return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

ICG Risk Blog - [ Cybersecurity Public ]

Miniaturization Threat Impact (MTI) system

  #

Identifying items at th
e edge of technology


It is an axiom at our shop that "items at the edge of technology" are often unrecognizable or unidentifiable by inspectors unfamiliar with the technology. Two characteristics most contributed to a lack of recognition, robbing the viewer of visual cues as to function:

  • Miniaturization - a reduction of size and form.
  • Integration (often a handmaiden of miniaturization) - the combination of functions of multiple items into a single item, itself often miniaturized.


Defenders too often fail to recognize miniaturization and integration as crucial components in risk evaluation. The emergence of Micro-Electro-Mechanical Systems (MEMS) that exhibit both miniaturization and functional integration are already complicating timely identification of risky items. (Also see Berkeley Sensor & Actuator Center and search the domain for "mems".)


We expects fluid conditions as defenders expand their screening focus beyond larger, more recognizable items to include a proliferating class of smaller, cheaper items:

  • Unexpected, innovative and non-traditional methods will proliferate, finding broad applicability.
  • Targets will have changing vulnerabilities, technological abilities and associated risks.
  • Attackers' tactics will evolve in methods and operational activities from internal technological "lift" and as a response to changes by their targets.
  • Short of nation state confrontations, conventional operations will draw less interest as adversaries will look to escape retaliation and the cost of investments required to underwrite an overt effort.
  • Unless we design with the asymmetrical adversary in mind, such adversaries will continue to find ways to bypass our defenses and exploit our vulnerabilities. Such asymmetric operations will have common characteristics:
    • Small-scale high-impact operations.
    • Operations performed with greater efficiency and effectiveness, both to minimize footprint and discovery and to conserve organizational resources, in order to achieve maximum results.
    • Rise in operations taken to address ideological causes and this applies equally to fringe Muslim fundamentalists and single-issue groups such as Earth Liberation Front (ELF).


Creating a generalized risk assessment hierarchy

Done for the US Defense Logistics Agency (DLA), a pilot Miniaturization Threat Impact (MTI) system capable of classifying threats from miniaturization and integration was developed.


Risk characteristics spanning easily known to insufficiently known to otherwise unknown items were captured in a generalized risk assessment tree (from least to greatest risk):


LEAST RISK 
  1. Primary function is identifiable from life experience and general training.
  2. Primary function is identifiable from specific industry/technology experience.
  3. Dual use/unintended use is ascertainable from specialized training and added knowledge-base.
  4. Miniaturization (function no longer evident) becomes difficult to defeat.
  5. Functional integration (embedding multiple functions by virtue of miniaturization) is difficult to defeat.

GREATEST RISK

The relative ease or difficulty of identification scaled appropriately (from easy to most difficult):

IDENTIFICATION WITH EASE
  • Generalists were good at #1, generally poor at all others.
  • Specialists were good at #1 and #2, generally poor at all others.
  • #3 much harder as it requires understanding of function(s) and the ability to transfer those characteristics to new objects, especially for a "good enough" capacity.
  • Highly skilled and frequently retrained specialists might address #4 on an irregular basis. 
  • Miniaturization and Integration #5 were effectively undefeatable in the short to medium term.

IDENTIFICATION MOST DIFFICULT
 
Capabilities difficult to automate


The author's ability to identify dual-use capability (can be used for both civil and military use) and "unintended use" capability (can be used for unintended or unimagined applications) proved difficult to transfer to existing staff without extensive retraining. Existing staff were either Generalists good at #1, or modest Specialists good at #1 and #2. Staff were, in effect, being asked to perform a role for which they had no prior experience.


Implications going forward


The glide slope to the desktop that brings increasingly greater capacity in smaller form factors at lower cost to the lay user or asymmetrical attacker will continue. Capability and/or lethality will rise even as components shrink.


Google Glass as an example in transition


"Wearables" (properly named the wearable computing market) has moved beyond early adopter status, but its three segments have varying degrees of acceptance:

  • Complex accessories - "operate partially independent of any other device, but fully operate when connected with IP-capable devices".
  • smart accessories - similar to complex accessories but allow users to add third-party applications.
  • smart wearables (notably Google Glass) - "function with full autonomy, independent of any other device except to access the Internet".

While it is now said to be a question of "when" and not "if" the wearables segment extends into the enterprise, aggressive miniaturization and integration continues to drive social unease - with more women than men in the negative. Google might benefit from flooding trusted segments with subsidized Glass, e.g., physicians, essential technicians, police and military. From Pew:

[P]ublic attitudes towards ubiquitous wearable or implanted computing devices are the most positive, or more accurately, the least negative. Although 53% of Americans think it would be a bad thing if “most people wear implants or other devices that constantly show them information about the world around them,” just over one third (37%) think this would be a change for the better

The glide slope to the desktop will continue to accelerate as Google has already received a patent for smart contact lenses with built-in cameras and other sensors such as infrared. The technical, police and military implications are staggering.


Today's Google Glass will by then have ceased to be an issue as people look carefully at your eyes to see if you are reality augmented. I would expect a certain class of detectors to emerge to detect wearers of such contacts. And they will be mounted in contact lens, or embedded in the wearer's biologic eyes.


Readers are recommended to read up on transhumanism.


U.S. Views of Technology and the Future
Science in the next 50 years
Aaron Smith, Lee Rainie, Michael Dimock
Pew Research Center
APRIL 17, 2014


Google invents smart contact lens with built-in camera: Superhuman Terminator-like vision here we come
By Sebastian Anthony
ExtremeTech
April 15, 2014 at 8:53 am


Don't blink or you'll miss this: Google to put cameras in contact lenses
By Michael McEnaney
Tech Times
April 15, 6:07 PM


Worldwide Wearable Computing Market Climbing to Nearly 112 Million in 2018, Says IDC
The Financial
12/04/2014 16:36


#Gogleglass #Wearables #Risk


Gordon Housworth



Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  Terrorism Public  Weapons & Technology Public  

discussion

  discuss this article

Stone Corporation, SERI and the brief window when China’s political and economic 'doors' were open

  #

 

The Chinese research community and business sector are the focus of this 20th anniversary note on the events of May-June, 1989, culminating in the military’s expulsion and dispersal of demonstrators, later their parents and sympathizers, from Tiananmen Square on 4 June. As the Chinese place added importance to anniversaries at a multiple of five to the event, I hope to do justice to themes and outcomes now largely lost to western readers.

 

James Miles’ The Legacy of Tiananmen: China in Disarray is recommended for a traverse of the events leading to 4 June, as is Goldman’s The Twentieth Anniversary of the Democracy Wall MovementThe events of June 1989 can reasonably be said to rise from the Democracy Wall of 1978-1979: 

Beijing democracy activists [were] encouraged to criticise the Gang of Four and failed government policies. But the [Chinese Communist Party (CCP)] became dismayed as more and more posters began to call for a complete overhaul and even the abolishment of the CCP. As the current leadership and policies came under fire, a new wave of party intolerance at political dissent began.

One might think that this should have come as no surprise as: 

Most of the participants were ex-Red Guards and workers, who might have been students but for the suspension of their education from 1966 to 1976. They used the methods and strategies they had learned in the Cultural Revolution forming unofficial groups, putting up large-character posters, writing and printing pamphlets, and setting up their own networks to achieve their own political goals. In the Cultural Revolution, they had employed these practices initially to purge party officials and the intellectual establishment in response to Mao's summons to "rebel against authority."

Elements of this note rose from a discussion with colleagues who were involved in construction technology transfer to and through a series of joint ventures in China in the early 1980s. One was working with the founders of Stone Corporation of China prior to the May 1989 uprising. Stone Corp was highly regarded as the new symbol of Chinese capitalism before 1989, but condemned by Li Peng as “counter-revolutionists” days after suppression of the uprising and fall of Zhao Ziyang, then general secretary of the Communist Party.

 

As some of the early documents are not easily available in electronic text, I have tried to site enough for readers to pursue.

 

Never underestimate your enemies

 

From If you want food, find Ziyang"; If you want Ziyang, pierce the Golden Shield:

An administrator given to revisionist thinking or pragmatic solutions depending upon your political viewpoint, Zhao was tapped by Deng Xiaoping to revitalize the economy. Zhao created much of the 1980s economic package credited to Deng Xiaoping:

  • Coastal development with special economic zones, drawing investment and creating exports
  • Agriculture reform that disbanded communes, returning private plots to farmers while assigning production contracts to individual households.
  • Industrial reform that included expanded self-management for peasant farmers and some industries
  • Price reform allowing farmers and factories to set prices for their products

Zhao threaded the policy needle with a 1987 speech that declared China to be in a stable, "primary stage of socialism" that could afford to experiment with approaches to stimulate economic production. In a stroke, market economics appeared within the evolution of socialism.

Zhao's pragmatism led to his stepping on the third rail of political reform, thinking the "goal of Chinese political reform was to build up democracy and rule of law." Having acquired a legion of old school enemies, Zhao was said to have doomed himself by making public (to Mikhail Gorbachev, already a tainted reformer in communist eyes) that all major Central Committee decisions had to be approved by the nominally retired Deng, which implicitly showed Deng to be the stonewall of reform...

Without approval of conservative elements of the Chinese Communist Party (CCP), Zhao commenced to simultaneously open what would later be called the political and economic doors to a dissatisfied citizenry.

 

The nascent RAND: Beijing Social and Economic Sciences Research Institute (SERI)

 

Independent of government, Chen Ziming set up his first think tank, the China Political and Administrative Sciences Research Institute, to fulfill a “long cherished dream.” (Wang Juntao joined Chen's second think tank in the late 1980s the Beijing Social and Economic Sciences Research Institute (SERI) and was "deputy editor of SERI's newspaper, Economics Weekly, at the time of the 1989 demonstrations): 

“[Chen] said that he wanted to turn his organization into something like the U.S. Rand Corporation, doing consultancy work for government decision-making bodies, providing top-level advice and strategies for reform,"... Among the group's founding members was Wang Juntao. [Both Chen and Wang had activist histories dating preceding the Democracy Wall.] The two men quietly built up an organization of extraordinary sophistication, quite independent of party control. Unlike more conventional dissidents they did not seek out the Western media, preferring instead to cultivate good relations with radical reformers working for the government. Their groundbreaking efforts thus went almost entirely unremarked by the outside world. “The two men’s long-term aim was not to pursue scholarship... If they'd wanted to do that they could have done it in the Chinese Academy of Social Sciences. Their aim was to change the socialist system." It was only after Tiananmen [that] most Western journalists and even many Chinese intellectuals learned their names.

 

[In 1987] Chen founded a new [group] called the Beijing Social and Economic Sciences Research Institute [SERI, whose] activities ranged from conducting public opinion surveys - a science then in its infancy in China - to publishing books on social and political issues. Within two years, the institute had nearly 50 employees and more than 100 associate researchers. It had office space consisting of 60 rooms. sophisticated computer equipment, and dozens of cars. By the time the Tiananmen Square protests erupted, it had launched nearly 40 research projects, organized 14 academic conferences, and published more than 100 books on the social sciences... Hardliners were deeply suspicious of the institute's activities, but thanks to the relative strength of reformist leaders at the time, the Chinese media gave the institute considerable encouragement by publishing some of the results of its surveys...

It is a testament to the strength of the reformers that the shock of hardliners could be restrained when Chen was publishing polls such as this 1987 item: 

[M]ore than 3,000 respondents answered questions about their attitude toward highly sensitive political issues. A book based on the results contained what for China were embarrassing revelations about people's political views. It said, for example, that more than a quarter of private entrepreneurs surveyed believed that it was right to rebel against the state “if the state caused you to lose hope.” More than 15 percent of peasants gave the same reply and nearly 10 percent of intellectuals and officials. Even asking such a question would have been unthinkable a few years earlier.

 

[F]ewer than 45 percent of peasants felt proud of living in a socialist country and only just over 50 percent of intellectuals. Officials showed the greatest enthusiasm for socialism, with more than 65 percent expressing pride in the system. Nonetheless, more than 10 percent of cadres replied that “there is nothing to be proud of.” Asked whether they trusted the government, nearly 40 percent of peasants surveyed replied “No.” Most respondents expressed dissatisfaction with the behavior of civil servants, including nearly 70 percent of officials themselves. A similar proportion agreed that “problems in the political system are the main reason why China is developing slowly.” Fewer than half expressed satisfaction with the amount of freedom of speech and belief they enjoyed...

 In retrospect, with such political explosives in hand it is a marvel that Chen and Wang were not silenced prior to being accused as the "black hands" behind the 1989 movement. The thirteen-year prison sentences imposed on both “probably had more to do with what they represented - the emergence of an organized, independent intellectual force - than with anything they actually did in 1989.” Wang’s wife said, “I cannot but respect the Communist Party's insight, their ability to see at a glance who are their real adversaries.” Think tanks and research institutions henceforth curtailed any social commentary not acceptable to CCP interests.

 

China’s 'first IBM'

 

Wan Runnan was the business equivalent to Chen Ziming and Wang Juntao in the research community:

Wan said his aim was to create China's answer to IBM [just as] Chen wanted his company [SERI] to become China's Rand Corporation... “When Wan established [Stone Corporation] with 20,000 yuan [$5,400] in a two-room office provided by a rural factory, nobody could imagine this humble 'Stone' would become a computer empire with 30 million yuan in fixed assets and a turnover last year of 300 million yuan," gushed Xinhua in 1988, when Wan was still a model entrepreneur lionized by the official media. “Some People call these new entrepreneurs China's 'red capitalists' of the 80's," the agency said.

 

Unlike Chen and Wang, Wan, who was in his mid-forties by the time Tiananmen erupted, was not a man with a long record of political activism on the wrong side of the party line. Wan was, in fact, a party member. But that did not stop him from sharing some of Chen and Wang's interests. When one of his employees proposed setting up a think tank, Wan readily agreed. In 1988 he established the small but influential Stone Social Development Research Institute, appointing the well-known political and legal scholar Cao Siyuan as its head. Cao, a former researcher in one of Zhao’s think tanks, had extensive contacts in the official world thanks to his role as the chief drafter of China's first law on bankruptcy, the most fiercely debated piece of legislation ever considered by China's normally docile parliament. The law was adopted in 1986 and went into effect two years later, providing a legal framework for the winding up of loss-making, state-owned industries that for decades had been propped up by massive state subsidies.

 

One of Cao's jobs as director of the Stone think tank was to do consultancy work on the new law, But his activities also strayed into the more sensitive realm of politics. Cao had long been an outspoken advocate of giving the National People's Congress greater clout and removing overtly political jargon from the constitution. In March 1989, not long before the student protests erupted, Cao's institute organized a large-scale conference on constitutional reform attended by many of the country's radical intellectuals. Among the constitutional amendments Cao wanted to see were provisions that those brought to trial should be presumed innocent until proved guilty and that the secretive proceedings of the National People's Congress should be broadcast live and published in full. Cao wanted ordinary members of the public to be admitted to the Great Hall of the People to observe the meetings. His suggestions fell on deaf cars. The only part of the congress the government was prepared to broadcast live was the carefully scripted opening address by the prime minister. This was not a concession to Cao. Such broadcasts hid been introduced several years earlier. The government was not prepared to take even the remote risk of a dissident voice being heard by publishing a full record of debates, and it certainly did not want members of the public observing the sycophantic behavior of the “people's representatives” close up.

 

By the time of Tiananmen, Wan's Stone Corporation employed more than 700 people, many of whom eagerly joined the demonstrations. Unlike Chen and Wang, who preferred to stay in the background, Wan threw himself and his company into the movement, donating large sums of money to the students and organizing meetings of protest leaders. As the People’s Daily put it, -Wan Runnan picked up a big stone - 'the entire company' - and threw it at Beijing.” Cao Siyuan and his think tank helped Hu Jiwei, a liberal member of the National People's Congress Standing Committee, collect the names of fellow members on a petition calling for an emergency session of the Standing Committee to discuss the unrest. The authorities later accused Hu and Stone of including the names of people who had not agreed to give their support and of plotting to use the Standing Committee to dismiss Li Peng and rescind martial law. Hu was stripped of his post and expelled from the party. Cao also lost his party membership and was imprisoned without trial for nearly a year.

The Chinese Communist Party’s clear and present danger

 

While the events of May-June 1989 have been assiduously scrubbed from Chinese media and contemporary histories by the CCP, they have also fallen from Western minds by the passage of time. To many, only the image of the Tank Man, stripped of context, remains in Western consciousness:

Tiananmen Square was a war zone [in June 1989]. An army 300,000 strong - that's almost twice the numbers we sent into Iraq - the People's Liberation Army, fought its way into Beijing from four directions, with orders to converge on the square. Unarmed citizens and students faced armored personnel carriers, tanks and soldiers armed with semi-automatic weapons. By 5:30 A.M. on June 4th, 1989, the army's mission had been accomplished...

 

The protests [had] begun five weeks earlier with a mass student demonstration, and in most Western media, continued to be treated as a student phenomenon... The students had touched a nerve, and soon everyone seemed to be out there protesting against hardship, government corruption and 40 years of repression. In Tiananmen Square and on the streets of Beijing, in cities right across China, there were tens of millions of Tank Men. Whole swathes of the country were in open revolt...

 

In Beijing, one in ten of the population was joining in, and that includes all the old people, all the little children. So it was massive... There were people in heavy earth-moving equipment. Honey bucket collectors and a tank truck came in. There were pilots. There were hotel workers... It was just a carnival of protest. All the groups were out there with their own banners, saying, "We are the Beijing journalists. We demand press freedom. We demand the right to tell the truth." ... You had doctors and nurses and scientists and army people demonstrating. The Chinese navy was demonstrating. And I thought, this is extraordinary because who's left? It's just the top leaders who aren't out there...

 

For the very first time, press and television were reporting freely and truthfully. The virus of freedom quickly spread... Uprisings occurred all over China, in at least 400 cities - we know this from the Chinese press and from their own military museum - all the way from Mongolia in the northwest down to the southeast near Hong Kong... And from these cities, hundreds of thousands of supporters converged on the capital. The students had started the protest, hoping to cleanse the party of graft and corruption and encourage free speech. They sought reform, not revolution. After all, they were, by and large, the children of the elite. But as their movement spread outwards to the middle classes and then to the workers and peasants, attitudes hardened...

It is instructive to revisit the threat perceived by conservative politburo members to the continued existence of the Chinese Communist Party (CCP):

The move from student uprising, if you will, to a worker uprising is what really scared the Chinese government. They felt that they could deal with the students. After all, students had been involved in uprisings for many, many years. But where it became dangerous to the stability and to the survival of the Communist Party was when ordinary workers became involved...

 

After all, the Chinese Communist Party had originally used the workers' movement to gain power for itself. Now those in government were terrified that we'd take it back from them... In fact, the government was paralyzed by infighting between those who advocated peaceful negotiation and hard-liners who demanded a crackdown. On May the 19th, Zhou Ziyang, the reformist general secretary of the Communist Party, suddenly appeared in Tiananmen Square to appeal for compromise. It would be his last public appearance. That night, before an audience of party faithful, hard-line Premier Li Peng showed the way forward. "We must end the situation immediately. Otherwise, the future of the People's Republic will be in grave danger." He completed his address with a declaration of martial law. Troops would occupy the city and put an end to the protests in Tiananmen Square...

 

Never before in the 40-year history of communist rule had China put its citizens and its army in this situation... It was a massive display of force, 300,000 troops by most counts... all converging on the city... Four days after [this] attempted entry, the army withdrew to bases outside the city. Beijing was euphoric... But it also was an enormous humiliation for the leadership. They had been thwarted and they had lost face, and they weren't going to let it happen again... The party elders feared that the whole edifice of communism was going to collapse, like it was collapsing in the Soviet Union and in other parts of Eastern Europe. They needed to make a stand - and a bloody stand - to show their population, in effect, to cow their population back into submission... Over the next 10 days, Supreme Leader Deng Xiaoping hatched a new plan. Troops armed with semi-automatic weapons and backed by tanks were drawn from military districts across China [rural units with no attachments to the urban center]... On the night of June 3rd, a huge invasion force [came in again] from all directions but mostly from the west, this time with live ammunition, this time strict orders: the square must be cleared by dawn on June 4th...

