Friday, February 28, 2014

On Waterboarding and Enhanced Interrogation

The topic of waterboarding still comes up from time to time, and I wanted to share a couple of resources to put it in context. The two arguments against waterboarding that I've heard most frequently oppose waterboarding (and other "enhanced interrogation" techniques) on the grounds that they 1) constitute torture, and 2) are ineffective at gathering intelligence. I'd like to challenge those claims.

First, the question of whether or not waterboarding (or other "enhanced interrogation" techniques) constitute torture. Torture is typically associated with actual injuries, particularly physical or psychological trauma which will persist after the initial interrogation session. Given that the late Christopher Hitchens was waterboarded for Vanity Fair (article, video), Mike Guy was waterboarded for Playboy (article, video), and soldiers posted to Afghanistan have even been known to waterboard one another while bored (video), I find this somewhat questionable. Waterboarding is clearly very uncomfortable, and causes extreme short term distress. However, I question whether that equates to "torture" in anything but the most broad definition.

The second objection is that waterboarding, "enhanced interrogation", and torture isn't effective at coaxing information from detainees. On this point, I want to defer to Marc Thiessen, author of Courting Disaster: How the CIA Kept America Safe and How Barack Obama Is Inviting the Next Attack. When speaking at the Heritage Foundation in 2012, Thiessen noted:
"Leon Panetta, the then-CIA Director confirmed, quote, 'Obviously there was some valuable intelligence that was derived through those kinds of interrogations.' Now, if intelligence from CIA interrogations was not critical to the greatest achievement of the Obama administration, don't you think they'd be shouting it from the rooftops? Of course. Panetta's predecessor, Mike Hayden, was more explicit. He said, 'Let the record show, when I was first briefed in 2007 about the brightening prospects for pursuing bin Laden through his courier network, a crucial component of the briefing was information provided by three CIA detainees, all of whom had been subjected to some form of enhanced interrogation.' [...] And he... moreover said, 'It's nearly impossible for me to imagine any operation like the May 2 assault on bin Laden's compound that would have not made substantial use of the trove of information derived from CIA detainees, including those on whom enhanced interrogation techniques have been used,' unquote."
During his 2010 remarks at Heritage while promoting his book, Thiessen talked about how limited the use of waterboarding had actually been, how effective it had been at eliciting information from top al Qaeda leaders, and the methods that interrogators used. The podcast is worth the listen.

People often focus on a sort of oversimplification focused specifically on waterboarding itself. There are other factors which are frequently overlooked. Among these are:

The Geneva Conventions: The Geneva Conventions are often mentioned in the contest of Guantanamo Bay, CIA "black sites", interrogation, and alleged torture. Typically overlooked is the actual text of the Geneva Conventions, in which the treatment of prisoners of war is contingent upon combatants abiding by a set of rules. While no one is advocating for torture, there's a strong case for differentiating between the treatment of legitimate combatants fighting in compliance with the Geneva Conventions, and terrorists and other "enemy combatants" who actively circumvent those rules. (There are also legitimate questions as to whether treating even illegitimate combatants under the terms of the Geneva Conventions undermine the Conventions by eliminating the incentives encouraging restraint in warfare.)

The Clausewitzian Trinity: The legendary strategist, Carl von Clausewitz, enumerated what have come to be known as two different "trinities" that define warfare. His "actual" trinity consisted of Passion, Chance, and Reason. His "secondary" trinity, but the one that gets more attention, is the trinitarian relationship between the government, the military (or, more broadly, the security establishment), and the people. The commentariat often overlooks the fact that in the immediate aftermath of 9/11, the people leg of the trinity supported whatever methods were necessary to prevent another catastrophic terrorist attack. As time passed after 9/11, and with the Bush Administration's credibility damaged in the wake of the invasion of Iraq, the people's broad approval for aggressive measures against terrorists waned. On a broader scale, while Americans are reticent to base their opinions on those of the world at large, actions taken in opposition to international sentiment carry consequences. Globalization throws an asterisk into the "secondary" Clausewitzian Trinity that policy makers flout at their peril.

Perception is Reality: Whether waterboarding and other "enhanced interrogation" techniques constitute torture or not, people's perception that they do becomes the narrative. At some point, the actual details become immaterial, and the value of the potential intelligence ceases to be commensurate with the potential costs. (These costs include educating the public to understand the definition of torture.)

Even if one accepts the arguments that waterboarding and "enhanced interogation" aren't torture, and that they do produce useful intelligence, there are no easy answers, and the playing field changes over time. Defense issues like these require policy makers to balance a variety of competing priorities, and to manage a variety of risks. However, as with most challenging issues, knowledge is power, and informed decisions are better than uninformed ones.

Wednesday, February 26, 2014

The Zombie Security Bandwagon

A while ago, I talked about survival during crisis situations. Today, I want to relate that to zombies.

I've mostly ignored the zombie craze that's dominated popular culture in recent years, but even I haven't been immune. My two major gateways have been the abridged audiobook of World War Z (read by an all star cast), and the film Zombieland. The first was a loan from my then-boss, who had been listening to audiobooks during a slough of road trips. I was amazed at the level of research and analysis that the author had put into writing the book, and the all star voice cast was fantastic. As for Zombieland, I just thought it was really entertaining. Last Summer, I went to see the theatrical adaptation of World War Z, and was pleasantly surprised when it succeeded my low expectations. (They capitalized upon the occasion by releasing an expanded World War Z Unabridged Audiobook; I have yet to listen to it, but a copy of it is waiting for me on the East Coast.)

