We are honored to welcome cyber security expert Richard Stiennon to the podcast. Stiennon is the author of Surviving Cyberwar, a Government Institutes book on the history of nation state cyber conflict available on Amazon. A regular commentator on cybersecurity for Forbes, executive editor of SecurityCurrent, and founder of IT-Harvest, Stiennon has presented at conferences and industry events in 26 countries on six continents; he is a prolific security industry source for journalists and news media. In this interview we discuss American vulnerability to cyber attack, aging infrastructure, non-state threats, Edward Snowden, digital warfare, nuclear threats, home and military drone use, and online culture.
Direct Download
Good evening. Internet Viva Comcastro! Viva la Revolution! I am Maximus Groves. I’m very excited to introduce this conversation with our guests Mr Richard Stiennon. Richard is the author of several books in cyber security and as an industry analyst in the field. US And Richard give very Tom Clancy levels of speculation as we analyze only SAS questions on American vulnerability and image of a future to show War I’m sure you can enjoy this. I hope we all learn something. And let’s get started to interview tonight and then our top comment is from someone who I swear to god I don’t know. And and they say wow it just their conversations are so casual sounds like you’re doing it in your living room and not saying where Max is I think we are in my living room it’s been a perfect perfect sense to do so. Richard we were very interested in this book Cyber War This is a general question like how fragile is our society. That’s great question. Spend top of mind for me lately have been a couple panels that ask about that and we’re it’s like we’re you know just I think deeper deeper and swimming deeper and deeper and inhaling more and more nature just it’s going to explode in our in our brains because we’re becoming more and more dependent. There’s technology where doing things like Once Upon a kiss. You know I’m up in Minneapolis and you’re somewhere else and things just work all the time and get the basic technology that is fundamentally insecure and bad actors can have their way with it. You know you kind of experience interesting period where bad actors want the infrastructure to work because they’re so interested in stealing your bank account. Then in Severus against the fence for the you know industrial base of bills or weapons. Only sort of not trying to actually cause damage so that they can still have valuable extraction. Yeah absolutely I mean it’s like be the simplest thing in the world. Shut down most of the Internet and there might be a while to bring it back up. In nobody’s done it for. We’re going to have eighteen years since last time you know suffered a almost complete collapse and that was you know an accidental one. But you know we can see the types of roading errors like me introduced. We’ve seen accidental souls where Pakistan once was trying to block access to You Tube and somebody wrote it to all of you to to their little tiny eyes PM Pakistan and you can go for about three and a half hours. Letters from the like what the extra. Yeah right they made a run of those that said hey we own the net plus that You Tube’s addresses blocked to so so anyone who’s got a connection trying to get you to send it this way and all Pakistan at a time or place still does has a forty five connection and not only did that make you tube unreachable to most of the world Pakistan was pretty much just dossed completely different actors are not funny at all it’s quite scary. Well the method reminds me a little bit of it’s very popular to try to censor content that’s negative against you by claiming that you own it. But the copyright takedown of this church or the question of policy becomes really interesting because so much of this infrastructure was utilised kind of to subvert government that we disapprove of here at the same time we’re going to rally against the ability of it to use on our own people. Right I’m I’m imagining like the Arab Spring where there’s federal interest of keeping Twitter afloat for this communication system. Yes Should this right of communication try to be accessed locally than what the exact opposite situation right shirt front and in Egypt President Mubarak the shut off all of Egypt’s Internet connectivity. I mean you know Egypt is one country that can control its highest piece just ordered them to shut off the Internet. Same thing happened in Syria. Syria has because of its national infrastructure has ability to filter which websites get to deploy Blue Coat Systems which you know it’s an enterprise class thing that prevents you from going to pornography or whatever sites that a bank doesn’t want to people going to. But some countries of deployed it at the national boundaries and of course the biggest example is China and go they don’t use primarily Cisco equipment. And also there’s like the ukase like anti-pornography policies and such. Right right and Australia’s going down the same path and half in that area so that the boundary lines the battle lines are being formed. There’s you know certainly have strong group of you know freeloading Internet activists probably everybody on this call and the government the U.S. governments in particular the State Department and the European Commission all in favor of you know free and open access in it but the underlying elephant in the room is the death Westron you know liberal democracy attempts to spread Western liberal democracy and freedom people have freedom to find the information they need. Then it’s harder for governments to why do it on the other line ever side of the line. You’ve got pretty much rush. China who are arguing you can tell when these arguments being invoked when they use the word sovereignty there are objecting to this street stuff because it interferes with their sovereignty which means a country’s right control its people too which is certainly different. You know that definition of sovereignty doesn’t assume that liberal democracies. But this is where the lanes are being drawn. We’ve got some major policy battles going forth. So on our show we you know to our fault you know we tend to side with like you know Fuck that man and fight the power frequently but not before before we before we start glorifying Edward Snowden and all that. Let’s just start off from a very basic basic question you know like are our laws with regard to assault battery murder that sort of thing they’ve evolved over Millan and you know we’ve had a long time to think about these sorts of things cyber crime in comparison has evolved over a couple of decades and most people don’t even understand it and you know from my perspective I see these hackers you know some people who are just defacing the F.B.I.’s home page are getting treated the same way as someone who is stealing trillions of dollars in the financial systems. So can you just explain like what is an appropriate response to cyber crime to which I could just explain that from yes from my perspective it’s just like all of the love right you have to look at damages and intent and that’s you know pretty much were things of God because the crime against bank accounts are measurable damages crimes against you know there’s something stored in the tax where hackers said hey you know we’re going to beat us you unless you pay this thirty thousand dollars less than I did recently read about like an ethical thing where like they were in crafting all of your personal private data but if you to part of the bitcoins they would. Give you the private key to fix again. We have criminals now. If that’s your source and it is in the very effective crypto lockers the name of one of those run our campaigns it is actually just cozy