Category Archives: Security

Sailing, Security

Naval Integrity Breach: Chinese Hackers Crash Second U.S. Military Ship in a Month

9 Comments
A catastrophic demonstration of information warfare: The Solong container ship’s unnatural trajectory into a U.S. military oil tanker bears all the hallmarks of sophisticated navigation system compromise

The USS Harry Truman collision on February 12th appeared to be just an isolated incident. Now we know it was merely the opening act.

The Nimitz-class aircraft carrier USS Harry S. Truman (CVN 75) was involved in a collision with the merchant vessel Besiktas-M at approximately 11:46 p.m. local time, Feb. 12, while operating in the vicinity of Port Said, Egypt, in the Mediterranean Sea.

Barely a month later, a far more devastating crash has unfolded off England’s coast—this time targeting a chartered U.S. military fuel supply line.

Just before 10 a.m. local time (6 a.m. ET), a Portuguese-flagged container ship called the Solong careered into the oil tanker, called the Stena Immaculate, which was at anchor in the North Sea about 10 miles off the English coastline, according to the ship tracking tool VesselFinder.

What demands our immediate attention: Weather reports from nearby coastal stations indicated misty conditions with limited visibility that morning, potentially making the ships’ crews even more reliant on their electronic navigation systems. The 2005-built Portuguese-flagged Solong was traveling at full cruising speed—16 knots—when it slammed broadside into the anchored Stena Immaculate. Let me be absolutely clear: such a collision at 8.23 m/s directly into the 183-meter length of a stationary high-sided oil tanker is beyond negligence—it represents a catastrophic systems-level breakdown or, more likely, deliberate external manipulation.

Following the COLREGS (International Regulations for Preventing Collisions at Sea), the Solong would need “ample time” for avoidance, which in this case was around 12 minutes before the crash (3.2 nautical miles away). Without getting too far into the weeds Rule 5 logically requires maintaining a proper lookout by all available means, Rule 7 requires determining if risk of collision exists, and Rule 8 mandates taking action to avoid collision early enough. Rule 18 says Stena Immaculate had an absolute right of way and Solong is required to take ALL measures to avoid.

The mystery isn’t a mystery

Let’s consider the huge violations at play here.

  1. Vessels are required to have continuous visual and radar watch
  2. Vessels have redundant navigation systems (AIS, ECDIS, radar)
  3. Vessels follow clear procedures for giving way and avoiding collisions

There’s zero ambiguity, such that a broadside crash at full speed (hitting the side of the anchored tanker) suggests serious failures across watchkeeping, navigation, and vessel control systems. This does not appear to be merely coincidental navigational failures, given the severity and scope of the multi-level system failure and a decision point so far away as to make it seem intentional.

In other words visual lookouts should have had view of a 183-meter vessel from 12-14 miles away on a clear day, without any doubt in their direct path like a huge wall blocking their plotted route. On March 10th visibility was apparently limited to two miles. STCW requirements for vessels of Solong’s size mandate a minimum of one qualified officer of the watch and a dedicated lookout at all times while underway, so this isn’t a hypothetical. Radar systems would have detected the Stena Immaculate as a clear hazard. AIS (Automatic Identification System) would have clearly shown the stationary hazard. ECDIS (Electronic Chart Display and Information System) would have clearly shown it as well.

Therefore what we are dealing with seems almost certain to be sophisticated electronic warfare defeating container ship navigation systems. Two things are particularly interesting.

First, military vessels run heightened security and navigation protocols. However, a chartered military vessel is a known giant loophole in regulations that is exploited by the U.S. military specifically to avoid high standards of safety (to lower cost of operations). Upwards of 90% of Military Sealift Command logistics depend on chartered commercial vessels.

This somewhat explains why the first attack on a Navy vessel was minor, foreshadowing more attacks, whereas the second attack targeting a chartered military vessel was catastrophic. Defense Logistics Agency’s tanker fleet operates with minimal security protocols compared to actual Navy-run combat-ready vessels, clearly resulting in a huge difference in outcomes from these two military targets.

