Category Archives: Food

2018 AppSec California: “Unpoisoned Fruit: Seeding Trust into a Growing World of Algorithmic Warfare”

My latest presentation on securing big data was at the 2018 AppSec California conference:

When: Wednesday, January 31, 3:00pm – 3:50pm
Where: Santa Monica
Event Link: Unpoisoned Fruit: Seeding Trust into a Growing World of Algorithmic Warfare

Artificial Intelligence, or even just Machine Learning for those who prefer organic, is influencing nearly all aspects of modern digital life. Whether it be financial, health, education, energy, transit…emphasis on performance gains and cost reduction has driven the delegation of human tasks to non-human agents. Yet who in infosec today can prove agents worthy of trust? Unbridled technology advances, as we have repeatedly learned in history, bring very serious risks of accelerated and expanded humanitarian disasters. The infosec industry has been slow to address social inequalities and conflict that escalates on the technical platforms under their watch; we must stop those who would ply vulnerabilities in big data systems, those who strive for quick political (arguably non-humanitarian) power wins. It is in this context that algorithm security increasingly becomes synonymous with security professionals working to avert, or as necessary helping win, kinetic conflicts instigated by digital exploits. This presentation therefore takes the audience through technical details of defensive concepts in algorithmic warfare based on an illuminating history of international relations. It aims to show how and why to seed security now into big data technology rather than wait to unpoison its fruit.

Copy of presentation slides: UnpoisonedFruit_Export.pdf

Where is the Revolution in Intelligence? Public, Private or Shared?

Watching Richard Bejtlich’s recent “Revolution in Intelligence” talk about his government training and the ease of attribution is very enjoyable, although at times for me it brought to mind CIA factbook errors in the early 1990s.

Slides that go along with the video are available on Google drive

Let me say, to get this post off the ground, I will be the first one to stand up and defend US government officials as competent and highly skilled professionals. Yet I also will call out an error when I see one. This post is essentially that. Bejtlich is great, yet he often makes some silly errors.

Often I see people characterize a government as made up of inefficient troglodytes falling behind. That’s annoying. Meanwhile often I also see people lionize nation-state capabilities as superior to any other organization. Also annoying. The truth is somewhere in between. Sometimes the government does great work, sometimes it blows compared to private sector.

Take the CIA factbook I mentioned above as an example. It has been unclassified since the 1970s and by the early 1990s it was published on the web. Given wider distribution its “facts” came under closer scrutiny from academics. So non-gov people who long had studied places or lived in them (arguably the world’s true leading experts) read this fact book and wanted to help improve it — outsiders looking in and offering assistance. Perhaps some of you remember the “official” intelligence peddled by the US government at that time?

Bejtlich in his talk gives a nod towards academia being a thorough environment and even offers several criteria for why academic work is superior to some other governments (not realizing he should include his own). Perhaps this is because he is now working on a PhD. I mean it is odd to me he fails to realize this academic community was just as prolific and useful in the 1990s, gathering intelligence and publishing it, giving talks and sending documents to those who were interested. His presentation makes it sound like before search engines appeared it required nation-state sized military departments walking uphill both ways in a blizzard to gather data.

Aside from having this giant blind spot to what he calls the “outsider” community, I also fear I am listening to someone with no field experience gathering intelligence. Sure image analysis is a skill. Sure we can sit in a room and pore over every detail to build up a report on some faraway land. On one of my private sector security teams I had a former US Air Force technician who developed film from surveillance planes. He hated interacting with people, loved being in the darkroom. But what does Bejtlich think of actually walking into an environment as an equal, being on the ground, living among people, as a measure of “insider” intelligence skill?

Almost three decades ago I stepped off a plane into a crowd of unfamiliar faces in a small country in Asia. Over the next five weeks I embedded myself into mountain villages, lived with families on the great plains, wandered with groups through jungles and gathered as much information as I could on the decline of monarchial rule in the face of democratic pressure.

One sunny day on the side of a shoulder-mountain stands out in my memory. As I hiked down a dusty trail a teenage boy dressed all in black walked towards me. He carried a small book under his arm. He didn’t speak English. We communicated in broken phrases and hand gestures. He said he was a member of a new party.

Mao was his leader, he said. The poor villages felt they weren’t treated well, decided to do something about it. I asked about Lenin. The boy had never heard the name. Stalin? Again the boy didn’t know. Mao was the inspiration for his life and he was pleased about this future for his village.

This was before the 1990s. And by most “official” accounts there were no studies or theories about Maoists in this region until at least ten years later. I mention this here not because individual people with a little fieldwork can make a discovery. It should be obvious military schools don’t have a monopoly on intel. The question is what happened to that data. Where did information go and who asked about it? Did others have easy access to data gathered?

Yes, someone from private sector should talk about “The Revolution in Private Sector Intelligence”. Perhaps we can find someone with experience working on intelligence in the private sector for many, many years, to tell us what has changed for them. Maybe there will be stories of pre-ChoicePoint private sector missions to fly in on a moment’s notice into random places to gather intelligence on employees who were stealing money and IP. And maybe non-military experience will unravel why Russian operations in private sector had to be handled uniquely from other countries?

Going by Bejtlich’s talk it would seem that such information gathering simply didn’t exist if the US government wasn’t the one doing it. What I hear from his perspective is you go to a military school that teaches you how to do intelligence. And then you graduate and then you work in a military office. Then you leave that office to teach outsiders because they can learn too.

He sounds genuinely incredulous to discover that someone in the private sector is trainspotting. If you are familiar with the term you know many people enjoy as a hobby building highly detailed and very accurate logs of transportation. Bejtlich apparently is unaware, despite this being a well-known thing for a very long time.

A new record of trainspotting has been discovered from 1861, 80 years earlier than the hobby was first thought to have begun. The National Railway Museum found a reference to a 14 year old girl writing down the numbers of engines heading in and out of Paddington Station.

It reminds me a bit of how things must have moved away from military intelligence for the London School of Oriental and African Studies (now just called SOAS). The British cleverly setup in London a unique training school during the first World War, as explained in the 1917 publication “Nature”:

…war has opened our eyes to the necessity of making an effort to compete vigorously with the activities — political, commercial, and even scientific and linguistic — of the Germans in Asia and Africa. We have discovered that their industry was rarely disinterested, and that political propaganda was too often at the root of “peaceful penetration” in the field of missionary, scientific, and linguistic effort.

In other words, a counter-intelligence school was born. Here the empire could maintain its military grip around the world by developing the skills to better gather intelligence and understand enemy culture (German then, but ultimately native).

By the 1970s SOAS, a function of the rapidly changing British global position, seemed to take on wider purpose. It reached out and looked at new definitions of who might benefit from the study and art of intelligence gathering. By 1992 regulars like you or me could attend and sit within the shell of the former hulk of a global analysis engine. Academics there focused on intelligence gathering related to revolution and independence (e.g. how to maintain profits in trade without being a colonial power).

I was asked by one professor to consider staying on for a PhD to help peel apart Ghana’s 1956 transition away from colonial rule, for only academic purpose of course. Tempted as I was, LSE instead set the next chapters of my study, which itself seems to have become known sometime during the second World War as a public/private shared intelligence analyst training school (Bletchley Park staff tried to convince me Zygalski, inventor of equipment to break the Enigma, lectured at LSE although I could find no records to support that claim).

Fast forward five years to 1997 and the Corner House is a good example of academics in London who formalized public intelligence reports (starting in 1993?) into a commercial portfolio. In their case an “enemy” was more along the lines of companies or even countries harming the environment. This example might seem a bit tangential until you ask someone for expert insights, including field experience, to better understand the infamous pipeline caught in a cyberwar.

Anyway, without me dragging on and on about the richness of an “outside” world, Bejtlich does a fine job describing some of the issues he had adjusting. He just seems to have been blind to communities outside his own and is pleased to now be discovering them. His “inside” perspective on intelligence is really just his view of inside/outside, rather than any absolute one. Despite pointing out how highly he regards academics who source material widely he then unfortunately doesn’t follow his own advice. His talk would have been so much better with a wee bit more depth of field and some history.

Let me drag into this an interesting example that may help make my point, that private analysts not only can be as good or better than government they may even be just as secretive and political.

Eastman Kodak investigated, and found something mighty peculiar: the corn husks from Indiana they were using as packing materials were contaminated with the radioactive isotope iodine-131 (I-131). Eastman Kodak at the time had some of the best researchers in the country on its team (the company even had its own nuclear reactor in the 1970s), and they discovered something that was not public knowledge: those farms in Indiana had been exposed to fallout from the 1945 Trinity Test in New Mexico — the world’s first atmospheric nuclear bomb explosions which ushered in the atomic age. Kodak kept this exposure silent.

The American film industry giant by 1946 realized, from clever digging into the corn husk material used for packaging, that the US government was poisoning its citizens. The company filed a formal complaint and kept quiet. Our government responded by warning Kodak of military research to help them understand how to hide from the public any signs of dangerous nuclear fallout.

Good work by the private sector helping the government more secretly screw the American public without detection, if you see what I mean.

My point is we do not need to say the government gives us the best capability for world-class intelligence skills. Putting pride aside there may be a wider world of training. So we also should not say private-sector makes someone the best in world at uncovering the many and ongoing flaws in government intelligence. Top skills can be achieved in different schools of thought, which serve different purposes. Kodak clearly worried about assets differently than the US government, while they still kind of ended up worrying about the same thing (colluding, if you will). Hard to say who evolved faster.

By the way, speaking of relativity, also I find it amusing Bejtlich’s talk is laced with his political preferences as landmines: Hillary Clinton is setup as so obviously guilty of dumb errors you’d be a fool not to convict her. President Obama is portrayed as maliciously sweeping present and clear danger of terrorism under the carpet, putting us all in grave danger.

And last but not least we’re led to believe if we get a scary black bag indicator we should suspect someone who had something to do with Krav Maga (historians might say an Austro-Hungarian or at least Slovakian man, but I’m sure we are supposed to think Israeli). Is that kind of like saying someone who had something to do with Karate (Bruce Lee!) when hinting at America?

And one last thought. Bejtlich also mentions gathering intelligence on soldiers in the Civil War as if it would be like waiting for letters in the mail. In fact there were many more routes of “real time” information. Soldiers were skilled at sneaking behind lines (pun not intended) tapping copper wires and listening, then riding back with updates. Poetry was a common method of passing time before a battle by creating clever turns of phrase about current events, perhaps a bit like twitter functions today. “Deserters” were a frequent source of updates as well, carrying news across lines.

I get what Bejtlich is trying to say about speed of information today being faster and have to technically agree with that one aspect of a revolution; of course he’s right about raw speed of a photo being posted to the Internet and seen by an analyst. Yet we shouldn’t under-sell what constituted “real-time” 150 years ago, especially if we think about those first trainspotters…

BBC’s false history of long distance communication

One might think history would be trivially easy, given how these days every fact is on the Internet at the tips of our fingers. However, being a historian still takes effort, perhaps even talent. Why?

The answer is simple: “the value of education is not the learning of many facts but the ability of the mind to think”. I’ll let you try and search to figure out the person who said that.

A historian is trained to apply expertise in thinking, run facts through a system of sound logic for others to validate, rather than just leave facts on their own. It is a bit like a chef cooking a delicious meal rather than offering you a bowl of raw ingredients. Analysis to get the right combinations of ingredients cooked together can be hard. And on top of finding the results desirable, we also need ways to know the preparations were clean an can be trusted.

Take for example a BBC magazine article written about long distance communication, that cooks up a soup called “How Napoleon’s semaphore telegraph changed the world”.

This article unfortunately offers factual conclusions that are poorly prepared and end up tasting all wrong. Let’s start with three basic assertions the BBC has asked readers to swallow:

  1. The last stations were built in 1849, but by then it was clear that the days of line-of-sight telegraphy were done.
  2. The military needs had disappeared, and latterly the operators’ main task was transmitting national lottery numbers.
  3. The shortcomings of visual communication were obvious. It only functioned in daytime and in good weather.

First point: Line-of-sight telegraphy is still used to this day. Anyone sailing the Thames, or any modern waterway for that matter, would happily tell you they rely on a system of lights and flags. I wrote it into our book on cloud security. The BBC itself has a story about semaphore adoption during nuclear disarmament campaigns. As long as we have visual sensors, these signal days will never be done. Dare I mention the line-of-sight communication scene in a futuristic sci-fi film The Martian?

Second point: Military needs are not the only need. This should be obvious from the first point, as well as from common sense. If this were true you would not be reading a blog, ever. More to the stupidity of this reasoning, the French system resorted to a lottery because it went bankrupt. The inventor had pinned all his hope for a very expensive system on military financing and that didn’t come through. So the lottery was a last-ditch attempt to find support after the military walked.

semaphore-lottery

A sad footnote to this is the French military didn’t see the Germans coming in latter wars. So I could dive into why military needs didn’t disappear, but that would be more complicated than proving there were other needs and the system just wasn’t funded properly to survive.

Third point: Anyone heard of a lighthouse? What does it do best? Functions at night and in bad weather, am I right? Fires on a hill (e.g. pyres) also work quite well at night. Or a flashlight, such as the one on your cell-phone.

Try out the Jolla phone app “Morse sender” if you want to communicate over distance at night and bad weather using Morse code. Real shortcomings of visual communication come during thick smoke (e.g. old gunpowder battles or near coal power), which leads to audio signals such as the talking drum, fog horns, bagpipes and songs or cries.

Ok, so all those three above points are false and easily disproved, tossed into the bin. Now for the harder part, the overall general conclusion in two sentences from BBC magazine:

Smoke, fire, light, flags – since time immemorial man had sought to speak over space.

What France did in the first half of the 19th Century was create the first ever system of distance communication.

Shame that the writer acknowledges fire and flags here because those are the facts we used above to disprove their own analysis (work at night, still in use). Now can we disprove “first ever system of distance communication”?

I say this is hard because I’m giving the writer benefit of the doubt. Putting myself in their shoes they obviously see a big difference between the “immemorial” methods used around the world and a brief French experiment with an expensive, unfunded militaristic system.

As hard as I try, honestly I don’t see why we should call the French system first. Consider this passage from archaeologist Charles Jones’ 1873 “Antiquities of the Southern Indians

southern-indian-smoke-signals

Note this is a low-cost and night-time resilient system that leaves no trace. Pretty damning evidence of being earlier and arguably better. We have fewer first-hand proofs from earlier yet it would be easy to argue there were complex fire signals as far back as 150 BCE.

