Friday, February 22, 2013

Friday Mad Science: The PRC’s Asymmetric Response

“The supreme art of war is to subdue the enemy without fighting.”
 --Sun Tzu, from The Art of War
I don’t usually like to quote Sun Tzu because he’s one of those authors whose work is quoted out of context a lot by folks who really don’t understand what it is that he’s trying to say.  But how to else to start this week, the week we learned in the open press that the People’s Liberation Army (PLA) has been behind a majority of the overseas hacking that’s hit American companies and governmental agencies since 2006!

This statue of Sun Tzu is
apparently located in Japan.
Picture courtesy of Wikimedia
It’s like they were reading the blog.  Last week, we discussed missile defense and the potential demise of Mutually Assured Destruction (MAD) between the U.S. and China, noting in passing that if America is able to shoot down Chinese missiles, the U.S. Army will no longer have to take the PLA seriously.  And this week the PLA counter-punches with what I can only call an extremely asymmetric response by revealing that they’ve been trying to breach not only our strongholds of corporate technical knowledge but also our bulk power system’s SCADA[1] control nodes.
Now maybe you’re reading this and scratching your head.  You’re thinking, “Okay.  So they can cause a blackout, maybe even a widespread blackout.  And that’s bad and all, but is it really a response to the threat of nuclear weapons?”  
On its face, the answer is obviously a resounding “No.”  Were domestic utilities unable to regain control of their systems and restart, then that would obviously be bad, and indeed, if there’s an uncontrolled shutdown that occurs in a way that causes widespread damage, that’s perhaps really bad, but as much as that might disrupt society and cause tons of property damage, I wouldn’t necessarily call it a response to the threat of nuclear annihilation.  However,  consider this: SCADA systems also control things like cooling water pumps in nuclear reactors, and under the right circumstances it is perhaps possible--although probably not likely--that a remote attack could trigger a meltdown similar to the one that happened in Fukushima.  Which is to say that nuclear reactors need a steady stream of cooling water, so if you can disrupt that stream, the reactors will get hot, and eventually bad things will happen.  Now, I would personally expect that having people physically on the premises would enable someone to manually prevent exactly that disaster from occuring with good old fashioned offline generators, pumps, and valves, but it’s still a nightmare scenario--and a reasonably effective hedge in the long term game of nuclear deterrence.  
The thing about electronic security that makes this threat such an effective deterrent is that you can never be sure that your system is fully secure.  You can take steps, trace the intrusions, launch counter-intrusions, and even take physical countermeasures, but the bottom line is that there is never any way to be totally sure that your system hasn’t been compromised.  So for as much as I personally think that the actual execution of a massive electronic attack against the power grid would be extremely difficult to pull of successfully, the fact is that I don’t know that, and I certainly can’t prove it, and the threat of an attack is all that’s required in order to create deterrence.
Wearable technology is all the rage right now.  I remember when I was at the Academy, and folks were first theorizing about this and about how various kinds of smart systems would “soon” be woven into our Battle Dress Uniforms (BDUs).  I’ve no idea how that research is going, but in the real world it seems that the future is now.  American companies are actively trying to figure out how to develop wearable smart technology in a way that consumers will find both useful and irresistible.  
There is a divergence of approaches, however.  Google is developing a set of online glasses with a camera, speakers, and a prototype heads-up display (HUD) while Apple apparently wants to sell you a kind of smart-watch that works like a slap-band for your wrist.  Speaking personally, I can’t yet imagine why anyone would want either product when you can already carry a small super-connected supercomputer around in your pocket at a lower price point, but it seems clear that these things are coming, and I have no doubt that they’re going to sell.  
Eh.  Maybe I could use the glasses to blog while I ride?  
Kinda sounds like that would be a recipe for disaster.
In any event, Google has retained start-up designer Warby-Parker to style their Google Glass project into something folks might actually find fashionable.  Supposedly the latest versions of the project even showed up at this year’s Fashion Week, but if so, I don’t remember them making much of a splash.
The Pixel is Google's answer to
Microsoft's Surface
Word also leaked this week that Google is working on a new Chome OS touchscreen laptop that will compete in the same space as the Lenovo Yoga 13 and the the Microsoft Surface.  What’s weird about that is that Google already has a successful tablet architecture out there in the Android platform, so with the launch of this new system, the company will be competing with itself, at least at some level.  Granted, the Yoga 13 and the Surface are very different versions of the tablet concept than, say, the Nexus 7, but it’s still kind of surprising move.
Speaking personally, I find it a little strange, too.  Strange first because I think Google has been successful with the strategy of separating the notebook and the tablet into different devices, each of which has an affordable price point and a slightly different space in an already a crowded market.  And also strange because I have both an Android tablet and a Google Chromebook, and while I like the Chromebook fine as a low-powered working andcommuting computer, the fact is that the tablet--and the Android OS in general--is far more versatile.  If you’re not online--and I’m not when I’m on the train, which is where I do most of my writing--the Chromebook won’t do much for you besides process words.  The whole thing is built around the idea that you don’t need to install any software on the machine permanently because everything you need is available via online applications.  And that works fine when you’re online, but when you’re not, you’re pretty much left with just the installed parts of Drive that are available offline, and that’s not a lot.  Of course, the upside to that is that malware can’t install onto your computer because nothing can install onto your computer, and I kinda like that in this age of invincible Chinese hackers.  But still...  
It’s not like you’re gonna play games on a Chromebook or do any really heavy computing.  You can’t, for example, run a load flow or install World of Warcraft.  And even if you could, the software support just isn’t out there yet.  Maybe that’ll change, but for now, the price point on these machines is low because, really, they’re low-end machines.  That is not a criticism; it’s a statement of market space.  Chromebooks are ideal for bloggers and other social media fanatics and for anyone whose company has made the jump to the Drive office tools.  And that’s fine.  But if you want to install software and/or play games, and you’d rather not get a Windows machine, right now your choices are Apple or Android, and Android is cheaper.  And really, that’s not gonna change unless the Chrome OS changes substantially, in which case I think Google’s corporate partners in the Android OS are gonna have a legitimate beef with the company.
With all of that said, I have no idea why Google doesn’t simply develop its tablet hybrid concept with Android.  Android OS works fine, and it’ll do everything you want it to, and the online marketplace could frankly use the infusion of new apps that a super-high end tablet hybrid might bring.
Finally, it looks like this Sequester thing is really gonna happen.  And there are a lot of doom-and-gloom folks out there predicting the end of the world, but I gotta say that I personally feel like this spending sequestration is at least a start in tackling this nation’s spending problems.  It’s unfortunate that the cuts are coming in such a random, scattershot kind of way, but the fact is that this thing is practically the only way you can get the Republican Party to sign off on Defense cuts and the Democratic Party to sign off on Entitlement cuts, and just that right there is almost worth the pain that the thing itself is gonna cause.  
Now perhaps these guys will renegotiate later, and that’s okay--but not as good as renegotiating now would be, of course--but even so, the fact is that we are living way beyond our means.  And as we begin to pull back from that, well, someone has got to feel it.  Right now, we’re all kind of sitting there playing musical chairs and hoping not to be the last person standing when the music stops.  But we can’t keep paying for everything and not raising taxes, it’s just not workable; ask the Europeans.  So we’ve got to have some pain, and now it’s coming.  The best we can hope for is that it will be relatively evenly distributed, in which case I suppose everyone will be pissed.
It is what it is.  I’m not saying it’s good, but I still feel like it’s progress.
And that’s about all I got.  It was nice to have a couple of days off this week, but it was cold when I got back to the office, to the point where yesterday was a truly miserable bike commuting experience.  But now it’s Friday, and tomorrow’s the weekend, and I’m happy.  And while I wouldn’t call this morning’s ride into the office pleasant, it was at least almost 30-degrees outside, and there was only a little bit of wind.  Considering where we were yesterday, I’ll take it.  
Have a good weekend!

[1] SCADA: Supervisory Control and Data Acquisition.

No comments:

Post a Comment