Archive for the ‘intelligence and stupidity’ Category
Here’s the list of talks that Gareth Williams might have attended at BlackHat 2010. The slides are here. I wonder if he got the “I’m the Fed” t-shirt?
Well, this is interesting, both on the Bo Xilai story and also on the general theme of the state of the art in contemporary authoritarianism. It looks like a major part of the case is about BXL’s electronic surveillance of Chongqing and specifically of top national-level Chinese officials:
One political analyst with senior-level ties, citing information obtained from a colonel he recently dined with, said Mr. Bo had tried to tap the phones of virtually all high-ranking leaders who visited Chongqing in recent years, including Zhou Yongkang, the law-and-order czar who was said to have backed Mr. Bo as his potential successor. “Bo wanted to be extremely clear about what leaders’ attitudes toward him were,” the analyst said.
That’s Zhou Yongkang as in the head of the whole Chinese internal security structure, cops, spooks, and all. Bo’s police chief (and future sort-of defector) Wang Lijun is described as being “a tapping freak”, addicted to the productivity and hence apparent power of electronic intelligence. Not only that, Wang eventually began tapping Bo, who was also tapping the CDIC feds who came down to keep an eye on him.
The practicalities are, as always, interesting.
The architect was Mr. Wang, a nationally decorated crime fighter who had worked under Mr. Bo in the northeast province of Liaoning. Together they installed “a comprehensive package bugging system covering telecommunications to the Internet,” according to the government media official.
One of several noted cybersecurity experts they enlisted was Fang Binxing, president of Beijing University of Posts and Telecommunications, who is often called the father of China’s “Great Firewall,” the nation’s vast Internet censorship system.
It’s worth pointing out that the provincial networks belonging to China Mobile, China Telecom etc. are usually organised as companies in their own right, and they often have their own AS numbers, and indeed they often contract for substantial network development projects with Western vendors (Nokia Siemens recently had a big mobile network contract in Sichuan, notably) on their own right.
Anyway, Fang’s involvement is very interesting indeed. He is responsible for the state-of-the-art authoritarian solution to the Internet. This is not just, or even primarily, a question of blacklisting websites or turning off the Internet. The Great Firewall’s detailed design, as the Cambridge Computer Lab found out a while ago, is specifically intended to be a semi-permeable membrane. Rather like Hadrian’s Wall, it is more about the gates through it than the wall itself, and the defences point in both directions.
When a computer within it tries to initiate a TCP connection to one outside that is classified as dodgy, the Firewall sends an RST message back to kill the connection. This permits much higher performance than the DNS-based blacklisting typical of, say, the UAE.
It also means that it’s possible to ignore the RST and look through the firewall by using your own firewall utility (specifically, set something like iptables to drop any RSTs for connections in states other than ESTABLISHED before a suitable time has elapsed). However, it would be a fair guess that any traffic doing this is logged and analysed more deeply.
Further, there is a substantial human infrastructure linking the media/PR/propaganda system, the police system, and the Ministry of the Information Industry. This uses tools such as moderation on big Web forums, direct recruitment, harassment, or persuasion of important influencers, the development of alternative opposition voices, and the use of regime loyalist trolls (the famous wumaodang).
The firewall, like Hadrian’s Wall or the original Great Wall, also has an economic function. This acts as a protectionist subsidy to Chinese Internet start-ups and a tariff barrier to companies outside it. Hence the appearance of some really big companies that basically provide clones of Twitter et al. Because the clones are inside the firewall, they are amenable to management and moderation.
And none of this detracts from the genuine intention of the people at 31 Jin-rong Street, the China Telecom HQ, to wire up the whole place. Iran’s surprisingly important role providing broadband to Afghanistan and diversionary links to the Gulf reminds us that providing connectivity can be a powerful policy tool and one that you can use at the same time as informational repression.
So, Fang’s achievement is basically a package of technical and human security measures that let whoever is in charge of them command the context Web users experience.
Last autumn, several of the Chinese web startups were subjected to the combined honour and menace of a visit from top securocrats. Tencent, the owner of QQ and the biggest of the lot, got Zhou Yongkang in person. In hindsight, this will have been around the time the CDIC landed in Chongqing.
So, where am I going with this? Clearly, there was serious disquiet that somebody was usurping the right to control the wires. Even more disquieting, the surveillance establishment in Fang’s person seemed to be cooperating with him. And the systems he set up worked just as well for someone increasingly seen as a dangerous rebel as they did for the central government. (In fact, the people who like to complain about Huawei equipment in the West have it the wrong way round. It’s not some sort of secret backdoor they should be worrying about: it’s the official stuff.)
