Last week, the Wall Street Journal ran a short story on the financing angle of Huawei, and it sheds some light on how it came to be that Ms Meng was charged in Canada. According to this article, she made a presentation, later used in court, to HSBC to explain a relationship with SkyCom Tech and Iranian businesses. Ms Meng had been a board member on SkyCom and said she resigned. Reuters exposed SkyCom's relationship with Iranian companies in 2013, so HSBC was slow to ask about it. The article closes with this: "U.S. authorities now allege Ms. Meng misrepresented the ties to Skycom so that Huawei could keep moving money out of countries subject to U.S. or European sanctions and into the international banking system. They say HSBC and other banks cleared hundreds of millions of dollars of transactions for Huawei that may have violated sanctions, exposing the firms to 'serious harm.'”
Banks are in a bind on this kind of thing because it involves unknown risks. They are starting to back away from Huawei as a result.
Saturday, December 29, 2018
Friday, December 28, 2018
Russia and UK Nasty War
The Russians and UK have been fighting a good bit after the Russians decided to assassinate a former spy on UK territory. This latest round had 44 reporters in Russia listed with their pictures on various public websites a week after the Russians claimed they were opening an investigation of BBC for violating "fairness standards". If the Russians have fairness standards that would be news to a lot of people.
The current tit-for-tat was started after the UK cited RT, that scrupulously unbiased Russian news agency, was cited for biased reporting on the link between Russia and the Novichok poisoning. Terresa May had already made it clear that the Russians were behind that attempt and she did not like it very much. But, with their usual tact, the Russians are going to escalate this already bad situation by making it worse. You have to love these guys.
The current tit-for-tat was started after the UK cited RT, that scrupulously unbiased Russian news agency, was cited for biased reporting on the link between Russia and the Novichok poisoning. Terresa May had already made it clear that the Russians were behind that attempt and she did not like it very much. But, with their usual tact, the Russians are going to escalate this already bad situation by making it worse. You have to love these guys.
Thursday, December 27, 2018
Huawei Says Its Equipment is Safe
In the UK, there is a nagging doubt about whether the software being lab tested is the same as the software Huawei runs in production. Huawei says it's stuff is safe to use, which is kind of like the witch telling Snow White the apple was OK to eat. Even children know there is something wrong, but they may not see the consequences.
Software is hard enough to comb through without knowing what you might be looking for. Hardware or firmware are even worse. Huawei can say it is safe and it is just like Super Micro saying their hardware is OK to use. They had a third party vendor test it after claims by Bloomberg that they were working on a problem with their supply chain. "No problems here" does not work very well with this kind of penetration.
China is willing to modify hardware and software for its domestic production, but confuses its domestic products with foreign goods shipped out. They have stolen so much software that it is very difficult to tell one modified product from a legitimate vendor's wares. Once stolen it can be modified and resold (or given away to the right people) and it will be next to impossible to tell the difference. If that was all they did, we could live with the piracy, but those modifications are doing more than that.
Software is hard enough to comb through without knowing what you might be looking for. Hardware or firmware are even worse. Huawei can say it is safe and it is just like Super Micro saying their hardware is OK to use. They had a third party vendor test it after claims by Bloomberg that they were working on a problem with their supply chain. "No problems here" does not work very well with this kind of penetration.
China is willing to modify hardware and software for its domestic production, but confuses its domestic products with foreign goods shipped out. They have stolen so much software that it is very difficult to tell one modified product from a legitimate vendor's wares. Once stolen it can be modified and resold (or given away to the right people) and it will be next to impossible to tell the difference. If that was all they did, we could live with the piracy, but those modifications are doing more than that.
Falling Out of Favor in China
Falling out of favor in China is not like falling out of favor in some other countries. The Deputy Chief of the Ministry for State Security, Ma Jian, is now out of favor and in jail. He is supposed to have done insider trading and bribery which are easy charges to bring in a country that still thrives on "facilitation payments" that are just bribes by a different name. Anyone can be convicted, just about any time the mood strikes.
It seems like the Deputy did not insulate himself from this kind of treatment by storing away some intelligence of his own on the business dealings of his friends at the top. There was certainly enough to be had on all of them. It is like insurance. You will be sorry you had none if the tsunami hits, but that usually happens to somebody else.
It seems like the Deputy did not insulate himself from this kind of treatment by storing away some intelligence of his own on the business dealings of his friends at the top. There was certainly enough to be had on all of them. It is like insurance. You will be sorry you had none if the tsunami hits, but that usually happens to somebody else.
Wednesday, December 26, 2018
Press Reciprocity with China
There was a good piece in the Wall Street Journal before Christmas that told an interesting, and well documented, story about how China controls the press in China but the US does not control theirs. We know it, of course, but this story is well told. Foreign journalists are harassed, manipulated, restricted, and boxed in over the most trivial of subjects, while the US allows Chinese journalists to operate almost as if they were US journalists. The point was there is no reciprocity with treatment of journalists by China.
China is not exactly a beat I would want. They only want good news coming out and they will take all accounts into their country. They use elaborate technical means to harass media outlets, filter their results in search engines, sabotage the content of websites, misdirect readers to other servers. This is the Great Cannon turned loose on the press of the world. But the one thing this article has missed is the ability and willingness of China to influence the content of media that is not directed at China.
The Chinese are influencing press reports, media stories, and independent publications that are contrary to their own opinions. That is what concerned me about Google's foray into the browser filtering business in China. They are not content to limit access to their own country's citizens; they want to limit access to the world. That was their first disagreement with Google, when the Chinese wanted Google to limit access to everyone, not just Chinese citizens. That was the old Google and the results were predictable. We might wonder how that same argument might turn out today.
