return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

ICG Risk Blog - [ InfoT Public ]

Hamas will produce a Prime Minister faster than the Irgun


Menachem Begin headed the Irgun (The National Military Organization) by 1943, was leader of Israel's opposition by 1948, and Prime Minister by 1977. The Irgun had rejected the Haganah's "restraint" policy, carried out armed reprisals against Arabs, was condemned by the Jewish Agency, later turning those same skills on the British Mandate in Palestine. The Irgun's actions then are what Israel now attacks Hamas today. It will not take a Hamas leader 34 years to gain a Palestinian prime ministership or presidency.

My comment in Hamas moves into electoral legitimacy following the West Bank municipal elections (23 December 2004) is an understatement for Hamas' 27 January showing in Gaza:

No surprise, Palestinians would like a state of their own, a functional state and not a gelded Paltustan, a viable economic state able to lift the extraordinary poverty and lack of opportunity available to most Palestinians, a state that ends a fifty year diaspora from Jew and fellow Arab alike, a state that functions a state that dispenses appropriate services to its citizens, and a state than ends the kleptocracy of its governing elite. Then certainly no surprise that "Hamas militants defeated the mainstream Palestinian movement Fatah in nine of 26 local elections [in] a foretaste of challenges confronting emerging moderate leader Mahmoud Abbas."

Officially known as the Islamic Resistance Movement, Hamas won 78 of 118 municipal council seats, while Fatah, Abbas' party, won 38. Independents and minor parties won the remainder. Hamas took control of 7 councils to Fatah's 3. While Hamas had boycotted the Presidential election of Mahmoud Abbas (9 January, 2005), all Palestinian factions, save for Islamic Jihad (Holy War), joined the Gaza elections held in ten cities. The Central Elections Committee (CEC) Palestine said that 90,000 Palestinians over age 18 in Gaza were eligible to vote for a total of 414 candidates, including 68 women, contesting those 118 seats.

Voter turnout was about 85% of eligible voters, considerably higher than the landmark post-Arafat election of a Palestinian presidential successor only drew a 70% turnout even though it was:

the eve of transfer of power of the head of what passes for a rump Palestinian state; the one individual that has simultaneously represented and robbed the Palestinian people, that has been the instrumental linchpin of failure by insuring that the Palestinian negotiation process would never reach a conclusion as for him the process rather than the conclusion was authority and legitimacy

While this election may well be a "staggering blow to the Fatah organization" a "consensus on the choice of jihad and resistance," and a repudiation of Abbas' "platform of ending violence to allow talks with the Jewish state on Palestinian statehood," it can just as easily be a vote for reform and the ability of Hamas to deliver it as Hamas won support in non-Hamas areas. (It would appear that the Israeli military is not too upset as they see local issues and the influence of local clans supporting slates of candidates as more important than national policy.)

Palestinians in Gaza, which before its occupation by Israel in 1967 was ruled by Egypt, have never voted in local elections. The previous council here was entirely appointed, and entirely Fatah.

And Fatah was corrupt top to bottom. In contrast, Hamas provided "welfare, health services, schools and kindergartens" free of corruption and nepotism to the impoverished Gaza citizens:

"They are not corrupt, and there is no nepotism," she said. "They chose the path of Islam. They helped me during this intifada, financially and with food supplies. They don't differentiate. If you are Fatah, poor and a martyr, they help you."

Who would you vote for?

A second stage of West Bank municipal elections will take place in April. (In the December West Bank vote only 26 of 350 councils were at stake, with Fatah winning 12, Hamas 8, and the balance to independents.) Parliamentary elections are slated for 17 July. One should expect Hamas to participate, and do well, in both. "The radical Islamic movement Hamas" will soon enough simply be "Hamas," just like, say, Likud.

Democracy's New Face: Radical and Female
By Molly Moore
Washington Post
January 29, 2005

Hamas Makes Huge Gains in Gaza Strip Elections
By John Ward Anderson
Washington Post
January 28, 2005

Middle East: Hamas Claims Victory In Municipal Elections In Gaza Strip
Friday, 28 January 2005

Gordon Housworth

InfoT Public  Strategic Risk Public  Terrorism Public  


  discuss this article

Laser pointers: another example of unintended consequences, glide slope to the desktop


Laser pointers are yet another example of what I call technology's glide slope to the desktop, i.e., becoming smaller, cheaper, and more widely available. Once even reasonably available, all it takes to attract terrorist or criminal interest, is the public recording of someone experimenting, or the mimicking of the outcome of an accident or natural disaster. (Think how easily we now know how to take down an LA metro rail system or collapse a regional power grid.)

