11 Cyber Security Suggestions for Political Campaigns

by Stephen Bryen
As we are now in the midst of a Presidential campaign I am offering some free advice on how to keep the playing field as level as possible.  
 
Today we are deeply immersed in social media, email, texting and the widespread use of all kinds of APPS either to share information or carry out tasks.  Every modern political campaign is going to use all these tools and many more.  So here are suggestions on how to protect yourself.
 
Suggestion #1.  Do not use web based email, even encrypted web based email.  All web based email passes through servers controlled by the companies who offer the service, sometimes for free (like Google and Yahoo) and sometimes for a fee.  What really matters is that anything that passes through a third party server is a big risk.  Given that folks get pretty spun up over ideological and political issues, even the most security conscious companies can’t really control their employees.  The insider threat is greatest where sensitive information is exposed.  Web based email lives off revenue that is generated by key words that are “read” by machines and the information passed to advertisers or anyone who wants to buy the information.  Thus if I plug in the word “Liberal” as a key word, I will automatically know who the “Liberal” folks are on the email system.  That’s for starters. Then you come to the problem that someone wants to know what a particular campaign is doing, or planning, and plugs in a key word such as a candidate’s name, and then harvests the information.  From this one can deduce who are the active supporters and what they are up to.  From there lots of trouble starts.
 
Instead of web based email set up your own server and make sure the server is well protected by a firewall and by some form of two step authentication for the users.  Every campaign should have its own server for email and should make sure it is under their full control and carefully monitored.
 
Suggestion #2.  Do not use Skype, Hangouts or any other “free” service for conferencing.  In fact, don’t use any web based conferencing, even if it is paid.  Set up your own conferencing and your own server.  Listening in on Skype, for example, has been a favorite past time for NSA, but it is also easily hacked by anyone with technological sophistication.  There is sure to be a big secondary market in intercepted Skype calls, with all kinds of juicy bits either offered up at no cost or bought by desperate candidates, probably using cutouts.  Avoid the problem.
 
Suggestion #3. Do not use any APP on your cellphone unless you are sure it is clean and safe, and above all don’t use any APPS you get from the Apple Store or Android Play Store. These APPS often steal your information such as your contacts lists or schedule, or report your location.  It is astonishing how many “permissions” APPS ask for that have nothing to do with their functionality.  This is a tip off that the APP comes with an ulterior motive.  To make matters worse, many of the APPS out there in the public are buggered and have malicious code attached to them in the form of malware and spyware. It is very hard to tell what APPS are clean and which are not. Avoid them all.  If you have designed a special APP for campaign use, it is very important to test its integrity and make sure it is not leaking vital information.  And the APP should not be distributed in a public way.
 
Suggestion #4.  Be careful about cell phone calls, especially if you are in a public area such as an airport, coffee shop, hotel or restaurant.  Today there are lots of cheap IMSI catchers around. An IMSI catcher is a tool that pretends to be a cell tower.  Your cell phone is built to look for the strongest cell phone signal and connect to it.  An IMSI catcher if it is nearby will appear to the phone like a strong signal and it will connect to that “tower.”  Then the IMSI acts as a man in the middle: it grabs your call and connects you to a legitimate cell tower and then to the person you are connected with through the phone company. Meanwhile the IMSI can record your entire phone conversation.
 
Suggestion #5.  Avoid public WIFi.  Public WiFi is very dangerous because it is not encrypted in any way.  Whatever you do across a public WIFI connection is easy to intercept. Like the IMSI catcher it is also common these days for snoops to set up what looks like a public WIFI to snare your connection, even on airplanes or trains.  This means that you are connected through a snooper to the external network and everything you do or say across the WIFI can be picked off. You are far better off using the data connection from the telephone company than using the data connection of a public WIFI.
 
Suggestion #6.  Consider secure smartphones for communications at the top levels of a campaign.  The best secure phones both encrypt the conversation so that if it is intercepted it can’t be listened to, and protect the phone from malware and spyware.  Be aware that most secure phones work through servers, and the people who run the servers, if they are third party, may or may not be reliable.  Be careful here and consider running your own secure phone server.
 
Suggestion #7. Train your staff to follow sound cyber security procedures in all their activities.  Training is very important for two reasons: it helps reduce the chance of human error which is one of the biggest sources of security compromise and it makes people alert to intrusions and threats.  Being ready for various threats is very important.  A denial of service attack could close down a campaign because all its messaging and communications could be blocked.  Knowing what to do when that happens and having alternatives in place means your campaign will not be shut down.
 
Suggestion #8. Vet companies you hire to provide cyber services checking carefully about who are their customers and whom they employ.  The first rule is to ask for a list of a cyber security company’s customers and their employees.  Then hire a private investigations firm to check them carefully.  Outsourcing cyber security support may be very necessary, but it is also risky. One ringer in the bunch and your campaign could be badly compromised.
 