We get a lot of news via social media. Outside of China, there is not much filtering of news. But inside China there is one additional step that helps their censorship - China stole the social media platforms and used that software to filter content. The engine becomes the vehicle for censorship, much like the project Google said it was working on for China. So, we can pretend that it is just an issue of reciprocity for the press, but there is much more to it than that. Even with the same treatment of journalists, China would still be far ahead in the dissemination of news because they control the medium.
China is not exactly a beat I would want. They only want good news coming out and they will take all accounts into their country. They use elaborate technical means to harass media outlets, filter their results in search engines, sabotage the content of websites, misdirect readers to other servers. This is the Great Cannon turned loose on the press of the world. But the one thing this article has missed is the ability and willingness of China to influence the content of media that is not directed at China.
The Chinese are influencing press reports, media stories, and independent publications that are contrary to their own opinions. That is what concerned me about Google's foray into the browser filtering business in China. They are not content to limit access to their own country's citizens; they want to limit access to the world. That was their first disagreement with Google, when the Chinese wanted Google to limit access to everyone, not just Chinese citizens. That was the old Google and the results were predictable. We might wonder how that same argument might turn out today.
We get a lot of news via social media. Outside of China, there is not much filtering of news. But inside China there is one additional step that helps their censorship - China stole the social media platforms and used that software to filter content. The engine becomes the vehicle for censorship, much like the project Google said it was working on for China. So, we can pretend that it is just an issue of reciprocity for the press, but there is much more to it than that. Even with the same treatment of journalists, China would still be far ahead in the dissemination of news because they control the medium.
Saturday, December 22, 2018
Who Colluded with China and Iran?
Russia, China and Iran tried to influence the US election in 2016. The comment was made by the Director of National Intelligence last week, and was hardly news to anyone that follows this kind of thing. However, the whole thrust of the investigation into the goings-on during the election center around Russian involvement, with the Mueller probe being tasked to investigate collusion between Russia and the Trump campaign. You can see why the President sees this as a "witch hunt" when it is not a very broad or deep investigation of anything related to collusion with Russia, and Russia was not the only country involved.
So, we might ask ourselves who was colluding with China and Iran? Maybe there was no more collusion there than with the Russians, or maybe there was. Either way, we don't seem to be investigating that at all. The Chinese were involved with several local campaigns for office contributing money and getting caught at it. Terry McAulliffe, Virginia's own governor at the time was up to his neck in Chinese money, and he wasn't the only one.
So, we might ask ourselves who was colluding with China and Iran? Maybe there was no more collusion there than with the Russians, or maybe there was. Either way, we don't seem to be investigating that at all. The Chinese were involved with several local campaigns for office contributing money and getting caught at it. Terry McAulliffe, Virginia's own governor at the time was up to his neck in Chinese money, and he wasn't the only one.
Friday, December 21, 2018
Charging Chinese is Curious
Well, the Justice Department a couple of weeks ago said it would name Chinese spying on US industries and government offices. They finally did. They named two - out of the thousands that are hacking - so I hope the Justice Department doesn't feel good about what it did. The Chinese response was “With Washington favoring a confrontational approach aimed at maintaining its hegemony rather than a cooperative one for the common good, Beijing will have to be prepared to stand its ground and respond as necessary to safeguard its core interests.” Reuters carries a story that describes a more detailed response by China.
The Wall Street Journal, among other press outlets, says the Chinese were burrowing into the networks of service providers IBM and HP Enterprise, using those penetrations to get to their clients. That part isn't new since hackers used maintenance accounts to get into businesses for many years. That is what remote maintenance gets you. The charges brought comment from IBM that they had no evidence that any customer information was stolen. You can bet the FBI does,and you can bet IBM knows it. They couldn't name these individuals unless they had the grounds to go to court, so you can be sure there is a mountain of evidence of what they were doing. The clients of both companies are probably asking how such a thing could happen when both promise security in their offerings.
What this points to is the depth of China's effort to steal and use technology to better themselves. They believe that if we don't protect our information, we deserve to lose it. They are partially right about that part. Charging these two is a small drop in the bucket of hacking, and probably not the best way to disrupt the Chinese operations. It is like the Chinese charging someone from the FBI for spying on their diplomats who are hacking. The FBI could care less if they do. The Chinese will not care much about this case either. It causes them no pain. For that reason alone, it is curious.
The Wall Street Journal, among other press outlets, says the Chinese were burrowing into the networks of service providers IBM and HP Enterprise, using those penetrations to get to their clients. That part isn't new since hackers used maintenance accounts to get into businesses for many years. That is what remote maintenance gets you. The charges brought comment from IBM that they had no evidence that any customer information was stolen. You can bet the FBI does,and you can bet IBM knows it. They couldn't name these individuals unless they had the grounds to go to court, so you can be sure there is a mountain of evidence of what they were doing. The clients of both companies are probably asking how such a thing could happen when both promise security in their offerings.
What this points to is the depth of China's effort to steal and use technology to better themselves. They believe that if we don't protect our information, we deserve to lose it. They are partially right about that part. Charging these two is a small drop in the bucket of hacking, and probably not the best way to disrupt the Chinese operations. It is like the Chinese charging someone from the FBI for spying on their diplomats who are hacking. The FBI could care less if they do. The Chinese will not care much about this case either. It causes them no pain. For that reason alone, it is curious.
Thursday, December 20, 2018
Retaliate Against China
I used to have a lot of dealings with the government of Canada and they don't deserve what they are getting from the Chinese. Two stories today, one from NPR and one from the Wall Street Journal help to better understand why China is detaining Canadians as a way of retaliation against Canada for holding a Huawei official who probably deserved holding. Canada honored a reciprocal agreement with the US on this and China, who rarely cooperates with anyone on warrants, cannot understand why. That part is long over and China has gone beyond the original case. When retaliation comes, there should be some response.
If it were me, every time a Canadian national was detained during this little crisis, I would return one Chinese diplomat to China. Give instructions that when the Canadian is released, the diplomat can return. Pick the spies first - they know which ones are spies - so there is a real gaming outcome.