that exists especially inside the departments are just scrambling to try to address this. A lot of crypto locker instantiations actually have the crypto keys a bit in the bellers do someone else’s secret the stuff. See at first what I was thinking if we had some sort of vulnerability. I was thinking well we need this message to be sent as many places as possible so if you steal our content that’s great but then I realized oh no all of it could just be for fun just brought down and destroy. Yeah I’ve got a good idea for a business model. OK What you do if you bring people to your website and then they set up a Web site. Then after it’s like up and running and making a lot of money you shut that shit down so Go Daddy you know comes back and says like hey you know it appears and I thought that here it be a shame if no one could come back to it tomorrow. We demand fifty thousand dollars per year. I said that. Yeah that’s the freemium model you know how it would drop our friends going to actual stuff cause that’s it’s not entertain it’s not insane landlords do this and I have a roommate right now. He does actually happen to his restaurant the landlord that appears I mean literally it appears you have a extremely successful business made Michael about half a million dollars last year so we’re going to about eighty thousand dollars on top of the lease to keep this thing open. Either way I’ll see you in court. Yeah yeah. So that in the realm of the impossible so what are to some of the practices of the sites right. Do they do all this free stuff or even when they know the laws broken. Now if charged and those a month go somewhere else and they fast moving a Web site got a proprietary platform like away. So something that’s really really hard to do something to to be aware of you know that’s where you have to back up your website certainly has the content in a database of some sort so you can quickly rebuild it in you know Drupal or something as if you’re not happy with your current provider. Well it looks like we’re even going so far as that. I believe Windows ten appears to be at least six sort of subscription based. Like to say it’s going to be free forever but really it’s a way of describing I guess the maintenance and updates would be paid for in sort of the actual platform. I’m not even sure how is this going to work but that seems to be have the same vulnerability of everything that you control as opposed to even just your own data. Yeah you know something to really worry about is your domain names. The registrar can change processing time they want to bet that you know you spend a seven dollars a year for a domain name and now it’s up to sixteen dollars a year and you can swig But you know you usually switch about the time you discover your the new price. So you you know you’ve already paid for a year and you’re going to switch somebody else pay or even for having to Maine rent control to fix that’s what could happen is I can becomes internationalize is going to be a lot more cooks in the kitchen trying to decide how to control others. I really I really like the merit of your pushing earlier in a policy locally being this spreading of Western democratic values through the rest of the world and it’s like that’s been the propaganda argument of war forever except now it’s actually like completely implemented into how they live their lives. Right. Like Chinese can learn anything else about the world that would previously be attempted to not be allowed. You know like it’s going so far as to making information seem like an act of war. Yeah and certainly the myth. Information is being used in warlike manners right now between you know Russia’s disinformation campaign the so-called the Kremlin trolls I don’t know if you you know just try this is going to fund you. You post something just a news article linked to a news article that’s critical of Russia and pro independent Ukraine and you immediately get these rabid commenters on your Twitter feed all of you all it’s you know to criticize a source they say no it’s not about it that it’s really the CIA they’re right because all this and it’s just it’s really getting out of control. Those guys got called out on Reddit. I remember when I went Yeah that was coming out. Big deal I was in a comet so I’m one of those writers where like I’ll see the news headlines and immediately go to comment section to see where the pulse rate is and the first and the first comment I see is like we’ve been taken over. The Russians are here. My read on it it’s great You Tube comments. So you think it’s crazy right now in Russia’s defense You Tube is particularly stupid. So they kind of blend in that’s like sabotage is difficult to take seriously no matter what it is you know the characters who are cognizant of oh my god that’s wonderful you know Ritter’s in particular you know you know to read the comments before you click through to the article so you can to get the real view but you know most people don’t write most we were getting their news feeds from means on Facebook. They just they don’t think it’s memes they can get you know that’s funny because as we’re I’m having to learn marketing so much more for this show right. And it seems to be the same kind of warfare of ideas that for this is just for entertainment and attention but like we’re going out to like the focus of truth itself right anything that’s actually trusted whatsoever is now has to be supported by an army. I’ve comment robots just to people to be taken seriously and you know what. I’m just I just go with the flow as far as you know I try not to get riled about the direction things take you know I just like you know well this is it’s worth observing stay back be a student of it understanding where it’s going and uncomfortable with the need for having you know multiple perspectives interpret anything that’s not just pure physics and science and you just have to be open up to that it’s you know I recently went back to school and you know I thought I knew something about military history so I went back to school in a very academically arduous class and the whole point of academic history is to understand all the different perspectives as idealism is as real as a means that neo liberalism applied to it so that you can use ols perspective understand the perspective that the OP is coming from a little apply the other interpretations to it. So right now you’re just taking kind of a let’s see how the pieces add up after the fact approach to like our perspective on the current What could be warfare figure out the narrative after the fact or. Yes but also try to think ahead as you know where could this go in what you know put yourself in the shoes of you know a policy maker someone in the Defense Department what should they be thinking about. Because they’re you know they’ve got a mission and that is you know whatever the president owes the Do they have to accomplish it should they be planning for you know massive cyber attacks on infrastructure before they send tanks cross the border. Probably yes. Let’s look at new air support like they have pics now right now if you sent in troops without bringing down the internal communications the clearly failed Kennedy I think exactly. It I think of it or not as well. Maybe your support of the brush right out of you definitely have to you know World War one just days days of of a missile barrage before each of the troops across them. Well we will run for we have affected the guys are still there in the trenches shooting at you if you’re looking ahead what are the what are the a couple of items that really scare you or you don’t think that you know our country is taking seriously enough and cyber warfare. Well one of them is the topic of my book that every you know that starting in about one hundred eighty six the