I do wonder, depending on what happens to Fang (he’s still vanished, but his Weibo feed has started updating again), if we might not see a relaxation of the firewall, which the pundits will consider “reform”. In fact it will be no such thing, rather a cranking up of internal chaos to facilitate a crackdown on opposition.
This Ha’aretz piece is interesting for the insight it gives into Israeli policy and especially into process, but also for a couple of other things. Notably, it’s remarkably frank about the Obama administration deliberately trying to stop Netanyahu going to war, and the role of dodgy casino guy Sheldon Adelson in both US and Israeli right-wing politics, and it provides the new information that the Americans have given up on the formal diplomatic channel and concentrated on influencing the Israeli military directly, on a brasshat to brasshat basis. The implied conclusion is that the IDF leadership are interested in external reality while Bibi is too busy being Winston Churchill, and further that they are interested in getting information from the Americans about what their own prime minister is thinking.
Also, Netanyahu considers himself an expert on US politics. The danger here is that the America he is an expert on may not be the same America everyone else is dealing with. If, as I suspect, he is getting a lot of his information from his Republican contacts, he’s living in an alternate universe. In so far as people like Sheldon Adelson are impressed by US politicians who know Bibi Netanyahu personally, his contacts are literally being paid to tell him what he wants to hear. It’s ironically similar to Bush before the Iraq war, just with the stove-pipe reversed.
However, I was astonished by this quote:
While the Fifth Fleet of the U.S. Navy is operating in the Straits of Hormuz, just as the Pacific Fleet was anchored at its home base near Honolulu on the fateful morning of December 7, 1941, the two instances are not really comparable.
Well, no, they’re not, are they? Some tabloid journalists keep a few paragraphs of general-purposes “sexy” in a file they can drop into a story as required and just change a couple of parameters to fit. This sounds like the same thing, but with Churchill!
Meanwhile, Colin Kahl, and this. It does look like there’s a coordinated push-back against the bullshit, which is good news for those of us who remember 2002. The US Navy bombs Iran…with love. Of a purely Platonic form between comrades of the sea. Oops. while also bringing the carrier back.
US policy does look like it’s trying to achieve three goals – 1) no war with Iran, 2) reassure the GCC countries (so they don’t start one), 3) restrain the Israelis (without pressing so hard they freak and start one). These are partly contradictory, but then what isn’t? Certainly, the combination of being ostentatiously nice to Iranian sailors while also sailing a giant carrier up and down the Gulf does fit the needs of 1) and 2).
Everyone’s linked to Mark Perry (of Conflicts Forum/Alistair Crooke fame)’s piece on Israeli spooks running around Baluchistan posing as the CIA already, but I will too as it’s very interesting indeed. I’m not sure what their bag in this is, other than the notion of “always escalate” and hope to profit from the general confusion.
But what’s really interesting is what the story is doing out there now. Here’s Laura Rozen’s write-up, which introduces the suggestion that they may have represented themselves as being from NATO and notes that a leader of the organisation said as much on Iranian TV before being executed. Meanwhile, the Iranians write to the Americans accusing the CIA of being behind the assassination of another nuclear scientist.
On Twitter, she suggests that the scientist wasn’t killed by the Americans (i.e. presumptively by the Israelis, or by people working for them wittingly or otherwise), and that this was staged specifically to queer the possibility of reviving the Iran-Turkey uranium swap deal. (You do wonder what George F. Kennan would have made of diplomatic tweeting.) Further, we know that a back-channel has been set up.
Disclosing information about the Israeli operation in Baluchistan might be a smart way of establishing trust between the US and Iran. Obviously, information about terrorists running about blowing stuff up and killing people is of value to Iran. Information that it’s the Israelis is obviously congenial to Iran. Crucially, burning an Israeli spy network is costly to the Americans and not something they would do lightly (the Perry piece is a monument to important people trying all they could to do nothing). In that sense, it is a meaningful signal – much more convincing than mere words. Presumably, Perry’s role at Conflicts Forum and with Arafat makes him a convincing postman into the bargain. And third-party spies are just the sort of thing that enemies can bond over. I recall reading about the IRA and the UVF staging a joint investigation to find informers in the early 1970s.
Another dose of speculation – if Baluch rebels were meeting with people who they thought were from NATO, was this plausible because NATO was in fact paying them off to leave the Karachi-Quetta-Kandahar supply route alone?
I’m not quite as sceptical as some about this. However, it’s not clear to me how this differs from the sort of thing UNOSAT does all the time – here’s their analysis of imagery over Abyei, the key border area between North and South Sudan. Actually it looks like the “Enough Project” is going to be using UNOSAT imagery itself, going by UNOSAT’s own website.
If you follow the link you’ll see that they have more than reasonable capability (50cm resolution) and that they routinely observe the presence of refugees/displaced persons and returnees, construction, and the like. There’s obvious relevance to an effort to monitor potential conflict along the border, especially as oil prospecting is an issue. You can’t easily hide oil exploration from a satellite that can resolve objects 50cm across.
However, the downside is that the UNOSAT report is comparing images over a two-year period. I would suspect that they will need much more frequent passes to be operationally responsive, which is where the costs get interesting.
Also, I’ve just been over to the website and it’s a bit of an unstructured clickaround. What I’ve always liked about MySociety sites is that they all have a function – FixMyStreet reports things in your street that need fixing, WDTK issues Freedom of Information Act requests, TWFY looks up information on MPs, TheStraightChoice logged what candidates promised and said about each other during their campaigns. DemocracyClub, for example, worked because as soon as you logged in it gave you something to do and some feedback about doing it, and then it hassled you to do something more. It had structure.
Notoriously, if you don’t give volunteers something to do as soon as they show up, they’ll wander off. It is nowhere easier to wander off than on the Internet. And so there’s a button to twitbookspace it and a donation link. There isn’t, however, a to-do list or, say, a list of pairs of images that need comparing.
I think most of my readers also read Patrick Lang’s blog, but I think this guest post is the best thing yet written on the Taliban/SIS/McChrystal/Petraeus fake sheikh affair. Really, there’s a great movie to be made here – the multiplicity of motives, the ironic contrast between the absurd story and the deadly serious interests and emotions that drive it forward, the eternal ambiguity of the relationship between the manipulator and the manipulated.
The ISI comes out of it as being dastardly clever, but in a deeply futile way. They succeed in preventing a dangerous outbreak of peace and sanity, but what have they gained? The wars grind on, the butcher’s bill ticks up, the fantasy of a Pakistani empire of trucks and pipes across the Hindu Kush is as far away as ever, the Indians continue with their industrialisation across the other border.
The Americans come out of it as being well-meaning but naive. After all, they only get into this story because they want peace. So does the real Taliban leader. They both share a sort of big, stupid nobility.
The British do almost as badly as the ISI; not only do they end up being the dupes of the piece, they do so without the saving grace of having good intentions. They’re as naive as the Americans but more underhanded. SIS gets involved purely as a way of sucking up to the Americans and putting one over its real enemies, GCHQ, Her Majesty’s Forces, MI5, and the main-line Foreign Office diplomats. The Government is desperately keen on the project for similarly base reasons – to suck up to the Americans, to grab at an opportunity to solve its problem in Afghanistan, and of course to embarrass the Labour Party. Of course, it would have been a brilliant political fix had it come off – but the master manipulator is not Bismarck but William Hague.
The fake sheikh, meanwhile, is a classic example of the Pinocchio/Hauptmann von Kopenick theme – the puppet of bigger forces who becomes a power in his own right. Without his successful performance, of course, none of the many expectations curling around the tale have a hope of happening. His agency is real, and his character expands to fill the role. The fact that the whole project is an exercise in theatre is interesting in itself – a film within the film. The actors in the film are, of course, puppets of the script and the direction, and it is a work of fiction. The enduring purpose of the theatre and the cinema, however, is that works of fiction have real influence on their audiences. Like the fake sheikh.
After all, the grocer of Quetta (not a bad title) is the only character in the drama who successfully pursues his interests. He gets some interesting time off away from his bazaar stall, and even gets rich. You could play this as the ordinary man who succeeds in making fools of the powerful who insist on involving him in their schemes, or perhaps as a microcosm of all the people who are getting rich off the continued war, Mother Courage rather than Kopenick. Alternatively he could be killed off, casting the whole thing as an utterly bleak tragedy. However, arguably the classic in this vein is The Third Man and that sticks with the tragicomic.
So the government thinks this is clever. They also think it constitutes a “searchable online database”. It is not searchable, nor is it a database. It is a collection of links to department web sites, some of which actually lead to useful documents, some of which lead to utterly pointless intermediary pages, some of which lead to documents in a sensible format, some of which lead to documents in pointlessly wrong formats, and some of which lead to PDF files. It provides no clue how often this data will be released or when or where. The URIs sometimes suggest that they might be predictable, sometimes they are just random alphanumeric sequences. Basically, what he said.
Meanwhile, very few of these documents have made it onto data.gov.uk, the government’s data web site (pro-tip: the hint is in the name) which provides all that stuff out of the box. This is not just disappointing – this is actively regressive. Is it official policy to break data.gov.uk?
Anyway, I’ve been fiddling with NetworkX, the network-graph library for Python from Los Alamos National Laboratory. Sadly it doesn’t have a method
networkx.earth_shattering_kaboom(). I’ve eventually decided that the visualisation paradigm I wanted was looking me in the eye all along – kc claffy‘s Skitter graph, used by CAIDA to map the Internet’s peering architecture.
The algorithm is fairly simple – nodes are located in terms of polar coordinates, on a circular chart. In the original, the concept is that you are observing from directly above the north or south pole. This gives you two dimensions – angle, or in other words, how far around the circle you are, and radius, your location on the line from the centre to the edge. claffy et al used the longitude of each Autonomous System’s WHOIS technical contact address for their angles, and the inverse of each node’s linkdegree for the radius. Linkdegree is a metric of how deeply connected any given object in the network is; taking the inverse (i.e 1/linkdegree) meant that the more of it you have, the more central you are.
My plan is to define the centre as the prime minister, and to plot the ministries at the distance from him given by the weighting I’d already given them – basically, the prime minister is 1 and the rest are progressively less starting with Treasury and working down – and an arbitrary angle. I’m going to sort them by weight, so that importance falls in a clockwise direction, for purely aesthetic reasons. Then, I’ll plot the lobbies. As they are the unknown factors, they all start with the same, small node weighting. Then add the edges – the links – which will have weights given by the weight of the ministry involved divided by the number of outside participants at that meeting, so a one-on-one is the ideal case.
When we come to draw the graph, the lobbies will be plotted with the mean angle of the ministries they have meetings with, and the inverse of their linkdegree, with the node size scaled by its traffic. Traffic in this case basically means how many meetings it had. Therefore, it should be possible to see both how effective the lobbying was, from the node’s position, and how much effort was expended, from its size. The edges will be coloured by date, so as to make change over time visible. If it works, I’ll also provide some time series things – unfortunately, if the release frequency is quarterly, as it may be, this won’t be very useful.
Anyway, as always, to-do no.1 is to finish the web scraping – the Internet’s dishes. And think of a snappy name.
Adam Elkus has a piece out entitled The Hezbollah Myth and Asymmetric Warfare, in which he criticises what he sees as a tendency to over-rate the power of guerrillas in the light of the 2006 war. Having read it, I think the real question here is about expectations and goals. Hezbollah didn’t defeat the Israelis and hold a victory parade in Tel Aviv, but then nobody least of all them expected or aimed for that. The outcome of 2006 can only be understood in the light of a realistic assessment of the conflict parties’ capabilities, interests, and priorities. A score draw is a much better result for Stoke City against Manchester United than it is for Manchester United against Barcelona.
For Hezbollah, the first and overriding goal was surely survival – as it is for everyone, it’s even the title of the IISS Journal – followed closely by survival as a force in Lebanese politics, survival of their capability to maintain their self-declared insecurity zone in northern Israel, and finally, inflicting casualties and costs on the Israelis in order to create a deterrent effect. In that light, the result of 2006 was surely just as good from their point of view as they made out – they came away still in the field, still firing rockets, and with their status in Lebanese politics enhanced.
For Israel, well, perhaps one day they’ll work out what their strategic aims were.
Elkus argues that the tactical situation at the point when the UN ceasefire went into effect was favourable for Israel, and that had the war gone on they might have done better. This is possible. However, it’s also very common for wars to end like this. The Israelis’ campaign in 1967 was designed, once they got the upper hand, to get to the Canal and onto the Golan before the UN blew the whistle – one of Ariel Sharon’s frequent blind-eye manoeuvres in 1973 was also intended to complete the encirclement of the Egyptian 3rd Army before the UN ceasefire went into effect. The Indian plan for the 1971 war was explicitly intended to take Dhaka before a ceasefire was imposed. More recently, the Russian operation in Georgia was subject to a similar deadline. International intervention is part of the environment, and only fools wouldn’t take it into account as a planning assumption.
An interesting sidelight on this, also from Elkus, came up in a parallel blog debate about “network-centric warfare” – he pointed to this gung-ho but good piece about the action in northern Iraq in which John Simpson was blown up. What struck me about it, however, was more that it was an example of this kind of thing – which should certainly make you think about 2006, especially in the light of this.
Tangentially, Sean Lawson’s essay on the history of “network centric warfare” is well worth reading, especially for the way so many US officials in 2001-2006 seem to have been competing to see who could validate all the most extreme stereotypes of themselves the fastest, and more broadly on the way a basically sensible idea can become a sort of gateway drug to really insane strategic fantasies.
Cebrowski talked of a “booming export market for…security” and warned those who would resist, “If you are fighting globalization, if you reject the rules, if you reject connectivity, you are probably going to be of interest to the United States Department of Defense” (Cebrowski, 2003c).
Measured against the sort of capabilities the NCW thinkers knew they had, and the kind of goals they dreamed on the basis of them, what possible results wouldn’t look like failure? Compared with the enormous arrogance of this vision – they really did want everyone who thinks the CIA wants them dead, dead – what resistance wouldn’t look like success?