The Chinese are outlaws when it comes to international justice standards of conduct. They steal technology, take over territories that are not theirs, use their business entities to spy (which is what started all this) give intelligence collected by their services and military to their businesses to better compete, thumb their noses at the WTO and trade agreements with anyone. Yet, we continue to play by the rules when we respond. The Canadians are cool and calm on the outside, but I have been in meetings with them when they told us what was going on on their insides. Watch out China.
If it were me, every time a Canadian national was detained during this little crisis, I would return one Chinese diplomat to China. Give instructions that when the Canadian is released, the diplomat can return. Pick the spies first - they know which ones are spies - so there is a real gaming outcome.
The Chinese are outlaws when it comes to international justice standards of conduct. They steal technology, take over territories that are not theirs, use their business entities to spy (which is what started all this) give intelligence collected by their services and military to their businesses to better compete, thumb their noses at the WTO and trade agreements with anyone. Yet, we continue to play by the rules when we respond. The Canadians are cool and calm on the outside, but I have been in meetings with them when they told us what was going on on their insides. Watch out China.
Wednesday, December 19, 2018
Turkey Awash in Anti-Air
It seems that the Russians and Americans both want to sell Turkey anti-air weapons. The Russians remain on target to deliver the S-400 which is a well-respected weapon that not just Turkey is buying. The US has finally gotten around to authorizing the $3.5 billion sale of the Patriot to Turkey. The argument for the Patriot is that it is more compatible with NATO weaponry, not that it is technically superior. Turkey passed on the Patriot twice before though that may be as much because they couldn't be assured of getting the Patriot, or the version they wanted.
So, we have to wonder why Turkey needs this amount of anti-air and missile capability. They certainly don't need S-400s and Patriots too. The amount of equipment they are buying with the Patriot could make Turkey safe from what? Are they expecting an attack from Syria? Jordan? The Kurds have no aircraft and not much defense against air attack. So, who is Turkey worried about?
So, we have to wonder why Turkey needs this amount of anti-air and missile capability. They certainly don't need S-400s and Patriots too. The amount of equipment they are buying with the Patriot could make Turkey safe from what? Are they expecting an attack from Syria? Jordan? The Kurds have no aircraft and not much defense against air attack. So, who is Turkey worried about?
Tuesday, December 18, 2018
How Good is Propaganda?
In the previous post today, discussing the social media under-reporting of Russian involvement in the 2016 US election, there was a reference to a New York Times article on the images and messages the Russians used. I had forgotten about it, but it is nice to look at it in context.
Years ago, I had worked on some research in the use of computer images to influence users for advertising or persuasion, and this article reminded me of the outcome of some of that research. The messages were interesting to a lot of users, but many of them did not motivate them to actually do what was intended. They looked at them, but didn't take any action as a result. Sometimes, we take the numbers of views as the amount of action taken by the viewers when that may not be a good caparison. Sometimes, images and messages can get a person who was predisposed to doing something to actually do it, but many more times it does not work.
I went back to an article I saw earlier this year on getting views on Google. and it made more sense in this context. It is possible to drive views using various techniques but it is not as easy to get action from those views. Back in college I wanted to be a Marketing person (for my undergraduate years) where messaging really matters. You have to get people to buy your product, not just enjoy the commercial. Yet, most people cannot even remember the name of the product when the commercial is over. They really don't care if you drink that beer, but they do care that you buy it. I think the Russians are doing the same thing with the idea that their campaign is successful if lots of people view their images and messages.
A lot of that comes from thinking the American public are a bunch of ignorant yokels. Hillary Clinton called a bunch of them "deplorables" and suffered for it. If you look at the images and messages in the New York Times article, you find very little action being proposed. In only a few of these cases was there any demonstrations or money raising campaigns that came from anything the Russians did. The Democrats in this country seem to believe the Russians helped throw the election to President Trump, but if you look at those messaging techniques, it seems unlikely that they produced any outcome like that.
Years ago, I had worked on some research in the use of computer images to influence users for advertising or persuasion, and this article reminded me of the outcome of some of that research. The messages were interesting to a lot of users, but many of them did not motivate them to actually do what was intended. They looked at them, but didn't take any action as a result. Sometimes, we take the numbers of views as the amount of action taken by the viewers when that may not be a good caparison. Sometimes, images and messages can get a person who was predisposed to doing something to actually do it, but many more times it does not work.
I went back to an article I saw earlier this year on getting views on Google. and it made more sense in this context. It is possible to drive views using various techniques but it is not as easy to get action from those views. Back in college I wanted to be a Marketing person (for my undergraduate years) where messaging really matters. You have to get people to buy your product, not just enjoy the commercial. Yet, most people cannot even remember the name of the product when the commercial is over. They really don't care if you drink that beer, but they do care that you buy it. I think the Russians are doing the same thing with the idea that their campaign is successful if lots of people view their images and messages.
A lot of that comes from thinking the American public are a bunch of ignorant yokels. Hillary Clinton called a bunch of them "deplorables" and suffered for it. If you look at the images and messages in the New York Times article, you find very little action being proposed. In only a few of these cases was there any demonstrations or money raising campaigns that came from anything the Russians did. The Democrats in this country seem to believe the Russians helped throw the election to President Trump, but if you look at those messaging techniques, it seems unlikely that they produced any outcome like that.
Russian Interference in US Election
There is quite a bit of coverage of a report given to the Senate Intelligence Committee by a company called New Knowledge. Their report , which is really a white paper, does not highlight the data most often quoted i.e. this one small part:
"None of the platforms (Twitter, Facebook, and Alphabet) appears to have turned over complete sets of related data to SSCI. Some of what was turned over was in PDF form; other data sets contained extensive duplicates. Each lacked core components that would have provided a fuller and more actionable picture. For example:
-The platforms didn’t include methodology for identifying the accounts; we are assuming the provenance and attribution is sound for the purposes of this analysis.
