The Wake-Up Call from David Buckel

US Carbon Emissions

Are Winters Getting Warmer in Ithaca, NY?

Is Europe Recovering Yet?

Oil Supply Update

Monthly Oil Supply Update

Your tax dollars at work...

Unbelievable:

Personally, I thought the Internet was already quite insecure without the US government spending large amounts of money to deliberately make  it worse.

NSA Malware

There's a fascinating report in the Washington Post about the dimensions of US offensive cyber-operations. Here are a few excerpts.

Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed “covert implants,” sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions.

The documents provided by Snowden and interviews with former U.S. officials describe a campaign of computer intrusions that is far broader and more aggressive than previously understood. The Obama administration treats all such cyber-operations as clandestine and declines to acknowledge them.

and

The administration’s cyber-operations sometimes involve what one budget document calls “field operations” abroad, commonly with the help of CIA operatives or clandestine military forces, “to physically place hardware implants or software modifications.”

Much more often, an implant is coded entirely in software by an NSA group called Tailored Access Operations (TAO). As its name suggests, TAO builds attack tools that are custom-fitted to their targets.

The NSA unit’s software engineers would rather tap into networks than individual computers because there are usually many devices on each network. Tailored Access Operations has software templates to break into common brands and models of “routers, switches and firewalls from multiple product vendor lines,” according to one document describing its work.

The implants that TAO creates are intended to persist through software and equipment upgrades, to copy stored data, “harvest” communications and tunnel into other connected networks. This year TAO is working on implants that “can identify select voice conversations of interest within a target network and exfiltrate select cuts,” or excerpts, according to one budget document. In some cases, a single compromised device opens the door to hundreds or thousands of others.

The focus on routers, switches, and firewalls is very interesting and news.  To the best of my knowledge, nothing like this is known to the computer security industry.  No doubt the NSA is careful to test its efforts first, to ensure they aren't detected.

However, the hunt will be on now.

This suggests also a new market niche doing intrusion detection on these kinds of infrastructure components.  However, it's not clear that a US based firm could be a very credible provider...

Friday Links

• Edward Snowden impersonated top level NSA officials to steal documents.  Fits my hypothesis about him.
• Indian government to ban use of US email services for official communication.  There's going to be a lot more of this kind of thing, I think.
• Kevin Drum bashes the Obama administration over Syria.  My general sense is that there are no good options here.  If we, collectively, do nothing, we are no doubt in for an ongoing and regular diet of headlines and youtube videos of Syrian kids being massacred with nerve gas.  Being able to clear neighborhoods cheaply is pretty handy for a dictator with his back to the wall and Assad will do it again if he thinks he can.  On the other hand, a limited bombing campaign is likely to be illegal, unpopular, and fairly ineffectual, particularly given the warning the Syrian government has had.  On the third hand, a major involvement in the war would be very costly in lots of ways, and it's completely unclear that the end result would be a better regime.  Anyone who suggests there are any simple good options here isn't thinking it through.  It's fairly likely to suck regardless of what we do, just in different ways.

What The Oil Drum Meant

Tuesday Links

• Libyan oil exports have apparently plunged by 70% due to unrest in that country.
• The utility industry plans to hold large exercises to simulate a big attack on the US electricity grid.  Should be interesting.

Monday Links

• This detention of Glenn Greenwald's partner under British anti-terrorism laws, while flying from Germany to Brazil, is absolutely and completely outrageous.  This is clearly harassment of journalists for publishing stories that authorities don't like, and strikes at the heart of freedom of speech.  If you weren't already convinced that the intelligence/anti-terrorism apparatus in Western countries is out of control, I imagine this will push you a bit further in that direction.
• Things going from bad to worse in Egypt.
• A new tool for scanning the Internet in 45 minutes (with a gigabit uplink).

Friday Links

• The European economy grew very slightly in Q2. The graph of European (and US) GDP is above.  I think it's too soon to be certain that Europe is out of the woods, but this last data point certainly does make the graph look less dismal.
• Parts of China have slowed down badly though.
• NSA surveillance leaks make national cyberdefense plan politically infeasible.  In general, I'm strongly in favor of national cyberdefense, and I research/design/build network intrusion detection systems for a living.  However, I have to admit that at this point I wouldn't trust the NSA with access to such systems either.  This is exactly why, in a democracy, major policy changes shouldn't be pursued in secret; it's toxic when it comes out.
• Bruce Schneier: "Since the Snowden documents became public, I have been receiving e-mails from people seeking advice on whom to trust. As a security and privacy expert, I'm expected to know which companies protect their users' privacy and which encryption programs the NSA can't break. The truth is, I have no idea. No one outside the classified government world does. I tell people that they have no choice but to decide whom they trust and to then trust them as a matter of faith. It's a lousy answer, but until our government starts down the path of regaining our trust, it's the only thing we can do."

Saudi Arabian Oil Production

Monthly Oil Supply Update

Monday Links

• The above is European unemployment.  Is that a slight hint of improvement, finally, there at the end?  Or just noise?  Too soon to tell.
• Apparently, if you set up a decoy water treatment plant control system on the Internet, there are a lot of groups willing and able to compromise it and take over the non-existent water plant.  The implication is that critical infrastructure like this has probably been extensively compromised by foreign intelligence agencies.  Maybe folks should be getting a few extra plastic tanks for the basement?
• Sounds like NSA wiretaps are actually being used to initiate normal criminal cases, and agents are being trained to conceal the fact on a large scale.  Great, just great.  
• European retail trade is below.  Although the last month was down a little bit, the last six months in the aggregate appear to have stopped trending down.

Friday Links

• Apparently INEOS Bio has created some cellulosic ethanol.  Not clear how much.
• Claims that there was a near miss solar flare event a few weeks back (although I can't find any excitement at NASA).
• Republican case for climate action.

Some Questions on XKeyscore

Glenn Greenwald at the Guardian has written another very interesting article on XKeyscore, an NSA intelligence program to search huge amounts of bulk traffic that allied intelligence agencies are collecting from around the globe.  The Guardian also made available a top-secret presentation on XKeyscore from 2008.  This represents the program as it was inherited by the Obama administration from the Bush administration.  However, comments in interviews by Edward Snowden suggest that substantially similar capabilities still exist.

I wanted to draw attention to several things in the NSA presentation that the Guardian didn't mention but that struck me as interesting (having a computer security background).  The first is this map:

Several questions arise:

Monday Links

• The above map shows the likelihood of a child from the bottom fifth of the income distribution rising into the top fifth, and is from a fascinating article about the geography of income inequality in the NYT.  The underlying study is available, and you can get the raw data there too.
• Shipping goods from western China to Europe by rail.  This seems like an interesting development as it might help China to continue developing its interior, which lags considerably behind the big coastal cities.
• Interesting op-ed on the difficulties of growing food in the climate of the future with increasingly severe and prolonged heat waves.
• Last year's collapse in natural gas prices appears to be over:

Friday Links

• The above is New York's real-time wholesale electricity prices showing the effect of the current heat wave in the North East.
• The challenges of making changes to the US electric grid, which has over 500 owners.  This subject is really important to our ability to transition to a carbon neutral economy.
• New startups working on energy storage options.
• Juan Cole has some interesting thoughts on automation and globalization in the context of Detroit.
• Finally, Paul Krugman has a column arguing that China is hitting the wall.  Some of the assertions in there I'm not too sure about.  For example, arguing that China is running out of peasants seems inconsistent with the fact that urbanization is still only 50%, versus 80%+ in developed countries.  For context, below are the GDP growth data (annual through 2010, quarterly after that).  While it's clear that China is slowing down somewhat relative to the mid 2000s peak, it's still a high growth rate by the standards of any other country.  This is far from a hard landing, at least for now.