U.S. military and every other military so soon sort of move toward something called network centric warfare and it’s great because you read the writers of the time the late ninety’s and they would talk about you know if you’re not connected to the Internet you’re that interoperable it was all it felt like Scott McNealy from Sun Microsystems telling people to get on line and that’s exactly what they did. So they were all of the weapons systems all of the intelligence surveillance and reconnaissance and Stones clearly controlled sposi network and they still work as it doesn’t work very well yet but they’re here years ago when they thought of the war. They’ll always know where the good guys are the blue teams in the bad guys are the red teams the central city and you know munitions and just take out the target of a clatter all they have all this beautiful idea of the future of fighting wars and all along they completely neglected the security of all those systems so they are all or will he just take as an example the thirty five Joint Strike Fighter. I think now they are setting the price tag at one hundred sixty five million dollars apiece each one is nine million. Times of code that have never ever had a cold interview for vulnerabilities and we will do a lot of peer review of over our web conferencing system that we presently Of course even though you know you it’s like if you put it out there people are going to attack it. Sometimes when you can argue that these military projects like shouldn’t be held to that standard because of the need for secrecy. I’ve heard I’m sure it’s fine they probably like double checked it. Yes but they come out more like excuses right like want to stay because not enough professionalize on it right. Yeah and they give Software Assurance is due. There’s a there’s a Beason model for the maturity model that was created you know only ten years ago most systems you know started their design process more than ten years ago. So they’re just not ready to get tens of thousands of critical vulnerabilities of the code now mind you. They’ve got security by obscurity right hackers all have access to the thirty five Joint Strike Fighters right which is a pretty good assumption and tell you you know see reports in The Washington Post that the Chinese stolen all the design data for ten critical weapons systems including you have thirty five. That is chilling. One I was I was going to ask Google Maps service going to be a new point of vulnerability for international warfare hacking everyone’s thermostats and turning over houses of three hundred degrees. I don’t think is as worrisome as we have thirty one thirty five or whatever yeah. And also critical infrastructures obviously. Yes You know it’s not like anybody contemplates any major war between you know what there are so called The Great Powers. You know him. The the damage that you do to their power and communication groups of course it’s there but it’s not likely today that Russia or China really wants to pay the United States which is what the whole point of that sort of attack would be. But it’s much more likely and it seems inevitable that so-called non-state actors of course ISIS’s the bug that day would just do it. You know why not you know what the hell this is kind of a jump and I was somewhat on topic. Do you think that governments should treat an attack like Stuxnet as a declaration of war not a declaration of war. They have an argument that it’s an act of war. And certainly you know the talent manual didn’t really have a job of substance two hundred page book on taking existing law of armed conflict and international existing international laws and applying it to savor and reading through it it’s pretty obvious that stocks that are going to an act of war even though in usually sales of act in cyber cyber. But but really it was you know getting around. You know what normally would have been a diplomatic discussion on the nuclear nonproliferation treaty discussion and just damaging Iran’s capability of producing a bomb. So certainly easy to define it as an act of war and the U.S. military has if possible resident have come up with various directives and executive orders that are equally eating certain types of cyber attacks with kinetic attacks in other words you treated the same way as a missile or a bomb going off and have this. Same reaction so what do the digital nine eleven look like. Yeah. So I believe it will be a massive power outage. Someone you know was probably doing the work thousands today to figure out you know fragility inside the power grid. You know we know it’s there because in two thousand and three we saw well supposedly a tree branch shut down all of the northeast for three days and it was a cascading number of effect Stephanie read the report on it and if somebody can induce that to happen again or just a massive attack that just takes a lot of points and storms then and if they gave us actually damaged transformers and generators it could take months if not longer to get the power grid back up and I live in a very current even though summer middle of winter to be really really bad. Do you think it’s reasonable to think that a major banking institution could have you know a super heist of sorts you know on you know like Bank of America just wake up one day and almost all the money is gone. Yeah I don’t want to talk in public about as I said of how to do just to be clear so you know given somebody the idea but as I thought of the other means of attacks a fun one would be sober. Deuced bank run. So it’s been a long time. Well maybe that one we’ve had several bank failures specially in two thousand and eight two thousand and nine. But we’ve seen some some critical systems that have been attacked in various small ways for instance I think as you know these airlines stock you know I had a flash strap of about eighty percent because somebody visited. Tampa newspaper’s Web site pulled up you know they did a search on United delays or something and they pulled up a three year old article about United filing for bankruptcy and their Web site was was constructed so that was you know recently viewed appeared on the front page. Google was scanning the page on no way. So pops up on like the news when you have a pop that anybody had a Google doodle or to new data stack saw that it filed for bankruptcy in the successful attack this is like an accident. So but but the attackers can see with a pretty good sense of this. So let’s you know attack Wall Street Journal and have them post of dishes article about a bank filing for bankruptcy you know at close of business Friday and then let’s do what happened in Lithuania. But hackers are posting images of people lined up A.D.T. you know saying that you better get your money out quick because you know there’s not enough. And by Monday morning you know throw him a you know fake article about the C.E.O. being indicted or whatever and it’s just like a stock market crash all over town everyone’s OK what’s wrong all the cash they can because of these exact headlines coming out and I’m just imagining that poor C.E.O. just really worried all day long like am I being indicted him on the letter about this from the government all or something. Why does The Wall Street Journal learn about this before me. Yeah but he did have much bigger things to worry about no jobs bank going on now. It almost seems like he could do that with a slow game right. Like with tongs not the army of be it Twitter users are commenters of what not because it seems like the audience is driving content a lot of ways of course not in like actual news right. Yet bankruptcy is clearly discernible. But if you like. If you could see an ideology of a paper change to a different point of view based on who was the biggest online presence of a rally