Monday, January 28, 2013

The Rebirth and Regrowth of the European Union

With regards to the financial state of the European Union, it's clear that we're in a better situation than several years ago. Nonetheless, it's also clear that there is strong discussion with regards to re-molding the union to serve greater good over the long term. Things that should be factored include:
- one model I've been considering revolves around three layers of cohesion within the union. One is core Europe and uses the Euro as it's currency, another is less cohesive and uses another currency which will allow for greater flexibility with regards to currency movements during times of ecnonomic stress. The final group is very loose and is based on primarily around trade purposes. All would technically be part of a geo/socio/political union but ultimately they would be of course associated with Europe. Countries free to move between levels as desired or deemed to fit. Naturally, moving between different groups wouldn't be easy to remove possible chance of nations shifting between them for tactical/cynical reasons. Bonus, is that countries can gain benefits of union without potential for 'contamination' of issues that face those countries that aren't quite as mature in some areas
- this structure will allow for flexibity and to facilitate needs of states that do not want to be part or sense a desire to be part of a European state
- smaller groups of geographical unions will also reduce the possible number of issues in question. Easier to govern/more representative of those in question. After all, if their core values/aspirations/interests are more similar in the first place agreement should be easier over the long term (level of cohesion to be determined by those in question obviously). Moreover, why bother with central organisations if people refuse to play by the rules that they are supposed to develop, implement, and enforce?
- needs to be a reason for a union if you are to go deeper and it seems clear that there are those who still remain unclear in regards to this. The way I see it, you can't force a square block into a round hole. Moreover, centralised decision making/bodies should only take precendence if it can be proven that it is for the greater good or those who are currently making decisions lack the ability to do so by themselves. Even so, I think this is a longer term issue
- also, clear that interests of those at stake are very much different. A restructure/rethink of the governance mechanisms behind EU should be an option to be considered (majority instead of complete agreement) during times of crisis?
- people often underestimate the challenge of running a country/state. So many conflicting interests. Put yourselves in the place of European, United States, or Japanese leaders during the recent crises. Incredible number of variables involved, measurements and projections are not always accurate, people's lives are on the line. What would you do?
- think about bottom-up stimulus as another option rather than purely top-down stimulus. Local experience has proven that downward movement in interest rates from a central bank doesn't always get passed on in it's entirity to the average citizen. Consumers are more likely to spend on necessities, business will obviously try to make a profit...
- I covered a lot of issues in my 'Covergence' report. The World Economic Forum have since come up with several further studies that expand on that work and quantify many of the issues in discussion. Interesting reading
- need to think about economics more carefully. It's almost like a game, a relatively closed system that is governed by rules and has a relatively finite number of players. If everyone cheats by changing the rules of the game then the original game is no longer the same/valid. However, if everyone makes the same changes, the relative dynamic between players remains the same. Your level of competitiveness does not change relative to others. If however, by building on distinctive changes that separate your ecnonomy from others then significant gains (and potential losses) are possible. Almost like a game of risk/reward,0,3641151.story
- time has proven that many bailouts (American TARP program was successful and several European states are well on their way to dealing with their debt issues) have been successfully repaid. If this is the case, don't see any reason why the largest banks shouldn't have a place in bailing out smaller banks? Larger banks to be bailed out by smaller banks and central bank only when situation is critical (Basel agreement/reforms should go some way towards dealing with this problem in future provided we continue to push forward). Must be more willing to let banks go bust. Reward performance, not incompetance. Central bank guarantee of funds with deposits being shifted to other well performing, stable, well structured banks?
- a lot to learn/gain from some meetings. May need better structure though. Perhaps time limits for each speaker as in some parliaments?
- can't pursue growth above all else. Perhaps termporarily but over the long term environmental, resource, social issues on the line as well
- do the people in question really share a common identify? One thing I've noticed that older people are less aware (and are less willing to take advantage) of many benefits the European Union. If Europe is going to go down the route to deeper integration the benefits must be sold to the public. Believe that time may be a few decades down the road

Political/System Change

It's only when you do genuine research which spans months possibly years do you understand just how big the world really is, how much progress humans have made and similarly how foolish we've been in some of our endeavours. Extremist views and terrorism impacts no longer impacts upon those whose countries where it has taken root. The globalised nature means that these perspectives now play a global role as well. While it's clear that covert operations are one option regime change (whether as a cause or side effect) can have a substantial impact as well. Things that need to be considered though:
- how often has intervention actually worked? Is it our intervention that is causing the process of fail or is the way in which we are forcing intervention?
- in totalitarian regimes the distinction between reality and propoganda is not always clear or easy to uncover. Behaviour bears some similarities 'Stockholm's Syndrome'. Do people see the current regime as the best option only because they are not aware of other options? 
- the structure of authoritarian governments is such that they serve two purposes. One, is to maintain security of the state from external threats. The other is to secure it against internal threats. No matter what happens in a transition there still is somewhat of a security vacuum which is made more hazardous by (sometimes corrupt) former secret police/intelligence using their 'skills' in any subsequent democracy. Vetting/background intlligence is critical in develop ment of any subsequent regime. Desire/determination of the general population is critical to determining whether or not radicalism/extremism/terrorism can survive (or be repelled) in such an environment
- almost impossible to avoid non vacuum type situation in the advent of political/system change. One report that I read indicated that the most stable choice was to simply replace one autocrat to another and basically attempt gradual change (similar to the Egyption situation but I'm quite certain how that really is progressing). Even then, may not be possible though. An 'autocrat' is someone fundamentally/psychologically different from 'normal people'. How do you get them to institute genuine reform? A time limit for constitutional change via the UN with automatic sanctions?
- not sure that people really care who there leaders or the system. Believe that as long as their best interests are represented the system in question isn't particularly important
- we need to acknowledge that one system may not necessarily be the best for everyone. Imposing a system which doesn't work may potentially be just as problematic as not intervening in a crisis situation. In some countries/regions security/stability takes precedence over civil liberties. In others, people need to be behave in a certain fashion in order to succeed among their peers. We need to always keep at the back of our minds that many of the systems that we have devised have come about through people's desire for greater prosperity and better representation of the 'people's interest'. It's for this reason, I find some of our current troubles amusing. It's clear that pure capitalism doesn't work and history has clearly proven that often the pure interpretations/forms of other idelogies such as socialism, communism, and are also flawed. Even the democratic process and implementations that we have found ourselves with have resulted in often compromised, untimely decision making with representatives with backgrounds or personalities who we often find significantly flawed or questionable. I studied human resources and management as a part of my studies and while there were many theories with regards to motivation and general management, Maslow's Hierarchy of Human Needs continues to remain important in my mind. If a person has adequate housing, food, and health you'll be going a long way towards fulfilling their needs and desires
- after Balkan conflict there was some discussion regarding UN policy which would basically stop a recurrance. Where do we set the tipping point for intervention? How do we set it? What type of intervention?
- is the structure of the UN now 'outdated' and ill equiped to deal with these type of situations? Is modernisation of the UN required? A rotating head such as the EU? with a majority/set percentage a better option than the current UNSC structure?
Are the members of the current UNSC willing to cede some control back to the global community?
- regime change often comes at the price of much blood. We need to understand that existing authorities and associated stakeholders often stand to lose much more than what appears on the surface. The cynic in me thinks that some will not let go of power without a decent 'exit package'
- ruling out insanity the only way an existing regime can be certain that the will of the people is not with them is via a vote. Can you launch an election in the middle of a war zone? If much of the country is evacuated already can you run an election composed of people whose identities can be verified in refugee camps as well? Do you need to 'secure' a country before a vote/negotiations can take place? Either way, you need to be willing to make potentially strange concessions during times of conflict or else back your decisions up with 'brute force'
- dividing a country a realistic option at some point?
- less likely to fight in densely populated areas?
- while it's important to learn and honour our pasts it's also important to realise that people, the world, has changed and the rules need to change to fit the new model. People need to be able clearly see a benefit from a single market/union to genuinely yearn for it. A controversial theory says that scientific paradigm shifts only occur when the new theory can be proven to be significantly better and the previous paradigm falsified or the believers of the previous paradigm can be made to see that their perspective was flawed or they simply die/move out of their profession. I believe that it may be the same case with regards to political leaders as well. Broader communication may be required
- is the desire really there amongst the general population for revolution?
- if so, are the structures/governing bodies in place in there for them to fend for themselves?
- do they see intervention as foreign interference or aid?
- where's the tipping point in determining the difference between dissent/unpopularity and revolution?
- if the tipping is reached, how do you even measure it? number of casualities? amount of time in trouble?
- SIGINT/COMINT is possible but many ways around this (tunnelling/encryption)? Moreover, where do we draw the line with regards to bringing potentially highly sensitive communications to light?
- experiments with social media/group think indicates that a lot of work needs to be done. Obvious problems include access and desire. Do people actually want to get involved with the decision making process. Personal experience indicates that there is a small minority cares but the rest of the population doesn't really care
- is it the place of foreign governments to intervene in other nation's affairs?
- who takes reponsibility if the intervention is not completed satisfactorialy?
- going to war is a final option. It's clear that some nations/administrations favour intervention, others clearly try to steer clear of it. Moreover, arming rebels can lead to other difficulties as seen in Afghanistan, Libya, Syria, etc... There is also some evidence to suggest terrorist groups may aide a revolution and then seek to topple the subsequent regime. Care needs to be taken with regards to arms distribution. Possibly arms that have a limited lifetime?
- more studies required with regards to succesfull counter terrorism techniques?
- sanctions obviously have an impact but they obviously have a more widespread, civilian impact as well

Tuesday, January 8, 2013

Wireless/Behavioural Security Analysis and Bugs

I previously theorised ('Cloud' document) about wide spectrum radio solutions to help deal with the problem of expensive/continuous hardware ugprades of telecommunications infrastructure. The CSIRO has since built something along these lines.

What has interested me even more though is recent work in software based radio technology. A similar concept but what I'm particularly interested in is the flexibility it will provide with regards to offensive opeations (Electronic Warfare and Jamming).

As many people are probably aware GPS is being updated/upgraded to deal with various known threats such as susceptibility jamming, substandard performance in enclosed areas, and so on. One complementary solution/alternative being considered is Leica's 'Jigsaw'.

Variation of 'Adaptive Networking' concept I was playing with in the original 'Cloud' document.

I've spoken about interlaced attacks, and attacks which involve disrupting activity (they tend to fail open though there are a number of devices which allow you the option of having them fail closed at the expense of ) of security systems by overloading or confusing them in the 'Convergence' report before. The following of a study of how performance drops off in the real world using entry level enterprise firewalls from several well known vendors.

A variation of my 'Cognitive Fingerprinting' work as outlined in the 'Cloud' and 'Convergence' reports. Basically instead of using purely signatures we're going to look at behaviour as the main means of detecting whether a file is good or bad. Of course, this will be on top of existing security models/systems but something we need to think about is how even this can be bypassed. Some recent research I've come across seems to suggest that many sandbox type solutions that are used to detect presence of malware can be rather obvious. Countermeasures are being deployed which means that only 1/3 of all malware may be being picked up. More thought required...

Neat way of increasing collaboration from the perspective of defense.

Interesting graph of where your system is likely to get infected by a virus on the Internet. Not sure of it's overall validity...

Details surrounding NSA 'Perfect Citizen' program to protect critical infrastructure becoming clearer.

Microsoft email Exchange/Outlook plugin to block reply all, forward option. Still doesn't deal with the 'analogue hole' problem though. Namely, taking a screenshot, a picture of your monitor itself, or even just (manually or automatically) copying and pasting the contents of the email in question itself and then relaying this on to the desired recipients.

A more comprehensive Microsoft Data Loss Prevention (DLP) solution.

Vacuum your laptop/netbook ventilation ports regularly. Not doing so can result in higher dust build up, higher temperatures and fan speed, power consumption, etc... As stated previously, design of portable systems is always a compromise between performance, size, power consumption, and so on. If I had a way of being able to alter shell design without comprimising structural rigidity and resale value I would use it in a heartbeat.

The article that I was referring to in my previous post with regards to how the wealthy don't always produce more jobs.,7340,L-4300066,00.html

Bugs of the Week

Sega's/Sports Interactive's Football Manager Series (most of these apply to 2009 but some apply to only earlier versions)
- when operating in small window mode some fields/words will overlap making it sometimes impossible to navigate
- sometimes go on holiday mode doesn't stop before the play of a game on that particular day. Would like more 'predictable' behaviour

Microsoft's/Big Huge Game's Rise of Nations
Not really a bug. Sometimes I modify lines in rules.xml file so that I can tweak the game rules (population limits, resources, etc...) to make it easier/harder depending on my mood. I've discovered that depending on the total number of units and movement currently occuring underlying hardware performance becomes a major limiting factor. Just have to be careful.

Opens to a rediculous default window size on a Netbook (not sure about other platforms as yet). Neat game though (fun for those who enjoy mazes) and each puzzle is reasonably short/easy (depending on level).

Algorithm for finding direction to hole doesn't correctly identify best/easiest pathway to goal all the time which means some awkward/impossible starting directions are possible. Believe that it may be limited to holes where a certain terminal/short distance condition is triggered.

Basically a clone of SuperMario/Sonic the Hedgehog style games. Not really a bug but one thing I've always wanted to do in these games is to have more freedom with regards to going backwards and choosing another pathway through the game (understand the underlying hardware limitations of the consoles at the time though).

News Website (further details not disclosed for reasons of security and reputation)
Various uncaught exceptions after turning off JavaScript.

E-Commerce Website (further details not disclosed for reasons of security and reputation)
Website started sending refund messages to people who weren't involved in a recent mix up/pricing error.

HPM Powerboard
Purchased this a while back because it had a lot (12) of sockets and built-in RF/EM noise suppression. Lately been having problems with it though. It doesn't seem to smooth the power supply out. It seems to be cutting power in/out now. Believe it may simply be malfunctioning. Difficult to diagnose/fix personally though due to strange/unique screws being used in casing. Hoping still under warranty.

Friday, January 4, 2013

Open Core Security and More Security Analysis, Routing Problems, and More Bugs

I once recall a conversation with a engineer from one particular security firm/vendor. They said that they were prohibited/dissuaded (by their country) from using solutions (even though one solution was considered world class) from another particular country because of philosophical/national security concerns. This is ridiculous. In a large number of cases, firms are having to open up their source code for analysis by national intelligence agencies and third party auditors. If the solution being provided is minimalistic, there is a common open source framework and Application Programming Interface (API) that the solution can plug into (and that can fit into popular devices) I don't see any reason (apart from commercial/political/philosophical) why we shouldn't be able to use the best possible solution/s even they may come from possibly questionable sources (I'll expand on this concept in 'Cloud and Internet Security' report. Currently, 820+ pages/214K+ words).

Tom Clancy's book, 'Threat Vector' actually provides a decent (though fictitious) example of how to carry out an integrated cyberwarfare/conventional warfare attack.

Richard J. Aldrich's, 'GCHQ' actually provides a good explanation of some of the activities of modern intelligence agencies. Certain decisions make sense but seem incredibly cynical.

In the past I've tried using open proxies and fiddling with MTU and other setting to get around certain networking problems. Sucess has been limited. The most elegant/useable solution that I've come across/found has been 'Tor'.

Interesting to see what the rest of the world is downloading via BitTorrent.

I remember developing and running small programs/games for the TI-83 platform. Amazing how far some graphic calculators have come...

Cool robot called 'iCub'.

Timestamping audio using power hum.

After my recent wireless experiments with EM/RF permeation of various materials (and the surprise at how even the thinnest/least dense materials have impacted significantly upon reflection/absorption) I'm curious to see how the NetGear AC6200 (USB wireless 802.11ac dongle) performs with a shell integrated adjustable antenna. Reviews so far have been mixed (though most problems feel like they are related to the frequency band in question as well as driver support under Windows 8)...

Bugs of the Week

Google Images
Not really a bug but a problem nonetheless. Certain websites can't be previewed in Google Images since they can not be opened in a frame and must be opened in a seperate window.

Microsoft's Windows Media Player 12
After ripping a few CD's recently at max bit rate of 320KB using MP3 format I've noticed a bug. When you go into the 'Library' you'll notice that the size is incorrectly listed as 'O KB'. Solution is to remove and re-add files to music library. Not sure if this is limited to my particular setup though. Bug doesn't seem to appear at other bit rates.

Sega's/Sports Interactive's Football Manager Series (most of these apply to 2009 but some apply to only earlier versions)
- clubs still silly enough to bid on a player even though he is approaching end of contract
- even if you give a company in a lower division a significant cash boost it doesn't seem to provide them with that much of a performance boost. The burn rate for clubs in lower divisions when given cash boost doesn't seem to make any sense as well. If a club can make it on a net worth of only a few million dollars how can it burn through millions of dollars over the space of a year and not make any significant performance jump?
- accept all offers option for players not honoured sometimes even when you have taken over another team
- transfers in next window option often doesn't work even though transfer fee to break clause has been met (unless there is something about my understanding of this is incorrect)

General Observation of eBook Readers
Often sub-par performance (performance and usability such as having a decent font size/zoom level) using PDF files on inexpensive eBook readers. Try to use native formats (MOBI, ePUB, etc...) where possible. Makes a big difference...