The end of nascent political reform came quickly:

Angry citizens were everywhere. People just couldn't understand why this country and its army, the People's Army, would slaughter its own people, the Beijing citizens... People still pour into the streets... People were just so angry, so furious at what was happening in their city that they were not going to step back and let the army do what it was doing... Troops began to fire in all different directions... Everybody was frightened by this overwhelming use of force... What was amazing was that the army used battlefield weapons...

 

[It] was a one-sided pitched battle all the way from the western suburbs until [the PLA], about 1:30 AM, began to arrive at Tiananmen Square... [The] troops had orders to clear the square by dawn [of 4 June]. That was the deadline... And it was clear to everyone from that point on that we were absolutely trapped. You had the military coming in from the west with their tanks. We knew there were tanks coming in from the south of Tiananmen Gate. And now on both sides of the square, you had hundreds, if not thousands of soldiers... And then the firing started. Even at this late stage, many couldn't believe the army was using live ammunition, and they stood their ground... And there was this continual announcement of, "Under the martial law regulations, no one should be on the street. If you stay on the street, you will be responsible for what happens to you"...

Firing on civilians recommenced later in the morning as parents came to search for their children:

The tactics of overwhelming force that were used had a point. They were meant to shock, terrify and awe... No one knows for certain how many people died. The Chinese Red Cross initially reported 2,600 and immediately retracted under intense government pressure The official government figure is 241 dead, including 23 officers and soldiers, and 7,000 wounded... In the aftermath of the Beijing massacre, tens of thousands all across the country were arrested. Unknown numbers were executed. Some are still in prison today. China television portrayed these people as counter-revolutionaries, hooligans and agents of foreign powers...

By the close of 4 June, the People’s Liberation Army was again in complete control. Readers can now understand the velocity of retribution directed against firms such as Stone: 

SOLDIERS of the People's Liberation Army are occupying the offices of China's most successful independent computer company, the Beijing Stone Group. Wan Runnan, the software engineer who founded the company, is in hiding and officials have issued a warrant for his arrest as the government continues to crack down on supporters of democracy.

 

The authorities have pinpointed Stone as a symbol of the 'counter-revolution'. The company, founded five years ago, rapidly became the vanguard of China's computer industry and, in its management style, established itself as a model for economic reform...

 

Stone owed its success and its downfall to the prominent position it played in China's reform and to the associations it had forged with prominent politicians. Wan had been a confidant of Zhao Ziyang, the reformist general secretary of the Communist Party, and his supporters. But with Zhao's fall from grace, Stone lost its [influence and protection]...

Stone’s founder and president, Wan Runnan, had overplayed his hand, likely due to his having been a privileged child of the establishment: 

Because the government did not imprison leaders of the 1985-86 democracy protests, many of them became important figures in the 1989 movement. The voices of Fang Lizhi and Wang Ruowang were openly heard, and Liu Bin Yan became a key organizer. Other leaders emerged as spokesmen and organizers for the movement, most having privileged backgrounds and associations with their supposed enemies:

 

• Sun Hui, a Beijing University student, helped found the Autonomous Students’ Federation to organize the demonstrating students. Sun’s parents were Communist Party members, but his death at the Tiananmen massacre suggests that he may not have fully understood the dialectic he was a part of. Nevertheless, Sun’s ties to the regime made him vulnerable to manipulation.

 

• Wan Runnan has been married twice, both times to daughters of high Communist Party officials. According to one undisclosed source in the student democracy movement, Wan closely associated with members of the inner circle of control in the Communist Party of China. These connections helped him financially, since he was allowed to own and build the Stone Corporation, the largest private corporation in mainland China and its main producer of computers. Wan supplied public address systems, walkie-talkies, and other equipment to help the student leaders organize. Given his contacts, he probably knew Communist Party Secretary Zhao Ziyang rather well; Zhao was purged after the June massacre for supporting the democracy movement. Wan Runnan was quoted in a July 1990 Reason article as insisting that “we are not counterrevolutionaries.” After hinting that he supported free market reforms in addition to democracy, he qualified himself by noting, “The transformation must take place in stages… the communication, transportation, and energy sectors will remain in government hands.” Wan now heads the Paris-based Federation for a Democratic China, one of the two largest organizations in the currently exiled Chinese democracy movement…

Wan at least escaped the blade that befell many of his peers, ultimately making it to the US: 

Wan Runnan: former Chairman of FDC (the second and third Congress). He was the founder and Chairman of Stone Corporation which was the first private company in China. He was on the wanted list of CCP, because he had supported the democratic movement of 1989. After June 4th Massacre he escaped abroad and has settled in the USA.

Without this background it would be hard for Wan to think that he could get away with providing financial and logistic support to the democracy movement. With backing from hard liners, Li was happy to root out Wan and his counterparts as part of bringing the private sector to heel under party control:

Despite its importance, in a system that is still largely owned and controlled by the government, the role of the private sector is limited: Even today [2002], as management responsibilities have been passed on to managers and local officials, and as industrial output has shifted to the private sector, the government still owns about 70 percent of the industrial assets... Yet, this sector has played a significant role in encroaching upon state sovereignty in two ways. First, in times of crisis, this sector has played a role of outright resistance. During the Tiananmen movement, it was the private entrepreneurs of Beijing that provided the students with fax machines, radio equipment, televisions and other perishable goods that became a staple of the movement... The Stone Corporation was the largest and most famous of these behind-the-scenes participants, but there were many others. It would be a stretch to argue that private businesses in China are predisposed to resistance. However, it is the case that these organizations are structurally the ones that hold the greatest degree of independence from the state, and therefore have the greatest latitude in protesting when the opportunity presents itself.

Continuing the theme of lawful suppression of "counterrevolutionaries," the Communist Party staged an exhibition in September 1989 containing images of "burned out tanks and armored personnel carriers, photographs of soldiers who had been burned to death or hanged from overpasses, and photos of burning buses and clashes between students and police in riot gear." On the 5th anniversary, Li Peng announced "new security regulations defining political discussions outside the Party line as sabotage." On the 10th anniversary, the government released a lengthy documentary on the "counterrevolutionary rebellion."

 

Termination of modest entrepreneurial support for liberalism

 

Political dissidents placed too great a faith in private entrepreneurs to spur democracy. (Note: geti are individual entrepreneurs, often in consumer services, while siying are larger privately owned businesses or enterprises.): 

It is in the interest of entrepreneurs to cooperate with local cadres. Cooperation allows private-sector businesses to operate more smoothly, and sometimes just to get started in the first place... "Capitalist entrepreneurs see capitalist growth as possible because of, not in spite of, the involvement of officials." Rather than the larger siying enterprises being most autonomous, moreover, ties to officials matter tremendously for the development of the largest and most profitable enterprises. Even a large and innovative private enterprise like the Stone Corporation had to depend upon strong bureaucratic connections to succeed...

 

Some commentators have pointed to banners of support hung by geti entrepreneurs and to monetary and material donations made by entrepreneurs, such as managers of the Stone Corporation to demonstrators in 1989, as evidence for growing activism and political consciousness among entrepreneurs. But as a rule [members] of the business elite in the private sector have shown strong inclinations toward neither political activism nor the formation of strong horizontal ties. Stone's actions and supportive banners cannot be used to proclaim the existence of a politicized, much less democratizing, class. Donations by the Stone Corporation were not exceptional and, as noted previously, most entrepreneurs [did] not actively support the student demonstrators. More generally, entrepreneurs' participation in politics outside of state-sponsored organizations has been unusual, and has not been sustained...

 

The enthusiasm that reformers were expressing in the mid-1980s for the growth of "interest groups" and "social pluralism" was accompanied by the growth, immediately prior to and during the Tiananmen demonstrations, of what appeared to be an autonomous Chinese associational life. Examples of new organizations included the Beijing Autonomous Students' Union and the Capital Independent Workers' Union, which were founded during the 1989 protests. Similarly, the Beijing Institute for Research in the Social and Economic Sciences [founded] by Chen Ziming and Wang Juntao, both of whom had been active in the 1979 Democracy Wall movement and, later, the publication of Beijing Spring. These organizations were perceived by some to be harbingers of a second "golden age"... Yet these liberalizing trends of the mid-1980s, along with many others, were reined in by the 1989 Tiananmen protests. The autonomous organizations proved to be highly vulnerable and failed to become enduring features of post-Mao state-society relations. The [independent] unions were crushed by the government, while the Institute saw much of its autonomy undermined subsequent to the arrests of Chen and Wang for their role in the 1989 events.

Altering the education system to produce a new patriotic citizen

 

Beyond wounded national pride and primarily anti-US and anti-Japanese resentment:

Chinese nationalism in the 1990s was also constructed and enacted from the top by the Communist state. There were no major military threats to China's security after the end of the Cold War. Instead, the internal legitimacy crisis became a grave concern of the Chinese Communist regime because of the rapid decay of Communist ideology. In response, the Communist regime substituted performance legitimacy provided by surging economic development and nationalist legitimacy provided by invocation of the distinctive characteristics of Chinese culture in place of Marxist–Leninism and Mao Zedong Thought. As one of the most important maneuvers to enact Chinese nationalism, the Communist government launched an extensive propaganda campaign of patriotic education after the Tiananmen Incident in 1989. The patriotic education campaign was well-engineered and appealed to nationalism in the name of patriotism to ensure loyalty in a population that was otherwise subject to many domestic discontents. The Communist regime, striving to maintain authoritarian control while Communist ideology was becoming obsolete in the post-Cold War era, warned of the existence of hostile international forces in the world perpetuating imperialist insult to Chinese pride. The patriotic education campaign was a state-led nationalist movement, which redefined the legitimacy of the post-Tiananmen leadership in a way that would permit the Communist Party's rule to continue on the basis of a non-Communist ideology. Patriotism was thus used to bolster CCP power in a country that was portrayed as besieged and embattled. The dependence on patriotism to build support for the government and the patriotic education campaign by the Communist propagandists were directly responsible for the nationalistic sentiment of the Chinese people in the mid-1990s.

From Beijing moves to preempt flash mob behavior for any purpose, be it civil, commercial, nationalistic or anti-state...:

The authorities are highly attentive to young nationalists known as fenqing, or the 'angry youth' among other translations:

"These people have been trained in an authoritarian system. They are at the same time victims of an authoritarian system, but they also behave in an authoritarian way towards others and are incredibly self-righteous... We should be more tolerant and respect the right of people to disagree with us but these people do not understand such values."

The definition of fenqing has morphed:

 

Cultural Revolution: urban-dwelling students who were sent to the countryside to toil with peasants and became embittered towards a society that had stolen their futures.

1980s: students and intellectuals who shaped the movement for greater social and political freedoms that ended when the tanks rolled into Tiananmen Square

2000s: patriotic, xenophobic, nationalistic and, in some cases, violent in their defence of the motherland. This latest incarnation has partly emerged as the result of government policies implemented in reaction to the events of 1989, after which "patriotic" indoctrination became an even more important element of the education system.

Fenqing are tailor made to meet CCP needs for sustained legitimacy.

 

Closing the political door; expanding the economic door

 

From "If you want food, find Ziyang"... 

Confined to house arrest, Zhao remained "steadfast that his views are correct, and their views were wrong," and he remained a remembered, if unheard, symbol that demonstrations were not a "counter-revolutionary rebellion" and that Tiananmen must be reassessed. Even in death, Zhao is a lightning rod of accountability.

 

Whereas Zhao and his generation made enormous contributions to individual wellbeing and thus much gratitude, e.g., "If you want food, find Ziyang," he is said to be less well known to younger generations either focused on wealth generation on the coast, or cut off in rural isolation.

Deng reasserts himself:

What the Party has relied on to prevent [public] pressure from building up is to allow people to exercise all of their ambitions and urges to be able to advance themselves and to have lives on the economic side of the ledger. This was Deng Xiaoping's great moment of genius. After the massacre of 1989, he in effect said we will not stop economic reform; we will in effect halt political reform.

 

What he basically said to people was: "Folks, you are in a room. There are two doors. One door says 'Politics'; one door says 'Economics.' You open the economic door, you are on your own. You can go the full distance to basically whatever you want: get wealthy, help your family have a bright future, move forward into a glorious future. If you open the political door, you are going to run right into one obstruction after another, and you are going to run into the state." People logically being practical -- and Chinese are very practical -- opened the economic door. They wouldn't open the political door. It was foolish to do so.

Private companies and research groups proceeded to chose the economic door, avoiding the political:

In retrospect, it seems extraordinary that the leadership of such an authoritarian state should allow the emergence of large, wealthy, independent institutions such as those operated by Chen Ziming and Wan Runnan. It is particularly remarkable given that, at least in the case of Chen Ziming and Wang Juntao, the authorities had been keeping [both under surveillance]...

The leadership would almost undoubtedly have meted out similar punishment to the private businessman Wan Runnan [as they had to Chen and Wang] had [Wan] not fled the country after Tiananmen.

Wan Runnan wrote a reflective retrospective of the CCP, Why The Chinese Communists Are Not Doomed To Finish Yet, in 2006. Recommended. Idealism and compromise are now absent: 

During the 1989 democratic movement and the Russian/Eastern European changes, the Chinese Communist became even firmer in the will and determination to suppress the opposition... How did the Communist Party defeat the Nationalist Party to win the country? One point was the will and determination to sacrifice. By sacrifice, they mean sacrificing the lives of their warriors in large and systematic ways... The Communists won the nation by this rule and they governed the nation by this rule. What is political power? Lin Biao understood: Political power is the power to suppress. To maintain political power is to maintain the power to suppress... That was the will and determination to suppress that the Communists exhibited during the June 4th massacre...

 

Deng Xiaoping said: "Development is the only solid reason." This should actually read "Getting rich is the only solid reason." The reason is solid, but the words are soft. According to Comrade Zhang Chunqiao's critical opinion: "This is a capitulation to the national capitalist class." On this issue, I have the right to speak. I started the company Stone (四通), which had sales of over 1 billion RMB in 1988. I accounted for half of Zhongguan village. I was called by the western media as the "most outstanding result of the ten year flirtation between Deng Xiaoping and capitalism." At the time, a western reporter asked me: "Do you think that Deng Xiaoping is on your side?" I answered without hesitation: "Of course, because I am on his side." After the June 4th massacre, I could no longer be on his side and therefore I parted ways with the Communist Party.

Wan summarizes the CCP as follows:

  1. From the lessons of the former Soviet Russia and eastern Europe, the Communist Party is more firm and clear about suppressing the opposition;
  2. After forming alliances, the Communist Party has established a relatively stable international environment;
  3. The continuous economic development has provided adequate resources for improving their ability to govern;
  4. Under the pretext of "we won't argue," the Communist Party has actually totally abandoned their former ideology;
  5. The Communist Party has become a political party that represents wealthy people and the social elite.  This newly created middle class is the foundation of stability in Chinese society today;
  6. The confirmation of their model for power succession has eliminated the concerns about their ability to maintain government.

Keep this in mind when you read Drezner’s “wishful thinking” about the capacity of the pro-democracy petition Charter 08 to induce a new popular rebellion. Drezner’s piece is valuable solely for the reader comments that gently but firmly correct him. China will still grow at about 6% per annum; not enough to keep everyone happy but enough for the CCP to sacrifice what it must to keep the political door closed and the economic door open, at least for the privileged, cooperative business class.

 

Epilog

 

Stone and SERI were part of a remarkable flowering that, along with far less adventuresome firms, quickly learned that in order to survive they had to work with the CCP and PLA as opposed to operating in relative independence.

 

In the same period, the PLA was disgorging its money losing firms onto provincial government and was expanding its overt and covert subsidiaries tasked with capturing needed foreign Intellectual Property (IP). When that network proved to be insufficient at capture an entrepreneurial bounty system was instituted by which Chinese firms otherwise unrelated to the PLA could capture IP and share it in return for various means of reward.

 

Americans continue to overlook the extremely high degree of nationalism among Chinese, a characteristic sharpened by post-1989 education reforms. (I do not impute anything negative to the Chinese; my point is that Jingoism is not purely an Occidental disease.) Had this flowering continued, Stone and its peers would have become technical powerhouses that would have become even more efficient at foreign IP collection as foreign firms flocked to partner with Stone et al.

 

Firms such as Stone were perfectly positioned to be both attractive to foreign government and corporate assets while being able to absorb and transmit the IP on offer into the Chinese economy. If Wan could have even remained an international democrat, there would have been many in the firm that would have supported IP diversion to Chinese national interests.

 

Thus this analyst is left to wonder if Li Peng’s retrenchment slowed rather than accelerated foreign IP collection. In other words, the crushing of this technical flowering may have slowed IP collection. It is interesting to consider the implications if Zhao had bested Li.

 

Exiled Tiananmen-era dissident detained in China

Associated Press

May 13, 2009, 11:13 pm ET

 

It's Just History: Patriotic Education in the PRC

By Julia Lovell

The China Beat

4/22/2009

 

The war that changed China

Posted by: Benjamin Lim

Reuters

February 17, 2009

In China, a Grass-Roots Rebellion

Rights Manifesto Slowly Gains Ground Despite Government Efforts to Quash It

By Ariana Eunjung Cha

Washington Post

January 29, 2009

 

China's Charter 08

Translated from the Chinese by Perry Link

New York Review of Books

Volume 56, Number 1 · January 15, 2009

 

What does Charter 08 tell us about China in 09?

Daniel W. Drezner

Foreign Policy

Mon, 01/05/2009 - 9:51am

NOTE: The post is wide of the mark; reader responses are on point

 

The United States and China

Bill Moyers Journal

August 22, 2008

 

Peking U. Draws Fire for Demolishing 'Democracy Wall'

Chronicle of Higher Education

November 5, 2007

 

Cross Cultural Dialogue on China’s Traditional Universalism

Thomas Bartlett

Response to Xiong Peiyun’s (熊培云) article “China’s Nationalism, and How Not to Deal with It”

Posted by Xiao Qiang

China Digital Times

May 11, 2008 7:37 PM

 

China’s Nationalism, and How Not to Deal with It

Posted by Michael Zhao

China Digital Times

May 10, 2008 10:02 PM

 

China’s angry youth vent their feelings

By Jamil Anderlini in Beijing

FT

Published: May 2 2008 17:15 | Last updated: May 2 2008 17:15

 

Summary of Chinese History ruled by Chinese Communist Party

Contributed by Federation for a Democratic China, (FDC)

Monday, 10 December 2007

Last Updated Monday, 10 December 2007

 

Tiananmen Veteran Chen Ziming Talks to RFA

by rfaunplugged

RFA Unplugged (Radio Free Asia blog)

Posted on December 27, 2006

 

My Life After Tiananmen: Chen Ziming

Radio Free Asia

Original reporting in Mandarin by An Ni. Mandarin service director: Jennifer Chou. Translated, written and produced for the Web in English by Luisetta Mudie. Edited by Sarah Jackson-Han.

2006-12-27

 

Why The Chinese Communists Are Not Doomed To Finish Yet

Wan Runnan

EastSouthWestNorth

2006

 

THE TANK MAN

Written, produced and directed by Antony Thomas

FRONTLINE

Air date: April 11, 2006

 

Wang Juntao: "To Resign from the Communist Party is for the Future of China"

Voluntary Resignation from the Chinese Communist Party Sets the Standard for Morality and Justice

By Xin Fei

The Epoch Times

Apr 21, 2005

 

Annex 1 How is “Private” Defined in the People’s Republic of China?