Suggestion #9. Make sure that all campaign personnel who have social media accounts clean them before they come on board.  Set rules on what is allowed or not allowed during the campaign. People today are very careless on what they post on social media.  People “tweet” before they think, and Post before they consider the consequences.  They also give out too much personal information, location information, even family information that might be used by an adversary.  Rules are very important to help mitigate this risk, and monitoring is not only important but probably mandatory.  
 
Suggestion #10.  Keep your most strategic documents, membership lists, and other vital data off line on computers that are not connected to the Internet.  This is the best way to keep your campaign plans safe.  It is also a good idea to encrypt everything, even what is offline.  One of the cottage industries in Washington DC is for cleaning ladies to be accompanied on their late night work by intruders and poachers who download everything they can from office computers.  If the material is encrypted, then it has no value to any intruder.  Be safe; not sorry.
 
Suggestion #11.  Don’t allow cell phones or tablets in any meeting you have.  Cells phones and tablets are walking time bombs.  Their microphones and cameras can be switched on by spyware and can listen in and record your meetings and conversations.  And if there is a computer in the room, unplug it!  Even when not having a conversation make sure your webcam is unplugged (if you can) or covered if you can’t.
 
Above all remember that a political campaign is like any other business or organization in that it must be operated in a responsible way.  If your campaign lacks cyber security you are not only hurting your chances for election but you are hurting your cause and bringing potential harm to colleagues and friends.  Cyber security is not only very important in political campaigns -you can’t succeed without it.
Tagged , , , , ,

Aircraft Carriers and the Future of US Security

by Stephen Bryen

Do we need aircraft carriers and can they fight in a modern war? These are important questions that trouble many defense analysts. While aircraft carriers have proved useful in power projection and recently supported US operations in Iraq and, to a lesser degree, in Syria, the role of aircraft carriers against a well-armed and capable adversary is very much in doubt.

China has developed an anti-ship ballistic missile called the DF-21D, also known as the CSS-5 Mod 4 missile. The missile can be guided against moving ships, including aircraft carriers, and works in tandem with satellites and UAVs for target acquisition. Once this missile reaches full operationaldf21 status no one should be surprised to see it proliferating around the world with countries like Iran and Pakistan first in line to buy them.

Missiles like this make aircraft carrier operations in sensitive areas such as the Indian Ocean and Persian Gulf risky, if not impossible. The DF-21D is a mobile ballistic missile, meaning that neutralizing a DF-21D threat is a very big challenge. Without being able to assure the 21 D’s elimination, carriers and their associated fleets can’t be moved into harms way.

Today’s American aircraft carriers are nuclear powered mega-ships with a crew size of some 5,000 sailors and specialists and with air wings on board. The newest aircraft carrier currently under construction will cost $13 billion just to build not counting the aircraft on board which represents easily another $20 billion. Are these aircraft carriers too big to use?

Some argue that a better approach is to rely on smaller aircraft carriers to do the job. But what is the job?

The aircraft carrier was developed originally more than 100 years ago. The first flight off the deck of a ship was in 1910; the first purpose built aircraft carrier started construction in 1918 and was completed in 1922.

During World War II the aircraft carrier played an important role in supporting American forces trying to push the Japanese off critical island chains. Carriers also played a major role in the Battle of Midway and other attacks where US launched carrier based aircraft challenged Japan’s carriers.

In 1942 the United states lost four Fleet aircraft carriers to Japanese attacks, mainly torpedoes launched by Japanese aircraft or, in the case of the CV-7 Wasp, to a torpedo from a Japanese submarine. In addition the US lost a number of Escort and Light carriers in the war.

Japan lost 15 aircraft carriers of all types between 1942 and 1945.

The British also took heavy carrier losses starting in 1939 with the sinking of the Courageous, 1940 with the destruction of the Glorious, 1942 with the devastating loss of the Ark Royal and in 1942 and with the additional losses of the Eagle and Hermes. Britain also lost three escort carriers in the war.

If World War II gives any clue, it is that aircraft carriers in major wars are vulnerable to enemy attack.

The same would seem to be true today, perhaps even more so because without anti-ballistic missile defenses, aircraft carriers face a very uncertain future.

While aircraft carrier technology continues to advance in certain respects, can we protect the carriers both from missiles and from underwater attack? As of 2014 the US had no plan to build a ballistic missile defense system (BMD) focused on the Chinese missile threat. While the US does have Aegis cruisers equipped with SM-3 missiles and capable radars, these platforms probably can’t successfully intercept and destroy the DF-21D. The question needs to be asked, why invest so much in carriers if we are not going to spend to defend them?

It may be that the role of aircraft carriers is mostly to do power protection against weak countries that cause trouble in places, as in the Middle East. But, as we have noted, even that could change overnight if China starts exporting the DF-21D or the Russians start supplying stealth aircraft to countries of concern,particularly Iran. Already the Russians have supplied quiet and dangerous diesel-electric submarines to Iran in the form of 4,000 ton Kilo class submarines. And they are selling the S-300 anti aircraft missile system to the Iranians, a threat to carrier based aircraft. With Iran on the verge of becoming a nuclear power, the Russians will have to keep feeding the beast, and it is likely they will do so both willingly and profitably.

