With the passing of George Bush, we have lost an honorable man.

Honorable man quotes.

 

 

The Daily Beast is most informative: Putin’s Navy Attacks Ukraine Gunboats and Hands Trump a New Crisis He’d Like to Ignore.

The transit of the Kerch Strait was announced in advance. (Wikipedia, Sea of Azov), “In September 2018, Ukraine announced the intention to add navy ships and further ground forces along the coast of the Sea of Azov, with the ships based at Berdyansk.”

Points:

• The gunboats were newly built in Ukraine. This implies long-term intent, not political theater.
• After seizure of the Ukraine, and prior to the new gunboats, the Ukrainian navy had few boats appropriate for “showing the flag” in the Sea of Azov.
• The Ukrainian mission was not routine, though similar events may have occurred since 9/24/2018. (Unverified source,To Inform is to Influence): Russians Harass Ukrainian Navy Units in Azov Sea and Black Sea (IMINT)
• The  transit was an attempt by Ukraine to reestablish the norm formalized by the 2003 Russia-Ukraine treaty guaranteeing dual use of the Sea of Azov.

We have a bias against the Russian version because the Kerch Strait became a disputed area as a consequence of the illegal Russian seizure of the Crimea. The  seizure of Ukraine vessels  compounds  previous aggression.

But for prediction of the consequences, we have to (temporarily) take the Russian point of view. They point out that Crimea was gifted by Russia to Ukraine in 1954. Had Russia not committed further aggression against Ukraine, this historical fact might have been the basis of a settlement.

The prediction is that this does not presage a Russian invasion. Neither is it a “political stunt” by Petro Poroshenko. It is a sad consequence of a changed reality based on Russian aggression:

• The Ukrainian desire to reinforce a right they, and the West in general, think they have, by a freedom-of-navigation transit similar in purpose to U.S. transits in the South China Sea.
• A possible mine sweeping (or mine laying) role (read down.)
• The Russian desire to reinforce their belief of the status of Crimea, which implies that the Kerch Strait is no longer an international body of water. Frustration with the stalled Minsk Protocol may also figure.
• Prior Russian aggression in Ukraine has been stealthy. It would be contrary to this pattern, with no apparent purpose, to telegraph an offensive.

Does the Ukrainian “mosquito boat” navy have an essential purpose, other than to show the flag?  An assertion has been made: Ukrainian naval base in Azov Sea to counter mine threat. Quoting,

Ukraine’s naval base, which is to be set in the Sea of Azov by the end of the year in Berdyansk (Zaporizhia region), will counter mine threat, as the Deputy Chief of Staff of the Ukrainian Navy Andriy Ryzhenko told Hromadske.

“The main task of the base is to protect the ports of the Azov Sea and provide security of shipping, which means carrying out anti-mine measures. It’s a priority direction of the development of the naval forces,” he said.

This interesting assertion has not been corroborated. Alternatively, the Ukraine boats may have the purpose of laying mines. Ex-Navy commander suggests mining Azov Sea to prevent Russia’s attack.

 

With grave concern for the defense of the U.S., the purpose of this series is to constructively undermine the report (download (pdf): Providing for the Common Defense; The Assessment of the National Defense Strategy Commission.) The report contains substitutions of sentiment for reason. We will explore why the substitutions occur, consequences, and possible  remedies. By undermining, we stimulate  debate over optimization of limited resources.

Even before biologists discovered DNA,  they concluded that life is a process. This replaced the earlier belief that life was inhabited by some mysterious vital force that distinguished it from the inanimate. A high point of the report is the emphasis that war fighting is also a process, not merely a collection of assets arrayed for the destruction of those of the enemy. From page 42, (see also p68)

Throughout our work, we found that DOD struggled to link objectives to operational concepts to capabilities to programs and resources. ...It hampers the Secretary’s ability to design, assess, and implement the NDS...

This   is seemingly the easiest to solve, with the highest likely ROI. The report correctly notes that it is only one facet of the problem, which depends upon many other capital-intensive factors.

Undermining the report of the Commission could have several basic strategies:

• Contradiction the assertion of deficiencies.
• Greater priorities in the non defense budget.
• Priority of the national debt.
• Errors of logic.
• Recommendations are  non-actionable in form.

For simplicity, let’s start with just the last two points.  Simplicity is hard to find.

Contributor Andrew Krepinevich offers an opinion of dissent from certain aspects of the report, “Additional Views… “(p72-75), which include  errors of logic and non-actionable recommendations. Confusing “operational challenge” with “capability” may seem a small thing to the nonspecialist reader. But this fuzzy confusion is symptomatic of one of report’s several major defects. Without exception, every conceivable area of weapons technology and deployment is identified as requiring more investment.  The report possibly leaves out raincoats, rubbers, and umbrellas.

Since the report is a public document, and Krepinevich says it so well, there is no need to paraphrase. Quoting,

Simply put, the Commission would do well to follow its own advice before advancing recommendations regarding the size, structure, mix, and posture of U.S. forces and their capabilities. As the Commission states:

"Specifically, the Department needs a rigorous force development plan that connects its investment strategy with its key priorities of winning in conflict and competing effectively with China and Russia. That plan must have a clear force sizing construct to illuminate
the strategy’s ambition and risks. Such a force development architecture should provide answers to the following questions:"

Krepinevich quotes the Commission’s questions of page 42, about objectives, operational concepts, regional considerations, multi-theater (more than one war at a time), the meaning of deterrence, and how priorities relate. He goes on to write,

Other than stating the obvious—it’s better to have more military capability than less—no analytic support is presented as to why these particular forces and capabilities are more deserving of priority than others.

This is startling, given that the Commission criticizes the Department for its lack of analytic rigor. As the Commission states with respect to DOD’s ability to make informed decisions with respect to defense priorities.

In summary, it seems profoundly unhelpful for the Commission to state the analytic foundation required for DOD to make informed choices regarding defense priorities, and then proceed to ignore it in advancing priorities of its own.

Put another way, the recommendations of the report are mostly non-actionable, other than to throw money at the problem.

Since the authors of the report are intelligent people who hold advanced degrees, is there something special about the problem of defense that resists brainpower? David Halberstam’s The Best and the Brightest chronicles the failure of intellectual brilliance in the context of the Vietnam War. As a warning of historical reprise, it is invaluable. Of a land war in Asia, it is identical.

The astute reader will note that our undermining effort is so far completely secular. Without referral to any particular assertion, the authority of the report weakens. The report may remain entirely valid, but we are enabled to look for alternatives. Let’s continue to explore why intellect has failed so often. The report inspires fear. Why?

Since the 70’s, the use of computers in simulation has steadily grown. Physical gadgets, designed by computer, are simulated in the computer before they are made, predicting how they will perform before they are even built. For a system-in-a-box, such as a nuclear warhead, it works very well. In weather forecasting, moderately well. Other systems are inherently chaotic. For these, simulation works poorly.  For hypersonic vehicles, there is no substitute for flight. Simulations of the human body are so poor, doctors keep changing their minds about what we should eat.

This uncertainty affects our understanding of weapons systems. The performance of a weapon system:

• may be very well known by future projection, but inexplicable to nonspecialists.  Example: the F-35 plane.
•  against an adversary may be in question. Lacking information obtainable only by espionage, it may always be in question, regardless of the qualities of the weapon.
• against an adversary may be well known, but impossible to explain to nonspecialists in a credible way, or revealing secrets that are the essence of superiority. “We know why it will prevail, but we can’t tell you.”
• may be known to be deficient, with remedy available.
• may be known to be deficient, with no possible remedy.

The above are distinguished by gaps,  unknowns, and what Donald Rumsfeld calls the “unknown unknowns.” The gaps are filled by fear.

Since the 1960’s, the press, Congress, the military, and even exalted think tanks such as RAND have miscategorized programs in both ways, successful as unsuccessful, and the reverse. I have a list in my head; it seems equally divided.  Public memory is short, but you may remember that the F-35 was originally pegged by some “authorities”, including RAND, as a failure.  A recent fly-off hints it may be comparable to the F-22. (Investors Business Daily)

The reasons an apparently inferior airplane could perform in a superior manner cannot be explained without reference to classified performance data. To release the data would destroy the advantage. The audience that could understand that data is small. Lawmakers are not significantly different from the general population unless they happen to have engineering degrees. Most do not. Government is, after all, a social endeavor, about people, not machines. This problem permeates debate about defense.

