Friday, June 28, 2013

The Cyber Privateer Code, Draft 02

Well, I've finally felt the need to modify The Cyber Privateer Code which I originally published on November 13, 2010 (you can click on the link to the right to see the original). It just seemed a real deal-killer to expect a licensing/bonding authority to authorize a cyber privateering raid if the penalty for making a mistake was one-hundred times the loss. So I changed the penalty to four times the loss (the original plus treble damages).  I also updated the code as my novel Daddy's Little Felons is about to become available on Had to tie up a few loose ends.

Here's the current code, kind of like The Pirates' Code alluded to in one of the Pirates of the Caribbean movies:

The Cyber Privateer Code (draft 02):
  1. Any unauthorized attempt to access your computer or phish your data access privileges constitutes a crime punishable by the looting of the attacker's assets by an authorized cyber privateer. All assets. Within 6 months of the attack.
  2. If it is determined that the attacker is acting under explicit instructions from a larger organization or government, the assets of that organization or government are also forfeit to the extent that an authorized cyber privateer may confiscate them within a six month period of the original motivating attack. All assets.
  3. The individual whose assets were seized by a cyber privateer—or the publicly and legally designated spokesperson for the organization or government whose assets were seized by the cyber privateer—has the "right of parley" with the head of the cyber privateering organization, such meeting to take place online in a two-way video conference, such conference to be publicly recorded by one or both parties and before the disposition of the booty but no later than 10 days from the confiscation.
  4. Innocent victims whose assets are directly and mistakenly confiscated by cyber privateers (and whose funds are not returned within 10-days after the parley) shall be compensated in an amount equal to four times their loss, with interest accruing on the restitution amount at the rate of twelve percent per annum. This does not include victims of the cyber criminals, since they were already victimized.
  5. Notifications and requests for parley must be unambiguously left by the cyber privateer so as to allow the right of parley to be exercised in a timely fashion.
I have also updated the Cyber Privateer Code on the website:

Wednesday, June 26, 2013

Data Exhaust Prediction: Oracle Will Acquire

The press conference where the two charter members of my Cyber Privateer Fantasy League, Larry Ellison and Marc Benioff, explain why Oracle and are combining for a "limited reconnaissance in force" (ie, tabling their rivalry for world domination to project joint power - see story here) is taking place as I write this. One thing no media maven has reported is the undercurrent of genuine friendship and mutual admiration that exists between Ellison and his protege Benioff. And one thing that NOBODY BUT ME is suggesting is the acquisition of by Oracle. I predicted this on October 11, 2011 (see my post here). Quoting myself:
Sometime in the next two years, three at the most, Oracle will acquire These two masters of PR really are friends and mutual admirers. In one of my long-ago conversations with Larry Ellison, we talked of Kurt Vonnegut's novel Cat's Cradle. In it, the emperor and his best friend have a stagnate society. To get things jump started again, the emperor (Ellison in this analogy) suggests to his best friend (Benioff) that the friend start a "religion of meaningless lies." The emperor will declare practice of the new religion a crime punishable by death (wink, wink). The friend agrees, starts the religion, and Voila! Suddenly they don't have a stagnate society anymore.

I bring up this analogy, because two masters of the game are having some very public fun. So get some popcorn and enjoy the show.
If this data exhaust says anything, it confirms a much bigger game is afoot. Time has passed. But three years won't be up until October 11, 2014 (about a year and a quarter). Stay tuned.

Tuesday, June 25, 2013

USA owes China an apology; but I surely don't!

The concerted effort by USA politicians and media to paint China as the "world bad cyber citizen" kind of backfired with the Snowden revelations. As Larry Ellison is reported to have said to Steve Jobs, "That moral high ground is expensive real estate." Not only does the U.S. owe China and apology, but they owe the American public an apology too. Because the only people who DID NOT know the extent of USA penetration of China's assets were…the American public. That's the trouble with spook shops and secret programs. All it takes is one whistle blower and the proverbial jig is up. And as I wrote recently, that's the trouble with PRISM (see my posting here).

Our cyber security policy should have been public (a la The Morgan Doctrine). Sure, I've been ragging on China since the beginning of this adventure. But I had the guts to put the skunk on the table and name the offending Chinese server IP addresses (see my November 11, 2010 posting here). For two-and-a-half years, I've called out the people who attacked me, and I've called them out with specifics. My publicly spanking the Chinese has gone unanswered. So I don't owe you guys any kind of apology. Yep, I'm taking your assault on my systems personally. In public. Selah.

But the U.S. owes you an apology. I'd like to think that's why Jon Huntsman resigned as ambassador to China, and why he's promoting "hacking back" as the proper deterrent to Chinese bad Internet citizenship (see my reporting of the New York Times story here). It's clear now, however, why the USA has not wholeheartedly adopted Huntsman's hack-back proposal. Who wants to put themselves in the crosshairs of their own policy?

Yeah, like Larry Ellison said: "That moral high ground is expensive real estate."

Monday, June 24, 2013

Snowden Data Exhaust Prediction

While no major media has carried the story yet, data exhaust from my pattern-based analytics platform indicates major Anonymous operations in behalf of NSA-nemesis Snowden are inevitable. Stay tuned for July entertainment.

Thursday, June 20, 2013

Reprise: Huawei walks into a Beltway bar…

Nearly a year and a half ago (specifically on Ocober 11, 2011—see my posting here), I offered $10 to the best shot at completing a joke that begins, "Huawei walks into a Beltway bar…" I didn't have any takers. But thanks to a U.K. Register headline yesterday (see the story here), I'll take my own shot:
Huawei's Richard Yu walks into a Beltway bar and shouts, "Hello, gents. I just wanted to announce that Huawei is acquired the cell phone manufacturing operation of Nokia." He tips his hat and exits the bar, whereupon six Nokia cell phones were unceremoniously dropped into full steins of beer.
Of course, Mr. Yu could make an absolute killing in the stock market if he shorted Nokia stock before making such an announcement. Who knows (or is that "Hu knows?"), but maybe Mr. Yu already did this before he talked to the reporter at his P6 announcement in London. Below is Nokia stock trading in today's aftermath:

Friday, June 14, 2013

The Trouble with PRISM

The trouble with our PRISM spying operation is, as illustrated in yesterday's Register article (see it here), is that it was SECRET. Which means that Snowden's assertion that we'd hacked the Chinese since 2009 would inevitably come out and undermine our foreign policy. It certainly wasn't secret from the Chinese. Or the Russians. Or the Iranians. No Grasshopper. It was just secret from the American public. Had our public policy been The Morgan Doctrine, then public Rules of Engagement (ROE) would have saved us a lot of embarrassment. Of course, it would have caused the "Beltway Bandits" serious revenue shortfalls, because we'd have made counter-hacking a money crop for the federal government, instead of the money pit it now is. Once again, let my "voice crying from the wilderness" suggest adherence to The Cyber Privateer Code of Conduct (read it here).

Monday, June 10, 2013

Possible Legal Defense of PRISM Leaker Edward Snowden

I'm flatly amazed at the seismic furor caused by the UK Gardian's citing Edward Snowden's outing of PRISM, given the lack of media attention given FBI Director Mueller's public attempt over 2 yeas ago to have Silicon Valley software companies build trap doors into their products (see my 2011 report here). Come on, media-tards! Just what do you think has been going on for the last two years?

If Snowden does manage to get himself extradited back to the U.S. for what the Guardian claims will be the risk of "major jail time" (see the story here), I would contend that his attorneys could argue that he did not technically violate the spirit of any NDAs he signed. Whenever I sign an NDA with a high-tech client, there is always a clause that says I'm not in violation of the agreement if the information I disclose is available through other publicly available sources.

I think one could reasonably infer the existence and functionality of PRISM from publicly available documents. I expect, though, that Snowden's trial will not be a public one.