The Greek historian Polybius explained in The Histories that fire signals were used to convey complex messages over distance via cipher. A flame would be raised and lowered, turned on or off, to signal column and row of a letter.

6 The most recent method, devised by Cleoxenus and Democleitus and perfected by myself, is quite definite and capable of dispatching with accuracy every kind of urgent messages, but in practice it requires care and exact attention. 7 It is as follows: We take the alphabet and divide it into five parts, each consisting of five letters. There is one letter less in the last division, but this makes no practical difference. 8 Each of the two parties who are about signal to each other must now get ready five p215tablets and write one division of the alphabet on each tablet, and then come to an agreement that the man who is going to signal is in the first place to raise two torches and wait until the other replies by doing the same. 10 This is for the purpose of conveying to each other that they are both at attention. 11 These torches having been lowered the dispatcher of the message will now raise the first set of torches on the left side indicating which tablet is to be consulted, i.e. one torch if it is the first, two if it is the second, and so on. 12 Next he will raise the second set on the right on the same principle to indicate what letter of the tablet the receiver should write down.

It even works at night and in bad weather!

Speaking of which there may even have been a system earlier, such as 247 BCE. Given the engineering marvel of the lighthouse Pharos of Alexandria, someone may know better of its use for long-distance communication by line-of-sight.

Has the point been made that the first ever system of distance communication was not the French during their revolution?

I think the real conclusion here, in consideration of BBC magazine’s attempt to persuade us, is someone was digging for reasons to be proud of French militarism. Had they bothered to think more deeply or seek more global sources of data they might have avoided releasing such a disappointing article.

When native Americans demonstrated excellent long distance communication systems, European settlers mocked them. Yet the French build one and suddenly we’re supposed to remember it and say…oh la la? No thanks, too hard to swallow. That’s poor analysis of facts.

The story behind the yellow Jerry can

Part two in a three part series. (Part one and part three)

Once upon a time I sailed half-way across the Pacific Ocean with the typical yellow fuel can lashed to the deck.

yellow cans on deck

The yellow Jerry can has specific meaning to me — diesel fuel — which I thought was a standard. Yet recently I found a charity worker showing me yellow cans of… water with smiling children, as they asked me to donate funds.

Stock photos of happy smiling children, poor children, playing with yellow cans; this looked weird to me. I wanted to see charts of health and safety data from operations, not ignorance of toxicity from unsafe oil handling/disposal.

Flashy photos provided questionable value to me, or the opposite…made me curious about what might really be lurking beneath such shallow propaganda.

smiling-child-propaganda

Is this really any different than children miners (minors) grinning through the toxicity of their forced labor environment?

After 1842, no child under the age of ten was allowed to work underground

Yellow cans in obviously staged photos seemed to be encouraging me to accept that children using them for water is some kind of acceptable normal. In fact the unsettling appearance of a fuel can in the hand of smiling children supposedly can be seen “everywhere”, as they have written without irony:

You’ve seen it everywhere on our site, at our events, on our shirts… tattooed on our arms… and although the Jerry can has become a mainstay for our staff and supporters, we want to let you know what it actually is and why it’s a symbol of the charity: water mission.

The diesel can a symbol of a water mission? “Our site, our events, our shirts, our arms”. Note the emphasis on “our” mainstay, rather than a mainstay of the people being helped. My definition of everywhere is a bit broader. Is this a mission to convince staff and supporters that a yellow can should become a symbol of water or that it already has? Because…why?

Something smelled funny. Globally I had learned in my travels, regardless of continent or sea, yellow cans meant one thing, and it was NOT water. Yellow often is used for warning signs; first-hand experience around the world has associated yellow cans with sickening slicks and fumes of poison.

Red gasoline cans, yellow diesel cans. Those are the ones you DO NOT DRINK from let alone touch and breathe. Often we would end up scrubbing and wiping the nearly permanent mess of petroleum around those cans.

And yet, because standards change, I still am open to be convinced otherwise if someone can show data.

Surely there are cases (no pun intended) where options are limited, and people have to make do with what little they have. Reuse of fuel cans for water? Sounds like an indicator of desperation or lack of regulation. Is this evidence of the need for many more white or blue cans?

Globally white and blue are used to symbolize health and safety (e.g. Blue Cross, Blue Shield, U.N. Department of Peacekeeping Operations blue hats and helmets, as well as the white helmets with blue suits of disaster relief workers)

"clouds in the sky" white helmets and blue suits means safe. yellow means warning or caution
Singapore disaster team prepares for Nepal. White helmets and blue suits (“clouds in the sky”) indicates neutral or safe. Yellow indicates warning or caution.

I mean we are talking about a charity here, where setting a new standard of good is supposed to be the mission, especially where health risks are found. For a charity with wealthy backers and industrial input the choices obviously are many, so the standard should be high. There is great risk in using charity to reinforce harmful behavior.

Confused by charity workers flashing smiling kids in your face to get your money? Me too.

How did someone decide, of all the options, to adopt yellow cans as a sign of health, a symbol for “clean” anything? And why are they just showing stock photos to get donations instead of any real data?

What comes next, bright red oil barrels for charity:meal?

charity:meal

Let’s forget I asked that…although to be fair red in this case could make sense to warn people about heat and to stay away from the barrels.

I searched for answers and some history on can safety. Either I would become convinced that it now is safe for people to drink from yellow cans, and it is safe to give this charity money, or that existing standards need to be defended and propaganda exposed.

My search led to some very interesting surprises.

The charity website reduced my confidence in their ability to collect and analyze data, for example. You might say my opinion worsened as I read through apologetic narratives about Nazi Germany.


Here are four examples, paragraph by paragraph, of what I found and why this charity is so wrong:

EXAMPLE ONE

To most people, this simple metal or plastic can means ‘gasoline,’ and rightfully so — the first Jerry cans were introduced as gasoline containers by the German military at the start of World War II.

There was some kind of war, a second world war, and this military from Germany that had to go to war also had some need for gasoline, see…

False.

Jerry cans existed during the Spanish Civil War of 1936, years prior to the start of WWII. These cans served both as fuel and water containers, which we know because they were stamped with clear markings for their purpose.

Germany was involved with and supported other fascist militarism. Someone within the growing Nazi war machine was looking at how to improve a fuel can long before Hitler mobilized troops on 15 March 1938 (passive capitulation of Czechoslovakia) or 1 September 1939 (1.5 million marched into Poland, conquering 140 miles in just one week).

I believe the real story goes to lessons in vehicle support and supply containers (e.g. evaporation/expansion) derived from Italian invasion (3 October 1935) of Ethiopia and there is evidence cans were modified and tested during Nazi support for fascists in the Spanish Civil War (17 July 1936).

Handling chemicals in extreme conditions had forced Italy and Spain to innovate their cannister technology. For example the Italians had developed new mustard gas and new bombs to drop on hospitals and ambulances flying the red cross (infamously killing Swedish medical leaders Fride Hylander and Gunnar Lundström).

December 1935 Dolo Ethiopia Italian Bombing Killed Dr Lundstrum in Ambulance

This day is still called “darkest in the history of the International Red Cross“; worth reading if you want to get a sense of how in 1936 a rapidly expanding fascist offensive led to a quickening pace of technology change.

Does the can mean gasoline? The phrase “to most people” used by this charity indicates they have some kind of data or source to check, yet none is provided.

I would say to most people the Jerry can means more than gasoline. It means a variety of fuels and even water. My data on this is based on search engines where the top results are “Jerry Cans – Fuel, Water, Diesel, & Accessories” and “can be used for fuel and drinking water”. The word gasoline does not come up easily.

It is true that 1930s Germany used gasoline for their vehicles. However even they stamped their fuel cans with the generic word Kraftstoff (fuel) or with Wasser (water). The Wasser cans also were painted with broad white lines to ensure it could not be confused with Kraftstoff.

This says to me that today’s use of yellow color on a can would, like the Nazis originally intended, help differentiate unsafe fuel cans. Here is what a Nazi water can, stamped with Wasser and painted with white lines, looks like:

wassercan

So to most people I think it fair to say the Jerry can means various liquids, not simply gasoline, and most people expect consistent symbols and use to avoid mixing them.

Moving everyone to think of yellow as safe for water seems doable, although expensive and risky, as it really has to be clear where diesel and water are to be found. It seems like a lot of extra work/cost because of confusion, as a friend recently put it:

Whoever made the almond-milk carton the exact same shape as the chicken-broth carton should have to eat this cereal.

Labeling/testing yellow Jerry cans on a massive scale as safe for water seems much, much more complicated and risky than just continuing to use the existing standard of white or blue water cans.

EXAMPLE TWO

These five-gallon cans, also called ‘Jeep cans’ or ‘blitz cans’ (or, in Germany, ‘Wehrmachtskanisters’) were made of steel and usually sat in the back of vehicles as a reserve tank of gas.

In Germany there were these things with a funny German name in the back of vehicles, kind of like a Jeep, used for an afternoon blitz…

Misleading.

Wehrmachtkanisters means “army can”. Fascists who initiated war without provocation strapped multiples of cans to the side of their vehicles during invasions of foreign countries. In theory the blitzkrieg (German for “lightning war”) was a strategy of very brutal and fast advances to rout an enemy before they could respond.

Obviously there is less surface area in back (width versus length of a vehicle) so lashing cans to the sides has many advantages: leaves space available and makes use of open spaces, balances weight more evenly, while keeping nasty toxic fuel away from doors, passengers and gear. Use of the sides also means the back can be used for less durable/convenient assets and for giant doors and loading (e.g. troop deployment from trucks).

You may notice the white broad lines on some cans, clearly indicating Wasser instead of Kraftstoff.

Bundesarchiv_Bild_101I-022-2926-07,_Russland,_Unternehmen_"Zitadelle",_VW_Kübelwagen Bundesarchiv_Bild

You will find the same behavior on a boat that has to cross an ocean, as you saw at the start of this story. Reserve cans are balanced on either side, not in the back. It would be stupid to weigh down the back of a vehicle/boat with a dozen cans when sides are empty.

Now lets talk about gallons. Jerry cans are 20L capacity and stamped with this unit — about 5.28 US gallons or 4.40 UK gallons. Jerry cans were not “5 gallons” as Charity:water seems to believe. I find it very odd an international organization would use gallons, let alone not specify a system of gallons. Liters are the original and obvious measurement. Someone thinking in gallons has imposed a very narrow and inaccurate perspective over reality.

In terms of material the cans were not only steel; what made Jerry cans most notable in terms of material was a synthetic lining unlike other metal cans. Plastic cans, or even kevlar-lined battle containment for fuels, today could perhaps be linked to the synthetics of the Jerry can.

In terms of brand association, Jerry cans weren’t used by Jeeps until many years later. I am not sure why Jeep gets brought in so subtly next to “blitz cans”. It strangely brands a pre-existing can with a trademark of a specific American vehicle despite the cans not being developed for it originally and being used much more widely. Perhaps Charity:water is thinking ahead about the power of branding and hopes someday we’ll call them Charity:cans?

Speaking of American trademarks, “Blitz” reminds me of a sad and strange twist in history. As I explained above the word means lightning in German; a military campaign tactic attributed to the Nazis. It also refers to a specific 1940 bombing campaign meant to demoralize the British by killing civilians and destroying industry. Not the best connotations. With that in mind an American manufacturing company made the odd decision to adopt it as a name for their “improved” version of Jerry cans.

Originally a US metal container company that made Jerry cans in the 1940s used the words “metal container” in their name. They grew so large and successful that 50 years later the vast majority of American fuel cans were made at this “U.S. Metal Container” (UMC) company. When UMC moved its production away from metal to making only plastic cans in the 1990s they changed their name.

Instead of just switching to the acronym UMC, which would have been clever and celebrating American military history, they adopted the infamous Nazi term “Blitz” as their name because, well, UMC was located in Oklahoma. It should be no secret that neo-nazis and Hitler apologists lived an open life in Oklahoma. But I digress…

Anyhow after changing its name to the Nazi “Blitz” and moving everything to plastic production this venerable Jerry can manufacturer (that perhaps even helped defeat Nazi Germany) soon filed for bankruptcy.

“Blitz” said it could not survive the dozens of lawsuits over its defective cans that were exploding and killing Americans. I told you there was a twist.

EXAMPLE THREE

It’s said that Adolph Hitler anticipated the biggest challenge to taking over Europe in WWII was fuel supply. So Germany stocked up.

False and super annoying.

Look, this is very wrong for many reasons. I don’t expect to read charitable thoughts on Hitler from a supposed “charity” site. WTF. No really, WTF.

Also I find “it’s said” to be an unacceptable start to a pro-Hitler sentence that lacks any citation. Who said Hitler anticipated…what? Hitler was an insane dictator and deserves no glorifications. I should not need to cover this.

Nonetheless, it is easy to see how badly that fascist leader sucked at planning. The USAF points out he took his country to war with an acute fuel shortage and massive dependence on imports:

At the outbreak of the war, Germany’s stockpiles of fuel consisted of a total of 15 million barrels.

That is basically nothing, given their rate of consumption, and fuel was expected to run out by 1941. Two years after starting the war, stupid Hitler lacked a plan to continue supplying fuel. Cans clearly were not meant to solve the macro challenge. The American pro-fascist company Standard Oil played an essential role in illegally supplying fuel to Hitler’s air-force even as it was bombing London, which arguably had far greater impact than any container holding that fuel.

Actually I’m getting ahead of myself. Assuming a rapid assault that would last only a few weeks or months then yes, perhaps, a large stock of cans would be decisive in lieu of actual fuel supplies. However, anyone anticipating the “biggest challenge” would have probably considered campaigns getting bogged-down or stuck and contemplate future fuel origination options beyond a better container to move it around in.

It makes far more sense to me that some middling Nazi official was eager to solve a small and obvious part of logistics that they were focused on. There was a little fuel distribution problem, they saw it in 1935 or 1936 fascist invasions, and they set about a new can design. Even translating that into a massive pile or distribution of their cans does not equate to truly anticipating the major issues ahead.

I mean of course fuel did not pose the “biggest challenge” to taking over Europe.

