Tag Archives: Information Assurance Business Affairs Office

September 26, 2014 · 21:23

For our spies only!

It’s out in the open, apparently Australia will get its first feel of a ‘cold war’, which according to Attorney General Brandis, will be a lot worse, will it?

Let us take a look.

The first source is the Guardian (at http://www.theguardian.com/world/2014/sep/26/spy-agencies-to-get-stronger-powers-but-what-exactly-will-they-be), as I am all about a certain level of consistency, let us add a few quotes. “Crossbench senators and many stakeholders raised their concern that, in the absence of a clear definition of a computer network, a single warrant could be used to access a wide range of computers, given the internet is a network of networks” as well as the response to the greens who wanted to add a limit of 20. “Brandis said such an amendment “would impose an arbitrary, artificial and wholly unworkable limitation that would frustrate the ability of Asio to perform its statutory functions“.

These are both fair points, in regards to the sunset clause the response was “No. Brandis rejected a call to put a 10-year expiry date on the new law related to special intelligence operations, despite agreeing to similar sorts of sunset clauses in the yet-to-be-debated foreign fighters bill“.

And the fourth quote, which we need later on is ““Freedom is not a given,” the attorney general said. “A free society is not the usual experience of mankind. Freedom must be secured, and particularly at a time when those who would destroy our freedoms are active, blatant and among us”“.

So, this sounds fine and it all sounds viable, but what about the dangers here (are there even dangers)?

For those with some insight in law, here is the bill as it currently stands (at http://parlinfo.aph.gov.au/parlInfo/download/legislation/bills/s969_first-senate/toc_pdf/1417820.pdf), which for the most is an amendment to the Australian Security Intelligence Organisation Act 1979 (at http://www.comlaw.gov.au/series/c2004a02123).

Initially, it seemed that there was an issue on page 76, yet, when we look at the final product, the change makes perfect sense. The first change here is the approach to information; basically, we will not have a weaky leaky speaky person. So we will (hopefully) not have an issue with some person dreaming to be on team Manning, Snowden and Moronic. It was so nice of the NSA to get into ‘hot’ water, so that we can prevent it. However, not all is well; this is seen (at http://www.theguardian.com/world/video/2014/sep/26/internet-threat-existence-video). Whether it was just bad form, or over generalisation, Senator Glenn Lazarus stated “The internet is a serious threat because it can be used to orchestrate and undertake criminal behaviour across the world“. He then continues how ASIO and ASIS are there to increase security. It is this slight casual quote that seems to voice the dangers, as these powers are needed to combat security threats of several shapes. Yet the senator states “orchestrate and undertake criminal behaviour“, which is a lot broader then initially implied. This does not mean that this will be used as such, and quite honestly, if it stops shady financial advisors, then I am all fine with that, but it goes further than that as it was voiced (not stating the reality will be as such). Another part of the Guardian showed the ‘grilling’ of Attorney General Brandis by Senator Scott Ludlam, yet it seems that there the kettle is off the boil too. The Senator knew that Brandis would not answer or resort to speculation. He stated “I am not going to indulge Senator Ludlam by answering hypothetical cases or cases of historical interest“, which is fair enough. The Senator should know that, when he did a similar thing on October 4th 2013.

So where is the fire and is there a fire? You see, what is happening now, is what should have been done some time ago. I oppose Brendan Molloy from Pirate Bay (a fellow student), but his heart is in the right place (top right behind the rib cage, just like mine) and all these posters we see all over the place in regards to whatever, whenever, forever and prison. It is nice that we see all these posters on dangers and so on, yet some people seem to ignore the debilitating blows the US suffered at the hands of Manning and Snowden, not to mention Jullian Assange (which I will not go into at present). This will now change. At times those who don’t know speak those who know remain silent. It is when those who know speak out, that is when the casualties really go into many digits and Australia has its own brand of security issues. America has a little over 19,000 border miles on an area occupied by 320 million people. Australia seems larger, with a 22,000 border miles coastal line, yet overall Australia only has 22 million people, so with a population less than 10% we have to play the game another way. The security measures are one way, not the only way, but it will possibly stem several issues, which gives our intelligence branches a little more time to figure it out. Let us not forget that we have an intelligence structure and a form of Signal Intelligence, but if you think that they get a serious chunk of cash, then consider that the total Australian intelligence budget is a little under 1% of what America gets, and we get to look at a similar sized chunk of land to observe and a lot less people.