-They didn’t include anonymized user comments, eliminating a key path to gauge impact.
-They didn’t include any conversion pathway data to elucidate how individuals came to follow the accounts, eliminating another key path to gauge impact.
-There was minimal metadata."
This is not exactly news, since it has been around for over a year, and may be the reason New Knowledge did not emphasize it more. What is different is the breadth and depth of the new information. New Knowledge had access to other relevant data from other than the main social media platforms (e.g. Tumblr and others) that showed the wide swath of areas the Russians were influencing and the numbers of messages and images they managed to disseminate. It is a bigger story than what the social media may have withheld.
I have said all along that the social media giants were under reporting and misreporting the Russian effort by looking for accounts paid for in rubles or with IPs in Russia. Anybody who knows this kind of work would know that was not going to disclose the scope of the effort.
"None of the platforms (Twitter, Facebook, and Alphabet) appears to have turned over complete sets of related data to SSCI. Some of what was turned over was in PDF form; other data sets contained extensive duplicates. Each lacked core components that would have provided a fuller and more actionable picture. For example:
-The platforms didn’t include methodology for identifying the accounts; we are assuming the provenance and attribution is sound for the purposes of this analysis.
-They didn’t include anonymized user comments, eliminating a key path to gauge impact.
-They didn’t include any conversion pathway data to elucidate how individuals came to follow the accounts, eliminating another key path to gauge impact.
-There was minimal metadata."
This is not exactly news, since it has been around for over a year, and may be the reason New Knowledge did not emphasize it more. What is different is the breadth and depth of the new information. New Knowledge had access to other relevant data from other than the main social media platforms (e.g. Tumblr and others) that showed the wide swath of areas the Russians were influencing and the numbers of messages and images they managed to disseminate. It is a bigger story than what the social media may have withheld.
I have said all along that the social media giants were under reporting and misreporting the Russian effort by looking for accounts paid for in rubles or with IPs in Russia. Anybody who knows this kind of work would know that was not going to disclose the scope of the effort.
Saturday, December 15, 2018
Navy Admits Contractors were Hacked
Well, we have an admission by the Navy that says some of its contractors were hacked and whoever hacked them got classified information. I would like to believe that was not true because I spent so many years doing Industrial Security in some of those same facilities.
First, for a better understanding of what Industrial Security is see Protecting Classified Information in Industry. Getting classified information from these small contractors (I really doubt that they were small) should never be able to happen. The systems have to be approved by the government and managed by rules that should be sufficient to keep classified information out of the hands of the Chinese.
Years ago, the Chinese were said to be working on air gaps (I think it was Ars Technica that carried the article), and at the time most of the press that covered it had no idea why they were trying to develop ways to get past systems that were not connected to the Internet. My guess is they have perfected those techniques and the Defense Security Service which does this kind of security, has not done much about it. They need to get their act together. Encryption of classified systems is surely required if this has been happening.
First, for a better understanding of what Industrial Security is see Protecting Classified Information in Industry. Getting classified information from these small contractors (I really doubt that they were small) should never be able to happen. The systems have to be approved by the government and managed by rules that should be sufficient to keep classified information out of the hands of the Chinese.
Years ago, the Chinese were said to be working on air gaps (I think it was Ars Technica that carried the article), and at the time most of the press that covered it had no idea why they were trying to develop ways to get past systems that were not connected to the Internet. My guess is they have perfected those techniques and the Defense Security Service which does this kind of security, has not done much about it. They need to get their act together. Encryption of classified systems is surely required if this has been happening.
France Looks for Russians Influence in Yellow Vest
France is smart to look into the kinds of influence campaign the Russians are running all around them, because it most likely will be in France as well. Let's face it, the Russians have not left very many stones unturned in Europe or the US. They are spending relatively small amounts of money and getting a nice gain in disruption of other country's politics. What they sow is instability and doubt about political institutions. I hope the French find what they are looking for because it is undoubtedly there. The Russians deny doing anything of the sort, but the difference is now that few countries believe them and will hold them responsible even if they didn't. This is the kind of campaign that makes people suspicious their political leaders, when they should be suspicious of the Russians.
Thursday, December 13, 2018
Turkey Steps into Dark Territory
Turkey said it is about to go into the area east of the Euphrates river in Syria and try to run the Kurds out of that land. Typical of the way the Turks have been doing press releases, it appears in almost any news outlet that will publish the story, so there is no end of interpretation about this move. Russia is happy to have Turkey help them out there.
To see where this is and how it affects the local people, the New York Times ran a good piece in August that has maps and good photos. Their slant was the Kurds are still there because they have US help in removing ISIS.
In the past, countries have used the Kurds as fighters and then abandoned them to their enemies. They want their own territory and they have it now so they don't want to give it up. They just don't have the firepower to stay there without help.
Turkey went into the northern areas a few months ago and they made many families move after they got in. The Kurds are not going to be able to fight Turkey alone, and the US is not going to start a war with Turkey over some fighters in Syria. So, Turkey will end up taking some of that territory, and making many enemies of the Kurds. That will become a self-fulfilling prophecy. Turkey sees these groups as terrorists. If they are driven out of their territory, they will have few options to make a homeland for themselves. They will fight.
To see where this is and how it affects the local people, the New York Times ran a good piece in August that has maps and good photos. Their slant was the Kurds are still there because they have US help in removing ISIS.
In the past, countries have used the Kurds as fighters and then abandoned them to their enemies. They want their own territory and they have it now so they don't want to give it up. They just don't have the firepower to stay there without help.
Turkey went into the northern areas a few months ago and they made many families move after they got in. The Kurds are not going to be able to fight Turkey alone, and the US is not going to start a war with Turkey over some fighters in Syria. So, Turkey will end up taking some of that territory, and making many enemies of the Kurds. That will become a self-fulfilling prophecy. Turkey sees these groups as terrorists. If they are driven out of their territory, they will have few options to make a homeland for themselves. They will fight.
