.
The more secure a site - or a business- becomes, the less the Chinese like it. They have banned VPNs for business networks, exposing any communications to monitoring. that includes proprietary business plans, pricing, intellectual property, and a lot of other things businesses don't want their competitors or government to know. In this case, the Chinese government is a competitor.
By blocking BBC and a number of others doing the same thing, they indicate their willingness to monitor who gets access to outside news. But, what the Great Cannon, the companion to the Great Firewall, does is provide the capability to intercept and tag anyone who goes to that site. It can modify content of the communication, corrupt it, or manipulate it to do things other than provide news. Ask the New York Times how that works, since they were the first detected victims. It isn't good enough to control their own news outlets; they want to try to influence all the others too.
Tuesday, August 7, 2018
Killed by a Drone
We have renewed interest in drones when two of them blew up in front of the Venezuelan President Nicolás Maduro, making him look like a wimp in front of a video audience of millions. He looked panicked, not concerned. Whoever did it achieved an objective of sorts, though that objective may not have been to kill him.
Many people have been killed by drones, and we seem to forget about that when discussing drones in the commercial sense, those small ones that are controlled by one person who can see what the drones cameras sees in a very tight window of flight. U.S. drones are big, fly long ranges and strike with missiles that rarely miss once locked on. So, these are two different types of aircraft.
We have not yet done much about drones, when there is plenty that can be done. These things are line-of-sight, though manufacturers are working on some that are not. The FAA hasn't even gotten the ink dried on new regulations for drones and it will have to change with these new drones. But drone defenses are already coming along with the prototype drone that loiters looking for other drones. The Israelis have recently shot down another drone from Syria that was larger than the ones Maduro faced. Good thing for him the drones were not bigger.
This is certainly an area that cries out for study committees in the military departments that can craft defenses. We did this with IEDs and some of those efforts were very helpful. The Maduro drones were not effective, but they were a warning. The US needs to start testing some drone defenses that work before we have these things attacking all kinds of targets we wish were better protected.
Many people have been killed by drones, and we seem to forget about that when discussing drones in the commercial sense, those small ones that are controlled by one person who can see what the drones cameras sees in a very tight window of flight. U.S. drones are big, fly long ranges and strike with missiles that rarely miss once locked on. So, these are two different types of aircraft.
We have not yet done much about drones, when there is plenty that can be done. These things are line-of-sight, though manufacturers are working on some that are not. The FAA hasn't even gotten the ink dried on new regulations for drones and it will have to change with these new drones. But drone defenses are already coming along with the prototype drone that loiters looking for other drones. The Israelis have recently shot down another drone from Syria that was larger than the ones Maduro faced. Good thing for him the drones were not bigger.
This is certainly an area that cries out for study committees in the military departments that can craft defenses. We did this with IEDs and some of those efforts were very helpful. The Maduro drones were not effective, but they were a warning. The US needs to start testing some drone defenses that work before we have these things attacking all kinds of targets we wish were better protected.
A Familiar Name in an Unlikely Spot
I was doing research yesterday on the case of General James Cartwright, former Vice Chairman of the Joint Chiefs. General Cartwright pled guilty to giving Top Secret information to the New York Times, but was pardoned by President Obama. In written statements given to the court, Cartwright's lawyers said he did not give the information to the Times, but did try to stop the damage it might do. I didn't understand at the time why a person would plead guilty, then deny having done what he pled to.
I never thought Cartwright was guilty, and apparently President Obama agreed. Another person who agreed was David Sanger, one of the reporters he was supposed to have given the information to at the Times. I'm reading Sanger's book, The Perfect Weapon. Sanger tries to maintain a fiction that he pieced the whole story together from his own sources, without mentioning the Top Secret material he received from the White House. He may have been trying to protect his sources, which every good reporter should do, but a public court case makes that harder.
Along the way, I read the plea agreement between the Justice Department and Cartwright. It was the usual legal language in this type of agreement. I was looking for clues that would suggest the government knew Cartwright was not guilty but accepted his plea anyway. It was not likely there would be any such thing in the document and there wasn't.