for hours. Yeah yeah so I like to look at the recent uses of onion articles are being taken seriously by people who think it’s because I’m I think I’m a satire now it’s gotten so bad. Yeah. So what do you think what do you think’s going to happen after the inevitable I mean it’s not I mean I mean I believe that there is going to be a major attack whether it be on the power financial institutions or something we can think up yet. But once once that happens what kind of steps do you see our government taking to ensure you know freedom and make people stop panicking. Yes actually that’s what worries me the most. So now given that we’ll see some sort of attack like that one that we can actually attribute we can say this was an attack. We may not be able to say who did it with assurance but you know the N.S.A. does have some pretty good methods for determining that now. Thank you. Edward Snowden but what worries me is the flash reaction you know Congress is so kneejerk over the years for you know post Enron notes and weird sovereigns are actually things that you know people voted on the Congress voted on the volume reading and of course they didn’t do anything to stop in runs in the future or happily post Katrina you know billions spent disaster preparedness which maybe not so effective. So post sober nine eleven you know within a week Congress will pass some crazy legislation that will you know basically say you know about Shell protect your critical infrastructure people who employ a whole bunch of ideas and you know the technology that. Isn’t working today but it’s the only thing the governor of the only tool that’s a hammer the government knows how to use and we have a lot of really poorly thought out weather station and or oh you know Patriot Post nine eleven is a great example we have of the Sullivan like ego or wall or something. He’ll just you know so it’s not that’s why I want people to start thinking about it now you know even if we think about it now we’ll let you know. OK what do we need to prevent that sort of attack from happening again. So why don’t we start work does now never happen. So it seems to me that for a lot of security measures that the expertise comes from it by starting out in criminal behavior. Is there enough education and like security itself to go for that because it seems like that in many ways we appear to be strengthened by the back and forth of the black community and as a response to official channels and such. Yeah I’m still a great client and we want to be where we were you know I kind of view the history of the development of also over security and sever taxes you know back to the days when it was just crazy kids in their basements which seem to have a you know moral crusade to demonstrate that we know how well smack used to build those phone toxin devices or whatever. Yeah yeah absolutely and you know so there is an element for younger people you know hopefully under eighteen years old to fill or into poking around breaking things and you know it was only later that cyber criminals came to us and low you make money doing those and that’s when kind of the growing up bad guys get into the game and you know we’ve got it now I have an eighty billion dollar industry and we’ve got nation states playing the big components and we get our own country. No pretty nasty things to come in if we could so we have the expertise and it’s you know kind of dispersed but it’s the industry as a whole has tools technology people training. We’re getting pretty good at this so that the cases not every case now a C.E.O. of a major breach and so it’s just you know head in the sand processes that are place people in power at a bank or whatever just not recognize and I think there is a commentary on a Sony Pictures to Steffanie science class. Right so you know an entertainment group is definitely not going to have good sober security you know having a lot of attacks against them other than against Sony Playstation Network only three years before already. But you thought about how can we stop a D. DOS attack against a Playstation Network and we never thought how do we stop again you know an attack that stole her e-mails and publish them and paste it in that trouble it’s kind of a lack of imagination and all even from our from our filmmakers who were supposed to think I don’t think journalists write so newspapers get tons of you know ink or columns or a recall no days hits of the web pages based on reporting on cyber security incidents. And yet you know all of them succumb you know when China was obsessed with reporting the New York Times was done and you know I think well Secretary The Washington Post and they all just so this one sided ousters talk to the other side which is their problem was cured in general the ID guys and the organization at the thing that do it you know manufacturing tractor trailers or real. The actual stock trades going up there are still all the pushing bits and bytes so they don’t get to call it shots. Well so recently correct me if I have this wrong but I remember reading that at recent the Def-Con conference has been a great resource for exchanging information and education security vulnerabilities has how is the relationship presently between the hackers and the governments and the business people that usually would come together. Very open arms and situation. But I’ve read it’s become a much more contentious relationship sounds like and the same revelations and such. Yeah it changed again though kind of particularly was not not that open to the feds joining in but they thought of it as a game you know. But it’s not the Fed kind of stuff go on if they were just but it from appearing at dusk BLACKET still open to them. Yeah and you know the people have drawn away from the media minds. It’s not like we’re all in it together oh someone and when they you know you guys are creating stocks that you guys are creating now quantum insertion you know which is really really nasty way of attacking it into something that only government can do. Phone companies you know pretty much would want to stop someone from doing all sorts of things. I’m not personally familiar with quantum insertion. Could you explain that briefly. You know it’s beautiful so say you. Tasked to spy on you know terrorists or head of government and you see them going to the C.N.N. NEWS SITE. You have a server set up. It’s closer to them in terms of. Now wait. So you know sort of the ninety milliseconds to get to C.N.N. dot com They get to your server twenty milliseconds so you’re one of the ads that their server serves up from C.N.N. you just insert in the stream and connect to their web browser and you push down your ad that has your malware at all right. It’s very much the technique of pornographic Web sites very often have at servers that are have trouble like that. Yeah but then that is traceable back to the answer of course you can’t you can’t do anything at all this and you know C.N.N. will never know what happened. They’ll never have a record in the logs or anything. It’s only your browser that knows a guy that got attacked this way. Very very similar and of course you know The Wall Street Journal blames Edward Snowden for revealing all this and then leading to China using the same similar techniques to skin up a month ago. And they just took every single requests search requests going into a beating which was their Google if you came from the outside you reflected you know major web browser go to get out in the dust get out of all the China problem. So it turns out get out because it’s so flexible can be used to to mirror websites so there was kind of it into a Chinese Web site plus the Chinese translation web site of the New York Times that China has blocked access to. But somebody mirror them and get out and so the Chinese