Skip to content

July 7 2012

July 9, 2012




U.S. Short On Offensive Cyber Experts


Defense News

Jul. 1, 2012 – 11:13AM |



While recent news stories herald the previously undisclosed offensive cyber capabilities of the U.S., buried deep within recent congressional legislation is an admission that the Pentagon is actually understaffed when it comes to offensive cyber operations.

In its version of the defense authorization bill for fiscal 2013, the Senate Armed Services Committee included a provision that would require the Pentagon to consolidate its network activities to free up personnel who could be reassigned to U.S. Cyber Command’s offensive missions.

In a May 24 summary of the bill, lawmakers note the plan is needed because offensive missions are understaffed.

Sources said one of the primary targets being discussed is the U.S. Defense Information Systems Agency (DISA), which in one proposal would be stripped of its cyber defense workforce and left as only a service provider. The manpower created by the move would then be used to help with other pressing cyber needs, including Cyber Command’s offensive mission.

“The Pentagon’s staffing needs are probably very indicative of what we need nationally,” Rep. Jim Langevin, D-R.I., said. “We just don’t have enough people to fill all of the needs in cyber that exist currently.”

Langevin serves as the ranking member on the House Armed Services emerging threats and capabilities subcommittee, which, along with its Senate counterpart, provides oversight of the Pentagon’s cyber activities.

Citing a CIA statistic, Langevin said, “We only have about a thousand people that can operate at world-class levels in cyberspace. What we need is more like 20,000 or 30,000 people.”

To fill the offensive cyber personnel gap, the Senate panel recommends DoD reduce and consolidate networks, thereby requiring fewer people to defend them.

Army Gen. Keith Alexander, head of U.S. Cyber Command, has said publicly how difficult it is to defend today’s multiple networks, and the 15,000 subnetworks, each with their own security barriers.

While Alexander has never publicly acknowledged understaffing, instead discussing the desire to have more manpower in the future, a Cyber Command spokesman did not deny that the command’s offensive operations are in need of experts.

“Gen. Alexander has indicated that it is going to take time for us to generate the force, and he is optimistic that we will get the forces that we need,” the spokesman said.


“One of the challenges is finding and holding the people that we need to do this mission,” the spokesman said. “We have to recruit, train and retain a cyber cadre that will give us the ability to operate effectively in cyberspace for the long term and across the full spectrum of cyber operations. Some of the training programs run for 18 months; even if we hired a hundred or a thousand more people today, it would still take time to get them operationally ready.”

The report accompanying the Senate bill notes that Alexander has also testified that personnel within Cyber Command are overwhelmingly allocated to network management and defense.

“A small percentage of the workforce attends to the command’s offensive missions and responsibilities,” the report says.

Alexander and others in the Pentagon “agree that both issues could be at least partially rectified by dramatically reducing the number of separate network enclaves in the [Defense] Department, which should yield significant manpower savings, and re-train and reassign that manpower to supporting offensive missions,” the Senate report says.

But experts cast doubt on the logic of taking personnel dedicated to network defense and applying them to an offensive mission.

“Whoever wrote that has no idea what he’s talking about; it’s like comparing chihuahuas and pit bulls,” a cyber expert said.

The problem the experts point to is that offensive operations require not only a different skill set but also a different mindset. Defensive specialists are required to focus on anomalies, hunting for any footprints left behind by an intruder. Offensive specialists are a creative group, focusing on imaginative techniques to take advantage of underlying system vulnerabilities.

While both groups must have knowledge of network operations, the difference in underlying attitudes means that transferring someone from one to the other is difficult.

“They can’t look at things like a standard systems administrator would,” said Ed

Skoudis, an instructor with the SANS Institute, a company in Bethesda, Md., that specializes in cybersecurity training.

Skoudis has spent more than a decade training teams of simulated cyber attackers, known as red teams. “Their job is to try to get around things, to look for the holes, to say, ‘What are the deviations from the norm?'”

The underlying need for cyber talent, however, is undisputed. A drive down Interstate 95 on the U.S. Eastern Seaboard inevitably yields sightings of multiple billboards listing job openings. The radio will assault the driver with a combination of openings and cyber educational opportunities.

It’s an issue that, regardless of the solution, is being taken seriously by Cyber Command, the command spokesman said. “Gen. Alexander has indicated on a number of occasions that one of the critical imperatives for USCYBERCOM is to build the capability of our cyber workforce.”


DHS outlines $202 million plan to beef up cybersecurity

Federal Times

Jun. 29, 2012 – 11:11AM |


The Department of Homeland Security has outlined a $202 million program to arm federal agencies with new tools to continuously monitor their computer networks for security threats. Contracts for monitoring services will be awarded as early as next year.

The tools will enable agencies to monitor their systems every 24 to 72 hours, and to diagnose and prioritize the biggest security weaknesses. Such programs are already in operation at two agencies, the State and Justice departments.

When it comes to continuous monitoring capabilities, “we are a little bit uneven across [the] dot-gov” domain, said John Streufert, director of DHS’ National Cybersecurity Division.

The tools will help agencies be aware of all hardware and software that has access to their networks and ensure they meet security standards. They also will continuously scan their networks for vulnerabilities so they can be quickly addressed when they appear. The tools will include dashboards that present to IT officials snapshots of their networks’ security status to enable quick response in the event a vulnerability.

Agencies will have the option of providing their own monitoring using DHS-provided tools; purchasing a monitoring service from another agency or contractor; or obtaining a monitoring service for cloud-based systems from their cloud service providers.



GOP senators propose House-Senate work groups on sequester

The Hill

By Carlo Munoz – 07/01/12 06:20 PM ET


Senate Republicans are floating the idea of establishing House-Senate working groups as a way to forge a compromise plan to avoid massive defense budget cuts in the coming year.

Sen. Kelly Ayotte (R-N.H.) said that forming the bipartisan working groups would be a critical piece in getting lawmakers in both chambers on the same page, regarding the automatic defense cuts under sequestration.

“I see that as the [main] step forward right now,” Ayotte said on Tuesday of the planned House-Senate working groups.

On Friday, House Armed Services Committee Ranking Member Rep. Adam Smith (D-Wash.) said the idea of the working groups has also been informally discussed among Democrats in both chambers, including Senate Armed Services Committee chief Carl Levin (D-Mich.)

“Nothing [has] formalized yet, [but] obviously I talk occasionally to Senator Levin and others about it,” he told The Hill.

The groups, he added, “would be a good idea” to try and break the partisan stalemate over what can be done to avoid sequestration.

Ayotte’s office has also discussed the idea with Sen. Levin and Sen. John McCain (R-Ariz.), the Senate Defense committee’s ranking member, in recent weeks, according to a Senate Republican aide.


But the Senate aide told The Hill on Wednesday that Ayotte’s office was still in the midst of gauging support for the measure and had yet to lay out any concrete plans for the working groups.

A group of 15 to 30 senators have been drafting sequestration alternatives behind closed doors for the past month, but those talks have largely remained on the Democrat-controlled Senate side.

Bringing in House members via the working groups could hasten those informal Senate talks into a tangible, bipartisan solution that can be brought to the White House.

But one top House Republican argues that lawmakers in the lower chamber have already come up with a solution, and all Senate Democrats have to do is call it up for a vote.

On Friday, House Armed Services Chairman Buck McKeon (R-Calif.) demanded that Senate Majority Leader Harry Reid (D-Nev.) call a vote on the alternate sequestration plan House Republicans forced through the lower chamber in May.

If the measure passes the Senate, then both chambers can hash out the differences via conference committee without the need for a separate working group, McKeon spokesman Claude Chafin told the Hill.

But the chances of the House measure passing the Senate are slim at best. The White House and Pentagon have panned the plan for its excessive cuts to social welfare programs to spare defense expenditures. President Obama has vowed to veto the measure if it ever reached his desk.

If these House-Senate working groups do become reality, Smith said that his position and that of other House Democrats will not change.

“My position is pretty straightforward. We have to find $1.2 trillion, revenue has to be part of it and we can’t separate out defense,” Smith said “I don’t want to see transportation and housing and education devastated any more than I want to see defense devastated.”


WPAFB hub key incentive

UD survey reveals aerospace draws. Local AF logistics center, inexpensive real estate a priority for companies.

Dayton Daily News

By Thomas Gnau, Staff Writer

4:10 PM Sunday, July 1, 2012


Aerospace companies weighing a move to the Dayton region may be drawn primarily by two factors: Inexpensive commercial and industrial real estate and proximity to Wright-Patterson Air Force Base, the Air Force’s worldwide logistics hub.

That’s what some 80 University of Dayton marketing students found when surveying corporate aerospace prospects this year.

The students, working in a yearlong marketing capstone class, surveyed 713 aerospace industry decision-makers, whose names were provided by Kerry Taylor, director of the Ohio Aerospace Hub of Innovation & Opportunity.

The students received 84 usable responses — a 11 percent response rate. But Randy Sparks, a UD management/marketing associate professor, is pleased with that response rate, which he called “excellent” compared to a typical B2B survey return rate of maybe 4 to 5 percent.

Sparks also was pleased with the findings, as was Taylor. “It gives Kerry a solid hot button” with which to sell the Dayton region, Sparks said.

The survey ultimately was about more than statistical models, Sparks said. “It’s about job creation, and those are the things that hit families and children.”

Besides cheap real estate and nearness to the base, companies also are keen on proximity to customers and suppliers, Sparks said.

Sparks and participating students advised Taylor not to worry about pulling corporate headquarters to the Dayton area. Even small operations of a few people can be the beginning of new jobs, Sparks said. And he advised Taylor not to get hung up in “quality of life” questions. The survey found that quality-of-life variables did not necessarily establish a strong pull.

Sarah Hemler — who participated in the project and will be a UD senior majoring in marketing and leadership this fall — said the most challenging part was refining the questions to get useful answers from aerospace leaders.