Beyond that, my interst in zombies was fleeting. I remember being amused when I learned that both Canadian and American officials had used a theoretical zombie outbreak as a tool for thinking about public health issues and emergency management. I even considered participating in the first Survive Norfolk event during my last few weeks in Virginia. Aside from that, I didn't pay it much mind. My ex-girlfriend sort of got the wrong idea about how fixated on zombies I actually was, and was pretty keen to capitalize on that inaccurate knowledge on occasions which warranted gifts. Max Brooks has become the sort of de facto doyen of contemporary zombie literature, so in addition to the first season of The Walking Dead, she gave me a copy of Max Brooks' other major publication, The Zombie Survival Guide. (I got to pack both of these back from the Middle East when I demobilized - the wisdom of sending a bunch of gifts when she knew that I was coming home in a few weeks is still lost on me, but I suppose it's the thought that counts.) The ZSG never got cracked, and was slated for donation until I saw something on Facebook.

My friend Dee posted the attached pictorial of herself opening the Zombie Survival Crate from Man Crates. I had no idea that this company even existed, but in addition to a number of other cool crates and/or ammo cans filled with goodies of one sort another, they offer the aforementioned crate, as well as the Zombie Annihilation Crate and the Zombie Suppression Crate, each of which carries a slightly different load of gear, to include a copy of The ZSG. (For those who are less fixated on fictional monsters, they also offer the Outdoor Survival Crate and Ammo Can.) One could potentially start a good survival and/or camping kit by combining one of these crates with some emergency prep load-carrying equipment from Spec Ops Brand. Of course, with a little bit of ingenuity and some effort, you could probably assemble the entire kit for a bit cheaper.

Fortunately, The ZSG was in one of two boxes of unloadable books that hadn't been taken yet, so I pulled it. One of my best friends actually made national news about a year ago when he attempted to teach an elective class on zombie apocalypse survival skills (link, link), which was almost immediately cancelled because the district authorities folded to parental pressure without ever actually bothering to research what the class was about. Building from the government studies, the Man Crates products, the class my super good buddy attempted to teach, and that post I published last year, it may be worth my time to read The ZSG to see if it contains any relevant illustrations for good personal security practices.

I'll keep you folks posted as I learn more, but in the mean time, have a look at the CDC's Preparedness 101: Zombie Pandemic pdf, or check out Ready.gov for more information on how to prepare you, your family, and your home for both zombie- and non-zombie emergencies.

Sunday, February 23, 2014

Apple Products and Network Security

Gizmodo has an excellent article titled Why Apple's Recent Security Flaw Is So Scary, which details the high profile security exploit in iOs and MacOs. As the article notes, the iOs exploit has been fixed with a patch, while the MacOs flaw has yet to be mitigated.

I've never been a big fan of Apple products. I've never owned a Mac or an iPod, both my UK and American smartphones are Droids, and I bought a Kindle Fire in lieu of an iPad. Part of my reticence is functionality, as Apple products have typically been niche systems for artists as opposed to business productivity machines. I also don't really fit the Apple lifestyle, either - as an acquaintance who worked at the Apple Store once told me:
"Apple isn't selling a computer, it's selling an image. It's selling a lifestyle."*
The most obnoxious claim of Apple folks, though, is that "Macs just don't get viruses." There was a long period in which Macs were fairly secure, mainly because Macs held only a small niche in the global computer market and, as such, weren't worth the effort for hackers to develop exploits for. As Macs have become more fashionable among some demographics, and with the rise of the iPhone, the potential payoff for attackers has increased. However, Apple and those who develop software for its systems have yet to respond with more robust security measures - one of many reasons why the DoD has been slow to source Apple products. (Another is cost - the DoD typically sources the most cost-effective systems available, which are seldom produced by Apple.) If you use Apple products, make sure your equipment is patched at every possible opportunity. This is important for all technology users, but other platforms (most notably PCs) have better security options that can mitigate some of the risks of delayed patching. Beyond that, don't let the false hope of automatic security sway your decision to buy an Apple product. No matter which platform you choose to run, remember that security for your data requires proactivity. * Speaking in 2007 or early '08 of the number of tech-stupid customers who came in for help with first generation iPhones, another Apple Store acquaintance was quoted as saying "The iPhone is the bane of my existence." I found that extremely entertaining.

Saturday, February 22, 2014

Supplemental Readings on Iran

A couple of months ago, I posted about the last the post-revolutionary relationship between Iran and the West. I wanted to post a few additional items to supplement that post.

First and foremost, I omitted a major subset of incidents. In two separate incidents (2004 and 2007), Iranian naval forces detained British sailors and Royal Marines. (The second incident followed an Iranian attempt to do the same against some Australian sailors which didn't quite work out for the Iranians (link, link). During the 2007 incident, the crisis led to a dispute over where the British personnel had actually been (link, link). I apologize for omitting these incidents in the earlier post, but the volume of that post should serve as an indicator of just how many relevant incidents there are to keep track of.

In addition to that, and to the other prior links, here are some items that may be of interest to those of you who are interested in Iran:

  • Gulf Roundtable: Iran's Regional Strategy
  • This Week at War: The Persian Gulf needs its own NATO
  • U.S. arms to Gulf allies hint of strategy
  • Saudi Coast Guard Arrests 21 Iranians
  • Iran for the first time stages cyber warfare drill: report
  • Iran warns planes near Hormuz
  • Iran navy launches 6-day massive exercises
  • Iran starts navy drills near Strait of Hormuz
  • Iran starts war games in Strait of Hormuz
  • Iran plans naval drill in Hormuz Strait, flexing military muscle
  • Iran begins naval war games and to carry drill in Strait of Hormuz
  • The Iranian View of Stage Two of the Arab Spring
  • Iranian Influence, Rising Asian Powers, and the Significance of Yemen
  • Iran and the Gulf Military Balance: Parts I & II: New Ninth Edition
  • Britain could deploy more troops to Gulf, says David Cameron
  • Iran's Rouhani takes on Revolutionary Guards in detente drive
  • Wednesday, February 19, 2014

    "Investing" in The Iraqi Dinar

    Bottom Line Up Front: I wouldn't recommend that anyone "invest" in the Iraqi dinar.