Lasers were pointed at US military aircraft as early as early as 1997:

The incident involving [Lt. Jack Daly] occurred April 4, 1997, in the Strait of Juan de Fuca, near the U.S. submarine base at Bangor, Wash. The Navy intelligence officer was flying in a Canadian helicopter monitoring the Russian merchant ship Kapitan Man, which appeared to be shadowing a U.S. ballistic missile submarine. A suspected laser device fired from the Kapitan Man left him and the Canadian pilot "victims of what could be argued was a hostile act in an undeclared war, an act of terrorism, and, at a minimum, a federal crime," Daly told Hunter's House Armed Services subcommittee on procurement. He and Canadian Air Force Capt. Patrick Barnes have since suffered persistent pain and deteriorating eyesight.

While there have been some 400 reported instances of lasers aimed at aircraft since the early 1990s, the volume is now increasing rapidly:

Over [January], pilots have reported more than 30 incidents of laser beams being trained from the ground into their aircraft, prompting warnings from federal authorities and new reporting guidelines.

Lasers were pointed at US commercial aircraft with rising frequency by September, 2004, and the incidents have now blossomed. By December, an FBI bulletin to law enforcement rightly notes that lasers are now "relatively inexpensive, portable, easy to conceal and readily available on the open market [and] Although lasers are not proven methods of attack like improvised explosive devices and hijackings, terrorist groups overseas have expressed interest in using these devices against human sight."

Lasers have long been able to cause temporary blindness, even causing severe retina burning and permanent blindness depending on intensity, proximity, and protection:

But just as red lasers were used by drug dealers to harass police helicopters and by sports fanatics to distract basketball players taking free throws, green ones have been put to ill use. And with their longer range, experts say, green lasers pose a real danger because they can render pilots temporarily blind.

The rise in incidents is due to plummeting cost and the emergence of green lasers. While prices have dropped for both red (150:1) and green (6:1), it is the fact that the green devices are visible over a much longer range (4:1) and have a much greater effect on the human eye:

The human eye responds to the green light approximately 50 times better than the red laser pointer, and that is why it appears so bright.

Lasers have become an ubiquitous fact of the economies of the developed world. A good introduction to laser hazard classification of the four categories can be found here. CD and DVD devices have the lowest, Class 1, lasers. Laser pointers are Class 3 ("definitely hazardous for intrabeam viewing," i.e., when its pointed at you), while industrial laser equipment are the highest, Class 4 ("either a fire or skin hazard or a diffuse reflection hazard. Very stringent control measures are required")

Most of the inexpensive, portable green lasers are Class 3. Think of simple approaches such as ganging them in bundles.

I urge readers to read Granneman's article on unintended consequences. We will not stop the march of technology any more than we will reformulate political decision making, but we can at least begin to consider the consequences, good and bad.

Laser Pointer Abuse Threatens Air Safety
By David A. Fahrenthold and Timothy Dwyer
Washington Post
January 27, 2005

Exploring the law of unintended consequences
By Scott Granneman, SecurityFocus
21 January 2005
The Register

Gordon Housworth

InfoT Public  Strategic Risk Public  Terrorism Public  Weapons & Technology Public  


  discuss this article

A tipping point in intellectual property protection?


It would appear that the US is at a turning point in its treatment, or tolerance, of global intellectual property (IP) theft, although it is fair to say that our process is flawed:

  • Too much of the Administration's focus is on on-line piracy and counterfeit parts, often sold as unbadged copies of the original and where the impact is seen to go no farther than direct revenue loss, liability over presumed 'faulty' parts, and impact to the producers' reputations.
  • Too much of the Administration's approach is devoted to ineffective, and even counterproductive means, primarily legal remedies and policy guidance buttressed by industry lobbying to influence legal and policy changes.

It is revealing that the recent report that is underpinning the renewed Dept of Justice interest in IP, and is the report that AG Ashcroft reviewed with MEMA (Motor & Equipment Manufacturers Association), Congressman Knollenberg, and other US manufacturers is principally devoted to legal and criminal investigative remedies. Reading the AG's announced recommendations of that report reflects the same legal and policy approach. Although these remedies will not work, and will actually backfire, as Cisco discovered in its tiff with Huawei, there are quite workable alternatives.