Wednesday, December 12, 2018
Super Micro Claims No Hardware Modified
In a story carried by multiple news outlets Super Micro said it had some production versions of its servers examined by a third party vendor which proclaimed that there was no hardware added to the motherboard. Of course, that is what everyone expected, so it would not come as a surprise. You remember that Bloomberg reported twice some stories that suggested China's intelligence services had planted something in the servers, widely used by some big cloud companies. None of them wanted to hear that their servers had been compromised, especially by the Chinese.
We will never know the truth of any of this, either Bloomberg's version or the vendors affected and Super Micro. Neither have we seen a lawsuit against Bloomberg. That should say a lot. None of these vendors want to go into court with any possibility of "reasonable doubt" coming out at trial. I think all of them are wrong.
First of all, this should never have gotten to Bloomberg to make a story. It would have been very sensitive information and known only to a hand-full of people anywhere. Second, there are secrets that are made to be kept, something both business and government know. The companies involved should have said nothing and the story would have gone away. Instead, they went to the trouble of making public comments on it and suggesting Bloomberg withdraw the story. Bloomberg stuck to its guns and published more. That doesn't sound like an unfounded story.
Let's assume instead that the story Bloomberg published was accurate and somebody really did think Super Micro's hardware was compromised by having additional chips inserted in it. It isn't something a vendor could do much about. It would be hard to detect. All the truth would show is that we have something nobody wants in those computers and we can't really do anything about it until those servers are replaced. This is a major supply chain problem that won't go away because so much network equipment is made in China and China is not shy about putting software and hardware monitors in equipment used in China. They may have learned from that how effective that can be for other purposes.
The solution is to make equipment somewhere other than China, seal the hardware and use US components for maintenance. If the Chinese really did what they are accused of, we are not going to get out of it very soon. In the meantime do something to stop them from exploiting the device they put into the motherboards - if they did that. If not, sue Bloomberg.
We will never know the truth of any of this, either Bloomberg's version or the vendors affected and Super Micro. Neither have we seen a lawsuit against Bloomberg. That should say a lot. None of these vendors want to go into court with any possibility of "reasonable doubt" coming out at trial. I think all of them are wrong.
First of all, this should never have gotten to Bloomberg to make a story. It would have been very sensitive information and known only to a hand-full of people anywhere. Second, there are secrets that are made to be kept, something both business and government know. The companies involved should have said nothing and the story would have gone away. Instead, they went to the trouble of making public comments on it and suggesting Bloomberg withdraw the story. Bloomberg stuck to its guns and published more. That doesn't sound like an unfounded story.
Let's assume instead that the story Bloomberg published was accurate and somebody really did think Super Micro's hardware was compromised by having additional chips inserted in it. It isn't something a vendor could do much about. It would be hard to detect. All the truth would show is that we have something nobody wants in those computers and we can't really do anything about it until those servers are replaced. This is a major supply chain problem that won't go away because so much network equipment is made in China and China is not shy about putting software and hardware monitors in equipment used in China. They may have learned from that how effective that can be for other purposes.
The solution is to make equipment somewhere other than China, seal the hardware and use US components for maintenance. If the Chinese really did what they are accused of, we are not going to get out of it very soon. In the meantime do something to stop them from exploiting the device they put into the motherboards - if they did that. If not, sue Bloomberg.
Tuesday, December 11, 2018
Are Those Tennis Shoes Made In Vietnam?
The answer is - sort of, but yes.
So, I was sitting in a business office today talking to a Vietnamese woman who asked me what I did. I told her I wrote books, some on China, and she went completely out of character for a few minutes about how the Chinese were “buying up her country” and taking jobs that rightly belonged to her family. There were “economic zones up and down the coast” made possible by the “greasing of palms” of a few high level officials in the capital. She said if you look at the map it is mostly red along the coastal areas and Vietnamese were not even allowed to go into those areas. She said the Chinese came and went as they wished and did not require a passports to get in. She was really hot about this.
A little Internet examination showed exactly what she was talking about, and made me think about those Vietnamese tennis shoes I bought. They might well have been made in a place where there were no Vietnamese at all, and the trade deficit might be worse than we think.
It seems that more than this woman are upset. Over 100 protesters were arrested over this same thing in June of this year. China registered a complaint with Vietnam, pointing no doubt at those palms that were greased. We paid you, now take care of this. People don't protest in Vietnam very often so they must have been equally upset by this.
The press has little to no coverage of the China methodology of starting economic zones in other countries, then populating them with Chinese who get to use them so they can call their steel and trade goods "Made in...." where ever. Very cute, but China is not the only ones doing it. Mexico has managed to put together trade agreements for a substantial part of Latin America - where China is rapidly making inroads. Mexico also held Chinese aluminum for transhipment as Mexican origin aluminum. The US actually considered rewriting NAFTA way before this administration got around to doing it, mostly because Mexico was using these zones to work around it. Is anyone playing by the rules in trade, or are there no rules?
So, I was sitting in a business office today talking to a Vietnamese woman who asked me what I did. I told her I wrote books, some on China, and she went completely out of character for a few minutes about how the Chinese were “buying up her country” and taking jobs that rightly belonged to her family. There were “economic zones up and down the coast” made possible by the “greasing of palms” of a few high level officials in the capital. She said if you look at the map it is mostly red along the coastal areas and Vietnamese were not even allowed to go into those areas. She said the Chinese came and went as they wished and did not require a passports to get in. She was really hot about this.
A little Internet examination showed exactly what she was talking about, and made me think about those Vietnamese tennis shoes I bought. They might well have been made in a place where there were no Vietnamese at all, and the trade deficit might be worse than we think.