While the aircraft carrier remains the pride of the American fleet, its future is uncertain and, to a degree, threatened. Its usefulness in big wars and even in sensitive areas such as the Persian Gulf or the Mediterranean, today is in doubt.

Tagged , , , , ,

Technology and Security Podcast on Itunes

Washington DC, June 26, 2015
For Immediate Release

Technology and Security has launched a new podcast series by the same name.  Episodes will be available at

https://itunes.apple.com/us/podcast/technology-security/id1012525063

Users will need iTunes to download the new podcast series.

Look for this cover in Itunes

Look for this cover in Itunes

While having an audio version is somewhat of an experiment for us, there have been enough requests for a podcast series that we decided to go ahead and make the programs available.

Some of the podcasts will be based directly on our well-regarded blog, Technology and Security.  Others will be available only in podcast format.

Technology and Security aims to relate the importance of technology to national security and national power. The blog’s author, Dr. Stephen Bryen’s recent books include: Essays in Technology, Security and Strategy and the forthcoming Technology Security and National Power: Winners and Losers.

America has long enjoyed being the world’s technology leader.  But in some sectors that is starting to change as American technology increasingly has gone off shore, fueling China’s rapid growth and military expansion, and as other countries have closed the technology gap with the United States.  These changes and shifts represent a challenge for the future, and for the most part America’s guard still remains down.  Should this persist, America will find its ability to maintain its standard of living and safeguard its security increasingly difficult.

Technology and Security explores these issues and more.  Part of the blog’s focus is on cyber security, an area where adversaries are having their way harvesting American technological information and undermining governmental and infrastructural functions.  Technology and Security helps to explain why this is happening and proposes ways to cope with the situation or strengthen the protection of vital computer networks.

Tagged , , , ,

The Real Cybercrime

by Stephen Bryen

[A version of this article appeared in the Huffington Post with Rebecca Abrahams]

It now seems that the Office of Personnel Management, which had outsourced its data storage to other Federal agencies, has lost an astonishing 18 million personnel records, including most of those involving security clearances.  The information is now in the hands of unknown hackers who almost certainly have bartered the stolen information to willing buyers.  Most experts think that the buyer is most likely China, with Russia running a close second.

When a prospective employee applies for a job that requires a security clearance he or she fills out a form called an SF-86 which is called a Questionnaire for National Security Positions. The Questionnaire is extensive and demanding and requires so much information to be handed over to the government that there is virtually nothing left one could dream of adding to it.  Your friends, colleagues, bosses, neighbors are all included along with all your personal information. In the wrong hands this document at minimum guarantees easy identity theft. Worse, in the hands of a determined adversary, a person’s vulnerabilities can be exploited including tracking the employee and making sophisticated “phishing” operations possible.  Phishing is a technique where a false email or message can be sent to an employee that, when opened, puts spyware on the employee’s computer.

You would think given the explosive importance of the SF-86 form that the government would take strong steps to protect the information.  Perish the thought.  Nothing like that has been done: in fact, the government passes around these forms to other agencies (such as the FBI) and gives them to contractors for “processing.”

Our government has consistently failed at computer security from the beginning. The first Computer Security Act was passed in 1988, and there have been many subsequent legislative initiatives since then along with Executive Orders and pronouncements from agencies including NSA and the National Institute of Science and Technology (NIST), the latest one just this week.

None of them understand the problem or demonstrate any real willingness to solve it.  All of them have the wrong cart in front of the wrong horse.

The truth is that unless special steps are taken to protect sensitive unclassified information the game is lost from the start.

What are those steps?  Most fundamentally there are two: compartmenting information and encrypting it.   For unclassified information which is what the SF-86 is considered to be, the government neither compartments nor encrypts. NSA won’t let them because the information is not classified: our government security experts keep thinking they can do it another way.  No they can’t.

NIST has just put out a new directive for contractors.  It is worthless.  Why?  Because it does not require either compartmentalization or encryption.

Compartmentalization means that not everyone can access everything.  It is as simple as that.  It can be made weightier by adding a “need to know” requirement, meaning that you are only entitled to look at what is absolutely necessary for your job.  Properly administered need to know and compartmentalization protects any major theft of information particularly if the data itself is stored in an encrypted format.

081203-N-2147L-390 NORFOLK, Va. (Dec. 3, 2008) Sailors on the watch-floor of the Navy Cyber Defense Operations Command monitor, analyze, detect and defensively respond to unauthorized activity within U.S. Navy information systems and computer networks. (U.S. Navy photo by Mass Communications Specialist 1st Class Corey Lewis/Released)

081203-N-2147L-390
NORFOLK, Va. (Dec. 3, 2008) Sailors on the watch-floor of the Navy Cyber Defense Operations Command monitor, analyze, detect and defensively respond to unauthorized activity within U.S. Navy information systems and computer networks. (U.S. Navy photo by Mass Communications Specialist 1st Class Corey Lewis/Released)

The real crime is the failure of both the administration and the Congress to put in place a higher standard of information protection applying these known and effective tools.  While everyone is running around thinking about firing the head of the Office of Personnel Management, perhaps they should think about firing themselves for the crimes against privacy they have perpetrated.