Since the intended audience is challenged by a problem that defeated the best and the brightest, the report resorts to the universal chord,  fear. This does not mean it is irrelevant. But as fear lacks authority, we might take Fichte/Hegel’s advice: call it a thesis. Think thesis, antithesis, synthesis.

The report stops short of antithesis.  To attempt synthesis here would be foolish. But by undermining, we open the way.

To be continued shortly.

 

(CBS) U.S. military might “struggle to win, or perhaps lose” war with China or Russia, report says.

Now that we’ve had fun with Agatha Christie, I will soon bore you to tears with (pdf) Providing for the Common Defense; The Assessment of the National Defense Strategy Commission.

The assessment of military deficiencies is correct, but the implication that remediation solves our problems, in the absence of geopolitical realignment, is false.

It’s a depressing topic, but dwarfs the importance of the monthly murder mystery.

Via CNN, since it has no paywall, CIA has concluded Saudi crown prince ordered journalist’s killing: Washington Post. Quoting,

The Post, citing people familiar with the matter, said the CIA reached its conclusions after examining multiple sources of intelligence, including a phone call that the prince’s brother, Khalid bin Salman, the Saudi ambassador to the United States, had with Khashoggi….Khalid told Khashoggi he should go to the Saudi consulate in Istanbul to retrieve the documents and gave him assurances that it would be safe to do so, the Post said…The newspaper, citing people familiar with the call, said it was not clear if Khalid knew Khashoggi would be killed but that he made the call at his brother’s direction.

In Khashoggi Killing a Rogue Op? Saudi Renaissance, I wrote,

(CNN)Saudi former diplomat called ‘pivotal’ in Khashoggi’s apparent killing. Did Saudi intelligence officer and diplomat Maher Abdulaziz Mutreb have a case of double vision,  deciding himself to murder Khashoggi? Or was it Prince Salman’s decision? Given Salman’s age, either is possible. It is possible that Prince Salman enabled Mutreb, without actually approving the deed. The recent suppression of dissent, which has dismayed supporters of the prince, could have given Mutreb his inspiration to murder.

Open source cannot compete with U.S.  signals intelligence. But the quality of the given explanation is poor.  For the open source enthusiast, this is an opportunity to study nuances.

Absent additional information, which may exist, the phone calls shows only Prince Salman’s awareness that Khashoggi would visit the consulate.  The implication of the phone calls requires an additional predicate, such as Salman’s desire to murder Khashoggi, or to kidnap him. The dispatch of the “kill team” does not directly follow from the phone call. Yet C.I.A. conclusion may be valid, relying on information that cannot be released. Fact may be presented as opinion, with reasons other than the actual, to cloak clandestine methods and sources.

For the intelligence community, protection of methods and sources is paramount. Even if it is desirable that the end product be made public, these considerations frequently intervene. The C.I.A. conclusion has possible basis in three general areas:

• C.I.A ‘s  team of Prince Salman’s specialists have developed a composite behavioral model over many years, from multiple sources, including signals and humint. This cannot be part of the public statement.
• Signals intelligence that cannot be disclosed shows that Salman gave the order to kill.
• Poor analysis. This is unlikely. The C.I.A. does not pay analysts to present prejudice as considered opinion.

The same ambiguity presents in Poisoned Door Handle Hints at High-Level Plot to Kill Spy, U.K. Officials Say.  Quoting the NY Times,

This operation is seen as so risky and sensitive that it is unlikely to have been undertaken without approval from the Kremlin, according to officials who have been briefed on the early findings of the inquiry.

Quoting (NY Times, 9/18) U.K. Charges 2 Men in Novichok Poisoning, Saying They’re Russian Agents,

“This was not a rogue operation,” she said. “It was almost certainly also approved outside the G.R.U. at a senior level of the Russian state.”