The Development of Private Enterprise in the People's Republic of China

Asian Development Bank

2003

 

Information Technology, Sovereignty, and Democratization in China

Doug Guthrie

New York University

Social Science Research Council

2002

 

Problems of democratization in China

By Thomas Gong Lum

Edition: 2, illustrated

Taylor & Francis, 2000

 

The Twentieth Anniversary of the Democracy Wall Movement

By Merle Goldman

Harvard Asia Quarterly

Summer 1999

page last updated: March 22, 2001

 

DEMOCRACY WALL: A Sudden Explosion of Free Speech, 1979

Unorthodox Opinions Are Heard on the Street

By WEI JINGSHENG

TIME Asia

SEPTEMBER 27, 1999 VOL. 154 NO. 12

 

A state-led nationalism: The patriotic education campaign in post-Tiananmen China

Suisheng Zhao

Communist and Post-Communist Studies

Volume 31, Issue 3, September 1998, Pages 287-302

 

China's New Business Elite: The Political Consequences of Economic Reform

Margaret M. Pearson

UNIVERSITY OF CALIFORNIA PRESS

1997

 

The Legacy of Tiananmen: China in Disarray

by James A. R. Miles

University of Michigan Press

1996

 

Beijing Revokes Parole, Returns Dissident to Jail

By Rone Tempest

LA Times

June 27, 1995

 

Free Chen Ziming and Wang Juntao

New York Times

February 13, 1992

 

How to Resist the Memory Hole

New York Times

Published: Wednesday, February 13, 1991

Playing the China Card

The New American

Jan. 1, 1991

 

Chinese troops turn on computer pioneers

by KATHERINE FORESTIER , HONG KONG

NewSceintist

Magazine issue 1671

01 July 1989

 

Democracy Wall

BBC

 

Democracy Wall

China’s Communist Revolution

BBC

 

Gordon Housworth



Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  

discussion

  discuss this article

Supposition: CIA voter fraud detection software turned on US systems, possibly as test, inadvertently discovering fraud

  #

 

After reviewing all data in context, my supposition is that CIA voter fraud detection software assets were turned on US systems, possibly as a test. Inadvertently fraud was discovered; fraud which the agency has not reported, and/or cannot report through regular channels.

 

We now know that federal assets have committed widespread surveillance of US data, voice and email traffic without subpoenas. Why, in the same period of permissibility, would a well intentioned agency not surveil voter data, especially if it was under external assault.

 

If the agency did so, no reader should think that this analyst finds fault with such actions. Our various electronic voter mechanisms are fraught with obvious threat vectors that cry out for discovery, identification and resolution. One only has to read Stephen Spoonamore's comments in GOP cyber-security expert suggests Diebold tampered with 2002 election. Writing of this item in private email, I noted, "Spoonamore is an extremely capable fellow. I would accord his comments high validity, more so by virtue of his conservative leanings. Regardless of which side of the aisle you sit, it bears reading." See other items in the bibliography at end.

 

The flaws in US electronic voting are so great that the US needs a public Black Hat hacking conference that targets US voting systems, exposing their flaws, before exploitation by criminal or adversary state assets.

 

A helpful if tortured causal description

 

A certain Steven Stigall recently spoke before (as opposed to offered sworn testimony before) the Standards Board Meeting of the Election Assistance Commission (EAC) in Orlando, Florida. Never identifying his organization, his verbatims used verbiage such as "Where I come from...," "worked with others in my organization...," and "did my organization actually discover..." The EAC put paid to his efforts at anonymity by publishing his unclass resume:

Steve Stigall joined CIA in 1985...  His early analytic career focused on Soviet-era Russian strategic missile forces... Since 1995 he has specialized in foreign computer threats.  In 2000 Mr. Stigall was inducted into CIA’s Senior Analytic Service.  In 2002 and 2003 Mr. Stigall served in Afghanistan and was at the US Army’s Camp Doha, Kuwait for Operation Iraqi Freedom...

While Stigall was scrupulous in avoiding any commentary on specific voting machines or their manufacturers, and effectively precluded questions from EAC board members, one does wonder what, if any, hand the agency might have had in surfacing the many Diebold faults (here, here and here). (In pursuing these and other citations, readers should remember that Premier Elections Solutions is merely the renamed Diebold Election Systems, Inc. (DESI).)

 

Disclaimer and linkage

 

Modifying Stigall's testimony courtesy of the EAC, first the disclaimer:

[At CIA], we do not do vulnerability assessments of any U.S. systems.  We don’t look at U.S. systems.  What we do is we identify foreign threats to those systems and we relay that information via a variety of mechanisms to the owners and operators of those systems.  Typically, the owners and operators typically, but not always, are going to be the U.S. Government... 

Stigall then turns to a description that to this analyst demands some evaluation of US voter systems:

For several years, I’ve worked with others [at CIA] to try and identify foreign threats, emphasis on “foreign threats,” to important U.S. computer systems.  A few years ago it occurred to us that that should include potential foreign threats to the computers upon which our elections in this country are increasingly dependent. [The] first question in your mind is [did CIA] actually discover any foreign threats to the computers upon which our elections are increasingly dependent?  I’m just going to say this, we’re in an open, unclassified forum, rest assured that were we ever to discover specific and credible information about foreign threats to our critical U.S. election computers we would do in my organization what we’ve done since 1947; we would bring that attention to the most senior policymakers in the country and they would act accordingly.

Rendering political process into an IT regimen

 

Stigall again:

When I look at an election system, I see a computer system, because increasingly that’s what they are.  And to the extent that there are foreign hackers who have shown interest in developing unauthorized access into U.S. computer systems, that’s where I get interested in it...

 

[When] I look at a foreign election system I’m not probing it [for] vulnerabilities to attack it, I’m simply looking at it as a computer network to see what vulnerabilities other people might be trying to use to exploit it because that reveals potential vulnerabilities that may be applicable in this country.  Again, when we look at election systems overseas, to the extent that they even have computers, I look at them as a computer network and computer networks have all the vulnerabilities that any computer network has, whether it’s an election system or whatever.  The physical security of the machines has emerged as a big issue.  Long before Election Day who has access to them?  And who programs these machines?  And who has access to that programming?  Again, just old-fashioned physical security long before Election Day.  [There is a] sociological factor of decreasing transparency for some cultures as you introduce computers, I’m not going to presuppose that’s entirely relevant [in the US], but I add it for what it is worth.  [You] create problems for an attacker by encrypting data... 

After consulting with agency political analysts, Stigall designed a corresponding IT vulnerability model that starts “long before Election Day,” to “Election Day and afterwards”: 

I divide an election process in terms of the computer’s role in that process... These don’t all occur on Election Day... [As some ‘follow the money], I follow the vote, and wherever the vote becomes an electron and touches a computer that is an opportunity for a malicious actor potentially to get into the system and tamper with the vote count or make bad things happen.

Stigall’s unreleased two page presentation listed five “basic” steps.  After reading his transcript verbatim, I see their constituate components as:

  • Automation/manipulation of census rolls, tax roles, prior voter registration lists, if any
  • Accuracy of random auditing of voting machines
  • Voter registration data security in the run-up to voting matches voting machine security on election day
  • Potential to defeat the paper trail, elimination of paper to electronic comparison
  • Absence of physical or emotional duress to voters
  • Authentication of voter identification at polls
  • Ensuring/sustaining privacy of the vote
  • Denial of service attacks, both conventional IT and physical kinetic denial of service that kills power to voting machines and polling places
  • Voting machine network security; removal and transport of flash drives and dismountable media
  • Capacity to transmit, protect and gather voter data; encryption of data in transit and encryption of “data at rest”
  • Ability to manipulate or channel election night media coverage, incremental, moment by moment

Electronic voter fraud expands and shifts the threat

 

Stigall again: 

[In] a traditional voting scheme the greatest opportunity for fraud [is] at the local level.  When you introduce computers into the equation, you’re moving that fraud potential upstream and you’re allowing an electronic single point failure, meaning the potential for mischief, can occur higher up the food chain electronically much faster and affect a lot more people in terms of the vote count than would be the case of fraud at an individual level where again you’re talking about the classic scenario where ballot boxes get thrown in the river or fraudulent ballots get produced; here it’s electronic...

 

The first question that one asks about these voting machines is, are they password protected?  [Strong or weak passwords, security of storage before, during and after the election. Can] those machines can be interrogated electronically remotely on Election Day. [Are there paper ballot receipts; what is the] discrepancy at the end of the day between the machine count and the paper count...

The footprint and opportunity for voter fraud become enormous in electronic systems. Most current monitoring structures are unable to cope. "Monitoring" may well induce a false positive as it will be unable to be present through all the stages the Stigall defines.

 

Heroes: Churov for what he did, Stigall for what I hope he did

 

Stigall admiringly describes a Russian step that this analyst greatly hopes was done domestically. 

A few weeks ago the head of the Russian election commission [Vladimir Churov] made an interesting proposal.  He met with representatives of the Russian hacker community.  And I do not know the extent to which this was a representative cross section of Russian hackers, but it was sponsored by Russian magazine, Hacker magazine, which is an interesting publication they have over there. And -- well, Vladimir Churov is my new hero, because he had a very interesting proposal for these people.  He said, "In early March we're going to test a new Internet voting system in Russia.  We're going to test it in five areas and I want you people to come at us, give us your best shot.  We’re not interested in people who want to harm maliciously the system, but if you want to test our system trying to identify new vulnerabilities, you know, we’re going to reward you if you do this."

The US needs a public Black Hat hacking conference targeting US voting systems. There are flaws, that is certain. Better to find them before criminal or adversary state assets exploit them. Agency assets would be welcome, but it is unlikely that they would publicly disclose means and methods to states already, or contemplating, doctoring their voting processes.

 

Come home, Mr. Stigall, and bring your friends.

 

Most electronic voting isn't secure, CIA expert says

By Greg Gordon

McClatchy Newspapers

Posted on Tuesday, March 24, 2009

 

Diebold Admits Audit Logs in ALL Versions of Their Software Fail to Record Ballot Deletions

Posted by Dan Gillmor

The BRAD BLOG

March 21, 2009 2:55 PM

 

KY Election Officials Arrested, Charged With 'Changing Votes at E-Voting Machines'

Blogged by Brad Friedman

The BRAD BLOG

3/19/2009 4:59PM

 

Standards Board Briefing Materials: Orlando, Florida

Standards Board Meeting, February 26-27, 2009

Doubletree at the Entrance to Universal Studios

Orlando, Florida

 

Standards Board Briefing Materials: Orlando, Florida

Meeting Transcripts

February 26, 2009

February 27, 2009

 

Standards Board of Election Assistance Commission in Re: (Computers And Elections: The Growing Potential For Cyber Vote Fraud)

SPEAKER: STEVEN STIGALL

DATE: February 27, 2009

PLACE: Double Tree Hotel

5780 Major Boulevard

Orlando, Florida 32819

JULIANA M. CARY, FPR

Court Reporter

Notary Public, State of Florida at Large

 

SOME PRESENTATIONS, though not Stigall’s which is likely FOUO as the meeting did not appear to have classified briefings:

 

A Threat Analysis on UOCAVA Voting Systems Overview

Lynne S. Rosenthal

NIST Voting Program

National Institute of Standards and Technology

 

Computers and Elections: The Growing Potential for Cyber Vote Fraud

 

Stub for Stigall's presentation

 

Glitches, machine breakdowns hamper voting in five states

By Greg Gordon

McClatchy Newspapers

Posted on Tuesday, November 4, 2008

 

Computer expert denies knowledge of '04 vote rigging in Ohio

By Greg Gordon

McClatchy Newspapers

Posted on Monday, November 3, 2008

 

E-voting worries linger as Election Day nears

Posted by Declan McCullagh

November 3, 2008 4:00 AM PST

 

Warning on voting machines reveals oversight failure

By Greg Gordon

McClatchy Newspapers

Posted on Sunday, August 24, 2008

 

Did Washington waste millions on faulty voting machines?

By Greg Gordon

McClatchy Newspapers

Posted on August 15, 2008

 

GOP cyber-security expert suggests Diebold tampered with 2002 election

Larisa Alexandrovna and Muriel Kane

The Raw Story

Published: July 18, 2008

 

Diebold insider alleges company plagued by technical woes, Diebold defends 'sterling' record

Miriam Raftery

The Raw Story

Originally published on Tuesday December 6, 2005

 

Democratization and Globalization in Emerging Market Countries: An Econometric Study*

Jude C. Hays, John R. Freeman, Hans Nesseth

University of Michigan, University of Minnesota

International Studies Quarterly, Volume 47, Number 2, pp. 203228, June, 2003

 

Gordon Housworth



Cybersecurity Public  InfoT Public  Strategic Risk Public  

discussion

  discuss this article

A greased pig race: US cybersecurity architecture and organization

  #

 

The nature of modern cyberwarfare makes a mockery of present legal boundaries that have heretofore usefully served the US and its citizens.

 

The similarities between asymmetric and cyberwarfare are striking, so much so that it is increasingly useful to interchange titles of one when reading materials about the other. It is already clear that cyberwar cannot be won with the equivalent of 'conventional forces':

  • State and nonstate actors coexist and cooperate, with nonstate actors offering useful plausible denial.
  • Attacks, botnets included, have both foreign and domestic computer and network components, many of which are unwitting accomplices.
  • Attacks are increasingly a swarm of blended attacks combining probing, intelligence gathering, phishing (including spear phishing), DDoS, interruption/disruption, spoofing/sensor overload and/or tampering, penetration.
  • Hostile C2 (command and control) nodes may rotate, either for security or operational needs.
  • Attacks can share cyber and electrical grid components, with attacks on one compromising the capacity of the other.
  • Only certain parts of the attack may be visible at any one time - and those visible parts viewed in isolation without confirming intelligence - may have severe jurisdictional and statute roadblocks.

Generally speaking, the ability of states - at least the OECD states - and their militaries to adapt to these asymmetrical challenges seems perpetually in doubt; bureaucratic and doctrinaire issues alone make established bureaucracies and armies vulnerable. We know that, "Systems fail at their boundaries, and that includes boundaries between components and clusters of components that act as subsystems." See: Structured IT risk remediation: Integrating security metrics and Design Basis Threat to overcome scenario spinning and fear mongering, 5/17/2007.

 

It is painful to watch someone so attentive to cyber issues as Defense Tech's Kevin Coleman as he attempts to parse cyber threat ownership in such a fluid, borderless environment. Without a wholistic analysis capacity of all active and passive threats, regardless of the jurisdiction of first observance, subtle signals of surveillance and attack patterns will be missed until it is too late.

 

Time to zero exploit is narrowing. Writing in 2004, Delta between worst-case and realistic cyberattacks narrow:

[cyberattacks come in] three categories: data, analysis of data, and control. Data is often of modest value, especially when data volumes are large and/or frequently changing, and time is short. Actionable information comes from the speedy analysis of data. Poor design, design driven by cost cutting, and design taking immediate advantage of newer technologies without thinking of security intrusion have conspired to create conditions in which data, analysis and control increasingly merge...

 

I submit that increasing systems interconnectivity and interdependence is narrowing the gap between loss of data and loss of life. Pursuing the analysis of data as opposed to raw data allows perps to obtain insight that allows them to attack a target either directly or gain an understanding of the means to attack its control systems. If the default shutdown conditions of a control system are poorly designed, interrupting the control system is tantamount to overtaking the system... If the perps can spot an asymmetrical weakness they will take that path of least resistance, least cost, and least exposure.

Quaint idea: The Forward Edge of the Battle Area

 

Neither cyberwars or contemporary battlefields have a well defined FEBA (Forward Edge of the Battle Area). In many instances they share little of conventional battle structure:

Substitute cyber warriors for asymmetricals in this item from a conference on complex systems, of which homeland security was one of over forty topics:

For insurgents to exploit their asymmetries, they must also negate the asymmetries that favour the conventional force. In particular, they must avoid direct, large scale confrontation against the better equipped, trained and synchronized conventional force. This can be understood using a multi-scale perspective: by generating and exploiting fine scale complexity, insurgents prevent the conventional force from acting at the scale they are organised for: large scale but limited complexity environments.

 

By dispersing into largely independent cells, insurgents can limit the amount of damage any single attack from the conventional force can inflict. This significantly reduces the threat of retaliation from acting as a deterrent, since the insurgents have negligible physical resources exposed to retaliatory attack. Insurgents that do not wear uniforms and blend into a civilian population cannot be readily identified or targeted until they attack, in a situation of their choice. There is no longer a forward edge of the battle line, meaning softer support units are vulnerable. The number of possible locations, times and direction of attack increases significantly compared to attrition warfare, increasing fine scale complexity. The heightened potential for collateral damage from mixing with civilian populations dramatically increases the task complexity for a conventional force that must minimise the deaths of innocent civilians for any hope of strategic victory.

US cyberdefense cannot be a perpetual 'greased pig race'

 

Having long struggled for an appropriate analogy to our dysfunctional cyber jurisdictional divisions between DHS, DoD, NSA, CIA and the FBI, I first chose baseball’s Pennant Race, then NASCAR’s Race to the Chase. But both pretend too much structure; I finally settled for old fashioned pig wresting or greased pig chases. It should be noted that the pig is a juvenile, merely evasive, not hostile. Were the pig an adult sow or boar, its pursuers would be greatly the worse for wear.

 

In yet another failed run at the pig, a recent director of the National Cyber Security Center (NCSC), Rod Beckström, resigned "over what he said is the National Security Agency's (NSA) domination of the nation's cybersecurity efforts" and that "allowing the NSA to control national cybersecurity efforts is a "bad strategy on multiple grounds."

 

My observations:

  • "Homeland security" starts far beyond US borders; waiting till it arrives onshore to be discovered by DHS is too late.
  • DHS may be the traditional protector of civilian networks but they have done an miserable, execrable job of it, washing through one cyber-czar after another. (When even Dick Clarke departs, you know the situation is untennable, and there has been no effective improvement.)
  • Anyone who thought that a tiny appendage within DHS such as Rod Beckstom's National Cyber Security Center (NCSC) could perform a task that Clarke could not has no clue of how the federal bureaucracy functions, but then Beckstrom was the infinite outsider.
  • Only a group with the prestige, capability, scope and bureaucratic muscle of an NSA can mandate a Pax Cyberica.
  • NSA has the rigor and resources to work out standards of reasonably scalable response protection whereas no one in the commercial sector can come near.
  • Protecting civilian networks is herding cats UNLESS changes/upgrades are mandated to all parties lest one player think that another player is gaining a competitive advantage by skipping infrastructure upgrades. (This is exactly the same problem that is inhibiting protective improvements in the commercial power grid).
  • Yes, NSA has, in my opinion, made missteps but I extend the benefit of the doubt in saying that NSA was forward leaning in a very permissive, even cheerleading, environment coming on the heels of 11 September. Better to hold judgment until operation is reviewed under Obama’s rules.
  • I suggest that the "Beckstrom function" needs to exist, if nothing else, to deliver external news, needs and opinion back to NSA, but to do that it needs to be a group attached more to DCI and not DHS.

In a similar vein, an earlier head of DHS’s National Cyber Security Division, Amit Yoran, stated that while DHS had been demonstrably inept (demonstrated "inefficiency and leadership failure"), ceding the function to the one group that could reasonably work the problem, the intel community and NSA in particular, placed the nation in "grave peril." I submit the greater peril is to continuing to chase pigs while expecting different results.

 

The following snippets from Yoran carry my observations following COMMENT:

The government's national cybersecurity efforts would be in "grave peril" if they were dominated by the intelligence community

COMMENT: Possibly, by no means an absolutism. 

"One of the hard lessons learned from the Terrorist Surveillance Program is that such a limited review can lead to ineffective legal vetting of a program," Yoran said. "The cyber mission cannot be plagued by the same flaws as the TSP."

COMMENT: Agreed. TSP was dimly architected, archaic in responsiveness. In short, all manner of silliness that should not be repeated in any application.

Yoran said the intelligence community's mission -- to collect information on adversaries -- is at odds with the mission to secure networks. Faced with a network compromise, the intelligence community's focus would be on counterintelligence activities targeted at the offender rather than working with the public and private sector to secure the network. "Simply put, the intelligence community has always and will always prioritize its own collection efforts over the defensive and protection mission of our government's and nation's digital systems,"

COMMENT: The reflex is in that direction, but a charter can be established to achieve the mission, including all the standard career tracking for those involved so that it does not become a black hole. Also, staff must be selected, not subject to the "each dept give x people" as those people will be the most expendable.