This claim is so absurd I don’t even know where to begin. Put it in reverse perspective: having solved fuel supply alone would not have won the war for the Axis. It was not the single deciding factor. It was a factor among many, with the other factors often being far more in focus and difficult.

A Hitler “anticipation” theory simply does not fit with one of the greatest fuel blunders of all time, Operation Barbarossa, to violate borders to the East. Consider that in this operation more than 600,000 Nazi horses were relied upon in 1941.

Vehicle logistics totally failed. That’s right. HORSES.

There were absurd problems from lack of standardization, split and confused leadership and unrealistic (arguably insane) ideas of a “lightning” fast victory that quickly undermined an overstretched and flimsy Nazi supply chain doctrine. And this was after the 1940 “Blitz” against London already had failed its objectives despite America’s Standard Oil constantly re-fueling the bombers.

The simple fact of history is that from June to December 1941 the result of Nazism’s brutal stupidity was “half-starved and half-frozen; out of fuel and ammunition.”

Thus, Nazi leadership represents forever the exact opposite of anticipation and stocking up early. Blitz really translates into blundering into something without a plan and then committing suicide to avoid accountability. (See example two, above)

EXAMPLE FOUR

As Germany moved through Europe and North Africa, so did their thousands of gasoline cans. These cans proved to be dependable and durable; soon, countries all over the world were adapting them to haul and store liquids, coining them ‘Jerry cans’ because of their German origin (‘Jerry’ was a snide name for a German WWII soldier). New water container designs emerged but nothing could top the strength and simplicity of the original rectangular, X-marked Jerry can.

False.

Obviously there were more than thousands of cans. The discovery of the Jerry can did not lead directly to adoption by the Allies. I sense some odd reverence for Nazis, even to the point of trying to apologize for “snide” names. Snide? Is this a concern without context? War against fascism, let alone against genocide, perhaps invites derision?

“Jerry” actually was a term used by Allies during WWI supposedly because the German helmet resembled a British jerry (chamber pot). In that sense a Jerry can is actually still a reference to its contents being toxic or at least unpotable.

As far as “new water container” designs I must again point out the original Jerry can also was used for water, with a designated stamp on the can to differentiate from fuel cans as mentioned above.

So with all that nonsense from Charity:water set aside, let me turn to an actual history of the yellow Jerry can. This is perhaps how I would update their page.


RECOMMENDATIONS FOR A REVISED TEXT

Jerry cans improved greatly upon prior cans, yet are quite simple in retrospect — better durability and portability. This can be explained with a couple short stories from the Allied perspective on winning WWII.

Durability

Paul Pleiss was an American engineer in Berlin who in 1936 had discovered a new can while planning to take a huge road trip (see part three of this series). He quickly realized its benefits first-hand. After his road trip, Pleiss spent the summer of 1939 to the summer of 1940 trying to convince the US military to adopt a new can.

American leadership was reluctant, without evidence or proof; they saw no need to alter current production. Only after Pleiss brought a can to show in person and demonstrate, and after the US considered field reports and shortcomings in their North Africa campaign (similar to the experiences of Italy during the 1935 invasion of Ethiopia) did the Jerry can come into better reception.

Things really shifted in 1942 when field qualitative reports backed by quantitative evidence showed US leaders that nearly half of fuel in Egypt was lost due to can failure. Despite sizable impacts while destroying fascists and freeing Africa, as recorded in desert battle outcomes in the preceding years (i.e. Wavell 1940, Auchinleck 1941, Montgomery 1942), measured data is what really hit home for the Americans.

…we sent a cable to naval officials in Washington stating that 40 percent of all the gasoline sent to Egypt was being lost through spillage and evaporation. We added that a detailed report would follow. The 40 percent figure was actually a guess intended to provoke alarm, but it worked. A cable came back immediately requesting confirmation.

So six years after Italy’s campaign in Ethiopia had led to German army equipment design changes, the US reached the same conclusions — fighting in North Africa needs a good fuel can.

Portability

The British appear to have ignored can design during the 1936-1939 innovation period. At the start of WWII hostilities a “flimsy” can prone to failure and mess was the UK standard. Still a better Jerry can design only came to light for them in the aftermath of French General Gamelin troops withering in 1940, leaving Britain alone to fight the Germans.

An over-extended and fragile but fast German blitzkreig had led to more careful British study and eventual realization that fuel portability had surely impacted performance. Another example, a similar study of the impact of new technology, was the use of radios by German tanks to update plans with “agile” development (peer communication) instead of waterfall (from the top).

The better containers meant much faster deployments. For example a can with a single handle is inferior to multiple handles when considering a line of soldiers trying to “bucket brigade”. Side handles meant two people could grab a can at the same time, or a single person could grab two with one hand. Faster can opening times mattered, as did less spillage during fuel transfer.

The German designer

Put the British and American realizations together and you get what I believe to have been the same thing that happened to the Germans in November 1936. An Italian invasion into northern Africa sparked the need for improvement, which then was tested during war in Spain.

Someone in Nazi Germany’s military administration invited Vinzenz Grünvogel of Müller to apply for a “Wehrmachtskanister” contract. Given the prior work of Müller with Ambi-Budd Presswerk (German for “pressed metal manufacturing”) the Jerry can method of manufacture probably was a derivative more than a novelty.

So it was with the 1936 Italian vehicles crossing rough African territory in mind that led to these specifications:

Portability

  • 465mm tall
  • 340mm wide
  • 20L capacity
  • 4kg dry weight
  • easy to stack
  • easy to manufacture (two plates pressed)
  • easy to carry (one soldier = two full, four empty) +
    (two soldiers = three for bucket brigade speed of transfer)

Durability

  • shock (recessed welds)
  • corrosion (synthetic lining)
  • float (air pocket “bump”)
  • pour (short spout)
  • seal (cam with lock)
  • expand (50deg max)

From the list and field experience it should be easy to see why the design has lasted.

Ultimately the cans were manufactured by dozens of companies subjected to Axis rule (Müller, Presswerke, Metalwerk, Nowack, Fischer, Schwelm, etc) and after 1942 by many other companies.

Symbols and markings

Lets go back to the idea of keeping people safe from toxic contents. As I mentioned the Germans stamped cans with “Wasser” (water) or “Kraftstoff” (fuel).

Despite a stamping process there also can be found a white W to indicate “winter” fuel (Winterkraftstoff) on later cans. This reiterates the importance of clear labeling to the original designers. It also points again to a lack of overall planning and preparation mentioned above (Hitler apparently refused to believe war would last into winter).

And that brings us to the creation of the yellow Jerry cans, a warning color for fuel. How should cans with different contents safely be identified? Is there a standard?

The answer is yes and no. Standards tend to evolve. Generally they have run something like this.

Traditional

  1. Gasoline – Red
  2. Diesel – Yellow
  3. Drinking water (potable) – White
  4. Alt Fuels (Kerosene, JP Jet Fuel, Heli, M1 Meth, etc) – Blue
  5. Non-potable water – Green

Modern (e.g. 2005 California):

  1. Gasoline – red;
  2. Diesel – yellow; and
  3. Kerosene – blue

A typical set of Jerry can color options today:

jerry can colors


CONCLUSION

Does red look better with your shoes than green? Should we use colors for fashion sense not functional safety because of toxic chemicals?