Tagged , , ,

Attacks on Religious Institutions is a Global Problem: Is there a solution?

by Stephen Bryen

Church attack in New Delhi

Church attack in New Delhi

Attacks on religious institutions, churches, schools, community centers and offices, is far from only an American problem, although the United States has had plenty of it.

In our country churches, synagogues, mosques and temples have been attacked and worshippers going to and from these places have been murdered. Whether we are speaking about Christian churches, Catholic churches, Sikh Temples, Mosques or Synagogues, all of them have been hit by terrorists. I strongly prefer the term “terrorist” to racist or anti-Semite because it best describes what we are up against.

Around the world terrorism against religious institutions is rampant. Whether we talk about Pakistan where religious school children are wantonly murdered, or India, or Iraq and Syria we find such atrocities. In Europe there have been attacks on synagogues and churches and murders of citizens for example in France, Belgium and Denmark among many others.

While some of the attacks are clearly by radicalized individuals, others involve state backing or, state complicity. The bombing of the Asociación Mutual Israelita Argentina which killed 85 people in the building and wounded more than 100 others, there is little doubt, outside of the corrupt politicians of Argentina that the bombing and murder was accomplished by Iranian operatives perhaps in a conspiracy with Argentinian politicians or police.

State sponsored attacks are a growing threat. Outfits like al-Qaeda, the Taliban, ISIS and Boko Haram can operate because they are sponsored and supported by nation-states, providing them with equipment, intelligence and even naming targets. Coptic Christians would not be murdered in Egypt without the help of the Moslem Brotherhood, which the Obama administration befriended. Chechen terrorists in Russia have got backing from Saudi Arabia either directly or through religious cutouts.

For Americans the question is how to confront the problem. It is one thing to try and build community support against terrorism and racism, but at the end of the day there isn’t any empirical evidence that this is a sufficient strategy to combat such crimes. In fact it may act as a deterrent to hard headed preventive strategies that are badly needed. But there is one thing the community writ large can be encouraged to do: when they see a threat either because someone says something or writes something or threatens someone, people do need to respond and bring it to the attention of the larger community and make law enforcement aware. Here we can talk about the importance of social responsibility and the need to act against terrorists, racists and anti-Semites.

Most religious institutions in the United States are unprotected. The same is true in other countries. Their doors are open to terrorists and externally their perimeters are easily penetrated by bombers, either on foot or in vehicles. Few have active surveillance or even passive barriers to prevent such attacks.

There is no single technology that can guarantee complete protection against a fanatic or group of fanatics, and particularly against professional killers like the ones in Buenos Aires. Even so, protection helps reduce the frequency of successful attacks, helps to identify the perpetrators, and can save lives.

The most important first step is to understand the nature of the threat and to have critical intelligence if the risk level is high. More importantly, real time intelligence may help identify the person or persons who plan an attack.

It is no secret that a lot of this information can be found on social media. Dylann Roof, the 21-year-old man charged with the murders at the Emanuel A.M.E. Church in Charleston, had a Web page with his outrageous rantings posted since last February. No one paid any attention. Law enforcement can easily track social media, but they need to be more proactive and not only warn about risk but also confront those threatening the community. Had information on Dylann Roof been distributed to churches and synagogues (he hated Blacks and Jews and many others), they would have been on the lookout for him and maybe the tragedy could have been prevented. Just distributing his photos (from his web site) could have alerted the folks at the A.M.E. Church.

This is a far better strategy than opining about gun control. Gun control is not going to stop a fanatic any more than it is going to stop a determined criminal.

Once you have information that is useful, you must implement a proper organization to aid in protecting a religious institution. Technology can help, but without a good organization and equally vital good training, the risk remains.

While some synagogues have put in place perimeter protection because of their exposure to constant threats, and some have hired guards, there is not much in the way of organization or training of lay people. There is even less at churches.

The Department of Homeland Security has provided funds here and there to buy defensive equipment such as surveillance cameras or alarm systems, but the Department has not thought to provide organizational training. Some police departments do make an effort to help, but usually they have to be asked to do so and often they themselves are not trained to provide perimeter protection services.

Unfortunately the ball has mostly been dropped, which is why alleged terrorists like Dylann Roof can operate and why the greater threat of state sponsored terrorist attacks on religious institutions in the United States is not far from us.

Surely we can do better.

Tagged , , ,

What Happened to Snowden’s Files

The London Sunday Times reports that Britain and the US have pulled agents out of China and Russia because information contained in encrypted files stolen by Edward Snowden have been decrypted.

“”His documents were encrypted but they weren’t completely secure and we have now seen our agents and assets being targeted,” a source told the Sunday Times.

What can we understand from this disclosure?

Here are a few thoughts:

  1. There is little doubt that the damage caused by Edward Snowden’s disclosure of highly classified information has been immensely damaging to US and British intelligence gathering, setting aside the latest allegation.  Techniques of modern spying have been extensively exposed making intelligence gathering much more difficult if not impossible in some cases.  The bottom line is that Snowden caused harm to the national security of both countries and also to the friends and allies of the US and Britain.
  2. Snowden’s access to such a wide range of sensitive intelligence while he worked as a contractor to the US government makes clear that most of the standard rules of protecting classified information were not followed and that this sloppiness and poor administration made possible the bulk of Snowden’s criminal activity.  Above all, compartmentalization of classified information, essential to minimize an insider threat, was not properly implemented.
  3. If government files contain the names of spies and agents then our intelligence collection system is badly broken (notwithstanding Snowden), since putting this information into accessible files revealing sources and methods is an incredible systemic blunder.
  4. The idea that a contractor would have access to files containing lists of agents and spies is unimaginable.  It is impossible to be sure that it truly happened, but the statements by highly placed “sources” that this occurred is truly frightening. By now anyone connected with assisting Western intelligence has to be on the run.
  5. Cracking encryption codes takes super computers and a lot of effort especially if files are encrypted with large key sizes and use advanced secret encryption algorithms. The chance of breaking such code is very small even if a potential adversary has unlimited resources to go against the problem.
  6. A related possibility is that key materials were handed over by Snowden or by others to the Russians, Chinese or both.  This is what happened in the John Anthony Walker, Jr.case. He was a United States Navy Chief Warrant Officer and communications specialist convicted of spying for the Soviet Union from 1968 to 1985.  Walker gave the Russians key material enabling them to descramble US Navy coded messages.  Walker exposed a lot of sensitive information because many State Department and DOD messages were passed on through to the Navy and hence were exposed.
  7. There is also the possibility, not to be discounted, that no such compromise of encrypted information has happened but that the story has been leaked to cover up other spying operations that may have been compromised.  The evidence?  It seems a little far fetched that the government would keep any list of its spies and agents in one place, or even put such information into digital files in the first place.  But if there was a mole in one of the spy agencies, the mole could have got this information.  Saying it was Snowden’s fault could have been a motive on either side of the fence: that is, it could have been the Russians or Chinese putting out a false story to hide their mole or moles; it could have been the British or U.S. intelligence putting out a story to cover revealing an inside threat they have fingered.  At the moment the best that can be said is that there is a state of alarm in US and British intelligence and they are deeply concerned about their assets (agents) being rolled up by the Chinese and/or Russians.
  8. Finally there is the possibility that the reports about pulling agents out of harms way are false and that all of this is an attempt to do more damage to Snowden.  I don’t believe this to be the case, however, because putting out an alarm of this kind would automatically damage all the secret relationships the intelligence community has with its operatives.
  9. If encrypted files were compromised then it is vital to find out how. There are a number of serious cryptographers in the United States and the UK who need to be brought in to determine whether US and UK secret encryption is properly implemented.  It would be an error to rely solely on the suppliers of encryption materials or in-house experts.  An objective evaluation is an urgent task.
  10. While we should assume that the glaring mistakes of managing secret intelligence have already been fixed, procedures and methods need another look by qualified experts who are independent and objective. It is frightening to think that our national security is still at risk.
Tagged , , ,

God’s Iron Griddle

by Stephen Bryen

There are four basic ways to cook food –in a pot, in the oven, over a fire and in a pan or griddle.  In ancient Israel, all four ways were in use, but the single most common cooking utensil was the griddle.

The ancient Israelite diet was largely vegetarian and was composed of wheat and barley, lentils, dried grapes and dates (often formed into cakes), honey, milk from goats and some vegetables, most commonly onion. Wheat and barley could be cooked up as a gruel and mixed with some dried grapes or other fruits; or formed into pancakes or flatbreads and cooked on a griddle made of clay or iron.

We can read in Deuteronomy chapter 8:  “For the Lord your God is bringing you into a good land—a land with brooks, streams, and deep springs gushing out into the valleys and hills;  a land with wheat and barley, vines and fig trees, pomegranates, olive oil and honey;  a land where bread will not be scarce and you will lack nothing; a land where the rocks are iron and you can dig copper out of the hills.”

Because Israelite tribes were semi-nomadic, often following food sources, the griddle was one implement that was handy to use and could be placed over hot stones and a small fire. Flat Cakes, sweet or savory, could be made and eaten right away or carried by hunter-gatherers wherever they went.

Ancient wheat was either a variety called Einkorn, Kamut or Emer (today called Farro). Farro has gained popularity as a healthful grain that can be used like wheat being ground into flour or cooked just as rice would be prepared.  Kamut (known as Khorasan wheat) was rediscovered in Egypt in 1949 by two US airmen and is today grown in Montana. It is used in bread making and excellent pastas.