    I was very interested to find that the BBC has been doing some reporting on a new effort to get people to "invest" in the Iraqi dinar. I say "new" because while I was working in the Middle East, there were folks who spent a lot of money, some of them thousands of dollars, to buy Iraqi dinars. Since the 2003 invasion and subsequent (and tumultuous) reset of the Iraqi economy, some people have been convinced that if they buy a lot of Iraqi dinars, they'll be able to get rich overnight during what they're told is an inevitable increase in the dinar's value relative to other global currencies. As skeptical as I remain of Twitter, it appears that the folks at the BBC have done a good job of investigating this latest episode in the ongoing Iraqi dinar saga. You can read the article (#BBCtrending: #Wearethepeople and the 'fraudulent' dinar ruse), download the podcast, or listen online.

    When I was in the Middle East, I had co-workers and subordinates, even some whose judgment I typically trusted, had "invested" in the Iraqi dinar. There was even a fiasco in our company housing when a member of the cleaning staff was accused of stealing dinars from various folks' hidden stashes. The housing company wound up being on the hook to repay every claimant - though not in Iraqi dinars - and it was particularly suspicious how many folks came out of the woodwork upon the announcement that payouts would take place, and also how many folks had been in possession of exactly one million Iraqi dinars.

    That having been said, one of my other employees (who lived on the economy instead of in company housing) was quite open about his desire to wallpaper his post-deployment bathroom with Iraqi dinars. That wasn't the worst idea I'd ever heard. Still isn't.

    Tuesday, February 18, 2014

    Multiple Items: Gulf Security and Nuclear Issues

    My last two posts (Iranian Nuclear Issues and Sensitive Information Protection and Thoughts on Computer Network Defense) were originally meant to be a single post covering a couple of independent issues in short succession. I failed at that goal. I'm going to attempt it again today with even more topics, all related to strategy and international security.

    I've been seeing a number of articles about the Kuwaiti citizen body's anxiety over a new GCC security accord. (‘GCC Pact In Harmony With Kuwaiti Laws’; Treaty will Ensure Coordination Among Security Agencies) One of the big arguments appears to be that the new accord conflicts with the Kuwaiti constitution. Saudi Arabia is the proverbial "first among equals" in the GCC, and it's entirely possible that the Kuwaitis are reticent after the 2011 Saudi/GCC security force deployment to Bahrain (more on that here.) In late 2012, the GCC members also agreed to unify members' military forces under a single command. I haven't had a chance to drill down further into this issue, so if I find something else of note, I'll share it.

    Another item I've been seeing pop up recently is concern about GCC nationals returning from fighting in Syria. (MP warns of Syria fighters) The Kuwaitis have been concerned about this for a while now ; like the Iraq War before it, the Syrian civil war has become a proxy conflict between the Sunni and Shia sects. The Iranians have supported the Syrian Alawite regime with funding, equipment, advisors, and fighters; meanwhle, several Gulf states (notably Saudi Arabia and Qatar) have supported Sunni rebel groups with weapons, funding, and relief supplies. I read an article last week, again out of Kuwait, that said that Saudi King Abdullah has issued a decree requiring the incarceration of Saudis who fight in or support conflicts abroad. The Saudis had some previous experience with these issues as the primary sponsors of the Arab Afghans, the most famous of whom was Osama bin Laden. The Gulf States walk a thin line between pursuing their strategic agenda (for which their military forces are seldom an appropriate option), and balancing that strategic agenda with domestic security considerations.

    Last week, I talked about a February 2013 CNAS paper claiming that the Saudis are unlikely to pursue a domestic nuclear program (though I thought their case undermined their actual thesis - I was more convinced of potential Saudi nuclear ambitions after reading the report). I also cited a BBC article which claimed that the Saudis would pursue a nuclear option if Iran got one. The National Journal published an article on Friday which claims that the Saudis are investigating a uranium enrichment program. Rhetoric about Iran's nuclear program usually focuses on the threat to either America or Israel; but in my mind, the big risk from a notional Iranian nuclear weapons capability is that it would spark a de facto arms race in which other nations, notably the Saudis but also Egypt and possibly Turkey, would pursue their own nuclear weapons capabilities. At that point, one gets into the question of adequate arms controls, to include command and control (C2). Those concerns are often overlooked by the commentariat, but they're of potentially greater concern than the direct risks of upsetting the present nuclear status quo.

    Continuing with the discussion of nuclear issues, there are two items of note to share today. The first is disappointing: Red Cross to the World: Eliminate Nuclear Weapons ‘Once and For All’; Group says a relief operation for a nuke attack would be virtually impossible:
    “The humanitarian consequences following a nuclear explosion would cause unprecedented devastation,” said Fernando Suinaga, Mexican Red Cross president and member of the Movement in Nayarit. “Any rescue or relief operation undertaken by the International Red Cross and Red Crescent Movement for those affected would be virtually impossible.”
    Having taken a postgraduate course in Strategic Nuclear Doctrine, arguments such as these are always frustrating because they're generally made in ignorance of both history and doctrine. Nuclear weapons have saved the Red Cross from impossible humanitarian crises precisely because their potential impact was and is so horrific as to deter their use by a variety of potential belligerents. More encouraging is a new podcast from War on the Rocks in which the participants discuss contemporary nuclear doctrine. It's well worth the listen, and it's introduced me to a new podcast series on which I'll have to catch up.