But one thing that got my attention was the signature page where the person accepting the plea agreement for the government was Rod Rosenstein, who has been in the news quite a lot lately as the de facto lead for Justice on the Mueller Special Counsel probe of the Trump campaign et al. I started to wonder how much Rosenstein knew about the case and who actually did give that information to the Times reporter. President Obama knew that once Cartwright was pardoned, there was not likely to be much interest in the case, nor who might have given those documents to the Times. It might do a reporter some good to research the connection between the Obama White House, Cartwright, and Rosenstein. The circumstances are too much of a coincidence, and Washington hates coincidence.
I never thought Cartwright was guilty, and apparently President Obama agreed. Another person who agreed was David Sanger, one of the reporters he was supposed to have given the information to at the Times. I'm reading Sanger's book, The Perfect Weapon. Sanger tries to maintain a fiction that he pieced the whole story together from his own sources, without mentioning the Top Secret material he received from the White House. He may have been trying to protect his sources, which every good reporter should do, but a public court case makes that harder.
Along the way, I read the plea agreement between the Justice Department and Cartwright. It was the usual legal language in this type of agreement. I was looking for clues that would suggest the government knew Cartwright was not guilty but accepted his plea anyway. It was not likely there would be any such thing in the document and there wasn't.
But one thing that got my attention was the signature page where the person accepting the plea agreement for the government was Rod Rosenstein, who has been in the news quite a lot lately as the de facto lead for Justice on the Mueller Special Counsel probe of the Trump campaign et al. I started to wonder how much Rosenstein knew about the case and who actually did give that information to the Times reporter. President Obama knew that once Cartwright was pardoned, there was not likely to be much interest in the case, nor who might have given those documents to the Times. It might do a reporter some good to research the connection between the Obama White House, Cartwright, and Rosenstein. The circumstances are too much of a coincidence, and Washington hates coincidence.
Saturday, August 4, 2018
Negotiating with Hackers
Reuters has a story today on the Association of Southeast Asian Nations (ASEAN) negotiating with Russia to stop its hacking of their members. Singapore has had some high profile cases of late, including the theft of a government database with 1.5 million health records. What is odd about this is nobody has named Russia in the hacking of these records. It seems like something China would do before the Russians would do it, but since they are keeping quiet about the source of the hacking, it will be awhile before anyone knows.
Do we have any confidence that negotiating your way out of hacking will actually do any good? Only Russia and China have come to agreement on how this might benefit one another and actually signed agreements which they seem to have kept. It seems like one precedent must be political and strategic benefit to both parties. Please tell me what that benefit would be to Russia in an agreement with the ASEAN states. In my experience, negotiating with hackers is like negotiating with terrorists. The agreement works as long as the parties are both satisfied with compliance by one another.
Russia can't hack the whole world, though they have certainly tried on occasion. There is not much evidence of hacking by Russian hackers in the ASEAN states, so they are not giving up very much in agreeing to cooperate on cyber security. We can be sure they will not violate their agreements with China and would not cooperate in rooting out Chinese hackers. So, they are agreeing to do something they are not doing anyway. Do we actually believe that Russia would sign that agreement and keep it? No. Both the Russians and Chinese will sign agreements to almost anything but their signatures are usually not worth the paper they appear on. The UN is a clear example of where they both sign agreements which they violate, often before the ink is dry. But, if the ASEAN wants to feel good about signing an agreement that means nothing and won't be honored by Russia, have at it.
Do we have any confidence that negotiating your way out of hacking will actually do any good? Only Russia and China have come to agreement on how this might benefit one another and actually signed agreements which they seem to have kept. It seems like one precedent must be political and strategic benefit to both parties. Please tell me what that benefit would be to Russia in an agreement with the ASEAN states. In my experience, negotiating with hackers is like negotiating with terrorists. The agreement works as long as the parties are both satisfied with compliance by one another.
Russia can't hack the whole world, though they have certainly tried on occasion. There is not much evidence of hacking by Russian hackers in the ASEAN states, so they are not giving up very much in agreeing to cooperate on cyber security. We can be sure they will not violate their agreements with China and would not cooperate in rooting out Chinese hackers. So, they are agreeing to do something they are not doing anyway. Do we actually believe that Russia would sign that agreement and keep it? No. Both the Russians and Chinese will sign agreements to almost anything but their signatures are usually not worth the paper they appear on. The UN is a clear example of where they both sign agreements which they violate, often before the ink is dry. But, if the ASEAN wants to feel good about signing an agreement that means nothing and won't be honored by Russia, have at it.