"High levels of classification prevent the sharing of information necessary to adequately defend our systems... It also creates insurmountable hurdles when working with a broad range of government IT staffs that do not have appropriate clearances, let alone when trying to work with, communicate and partner with the private sector. Classification cannot be used effectively as a cyber-defensive technique, only one for avoiding responsibility and accountability."

COMMENT: Can be, but if standards are going to be mandated, they must be discussed for impact and rolled out to all. There can be no effective standards proliferation without sharing, negotiating, and defining both process and firmware changes.

Charney said that there was no question that the NSA was the government's center of technical expertise, but that to get the public "to trust that the networks are being secured well in a transparent fashion, the mission cannot reside in NSA."

COMMENT: The mantle of the new administration can wipe away much of that 'trust' issue. As to mechanics, see answer immediately above.

Instead, he recommended that the DHS retain its lead operational role over cybersecurity but work with the NSA in a way that utilizes the agency's technical expertise.

COMMENT: DHS has been copeless at worse, not architected to deliver or enforce at best. DHS is categorically not the center of excellence in IT hardening skills. Only NSA fullfills that role whereas DHS is seen, with good reason, as feckless.

Yoran said DHS had demonstrated "inefficiency and leadership failure" in its cyber efforts and that "administrative incompetence and political infighting" had squandered its efforts to secure the nation's infrastructure for years.

COMMENT: Correct, and if you believe this, you cannot possibly park the cyber effort within DHS.

 

The forgotten asset

 

It was widely recognized among the military collection assets, Army Security Agency (disbanded, assets rolled into INSCOM), Naval Security Group (now NIOC), and the Air Force Security Services (now Air Force Intelligence, Surveillance and Reconnaissance Agency (IRS), that they were regarded by NSA as "cheap hired help" in field collection and analysis.

 

Conversely, conventional force commanders of all services rarely understood what these three security services did and how conventional forces could reduce their electronic vulnerability. Career intelligence soldiers that did not command an infantry or armored unit, vessel or aircraft did not ascend the promotion ladder, often being transferred into non-technical billets.

 

It appears that matters are now worse as the need is ever more critical. Writing in Spring 2009 issue of the Information Assurance Technology Analysis Center (IATAC) newsletter, two serving officers, Conti and Surdu, state:

The Army, Navy, and Air Force all maintain cyberwarfare components, but these organizations exist as ill-fitting appendages that attempt to operate in inhospitable cultures where technical expertise is not recognized, cultivated, or completely understood. The services have developed effective systems to build traditional leadership and management skills. They are quite good at creating the best infantrymen, pilots, ship captains, tank commanders, and artillerymen, but they do little to recognize and develop technical expertise. As a result, the Army, Navy, and Air Force hemorrhage technical talent, leaving the Nation’s military forces and our country under-prepared for both the ongoing cyber cold war and the likelihood of major cyberwarfare in the future. One need only review the latest computer security report card, which gave the Federal Government an overall grade of C, and the Departments of Agriculture, Commerce, Defense, Interior, Treasury, Transportation, and Veterans Affairs a grade of D or lower, to understand our nation’s vulnerability.

Richard Bejtlich summarizes the issues and provides corroborating personal observations. The implications for a sustaining military cybersecurity asset are ugly and not easily resolved.

 

 

Microsoft Executive Tapped For Top DHS Cyber Post

By Brian Krebs

Security Fix

Posted at 6:53 PM ET on Mar 11, 2009

 

A Ship Without a Captain

Kevin Coleman

Defense Tech

March 10, 2009 07:49 AM

 

NSA Dominance of Cybersecurity Would Lead to 'Grave Peril', Ex-Cyber Chief Tells Congress

By Kim Zetter

Wired

March 10, 2009 | 6:24:42 PM

  

A Struggle Over U.S. Cybersecurity

By Brian Krebs

Washington Post

March 10, 2009

 

10 IT agenda items for the first U.S. CIO

Obama's appointment of Vivek Kundra marks an important first step for rectifying the nation's concerns about IT

By Paul Venezia

InfoWeek
March 09, 2009

 

Federal cybersecurity director quits, complains of NSA role

Rod Beckstrom resigns from NSCS after less than a year, citing concerns over what he said is the NSA's domination of the nation's cybersecurity efforts

By Jaikumar Vijayan

InfoWorld

March 09, 2009

 

Cybersecurity chief Beckstrom resigns

Reuters

Sat Mar 7, 2009 6:19am EST

 

Cybersecurity Chief Resigns

By SIOBHAN GORMAN

WSJ

MARCH 7, 2009

 

Cyber-Security Czar Quits Amid Fears of NSA Takeover

By Noah Shachtman

Wired

March 06, 2009 | 11:52:14 AM

 

New Cyber COCOM Likely

By Colin Clark Friday,

DoD BUZZ

March 6, 2009 6:44 pm

 

NSA gains support for cyber security role

HS Daily Wire

Published 4 March 2009

 

NSA should beef up civil cybersecurity

Ian Grant

Computer Weekly

Posted: 17:39 26 Feb 2009

 

ANNUAL THREAT ASSESSMENT

HEARING OF THE HOUSE PERMANENT SELECT COMMITTEE ON INTELLIGENCE

WITNESS: MR. DENNIS C. BLAIR, DIRECTOR OF NATIONAL INTELLIGENCE

CHAIRED BY: REPRESENTATIVE SILVESTRE REYES (D-TX)

LOCATION: 334 CANNON HOUSE OFFICE BUILDING, WASHINGTON, D.C.

TIME: 9:00 A.M. ET

DATE: WEDNESDAY, FEBRUARY 25, 2009

 

Statement for the Record

Annual Threat Assessment of the Intelligence Community for the House Permanent Select Committee on Intelligence

Dennis C. Blair

Director of National Intelligence

25 February 2009

Buck Surdu and Greg Conti Ask "Is It Time for a Cyberwarfare Branch?"

Posted by Richard Bejtlich

TaoSecurity

February 24, 2009

 

Army, Navy, Air Force, and Cyber—Is it Time for a Cyberwarfare Branch of Military?

by LTC Gregory Conti and COL John "Buck" Surdu

IA Newsletter (IATAC)

Volume 12 Number 1, pp 14-18, Spring 2009

 

Outsider to Run Cyber-Security Initiative

By SIOBHAN GORMAN

WSJ

MARCH 20, 2008

About the bears and the bees: Adaptive responses to asymmetric warfare

Alex Ryan, DSTO, Australia

Proceedings of the Sixth International Conference on Complex Systems

Editors Ali Minai, Dan Braha, Yaneer Bar-Yam

June 25-30, 2006, Boston, MA

 

U.S. cybersecurity chief resigns

By Robert Lemos

Staff Writer, CNET News

October 1, 2004 2:52 PM PDT

 

Where is the Battle-line for Supply Contractors?

By Susan A. Davidson, Maj, U.S. Army
AU/ACSC/038/1999-04

April 1999

Reprinted: Air Force Journal of Logistics, Vol 23, No 2, pp 12-19

Summer 1999

Published by DIANE Publishing

ISBN 1428990941, 9781428990944

 

FM 101-5-1/MCRP 5-2A

Operational Terms and Graphics

Headquarters, Department of the Army/U.S. Marine Corps

30 September 1997

 

Gordon Housworth



Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  

discussion

  discuss this article

Beijing moves to preempt flash mob behavior for any purpose, be it civil, commercial, nationalistic or anti-state, during the Olympics

  #

As part of an all-state asset effort to produce a Disney-like Olympics experience to the world, Beijing is preempting flash mob/smart mob behavior for any purpose, be it civil, commercial, nationalistic or anti-state during, and perhaps after, the August venue. The tell tale is in a Fallows' Atlantic article:

[N]ew limits will apply on how many messages can be sent from each phone each hour. The limits are high enough that they won't affect ordinary users but would make it harder to send a mass broadcast... Short messages are the main way people can react to news in a hurry -- or organize actions in response. If you want to hold a meeting or rally or just get a lot of people to the same place at the same time, SMS is the way to go. So if you limit SMS, you've cut the main communication tool for individuals trying to act as a group...

The surprise is that the authorities have waited so long. China has a rising and vibrant protest movement that the authorities have spent considerable effort to suppress both in the field and in the press:

These "sudden incidents" or "mass incidents," in official parlance, are presenting Chinese officials with a serious problem that goes beyond the negative image of China they project to the outside world. The sheer numbers are noteworthy. In August 2005, the country's public security minister, Zhou Yongkang, announced that some 74,000 such events had taken place in 2004, an increase from 58,000 the year before. According to Zhou, 17 of the 74,000 involved more than 10,000 people, 46 involved more than 5,000 people, and 120 involved more than 1,000 participants. But many believe the actual figures are higher.

While many of these are lesser events, rising locally by word of mouth without communications technology, many are extremely potent in terms of their public reaction. See The Case of Dai Haijing for the public reaction to the obtuse official handling of the gruesome murder of a favorite teacher. The number of total incidents are now put over 100,000 per annum. It is this volume that forms the backdrop of uncertainty for the CCP.

The 2005 anti-Japanese watershed: state sponsorship loses control

 

The CCP found that even when it instigated a nationalistic street response to Japanese application for a permanent seat on the UN Security Council, Japanese history textbook minimizing Japanese wartime atrocities, and Japanese objection to a tripartite agreement between national oil companies of China, the Philippines and Vietnam for seismic exploration of the contested Spratly Island Group (also here, here and here), that it could not contain the public fury of a population armed with cell phones offering voice, email and SMS. (Readers wanting to reprise these events are recommended to look at the endnote bibliography, starting here and here for events and here for the longer term context.)

Writing in Autonomous Chinese 'smart mobs' outside of Party control, 4/26/2005:

While many have noted the risk to the Chinese Communist Party (CCP) of promoting nationalism as a distraction to social and economic matters, the recent near miss of nearly "losing control over xenophobic crowds" in promoting anti-Japanese protests must have driven home the risk to both the CCP as governor of the nation and to personages and factions within the CCP... I submit that technology stole a march on CCP leadership:

[While] police and Ministry of State Security agents had closely monitored the activities of various "anti-Japanese" NGOs - which were responsible for organizing protests and internet petitions - Beijing had far from adequate control over the extent to which such "people-level" organizations would go... "Hu and a number of his PSC colleagues have come to the conclusion that the authorities' ability to control nationalistic outbursts has declined markedly compared to [1999 when Beijing was] largely successful [in stopping] the anti-U.S. protests a few days after the embassy-bombing incident."

Diplomatic analysts in the Chinese capital said Beijing was nervous over the fact that, owing to the internet and other sophisticated forms of organization and mobilization, several relatively new and inexperienced groups were so successful in turning out the crowds. The analysts said many protests in recent Chinese history... started out as expressions of patriotism. Once the genie is out of the bottle, however, it would be difficult even for the CCP to prevent mass movements from suddenly becoming anti-government in nature.

Spontaneous smart mobs independent of government control have come to China's youth where an approximate 100 million internet users grow at 30% per annum and 350 million (27% of China's 1.3 billion people) own cellphones for voice and text messaging...

Even the most benign organized public events give an order-obsessed public security apparatus concern. Take this modest flash mob event:

On Sunday afternoon, a small group of young people gathered at the Hongqi Street in city Changchun, northest China's Jilin Province. These young people, in matching clothes, and each holding a guitar, stood in line and began to sing a pop song. And suddenly, they dispersed.

Protests from fenqing to middle class

The authorities are highly attentive to young nationalists known as fenqing, or the 'angry youth' among other translations:

"These people have been trained in an authoritarian system. They are at the same time victims of an authoritarian system, but they also behave in an authoritarian way towards others and are incredibly self-righteous... We should be more tolerant and respect the right of people to disagree with us but these people do not understand such values."

The definition of fenqing has morphed:

  • Cultural Revolution: urban-dwelling students who were sent to the countryside to toil with peasants and became embittered towards a society that had stolen their futures.
  • 1980s: students and intellectuals who shaped the movement for greater social and political freedoms that ended when the tanks rolled into Tiananmen Square
  • 2000s: patriotic, xenophobic, nationalistic and, in some cases, violent in their defence of the motherland. This latest incarnation has partly emerged as the result of government policies implemented in reaction to the events of 1989, after which "patriotic" indoctrination became an even more important element of the education system.

Beyond the fenqing, the Chinese middle class are rising, albeit more politely, against what they see as local government inattention and inaction to their needs.

The CCP in Beijing was forced to take notice, overruling local party cadres in the process, of a 2007 popular middle class resistance in Xiamen that, in the face of local party control of the press, used blogs, cellphones and text messaging to oppose a multi-billion dollar chemical plant believed to be harmful to the environment. (Also here)

Mere months later, the bourgeoisie of Shanghai emulated Xiamen in 2008 to express its "discontent over a planned extension of the city's magnetic levitation, or maglev, train" through residential neighborhoods, and at excessive cost.

This author doubts that the state security apparatus could have failed to notice that an "online 'flash mob' and not the Russian government" was responsible for DDoS attack against the Estonian state.

Bulletin boards, SMS and the Human Flesh Search Engine

 

Bulletin boards do much of the heavy lifting before SMS takes over:

[A] large part of the organization is done on the Internet in China, specifically on BBSes. While the BBS (bulletin board system) is something outdated and antiquated in the US Internet, it has been a very important part of the Chinese Internet, and I would argue, it is growing and becoming more influential. For the Chinese government, it is a headache because in spite of Chinese government regulations, it is largely unregulated. For western corporations it is a good place to gather information but is useless for advertising, but for many Chinese it is the most important part of the Internet (along with online gaming and their IM client, which is most likely to be QQ or MSN Instant Messenger depending on their age and demographics).

Most westerners who come into the China Internet market have no idea of its power and influence, and instead think that the Chinese Internet is largely the same as the US market, but it isn't. The Chinese government doesn't really like BBSes because it really is free (as in free speech), and is the breeding ground for all kinds of weird stuff. And while it is important for gathering buzz on products (as CIC, based in Shanghai, does) for corporations, nobody has really been able to monetize it. And, western journalists fail to monitor it, which is why they miss on so many big stories, and end up giving credit to some sinister Chinese government policies.

And China's Human Flesh Search Engine:

The types of group-forming [Clay Shirky] describes are sometimes called crowdsourcing and flash mobs. For those of us in China, we might better know crowdsourcing as the Human Flesh Search Engine, the increasingly frequent phenomenon of online crowds gathering via China's bulletin board systems, chat rooms, and instant messaging to collaborate on a common task. The Human Flesh Search Engine shares many of the same characteristics of Shirky's networked social collaboration: Enabled and made cost-effective by technology, channeling an existing motivation that was not possible to act upon as a group before...

 

China's Human Flesh Search Engine is a poor translation (yet a popular and visceral description) of the Chinese phrase ren'rou sou'suo... and was, for a day, Google's homepage for its Chinese edition Googrle.cn (the page can still be found online here). The fact that day was April 1st should tell readers it was meant as tongue-in-cheek (and may not entirely be a joke - a number of search engines have tried human-assisted search and relevance checking), but it put a name to a movement that has been happening online in China for some time: Online collaboration by Netizens to search via the power of China's massive 225 million Internet users.

It remains to be seen if a resourceful Chinese interest group will find a way around the SMS limitation imposed by the authorities, but Beijing has increased its odds of a Disney production.

 

Everything changes tomorrow

James Fallows

The Atlantic

19 Jul 2008 12:01 am

 

Tag Archives: What is Fenqing

What is a Fenqing?

Thinkwierd's Blog

June 10, 2008 - 12:50 am

 

China's Human Flesh Search Engine - Not what you might think it is...

China Supertrends

May 25, 2008 3:56 pm

 

What Tibet and Carrefour Can Teach Us About the Chinese Internet

The China Vortex

May 9, 2008 at 10:11 am

 

China's angry youth vent their feelings

By Jamil Anderlini in Beijing

FT

Published: May 2 2008 17:15 | Last updated: May 2 2008 17:15

 

JOURNAL: Tibet, Protests, and Insurgency

John Robb

Global Guerrillas

Saturday, 29 March 2008

NOTE: See the reader comments to Robb's post in relation to this topic

 

Spratly Islands: Dangerous deals in Dangerous ground

Mike in Manila

March 9, 2008

 

China: Coveting Neighborhood Energy Resources

Written by Administrator

Paracels & Spratlys

Monday, 04 February 2008

 

Shanghai's Middle Class Launches Quiet, Meticulous Revolt

By Maureen Fan

Washington Post

January 26, 2008

 

Estonia attacks down to online 'flash mob'

Russian government not to blame, says F-Secure

Written by Iain Thomson in Helsinki

vnunet.com

27 Sep 2007

 

"Flash Mob" Puzzles Bystanders

China Org CN

(CRI.cn August 7, 2007)

 

Green Protests Suspend Chinese Chemical Plant

by Shai Oster, Wall Street Journal

Wen Bo

China Program

Pacific Environment

 

Text Messages Giving Voice to Chinese

Opponents of Chemical Factory Found Way Around Censors

By Edward Cody

Washington Post

June 28, 2007

 

CHINESE PERCEPTIONS OF TRADITIONAL AND NONTRADITIONAL SECURITY THREATS

Susan L. Craig

downloads

Strategic Studies Institute

ISBN 1-58487-287-X

March 2007

 

Daily Brief Comments September 2006

EastSouthWestNorth

September 2006

 

The Case of Dai Haijing

Why do students demonstrate in China?  First of all, please remember that high school student demonstrations do not happen that frequently and so there must be something extraordinary.

EastSouthWestNorth

August 26, 2006

 

A Real Peasants' Revolt

They're rioting in China.

by Jennifer Chou

The Weekly Standard

01/30/2006, Volume 011, Issue 19

 

The Anti-Japanese Demonstrations in China

A Long History

By GARY LEUPP

Counterpunch

Weekend Edition

April 23 / 24, 2005

 

Anti-Japanese Demonstrations Appear "Staged"

By Zhao Zifa

The Epoch Times

Apr 18, 2005

 

Violent anti-Japanese protests resume in China

Christopher Bodeen
Associated Press
April 17, 2005

 

China rejects calls for apology

BBC NEWS

Published: 2005/04/17 11:43:53 GMT

 

In pictures: China protests grow

BBC News

Last Updated: Sunday, 17 April, 2005, 16:04 GMT 17:04 UK

 

Chinese Authorities Temper Violent Anti-Japan Protests

Students Cancel Mass March in Beijing

By Edward Cody

Washington Post

April 16, 2005

 

ANTI-JAPANESE PROTEST

Chris Myrick

April 16, 2005

 

China warns against Japan rallies

BBC News

Last Updated: Friday, 15 April, 2005, 07:31 GMT 08:31 UK

 

U.S., U.N. warn on China, Japan

CNN

April 15, 2005 Posted: 0643 GMT (1443 HKT)

 

Anti-Japan Fury Spreads Through China's Streets

By Bruce Wallace

LA Times

April 11, 2005

 

China blames Japan for tensions

BBC News

Last Updated: Monday, 11 April, 2005, 05:39 GMT 06:39 UK

 

China rally prompts Japan protest

BBC News

Last Updated: Sunday, 10 April, 2005, 05:06 GMT 06:06 UK

 

Chinese angry at Japan's UN bid

By Rupert Wingfield-Hayes

BBC News, Beijing

Last Updated: Monday, 4 April, 2005, 10:44 GMT 11:44 UK

 

Spratly Islands: The Tide of Trouble Rises

Stratfor

March 31, 2004 | 2359 GMT

 

Spratly Islands

Global Security

 

The Spratly Islands:  A Threat To Asian Regional Stability

K. Scott Holder, Defense Intelligence Agency

CSC 1995

 

Gordon Housworth



Cybersecurity Public  InfoT Public  Strategic Risk Public  

discussion

  discuss this article

Congressional Quarterly's remarkable recap of Israeli espionage

  #

Congressional Quarterly (CQ) recently released a startlingly candid analysis of Israeli espionage, including the process of Mossad's seeking "spotters" able to identify members of the Jewish-American community susceptible to recruitment:

Mossad agents also scout for people to help them in the Jewish-American community, he said, based on their religious and political commonality. It's a vast community of potential "spotters," who can point them to other Jewish Americans in government, law, finance and banking who might be susceptible to recruitment, as is the case with potential Chinese and Cuban recruits.