What seems to be missing, or has been missing, is the understanding that:

  • The real problem of counterfeit parts is that the counterfeiters will gradually uncloak to produce badged products that directly compete with the producers from which they had expropriated intellectual property, and thus can undercut the original producers' pricing, i.e., the endgame is being driven from the market, not mere revenue dilution or 'faulty' parts.
  • Counterfeits pale in comparison to foreign competitors expropriating intellectual property specifically to produce badged parts that build an independent brand awareness for price and quality that quickly drive the original producer from the market.
  • The principal remedies on offer presume a working legal framework in the expropriating nations that reciprocate the legal protections that we have come to expect, and depend upon, in our Anglo-European legal systems, i.e., without this reciprocation, our legal remedies for adjudication and redress are ineffectual in the country where the expropriation occurs.

The problem is certainly enormous, and growing more so. I am already on-record with the following predictions:

  • Emerging Asian suppliers will displace less efficient US suppliers in US supply chains
  • US OEMs will continue their pursuit of lowest cost suppliers, abandoning historic 'domestic' suppliers in favor of new Asian suppliers

And if it is not too late:

  • After enduring growing losses, US OEMs and major manufacturers will use IP security as a key selector for suppliers in the critical path of their supply chains
  • Protective IP programs will be essential to a supply chain's critical path, and so the health of the supply chain. (The trajectory of IP protection will mimic that of the rise of part quality as a mandatory selection criterion.)

Two remarkable events have put intellectual property squarely in the limelight, GM's accusations of a Chinese automaker using stolen design data, and the national security review of Lenovo's purchase of IBM's PC unit by the Committee on Foreign Investments in the United States (CFIUS).

US Commerce Secretary Donald Evans publicly accused the Chinese automaker, Chery, of "using stolen design information from GM Daewoo Auto & Technology Co." to produce Chery's QQ minicar. The target was the Chevy Spark/Daewoo Matiz which cost GM $500 million to develop. Mathdata and 'other design information' of the Chevy Spark "were simply stolen from GM Daewoo." The impact was riveting as the QQ:

  • Reached market before Spark
  • Costs 33 % less than Spark
  • Outsells Spark by 6:1 in Chinese market
  • Has identical body structures, exterior and interior designs

Chery was then 20% owned by Shanghai Automotive Industry Corp - GM's main joint venture partner.

The Committee on Foreign Investments in the United States (CFIUS), an interagency M&A review panel on national security grounds has given notice of review of Lenovo's purchase of IBM's PC unit over the "concern that Chinese operatives might use an IBM facility for industrial espionage."

There is recent CFIUS precedent in the 2003 review of the bid by Hong Kong's Hutchison Whampoa for bankrupt Global Crossing, owner of one of the world's largest fiber optic networks. That review, which causes HW to withdraw, was based upon concerns "about control of a key telecom provider by a firm with close ties to the Chinese government."

IBM-Lenovo deal said to get national security review
By John G. Spooner
January 24, 2005

US lashes out at Chinese piracy
(Asia Pulse/Yonhap)
Asia Times
Jan 15, 2005

Report of the Department of Justice's Task Force on Intellectual Property
Department of Justice
October 2004

Gordon Housworth

InfoT Public  Intellectual Property Theft Public  Risk Containment and Pricing Public  Strategic Risk Public  


  discuss this article

'Confident, Satisfied & Clueless': signals, sprignals, and noise are baffling internet searchers


If, as I believe, the mangling of the news is handmaiden to the manipulation of public opinion, it is no added comfort to find that the public is apparently incapable of finding accurate information when they seek it and so are vulnerable to being spoofed or misled.

Readers unfamiliar with the tripartite model of intelligence warning systems comprised of signals (valid information), sprignals (spurious, misleading information), and noise (extraneous information) are encouraged to go here for a quick primmer.

Searches on the major engines return a combination of relevance-based results, the 'native' responses, and fee-based sponsored links or sites, the 'padded' responses that may receive prominent positioning on the page. (Note that I use 'responses' as opposed to 'answers' as in each case the responses could be signals, sprignals, noise, or, as likely, a combination. Searchers are hard pressed to discriminate; whereas TV viewers "are likely to know the difference between television programs and infomercials," less than a fifth of Web searchers know which links are native and which are padded. Yet an the overwhelming majority of Internet users "are confident about their ability to search the Internet" and about half were "very confident."

This misplaced trust appears to rise from the largely trivial or simple searches that most users execute, leading to overconfidence and a naïve trust in the results of search engines. User demographics are interesting:

  • Users who trust search engines "tend to search less often, are more likely to use a single engine, [and] feel they are more successful than frequent searchers"
  • Younger users are more frequent searchers, are more confident, and exhibit more trust
  • Men use search engines than women and search more often, and have a "higher opinion of their [search] abilities despite being no more successful than women"

I take issue, however, with the suggestion that "as people gain experience with search engines, they also develop critical thinking skills that can help them avoid low quality or deceptive information." Were it only so, and while the Pew study does not address information quality, it points to a Wellesley University study that showed appalling results:

Students were overwhelmingly susceptible to three types of misinformationadvertising claims, government misinformation, and propagandaand somewhat susceptible to scam sites. The two most successful misleading claims were advertising and government misinformation.

