Motley Moose – Archive

In April of this year three researchers at the University of Tulsa – Mason Rice, Robert Miller1 and Sujeet Shenoi- published a paper in the International Journal of Critical Infrastructure Protection entitled: “May the US government monitor private critical infrastructure assets to combat foreign cyberspace threats?”

The paper was brought up yesterday on the SCADASEC mailing list and some intelligent commentary has ensued. While the paper is primarily a treatise on the legal aspects of the title topic, it intrinsically and often explicitly touches on several foundational issues associated with the “how?” of securing critical infrastructure on a national scale.

Crossposted from Infosec Island

Ducks will next fly out of my hindquarters:

Iranian President Mahmoud Ahmadinejad says Syrian President Bashar al-Assad should back away from his violent crackdown on protesters and enter talks with the opposition.

“There should be talks” between the Syrian government and its opponents, Ahmadinejad said Wednesday in a live interview with Portuguese broadcaster Radiotelevisao Portuguesa.

“A military solution is never the right solution,” Ahmadinejad said, according to a simultaneous Portuguese translation of his comments.

“Problems have to be dealt with through dialogue,” he said.

Iran, Damascus’ chief ally, has blamed the US and Israel for instigating more than five months of protests in Syria.

The U.S. and other nations have accused Iran of helping Assad crush the uprising. – Associated Press

So, Mooses, what do you think? Is I’mADinnerjacket reaching for the Ghandi Award or just being his usual irrational self?

Consider this a Skeptically Open Thread

And they’re off!

It’s on.

Live broadcast here

With such a lofty title I fear the text below will not fulfill the promise. The thoughts expressed in the comments will hopefully help us elevate this diary to that level.

Below the fold is a comment I wrote that has me thinking that it is a timely topic for Moosetemplation this week. Let my words here be more of a first volley in a longer exhortation or exhibition, then, of the complex views and moods we have about our place in the world these last ten years.

As incomplete as it may be, I stand by the shape of the comment below as a starting point for my part in this discourse. The past ten years have seen the blunt violence of America as well as its opposite. The Yin and Yang of America has been played out for all to see. All in all, it seems to me, a more honest demonstration of who we are would be hard to imagine than the range of behavior we have engaged in since we were jarred out of complacency over five hundred Tuesdays ago.

But there is enough from me below about that. What do you think, Mooses, as you look forward ten days and backward ten years?

Libya is taking the first faltering steps towards living what most of us will consider a normal life. Beyond getting the basic essentials of life working again they have to figure out how to live in a daily world most of them have never experienced.

[Update 3: 4:40am ET] Watch for flying taxis:

The National Weather Service has briefly issued a tornado warning for Brooklyn and Queens in New York City as Hurricane Irene heads for the city.

The agency said radar had spotted rotating clouds in a severe thunderstorm approaching the area before 4 a.m. Sunday. The agency says the warning expired at 4:15 a.m. Sunday with a report of a toppled tree in the area but no immediate confirmation of any tornadoes.

A tornado watch remains in effect until 5 a.m. Sunday for New York City, Long Island and southern Connecticut. A tornado watch means conditions are favorable for tornadoes to form.

[Update 1: 1:45am Eastern] Our own DTOzone has this from NYC:

I don’t know if anyone else is in NYC right now

but this is fucking nuts. I’ve never seen anything like this.

[Update 2: 2:45am Eastern] Jerusalem Post has updates within the last hour on both DTO’s NYC and Our Kysen’s Virginia Beach:

BATTERY PARK, NEW YORK – Lower Manhattan was almost entirely devoid of people early Sunday morning as the much-anticipated Hurricane Irene battered the city from the south.

Violent winds and heavy rain swept through the empty streets of the Financial District which had been evacuated by order of New York Mayor Michael Bloomberg together with other low-lying parts of the city because of the risk of flooding.

Rabbi Israel Zoberman of Congregation Beth Chaverim in Virginia Beach was at home on Saturday afternoon bracing for the arrival of the category 1 storm projected to pass within a few dozen miles of the city.

“I must tell you the sense of hopelessness you have is an amazing feeling,” he said over the phone from the coastal town. “If you are on the oceanfront or other parts of the city you cannot walk. The wind will knock you down. The boardwalk is in danger from the waters of the ocean that have penetrated quite far out.”

The Reform rabbi said members of the Virginia Beach’s Jewish community were safe indoors and that so far there little damage had been wrought by the storm.

“We’ve had some floods in the area and we lost power early in the day for a short time but there are a lot of people without power in the state,” Zoberman said.

[Update 5: 0830 GMT Aug 23]

In the quietest hours of the night Saif Gaddafi was surprisingly found touring the streets street of Tripoli between his father’s bunker and the hotel next door in the company of foreign human shields journalists.

“Everything is excellent.”

Perhaps he needs a map of his country:

Open Evolving Thread, editors feel free to update.  

Warren Buffet knows a thing or two about how rich people behave. Some could accuse him of being a Democrat (for shame!) but nobody can deny that he knows as much about being a billionaire than anyone else alive.

Today, Mr. Buffet has this to say about Taxes and the US Economic Condition. Let’s hear what he has on his mind.

By WARREN E. BUFFETT

Omaha

OUR leaders have asked for “shared sacrifice.” But when they did the asking, they spared me. I checked with my mega-rich friends to learn what pain they were expecting. They, too, were left untouched.

While the poor and middle class fight for us in Afghanistan, and while most Americans struggle to make ends meet, we mega-rich continue to get our extraordinary tax breaks. Some of us are investment managers who earn billions from our daily labors but are allowed to classify our income as “carried interest,” thereby getting a bargain 15 percent tax rate. Others own stock index futures for 10 minutes and have 60 percent of their gain taxed at 15 percent, as if they’d been long-term investors.

These and other blessings are showered upon us by legislators in Washington who feel compelled to protect us, much as if we were spotted owls or some other endangered species. It’s nice to have friends in high places.

Last year my federal tax bill – the income tax I paid, as well as payroll taxes paid by me and on my behalf – was $6,938,744. That sounds like a lot of money. But what I paid was only 17.4 percent of my taxable income – and that’s actually a lower percentage than was paid by any of the other 20 people in our office. Their tax burdens ranged from 33 percent to 41 percent and averaged 36 percent.

If you make money with money, as some of my super-rich friends do, your percentage may be a bit lower than mine. But if you earn money from a job, your percentage will surely exceed mine – most likely by a lot.

This past week was the National Electric Sector Cybersecurity Organization Resource (NESCOR) Summit in Washington, DC. It was a useful and productive session and seemed to achieve the goals laid out.

Erfan Ibrahim from EPRI set the stage, we broke into working groups to dig deeper into three major subtopics and then came back to one room to tie it all together.

My favorite part was an impromptu panel with Justin Searle of InGuardians, Andrew Wright from N-Dimension and myself at the end (“would I like a stage and a microphone?” are you kidding?). Very good discourse and it was definitely informed by the work of preceding days.

The working groups are continuing and evolving to identify and dig into issues, outputting tangible deliverables to assist DoE and other organizations’ decision making.

In May my colleague Guillermo Grande attended an ISA event in Madrid where CNPIC is following a similar path of engaging pertinent parties, setting up working groups and grinding through the problem of industrial control system security.

Watching the various engines of civil society warm up and set to addressing the daunting task of critical infrastructure cybersecurity is very interesting, like an episode of Build it Bigger. Some would say it is also very depressing or even very frightening.

I would disagree with those folks.

(crossposted from Infosec Island)

This April I met an energetic young man named Dillon Beresford. He told me that he had gotten some SCADA gear and setup a lab in his apartment and discovered a raft of vulnerabilities that he would be presenting shortly at TakeDownCon.

The most interesting aspect of the meeting was that it was essentially entirely random – I wasn’t anyplace I would have expected to meet the next rock star of industrial security.

Crossposted from InfoSec Island