“You had to really think about why they (aerospace companies) would want to come here and what Dayton has to offer,” Hemler said, who is working for Miami County business education complex Aileron this summer.

Sparks’ class next will work with the Cleveland Indians in the team’s quest to bring families to downtown Cleveland’s “Rally Alley.”

Taylor said that while the findings aren’t “revolutionary,” they are clarifying and they can guide the hub in its work of putting Dayton more firmly on the aerospace map.

“It’s incumbent on us to make this thing successful,” Taylor said.



Materiel Command key to area economy

Wright-Patterson AFB unit marks its 20th anniversary today.

Dayton Daily News

By Barrie Barber, Staff Writer

8:59 PM Saturday, June 30, 2012


WRIGHT-PATTERSON AIR FORCE BASE — The Air Force Materiel Command at Wright-Patterson would rank in the Fortune Top 50 if it were a company and has buoyed the region’s economy when the auto industry sank, officials said.

“They are the focus at Wright-Patt,” said Jeff Hoagland, president and chief executive officer at Dayton Development Coalition.

Today, AFMC marks its 20th anniversary as it evolves through a major reorganization much as it did when it brought two major commands together 20 years ago.

But unlike that time, the Air Force’s first female four-star general, Beavercreek High School graduate Janet Wolfenbarger, assumed command of the organization in June and will oversee the transition to five major centers from 12 at nine bases across the nation. AFMC has a $60 billion budget and about 80,000 civilian and military personnel service wide. At Wright-Patterson, the command employs 13,700 people, both civilian and military, or about half the workforce at the base.

The sprawling command’s responsibilities are research and development, testing and evaluation, sustainment and logistics, and oversight of the Air Force’s nuclear weapons.

“Our mission today is as serious as it has ever been,” Wolfenbarger said at her change of command ceremony last month.

Twenty years ago, the consolidation of the Air Force Systems Command with the Air Force Logistics Command was meant to save money, said AFMC historian Jack Weber, who was part of the planning team when the command formed. Then, the command had 18 major centers and a workforce of about 125,000.

This time, the latest consolidation is much broader, Weber said. The changes will eliminate about 1,080 civilian positions service wide and save $109 million a year, according to AFMC.

The transition, pushed by $487 billion in reductions in the defense budget over the next decade, will expand the base’s role as an acquisitions hub.


Fortune 50

Economically, AFMC is every bit as important to Dayton as the headquarters of Fortune 50 firms, such as Dow Chemical Co. or Caterpillar Inc., Hoagland said.

As the auto industry faded in Dayton, and with it the loss of thousands of high-paying manufacturing jobs, the region’s aviation roots and connection to Wright-Patterson have grown more economically vital over the years, said Tony Sculimbrene, executive director of the National Aviation Heritage Alliance.

Boulevards dotted with defense contractors are a testimony to AFMC’s and the Wright-Patt’s influence to create jobs outside the base fence, he said. Officials have estimated those jobs number about 30,000 in the area.

“The Air Force Materiel Command has been a gigantic engine driving a lot of the economic growth in the Dayton region,” he said.

AFMC has helped cultivate its workforce and development with connections to institutions such as Wright State University, said retired Maj. Gen. Gary T. McCoy, a former commander of the Air Force Global Logistics Center, part of AFMC, at Scott Air Force Base, Illinois.

McCoy, who served at Wright-Patterson three times, is a senior adviser who helped create Wright-State’s Institute of Defense Studies and Education, which teaches students supply management to cybersecurity.

“There has always been a connection between Wright State and Wright-Patt,” he said


What’s ahead and the past

As part of the reorganization, AFMC will open an Air Force Life Cycle Management Center and take over the Aeronautical Systems Command this month at the base.

The Air Force Security Assistance Center will be renamed the Air Force Security and Cooperation Directorate and become part of the Life Cycle Management Center, among other changes.


Despite the emphasis on efficiency and cutting costs, AFMC has been criticized because of the Air Force’s aging fleet of aircraft, now the oldest it its history at an average age of 25 years.

The Air Force fleet has aged, but AFMC has carried out its mission to keep the expeditionary force in the air and ready to deploy when and where needed, McCoy said.

“AFMC’s role in sustaining the force has been a challenge, but I would say for the most part they have been able to step up to that,” he said. “At the end of the day, the mission really is to support the war fighter.”

Loren B. Thompson, a defense analyst with the Lexington Institute, has called the shrinking force and aging aircraft inventory a “crisis.”

The demise of the Soviet Union eliminated a major threat, and adversaries with less capable air forces or air defenses didn’t create a push to buy new systems, he said.

“The reason it takes so long to buy weapons is there’s no great sense of urgency,” he said. “Nobody is worried about the Russians bombing Columbus tomorrow.”

Political gridlock in Congress is also to blame, he said. “It takes so much to keep things on track in this political system, that without a threat, AFMC is going to be hobbled from the beginning.”

AFMC officials have said the command has maintained the best Air Force in the world in an era of smaller budgets.

“We firmly stand by the fact that we do our absolute best to provide the war fighter with the best tools to accomplish the mission to acquire, test and sustain our war-winning capabilities,” spokeswoman Susan Murphy said in an email.


Senate Democrats unlikely to take up spending bills

The Hill

By Erik Wasson – 07/01/12 06:00 AM ET


Senate Democrats have no plans yet to take up their versions of the annual spending bills passed by the House, fueling new Republican attacks that they are abdicating their responsibility to manage the federal purse.

The House has already passed six of the 12 annual spending bills for fiscal year 2013, and the Senate Appropriations Committee plans to mark up all 12 of its bills.

But sources said the full Senate would likely ignore them and instead use one minor bill to create a giant omnibus bill that funds the entire federal government.

That procedure, which the Senate used last year, would prevent the 11 remaining spending bills from being debated individually, and members who are not on the Senate Appropriations Committee would not have the ability to offer their input through amendments.

Instead, Senate appropriators would head into fall negotiations on an omnibus package using their own product as a negotiating position.


Republicans in both chambers say the move shows the Senate, which did not pass a budget resolution this year, is again AWOL on spending.

The Senate Appropriations Committee said it knows of “no plans” to bring up any spending bills on the floor and referred questions to Majority Leader Harry Reid’s (D-Nev.) office.

“We still hope to bring up approps bills through regular order this year,” Reid spokesman Adam Jentleson said.

A GOP leadership aide countered that, “there isn’t much appetite to do the approps bills over in Reid’s office.”

Republicans are seizing on the fact that bills are not coming to the floor. They charge that just as the Senate has failed to pass a budget resolution for three years, it is abrogating its democratic responsibilities on spending bills.

“This is another cause of major concern,” said Sen. Jeff Sessions (R-Ala.), the ranking member of the Senate Budget Committee. “They are guaranteeing you are going to have some omnibus that is unreadable and unmanageable and contrary to the way the Senate is supposed to operate.”

Sessions said that if the individual bills were brought up, he and other members would have a chance to debate major issues like agriculture policy and offer cost-cutting amendments.

“I’d like to see the Senate return to regular order. … I don’t like omnibuses,” House Appropriations Committee Chairman Hal Rogers (R-Ky.) said. “This is a democracy and each bill should get careful examination.”

“This is legislative arrogance, to say the rules don’t apply anymore,” added Rep. Jack Kingston (R-Ga.), a House appropriator. “The budget and the spending bills are two pieces of the whole.”

Kingston pointed to the Department of Agriculture bill that he oversees, saying the input of the wider House brings important issues to his attention that he was not aware of when crafting a bill just with his subcommittee.

“This is also about transparency,” he said.

Kingston admitted that with August recess fast approaching, the House would probably not get to all the bills, but he said some bills are better than none.

The reluctance of the Senate to move forward is tied up in a fight over the top-line spending level for 2013. The House passed a budget with $19 billion less in spending that the level set by last summer’s debt-ceiling deal.

The Senate and White House want spending at the higher level of the August agreement. The Obama administration has issued a blanket veto threat for all 12 appropriations bills until the House agrees to abandon the lower spending level.

“I am always in favor of bringing the bills up for a vote, but I don’t think Republicans will let us do them,” Sen. Tom Harkin (D-Iowa), the appropriations member in charge of labor and health spending said, echoing a familiar complaint by Democrats that the GOP offers too many amendments to bills to allow them to be debated in a reasonable amount of time.

This past week, the Senate tried to consider a flood insurance bill individually, but when members could not agree on a way to limit amendments, it ended up being packaged into a huge highway and student loan bill. Sen. Rand Paul (R-Ky.) had wanted to use the bill to debate abortion and Reid had refused, creating a standoff.

Amazon Outage Hits Netflix, Heroku, Pinterest, Instagram

Amazon Web Services data center loses power because of violent electrical storms, knocking out many website customers.

By Charles Babcock, InformationWeek

July 02, 2012


Severe thunderstorms rolled through northern Virginia Friday evening and Amazon Web Services U.S. East data center, its largest, lost power at 8:40 p.m. The power was restored about nine minutes later but Netflix, Instagram, Pinterest, Heroku and other companies that depend on its infrastructure were affected.

“We’re currently experiencing technical difficulties and we’re working to correct the issues. Thanks for your patience,” said Instagram via Twitter at 8:16 p.m. Pacific Friday. Instagram is the mobile phone photo sharing service recently acquired by Facebook for $1 billion.

Heroku told its users two minutes later: “Our automated systems have detected potential platform errors. We are investigating.”

Amazon’s Service Health Dashboard posted its first notice at 8:21 p.m. Pacific, saying AWS was “investigating connectivity issues for a number of instances” in its northern Virginia data center.

