The first part of this two-part report concentrates on the main issues that are slowing progress, starting with the absence of agreement on what we mean by terms like cyber-war or cyber-attack. It reflects sharp divisions over the rights of individuals and states in cyber-space. Most Western countries believe that freedom of access to the internet is a basic human right, and that he or she also has a right to privacy and security that should be protected by laws. UNESCO argues that the right to assemble in cyberspace comes under Article 19 of the Declaration of Human Rights.

At the other end of the spectrum are those countries, like Russia and China, that favour a global treaty but nevertheless believe that access to the internet should be limited if it threatens regime stability, and that information can also be seen as a cyber-threat. For these countries, any state has the right to control content within its sovereign internet space.

Linked to the rights and responsibilities of states is the thorny issue of attribution. There are those countries that say that attribution to a specific attacker is impossible, and that the focus has to be defence from attacks. Others argue that attribution is possible, but requires international cooperation, sharing of information and assistance from local authorities.
Some states believe that cooperation is a threat to their sovereignty; others say they can’t be held responsible for the activities of individuals or private companies. And a number apparently fear openness because they don’t want to see restrictions on their political or military objectives.

Some clear themes emerge from the report, and they are issues that need fairly urgent resolution;

• To what degree should a more proactive stance be developed both in the military and private arenas
• The need for much greater international cooperation
• Introducing a more solid security architecture to the internet
• Establishing cyber-confidence building measures as an easier alternative to any global treaty.

The second part of this report are 21 country stress tests, complemented by findings from the global survey the SDA conducted in the autumn of 2011 among 250 top cyber-security specialists in 35 countries. They included government ministers, staff at international organisations, leading academics, think-tankers and IT specialists, and their views diverged widely on how to improve international cooperation in cyberspace, which over half of them now consider a global common like the sea or space.

Everyone agrees that cyber-security presents a global rather than a national challenge (thanks Sherlock). But how global should our attempts at a solution be? This report will help show where global thinking on cyber-security currently stands, and how to improve it.

The following recommendations are a step in that direction. They are not directed at specific bodies or institutions, but are intended as a checklist for achieving international solutions to global regulatory questions:

1. Build trust between industry and government stakeholders by setting up bodies to share information and best practices, like the Common Assurance Maturity Model (CAMM) and the Cloud Security Alliance (CSA).
2. Increase public awareness of how individuals can protect their own internet data, and promote cyber-security education and training.
3. New problems and opportunities created by ubiquitous computing must be examined.
4. Prioritise information protection, knowing that no one size fits all. The three key goals that need to be achieved are confidentiality, integration and availability.
5. Consider establishing cyber-confidence building measures as an alternative to a global treaty,  knowing that many countries view a treaty as unverifiable, unenforceable and impractical.
6. Improve communication between the various communities and stakeholders at national and international levels.
7. Enhance attribution capabilities by investing in new technologies, and establishing rules and standards.
8. Follow the Dutch model of a third party cyber-exchange for improved private-public partnership on internet security.
9. Find ways of establishing assurance – or trust – through the use of security mechanisms and processes (for private companies and for governments).
10. Encourage integration of cyber into existing processes and structures. Make sure cyber considerations and investment are present at every level.

Read the document here: http://www.securitydefenceagenda.org/Portals/14/Documents/Publications/
SDA_Cyber_report_FINAL.pdf

The UK Parliament’s Public Accounts Committee (PAC) published the final governmental postmortem on the project, which was finally canceled late last year and has resulted in a minimum of £469 million being spent with nothing to show for it. It also leaves a legacy of potentially another £180 million in future costs (empty stations and contract costs).  The department has earmarked £84.8 million to meet the project’s original objectives; to improve resilience, efficiency and interoperability within the Fire and Rescue Service.The report, while not breaking any real new ground, does fill in some of the background detail on how project decisions were made that the NAO report did not cover.

In the summary of its FiReControl report, the PAC calls the FiReControl Project ”…one of the worst cases of project failure that the Committee has seen in many years.” It goes on to state:

“The project was flawed from the outset, as the Department for Communities and Local Government (the Department) attempted, without sufficient mandatory powers, to impose a single, national approach on locally accountable Fire and Rescue Services who were reluctant to change the way they operated. Yet rather than engaging with the Services to persuade them of the project’s merits, the Department excluded them from decisions about the design of the regional control centres and the proposed IT solution, even though these decisions would leave local services with potential long-term costs and residual liabilities to which they had not agreed.”

The old “how to make enemies and exclude friends” approach to IT development. Stakeholders are not consulted as it is a technical IT project, why should any other perspective be considered? With such a large change in process, it is incredible that the change was managed so poorly.  The summary then goes on to state that the Department for Communities and Local Government  “… acted without applying basic project approval checks and balances—taking decisions before a business case, project plan, or procurement strategy had been developed and tested amongst Fire Services.”

“The result was hugely unrealistic forecast costs and savings, naïve over-optimism on the deliverability of the IT solution, and under-appreciation or mitigation of the risks. The Department demonstrated poor judgement in approving the project and failed to provide appropriate checks and challenge.

The Department awarded the IT contract to a company with no direct experience of supplying the emergency services and who mostly relied on sub-contractors over which the Department had no visibility or control. The contract was poorly designed, lacking early milestones which would have enabled the Department to hold the contractor accountable for project delays.”

Consultants made up over half the management team (costing £69 million by 2010) but were not managed. The project had convoluted governance arrangements, with a lack of clarity over roles and responsibilities. There was a high turnover of senior managers although none have been held accountable for the failure.  The Committee considered this to be an extraordinary failure of leadership. Yet, the PAC report says that:

“… no individuals have been held accountable for the failure and waste associated with this project.”

£469 million spent, but the government wants to operate a no-blame culture, this tests even my commitment to no-blame. I need to find the very large report detailing the lessons learnt.

Packets cannot feel. They are created for the purpose of moving data from one system to another. However, it is clear that in specific situations some measure of emotion can be inferred or added. For instance, a packet that is retransmitted to resend data for a packet for which no acknowledgement (ACK) was received could be described as an ‘angry’ packet, or a ‘frustrated’ packet (if it is not the first retransmission for instance). So how can these kinds of feelings be conveyed in the packets themselves. This can be addressed by adding TCP Options to the TCP header, using ASCII characters that encode commonly used “emoticons” to convey packet mood.

I don’t want to pour scorn on the idea but the use of emoticons and the term ‘emotion’ do not really have any function as the process could just as easily use a 2-3 bytes rather than the 4 to 5 byte length suggested, but the concept is an interesting one. By measuring the ‘emotion’ of packets across a network would quickly provide some performance metrics of your network and the wider internet. This framework could be used to express the emotions of a sentient stack. If that were to happen, a new technical job class of network psychologists could be created. Who doesn’t like new jobs? :)

Simple Emotional Representation. It is proposed that common emoticons be used to denote packet mood. Packets do not “feel” per se. The emotions they could be tagged with are a reflection of the user mood expressed through packets. So the humanity expressed in a packet would be entirely sourced from humans. To this end, it is proposed that simple emotions be used convey mood as follows.

ASCII Mood
===== ====
Happy
Sad
Amused
%( Confused
Bored
:O Surprised
Silly
:@ Frustrated
>:@ Angry
Apathetic
Sneaky
>:) Evil

Use Cases

There are two ways to denote packet mood. One is to infer the mood based on an event in the TCP session. The other is to derive mood
from a higher-order action at a higher layer (subject matter of payload for instance). For packets where the ‘mood’ is inferred from activity within the TCP session, the ‘mood’ must be set by the host that is watching for the trigger event. If a client sends a frame and receives no ACK, then the retransmitted frame maycontain the TCP OPTION header with a mood set. Any packet that exhibits behaviour that allows for mood to be inferred should add the TCP OPTION to the packets with the implied mood.

Applications can take advantage of the defined moods by expressing them in the packets. This can be done in the SYN packet sent from
the client. All packets in the session can be then tagged with the mood set in the SYN packet, but this would have a per-packet performance cost. Each application must define the preconditions for marking packets as happy, sad, bored, confused, angry, apathetic, and so on. This is a framework for defining how such moods can be expressed, but it is up to the developers to determine when to apply these encoded labels.