This is serious signals, sprignals, and noise in abundance - and it gets worse. A startling number of factors indicate that the students "skills are simply not sufficient when evaluating online information":

  • All ages and skills had "similar difficulties in carefully evaluating information found on the Internet"
  • Placed greater emphasis on the process of finding 'an' answer than on analyzing the material before them
  • Very, very few double-checked information, accepting the first 'answer' that appeared
  • Inconsistent ability to differentiate between advertising and fact
  • Incredulous at the claims on one site while conversely being credulous to the claims of another
  • Those with "stronger traditional research skills performed no better than other students"
  • Near exclusive use of the Internet, effectively excluding all non-Internet sources

One wonders how long it will be before the "important and influential" search engine market is called upon to regulate its activities as it attains the "status of other institutions [whose] whose performance the public judges by unusually high standards, because the public is unusually reliant on them for principled performance."

Not soon, I wager, so users had better sharpen their skills:

[many] have difficulty recognizing trustworthy sources, though perhaps the underlying problem is a lack of understanding of the Internet as an unmonitored source of information. The difficulties students encountered suggest [their search practices are] of little use in determining the accuracy of online information. It is therefore important to develop specific research practices for Internet searches that take the structure and purpose of the Internet into account.

As students continue to view the Internet as a primary source of information, without a significant shift in training methods, this problem will only worsen. It is vital that students better understand the nature of the Internet and develop an instinctive inclination for verifying all information. This will allow students to take advantage of the tremendous benefits provided online without falling prey to the pitfalls of online research.

Survey: Searchers are Confident, Satisfied & Clueless
By Chris Sherman
Search Engine Watch
January 24, 2005

Search Engine Users: Internet searchers are confident, satisfied and trusting – but they are also unaware and naïve.
Deborah Fallows
Pew Internet & American Life Project
January 23, 2005

Critical Thinking in the Internet Era
By Leah Graham and Panagiotis Takis Metaxas

Gordon Housworth

InfoT Public  Strategic Risk Public  


  discuss this article

Beautifully written, curiously delivered, detached from geopolitical reality, perceived abroad as regime change, sustained unilateralism, hypocrisy


It is the policy of the United States to seek and support the growth of democratic movements and institutions in every nation and culture, with the ultimate goal of ending tyranny in our world.

Japanese politicians are famous for making statements crafted for a domestic audience seemingly without thought as to how those comments will be perceived abroad. It is difficult not to see the 20 January Inaugural Address in a similar light as I fear that it will be perceived as regime change, e.g., China, sustained unilateralism, e.g., the EU and Canada, and hypocrisy, e.g., the Arab and much of the Muslim world. As a geopoliticist, I find it difficult at best to present such a vision that alienates many, if not all, while gaining us little, save to a domestic audience that would have been satisfied with less.

In a pre-inaugural interview with The Washington Post, [Bush43] acknowledged the discomfort in Europe, the Muslim world and elsewhere [saying] "We need to work on a public diplomacy effort that explains our motives and explains our intentions." The international community did not see a "more collaborationist second term" but more of the "almost contemptuous unilateralism" of the first term and a repudiation of the policies of Bush41. The Address is certainly generating spin control from White House officials.

I share some of these foreign concerns as I am uncomfortable that the "goal of ending tyranny" remains as the latest in a series of retroactive justifications for hostilities in Iraq even as it is pre-positioned for future use in the DPRK (North Korea) and Iran. I am further bothered that yesterday's Axis of Evil is today's Outposts of Tyranny, and I doubt that it was not lost on either Iran or the DPRK that the administration saw to it that the remaining members of the Axis were migrated to the Outposts. While they are admittedly superb tag lines for a campaign, they do little for our suppleness in negotiation.

Remembering the observation that it is often easier to attack our friends, or the defenseless, as it is too dangerous to attack one's enemies, I think that it was unnecessary, even counterproductive, to place Cuba, Myanmar, Zimbabwe and Belarus in the same class as the DPRK. The comment, supposedly from a White House aid, that "Diversity is important, even among rogues" is utterly insufficient as was the comment of a "close colleague" of Rice that the Outpost "was trying to be illustrative, not comprehensive."

If Belarus was there to 'caution' Putin, we should remember that we now have little leverage over Putin or Russia as both scale down their expectations of US value, Putin has nationalized the critical Yugansk oil field, and has not expanded oil supplies to the US. Russia is already showing increasing displeasure at US presence in the Caucasus and the Stans. I would like to needle Moscow less as we will surely need them again.

The leaders of governments with long habits of control need to know: To serve your people, you must learn to trust them. Start on this journey of progress and justice and America will walk at your side.

The "senior administration official who was providing the annotated version of the speech said, "Listen to that word 'start'," the implication being that such nations "do not have to meet a fixed standard before they reap the benefits of better relations." Arabs are much more interested in the word 'finish' as see our support of Egypt, Saudi Arabia, and Pakistan as arch hypocrisy and further cover for US policy motivated by oil, financial matters, and support of Israel.

Worse, the speech was seen as "messianic" in tone and language and "potentially harmful to fledgling reform movements across the region." Even a Syrian reform advocate, Sadiq Azm, said:

It's scary stuff, so sweeping and overarching you don't know what to make of it. He's saying that what's good for America is good for everyone else. We are used to this kind of bombast from our Arab leaders. But it's been a long time since I've heard it in English.

While the US supports cautious, some say glacial, political reform while states attempt economic reforms to relieve domestic pressures, Islamic parties rise in popularity, Syria included, further frightening secular Arabs and reducing their enthusiasm for free elections. "Europeans would like to see more than better explanations of American positions. They would like to see actual dialogue… They want some give and take." Arabs will accept noting less than a solution to the Israeli-Palestinian issue, without which we will see increasing ground gained by Islamic radicals who are now "gaining ground on the Arab street." They are also promising freedom and liberty - from us.

A Speech About Nothing, Something, Everything
New York Times
January 23, 2005

Bush Doctrine Is Expected to Get Chilly Reception
By Peter Baker
Washington Post
January 23, 2005

Arabs Say U.S. Rhetoric Rings Hollow
By Scott Wilson
Washington Post
January 22, 2005

Gordon Housworth

InfoT Public  Strategic Risk Public  


  discuss this article

Using SARS to predict H5N1 Avian Flu impacts on regional & global supply chains, Part 2


Part 1

Host nation (PRC and HK) "Public" or core event hierarchy:

  • Restaurant activity
  • Public small to medium group activities
  • Mass transit
  • Tourism revenue
  • Airline revenue
  • Service industries (restaurants, hotels, airlines, cinemas, and theaters)
  • Host nation quarantine commences
  • Service industries suppliers (air navigation services, wholesalers, food providers)
  • Discretionary products (notably luxury goods)
  • Global airport sales of all items
  • Foreign (offshore) quarantine rises
  • Host nation quarantine methods increase in intensity
  • Host nation (PRC) mismanagement of news/story continues
  • 'Phonecam nation' collects and provides data about virus spread to unofficial databases beyond government control
  • Asian markets/indices
  • Trade fairs and commercial events
  • Manufacturing transportation (truck, ship, air)
  • Healthcare response and availability (including health providers)
  • Light industrial orders (new business replenishment)
  • Light industry investment
  • Financial services companies (commercial banks, investment banks, and brokerages)
  • Financial services staff relocations
  • Expatriate employee recalls/returns
  • Host nation admission of prior news management, relative, but transitory, transparency
  • Military mobilization to support containment
  • Draconian mandatory healthcare incarceration
  • Increasing toll on available healthcare providers
  • Tideside/port impacts
  • Heavy industrial orders (new business replenishment) (Plants in this segment were more isolated)
  • Heavy industry investment
  • Regional economic contraction (Hong Kong, Singaporean and Taiwanese economies had begun shrinking; Malaysian and Thai economies slowed with expectation of shrinking; PRC's industrial expansion slowed)

SARS' modest transmission rates allow relative containment, interrupting the event hierarchy:

  • Global economic integration (notably outsourcing to low cost producers and related SG&A procurement, tracking, and IT activities)
  • Global supply chain interruptions
  • Overwhelmed health system
  • Civil unrest
  • Martial law
  • Rural and urban migration
  • Regional economic collapse

"Post-event" hierarchy:

  • WHO certifies global hotspots as free from contagion
  • New case/suspected case disclosure cause minor economic ripples
  • Economic activity recovers
  • Host nation acknowledgment of news suppression to 'prevent' immediate/local impacts to revenue, trade, tourism, and bureaucrat reputations
  • Promise of future immediate transparency and cooperation
  • Recidivism commences
  • Host nation punishment of "whistle blower" citizens

A bit of light humor. As thieves will always prosper in troubled times, LVMH Moët Hennessy Louis Vuitton was upset by photos showing Hong Kong residents wearing SARS masks bearing counterfeit Louis Vuitton logos.