people can go read these websites off you know that’s not finally thrown away the baby with about a lot of air or deny all open source actually. Yes because. As first China blocked access to get up and their own internal development community said you can’t do that we need it. So then you know just started tossing it didn’t like it for everybody that’s come on man you’re talking to pay to have that wide of a China there’s a billion more of that baby came from trying out babies with bathwater center you know Russian warfare method right. What I hear here with like you know quantum insertion is you know that governments can do some pretty sophisticated stuff that’s now coming to light only as a result of the one and only. Edward Snowden I mean you know how do you view him as you know is he a hero or villain somewhere in between. Yes So I’m trying to compose a column that would be titled Edward Snowden is a hero literally if you look at the hero’s quest. You know I want you to know I keep going back to you know this is you know Greek books that to find the hero’s journey in every particular movie those two you don’t know how much you’re speaking a language barrier. Yeah. Joseph Campbell the expensive way. Yeah and of course and uses many things to do this the latest of a Thousand Faces and reality. So the just landed up right so he had you know unknown beginning he took a great journey. You had this physical journey from Hawaii to Hong Kong to the literal darkness of the government’s superpower got into the source and brought back the information that rescues us as a people exactly the same on his own peril. Exactly and the only thing left now you know so jumping forward a little to integrate and who of course is the you know. Will your old novelist and other characters have already been through the journey of dollars that she don’t take you through the journey they’ve already been there and she definitely flashbacks to expose that. But every single one has to have the homecoming and in the homecoming of course is Edward Snowden’s return to the States. With that immunity but a trial in many years to win the trial and be totally exonerated then he’ll be the ultimate hero. And I’ve been so I’ve been watching the presidential campaign on the Republican side and Rand Rand Paul has been for a while now advocating civil liberties and he’s the only one who really has I mean he’s he’s got that’s a negative thing that the U.S. military and for Republican to do that kind of step and I don’t need to filibuster the patient. So what I would like to see Rand Paul do is run for run for the president on a platform including a pardon for Edward Snowden. That’s absolutely I mean if you don’t I mean run your balls are you fucking Grandpa needs media attention he is not well liked by any of the major and I mean The New York Times can’t stand of the Wall Street Journal doesn’t like him either because he doesn’t tell the line the only way for him to be able to get outside the packet would be to do something ridiculous like say yeah you know what I am in favor civil liberties Snowden come on home. And if the pressure were play properly if that was done properly. Obama could actually pardon on his last day to take to win the Rambo sales if he’s offered pick oh my God I want you I want to be like the giant Democrat fuck you right now you don’t get that wow through his last gift to Hillary Clinton. This dance rang the monster on the other side. Oh this is fun I love I love the crew. The merit of it all. Just throw in some light sabers and have a great movie out of it. Well that is what I you know this fits the store hero model because because it is a personal journey and story and you know Edward Snowden is remaining troops all throughout writings still the same person that we learned about a year a couple months even got to express that to John Oliver in person. Yeah yeah the poor got out he has had to you know deal with the dark side. I mean there’s no way that he got to China and Russia unmolested without giving him something along the way. I mean I I firmly believe that somewhere behind the scenes for him to have remained in this safe for this long. I don’t I don’t think you can do it just sit there saying yeah you know I stood up for what I believed. I don’t know you know those were oh yeah it was the documents that Greenwald and the rest got you know so that’s the point. I noticed that you know today we have been seeing documents about you know true national security. There’s a line here but you know he hasn’t revealed names of spies names of agents usual things that are criminal defectors but also take with them what they’re so upset with Bradley Manning to the just pure dump to Wiki Leaks for. Right. Right. So what’s your take on the strength of the executive in managing like a homeland Internet security but very frequently I’m originally from him was in favor of an Internet office which you had mentioned that as not being a resource of the accessible to the United States. What level of power or at least you comfortable with at the top for our own infrastructure. Yes So you know the government doesn’t own infrastructure it’s one of the one things you can point to the goals was created when the government took their hands off eight hundred eighty. Up until then you know infrastructure was all government controlled and they opened up Pandora’s box and for themselves by the lowering of the fragmentation of service providers. You know for a while we had a bunch of sense they got consumed by the service providers. So you know what I think the government should stay as far away from mandating anything. You know this is a learning curve for everybody and the only way the only effective means of security awareness training is to be hacked and it doesn’t matter how many times you know I’ve even stopped blogging about vulnerabilities in the latest tax of all Ericka’s and wrote about them all in two thousand and three and nothing has changed I’m tired of it. But I’m used to it now to and just like you know when when did you turn on the phone not an occasion for your G. Mail account or Twitter account. You know a lot of us over friends for sure keep having the G. mail contact and sending in spam don’t do that until after they’ve been hacked. Lesson of the embarrassing email I’m sorry my email is hacked. You know reason to use the password password because somebody guesses it and so individually we don’t learn until it happened to us. I mean that I used a Windows P.C. laptop all the way up until the time were got started with something out of China and I can get rid of it. And enterprises banks go back to Lowe’s home prudent stores it was you know totally owned by hackers using Pringles can attack you know why find out. Work from the parking lot back in two thousand and three right in you know I wrote all about it was a great hack and I actually you know can do the guys. So when every cell towers were brought down the holding room in Florida when every retailer Department guy read my blog. Let’s let’s go check your wife insulations now three years later T.J. I guess up here in Minneapolis that same attack. You know even more identity stolen that way. Now of course you know target year and a half ago an adult all that would help me and I got to get a new credit card and debit card because a fuckin target. They got to know what people write about if you go into Target. It seemed it was damaged a little but people in front of me you know the checkout person says Would you like to get a target rewards card is the people just where they are you kidding. And people using cash at Target they’ve really lost a lot of trust in target systems. Underground that having a Wal-Mart I mean seriously if they happen to the number one to the number one reason that the deficit does