Performance Considerations. Adding extensions to the TCP header has a cost. Using TCP extensions with the ASCII-encoded mood of the packet would detract from the available MSS usable for data payload. If the TCP header is more than 20 bytes, then the extra bytes would be unavailable for use in the payload of the frame. This added per-packet overhead should be considered when using packet mood extensions.

Security Considerations. The TCP checksum, as a 16-bit value, could be mistaken if ASCII characters with the same number of zeros and ones were substituted out. A happy “:)” could be replaced with a frown by a malicious attacker, by using a winking eye “;(“. This could misrepresent the intended mood of the sender to the receiver.

References

[DSM-IV] “Diagnostic and Statistical Manual of Mental Disorders (DSM)”, http://www.psychiatryonline.com/resourceTOC.aspx?resourceID=1.

[RFC793] Postel, J., “Transmission Control Protocol”, STD 7, RFC 793, September 1981.

[RFC2119] Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels”, BCP 14, RFC 2119, March 1997.

[RFC5226] Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs”, BCP 26, RFC 5226, May
2008.

[RFC3514] Bellovin, S., “The Security Flag in the IPv4 Header”, RFC 3514, April 1 2003.

The new hubs, in Yorkshire and the Humber, the Northwest and in East Midlands, was be launched at the ACPO e-crime conference in Sheffield. Cyber crime has been identified in the National Security Risk Assessment as a ‘tier one’ threat alongside international terrorism, an international military crisis, and a major accident or natural hazard requiring a national response.

To meet the threat, the government has granted £30m over four years to improve national capability to investigate and combat cyber crime. It seems that this £30m is part of the £650m package announced as part of the 2009 UK cyber strategy.

The three new units will work alongside the Metropolitan Police Centre e-crime Unit (PCeU) which was established in October 2008 as part of the National e-Crime Programme.

ACPO lead on e-crime Deputy Assistant Commissioner Janet Williams said: “The Government has acknowledged a need to collaborate and provide a structured response to the cyber security of the UK and these three additional policing units are going to play a critical role in our ability to combat the threat. It is anticipated the hubs will make a significant contribution to the national harm reduction target of £504m. In the first six months of the new funding period alone we have already been able to show a reduction of £140m with our existing capability. While a training period is required before the hubs are fully functional they will undoubtedly provide an enhanced ability to investigate this fast growing area of crime and provide an improved internet investigation capability.”

James Brokenshire Minister for Crime and Security said: “Cyber crime is a threat locally and nationally, and every police force in the country has to deal with its impact on people and businesses in their area.As well as leading the fight in their regions, these units mark a significant step forward in developing a national response to cyber crime, which will be driven by the new National Crime Agency.The government has committed £650million in the fight against e-crime.”

Regional e-crime co-ordinator, East Midlands Deputy Chief Constable Peter Goodman said:“There is no doubt that the proliferation of the internet has brought significant benefits to all across society, but unfortunately that also includes those who have criminal intent. We know that increasingly criminal networks are seeking to exploit cyber space for profit and we have a duty as police leaders to respond to protect individuals and communities.”

Within the first 18 months of activity, the central unit conducted seven operations across the England, Wales and Northern UK which resulted in an overall harm prevention figure of £83m; a 1:21 saving on funding.

PCeU Northwest, PCeU East Midlands and PCeU Yorkshire and the Humber will initially each comprise of three staff members (detective sergeant and two detective constables), and will operate not only by generating their own investigations, but in a supporting capacity to the Met’s PCeU.

A great introduction about the behaviour of the East German state that required a sample page from each typewriter to ensure that they could trace which was used to produce any critical articles of the state (The lives of others). The same thing is happening with laser printers today allowing government to use technology against citizens.

Mikko Hypponen divides attackers into the following groups

• Criminals – Motivations are easy to understand; they want to make money and have made their fortunes online. In the future the majority of crime will occur online.
• Protesters – Activists, motivated by beliefs .
• Nation states – Totalitarian states hack companies (Diginotar) or individuals (Germany) for surveillance.

While many will state “I have nothing to hide why should I worry?”, the argument is never about personal privacy vs national security, but about Freedom vs Control. Loss of privacy IS loss of freedom. We must remember that any right that is given away will never be returned. The moral right of a government is derived solely from the consent of the people whom the government represents.

