[Dailydave] Where the nuclear metaphors all breakdown.

Adrian Sanabria adrian.sanabria at gmail.com
Wed May 18 16:27:51 EDT 2016 

Honestly, that might be one of very few naive statements in this
cybersecurity essay. Sure, neither of the authors have a technical
background, so the metaphors might suck, but their understanding of the
situation doesn't. The piece does a good job of remaining impartial and
examining both sides. The authors *get it* and do a good job of laying out
the dilemmas, most of which lie around the difficulty of understanding who
is doing what (attribution) and what each nation can potentially get away
with (a lot). The authors are aware enough to understand that, while the US
isn't in direct control of the Internet (and shouldn't be), it nevertheless
has the potential to control some significant portions of it.

"U.S. technology companies dominate the global Internet economy, with the
United States accounting for 25% of global telecom revenue in 2015 and
capturing close to 25% of the G-20’s Internet economy."

The gems they've pulled into this piece are nothing less than *frameworthy*:


*“Our work is not yet done. I believe we can expand our cooperation in this
area.” --Barack Obama*

DUH.

*"The U.S. State Department spent approximately $100 million between 2008
and 2012 to fund activities such as training digital activists in hostile
environments and developing circumvention tools to bypass state-sponsored
Internet filters."*

Kinda sucks when we can't get into an iPhone though, LOL.

*"In September 2015, U.S. ambassador to the United Nations Samantha Power
announced a $10 million venture-capital-like fund for the development of
new circumvention technologies, as part of an increase of the annual budget
for Internet freedom to $33 million."*

In other words, an amount equivalent to the average an internet-enabled
blender startup raises in their Series C.

*U.S. military strength is intertwined with and dependent on the current
structure of the Internet. Because the Pentagon relies on secure networks
and data to carry out its missions, much of the emphasis has been on its
vulnerability to cyberattacks from potential adversaries. The Defense
Science Board, for example, warned in a January 2013 report that the
“benefits to an attacker using cyber exploits are potentially spectacular.”*

Hmmm, maybe weakening encryption is a bad idea?

*Former NSA director Michael Hayden put it bluntly when justifying some of
the agency’s activities by telling the National Journal, “This is a home
game for us. Are we not going to take advantage that so much of it goes
through Redmond, Washington? Why would we not turn the most powerful
telecommunications and computing management structure on the planet to our
use?"*

I'm shocked and blind sighted by this uncharacteristic statement.

*The United States would like to preserve this ability to spy on others,
while limiting the type of spying countries conduct. Washington has tried
to create a norm against the cyber-enabled theft of intellectual property,
trade secrets, and business strategies. In the U.S. view, however, there is
a distinction between espionage conducted for political-military reasons
and hacks in support of industrial competitiveness.*

Aaaaand there's the problem in a nutshell.

*The director of national intelligence James Clapper told an audience in
June 2015, “You have to kind of salute the Chinese for what they did, you
know? If we had the opportunity to do that, I don’t think we’d hesitate for
a minute.”*

Game, set, MATCH.

--Adrian





On Wed, May 18, 2016 at 3:51 PM dave aitel <dave at immunityinc.com> wrote:

>
> http://www.nbr.org/publications/specialreport/pdf/Free/06192016/SR57_US-China_April2016.pdf
>
> Reading down into the cyber section...
> """
> Beijing and Washington share an interest in preventing extremist groups
> and other third parties from attacking critical infrastructure and
> should discuss joint measures to stop the proliferation of capabilities
> to nonstate actors.
> """
>
> That's the kind of sentence that only makes sense if you're thinking
> about export control actually working as if "Cyber Capabilities" were
> something more than "code" and "information". But what else could you be
> thinking about here? What does this actually MEAN?
>
> -dave
>
>
>
>
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20160518/5be17d95/attachment.html>

More information about the Dailydave mailing list