Furthermore, the level of Israeli penetration is so great that many or all trials on the topic may be hamstrung:

A former senior CIA counterintelligence operative believes the [Ben-Ami Kadish] case "will never go to trial, because of all the ugly stuff that would come out" about Israeli activities in the United States. Indeed, Justice Department attorneys have fought to keep "ugly stuff" from emerging in the trial of two officials of the American Israel Public Affairs Committee, or AIPAC, charged with accepting classified documents from Pentagon official Larry Franklin.

NOTE TO READERS: If you are already aware of pro-Israeli efforts to deflect frank discussions of US geopolitical interests, or are immune to comments critical of Israel, skip down to the full text mirror of the CQ article by Jeff Stein. If you are unfamiliar with Congressional Quarterly or the efforts to stifle debate I submit the next comments are worth the read as a follow-on to Israel was planting malicious chips in US assets before China.

For those unfamiliar with CQ, it is the gold standard in Capitol Hill and congressional reporting, fielding more than 150 reporters and researchers while maintaining substantial databases on both Congress and government. Founded in 1945 by husband-wife team of Nelson and Henrietta Poynter as a explanatory link between newspapers and the opaque operations of DC, Nelson Poynter stated that "government will never set up an adequate agency to check on itself," foundations were "too timid," thus client-driven commercial effort was needed. (Most of CQ's products are subscription based but the espionage item was among the subset flagged for public release.)

One would think, but cannot be certain, that CQ is above reproach from the hyper-Israeli press sentinels of which I have written:

The pro-Israeli HonestReporting is often not, but it is only modestly apologetic in comparison to the Committee for Accuracy in Middle East Reporting in America (CAMERA), the velocity of whose text barely holds onto a claim of legitimacy in presenting an Israeli issue.

A month has elapsed since the CQ National Security Editor, Jeff Stein, released Israel Might Have Many More Spies Here, Officials Say and as of today neither CAMERA or HonestReporting has attacked CQ, Stein or the article so there may be limits after all. If so, it is the first in recent memory. As the UK's Financial Times observed in its 2006 American and Israel:

Reflexes that ordinarily spring automatically to the defence of open debate and free enquiry shut down - at least among much of America's political elite - once the subject turns to Israel, and above all the pro-Israel lobby's role in shaping US foreign policy.

 

Even though policy towards the Middle East is arguably the single biggest determinant of America's reputation in the world, any attempt to rethink this from first principles is politically risky.

 

Examining the specific role of organisations such as the American Israel Public Affairs Committee, commonly considered to be the most effective lobby group in the US apart from the National Rifle Association, is something to be undertaken with caution...

 

Moral blackmail - the fear that any criticism of Israeli policy and US support for it will lead to charges of anti-Semitism - is a powerful disincentive to publish dissenting views. It is also leading to the silencing of policy debate on American university campuses, partly as the result of targeted campaigns against the dissenters...

 

Doctrinal orthodoxy was flouted [in] a paper on the Israel lobby by two of America's leading political scientists, Stephen Walt from Harvard's Kennedy School of Government and John Mearsheimer from the University of Chicago. They argue powerfully that extraordinarily effective lobbying in Washington has led to a political consensus that American and Israeli interests are inseparable and identical.

 

Only a UK publication, the London Review of Books, was prepared to carry their critique, in the same way that it was Prospect, a British monthly journal, that four years ago published a path-breaking study of the Israel lobby by the American analyst, Michael Lind...

The irreverent Texan political commentator, Molly Ivins, observed from our side of the pond:

For having the sheer effrontery to point out the painfully obvious - that there is an Israel lobby in the United States - Mearsheimer and Walt have been accused of being anti-Semitic, nutty and guilty of "kooky academic work." Alan Dershowitz, who seems to be easily upset, went totally ballistic over the mild, academic, not to suggest pretty boring article by Mearsheimer and Walt, calling them "liars" and "bigots."...

 

In the United States, we do not have full-throated, full-throttle debate about Israel. In Israel, they have it as a matter of course, but the truth is that the accusation of anti-Semitism is far too often raised in this country against anyone who criticizes the government of Israel.

 

Being pro-Israel is no defense, as I long ago learned to my cost... It's the sheer disproportion and the vehemence of the denunciations of those perceived as criticizing Israel that make the attacks so odious. Mearsheimer and Walt are both widely respected political scientists - comparing their writing to "The Protocols of the Elders of Zion" is just silly...

That disproportion was demonstrated against a renown economist attempting, at US military request, to estimate the cost of conflict:

A good example was the furor made over Thomas Stauffer's estimation of the cost of conflict of US policy in the Middle East which was disputed by pro-Israeli sources. Stauffer made his initial comments under US Army War College auspices at a conference at the University of Maine but that presentation seemed to be obscure, ultimately yielding only one HTML copy on the web, with a PDF mirror at an appallingly anti-Semitic site. That led to more developed items in Middle East Policy Council (MEPC) and the Middle East Economic Survey (MEES).

Stauffer suffered the same withering criticism as did any source mirroring his conclusions as the very reliable Christian Science Monitor (CSM) found when it attempted to cover the topic.

 

Preface concluded, here is Stein's article: 

Israel Might Have Many More Spies Here, Officials Say

By Jeff Stein, CQ National Security Editor

CQ Homeland Security

Congressional Quarterly Inc.

April 25, 2008 - 8:13 p.m.

The elderly New Jersey man arrested last week on charges of spying for Israel years ago was probably still working for the Jewish state's espionage service in tandem with another, as yet unidentified spy, former American intelligence officials say.

Ben-Ami Kadish, now 84, was employed as a mechanical engineer at a U.S. Army weapons center in New Jersey when he allegedly supplied his Israeli handler with classified military documents, according to charges filed last week.

The handler was named only as "CC-1," or co-conspirator 1, in the criminal complaint. But its description of him as the same man who was handling the notorious Israeli mole Jonathan Pollard all but identified him as Yosef Yagur, formerly the consul for scientific affairs at the Israeli consulate in New York.

Pollard, who gave Yagur thousands of highly classified documents while working as a navy intelligence analyst in the 1980s, is in the 21st year of a life sentence for espionage.

Kadish, who worked at the U.S. Army's Picatinny Arsenal in Dover, N.J., from 1963 to 1990, could also spend the waning years of his life in jail if he is convicted.

A former senior CIA counterintelligence operative believes the case "will never go to trial, because of all the ugly stuff that would come out" about Israeli activities in the United States.

Indeed, Justice Department attorneys have fought to keep "ugly stuff" from emerging in the trial of two officials of the American Israel Public Affairs Committee, or AIPAC, charged with accepting classified documents from Pentagon official Larry Franklin.

But the federal judge in the case has indicated he might not go along with their strategy. Last month Judge Thomas Ellis III indefinitely postponed the trial of AIPAC officials Steven Rosen and Keith Weissman, which was scheduled to open next week.

Neither the United States nor Israel, strategic allies struggling with Middle East terrorism, the war in Iraq and the rising threat of Iran, can afford a breech in relations triggered by either case.

The Justice Department said Kadish brought home briefcases full of classified documents, which "CC-1" photographed in his basement. Among the documents was "restricted data" on nuclear weapons, classified information on a modified F-15 fighter that was sold to an unnamed foreign country (most likely Saudi Arabia), and a document relating to the Patriot anti-missile system, which the United States deployed to Israel during the first Gulf War in 1990.

Yagur fled New York in 1985 as U.S. counterintelligence agents closed in on Pollard. He has not been back since, U.S. officials believe.

They thought that was the end of his espionage operations here.

But Yagur evidently kept in touch with Kadish, exchanging e-mails and telephone calls with him long after he returned to Israel. Kadish went to Israel in 2004 and met with his former spy master, authorities said.

Just last month, on March 20, "CC-1" told Kadish to lie to FBI agents who had questioned him about the documents, according to a wiretap transcript produced by federal prosecutors.

"Don't say anything. Let them say whatever they want. You didn't do anything," CC-1 told Kadish. "What happened 25 years ago? You didn't remember anything."

Ron Olive, the navy investigator in charge of the Pollard case, said he was shocked when he heard about Kadish's arrest.

The description of CC-1 as Pollard's handler meant that "it has to be" Yagur, he said by telephone from Arizona, where he was giving a counterintelligence lecture to federal officials.

"I was like, 'holy cow, this is unbelievable,'" he said.

Olive said the arrest meant that Kadish was still working for Israeli intelligence.

"It means Israel still has an agent in place in the U.S. who can ferret out someone who has access to information they want," Olive said.

One role Kadish could play was as a "spotter," who could size up possible recruits for Israeli intelligence, even while living in a retirement community in Monroe Township, N.J., said Olive and another former federal agent.

"That jumped out at me," said Harry B. "Skip" Brandon, a former deputy assistant director of counterintelligence at the FBI.

"It is very unusual for a former agent handler and his former agent to remain friends. And it's dangerous for both," he added. Any communication between the two, no matter how innocent, raises the risk of detection and exposure.

Other aspects of the case suggest that Jerusalem has at least one, and maybe several more spies embedded in U.S. military services or intelligence agencies: As with Pollard, the Israelis asked Kadish for specific documents, indicating they knew what they were looking for, supplied by another spy.

"You know, it wouldn't surprise me one bit," said Olive, who in 2006 published a memoir about the case, "Capturing Jonathan Pollard: How One of the Most Notorious Spies in American History Was Brought to Justice".

Olive said Pollard stole "360 cubic feet" of classified documents during his six years as an Israeli mole. "It was the most devastating spy case I ever saw," he said. "No other spy in the history of the United States has stolen so many secrets, so highly classified, in such a short period of time."

"No other spy in the history of the United States has stolen so many secrets, so highly classified , in such a short period of time," he said.

There have long been rumors of a "Mr. X," Olive said, "another unknown government employee who had access to information that the Israelis could use."

Israeli intelligence had a spy, code-named MEGA, high up in the Reagan administration at the same time Pollard, and now allegedly Kadish, were stealing documents, according to a Washington Post story years ago that has never been confirmed.

In fact, according to past and present U.S. counterintelligence officials, Israeli agents were so aggressive even after the Pollard case that an FBI counterintelligence boss in the late 1990s, David Szady, summoned Mossad's top official for a tongue lashing.

"Knock it off," Szady said, according to a reliable source on condition of anonymity.

Szady has been pilloried in pro-Israel circles for pursuing the AIPAC case, which many critics say amounts to trumping up espionage charges against officials who were merely engaging in the kind of transaction officials and journalists conduct every day.

But the Israelis here have never stopped practicing the "world's second oldest profession," as espionage is sometimes dubbed, despite years of rote denials, many officials say.

"I guarantee you the same thing is happening now," said Olive, who trains Department of Energy security officials on detecting signs of espionage.

One effective espionage tool is forming joint partnerships with U.S. companies to supply software and other technology products to U.S. government agencies, intelligence officials say.

But Brandon, who retired in the mid-1990s but retains many intelligence contacts for his global security consulting business, says the Israelis are interested in commercial as much as military secrets. They have a muscular technology sector themselves.

"They are always looking for a leg up," he said.

Congress is a major target, too, Brandon said.

"God, they would work the Hill," he said. "They really worked the Hill. They were not necessarily interested in collection [of information] so much as they were in influence."

Influencing Congress is usually the domain of foreign diplomats, he said, but in Israel's case there was "very little distinction between Mossad and the diplomats."

"They were very sharp," he added. "Their best and brightest."

Mossad agents also scout for people to help them in the Jewish-American community, he said, based on their religious and political commonality. It's a vast community of potential "spotters," who can point them to other Jewish Americans in government, law, finance and banking who might be susceptible to recruitment, as is the case with potential Chinese and Cuban recruits.

Or just useful conversation. Israeli agents, Brandon said, are skilled at eliciting information from unwary Jewish Americans in strategically important positions.

"They make you feel good, feel important," he said. "They don't even realize they're giving up something" sensitive, or even classified - until it's too late.

At the same time, U.S. and Israeli intelligence officials have worked hand in glove on numerous fronts since 1948, when the Jewish state was founded.

Mossad had access to Russian Jews who supplied the West with Soviet military, scientific and technical secrets. American and Israel intelligence have always worked closely in counterterrorism.

But they don't tell each other everything, which is why the relationship sometimes veers from friendship to competition.

"They were never, ever allowed in our facilities," says a former CIA officer who was sometimes assigned a liaison role with Israeli counterterrorism agents.

Likewise, when CIA or other U.S. intelligence operatives visited Israel, Israeli security agents would "toss their room," he said, "just to show who's in charge."

Jeff Stein can be reached at jstein@cq.com.

Source: CQ Homeland Security
(c) 2008 Congressional Quarterly Inc. All Rights Reserved.

FAIR USE NOTICE:

Materials cited in this feed are found primarily on the Internet and email newsletters/publications.  Some content may be copyrighted. These materials, including copyrighted materials,  are intended for "fair use" as permitted under Title 17, Section 107 of the United States Code ("The Copyright Law").  Such "fair use" includes: criticism, comment, news reporting, teaching, scholarship, research, or situational awareness and intelligence by members of the United States Government, Government contractors, and postsecondary academic institutions for non-profit official purposes.  Use of copyrighted material for purposes other than "fair use" or purposes other than provided by law requires permission from the copyright owner."

In fair disclosure, following is my AIPAC series:

Israel Might Have Many More Spies Here, Officials Say

By Jeff Stein, CQ National Security Editor

CQ Homeland Security

Congressional Quarterly Inc.

April 25, 2008 - 8:13 p.m.

 

Molly Ivins: Pro-Israel 'Nutjobs' on the Attack

By Molly Ivins

TruthDig

Posted on Apr 25, 2006

 

America and Israel

Financial Times

Published: April 1 2006 03:00 | Last updated: April 1 2006 03:00

 

Economist tallies swelling cost of Israel to US

By David R. Francis

Christian Science Monitor

December 09, 2002 edition

Editor's note to Economic tallies

Christian Science Monitor

posted December 16, 2002

 

Gordon Housworth



Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  

discussion

  discuss this article

Israel was planting malicious chips in US assets before China

  #

Reporting on the FBI investigation of Chinese counterfeit, some possibly malicious, electronics has made no mention that Israel had embedded malicious chips in nothing less than the White House phone system by 2000. Outside of members of the intelligence community and attentive technical readers of the period, this will come as a surprise, possibly coupled with the erroneous assumption of anti-Israeli bias, to many readers.

Nothing in open source then or since has convinced me that the US telecommunications network is either secure or immune to further interruption or breach. Whereas SCADA control networks, primarily for power grid generation, transmission and distribution applications (genco, transco, disco), and recently fiber optic networks have been identified as vulnerable to attack, little has been made publicly of telco vulnerability until the China Cisco counterfeits. The vulnerability of the US/EU telco network to a variety of state and nonstate actors is so great that it should be ranked adjacent to the vulnerabilities of our SCADA networks, for all applications, and fiber optic networks. See:

Telco supply chain analysis has again been reduced to function at lowest cost with the assumption of low risk. All tier providers from whatever state actor need to be examined and risk assessed in the design, fabrication, installation and maintenance phases. See Foreign vulnerability inherent in US globalization of its commercial and defense supply chains, 5/6/2008.

Israel as independent actor, often counter to US interests, not unlike China

From Palmerston, interests, and forms of governance, 5/22/2004:

Israel pursues an independent diplomatic policy at odds with US interests. Israel is a modest cooperative partner in the US war against terrorism. Just as the Russians, the Pakistanis, the Chinese and others did in the post 11 September period, Israel immediately offered the US data that painted their parochial adversaries as the architect or participant of the air liner assault so that we might attack them. Each country offers or withholds information so as to advance its national interests, and attempts to influence where it cannot command. Israel is no exception and I think that it applies Palmerston better than the US.

Israel ran Jonathan Pollard, a US Navy civilian analyst, as a spy to enormous and ongoing harm to the US. Israel not only used that information to US disservice but further went on to sell or broker that information to the Russians and the Chinese, perhaps others. The impact on the US is still being felt to this day and none of the attempts of his apologist spouse, Esther, will wipe that away. The effects of Pollard's espionage is so great that Director CIA threatened to resign if Clinton pardoned Pollard. (If a US national has strong loyalties, be it religious, tribal, cultural or geographic, that work to the detriment of US interests, then I am also at odds with them.)

Israel is not a devoted friend of the US and it has nothing to do with religion or its democratic governance. (We forget that France was the principal post-partition mentor of Israel before the US.) It is a nation state acting in its best interests, some of which correspond to our own...

Yes, there are tactical interests between the US and Israel. Examples being the identification of certain Palestinian assets to the Israelis... I was in some briefings by Israeli officers in which they used a metaphor that I think circulates within the IDF, as others have heard it, that Israel is like the man atop a burning building that can neither put out the fire or get down off the building. All actions are conducted within that narrow range of options.

Commentary follows on related Israeli collection efforts and how those events receded from the public consciousness. The note on sources for a series on the interaction of AIPAC, American Jews, the State of Israel and the Christian Right also applies here.

Recognition of intel collection events obscured by fog facts

Larry Beinhart, author of American Hero [snippets here] filmed as Wag the Dog, describes "fog facts" as an overlooked class of information that become increasingly obscure with the passage of time. (This analyst would add lack of simple search tool access by scrolling off of the original source, lack of mirroring or mirroring at sites that have an otherwise offensive character, original foreign or foreign language sources, or pre-2004 topical information before the advent of the web that is still less well captured than post-2004 data.):

Fog facts are things that have been reported, somewhere, sometime, but have disappeared into the mist - like the pre-9/11 hints that there were hijackers in our midst. The fog facts can still be found by enterprising reporters, but with time and news space increasingly crunched - and media priorities shifting to the trivial - they usually remain obscure, at least to the general public.

Diplomatic "dead air," from both the embarrassed target and successful collector, combined with dissuasion of national reporting creates fog facts in record time. In the case of Israel, two events have persisted in the public consciousness, out of the fog bank: the Jonathan Pollard and USS Liberty affairs. Almost all other Israeli intel collection efforts against the US have receded into fog facts as if they never existed.

Espionage at the pinnacle of impunity

Consider Bush43 standing before the State Duma (lower house) or the Federation Council (upper house) of the Russian Federation or the PRC's National People's Congress (NPC) or Central Committee of the CCP and making the equivalent declaration:

I have been fortunate to see the character of Israel up close. I have touched the Western Wall, seen the sun reflected in the Sea of Galilee, I have prayed at Yad Vashem. And earlier today, I visited Masada, an inspiring monument to courage and sacrifice. At this historic site, Israeli soldiers swear an oath: "Masada shall never fall again." Citizens of Israel: Masada shall never fall again, and America will be at your side.

Given the level of espionage directed against the US by the State of Israel, the comparison is pointedly appropriate.

 

Israel's espionage efforts against the US, despite Israeli diplomatic statements to the contrary, are long standing, and all too effective. From Who's on the National Security Threat List and why?, 4/27/2004:

The 2000 Annual Report to Congress on Foreign Economic Collection and Industrial Espionage uncloaked to identify six greatest offenders as China, Japan, Israel, France, Korea, Taiwan, and India. I surmise the temporary Russian absence was due to the disruption from the breakup of the former Soviet Union. Taiwan was greatly exercised by being publicly placed among 13 nations designated as a threat to US national security, "including Russia, China, North Korea"... Who doesn't get publicized on the list are our closest allies such as the UK, (then West) Germany, the Netherlands, Belgium, and Canada.