It seems that more than this woman are upset. Over 100 protesters were arrested over this same thing in June of this year. China registered a complaint with Vietnam, pointing no doubt at those palms that were greased. We paid you, now take care of this. People don't protest in Vietnam very often so they must have been equally upset by this.
The press has little to no coverage of the China methodology of starting economic zones in other countries, then populating them with Chinese who get to use them so they can call their steel and trade goods "Made in...." where ever. Very cute, but China is not the only ones doing it. Mexico has managed to put together trade agreements for a substantial part of Latin America - where China is rapidly making inroads. Mexico also held Chinese aluminum for transhipment as Mexican origin aluminum. The US actually considered rewriting NAFTA way before this administration got around to doing it, mostly because Mexico was using these zones to work around it. Is anyone playing by the rules in trade, or are there no rules?
Chinese Hackers About to be Named
The Justice Department is apparently not involved in the trade negotiations with China and has arrested the CFO of Huawei, a less than delicate move that seems to work to reverse progress. This is not really related to trade per se, but there is going to be more if we can believe the Wall Street Journal yesterday. This is part of a series of very serious break-ins by APT 10, FireEye says. "They have historically targeted construction and engineering, aerospace, and telecom firms, and governments in the United States, Europe, and Japan. We believe that the targeting of these industries has been in support of Chinese national security goals, including acquiring valuable military and intelligence information as well as the theft of confidential business data to support Chinese corporations. PwC and BAE recently issued a joint blog detailing extensive APT10 activity."
The WSJ article says there is no relationship between Huawei and this case, but they are missing the whole concept of Chinese intelligence collection to say that. There is no direct relationship. The Chinese are using infrastructure equipment to collect and route that traffic back to China. They won't have to hack directly to do that. They can pull that traffic in and analyze it afterwords without the subject knowing they have been hacked. They have lower exposure to getting caught.
Over the past several months there has been quite a bit of reporting on various aspects of Chinese activities. That finally has led to bringing actual charges against named individuals. We shall see if the two cases are really not related when the evidence starts to be presented. That is why you usually don't prosecute cases like this in court. It exposes too much of the sources and methods involved in exposing the people being prosecuted. It makes no sense. It benefits the Chinese more than the US.
The WSJ article says there is no relationship between Huawei and this case, but they are missing the whole concept of Chinese intelligence collection to say that. There is no direct relationship. The Chinese are using infrastructure equipment to collect and route that traffic back to China. They won't have to hack directly to do that. They can pull that traffic in and analyze it afterwords without the subject knowing they have been hacked. They have lower exposure to getting caught.
Over the past several months there has been quite a bit of reporting on various aspects of Chinese activities. That finally has led to bringing actual charges against named individuals. We shall see if the two cases are really not related when the evidence starts to be presented. That is why you usually don't prosecute cases like this in court. It exposes too much of the sources and methods involved in exposing the people being prosecuted. It makes no sense. It benefits the Chinese more than the US.
Google + going away sooner
It seems Google + will be going away four months sooner than expected. Any day now, the feed from Blogger will cease. For this blog see https://dennispoindexter.blogspot.com/
Monday, December 10, 2018
Russian Fertile Ground
The Russians have been accused of messing with Brexit, undermining the regime of Angela Merkel, helping the trouble-makers (who we don't know) in France, and trying to influence various factions in the United States. Their Information Warfare campaigns are popular and working better than we may be aware. Look around. Brexit is getting worse; Merkel is losing out in her own country; France is having another go around with the yellow vests; the US is still working on impeaching a President and love talking about it whether there is anything to impeach him on or not.
If we think the Russians have stopped, we are undoubtedly wrong. Looking for signs of Russian involvement in these issues is well worth the time of our politicians - who seem to be concentrating on hacking each other to death than dealing the the Russian interference. It is stupid. The Intelligence Services of these respective countries need to concentrate more on getting the disinformation portion of these activities stopped.
If we think the Russians have stopped, we are undoubtedly wrong. Looking for signs of Russian involvement in these issues is well worth the time of our politicians - who seem to be concentrating on hacking each other to death than dealing the the Russian interference. It is stupid. The Intelligence Services of these respective countries need to concentrate more on getting the disinformation portion of these activities stopped.
Saturday, December 8, 2018
The New Huawei Story
Jay Greene in the Wall Street Journal has a story on the new Huawei story, only slightly different from the first one. It seems to be related to the relationship between Huawei and a lone company Skycom Tech is at issue. Did they own it or not? Before you read the rest of this, read this analysis of how to set up a front company to sell to Iran published in 2016.
SkyCom Tech operated in Iran (there are a lot of companies with SkyCom or some variation in their names) and Huawei claims Skycom Tech was not owned by them. This is a question of fact which should be easy to prove one way or another. Except as the diagram in the article from 2016 shows, the lineage of a front company is constructed to not identify the beneficial owner of the company. Remember that the instructions ZTE used to avoid getting caught by US authorities was used by more than one Chinese company, and Huawei was widely reported as being one of them. I suspect there will be many instances shown in court that can identify the owner of the company. Juries are not as stupid as many attorneys think.
Also, the case with Iran is enough to charge a Huawei official but, the documents show there were sales by ZTE and another company to Iran, Sudan, North Korea, Syria and Cuba all of which have some sanctions. This will only be the beginning. Tracing this kind of activity is slow, tedious work but it looks like it has finally found some things that will be good enough in court.
SkyCom Tech operated in Iran (there are a lot of companies with SkyCom or some variation in their names) and Huawei claims Skycom Tech was not owned by them. This is a question of fact which should be easy to prove one way or another. Except as the diagram in the article from 2016 shows, the lineage of a front company is constructed to not identify the beneficial owner of the company. Remember that the instructions ZTE used to avoid getting caught by US authorities was used by more than one Chinese company, and Huawei was widely reported as being one of them. I suspect there will be many instances shown in court that can identify the owner of the company. Juries are not as stupid as many attorneys think.
