Category Archives: 1337 haxx0rz

Is George Friedman smoking crack?

Stratfor’s analysis is starting to show its bias much more:

Note the section on the US missile program in central Europe.  Unless something has changed radically, the last I heard was Obama was putting the kibosh on the project at least until the Pentagon could make the case it had to be in Europe, and in return, Russia was withdrawing its plans to put nuclear warheads in Kaliningrad, which would allow them to strike anywhere in Europe with even their smallest nuclear capable missiles.

Also on Kyrgyzstan, while the analysis is accurate, they in no way mention the cyber attack which was almost certainly undertaken by Russian proxies there – one which may have been a trial run to see how US forces coped with bandwidth poor environments.  The US military is massively dependent on using state of the art communication systems, and they did have problems in Central Asia when first moving into those bases, in 2001-2002.  Russian expertise in cyber warfare is nothing new, but running an attack which may have been designed to test US responses is.  In the Georgia/Russia spat earlier last year, the Russians were probably too busy actually attacking Georgian websites and communications to see what they could do to American bases in the country.  This time, they had an attackers advantage, in choosing the time and place.  Given Obama, just today, is reviewing cyberspace security, I would think this was much more important than Russia’s long standing objections to the US presence in its percieved sphere of intersest.

And just to confirm my suspicions, I get a new email:

In our 2009 Annual Forecast, we let Stratfor Members know that Russia is resurging–but can she really do it? The short answer is YES.

Russia needs more than economic power to mount a real resurgence–military power is an equally important aspect. So we’re introducing a special four-part series on the Russian Military.

UUUUUNNNNGGGGHHHHHHH.  Paul Kennedy is quietly weeping somewhere.  Military superpowers need to be economic powerhouses first and foremost.  Obviously, a super rich country with little population is not much of a military risk (see: Saudi Arabia), but equally a populous country with a weak economy is not nearly as much of a threat as one with a strong economy.

Russia had an economy comparable to Portugal, a thin strip of mostly barren land on the Atlantic sea, which makes the majority of its money from tourists who don’t realize they crossed the border from Spain, and from the quite frankly disgusting “firewater” drink.  Oh, and Port, of course.

And most of this was because of Russian reliance on energy resources, in particular oil and gas.  Oil prices have essentially collapsed, putting the Russian economy in dire straits.  Their weapons systems are their second main export, but with the economic crisis hitting their main clients hard as well, they cannot hope to pick up the loss of earnings there.

Russia still has a decent amount of firepower, of course.  It has the world’s biggest stockpile of nuclear weapons, for starters.  It has numerous WMD programs, including a very advanced biological weapons division.  They still maintain large numbers of missiles, both conventional and otherwise.  Its intelligence assets were primed towards Europe and America for 60+ years, and many of those assets are still around, if in a reduced capacity.  It also has its much vaunted cyber warfare capacity.

But those are costly to maintain.  Equally, Russia’s population is steadily decreasing, as is its economy.  Sooner or later, cuts will have to be made, in order to save the careers of those in the Duma and Kremlin.  And Russia is already well behind in certain technical innovations than NATO, China and Japan.  Can they sustain the economy necessary for high-tech research and their already existing military power, which is still a shadow of what the USSR possessed?  Highly unlikely.  Unless Russia can reverse its economic woes, presumably by seizing the Arctic oilfields and then orchestrating price fixing via Gazprom, its a power on the decline.  Again.

Even now, people are still not security savvy

Thanks to Reqiuem who posted this link on the forum.

The most interesting thing is how incredibly limited the range of passwords is.  With enough time, it would be very easy to crack these accounts.  As the author notes, even when the security system forces people to be at least a little more security conscious, they take the path of least resistance and, in the example of Myspace, tack a “1” on the end of their usual password.

Obviously it would be very hard to get this data, but I’d be fascinated in seeing how this sort of information correlates with that for important passwords, like those which allow access to emails or online stores or banks.  I’d be willing to bet many of the passwords are very similar, and could easily be found out with minimal data-mining of an intended target.

Bruce Schneier once wrote a brilliantly funny, yet sadly true, article, about the security mindset vs the normal human mindset once.  As I recall, his main point was that the security minded person looks at a system and thinks “how can I abuse that?”, whereas the normal person tends to use the system in the correct way and context, without paying much attention to how the system could be subverted or turned to other ends.  That is certainly part of it.  I also think its because people are used to seeing a computer as their personal possession, and everything on it as an extension of that.  Yet the internet is very much a shared space, which all sorts of characters can and do use.  But because people feel they own their computer, they feel free only taking minimal security precautions, more as ritual and formality than with any mind to actually defending accounts against possible intrusion.

I’ve often stated critical thinking should be on every school cirriculum, but now I’m starting to wonder if perhaps Security 101 shouldn’t be added to that list as well…