    And finally, also from WOTR, I'm quite excited to read Iran History, and Strategy by Analogy by Lawrence Freedman. (This despite the fact that Freedman wrote what may be the most convoluted book I've ever read.)

    As always, more to come soon.

    Saturday, February 15, 2014

    Thoughts on Computer Network Defense

    AFP: US launches voluntary cybersecurity plan
    The US administration on Wednesday launched a cybersecurity plan which aims to use voluntary collaboration from the private sector to protect critical infrastructure from computer hackers.

    The initiative stems from an executive order issued last year by President Barack Obama after repeated failures in Congress of a cybersecurity law.
    I could wax eloquent (and not-so-eloquent) on this topic for quite a while, but I want to identify a few key points (while endeavouring to avoid politics). For the sake of clarity, I'm blockquoting the individual points to set them apart.

    1) People don't understand the risks, and/or they're only willing to mitigate them as much as they think they have to.
    The reason why many businesses, and even government agencies, have failed to get up to speed on the issue of network security is twofold: they don't understand it, and the risk of damage isn't seen as commensurate to the reward of robust security. To some degree, that's starting to change, as the potential liability costs of the recent Target data breach and similar incidents are beginning to show. In that way, network security is similar to other types of security: organizations will spend precisely what they think they must, and not a penny more, because security is an overhead item that cuts into their bottom line. That's the cost/benefit analysis and/or risk management piece.

    Beyond that, the leaders of many organizations simply don't understand the threat. At the risk of over-generalizing, there's a very narrow demographic that's young enough to understand en masse how modern technology works, while simultaneously remembering conditions prior to its proliferation in the last couple of decades. Outside of that portion of the demographic spectrum, you two groups. Most of those who are older than the aforementioned group are, in essence, "immigrants" to modern technology and; at best, these folks "speak" technology with a pronounced accent. Meanwhile, those younger than the aforementioned group are so accustomed to modern technology (such as social media, which conditions them to share every aspect of their lives), that they often fail to comprehend the need for confidentiality. (I've written about a couple of aspects of this challenge before, here and here.) The result is that it's very difficult for organizations to instill a culture of security awareness, either in the boardroom or in cubeville.
    2) Convenience is part of the problem.
    Everyone's heard the phrase "the path of least resistance". Technology has blazed its own superhighway of least resistance. We've all seen it on the micro level: people would rather use their debit card than worry about cash, or follow their GPS in lieu of learning a route. In many cases, we as a culture have largely lost the corresponding low-tech skills that most people had only a few years ago.

    On the macro level, network security experts love the example of hackers being able take down a power grid, or a water or sewage system, or a variety of other public works elements that are potentially more devastating than the threat of identity theft or credit card fraud that could stem from the aforementioned Target data breach. While I'm sympathetic to the potential benefits and efficiencies afforded by networking, these examples always cause me to wonder, "Who's the genius who thought it was a good idea to hook control of a power grid up to the Internet?" In popular media, I was always intrigued by this theme in the 2003 to 2008 Battlestar Galactica TV series, in which the eponymous warship's computers were not networked in order to prevent the sort of security issues we agonize over today.
    3) We need to start applying more common sense to the problem.
    The problem is getting worse. For example, Comcast is now offering XFINITY® Home, which allows subscribers to wire numerous aspects of their home into their Internet for management from their mobile devices. Am I the only one who remembers this scene from Skyfall?
    Now, do I think that a product like XFINITY® Home is going to lead to an epidemic of exploding homes? No, but I'm also not confident enough in home security systems - or, rather, in your average customer. A guy I used to work with was fond of saying "there's no patch for User 1.0". Between technical vectors like phone cloning or mobile phone spyware, and social media vectors like vishing and weak passwords, do we really think that the average person's phone ought to be connected to their security system? The potential for malicious and accidental catastrophes, both from user error and attacker sophistication, brings real questions regarding the cost/benefit analysis of these innovations.
    None of this is to say that I'm some sort of luddite - far from it. However, many conveniences that we take for granted open vectors for unsavory elements to attack.

    The DoD has some good resources for network security, but they're highly militarized. Some more user-friendly resources are available at the National Institute of Standards and Technology's Computer Security Resource Center. At the risk of getting political, the Obama Administration's approach to most problems involves intensive government efforts. The truth, though, is that we as a country, and we as individuals, rely upon so many individual and networked pieces of technology that government-spearheaded efforts simply won't put a dent in the potential risks. Individuals and organizations will have to be proactive for themselves, with the understanding that the threat to sensitive information and to critical infrastructure is growing. At the same time, we need to start thinking before we automate and wire up any and every aspect of our lives. To quote Ian Malcolm:


    I realize that that's three pop culture references in one post, and I can only apologize and promise to try harder next time.