As far as I can tell standards of color were centered on safety and clarity. Charity:Water uses yellow cans because fashion, and probably convenience, not because of grounded concerns about health and finding the best solutions. I mean has anyone studied the impact of using the correct color cans for water versus reinforcing use of yellow cans? Definitely did not find that on the charity site.

A water charity adopting a yellow can makes about as much sense to me as saying people in need drinking contaminated water should keep doing it because tradition. I’d just drop the color, if I were advising them. It is easy to switch a logo from solid yellow to white, especially since white cans conform to traditional safety standards.

Again, I want to be clear I am not opposed to change or redefinition of standards; here is a clever new white Jerry can:

jerrycabinet

My concern is with a charity pushing a global campaign that uses a dangerous/toxic liquid indicator as a symbol of clean water. Something seems odd about that decision.

Starting from my basic gut instinct it seems counter-productive to a charity objective to use confusing health/danger symbolism. This especially feels true for a charity that knows how to use imagery for power because they spend money to orchestrate images of smiling children. Moving to deeper analysis I found a very weak grasp of history, a whitewash of Hitler and the Nazis; this group asking for money may be seriously divorced from reality or real facts on the ground about social impact.

More on that…another day.

If you have made it this far (thanks!) you’re ready for a pop-quiz:

Given this typical image showing the various Jerry can colors…

…what word would you put after the word “charity”?

Feel free to put your answer in the comment section below.

Go back to part one or continue to part three in this series…

The (Secret) History of the Banana Split

Inexpensive exotic treat drugstore ad
Inexpensive exotic treat drugstore ad
If there is a quintessential American dessert it is the banana split. Why? Although we can credit Persians and Arabs with invention of ice-cream (nice try China) the idea of putting lots of ice-cream on a split banana covered in everything you can find but the kitchen sink…surely that is pure American innovation.

After reading many food history pages and mulling their facts a bit I realized something important was out of place. There had to be more to this story than just Americans love big things — all the fixings — and one day someone put everything together. Why America? When?

I found myself digging around for more details and eventually ended up with this official explanation.

In 1904 in Latrobe, the first documented Banana Split was created by apprentice pharmacist David Strickler — sold here at the former Tassell Pharmacy. Bananas became widely available to Americans in the late 1800s. Strickler capitalized on this by cutting them lengthwise and serving them with ice cream. He is also credited with designing a boat-shaped glass dish for his treat. Served worldwide, the banana split has become a prevalent American dessert.

The phrase that catches my eye, almost lost among the other boring details, is that someone with an ingredient “widely available…capitalized”; capitalism appears to be the key to unlock this history.

Immigration and Trade

The first attribution goes to Italian immigrants who brought spumoni to America around the 1870s. This three flavor ice-cream often was in the three colors of their home country’s flag. No problem for Americans. The idea of a three flavor treat was taken and adapted to local favorites: chocolate, strawberry and vanilla. Ice-cream became more widely available by the 1880s and experimentation was inevitable as competition boomed. It obviously was a very popular food by the 1904 St. Louis World’s Fair, which infamously popularized eating it with cones.

In parallel, new trade developments emerged. Before the 1880s there were few bananas found in America. America bought around $250K of bananas in 1871. Only thirty years later the imports had jumped 2,460% to $6.4m and were in danger of becoming too common. Bananas being both easily sourced and yet still exotic made them ideal for experiments with ice-cream. The dramatic change in trade and availability was the result of a corporate conglomerate formed in 1899 called the United Fruit Company. I’ll explain more about them in a bit.

At this point what we’re talking about is just Persian/Arab ice-cream modified and brought by Italian immigrants to America, then modified and dropped onto the newly marketed banana of capitalism. Serving up all the fixings over a banana-split make a lot of sense if you put yourself in the shoes of someone working in a soda/pharmacy business of 1904 trying to increase business.

Back then Bananas and Pineapples Were The Exotic New Thing

Imagine you’re in a drug-store and supposed to be offering something amazing or exotic to draw in customers. People could go to any drugstore. You pull out the hot new banana fruit, add the three most-popular flavors (impressive yet not completely unfamiliar) and then dump all the sauces you’ve got on top. You now charge double the cost of any other dessert. Should you even add pineapple on top? Of course! The pineapple arrived fresh off the boat in a new promotion by the Dole corporation:

In 1899 James Dole arrived in Hawaii with $1000 in his pocket, a Harvard degree in business and horticulture and a love of farming. He began by growing pineapples. After harvesting the world’s sweetest, juiciest pineapples, he started shipping them back to mainland USA.

I have mentioned before on this blog how the US annexed Hawaii by sending in the Marines. Food historians rarely bother to talk about this side of the equation, so indulge me for a moment. Interesting timing of the pineapple, no? I sense a need for a story about the Dole family to be told.

The arrival of James Dole to Hawaii in 1899, and a resulting sudden widespread availability of pineapples in drugstores for banana splits, is a dark chapter in American politics.

James was following the lead of his cousin Sanford Ballard Dole, who had been born in Hawaii in 1844 to Protestant missionaries and nursed by native Hawaiians after his mother died at childbirth. Sanford was open about his hatred of the local government and had vowed to remove and replace them with American immigrants, people who would help his newly-arrived cousin James protect their family wealth.

"I swear I just was examining large juicy warm fruit for quality"
“I swear I just was examining large juicy warm fruit for quality”

1890 American Protectionism and Hawaiian Independence

To understand the shift Dole precipitated and participated in, back up from 1899 to the US Republican Congress in 1890 approving the McKinley Tariff. This raised the cost of imports to America 40-50%, striking fear into Americans trying to profit in Hawaii by exporting goods. Although that Tariff left an exception for sugar it still explicitly removed Hawaii’s “favored status” and rewarded domestic production.

Within two years after the Tariff sugar exports from Hawaii had dropped a massive 40% and threw the economy into shock. Plantations run by white American businessmen quickly cooked up ideas to reinstate profits; their favored plan was to remove Hawaii’s independence and deny sovereignty to its people.

At the same time these businessmen were convinced they would need to remove Hawaiian independence, Queen Lili`uokalani ascended to the throne and indicated she would reduce foreign interference on the country, drafting a new constitution.

These two sides headed directly at each other and disaster in 1892 despite the US government shifting dramatically to Democratic control (leading straight to the 1894 repeal of the McKinley Tariff). Republican damage had been done, Dole was using his own party’s platform as excuse to call himself a victim needing intervention. As Hawaii hinted towards more national control the foreign businessmen in Hawaii begged America for annexation to protect their profits.

An “uprising” in early 1893 (a loyalist policeman accidentally noticed large amounts of ammunition being delivered to businessmen planning a coup, so he was shot and killed) was used as the premise to force the Queen to abdicate power to a government inserted by the sugar growers, led by Sanford Dole. US Marines stormed the island to ensure protecting the interests of elitist businessmen exporting to America, despite only recently operating under a government that wanted reduction of imports. Sanford’s pro-annexation government, ushered in by shrewd political games and US military might, now was firmly in place as he had vowed.

The Hawaiian nation’s fate seemed sealed, however it actually remained uncertain as the newly elected US President openly opposed by principle any imperialism and annexation. He even spoke of support for the Queen of Hawaii. Congressional (Republican) pressure mounted and by 1897 the President seemed less likely to fight the annexation lobby. Finally in 1898, as war with Spain unfolded, Hawaii was labeled by the military as strategically important and abruptly lost its independence definitively.