Cedexis, the cloud monitoring service, said service was impacted by the power outage beginning at 8 p.m. Pacific (or 3 a.m. Saturday Greenwich Mean Time). It affected Amazon’s availability zone 1B of its Elastic Compute Cloud service. 1B is one of what are believed to be four zones in Amazon’s U.S. East-1 data center (Amazon doesn’t state how many zones are in each facility) and zone 1B compute service was completely down an hour later, said a Cedexis spokesman.

Basic EC2 service was out in the one zone for about two hours, according to Cedexis, although individual virtual server instances and some Elastic Block Store volumes were out for a longer period.

At 8:40 p.m. Amazon’s dashboard acknowledged to customers that “a single Availability Zone has lost power due to electrical storms in the area. We are actively working to restore power.” At 9:01 p.m. Pacific, Amazon acknowledged that the loss of an availability zone in U.S. East–1 had affected its Elastic MapReduce service as well.

Netflix relies primarily on Amazon infrastructure for its film delivery service. At 10:15 p.m. Friday, Netflix tweeted: “We’re sorry for the outage and working to get your Friday streaming back to normal as quickly as possible. Thank you for bearing with us.” Netflix uses more than one availability zone, and has recovery plans in case of the loss of an availability zone. Nevertheless, the power outage affected some customers.

That tweet went out in response to user comments that Netflix wasn’t able to deliver its service. One user commented that his Netflix services had been interrupted in the midst of a cliff hanger movie scene. “I was watching my favorite show & you guys screwed up,” tweeted Amar Chugg.

“I hope it’s fixed by tomorrow. I use Netflix everyday and I’m not a happy customer right now,” tweeted Brian Morin @Brianm123.

At 11:03 p.m. Pacific time, Mrs. Terrell tweeted, “Hurry up!”

At 1:11 a.m. Pacific time Saturday, Netflix was able to tweet: “Everyone should be back up shortly, if you aren’t already. Thanks again for being patient. And awesome.”

Heroku posted the notice at 9:33 p.m. Pacific that its engineers had moved customers out of the AWS infrastructure onto new servers. At 10:35 p.m. Pacific, its status page posted the following update: “We’ve restored the majority of internal services and are seeing a reduction in error rates, but many applications and databases remain offline. We are continuing to work to restore processes and databases.”

Amazon’s dashboard warned that Elastic Block Store storage service had also been affected by the outage. While it continued running, affected EC2 customers who may have thought their instances were writing to storage would find later that wasn’t the case, or that data updated in one EBS volume might not have been updated in another.

Due to the power outage, “some EBS volumes may have inconsistent data. As we bring volumes back online, any affected volumes will have their status in the “Status Checks” column in the Volume list in the AWS console listed as “Impaired.” If your instances or volumes are not available, please login to the AWS Management Console and perform” six steps to recover the data.

Amazon’s last post occurred at 8:38 a.m. Pacific Saturday. “We are continuing our recovery efforts for the remaining EC2 instances and EBS volumes. We are beginning to successfully provision additional Elastic Load Balancers,” it said as it neared the end of its recovery process.


To Rethink the Commercial Cloud Thing?


By Bob Brewin

July 2, 2012


The failure of the Amazon Web Services’ Virginia data center after a severe storm Friday and the hours it took the company to restore service — while Defense Information Systems Agency cloud services chugged along without interruption — sure seem like good reasons to question putting any federal data in the commercial cloud.

Yeah, the price may look right at first, but does it come at human and financial costs if the commercial data center goes dark due to acts of nature?

The joint Defense and Veterans Affairs Department Interagency Program Office specified Amazon cloud services in a technical blueprint for the integrated electronic health record released last month.

I thought this idea was balmy at the time, and it looks even nuttier after the meltdown of Amazon’s Virginia data center last week.

I have my own very personal reasons for preferring to do business with DISA than Amazon.

More than a decade ago I visited Amazon headquarters in Seattle on a reporting trip for Computeworld, showed up 15 minutes early, and asked for directions to the men’s room.

I was told that I would have to wait for a security guard to escort me. “Why?” I asked.

The answer: “People talk in men’s rooms” — implying I might overhear the company’s grand plans to destroy every bookstore on the planet.

I’ve been to multiple DISA facilities around the world — including the famed Bahrain data center — and the agency has always allowed me to use the loo without an escort.



Is Time Right for Military Cyber Branch?

Rethinking How America Should Defend Itself from Cyberattacks

By Eric Chabrow, June 29, 2012.


Stuxnet, Flame, Duqu – the intimidating digital weapons in a growing cyber arsenal – have been created to enable one nation-state to spy and/or virtually assault another nation-state.

Reports that the United States and Israel are behind these malware [see U.S., Israel Developed Flame] raise the question as to whether it’s time to rethink how nations should organize their military to defend their national interests.

“If the political and national will remain strong, and the need remains dire – particularly if there is a cyber Pearl Harbor-like event – there is a chance that a separate cyber branch may be considered.

The United States military, recognizing the digital threat it faces, established in 2010 a cyber command, with the primary objective to defend the IT and communication systems that support its armed service. The cyber command, not coincidentally, is headed by the director of the National Security Agency, Army Gen. Keith Alexander, and collocated at Fort Meade, Md. It’s not just digital defense on the mind of the Pentagon and NSA.

But should the United States military do more to organize for a growing threat to the nation’s well-being and stability?

Three years ago, two Army officers, Lt. Col. Gregory Conti and Col. John “Buck” Surdu, proposed the creation of a fourth military branch in an article, writing: “Adding an efficient and effective cyber branch alongside the Army, Navy and Air Force would provide our nation with the capability to defend our technological infrastructure and conduct offensive operations. Perhaps more important, the existence of this capability would serve as a strong deterrent for our nation’s enemies.”

I caught up earlier this month with Conti, now a colonel, who teaches cyber warfare at West Point, and asked him if the time is right to establish a cyber branch with so much attention focused on the likes of Stuxnet and Flame. Here’s his response:


Unfolding Events

“I don’t see a cyber warfare branch of the military being formed in the near future, but if we were to plot a straight line between where we were, where we are and where we are going, it is heading it that general direction.

“That being said, the question is how far down that path we progress, depending on how events unfold over the next two decades we might stop short, and that may be OK. Since the article came out in 2009, we’ve seen the birth of U.S., Army, Navy, Marine and Coast Guard cyber commands and the reaffirmation of Air Force cyber command. This is exceptionally rapid progress for the Department of Defense and U.S, government in only two to three years.

“I sense very broad recognition in the White House and Congress – and to a non-trivial extent, the American people – of the mortal danger and strategic advantage that cybersecurity and cyber warfare hold for the nation. The military services now are seeking to define the types of knowledge, skills and abilities required for cyber professionals and to create appropriate career fields. These efforts are in progress, but the results may ultimately conflict with the kinetic war-fighting cultures of each service.

“I don’t have full visibility, but I know the highest levels of leadership in the Army and Navy – and I suspect the others – are taking cyber very seriously and carefully considering significant dedication of resources and some structural reorganization to adapt to the cyber domain.

“We also hear serious talk in the press of promoting U.S. cyber command to a combatant command — akin to special operations command – which would significantly raise the stature of cyber within DoD. We might see a plateau at this point as DoD refines the associated organizations, capabilities, authorities, training, doctrine, etc. If the result is viewed as and may very well be sufficient, things may stop there. Over the next two decades, if the political and national will remain strong, and the need remains dire – particularly if there is a cyber Pearl Harbor-like event – there is a chance that a separate cyber branch may be considered.

We are living in historic times as all of the changes unfold. The trajectory of the future will depend on leadership, the successes of these emerging organizations, the effectiveness of detractors/competitors within the U.S, government and world events.”
The idea of a fourth cyber branch is intriguing, more so now than when Conti and Surdu first broached the idea. As cyberthreats get more sophisticated, threatening the very fabric of our economy and society, and if our adversaries put significant resources behind developing digital weapons, it might not take 20 years for the United States to decide whether or not to create a cyber military branch.


U.S. Critical Infrastructure Cyberattack Reports Jump Dramatically

A new report from ICS-CERT shows the number of reported incidents increased from 9 to 198 between 2009 and 2011

By By Brian Prince, Contributing Writer

Dark Reading, Darkreading

Jun 29, 2012 | 04:57 PM



U.S. critical infrastructure companies saw a dramatic increase in the number of reported cyber-security incidents between 2009 and 2011, according to a new report from the U.S. Industrial Control System Cyber Emergency Response Team (ICS-CERT).

In 2009, ICS-CERT fielded 9 incident reports. In 2010, that number increased to 41. In 2011, it was 198. Of those 198, seven resulted in the deployment of onsite incident response teams from ICS-CERT, and 21 of the other incidents involved remote analysis efforts by the Advanced Analytics Lab. Incidents specific to the water sector, when added to those that impacted multiple sectors, accounted for more than half of the incidents due to a larger number of Internet-facing control system devices reported by independent researchers, according to the report.

Though not all of the reports turned out to be actual cyber-attacks, the magnitude of the increase is somewhat surprising, says Kim Legelis, vice president of marketing at Industrial Defender.

“While those of us close to critical infrastructure cyber security were aware of the escalating nature of the threat landscape, the level that this report validates was more severe than expected,” she says. “In addition, the report provides a baseline to compare future reports and incidents to in the future.”

All totaled, ICS-CERT performed 17 onsite assessments during 2009, 2010 and 2011, including seven last year. The most common attack vector for network intrusion was spear-phishing, which accounted for seven of the 17 incidents. “Sophisticated threat actors” were tied to 11 of the incidents, with the goal in several cases being the theft of data.

“No intrusions were identified directly into control system networks,” the report states. “However, given the flat and interconnected nature of many of these organization’s networks, threat actors, once they have gained a presence, have the potential to move laterally into other portions of the network, including the control system, where they could compromise critical infrastructure operations.”