    Friday, February 14, 2014

    Iranian Nuclear Issues and Sensitive Information Protection

    AFP: Iran demands 'proof' of nuclear weapons allegations
    Iran said Wednesday it would not accept longstanding allegations that its nuclear programme once had a military dimension without seeing the secret documents on which the charges are based.
    First and foremost, Iran knows this isn't going to happen. That information is almost certainly classified, and part of the reason for classifying information isn't so much to protect the information itself, but to protect methods and sources. There's no doubt that Iran wants to work at figuring out those methods and sources, so that it can mitigate those information leaks in one manner or another in order to prevent future leaks of sensitive information about its nuclear program. This statement from Iran probably relates to an item from last week that I discussed on Facebook with on of my coursemates from Aberdeen, CN Slapshot. As he's well read on some of the specifics, I shall now quote him without asking permission first:
    EBWs are part of what is known as 'Project 110', which intelligence sources given to the IAEA, explain as an attempt to synchronize detonations on a spherical or hemispherical device to within 130 nano seconds. While EBWs have civilian applications, such a narrow synchronization timeframe does not. Further, the Iranians might have to explain 'Project 111'- an attempt to design a warhead for the Shabab 3 MRBM that could detonate at 600m above the ground, which is a height that is completely ineffective for the deliverance of traditional ordinance. Nuclear weapons are usually airbursted- the first weapon ever used in a war was detonated at a height of 580m. Lastly, they should explain the attempted development of neutron detonators that are designed to compress uranium deuteride to produce neutrons for detonation. Such a device has no civilian application.
    Iran has both financial and strategic stakes in ensuring that the current round of seemingly promising negotiations over its nuclear program don't fail; the international community has a mainly strategic stake in the same, but it also has a strategic stake in not upsetting the balance of power in the Gulf, and in not upsetting the global balance of nuclear power. Revelations such as the one in question, and several others since the deal was heralded a couple of months ago, would call an eventual comprehensive deal into question. The Iranian government wants tight control over the information about its nuclear program, just as the international community wants to protect the methods and sources it employs to collect its own information.

    For what it's worth, experts are divided on the likely outcome of a notional Iranian nuclear weapons test. About a year ago, I read a report from CNAS entitled Atomic Kingdom, in which the authors argued that the Saudi government was likely to pursue nuclear security guarantees in lieu of its own nuclear program. I read the report, and thought that their data made precisely the opposite case, so I wasn't surprised when the BBC published an article corroborating my appraisal later in 2013. In January, noted American nuclear scientist Siegfried S. Hecker and former Secretary of Defense William Perry co-authored an article entitled Iran's Path to Nuclear Peace; it's worth reading, though it assumes (contrary to much of the evidence, and probably for the sake of diplomacy) that Iran's nuclear program is actually for peaceful purposes. (The article also claims that Iran doesn't have enough indigenous uranium to sustain a nuclear energy program, though I know that the IAEA recently visited an Iranian uranium mine, so I'm not sure whether that's a disconnect or if Iran's mines just don't have much uranium.) Two other recent posturing incidents on Iran's part are its claim that it's going to sail an (apparently quite modest fleet near American territorial waters, and an apparent successful missile test from earlier this week.

    I want to get back to the topic of classified and/or sensitive information, because looking at the critical information elements of this dispute (from both the Iranian and non-Iranian perspectives) can provide some valuable lessons for companies and individuals.

    I can't remember the source off the top of my head, but either a fictional drama about espionage, or else a source from last year's Strategic Intelligence course, talks about methods and motivators to get people to hand over sensitive information. Motivations for an agent can range wildly; a source could be convinced that his country gives him no grounds to be patriotic, or that providing the information is actually an expression of his own patriotism. Others are persuaded by blackmail - for example, the KGB and GRU Were well known for sending prostitutes to consort with various intelligence targets in bugged hotel rooms in order to discredit them, or else to blackmail them for information. (I've heard rumors that certain Middle Eastern regimes have done the same sort of thing.) Another motivator is money, which is why vetting for security clearances often includes both credit checks to ensure that potential employees aren't under pressure from large debts; and lifestyle appraisals to ensure that those same potential employees won't get themselves into a situation in which the promise of money would entice them. As I noted in my Strategic Intelligence term paper:
    One example of this is the Robert Hanssen case, in which an FBI counterintelligence officer was convicted of having accepted payment of $1.4 million in cash and diamonds over the course of twenty-two years - an average of only about $64,000 per year[1], substantially less than the annual operating cost of most SIGINT assets and considerably less than the cost of a single GEOINT asset. Similarly illustrative is the case of Ronald William Pelton, who betrayed Operation Ivy Bells - the U.S. Navy's operation to tap unencrypted Soviet communications cables in the Sea of Okhotsk - for a mere $40,000.[2] [1] Wise, David; Spy: The Inside Story of How the FBI's Robert Hanssen Betrayed America; Random House; New York City, New York; 2003 [2] Drew, Christopher and Sontag, Sherry and Annette Lawrence Drew; Blind Man's Bluff: The Untold Story of American Submarine Espionage; PublicAffairs; New York City, New York; 1998
    When one considers how delicate and labor-intensive vetting, information security measures, and asset recruiting efforts are, it's easy to see why so many national security folks are upset with people like Bradley Manning, Julian Assange, and Edward Snowden.
    The same concepts can be distilled down to the corporate level. One way I've heard this explained is through the invocation of the "New York Times Rule" and its "Karachi Corollary": if you don't want your boss to see something on the front page of the New York Times, or for a terrorist to be able to find it while sitting at an Internet cafe in Karachi, Pakistan, then you need to protect your information accordingly. I'm obviously not talking about corporations hiding their efforts to construct an illicit nuclear program. Instead, I'm talking about corporations, or any organization or individual, taking appropriate measures to protect their own critical information. I've talked about the Five Step OPSEC Process before, but it's never a bad time to review it:

    1) Identify critical information
    2) Threat analysis
    3) Vulnerability analysis
    4) Risk assessment
    5) Implement OPSEC Measures

    While I wouldn't recommend that individuals or companies develop illicit nuclear weapons, I would recommend that they learn from the ongoing dispute with Iran, and protect their sensitive information accordingly.