that did happen once where like the E.P.T. system was broke and was authorizing everything and I mean what I have an Amazon and all of them were not happy. Q How would you rank them as on our major online retailers with their systems. Well in the end you know I thought it was a lot slams and back when they used to talk about the stuff that you know they store credit cards are completely off line and you know it makes you wonder does the pendant the one click purchase. But so they’ve got some serious error gaps. OK I feel confident about Amazon so far they haven’t been hit at all. Also because they’re now their latest business model seems to be hosting a majority of internet or at least cloud competition needs it. Now the you know in so far there’s been no major Hexe been smothered as there’s lots of instances of people stealing your E.W.S. credentials because you because you still store them and get home. He has that right away. Yeah if I don’t like dozens of robots that exist just to check every commit to see if there’s any plaintext password in there. So that’s good to hear then given rise to a whole slew of new technology companies called passages that I know who protect your image on instances and sixteen and the other clubs too. That’s like the bureaucracy of security isn’t it. Like creating departments for itself. Yeah yeah. And they’re both they’re creating a new economic statements sector the more techno are the moral being necessary right stuff anyway so I mean you actually hit on something earlier that I find fascinating as our world progresses the idea of the major powers going going after each other for like claiming land gets smaller and smaller. Yeah sure Pakistan versus in yeah yeah that’s that’s still on and the books but when you look toward the future do you see like cyber warfare being World War Four or our front line. Yeah this is from a movie like when I just got back from Mad Max so long you know my my biggest concern was still a nuclear war and we still have powers very very interested in historical boundaries. So yeah you know. Europe and North America will cool with the idea of virtual boundaries and victims and all the rest but if you know all of Eastern Europe Russia and China are still mired in the pit bull the last war in want to refight it was you know they didn’t like the fact that ultimately they did lose him. You know if you read a book called A community troll is going to say it just goes through every single nuclear accident that we had during the Cold War. You just you know terrifying that it’s based on the Earth’s cause and Bork for they think it’s missiles or something here. Yeah yeah. Or things blowing up in silos. The fifty two is crashing and landing in Greenland and and so they burn Auckland each file club or you know have this potentially plastic explosives on the burner. So that was detonated and burns and melts the plutonium on the inside and justice pool. Tony alone on the runway that the just shoveled up into a ravine. I was going to clean up crew for the if I were going to. Only if there’s there’s still a major bomb at the bottom of the ocean out of the coast of Spain that they never found. OK there’s a new there’s a new book for you. Yeah yeah and I always get the you know Russell flying always missions. He just kind of swashbuckling and saber rattling. Ended in the you know we would like them to be flying missions with live nuclear warheads missions and I think they weren’t the only might be doing that their controls have always been less than ours and in their you know engineering and safety and all the rest of our lives had less vested. So there’s a very very high likelihood. It’s like stones are all over again where it’s more important to like check off the box and actually have a proper quality assurance of the material you know built the decks of the Happens over Norway no big deal. But boy will we be upset because that movie opening testing of nuclear bombs the only cared about radiation impact on the environment or nobody made a big deal out of it but today we did we make a very big deal you know and funny as I actually I was reading something and that Russia created the biggest nuclear bomb by readers I’m bound leap to Lance and I used to think it is because the rush hour just like mother needs big stuff like I thought was just part of them. Now there’s actually a very very practical reason for it the Americans perfected how to get a missile to hit exactly where they wanted like pinpoint accuracy and the Russians never really got around to that kind of like you know rocket science they’re like back at we were even out of boats to take the land if we made it all the way sort of destroy it all with the problems of some just whatever and then you know we created the W eighty eight which was a very small word head. So should you compare ten or twelve of them to a single rocket and somehow we allowed China of us feel that the design information for the SO to this day China is way oversized rockets for the title. But it’s cool right. I mean they’re like they’re like small nukes they’re small page file. Yes well if our nukes useful at all. Like if the point is to take is to take resources take land like do they do anything outside of just destroy destroying it completely with no gain to anyone. Yes extremely useful. OK now is some form please. Yeah. So I just happened to write an essay on this for school probably putting myself on a lot of lists that the N.S.A. keep track of world and research but you just go with it’s got all your articles on the man portable nuclear weapons for instance. So for today for tactical uses for sure you know if there is a massive tank battalion come your way of you know who’s forming or weapons can show them although at once and you know one bump for Air Force Base for Depot takes care of it. So yes there’s the trouble is there’s an owner’s against first strike with nuclear weapons. Right because you know the U.S. and Britain and France are ready that anybody who uses them and you know we still hope that that’s never kicked in right. That is Russia does use grain or Poland or something like that. We don’t start loving nuclear weapons all over but do you think we would might have of Article four of what is NATO or actually get acted like some some lesser known Eastern European country like Latvia. They can evade it. Are we really going to go are going to go nuclear over that I don’t think so. Now you know I think you know you know well first of all we’re probably not prepared to you know we may go on nuclear alert in order to scare them into stopping in invasion but I think we’ll let it happen in an address that diplomatically you can sanctions afterwards I mean do you think we is there any conceivable situation where the U.S. says all right we’re in for retaliation. Well we think of the seal for strength come our way for all to Somalia. Watch where the pieces fall but you know I don’t have a lot of time. No those other forces ability to be so rare trigger where Anna got to a real sort of existential Downer there it’s like oh yeah we suddenly remembered that it can all all the con instantaneously you guys probably didn’t grow up with that just constant nagging fear you know it’s things on T.V. here in the bomb shelters people are building when I was a kid. Eerie drills we had high schools you know we just live with that constant knowledge that the end of the world could come and post nine hundred ninety one you know we had this big burden was lifted from all minds we can move forward and great new century and unfortunately we didn’t see the games much which will this is going to be a bit of a chump that stay of like three or paralysis to say this is. Doesn’t crease the strength or power or opportunity of governments particularly at the executive. Absolutely