Commercial enterprises and individuals account for the bulk of international industrial espionage activity, roughly three times the percentage due to foreign government-sponsored efforts.  Even developing countries pose a threat as their intel agencies profited from training provided by the USSR, DDR (East Germany), Czechoslovakia, Bulgaria, and even the US and so have created a "reservoir of professionally trained intelligence mercenaries."

Israel's espionage efforts are rivaled by their technology diversion efforts. From the 2005 Israel as serial violator, temporarily the chicken killed to scare the monkeys:

It is appropriate to class Israel as a serial violator in terms of its diversion of US weapons technology and weapons systems embedding US technology to states such as the PRC. Israel regards such sales as essential both to bolster its own defense industry and to secure greater independence from US strictures on its diplomatic action. Israel is also a purchaser of US weapon systems as well as a creator of weapons systems of interest to the US, thus it becomes a multi-edged proposition in purchases, technology, diplomacy, and US domestic politics.

 

Despite its violations Israel has succeeded in deflecting the bulk of US displeasure, thus is was interesting to see the US move to "sideline" Israel from "participating in developing the Joint Strike Fighter because of violations of agreements about arms sales to China."

Whatever one's opinion is of the State of Israel, the state is certainly unique in its ability to target US assets while retaining a more than cooperative relationship with the US.

Security risks in telco supply chains

This analyst would have the same concerns of employing a Chinese telco to build and/or maintain sensitive telecommunications systems, or provide service via their systems, as I would an Israeli firm as we have already had three significant, verified breaches courtesy of Tel Aviv, most notably the breach (also here) of the White House phone system by Telrad during the Clinton administration. I would have equal interest in the master purchase agreement between Sprint and ZTE, and the presence of Huawei of Telrad in telco installations.

PTT (Post, Telegraph and Telephone) applications should be on a national security-level footing regardless of who builds, and the pen testing and on-going monitoring should be done externally. Yes, this approach requires more money, assets and training but that is part and parcel of a national security footing. Witness the recent penetration of the Greek cell phone system (details here) and the recording of calls by senior government officials. Due to both architecture and insufficient patching, the perpetrators were able to penetrate and monitor even as they shielded their efforts.

 

Possible targets must examine their entire supply chain well into the lower tiers, the ostensibly more innocuous the better. Witness the Israeli firm, Amdocs Ltd, which did, and may still do, the bulk of directory assistance calls and call records and billings in the US. It was said that it was virtually impossible to make a landline call without generating an Amdocs record. NSA long felt that while Israel may not have been intercepting the contents of the calls, it did have a perfect "traffic analysis" of who called whom when and for how long. Combine that with external events and you have amazing abilities.

 

Israel penetrates the White House communications network

 

Said to have been operational in 1998 during intense Israeli speculation about US intentions of the ongoing peace process:

The tip-off about these operations [appears] to have come from the CIA... A local phone manager had become suspicious in late 1996 or early 1997 about activities by a subcontractor working on phone-billing software and hardware designs for the CIA. The subcontractor was employed by an Israeli-based company and cleared for such work. But suspicious behavior raised red flags. After a fairly quick review, the CIA handed the problem to the FBI for follow-up...

 

"It's a huge security nightmare,"... "The implications are severe,"... "We're not even sure we know the extent of it...All I can tell you is that we think we know how it was done... That alone is serious enough, but it's the unknown that has such deep consequences."

 

Sources in Israel say intelligence agents infiltrated Telrad, a company that had been subcontracted by Nortel, America's [then] largest telecommunications conglomerate, to help develop a communications system for the White House.

 

Company managers were said to have been unaware that virtually undetectable chips installed during manufacture made it possible for outside agents to tap into the flow of data from the White House.

 

Information being sent from the president to his senior staff in the National Security Council and outside government departments could be copied into a secret Israeli computer in Washington, the sources said. It was transferred to Tel Aviv two or three times a week.

 

One opportunity for Israeli agents to mount the operation arose when Nortel, Telrad and another firm won a 33m contract to replace communications equipment for the Israeli air force. Members of the air force were allowed access to manufacturing areas as a result...

 

As for how this may have been done technologically, the FBI believes it has uncovered a means using telephone-company equipment at remote sites to track calls placed to or received from high-ranking government officials, possibly including the president himself, according to Insight's top-level sources. One of the methods suspected is use of a private company that provides record-keeping software and support services for major telephone utilities in the United States.

 

A local telephone-company director of security, Roger Kochman, tells Insight, "I don't know anything about it, which would be highly unusual. I am not familiar with anything in that area."

 

U.S. officials believe that an Israeli penetration of that telephone utility in the Washington area was coordinated with a penetration of agents using another telephone support-services company to target select telephone lines. Suspected penetration includes lines and systems at the White House and NSC, where it is believed that about four specific phones were monitored -- either directly or through remote sites that may involve numbers dialed from the complex.

 

"[The FBI] uncovered what appears to be a sophisticated means to listen in on conversations from remote telephone sites with capabilities of providing real-time audio feeds directly to Tel Aviv," says a U.S. official familiar with the FBI investigation. Details of how this could have been pulled off are highly guarded. However, a high-level U.S. intelligence source [said] "The access had to be done in such a way as to evade our countermeasures .... That's what's most disconcerting."

Supply chain breach of the US telecommunications network

 

As part of, or in concert with, the Telrad penetration, the FBI was investigating Bell Atlantic and Amdocs Ltd., a "Chesterfield, Mo., telecommunications billing company [that] helped Bell Atlantic install new telephone lines in the White House in 1997":

Amdocs provides billing and customer services to telecommunications companies around the world, including Bell Atlantic, BellSouth, Sprint and Vodafone. The Israeli-owned company has grown at an incredible rate since opening an American base in 1997, tripling its U.S. revenues to more than $600 million in 1999. Amdocs software handles 50 percent of all local calls in the United States and 90 percent of all local calls in Germany...

 

Amdocs, once a small Israeli software company, is the world's leader in the $20 billion telecommunications billing software industry, with expected revenues this year of $1.1 billion, said Debra Katz, an analyst with Gerard, Klaur and Mattison in New York. The company employs 5,600 people worldwide and is run by "an amazingly high caliber of people."...

In what was a stupendous opportunity for traffic analysis, the US offered significant parts of its telephone logs (date, time, duration, to, from, likely more) to Israeli assets:

In 1997, the White House had a new, state-of-the-art phone system installed by Bell Atlantic. The system installed was not the secure, military-installed system for classified conversations but rather a commercially secure phone system. The classified phone lines presumably remain secure and are not involved in the alleged breach, sources said...

 

[A]  senior-level employee of Amdocs had a separate T1 data phone line installed from his base outside of St. Louis that was connected directly to Israel. [Investigation centered on] whether the owner of the T1 line had a "real time" capacity to intercept phone calls from both the White House and other government offices around Washington, and sustained the line for some time... An interceptor could allegedly place the location in the White House or other buildings where phone calls originated Sources familiar with the investigation say FBI agents on the case sought an arrest warrant for the St. Louis employee but Justice Department officials quashed it...

A US cryptographer and security specialist asked the same question that first came to mind when the breach was discovered:

Why should we be freely giving to Israeli corporations information (call records, CALEA information) that requires court orders to obtain in this country?  Such information is obviously sensitive, and the well-motivated efforts to strengthen and protect our national infrastructure should reasonably include mandating that such information not be routinely handled by any foreign entities...

 The balance tipped further in Israel's favor by its ownership of the major Lawful Interception (LI) products producer, Comverse Infosys. As US domestic calls transit telco routers, "Custom computers and software, made by companies like Comverse, are tied into that network to intercept, record and store the wiretapped calls, and at the same time transmit them to investigators":

The [Lawful Interception (LI)] manufacturers have continuing access to the computers so they can service them and keep them free of glitches.  This process was authorized by the 1994 Communications Assistance for Law Enforcement Act, or CALEA... [W]hile CALEA made wiretapping easier, it has led to a system that is seriously vulnerable to compromise, and may have undermined the whole wiretapping system...

 

[Comverse] insists the equipment it installs is secure. But the  complaint about this system is that the wiretap computer programs made by Comverse have, in effect, a back door through which wiretaps themselves can  be intercepted by unauthorized parties.

 

Adding to the suspicions is the fact that in Israel, Comverse works closely with the Israeli government, and under special programs, gets  reimbursed for up to 50 percent of its research and development costs by  the Israeli Ministry of Industry and Trade. But investigators within the DEA, INS and FBI have all told Fox News that to pursue or even suggest  Israeli spying through Comverse is considered career suicide.

Significant elements of the US/EU telecommunications network are neither secure or immune to further interruption or breach from a variety of state and nonstate actors. To focus on only one state, possibly erroneously, only does us harm.

 

President Bush Addresses Members of the Knesset

The Knesset

Jerusalem

Office of the Press Secretary

For Immediate Release

May 15, 2008

 

USS Liberty Summary of Events

USS Liberty Memorial

 

I busted Pollard

By RON OLIVE

Jerusalem Post

Nov 20, 2006 20:18, Updated Nov 20, 2006 20:41

 

telnetd root Backdoor in Vodafone's Ericsson Systems?

Sascha Welter

Betabug

1 March 2006

 

Phone Tapping Scandal in Greece

Sascha Welter

Betabug

02 February 2006

 

Why Jonathan Pollard is Still in Prison?

By EDWIN BLACK

Forward

JUNE 28, 2002

See the section: 'THE CRIME'

 

Allies and espionage

Jane's Intelligence Digest

15 March 2002

Original

Mirror via Nucnews

 

AN ENIGMA: VAST ISRAELI SPY NETWORK DISMANTLED IN THE US

ARTICLE 3 OF 7

By Sylvain Cypel

LE MONDE

05 March 2002

Translated by Malcolm Garris

Original

Mirror

 

The Israeli Spy Flap Will Fade Away, But At What Cost?

By Douglas J. Brown

GOPUSA

February 7, 2002

 

Israeli News Reports On The Fox Series Of Israel Spying On US
IsraelNationalNews.com
12-28-2001

Mirror

 

U.S. phone eavesdropping software open to spying --Fox News

From: Declan McCullagh

Politech

Date: Fri, 14 Dec 2001 14:51:51 -0500

A Fox series of 4 items, of which this is part 3, is mirrored at Cryptome

 

FBI Probes Espionage at Clinton White House - suspected telecommunications espionage

by J. Michael Waller,  Paul M. Rodriguez

Insight on the News

May 29, 2000

Mirror

 

POSSIBLE PENETRATION OF WHITE HOUSE EMAIL BY ISRAELI AGENTS

Weekly  Intelligence Notes
Association of Former Intelligence Officers (AFIO)
26 May 2000

 

Israeli spies tapped Clinton e-mail

by Uzi Mahnaimi

Sunday Times (UK)

May 21, 2000

Original scrolled off

Mirror

 

TECH ASSESSMENT OF ISRAELI SPY ALLEGATIONS

Weekly  Intelligence Notes

Association of Former Intelligence Officers (AFIO)

19 May 2000

 

ISRAEL ESPIONAGE PROBE

Weekly  Intelligence Notes

Association of Former Intelligence Officers (AFIO)
12 May 2000

 

President, Senior Officials Briefed on Possible 'Penetration' of White House Phones

By Carl Cameron

FOXNews

6:57 p.m. ET (2257 GMT) May 5, 2000

Original scrolled off

Mirror

 

The ABC's of Spying

By ROBERT M. GATES

New York Times

March 14, 1999

 

Why Pollard Should Never Be Released (The Traitor)

Seymour Hersh

The New Yorker

January 18, 1999

Mirror

Gordon Housworth



Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  

discussion

  discuss this article

FBI Cisco counterfeit investigation is live fire demonstration of failed supply chain oversight

  #

The recent bureau investigation outlined in FBI Criminal Investigation: Cisco Routers of counterfeit Cisco routers, switches, interface converters (GBIC), and WAN interface cards (WIC) is a long overdue spotlight on the failure to properly manage and assess critical supply chains. Two themes stand out:

  1. Validation of insufficient supply chain analysis at tier: From a supply chain analysis standpoint, the problem is worse that the FBI notes. If the tier 0 is the OEM or top level consumer as it is in the manufacturing sector, then the malicious entry is coming in at tier 4, not tier 3, as the "GSA IT Vendor" is the tier 1. The 'tier 3' to the tier 1 is thus a tier 4 to the OEM/top tier consumer and thus well below superficial oversight limits. Alternately, federal purchasing guidelines were so loose that malicious equipment could be effectively sanitized at tier 2 as noted in the eBay and federal credit card procurement paths. As noted in Foreign vulnerability inherent in US globalization of its commercial and defense supply chains, the lack of effective means and metrics had led to complacency and ignorance.
  2. Probably PLA participation at overt/covert subsidiary: From a motivation standpoint, this analyst believes that the question of "For profit or state sponsored?" is not an 'or' but an 'and,' i.e., both motives are cooperating within the People's Liberation Army (PLA) and have been for well over a decade.

Extensive supply chain 'undersight'

 

While there are many things of interest in FBI Criminal Investigation: Cisco Routers, these caught my eye.

 

Foil #10, "Sub-Contracting Process":

  • Material is coming in via a drop ship GSA vendor to a tier 3 sub, i.e., well below the tier 2 boundary and largely sanitized from the nominal tier 3.
  • The problem is worse that the FBI notes as if tier 0 is the OEM or top level consumer as it is in the manufacturing sector, then the entry is coming in at tier 4, not tier 3, as the "GSA IT Vendor" is the tier 1 and thus well below superficial oversight limits

Foils #13-14, "Directly from PRC" and "Through Foreign Country":

  • Material is sanitized through US and nominal friendly states which confer validation in the absence of investigation.

Foils #15-16, "eBay" and "Government Credit Card":

  • Material apparently bypasses all tracking as a discrete federal group uses their fed credit card or PayPal account to buy from eBay or non-GSA vendor.

Foils #22-23, "U.S. Navy Project":

  • Lockheed Martin is the tier 1, thus the material is again coming in at tier 4 from PRC, whereupon the tier 4 ships direct to the Navy.

Foil #48, "Intelligence Gap"

The scope of criminal activity by insurgent and terrorist groups is vastly underestimated by lay readers; It is as if operational money appears as Minerva from the head of Jupiter, if it is thought about at all. Terrorist organizations build criminal funding arms that have the real possibility of dwarfing the military mission, and in some cases, as I believe is happening in Northern Ireland, they become nearly pure criminal groups with a veneer of rhetoric. None are immune:

[The Red Brigades'] daily life was ruled by economics. Members of the organization spent most of their time raising money to carry out their violent attacks, to buy weapons, to rent new safe houses… The Red Brigades [often] sailed to Lebanon to pick up arms from the PLO. The weapons were them brought to Sardinia where other European groups, such as the IRA and ETA, came to collect their share of the cargo. For this service the Red Brigades received a fee. [To give an idea of the] money required by an armed organization to function, in the 1970s, the Red Brigades had a turnover of $8 to 10 million, equivalent to about $100 million today. This figure was equivalent to the turnover of a medium size Italian company. Generating such vast flow of money required constant attention and absorbed the bulk of the time of the full time members of the organization…

Napoleoni goes on to describe that 2003 market "has merged with the international illegal and criminal economy and together they have a turnover of $1.5 trillion dollars" allocated as:

  • $500 billions are capital flights, money which move from country to country undetected, unreported and illegally;
  • $500 billions is what is commonly known as the Gross Criminal Product, money generated primarily by criminal organizations;
  • $500 billions is the New Economy of Terror, money produced by terror organizations of which 1/3 is represented by legal businesses (which include charitable donations) and the rest comes from criminal activities, primarily drug trade and smugglings.

The bulk of the $1.5 trillion flows into Western economies, it gets recycled in the US and in Europe. It is a vital infusion of cash into these economies.

Tradition of simultaneously 'manning the trenches and the cash register'

As previously noted, "The CCP (Chinese Communist Party) can only maintain its "mandate from heaven" to govern by providing rising economic growth, nor can it maintain the PLA (People's Liberation Army) solely on the "imperial wheat" of government subsidy," thus the PLA was instructed to become largely self-sufficient.

From working notes in 2004:

Official position: Peoples' Liberation Army (PLA) relinquished all commercial investments other than "logistics" in 1999.  Highly visible, high-profile investments handed over.

 

Reality: PLA influence over the economy remains deep and widespread.  The 1999 deadline merely commenced the start of protracted negotiations on who gets what and how Beijing will compensate the military for the revenue lost by handing over its companies. [Includes current value of airlines, pharmaceutical firms, manufacturing and chemical plants, as well as their future revenue stream.]

 

PLA units used the divestiture to shift money-losing firms to local governments even as they kept the best for themselves, blocked audits that would reveal theft and corruption, moved assets into umbrella companies to hide ownership, and allowed departing military officers, their wives or relatives to take over "divested" firms.

 

By 2000 PLA still owned some 10,000 companies selling everything from toilet paper to telecommunications services [Per military analysts, diplomats and China watchers] vastly undervalued at $9.7 billion USD.

 

PLA has a long tradition of simultaneously manning the trenches and the cash register. [Army actions against the Japanese and the Nationalists before and after WW II relied on farming, factory work and other extracurricular activities to support guerrilla operations. Mao Tse-tung cited Ming and Qing dynasty precedents as justification.]

 

China lacks the financial resources to support the PLA solely on the "imperial wheat" of central government funding.

 

PLA's modernization efforts are posting even more aggressive financial demands, yet the Communist Party (CP) needs the PLA as the ultimate defender of its privileged position. Backlash over US-led NATO bombing of the Chinese Embassy in Belgrade [8 May 2000] reduced "pressure to close up shop" of extra-commercial activities.

 

Before 1978, the PLA's business focus was largely limited to production for its own use.  Deng's exhortation to the people to "get rich for the good of China" found fertile ground in the military.  The PLA used its tax-exempt status, warehouses, vehicles and border control to its advantage.  Resulting abuse of power undermined Communist Party credibility, embarrassed CP leadership, while private sector interests undermined military loyalty and left many soldiers with divided loyalties.  PLA greed during the 1997 Asian economic crisis pulled forward the timeline for military divestiture.  PLA was engaging in massive oil smuggling (almost bankrupting China's two state-run oil monopolies) using its border control, ships, warehouses, trucks, private gas pumps and storage tanks to operate the smuggling operation and arbitrage the price difference between dropping world oil prices and China's higher protected prices.  The CP was enraged, recognized the PLA as a corrupting force, and feared that the PLA could endanger CP legitimacy.]

 

July 30, 1998: Military officials in Beijing and analysts abroad believe it will be many years before there is more than "incremental" change in People's Liberation Army ownership of private businesses, the Wall Street Journal reports. Several PLA officials say that lucrative companies, many related to the acquisition and development of weapons systems and related technology, owned by the powerful Headquarters of the General Staff will be exempt from the new rules by the central government. Companies such as the five-star Palace Hotel in Beijing and China Poly Group, a weapons dealer and real estate firm, will keep their military ties.  The PLA is considered the world's biggest business empire. The WSJ cites the recent sale of a PLA-owned restaurant to a private entrepreneur. The new owner pays the PLA a $1,200 monthly fee to "rent" the restaurant's name. "The military stands behind everything we do," says an employee.

PROVENANCE: My notes are unclear on provenance. At the time, was reading Mulvenon and Yang's The People’s Army in the Information Age, notably Jencks' "COSTIND IS DEAD, LONG LIVE COSTIND! RESTRUCTURING CHINA'S DEFENSE SCIENTIFIC, TECHNICAL, AND INDUSTRIAL SECTOR"; Scobell's CHINESE ARMY BUILDING IN THE ERA OF JIANG ZEMIN; Mulvenon's Soldiers of Fortune; Mulvenon and Yang's The People's Liberation Army as Organization, Reference Volume v1.0, notably Finklestein's THE GENERAL STAFF DEPARTMENT OF THE CHINESE PEOPLE'S LIBERATION ARMY: ORGANIZATION, ROLES, & MISSIONS; Magnier's Chinese Military Still Embedded in the Economy; and French's China Moves Toward Another West: Central Asia. Apologies to any that were omitted.