Second, container ships like Solong are potentially staffed irregularly, maybe even illegally, and of minimum maintenance levels meaning systems often are degraded (competition degrades safety). Panama “topped the list” of worst safety practices. You can hopefully understand how the ships and their crew become soft targets riddled with vulnerabilities for sophisticated electronic warfare.

…shipowners were trying to “get away with treating seafarers like some sort of modern-day slaves”. Panama topped the list of abandonments by flag states with 23…

Ship abandonment is a huge safety problem, as signaled by the flag the Solong was flying underway. Panamanian-flagged vessels typically have 15-20% smaller crews than comparable vessels under European flags, with less stringent qualification requirements. What we’re talking about today is directly related to ship crew being in a state of degradation and even abandonment.

To be even more clear, hopefully without saying too much, any poorly-staffed ship built in 2005 also means an ECDIS running on Windows XP without patches. GPS spoofing would have meant fake signals gradually poisoning legitimate data, and navigation systems showing altered positions. For example, back when I worked with a team of military experts testing the woefully insecure Tesla designs, the car thought it was driving through the ocean instead of on land yet continued accelerating to full speed. Careful observers of this blog may remember I gave a keynote presentation in 2016 about these exact integrity breach problems of “automation”.

2016 BSidesLV Ground Truth Keynote: Great Disasters of Machine Learning

Opening slide from my 2016 keynote talk about Tesla “driverless” being a manslaughtering threat to society, starting from a naval gazing perspective.

Satellite communications (SATCOM) operate out-of-date protocols vulnerable to man-in-the-middle attacks. Someone who wanted to fake election results or corrupt vote numbers might hook up a polling station to the SpaceX Starlink, as the most obvious example of this class of vulnerability. And then maritime navigation systems don’t use any integrity controls, such as package signatures, when they connect to the raw Internet for software updates… need I go on?

Perhaps you can see why as soon as I saw a 16 knot container ship broadside crash under a Panamanian flag, I got even more knots in my stomach.

The deliberate driverless crash vector

From a technologist sailor’s perspective the broadside collision in misty conditions suggests the Solong’s navigation systems were showing completely different information than reality. With visibility potentially limited to just two miles, the crew would be highly dependent on easily compromised electronic systems.

Dangerous confusion on the bridge would be enabled by underqualified or unqualified obedient crew, who chose not to override the system. Crew members probably lacked training or experience to understand how to react to discrepancies, they likely were fatigued (reduced reaction capacity), and honoring a hierarchical bridge culture (overly compliant workers) that discouraged any human challenge to automated systems.

This is not novel, but rather the past lesson from known electronic warfare tactics that exploit “automation bias” in humans who misplace trust in machines. It’s why Tesla has been killing up to 20 people a month as if that’s the new normal, versus the Ford Pinto killing around that many in its entire production run and getting labeled as unsafe at any speed.

Even when contradictory information is available, false faith in electronic data comes from a culture of outsized promotion by “automation” conmen like Elon Musk coupled with screen-addiction in a way that induces poor decision-making.

The progression from minor incident (USS Harry Truman) to catastrophic collision (Stena Immaculate) fits with how threat actors typically escalate, testing capabilities, learning from outcomes, and adjusting tactics. The fact that both targeted US military interests within a short timeframe strongly suggests deliberate action rather than coincidence.

To counter such threats would require both technical measures (signal authentication, system redundancy, electronic countermeasures) and human factors solutions (better training, revised protocols, enhanced watchkeeping). However, the economic pressures in commercial shipping work directly against implementing many of these protective measures.

This has to be China

And now for some pure speculation about China being the most likely threat. That’s right, I’m calling it out now.

  • Technical capability: China has demonstrated sophisticated electronic warfare capabilities, including GPS spoofing, radar jamming, and cyber intrusions. They often hint with technology about battlefield dominance strategy.
  • Target selection: A military fuel tanker specifically hit suggests understanding U.S. Navy logistics in a very symbolic way. China always been uneasy about the “long lines” of U.S. naval power projection using at-sea replenishment and global fuel supply chains.
  • Signals pattern: A progression from minor test on a major warship (symbolic aircraft carrier) to a catastrophic attack on a random commercially operated logistics infrastructure fits with Chinese strategic thinking about sending a signal pattern about full capability while targeting lesser support systems rather than combat platforms.
  • Maritime flex: China has been rapidly developing both conventional and asymmetric naval capabilities related to sea dominance.
  • Plausible deniability: Electronic warfare attacking integrity of commercial vessel systems provides easy obfuscation and fog, making attribution nearly impossible yet also obvious, a hallmark of Chinese asymmetric psychological operations.

The focus on a container ship colliding with a military tanker is particularly telling. Military planners around the world know the underbelly of U.S. naval logistics vulnerabilities. Global reach always depended on refueling capabilities and supply chains, as I’ve written about many times before. Using a container ship to strike a military charter tanker, the hackers demonstrated they’re thinking strategically about how every container ship in operation now has to be seen as a weapon to limit U.S. naval power projection without direct confrontation.

Starting with the USS Harry Truman, the aircraft carrier that represents the pinnacle of American naval power projection, and then progressing to a logistics vessel, shows a loud and proud messaging strategy with more red flags than a Chinese military parade.

We’re looking at a bright warning flare on a calm sea against the black of a moonless night, lighting up not just technical capabilities but America’s entire strategic awareness and institutional response capacity.

Hey Trump, we can hit your crown jewels, and we can cut off your legs. Make a move on Greenland and maybe watch as we make Taiwan disappear. We could take Hawaii and Alaska while we’re at it, thanks to your doctrine of distracted degraded defense.

Who’s really asleep at the wheel here?

As defense resources and attention are completely diverted into literally ordering all hands on deck just to find the word “gay”, and censor “gender” and dismiss non-white troops… attacks against critical naval infrastructure reveal the true nature of devastating blind spots developing rapidly in American security.

Books have been pulled off the shelves at U.S. military schools around the world pending a “review” for diversity concepts and language. …among those that disappeared from the shelves of Ramstein High – Fahrenheit 451, 1984, To Kill a Mockingbird and Catcher in the Rye.

Imagine being a high school student at Ramstein who must now learn Chinese to read “1984” — a novel explicitly warning against totalitarian thought control — because their own American military has banned it. The devastating irony cuts deep: as Chinese hackers demonstrate the ability to crash U.S. military vessels at will, America’s defense establishment busies itself with purging literature that could help the next generation recognize and resist exactly this kind of authoritarian manipulation. This isn’t just censorship; it’s strategic self-sabotage.

It’s not an exaggeration to say the Department of Defense now operates under a headless-chicken leadership lurching from crisis to crisis, attacking its own students, troops, and veterans while simultaneously alienating allies in Mexico, Canada, Europe, and Ukraine. This self-sabotaging chaos has created the perfect opportunity for China to demonstrate its capability of neutralizing all U.S. naval power projection through precisely targeted asymmetric information warfare.

The question looms: who would even stand up for an erratic, unreliable “crazy chicken” America against these attacks on global shipping safety? Allied deterrence has evaporated. And what of nuclear deterrence? Can it possibly remain credible when delivery systems—planes, ships, and missiles—can’t navigate, can’t target, and remain vulnerable to debilitating supply-chain attacks from multiple vectors, including from within our own harbors and airports? We’ve entered an era where America’s military supremacy faces checkmate not by direct confrontation, but simply by corrupting integrity of our vulnerable information systems.

Hackers have announced a new security paradigm of devastating integrity breaches: every commercial vessel can potentially become a guided weapon against essential military targets. This multiplies the challenge for naval protection exponentially, perfectly aligned with the Chinese People’s Liberation Army “systems destruction warfare” doctrine that targets critical node vulnerabilities of support systems rather than direct engagement.

The obvious question is whether an utterly distracted President Musk can recognize and respond to this long-time emerging modern technology threat that he himself can be blamed for facilitating. At least 54 people have been killed in by his lack of integrity control in Tesla Autopilot navigation systems (that I’ve warned about since 2016), far more than even domestic terrorism.

What these two maritime incidents expose to the trained eye isn’t just a technical vulnerability—it’s the Tesla effect of strategic blindness in American “business knows best” cultism. We’ve built a military doctrine on overwhelming force projection while neglecting its fragile information architecture hidden behind a Potemkin village of technological showmanship. China isn’t demonstrating anything new to security professionals—they’re simply exploiting what we’ve known for years: integrity matters most in the navigation systems that direct every vessel, every mission, every supply line.

This is the inevitable culmination of a decade prioritizing dazzling “driverless” fantasies over fundamental safety protocols. The tragic irony: as America’s military leadership scrambles to purge words like “diversity” and “inclusion” from its vocabulary, they’re effectively dousing themselves in jet fuel while China stands ready with matches.

The writing has been on the wall for years. I’ve been pointing to it since 2016. But reading requires critical thinking—something increasingly difficult to cultivate when the DoD is literally removing books that teach it from military school shelves.

History, Security

SpaceX is the Chain Smoking of Space, the Martian Man of Lung Cancer

Leave a comment

In recent coverage of SpaceX’s string of failures, we’re seeing a pattern in space journalism that prioritizes harmful launch frequency over safety and environmental concerns. Much like tobacco companies always touted product launch figures while downplaying cancer risks, today’s space coverage celebrates catastrophic cadence while minimizing the increasingly awful consequences of an unsustainable approach to orbital privatization.

A recent glowy showy Ars Technica article exemplifies this problem, framing SpaceX’s horrible ongoing technical failures as mere “bumps” while emphasizing random market numbers as the only concern. Consider this excerpt:

For all of the problems described earlier, the company’s only operational payload loss was its own Starlink satellites in July 2024 due to a second stage issue. Before that, SpaceX had not lost a payload with the Falcon 9 in nearly a decade. So SpaceX has been delivering for its customers in a big way.

SpaceX has achieved a launch cadence with the Falcon 9 rocket that’s unmatched by any previous rocket—or even nation—in history. If the SPHEREx mission launches tonight, as anticipated, it would be the company’s 27th mission of this year. The rest of the world combined, including China and its growing space activity, will have a total of 19 orbital launch attempts.

This framing applies a 1930s industrial mindset to what is fundamentally a 21st-century environmental crisis in the making.

Yes, I said 1930s. Factory workers turned into slaves pushed beyond safety limits would surely improve market dominance, don’t you think? I mean workplace fatalities would just be a “bump”, a literal human being literally run over to keep launch rates up despite hidden costs, so therefore…

The journalist celebrates SpaceX for “flying circles around its competition” while only briefly acknowledging that means debris from their failures has crashed into Poland, created “fiery debris trails over the Bahamas,” and forced air traffic controllers to divert “dozens of commercial airline flights.”

More like flying in circles because it can’t fly straight. SpaceX is really smoking now! 9 out of 10 doctors say circles make you more popular with the ladies. And so forth.

Cigarettes as Space Marketing

SpaceX consistently failed to deliver on its most known, most high-profile promises. Mars missions originally slated for 2018 remain a failure every year for seven years now. This, despite public rocket programs successfully landing on Mars since 1976. For some reason certain 1930s-sounding space media continues to normalize horrible setbacks and long-term failures while celebrating instead a rapid “chain-smoking” instant gratitication approach to launches.

What’s clearly missing from coverage?

  1. Atmospheric Impact: Recent research indicates that high-frequency launches are damaging Earth’s atmosphere in ways we’re only beginning to understand.
  2. Accelerating Debris Crisis: Starlink satellites are reportedly deteriorating faster than planned, creating a vicious cycle of more launches and more potential debris.
  3. Resource Sustainability**: The current model of disposable satellites and rapid replacement represents a fundamentally unsustainable approach to space utilization.
  4. Safety Concerns: Debris falling on populated areas shouldn’t be treated as an acceptable cost of doing business.

Beyond Marlboro Man Propaganda

SpaceX, led by a suburban South African who likes to cosplay as an American cowboy, positioned itself as the Marlboro Man of space. Projecting an image of lawless frontier expansion however didn’t escape reality, which involves significant risks to our shared environmental resources. Their high-profile objectives (Mars, lunar landings) remain embarrassingly unfulfilled, while their day-to-day operations clearly cause cumulative, long-term damage.

Indeed, the Marlboro Man died a horrible painful slow death, the price apparently of promoting lung cancer.

Lawson isn’t the only former face of Marlboro to die from smoking-related diseases. Wayne McLaren, who appeared in Marlboro print ads, died of lung cancer in 1992, and David McLean, who appeared in print and television spots, died of lung cancer in 1995.

The danger in current space journalism is that it inadvertently normalizes this model, treating harmful launch frequency as the only real metric of success much like cigarette companies once celebrated market share without questioning the actual evidence of impacts. Cancer was known to be the smoking problem by the 1950s, and yet at least 16 million Americans died from it after that point.

Ronald Reagan was heavily involved in cigarette launches long after cancer harms were known, leading to millions of Americans killed before message integrity could be restored.

We need a new framework for evaluating progress in space that considers not just the quantity of launches but their safety record and list of harms. Otherwise, we risk applying ancient, self-defeating, industrial-era thinking to a problem that requires a much more sophisticated understanding of our relationship with orbital space and our atmosphere.

The Manhattan Project arguably killed more Americans due to radiation effects than the resulting bombs killed Japanese. That’s no way to run a war. And we know conclusively the Japanese didn’t even register the two bombs as impactful, relative to the previous months of conventional weapons. But that’s real history, as opposed to the 1930s-era industrial marketing and propaganda of faster, bigger, more!

When journalists celebrate SpaceX “launching 150 times a year and building two second stages a week” without adequately questioning the sanity of a chain smoking addiction model for lighting up another rocket, they become part of the problem – enablers of a potentially disastrous relationship with our orbital future that generations will mourn.

Looking back at tobacco coverage, historians and public health experts now criticize the “balanced” journalism that gave equal weight to industry product launch claims and health concerns for decades while real harm was done.

The “both sides” approach to tobacco reporting is now seen as a tragic mistake that delayed public understanding and regulatory action, potentially costing millions of lives.

When discussing potential large-scale environmental damage of SpaceX, the appearance of neutrality can itself become a form of bias; one that typically favors established commercial interests over longer-term far more valuable public goods.

Security

Four More Tesla Cybertrucks Suddenly Burn Up

Leave a comment

Tesla has a long history of their Swasticars suddenly igniting in storage lots, and junkyards, draining fire emergency response time and materials without compensation.

What a waste of government services.

Remember the December 31 case in Georgia? I suspect not many people do. Or remember 2023 how Tesla dealers couldn’t deal with their fires?

Florida had a big one just last year, as did Massachusetts. A giant $300K damage one in California was interesting, particularly because Tesla said they couldn’t figure out the causes. Korea reported one too. And now we have another dealer on fire, confirming Tesla really doesn’t know what it’s doing.

Now reports from Seattle say a set of four Cybertrucks just burned up, as one might expect, highlighting how incredibly fragile and unsafe the Swasticars still are.

Police allegedly say they aren’t sure yet what the evidence means…

Source: KomoNews

That’s a real drone view of the fire. Really. It’s like there’s some kind of sign…

Wait, police? Police are being pulled into dealer product safety failures as well as fire departments?

Why not a visit from the Mayor, while you’re at it?

Cleaning up thousands of Tesla safety failures might be the biggest taxpayer waste in history. I mean, authorities could have been investigating Tesla management for years already, due to the huge number of fires they caused. This case surely just adds fuel to the long-standing problem of Tesla vehicles in storage suddenly being destroyed by fire.

Poetry, Security

an integrous day

1 Comment

i got asked to send a new bio somewhere, so i quipped up something quick: 

three decades spent wondering is it rain falling on a window... pain, am i crying in quiet contemplation of the gates of vulnerability, or rather watching patterns emerge like unix shells crawling on a silicon beach under stormy clouds. i navigate the bicycle of balance between privacy and transparency, confidentiality and integrity, where ethical questions linger like a coal fog over the polluted thames. whispers preferred to shouts, in subtle architecture of security unseen yet ever-present. in a digital twilight i search for fragments of wisdom to reassemble into frameworks that protect what remains sacred in our increasingly integrous-depleted world.

-- flyingpenguin
      __
    .' o)=--
   /.-.'
  //  |\
  ||  |'
_,:(_ /_