Ross Anderson and Frank Stajano, in a paper called “It’s the Anthropology Stupid!“, suggest that the study of human culture is necessary to understand insecure behavior and protect virtualization from risk.

And what about mistakes? They matter much more than targeted attacks. […] Mistakes are often caused by getting the context wrong, so if we’re going to make them less likely, our designs should be better at synchronising the user’s mental model better with that of the machine. […] …secure virtualisation isn’t just about ensuring that the right VM in the laptop talks to the right VM in the cloud. It’s about ensuring that the right VM in the laptop (or the cloud) talks to the right VM in the user’s brain. It’s not primarily about the outside attacker, but the insider: and the critical question is which insider.

The point they’re making is that each group and subgroup is defined by its controls. Have you ever shown up to a party wearing the wrong costume?

Something you have, something you know, or something you are will matter when assessing whether you are in the right place at the right time. A gap (mistakes) can easily form between the implementation of segmentation in virtualization technology and its translation to a view or knowledge of the segmentation by a user.

I get asked all the time now “can you give us a reference architecture for segmentation”? This is like asking an anthropologist for a guide to what costume you should wear to the party. Does the outside observer really get to set the insider behavior? Automation without accounting for variables in behavior may only push these gaps wider.

The line of reasoning in this paper reminds me of a movie released in 1968 by Stanley Kubrick as echoed in my 2011 BSidesLV Presentation: A Cloud Odyssey.

by Mike Birbiglia. A hilarious view on safety education

Two journalists from Sweden illegally entered the eastern region of Ethiopia by crossing the border from Somalia. This has not been disputed.

What happened next is now the center of a brewing controversy over whether a journalist should be considered a terrorist if he is reporting on one.

The two journalists, Martin Schibbye and Johan Persson, apparently met with the ONLF (Ogaden National Liberation Front), a group of Oromo classified by the Ethiopian government as a terrorist organization, to enter Ethiopia and investigate claims that civilians are being forcibly removed from PetroTrans Exploration Areas. Here is a video from them as they prepare for the trip.

The journalists, as they traveled with the ONLF this past July, were caught in battle with the Ethiopian military. They were then captured (as you can see at the end of the video above). Now they have just been sentenced to 11 years in jail under recently passed anti-terrorism laws.

Amnesty International says Ethiopian authorities have been using anti-terror laws as a pretext to arrest and silence politicians and journalists who criticize government policies.

In a report released Friday, the human rights group said at least 114 opposition politicians and six journalists have been arrested since March.

Amnesty said, in many cases, calls for peaceful protests or attempts to conduct investigative journalism have been interpreted as acts of terrorism or other criminal wrongdoing.

While journalists and politicians in Ethiopia have been subject to arrests in the past, the report said the recent increase in terror charges represents “a new level of repression” in the government’s efforts to stifle political dissent.

Amnesty also criticized several senior Ethiopian government officials, including Prime Minister Meles Zenawi, for making public comments that imply that all terror suspects are guilty.

The Oromo liberation movements in Ethiopia are as old as the Eritrean and Tigrean ones. However, they have not achieved the same results and so they stand out as the ethnic group most at risk of government anti-terror campaigns.

While the Eritreans were able to create an independent state and the Trigreans have taken power in Ethiopia under Meles Zenawi, the Oromo movement has been less effective. Perhaps because of the Oromo population being the largest in Ethiopia it lacks the unified effort like the Eritreans and Tigreans; it is fractured by internal social/language, political and religious differences. The ONLF thus is just one of several Oromo groups still active and considered terrorists.

The arrest by the Ethiopian government of independent journalists who claim to be working on human rights issues (documenting ethnic-based mistreatment) could thus be based on fear that their work could bring the Oromo factions closer together; the larger population of Oromo might react to reports and turn against any minority group in power. But this is merely speculation. On the flip side the Oromo factions also could be closer together when they see journalists being arrested.

In any case the bottom line is that no real proof or explanation of a link to terrorism so far has been demonstrated for these two journalists yet they face 11 years in prison. The closest seems to be a video of them with guns while in presence of the ONLF, which does not seem like a normal standard of proof.

During the 6 September hearing, the prosecutor screened a propaganda video in support of the charges. The video, which showed the two journalists holding guns, had been posted on the pro-government Caakara News website a few days after their arrest. The defence strongly objected to the fact that sounds of shooting had been added to the soundtrack.

After the trial opened on 18 October, the charge of “participating in terrorism” was dropped on 3 November but the other two charges, supporting a terrorist group and entering the country illegally, were maintained.

It appears that conviction through any association is what Ethiopia intends to do with their new anti-terrorism laws. Digital Journal points out the judge used reverse logic in his harsh ruling and demanded journalists have to prove they are not helping terrorists.

…Judge Shemsu Sirgaga said the two “have not been able to prove that they did not support terrorism.” International media groups called attention to Judge Sirgaga’s remarks as a symptom of a deeper problem in the region. “Instead of proving their guilt, the judge accuses them of failing to prove their innocence. This is back-to-front,” wrote the secretary general of Reporters without Borders, Jean-Francois Julliard.

Digital Journal goes on to point out that the prime minister of Ethiopia has publicly stated a similar line of reasoning, that a distinction between journalists and their subjects has not been proven.

“Why would a journalist be involved with a terrorist organization and enter the country with a terrorist organization, escorted by armed terrorists, participating in fighting in which a terrorist organization was involved? If that is journalism, I don’t know what terrorism is,” [Meles Zenawi] said.

Note that he is quoted saying “participating in fighting” although the charges were merely “supporting” a group. In related news Ethiopia could again require (i.e. like the days of the Red Terror) all citizens to prove they are not going to overthrow the government.