“They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.” – Benjamin Franklin

“My criticsim of the West, especially of liberals, is that they take freedom for granted.” – Ayaan Hirsi Ali

How about if the government set up video cameras and microphones in every room of your house, would that be ok? No, because you would have lost your freedom to be a private individual – privacy is necessary for healthy psychological function in modern societies. Governments watching what you do on your computer is the same as having CCTV in your home. Now imagine giving governments the power to watch your every move without you even knowing it. How could you fight such a government if it became repressive? You couldn’t because those liberties would have been lost.

Another good comment after the video;

Tyrannical governments are not going to spy on everyone in order to find out who hates them because they already know that the majority of the population hates them and because they cannot incarcerate the majority of the population. All they want to know is who is brave enough to oppose the government. I know this fact because I was a dissident in communist Poland and I learned it from the secret police and from other dissidents. In North Korea, not crying hard enough at the funeral of Kim Jong-il was interpreted as anti-government demonstration, punishable by incarceration. German Nazis had blockleiters (block leaders) who spied on the people living in the same building. Soviet Union had the same kind of spies, called dvorniki (house-men). The purpose of these spies was terrorizing the population. It did not matter who was arrested, as long as a few people were arrested every year.

Even if ordinary people manage to create a guerrilla army, they cannot overthrow tyrannical governments, e.g., the governments of Adolf Hitler, Joseph Stalin, Hafez al-Assad (Hama massacre), and the North Korean government because the governments have better weapons and their soldiers have better training. All historical examples of guerrilla victories are victories against weak, non-tyrannical governments. The American war of independence (revolution) was won by the French navy. Egyptian military leaders told Hosni Mubarak that if he did not step down voluntarily the army would force him out. Muammar Gaddafi was overthrown by Western air-force aided by militia armed and trained by the West. Taliban and Haqqani Network exist because they receive support from Pakistani ISI. Any tyrannical government can enslave its population because we, the people, do not have modern air force and we cannot defeat the government air-force with rifles and RPGs. Any tyrannical government that possesses nuclear weapons and is willing to defend itself with genocidal attacks is invincible.

Privacy was a problem for companies and governments to solve, and technology has allow people to meet the challenge.

Like many of my new ideas recently, other people have already written books on them. One recent idea was to draw an influcence diagram and apply a bit of systems thinking to weight management, but a quick search revealed
‘Thinking in Circles About Obesity’ by Tarek K.A. Hamid (2009, ISBN 978-0-387-09468-7) by Springer.

The first sentance is always important to set the tone of the book; ‘Today’s children may well become the first generation of Americans whose life expectancy will be shorter than that of their parents‘.

Dispite all the education programs, adverts, healthy/reduced fat foods and self help books, as a populatation we’re getting fatter. He notes that the obesity problem can be represented as a dynamic system of energy regulation to be analysed using system dynamics.

Tarek states that “This book argues for, and presents, a different perspective for thinking about and addressing the obesity problem: a systems thinking perspective. While already commonplace in engineering and in business, the use of systems thinking in personal health is less widely adopted.”
Tarek may have assumed that the wide spread use of systems engineering includes systems thinking, but if this is true then I might be wasting my time with this EngD. While my conversations to sell ‘systems thinking’ to other systems engineers usually include a lot of explaining the difference between systems thinking and requirements capture, systems thinking certainly doesn’t seem commonplace or easily recognisable as a process by another name. I do agree with the statement that the tools and concepts associated with systems thinking are ‘extremely intuitive’ and even young children can learn systems thinking very quickly (..but I just happen to be studying it at doctoral level, erm) .

Systems thinking was considered a topic for university-level education, but this assumption was challenged in the 1970s, by Professor Nancy Roberts at Lesley College who introduced the concepts of systems thinking to fifth- and sixthgrade students. The STACI (Systems Thinking and Curriculum
Innovation) project initiated early in the 1990s, examined the cognitive and curricular impact of using the systems thinking approach in precollege instruction in schools.

The problem of Weight

Most people don’t get fat over a short period, but gain weight at a low rate (half a pound per year) that may increase depending on their lifestyle. The early stages of weight gain often go unnoticed or may be viewed as a sign of inevitable maturity. In the UK, most college/sixth form studets learn to drive at around 17 and the effect at my college was dramatic as the amount of daily exercise dropped to nought. We all can(should be able to) recognise how unhealthy our lifestyles are, and while we might accept that we’ve put on a bit of weight, we all know that bits of weight add up. Tarek uses the analogy of not noticing the partners we live with age (continuous, gradual change), but notice how the relatives we see once in a while have aged.

The US Centers for Disease Control and Prevention (CDC) note that most of today’s obese adults were not obese children, accumulating their extra pounds only after they were 25 or 30 years old. The US now have nearly twice as many overweight children who are already obese at the age of 10 and almost three times as many overweight adolescents as there were in the 1980s.

The number of overweight people in the world has risen to match the number of undernourished: 1.2 billion.

Weight loss = Eat better x Exercise

Obese people are often seterotyped as having poor self-control, as weight loss is considered a simple exercise in self restraint with a bit of more exercise. Tarek rejects the assumption that weight loss is a simple discrete, one-time decision, but rather a complex dynamic series of decisions that constrain future decisions. Time delay is an additional complication removing cause from effect outcomes and making it harder to adjust behaviour.

A study by Harvard University found that most Americans are still not seriously concerned with obesity and do not view it as a major health concern either for the country as a whole or particularly for themselves. This seems counter to an given study of college students who found that the eligible bachelors and bachelorettes considered embezzlers, cocaine users, and even shoplifters where rated more suitable marriage partners than obese individuals. Tarek also states that studies consistently show that overweight job candidates are less likely to be hired than nonoverweight candidates (even when perceived to be equally competent on job-related tests) and when hired often earn less.

Simple answers to complex problems

Cognitive theorists and philosophers argue that humans tend to seek simple answers to the causes for even the most complex problems. These short-cuts are often shown to systematically lead to errors in judgment. Large portions of the book, keep re-enforcing the message that concentrating solely on individual-centric issues has limited our ability to examine and understand issues, and narrowed the focus of research into the causes of obesity. Obesity is not increasing because people are consciously trying to gain weight.

Tarek presents diagrams that show how physiology is effect by energy in/out, our behaviours and our environment. This seems to indicate a 5WH method (What, Why, Where, When, Who and How).

WHAT WE EAT – After an uncomfortable statement that ‘America’s eating habits started to change in the second half of the 20th century, when a growing number of women began to enter the labor force’, therefore meals were no longer prepared from fresh produce, the Institute of Economic Research at Harvard University states that the new roles for women turned out to be one of the most important developments affecting America’s eating habits in the past 50 years. I guess this means that American men are obese because those darn women went off to work and didn’t have time to cook dinner!
This meant that there was demand for fast convient food and snacks. In the past 30 years, an enormous number of tasty snacks have been introduced into the food market, many falling into the nutrient-poor, high energy-dense categories that are distributed through vending machines dotted around our workplaces, ensuring the availability of cheap, high-fat, high-calorie snacks. Snackers do not compensate for their sins with a reduced main meal portion size, leading to increased daily energy intake.

WHEN WE EAT – Time is money, so (unlike the French) we don’t want to waste it sitting around eating a decent meal, so we opt for a quick bite that opens the way for the need to snack later. A person on a diet is less likely to have a mid-afternoon snack if it requires a 10-minute walk to the corner store but is much more likely to have a snack if the vending machine is 10 metres away.

WHERE WE EAT – We consume more of our daily energy intake outside the home. Americans love McDonald’s and I’ve personally seen the ‘dinner run’ at about 1530-1600 when parents have picked the kids up from school and driven straight to the golden arches for tea. The time spent by an average customer in a fast-food restaurant is eleven minutes.

WHY WE EAT IT - Do you want that supersized? For a relatively small increase in price, supersizing greatly increases the number of calories we get. Food intake was 30 percent higher when given the largest compared to the smallest serving, a significant increase, prompting the researchers to confidently conclude that, ‘human hunger could be expanded by merely offering more and bigger options’.They revealed strong cultural underpinnings to our apparent compulsion to eat more when served larger portions.