Few Americans I speak with realize that their government basically sent the Marine forces to annex Hawaii based on increased profits for American missionaries and plantation owners delivering sugar to the US, and then sealed the annexation as convenient for war.

Total Control Over Fruit Sources

Ok, segue complete, remember how President Sanford’s cousin James arrived in Hawaii in 1899 ready to start shipments of cheap pineapples? His arrival and success was a function of that annexation of the independent state; creation of a pro-American puppet government lured James to facilitate business and military interests.

This is why drugstores in 1904 suddenly found ready access to pineapple to dump on their bananas with ice cream. And speaking of bananas, their story is quite similar. The United Fruit Company I mentioned at the start quickly was able to establish US control over plantations in many countries:

Exports of the UFC "Great White Fleet"
Exports of the UFC “Great White Fleet”

  • Columbia
  • Costa Rica
  • Cuba
  • Jamaica
  • Nicaragua
  • Panama
  • Santo Dominica
  • Guatemala

Nearly half of Guatemala fell under control of the US conglomerate corporation, apparently, and yet no taxes had to be paid; telephone communications as well as railways, ports and ships all were owned by United Fruit Company. The massive level of US control initially was portrayed as an investment and benefit to locals, although hindsight has revealed another explanation.

“As for repressive regimes, they were United Fruit’s best friends, with coups d’état among its specialties,” Chapman writes. “United Fruit had possibly launched more exercises in ‘regime change’ on the banana’s behalf than had even been carried out in the name of oil.” […] “Guatemala was chosen as the site for the company’s earliest development activities,” a former United Fruit executive once explained, “because at the time we entered Central America, Guatemala’s government was the region’s weakest, most corrupt and most pliable.”

Thus the term “banana republic” was born to describe those countries under the thumb of “Great White” businessmen.

US "Great White" power over foreign countries
The “Great White” map of UFC power over foreign countries

And while saying “banana republic” was meant by white businessmen intentionally to be pejorative and negative, it gladly was adopted in the 1980s by a couple Americans. Their business model was to travel the world and blatantly “observe” clothing designs in other countries to resell as a “discovery” to their customers back home. Success at appropriation of ideas led to the big brand stores selling inexpensive clothes that most people know today, found in most malls. The irony of saying “banana republic” surely has been lost on everyone, just like “banana split” isn’t thought of as a horrible reminder of injustices.

In other words the banana-split is a by-product or modern representation of America’s imperialist expansion and corporate-led brutal subjugation of freedoms in foreign nations, during the early 1900s. Popularity of “banana republic” labels and branding, let alone a dessert, just proves how little anyone remembers or cares of the history behind these products and terms.

Nonetheless, you know now the secret behind widespread availability of inexpensive ingredients that made this famous and iconic American dessert possible.

Mining and Visualizing YouTube Metadata for Threat Models

For several years I’ve been working on ways to pull metadata from online video viewers into threat models. In terms of early-warning systems or general trends, metadata may be a useful input on what people are learning and thinking about.

Here’s a recent example of a relationship model between viewers that I just noticed:

A 3D map (from a company so clever they have managed to present software advertisements as legitimate TED talks) indicates that self-reporting young viewers care more about sewage and energy than they care about food or recycling.

The graph also suggests video viewers who self-identify as women watch videos on food rather than energy and sewage. Put young viewers and women viewers together and you have a viewing group that cares very little about energy technology.

I recommend you watch the video. However, I ask that you please first setup an account with false gender to poison their data. No don’t do that. Yes, do…no don’t.

Actually what the TED talk reveals, if you will allow me to get meta for a minute, is that TED talks often are about a narrow band of topics despite claiming to host a variety of presenters. Agenda? There seem to be extremely few outliers or innovative subjects, according to the visualization. Perhaps this is a result of how the visual was created — categories of talks were a little too broad. For example, if you present a TED talk on password management and sharks and I present on reversing hardware and sharks, that’s both just interest in nature, right?

The visualization obscures many of the assumptions made by those who painted it. And because it is a TED talk we give up 7 minutes of our lives yet never get details below the surface. Nonetheless, this type of analysis and visualization is where we all are going. Below is an example from one of my past presentations, where I discussed capturing and showing high-level video metadata on attack types and specific vulnerabilities/tools. If you are not doing it already, you may want to think about this type of input when discussing threat models.

Here I show the highest concentrations of people in the world who are watching video tutorials on how to use SQL injection:

#HeavyD and the Evil Hostess Principle

At this year’s ISACA-SF conference I will present how to stop malicious attacks against data mining and machine learning.

First, the title of the talk uses the tag #HeavyD. Let me explain why I think this is more than just a reference to the hiphop artist or nuclear physics.

HeavyD
The Late Great Heavy D

Credit for the term goes to @RSnake and @joshcorman. It came up as we were standing on a boat and bantering about the need for better terms than “Big Data”. At first it was a joke and then I realized we had come upon a more fun way to describe the weight of big data security.

What is weight?

Way back in 2006 Gill gave me a very tiny and light racing life-jacket. I noted it was not USCG Type III certified (65+ newtons). It seemed odd to get race equipment that wasn’t certified, since USCG certification is required to race in US Sailing events. Then I found out the Europeans believe survival of sailors requires about 5 fewer newtons than the US authorities.

Gill Buoyancy Aid
Awesome Race Equipment, but Not USCG Approved

That’s a tangent but perhaps it helps frame a new discussion. We think often about controls to protect data sets of a certain size, which implies a measure at rest. Collecting every DB we can and putting it in a central hadoop, that’s large.

If we think about protecting large amounts of data relative to movement then newton units come to mind. Think of measuring “large” in terms of a control or countermeasure — the force required to make one kilogram of mass go faster at a rate of one meter per second:

Newtons

Hold onto that thought for a minute.

Second, I will present on areas of security research related to improving data quality. I hinted at this on Jul 15 when I tweeted about a quote I saw in darkreading.

argh! no, no, no. GIGO… security researcher claims “the more data that you throw at [data security], the better”.

After a brief discussion with that researcher, @alexcpsec, he suggested instead of calling it a “Twinkies flaw” (my first reaction) we could call it the Hostess Principle. Great idea! I updated it to the Evil Hostess Principle — the more bad ingredients you throw at your stomach, the worse. You are prone to “bad failure” if you don’t watch what you eat.

I said “bad failure” because failure is not always bad. It is vital to understand the difference between a plain “more” approach versus a “healthy” approach to ingestion. Most “secrets of success” stories mention that reaction speed to failure is what differentiates winners from losers. That means our failures can actually have very positive results.

Professional athletes, for example are said to be the quickest at recovery. They learn and react far faster to failure than average. This Honda video interviews people about failure and they say things like: “I like to see the improvement and with racing it is very obvious…you can fail 100 times if you can succeed 1”

So (a) it is important to know the acceptable measure of failure. How much bad data are we able to ingest before we aren’t learning anymore — when do we stop floating? Why is 100:1 the right number?

And (b) an important consideration is how we define “improvement” versus just change. Adding ever more bad data (more weight), as we try to go faster and be lighter, could just be a recipe for disaster.