This may be true, obtained from methods and sources, that cannot be disclosed, but as with the Khashoggi murder, the given reasoning is weak. In both cases, the element of competence of the perpetrators, expected from a nation-state, was missing. Khashoggi’s killers were unfamiliar with the bugging of consulates. The Soviet Union had a wide variety of assassination weapons and poison applicators, yet Skripal’s assassins lacked a specialized applicator for Novichok, relying instead on a modified perfume bottle, contaminating multiple locations in Salisbury and London. For a serviceable tool design, see Poisoned Door Handle Hints at High-Level Plot to Kill Spy, U.K. Officials Say.

The fascination with the whodunit aspects distracts us from important matters. All nations have savagery in their past, but for some, the past is more recent than others. Although Joseph Stalin is not noted as a moralist, he did say, “A single death is a tragedy; a million deaths is a statistic.”

Five men may lose their heads so Salman can save his. Yet monsters with unknown faces wait in the wings to take his place.  This results from the judgment of barbarity by our own exalted standards.

 

 

 

 

 

The direct reason for withdrawal is discussed in The New Russian Cruise Missile – Geopolitical Implications. The INF treaty is discussed in (Arms Control Association) The Intermediate-Range Nuclear Forces (INF) Treaty at a Glance .

The Russian side is presented by the Russian Ministry of Foreign Affairs website. Deputy Foreign Minister Sergey Ryabkov’s comment on anti-Russia attacks by the US over the INF Treaty. Quoting,

The Americans have repeatedly alleged that we are going beyond the framework of the INF Treaty that bans land deployment of cruise missiles with a range from 500 to 5,500 kilometres. But there is an interesting commonality with the notorious claims about “Russian meddling in US elections,” since they provide no real evidence. The only specific mentioned is the index of a Russian missile research project with a range much shorter than the claim suggests. Incidentally, the US can easily see this on its satellite images during field tests.

The above is contaminated with bullshit  denials of election meddling, but let’s consider the topical points. Quoting Russia,

“The only specific mentioned is the index of a Russian missile research project with a range much shorter than the claim suggests.”

The only known deployment of the cruise missile in question is at Kapustin Yar. With a range less than 500 km, it would reach only targets in Russia.  Quoting further,

“For example, one can plainly see launchers at the US antimissile base in Deveselu, Romania, whose specifications enable them to launch not only interceptor missiles but also strike missiles like Tomahawks.”

U.S.  vertical launch systems,  the MK41 and MK57, when in shipboard configuration, have the ability to fire both the SM-3 missile interceptor deployed in Romania and the Tomahawk. While the VLS systems deployed in Romania can physically accommodate the Tomahawk, a significant defense contract would be required for system compatibility. The Russian claim of violation refers not to a deployment, or capability, but to an undeployed potentiality.

Since U.S. suspicions of the SSC-8 date to 2013, the INF violations are actually a legacy of the Obama Administration.  It is likely that Russian adventurism is the consequence of a certain slackness in U.S. policy towards Russia that accompanied the war on terror. Following withdrawal from the treaty, the  planned U.S. response is something like a modernized, or stealth BGM-109G Ground Launched Cruise Missile.  Two interests conflict:

• The desire to, in military terms, counter  the threat of the SSC-8 with one of similar characteristics, similar in role to the BGM-109G.
• Political stability in Europe. The last  intermediate range nuclear weapon deployed in Europe was the Pershing II intermediate range ballistic missile. From 1981 on, the deployment (Wikipedia) catalyzed European antinuclear sentiment, challenging the solidarity of NATO. Quoting, “Two-thirds of West Germans opposed the deployment, according to a Gallup poll from November 1983.” Similar sentiments were associated with the BGM-109G.

Europeans are sensitive because Europe is so small. We  gain some illogical peace of mind with the thought that the U.S. land based deterrent is scattered in empty parts of the Midwest, where practically nobody lives. A ground launched cruise missile deployment to Europe would be like having our missiles in New Jersey.

The positive result of the five year Pershing deployment was the now abrogated  INF treaty. The missile was bargained away for a worthy cause. For a reprise of this history, Europeans would have to be at least as receptive to a new BGM-109G as they were of the Pershing II. Europeans are hospitable towards missile defense. This does not mean they will be as hospitable to a new offensive nuclear weapon.

There seems to be a principle of symmetry, requiring that we have equality or superiority of forces in every category. The SSC-8 is a cruise missile; therefore it requires a cruise missile  to balance it. This deserves challenge. The principle may exist only because bargaining is facilitated by similar bargaining chips.

The asymmetric option is a response in weapon  systems qualitatively different from the  Russian cruise missile.  There are so many U.S. weapons programs scraping for bucks that the alternatives are endless.

This might be a time for outside-the-box thinking. Some European states, at least Poland, might like to have nukes of their own, joining the U.K. and France, which have had their own for many years. Rather than fester as  a U.S. versus Europe issue, as the BGM-109G replacement might, political discord becomes internal to that state.  A degree of control over the nukes could be accomplished by EU oversight of  substances such as tritium, and maintenance facilities.

Take heart, brave Poles! Poland is Not Yet Lost. You can have your own nukes as foot warmers.

 

 

 

(CNN) Saudis confirm death of journalist Jamal Khashoggi.  Quoting, the explanation is:

Discussions between Khashoggi and those who met him during his arrival at the consulate in Istanbul led to a quarrel and physical altercation, which led to his death, according to State TV.

This is not likely to be the  truth, but it is nevertheless a remarkable admission, seldom seen outside the Western countries, and the scattering of highly developed Asian democracies. The Saudis have adopted the explanation of a “rogue operation”  to shield those  ultimately responsible.

No official definition of “rogue operation” exists. But since “rogue” is a character trait, it implies a small group without authorization from above. That  meaning doesn’t apply here.  15 Saudis, including a forensic pathologist, flew to Istanbul on two Gulfstream corporate jets to do something nasty.

The presence on the Saudi team of a forensic pathologist anticipates murder, and the need to accomplish it without leaving traces at the scene.  Whether the torture of Khashoggi was a personal or cultural expression of members of the “kill team”, or an adjunct to interrogation prior to his murder is decided by the lack of forensic evidence.  To commit murder, and clean up the scene to the point that Turkish forensics is frustrated, requires great skill — as much skill as Turkish placement within the consulate of undetectable cameras.

If we stretch the word “rogue”  to the breaking point, and we assume Prince Salman is a rational actor, we gain understanding of his environment, and how his personality interacts with it. When a  leader attempts to radically change a nation,  these intermediate states occur in the transition:

• The franchise loses traditional members as radical changes disadvantage members of the franchise.
• The franchise broadens to include members formerly without representation, disconnected from the power structure, and who lack value to the structure.
• Rifts appear in the power structure, as some members remain loyal to traditional, now disenfranchised elements.
• While attempting change at levels from the grass-roots and up, the new leader also  maneuvers to remain at the top of the shifting pyramid.
• The leader tends to increasingly identify  the self with the state. The self becomes indispensable.
• Disaffected members of the power structure acquire a kind of double vision loyalty to  leadership, the image of the traditional role of office separating from the actual person.
• This double vision can result in replacement of the leader who more embodies the traditional role of the office.

(CNN)Saudi former diplomat called ‘pivotal’ in Khashoggi’s apparent killing. Did Saudi intelligence officer and diplomat Maher Abdulaziz Mutreb have a case of double vision,  deciding himself to murder Khashoggi? Or was it Prince Salman’s decision? Given Salman’s age, either is possible. It is possible that Prince Salman enabled Mutreb, without actually approving the deed. The recent suppression of dissent, which has dismayed supporters of the prince, could have given Mutreb his inspiration to murder.

This is a pattern that in different proportions becomes almost universal. Bits of it can be seen in Hugo Chavez (early years) and Suu Kyi , however diverse they may otherwise be. In the absence of clandestine sources, it serves as a useful template. It does not exclude that Khashoggi was murdered on Salman’s orders, but it allows an alternative.

The contention of forces is unique to Saudi Arabia:

• The ancient desert tribes,  with a continuous thread to the time of the founding of Islam. Conservative, reactionary elements isolated for centuries from the cosmopolitan.
• The Hejaz of the western coast, with a different, cosmopolitan history, and the potential of  ferment, both social and political.
• The threat of the Muslim Brotherhood, embodied in the Qatari outlook, and very real in the eyes of those who fear it.
• The core of the House of Saud, which seeks to rearrange all of the above as a modern industrial state.

Nothing in the above mix resembles the  the typical post-colonial state, with Western affinities. Saudi Arabia was never a colony. That Saudi Arabia is susceptible at all to international pressure is in itself remarkable.

The acknowledgment of Khashoggi’s death omits the crime of murder. Still, it is a significant step of the belated Arab Renaissance.

 

 

 

 

 

 

 

(CNN) The latest on the missing Saudi journalist.

It exists. If you’ve been wondering why the Turks have not released, here’s the explanation.

The Turks allege that the recordings came from an Apple watch, but this is not possible. Robert Baer has pointed out that the Turks bug consulates as a matter of course. Implanted bugs are the likely source of the audio.

The problem for the Turks is that a microphone, and the associated electronics, have a finger-print of type that is impossible to mimic well. Contributing elements:

• Every microphone is a noise generator, of both Brownian noise, and  Kelvin noise from the electronics.
• The part of a mic that captures sound is like a drum head, with its own individual tones and modes that differ even between different units  of the same model.
• The boundary reinforcement effect changes the sound that the mike itself hears, by 6 decibels per octave per surface. A microphone on a wristwatch hears very differently from one connected to a flat wall by a tiny tube.
• The microphone signal is never transmitted verbatim. It is converted to numbers by an analog-to-digital converter. The stream of numbers is then reduced in size by one of many CODECs, coder-decoder combinations.
• The analog-to-digital converter adds many artifacts to the signal: quantization noise, spurious tones and combinations of tones, sidebands, harmonic and inter-modulation distortion, and idle tones, present when there is no sound at all.
• The CODEC continues to mess with the sound, adding more artifacts, and deleting many things the ear cannot hear, but which laboratory instruments can easily measure.

So how can the sound of an Apple watch be disguised? By degrading it with noise and distortion, both the Apple origin, and the intelligibility of Khashoggi’s screams are simultaneously obscured. Notch-filtering some artifacts and adding others adds further confusion. If they have the sophistication, the Turks might try modeling the “drum head” of an Apple Watch microphone. But the signature of the original “drum head” cannot be obliterated, only obscured.

Turkish engineers are doubtless busy running the audio through signal transformations in line with the above. These days, it’s all done with computer algorithms, with little need for special hardware. We wait while the Turks cook the audio, and taste-test the result, which can be frustrating or awful. For it must serve two purposes, or sacrifice one:

• Disguise the true origin, from microphones implanted in the structure of the consulate, while faking the artifacts of Apple Watch audio.
• In opposition to the above, leave Khashoggi’s last words intelligible enough to prove a point.

Rather than release self-incriminating audio, the Turks may choose to let Saudi off the hook. Pressing the point could sacrifice  every bugged consulate in Istanbul.

Knowing your consulate is bugged is  half the battle. The other half is merely the cost of razing it to the ground, or living with big ears.

 

(Reuters) Espionage scandals show Russian army’s growing clout.

Russians should consider  the thoughts of a former GRU head of the “Special Tasks” department, responsible for assassinations.  Since Pavel Sudoplatov is no longer alive,  some of his words are reproduced here. Sudoplatov was gravely concerned with the misuse of poisons, of which he was himself accused.

For the benefit of Western readers, Pavel Sudoplatov was a military intelligence officer under Stalin , a direct subordinate of Lavrentiy Beria. He was responsible for the assassinations of Leon Trotsky, personally liquidated Ukrainian nationalist Yevhen Konovalets, as well as other liquidations involving poisons. His responsibilities also included sabotage and unconventional warfare, during and after World War II.

With the fall of Beria, Sudoplatov was arrested, tried, and imprisoned, the inevitable result of having been Beria’s subordinate. As the Soviet leadership distanced from Stalin’s terror, Sudoplatov became a special object of fear, because his unit had been one of the principal clients of Grigory Mairanovsky’s state poison laboratory, the products of which were always tested on human subjects. In his struggle for rehabilitation, Sudoplatov showed that he never controlled the poison laboratory, that his use of poisons was always with the authorization of the Soviet leadership, and that all such uses were documented.

His 1994 autobiography, Special Tasks: The Memoirs of an Unwanted Witness—A Soviet Spymaster, coauthored with his son Anatoli, (Little, Brown, ISBN 0-316-77352-2) reveals a thoughtful man who one might have wished as a friend, caught up in and deceived by a brutal system. It is a common failing not to understand the times you live in. Sudoplatov’s comprehension came later, during his imprisonment. The result is one of stunning insight.

On page 283 of the English edition, Sudoplatov considers questions that should be of interest to all Russians:

• Do poisons have legitimate use by the security services?
• Can the use be subject to effective controls to prevent abuse?
• Should poisons be used for executions outside the criminal code?

I have taken the liberty of quoting two lengthy paragraphs from page 283, because the best advice to Russia comes from Russia. Sudoplatov is no longer alive, so it is his testament for current and future governments of Russia.

…toxicological laboratories are a logical component of technical support services of every security organization. Agents in the years of the Cold War were often equipped with poisons; Aleksandr D. Ogorudnik, a Ministry of Foreign Affairs official who was a CIA agent in Moscow, committed suicide with poison in the course of his arrest in 1977. Before that, he poisoned his woman friend, fearing his own exposure through her. Toxicological service is necessary for security operations. However, the danger is that such a powerful and silent weapon can be manipulated in the interests of authoritarian rule and dictatorship. A secret directive by the government should be circulated to all the staff of toxicological services, strictly defining their functions and forbidding production of disguised poisonous weapons that might be used in an uncontrolled way. Unfortunately, in these delicate security issues, much depends on the honesty and morals of those who give the orders and those who obey them.

Is it justified to administer drugs or nonlethal poisons to a terrorist in order to neutralize him or to safeguard your source of information in a terrorist ring so that you can round up the whole group later? Even a well-planned operation is always subject to fatal error. Strict regulations must rule out individual operational executions by poisoning under any circumstances; legal execution must be reserved for convictions under the criminal code.

Sudoplatov died in 1996, but these words mean more now than when they were written.

(Bloomberg) The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies, is refuted by (Reuters) DHS says no reason to doubt firms’ China hack denials, and further by Apple tells Congress it found no signs of hacking attack.

Which story is true? This offers another exercise for predictors, in the weighing of evidence and comparing the veracity of sources. But let’s first consider the art world. Up until about 1870, genres of art were arranged by the French Academies in a rigid hierarchy.  In reporting by U.S. based media,  a hierarchy  also exists, which determines priorities, depth, and accuracy.

Just by living, most people have some understanding of politics, law, and economics. The stories they read are put together mostly by people with general liberal arts educations, with competence that varies from reasonable to remarkable. Technology is at the opposite pole of incomprehension.  There is no such thing as native understanding of how it works, and few care  if the facts are murdered. Yet in the Bloomberg story and the Reuters response, tech has leaped all the way to the top, square in the arena of geopolitics.

This is compounded by the apparent, self-enforced differences of regular journalism and investigative journalism. In regular journalism, diligence is satisfied by consulting “sources”, who are either people in government or people with impressive job titles and credentials. But  the liberal arts education of a typical reporter provides insufficient guidance for discrimination. Lacking a fund of technical knowledge that would identify the relevant credential, Reuters reporters relied exclusively on nontechnical sources. Bloomberg, with in-house competence in  computer technology, did the opposite.

The errors resulting from lack of in-house competence can be subtle or egregious. But while mistakes about the latest “tech” widget or phone are usually harmless, harm does come when tech leaps to the top and collides with politics. This was so in the case of CNN, Shame! Raise Your Standards! “Russia unveils ‘Satan 2 Missile”, where inaccurate reporting risked instigating an arms-race, and for which no correction was issued.

The flaws in the Reuters stories are not as serious.  But Reuters defers to authorities, without considering distorting influences:

• The statutory obligation of government authorities to protect national security investigations and foreign intelligence.
• The obligation of Apple to protect shareholder value. If Apple had supported the Bloomberg claims, it could have provoked retaliation by China against Apple’s China operations, possibly including seizure of assets, so severe as to materially impact the company.
• Lacking Bloomberg’s technical resources (Bloomberg is also a hardware company), it is difficult for Reuters to interpret technical sources. Hence an unconscious bias — excessive reliance on “authorities”, typically drawn from government and finance.

The severity of the hack is indicated by the Amazon response. Quoting Bloomberg,

The following November, Amazon sold the entire infrastructure to Beijing Sinnet for about $300 million. The person familiar with Amazon’s probe casts the sale as a choice to “hack off the diseased limb.”

In the case of Apple, some consideration by Reuters of the above issues would have offered the possibility  that the consulted individuals could not  publicly support the Bloomberg claims.  Quoting Apple’s recently retired general counsel, Bruce Sewell (brackets mine),

“I got on the phone with him [then FBI general counsel] personally and said, ‘Do you know anything about this?,” Sewell said of his conversation with Baker. “He said, ‘I’ve never heard of this, but give me 24 hours to make sure.’ He called me back 24 hours later and said ‘Nobody here knows what this story is about.’”

The  denial is what anybody with a shred of fiduciary responsibility would have said. Even in retirement, it’s  not Sewell’s job to wreck Apple, nor can we expect the FBI general counsel to blow a national security investigation.

(Reuters) Apple tells Congress it found no signs of hacking attack appears to solidify Apple’s denial, at the risk of perjury before Congress. But   the single direct quote of the article, by Apple Vice President for Information Security George Stathakopoulos, leaves at least two loopholes:

“Apple’s proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity. Nothing was ever found,” he wrote in the letter provided to Reuters.

The above asserts the absence of outbound traffic, not the absence inbound traffic, or of implanted chips. Apple could have neutralized the  implants by laser drilling, or by modifying  the IPMI (read down) firmware.

Given the gravity of the stakes for Apple, and other U.S. interests in China, Stathakopoulos may have been given a waiver by the executive branch, with disclosure to Congress in some future closed proceeding.

The first Reuters article, relying heavily on credentials that virtually assure bias, elevates the credibility of Sewell, who is anything but a disinterested person. Here the needs of the open source intelligence, and the media are at odds. A media outlet wants an article to be taken as informative, even when it isn’t. If it were not for that need, Reuters might have mentioned the statutory secrecy requirements of a national security investigation, which reduces to null the content value.

So for open source intelligence, we have to sift and toss the drek, of which the first Reuters article mostly consists.

But the Bloomberg article is rich in facts, some of which can be checked. Could it be a total fabrication? Quoting,

In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information.

17 sources hoping to short some stock would be a helluva conspiracy. It’s not worth considering. But you can do something that neither Reuters or CNN seem capable of,  find a genuine expert, qualify that expert yourself, and fact-check the Bloomberg technical background.  (Bloomberg has hardware experts in house.)

Silicon Valley has a  grapevine. Bloomberg found 17 voices. But without a big, shiny credentials badge, how will you know someone is sufficiently knowledgeable to be useful? I’m going to tell you now.

Your qualifying question should be, “Is there a particular system on the motherboard to  which the Chinese chip is likely to be attached?”

The alleged Chinese implant chips are very small, consume little energy, have low clock speeds, and have few terminals (pins). Most of a motherboard operates at extreme speeds, requiring lots of energy. This incompatibility  limits the points of attachment on a Supermicro motherboard to one particular feature: the baseboard management controller chip, which implements the IPMI interface.

IPMI is old. Silicon Valley is awash with greybeards who know it well. If you aspire to technical excellence in your open source endeavors, you should add some numbers to your book. Boards are routinely x-rayed, providing interesting graphic material above and beyond the drekky clip-art typically used with such articles.

The grapevine awaits you. Give it Credence, Clearwater, Revival.

Or just stick with Marvin Gaye.