Tag Archives: United States Department of Homeland Security

May 21, 2019 · 12:55

That’s the way the money flows

The Independent had an interesting article 2 hours ago. The article (at https://www.independent.co.uk/news/world/americas/china-drones-spy-us-dhs-security-data-alert-a8922706.html). The title leaves little to the imagination with: ‘Chinese drones may be stealing sensitive information, DHS warns‘, after the Trump google play, after his refusal to submit to subpoena’s, after the anti Huawei activities that so far has never yielded any active evidence (the 8 year old case was settled within months are done with). Now we see: “Chinese-made drones in America may be sending sensitive data to their manufacturers back home where it can be accessed by the government, the United States Department of Homeland Security (DHS) has warned“, which might be a nightmare if it was not so hilarious. You see the next quote: “CNN, which obtained the internal alert, reported that the DHS fears drones will offer Chinese intelligence unfettered access to American data“, it comes across like we have a case where a CNN reporter has been hit by a silly stick and never recovered. Consider the drones we see, there is no space to have a dedicated hack system on board. Yes some can be done with a mobile, and there is plenty of space in that device, now consider the ‘sensitive’ data that needs to be found, the data needs to be connected to (and with all these faulty Cisco routers that is relatively easy at present), then a selection needs to be downloaded and that is merely for one place, one device. All this stops when any person uses common cyber sense. It is the revelation that we see next, that is the one that matters. With: “Though the alert didn’t name specific companies, the vast majority of drones used in the US and Canada are made by the Shenzen based Company, DJI, CNN reported” we see the part that matters. As drone services are up on an almost exponential growth as we see the push that got there. The news from November 2016 gave us: “Domino’s Pizza Enterprises Limited (Domino’s) and drone delivery partner Flirtey delivered the first order, a Peri-Peri Chicken Pizza, and a Chicken and Cranberry Pizza“. Consider the option to avoid traffic in New York, Los Angeles, San Francisco, Boston, Chicago, Seattle, Pittsburgh, all places with massive congestion. Drones are the optionally the newest quick way to deliver food, Amazon needs, Walmart needs, all in growing need due to the events where retailers and shippers combine forces to avoid a few items, and with congestion set to zero, people will flock to that consideration. Now the operational part, it seems that DJI is ahead of the curve, another Chinese company decided to truly innovate and now that the push is there and America is bankrupt (as I personally see it) anything possible to avoid money going to China, America is taking a pot shot at that. So when we are also treated to: “A spokesman for DJI denied that any information was being transmitted to it from its drones, adding that the security of its technology has been independently verified by the US government.” I start wondering if DHS was able to do its job properly. Now let’s be clear, there is no doubt that ANY drone can be used for espionage, especially if it is quiet enough. Yet is that the issue for DJI, or is that an issue with the spy that utilises drone technology? Yet that is actually not the only side, on the other side we see mentioned: “Those concerns apply with equal force to certain Chinese-made (unmanned aircraft systems)-connected devices capable of collecting and transferring potentially revealing data about their operations and the individuals and entities operating them, as China imposes unusually stringent obligations on its citizens to support national intelligence activities,” Now, this part does make sense. It is the same as the Apple Fitbit, that due to its global nature started to hand out the jogging patterns of Special forces in the Middle East, so within 3 days several members of the two dozen operatives had a check on their calorie burning and health, whilst the mapping data showed the world where the CIA black site was (oh apologies, I meant to say a military specialist endeavouring location of an undetermined nature). The question becomes how was the ‘the security of its technology has been independently verified by the US government‘ achieved? Was that verification process competent, or perhaps slightly less so?