Tellingly, in 12 of the 17 cases, implementing of security best practices such as login limitations and properly configured firewalls could have deterred the attack, minimized the time it took to detect it or reduced its impact, ICS-CERT reports. Just last week, ICS-CERT advised that multiple systems have been observed “with default usernames and passwords” were accessible via the Internet. Those systems included the Echelon i.LON product, which is deployed in motors, pumps, valves, sensors and other control devices.

According to ICS-CERT, ten organizations in those 17 cases could have detected an intrusion by using ingress/egress filtering of known bad IP addresses or domain names. In three of the 17, asset owners had been notified of a cyber-attack or intrusion by external organizations, and in two additional cases, the incident had been identified by a hired third party such as a consultant or an integrator.

“Risk management and assessment is still an art, not a science,” says Lamar Bailey, director of security research and development at nCircle. “We need a lot more collaboration between IT and security organizations to dramatically improve the accuracy of risk assessments.”

To deal with spear-phishing, Norman Sadeh of Wombat Security Technologies suggests companies develop a security training program that involves sending mock phishing emails to employees.

“At the moment employees fall for the simulated attack, a unique teachable moment is created where the employee is humbled and now open to learning,” says Sadeh, chief scientist at Wombat. “Just-in-time training explains what they did wrong, what the criminals are after, and how to avoid similar attacks in the future.”



Congress faces slim window to pass bills

The Hill

By Russell Berman – 07/03/12 05:00 AM ET

Congress is poised to tackle a handful of high-profile bills between now and Election Day, but the measures face an uphill climb.


Lawmakers face a tight window for action on the remaining agenda items, including a farm bill, postal reform and appropriations legislation. The House is scheduled to be in session for just seven weeks in the four months before Nov. 6, and the mix of expiring tax provisions and looming spending cuts is expected to dominate the post-election lame-duck session.

Congress has been surprisingly productive during the first half of 2012 on bills ranging from highways to student loans to a ban on insider trading for lawmakers. But most on Capitol Hill believe that trend is in jeopardy.

For a number of bills that have been in the works since the beginning of the 112th Congress, the next several weeks will be crucial. And those measures will have to compete for floor time with political messaging votes — like House moves to repeal the 2010 healthcare law and extend the full slate of Bush tax rates — that will take up a bulk of the election-season legislative calendar.


Here’s a look at some of the issues left on Congress’s plate:



The pressure is on the House to act on a farm bill after the Senate in June passed a measure with a 10-year price tag of nearly $1 trillion. Whether the House can pass more than a one-year extension off the floor remains unclear. Conservatives have been leery of any legislation authorizing hundreds of billions in spending, and while the Senate bill cuts current spending levels, House Republicans are likely to push for far deeper cuts, particularly to the food stamp program.

The cuts contained in the Senate version, which passed on a bipartisan 64-35 vote, are less than those called for in President Obama’s budget. The Agriculture Committee, led by Chairman Frank Lucas (R-Okla.), has scheduled a markup for July 11. Ominously, the farm bill was not included in a May memo from House Majority Leader Eric Cantor (R-Va.) outlining the summer floor schedule. The current farm bill expires on Sept. 30.



The House is also playing catch-up with the Senate on legislation overhauling the Postal Service, which is in fiscal straits. The upper chamber approved its postal reform bill in April on a bipartisan vote, while the House has yet to act on its own version, spearheaded by Reps. Darrell Issa (R-Calif.) and Dennis Ross (R-Fla.) in the Oversight and Government Reform Committee.

A House GOP leadership aide said on Monday that the postal reform and farm bills were still being worked on and that there is “no firm date for when they will be on the floor.”



Unlike the farm and postal measures, both the House and Senate have passed bills reauthorizing the Violence Against Women Act. Yet the talks remain mired in a stalemate.

The House says the Senate bill is unconstitutional because it raises revenue, and legislation that raises revenue must originate in the lower chamber. Senate Democratic leaders say the House-passed bill is unacceptable because it does not contain provisions protecting Native American, LGBT and immigrant women. The fourth-ranking Senate Democrat, Patty Murray (Wash.), held a press conference last week to say she would not compromise on those issues.



All of the action on appropriations has thus far been in the House. The lower chamber has passed six annual spending bills for fiscal 2013, and another five have passed out of the Appropriations Committee. Of those, two more bills are expected to hit the House floor before the August recess — most likely those dealing with defense and financial services.

Because the Senate has made little headway in passing spending bills, a continuing resolution providing stopgap government funding through the November elections is considered inevitable before the end of the current fiscal year on Sept. 30.



Three-time presidential candidate Rep. Ron Paul (R-Texas) should get a rare turn in the House spotlight this month when his bill to audit the Federal Reserve receives a vote on the floor. The Oversight and Government Reform Committee signed off on the legislation last week, clearing the way for floor consideration. The timing could give a boost to Paul a month before the Republican National Convention, where he is expected to make his presence felt.



BRAC costs were $14 billion over estimates

Dayton Daily News

By John Nolan, Staff Writer

8:55 PM Monday, July 2, 2012


The 2005 base realignment and closure (BRAC) process cost the Defense Department and taxpayers two-thirds more than the initial cost estimate of $21 billion, congressional auditors reported.

By Sept. 15, 2011, when the 2005 base closings and program shifts across the armed forces were required by law to be completed, the total cost had grown to $35.1 billion, the U.S. Government Accountability Office concluded in its report requested by Congress. The $14.1 billion increase represented a 67 percent jump from the BRAC Commission’s 2005 budget submitted to Congress, the GAO reported.

By contrast, the Defense Department had spent about $25 billion combined on the four previous BRAC rounds since 1988, GAO officials reported.

Part of the 2005 BRAC changes involved creating military “centers of excellence” at Wright-Patterson Air Force Base by relocating the U.S. Air Force School of Aerospace Medicine there from Brooks City-Base, Texas, and moving additional sensors research capability and other programs in from military installations in New York state, Arizona, Massachusetts and Florida.

The $353 million construction program to build and renovate the needed facilities at Wright-Patterson represented the base’s largest construction effort since World War II. That program’s cost, initially projected at $332 million, was increased to finish the expansion and renovation of the Air Force Research Laboratory’s sensors directorate, just off National Road, base officials have said. The moves brought a net gain of 1,200 jobs to the base.

The cost of closing the former Brooks base in San Antonio has jumped to $608.2 million, a nearly $283 million increase from the initial projection of $325.3 million, the GAO reported. The GAO is the auditing and investigative arm of Congress.

The government undertakes the base realignments and closures to adapt U.S. defense capabilities to changing global power shifts and threats. The 2005 BRAC was the largest and most complicated one, GAO officials noted. It involved more than 800 defense locations and the relocation of more than 125,000 personnel.


BRAC’s key goals included establishing joint military medical centers, creating joint bases, and reconfiguring the defense supply, storage and distribution network.

Increased construction costs and a 13.7 percent increase in inflation from 2005 to 2011 were major factors in driving up the 2005 BRAC cost, the GAO concluded in its report released on Friday. Other contributors included underestimated requirements for outfitting or furnishing buildings, and expanded information technology needs, the GAO said.

The system-wide military construction costs that the 2005 BRAC Commission estimated at $13.2 billion have increased by 86 percent to $24.5 billion, the GAO said.

David Hobson, the former Republican congressman from Springfield, opposed the 2005 BRAC program, saying he didn’t believe the projections that it would save money.

“I didn’t think that it was going to produce cost-effective results,” Hobson, now a consultant, said Monday. “And it obviously didn’t.”

As a result of the 2005 BRAC changes, Springfield’s Ohio Air National Guard base lost its F-16 fighter jet and pilot training missions, but was awarded a support mission for MQ-1 Predator unmanned aircraft. Ohio political leaders said that would preserve almost 900 jobs at the Springfield base.

The 2005 BRAC Commission projected recurring annual savings of $4.2 billion from the realignment and closings. But the GAO has since reported that the Defense Department would spend more and save less than was estimated. The GAO said it plans to deliver a final accounting in a “lessons learned” report later this year.

In the BRAC process, Congress is limited to approving or rejecting the entirety of the commission’s recommendations, with no option to choose among them.

The Defense Department acknowledged in its response to the GAO that the auditors accurately reported the higher costs and reduced savings from the 2005 BRAC round.

But, the department said: “The department continues to believe that the BRAC process is the only fair, objective and proven process for closing and realigning bases …”

President Obama’s 2013 defense budget proposal includes a request that Congress authorize new BRAC rounds.

Given the increased costs and reduced savings from the 2005 round, Congress should consider establishing cost-savings targets for future BRAC commission members, said Loren Thompson, a defense industry analyst for the Lexington Institute in Arlington, Va.

Full report is at


Pentagon taking snail mail into the digital era

By Amber Corrin

Jul 03, 2012


After a successful year-long pilot program, the Defense Department is implementing a digital mail service that cuts down on processing time and improves accountability. The new program is part of several DOD-wide efforts in business management reform.

Online delivery options for physical mail will affect roughly 27,000 DOD employees, according to a Federal News Radio report.

The Defense Post Office currently processes about 13,000 pieces of mail every day; the Digital Delivery Mail System (DDMS) cuts the time for manual processing by three hours, a DOD announcement noted.

The mail is automatically sorted, and images of each piece are scanned and entered into a central system. Employees can then log into a secure, web-based system that allows them to view their mail and determine what to do with it – deliver physically or digitally, discard or return to sender.

The electronic system improves accountability by creating a virtual paper trail; it also increases security.

“Automated tracking records and digital imaging of the incoming mail enhanced security protocols and has provided a clear picture of the volume and type of mail received daily at the Pentagon,” the DOD release, posted on the Correspondence Management Division’s website, stated.

According to DOD, the new system will increase speed, security, and productivity, improve continuity of operations and reduce costs over time.