An Avian Flu pandemic will not allow time for humor.

Gordon Housworth

InfoT Public  Infrastructure Defense Public  Risk Containment and Pricing Public  Strategic Risk Public  


  discuss this article

Using SARS to predict H5N1 Avian Flu impacts on regional & global supply chains


Suspected human-to-human Avian Flu H5N1 transmission has occurred in Vietnam, and is the kind of trigger news that could launch the epidemic/pandemic "event" noted in The flu season not yet underway and uncomfortable signs that 'when, not if' is shifting to 'soon, not when'. Worse, the lack of reliable or widely available tests may be masking other cases. H5N1 is vastly more fearsome than SARS (Severe Acute Respiratory Syndrome).

In the case of SARS and now Avian Flu, governments are voting short term economic gains, reducing the flow of accurate infection information, impeding inspection by foreign epidemiological staff, and forestalling destruction of infected fowl, thereby blinding themselves - and us - to the tipping point of a pandemic.

Independent actions by local, regional, and national governmental entities effectively conspire to make the situation opaque. Vietnam, Thailand, and China are now repeating news suppression and denials in avian flu animal-to-human and human-to-human transmissions.

For all the interruption and destructive capacity of the SARS epidemic - the worst economic crisis in Southeast Asia since the bank failures and currency devaluations - one must remember that in comparison to Avian Flu, SARS was much more difficult to affect contagion. An Avian Flu pandemic will massively accelerate the SARS timeline. Containment is problematic.

During the SARS epidemic, we built a hierarchy of events in real-time so as to predict supply chain impacts before they occurred. If we have to dust it off for Avian Flu, the progression speed will be frightening in comparison.

Following is a sanitized event hierarchy for SARS that flags items that effectively worsen, impacting revenue and life. It does not include items that increase, or respond to the situation, such as the foreign (offshore) rise in teleconferencing (including audioconferencing, videoconferencing and Web conferencing), and host nation sales of autos and motorbikes (to avoid mass transit).

Two variables quickly emerged:

  • Primary variable: duration (as opposed to number of affected industries)
  • Secondary variable: continued/lingering fear

Hierarchy of Impact is divided into three sections:

  • "Pre-event" hierarchy: events leading up to the Asian (PRC and Hong Kong) breakout of major economic and health effects.
  • Host nation (PRC and HK) "Public" or core event hierarchy: events causing regional disruption, death, and economic loss
  • "Post-event" hierarchy: aftermath and mop-up events

"Pre-event" hierarchy:

  • Anecdotal communications among healthcare providers, CDC (Center for Disease Control), and WHO (World Health Organization)
  • Host nation suppression of news and entry of foreign disease control personnel
  • Unexplained disease reports of "acute respiratory syndrome" in neighborhoods, local hospitals, and health workers
  • WHO confirms disease as "worldwide health threat"
  • Air-transit leaps of disease (ex: Canada, Taiwan, Germany, US)
  • Foreign (offshore) travel warnings (ex: Canada) cause immediate travel, convention, tourism, service industry impacts, and airline revenue impacts to affected areas
  • WHO issues South East Asia travel guidelines
  • Foreign disease control personnel fall ill (insuppressible news event)
  • WHO recommends postponement of all non-essential travel to Host nations (PRC and HK)
  • Foreign (offshore) quarantine commences

Part 2

Suspected human-to-human bird flu transmission in Vietnam
Deborah MacKenzie
17:15 21 January 2005

Gordon Housworth

InfoT Public  Infrastructure Defense Public  Risk Containment and Pricing Public  Strategic Risk Public  


  discuss this article

"Evil twin" WiFi base station cloning enters the wild


Evil twin base station cloning, identified by Internet Security Systems (ISS) in the US in 2002 has now appeared in the wild in the UK, a surprising lag of over two years:

BaseStation Clone (Evil Twin) intercept traffic

An attacker can trick legitimate wireless clients to connect to the attacker’s honeypot network by placing an unauthorized base station with a stronger signal within close proximity of the wireless clients that mimic a legitimate base station. This may cause unaware users to attempt to log into the attacker’s honeypot servers. With false login prompts, the user unknowingly can give away sensitive data like passwords.

Never strong on encryption even when properly set up, WiFi hubs are sold in their most permissive TX mode. Base stations can be sniffed by readily available war driving tools and those found open can be exploited passively. Base station cloning goes one step further and overwhelms (jams) the legitimate signal of the sniffed base station with a stronger one, or one closer to the wireless client.