Emer was rediscovered at the turn of the 20th century by the famous Palestinian agronomist Aaron Aaronsohn.  Aaronsohn discovered Emer (triticum dicocoides) growing in the wild and it caused a sensation in Europe and the United States.   Thought of as the “mother” of all wheat, Aaronsohn was invited to the United States to give lectures on his scientific work in the Holy Land.  Later, as a founder of Nili, he and his sister Sarah and their friends provided vital intelligence to the British facing the Ottoman empire in Palestine. Sarah would later die by her own hand to avoid torture by her Turkish captors. Aaronsohn himself would die in a plane crash off the coast of France in 1919.

The Bible has a great deal to say about food starting with strong food prohibitions (no pork for example). As is found in Leviticus 11 “And the pig, though it has a divided hoof, does not chew the cud; it is unclean for you. You must not eat their meat or touch their carcasses; they are unclean for you.” This prohibition was kept by ancient Israelites as archeology confirms. At  Khirbet Qeiyafa in Israel, which was a heavily fortified city at the time of King David, no pig bones were found. Although hundreds of bones were found at the site, none of them were from pigs (in contrast to surrounding sites), since those animals were not to be eaten according to the Old Testament laws. According to archaeologist Yosef Garfinkel, “Over the years, thousands of animal bones were found, including sheep, goats and cattle, but no pigs.”

In ancient Israel clean and unblemished animals were sacrificed to propitiate God or to serve as a sin offering.  While Temple sacrifices disappeared after the second destruction of Jerusalem in 70AD by the Romans, some elements survive today both in the imagery of Christianity (Christ as the Paschal lamb) and in Jewish practice (the lamb shank on a platter symbolizing the Passover sacrifice).  Sacrifices included not only animals but also offerings of bread and cakes.  As we read in the book of Exodus 29, Chapter 1-3, “This is what you are to do to consecrate them, so they may serve me as priests: Take a young bull and two rams without defect.  And from the finest wheat flour make round loaves without yeast, thick loaves without yeast and with olive oil mixed in, and thin loaves without yeast and brushed with olive oil. Put them in a basket and present them along with the bull and the two rams.”

The griddle played a role in offerings and is mentioned a number of times in Leviticus 6:21 such as “It (the grain offering) must be prepared with oil on a griddle; bring it well-mixed and present the grain offering broken in pieces as an aroma pleasing to the Lord,” or (Leviticus 2:5) “If your grain offering is prepared on a griddle, it is to be made of the finest flour mixed with oil, and without yeast.”  If it had been made with yeast, the yeast would derive from wild yeast spores.  The bread would be sour (ancient sourdough) and presumably would not be a sweet savory offering to the Lord.

The griddle also plays an important part in Ezekiel where he is instructed by God to take certain actions against the people of Jerusalem.  The Orthodox Jewish Bible translates the key passage this way: “Moreover take thou unto thee a machavat barzel (iron griddle), and set it for a kir barzel (wall of iron) between thee and the Ir; and set thy face against it, and it shall be besieged, and thou shalt lay siege against it. This shall be an ot (sign) to Bait Yisroel.”  Here is an alternative translation from Ezekiel by I. Teilband (translated from the German by Walther Zimmerli): “And you take an iron plate [a griddle] and place it as an iron wall between you and the city [of Jerusalem]; and set your face against it, and let it be besieged, and you shall besiege it. This is a sign for the House of israel.”

Iron was the great symbol of power in Ancient Israel.  The importance of Iron is brought out most clearly in the David story where the Philistines controlled the region, including Israelite tribes, by controlling the production of metals, especially iron.   As 1 Samuel 13 tells us: “Now there was no blacksmith to be found throughout all the land of Israel; for the Philistines said, ‘Lest the Hebrews make themselves swords or spears.'”   There is good circumstantial evidence that David, escaping King Saul and hiring himself out to the Philistine King Achish, used his service to learn how to smelt iron and forge it into weapons.  Iron’s importance is reported in Leviticus 26:19 in admonishing the Israelites thusly: “If after all this you will not listen to me, I will punish you for your sins seven times over. I will break down your stubborn pride and make the sky above you like iron and the ground beneath you like bronze. Your strength will be spent in vain, because your soil will not yield its crops, nor will the trees of your land yield their fruit.”  The stiff necked stubbornness of the Israelites permeates the Biblical text: Ezekiel’s iron griddle symbolizes how God deals with malefactors.  Even today, especially on the Jewish Day of Atonement (Yom Kippur), one of the sins that needs to be forgiven is being stiff necked.

The ancient Iron griddle exists today and is used in many places around the world.  The best tortillas are made on an iron griddle in Mexico over hot coals.  Round in shape with a lip around the edge, the griddle is both handy, portable and if made of iron, long lasting.  By rubbing it with oil, such griddles don’t rust if regularly used and heat more quickly than clay griddles.

But the ancient griddle was also God’s griddle, because God could use it to symbolize how to surround sinning Jerusalemites with an Iron griddle wall.  Don’t you think Winston Churchill got the same idea of God’s griddle and used it in his famous speech in 1946 at Fulton, Missouri, where he said:  “From Stettin in the Baltic to Trieste in the Adriatic, an iron curtain has descended across the Continent”?