Changing the Vicious to Virtuous causal loops

Positive feedback loops and processes are advocates of change because with sufficient effort, even small deviations can be amplified and result into major shift. Negative feedback loops are different in that they counter and oppose change.

Tarek states that are bodies rely on a negative feedback process to resist change and maintain stability. The act of exercise however improves fitness and the ability to exercise for longer, leading to increased energy expendature and improved fitness. Although the elements of the influence diagrams are easily recognisable (I was hoping for new found view points) the feedback loops did highlight the short and long term feedback effects.

Most overweight individuals tend to set weight-loss goals that reflect their image of what their ideal body weight should be from weight charts read in a book or magazine article. The unrealistic goals that people often set not only nearly guarantees that they cannot be fulfilled, but in fact contribute a relapse. This then creates the self-control weight loss cycle or ‘yo-yo dieting’.
A common trend is goal erosion as we adjust our ‘ideal goal weight’ to our ‘achievable goal weight’, which can cycle a few times before a complete relapse.

Conclusions

The book is not for the mainstream reader keen on a quick fix for weight loss, but is an example of moving from a simplistic view of a common problem into a realistic model (all the way down to Glucose uptake/release and feedback to insulin secretion/breakdown). I am very much a visual person and love the pretty pictures and diagrams, that were few and far between – this is a reading book.
I never saw the big holistic influence diagram that I was expecting, but was presented with a few small or combined feedback loops. For a systems thinking thesis, it doesn’t feel systemsey enough. The system boundary or model is not identified, neither are actors, elements or relationships defined to any depth. It’s not a dieting manual, but is an example of systems thinking applied to a problem.

A key takeaway message from the book is this: We cannot and should not rely on intuition alone in managing our bodies. With its many interrelated subsystems and processes (some counteracting, some reinforcing) the human body is simply too complex to effectively manage by human intuition
alone. Our bodies don’t work in straight lines!

The commoon premise is that once the public are educated, people will abandon unhealthy lifestyle behaviors. This has not been the case, as people do not want to be lectured about their bad habits. A more effective method would be to engage people through play. Tarek seems to want to lay the foundation to sell software to help manage individual weight programmes; ‘It is time to use the technology not to automate existing processes but to enable new ones’

Dr. Tarek K.A. Hamid

Dr. Tarek K.A. Hamid is a trained system dynamicist (with a PhD from MIT, and a winner of the Forrester award for his first book). He has been a Professor of System Dynamics at the Naval Postgraduate School, in Monterey, CA since 1986, where he was awarded the Naval Postgraduate School’s Faculty Performance Award, in recognition of meritorious faculty performance in both research and teaching.

In the mid 1990s he became extremely interested in the confluence of information and medical technologies, and saw it as one of the most promising new frontiers for system dynamics research and public policy. But he had a lot to learn. So, in 1997, he took an open-ended leave-of-absence and enrolled in the Master’s Program at Stanford’s Engineering Economic Systems & OR Dept., where he focused on decision analysis and medical decision-making. Read more

Chinese hacker Wan Tao

In April of 2000, Wan Tao joined sina.com’s Naval and Merchant Ships Forum with the online name of China Eagle in response to a posting by a person named Bailing who called for the establishment of a China Eagle club. Between the 19th and 21st of May, he made postings about the delay tactics used by advocates of Taiwanese independence and organized the “Anti-Taiwanese Movement of China Eagle Union.” In September, he participated in China’s first network security hobbyist conference at the Dragon Spring Hotel in Beijing and gave a speech called “Building Hacker Culture with Chinese Characteristics,” that was said to have defined the goals and direction of the Chinese hacker culture. The Chinawill web site was redesigned in October of 2000, and the members of the China Eagle Union finally had “a home online.” In December, Wan Tao attended the “Network Era Patriotism Discussion” held in Nanjing.

China Eagle even composed a theme song for their organization titled Power of the Night.

黑夜的力量
Power of the Night
词:中国鹰派栗子
Lyrics: By China Eagle Union’s LiZi

我们在黑夜里逆风飞行我们是黑夜里的中国之鹰我们用黑夜里黑色的眼睛迎接光明的来临我们在网络里自由飞行我们是网络里的中国之鹰我们用网络里寂寞的 黑夜迎接黎明的来临感受黑夜的力量用我黑色的眼睛热血在黑夜里慢慢凝聚希望在黑夜中寻觅我们是中国的鹰派我们要做中国的精英不管敌人的盾牌是多么的坚硬我 们要让他知道我们的锐利我们是中国的鹰派我们要做民族的精英所有正义的人们给了我们力量和勇气我们会永远战斗不息

“We are flying against the wind in the night. We are the China Eagles of the night. We use our black night eyes to greet the approaching light. We are flying freely through the net. We are the China Eagles of the net. We use the lonely nighttime of the net to greet the approaching daybreak. Feel the power of the night. Use my black eyes. The hot-blood slowly thickens in the night. Searching for hope in the middle of the night. We are the China Eagles. We want to be the elite of China. It doesn’t matter how hard the enemy’s shield is, we want him to know our sharpness. We are the China Eagles. We want to be the elite of the nation. All the just people have given us strength and courage. We can fight forever and never rest.”

China Eagle forced the shudown of the “Water Lilly Association,” a web site for Taiwanese independence, after placing a defacement showing Taiwanese Vice President Lu’s head pasted on a Play Boy.

In 2001, almost 1,000 websites in the US were defaced and two US government websites were under a denial-of-service attack, among other cyber attacks. The leader of the China Eagle Union hacker group admits to coordinating the 120-plus hackers in their siege between from April 28 to May 8. After several months of research, iDEFENSE Intelligence Operations offers this profile of the China Eagle Union with details on its leader, its members and a possible connection to a senior Chinese government official. This iALERT White Paper includes several photographs and details on what is probably China’s premier hacking group  (Click here to download the 887K .pdf white page).

History

• 1997 Formation of the Green Army Founded by GoodWell (China)
• 1998 Anti-Chinese riots in Indonesia provide the catalyst for the creation of the Red Hacker Alliance.
• 2000 Honker Union of China founded by Lion China Eagle Union founded by Wan Tao Javaphile founded by Coolswallow and Blhuang
• 2001 Sino-US cyber conflict 1000 web defacement protesting death of Chinese pilot.

The engineer can fall into the role of a technical expert and their work is misunderstood. One reason engineers aren’t considered creative is that they often don’t start with the proverbial blank sheet of paper each time they do something. Rather, they bring together and build on existing technology and try to improve incrementally on its performance. An engineer’s core mission is to try to improve the utility of things, to design products or processes that will solve problems better, faster, and cheaper.

While engineering can be technically demanding and required a working knowledge of maths, I feel I flex my creative engineer muscles regularly. Working with hard and soft systems provides the ideal technical creative environment to express innovative solutions to multilayer problems. In a recent discussion the term ‘Ingineer’ was used to distinguish from the stereotypical main stream view of ‘engineering’, to allow us to visualise the softer traits of a creative engineer. Rather than focus on the output, the process and initial thinking behind an inspiration was examined. When we think of invention, we (in the UK) still like the idea of a slight eccentric working away in their shed (like James Dyson). I don’t want to get into the discussion regarding who is and isn’t an ‘engineer’, but most engineers will have the capacity to influence society by meeting a demand, solving a problem or through innovation.

This is just some quick e-cuttings from the DIS that might be interesting to some people that can’t be bothered to read the DIS themselves.

A3.28 Market Implications

In the past the relationship between the Ministry Of Defence (MOD) and industry was transactional with the majority of the budget focused in the Equipment Programme. Current involvement with industry spans across a range of products and services over the boundary of peacetime and deployed environments. Previously supplied items are being grouped into larger packages (inc through-life, system-of-systems and cross-platform), with industry accessing a substantial portion of the Short Term Plan (STP) in addition to the Equipment Programme. Future trends will see the MOD more explicitly dependant on key suppliers for delivery of defence outcomes as larger portions of the budget will be available to industry.

A3.29 Increasing importance of Information Communication Technologies (ICT)

The differentiator in military operations has changed from scale and potency, to agility and flexibility to meet operational environments. Defence demands on the industrial sector are becoming more sophisticated The civil sector has driven innovation at high clock speeds, along open international standards. To remain at the leading edge of military capability requires increasing the exploitation of commercially driven ICT. This will require the alignment of business models through novel approaches; Government making the market attractive, commitment to Commerical Off The Shelf (COTS), Common Standard and open architectures. MOD recognises the importance of accessing commercially-led technology developments through the broadest supply base.

B1. Systems Engineering

The UK industry needs to have systems engineering capability to integrate system of systems and adapt systems to take advantage of new technology and respond to threats. It is vital that systems engineering and long-term knowledge is maintained, otherwise it is little use investing in cutting-edge research, without the knowledge to exploit and integrate into existing systems.

Systems engineering delivers an overall result that is greater than the sum of its parts.

Systems engineering executes an interdisciplinary process to ensure that the customer and stakeholders’ needs are satisfied through out a systems life cycle.

Systems engineering is as relevant to the design of a computer chip as it is to the development of military strategy for a particular conflict. The future trend is clearly towards greater systems complexity across all sectors.

The growing importance of networks and their interactions with partial systems will make a platform-centric perspective less useful in future when considering how to meet operational capability requirements.

B8. Command, Control, Communication and Computers, Intelligence, Surveillance, Target Acquisition and Reconnaissance (C4ISTAR)

C4ISTAR is an area where sustained expenditure is expected to underpin the Network Enabled Capability essential to the continued transformation of defence, by providing the technology required to deliver agile, networked and informed Armed Forces.

This technology is driven by the civil sector where the MOD is a minor customer.

Specific industrial capabilities should be maintained within the UK industrial sector;

• PROTECT – High grade cryptography and information assurance
• MAINTAIN – Ability to understand and integrate mission critical systems
• INTEGRATE – Track emerging technologies for potential military application.
• RECRUIT – Sustained research and development base with people having the right skills, supported by a manufacturing capability in specific areas of defence technology.

C4ISTAR is a growing market driven by advances in the domestic software, electronic and entertainment areas.

The world defence market is dominated by US companies that are attracted to the UK due to an open defence market. This could create an imbalance as US technologies are favoured but restricted due to technology export, ITAR restrictionss.

Maintaining a cryptographic capability requires a specific strategy. Working with other departments, greater coherence across government should increase industry’s visibility of the total opportunities. Further work in 2006 will inform our research and technology priorities.

The 2004 White paper ‘Delivering Security in a changing world: Future Capabilities’ stated that the exploitation of Network Enabled Capability (NEC) is vital for the continued transformation of UK Armed Forces.

The ability to respond more quickly and precisely will act as a force multiplier enabling our forces to achieve the desired effect through a smaller number of capable assets. NEC is one of our highest priorities for future investment in research. NEC goal is characterised by synchronisation, though the delivery strategy must continue to evolve as opportunities from technology innovation are exploited.

C4ISTAR capabilities will underpin NEC by providing the technology to enable agile, networked and informed armed forces. Three principle areas provide capability;

• Command and Battlespace Management provide commanders with the information they require such as Bowman, Land Environment Air Picture Provision (LEAPP), Joint Command and Control Support Programme (J2CSP), ARRC Command and Control Information System (ARRC C2IS) and Future Integrated Soldier Technology (FIST).
• Network programmes will facilitate the rapid and secure communication of data. Example programmes are Bowman, Skynet 5, Cormorant,
• ISTAR projects are needed to acquire and analyse data for the Armed Forces. Projects include Soothsayer, Shaman, watchkeeper, UK Intelweb

B11 Defence Technology Priorities to enable defence capability

• Secure and robust communication technologies that will provide superior information and intelligence through cryptography and information infrastructure.
• Data and information by expertise in image analysis, target identification and tracking algorithms, data fusion, network design and stability.
• Technologies for remote and autonomous operation will provide protection for armed forces personnel; the most valuable military asset by the deployment of autonomous systems where ever possible.
• Automated Information and Knowledge technologies under pin all automated decisions and require exploitation of;
  • Information and Data management
  • Data mining and information extraction
  • Self adapting networks
  • Data storage
  • Advanced Digital Signal Processing
  • High bandwidth secure data-links
  • High bandwidth encryption