yeah you know so yeah it is it like a tool utilized by them or what do you think I think it’s it’s two way. Right so that’s not the way the dog manipulation of the populace as much as an acknowledgment that anyone who fails to act to avoid some predictable disaster will not be able to get through the next election successfully so they use the you know they see the possibility of a Katrina or cyber Pearl Harbor Septra and then they lobby for the powers in order to do something about it beforehand and you know and of course using the bugaboo of terrorism is you know it’s not like the U.S. government made up the idea of of terrorists launching an attack and so the U.S. right and then I went out of faked media coverage of this or that’s right. Yeah it really happened and you know since then the political scene has been all about that and even though the populous native moved up a little bit and some libertarian voices say you know what you know what terrorists do the United States can harm us of you know yelling tragically killed people I mean people in horrible events can happen but as far as you know geopolitical balance you can’t change it. Terrorism is actually an intercepted way to conduct a war. Get your way in the world as you know. Look at Ireland’s years and years of terrorism and the Red Brigade in Italy or you don’t actually get what you want but you get support of your own people back at home if you are successful at it. How do you feel about hype about drugs I love them. Yeah well drones to you know love saving American lives. Now mind you I’m talking about the drone. It’s also more like a Home Use Only you sort of what I was going to have with I’m going to be pretty cool. Now my new military drones rumble drones run by the CIA to execute people. I don’t feel comfortable with that at all. OK OK You know I guess I was a big catch all statement for some reason in my mind I just sort of imagining the N.F.L. using drones to film the game and then actually getting in the path of the football change the outcome of the game and somebody’s entire public coming against drones in all forms. But that turns out the German operator actually had a bet on the game shooting down of the ball. Yeah you know and I wish that you know this is one case where the government jumped ahead of the problem. Right it’s frankly. It’s an experience flying a drone realizes a really really dangerous and you know you see first responses I got this should be regulated it should be a lot of donors. You know you really do some serious damage if you ran into somebody with those propellers. So but you know the F.A.A. is pretty much made it impossible to do any commercial development with drones we have complex relations and there’s a training procedures you have to go through and I think us about six thousand dollars to get a license so if you want to be a wedding photographer you can’t if you want to respect rooms for a reason. Contractor we can charge for that you know you people are doing it anyways. But and it turns out that once again as much or little of the regulatory regime for drone So we’re going to see a lot of cool innovation well coming out of Canada doesn’t count I have a terrible aspirin at work you know. Yes Well I mean it’s a joke yes so if you have a docking privately for one guy with anyone not going to get like the whole crowd convergence of whatever cloud Never mind you never get around but your internet access. Yeah but but in you know in our stays in the security stage when we saw the restrictions on decryption export you know her regulations of encryption Canada you know Canadian universities built up great crypto programs so you know was a Waterloo. Still one of the best in the world and that was because that was pretty much illegal to work with people International here in the United States and we just export of the development. Yeah how long do you think until AI becomes necessary with drones because I’ve heard the argument over and over again from the military that we always have to have humans in charge of it and that you know there’s there’s you know all sorts of safety reasons behind Google. Self driving kill but I mean I think about I mean it’s such a simple argument. The figure goes off driving kill bot responds in a nanosecond and the human mind responds in a millisecond is not is not motivated by passion is only battle that you can’t even you can’t even conceive of it and it’s just slaughtering our enemies I mean that is that is that a foreseeable future thing where my talk and Siva. So this is a step in between which is a ton of US drones the ones that are preprogrammed and the Navy’s tested one that can take us in when you can take excuse omission of them and when they cure your own pre-programmed to do so it’s just mission tests not the girls. So now that you know really scary right is no on board intelligence to deal with new situations. Well just give it out to the Internet and all the nuclear launch codes and I feel like a just solution to just have it may have it have a play one thousand games of global form of tic tac toe. Yeah so I think you know it is still years years away from any practical application with mechanical systems like drones you know you see it first in something coming out of Big Blue for analyzing stock futures themselves like that. Quite amazing when it happens. But actually you know Mildred about you know the military won’t have any it takes him ten years of anything in part of the field so they don’t have a day so we got ten years before we started but we will get really good jeopardy pots right to help get prizes me I mean that the military applications of AI are so are so obvious you’d think that the government would just throw in infinite amounts of money until they figure out how to create the Terminator. You talk to anybody inside the Pentagon. All they do is whine about the sequester and so on. What was tradition and a lack of funds and they built up money do anything but complain about so low budget DARPA’s dumping a lot of money and no research and Turing machines and let’s not that there is an interesting case with doing a little bit back to drones how. Because local law enforcement wants to start using them but there’s now like is it the fourth amendment of how far away from your home they’re allowed to spy from but not actually cross and search at Caesar’s search. Exactly so if drones can kind of spy through your windows from above like what right she would have an ant realm. Fuck man I had your trial wrong guy about Herman all the time but yeah I could be I get I can easily see that being a frontier of criminal law where the lawyers go yeah they have to work on the drones giving a lot quieter for us so the whole you know if you if you have you so far away that you can’t hear it least although used you’ve got to be hearing a sixty pound telescope in order to science ability you know I’d be more worried about the efforts to do thermal and radar imaging through walls that is being deployed and which they developed for imaging trucks and containers in the ports. It’s such a it’s hard to find a line right where between them. Same is forever right between security and privacy rights. Well you know the bigger problem is that we had you know three millennia of development of government systems and along comes this great experiment with a democratic system in America and we’ve got two hundred years of experience with that not you know all of those issues that government had to deal with. Up until about you know one nine hundred fifty S. where the same issues that the Romans and Greeks. Simply don’t follow their subtle thought about it and since then we’ve had to Elegy which is introduced all these new things we haven’t ever had a form of government that can deal with technological