Friday, August 3, 2018
The Fleeting Trillion Dollar Valuation
I had never seen a company go to a valuation of a trillion dollars, so I watched the progress of Apple on Fox Business. It was entertaining as it closed in, then went down, then back up - several times before it hit the magic number. For an article on how this valuation is computed, see the Wall Street Journal.
When it hit, I looked up to see how quickly it would go up after that. It was already down two points off the high, in something like a couple of seconds. This is the miracle of electronic trading. I hope these people who trade like that make lots of money, because for a human they seem to have taken all the fun out of it. Nobody gets to enjoy the moment anymore because trading is so fast, the moment is gone before you realize it was ever there.
When it hit, I looked up to see how quickly it would go up after that. It was already down two points off the high, in something like a couple of seconds. This is the miracle of electronic trading. I hope these people who trade like that make lots of money, because for a human they seem to have taken all the fun out of it. Nobody gets to enjoy the moment anymore because trading is so fast, the moment is gone before you realize it was ever there.
China's Growth Engine is Stealing Tech
In an endless stream of persons caught by law enforcement, another Chinese engineer is caught stealing technology on power turbines at GE. This one shows some tradecraft involved, i.e. the FBI indicated there were electronic devices that allowed this person to hide what he was stealing and conveying to his friends in China. The kind of devices allowed the use of steganography, putting the data in the electronic gaps of images, then sending those images to the recipient. This is the type of stuff spies do.
What is even more interesting is the FBI also seized a handbook that explains “the type of resources the government of China will give to individuals or entities who can provide certain technologies,”
So, this guy had a list of things the Chinese were willing to pay for, and how much they would be willing to provide. That no doubt included the specialized equipment that allowed the engineer to hide what he was doing. The Chinese are upping their game to steal more technology while the US is still trying to figure out how to stop it.
The odd part of this was the length of time this person was known to be taking proprietary files from GE. Security at GE discovered this the first time in 2014, and the second time in 2017. In the latter incident, he was using encryption not used at GE. After that, they started close surveillance.
The court allowed bail in this case, to a person with companies in China. Didn't anyone think he might be a flight risk?
What is even more interesting is the FBI also seized a handbook that explains “the type of resources the government of China will give to individuals or entities who can provide certain technologies,”
So, this guy had a list of things the Chinese were willing to pay for, and how much they would be willing to provide. That no doubt included the specialized equipment that allowed the engineer to hide what he was doing. The Chinese are upping their game to steal more technology while the US is still trying to figure out how to stop it.
The odd part of this was the length of time this person was known to be taking proprietary files from GE. Security at GE discovered this the first time in 2014, and the second time in 2017. In the latter incident, he was using encryption not used at GE. After that, they started close surveillance.
The court allowed bail in this case, to a person with companies in China. Didn't anyone think he might be a flight risk?
Thursday, August 2, 2018
Google Returns
Google is returning to China with a browser that will censor what the Chinese want. That has made the news in several places. What is absent from this discussion is that China did not want Google to just censor in China. Some of you remember that China asked Google to censor everywhere in the world, and that was why Google said no. China must have modified that ridiculous position and come down to earth. It is one thing to require a company to censor what its China audience sees, and another to get them to censor outside China.
Google doesn't have the resources to censor everything in China without a lot of help. Software alone can't do the job. The Chinese are too clever about getting around those kinds of controls. What software knows what a burning candle or a chair on the beach means? We shall see what China demands in the way of support for this project.
The referenced article above mentions the employees of Google being hell bent to stop working on a U.S. government AI project for drones, while teaming in China for AI in a joint lab. What do they think that AI will be used for? Now they want to go back to China and support censorship. That is not the Google most of us remember.
Google doesn't have the resources to censor everything in China without a lot of help. Software alone can't do the job. The Chinese are too clever about getting around those kinds of controls. What software knows what a burning candle or a chair on the beach means? We shall see what China demands in the way of support for this project.
The referenced article above mentions the employees of Google being hell bent to stop working on a U.S. government AI project for drones, while teaming in China for AI in a joint lab. What do they think that AI will be used for? Now they want to go back to China and support censorship. That is not the Google most of us remember.