Given these two, #HeavyD is a presentation meant to explain and explore the many ways attackers are able to defeat highly-scalable systems that were designed to improve. It is a technical look at how we might setup positive failure paths (fail-safe countermeasures) if we intend to dig meaning out of data with untrusted origin.

Who do you trust?

Fast analysis of data could be hampered by slow processes to prepare the data. Using bad data could render analysis useless. Projects I’ve seen lately have added weeks to get source material ready for ingestion; decrease duplication, increase completeness and work towards some ground rule of accurate and present value. Already I’m seeing entire practices and consulting built around data normalization and cleaning.

Not only is this a losing proposition (e.g. we learned this already with SIEM), the very definition of big data makes this type of cleaning effort a curious goal. Access to unbounded volumes with unknown variety at increasing velocity…do you want to budget to “clean” it? Big data and the promise of ingesting raw source material seems antithetical to someone charging for complicated ground-rule routines and large cleaning projects.

So we are searching for a new approach. Better risk management perhaps should be based on finding a measure of data linked to improvement, like Newtons required for a life-jacket or healthy ingredients required from Hostess.

Look forward to seeing you there.

Rosasolis

by Penguin Café Orchestra

In 1972 I was in the south of France. I had eaten some bad fish and was in consequence rather ill. As I lay in bed I had a strange recurring vision, there, before me, was a concrete building like a hotel or council block. I could see into the rooms, each of which was continually scanned by an electronic eye. In the rooms were people, everyone of them preoccupied. In one room a person was looking into a mirror and in another a couple were making love but lovelessly, in a third a composer was listening to music through earphones. Around him there were banks of electronic equipment. But all was silence. Like everyone in his place he had been neutralized, made gray and anonymous. The scene was for me one of ordered desolation. It was as if I were looking into a place which had no heart. Next day when I felt better, I went to the beach. As I sat there a poem came to me. It began ‘I am the proprietor of the Penguin Cafe. I will tell you things at random.’

Does your company actually need a security department?

Gunnar Peterson prompted us yesterday in Dark Reading with this provocative question:

Does your company actually need a security department? If you are doing CYA instead of CIA, the answer is probably no

It’s easy to agree with Gunnar when you read his analysis. He offers a false dichotomy fallacy.

Standing up a choice between only awful pointless policy wonks in management and brilliant diamonds found in engineering, it’s easy to make the choice he wants you to make. Choose diamonds, duh.

However, he does not explain why we should see security management as any more of a bureaucratic roadblock than any/all management, including the CEO. Review has value. Strategy has value. Sometimes.

The issue he really raises is one of business management. Reviewers have to listen to staff and work together with builders to make themselves (and therefore overall product/output) valuable. This is not a simple, let alone binary decision, and Gunnar doesn’t explain how to get the best of both worlds.

A similar line of thinking can be found by looking across all lines of management. I found recent discussion of the JAL recovery for example, addressing such issues, very insightful.

Note the title of the BBC article “Beer with boss Kazuo Inamori helps Japan Airlines revival

My simple philosophy is to make all the staff happy….not to make shareholders happy

Imagine grabbing a six-pack of beer, sitting down with engineering and talking about security strategy, performing a review together to make engineers happy. That probably would solve Gunnar’s concerns, right? Mix diamonds with beer and imagine the possbilities…

Inamori had interesting things to say about management’s hand in the financial crisis and risk failures in 2009, before he started the turnaround of JAL

Top executives should manage their companies by earning reasonable profits through modesty, not arrogance, and taking care of employees, customers, business partners and all other stakeholders with a caring heart. I think it’s time for corporate CEOs of the capitalist society to be seriously questioned on whether they have these necessary qualities of leadership.

Gunnar says hold infosec managers accountable. Inamori says hold all managers accountable.

Only a few years later JAL under the lead of Inamori surged ahead in profit and is now close to leading the airline industry. What did Inamori build? He reviewed, nay audited, everything in order to help others build a better company.

An interesting tangent to this issue is a shift in IT management practices precipitated by cloud. Infrastructure as a Service (IaaS) options will force some to question whether they really need administrators within their IT department. Software as a Service (SaaS) may make some ask the same of developers. Once administrators and developers are gone, where is security?

Those who choose a public cloud model, and transition away from in-house resources, now also face a question of whether they should pursue a similar option for their security department. Technical staff often wear multiple hats but that option diminishes as cloud grows in influence.

In fact, once admin and dev technical staff are augmented or supplanted by cloud, the need for a security department to manage trust may be more necessary than ever. This is how the discrete need for a security department could in fact increase where none was perceived before — security as a service is becoming an interesting new development in cloud.

Bottom line: if you care about trust, whether you use shared staff or dedicated services, dedicated staff or shared services, you most likely need security. At the same time I agree with Gunnar that bad management is bad, so perhaps a simple solution is to build the budget to allow for a “beer” method of good security management.

I recommend an Audit Ale

This style had all but disappeared by the 1970s, but originated in the 1400s to be consumed when grades were handed out at Oxford and Cambridge universities…. At 8 percent ABV, it has helped celebrate many a good “audit” or soften the blow of a bad one.

This Day in History: 1900 Carrie Nation Vandalizes Wichita Saloon

Carrie Nation was married to an alcoholic and faced economic hardship. These apparently were a primary cause of her desperate attempts to ban alcohol in Kansas, although she claimed a religious pretense.

PBS provides this quote about Nation, said to be her self-description

a bulldog running along at the feet of Jesus, barking at what he doesn’t like

Her crusade, although based on her own struggles, also resonated with others who believed widespread use of alcohol during the Civil War (to boost morale, deaden pain or fight disease) was to blame for the “problem” of alcohol after conflict ended.

Reflecting upon those seeking temperance, and noting their arguments, [Confederate physician William Henry Taylor] wrote, “These may be formidable objections to the use of alcohol, but the military surgeon of my day would have thought that they were offset by the fact, demonstrated by innumerable instances, that it promptly rallies the deep sunk spirits of the wounded soldier, and snatches him from the jaws of imminent death.”

In reality, while General/President Grant was well-known for being the most heralded officer and leader in America and not afraid to take a drink, veterans were not necessarily more likely to drink and there were several economic and cultural factors that were behind the rise of alcohol consumption.

Heavy taxation ended after the war, which made alcohol more affordable. A huge boom of immigrants from Ireland and Germany brought a strong drinking culture with them in the mid-1800s. These two elements combined were a significant influence on the direction of American social customs by 1900. A large consumer base emerged and saloons opened and inexpensive beer was brewed to support them.

In this context Nation soon became famous for violent outburts and her irreverance for damaging property. Few men dared challenge her strong-arm antics, which eventually helped ignite the prohibition movement.

The following newspaper clipping, found in the Kansas State Historical Society in Topeka, KS shows the headline “Carrie Nation Wages War”; from The Wichita Daily Eagle (1890-1906), December 28, 1900, Page 6, Image 6

Mrs. Carrie Nation of Medicine Lodge walked into the Carey annex and commenced the demolishing of the fixtures in that place. She was armed with two short pieces of iron. She also had some rocks.

In short, prohibition was an attempt by social conservatives to block changes in American culture, despite obvious underlying economic and cultural foundations. Today it is easy to see why prohibitionists not only failed to stop the trend towards consumption but actually refined American ingenuity to circumvent regulations.