In a technically trivial exploit, the evil twin hotspot is then substituted as a honey pot:

Once an unknowing user has connected to an evil twin, a hacker can intercept transmitted data. Users are invited to log into the evil twin with bogus login prompts and can be lured into passing sensitive data such as user names and passwords.

While users are commonly urged to be attentive when using WiFi-enabled laptops or PDAs when conducting financial transactions or sensitive personal or corporate data, users are often forgetful, or are inattentive when setting up the PC, thus leaving themselves vulnerable. Worse, many users do not know what is valuable to whom, thus they utilize certain services that provide critical data to a collector. (The exploit is so simple that a targeted individual can be surveilled for frequented hotspots and then an evil twin substituted at the appropriate time.

As the traffic of the targeted individual(s) and all collateral innocents are passed along to the intended sites, the victims are none the wiser. Once an unknowing user has connected to an evil twin, a hacker can intercept transmitted data. Users should enable all WiFi security features and install a firewall on the portable device. (Those users with more advanced security connections such as 802.1X authentication or VPN tunnels are not affected.)

I predict that the evil twin exploit will be extended to surreptitiously downloading malware onto vulnerable machines for subsequent exploitation.

The problem or the opportunity, depending on your point of view, will only increase as hotspots expand from today's 50,000 to some 200,000 sites by 2008. (California, for example, will install WiFi links in 85 state parks over the next six months.) Jiwire currently lists the top ten WiFi hotspot nations, in descending order, as the US, UK, Germany, France, Japan, Switzerland, Italy, Spain, Canada, and Australia

The problem will persist until older, vulnerable legacy machines are washed from the user community.

'Evil twin' fear for wireless net
2005/01/20 10:30:20 GMT

Are You Vulnerable?Wireless, Worms and Cyber Threats
David Gerulski, Internet Security Systems

Gordon Housworth

Cybersecurity Public  InfoT Public  


  discuss this article

Rising awareness and increasing value of 'Commercial-off-the-shelf' tools and companies for intelligence gathering and analytics


More a point along a continuum of behavioral shift than a notable milestone, I see the FBI's formal retirement of its packet sniffing tool, DCS 1000 - which debuted with the politically tone-deaf name of Carnivore, in favor of commercially available tools often run by the ISPs themselves as another recognition of changes in the commercial and political marketplace:

  1. In terms of product, what I like to call the 'glide slope to the desktop' of ever increasingly competent COTS tools is allowing federal and state agencies to buy in tools for data gathering, analysis, and synthesis, at lower cost, shorter lead/lag times, and with better bug maintenance and enhancement releases.
  2. In terms of companies, the growth of vertically integrating commercial "intelligence [agencies], gathering data, applying analytics" is allowing federal and state agencies to distance themselves from political redress while availing themselves of low cost information simultaneously being sold to other commercial firms needing credit or background information.
  3. In terms of what I call 'boundary exploitation,' states are increasingly able to make richer data sets available to federal authorities in a manner that does not violate Posse Comitatus, Privacy Act of 1974, and DoD internal policies.

I hasten to add that there is nothing new here, no tectonic shift. See, for example: TSA helped JetBlue share live passenger data with contractor, Privacy and Consumer Profiling, and 'Ask' without 'task': legal circumvention of Posse Comitatus and Privacy Act of 1974.

What does stun me is the price paid in either money or political damage for some custom tools. Carnivore was estimated to have cost "between US$6 million and $15 million." As an analyst and SME (subject matter expert) that works closely with tool developers for pattern detection and data fusion, I am astonished.  It was also prone to embarrassing failures that compromised on-going investigations. The FBI's Virtual Case File (VCF) appears to have failed wholesale in terms of architecture and coding such that functionality, operability, scalability, and extensibility were crippled; the only landmine not publicly stepped on so far is interoperability. The developer, SAIC, is a year-late in delivering but a fraction of the required functionality of what is a $170 million effort, again, an astonishing figure.

Some terms you should remember in terms of tools providers and corporate data citadel aggregators:

  • Data mining (now politically discredited, often replaced by Predictive analytics or Knowledge discovery in database (KDD)): The application of database technology and techniques, such as statistical analysis and modeling, to uncover hidden patterns and subtle relationships in data and to infer rules that allow for the prediction of future results.
  • Dataveillance: Surveillance of large groups of people, sorting large amounts of personally identifying data, to find individuals who might fit a terrorist profile.