This got me to two issues that are now forming, yet the bill seems to not cover it as such. I am referring to the Telecommunications (Interception and access) Act 1979. Intelligence is essential, so is data collection and analyses. What happens when new solutions are needed? What happens when we face a change? The US had this when they needed more efficiency for the buck and a system called Palantir was used in the tests. Like Deployable Ground Station (DGS), the army ended up with a version known as DCGS-A. Now we get off to the races, the initially optional new system Palantir, its software was rated as easier to use (not unlike the analytical tool IBM Modeller), but did not have the flexibility and wide number of data sources of DCGS-A, which now gets us into hot water, or what the London Chef of Sketch might classify as: ‘from the frying pan into the fire’, these changes will also impact other systems and other people. In many cases the use of a NDA (Non-Disclosure Agreement) is used (or in many cases Positive Vetting). The entire mess (slight exaggeration), will take on new forms as we see how the changes might also have a flaw (as I see it), what happens when there is a sudden spike of collected data. Scripts, automation, production jobs and moreover the gathering, sifting and storing of data will soon take an entirely new dimension. The current intelligence framework is in my humble opinion not even close to ready for a growth in excess of 400% (800% is more realistic). You see, if we are to set up a path that gives us a possible trace of events, then we need several snapshots, now, they will not snapshot the entire nation, but the amount of data that needs to be stored so that the people who need to know can follow the trace will be a massive one. I for one, am absolutely not in the mood to allow a ‘3rd party’ (read IBM, Oracle and a few others) to set up shop, as that data could even end up in America. Even though I have no issue with my data, feel free to check my Diablo 3 save file guys! The issue is when a grey field allows other uses. For this I recall the article ‘NSA linked to corporate dangers?‘, which I wrote on September 22nd 2013 (Yes, a year ago!), where I quoted the NSA site (the open source unclassified part), “The Information Assurance Business Affairs Office (BAO) is the focal point for IA partnerships with industry. It also provides guidance to vendors and the NSA workforce in establishing IA business relationships and cultivates partnerships with commercial industry through demonstrations and technical exchanges“.

So when we see such an escalation, how long until we see an ‘evolution’ of our intelligence data to create a business space? Let’s be honest upfront, the NSA has a different charter and as such has a massive amount of additional tasks, yet in the current form, is such an evolution that far-fetched? How dishonest is the advantage when a firm like Telstra or iiNet gets their greedy little marketing claws on data so verbose that they can target 10%-20% more ‘efficient’? So we have 2 sides and as far as I see it an element that might need tweaking because of it (reference to the: Telecommunications (Interception and access) Act 1979). The entire Data mining issue is also on the table as I have not met an abundance of miners who have my levels of skill when it comes to massive data sets. When the pressure is on and they need to create a creative alternative to a missing values data set, the race will be pretty much over. Then what? Get external experts?

Now we go back to the initial fourth statement ““Freedom is not a given,” the attorney general said. “A free society is not the usual experience of mankind. Freedom must be secured, and particularly at a time when those who would destroy our freedoms are active, blatant and among us”“. I do not oppose the statement perse, yet in my view the statement is “Freedom is a given in Australia, to keep the Australian values, in a time and under conditions that were designed to remove the tranquillity of our lives, steps must be taken to safeguard the freedom we hold dear. As such we need to act according to new paths for the sole purpose of stopping these elements amongst us, who are driven to remove freedoms, we and all those who came here to enjoy our way of life“.

Freedom remains a given, we will just add a few new solutions to stop those intent on destroying our lives and our freedoms!

In the end, both the Attorney General and myself decided to make Pappas Bravas, he said potato, I said tomato, yet I remain at present cautious on who else is eating from our plate, without the balance of the whistle blower, that person might remain undetected, in that regard, I would have preferred that a clear location would be there to alert someone, even if it was a special appointed judge (who would be added in subsection “(4) The persons to whom information may be communicated under subsection (3) are the following:

Was that such a stretch?

 

Leave a comment

Filed under Law, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , ,

September 22, 2013 · 19:04

NSA linked to corporate dangers?

The Netherlands are facing a new issue, one that they had not bargained for. It is my personal view that the matter at hand seems to be getting misrepresented, so I need to do something about it.

First let us take a look at the reported facts.

On Saturday 21st September the Dutch NOS reported on TV and on their website on how the Dutch are opening their doors to the NSA (at http://nos.nl/artikel/553680-nederland-opent-deur-voor-nsa.html) The issue is that on business grounds the Amsterdam Internet Exchange is considering opening an office in the US, which would under the FISA all their servers open to investigation by the NSA. In that scenario all of the Dutch internet traffic can at that point be monitored by the NSA.

The first question that comes to mind is what the exact benefit is to open an American office. I wonder why that step is so essential. That reason might be very valid, I just do not know.

The danger is not ‘privacy‘ as such. So many people keep on blabbing on how their privacy is so much in danger. I think that remains to be grossly exaggerated. The additional issue raised by the NOS on their Saturday broadcast (which was not on their website) is a different matter. In there the mention was made by Nico van Eijk from the University of Amsterdam, where British executives from an online gambling site, something that is perfectly legal in England, is not legal in the US and when these executives were in the US on business for other ventures, they got themselves arrested. This info can be found at http://www.cato.org/blog/uk-gambling-ceo-arrested-us-airport. The important quote here is “the U.S. has exploited those treaties to effectively kidnap British citizens who broke no British laws, and extradite them to the U.S. for trial on charges of violating U.S. law“. There is of course another legal side to this. Did David Carruthers actually enable these transgressions of law? Connected to this is the Mark Emery case, which involved a Canadian ‘evangelist’ for medical Marijuana. Did either enable US business?

A quote from the UK’s Daily Mail gave us “Investment bankers Goldman Sachs says that the clampdown by the American authorities could mean ‘that the US could cease to be a viable market for online gaming companies.’ That would be tantamount to destroying the earnings of the main firms since 70% of them originate from the United States.

The two sides here are that in the first degree these companies do rely on their American market. Knowing that the events were illegal, going to the place looking out for you was not really that bright was it? The second was that the statement came from Goldman Sachs. Bringers of the popular gambling option ‘soon, because of our bad judgement, you no longer own a house‘. Seems a little warped doesn’t it?

We could of course come to the notion that the NSA executive is riddled with spineless paperbacks, not a hardcover amongst them! But the reality is not that clear. In actuality, the game they could end up playing is a lot less appealing for those outside of the US.

For that part we need to take a look at the NSA website (certain parts of it) and to start we need to look at a document that came from the Defense Technical Information Center in Fort Belvoir Virginia. This document called “2009 National Intelligence, A Consumer’s Guide“, where at page 52 it states “The Act specifies that OIA shall be responsible for the receipt, analysis, collation, and dissemination of foreign intelligence and foreign counter-intelligence information related to the operation and responsibilities of the Department of the Treasury.

Now add the information on the mission statement from the treasury as displayed by the white house. “Support the Department of the Treasury’s mission to promote economic prosperity and the financial security of the United States” this is only part of that mission statement, but by itself it is just as valid. The two now give them additional possibilities through the NSA.

That part is seen on the actual website of the NSA and specifically a department called the ‘Information Assurance Business Affairs Office‘ (at http://www.nsa.gov/ia/business_research/ia_bao/index.shtml), here we see the following parts:

1. The IA Business Affairs Office (BAO) is the focal point for IA partnerships with industry. It also provides guidance to vendors and the NSA workforce in establishing IA business relationships and cultivates partnerships with commercial industry through demonstrations and technical exchanges.

2. The benefits of working with the BAO are (two of them):

  • Increased product marketability
  • Assistance in the development of next generation solutions

These are only part of the mission. They do a lot more. So in the upcoming age where the world will revolve on big data and parsing information, US businesses might get the option to get access to Exabyte sized data, marketable, distributable and sell-able. The intelligence side of the US was never the problem. The corporate side, for which I have tried on several occasions to warn others about (like ‘the Google’ and ‘the Facebook’) will get access to information and innovation on a global scale.

When we consider the utter inability by the US government to get their own spending under control (not just them mind you). As they are now closer and closer on the edge of bankruptcy (17 trillion in national debt will do that to anyone), their own treasury will only need to receive just one mandate ‘to grow and assure the continuation of the United States and its economy‘, which is already part of the treasuries mission statement. In the age where the current president is so polarised against his opposition, where he is adamant that spending is the only option, he will not hesitate to speak these words (can’t really blame him, can I?). It is decently likely that this would give specifically assigned parts of corporate America the option to market Petabytes of data. Outside of the US, the industrial age would then collapse in a way you cannot even imagine. They could globally sell lists on scales no one can compete with. Consider the future to have one provider in data; the ripple effect in the industry would be devastating. However bad you think you have it is nothing compared to what happens if the thought I am having is a reality. Consider the data files people created. The issue I was confronted with yesterday is that someone saw a nice design on a 3d printer and he wanted to use it, but it was not his design. The help file contained the info I expected it to have. All files from that program were to be considered shareware/freeware and could be used and distributed freely. The software maker had done this to avoid liabilities. It made perfect sense. He made a program he wanted people to use, he did not charge anyone for it and to avoid people coming after him for being nice, he made it all freeware. But whoever designs in that program, those data files are freeware too. So anyone can use it. How many programs do you think are out there built on that principle? Now consider those artistic idea’s, traded freely and there is nothing you can do about it.

That was part of the fear I had and as almost EVERYONE gave away their rights on social media, who profits? It seems to me, not the creator!

But then those in social media opted for that, however those on corporate networks and business internet connections did not opt for such futures. The question is, how protected are they from misuse of their data?

So how long until it is no longer about finding terrorists?

 

Leave a comment

Filed under Finance, IT, Law, Media, Politics

Tagged as , , , , , , , , , , , ,