Wednesday, August 1, 2018
Social Media Does Not Look Good in Hearings
Wired has a good article on the hearings going on right now on Russian manipulation of social media still going on today. The Russians have not stopped manipulation of US perceptions in social issues being discussed on social media. Some of their observations don't track well with what I know of Russian Intelligence Services.
It is clear Congress wants to blame the Russians for these attacks, citing the numbers and types of ads and social contacts made for the purpose of disruption more than political influence. But that may not be such a good idea, since it is unlikely that the Russians are the only ones trying to influence election results by such nefarious means. Focusing on the Russians, and the techniques used in the last election is not going to be very useful in finding and erasing similar attempts in the future. This is like fighting the next war with the methods of the previous one. As slow as the Russians have been to change their attack vectors and launch points, they will eventually get around to using something other than the Internet Research Agency to run these campaigns, and switch targets to some lesser known organizations. Facebook says they found 370 accounts from that one agency, but said little about the other two that were involved. They certainly won't pay in rubles anymore either.
Terms of Service for the social media giants did not address these types of campaigns. This is the "not my problem" solution that was adopted by television and radio before self-censorship evolved. Given the state of those two mediums today, you might not know what self-censorship is. There needs to be a lot more conversation about this because I'm not sure they are responsible for the content of their media, nor would we like the system that allowed them to control that content. This goes to Diane Feinstein's comment that if social media "doesn't control its own misuse, then we will." That is a pipe dream that looks good in a video clip but has no chance of actually happening.
What needs to be done is to allow the social media to do what they do and stop the Russians from using them to work their magic. That is a role of intelligence operation(s) that undermine the capacity and function of these social media campaigns and make them pay for their continued operations. Let social media do what they do, and intelligence services do the rest.
It is clear Congress wants to blame the Russians for these attacks, citing the numbers and types of ads and social contacts made for the purpose of disruption more than political influence. But that may not be such a good idea, since it is unlikely that the Russians are the only ones trying to influence election results by such nefarious means. Focusing on the Russians, and the techniques used in the last election is not going to be very useful in finding and erasing similar attempts in the future. This is like fighting the next war with the methods of the previous one. As slow as the Russians have been to change their attack vectors and launch points, they will eventually get around to using something other than the Internet Research Agency to run these campaigns, and switch targets to some lesser known organizations. Facebook says they found 370 accounts from that one agency, but said little about the other two that were involved. They certainly won't pay in rubles anymore either.
Terms of Service for the social media giants did not address these types of campaigns. This is the "not my problem" solution that was adopted by television and radio before self-censorship evolved. Given the state of those two mediums today, you might not know what self-censorship is. There needs to be a lot more conversation about this because I'm not sure they are responsible for the content of their media, nor would we like the system that allowed them to control that content. This goes to Diane Feinstein's comment that if social media "doesn't control its own misuse, then we will." That is a pipe dream that looks good in a video clip but has no chance of actually happening.
What needs to be done is to allow the social media to do what they do and stop the Russians from using them to work their magic. That is a role of intelligence operation(s) that undermine the capacity and function of these social media campaigns and make them pay for their continued operations. Let social media do what they do, and intelligence services do the rest.
Xi Lets up on On-Line Critics
It was a little surprising to see, but there was an article in the South China Morning Post today that said Chairman Xi gave a speech at a cyber security conference, and in it he said critics should get some slack from censors as long as the critique was "well intended". It falls at a time Xi and the Central Government were getting comments from a lot of people hurt by trade policies on both the US and Chinese side. Xi had previously said not to lay all the trade dispute problems on the US and not to mention President Trump in their criticisms.
As good as that might sound, turning China's huge censorship engine is not as easy as just talking about it. It is like a giant oil tanker that slugs along just fine until it gets near port. It needs a lot of steering help in tight quarters. It will be days before any loosening actually occurs, and weeks before there is much comment about those occurrences. Only the Chinese may notice the difference in discussions.
As good as that might sound, turning China's huge censorship engine is not as easy as just talking about it. It is like a giant oil tanker that slugs along just fine until it gets near port. It needs a lot of steering help in tight quarters. It will be days before any loosening actually occurs, and weeks before there is much comment about those occurrences. Only the Chinese may notice the difference in discussions.
Subscribe to:
Posts (Atom)