A March 2012 Congressional report on defense business operations highlighted the program as one of its success stories as DOD endeavors to overhaul its business management systems and increase efficiencies.

“Even as the department strives to improve its internal processes, better rationalize its information technology investments and manage its risks, defense business systems are providing real and tangible benefits to its operations in an increasingly technological 21st century environment,” DOD Deputy Chief Management Officer Elizabeth McGrath wrote in the report’s introductory notes.


Illegal software export helped China develop its first attack helicopter


By Bob Brewin

July 3, 2012


Officials of Pratt & Whitney Canada, a subsidiary of United Technologies Corp., had two key concerns as they started to purse a potential $2 billion helicopter engine market in China: profits and credibility.

United Technologies pleaded guilty on June 28 to violating the Arms Export Control Act and making false statements in connection with exports of software China used to develop its first attack helicopter. A federal investigation showed that while Pratt & Whitney Canada wanted to capture the Chinese civilian helicopter market, the price of entry was helping China develop a military attack helicopter.

The United States has prohibited the export of military hardware and software to China since 1989, but in pursuit of what was potentially a huge stake in the Chinese civilian aviation market, Pratt & Whitney Canada turned a “blind eye” to China’s use of the technology as it worked to help that country ostensibly develop a dual use military/civil helicopter, the Justice Department charged.


David Fein, U.S. attorney for the District of Connecticut, said Pratt & Whitney Canada “exported controlled U.S. technology to China, knowing it would be used in the development of a military attack helicopter in violation of the U.S. arms embargo with China.” Fein said the company “took what it described internally as a calculated risk, because it wanted to become the exclusive supplier for a civil helicopter market in China with projected revenues of up to 2 billion dollars.”

Lisa Monaco, assistant attorney general for national security said, “Due in part to the efforts of these companies, China was able to develop its first modern military attack helicopter with restricted U.S. defense technology.”

United Technologies informed the State Department in July 2006 that it had violated export control laws in helping China develop the attack helicopter even though Pratt & Whitney Canada officials knew the Chinese wanted their aid on development of the military version first, Justice said.

Company emails cited in the deferred prosecution agreement Justice signed with United Technologies showed that in August 2000, Pratt & Whitney Canada export managers reported that “discussions on [the engine] for [the] Chinese Z-10 attack helicopter [emphasis included] are progressing smoothly.”

This same email also acknowledged the export control laws and raised the credibility issue: “P&WC will lose all credibility in China, if P&WC/UTC, as [a] corporation, backs out of the program at a later date when put under pressure even if [a] legal basis for export restriction may not exist.”

In a September 2001 email, the Pratt & Whitney Canada export manager warned: “We must be very careful that the helicopter programs we are doing with the Chinese are not presented or viewed as military programs. As a result of these sanctions, we need to be very careful with the Z-10C program. If the first flight will be with a gun ship then we could have Problems with the U.S. government [emphasis included].”

Canada also has its own strict export control laws, and in September 2000, Pratt & Whitney Canada submitted a letter to the Canadian government for export of 10 engines to China. The letter acknowledged military use, but never mentioned development of an attack helicopter.

In January 2002, Pratt & Whitney Canada turned to another United Technologies subsidiary, U.S.-based Hamilton Sundstrand, for electronic engine control hardware and software, and the Canadian company “made no mention of a military end use,” the Justice Department said.

Hamilton Sunstrand developed 12 different versions of the software for the Chinese helicopter, which was exported by email, Justice said. Because the Chinese helicopter was dubbed commercial by Pratt & Whitney Canada, Hamilton Sundstrand did not seek an export license.

By April 2003, Pratt & Whitney Canada officials knew the first flight of a Chinese helicopter would be a military version, but did not inform Hamilton Sundstrand that the prototype was an attack helicopter.

By January 2004, Hamilton Sundstrand was aware there might be an export control problem with its software and requested and end use statement from Pratt & Whitney Canada, which the next month concluded it could not obtain U.S. export licenses and would use a Canadian supplier.

Officials of Pratt & Whitney Canada briefed senior United Technologies management in May 2004 and, according to internal documents obtained by Justice, called the Chinese engine program a “major breakthrough . . . it breaks the dominance of a competitor.” The Canadian company officials added: “Because of military applications, risks do exist on export control issues [emphasis included]. These risks have been mitigated by obtaining the necessary export permits and through appropriate selection of suppliers for engine components.”

In 2005, China told Pratt & Whitney Canada it intended to use the company’s engines only for the military helicopter and would conduct a competition for the civil program. Internal documents showed the company believed it needed to prove itself on the military program to win the civil business, but lost that competition.

In June 2006, Justice said that lawyers from United Technologies told Pratt & Whitney Canada and Hamilton Sundstrand they had concluded an export violation occurred with the software supplied to China. Company officials informed the State Department in a series of letters sent in July, August and September of 2006.

“The thrust of the disclosure letters was that none of the UTC entities had any idea that the Chinese were developing a military attack helicopter until 2003 or 2004, and that after learning about it, and subsequently recognizing the corresponding export violations, the UTC entities had taken swift remedial action to address the issue,” Justice said.

Those letters, Justice said, falsely claimed that the focus of the China engine project was to develop a dual use military/civil engine, when in fact, Pratt & Whitney Canada knew from the start that China sought the technology for an attack helicopter. These false claims, Justice said, were part of what it called a profit driven export scheme that resulted in China developing an attack helicopter based on U.S. technology.


It’s Official: Apple Computers Are No Longer Virus-Free

By Megan Garber

Jun 24 2012, 5:20 PM ET41

“It doesn’t get PC viruses” has become “It’s built to be safe.”

One of Apple computers’ key selling points — besides their cultishness, their coolness, etc., etc. — has been their resistance to viruses. Mac hardware is “built on the world’s most advanced operating system,” the company’s site declares; and part of that system’s sophistication, Apple has emphasized, has been an exceptionally strong immune system. PCs, Mac marketing has suggested, shun OJ and shirk on sleep and could probably stand to wash their hands a little more often; Mac machines, on the other hand, are effectively impervious to malware.

Well, were. Back in April, the Flashback botnet struck more than 600,000 Mac computers worldwide, with more than 300,000 of the machines affected in the U.S. Hackers searching for user information — passwords, financial account numbers — took advantage of a weakness in Java programs to gain access to Mac users’ machines. Nearly 300 of April’s Flashback attacks were aimed at Apple computers that were based in Cupertino itself.

In the wake of that attack, Apple is downgrading its antiviral swagger. On the company’s site, its former, blunt message — “it doesn’t get PC viruses” — has been replaced by a more generic boast: “It’s built to be safe.” And the slogan of the past — “Safeguard your data. By doing nothing.” — has been replaced by the much gentler “Safety. Built in.”

Which is on the one hand just a simple change in marketing language, but on the other the end of an era. The end, in particular, of an era in which Apple users were niche users — and in which consumers at large had the ability to be, should they choose, relatively carefree. Mac has now reached critical mass. And as more and more of our information makes its way to our machines, safeguarding data “by doing nothing” is no longer a blanket option, for Apple users or anyone else. Now, the best our computer companies can do is assure us that their devices are “built to” — but just built to — “be safe.”

Via PCWorld



Multiple Missteps Led to RIM’s Fall

June 28, 2012



WATERLOO, Ontario—As the BlackBerry smartphone fell steadily further behind app-loaded rivals like the iPhone in recent years, it was time for an unambiguous response from the chief executive’s office.

RIM is expected to report an operating loss following a decline caused partly by overconfidence in its keyboard devices amid the rise of touch-screen smartphones. Will Connors reports on digits. Photo: AP.

At Research In Motion Ltd., however, that was complicated. The BlackBerry maker had two chief executives. Moreover, their offices were about a 10-minute drive apart. Meetings with both of them present were rare, say former RIM executives and people who dealt with the company.

Many forces have combined to bring RIM to the point of reporting a quarterly operating loss, as is expected on Thursday, but one of them was a split personality in the executive suite, former executives say. As investor pressure mounted at the company recently, one CEO, company founder Mike Lazaridis, was focused on a make-or-break push to launch a next-generation BlackBerry with a new operating system. His co-CEO, Jim Balsillie, started pursuing a separate strategy that envisioned licensing out some of the company’s proprietary technologies.

Both men are gone from the CEO suite now, replaced in January by former Lazaridis lieutenant Thorsten Heins. He is slashing costs. RIM says it is committed to seeing through the rollout later this year of its next BlackBerry. But Mr. Heins has hired investment bankers to explore options and hasn’t ruled out a sale of a company, whose stock has tanked nearly 70% in 12 months and pushed its market value, at under $5 billion, to less than one-fifteenth of its peak.

RIM still has a comfortable cash cushion of more than $2 billion, which it said last month is likely to have grown in its fiscal first quarter ended June 2. It also is debt-free, giving it more breathing room to get out its new phone, with an operating system called BlackBerry 10 that RIM says “sets the standard for reliable, secure mobile computing.” RIM has told its bankers it is focused on that rollout, said a person familiar with the matter. If the phone is a hit, the company will recover some of its lost value, and the new technology will be a boon to any possible sale or partnership in the future, this person said.

According to interviews with more than a dozen former RIM executives and industry executives who worked closely with the company, it was a blinding confidence in the basic BlackBerry product that was at the root of RIM’s current troubles. Compounding that, as they describe the events, were a drawn-out internal debate over who their core customer was; a series of catch-up products that didn’t really catch the company up; and tensions within parts of the company.

The bet long made by RIM was that both corporate and individual customers would continue to favor the BlackBerry’s easy-to-use mobile email over the multiplying features and apps on Apple Inc.’s iPhone and devices running on Google Inc.’s Android operating system. When it saw consumers starting to gravitate away from BlackBerrys, RIM moved tentatively.

At one point, RIM worked to challenge the iPhone with telecom carriers that were fearful of Apple’s dominance. The new models that came out of these collaborations, however, failed to generate iPhone-like buzz.

RIM isn’t alone in failing to adapt quickly to the transformation of smartphones from devices to talk and email into pocket-size computers. Once-dominant Nokia Corp. has been forced into a partnership with Microsoft Corp. to equip its phones to compete, and is slashing thousands of jobs as its share of the global smartphone market erodes.

At RIM, executives eventually brought in outside talent, but that raised tensions inside the ranks of a company that already harbored separate Lazaridis and Balsillie fiefs, some former RIM executives and executives who have worked with RIM say. According to them, the separate teams sometimes clashed, especially as the onetime smartphone leader slipped further behind.

RIM, in a statement, said the split-personality characterization wasn’t accurate. “As with any innovative company there were times when various people within the organization disagreed, but this was not the norm,” it said.

“The CEO structure worked well for many years and allowed each of the co-CEOs to focus on their areas of strength,” RIM added. It said the co-CEOs started out sharing an office, had offices next to each other, and then, “as RIM grew, they each took offices closest to those areas each supervised in order to stay close to their teams. At all times, they had an efficient, professional working relationship and were in close communication.”

Mr. Heins, soon after taking over as CEO early this year, put an end to the strategy pursued by one CEO: Mr. Balsillie’s licensing initiative. RIM said it doesn’t discuss nonpublic internal deliberations.

Mr. Balsillie has given up his board seat. Mr. Lazaridis remains nonexecutive vice chairman.

“Successful companies take what they can learn from every situation and use that to push forward,” Mr. Lazaridis said, noting that he and Mr. Balsillie “felt it was the right time in RIM’s life cycle to turn the leadership of the company over to someone else.” Mr. Balsillie didn’t respond to requests for comment.

RIM didn’t make Mr. Heins available, citing a quiet period before the earnings release.

RIM essentially invented email on the go. Founded by Mr. Lazaridis in 1984 with a $15,000 loan from his parents, the company grew to a stock-market value of more than $80 billion at its zenith in 2008, controlling about half the U.S. smartphone market.

RIM hosted lavish banquets for its inventors. To mark milestones, it treated employees to concerts by bands such as U2 and Van Halen. At the company’s campus of low-slung gray buildings 70 miles from Toronto, employees got free ice cream on “Frosty Fridays.”

Amid its cost-cutting, RIM isn’t giving up entirely on ice cream days. “Ice cream is a relatively low-cost way to build stronger bonds within our team,” RIM said.

Mr. Balsillie, who came aboard in 1992 after having explored a takeover bid for the company, and Mr. Lazaridis became Canada’s best-known billionaires, each funneling chunks of wealth to pet projects. Mr. Lazaridis built a theoretical-physics institute. Mr. Balsillie started a school for global governance and tried unsuccessfully to buy three professional hockey teams.


Behind the success was Mr. Lazaridis’s unrelenting vision for robust engineering and innovation and Mr. Balsillie’s push for market expansion. But former executives say there was also an aversion at the company to innovations that didn’t buttress its core strengths: its proprietary network and reputation for security.

At an investor meeting about a decade ago, analysts asked Mr. Lazaridis whether RIM was moving to a color screen, a feature popping up on devices in Asia. “Do I need to read my email in color?” he replied, according to Brian Blair, then an analyst with Banc of America Securities.

RIM says that at the time, color screens were impractical, with high costs and high battery drain. It says it was among the first to adopt color displays just a few years later.

RIM’s customers then were overwhelmingly companies, which gave their employees BlackBerrys for email. But a growing number were individuals, often eager for features such as cameras, games and Internet browsing. RIM brought out devices with cameras and MP3 players including the Pearl in 2006 and the Curve in 2007—the year the iPhone came out.

Still, RIM’s carrier partners worried that the wild popularity of the iPhone could give Apple outsize influence in the market. Executives at Verizon Communications Inc. and Vodafone Group PLC approached RIM to work together on a phone that could compete with the iPhone, say people familiar with the matter. The collaboration resulted in RIM’s first touch-screen device, the Storm.

“Vodafone started really rushing around saying, ‘Helps us build an innovative competitor to the iPhone,’ ” said Pieter Knook, a Vodafone executive at the time. He said Mr. Lazaridis came up with the Storm’s marquee innovation, a touch screen that physically clicked.

The Storm “sold very well,” but wasn’t a strong competitor to the iPhone, said Denny Strigl, at the time president of Verizon.

In 2010, AT&T Inc., then Apple’s exclusive carrier partner, approached RIM about a plan to develop a touch-screen rival to the iPhone, said two former RIM executives. The chief of AT&T’s mobile division visited RIM’s research and development team in Waterloo to stress how important it was for AT&T to have a successful BlackBerry product to sell, according to people familiar with the visit. RIM said the objective of the visit was to develop “a differentiated, unique BlackBerry experience for AT&T customers.”

“We work with all device makers to bring the best products to market for our customers,” AT&T said.

A RIM-AT&T collaboration resulted in the BlackBerry Torch, say people familiar with the effort, but it was hobbled by hardware and software shortcomings.

RIM executives also missed some internal warnings. The sales division produced a research report in 2010 on the future of tactile keyboards, the thumb-friendly feature that was a favorite in the early days of the BlackBerry. The report warned that in the era of Apple’s touch-only devices, keyboards would make up a diminishing share of the market, according to a person familiar with it, who said the warning was ignored.

During a meeting the same year, Mr. Balsillie asked if RIM should be worried about a new trend: consumers bringing their own smartphones to work and asking their employer to let them work on the devices. Some executives said the trend was a threat; a few said they weren’t worried. Mr. Balsillie went with the latter view, said a person close to the company. RIM said it doesn’t discuss nonpublic “internal company deliberations.”


As Apple and Android devices ate into BlackBerry’s market share, Mr. Lazaridis started looking outside for innovation, bringing in a new marketing team and other top executives. In April 2010 RIM bought QNX Software Systems, a maker of operating systems for cars and medical devices. RIM was readying a tablet to compete with the iPad, and executives decided that they would use QNX to power the device, called the PlayBook.

According to people close to the company, the acquisition stoked tensions between the teams led by Mr. Lazaridis, who was in charge of product development, manufacturing and R&D, and Mr. Balsillie, who ran carrier partnerships, sales and marketing.

The two CEOs met in person fairly regularly, and would send instant messages or call each other to bounce ideas around or get progress reports when they weren’t in the same room. But as RIM hit trouble, they were more often than not toiling in very different worlds, according to these people, who say the teams reporting up to the two didn’t communicate effectively if at all. Some projects would go astray before either co-CEO noticed, these people say, and disagreements between the two sides sometimes devolved into shouting matches.

The QNX leadership team reported directly to Mr. Lazaridis, bypassing Mr. Balsillie and other top RIM officers, rankling them, according to people familiar with the situation.

Meanwhile, by late 2011, Mr. Balsillie was deep into his own project, an effort aimed at licensing some of RIM’s proprietary technology, such as its security network and its popular BBM messaging tool, to outside companies. Some analysts had long suggested such a move to boost revenue and buy the company more time as it readied its new phone.

Mr. Balsillie and a team under him struck licensing agreements with several partners, including carriers, according to people familiar with the effort. The deals would have allowed other smartphone makers and the carriers to use RIM’s network for a fee.

But by the end of last year, RIM shares were hitting eight-year lows. On Jan. 22, the board, led by Messrs. Lazaridis and Balsillie as co-chairmen, said the two would step aside. They remained big shareholders and each kept a board seat.

Within a week of becoming CEO, Mr. Heins, a Lazaridis lieutenant, scuttled the licensing plan, people familiar with it said. He said he would focus a slimmed-down RIM on rolling out its new BlackBerry phones.

—Anton Troianovski, Jessica E. Vascellaro and Anupreeta Das contributed to this article.



Apes With Apps

Using tablets and customized keyboards, bonobos can become great communicators

IEEE Spectrum

July 2012

By Ken Schweller /


Have you ever watched a toddler play with an iPhone?

Most likely, the child was completely captivated and surprisingly adept at manipulating the tiny icons. Two-year-old Teco is no different. Sitting with his Motorola Xoom tablet, he’s rapt, his dark eyes fixed on the images, fingers pecking away at the touch screen. He can’t speak, but with the aid of the tablet app I created for him, he’s building a vocabulary that will likely total several thousand words. What’s more, he’ll be able to string those words together into simple sentences and ask questions, tell jokes, and carry on conversations.

Such talents wouldn’t seem exceptional in a human child, but Teco is an ape—a bonobo, to be precise. To the uninitiated, bonobos look very much like chimpanzees, but they are in fact a separate species with distinct physical and behavioral traits. More collaborative and sociable than their chimp cousins, bonobos also seem to be more adept at learning human language. And they are endangered, found in the wild only in the Democratic Republic of the Congo. Recent estimates put the wild bonobo population at between 10 000 and 50 000. Fewer than 150 live in captivity. Along with the chimpanzee, they are our species’ closest relatives.

For more than three decades, researchers have been working with a small group of bonobos, including Teco, to explore their amazing cognitive and linguistic abilities. Teco’s father, Kanzi, is the group’s most famous member: Anderson Cooper has interviewed him, and he’s played piano with Paul McCartney and Peter Gabriel. Animal lovers worldwide have marveled at his ability to communicate by pointing to abstract symbols. He recognizes nearly 500 of these “lexigrams,” which he uses to make requests, answer questions, and compose short sentences. The spoken words he understands number in the thousands.

Even so, many people question these abilities. Indeed, for more than a century scientists have debated whether apes could ever truly comprehend human language. Many researchers argue that language is the exclusive domain of humans, and several influential studies in the 1980s concluded that supposedly “talking” apes were merely demonstrating their capacity for imitation, with lots of unintentional cuing by the animals’ handlers. Linguist Noam Chomsky has likewise argued that the human brain contains a species-specific “language acquisition device,” which allows humans, and only humans, to acquire language.

