HR 4036, the “Hack Back Bill”; Understanding Active & Passive Deterrence and the Escalation of Force Continuum. May 24, 2018
Posted by Chris Mark in Uncategorized.add a comment
A post on deterrence theory that is applicable to today’s environment and discussion on guns and school security
I wrote this original post several years ago but it seems to be more relevant now. As CNN reports HR4036…”…formerly called the Active Cyber Defense Certainty (ACDC) Act and informally called the hack-back bill – was introduced as an amendment to the Computer Fraud and Abuse Act (CFAA) last week. Its backers are US Representatives Tom Graves, a Georgia Republican, and Kyrsten Sinema, an Arizona Democrat.”
This is a bill that is sound in theory and terrible in practice. According to the Bill, (named ACDC) it would enable a company to take “..active defensive measures..” to access an attacker’s computer. This is only applicable in the US…Think about this for a minute. What is the evidence that I was the attacker of company A? Maybe (quite possibly…almost certainly) a hackers is using my system as a proxy. So some company can now attack my personal computer? What happened to “due…
View original post 3,556 more words
UPDATE; Enhanced Interrogation – and new CIA Director Gina Haspel March 14, 2018
Posted by Chris Mark in Uncategorized.Tags: 911, bin laden, CIA, EIT, Enhanced Interrogation, Gina Haskel, James Mitchell, Khalid Sheikh Mohammad, KSM, Torture, waterboarding
1 comment so far
With the newly announced nomination of Gina Haspel as the country’s first female CIA director, there are some questions about her role in overseeing the ‘black sites’ where enhanced interrogation was applied to terrorists. There are also pundits from all sides (including Senator John McCain) coming out with strong words against Ms. Haspel. I would recommend that anyone with an interest in this country and this situation read the book Enhanced Interrogation by the man who actually designed, delivered and managed enhanced interrogation. It changed my view.
Like most Americans I was horrified at the 9/11 Terrorist Attacks that killed over 3,000 people. In the aftermath of the attacks, the US Government embarked on a mission to kill or capture terrorist leaders and stop another attack. One of the most controversial measures approved to gain information was called ‘Enhanced Interrogation’ and included, specifically, waterboarding, sleep deprivation, and physical coercion. When knowledge of this program broke, it caused an uproar in the US. In fact, the US Senate Intelligence Committee put out a report that called the process torture.
With the publication of Dr. James Mitchell’s (PhD) book Enhanced Interrogation, the reader finally gets a first hand look at the who, what, where, why, and when of the EI program. Before I purchased and read the book, I had some very pointed views on the idea of EI and waterboarding. Reading the book caused me to really think about what I knew about the program and people involved. The writing was great and the story was really insightful. I think Dr. Mitchell did a great job on this book and telling a very difficult story. Here is a great interview with Dr. Mitchell. If you have any interest in this subject, you need to pick up this book!
Into Infamy: A Marine Sniper’s War – Book Review (UPDATE on Joe Chamblin) November 15, 2017
Posted by Chris Mark in Uncategorized.Tags: Afganistan, Court Martial, Dead, Joe Chamblin, Marine, Rob Richards, sniper, Taliban, Urinate
add a comment
I know Joe Chamblin. He is a very, very solid man and a truly skilled Sniper. His ‘conviction’ was felt my most to be BS and the result of a POS Commandant that had never even attended OCS, or Bootcamp…that is right..he was a ‘transfer’ from the Naval Academy. Finally, some degree of justice was given! Joe’s conviction was ‘overturned’. Unfortunately, it cost him his career in the USMC but he is getting closer to justice….for those who don’t know..Joe is one of the Marines who famously (not infamously) urinated on dead terrorists…who would not want to do that!?
In 2012 a video was released that showed US Marine Snipers urinating on dead Taliban fighters. This 30 second video changed the lives of numerous Marines and was met with “outrage” from the Commandant of the Marine Corps as well as the Sgt Major of the Marine Corps (who was also a Sniper). One of those Marines, Sgt. Rob Richards died in 2015. Into Infamy is book written by the very platoon commander who was also one of those profiled in the video. Joe Chamblin is a combat veteran US Marine Sniper. This book does not talk about the event but talks about the tour that these Marines served in Afghanistan. Most people likely cannot imagine the courage, skill and training it takes to operate as a Marine Sniper. This book is as raw as it gets. You will understand first hand what these Marines dealt with on a daily basis and the toll it took on them physically, emotionally, and psychologically. This book gives a first hand account of the violence and carnage of warfare and the atrocities committed by the Taliban. For those who rush to judgement on these Marines…read this book. I would challenge any reader to honestly believe they may not have done the same thing. This book is NOT an attempt to justify any actions and doesn’t spend any time on the actual event. When you read about the war they were fighting it becomes much more real and understandable how the actions could happen. Overall….4.5 out of 5 stars! You can buy at www.IntoInfamy.com or on Amazon.com.
HR 4036, the “Hack Back Bill”; Understanding Active & Passive Deterrence and the Escalation of Force Continuum. October 22, 2017
Posted by Chris Mark in cybersecurity, Uncategorized.Tags: cybersecurity, deterrence, escalation of force, force continuum, game theory, Hack Back, HR4034, john lott, john nash, rational actor, van neuman
2 comments
I wrote this original post several years ago but it seems to be more relevant now. As CNN reports HR4036…”…formerly called the Active Cyber Defense Certainty (ACDC) Act and informally called the hack-back bill – was introduced as an amendment to the Computer Fraud and Abuse Act (CFAA) last week. Its backers are US Representatives Tom Graves, a Georgia Republican, and Kyrsten Sinema, an Arizona Democrat.”
This is a bill that is sound in theory and terrible in practice. According to the Bill, (named ACDC) it would enable a company to take “..active defensive measures..” to access an attacker’s computer. This is only applicable in the US…Think about this for a minute. What is the evidence that I was the attacker of company A? Maybe (quite possibly…almost certainly) a hackers is using my system as a proxy. So some company can now attack my personal computer? What happened to “due process”?. If company X simply believes I am a hacker, they can access my personal data without a court order or any due process. More profoundly, the issues it raises pose very real and very direct risks to employees of the company who ‘hacks back’. This, I think, is unacceptable.
Having performed physical security in very real and very dangerous environments, I can personally attest to the fact that physical threats are real and difficult to prevent. By allowing a ‘hack back’ the company faces a very real risk of escalating the situation from the cyber domain into the physical domain. There is NO corporate data that is worth risking a human life.
Too often cybersecurity professionals forget that they are SECURITY professionals first and the same rules of deterrence, escalation of force and other aspects apply. Given this new Bill, I felt this was a good time to again discuss deterrence (active and passive) and once again talk about the Escalation of Force Cycle. So, what is deterrence? (warning…long post)..pic of the author off the cost of Somalia doing anti-piracy operations)
The History of Deterrence Theory:
The concept of deterrence is relatively easy to understand and likely extends to the earliest human activities in which one early human dissuaded another from stealing food by employing the threat of violence against the interloper. Written examples of deterrence can be attributed as far back as the Peloponnesian War, when Thucydides wrote that there were many conflicts in which one army maneuvered in a manner that convinced the opponent that beginning or escalating a war would not be worth the risk.[1] In the 4th Century BC, Sun Tzu wrote: “When opponents are unwilling to fight with you, it is because they think it is contrary to their interests, or because you have misled them in to thinking so.”[2] While most people seem to instinctively understand the concept at the individual level, contemporary deterrence theory was brought to the forefront of political and military affairs during the Second World War with the deployment of nuclear weapons against Nagasaki and Hiroshima.[3]
The application of deterrence during WWII was the beginning of understanding that an internal value calculus drives human behavior and that behavior could be formally modeled and predicted with some degree of accuracy. (more…)
Global Security, Privacy, & Risk Management 