    Thursday, February 13, 2014

    Austerity and Naval Strategy

    As I've noted previously, I'm a longtime student of naval strategy. I wanted to take this opportunity to share a few articles I've collected over the last few years. The question of how to continue safeguarding American interests while searching for efficiencies has been both prominent and contentious for several years now, and the Navy has spent those last few years quietly pursuing a pretty effective campaign of doing just that. As I noted in my dissertation:
    Western militaries have recently considered a variety of options for managing international security challenges with a smaller footprint. Naval advocates, for example, propose a variety of approaches, from fielding modified destroyers optimized for stand-alone missions[1] ; to increased emphasis on comparatively inexpensive amphibious assault ships[2] ; vice supercarriers.[3] (The experimental 2012 conversion of USS Ponce into a Gulf-based logistics platform[4] ironically reflects the use of similar assets off the Dhofari coast to facilitate logistical support for Operation Badree.[5]) These approaches mirror the 2011 NATO campaign in Libya, in which amphibious vessels spearheaded operations utilizing embarked V/STOL aircraft and attack helicopters[6], vice a supercarrier and air wing.

    [1] Albaugh, Kurt; “Six Frigates and the Future of Gunboat Diplomacy”; Small Wars Journal; Bethesda, MD; 04APR2011; http://smallwarsjournal.com/blog/journal/docs-temp/722-albaugh.pdf

    [2] Axe, David; Navy’s Newest Assault Ship Moonlights as Pint-Sized Aircraft Carrier; Wired.com; N/A; 22OCT2012; http://www.wired.com/dangerroom/2012/10/navy-mini-carrier/

    [3] Ottens, Nick; Amphibs vs Carriers: Which Has the Future?; Atlantic Sentinel; N/A; 29JUL2011; http://atlanticsentinel.com/2011/07/amphibs-vs-carriers-which-has-the-future/

    [4] N/A; ‘Floating base’ deploys to Gulf: US Navy; Agence France-Presse; Washington, D.C.; 07JUL2012; http://gulfnews.com/news/gulf/bahrain/floating-base-deploys-to-gulf-us-navy-1.1045755

    [5] Monick, S.; “Victory in Hades: The Forgotten Wars of Oman 1957-1959 and 1970-1976, Part 2A: The Dhofar Campaign 1970-1976”; Scientia Militaria, South African Journal of Military Studies, Vol. 12, Nr 4; Saldanha, South Africa; 1982; http://scientiamilitaria.journals.ac.za/pub/article/view/600 ; pp. 23

    [6] N/A; Libya: UK Apache helicopters used in Nato attacks; BBC; N/A; 04JUN2011; http://www.bbc.co.uk/news/uk-13651736
    A few additional notes.

    1) Because I was writing about the Dhofar Rebellion, I compared the deployment of USS Ponce with the deployment of a similar vessel off the Dhofari coast during Operation Badree. I was unaware until recently that a similar approach was used in Falklands War of 1982. The US Navy is currently expanding upon this capability (source, source) as a continuation of its use of the Ponce. As that first source article notes:
    The idea is for these cheaper vessels wherever possible to take the places of the Navy’s front-line destroyers, cruisers, amphibious ships and aircraft carriers, maintaining American presence on routine patrols while freeing up the tougher, more expensive warships like the flattop Ford to prepare for what they do best: fight a full-on shooting war.
    The Navy has made some other smart purchases as well. I've already noted their pursuit of economies of scale by capitalizing on the F/A-18 platform. The Navy has also been able to develop economies of scale in the production of the Virginia Class submarine fleet, as well as converting four of the existing Ohio Class ballistic missile submarines instead of retiring them entirely in accordance with treaties between the United States and Russia. The Littoral Combat Ship has been a bit more problematic, but the Navy's overall record has been strong - arguably stronger than those of its peers.

    Tuesday, February 11, 2014

    Just for Fun: Mapping the Hornbeam Line

    I've written extensively on the Operation Highlander blog about my dissertation on the Dhofar Rebellion. As regular readers of both the Operation Highlander blog and this one may have gathered, I'm fascinated by geography and maps. One of the things I tried to do was to compare the handful of available maps from the conflict with the various maps available through Wikimapia and Google Maps. Several years spent undergoing classroom instruction from the Marine Corps taught me just how critical a factor geography is to the prosecution of a military campaign, and my study of the conflict in Dhofar inspired a big interest in the geography of that particular campaign.

    It took some creative work combining Wikimapia, PowerPoint, and Windows Paint, but I was finally able to find the final Location: Patrol Base Pipe
    Coordinates: 16.882449° N, 53.759724° E
    Remarks: Located using maps from In the Service of the Sultan by Ian Gardiner and We Won a War by John Akehurst. If location is correct, position appears to be abnormally small.

    Location: Patrol Base Whale
    Coordinates: 16.927313° N, 53.747848° E
    Remarks: N/A

    Location: Patrol Base Ashawq/Ashoq
    Coordinates: 16.936920° N, 53.735703° E
    Remarks: N/A

    Location: Patrol Base Killi
    Coordinates: 16.972069° N, 53.731915° E
    Remarks: Site displays distinct square seen elsewhere at PB Reef and PB Bole.

    Location: Patrol Base Killi (Satellite)
    Coordinates: 16.975117° N, 53.733069° E
    Remarks: Small position with circular formations located west and northeast of due center. Possible PB Killi satellite observation post.

    Location: Patrol Base Reef
    Coordinates: 17.005118° N, 53.743272° E
    Remarks: Displays distinct square seen elsewhere at PB Killi and PB Bole.

    Location: Patrol Base Kumasi (Site #1)
    Coordinates: 17.029440° N, 53.727919° E
    Remarks: Site displays several distinct "diamond ring" formations, which are artillery pits, consistent with Gardiner's map indicating that Kumasi was an artillery point. Located directly northwest of PB Kumasi Site #2.

