American Elephants

Awkward Conversations: Please Stop Stealing Our Secrets! by The Elephant's Child

There are some quotations that come quickly to mind, when observing politics: This one is from Sir Walter Scott’s Marmion  about the battle of Flodden Field in Northumberland in 1513 — border wars with Scotland. I heard a lot of Marmion at the dinner table when I was young. I think my father had to memorize vast quantities in prep school.

“Oh what a tangled web we weave when first we practice to deceive.”

Just when President Obama was going to have an important meeting with President Xi Jinping of the People’s Republic of China, and perhaps have a little conversation about, um, cyber-hacking, and then it turned out to be right in the middle of the revelations of Obama’s cyber-hacking of Americans with the Prism program and cyber-hacking the nation’s telephone calls through Verizon.  Makes it a little awkward.

AP White House correspondent Julie Pace:

Thank you, Mr. President. How damaging has Chinese cyber-hacking been to the U.S.? And did you warn your counterpart about any specific consequences if those actions continue? And also, while there are obviously differences between China’s alleged actions and your government’s surveillance programs, do you think that the new NSA revelations undermine your position on these issues at all during these talks?

And President Xi, did you acknowledge in your talks with President Obama that China has been launching cyber attacks against the U.S.? Do you also believe that the U.S. is launching similar attacks against China? And if so, can you tell us what any of the targets may have been?

President Obama:

What both President Xi and I recognize is that because of these incredible advances in technology, that the issue of cybersecurity and the need for rules and common approaches to cybersecurity are going to be increasingly important as part of bilateral relationships and multilateral relationships. …

But I think it’s important, Julie, to get to the second part of your question, to distinguish between the deep concerns we have as a government around theft of intellectual property or hacking into systems that might disrupt those systems — whether it’s our financial systems, our critical infrastructure and so forth — versus some of the issues that have been raised around NSA programs.

Oh, schadenfreude of course. I just find it  — amusing.


Obama, Ill-Conceived Executive Orders, And The Internet. by The Elephant's Child

On Tuesday, before 4:20 p.m., the White House emailed reporters that President Obama had signed a highly anticipated Executive Order aimed at protecting cyber security. The order is aimed at setting up new programs aimed at stopping online espionage and terrorism, was embargoed until after the State of the Union speech was delivered. The White House summary of the Executive Order is here.

The Heritage Foundation’s “The Foundry’ suggests that based on drafts that circulated, the executive order is apt to be highly flawed in its efforts to impose regulations on the dynamic cyber realm. It is a poor policy choice. Obama, the Foundry suggests, seems set on burning bridges with Congress by circumventing them on this issue.

The House easily passed the Cyber Intelligence Sharing and Protection Act (CISPA) which was designed to improve the sharing of information on cyber threats and vulnerabilities. The Senate and the administration insisted the cybersecurity regulations be the main feature of any bill. Many Senators thought regulations might actually hurt security, and impose large costs, encourage compliance, and failed to pass a regulatory bill. They wisely decided that regulation was not the way to go.

The president intends to go around Congress if they won’t pass what he wants them to. The Supreme Court, in the past, has indicated that laws are to come from Congress, that is their Constitutional function, and the White House does not get to make law. There’s a reason why the Constitution does not give that function to the Executive. Obama has made it clear that he has no respect for the constitutional separation of powers. Will this come to a showdown? Or will the new “regulations” subject us to an even worse attack, with no courageous group of computer geeks to take up the digital sword to defend us.?

I just finished reading Mark Bowden’s 2011 book: WORM: The First Digital World War. The Conficker worm infected its first computer in November 2008. Within a month, it had infiltrated 1.5 million computers in 195 countries. Banks, telecommunications companies and critical government networks, including the British Parliament and the French ad German military were infected. By January 2009, Conficker lay hidden  in at least eight million computers, and the botnet of linked machines it had created was so large that an attack might crash the entire world internet, with unimaginable consequences.

Mark Bowden, of Black Hawk Down fame, has written of a gifted group of hackers, researchers, millionaire Internet entrepreneurs and computer security experts who took on the task of confronting the threat, tracking it down, and defending the world. He has managed to take the unintelligible world of computer language and turn it into a gripping tale of espionage and defenders in the first digital world war. There is, thank God, an extensive glossary, and a cast of characters (volunteers all), a great help to one whose eyes glaze over when the brilliant post I’m in the middle of crashes, amid cries of “help.” It’s a great read, and as compelling as any thriller.

The book also makes it crystal clear just why Congress was correct to refuse to pass a regulatory bill and why the President is completely wrong, and has undoubtedly damaged the security of the computer world. I recommend WORM highly.

%d bloggers like this: