Category Archives: History

History, Security

Will it Work?

Leave a comment

Wikipedia reports that Philip Crosby is considered the forefather of the Capability Maturity Model.

I have been using this model extensively for over ten years when consulting on security controls. It is a far better way of documenting and illustrating control status rather than pass/fail, as it shows a continuum of improvement.

In other words, rather than telling a company they “failed” the security test, you can say they have achieved a initial step and only have a couple more to go.

With that in mind, I just ran into a rather funny illustration. It comes from “one of the first publications” by Crosby, meant to help reduce defects in guided missle design and manufacture.

Bendix

The Control Maturity Levels, just for handy reference, are these:

0 Control is not documented

1 Control is documented

2 Control is consistently applied (implemented)

3 Control is working (tested)

4 Control is measured

Companies often mistakenly rest on their laurels after achieving level 1, documentation of controls. This is the equivalent of trust, without verification, and rarely accurate. Meanwhile security firms often look for evidence of level 3. The gap is where the friction of compliance comes from.

Tests quickly prove vulnerabilities exist, but the real challenge is to find management that is able to move a company solidly into level 2 (implementation). In other words, do they have someone who can reliably answer the question “Will it work?”

History, Poetry, Security

Eritrea Accused of Proxy War Through Somalia

Leave a comment

This is one of those moments when I feel the urge to say “I told you so” or scream in frustration, or something similar.

The UN is trying to point out to those who will listen that Eritrea is believed to be funneling arms into Somalia.

No kidding. That was my main concern last December when the US foolishly pushed Ethiopia back into direct confrontation in the Ogaden region and crushed the Somali peace.

Anyone familiar with the history of conflict in the region could predict that the most recent Ethiopian-led US-backed operation of whacking the bees nest known as the Horn of Africa with a big stick would undermine the nascent government in Somalia and return the region to a hotbed of militarized destablization and bloody terrorism.

Eritrea, of course, denies any involvement in the proliferation of arms:

Eritrean Information Minister Ali Abdu told Associated Press news agency his country had not provided any assistance to the Shabab.

“It is a total fabrication and the intention of the report is to depict it as if there is a proxy war between Eritrea and Ethiopia,” Mr Abdu said.

The Bush administration has been caught lying under oath now so many times, that I imagine it would be hard for them to try and point a finger at any other country and demand accountability. I doubt they could even bring up the term corruption without losing all credibility. But I digress…

It does seem plausable that Eritrea has continued their historic fight with Ethiopia by arming former allies in Somalia. In fact, I was having a hard time understanding why they did not resist the Ethiopian incursion. Now, in retrospect, it makes a lot of sense that they waited for the conventional forces to move in and get bogged down before initiating a protracted resistance movement. That is what they are most famous for and how they defeated Mengistu’s giant Soviet/Chinese/Cuban-backed army over 30 years — the largest standing force in the world at the time.

I think people forget that a tank has become a sign of former security (control) capability, not present or future.

My best guess as to why the Bush administration has been so unbelievably counter-productive in foreign policy in the Horn is that they are still stuck in a fantasy of the Cold War mentality. They think that Reagan won, when in fact it was the other side unilaterally attempting to take a path of greater accountability for a failed and corrupt economic system, as I’ve mentioned before too.

The idea under Reagan was to stop the Communists at any cost. Destablizing a region meant potentially bringing down a group that could fall, or already was, into the “hands of the Reds”. Unfortunately, this strategy in today’s world brings about the opposite effect, leading regions into a harsh anti-establishment highly-distributed position as the discontent of rubble is a power-vacuum more easly filled by “the Fundies” (religious fundamentalists and other extremists) than blue-jeans and Coca Cola.

Saying that the US can send in their heavy forces to reconnect with the outliers once they have had their network plugs pulled is like saying IBM will convince iPhone users that they want to connect to their mainframe. Sadly, the current big-blue thinkers in the White House just don’t get it.

History, Security

Federal judge rules against FBI for false convictions

Leave a comment

Justice has evidently been served for four men wrongly sent to prison. It has to do with how the FBI intentionally withheld information and then fought to justify the conviction of innocents. Boston.com has a recent time-line of events including the fact that three of the four were sentenced to death on the testimony of a mob hit-man. The AP described the situation as a “bargain written in blood”:

For more than 20 years, FBI headquarters knew that its Boston agents were using hit men and mob leaders as informers and shielding them from prosecution for serious crimes, including murder, The Associated Press has learned.

[…]

The arrangement stayed secret until 1995, when Massachusetts state police and federal drug agents finally built a racketeering case against the Winter Hill Gang, and the story began to tumble out.

The Sydney Herald has the latest chapter in this sad story of corruption:

The government argued that federal authorities had no duty to share information with state officials who prosecuted Limone, Salvati, Henry Tameleo and Louis Greco. Federal authorities cannot be held responsible for the results of a state prosecution, a Justice Department lawyer argued.

The men’s lawyers said the four were treated as “acceptable collateral damage” in the FBI’s priority at the time – taking down the Mafia through the use of criminal informants.

“It took 30 years to uncover this injustice, and the government’s position is, in a word, absurd,” US District Judge Nancy Gertner said today.

Harsh words. The judge not only points out that ends do not justify the means, but also that this case has parallels to national security both domestically and in terms of international conflict. I assume “these wars” is a reference to Iraq and Afghanistan:

“No lost liberty is dispensable,” she told the packed courtroom. “We have fought wars over this principle. We are still fighting these wars.”

I’m not sure I follow that logic. I thought at least one of the wars being fought was based on false pretense, no?

And if I read the story correctly, while the FBI sought to take down one notorious group, they literally held the door open so another mob could step right into its place. The appearance of security, through scape-goat trials and investigative theater, appears to have been the federal objective in this situation rather than a real and overall increase in security.