    Location: Patrol Base Kumasi (Site #2)
    Coordinates: 17.028299° N, 53.731781° E
    Remarks: Possesses features more indicative of a fortified perimeter than accompanying site. Located directly southeast of PB Kumasi Site #1.

    Location: Patrol Base Bole
    Coordinates: 17.063200° N, 53.680573° E
    Remarks: Displays distinct square seen elsewhere at PB Killi and PB Reef, as well as apparent fortified perimeter markings similar to PB Ashawq and PB Kumasi Site #2.

    Location: Patrol Base Bole (Satellite)
    Coordinates: 17.063200° N, 53.680573° E
    Remarks: Possibly a satellite observation post of PB Bole.

    Location: Patrol Base Oven
    Coordinates: 17.189088° N, 53.631102° E
    Remarks: Located by following markings of apparent Hornbeam Line remnants northward from site of PB Bole.

    By using Google Earth, or Wikimapia's Google Satellite and Bing Satellite options, you can see the actual "line" of the Hornbeam Line. Before I left Scotland, I had the opportunity to meet for a couple of hours with retired Royal Marines Brigadier Ian Gardiner, a Dhofar veteran and author of In the Service of the Sultan, and I showed him a slide deck I'd assembled detailing these findings. Based upon his book and our discussion, here are a few additional notes.

    1) He believes that the distinctive square formations at PB Killi, PB Reef, and PB Bole were enclosures for livestock. I had originally suspected that they were helicopter landing pands, by a closer inspection of PB Kumasi Site #1 using Google Earth (pictured) revealed three helicopter pads. I also found similar helipads at this site further to the west, which I believe to be one of the positions from the Imperial Iranian Task Force's Damavand Line.

    2) Brigadier Gardiner informed me that there were "two Kumasis". He confirmed that the "diamond ring" formations are the remnants of artillery pits. It looks like one of the sites was the main patrol base, and the adjacent position was the gunnery section.

    3) In both his book and during our conversation, Brigadier Gardiner mentioned that the line is probably still dangerous since various factors ranging from weather, to animals, to insurgents tended to relocate the land mines that gave the Hornbeam Line its teeth. He mentions in his book that much of the barbed wire has been repurposed by the locals for their own animal enclosures.

    A little bit of work on Google Earth following Operation Irene was eye-opening. It showed me just how steep some of those slopes are, as well as how deceptive some of the overhead visuals are. There were several positions that looked to me like they were down in depressions or gullies, when they're actually all on pretty high ground.

    My efforts will continue as I have time. I'd like to find the rest of the Damavand Line, and some other terrain features.

    Monday, February 10, 2014

    More Snowed-In Advice

    The other day, I wrote about survival in place during inclement conditions. A friend of mine (who's admittedly far more of a "prepper" than me) posted some of his observations on Facebook, and I wanted to share them to a wider audience.
    Things learned from the weather.

    We lost power for about 24 hours beginning early Sunday morning. We have wood heat so heat was not an issue.

    I have an Aladdin oil lamp my Dad got from my Grandpa and have reconditioned it and it works great. I also picked up one at a garage sale and got it going. They both work well. One thing I did notice was that the dark walls in our living room do not reflect light and it takes more sources to light the room.

    We have a small generator that I used to keep the frig and freezer cold. Just ran it an hour on each one and everything stayed cold.

    The LED lanterns work great and I will be adding one of those to the stash.

    The generator burns gas pretty quick, about a quart per hour so if you had to run it all day that would be 6 gallons of gas.

    Things like white gas and lamp oil go very quickly. In an extended outage, these items would probably be gone in the first week.

    We used a propane camp stove to cook with. Just set it on top of our stove in the kitchen and it worked great.

    Fortunately, we have city water and gas hot water heater. In the country you would need a generator to power your well pump, although that could be an intermittent thing.

    Boredom sets in quick. We ended up playing Scrabble. We have tons of board games so we would have lots to fall back on. Plus, chores would start kicking in once the conveniences of modern day life were gone.
    My experience was similar, although the closest I got to losing power was three blinks on Saturday evening. I didn't have a huge stockpile of food, but there was also no realistic expectation that I'd go more than two or three days without being able to leave the house. Even so, I probably would have needed to get pretty creative to keep myself comfortably fed for much longer; and even with cable and Internet access, cabin fever was still setting in. These are good lessons to learn in temporarily inconvenient situations, so that you can prepare for potentially prolonged disturbances.

    Saturday, February 8, 2014

    Snow Day Documentaries

    I'm snowed in, so instead of making the most of my time by studying, I decided to compile links to a bunch of documentaries about Afghanistan that are available on YouTube. I figured I'd share.

    By the way, as you can see from the picture, my advice from about a year ago was pretty accurate in 2013 and thus far in 2014. I have yet to witness a zombie apocalypse, a collapse of Western society, or a massive uprising against the American government. What I have seen plenty of, both back in the States and prior to leaving Scotland, has been inclement weather and naturally occurring phenomena. These incidents haven't required those affected to escape and live off the land; rather, it's required them to prepare, resource, and execute plans to wait at home until conditions improve. (As for yours truly, I could stand to have a couple more packs of ground lamb, but the power and the Internet have been solid, so I'm a pretty happy camper.)

    Anyway, here are the documentaries.

    * * *

    First and foremost, these are well worth the time to watch.

  • British Marines fight The Taliban 1 of 4
  • British Marines fight The Taliban 2 of 4
  • British Marines fight The Taliban 3 of 4
  • British Marines fight The Taliban 4 of 4
  • Our War: Ambushed
  • Our War: The Invisible Enemy
  • Our War: Caught in the Crossfire
  • Our War: The Lost Platoon
  • Our War: Into the Hornet's Nest
  • Our War: Series II - Return to Death Valley
  • The Battle for Bomb Alley (1/2)
  • The Battle for Bomb Alley (2/2)

    Filmmaker Chris Terrill has made two great documentary series' about the Royal Marines and Afghanistan, and these are listed below.