I am not stating my verdict in either direction; yet the entire Huawei mess, as well as the DJI setting implies that the growth industries are shunned from America, mainly because it is not an American industry. Yet in all this, the forget that places like the EU and India are large enough to go forward with both players and truly grow further, whilst the downturn and the economic lag that the US is creating will merely grow the loss of momentum and the recession it will fuel in other ways. I would consider that the setback that Google is trying to create will have larger repercussions down the road. As larger Data vendors will now optionally choose the Chinese side, they will grow market share. You see no matter how it is sliced, all this is data based and data can only grow if there is usage. So when people remain with Huawei as their phone keeps on working, we see that there is a larger concern soon enough. At some point people will stop trusting Samsung, Google and Apple phones, which works out nicely for several players (Microsoft actually more than most), what do you think happens when the larger share of 14.7% of a global market changes to player three and not use Google apps to some degree? Google momentum relies on non-stop data and usage, when a third of the 60% that these three cover stops, do you think that this has no impact for Google?

The same applies to drones. You see intelligence makes the drone and as it grows its market share and the collected data of drone usage is set, the innovation of DJI grows faster. It is the difference between generation now and generation 2022, DJI will grow and can grow in several directions, yet the entire the setting of ‘data theft’ we see that there is a lack of ‘what’ data. What data is collected, the flight path? Well, I think we all need to know in 2023 what flight path was taken for the delivery of 342,450 pizza’s delivered per hour, is it not? It is not that Google Map has that data, and within a building in New York, is there truly a clear sign in the drone itself who exactly the merchandise was for, or was that on the box (instead of the drone). Now, there is no denying that some of that data would optionally be accessible to the Chinese government? Yet what data, what level of data? Do you think that they have time for the hundreds of drones and the data whilst they can monitor 20,000 times that data with a spy satellite (and an additional truckload of data that the drone never had in the first place?

It is when I see ‘unfettered access to American data‘ where the questions become pressing. It is like watching Colin Powell coming into a non-disclosed location with his silver briefcase and in the end the lack of WMD’s, are we going in that direction again? when I see ‘unfettered access to American data‘, it is at that moment I see the optional comparison (an extreme lose comparison mind you) with the innocent preachers daughter who did the naughty thing to 30% of the boys coming to Sunday sermon, having attempted things I cannot even rent on adult video. It is the CNN article (at https://edition.cnn.com/2019/05/20/politics/dhs-chinese-drone-warning/index.html) that gives additional rise to concerns. When you see: “Users are warned to “be cautious when purchasing” drones from China, and to take precautionary steps like turning off the device’s internet connection and removing secure digital cards. The alert also warns users to “understand how to properly operate and limit your device’s access to networks” to avoid “theft of information.”” It seems to me that there are dozens of ways to get this data, a drone seems like an expensive long way round-trip to get to that data, whilst more can be accessed in several other ways and it is the speculation through ‘device’s internet connection‘, so when we see one of these devices (at https://www.dji.com/au/phantom-4-pro-v2/info#specs), we are treated to: “The new Phantom 4 Pro V2.0 features an OcuSync HD transmission system, which supports automatic dual-frequency band switching and connects to DJI Goggles wirelessly“, where did the internet come in? Yes there is an app, to get a live view from the drone, so what ‘unfettered access to American data‘ could there be that Google Maps at present does not have in more detail?

It is the next part that is the actual ace. When we see: “DJI, which reported $2.7 billion in revenue in 2017, is best known for its popular Phantom drone. Introduced in 2013, the drone is the top-selling commercial drone on the market“, information the Independent did not give us, that is the actual stage as I personally see it. It was $2.7 billion in 2017, there is no doubt that when drone delivery truly takes off, at that point revenue that sits between $15 and $27 billion is not unrealistic, the dire need to avoid congestion on a global scale will drive it and that is before you realise the non-US benefits in London, Amsterdam, Paris, Berlin, Munich, Madrid, Barcelona, Rome, Athens, Moscow. At that point you will see stronger growth and I haven’t even looked at the opportunities in a place like Mumbai, Tokyo, Delhi, Bangkok, Rio, Buenos Aires and Sydney yet. Everything leaves me with the impression that this is not about security, it is about money. That fact can be proven when you realise that everyone remains silent on the 29 new vulnerabilities that Cisco reported merely a month ago. How many Cisco router stories have come from that non-technologically refined White House, where they are currently optionally limited by “Cisco routers, including ones that can be found in malls, large companies or government institutions, are flawed in a way that allows hackers to steal all of the data flowing through them“, the cybersecurity company Red Baron handed out that issue to the media last week, so who picked up on that danger to ‘unfettered access to American data‘? And when you consider ‘it allows potential malicious actors to bypass the router’s security feature, Trust Anchor. This feature has been standard in Cisco’s routers since 2013‘, when we realise that Cisco is a household name on a global scale (especially when connected to the internet), the entire Cisco matter seems to be at least 15,000 times worse than any DJI drone ever could be, and the fact that DHS remains silent on that gives (again, as I personally see it) is added proof that this is merely about the money and the fact that US companies are losing markets on a global scale.