change so we have you know issues with stem cell research and lots of biomedical issues that you know legislators aren’t in any condition at all to understand or be wise to blow in the Internet as you know was totally unforeseen is nuts you know these the early science fiction writers they never ever came up with the Internet. Right it was William Gibson did but you know it was already there haven’t we just recently gotten a Ted Cruz name to the head committee of science for Congress you know great a visionary and the great the thing I don’t understand at the Internet you know where where is that you know where is that solution you know if we have all this kind of cavity between people and we have you know you know unforeseen problems you know where’s our modern Ben Franklin or our Thomas Jefferson you know come up with new ideas. Well here’s here’s an idea this is in the back of my mind for a while I want to hold elections for Congress or Parliament. Let’s call it because of me based more on that. Anybody who can get fifty thousand votes becomes a member of the lower house. Anybody can get whatever other number a million votes comes a member of the upper house and then between them elect a president of the Internet and they just want to have it describe Twitter and the president’s Chris Hardwick get kind of exactly that being you know it’ll be people who are big social presence that you know at least you know are in the running for this. But people are interested in doing it to do that. Politicize the market like you’re doing what he stands for. But they’re eating cereal geographic boundaries probably surly boundaries and certainly you know just be very very democratic. So I don’t want to get on line becomes like a voting age and so when you’re born issued a private key and then you all get into that system and not necessarily you know look we don’t necessarily have to have you know a personality could be a voting entity not a human. So you have multiple personalities. There’s you know the just are going to go even though he never wants his identity to be revealed. But it can be a unique it any tighter Web site a Twitter account or whatever it doesn’t matter because the Senate you know the the elected body would have zero power to do anything but it would be representative and therefore when there is a big issue about where I can I can should be situated who has control over it the trust will go to the president of the internet and ask his or her opinion and the time to do this is amazing I’m imagining like the figurehead of the Internet like yeah providing like this decree. But in main form because the likely cut. There you go there’s the entire voting structure is hacked by fortune and this is Kippur inspired top down ideology put through. Wow that would be that would be a fascinating spare moment just for the sake of public policy. So why do you think I have a sister that someone actually recently hacked a billboard in our hometown in the kind of in the affluent and business area and put up a photo of precisely that the traffic goes on one of the billboards right outside where I work. Well you know and the thing is they found one group. Responsibility and they just had hacked a random thing knowing as a billboard somewhere. So when they found out it was a wealthy part of town they’re like all right I find that hard. There’s been a lot of fun rhetoric. Yes the great leaders are you know really make things stretch or what I usually talk about we should have some kind of a closing thought. Question that we can be left off with Matthew aggressive thing you saw on internet will anyone bring those images back in my mind. But we are all we all become a little jaded they know when they were that we you know it was you know creating lists of categorizing websites to learn for your Whenever we have these young men there you know twenty years old who you know when I was twenty years old I was pretty protected life and didn’t know much about anything these twenty year olds had seen more or now you see you know in any generation ever in history and that’s always sort of the courier right go instead they were so jaded I just felt sorry for them than it’s actually kind of a deep thought. Kids these days just for the poor guy’s got too much of a good thing. Well yeah because like this might be a completely unqualified question but it’s like this way too high exposure to pornography affects the capabilities of intimacy as people develop through that or do you not even have an opinion. Yeah I’m too old to have any experience to go around forbidden to him. So but but when you think about the sexual revolution of the sixty’s supposedly spurred by birth control but Masters and Johnson study and rules. Actually as to what a graphic material and you know that was supposed to be just a huge game changer that demographers constantly study and write papers about that was nothing compared to what we have today. Right. So shouldn’t there be some you know huge social revolution. Well Maurice going Philip Zimbardo is pointing this point the finger at this as responsible for the decline of male education but who says he’s got a book called The I think it’s like the end of guys or something of the death of guys or something and it basically says video game for a graphic exposure in early teenage years or before or responsible for ruining all the academic opportunities of boys are going to cause them to fail in everything from trauma and rock and roll is the devil you know rap and Rapids violent it is a new problem and it’s a big band I was than typical I had to do with that. I would let them fight is a problem. So back to you know my fluffy or I guess is just observe it try to predict what it means how things have changed there’s economic opportunities. I’ve always said you know you know so productive first of all is credited with creating the video industry back in the day and e-commerce. So you know we didn’t actually need any reason to exchange money on the Internet you know held subscription pornographic sites came about. They drove it and then they really pushed the streaming video platforms really got us. Yeah and I’m sure you know the big opportunity would be you know for Bitcoin to become the method of paying for both an R.V. and gambling online. Not in that would make it maybe cross over to the inflection point where everybody has to accept it. Yes Actually interesting I notice that a few progressive Web sites because it frequent them so often I notice that there are going septic like random gift cards like Starbucks or grocery store ones as payment just subscription and I’m starting to wonder that if they’re trying to create a digital marketing exchange of bitcoins to gift cards sold to pornography. So if they can create a supply of expendable funds in the real world or not private structure and exchange those for Bitcoin anyway that they can keep their entire economy cycling people keep going as they have an opportunity to actually get groceries with them and such really cool A.T.M. and I can the other right there are you know European countries where do you write an article. Just got to trying to learn a trade of T.N.A. You know I think we finally had that philosophical. You’re welcome. Well the originals who got anything more to offer I think this is been a great episode for us. There’s been great vision. All right thanks so much Max thank you thank you so much for listening to comcastro if you enjoyed this please subscribe rate and review on iTunes stitcher or wherever else you heard this from hello to all of them. It really means the world to us. Viva to you internet Viva to you all.
The post Podcast 50: Mastering Cyberwar with Cyber Security Expert Richard Stiennon appeared first on Comcastro Podcast Talk Show - Daily Geek Culture Podcasts .