But the bonobo research I’ve been involved with, led by primatologist Sue Savage-Rumbaugh at the Bonobo Hope Great Ape Trust Sanctuary, in Des Moines, strongly suggests otherwise. Today, the wide availability of touch screens, tablet computers, digital recording, and wireless networking is giving researchers the world over powerful new ways to study and unambiguously document ape communication. The results of these studies are in turn helping to spark a renaissance of technology-aided research into primate development and cognition and shedding light on the origins of culture, language, tools, and intelligence.

It’s a typical workday, and Panbanisha, Kanzi’s younger sister, is sitting before a 42-inch touch-screen display. She’s doing a match-to-sample task: When she presses a green button in the middle of the screen, the computer’s text-to-speech synthesizer says “apple,” and then the lexigram for the word apple appears on screen, along with two other lexigrams, for dog and sorry. Panbanisha touches the one for apple. After five correct responses, she gets to pick a short video to watch. She selects one of her favorites: a clip from Tarzan the Ape Man.

Our research group is using tasks like this to measure the bonobos’ vocabularies. We estimate that Panbanisha, like her brother, understands several thousand words. These match-to-sample experiments are enabling us to determine the exact number and should also help dispel criticisms that the bonobos are simply displaying the “Clever Hans effect.” Clever Hans was a horse that became renowned at the turn of the last century for solving arithmetic problems, telling time, and reading and understanding German. Later it was revealed that his trainer was subconsciously nodding whenever the horse tapped out the correct answer. Hans was indeed clever—clever at reading subtle cues from his trainer, not at adding and subtracting.

To avoid the Clever Hans effect, the bonobos aren’t encouraged to use sign language, because it leaves too much open to interpretation. Instead they “talk” to us almost exclusively with lexigrams; the computer helps remove any ambiguity. One day, for instance, Savage-Rumbaugh was using the match-to-sample program to familiarize Panbanisha with new words. The computer’s synthesized voice spoke the word “carrot” and then its screen displayed the lexigrams for carrot, carry, and potato. Panbanisha was about to hit the lexigram for carrot, but Savage-Rumbaugh, who’d misheard the word as “carry,” told the ape she was mistaken. The ape, though, knew better and selected the carrot lexigram anyway.

For more free-form communication, the apes can use their lexigram program, which displays up to 600 symbols on screen [for examples, see the image “True Meaning”]. The bonobos can tap multiple keys to construct a sentence, and each sentence they write is time-stamped and recorded for further analysis.

In 1971 a primatologist named Duane Rumbaugh (Savage-Rumbaugh’s ex-husband) came up with the idea of teaching language to apes by displaying abstract geometrical symbols on a computer screen. The first set of 120 symbols was then designed by Ernst von Glasersfeld [PDF], who also coined the word lexigram. Each symbol represented a noun, verb, adjective, or name. The lexigram lexicon was later expanded to 384 symbols, which were displayed on a keyboard. Researchers also used (and sometimes still use) a folding poster-board keyboard when greater mobility was required.

The latest version of the keyboard is created with software on a touch screen. These keyboards are easier to update and much less expensive to make than their hardware predecessors. Written in Java, the program will run on any reasonably up-to-date desktop or laptop. The keyboard software can also be wirelessly shared among several computers so that more than one researcher can communicate with a single bonobo. For easier translation, the researcher’s keyboard displays the English word just below each lexigram. Or the researcher can type in a word or sentence in English, and the software does its best to translate it into a meaningful string of lexigrams. For example, there is no lexigram for pizza, so the program translates that word into the three-lexigram sequence for bread cheese tomato, a description the bonobos came up with themselves.

One of the newest improvements to the keyboard software allows new lexigrams to be defined on the fly. Unlike the original lexigrams, the newer symbols aren’t limited to abstract shapes; they often include the English word, too, to make it easier for human users to understand. Here’s an example: Let’s say one of the bonobos has a toothache. There is no lexigram for toothache, so the researcher calls up a standard English keyboard on screen and types in “toothache.” A second later, a new lexigram spelling the word in colorful letters appears on the bonobo’s keyboard, and when the animal taps the key, the computer’s flat, synthetic voice says “toothache.” The researcher can then explain the link between what the ape is feeling and the new lexigram. Being able to add new lexigrams at will lets us reinforce new words, when the word and its meaning are fresh in the ape’s mind. If the bonobo didn’t have a toothache, it would be nearly impossible to explain the concept.

Another way the keyboard can be used is in picture mode. By pressing a lexigram key, the user can call up an image of the object, action, or concept that the lexigram describes.

I’ve spent many an hour watching the bonobos use the touch-screen keyboards, and they are incredibly good at operating them. Indeed, over the years, they’ve adapted to whatever new computer technology we’ve introduced. Before the touch screen, they used off-the-shelf gaming joysticks to control the computer cursor. The apes mastered that device in no time and soon graduated to using the joystick for its intended purpose: Kanzi is an expert at Pac-Man, while Panbanisha prefers “Sesame Street” video games.

Of course, studies of ape language didn’t start with the advent of computers. Beginning in the early 1900s, several attempts were made to teach chimpanzees to speak human languages. Such efforts proved largely fruitless, however, because chimps cannot produce human vocal sounds.

Experimenters then turned to sign language. In the 1970s, for instance, the psychologists Beatrix and Allen Gardner reported in Science that they had raised a female chimp named Washoe [PDF] to use and understand 85 signs. What’s more, she could combine signs in novel and meaningful ways. For example, she referred to the refrigerator as “open food drink,” even though the scientists themselves never used that phrase.


David Premack, a psychologist, and Ann Premack, a science writer, adopted another approach: They used colored plastic tokens to represent different words and concepts. In a series of experiments, a chimpanzee named Sarah learned to use the tokens to answer sometimes quite abstract questions about objects and their relations. For example, she was taught that a blue triangle token represented an apple; when she was later shown the token and asked what shape and color the object was, she replied that it was round and red, not triangular and blue.

Almost as soon as affordable computers came on the market in the 1960s, primatologists eagerly applied them to their work. As mentioned earlier, Duane Rumbaugh designed a computer-controlled lexigram keyboard for what came to be known as the Language Analogue, or LANA, Project. Lana is also the name of the first chimpanzee to use Rumbaugh’s keyboard. It consisted of three aluminum panels, each about 30 by 60 centimeters, mounted side by side on the wall of Lana’s cage. Each lexigram was embossed on a small square Lucite key, which was inserted into slots on the panel. The panel itself was connected by patch cords to a DEC PDP-8/E, an early minicomputer; its magnetic core memory could store a whopping 12 000 words. When a key was pressed, it glowed. The computer monitored the sequence of lexigrams Lana pressed and projected them above the keyboard.

Lana learned to use dozens of lexigrams. She could put these symbols in a grammatical sequence to generate sentences, sometimes quite complex ones. To request a treat from her trainer Tim, for instance, she might press the lexigrams for Lana want Tim give M&M.

TRUE MEANING: The 600 or so lexigrams that the bonobos use to communicate represent nouns, verbs, adjectives, and other parts of speech. The newer icons incorporate the spelled-out word, to make it easier for human users to understand. The latest version of the lexigram software also allows new symbols to be created on the fly.

Work with Kanzi and his fellow bonobos has taken our appreciation of ape language to a new level. Interestingly, Kanzi was never taught to use human language: He acquired it as children do, by being exposed to it. The process began when he was only 6 months old, while researchers were trying to teach lexigrams to his mother, Matata, a bonobo who had been raised in the wild. Baby Kanzi always accompanied Matata during her training sessions and so was in the perfect position to eavesdrop.

For two years, nobody suspected that Kanzi was paying even the slightest attention to the lexigram training, although he clearly liked the lights on the keyboard and the blinking projections above. It was only when Matata was taken away for a few weeks for breeding that researchers discovered how much Kanzi had picked up. After searching in vain for his mother, he spontaneously began using her keyboard to communicate with his caretakers. What is more, he understood the spoken words that the lexigrams represented, and he could locate their representations on the keyboard.

That event marked a paradigm shift in ape language studies. Previously, researchers had worked from a behaviorist psychology tradition, which held that mental events are products of reinforced training. So a scientist would show a chimp an apple, say “apple,” and then make the sign for the word apple. If the chimp signed back with apple, he’d be rewarded with an apple. Kanzi showed us that bonobos don’t really learn language that way; neither, of course, do people.

It now appears that 2-year-old Teco will equal or maybe even surpass his father and aunt in linguistic ability. Since birth, he has been totally immersed in human language—and to a much greater extent than Kanzi and Panbanisha have been. I built Teco his first toddler’s keyboard app on the Motorola Xoom tablet with just a handful of oversize lexigrams: grape, dog, go, cereal, and milk. He’s since graduated to a 25-lexigram keyboard.


At the age of 4 months, Teco recognized his first lexigram. Savage-Rumbaugh recalls that on the day it happened, the baby bonobo had been eating grapes. When the researcher told him she would give him a grape, he reached out his hand and touched the grape lexigram. She waited briefly and then asked him if he was ready for the grape. This time, he touched the grape symbol, but with his mouth instead of his hand.

What these and other incidents add up to is a rich picture of bonobo behavior. In the wild, the bonobos live in the rain forest of the Congo Basin, where, until the fairly recent arrival of logging crews, they had no natural predators and enjoyed an abundance of food. As a result, bonobos have gentle dispositions and are extremely sociable and collaborative. They are typically eager to interact with humans—and thus quite receptive to adopting human language and culture. What we now believe is that language, rather than being a uniquely human trait, is something other species can develop to varying degrees under the right circumstances—not to our level of sophistication but certainly to the point where we can communicate intelligently with them.

If you’re worried that the bonobos I work with are spending too much time staring at computer screens, rest assured: They have plenty of opportunity for more natural interactions and for just goofing around. One of the first projects I worked on was a 60-centimeter-tall mobile robot, dubbed Robo-Bonobo, which the apes can control using a wireless joystick. The bot, about the size of a small garbage can, is mounted on wheels and has an onboard camera and an animatronic chimp head that can be raised and lowered. The idea is to provide the bonobos with a safe way to interact with visitors and have some fun—the robot comes equipped with a squirt gun. Of course, there’s also a scientific purpose: to study the apes’ ability to solve problems that require them to take another observer’s perspective.

My students have gotten very creative in developing new high-tech tools for this research. They’ve developed dozens of computer games, including puzzles and mazes, as well as a program called Keyboard Trainer, which helps people learn the hundreds of bonobo lexigrams. Students love working with the bonobos. On one visit, we watched Panbanisha tapping on a touch screen. Seeing us, she grabbed her poster-board keyboard and used the lexigrams to invite her visitors to have some juice. We all stopped working and sat down outside her glass enclosure to enjoy a drink together.

These days, much of my effort is directed toward finding better ways to document experiments and collect data. For example, it’s helpful to know who exactly is using a particular touch-screen keyboard, whether human or bonobo. My colleagues and I are considering using thumbprint or retinal scanners, RFID bracelets, or face-recognition software to identify who’s at each computer. We’re also exploring ways to allow the apes to control their own environment—using their keyboards to open doors and windows, access vending machines, control cameras, and so on. And we’re writing lots of apps for use with the bonobos’ wireless and GPS-enabled tablets, which will allow us to collect data in the field. One app we’re working on will let the apes alert security guards to any suspicious activity outside their enclosure, like the presence of wild dogs or other intruders.

Where might all this research lead? Beyond showing to what extent apes can use language, we anticipate that our studies will also shed light on people’s development and use of language, the impact of culture on cognition, and the cognitive structures that must be in place for language to blossom. Our work also has implications for how to handle sentient animals such as apes in captivity. If apes can communicate with their keepers, for instance, they can ask for changes to their environment that would make it better suited to their needs. Such possibilities suggest that apes’ cognitive abilities are a lot closer to humans’ than anyone imagined just a short time ago. But maybe that shouldn’t be so surprising, given the genetic similarities between the various great apes, a formal grouping that includes humans.


While the bonobo species still survives, we believe it’s our obligation to learn as much as we can about these extraordinary animals. They are fascinating in their own right, and they are also a window into our not-too-distant evolutionary past. By studying them, we learn ultimately about ourselves.


Sykipot malware used in attacks on aerospace industry

Security researchers from AlienVault have detected new Sykipot email-based attack campaigns

Lucian Constantin    

July 4, 2012 (IDG News Service)


New email-based attacks, some of which target the aerospace industry, are distributing new variants of the Sykipot information stealing malware, according to researchers from security firm AlienVault.

“We have detected a new wave of Sykipot campaigns that has been running during the past weeks,” AlienVault Labs manager Jaime Blasco, said Monday in a blog post. “There are several changes between the new Sykipot campaigns and the older ones.”

There are clues suggesting that these attacks originated in China, although this cannot be confirmed with 100% certainty, Blasco said Wednesday.

The rogue emails sent in the new attacks no longer distribute malicious attachments that exploit vulnerabilities in Adobe Reader, Microsoft Excel or Internet Explorer to install Sykipot.

Instead, they contain links to compromised websites that exploit a 2011 Flash Player vulnerability or a yet-to-be-patched vulnerability in the Microsoft XML Core Services (MSXML) to install the malware.

The MSXML vulnerability is believed to have been exploited in June attacks that prompted Google to warn its Gmail users about state-sponsored attacks. Microsoft released a manual fix for this vulnerability on June 12.

However, the company should provide a proper automatic security patch as soon as possible because the number of attacks that exploit it are increasing, Blasco said.

The Sykipot Trojan program has been used during the past year in targeted attacks against U.S. federal agencies, defense contractors and other organizations that store sensitive data on their computer systems.

One of the new Sykipot attack campaigns targeted potential attendees to the 2013 IEEE Aerospace Conference, a conference intended for aerospace experts, academics, military personnel and industry leaders.

Each Sykipot variant is tailored for a particular group of targets, Blasco said. For example, in January, AlienVault researchers found a version designed to bypass two-factor authentication based on PC/SC x509 smart cards, which commonly used for access management in the defense sector.

The Sykipot variants distributed in the recent attacks use a slightly modified obfuscation for their configuration files and communicate with the command and control (C&C) servers over SSL. The C&C domains they contact have been registered in the past month, Blasco said.



Air Force plans ‘see-and-avoid’ system for drones


By Bob Brewin

July 5, 20120


The Air Force wants to turn pioneering research conducted by its research laboratory in Rome, N.Y., in 2005 into production-ready technology that would help aircraft avoid midair collisions. The service is pursuing the technology as the Federal Aviation Administration gears up to allow the widespread use of unmanned aircraft in domestic airspace by 2015, a move opposed by pilots and airlines who believe unfettered use of drones could pose serious aviation hazards.

The Air Force Aeronautical Systems Center at Wright-Patterson Air Force Base in Ohio announced a need for industry to help develop an airborne sense-and-avoid system to allow drones to operate safely in domestic airspace. The center plans to host an industry conference in November or December.

The Air Force Research Laboratory’s Multisensor Integrated Conflict Avoidance/Joint Optimal Collision Avoidance system has successfully demonstrated using sophisticated software to help avoid airborne collisions.

The Aeronautical Systems Center said it want to develop a “sensor-agnostic” see-and-avoid system, but said it expected the first generation would be based on technology tested by the Research Laboratory and widely used in the commercial airline industry. These included the Traffic Collision Avoidance System, installed in aircraft to monitor nearby airspace, and the Automatic Dependent Surveillance-Broadcast system, which transmits Global Positioning System-derived locations of aircraft and is the core of FAA’s Next-Generation Air Transportation system.

The Airline Pilots Association International, in comments on an FAA rule-making process on the use of drones in domestic airspace, recommended they be equipped with ADS-B and the Southwest Pilots Association urged the use of TCAS.

The Aeronautical Systems Center said it initially plans to install the airborne sense-and-avoid system on Global Hawk drones. A Navy Global Hawk drone crashed on Maryland’s Eastern Shore in June, the seventh known crash since 1999 of a Global Hawk, an aircraft originally developed for the Air Force.


Agency-owned PCs could soon be relics of a bygone era


By Bob Brewin

June 22, 2012


Veterans Affairs Department Chief Information Officer Roger Baker predicts that within five or six years VA will no longer furnish employees with computers. Instead, they will use the devices they own to connect to department networks.

He also believes the department has awarded its last desktop PC contract, a $476.6 million deal for up to 600,000 desktops awarded to Dell in April 2011. Baker made the remarks in a call with reporters Thursday.

He would like to see VA get out of the business of provisioning its roughly 300,00 employees with hardware to access VA networks and said he backed a departmentwide policy allowing employees to bring their own devices to the job.


Asked how the department would manage the financial aspect of a policy that would have employees buy their own hardware, Baker said, “That’s a [human resources] issue.”

Last October VA kicked off a test of 1,000 department-supplied Apple iPad tablet computers on its networks. Baker said security stands out as the key issue for the use of tablets and smartphones, whether they are supplied by the department or owned by employees.

IT will take a “massive investment” to ensure veteran data is protected before VA can proceed with a widespread BYOD plan, Baker said. He did not specify how much VA will need to spend on mobile device security.

VA and its employees also would have to ensure that personal applications are free of viruses and malware before they are connected to the department computer systems.

Baker also warned that any VA employee who uses Apple hardware that has been “jailbreaked” — modified so the user gains root access to the operating system — faces harsh consequences. Any such hardware connected to VA networks, would have its software completely and automatically wiped, Baker said.

Baker’s endorsement of a BYOD policy fits with a similar approach planned by the Defense Department in its mobile device strategy released last week. That strategy said, “DoD must continue to explore the efficiencies associated with the use of personally-owned mobile devices and potential security risks posed by such devices. ”

The Defense Department “must define acceptable use of personally-owned mobile devices and acceptable personal use of DoD-owned devices where applicable,” the strategy said.

Baker said he would like to work with Defense CIO Teresa Takai on developing mobile strategies and policies.



HTC did not infringe Apple patents, judge rules

Washington Post

By Hayley Tsukayama, Published: July 5

A British judge ruled Wednesday that smartphone manufacturer HTC has not infringed on patents held by Apple, and found that three of the four patents Apple tried to assert against the company were not valid.

The judge said that Apple’s patent for electronic photo management was a valid claim but that HTC’s smartphones did not cross the line in implementing similar technology.

Three European patents, including one for “slide-to-unlock,” were deemed by the judge to be too obvious to warrant protection, FOSS Patents reported — something blogger Florian Mueller said is typical of British courts.

“According to statistics, only about 15% of all patent infringement claims brought in the UK result in a finding of a violation,” Mueller wrote.

He added that he doesn’t believe the British ruling will have much bearing on cases in the U.S., though it could have “some relevance” in the rest of Europe and Australia.


A German court had previously granted Apple an injunction against Motorola Mobility, saying that the company had infringed on the slide-to-unlock and photo management patents. Motorola has managed to work around those rulings.

HTC said in a statement that it is “pleased with the ruling, which provides further confirmation that Apple’s claims against HTC are without merit. We remain disappointed that Apple continues to favor competition in the courtroom over competition in the marketplace.”

Apple recently won two judgments against Samsung’s Galaxy Nexus smartphone and Galaxy Tab 10.1, but lost a separate case with the International Trade Commission in which it asked for an emergency ban on HTC phones.


From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: