<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>I am not equating it with cyber warfare. It is petty theft the way it is done here .. Creating bogus fb accounts is not recognized as a legitimate marketing practice but that's about it. It is just remarkable that the same people were involved in both these activities, like say an armed bank robber that occasionally takes coins out of a blind beggars bowl.<br><br>--srs (iPad)</div><div><br>On 24-Mar-2013, at 7:16, "Ian Peter" <<a href="mailto:ian.peter@ianpeter.com">ian.peter@ianpeter.com</a>> wrote:<br><br></div><blockquote type="cite"><div>
<meta content="text/html; charset=utf-8" http-equiv="content-type">
<div dir="ltr">
<div style="FONT-FAMILY: 'Calibri'; COLOR: #000000; FONT-SIZE: 12pt">
<div>Suresh,</div>
<div> </div>
<div>I would expect anything is possible from a country that did Hiroshima, but
have no direct answers to your questions. </div>
<div> </div>
<div>As for pumping up likes on Facebook, that is called marketing and is
employed by just about every company I can think of. Surprised you equate it
with cyberwarfare (or is it only when Chinese do it it is cyberwarfare?) </div>
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; COLOR: #000000; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<div style="FONT: 10pt tahoma">
<div> </div>
<div style="BACKGROUND: #f5f5f5">
<div style="font-color: black"><b>From:</b> <a title="suresh@hserus.net" href="mailto:suresh@hserus.net">Suresh Ramasubramanian</a> </div>
<div><b>Sent:</b> Sunday, March 24, 2013 12:35 PM</div>
<div><b>To:</b> <a title="governance@lists.igcaucus.org" href="mailto:governance@lists.igcaucus.org">governance@lists.igcaucus.org</a> ;
<a title="diegocanabarro@gmail.com" href="mailto:diegocanabarro@gmail.com">Diego
Rafael Canabarro</a> </div>
<div><b>Cc:</b> <a title="ian.peter@ianpeter.com" href="mailto:ian.peter@ianpeter.com">Ian Peter</a> ; <a title="governance@lists.igcaucus.org" href="mailto:governance@lists.igcaucus.org">governance@lists.igcaucus.org</a>
</div>
<div><b>Subject:</b> Re: [governance] Tallin Manual - a Cyber Warfare
convention?</div></div></div>
<div> </div></div>
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; COLOR: #000000; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<div>Do you have evidence to the contrary, that the USA has actually targeted
civilian facilities for cyberwarfare, diego? Or else this becomes the
classic "prove that you don't beat your wife" conundrum.<br><br>As for china a
substantial part of their local crackers engage in everything from industrial
espionage to creating fake accounts on Facebook to artificially pump up the
'likes' for a product's Facebook page. This, from teams at least nominally
employed by the Chinese army for their own espionage and warfare.</div>
<div> </div>
<div><a href="http://www.thedailybeast.com/articles/2013/02/19/this-is-how-china-hacks-america-inside-the-mandiant-report.html">http://www.thedailybeast.com/articles/2013/02/19/this-is-how-china-hacks-america-inside-the-mandiant-report.html</a></div>
<div><br>--srs (iPad)</div>
<div><br>On 24-Mar-2013, at 3:42, Diego Rafael Canabarro <<a href="mailto:diegocanabarro@gmail.com">diegocanabarro@gmail.com</a>>
wrote:<br><br></div>
<blockquote type="cite">
<div>Just to add to that, I attach you one of the best articles in my humble
opinion. Mostly, because it is one of the few that enters the technicalities
of cyberspace to show how disguised are responses to cyber things.
<div> </div>
<div>There's also one thing that pisses me off.</div>
<div>When China allegedly hacks the US, that's evil. When the US performs
actions against countries in the Middle East, it is part of the good old
salvation! </div>
<div> </div>
<div>It is interesting to observe some commentators: the difference between
the two countries would be that "the US only targets military facilities, and
the bloody Chinese target civilian and military systems without distinction."
Evidence for that? Private sector reports and public officials speeches.
</div>
<div>
<div> </div>
<div>
<div> </div>
<div class="gmail_quote">On Sat, Mar 23, 2013 at 6:01 PM, Ian Peter <span dir="ltr"><<a href="mailto:ian.peter@ianpeter.com" target="_blank">ian.peter@ianpeter.com</a>></span> wrote:<br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">
<div dir="ltr">
<div dir="ltr">
<div style="FONT-FAMILY: 'Calibri'; FONT-SIZE: 12pt">
<div>A few more links on this </div>
<div> </div>
<div><a title="http://www.ccdcoe.org/249.html" href="http://www.ccdcoe.org/249.html" target="_blank">http://www.ccdcoe.org/249.html</a> – the full 215 page
document can be read on line here (the main download site appears to be
jammed)</div>
<div> </div>
<div><a title="http://blogs.computerworld.com/cyberwarfare/21945/rules-cyberwarfare-manual-hacktivists-can-be-killed-hacking-pacemakers-may-be-ok" href="http://blogs.computerworld.com/cyberwarfare/21945/rules-cyberwarfare-manual-hacktivists-can-be-killed-hacking-pacemakers-may-be-ok" target="_blank">http://blogs.computerworld.com/cyberwarfare/21945/rules-cyberwarfare-manual-hacktivists-can-be-killed-hacking-pacemakers-may-be-ok</a>
– a blog that includes the suggestion that hacking pacemakers is probably
OK</div>
<div> </div>
<div><a title="http://www.smh.com.au/it-pro/security-it/first-cyber-war-manual-released-20130320-2gegk.html" href="http://www.smh.com.au/it-pro/security-it/first-cyber-war-manual-released-20130320-2gegk.html" target="_blank">http://www.smh.com.au/it-pro/security-it/first-cyber-war-manual-released-20130320-2gegk.html</a>
– a three day old pre publication review.</div>
<div> </div>
<div> </div>
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<div style="FONT: 10pt tahoma">
<div><font size="3" face="Calibri"></font> </div>
<div style="BACKGROUND: #f5f5f5">
<div><b>From:</b> <a title="ian.peter@ianpeter.com" href="mailto:ian.peter@ianpeter.com" target="_blank">Ian Peter</a> </div>
<div><b>Sent:</b> Sunday, March 24, 2013 8:30 AM</div>
<div><b>To:</b> <a title="diegocanabarro@gmail.com" href="mailto:diegocanabarro@gmail.com" target="_blank">Diego Rafael
Canabarro</a> ; <a title="governance@lists.igcaucus.org" href="mailto:governance@lists.igcaucus.org" target="_blank">governance@lists.igcaucus.org</a> </div>
<div>
<div class="h5">
<div><b>Subject:</b> Re: [governance] Tallin Manual - a Cyber Warfare
convention?</div></div></div></div></div>
<div> </div></div>
<div>
<div class="h5">
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<div dir="ltr">
<div style="FONT-FAMILY: 'Calibri'; FONT-SIZE: 12pt">
<div>Thanks for sharing that paper Diego – you raise some interesting and
important points.</div>
<div> </div>
<div>My own personal approach to this is cyber-quaker - all cyberwarfare is
immoral. However I appreciate and support interventions like those of the
Red Cross that suggest we try to at least stem the worst of behaviours in
this sea of immorality, and create some rules. </div>
<div> </div>
<div>Tallinn falls a long way short because it doesnt understand
cyber-infrastructure and its inter-connectedness. Lots of other reasons too,
and as Parminder points out this is the powerful voices and many more are
not being heard or considered. Not sure of the way forward here, but the
Tallinn approach involves significant human rights issues as you say..
</div>
<div> </div>
<div>Ian Peter</div>
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<div style="FONT: 10pt tahoma">
<div> </div>
<div style="BACKGROUND: #f5f5f5">
<div><b>From:</b> <a title="diegocanabarro@gmail.com" href="mailto:diegocanabarro@gmail.com" target="_blank">Diego Rafael
Canabarro</a> </div>
<div><b>Sent:</b> Sunday, March 24, 2013 5:32 AM</div>
<div><b>To:</b> <a title="governance@lists.igcaucus.org" href="mailto:governance@lists.igcaucus.org" target="_blank">governance@lists.igcaucus.org</a> ; <a title="suresh@hserus.net" href="mailto:suresh@hserus.net" target="_blank">Suresh Ramasubramanian</a>
</div>
<div><b>Cc:</b> <a title="parminder@itforchange.net" href="mailto:parminder@itforchange.net" target="_blank">parminder</a> </div>
<div><b>Subject:</b> Re: [governance] Tallin Manual - a Cyber Warfare
convention?</div></div></div>
<div> </div></div>
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<div>I would like to share a paper which is be presented at the MPSA Annual
Convention. We aim at evaluating three widespread claims surrounding
cyberwarfare. And we briefly evaluate the case of Brazil. As it is a draft
paper, please, feel free to add to that as much as you deem necessary.
(paper attached) Intellectual production on the field is either
overwhelmingly carried by (or performed in replication of) reports of
governmental and intergovernmental agencies. </div>
<div> </div>
<div>Maybe the greatest task for civil society is to push a qualitative
discussion of the issue of agency on cyberspace, as well as of the real
scope of different sorts of activities. Technically and politically
speaking.</div>
<div> </div>
<div>Despite of my strong disagreement with great part of the Tallin Report
(and with NATO approach as a whole), it is really important to have such
discussions conducted in an open manner. Specially because some of the
tenets of cybersecurity orthodoxy endanger loads of fundamental rights.
</div>
<div> </div>
<div>
<div> </div>
<div class="gmail_quote">On Sat, Mar 23, 2013 at 12:53 PM, Suresh
Ramasubramanian <span dir="ltr"><<a href="mailto:suresh@hserus.net" target="_blank">suresh@hserus.net</a>></span> wrote:<br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">
<div>
<div>If civil society can speak knowledgeably in this area, its inputs
would be welcomed in a multitude of fora engaged on this issue. I
have not, unfortunately, seen much of that on this list at any rate.</div>
<div> </div>
<div>To answer Ian's comment, there is a distressing trend in more than
one nation to use non state actors (including criminal botmasters) to
carry out ddos attacks and break into foreign networks for
espionage, this is more or less similar to other nations using
jehadis and mujahideen to carry out attacks that would be politically and
strategically infeasible for their armed forces to carry out.</div>
<div> </div>
<div>So while some of the models could do with an update, it is absolutely
essential that this practice be internationally recognized as
unacceptable.<br><br>--srs (iPad)</div>
<div>
<div>
<div><br>On 23-Mar-2013, at 14:44, parminder <<a href="mailto:parminder@itforchange.net" target="_blank">parminder@itforchange.net</a>> wrote:<br><br></div>
<blockquote type="cite">
<div>
<div> </div>
<div>On Saturday 23 March 2013 11:43 AM, Ian Peter wrote:<br></div>
<blockquote type="cite">
<div dir="ltr">
<div style="FONT-FAMILY: 'Calibri'; FONT-SIZE: 12pt">
<div>I just read through the principles outlined in this document and
am extremely concerned at some of the implications of extending normal
warfare “principles” to cyber infrastructure, attempts to define
territoriality in this space, and some of the concepts that applied in
guns and warships style conflicts being extended into cyberspace –
like combatants wearing uniforms to distinguish themselves from
civilians. And many other arguments based on 1940s international law
that really should not apply.</div>
<div> </div>
<div>This, unfortunately, is a document from “credible” sources and is
likely to have impact on NATO thinking. Therefore it is extremely
concerning. I am interested in the reactions of people on this list
who are more knowledgeable in this
area.</div></div></div></blockquote><br>I dont claim to be more
knowledgeable, but from the little I know how political affairs get
conducted: it is best to have larger, more open discussions on such
issues, where the less powerful countries are also involved. While some
were always more equal then others, the trend has worsened in the IG
space, where it is also almost normatively accepted that it is ok that
the game be played among the biggies. Civil society normally plays the
normative and democracy-seeking role, and expanding global governance
spaces to include smaller countries equally, but regrettably, not in the
IG space.<br><br>Secondly, and there have been some strange comments in
this regard as late as in the last few day - lets understand and accept
that Internet governance is not about some rather insignificant issue of
CIRs management, it is about so many much bigger issues, very central to
the future of our societies. Again, civil society has a big role in
defining this larger issue-scape rather than digging our collective head
in the CIR sands, becuase it gives us a very good and saleable slogan of
'mutistakeholderism is sought to be replaced by UN inter-gov-ism'. And
the most powerful countires want us to keep using this slogan
exclusively and do nothing else. In all other IG areas, the strong
control of Northern governments on how our future is evolving is so very
clear that is does not admit to 'MSism being replaced by UNism" slogan,
and thus civil society should be kept away from grasping and taking up
these more important other IG issues. <br><br><br>parminder <br>
<blockquote type="cite">
<div dir="ltr">
<div style="FONT-FAMILY: 'Calibri'; FONT-SIZE: 12pt">
<div> </div>
<div>Ian Peter</div>
<div style="FONT-STYLE: normal; DISPLAY: inline; FONT-FAMILY: 'Calibri'; FONT-SIZE: small; FONT-WEIGHT: normal; TEXT-DECORATION: none">
<div style="FONT: 10pt tahoma">
<div> </div>
<div style="BACKGROUND: #f5f5f5">
<div><b>From:</b> <a title="ian.peter@ianpeter.com" href="mailto:ian.peter@ianpeter.com" target="_blank">Ian Peter</a>
</div>
<div><b>Sent:</b> Saturday, March 23, 2013 1:40 PM</div>
<div><b>To:</b> <a title="governance@lists.igcaucus.org" href="mailto:governance@lists.igcaucus.org" target="_blank">governance@lists.igcaucus.org</</a></div></div></div></div></div></div></blockquote></div></blockquote></div></div></div></blockquote></div></div></div></div></div></div></div></div></div></div></div></blockquote></div></div></div></div></blockquote></div></div></div></div></blockquote></body></html>