DHS CIO, Steve Cooper has long held that government must look outside:

[Pointing] to the financial-services industry's well-developed business processes and technology to exploit data it collects on individual customers as expertise the government could learn from [Cooper says] "There's far more information outside the federal government about us, as individuals, than anybody inside has a clue about. Why not build upon their assembled expertise?" The feds also want state cooperation.

The value of firms such as ChoicePoint become clear when Cooper states that DHS is:

 "looking to a "capture once and reuse many" approach to data gathering, meaning data will be shared among agencies [and that] Data mining would also be a central IT function for homeland security. "What we’re talking about is pattern recognition, or the use of software intelligent agents to peruse data, [which are] driven by algorithms and rules that define themselves over time," Cooper said. Such tools "can marry statistically derived outcomes from known events to predictive models."

The battle over the intentions of ChoicePoint continues. See An insider says EPIC hasn't done homework on credit agencies and Two law professors defend EPIC's letter slamming creditagencies.

Firm Quietly Finds Wealth In Information
By Robert O'Harrow Jr.
Washington Post
January 20, 2005

VCF assessor: Stop funding
BY David Perera
Federal Computer Week
Jan. 18, 2005

Gordon Housworth

InfoT Public  Infrastructure Defense Public  Strategic Risk Public  


  discuss this article

There are no rear areas in the media war either


Given the media fishbowl in which the Iraq has long immersed, tugged at every turn by protagonists of every stripe, it is remarkable that US forces at the soldier level are joining the media war. A process commenced in October 2004, nearly two years in the Iraqi war, is now public:

media training for soldiers going into the war zone has been stepped up, becoming mandatory for Army troops. "Talking point" cards for military personnel, meanwhile, are being updated regularly as the war progresses -- often as much as once a week -- to keep up with the conflict's changing issues and the proximity of embedded reporters. Among the current talking points: "We are a values-based, people-focused team that strives to uphold the dignity and respect of all."

What was once an elective available upon request to interested military units has become a mandatory requirement for all army troops deploying to Iraq, and its intent is to serve each individual soldier, not just officers and senior enlisted, as a "standard part of deployment preparation." Public-affairs specialists from the Defense Information School at Fort Meade, Maryland, now deliver one to two hours of briefings. During these briefings, soldiers are urged to "speak with the press as a way of promoting the positive elements of the operation, but not to lie or speak about issues with which they are not familiar." Soldiers are not to discuss classified information, "to confine comments to their area of knowledge, and to stay on the record."

Under the expectation that audio and video media teams could be in a position to interview soldiers at any time, the training includes media savvy tips that any corporate titan would recognize:

[Talk] to the interviewer, not the camera; avoiding acronyms, profanity, or a "no comment"; and not arguing or answering a question they do not want to answer.

The Marines have given their long extant media training a higher profile in recognition of its rising importance. Getting to the point, they start with, "We are not an occupying force." Marines now receive tailored talking points, "as much as every week" if situations demand it. A group of marines departing Fort Bragg for Iraq have been given "wallet-card" talking points that included:

  • The Marine Corps is trained, resourced, and ready to accomplish its missions. We are committed to the cause and will remain in Iraq as long as we are needed.
  • The fight in Iraq is tough, but we will remain steadfast and not lose heart.
  • We are moving forward together with the Iraqi government as partners in building a future for the sons and daughters of Iraq.
  • Coalition forces will help our Iraqi partners as they build their new and independent country and take their rightful place in the world community.
  • Our troopers and their families are our greatest and most treasured resource.
  • The Corps is a national institution -- it has never failed to do the will of the American people.

Concerns have been raised over situations in which troops have to misrepresent facts, perhaps even lie, in order to fulfill these 'media' duties of presenting a perpetual positive outlook. Not to diminish such concerns but to put them in perspective, where would we be had we trained troops in basic prisoner treatment, especially when they are the common criminals of Abu Ghraib.

I believe that those so concerned fail to recognize the military sea change. Media training, like basic training, has now a become necessary skill, a "common task, much like firing your rifle" for every soldier.

Exclusive: Media Training Now Required for Iraq-Bound Soldiers
By Joe Strupp
Editor & Publisher
January 18, 2005 12:00 PM ET

Gordon Housworth

InfoT Public  Strategic Risk Public  


  discuss this article

Prev 26  27  28  29  30  31  [32]  33  34  35  36  37  38  39  40  41  42  43  44  45  46  47  48  49  50  Next

You are on page 32
A total of 68 pages are available.

Items 311-320 of 673.

Pages: [1 - 25] [26 - 50] [51 - 68]

<<  |  May 2020  |  >>
view our rss feed