Category Archives: Security

History, Security

Curveball secrets revealed; liar/alcoholic led US into War

1 Comment

History will not be kind to American leaders who called for war with Iraq. More evidence of naive incompetance has come forward:

[CBS’ 60 Minutes] says Mr Alwan’s story unravelled once CIA agents finally confronted him with evidence contradicting his claims.

Back in November 2005, Col Lawrence Wilkerson, the chief of staff to Mr Powell, told the BBC’s Carolyn Quinn he was aware the Germans had said that they had told the CIA of the unreliability.

“And then you begin to speculate, you begin to wonder was this intelligence spun; was it politicised; was it cherry-picked; did in fact the American people get fooled?,” Col Wilkerson said.

A presidential intelligence commission into the matter found that Curveball [Mr Alwan] was a liar and an alcoholic.

Interesting that the Germans did not bite on false information, but the US fell for it at the highest levels.

Vagabond Scholar has a nice writeup of the tragic details.

Psychologists have long known that typically, human beings tend to look for evidence to support their views, not for evidence to contradict them. This dynamic makes the thorough vetting of critical intelligence all the more crucial.

[…]

The Bush administration must take a large share of the blame. Many people forget, as mentioned above, that Bush claimed weapons of mass destruction had in fact been found, and he repeated this claim several times. He later went on to deliberately substitute the argument that “Hussein had WMD” to “Hussein wanted WMD.”

[…]

No one doubted Hussein wanted WMD. The question was whether he had them, and whether he could actually get them.

Wonder where the name curveball came from.

Security

Cops fight over speeding ticket technology accuracy

1 Comment

I have been thinking about this AP story more and more lately. If anyone else was fighting the accuracy of a speed-detection device this would be a non-story, but because it is a retired deputy who says he is trying to maintain his “faith” in the justice system…well, that’s just sad and amusing all at the same time:

A retired sheriff’s deputy nevertheless hopes to beat the long odds of the law by setting the performance of a police officer’s radar gun against the accuracy of the GPS tracking device he installed in his teenage stepson’s car.

The retired deputy, Roger Rude, readily admits his 17-year-old stepson, Shaun Malone, enjoys putting the pedal to the metal. That’s why he and Shaun’s mother insisted on putting a global positioning system that monitors the location and speed of the boy’s Toyota Celica.

[…]

“I’m not trying to get a guilty kid off,” Rude said. “I’ve always had faith in our justice system. I would like to see the truth prevail and I would like Shaun to see that the system works.”

Truth prevail? Everyone knows the technology is wildly inaccurate and the courts go to some length to defend their weaknesses. The truth is that radar is inaccurate.

Our network intrusion detection sensors are also inaccurate, but at the end of the day the “smoke comes from fire” line of reasoning usually prevails and if there is enough circumstantial evidence and the accused are brought to trial then “justice” is often done in spite of the initial details rather than because of them.

What is your faith in radar speed detection, especially after you drive by one of the giant billboards that inaccurately display your speed? Those things seem like a subtle anti-radar advertising campaign.

Nonetheless, I hope the retired deputy is able to advance the courts’ understanding around technology used to monitor speed, as well as the integrity aspect of information security.

History, Security

Waterboarding is Torture. Period.

Leave a comment

According to an expert, Malcolm Nance:

Once at SERE and tasked to rewrite the Navy SERE program for the first time since the Vietnam War, we incorporated interrogation and torture techniques from the Middle East, Latin America and South Asia into the curriculum. In the process, I studied hundreds of classified written reports, dozens of personal memoirs of American captives from the French-Indian Wars and the American Revolution to the Argentinean ‘Dirty War’ and Bosnia. There were endless hours of videotaped debriefings from World War Two, Korea, Vietnam and Gulf War POWs and interrogators. I devoured the hundreds of pages of debriefs and video reports including those of then Commander John McCain, Colonel Nick Rowe, Lt. Dieter Dengler and Admiral James Stockdale, the former Senior Ranking Officer of the Hanoi Hilton. All of them had been tortured by the Vietnamese, Pathet Lao or Cambodians. The minutiae of North Vietnamese torture techniques was discussed with our staff advisor and former Hanoi Hilton POW Doug Hegdahl as well as discussions with Admiral Stockdale himself. The waterboard was clearly one of the tools dictators and totalitarian regimes preferred.

Why does Dick Cheney suggest that waterboarding is not torture?

Nance does not mix words on the subject:

There is No Debate Except for Torture Apologists

1. Waterboarding is a torture technique. Period. There is no way to gloss over it or sugarcoat it. It has no justification outside of its limited role as a training demonstrator. Our service members have to learn that the will to survive requires them accept and understand that they may be subjected to torture, but that America is better than its enemies and it is one’s duty to trust in your nation and God, endure the hardships and return home with honor.

End of discussion, or will Mukasey be confirmed?

Security

Microsoft Exchange bitten by Tijuana Time Bug

Leave a comment

Just before 2000 I found a funny security bug in AIX. You could schedule jobs to run at times and dates that did not exist. They would still run, but there was no way to see them in the list. It was a proud moment for me when IBM put my name on the patch release.

This week I have run into a much less serious but nonetheless annoying time bug in Microsoft’s Exchange.

Meetings that span timezones have started to move to a different spot on the calendar. For example, people sitting in California might notice their meetings are an hour later this week. Why?

When the meetings were created, they were in (GMT-08:00) Pacific Time (US & Canada); Tijuana

This week, however, Tijuana and Pacific Time are an hour apart. One would think that if the system that created the meeting was now operating in Pacific Time, the meeting would move to the new time. Not so, strangely. Instead the meeting moves to Tijuana time.

Microsoft gave some notice of this, but that does not change the fact that the system’s time zone was not accurately determined.

Calendar items that are created in a Mexican time zone are not detected by the tool
Mexico has not adopted the DST changes that were made in the United States. However, Mexico intersects with three of the five U.S. time zones. These time zones are the Pacific, the Mountain, and the Central time zones.

This results in new time zones with the same “GMT” modifier. For example, when the DST update is applied to Windows, the following “GMT -08:00” time zones exist:
• GMT -08:00 Pacific Time (US & Canada)
• GMT -08:00 Tijuana, Baja California
If a particular user is located in Tijuana, GMT -08:00 Tijuana, Baja California is now that user’s base time zone in Windows.

How would they know I am in the former rather than the latter? The patch they issued required a declaration of one or the other. After choosing, it should be pretty clear for what zone I want my meetings to be scheduled.