Tagged , , , , , ,

Greece Needs A Second Currency Not A “GREXIT”

by Stephen Bryen

Greece still faces an uncertain future as its leftist government tries to strike a deal with its European creditors.  Whether a deal is possible and what it will be remains cloudy at best.  Meanwhile the Syriza government is starting to totter over coming up with any deal that requires more austerity.  The latest European proposal which would have reduced Greek pensions has only added fuel to the fire.

athens

The debate inside and outside Greece has mostly been over a Greek exit (“GREXIT”) from the euro.  The Greek government uses it as a kind of threat over the creditors; some of the creditors use it as a way of getting rid of a nagging, insolvable problem.

There are significant consequences to GREXIT.  One is the impact on the other Euro states, especially the vulnerable ones. Another is the strong risk that GREXIT would also hasten Greece’s exit from NATO.  This could also lead to an unraveling of the NATO collective defense system, already weakened by dismal defense budgets and aimless leadership.

Of course there is no necessary reason why Greece would have to exit the Euro currency even if it failed to pay its debts. The other Euro countries could demand a Greek exit, but whether they can actually impose an exit is far from clear.  And Greece does not need to leave the Euro if it does not want to do so.  Even if Greece defaults entirely on its debt, it seems that it can legally stay in the Euro zone.

This leaves open what Greece should do, and what the Euro creditors should do.  The idea of continuing to pressure Greece with austerity measures is a dead end which will continue to churn up problems in the Euro zone that could lead to trouble in the other, weak Euro countries such as Spain and Italy.  Even France, which pretends to be solvent, really is not.  Does anyone think that feisty Frenchmen would accept an austerity program?

The better way is a provisional deal based on the following elements:

1. a twenty five year debt repayment plan that is linked to improving Greek prosperity.  No prosperity, no payments. Such a plan if it is sufficiently generous would not need austerity measures for Greece to make repayments.

2. a second domestic currency for Greece that covers sensitive areas such as civil service salaries, pensions, and other payments for services in the domestic space.  The currency applies to local products and services only; it is not a trading currency which will remain as the Euro.  To keep the domestic currency stable, a five year period where prices are fixed or moderately indexed to the new currency, thereby protecting against dilution of the currency’s value.

3. the ability for tourists to buy the local currency to cover most of their Greek domestic activities (hotel rooms, restaurants, local transportation).  This will make the currency profitable to a degree.

Of course Greece’s creditors won’t like having to wait to get paid; but waiting is better than a complete wipe out.

There have been many criticisms of a second currency, but mostly these criticisms are based on the idea of a GREXIT leaving only the local currency to fend for itself.  In the above scheme the local currency exists alongside the Euro and for five years is stabilized by moderate price controls.

Price controls can, and do, work although sometimes they cause distortions meaning they have to be term limited. America put in place price controls during World War II that lasted for some years after the war: it was a time of great prosperity. In the early 1970’s President Nixon also put in partial price controls, particularly rent control, during a period of spiraling inflation.  Some jurisdictions such as New York, have long had rent controls.  It is clear that when handled wisely price controls work to protect people, especially the most sensitive lower middle class which is suffering in Greece.

Syriza and its leaders, of course, need to stop playing power ball with their rich friends in Europe and take action to put in place a credible program for relief.  The simple outline above is a starting point for a plan.

Tagged , , ,

A Call to Action: US Government Must Stop Social Media

by Stephen Bryen

The US Government must prohibit the use of social media by its security-cleared employees. That it does not do so presently exposes our government to serious attack from foreign governments and terrorists.

According to Rob O’Neill, a writer for CBS Interactive based in Auckland who also writes for ZDNET, the resumes of over 27,000 people working in the US intelligence community have been culled from LinkedIn by a team of so-called “activists.” They built some scanning tools including one called LookingGlass and another called ICWatch (Intelligence Community Watch) which they have made available over the Internet.

The resumes of the intelligence professionals posted on LinkedIn “include many details about the names and functions of secret surveillance programs, including previously unknown secret codewords.”

Of course this is a bonanza for foreign intelligence services since they get free what otherwise they would spend millions on collecting.

And LinkedIn may only be the tip of the iceberg because information from LinkedIn can be cross-referenced to other social media such as Facebook and Pinterest. There you can get good photos of the professionals and photos of their families and friends. From this information it is child’s play to construct a matrix of activity that can be used to compromise the intelligence professional, track family and friends, or even use the information to construct schemes focusing on possible vulnerabilities and weaknesses.

In short the situation is even worse than one might imagine because it the information collectively forms an actionable database that can put at risk both the individuals and the classified programs and projects they work on.

Not long ago I wrote about the compromise of Twitter and Facebook information at a US military command. You can read about it in my book, Essays in Technology, Security and Strategy. The Pentagon poo-poohed the report, even though it revealed such sensitive information as the home addresses of at least one four star general. And the Pentagon did nothing else, other than dodge a few press inquiries. The “scandal” died down rather quickly, and everyone went back to business as usual.

It is a fateful mistake for the US government to turn a blind eye to the use of social media by employees involved in sensitive work.