Also, the case with Iran is enough to charge a Huawei official but, the documents show there were sales by ZTE and another company to Iran, Sudan, North Korea, Syria and Cuba all of which have some sanctions. This will only be the beginning. Tracing this kind of activity is slow, tedious work but it looks like it has finally found some things that will be good enough in court.
Wednesday, December 5, 2018
Huawei's Sanction Violations with Iran
Well, it has certainly taken a long time for the Justice Department to catch up with Huawei. You will remember that the Iran sanctions violations were first discovered in 2016. In that case, ZTE directions for avoiding US sanctions were published along with the sanctions. I had more information on this in my last book.
For reasons we will never know, the Trump Administration let ZTE off the hook because "too many Chinese jobs would be lost", an interesting reason if I ever heard one. ZTE has long settled on that case, but there was more than one company involved and the Obama Administration never named the second one. It was always thought to be Huawei.
Now there is something going on. As described in the Wall Street Journal, the CFO of Huawei has been arrested in Canada on a request from the USA. It appears Iran had business deals that used Iranian employees to cover some of the movements. ZTE had similar business dealings that led to their sanctions. It takes forever to get the Justice Department involved, but once they do there is enough there to get the case to court. This will be high drama because of the front companies, slight of hand, and financial deals that cloud this whole thing. But, it will be fun to watch.
Today, there seems to be a lot of concern over the effect of this arrest in the midst of trade negotiations. I doubt that it will be any impact. Law Enforcement has to arrest a person when they can reasonably believe that person will be available for extradition, generally true with Canada. Had she been in Moscow, it probably wouldn't have happened. It took weeks for the Administration to decide ZTE would be hurt (Xi would be hurt by this because he was tied closely to ZTE) and let them go. This will work out the same.
For reasons we will never know, the Trump Administration let ZTE off the hook because "too many Chinese jobs would be lost", an interesting reason if I ever heard one. ZTE has long settled on that case, but there was more than one company involved and the Obama Administration never named the second one. It was always thought to be Huawei.
Now there is something going on. As described in the Wall Street Journal, the CFO of Huawei has been arrested in Canada on a request from the USA. It appears Iran had business deals that used Iranian employees to cover some of the movements. ZTE had similar business dealings that led to their sanctions. It takes forever to get the Justice Department involved, but once they do there is enough there to get the case to court. This will be high drama because of the front companies, slight of hand, and financial deals that cloud this whole thing. But, it will be fun to watch.
Today, there seems to be a lot of concern over the effect of this arrest in the midst of trade negotiations. I doubt that it will be any impact. Law Enforcement has to arrest a person when they can reasonably believe that person will be available for extradition, generally true with Canada. Had she been in Moscow, it probably wouldn't have happened. It took weeks for the Administration to decide ZTE would be hurt (Xi would be hurt by this because he was tied closely to ZTE) and let them go. This will work out the same.
Boeing Needs FOCI Lessons
The story in the Wall Street Journal today describes how the Chinese are buying into space technology in ways that are supposed to be prohibited. They are using financing of space programs like satellites to get into these most sensitive of activities going on in our national security.
The whole area is called Foreign Ownership Control and Influence (FOCI) and Boeing knows what that is and how it applies to this kind of situation. The Industrial Security people in government should be all over this and should have known about it before it got this far. They are relying on self-reporting and they need to do research instead.
The whole area is called Foreign Ownership Control and Influence (FOCI) and Boeing knows what that is and how it applies to this kind of situation. The Industrial Security people in government should be all over this and should have known about it before it got this far. They are relying on self-reporting and they need to do research instead.
Justice for EB-5 Program
The Wall Street Journal today has a story on the slow loss of interest by Chinese, who were the major beneficiaries of this program to grant legal immigration status to people who put money into US programs. It had a good intent, but quickly became a boondoggle for a large group of people who were buying their residency at the expense of all the others who couldn't afford it. They can then use their status to sponsor others to come to the US.
Now Congress is about to limit this largess and crack down on some of the abusers, mostly in New York, California and Texas. The Chinese are not very interested since it is taking a long time (up to 14 years) to get a US visa. Applications went from 4000+ to 617 this year. Good. This is selling legal status to the rich and must have made people in other countries wonder what we were doing.
Now Congress is about to limit this largess and crack down on some of the abusers, mostly in New York, California and Texas. The Chinese are not very interested since it is taking a long time (up to 14 years) to get a US visa. Applications went from 4000+ to 617 this year. Good. This is selling legal status to the rich and must have made people in other countries wonder what we were doing.
Facial Recognition and Privacy
I always have trouble with the Privacy advocates when they start trying to protect something that is public. More so than fingerprints, facial features are shown anytime we step outside the door. Apple captures them to open a door to their iPhones. How can it be that privacy applies to something that is part of our physical makeup?
You can, as the paparazzi do all the time, take pictures of the most intimate moments of a superstar's life because those images belong to the collector of them. If someone comes along while I stand outside of a political meeting of my friends takes a picture of us, that picture does not belong to me. It does make me uncomfortable, because it feels like I'm being spied upon. Those people can buy facial recognition software and do their own identification, just like the Chinese do almost everywhere you walk there, when you buy something expensive, or when you go a train to someplace you aren't supposed to go. It isn't facial recognition that is the problem with privacy, it is the use of that technology to do things other than identify a person.
You can, as the paparazzi do all the time, take pictures of the most intimate moments of a superstar's life because those images belong to the collector of them. If someone comes along while I stand outside of a political meeting of my friends takes a picture of us, that picture does not belong to me. It does make me uncomfortable, because it feels like I'm being spied upon. Those people can buy facial recognition software and do their own identification, just like the Chinese do almost everywhere you walk there, when you buy something expensive, or when you go a train to someplace you aren't supposed to go. It isn't facial recognition that is the problem with privacy, it is the use of that technology to do things other than identify a person.