  • Commando: On the Front Line: Episode 1 - The Shock of Capture
  • Commando: On the Front Line: Episode 2 - Carrot and Stick
  • Commando: On the Front Line: Episode 3 - The Lost Patrol
  • Commando: On the Front Line: Episode 4 - Tears and Fears
  • Commando: On the Front Line: Episode 5 - Enemy Contact
  • Commando: On the Front Line: Episode 6 - Operation Sparrowhawk
  • Commando: On the Front Line: Episode 7 - Dawn Assault
  • Commando: On the Front Line: Episode 8 - Royal Marines To Your Duties
  • Commando: On the Front Line: The 55 Year Old Commando
  • Royal Marines: Mission Afghanistan - Deadly Underfoot
  • Royal Marines: Mission Afghanistan - Venus Fly Trap
  • Royal Marines: Mission Afghanistan - Dogs of War
  • Royal Marines: Mission Afghanistan - Kill or Capture
  • Royal Marines: Mission Afghanistan - Brothers in Arms
  • Royal Marines: Mission Afghanistan - The Final Reckoning

    This next documentary is best watched in concert with this report.

  • The Battle for Marjah

    This next selection is excellent, though I see that YouTube has removed a number of the episodes. The link to the actual BBC Episode Guide is included as the fourth link.

  • Young Soldiers: The Shock of Capture
  • Young Soldiers: Should I Stay or Should I Go
  • Young Soldiers: Countdown to Afghan
  • BBC Episode Guide

    I haven't watched any of these documentaries yet, but I may over the course of the next week.

  • Fighting the Taliban
  • Australia's Secret War - Tour of Duty
  • Dateline Behind Enemy Lines (1/2)
  • Dateline Behind Enemy Lines (2/2)
  • Afghanistan: The Battle for Helmand 2/4
  • Afghanistan: The Battle for Helmand 2/4
  • Afghanistan: The Battle for Helmand 2/4
  • Afghanistan: The Battle for Helmand 2/4
  • The TA and The Taliban: 2 Scots (1/3)
  • The TA and The Taliban: 2 Scots (2/3)
  • The TA and The Taliban: 2 Scots (3/3)
  • The TA and The Taliban: 2 Para (1/3)
  • The TA and The Taliban: 2 Para (2/3)
  • The TA and The Taliban: 2 Para (3/3)
  • Meeting the Taleban (1/4)
  • Meeting the Taleban (2/4)
  • Meeting the Taleban (3/4)
  • Meeting the Taleban (4/4)
  • Endgame Afghanistan 1/2
  • Endgame Afghanistan 2/2

    That's it for now. Check back soon.
  • Friday, February 7, 2014

    A Few Recent Selections

    I have a long list of articles I want to discuss at length. I've been busy with a few other projects lately, so in lieu of some of those articles, here are some of the items I've been attempting to keep abreast of lately.

    China
  • Perception outweighs ability as China builds blue-water fleet - News - Stripes
  • China Thinks It Can Defeat America in Battle

    Equipment
  • PONI Live Debate: Triad Modernization | Center for Strategic and International Studies
  • Saving the Kiowa
  • SecDef Should Crack Whip On Cyber, Drones, & Training Foreigners | Small Wars Journal
  • Connecting Air Support Acquisitions and National Strategy | Small Wars Journal
  • US Plans Radical Upgrade of Stryker Brigades
  • Trouble Brewing Between US Army's Active Duty and Guard Forces
  • Is Precision the Future of CAS?
  • Army Modernization Is Melting Down
  • $1B in Air Force cargo planes sent to boneyard get new missions - U.S. - Stripes
  • Bring on the Countermeasure Drones
  • The Navy’s Getting a Big, Secretive Special Operations ‘Mothership’

    Security
  • CSIS: Considering the Caucasus Emirate Chemical Attack Threat to Sochi

    Strategy
  • Speaking of the Long War
  • French Counterterrorism in the Sahel
  • Is War Too Important to be Left to Social Scientists?
  • Counterinsurgencies and Deterrence
  • Lessons From Previous Competitive Strategies
  • Peace, Art and … Special Operations
  • Does America Have Any Naval Strategists Anymore?
  • Failure to Learn: Reflections on a Career in the Post-Vietnam Army
  • Five Questions with Steven Metz on U.S. Landpower
  • Learning Large Lessons from Small Wars
  • Lessons Observed on Lessons Observed: IEDs, Advising, and Armor
  • The misuse of American might, and the price it pays
  • Army Presses Case for Relevance of Ground Forces (UPDATED)

    Gulf Region
  • Saudi Arabia, Iran, and the "Clash within a Civilization"
  • 191 Nepalis died in Qatar last year - Kuwait Times | Kuwait Times
  • Qatar: Syria rebels' tiny ally in the background
  • The Geneva Joint Plan Of Action: How Iran Sees It (1)
  • America Must Assuage Saudi Anxiety - NYTimes.com
  • Oman orders NASAMS air defense system

    Afghanistan
  • Pakistani Unconventional Warfare Against Afghanistan
  • Taking Tea with the Taliban
  • Why U.S. troops must stay in Afghanistan

    Other
  • WW1 soldier diaries placed online by National Archives
  • Deer 'pose biggest threat' to Scotland's native woodlands
  • Hard Fighting: Israel in Lebanon and Gaza | RAND
  • This Is How the World Could Have Ended