I could set the stage by singing ‘All ‘Bout the money‘ by Meja and ‘That’s the way the money goes‘ by M, but then, I realise that people would most likely pay me serious money not to sing (my voice is actually that bad).

That’s the way the money flows, specifically at present in a direction that the US is for the foreseeable future most displeased about.

 

1 Comment

Filed under Finance, IT, Media, Military, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

February 1, 2016 · 20:50

Where are my lenses?

For a moment I was contemplating the Guardian article ‘National borders are becoming irrelevant, says John McDonnell‘, which could be seen as a load of labour by the Bollocks party, or is that a load of bollocks by the Labour party? Anyway, the article was so shaky that it did not deserve the paper to explain the load of bollocks in there. What is however an interesting article, is the article in the National Security section of the Washington Post. The article “‘Eyewash’: How the CIA deceives its own workforce about operations” is worthy of digging into for a few reasons (at https://www.washingtonpost.com/world/national-security/eyewash-how-the-cia-deceives-its-own-workforce-about-operations/2016/01/31/c00f5a78-c53d-11e5-9693-933a4d31bcc8_story.html).

Initially, the very first thought I had was regarding Lao Tsu, who gave us the quote: ‘Those who know do not speak. Those who speak do not know‘, which is a truth in all this.

Apart from the title, the first quote to look at is: “Senior CIA officials have for years intentionally deceived parts of the agency workforce by transmitting internal memos that contain false information about operations and sources overseas“, there are a number of issues here, but let’s focus on one thread for now.

You see the second quote “Agency veterans described the tactic as an infrequent but important security measure, a means of protecting vital secrets by inserting fake communications into routine cable traffic while using separate channels to convey accurate information to cleared recipients” is at the very core of this.

No matter how you slice and dice it, the CIA has had a number of issues since 2002. The first is that after two planes got the wrong end of a vertical runway, the game changed, suddenly there was a massive overhaul and suddenly it had to deal with the United States Department of Homeland Security. In 2002 the DHS combined 22 different federal departments and agencies into a unified, integrated cabinet agency. More important, the DHS was working within and outside of American borders.

Now, the blissfully ignorant (including a host of politicians) seemed to live with the notion that under one flag and united, these people would start playing nice. Now, apart from that being a shaped a joke of titanic proportions, hilarious and all, the reality is far from that. You see, both the FBI and the CIA (not to mention the NSA) suddenly had to worry about 240,000 people, 240,000 security screenings. What do you think was going to happen? The issue of ‘false information about operations and sources overseas‘ is not an issue until you try to exploit that information, which means that you are doing something ILLEGAL (to the extent of being worthy of a shot through the back of the head). ‘Eyewash’ is only one cog in a vast machine of smokescreens that counterintelligence has to see how certain tracks of misinformation makes it outside the walls of intelligent wailing. You must have heard the story of the Senator/Governor who has a ‘friend’ in the CIA, not all those ‘friends’ are working valid paths. The intelligence community is a closed one for a reason. There is a clear chain of command, which means that the CIA has a chain of command and if a Senator or a Governor wants information, there is a clear path that he/she walks, from that point a politician gets informed if that person is allowed or has a valid reason for knowing. If anyone needs to move outside that path, you better believe that it is for political or personal reasons!

Now we get the quote that matters “officials said there is no clear mechanism for labelling eyewash cables or distinguishing them from legitimate records being examined by the CIA’s inspector general, turned over to Congress or declassified for historians“, I am not sure that this is correct. The question becomes what paths and what changes were pushed through in the last 2 administrations? I am willing to contemplate that errors have popped up since the Bush Government, yet in all this the parties seem to forget that the DHS was a political solution pushed through by politicians within a year. I know at least three companies that seriously screwed up a reorganisation of no more than 1,500 people over the period of 2 years, so what did you think would happen when 240,000 people get pushed all over the place? In addition, when a massive chunk of the intelligence section went private to get an income that was 400% better than there previous income (same place, same job), additional issues became their own level of a problem within the DHS, CIA, FBI (and again the non-mentioned NSA).

There were all levels of iterative issues in DATAINT, SIGINT, IT and Tradecraft. Names like Bradley/Chelsea Manning and Edward Snowden might be the most visible ones, but I feel 99.99993422% certain (roughly), that there were more. Eyewash is one of the methods essential to keep others off balance and in the dark what actually was going on, because it was not their business or place to know this. This gets us to the following quotes “But a second set of instructions sent to a smaller circle of recipients told them to disregard the other message and that the mission could proceed” and ““The people in the outer levels who didn’t have insider access were being lied to,” said a U.S. official familiar with the report. “They were being intentionally deceived.”“, now consider this quote from another source “Having DOOMED SPIES, doing certain things openly for purposes of deception, and allowing our spies to know of them and report them to the enemy“, which comes from chapter 13 of Sun Tzu’s ‘The Art of War‘, a book that is almost 2,500 years old, and the tactic remains a valid one. Should you consider that to be hollow, than consider the little hiccup that the British Empire faced (I just love the old titles). Perhaps you remember the names:  Kim Philby, Donald Duart Maclean, Guy Burgess and Anthony Blunt. They made a massive mess of British Intelligence, it took them years to clean up the mess those four had left behind, now consider adding 245,000 names, for the most none of them had passed CIA and/or FBI clearances. So what options did the CIA have? In addition, as we saw more and more evidence of the events linking to Edward Snowden, additional questions on the clearing process should be asked in equal measure, which leads to: ‘What options did the CIA have?’

In that light, the quote “Federal law makes it a criminal offense when a government employee “conceals, covers up, falsifies or makes a false entry” in an official record. Legal experts said they knew of no special exemption for the CIA, nor any attempt to prosecute agency officials for alleged violations” becomes little more than a joke, for the mere reason that not making the intelligence community exempt from this would be a very dangerous issue indeed. You see, today the CIA has a larger issue than just small players like North Korea, it has to deal with business conglomerates all over the world and they have become close to sovereign financial entities in their own right. What happens when a Senator chooses to take a book filled with intelligence anecdotes, just because it is an American Corporation? What happens when he gets the multi-billion dollar deal and he only has to ‘sweeten’ the deal a little? This is entering a grey area that most regard to be a grey area no one wants to touch, but what if it is not a high ranking official? What if it is just a mid-level controller, or a mere IT member looking for a retirement fund? Suddenly, this scenario became a whole lot more realistic, didn’t it?

Eyewash is just one cog in a machine of cogs, it drives a certain amount of cogs of the machine and as certain levels of Intel makes it outside of the walls, counterintelligence has a path to trot on, the article only lightly (too lightly) treads on those elements (yet they are mentioned), but the overall issue of internal dangers that the CIA (et al) faces are almost trivialised, in addition, the entire issue of the DHS and the linked dangers of intelligence access remains untouched. That is perhaps the only issue the article has. Well, from my point it has a few more, like under valuating the need for counter intelligence and the fact that this tactic had been around for around 2,500 years, but let’s not squabble on minor details.

The only additional minor detail I would like to add is that in all this is the missing component of the chain of command towards the Director of National Intelligence (which at present is James Clapper), in opposition, there is no denying that there is an issue that the internal mechanisms for managing eyewash cables were largely informal, which is an issue, even if there would be a clear document, likely higher than Top Secret within the CIA on how to identify and/or classify eyewash cables. Which now only leaves us with the Eyewash cables by No Such Agency like the CIA, but that is something for another day.

 

Leave a comment

Filed under IT, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , ,