I cannot agree more with the author’s point of view. As an illustration, many people want to use GPS for the safe positioning of trains in the European Train Control Systems. This makes the space sector happy because it justifies the expenditures incurred for putting things like Galileo in orbit. However, in a pre-war check exercise, one immediately come to the conclusion that all European trains would crawl to a stop in case the GPS is jammed or interfered with. We were not very listened to… until Ukraine.
Critical infrastructures should not depend from things that are located in space or on the other side of the planet. These are one of those things were market logic should be anticipated with regulations (we can’t wait for the next Titanic). Another point touched by the article.
Railroads can now outsource train control.
Wabtec's "Wabtec Cloud Positive Train Control Communication Solution" - "A complete turnkey hosted office solution for I-ETMS-based Positive Train Control (PTC) systems"[1] (Wabtec used to be Westinghouse Air Brake.)
Wabtec has had break-ins, but claims they only involved employee info, not control systems.[2]
Lol is this basically a train SaaS solution? Whats wild to me is that SaaS products aren’t actually required to issue CVEs since customers aren’t the ones responsible for patching.
This may be the first time I had that "well, that's enough Internet today ..." reactions on HN from a cybersecurity/cyber-physical protection perspective, and not something gross on Reddit.
The entire Ascension Healthcare system of hospitals (142 hospitals, 2600 total facilities) in on divert since 8 May because they had to switch back to paper records. Change Healthcare has lost $872M since it was attacked in February.
Maybe it's more like the pandemic: seems like nothing, unless it affects you.
#2 > Does your stuff need computers working 5,000 kilometers away? [implying that's bad]
What if you live on the Gulf Coast, exposed to hurricanes? You want compute resources warm and ready far away from that region. After Katrina, the Tulane medical school was able to re-form quickly because the noteservice was running a bulletin board forum on a VM in Romania. Everything else was underwater.
#3 > This is the sound-powered phone
Have you used a sound-powered phone? I managed damage control in a ship. Sound powered phones barely works. And the coordination system to actually fight that fire requires radios and making overhead announcements that definitely depend on electrical power.
#4 > They tried to sort of renew this emergency telephone network
When the entire San Diego region lost power during rush hour for 4 hours in 2011, the cell phone system still worked. I was able to email documents to Tokyo from a car despite no traffic lights.
#5 > Because if the cable to the US is down
Sure, but there are a lot of disasters where the cables are fine. Graceful degradation is all about having widely distributed options. Lots of people have What. Signal is even better for people with more serious responsibilities, IMHO. And, friends, if you think IP networks are vulnerable, get yourself a starlink terminal and a HAM radio license.
> but there are a lot of disasters where the cables are fine
We are talking about war-like situations, and where one state actor has incentive to cause maximum harm to another. Exposing your infrastructure like this is unlike damage that can come from natural disaster. For example, disrupting the communications exactly before the attack. Similar issues (though through lower tech hacking) happened in 7th of October during the Hamas attack in Israel, where the over-reliance on advanced, complicated technology became a liability.
The stuff you describe make sense in normal, peaceful situations, where the cost of securing certain infrastructure can be higher than the cost of a power cut once. That has nothing to do with what the article really says, which is basically that infrastructure is currently not as secure from a potential hostile state attack. Also, in that case, a hostile state actor can combine attacks that together cause more damage than the sum of the attacks independently.
There was a massive DDoS in Israel on 10/7, fake alerts of a nuclear missile launch were sent, and newspapers like the Jerusalem Post were taken down and temporarily defaced[0]
The back of my head is screaming "defense in depth! Redundant systems!"
The whole idea of the internet (and even some of our infra, like suburbs or highways/rail) is that there's no one single point of failure. Like designed-to-survive-nuclear-war redundant.
Definitely incorporate the most advanced tech you can for when things are going smoothly to get that efficency gain, but there's a reason all branches of the military (that I'm aware of) still train and test their aptitude using paper maps and trig instead of relying 100% on GPS and electronic devices.
>The whole idea of the internet (and even some of our infra, like suburbs or highways/rail) is that there's no one single point of failure. Like designed-to-survive-nuclear-war redundant.
The reality of course is that the internet has turned into a fragile, centralized system of complication that rests on single failure points like Cloudflare, AWS, and Chrome. The internet as envisioned by DARPA would have survived to be used by cockroaches, the internet today would not survive.
Thinking about this though it’s really the big tech companies manufacturing “the latest thing” to be tossed in the bin after a year. Dollars over longevity. Then they become “no longer maintained.” Could we STILL use a 3g network? Or is there a simpler, slow network that should be good enough barring our pointless desire for cat videos?
And some folks wonder why companies still use floppy disks on air-gapped infrastructure. Because it fucking works don’t litter it with complexity to modernize.
Now… the situation with skills to manage infrastructure? Now that the whole AI thing is happening? The internet is going to be fucked people. It’s time to go analog.
> The whole idea of the internet (and even some of our infra, like suburbs or highways/rail) is that there's no one single point of failure. Like designed-to-survive-nuclear-war redundant.
Sure, the routing algorithms can quickly adapt to changes in network topology, but they assume infinite bandwidth, which hasn't been the case since a long time now.
In other words, if a couple of important pipes disappear between tier1 peers, alternate routes will certainly have trouble handling all the new traffic, which would make everything grind to a halt, and will only be solved by pissed network admins null-routing that additional load.
Definitely, we've seen this in fiber cuts before. That said a degraded availability is better than no availability.
I know it's controversial in the context of net neutrality but personally I'd be okay with traffic shaping/prioritization for critical infra in cases such as this. Keep the power plants, emergency services, military, government, transit running over intsagram and netflix when things come down to it.
Does the government not maintain its own dedicated communication infrastructure between important installations? Or has it all been replaced with public connections?
"It depends." Two data points that I know of first hand:
1) There is a dedicated microwave link between Vandenberg Space Force Base and Edwards Air Force Base. Mil. owned and operated solely for their own use.
2) The US Federal government decided to build a standardized communications network for government/first responders/etc. This is FirstNet. They farmed the build-out to AT&T and gave them 20 MHz of bandwidth (Band 14) but it runs over their standard wireless infrastructure and network but FirstNet traffic gets prioritized.
It’s been a 25 years since I’ve even been remotely exposed to them, but I believe the military currently has a non-classified NIPRnet, a classified secret SIPRnet, and a network called JWICS for top secret.
I think all three are physically seperated from the commercial internet and each other but don’t quote me on it.
> When the entire San Diego region lost power during rush hour for 4 hours in 2011, the cell phone system still worked. I was able to email documents to Tokyo from a car despite no traffic lights.
Around me, cell towers have 3-5 hours of battery when utility power is out. If your outage had gone on much longer, you would likely have seen cell towers start dropping out.
Of course, my area also has some other nasty SPoFs. A couple years ago, a telco cable was severed and DSL for everyone was out and at least some of the cell towers were live, but no service. A few weeks ago, the cableco had its wires severed, and cable tv and internet was offline, and so were some cell towers. IIRC, for the telco one t-mobile worked and verizon didn't, and for the cableco t-mobile didn't work and verizon did. Not sure about at&t.
Part of this is that nobody has cared about security since the beginning, for basically anything in tech.
It’s an industry-wide issue that permeates every level of the stack. And so yeah, individual companies trying to retrofit security onto a jenga tower of technology is going to have to spend a ridiculous amount of resources to have any kind of impact.
I don’t know what the answer is, but I too believe things won’t change until the day someone figures out how to push a “kill all humans” OTA update to all the self-driving cars on some random Tuesday afternoon.
> I don’t know what the answer is, but I too believe things won’t change until the day someone figures out how to push a “kill all humans” OTA update to all the self-driving cars on some random Tuesday afternoon.
Even in that case I’m pessimistic that any action will happen. People will go on TV and say grave things, hearings will be held. Fingers will be pointed. Task Forces will kick off. Reports will be written. Bureaucrats will have stern conversations with bureaucrats. Politicians will say: we must this and we shall that. IT companies will sell their “solutions”. But no actual action will happen. It will be all talk and commerce but no actual hands unplugging and plugging in cables. We have completely lost the societal will to actually do anything besides generate words and reports.
You are describing the current world, where politicians dissolve issues. There’s a saying in Europe that no minister of defense was ever nominated. Real ministers of war, when there is war, appoint themselves into position.
When there is a real problem, people act upon it (assuming society is functional - otherwise the country simply dies). That’s why there is no better training for war than war itself. Ukraine has already unrooted all of the peace & love & no armament folklore in France, and even turned a lot of ecologists into pro-nuclear voters.
So yes, I wouldn’t be surprised if guarantees of offline mode (with regular drills) were passed into law for electric cars and everything cloudy, including IntelliJ.
> Part of this is that nobody has cared about security since the beginning, for basically anything in tech.
> It’s an industry-wide issue that permeates every level of the stack.
Can you explain? I don't understand. Here's my take.
Let's start from the bottom of the stack. CPU has some good security protections. They have ways to ensure that boot code is signed. They have hardware protection for memory. They have memory encryption to isolate VMs. They have many amazing security technologies. I can run VM inaccessible by host.
Let's move to OS. Well, there's lot of security stuff in any OS. Process isolation, namespace isolation, encrypted storage.
Next level is container orchestrator which happens to be Kubernetes these days. Again, there's lots of security stuff there. Built-in and add-ons. Everything is authenticated with cryptography. Many ways to implement very granular secret sharing. Secret stuff is encrypted in-rest.
Next level is application framework. Can't tell for every framework, but all frameworks I've seen so far was quite security-cautious. They try to safeguard known security issues (like SQL injections), they make it easy to add security layers on top, and so on.
Nobody cared about security in 1984, I guess. That's not the case anymore. Everyone cares about security. May be there's still space for improvement.
The only people who don't care about security are end-users. They don't even know what security is. They don't care about their passwords. They don't care about sharing their access. They don't care to check domain before typing password.
Also some application developers don't care much about security, that I admit. But that's not the every level of the stack. That's the last level of the stack.
Zero days capable of nuking the OS are not going to be found in random apps or malware. Anyone with that kind of ability will be using it for nation-state targeted intelligence ops, not wasting it on random individuals.
Security wasn’t really a design consideration especially in the one use one PC era. We’re still trying to secure hardware and software descended from that era.
One reason, is probably because retrofitting security is a freaking nightmare.
In my opinion, security (as well as Quality, and things like error handling, accessibility, and localization) is something that needs to be planned and implemented, from Day One.
Do a better job from the start, and the cost will drop like a stone.
I’ve found that there’s quite a few things that you can do, from the start, that make implementing security measures later, a lot easier.
Think of it as a “pegboard.” It has a bunch of holes to hook things onto. You make sure to brace it well, and use good masonite. That way, you may not know exactly what you’re going to hang on it, but you have a good infrastructure for it.
I find it additionally odd that the author calls this era pre war. Ukraine is certainly at war right now with a very potent cyber state. Their infrastructure seems to hold up ok. It’s not perfect but definitely not doomsday like described in this article.
Tbf their infra holds up because their infrastructure workers put their lives on the line every single day repairing it under horrible conditions of shelling, etc.
On my most recent trip there - I was amazed at how despite being routinely hit by missiles, their train systems “on time” status is better than British or even German trains.
This is only possible because their railway workers have balls of steel and go out to repair damage fast, and sometimes get hit in follow up strikes.
Same with energy workers - they go out and repair stuff during air alarms, in the immediate aftermath of strikes they perform damage control and mitigations.
On the hospital system part, there are actual timelines and goals to harden their systems after seeing what happened to the HSE in 2021. The issue is some parts of the chain have been slow on the uptick.
That said, paper based redundancies do exist as a massive ransomware attack is similar in impact to a multiweek power outage.
> What if you live on the Gulf Coast, exposed to hurricanes? [...] Sure, but there are a lot of disasters where the cables are fine.
You have to understand that this article was written by an European technologist worrying about a war situation. Sure, you can make a counter-point, but your counter-example is very different in many aspects: nature of the threat, jurisdictions involved, orgs involved, etc.
It has been a couple of years since I worked in the area, but back then that wasn’t the plan and would’ve been deemed impossible both for safety and for accuracy reasons. Do you maybe have a source?
> A failsafe on-board multi-sensors localisation unit consisting of a navigation core (IMU, tachometer, etc.) brought in reference using GNSS, track map and a minimal number of reference points
> to complement the existing European Train Control System (ETCS) odometry system by using GNSS to enable absolute safe train positioning whilst also transforming today’s train localisation by demonstrating a GNSS based multi-sensor fusion architecture.
Okay, so as I expected they want to add GNSS as an additional sensor input. That is useful because without it train odometry is purely relative and the train doesn't know where it is until is reads the first balise. The plan doesn't seem to be to remove all other sensors. Denial of GNSS would then mean that start-of-mission is about as tedious as it is today and odometry accuracy might be reduced. Depending on the number of balises on the track that lowers the capacity of the track a little but is far from catastrophic.
I see a balise antenna even in the „long term“ architecture diagram and don’t have the time to parse ninety pages of technical documentation. Of course I wouldn’t be surprised if they went to reduce the number of balises, but I don’t think it’s possible to go completely without.
Rails has clever systems for locating trains by detecting circuit shorted by trains' wheels, no need to replace that with GPS. Besides railroads passes valleys and tunnels, GPS won't work anyway.
The absolute last resort for trains is semaphores and mutexes based on physical tokens. Those concepts came from there, and were still used sometimes to this day. Doesn't sound high tech, but it works.
This is one of my favorite reads on HN to date. I hope more people see it. It's funny how, even as a "nerd," I often think about if we are doing the wrong thing by taking the nerdy approach to problems that could be solved more simply. It feels like we often choose the most complex or nerdiest approach to prove to ourselves and others that we can and not whether we should - which isn't to say that we shouldn't ever - just that some problems deserve the simple solution.
>Why did it happen? Non-technical people have made choices and have optimized for stuff being cheap.
Yes and amplified by:
+ Cybersecurity 'bad actors' are decentralized and distributed. They innovate at speed, with no barriers, and share their innovation. Cybersecurity 'good actors' are centralized, proprietary and bounded.
+ Software and service providers traditionally couldn't build secure networking into their products - they had to delegate it to the consumer of the software or service for the consumer to implement as a day two bolt on. Dangerous when networking is often the largest and most vulnerable surface area.
> Cybersecurity 'good actors' are centralized, proprietary and bounded.
IME the main problem is that, with rare exceptions, building secure products is seen as a distraction that is best pawned off to the cybersecurity team. And that cybersecurity team is more often than not fairly light on actual product development engineering talent. So they do what they can, which is mostly buy yet another tool from the thousands of vendors hawking The Answer, the final service you need to buy and then you'll be secure.
Which to anyone who has built secure products, should obviously sound like nonsense. Because it is nonsense. Most of these tools are mildly useful (some useless) but not that great. They're certainly not The Answer.
To build secure products you need to actually make it a tier one requirement and design it in from day one. It's as simple, and as difficult, as that.
Over a decade ago I wrote an article that included the prediction that the vulnerability of western infrastructure to cyber operations would prevent the US from intervening to support lesser allies. The rationale was the domestic costs of chaos caused by infrastructure attacks would cause hesitation to intervene in foreign wars, and this hesitation and vulnerability would embolden foreign antagonists like Russia and China to invade smaller countries.
So far, it has been wrong. Even though there have been several infrastructure incidents in recent memory that looked like Russian deterrent operations that said, "back off or this is just what we're willing to reveal," but the US still seems fully invested in the conflict in Ukraine, and it appears to be providing cover for Israel against Iran- each with no real concern about both adversaries being able to launch a US power grid shutdown. China has been bold about Taiwan, but even they have been content to just manage it instead of full political annexation, and appear to take US support for Taiwan seriously, all while China could plausibly shut off anything in the US with a semiconductor in it.
Maybe the new world order is that nation states don't need to expand sovereign territory so long as they can effectively manage the ones they need. With the exception of missile placements, why invade the cow when you can secure the milk without the headache of governing it- and this puts cyber into a more fluid dynamic than the assumptions of pre-space and network technology geopolitics.
I think what is missing from this analysis is the offensive capability of American cyber.
The way it is completely downplayed I suspect is proportional to its strength.
If there was all this chatter how we need to invest more in offensive cyber I would be worried. The way we pretend like it doesn't even exist is all you need to know.
Exactly. It's capable and has been for decades, many many years ahead of some of our counterparts.
While it doesn't mean we're fine, I would argue the depth and breadth of coverage has been strategically calculated and held to the point where there are still many contingencies foreign and domestic. I would also argue that the act of "cyber warfare" against us infrastructure would almost guarantee chaos for the attackers given the worlds reliance on us technology and assets, potentially self crippling their own capabilities.
In some ways there's a Mutually Assured Destruction perspective with cyber operations. There are levels of acceptability and most Nation States wouldn't dare cross the line. Where the real risk lies is with rogue small groups. Groups that don't require a lot of money and or time, just a few well placed exploits.
Having been in that world, at the higher echelons, I can attest that MONEY is being spent. Much more than many would know, to secure our foothold and capabilities.
I would thus agree, if we had excess chatter about needing more money for offensive cyber capabilities, I would be much more concerned.
Good thing about it is Cyber is less expensive than kinetic, and money can go much further.
As an SWE I do agree somewhat with what you say but this story is not complete. If you look at the attacks on Ukraine and the cybersecurity damage done it was fairly small in the grand scheme of things. Another important thing is that Microsoft helped them to fight back as well, so it was not a terrible investment. Was there any quantifiable risk assessment done to understand the potential damages if Russians carried out similar attacks in the Netherlands?
> As an SWE I do agree somewhat with what you say but this story is not complete. If you look at the attacks on Ukraine and the cybersecurity damage done it was fairly small in the grand scheme of things.
It's worth mentioning that the most expensive and extensive malware attack in history was caused by one of such Russian cyberattacks hitting systems which (at the time) they weren't intended to. Causing severe shipping delays and billions of dollars in damage.
Why don't we see these attacks though? I know they're worryingly practical and the West certainly has enough enemies (especially from extremist groups who don't have the same peace keeping concerns as a nation state), and yet we don't see groups just sabotaging critical infrastructure and businesses left and right. Is it really just difficulty/a lack of skill?
A reasonable guess is that some entities are storing / collecting attacks patiently waiting for one big event. Having smaller constant incidents only helps strengthen the opponent over time, thus making it harder to deploy a coordinated attack that can change history. The dutch narrative in the article is a good example of what happens whem nontechnical people make decisions over long periods of time without major incidents.
This makes sense for nation states playing war games but what about smaller actors? Terror groups seem content blowing up shopping malls and driving cars into parades (which are all things which I imagine are planned on a much shorter scale than your proposed "long game"). Why don't they go after infrastructure and businesses? Surely critical infrastructure is an interesting and attractive target for them?
there's a clue in the name I think. terror, as in deep, mortal fear. the goal of a terror group is to make as many average individuals fear for their lives as possible.
cyberattacks, even significant and disruptive ones, are abstract. it's hard to draw a line from shutting down a pipeline to an individual's sense of mortality. it's not an efficient way to get their message across.
ofc it would be a different situation if terror groups could use a cyberattack to drain the capital out of an entire bank or cause a power plant to go chernobyl.
I mean, we do and have, they just haven't yet been explicitly targeted at critical infrastructure. When they hit critical infrastructure, it has been more of an accident, that gets papered over by just paying the ransom (because it was a financially motivated attack) or the US government getting sufficiently pissed off to intervene directly state-to-state (which kinda happened with the Colonial Pipeline one in 2021).
If the attacks were targeted, were destructively motivated instead of financially motivated, there was no "kill switch", government threats ceased to work, etc... it'd be pretty bad.
I work for top tier cyber security outfit we had a sizable amount of resources allocated to helping mitigate cyber threats to Ukraine. My understanding is this is not isolated as most top tier or even smaller vendors and service providers took an active role in helping Ukraine defend against ruissian cyber attacks.
Good to see there's still some people vouching for old-school programming virtues. Among all the capital-driven centralization, scaling and complexification dominating the conversation I thought I was going crazy...
However as a fellow european, having worked for large "national/eu important companies", this article resonated a lot with me and my frustrations. Granted I don't do anything "security" related.
Everything in "it infrastructure" has been outsourced to India, at best Poland. You have competent people in eu offices that don't have the power to use their own hardware. You have to beg for weeks to barely skilled ticket masters from outsourcing companies, endless meetings.
All eu staff is relegated to feature factories or process managers. Zero ops. "It's not our core competency."
I refuse to ever again work for the large "of national security" european companies. It's soul crushing. And it is very clear nobody cares.
It hurts me everytime I read how tens of billions are allocated for whatever EU soverignity. I have been in way too many 10 managers 2 engineers teams with way too many long meetings begging teams from $indian_outsourcing_company to let me do my job.
Excellent talk. Thank you for highlighting risks, and explaining the need for robust infrastructure with clear, vivid images. Our systems need communicators like you.
There is one story I would like to clarify. The transcript says
> there were 4,000 wind turbines that could no longer be operated.
I tried to learn more about this. What I have found differs in some key details, suggesting that the turbines did stay in operation, and that the number was 5,800 turbines, not 4,000. What was lost appears to be the ability to do remote monitoring and remote control.
No questions, but as a security person, I found this to be aligned with the view of many of the people i consider to have a good pulse on the warfare side of security. You're certainly not alone in these thoughts and efforts to fix.
This is off topic, but I’m idly curious about the history of shipbuilding regulatory changes after the Titanic. Where did Brenno de Winter learn about them?
You talked a lot about how bad it is for governments to outsource stuff to Huawei and a handful of US clouds, but didn't really touch on what drive all those decisions beyond claiming it's due to non-technical leadership. It'd be great to see a somewhat deeper analysis than that in future. There are plenty of tech companies that also outsource a lot to the cloud, so it has to be more complicated than that, and there are European mini-clouds that don't get much love from European governments also.
The basic problem is fundamental: outsourcing is a very common thing you find in all walks of life, it is often the most reasonable choice due to comparative advantage. This is the reason I eventually gave up on "decentralization" as a worthwhile technical goal (after years spent working on Bitcoin). Everyone is trying to outsource everything that isn't their key competitive advantage, and that's because specialization is the heart of progress. The costs of centralization are obvious in terms of loss of resiliency, but when people aren't actually needing that resiliency for entire lifetimes it's hard to convince anyone to take the loss of progress that decentralization may appear to entail.
So what to do? As you found with your 1,600 line imgur alternative just starting over to make stuff be secure is ... hard. You wrote in C++ (not the most security conscious choice) and some of those vulnerabilities are very basic, like the one where you discover that due to a bug some users are getting empty passwords. You also sort of assume that your users will keep your app up to date, but we know they won't. So simply demanding programs be smaller isn't going to work. You'll just speedrun the history of vulnerabilities. Indeed, one reason to outsource stuff to a handful of giant providers is that they do a much better job of security overall. Yeah Microsoft may have problems with Chinese hackers, but government IT routinely has problems with greedy teenagers. So MS is still ahead of the pack.
IMO the most critical thing is really whole-systems analysis to find sources of unnecessary complexity and fix it. That won't necessarily turn the tide, but it can at least help. As a trivial example, HTTP stacks don't understand the concept of load balancing. They're still stuck in a world where every website is run by a single computer. That entails a lot of server-side complexity like dedicated LBs, maybe even DNS LB, replicated databases, health checks, drain periods etc just to avoid users seeing little dinosaurs due to normal maintenance. The complexity of this is overwhelming. When users accepted things like "This service will be offline on Sunday due to maintenance" you could get away with it but now people expect everything to be 24/7, so that complexity drives people to the cloud where it's somewhat handled for them.
Thus an obvious quick win - extend HTTP and DNS to understand IP address globbing and maybe even static route matching. If a connection to a server fails, have the stack transparently fail over to another one. Now you can scrap your server side LBs and reverse proxies but still have an HA service.
> Indeed, one reason to outsource stuff to a handful of giant providers is that they do a much better job of security overall.
Is that really true?
Shifting infrastructure to the cloud makes it cheaper, it reduces the incidence of security problems, but it magnifies the impact of security problems when they do occur.
Well, fair point. If you consider blast radius of failure then maybe it's worse off yes. But then the issue is not them doing a bad job but that too many people rely on them doing a good job,
It is the most reasonable choice when you get to disregard the long-term risks because by the time they are likely to manifest in a problem, it's no longer your concern anyway.
I don't think it's accurate to describe it as "loss of progress", either. It just makes progress more expensive. There's no reason why e.g. those support & maintenance jobs cannot be located in the same country, or at least a friendly one - it's not like there's something magical about China that makes Chinese inherently better at 5G maintenance. Nor is there any reason why the data centers cannot be run by different companies in the same country.
2. They designed the equipment that's being managed.
Those two reasons are sufficient on their own to make them inherently better at managing 5G networks. The first reason in particular is lost if you relocate the jobs to the west.
That's exactly my point. The first reason can be reformulated as, "security isn't free". The problem, of course, is that expenditures are immediate, while any mitigated attacks would be in the future. So any politician and any businessman who tries to solve it gets held accountable for the expenditures, and loses to competitors who just promise cheaper everything (and who won't even be there when SHTF as a result of those policies).
The second reason is largely the consequence of the first. There's no reason why that equipment couldn't be designed locally, either, except that costs of labor would be higher.
Tangentially I will also note that the main reason why costs of labor are lower in China is because the quality of life is so much shittier. I think it behooves us all in First World countries to consider what it really means for our societies if they truly cannot function without relying on the kind of cheap labor elsewhere that we made impossible in our own countries, largely for ethical reasons (labor rights, social welfare etc).
No, not really - however, based on this post, several people contacted me with questions like these. I asked around and got recommended https://www.amazon.co.uk/Cyber-Persistence-Theory-Redefining... for a more theoretical basis. Haven't read it yet though.
https://github.com/berthubert/trifecta/blob/main/README.md#k... has a list. The most painful one for me is that I did not know .svg files can contain javascript that gets executed in the site context if you can get someone to click on a link to your .svg file!
When I recently asked some air traffic controllers what would happen if GPS became unavailable, it was grumpy sounds all around.
I understand a scramble to vector everything to land everything would result in a very busy day for them, because suddenly most planes would be unable to safely navigate, and thus effectively grounded.
Cutting the budget for ground based navaids is nuts, in my opinion.
They do have other ways to navigate. Like land-based beacons (VORs).
Unfortunately these are being used less and less and even deprecated in favour of GPS waypoints. Even when they are still around the pilots have less experience with them because they no longer use them every day.
The good news here is that the fine folks at the FAA have spent a lot of time thinking about how to keep aviation secure in a GPS denied environment, which is their basis for the build out of the VOR MON.
> FAA have spent a lot of time thinking about how to keep aviation secure in a GPS denied environment, which is their basis for the *build out* of the VOR MON
That’s an interesting characterization, given that the MON is a list of VORs they are not planning to take down.
But that's better than taking them all down. Fact of the matter is most of us hate using VORs anyway, and left to our own devices probably wouldn't care one bit if they were removed.
It is a good thing that someone is second-guessing that. Degrading to MON wouldn't be great, but it would be much preferrable to hoping poor ATC can figure out how to vector everyone all the sudden.
I think more industries could apply the idea of a Minimum Operational whatever
> Fact of the matter is most of us hate using VORs anyway
This is partly UX and doesn't have to be like this. Cockpit systems could make this a lot easier to select VORs and radials without having to manually keep track of frequencies.
After all a successful GPS fix is impossible to accomplish by a human given the raw receive data, which is why it's all automated inside the receiver. We can optimize the hell out of VORs as well. And only people flying ancient aircraft still have to do the thing.
In fact it probably would be great to add some optional authentication signal to it, as even a VOR can be prone to jamming or spoofing.
> Unfortunately these are being used less and less and even deprecated
Fortune may have something to do with it.
Like copper land communications that cost billions to establish over
almost 100 years, are extremely resilient and can be repaired by
anyone with a ladder and pair of pliers. They're being ripped out
across Europe and the US because the private companies they were sold
to want to shrug maintenance to squeeze out a little more profit.
Copper land lines cost a fortune to maintain, and with everyone having moved to cellphones years ago, don't generate income to pay for their upkeep. People pay far more for an internet line that dumps out a gig of traffic, while very few pay for a hard line that is hard to cut and only carries a few kb of traffic.
That is untrue. The news is full of stories of people who are right
now being forced-off hard line connections that they want and will pay
for. The choice is being removed, which is not a fair market.
But, telling any group of people that "they are the only ones" is
gas-lighting. Systematic lies to marginalise people was central to
the Purdue Pharma opioid scandal and to the British Post Office
scandal - telling people "You're the only one" when a problem is
evidently extensive should be a very serious fraud.
> don't generate income to pay for their upkeep
When many private companies took on telecommunications properties they
did so under obligations to maintenance of infrastructure,
availability and reliability standards. If it turns out their choices
of technology don't meet those standards of affordable resilience then
that's their financial miscalculation and their problem now. Or are
you saying that markets are incompatible with national security?
Detractors please don't get so upset at someone pointing out broad,
sweeping, parochial generalisations are not okay (or at least try to
defend your position). If nothing else they just make a bad argument.
GPS is now often unavailable in eastern/northern parts of Europe due to Russian jamming. Some smaller airfields already had to update their systems not to rely only on GPS.
Finnair at the end of last month suspended service between Helsinki and Tartu due to Russia's GPS jamming [0]. DME is being added next week and they'll resume service next month [1].
DME (distance measuring equipment) is much simpler than LORAN. However, navigation computers can use multiple VOR / DME signals to compute position similar to LORAN or GPS. The problem is that DME / VOR are typically limited to 50-200nm (and even lower at lower altitudes) which requires extensive network to make it comparable to GPS / LORAN.
The basics: A VOR (Very high frequency omni-directional range) station just gives you the bearing to the VOR. It's simple. It's a large ring of antennas with another antenna in the middle. It sends out a big omnidirectional pulse, and then sweeps around the circle like a lighthouse. The time difference between the omnidirectional pulse and the directional pulse tells you your bearing to the VOR station. The aircraft just receives; it doesn't send anything. Range is maybe 200 miles.
DME (Distance Measuring Equipment) came later. It's a request-response system. Time between aircraft request and DME station response gives you distance to the DME station. Most VORs also have a DME system installed, so you can get range and bearing.
VOR bearings aren't very accurate. Error is up to ±4°. So position from VOR and DME isn't very good far from a VOR. VORs are thus installed at major airports, so positional info gets better as you approach the airport, and pilots can find the airport reliably.
SJC (San Jose International Airport) has a VOR northwest of the airport. It's a huge antenna array in a big open field, and can be seen from 101 north of the airport. It needs all that open land to work well. Obstacles would distort the directional beam and make the error worse.
The FAA has shut down over a hundred VOR stations as redundant.[1] The original plan was to shut down even more, but there was much pushback. In addition to airport VOR stations, there were chains of "enroute" VOR stations, so that aircraft could fly along established airways from VOR to VOR. Some of those have been shut down.
The FAA now uses the term "minimum operational network" for what's available with GPS down.[2]
GPS jamming is very real. Here's a real-time map of known GPS jamming and spoofing.[3] Current jamming is mostly near Ukraine and Lebanon, plus the Black Sea. War zones. Discussion at Ops.group, which is a site for people involved in international aviation operations.[4]
I was under the impression that GPS was a non-critical asset for aviation, ie. any plane can safely stop using it at any given time and keep flying with VOR and other navigational aids.
This article [1] introduces some of the scenarios where pilots rely on GPS only:
* GPS-based waypoints to optimize routing based on favorable winds and more direct routes even in the absence of VORs.
* RNAV departures and arrivals that rely "solely on GPS rather than radio-based [...] aids" with more precise spacing and hence higher capacity.
* GPS used as a substitute of ILS for some approaches e.g. in mountainous areas.
I would assume its not 'safety critical' but 'business critical', disabling GPS would mean slowing down departures / arrivals which means the airport losing money. I recall there being a similar issue with Lufthansa and SFO causing planes to get rerouted to oakland.
There's a meme driver with safety vs business critical and software types seem to think they're special (a different meme) but I'm starting to understand it's everywhere, which is why nobody notices the software issue creeping into their physical systems thinking.
A "business critical" issue is defined by the appetite for risk. Most businesses aren't planning for total economic collapse: losing their accounts receivable is what that would look like. What they are concerned about is losing business to competitors or liability for not fulfilling contracts. Software seems to solve the latter problem with shrinkwrap agreements "not responsible for failure of software". That solves their liability problem; everybody else they'll sue.
On the other hand "safety critical" concerns the loss of life or property: the things insurers are traditionally concerned with. So if the plane can land, engine out or GPS out what's the difference? Businesses absolutely care about safety, that's why they buy insurance! Safety programs reduce the need and cost for such insurance.
Businesses aren't lying when they say they care about safety. However people swim in the ocean of systems without necessarily being systems thinkers: plugging a leak is plugging a leak. But a leaky roof is not the same as a leaky hull. All the people in cybersecurity warning of the dire consequences of breaches are proven wrong time and again by the market: look at the stock prices of Equifax, Solarwinds, United Health Care. It's not simply marketing, a lot of these people really Want To Believe (tm).
In the end business is never safe, it's taking risks all the time. Mostly it doesn't see a need to share those risks with customers (or competitors).
> An anonymous EU official claimed that the US officials implied that they might consider shooting down Galileo satellites in the event of a major conflict in which Galileo was used in attacks against American forces.[34] The EU's stance is that Galileo is a neutral technology, available to all countries and everyone. At first, EU officials did not want to change their original plans for Galileo, but they have since reached the compromise that Galileo is to use different frequencies.
> This allows the blocking or jamming of either GNSS without affecting the other.[35]
>Well US is not dependent on anyone for her Energy needs.
China's strength is they have the means of production (and maintenance) of everyone today, including the US. All the energy in the world means jack squat when all the means of using that energy rely on China.
Could the west regain our own means of production? Certainly, but it's going to take far too long at the point China starts pursuing Bigger Gun Diplomacy. We're talking multiple decades to reachieve what we've surrendered, perhaps even the better part of a century because we simply don't have the ambition and political will to do so.
I think China has been very shrewd with how they conducted themselves in the past half century or so. They've already won most wars they might be involved in before they start by seizing the economies of their supposed enemies.
China makes consumer crap not our guns and bombs. In a wartime situation maybe people can’t get iphone cases from temu, big whoop. Not the first time the american population rationed consumer products in wartime. We will still have power and air, sea, and space superiority which is what really matters.
This is really out of date thinking, even South Korea is better at making ships than America now. In wartime China would switch from gadgets to bombs and drones and out produce us by an order of magnitude. They already produce 3x more vehicles than America; It’s 2024, not 1956. Review the article called “The return of industrial warfare”.
China also makes a huge amount of pharmaceuticals, medical supplies, electronic components, and parts for capital equipment. Decoupling from them would be very painful.
China makes a lot of electronics on which our infrastructure and logistics run. Much good a gun or a bomb will do you if you suddenly cannot get them from point A where they are made/stored to point B where they need to be used on time.
Look at the rate at which munitions are expended on the frontlines in Ukraine, for example. Those kinds of amounts need the transportation network to be working in good order. Bring down a single major logistics hub, and bad things happen.
I'm not talking about production here, but delivery. For that you need roads and railroads, bridges etc to function. How many of those are susceptible to digital takedowns?
Although factories are also an interesting case if they are not airgapped.
Everyone has outsourced all their cheap and low-quality manufacturing to China, therefore China is only capable of manufacturing cheap, low quality items. Is this your argument?
My argument is we have not outsourced bombs and sensitive military technology building to china. It is mostly the stuff we can stand to tighten belt on. Even if there is some demand for things like chinese medicine or whatever, its a market effect and not because only china is capable of making this medicine like how only US defense industry can make some of its secretive military tooling.
You can convert coal to gas and petrol, and China has a lot of coal. So it can be reduced to an industrial scaling problem which China is very good at.
They have huge amounts, but want slightly more. They're the biggest coal producer, producing half the world's coal, and then consuming it too, along with importing an extra 10% which is coking coal for steel making. They have lots of lignite and bituminous coal, which is fine for heat and electricity, and would be fine for turning into gas and liquid hydrocarbon fuel if that was useful.
Am I missing something? This does not seem consistent with what I have seen going out of the harbors. Exports of both thermal and metallurgical coal from the United States to China have increased [0][1].
Donbas - the part of Ukraine that is presently occupied by Russia - is called that because it's an abbreviation of "DONetsk coal BASin", one of the largest in the world.
Coincidentally, there has been a downturn in coal production there in the past two decades (and the associated closure of mines and processing infrastructure and unemployment) because of reduced demand. But if China were suddenly in dire need of coal, it wouldn't be hard for Russia to scale things up again there.
The Chinese are building solar farms and wind farms at an incredibly fast pace. Have you seen how cheap Chinese solar panels are? It's safe to assume by the time they decide to make a military move on Taiwan, they will have achieved energy independence as well.
I wonder if we, in secret, have “mutually assured destruction” of cyber-warfare.
It seems like a reasonable assumption to me that major world powers probably have enough 0-days at any one time that they could use them together to format a significant proportion of the world’s computers and phones. It would be not be that hard to make these worms intelligently use IP to target particular countries.
It’s hard for me to imagine how much damage it would do if I could wipe even say 25% of all work and home computers, maybe every phone not updated in the last 6 months, and a decent chunk of online servers.
>It seems like a reasonable assumption to me that major world powers probably have enough 0-days at any one time that they could use them together to format a significant proportion of the world’s computers and phones.
If that is true, then how come we have not heard much about erasure of data on phones and computers in Ukraine by Russian hackers?
Please don't say that the Kremlin is holding its 0-days in reserve for a more serious conflict! the Kremlin sees the Ukraine situation as extremely serious for Russian national security. It uses large numbers of missiles costing over a million dollars each to degrade Ukraine's electrical grid. It has attempted to assassinate the president of Ukraine many times. Why wouldn't it be all-out trying to do as much damage as possible to Ukraine through cyberattacks?
In point of fact, Ukraine has been hacked, multiple times during this conflict, and they were hardly damaging. This is in large part due to the fact that this particular conflict(hacking in particular) has been going on longer than just the start of the official war, so Ukraine has been hardening its systems significantly for many years. It goes to show that with dedication, even nation-state actors can be stymied with defense-in-depth.
Isn't that a fully-general argument? I say that flywheels will cause a revolution in military affairs. You reply with, "Why haven't we seen flywheels used in war?" I reply that flywheels are such a potent weapon that armies are afraid to deploy them out of fear that their enemy will response by using flywheels against them, which would be just too terrible and might cause a global ecological catastrophe or a general breakdown of society.
You are going to die, going to happen to all of us, nothing we can do about it.
Now, the when is the part that gets the attention of our little monkey brains.
1. Within the next 15 minutes.
2. Sometime within the next 100 years.
Your scenario is a type 2 scenario. At some time in the ethereal future 'flywheels' may cause the death of mankind. Well, we're all going to die in the ethereal future anyway so who cares.
Nuclear weapons are a type 1 problem. It's like a gun being pointed at your head and someone screaming "give me the money", you're not going to be thinking about what's for dinner because the likelihood of dinner is low.
Is the idea that that would essentially form a 'shield'of radiation that none of our existing satellites could penetrative with a resolvable signal? Or just that most of our satellites are LEO?
I'd imagine anything in GEO would be far out enough to survive a LEO emp
If COVID-19 didn’t move the needle on how dependent we are on foreign countries to do our scut work.
I highly doubt the precipice of war will change anything. We are a species that will optimize for the shortest path. Cutting corners along the way. When it blows up on our faces and while sitting on a pile of ashes, will ponder “wtf did we do wrong”.
> If COVID-19 didn’t move the needle on how dependent we are on foreign countries to do our scut work.
I believe the search-term you are looking for is "Friendshoring".
"Some companies and governments pursue friendshoring as a way to continue accessing international markets and supply chains while reducing certain geopolitical risks... Bonnie Glick first used the term "allied shoring" at the start of the Covid-19 pandemic, while serving as the deputy administrator of the United States Agency for International Development... The new U.S. Trade Policy, including USMCA and IPEF, complies with the Friendshoring arrangement." [1]
What's grating on my nerves is that I called out a lot of security concerns in courts & justice software and shortly after was constructively dismissed.
I've been unemployed ever since.
I'm getting antsy about income and getting no traction on my job search.
How many other people are advanced in tech but having some difficulty finding work right now?
How tempted will they be to switch to black hat for income?
It's really bad right now. I've learned to not stir the pot over the years. Unless you're primary role is security it's best to go with the flow. I've seen some massive security holes at every company I've worked at. As long as the boxes are checked for insurance, they don't care.
I’ve quit looking. I found myself dragging my butt out of bed and to a coffee shop to spend all day fabricating new versions of my resume in order to not get jobs that I didn’t want anyway.
If you know any black hat tips, feel free to send them my way… lol
It is too bad he didn't follow up on "we give control to foreign clouds" with "we need European data sovereignty, our governments need to choose local cloud providers".
Because they exist. I work for one.
The cloud is just someone else's computer. But if that someone else is your neighbor, they may be motivated by the same things as you, and can contribute helpfully to your goals.
I agree with the overall thesis, but I do need to quibble about Stuxnet. Yes, Stuxnet was very interesting, and it did disrupt Irans nuclear program. However, its impact is often overblown. It likely delayed Irans nuclear program by only a few weeks. Cyber attacks can absolutely cause a lot of damage and harm, but Stuxnet is not the best example of that.
Stuxnet was a very graphical demonstration of the possibilities. Even if the results weren't that great, it demonstrates to nontechies the expensive real-world consequences of 1 usb stick with malware.
I understood the hole in the ozon layer was similar. Even if the actual danger of it was probably overrated, it made people imagine how we broke earths radiation shield and would be hit by all kinds of nasty space radiation. This resulted in real world policy changes.
The reason I personally think Stuxnet is so interesting is because of it's reach. The goal was so specific and it accomplished it while infecting lord knows how many machines (but I bet Wikipedia knows).
Impact wasn't massive by any means, but the scope of the project will always impress me.
He mentions the threat of remotely taking over autonomous vehicles, but really its any vehicle who's a) network connected and b) drive-by-wire. Which is why I won't buy one, and why the problem is even worse than it appears.
The other problem that he doesn't address is the centralization of critical (and semi-critical, like logistics) software in large shared data-centers. If you wanted to disable large chunks of the American software economy for an extended period, you only have to kill ~100 buildings.
In a way I think the ransomware people are doing us all a huge favor by putting the fear of God into executives around cybersecurity. Unfortunately, as other commenters have mentioned, the real problem is hard to address, because it's the complexity inherent in the "worse is better" philosophy. Current systems have grown in a lovely, nice environment that is generally reliable. When that environment changes quickly (which is one way to characterize a cyber attack) these systems will fail, and there will be no time or tools to repair them. This includes software and infrastructure hardware. Somewhat ironically, this is precisely the kind of non-extinction-level threat that "having a bunker" and a large store of food would actually get you through - something only executives can afford. Perhaps we might consider outlawing such bunkers to properly motivate the monied elite to address these issues.
As an outsider on most IT security so take the rest of this with a grain of salt, but I think reliability is a good way to view this topic. Complexity is the enemy of reliability and security. Most organizations seem to operate under the delusion that you can brute force your way to security through audits and policy. They're trying to 'test the quality in' so to speak. Think of the legion of security admins who diligently tweak windows group policies, firewall settings, and systems like 2FA/MFA. Nobody can stomach the truth that most of these things have grown in complexity beyond their ability to be truly reliable. They're basically the IT equivalent of locks on a few doors of mansion with 80 windows, they prevent some crimes of opportunity but won't stop an attacker motivated by something else.
This also doesn't tend to bother security people. It's interesting, it quickly shifts to, "Well we don't run a nuclear reactor..." or "We're not a cloud provider or a bank", so they think they're not critical infrastructure and crimes of opportunity are really their main threat (ransomware, disgruntled ex-employees, etc). Also, their job usually depends on tweaking the knobs in this complex pachinko machine, so to have some outsider tell them to throw it all away is basically like saying you think they should lose their job as well.
I don't know where this rant should end, but I think if I was tasked with making infrastructure decisions, It would be really hard for me to not use things like OpenBSD and SQLite for a lot of it. I'm sure someone here will say actually those are bad for various reasons, but they at least seem to capture the ethos of, "We're going to just say no to things and try to control the complexity of this thing." They also don't seem very motivated by making money which tends to be the root of most compromising decisions.
Looking at the XZ attack from last month, a lot of people that write software have no idea of the depth their software is being used in secure systems.
Knowing how frail software out there really can be, I made moves to Qubes OS and GrapheneOS as my primary operating system distributions over a year ago. Haven't looked back since the first month!
PC users should be using some kind of segregation like VMs these days; you most likely don't have a MAC policy protecting your files from your porn site bunker-busted browser, so your data is likely going up the pipe to North Korea (but you did make sure to be a user so at least it can't install the printer driver wrapped rootkit).
Those are neat projects to look into, thanks. That said, I feel like wrapping everything in vms/container is actually an example of the complexity I’m fighting against. I want less code that does less with more eyes on it.
This is a pretty scary article. And yet I have to say it’s weird to say we are pre-war. Ukraine certainly isn’t. So shouldn’t any scenario outlined in that article happen there already? The mobile network there seems to be operational.
> Ukraine was already at war for two years and battle-hardened. So anything that was simple to break was already broken by the Russians. Then after two years, the Russians managed to break Kyivstar, one of the biggest telecommunications companies of Ukraine, This was a very destructive attack. But the Ukrainians (in and outside Kyivstar) are good enough that in two days they were back up and running, because these people were prepared for chaos. They knew how to restore their systems from scratch. If we get an attack like this on VodafoneZiggo or on Odido, and they don’t get external help, they will be down for half a year, because they don’t know anything about their own systems.
I'd like to voice an opinion that i couldn't find already in the comments.
Security is a trade-off. At some point, security becomes so expensive and inconvenient that it's cheaper to address the root cause of insecurity than to pay for protection.
For instance, there is a point where avoiding generalized war or limiting climate change becomes cheaper than to protect against them.
A lot of people benefit from the war. To them, the costs of security is an externality.
I do not believe it was naive from public transport regulators, for instance, to design with the assumption that gps network would stay reliable, when the alternative is so much more expensive for all parties that it can only happen in such a state of general corruption (aka misaligned incentives) that is not worth designing for. If we are now in this prewar state, we are in much bigger troubles I'm afraid.
War is not a fatality, it's the result of some politics. Fixing political issues may be cheaper than making our highly technological society resilient.
Is there an enemy factor measure which reflects how many countries have to sanction/attack you directly before you are enable to maintain the economy and social services? It would be interesting to have an index of geostratigic resilience.
Yes. Front analysis [0] and also critical path analysis are useful.
Real graphs look like social networks, with some clusters and nodes
with very high relational degree, and some with almost none. But for
security they are more like dependency graphs rather than just attack
paths as in Blotto. An adversary blockades/sabotages them or blocks
those on which they depend etc. The more resilient graph is the best
connected by alternative paths. Go back and look at some DARPA papers
on route security in the formative "Internet".
What we have today are very insecure graphs with millions of logical
dependency links going in/out of single centres of functionality, and
not much peer connectivity.
Hit a few critical nodes and the whole lot goes down.
To get serious about cybersecurity governments need to start imposing hefty fines for failing security reviews, otherwise companies choose to maximise profit. This includes fining software vendors for 0-days, depending on their size and the severity of the 0-day. For example, a critical 0-day in a popular Microsoft/Google/Apple product should cost them e.g. $100 million. This will actually get them to allocate significant engineering time to preventing 0-days instead of working on the latest gimmicky features...
I’m far more concerned about the financial system. Sure infrastructure and IT maybe be shaky and full of holes, but the financial system rests on nothing more than confidence and pixie dust. Confidence failures cascade.
Russia asked for discussions on a new security infrastructure for Europe. The West refused out of hand because it expected Russia to collapse in the (then) coming war.
Russia did not collapse. It got stronger.
All this talk of the danger of Russia is self-fulfilling prophecy.
> So you can have a whole board full of people that studied history and art and French, and they sit there making our cloud decisions. And they simply don’t know.
> And if there had been more nerds in that room, some of these things would not have happened. And that is also a call to maybe us nerds, although you don’t really look that nerdy, but do join those meetings.
> Because quite often, we as technical people, we’re like, “Ah, these meetings are an interruption of my work, and I’m not joining that meeting.” And while you were not there, the company decided to outsource everything to India.
Oof. This is hitting me hard on two levels.
As I'm racking up years in the operational business, the best impact I can have isn't that I can understand log files twice as fast as the guy next to me. Many people can learn that. The bigger impact is to be able to connect the effects of technical decisions onto the overall business and vice-versa to higher management.
Like, sure, I can rattle down a lot of technical requirements we need to self-host a highly available infrastructure, and I can rattle down a lot of the advantages of the cloud /in a small company situation/ and such.
But that is largely useless to the CEO of a small and medium business. The more interesting statement is: Self-hosting requires a larger upfront and a larger continuous investment over time at a certain range of scale. You need to buy servers, firewall, switches, rent bandwidth and DC space and to hire people to take care of all of these. However, we can achieve a higher level of security and data protection on these systems and in the long run, we can become cheaper than the big cloud providers, because the current product-visions are already decently big. The cloud can be more flexible and innovate faster, but we will have more security discussions with our customers and the control over our systems will be lower, for better or worse.
Put this way, we're setting up a pretty good self-hosted plan, which primarily uses the cloud as a way out if we or our DC hosters fuck up.
This plan cost the company more money than the existing cloud infra would have for a year or two, but now it is starting to pay off and in a year or two, hardware extensions will be a welcome expense.
But that is bringing me to a second point, deeper point: This only works because the board here is fine planning for benefits 3-5 years down the line. "In 2-3 years we'll be even", we said, and "in 3-5 years we'll be cheaper, a lot". We're even now 2 years after.
If they were just maximizing next quarters profits, we probably would have migrated everything to AWS and just started shoveling more money across the Atlantic, making us highly dependent on cross-atlantic and US infrastructure. It would've been cheaper for a year or so.
And this profit-maximizing mindset looming over good decisions and great tech is frustrating me.
Generative AI is similar there to me. Generative AI should be something I should be excited about. For example, Runegate Studios cooperated ethically with Unleash the Archers and Bo Bradshaw to create a music video[1] in Bo's style we just wouldn't have without generative AI and it would never be created without. And like, sure, it's not Disney quality, but you're looking at ~10 people cooperating here. For that headcount, that video is amazing.
But I know it will be used to slash jobs, prevent juniors from learning because AI is cheaper, ruin careers "because the AI can do 80% for less costs" and such. Short-term perspectives. And then in 10 years there will be a crisis of "Why can't we find good writers/cartoonists/musicians/... anymore?"
Sorry for the TED-talk. I'm currently torn between a very excited and a very frustrated person.
Very interesting article. I think the author makes a compelling point about the vulnerability of infrastructure.
To be honest I wouldn't be surprised that in an actual unlimited war, between two major developed nations nothing will actually continue to function. None of the systems have ever been actually tested and still make assumptions about the rest of the infrastructure. I also don't believe that simplicity can fix this, everything already has deep built-in assumptions about everything else, which makes any replacement a daunting task.
> I know it sounds devastating, but you have to get used to the fact that a new era has begun. The pre-war era.
It is madness that we're in a position where this can be baldly stated by a PM and there has been no "huh?" moment when people stop and assess how badly the broader West's military, economic and diplomatic efforts have failed over the last 30 odd years. Possibly longer. I wasn't expecting to see land wars in Europe even before the cold war ended.
Humanity has unprecedented destructive power at our command and the systems that sustain 8 billion people are delicate. We can't afford to be in a "pre-war era" and act like this is just going to be something to deal with when we get to it plus a little prep in specialist domains.
Autocracies are inherently unstable and dangerous in this regard. They have every incentive to be irrational and unwilling to negotiate. They call it “sovereignty”, which it isn’t — just a sparkling dictatorship.
And yet autocracies are historically the most "successful" types of governments. Humans always and eventually end up selecting autocracies with thunderous applause.
There is not much difference in the capability of human experience. I bet a baby born in 494AD, teleported to the modern period and raised by modern humans will be indistinguishable in capability to every other human being.
As if the west is so much better with its "gunboat diplomacy". You know, the "diplomacy" where they bring ships to your coast to let you know they can just shell you with complete impunity if you do not submit to them.
Can’t speak for Europe, but the US used the same ineffective playbook they’ve been using for decades. I believe more creativity and more “Is this working?” strategy assessment could have been effective.
As a few examples, what if Putin specifically was targeted with information warfare? Leak information on his health, finances, etc to his rivals. Fire up the meme factory to influence the military. Disrupt oil production via cyber attacks. Threaten to give Ukraine a couple nukes back.
The US doesn’t do aggressive (effective) things like that because “What if they do it to us?”
Picking on Ukraine, the US not having a policy of signing new people up to the anti-Russia military alliance every few years [0] seems like low hanging fruit. Or not working to integrate their intelligence with the CIA [1] for the last decade. I don't speak German but apparently Merkle said that we weren't negotiating in good faith to keep the peace either [2].
These are the sort of thing I suspect Russia would see as escalatory. I certainly do. A better diplomatic policy would have been to encourage neutrality. The western powers weren't going out of their way to make sure that the situation stayed peaceful. We could have treated this as the Russian equivalent of the US invasion of Afghanistan or Iraq and let it go away.
> US not having a policy of signing new people up to the anti-Russia military alliance every few years
Weird how all of Russia's neighbors are eager to join a military alliance protecting them from Russia. I wonder if that has something to do with Russia's actions towards its neighbors? No, no, surely the US is to blame for that...
Yeah, sure. But the US chooses who it integrates with militarily. An alternative approach would have been to say "hey, yeah we can see why you'd want to join - but this will foment tensions with Russia, so you can't".
That is the kind of diplomacy would have prevented Russia from invading its neighbours. It would have been difficult to get worse outcomes with that approach than what the powers that be managed to get us to - we could be staring at the start of a major pattern of wars here and the US's deterrence has been spectacular in not quite succeeding. The Russian border is still closer to Moscow right now than it was in the 80s, but it has gotten a lot bloodier than the 90s.
> That is the kind of diplomacy would have prevented Russia from invading its neighbours.
Only if you subscribe to the argument that Russia has no intention to gobble up countries west of it at least to the furthest extent of USSR and its satellites.
No European neighbors of Russia subscribe to that anymore. Finland and Sweden were the last holdouts who thought that having a "responsible" diplomacy would prevent war with Russia, but the absurd and fabricated excuses Russia uses to justify the invasion of Ukraine have destroyed almost overnight all credibility of that line of thought.
Assuming imperialistic intentions, staying neutral and out of alliances only lowers the cost of invasion for Russia. If Russia decides to invade a country like Poland, then at the moment they risk a large multinational response that can go far-far beyond Poland's own means, up to a nuclear war. If Poland didn't have solid allies, the potential cost associated with the invasion would be considerably smaller for Russia.
> Only if you subscribe to the argument that Russia has no intention to gobble up countries west of it at least to the furthest extent of USSR and its satellites.
Russia doesn't have any intention of doing that. Putin is currently 71 and we've seen no particular interest in grand campaigns to reconstitute the USSR so far in his lifetime, it isn't going to start. It turns out they weren't even militarily prepared to take Ukraine! They thought they could just launch a quick decapitation strike and be done. The USSR leadership disbanded the USSR in the 90s, so if they've culturally reversed position on that completely in 30 years it shows a stunning failure of western diplomacy to support them in doing the right thing.
> No European neighbors of Russia subscribe to that anymore.
Things like this is why letting them in to NATO would worry Russia. They are paranoid and panicking. I can understand why; I would be if I were a small country with a Russian border or close to one. But, nevertheless, their attitudes are one risk factor for escalating the situation from bad to catastrophic.
So what was first, Russia invading neighbors, or neighbors wanting to join NATO?
I'll give you the answer: Chechnya.
Thinking that Russia would never invade an independent Georgia or Ukraine is very naive, to say the least.
If you want a "neutral" country, take a look at Belarus. A neutral country in Russia's eyes only has connections with Russia, not with the West. They make it very clear which countries they want "under the influence sphere of Russia".
Ukrainians want a sovereign democratic country, and they are willing to pay a very high price for that.
Then I have "good" news for you: Ukraine is at war and so doesn't have to, and isn't even allowed to hold elections. Neither did UK during WW2, so it's not that uncommon.
"Scholars have stated that the Ukrainian constitution does not allow to hold national elections while martial law is in effect."
Every poll performed on Ukrainians shows that a clear majority doesn't want elections right now, and Ukrainian law permits this during wartime. The logistical challenges are insurmountable particularly when one things about local elections. People are displaced all across the country and to other countries, soldiers that are fighting on the front lines cannot just rotate simply to be able to cast their votes without creating unnecessary chaos and risks, there's the legitimate threat of bomb attacks on polling places.
The UK didn't hold elections during WWII despite being vastly more secure on their island than Ukrainians are.
Some of us don’t believe in fair-weather democracy. If they can run a poll, they can run an election. Ukrainians have the right to decide their own future, don’t you think? Or perhaps some are afraid that they might vote “wrong”?
A 30 second conversation with any Ukrainian living in Ukraine right now would clear this confusion up for you. Not getting people needlessly killed is awfully high up on the priority list. If you think Russia is above bombing polling places, you'd be wrong.
Your comment suggests this was some time ago, since traveling to Ukraine after the invasion doesn't seem to be something most people would do.
I have plenty of Ukrainian colleagues, both still in and outside of Ukraine. Opinions differ a lot. There is only this truth:
1. Ukraine is at war
2. Martial Law helps a country at war
It's logical that governments take decisions that some people don't like. Martial Law is there to take quick, hard and possibly unpopular decisions. Ukraine as a country is trying to survive right now. Their martial law doesn't even allow elections!
The only thing that would have changed is that Russia now also could invade the baltic states. Why do you think Russia would not have invaded Ukraine if the NATO had not been expanded?
Under what circumstances would Russia feel a need to invade Ukraine if they didn't fear NATO involvement? It is pretty clear in the current war that exactly what the Russian leadership feared was happening - a pushover country on their border was being militarised by the US. In hindsight they must feel naive for not being more paranoid and bulking up their military before going in. The NATO enlargement is a broad strategy of threatening Russia and building up force to use against them. And the political rhetoric out of the US on Russia has been unhinged since at least 2016. The Russians would be stupid not to be scared and this invasion of Ukraine looks like a desperation play through that lens.
Ukraine is a great example of what US support does - if the US had told them that they're on their own, Ukraine would have just gone with whatever Russia wanted diplomatically.
Instead, a lot of Ukrainian's are dead, they've lost a double-digit percentage of their country, the west is hell-bent on destabilising the leadership that controls the world's largest nuclear arsenal, it looks like we're escalating into a WWIII style situation because the US deterrence is failing and Ukraine is STILL likely to end up having to do what Russia wants. Technically not maybe because they've lost the territory that Russia was most interested in.
The US shouldn't be involved in militarily organising Eastern Europe. It has not helped, it seems to be making war a certainty.
Ukraine was faced with a choice - do what the US wanted, or do what Russia wanted. The US choice resulted in massive death, destruction and so far it looks like Russia is going to get what they wanted anyway.
What would the downside have been of just folding before the troops started moving?
> And yes sure, Russia is nust defending itself
Best defence is a good offence. They're flailing under strategic pressure from the US.
They knew perfectly well it would involve massive death and possibly years of fighting. But they know their long history with their "brotherly" neighbors to the north, and hence, that even these costs would be preferable to perpetual subjugation.
If you can't recognize this fact -- if you think they're just passive puppets who do whatever the US tells them to; or that they aren't capable of evaluating the costs and risks and making a decision to side with their families and their future -- then not only have you not been following the chain of events since the start of the invasion (in which the US basically told them capitulate, after all); you really have no understanding of how human beings work when their families and communities are threatened.
Best defence is a good offence. They're flailing under strategic pressure from the US.
Nobody pressured them to do anything. Russia's actions are all offense, full stop.
> ...if you think they're just passive puppets who do whatever the US tells them to
They're obviously not passive puppets. They had a choice - they could do what the US wanted, or what Russia wanted. That is more agency than most countries get when facing an existential crisis.
However, given that they chose to align with the US and we now have people talking in uncontroversial statements about it being a "pre-war era" the unfortunate reality here is that the option the US gave them was/is a diplomatic disaster that is very much in line with the US's NATO expansion strategy that they've been executing for the last 30-something years. It is a bad strategy that is leading to war.
> Nobody pressured them to do anything. Russia's actions are all offense, full stop.
Avoiding war requires both sides to reach some sort of mutual understanding. The Russian's aren't going to buy that bullshit. A lot of their troops just died because of NATO arms, held by troops that were at least in part NATO-trained, using NATO intelligence and NATO-approved strategies in a war that is part of a broad strategic push, by NATO, into Eastern Europe. They've figured out the role that NATO is playing here; the plan is obviously to contain and militarily cripple Russia.
That style of rhetorical bullying is very prevalent amongst western leadership, but if we want to find a peaceful solution they should be more honest. They provoked this.
Avoiding war requires both sides to reach some sort of mutual understanding.
When the aggressor stations 200,000 troops at your border -- it isn't about "reaching a mutual understanding". The only "understanding" he is asking for by that point is that you lay back and let him have his way with you.
You're basically repeating standard propaganda lines here; I don't see this being a productive discussion.
> The only "understanding" he is asking for by that point is that you lay back and let him have his way with you.
Ukraine seems to have lost about 25% of their population, 10% of their land and their electricity network is being shelled. Who knows how long it will take for their economy to recover. There is a lot of room among those statistics for debate about whether just folding immediately would have been better or worse.
And Ukraine isn't really holding any cards here, any negotiations need to happen between there US and Russia. Getting good outcomes requires the US state department to get some actual statespersons involved instead of whoever has managed to push Europe to this pre-war mindset.
> You're basically repeating standard propaganda lines
If we're going to start slinging insults here, you're showing a dire lack of tactical empathy. You're not going to understand diplomacy unless you can get in to the headspace of people you don't agree with.
>Why do you think Russia would not have invaded Ukraine if the NATO had not been expanded?
Because the main reason for the full-scale invasion of Ukraine is a miscalculation about resistance. With the expansion of NATO, the prospect of invasion would be assessed closer to reality and dismissed as counterproductive
> That is the kind of diplomacy would have prevented Russia from invading its neighbours.
Really? You believe the Russian claim that it attacks its neighbours because they're mumbling about NATO membership?
Russia attacks its neighbours because it regrets its loss of a "zone of influence" at the end of the Cold War. Like all former imperial powers (I'm a Brit!), loss of empire is hard to swallow.
What do you think the distinction is between Russia losing it's zone of influence and countries joining up with NATO? I agree with you and believe the Russians simultaneously.
Russia is losing its zone of influence because it didn't hold on to it tightly and the US took it. Pretty much the same thing happened to the British, although they got beaten down by the Germans first so they weren't in a position to do much more than pretend to resist.
Although in this case the US is much closer to the British analogue. They've got financial problems, they've got industrial problems, they've got a lot of upcoming challengers and their diplomatic mis-management could easily lead to a massive blow up that unseats them.
I don't think Russia invaded Ukraine because it threatened to join NATO. Russia invaded Ukraine because it threatened to have a color revolution leading to a viable democracy in a culture/society that was similar to Russia's. Putin, personally, could not allow that to succeed. It threatened him, personally, too greatly.
It is not an anti-Russia alliance, we Romania enter NATO to survive teh eventual Ruzzian invasion, as you can see from Ukraine war our politicians, even the communist regime was sure that a Ruzzian invasion is unavoidable (yeah, makes your mind segfault when you find out that communist Romania had better relations with USA and was preparing to resist a USSR invasion).
You need to talk with Russians to understend their Zed mentality, they think God gave them the right to dominate half of the world, they will tell it to my face that genocide my nation is not personal, it is geo politics and Ruzzia must do it.
the way to avoid the Ukrainian war would ahve been if Ukrainians would ahve not been stupid and would ahave joined NATO with Romania and Poland, but the idiots still believed in brotherhood with the Zeds.
P.S I am using Z to refer to the Russians that are Zed supporters and to make it clear I am not referring to the entire Russian population, since there are a few educated Russians there that can see the truth.
I've never heard a single bad word about Romania or its people, and I definitely have a lot more ties to Russia than you do. No idea where you read shit like this, but you should probably avoid those places from now on to keep your sanity.
It is history, maybe read about USSR invasion of Czechoslovakia and Romania refusing to participate and condemning the fact that USSR is tring to force their will on other communist states. It was not enough that USSR forced communism in eastern Europe, they really wanted Moscow to control everything, no different communist approaches were allowed since Moscowites know better what other countries should do.
So Romania built infrastructure to handle an invasion, build roads over the mountains to be able to quickly move the armies, and is a very known fact in Romania that everything was prepared for an USSR invasion like in Czechoslovakia, so first read about the USSR invasions and meddling in communist countries.
Then if you really want to know more , I mean really want to learn and not spread Ruz propaganda I might find for you english documentation of all douzens times Ruzzians invaded Romania lands.
So Romania has very good reasons to enter NATO, all political parties were in agreement, even our president who was a communist and who studied in Moscow was for NATO. Super hard for Ruzzians to admit that all those country that entered NATO had a good reason, and some "special" people in Africa, Asia and West might fall for the ton of propaganda that claims that NATO brainwashed everyone to join them, it is pure Ruzzian projection.
The USSR invasion of Romania? That's insane revisionism. Who, exactly, started the invasion? Like you realize the Romanians were literally guarding the front of the Germans at Stalingrad? Maybe Romania should've have invaded the Soviet Union with Germany?
So here is the impressive Ruzzian logic, show me your mental skills explaining it
USSR collaborates with Hitler and steals Romanian land, This is OK in Ruz logic
later Romania enters the war against the USSR thieves to get the land back, but this in Ruz logic is NOT OK.
So in Ruz logic, only Ruzzia can collaborate with Hitler, and Ruzzia can grab lands but other country is not allowed to recover lands grabbed by Ruzzians.
This is a shit logic, where the distance from A to B is not the same from B to A, it depends if A or B are Ruzzian or not, because Ruzzian logic is always relative to their interests and Satan given rights to them to bring suffering to the world and their own subjects.
Edit:
IMO you have 2 choices,
1 keep suck on Putin propaganda that all of Ruzzia;s neighbors are gay, nazi, satanists that hate the straight, democratic, Christian, God Chosen people Rusky
or
2 the hard choce, where you need to do a bit of effort, just be open for new info, ask me about why we entered NATO, try to understand our point of view even if you dissagree, understanding your neighbors (or maybe your enemies, future victims) is important
This has literally nothing to do with Putin what are you even talking about? You are justifying the Romanian invasion of the USSR and their collaboration with the nazi state. That's fine I guess, it just makes it hard to play the victim card. Again, this is about events that happened before Putin was even born. It's not Russian propaganda to say that Romanians were complicit until the very last moment when they decided to switch side in 1944.
You're also just saying stuff that doesn't even make sense. Can you give me a source about splitting up Romania, as in that Romania attacked the USSR because they wanted to split it up? Also, if you're saying that both the Nazis and the USSR wanted to take Romania, why did they ally themselves with the nazis? It's as if they were on the nazis side for more than that!
Also, remember that the USSR wasn't just Russia. The Romanians also killed thousands of Ukrainians while invading the USSR. When you invade a country, you get what you deserve when said country fights back. Like Russia is having now after attacking Ukraine. In your weird point of view, Russia would be the victim because they had no choice or whatever due to alliances, right? That's how you're justifying the fact that Romania attacked the USSR in 1941 lol
I am trying to tell you that Ruzzians refuse to accept that everyone in Eastern Europe, Baltic so Romania had good reasons to enter in NATO, to defend themselves.
I attempted to give you examples why Romania needs to defend themselves, it sure a Ruzzian will say that we should ahve stayed netural because Ruzzia would never, ever invade a neighbor (but then a big list of contra examples follows of invasions)
OK then, I was explaining all the times Ruzzia (they had different names for the empire in the past now is a "federation" ) invaded our lands, some Zeds still complain that their neighbors had no reason to enter NATO or some are claiming it was all CIA, Satan, Israel or Illuminati that made this countries dislike or hate Ruzzia and Rusky the chosen people.
> they think God gave them the right to dominate half of the world, they will tell it to my face that genocide my nation is not personal, it is geo politics
But honestly I never chat with an american that would claim that half of the world belongs to them and they are not sorry for the future genocides that they will have to do to achieve it.
Nice of you to confirm here for our HN community that what I said is true, Ruzz claim that God gave tehm half of the world to make a "sphere of influence" and that Moscowites are OK with genocides because is geo politics and not "personal"
I mean you're either in a war period or a pre-war period ...
Although yeah the whole propping up non-democracies because they have cheap labor or cheap materials for decades does seem to have been a poor decision in the long run.
"You" are still doing it, your Western governments looked the other way at killing of more than 300+ pro-democracy protesters by our government forces at the beginning of 2022 because it was convenient for them to do so. Half of worldwide supply of uranium fuel and all that. These things will be remembered for decades.
Leadership in the UK is absolutely pitiful. Yes, you can work on multiple problems at once, but in reality both the public and private discourse is focused on utterly trivial and stupid stuff.
The top level goals of a government are to ensure that the state exists and can protect its' citizens. We enacted income taxes on that basis in the first place for wars.
Now we have people arguing the toss over whether cars should emit a particular thing because it reduces life expectancy by a few months or landlords should put triple glazing in because tenants would pay slightly less on their bill or men can pretend to be women or whatever else. Fiddling over 0.1% issues whilst ignoring the elephant in the room.
I fear that there's going to have to be a big shock and we'll wake up from this collective delusion much like in the early days of Covid when everything just... stopped.
At times it's a bit difficult to read, as it seems to be a telescript of a speech. But the overall gist and main topic are one that needs much more attention sooner rather than later/never.
My colleagues and I submitted a similar talk/paper for a different
NCSC conference (but weren't accepted). I see that this talk by Bert
Hubert covers mostly the ground. so I am pleased, but worried about
what this take misses out.
Hubert is addressing much of the ground that lies between security and
resilience.
Our emphasis is on how mitigation lies in education and autonomous
systems over regulation. Not that regulation is wrong, just that it
doesn't work as a stick without a carrot. We also looked at timescales
and how so much is already too late because of the lag-time from
drafting to efficacy. And what I know from hanging out here on HN is
that technologists appear hostile to regulation, but giant companies
love it so long as they get to write the rules that give them more
monopoly power.
Where we went wrong I think is lack of political tact. Hubert stops
himself from even finishing off the remark about the quality of
Microsoft products. But I don't think the real problem can be ignored
for much longer. Instead, we went all-in and emphasised (as
previously here [0]) that "Big Tech is the cybersecurity problem"
(as Bruce Schniere recently echoed) because it pushes (in addition to
highly centralised single points of failure) an irresilient
"insecurity industry" that is based on protection not security.
Hubert's talk doesn't get to the key issue;
Security and protection are not the same thing.
Protection leads to dependency that ultimately erodes real security.
However "protection" is easy and profitable to sell. Real security is
not.
That is ths succinct way in which it must be put.
If the intel appraisal is accurate and we are entering a serious war
footing than we can have no more patience for the profitable but
dangerous "insecurity industry" that gives an appearance and
simulation of security, without the reality.
Who cares? In the case of some sort of big war why would you care about "cyber security" when the day to day problem is not dying from starvation, being drafted, radiation posioning or what ever the problem is.
These kind of "we need to prepare" are silly since they implicitly downplay the severity of war and bring us closer to it.
We need to prepare to not be destroyed on the cyber front brings us closer to war? Hard disagree. In a world with sharks, you don't make having to battle a shark more likely by looking less like prey.
Not preparing brings us closer to someone (Russia, China, Iran, ISIS, Al-Qaeda, whoever loses the next presidential election) being able to blackmail society with war-like consequences if we don't do what they want. Worse, more than one adversary could have that level of blackmail on us at once. That's the kind of situation that free peoples fight wars to get out of. And the ones who won't, aren't free for long.
If you consider "not fighting wars" to be more important than "being free", there is nothing more for me to say. And if you think that being free will endure without fighting wars, I think you are hopelessly naive.
The underlying assumption of e.g. food distribution are that a certain part of infrastructure remains intact. This assumption comes into greater question the more individual parts are dependant on large software installations.
E.g. some countries have an entire redundant telecommunications network for government functions precisely so that it can actually withstand such a scenario. The more enmeshed that infrastructure is into other systems the more likely it is that it too will fail.
It is incredibly hard to maintain an unused system. The Internet is the default mode of communications because it outperforms all other options on most metrics. Any backup would go nearly totally unused and therefore couldn't be effectively used during an outage.
Critical infrastructures should not depend from things that are located in space or on the other side of the planet. These are one of those things were market logic should be anticipated with regulations (we can’t wait for the next Titanic). Another point touched by the article.