Posts

Showing posts from June, 2011

Why Business Methods Are as Important as IP to China

Image
Courtesy of China Defense Blog , I just read a fascinating (if you like aircraft) report on China's capability to natively produce jet engines produced by China SignPost titled Jet Engine Development in China: Indigenous high-performance turbofans are a final step toward fully independent fighter production (pdf). It's common to see open source reports describing how the APT seeks intellectual property (IP), which many people read as plans, designs, and related mechanical and scientific information. What some miss, however, is that China needs business know-how as well as technical know-how in order to achieve its economic and security goals. The report includes examples of this: What China must achieve, however, is a methodology akin to Six Sigma or Total Quality Management (TQM) to ensure quality control and sufficient organizational honesty to ensure that actual problems are reported and that figures are not doctored. Otherwise, standardization and integration may be the...

With "Cyber" Attacks, Effects Matter More Than Means

Image
I enjoyed reading Stuxnet Poses Interesting International Cyber Law Issues by Rick Aldrich in IAnewsletter Vol 14 No 2 (pdf). I've known the author since my days in the USAF and he's very clued-in as a CS grad from USAFA and a lawyer who worked for AFOSI. I'd like to share a few excerpts. Please try to avoid fixation on Stuxnet if that topic bothers you. Stuxnet is not the core of Alrich's argument. Article 51 of the United Nations (UN) charter states in pertinent part, “Nothing in the present Charter shall impair the inherent right of individual or collective self-defense if an armed attack occurs against a Member of the United Nations.” [8] So can a cyber attack , such as that evidenced by Stuxnet, constitute an “armed attack?” Clearly at the time Article 51 was written, in August of 1945, such an attack was never envisioned. Traditionally the term “armed attack” has connoted a kinetic attack – missiles, bombs, bullets and the like – but it has never been definit...

THEY DID IT

Image

Security Conference Recommendations

Image
After my post Bejtlich Teaching at USENIX Security in San Francisco 8-9 Aug a reader asked the following: Richard, I was curious if you could suggest other security conferences that either you have attended or have heard are better than average? It seems as though everyone and their brother sponsor some sort of security conference and it is difficult to tell how educational they will be just by reading the website. Perhaps you could provide some insight into how you determine which conferences you would actually pay to attend? Thanks! Great question. The answer that follows is just my opinion, and I'm sure others feel differently. For me, I like these conferences: Black Hat offers the best combination of training plus briefings per unit time, on a consistent basis. In other words, I believe attendees will learn more in two days of Black Hat Training plus two days of Black Hat Briefings compared to any alternatives, every year. The content is uniformly high, regardless of whet...

China's View Is More Important Than Yours

Image
In my post Review of Dragon Bytes Posted I wrote the following to summarize analysis of Chinese thoughts on cyberwar, as translated from original Chinese publications: The Chinese military sees Western culture, particularly American culture, as an assault on China, saying "the West uses a system of values (democracy, freedom, human rights, etc.) in a long-term attack on socialist countries ... Marxist theory opposes peaceful evolution, which... is the basic Western tactic for subverting socialist countries" (pp 102-3). They believe the US is conducting psychological warfare operations against socialism and consider culture as a "frontier" that has extended beyond American shores into the Chinese mainland. The Chinese therefore consider control of information to be paramount, since they do not trust their population to "correctly" interpret American messaging (hence the "Great Firewall of China"). In this sense, China may consider the US as the...