F.B.I. Says the Military Had Bogus Computer Gear
By JOHN MARKOFF
New York Times
May 9, 2008

US, Canadian agencies seize counterfeit Cisco gear

Grant Gross

IDG

02.29.2008

 

FBI Criminal Investigation: Cisco Routers

Section Chief Raul Roldan

Supervisory Special Agent Inez Miyamoto

Intelligence Analyst Tini Leon

January 11, 2008

 

Managing the Risks of Counterfeiting in the Information Technology Industry

KPGM International

Electronics, Software & Services

2005

 

China Moves Toward Another West: Central Asia

By HOWARD W. FRENCH

New York Times

March 28, 2004

 

The New Economy of Terror
By Loretta Napoleoni, author of Modern Jihad: tracing the Dollars behind the Terror Networks
Sign of the Times (UK)

1 December 2003

 

The People's Liberation Army as Organization

Reference Volume v1.0

Ed: James C. Mulvenon, Andrew N. D. Yang

RAND

ISBN/EAN: 0-8330-3303-4

2002 

4. THE GENERAL STAFF DEPARTMENT OF THE CHINESE PEOPLE'S

LIBERATION ARMY: ORGANIZATION, ROLES, & MISSIONS, By David Finklestein

 

Soldiers of Fortune

by James C. Mulvenon

M.E. Sharpe

ISBN-10: 0765605805

November 2000

 

CHINESE ARMY BUILDING IN THE ERA OF JIANG ZEMIN

Andrew Scobell

Strategic Studies Institute, U.S. Army War College

ISBN 1-58487-030-3

August 2000

 

Chinese Military Still Embedded in the Economy

Mark Magnier

Los Angeles Times

January 9, 2000

 

The People’s Army in the Information Age

Ed: James Mulvenson and Richard H, Yang

RAND

CF-145-CAPP/AF

ISBN/EAN: 0-8330-2716-6

1999

5. “COSTIND IS DEAD, LONG LIVE COSTIND! RESTRUCTURING CHINA’S DEFENSE SCIENTIFIC, TECHNICAL, AND INDUSTRIAL SECTOR” by Harlan W. Jencks

 

Gordon Housworth



Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  

discussion

  discuss this article

Hoax spam helps mask the many Battle Cruisers, Death Rays and intergalactic plagues that can get you

  #

Chain letter hoax spam has dangers all their own as they radiate outward absorbing bandwidth without merit and distracting unwary recipients from good practice. Depending upon their content and construction, they are either noise or spurious signals (sprignals) masking genuine threats.

I received the fifth forwarding of just such a histrionic spam sent to me by a Mac user who had not done enough research to learn that the worm in the forwarded note was a Win32 payload targeting Microsoft PCs.

Replying to all in order to try to calm matters and prevent further forwarding I wrote:

Whoa now, lets not get carried away

I feel like Tommy Lee Jones as Agent K in Men in Black when his new partner, Will Smith's Agent J, is unhinging about an incipient alien threat to destroy the Earth in the next thirty minutes:

Agent K: We do not discharge our weapons in view of the public!

Agent J: We ain't got time for this cover-up bullshit! Have you forgotten? There's an alien battle cruiser--

Agent K: There's always an alien battle cruiser or a Korilian death ray or an intergalactic plague about to wipe out life on this planet. The only way people get on with their happy lives is they do... not... know about it!

The threat you are describing - which does not affect Macs - is one of the Warezov variants. They left that out of your scare memo.

Warezov is only one of a few hundred major worms and trojans now circulating, i.e., just one of the many Battle Cruisers, Death Rays and intergalactic plagues that can get you.

If you have robust AV tools, religiously keep them up to date, assiduously avoid opening almost any attachment, and don't go to the dark web where things lurk for which no detection signature has been created, you stand a reasonable chance on non-infection. Add to that, make frequent backups. That's all you get today. No guarantees.

Yes, Warezov is a nasty bit of work, but it has been in the wild for some time. Dwelling on Warezov draws attention away from newer, more interesting attacks like Mocmex which is capable of extremely nasty work but seems to be circulating now as proof of function for a much more potent future attack. Its initial distribution pattern is new however: digital photo frames. Once you return your jump drive back to the mother ship, you're infected, a nice midtech approach off the usual infection path. Mocmex is also a W32 product so Mac users are not affected. I worry more about items such as Disk Wizard (more here), another Win32 attack.

Spotting hoaxes on the fly

While human nature will doubtless continue to propagate hoaxes which share many characteristics with rumors, it is worth the effort to educate. My primary litmus tests for hoaxes is its "too good to be true, too perfect, too pat" property in which you are given both rationale and urgency to act. It is something that people want to be true, and when it is not, they embellish it before sending it on.

Another test is how many comments of that caliber appear in the same fervent message. (Repeated urgency is another test.) One among many sentences in this spam that failed the sniff test was:

Subsequently you will LOSE EVERYTHING IN YOUR PC, And the person who sent it to you will gain access to your name, e-mail and password.

Googling that phrase almost immediately led to an initial 2002 write-up by Symantec titled the Life is beautiful Hoax by George Koris describing a hoax about a supposed virus masquerading as a PowerPoint document. Koris' summary was "Please ignore any messages regarding this hoax and do not pass on messages. Passing on messages about the hoax only serves to further propagate it." And still it lives.

By 2006, the Mail Server Report email with a valid payload in a .zip file began circulating claiming that "a worm was detected in an email you sent. You are asked to use the attached file to install updates that will eliminate the virus it has supposedly detected." The attack payload was a Warezov variant.

By March 2008 a warning began circulating that erroneously linked the 'Mail Server Report' worm with elements of the 'Life is Beautiful' virus hoax and claimed that the resulting amalgam "HAS BEEN CONFIRMED BY SNOPES." The primary element that Snopes was confirming was the amalgamated texts, but that will suffice for the gullible.

The 'confirmation' bona fides in the forwarded item I received now carried two 'certifications,' one ostensibly from Snopes and the second from Truth or Fiction. (This is another hoax characteristic: paste-on embellishments.). One wishes forwarders along the line had done similar research.

Hoaxes are not harmless

I do not consider these hoaxes harmless. I surmise, but do not have proof at hand, that many of the credulous that forward this spam class, thinking that they are doing good, do greater harm by ignoring their update cycle (if they update at all) of their PC software, peripherals and second tier applications in addition to their operating system, mail system and web browser.

As a first step, Hoax-Slayer has this comment regarding hoaxes that I recommend to all:

Before forwarding a virus warning email, it is always a good idea to check that the information in the message is valid. Virus hoaxes are quite common, and like this one, they tend to circulate for years after they are first launched. In other cases, virus warnings that may have been originally true circulate long after the described virus has ceased to be a significant threat. Virus hoaxes and outdated warnings are no help to anybody. All they do is waste time, cause confusion and needlessly clutter inboxes. Such problems mean that forwarding warning emails may not be the best way to help battle viruses and other computer security threats.

The credulous that forward hoaxes or misplaced warnings consume reader mindset and network bandwidth. Worse, they reduce recipients' ability to pay attention to things that are serious, that will likely cause damage. They become part of the signals, sprignals and noise in the communications environment. From The value of counter-deception and early sprignal detection in political elections:

Roberta Wohlstetter pioneered intelligence warning systems by applying Claude Shannon's telecommunication concept of signals and noise and his design of information systems to send and receive signals amid noise. Wohlstetter's Pearl Harbor concluded that the problem was "too much noise" rather than a lack of data, i.e., it was analysis that failed: "We failed to anticipate Pearl Harbor not for want of the relevant materials, but because of a plethora of irrelevant ones."

Contributing causes were invalid assumptions, faulty appraisal and dissemination of intelligence, and inadequate security measures. Behind these was a lack of war-mindedness at this Pacific base halfway around the world from areas where momentous events were happening. Adm. Husband E. Kimmel, the Pacific Fleet commander, admits to it: "We did not know that in the Atlantic a state of undeclared war existed (Admiral Kimmel's Story, p. 2, New York 1955). The War and Navy departments also shared in responsibility for the disaster, not only by withholding intelligence but by assigning low priorities to critical equipment for ships and units in the Hawaiian area.

Pierre Wack drives home this need of awareness of one's greater surroundings in his discourse on scenarios, what he calls the "gentle art of reperceiving."

In times of rapid change, [companies] effectiveness and speed in identifying and transforming information of strategic significance into strategic initiatives differ just as much [as their skill in turning research into product]. Today, however, such a capacity is critical. Unless companies are careful, novel information outside the span of managerial expectations may not penetrate the core of decision makers' minds, where possible futures are rehearsed and judgment exercised.

As Roberta Wohlstetter points out, "To discriminate significant sounds against this background of noise, one has to be listening for something or for one of several things. One needs not only an ear but a variety of hypotheses that guide observation". Indeed, the Japanese commander of the Pearl Harbor attack, Mitsuo Fuchida, surprised at having achieved surprise, asked, "Had these Americans never heard of Port Arthur?" (the event preceding the Russo-Japanese War of 1904 -- and famous in Japan -- when the Japanese navy destroyed the Russian Pacific fleet at anchor in Port Arthur in a surprise attack).

Barton Whaley used the model in his analysis of Soviet attempts to predict an impending German attack, Operation BARBAROSSA. Whaley's first analysis cited 12 cases of strategic surprise to which William Harris believed that "the Russian warning intelligence challenge in 1941 was to differentiate genuine "signals" of impending invasion from "spurious signals" from deception planners (defensive military preparations and deployments, non-hostile intent, etc.) within the context of other information "noise."" As a "minimum of 8 or 9 of these 12 warning challenges involves deliberate "signals" designed to lull or defeat warning systems," Harris suggested that Whaley "utilize a tripartite model: signals, spurious signals (sprignals), and noise."*

Hoaxes can either be noise or sprignals. Neither is useful in addressing the payload signals.

Chinese hackers would like to introduce you to Disk Wizard and the Mechanical Dog
Published by Heike
The Dark Visitor
March 27, 2008

Virus from China the gift that keeps on giving
Deborah Gage
San Francisco Chronicle
February 15, 2008

Mail Server Report
Example: [Collected via e-mail, 2006]
by Barbara and David P. Mikkelson
Snopes

Life is beautiful Hoax
Discovered: January 15, 2002
TECHNICAL DETAILS
Writeup By: George Koris
Symantec
Updated: February 13, 2007 11:59:14 AM

Men In Black Script - Dialogue Transcript
Transcript that was painstakingly transcribed using the screenplay and/or viewings of Men In Black

Men In Black
by Ed Solomon
IMSDb

Gordon Housworth



Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Risk Containment and Pricing Public  

discussion

  discuss this article

Submarine fiber optic cable breaks: a study in hysteria and ignorance against analysis

  #

Undersea cable networks are an underappreciated but essential part of modern life. They now carry well over 95% of the world's international telecommunications traffic. As trade rises as a share of global GDP - it's now over 30% - reliable connectivity becomes a key ingredient to growth. Some drivers of economic growth - outsourcing, offshoring - would be nearly impossible without it. As such, the undersea cable networks that support this connectivity are clearly vital to global commerce...

Submarine fiber optic networks mimic electricity grid vulnerability

The global submarine fiber optic network almost perfectly mimics the global electricity grid in its inability to mount any reasonable defense against attack. (I say 'almost' as the fiber optic industry is far less aware of its being a target than is the electricity grid.)

Here is Richard Clarke in 2000 speaking of cyberwar as "a threat that US government cannot defend solely by federal means":

The owners and operators of electric power grids, banks and railroads; they're the ones who have to defend our infrastructure. The government doesn't own it, the government doesn't operate it , the government can't defend it. This is the first time where we have a potential foreign threat to the United States where the military can't save us.

Compare that to Clarke's recent 2008 reply on the vulnerability of fiber optic networks to physical attack:

No one has the responsibility to insure there are redundant lines. Each company makes a decision based on market forces as to whether to invest in building new capacity. Nobody pays the private firms that own the fiber to build excess capacity. In some places it exists, but there are many point-to-point connections that have single points of failure and insufficient work-arounds available. There ought to be a public-private partnership, an international one, that insures there is adequate capacity to handle large scale outages caused by malevolent actors. That means back up dark fiber, rapid repair and replacement capability, and research to increase the bandwidth for laser uplink/downlink satellite comms.

Substitute 'cable system companies' for 'electric power companies' in this 2003 comment by Clarke:

[Our] electric power companies, both the generating companies and the distribution companies, have paid very little attention to security in cyberspace... They are beginning to understand that they need to have security. And the Federal Electric Regulatory Commission is beginning to understand that it needs to regulate that, in order to create an even playing field...

Unless power companies are required to do [this] by the federal government, they will never do it, because they're now in competition with each other. They're all willing to do it if they're all forced to do it... no one has competitive disadvantage by proving security...

We, as a country, have put all of our eggs in one basket... It could be that, in the future, people will look back on the American empire, the economic empire and the military empire, and say, "They didn't realize that they were building their whole empire on a fragile base."

In researching this note I thought to see what Clarke had said about the recent cable outages in the Eastern Med and the Persian Gulf, forgetting that he wrote a novel, Breakpoint, (excerpt here) that included an attack against fiber optic backbone:

Breakpoint [shows] was how much more damage could be done if an organized group set about to create havoc by attacking these strand that unite the global village. Disconnect cyberspace in key places and the unified global village and world economy can't operate. And we have no backup economic system... And while undersea lines were cut in the novel, there were also attacks on the places where the cables come up from under the water and go on the beach. Those places are well known and unprotected.

Spot on. My read surfaced few public analysts that spoke systematically and realistically about the threats to submarine cables. Of those, fewer identified their unprotected "landing stations" - where the cables come ashore - as a high vulnerability. (This analyst found it interesting that landing stations highlighted in discussions of telecom cooperation with federal eavesdropping were forgotten in assessing the cable threat.)

A simple search on "submarine cable landing" will produce a List of international submarine communications cables as well as 983 locations where undersea cables come ashore, most all of them in rural to remote areas. There are so many ways to identify landing points. Bluewater sailors know where cables congregate to come ashore as they are clearly marked on their nav charts.

The Eyeball series highlights the landing stations along the US East Coast. (Scroll down past the text to the paired aerial photo-highway maps for the landing stations. But note that the text you skipped over cites sources for these locations. My point is that it is a trivial problem. My compliments to Cryptome for flagging that triviality.)

Separating hysteria and excessive calm from legitimate risk

It appeared that the only procedural rigor at play among amateur reporters was to repeat Auric Goldfinger's line that, "Once is happenstance, twice is coincidence, three times is enemy action" and then assign multiple, geographically dispersed cable breaks to enemy action, usually Jihadist, without further investigation.

The relatively uncomplicated sovereign state environment in effect when Neal Stephenson wrote Mother Earth Mother Board in 1996 is now complicated by the emergence of the stateless aggressor against whom retaliation is difficult:

There is also the obvious threat of sabotage by a hostile government, but, surprisingly, this almost never happens. When cypherpunk Doug Barnes was researching his Caribbean project, he spent some time looking into this, because it was exactly the kind of threat he was worried about in the case of a data haven. Somewhat to his own surprise and relief, he concluded that it simply wasn't going to happen. "Cutting a submarine cable," Barnes says, "is like starting a nuclear war. It's easy to do, the results are devastating, and as soon as one country does it, all of the others will retaliate.

There are more than one stateless aggressors that will be pleased to sever submarine cables or other communications services in the pursuit of their aims. (Mother Earth Mother Board is otherwise still worth the read.)

TeleGeography's Eric Schoonover does a nice job of describing what happened in the wake of the Egyptian outages, what was required to compensate and who suffered with what consequences. By far the best routing intelligence was the highly recommended five-part series showing who was affected when, by Earl Zmijewski:

Christopher Rhoads does a yeoman analysis of the structure of the fiber sector, much of it still dark since the bust of the late 1990s fiber boom. (Unfortunately, the unused dark links are often not in the areas of current demand.) A useful summary of cable maintenance, grappling and repair is here. It was amusing to hear FLAG Telecom state a new third cable, the FLAG Mediterranean Cable, between Egypt and France would be "fully resilient" against cuts as it was taking "a different route from the severed cables." FLAG knows that the cables emerge in shallow water to terminate at the same landing points.

A respondent to Bruce Schneier's Fourth Undersea Cable Failure in Middle East argued more systematically for "undersea damage associated with seismic activity" in Turkey and Southern Greece than any of the handwringing Cassandras. That may not be the ultimate cause for the Med breaks but its rigor shames many of the high street press journalists. (And if you hear a rumor that Iran has been knocked offline, use traceroute (tracert) (prepackaged sets here and here) to verify it rather than running the rumor. That skill will separate you from most journalists.)

As to the comments from Egyptian authorities that no ships were operating in the restricted area where the breaks were said to occur, and thus had no opportunity to drag an anchor, I say anything is possible in a land where a bureaucrat will accept payment to look the other way. This comment from a diver is useful:

Having dived around Alexandria, a common site is a bunch of locals in a 10m boat throwing a grappling hook over the side over known or suspected wrecks in an attempt to snag some scrap metal and haul it up. Several times we had to abort to alternate dive sites to avoid locals who were tearing up wrecks like this. As for the egyptian military being able to contain a restricted area ... their training makes mcdonalds workers seem well trained.

Ryan Singel nicely outlined the "Cable cut fever" racing about the web. But when Johna Till Johnson answered "Is it likely the cable cuts were intentional? And more importantly, are we at the dawn of a new era of "cable terrorism," in which malcontents try to disrupt global communications via cable cuts?," she got the first right and, overlooking shallow water and the landing stations, got the second quite wrong:

Nope. Cutting cables is a lot more difficult than it looks. For one thing, you have to first locate the cables - no small feat when they're somewhere in the middle of an ocean, under miles of water. Even with the latest-and-greatest technology, this is no easy task. According to the delightful book Blind Man's Bluff, the United States spent a fair amount of time in the 1960s and 1970s attempting to locate and tap Soviet cables. Although there reportedly were noteworthy successes, they required decades of focused effort and investment in a fleet of nuclear submarines. Terrorists have easier ways to make trouble.

Ovum's Matt Walker made the best non-military analysis:

[C]ables are nearly impossible to secure. Cable landing stations are often located in remote areas and usually staffed with a handful of technical employees, not teams of armed guards. Moreover, a typical transpacific system stretches around 20,000km. Even if the private cable owners increase security for the "dry plant" segment of such networks, securing the wet plant is problematic. Cable owners work hard to minimize accidental damage, making cable routes available to those that need to know, such as fishermen, navies, and research vessels. Cable routes also deliberately avoid, as possible, such hazards as earthquake-prone zones and rocky seabed. However, there is an unspoken assumption that the networks are safe from deliberate human sabotage. The recent spate of cable failures in a politically volatile region has called this assumption into question...

In deep waters, cable cuts are rare... 60% of all cable cuts occur in waters less than 100 meters deep. Of all cable faults, roughly three-fourths are due to "external aggression," the bulk of which is accidental human activity, namely, fishing, anchors, and dredging...

Intentional sabotage [is] probably more feasibly done in shallow waters than deep, and cable security in shallow waters is only modestly more practical. Clearly, undersea cables are a ripe target for those with an interest in wreaking havoc on international communications, whatever their motivation. Another consideration is that undersea cables have been used for submarine/surface surveillance purposes as far back as World War II, with the cooperation of private industry...

And here a scent of Clarke:

It is not enough to have multiple independent operators of ring- or mesh-based networks, with built-in restoration capabilities, optical equipment and power redundancy, multiple redundant links between cable stations and city gateways, etc. Physical security from deliberate human attack or sabotage must also be considered. If ports, railways, gas pipelines, and other types of networks are being secured against possible sabotage, we must similarly increase the security of undersea optical highways. Guaranteeing reliability is impossible, but an improvement on the current hands-off approach is long overdue. The economic cost of losing, or even just slowing down, international communications is extremely high. This risk has to be factored into the calculations behind the investment level and design of undersea optical networks.

Technical assist: For those struggling with unfamiliar communications vocabulary in a subsea cable network, a nice pictographic introduction of general data communications in any medium can be found here (actually the introduction to a data communications course).

The highly vulnerable landing station

RAND highlighted the landing station vulnerability as least as early as 2000; the problem has only grown more critical while commercial cable firms remain obtuse:

[W]iring companies have focused on redundancy as an important aspect of the cable network. While early fiber optic cables were "point-to-point" systems, modern systems are configured as loops, connecting two landing stations - at least 100 kilometers away from one another - in one country to two in another. Because it would be unlikely for an isolated nautical event - a sudden shift in the seabed on which the cables rest, for instance, or an inadvertent break caused by a fishing net or a ship's anchor - to affect both cables, the systems are thought of as secure...

However, the desire for security against inadvertent nautical events may have been counterproductive. When seeking adequate termination points for cables, companies have faced a relative paucity of suitable sites (relatively isolated from heavy fishing activity and strong ocean currents), particularly on the East Coast... Because of this lack of sites, and given the considerable effort in digging a trench on the seabed for the last kilometers of the cable, then tunneling from the ocean bed up into a beach manhole, to bring the cable ashore, cable companies have, again, especially on the East Coast, repeatedly placed cable termination points on the same shore...

The results of this "stacking" [can be seen in ten cable systems terminating in New Jersey. Of the ten] six terminate in only one of the same three cities, Tuckerton, Manasquan, and Manahawkin, New Jersey. One - a self-healing loop - terminates in both Tuckerton and Manasquan. A sixth terminates in both Manasquan and Charlestown, Rhode Island. Theoretically, an attack on two or three of these sites - at the point where the cables come together in the undersea trench before coming ashore - could cause enormous damage to the entire system...

Similarly, all submarine cables but one terminating in the south of the United States terminate at one of three points in Florida: Vero Beach, Palm Beach, and Hollywood.

[The US is less isolated than other states]- some transmissions could be rerouted through systems in Canada and South and Central America. However, given that the vast majority of transatlantic and transpacific cables terminate in the United States, the prospect of a concerted attack on these cables is troubling.

[However, a state such as Taiwan, unlike the US,] would be unable to depend on a vast overland information infrastructure beyond its borders in the event of damage to its fiber optic lifelines. A [then] recent example of the chaos potentially caused by communications outages is that of Australia. One cut cable in the SEA-WE-ME-3 network leading from Australia to Singapore caused Australia's largest Internet provider - Telstra - to lose up to 70 percent of its Internet capacity...

Pulsing the system as part of an information gathering exercise

I do not rule out an effort by state or nonstate assets to pressure the network, forcing the defender to enable comm links that normally remain dark. We often probed Soviet air defenses with aircraft flying a possible penetration profile, hoping to force the Russians to turn on defense in depth assets normally used in combat. These two comments to Schneier's post on the Middle East cable failures speak to my point:

Think about entities responsible for researching cyber attacks from a viewpoint of national security. Their main endeavors are mapping and monitoring global infrastructure and simulating possible scenarios. As with every simulation (e.g. development of nuclear warheads) you need real world data to make your simulation behave like the real world would do.

These entities do likely own warehouses full of real world netflow data, but only for more or less regular operation of the global network. To be really sure, that their virtual attack scenarios can be trusted, they need real world feedback for their own "interactions" with those networks. Now think about the interesting load of data you can collect when cutting undersea cables: number of nodes immediately offline, congestion on alternative routes, average response times of responsible institutions, measures taken by those institutions, unexpected backlash, general short, mid, and long term effects, on and on... Endless highly interesting parameters...

If this is deliberate, I suspect that it's a probe. If I was interested in knocking out access for a country, I'd probe it for uplinks. I'd search for all of the announced AS paths behind each uplink. Once I knew say, the top five fiber drops, cutting a few may fill the rest to capacity. Assuming that one is watching BGP, you'll see some changes. If they have emergency fiber or VSAT uplinks, they're probably going to route over them. This would be a useful method of observing a target. This doesn't mean that it requires a later attack, it could simply be an information gathering exercise...

Submarine cable operators: the sitting duck on the pond

The group that seems oblivious to asymmetrical threat risk appears to be the subsea fiber optic cable operators. An effort to locate robust risk analysis practices in general and this threat in particular went dry. The best was Cook's Risk Management which had the core of a useful method but it seemed more a proposal that evidence of sustained practice. Marine Survey & Cable Routing short course for "a safe and economic route" cited the principal hazards as:

  • Pre-Survey Route Position List (RPL)
  • Seafloor Morphology and Geology
  • Natural Hazards e.g. Seismic events, submarine volcanism
  • Oceanography and Meteorology
  • Human Activities e.g., mineral extraction, oil & gas, fishing
  • Man-Made Hazards e.g. anchoring, dredging
  • Other cables/pipelines/lease blocks

Its detailed Cable Route Study (CRS) had more to do with visiting local landing station authorities and other industries operating in the area, permits and regulatory issues, and cultural and environmental issues than asymmetrical or sovereign threats.

A forward leaning Blips on the Radar Screen for future cable capacity mentioned no threat profiles. In the search period where I should have found a working threat assessment model, I found none.

Writing in 2000, RAND noted a gap between the defense community and commercial cable operators that has not been closed:

By 1969, [defense] analysts had perceived vast potential military and economic benefits in cable's exploitation... With the explosion in importance of fiber optic networks [this] potential has been realized and will continue to grow; at the same time, however, so will the attendant vulnerability. The submarine fiber optic cable network is of great importance to the United States... Moreover, constraints on cable laying mean that several cables are likely to be bundled together, offering a potentially lucrative target for sabotage.

In most industry publications, however, little attention is given to the possibility of deliberate attack on the fiber optic network. Indeed, one of the few discussions of the possibility says simply that "while undersea cables could be cut, the practice of burying the in-shore segments makes this difficult; the mid-ocean portions are hard to find without a map and help from shore-based monitoring stations"...

Given the above, however, it is clear that more attention should be paid to the potential for deliberate attacks on the global fiber optic cable network... Currently, for instance, shore authorities have positioned radars and occasionally scheduled flyovers for areas in New Jersey that might be targeted...

Areas of high cable density are common: expect more multiple outages

"Cairo has become a communications hub to the Middle East..." The Suez Canal and the new overland "electronic Suez canal" comprise one of the globe's highest cable densities with massive fiber projects on the way:

Nearly all the new fiber cables recently built or planned for South Asia, the Middle East and east Africa funnel through Egypt, due to its unique location between the Red Sea and the Mediterranean. The other undersea path to the European and Atlantic networks is the much longer and costlier way around the southern tip of Africa...

The nine fiber projects planned across Egypt's Sinai desert compare with a total of four built over the past 20 years. "We call it the electronic Suez canal," says [the] Egyptian telecom regulator, likening the country's emergence as a communications hub to its importance last century for shipping by virtue of its Suez canal.

Suez in not unique in its high density of laid cables; The seabed offers many points where geography conspires to group submarine cables, thereby increasing the potential of cascaded damage. Take, for example, the Luzon Strait where the 2006 magnitude 7.1 Hengchun earthquake created "one of the largest disruptions of modern telecommunications systems. Nine submarine cables in the Strait of Luzon, between Taiwan and the Philippines, were broken thus disabling vital connections between SE Asia and the rest of the world."

Luzon Strait is the preferred of three routes to "link South East & Northern Asia":

  1. Luzon Strait between Taiwan & Philippines
    • 320 km width
    • 2600m sill depth in Bashi Channel (north)
  2. Route south of the Philippines
    • adds lots of mileage & hence latency
  3. Formosa Strait
    • Narrowest part is 130 km width
    • 70 m depth (too close to fishermen)

With nine cables transiting the earthquake epicenter in the Bashi Channel (2500-4000 meters deep), Hengchun created "multiple failures causing the entire cable system to be out of service." With no available cables for rerouting, Asia had to wait weeks for marine repairs:

21 faults were recorded in the 9 cables and it took 11 ships 49 days to restore everything back to normal. This length of time was due to the number of faults, the availability of cable repair vessels, adverse sea conditions and the occurrence of faults in water depths down to 4000 m. The repair effort was hampered further by the burial of some cables under a layer of mud and the huge size of the area that was affected...

Sovereign state weaponization of the sea floor

Terrorist efforts aside, it is clear that the major powers have a sustaining interest in the seabed, fiber optic cables and deep diving submarines.

As to subsea cables, Bamford notes:

[NSA] taps into the cables that don't reach our shores by using specially designed submarines, such as the USS Jimmy Carter, to attach a complex "bug" to the cable itself. This is difficult, however, and undersea taps are short-lived because the batteries last only a limited time. The fiber-optic transmission cables that enter the United States from Europe and Asia can be tapped more easily at the landing stations where they come ashore. With the acquiescence of the telecommunications companies, it is possible for the NSA to attach monitoring equipment inside the landing station and then run a buried encrypted fiber-optic "backhaul" line to NSA headquarters at Fort Meade, Maryland, where the river of data can be analyzed by supercomputers in near real time.

Tapping into the fiber-optic network that carries the nation's Internet communications is even easier, as much of the information transits through just a few "switches" (similar to the satellite downlinks). Among the busiest are MAE East (Metropolitan Area Ethernet), in Vienna, Virginia, and MAE West, in San Jose, California, both owned by Verizon. By accessing the switch, the NSA can see who's e-mailing with whom over the Internet cables and can copy entire messages. Last September, the Federal Communications Commission further opened the door for the agency. The 1994 Communications Assistance for Law Enforcement Act required telephone companies to rewire their networks to provide the government with secret access. The FCC has now extended the act to cover "any type of broadband Internet access service" and the new Internet phone services - and ordered company officials never to discuss any aspect of the program.

As to deep diving submarines. RAND produced an interesting 2002 monograph on the requirements for a successor to the NR-1, a deep-diving nuclear research submarine built in 1969. A small vessel (12 foot diameter, 150 foot length, 400 ton displacement and crew of seven), the NR-1 is set apart from other research submersibles and SSN submarines by its "prolonged (30-day) operation [limited only by its food and air supply] on or near the sea bottom [2,375 foot operating depth] at a speed of up to 4 knots" as well as its viewports, manipulators to "handle small objects... two retractable rubber-tired wheels that support it on the ocean bottom [and] thrusters to maintain depth without forward movement, to move laterally, and to rotate within its own length."

NR-1 missions "included support to national agencies, which had found other assets limited in their ability to complete such tasks as mapping the Challenger debris field despite inclement weather or locating important forensics information from the Egypt Air Flight 990 disaster... support of maritime archaeology, scientific research, and military operations." Command of the NR-1 does appear to be a career enhancing billet. Admiral Edmund Giambastiani commanded NR-1 earlier in his career.

Based upon NR-1 performance and expected NR-2 capability, a "military expert group" identified seven "core missions" for the NR-2 as part of an analysis of highest priority "military and scientific missions [for] their deep-diving research submarines":

  • Selected Covert Operations
  • Protection of National Assets on the Seabed
  • Intelligence Preparation of the Battlespace (IPB)
  • Forensics/Investigation
  • Expanded ISR [Intelligence Surveillance and Reconnaissance]
  • Offensive Information Operations
  • Defensive Information Operations

The NR-2 would require "magnetic and acoustic" quieting and enhanced endurance and should be able to operate under three support environments:

  • Fully autonomous operation... as is any SSN...
  • Operation in consort with an SSN [with] SSN transport/tow to an AOI [area-of-interest] and escort/protection within an AOI as desired...
  • Operation in consort with a surface support vessel [for] extensive logistics support... tow and communications support... and enable transfer and offload of objects...

Interestingly, little is written of the NR-2 despite the fact that the navy 'anticipated' "that the NR-1 will require [a third] refueling or replacement by 2012." There is an interesting oblique reference in a comment about a LTJG nuclear engineer with the Advanced Submarines Division at Naval Reactors Headquarters who:

uses his skills to keep the country's only nuclear-powered, deep-diving research submarine in top operating condition. [The officer] recently completed studies of concept designs for a nuclear-powered deep-diving research submarince including the sizing reactor and propulsion plant components, plant arrangement, and overall ship integration aspects.

In sum, subsea fiber optic networks are more vulnerable than the electricity grid. Fiber is not so much a case of raising security standards as it is introducing the concept of security. Richard Clarke's admonitions ring loudly.

Internet Logjams Spur Cable Boom
Outages in Mideast Expose Global Need For Fast Fiber Lines
By CHRISTOPHER RHOADS
WSJ
February 8, 2008

FLAG Telecom: Abandoned ship's anchor caused cut in Internet cable between Emirates, Oman
By KATARINA KRATOVAC
AP
Posted: 2008-02-08 10:58:35

Hotter under the water: A look at the undersea Internet cable "conspiracy" and the impact on global networks
Interview with Eric Schoonover, TeleGeography
Network Performance Daily
February 07, 2008

What those oceanic cable cuts mean to you
By Johna Till Johnson
Eye on the Carriers 
Network World, 02/07/08

Mediterranean Cable Break - Part IV
February 07, 2008 | By Earl Zmijewski at 02:03 PM
Renesys Corporation

Undersea cables extremely vulnerable say analysts
Comments by Matt Walker, Posted by andrewdonoghue
Recycled Green Tech News
Thursday 7 February 2008, 3:36 PM

07-Feb-08 - Update on Submarine Cable Cut Repairs - Daily Bulletin
FLAG Telecom
Press Releases

Three undersea cables seen fixed by weekend
Reuters
Thu Feb 7, 2008 9:23am EST

New Cable Taking New Route After Web Cut
By KATARINA KRATOVAC
Associated Press
February 6, 2008 - 2:58pm

Cable Cut Fever Grips the Web
By Ryan Singel
Threat Level
February 06, 2008 | 4:50:11 PM

Analyzing the Internet Collapse
Multiple fiber cuts to undersea cables show the fragility of the Internet at its choke points.
By John Borland
Technology Review
February 05, 2008

Repairs start on undersea cable cut near UAE
Reuters
Feb 5, 2008 8:39am EST

Cable damage hits 1.7m Internet users in UAE
By Asma Ali Zain
Khaleej Times
5 February 2008

Underwater Fiber Cuts in the Middle East
Steven Bellovin
SMBlog
4 February 2008

Ruptures call safety of Internet cables into question
By Heather Timmons
IHT
Published: February 4, 2008

ATTENTION: Iran is not disconnected!
February 03, 2008 | By Earl Zmijewski at 06:15 PM
Renesys Corporation

Cable cuts, conspiracies, and submarines...
Jesse Robbins
O'Reilly Radar
02.03.08

Mediterranean Cable Break - Part III
February 02, 2008 | By Earl Zmijewski at 06:17 AM
Renesys Corporation

India Internet capacity at 80 pct after cables break
Reuters
Feb 1, 2008 2:32am EST

Web Disruptions Persist Overseas
Cables Could Take Weeks to Fix, Pressuring Business in India, Mideast
By MARIAM FAM in Cairo, CHIP CUMMINS in Dubai, JACKIE RANGE in New Delhi, and CHRISTOPHER RHOADS in New York
WSJ
February 1, 2008

Mediterranean Cable Break - Part II
January 31, 2008 | By Earl Zmijewski at 07:20 PM
Renesys Corporation

Cable Cuts Disrupt Internet in Middle East and India
TeleGeography
Thursday, January 31st, 2008

Mediterranean Cable Break
January 30, 2008 | By Earl Zmijewski at 06:53 PM
Renesys Corporation

Foundation [of Data Communications]
Data Communications and Computer Networks
Hongwei Zhang
Department of Computer Science, Wayne State University
Fall 2007

Enabling Global Communications - From Risk to Reward: Why must we learn our own lessons before we change risk management behaviour?
Keith Schofield
Pioneer Consulting (Dotdash Consulting)
Sub Optic 2007
May 17, 2007

Research & Security Applications of Submarine Technologies
Seymour Shapiro
Tyco Telecommunications Laboratories
SubOptic 2007

ADVANCES IN DEEPWATER CABLE MAINTENANCE THROUGH NEW GRAPNEL TECHNOLOGY
Jeremy Featherstone, Andrew Thomas
Sub Optic 2007
May 15, 2007

BLIPS ON THE RADAR SCREEN: THE CASE FOR SUSTAINED STABILITY IN NEW SUBSEA SYSTEMS DEVELOPMENT MARKET
Thomas A. Soja, John Manock, S. Hansen Long
T Soja & Associates, Inc.
Sub Optic 2007
May 15, 2007

The regulation of undersea cables and landing stations
Steve Esselaar, Alison Gillwald and Ewan Sutherland
IDRC 2007

Subsea Landslide is Likely Cause of SE Asian Communications Failure
Graham Marle, ICPC Secretariat
ICPC PRESS RELEASE -
21 March 2007

Taiwan Earthquake Fiber Cuts: a Service Provider View
Sylvie LaPerrière, Director
Peering & Commercial Operations
nanog39 - Toronto, Canada
2007/02/05

Excerpt: 'Breakpoint,' by Richard Clarke
Veteran Counterterrorism Official Writes a Futuristic Thriller
ABC News Internet Ventures
Jan. 17, 2007

Breakpoint
by Richard A. Clarke
Putnam Adult
ISBN-10: 0399153780
January 16, 2007

Earthquake Highlights Asian Dependency on Submarine Cables
TeleGeography
January 2007

Taiwan Earthquake Severs Undersea Data Cables
Geology News
Friday, December 29, 2006

Taiwan Quake Shakes Confidence in Undersea Links
By Jon Herskovitz and Rhee So-eui
Reuters
Dec 28, 2006

Earthquakes Disrupt Internet Access in Asia
A series of powerful earthquakes damages undersea cables and interrupts Internet connections in Asia.
Sumner Lemon
IDG News Service
December 27, 2006 11:00 AM PST

Earthquake in Taiwan
Status Report No: EQT-1
CAT-i, Guy Carpenter
Date: 26 December 2006
Time: 12:26:21 UTC (20:26:21 local time)
Position: 21.819N, 120.543E
Depth: 6.2 miles (10 km)
Magnitude: 7.1
Region: Taiwan Region

Big Brother Is Listening
by James Bamford
Atlantic Monthly
April 2006

SHORE ENDS TO RE-USE OR NOT to RE-USE
Stephen Dawe (Cable & Wireless), Tony Frisch (formerly Alcatel), Barbara O'Dwyer (Level 3) and Denise Toombs (ERM)
Tu A2.3, SubOptic 2004
March 30, 2004

RISK MANAGEMENT
Rick Cook
Alcatel
Tu A2.6, SubOptic 2004
March 30, 2004

Marine Survey & Cable Routing
Short Course
Ron RAPP, Mark LAWRENCE, Dick BORWICK, Takuo KUWABARA
Submarine Cable Improvement Group
Sub Optic 2004

A Concept of Operations for a New Deep-Diving Submarine
By: Frank W. Lacroix, Robert W. Button, Stuart E. Johnson, John R. Wise
RAND MR-1395
ISBN/EAN: 0-8330-3045-0
2002
Executive summary
Submarine Cable Infrastructure

Eyeballing: Transatlantic Cable Landings Eastern US
Cryptome
Various dates 2002

Spy agency taps into undersea cable
By Neil Jr.
Published on ZDNet News
May 23, 2001 12:00:00 AM

Mother Earth Mother Board
The hacker tourist ventures forth across the wide and wondrous meatspace of three continents, chronicling the laying of the longest wire on Earth.
By Neal Stephenson
Wired
Issue 4.12, Dec 1996

Gordon Housworth



Cybersecurity Public  InfoT Public  Infrastructure Defense Public  Risk Containment and Pricing Public  Strategic Risk Public  Terrorism Public  Weapons & Technology Public  

discussion

  discuss this article

Prev [1]  2  3  4  5  6  7  8  9  Next

You are on page 1

Items 1-10 of 89.


<<  |  October 2017  |  >>
SunMonTueWedThuFriSat
1234567
891011121314
15161718192021
22232425262728
2930311234
567891011
view our rss feed