LinkedIn is essentially a jobs advertising forum disguised as a social media project. When people advertise their skills they aim to impress their readers. For those involved in secret work, this is a bit of a challenge since you are not supposed to be allowed to publish classified information. But what is “classified” can be a murky subject, and trying to convince employees to exercise care is hard when they are looking for their next job, or seeking a promotion in the jobs they already have.

The US government religiously claims that it is trying to protect security and is organized to fight against cyber espionage. Yet when anyone looks objectively at the situation and analyzes the results that are publicly known, it looks like cyber security is rapidly deteriorating inside government. The latest heist of a 100,000 tax returns from the IRS, probably by some Russian operatives, is just one among myriad examples of increasing infrastructural attacks. Indeed one can say that attacks are rising exponentially and the government’s ability to resist is minimal.

There are many structural reasons for America’s vulnerability. One is bad policy. Another is bad technology. And the third is lack of leadership.

In regard to policy, if the government stays with the idea that it can successfully operate commercial off the shelf systems, it is living in a whacky wonderland. Commercial off the shelf systems are garbage from a security point of view. The government has long known this: one reason why NSA is so fat and apparently happy is the ease in which they can suck up literally any kind of information from computer systems and telecommunications they want to get.

Bad technology is another critical factor. Today’s security technology is always behind the power curve because it is reactive technology. As any general knows, if you are going to try and defend your country behind a cyber Maginot line, you are toast.

The third problem, and the worst of all, is lack of leadership. Our leaders want three bites out of the cake at the same time. They want to support commercial hardware and software companies because they pay for their political campaigns. This is incompatible with security policy. They also want to make sure NSA, CIA and FBI and other agencies can exploit vulnerabilities in commercial hardware and software. This means that they allow these vulnerabilities to remain. Surely items like the Heartbleed bug were long known by US intelligence. Wantonly the government left its critical infrastructure exposed for years and even financially supported the guys who produced Heartbleed so that the vulnerability would propagate far and wide. Such policies, ultimately, are reckless and playing with fire. The third bite of the cake is failing to maintain discipline in its organizations and selling phoney solutions that don’t work and cannot work. The latest brainless effort by the Pentagon, as just one example, is to approve commercial Android, iPhone and Blackberry phones as secure enough for government work. This is not only silly but dangerous, because these platforms are security nightmares, not solutions.

The lack of leadership applies directly to social media. The government has refused to put in place a hard policy that makes sense. People with security clearances should be forbidden to use social media. That is a simple and sensible rule that needs implementation now. Otherwise, as the “activists” have clearly shown, we are all toast.

Tagged , , , , , ,

Security Strategy — New Book Arrives on Kindle

Technology security visionary Stephen Bryen has published a new collection of pivotal essays on national security and cyber security to help policy makers and citizens understand the real threats to America’s security.

            “These interesting, colorful and engaging essays demonstrate deep   understanding of what led to exacerbate the technological, foreign policy and national security challenges facing America today”   –Rachel     Ehrenfeld, Director of the American Center for Democracy and author  of Funding Evil; How Terrorism is Financed and How to Stop It, Bonus  Books, 2003, 2005

Cover of Kindle Edition

Essays in Technology, Security and Strategy targets important questions including: 

  • Is the United States still a Great Power? 
  • Will NATO and Europe fight? 
  • Will Japan build its own nuclear weapons? 
  • Why Iraq is a national security disaster. 
  • After an Iran deal will there be a Saudi-Israeli alliance? 
  • Why spying is out of control. 
  • Sharing our defense budget with China. 

On domestic affairs: 

  • Why the Stingray police spy tool will end up in the Supreme Court. 
  • The day S. critical infrastructure goes up in smoke. 
  • And U.S. Policy and Cyber Attacks—time for a Byte for a Byte. 

Readers will be find new information and move through a unique landscape of original ideas and practical solutions to an ever increasing threat to our security and our way of life. 

Contributing co-authors include Peabody and Edward R. Murrow award winning producer, journalist and author Rebecca Abrahams and Shoshana Bryen, an internationally recognized expert on defense policy and Senior Director of the Jewish Policy Center in Washington DC. Mrs. Bryen is editor of inFocus Quarterly

Rebecca Abrahams

Rebecca Abrahams

Stephen Bryen

Stephen Bryen

Shoshana Bryen

Shoshana Bryen

For Rebecca Abrahams https://www.linkedin.com/pub/rebecca-abrahams/0/9b9/648 

For Shoshana Bryen http://www.jewishpolicycenter.org/board/shoshana-bryen

About the Author: Dr. Stephen Bryen served as a senior Defense Department official responsible for technology security and has headed a major international corporation in the United States.  He brings 45 years of experience in government, international politics, business and policy expertise into focus in this important new book.

Dr. Bryen twice was awarded the Pentagon medal for Distinguished Public Service. 

For more information visit http://amazon.com/author/stephenbryen

 

Tagged ,
Follow

Get every new post delivered to your Inbox.

Join 2,069 other followers