Tuesday, December 4, 2018
No Evidence of Election Fraud in the US
In case you have heard that there is no evidence of election fraud in the US, you can read about this case in Philadelphia where some people were indicted for just that. It sounds like a script from a TV series and not an actual case against the real world.
The real crime here is in dragging this out for six years since the event actually occurred. The Justice Department works slow, but this is even slower than its normal pace. The payoffs occurred in 2012.
The real crime here is in dragging this out for six years since the event actually occurred. The Justice Department works slow, but this is even slower than its normal pace. The payoffs occurred in 2012.
UK Warns Russia on Interference
In what is a direct comment from the head of MI-6 in the UK, which itself is unusual, Director Alex Younger made some pointed remarks about the things Russia is doing in the UK, and says they will make Russia pay for its activities. Of course, he focuses on the GRU which managed to stir up enough conflict for the next 50 years by botching, both operationally and politically, the relationship between the UK and Russia. Younger calls this “perpetual confrontation”, which eventually will work against Russia.
But, he also mentions cyber attacks and misinformation campaigns, saying very little about either one. The UK formally said Russia was responsible for Petya/NotPetya attacks which caused considerable damage and only happened after the UK blamed Russia for the attack in Salisbury. We already know about the Russian campaign to influence Brexit. They believe they can act with impunity. We shall see whether that approach is the correct one.
But, he also mentions cyber attacks and misinformation campaigns, saying very little about either one. The UK formally said Russia was responsible for Petya/NotPetya attacks which caused considerable damage and only happened after the UK blamed Russia for the attack in Salisbury. We already know about the Russian campaign to influence Brexit. They believe they can act with impunity. We shall see whether that approach is the correct one.
Monday, December 3, 2018
Iran's Bad Behavior
Reuters has a well publicized report on Iran's disinformation campaign which was researched by the news agency. It is interesting because it is not just a report by government agencies somewhere. They actually did research and found sites distributing the material. As the report says, "The sites found by Reuters are visited by more than half a million people a month, and have been promoted by social media accounts with more than a million followers."
The proof of Iran's involvement is a little thin, but summarized this way: "But all the sites are linked to Iran in one of two ways. Some carry stories, video and cartoons supplied by an online agency called the International Union of Virtual Media (IUVM), which says on its website it is headquartered in Tehran. " They couldn't find this place, which points to that being a front. They have a chart that shows the destination for this propaganda and it tells us more than the rest of the article, and traced some of the information about the sites.
From their description, this is obviously well financed by somebody. It sounds like the Russian interference in different countries of the world, but since a number of countries are doing this now, it is more difficult to find the originator. It could be Iran.
Good for Reuters. They tried to do this on their own and the story is good ink.
https://dennispoindexter.blogspot.com/
The proof of Iran's involvement is a little thin, but summarized this way: "But all the sites are linked to Iran in one of two ways. Some carry stories, video and cartoons supplied by an online agency called the International Union of Virtual Media (IUVM), which says on its website it is headquartered in Tehran. " They couldn't find this place, which points to that being a front. They have a chart that shows the destination for this propaganda and it tells us more than the rest of the article, and traced some of the information about the sites.
From their description, this is obviously well financed by somebody. It sounds like the Russian interference in different countries of the world, but since a number of countries are doing this now, it is more difficult to find the originator. It could be Iran.
Good for Reuters. They tried to do this on their own and the story is good ink.
https://dennispoindexter.blogspot.com/
Sunday, December 2, 2018
To Tell or Not to Tell
ZDNet had a good article today on the GCHQ in England admitting they don't always tell the vendors of equipment what the flaws are in their IT. This would be nothing much but GCHQ is an intelligence organization and it uses the term "equities" in describing the national interest involved in whether to tell or not. If the equities do not rank high enough for reporting, they won't report it.
When I first started in IT, I used to be outraged if the government failed to correct deficiencies in software that we discovered. There were so many, we could hardly keep up. It was rare that anyone said anything about the non-reporting of these flaws because we really had no reason to know unless someone told us. That is the way it should be. We reported them, so we did our job.
When I worked for the U.S. Senate a person explained why the intelligence guys did not report everything and I felt stupid. It wasn't really their job. Intelligence agencies are supposed to collect and analyze intelligence collected by a number of different means. We don't need to know those means and they have no obligation to tell us. The more they report, the harder it is to do their job. I didn't like that explanation, but grew to understand it as true. It just took awhile.
I'm always suspicious of press people who do stories on things that hurt their own country. The Russians seem to get a lot out of their relations with the press by working them around to questions that give answers to things they want to know about and want to publicize. We should be smart enough to not answer those questions, no matter who asks them. I'm a little disappointed in GCHQ on this one. No comment would have worked better.
https://dennispoindexter.blogspot.com/
When I first started in IT, I used to be outraged if the government failed to correct deficiencies in software that we discovered. There were so many, we could hardly keep up. It was rare that anyone said anything about the non-reporting of these flaws because we really had no reason to know unless someone told us. That is the way it should be. We reported them, so we did our job.
When I worked for the U.S. Senate a person explained why the intelligence guys did not report everything and I felt stupid. It wasn't really their job. Intelligence agencies are supposed to collect and analyze intelligence collected by a number of different means. We don't need to know those means and they have no obligation to tell us. The more they report, the harder it is to do their job. I didn't like that explanation, but grew to understand it as true. It just took awhile.
I'm always suspicious of press people who do stories on things that hurt their own country. The Russians seem to get a lot out of their relations with the press by working them around to questions that give answers to things they want to know about and want to publicize. We should be smart enough to not answer those questions, no matter who asks them. I'm a little disappointed in GCHQ on this one. No comment would have worked better.
https://dennispoindexter.blogspot.com/
Subscribe to:
Posts (Atom)