Too often the news focuses on the attacks that succeed and not enough on those that fail. We should balance. There are several lessons to be learned from the most recent al Shabab suicide bomb attacks that failed in Somalia.
Let me back up a step first. This isn’t exactly history, but I find it hard to believe half a decade has passed since I was warning about social fitness networks in the cloud, such as Strava.
They immediately seemed to me a dangerous surveillance system with serious confidentiality risks.
— davi (((đ§))) ćŸ·æ”· (@daviottenheimer) May 4, 2014
To be fair, given closed networks with data ownership and the person generating given reasonable boundaries, I also made a point how heatmaps could be safely used like any performance monitoring tools.
— davi (((đ§))) ćŸ·æ”· (@daviottenheimer) June 22, 2014
However, we’ve been talking about the realities of securing big data for nearly a decade here, which tends to mean at public services scale where confidentiality is not well protected let alone understood.
On that level I was warning directly about cloud services being in a position to destroy privacy for thirsty valuation-focused executives who were giving little to no thought about the consequences to the entire information market when trust collapses.
Please excuse the snark here, but my point was we fast were approaching total information awareness. I was giving a lot of talks about the risks at this point with maps like these:
All of this is background to the fact that Strava was instrumental in leaking Joint Special Operations Command (JSOC) presence. JSOC likely was unintentionally giving away their secrets so that Strava could generate heatmaps of people jogging around a military airfield in Baledogle, Somalia used for drones (also by 2015 it was disclosed by FP).
Somali government and AMISOM sources confirmed the existence of a second clandestine American cell in Baledogle, the site of an abandoned Cold War-era Air Force base in Somaliaâs sun-blasted Lower Shabelle region. These sources estimated that between 30 and 40 U.S. personnel are stationed there, also carrying out counterterrorism operations that include operating drones.
Unlike parsing heart rate and body temp to pinpoint someone in San Francisco, however, Americans running in Somalia kind of stood out the minute their Strava data uploaded.
See what I mean?
Again to be fair, I was doing some of this publicly in 2014 to other countries as well:
this is fun. finding a lot more geotags for tweets in north korea than cars on the road pic.twitter.com/24h9mEzW8v
Why is this so significant in today’s news? Reuters is quoting sources who give credit to failed suicide attack planners for having good intelligence about American movements on that base.
The attack showed al Shabaab maintains a good intelligence network and can mount complex operations, said Hussein Sheikh-Ali, a former national security adviser and founder of the Mogadishu-based security think-tank the Hiraal Institute.
The attack hit a part of the base that houses U.S. special forces, who supervise Somali forces on operations, he said.
âIt implies they have a high intelligence and a degree of capability just to get close to that place,â he told Reuters.
I’m not going to argue against the source, just qualify that good intelligence network might in fact mean someone has a browser and Internet connection to monitor US soldier Strava data that is not being protected by the service provider or that service provider’s service providers.
The point remains that the attack failed completely. Not only did the dual suicide bombers cause zero casualties — blowing up selves at outer perimeter defense system — their entire terror team of 10 was killed.
Somali state news agency SONNA reported that all the militants who took part in the assault had been killed.
âIn response to this attack and in self-defense, U.S. Africa Command conducted two airstrikes and used small arms fire targeting al Shabaab terrorists,â a U.S. military statement said.
Some secrets still are safe for that perimeter to have worked.
Interesting also is the qualification of self-defense in this event. It suggests the attackers were pursued outside the defense perimeter to be engaged and eliminated. That’s not yet been reported, it’s just a guess based on the qualified statement.
If you think my warnings in 2014 were accurate, even foreshadowing, I mention the defense perimeter angle here because of its relationship with recent domestic “hunt” legislation that in a very remote sense (pun not intended) could be abused to authorize drone strikes as self-defense almost anywhere.
AIMED AT PROTECTING UPSTATE NEW YORK SCHOOLS FROM MALICIOUS RANSOMWARE.
The SB315 list of authorized tasks for a DHS hunt and response team is as follows:
â(A) assistance to asset owners and operators in restoring services following a cyber incident;
â(B) identification and analysis of cybersecurity risk and unauthorized cyber activity;
â(C) mitigation strategies to prevent, deter, and protect against cybersecurity risks;
â(D) recommendations to asset owners and operators for improving overall network and control systems security to lower cybersecurity risks, and other recommendations, as appropriate; and
â(E) such other capabilities as the Secretary determines appropriate.
Call me pedantic but using the word hunt in the title (as in kill, typically in reference to the 2011 Lockheed Martin militaristic model for response) seems a bit over the top.
…special operations forces have honed their ability to conduct manhunts, adopting a new targeting system known as “find, fix, finish, exploit, analyze, and disseminate.” They have adopted a flatter organizational structure and collaborated more closely with intelligence agencies, allowing special operations to move at “the speed of war”…
The hunt model was lauded as a form of authorization, streamlining towards smaller secretive teams trusted with quick and lethal capabilities “over the fence” as Harvard lawyers infamously had envisioned decades ago.
And thus the information security industry naturally became susceptible to this military mindset, adopting hunt language not least of all because USAF veterans were landing jobs in civilian security firms and bringing a killer vocabulary along.
As ominous as the militant “kill” steps sound to unleash upon an upstate New York school, in computer software terms they remain basically incident response activities. Probably they could have fit easily under a public-private Computer Emergency Readiness Team (CERT) expansion without invoking “hunt” authorization.
It does seem possible “E” leaves the door open for much broader remit including active defense and hack back for hunt teams to go after attackers, though, at “the speed of” cyberwar.
Another Echo company (Army 160th) already has kind of established that reputation.
So maybe I’m underestimating what is going to be done by DHS here, and hunt will become an operative word for kill chains even inside schools where kids are meant to be learning and experimenting.
One of the lesser known stories in the American mobile technology space is Sailfish OS by Jolla. For whatever reason it never seems to get any press, unless you count this sideways glance in ZDnet
I have seen all too many failed attempts to compete with Android and iOS. But I’m impressed by Duval’s privacy-first approach, which builds on the existing successful Android platform. Instead of trying to replace it, he’s making the best of it. I think with privacy being more of a concern for users and hardware vendors looking for Google-free operating systems, /e/ may be successful where so many others have failed.
Ok, first of all to be fair, I am assuming these non-specific phrases include Sailfish OS. It is a Linux-based OS (i.e. Meego derivation, following N9 Linux-based phones from 2011) that successfully replaced Android in 2013 and ran an emulation engine for Android. Does the author believe it failed?
Despite being in America I’ve used it since basically v1.0.1 (called an “Android love fest” by TheReg) on dedicated Jolla hardware as well as Sony phones and it’s great! One of the amazing things about the Android emulation was how it allowed app stores to be multi-master.
It wasn’t as slick as the Nokia firmware-based regional packages that came before it, but Jolla allowed users to choose apps from stores completely disconnected from Google, never touching American soil for that matter.
Second, there’s some kind of weird thing going on at Google where in 2017 their HTC-based phone was codename Sailfish. This new /e/ OS lists Sailfish as one of the phones it will run on already. Perhaps you could call this some kind of coincidence but it’s hard to believe it is random since…
Third, in 2016 the Russian government announced Sailfish was their preferred platform. At that time the name only referred to one thing:
…after a thorough review of several open source based options, the Ministry publicly expressed support for Sailfish OS, which was chosen as the platform for further development.
Trumpin tullimullistus: Androidista tuli pelinappula… âKohta mennÀÀn kuilun reunan jĂ€lkeen lujaa alasâ (Trump customs shock: Android became a pawn… “Soon we’ll go down the edge of the abyss”)
And fourth, if success is based on users making privacy a concern, then surely Sailfish (the non-Google one) should already have registered as a win. And that’s not even to mention that it was Linux from the start.
In other words, I appreciate that there’s another Android Appstore non-Android phone with privacy in mind, being developed by the Mandrake founder. More options sounds great to me! Although his sense of history does worry me.
âThe 80s have been the most exciting period in computing so far, in my opinion,â he said. âWell, I canât talk about the 60s and 70s period.â
However, at this point I’d like to see a simple comparison table with Sailfish: Ideas stolen by Google? Endorsed by Russian government? Runs on OEM hardware that Google resells?
Finally, the article on /e/ also mentioned how it would run on Samsung devices. If that’s a goal, I figured I should pull out this history chart showing the development of Samsung’s non-Android OS that their mobile devices can run already: