Category Archives: Energy

Energy, History, Security

US Losing African Support Over Libya

Leave a comment

It was supposed to be an internationally sanctioned operation to achieve a UN Resolution and protect civilians. Instead several states are openly criticizing the NATO forces for putting Libyan civilians at greater risk or even killing them.

The President of Uganda has published his opinion in the paper and points out many interesting facts about Libya as well as inconsistencies in American foreign policy.

In the nine-page statement, the President accused the West of hastily imposing a ‘no-fly zone’ on Libya yet it has dragged its feet on the Africa Union request for the same over Somalia.

“We have been appealing to the UN to impose a no-fly zone over Somalia so as to impede the free movement of terrorists, linked to Al-Qaeda that killed Americans on September 11, killed Ugandans last July and have caused so much damage to the Somalis, without success. Why?” the President asked.

The UN imposed a ‘no-fly zone’ on Libya last Thursday.

Museveni also accused the West of looking on as a Libya-like crisis evolves in the Great state of Bahrain.

The same could perhaps be asked of the Ivory Coast. Why has the UN not imposed the same conditions as in Libya?

A few things that stand out to me, which President Museveni does not mention.

One, Libya is nestled between the revolutions of Egypt and Tunisia. I can’t say exactly how that factors into American logic for intervention but it should not be underestimated. It’s easy for Museveni to say one state has peaceful demonstrations while another has violent insurrectionists because he is ignoring the flow of arms and support going across state borders from demonstrators to insurrectionists. The true difference may be best judged in the dictatorship’s response relative to a whole region of revolution.

Two, enforcement of a no-fly zone (with minimum air casualties) means anti-aircraft defenses have to be neutralized. That is why so many missiles were fired in the initial phase. There is no surprise to this tactic. The civilian casualties are tragic but Museveni does not propose in his statement an alternative method to disabling the threats to civilians and the aircraft sent to impose a no-fly zone.

Three, while I can understand why China, Russia, India, Arab nations, African nations…all believe that America aims to remove Gaddafi from power, this is their moment to step up. They could now find a way to take the reigns of the operation to ensure it remains focused on minimizing civilian casualties. Their decision to pull back and criticize leaves the US in a position of greater authority. Has the US made it impossible for the other countries to work with the NATO forces? It seems that leaders of the other nations are unwilling to take responsibility for the consequences of a tough situation with few easy answers.

Museveni urged Gadaffi to sit at a round table with the opposition, adding that since there have never been elections in Libya, “dialogue is the correct way forward.”

That is not a bad suggestion. It could be that Museveni is using a public critique of the US as a “good cop” routine; perhaps he knows that the UN resolution and NATO attacks could inspire Gadaffi to sit at the table, but the Libyan dictator will not appear without a sense of balance (less overt support for America) in the AU.

I highly recommend reading the full statement. It has some parts that are just ridiculous:

Black people are always polite.

They, normally, do not want to offend other people. This is called obufura in Runyankore, mwolo in Luo – handling, especially strangers, with care and respect. It seems some of the non-African cultures do not have obufura. You can witness a person talking to a mature person as if he/she is talking to a kindergarten child. “You should do this; you should do that; etc.” We tried to politely point out to Col. Gaddafi that this was difficult in the short and medium term.

I almost quit after reading that nonsense, but it also has some interesting insights into the Ugandan perspective on international relations, such as this:

Idi Amin came to power with the support of Britain and Israel because they thought he was uneducated enough to be used by them.

Amin, however, turned against his sponsors when they refused to sell him guns to fight Tanzania. Unfortunately, Col. Muammar Gaddafi, without getting enough information about Uganda, jumped in to support Idi Amin. This was because Amin was a ‘Moslem’ and Uganda was a ‘Moslem country’ where Moslems were being ‘oppressed’ by Christians.

Amin killed a lot of people extra-judiciary and Gaddafi was identified with these mistakes. In 1972 and 1979, Gaddafi sent Libyan troops to defend Idi Amin when we attacked him. I remember a Libyan Tupolev 22 bomber trying to bomb us in Mbarara in 1979.

And this:

Before Gaddafi came to power in 1969, a barrel of oil was 40 American cents. He launched a campaign to withhold Arab oil unless the West paid more for it. I think the price went up to US$ 20 per barrel. When the Arab-Israel war of 1973 broke out, the barrel of oil went to US$ 40.

And last, but not least, this:

The AU mission could not get to Libya because the Western countries started bombing Libya the day before they were supposed to arrive. However, the mission will continue. My opinion is that, in addition, to what the AU mission is doing, it may be important to call an extra-ordinary Summit of the AU in Addis Ababa to discuss this grave situation.

I would blame that on the French, not the US, but that could just be me. I suspect France was one of the most eager to intervene and are likely to have had special forces there from Djibouti long before the bombs started to drop.

Energy, Security

SCADA Exploits Roam Free

Leave a comment

It looks like Luigi Auriemma did only a quick check of SCADA systems before he came up with a giant list of flaws. He has decided to post his initial findings to Bugtraq:

The following are almost all the vulnerabilities I found for a quick experiment some months ago in certain well known server-side SCADA softwares still vulnerable in this moment.

He points out in his post that he did not know anything about SCADA systems before the tests. Obviously that did not stop him from quickly finding many weaknesses.

Full-disclosure advisories and proof-of-concepts:
Siemens Tecnomatix FactoryLink:
http://aluigi.org/adv/factorylink_1-adv.txt
http://aluigi.org/adv/factorylink_2-adv.txt
http://aluigi.org/adv/factorylink_3-adv.txt
http://aluigi.org/adv/factorylink_4-adv.txt
http://aluigi.org/adv/factorylink_5-adv.txt
[…]

Open up factorylink_2-adv.txt and you will see the vulnerability levels can be very high — remote exploit.

CSService is a Windows service listening on port 7580.

All the file operations used by the service (opcodes 6, 8 and 10) allow to specify arbitrary files and directories (absolute paths) and it’s possible for an attacker to download any remote file on the server. Obviously it’s possible also to specify directory traversal paths.

First, to be fair, SCADA systems are often intended to live in a different world than other systems — single-user, single-role, etc. There may be a defense-in-depth or compensating control design to be considered that encapsulates a SCADA system. Langner talks about this some in his interview on Stuxnet. An unprotected CSService thus may have been built that way by design, to do one thing and do it well.

Second, I have found that critical infrastructure management can be dominated by a culture of data analysis. Staff are often told to punch holes into closed systems and environments to mine details needed for calculations. It can feel more like a financial firm trying to make real-time investment decisions than an engineering operation. Closed environments are under pressure to be opened in order for spreadsheets to run.

Third, the financially-focused managers boast about their speculation and risk-management skills. Yet they seem to rely more on faith than data analysis when it comes to risk relative to security controls. They raise defense-in-depth as a theory sufficient on its own instead of as a measured and managed practice to deploy controls more thoroughly. That usually means when you find a vulnerability like factorylink_2-adv someone will always emphasize my first point above and say “I believe that’s handled elsewhere.”

Putting the three above points together, the worlds of IT and SCADA are not nearly as separate and distinct as many want to believe. They must be managed to reflect this convergence or there is a risk of leaving gaps for attackers to exploit. Even worse, the depth of defense can go unmeasured and leave basic systems unprotected in environments exposed to high-risk multi-user threats.

That’s why Auriemma’s list should be taken seriously. Vendors need to secure their products, or at the very least test them for hostile scenarios and provide security warnings/guidance. The demand, however, really has to come from SCADA application consumers. I suspect that these full-disclosure vulnerability announcements will help improve the industry’s risk calculations — prove the value of paying for better security from the SCADA vendors. On the other hand, if management still does not get it, then regulations will probably have to tighten.

Energy, Security

$3K electric Cloud car with 200 mile range

Leave a comment

EcoModder tells of a hobbyist named Dave Cloud in the US who set himself a challenge: build an electric car for less than $3K that will go more than 200 miles on a charge. The base platform is a 1997 Geo.

The Dolphin was put together for a miserly $3,000, but can do impressive things for the meager amount of money that was used to create it. Running on used batteries, the car managed a 70mph top speed and overall range of upwards of 80 miles, despite the fact that curb weight is well over 3000 pounds.

Imagine the results if the car manufacturers or others donated a 2011 platform (or even a diesel-electric hybrid concept from 2005) and held a competition among hobbyists. Is that too pie-in-the-sky? Disclaimer: I love pie. Dave’s explanation of his limitations are quoted by EcoModder:

…my goal was to build a vehicle that can go 200 miles on a single charge with a speed of 60-65 mph for 85% of the miles, for under $3,000. I accomplished this goal. Because of my $3,000 limitation I made a lot of compromises in the chassis design hoping that the aerodynamics of the vehicle would make up for those inefficiencies. Inefficiencies such as front wheel bearings that rumble, back tires that are 10 years old and misshapen, single speed dual series motors (that were $100), no re-gen and inexpensive Curtis controllers.

I have watched vehicle automation contests, solar vehicle contests (which have produced Dolphin-looking cars)…is there a hypermile or mile-per-charge contest? I also have watched government leaders try to make a stupid parody out of innovation in automobile efficiency (golf carts never should have been allowed to count as a manufacturer’s low-emission “fleet” vehicle — it was a clever legal loophole exploited by GM but if it can’t safely travel over 65mph…bzzzzt, next).

Dolphin 200 mile Electric Vehicle

This reminds me of two things. One, the muscle cars that many are buying today are big-box industrialized interpretations of hobbyist vehicles at the race track from the late 1960s. I would say 70s, but they fell way out of fashion by the late 70s because efficiency became the hobbyist market objective in the oil crisis (efficiency didn’t leave in the 1980s, but the big car manufacturers lost interest when OPEC partners started to fight and undercut each other). Second, the MP3 players in practically every stereo today are an industrialized interpretation of hobbyist stereos in the late 1990s (e.g. big kudos to the original MP3 Miata with a PC in the trunk).

Comparison of these two hobbyist movements can help predict innovation cycles and answer the question: when can I buy a Dolphin?

The cost of materials in a car has typically been the impediment to more competition, as well as safety regulations. Who can afford to ship iron and forge it into a chassis or axle, for example, other than a Ford or GM? This hurdle is overcome by hobbyists through reclamation of old vehicles. It also is overcome by lighter, stronger and more easily managed technology like carbon fiber or fiberglass or plastic. The electronics industry, on the other hand, is far more open to competition because sourcing the material is far less expensive and Moore’s law seems to always find a way in.

The adoption cycle of efficient electric vehicles thus could now be more like the MP3 than the muscle car and we will see a commercial attempt to market the Dolphin within ten years instead of thirty.

Some might say VW, with plans to overtake Toyota in total sales, is already on the right path with a sleek-looking 261 mpg diesel-electric hybrid at car shows.

VW XL1 FTW

Yes that looks like a 1992 Subaru SVX. Oh Subaru, I remember when you were actually cool for being the outsider in America with inexpensive all-wheel-drive and high mpg.

Subaru SVX

…or a Ford Probe, or a Honda Insight. Car manufacturers have certainly tested the water with efficiency and aerodynamic designs (and there are other 200 mile range electrics for more money) but I hope the Dolphin $3K challenge inspires home hackers and hobbyists as they are the ones most likely to innovate without fear of losing a few Escalade or Expedition sales.

Davi

Energy, History, Security

The Risk of Radiation Dosage, Illustrated

1 Comment

xkcd has a dry wit and usually a good sense of how to fit humor with technology. The radiation dose chart on the site is a great idea but it lacks cartooning and jokes. Is that because of sensitivity, fear and feelings associated with radiation exposure?

He points out, for example, that a CRT over one year will expose you to more radiation than an x-ray of your arm. Maybe I should put that the other way around. It’s kind of funny.

The giant green box area on the right side of his chart is the maximum annual dose allowed a radiation worker, while the itty bitty green box to the left of it is the maximum external dose from Three Mile Island. Wow, assuming his boxes are accurate, good illustration on risk.

xkcd Radiation Dose Chart

The BBC offers a more dramatic version. They list the levels in numeric format, but the chart gives a very “red” heavy impression of exposure. I noted in their chart that the annual dose level allowed a radiation worker has been reduced by more than half. This suggests that these charts are not an accurate representation of known risk — they are an estimation still subject to change.

Radiation Dose Level Risk

Of course photos of radiation victims probably have the most profound effect on our risk thermostat, as they tend to give us a sense of accurate representation (7 million affected by Chernobyl fallout, half of them children instead of just the 50 officially recorded).