Bitter party of one? Elisabetta Canalis did NOT want her ex-lover George Clooney to take home Oscar gold last night … telling out photog she was rooting for another man … Quentin Tarantino.
Bitter party of one? Elisabetta Canalis did NOT want her ex-lover George Clooney to take home Oscar gold last night … telling out photog she was rooting for another man … Quentin Tarantino.
NATO leads efforts to bring stability in its ongoing missions in the Balkans, Afghanistan, and Iraq.
Legal Advisers serve as key members of a Commander‘s staff in the complex legal and political environment that NATO operates. The challenges NATO Commanders and legal adviser face to fulfil mandates, accomplish missions, and support the rule of law in embryonic and fragile democratic governments requires discussion, understanding and the documentation of practical solutions.
The NATO Legal Deskbook is published by the Office of the Legal Adviser, Allied Command Transformation Staff Element Europe (Mons) with the active support and help of the Office of the Legal Adviser, Headquarters Allied Commander Transformation (HQ SACT, Norfolk, USA) and the Office of the Legal Adviser, Supreme Headquarters Allied Powers Europe (SHAPE, Mons, Belgium), as well as many legal advisers in NATO and in the Member States or in other official or academic positions outside NATO.
Why a NATO Legal Deskbook?
Two re-occurring themes surface in after-action reports from exercises and operations. The first is that NATO Commanders and staffs naturally and increasingly turn to the Legal Advisers to help plan, execute, coordinate, evaluate, and support the assigned mission. The second is that no single doctrinal resource exists in NATO to assist legal practitioners in the fulfilling of this task. Although several Alliance members have produced such guides, before the NATO Legal Deskbook none existed for Legal Advisers and legal personnel assigned to NATO commands.
Whether doctrinally ready or not, the Alliance calls upon NATO Legal Advisers and staffs to advise and, often, help direct the execution of the legal component of a mission or mandate. NATO owes these attorneys, paralegals, and legal personnel, who work under often austere and demanding conditions, practical guidance in the form of a comprehensive resource that provides an overview and insight on the legal regime that forms NATO practice. Fulfilling this need is the genesis, purpose and rational for this practitioner‘s guide.
What this Deskbook is not:
This Deskbook is not NATO policy or military doctrine for legal support to operations.
The Deskbook intends to reflect as closely as possible the policies and practice of NATO in legal matters, however, the Deskbook is not a formally approved NATO document and therefore shall not be deemed as reflection of the official opinion or position of NATO.
The practitioner‘s guide is not intended to offer guidance or advice to other military professionals involved in operations. It was written by Legal Advisers for Legal Advisers and legal staff. Its scope and purpose is limited to providing the military legal subject matter experts assistance in the accomplishment of the mission. While others may find the guide helpful, they should understand it is not a tutorial. Fundamental legal principles, standard practices of interpretation, and basic legal practices are assumed as matters already known by its intended audience: the Legal Adviser, legal assistant, or paralegal.
This practitioner‘s guide does not offer an all-inclusive formula on how to advise a NATO commander on any particular aspect of the law, nor is it intended to supplant national guidance. Instead, the guide pre-supposes that Legal Advisers will continue to find themselves providing legal support to operations and missions in a variety of different circumstances, environments, and locations. The guide and its contents must therefore be flexible and geographically universal in application.
Monty Python and the knights of the Holy Grail – Full MOVIE
Check out this photo of a sexy, hot celeb stepping out of a car so that all you can see is her cleavage. Can you guess who it is? You get one hint: It’s not Bette Midler.
The Chinese army has launched hundreds of cyber-attacks against western companies and defence groups from a nondescript office building in Shanghai, according to a report that warns hackers have stolen vast amounts of data from their targets.
Mandiant, a security company that has been investigating attacks against western organisations for over six years, said in a report (PDF)the attacks came from a 12-storey building belonging to the People’s Liberation Army (PLA) general staff’s department, also known as Unit 61398.
Mandiant said it believed a hacking network named the Comment Crew or the Shanghai Group was based inside the compound, in a rundown residential neighbourhood. Although the report fails directly to place the hackers inside the building, it argues there is no other logical reason why so many attacks have emanated from such a small area.
“It is time to acknowledge the threat is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively,” said the report.
The discovery will further raise the temperature in the intergovernmental cyberwars, which have heated up in recent years as the US, Israel, Iran, China and UK have all used computer subterfuge to undermine rival state or terrorist organisations. One security expert warned that companies in high-profile fields should assume they will be targeted and hacked, and build systems that will fence sensitive data off from each other.
Rik Ferguson, global vice-president of security research at the data security company Trend Micro, said: “We need to concentrate less on building castles and assuming they will be impervious, and more on building better dungeons so that when people get in they can’t get anything else.” .
Mandiant says Unit 61398 could house “hundreds or thousands” of people and has military-grade, high-speed fibre-optic connections from China Mobile, the world’s largest telecoms carrier. “The nature of Unit 61398’s work is considered by China to be a state secret; however, we believe it engages in harmful computer network operations,” Mandiant said in the report.
It said Unit 61398 had been operating since 2006, and was one of the most prolific hacking groups “in terms of quantity of information stolen”. This it estimated at hundreds of terabytes, enough for thousands of 3D designs and blueprints.
“APT1”, as Mandiant calls it, is only one of 20 groups Mandiant says has carried out scores of hacking attacks against businesses and organisations in the west, including companies that work in strategic industries such as US power and water infrastructure.
A typical attack would leave software that hid its presence from the user or administrator and silently siphon data to a remote server elsewhere on the internet at the instruction of a separate “command and control” (C&C) computer. By analysing the hidden software, the pattern of connections and links from the C&C server, the team at Mandiant said they were confident of the source of the threat.
A Chinese foreign ministry spokesman denied the government was behind the attacks, saying: “Hacking attacks are transnational and anonymous. Determining their origins is extremely difficult. We don’t know how the evidence in this so-called report can be tenable. Arbitrary criticism based on rudimentary data is irresponsible, unprofessional and not helpful in resolving the issue.”
But Ferguson told the Guardian: “This is a pretty compelling report, with evidence collected over a prolonged period of time. It points very strongly to marked Chinese involvement.”
Mandiant, based in Alexandria, Virginia, in the US, investigated the New York Times break-in, for which it suggested Chinese sources could be to blame.
President Barack Obama is already beefing up US security, introducing an executive order in his State of the Union speech this month that would let the government work with the private sector to fend off hacking. But it will take until February 2014 to have a final version ready for implementation.
The revelation comes days after the New York Times, Wall Street Journaland Washington Post, as well as the social networks Facebook and Twitter, said they had been subjected to “highly sophisticated” hacks that in some cases focused on correspondents writing about China and its government.
Separate investigations by the computer company Dell, working with the news company Bloomberg, tracked down another alleged hacker, Zhang Changhe, who has written a number of papers on PC hacking. Zhang works at the PLA’s “information engineering university” in Zhengzhou, Henan province, north-central China.
The allegations will raise the temperature in the continuing cyberwar between the west and China, which has been steadily rising since the Pentagon and MI6 uncovered Titan Rain, a scheme that tried to siphon data from the Pentagon and the House of Commons in 2006, and which one security expert said at the time dated back at least to 2004.
Ferguson suggested that western governments were also carrying out attacks against Chinese targets – “but that’s not a culture which would open up about being hit. I would be surprised and disappointed if most western nations don’t have a cybersecurity force.”
The Stuxnet virus, which hit Iran’s uranium reprocessing plant in 2010, is believed to have been written jointly by the US and Israel, while Iranian sources are believed to have hacked companies that issue email security certificates so that they can crack secure connections used by Iranian dissidents on Google’s Gmail system. China is also reckoned to have been behind the hacking of Google’s email servers in that country in late 2009, in an operation that files from WikiLeaks suggested was inspired by the Beijing government.
2004 suspected: Chinese group in Shanghai begins probing US companies and military targets.
2005: “Titan Rain” pulls data from the Pentagon’s systems, and a specialist says of a December 2005 attack on the House of Commons computer system that “The degree of sophistication was extremely high. They were very clever programmers.”
2007: Estonia’s government and other internet services are knocked offline by a coordinated attack from more than a million computers around the world – reckoned to have been run from a group acting at the urging of the Russian government. Nobody is ever arrested over the attack.
2008: Russia’s government is suspected of carrying out a cyberattack to knock out government and other websites inside Georgia, with which it is fighting a border skirmish over the territory of Ossetia.
December 2009: Google’s email systems in China are hacked by a group which tries to identify and take over the accounts of Chinese dissidents. Google withdraws its search engine from the Chinese mainland in protest at the actions. Wikileaks cables suggest that the Chinese government was aware of the hacking.
2010: The Flame virus begins silently infecting computers in Iran. Itincorporates cutting-edge cryptography breakthroughs which would require world-class experts to write. That is then used to infect Windows PCs via the Windows Update mechanism which normally creates a cryptographically secure link to Microsoft. Instead, Flame puts software that watches every keystroke and frame on the PC. Analysts say that only a “wealthy” nation state could have written the virus, which breaks new ground in encryption.
The Stuxnet worm is discovered to have been affecting systems inside Iran’s uranium reprocessing establishment, passing from Windows PCs to the industrial systems which control centrifuges that separate out heavier uranium. The worm makes the centrifuges spin out of control, while suggesting on their control panel that they are operating normally – and so break them. Iran denies that the attack has affected its project. The US and Israel are later fingered as being behind the code.
September 2011: a new virus that silently captures data from transactions in Middle Eastern online banking is unleashed. The principal targets use Lebanese banks. It is not identified until August 2012, when Russian security company Kaspersky discovers the name “Gauss” embedded inside it. The company says the malware it is “nation state-sponsored” – probably by a western state seeking to trace transactions by specific targets.
2012: About 30,000 Windows PCs at Saudi Aramco, the world’s most valuable company, are rendered unusable after a virus called “Shamoon” wipes and corrupts data and the part of the hard drive needed to “bootstrap” the machine when it is turned on. In the US, Secretary of Defense Leon Panetta described Shamoon as “one of the most destructive viruses ever” and suggested it could be used to launch an attack as destructive as the 9/11 attacks of 2001.
The across-the-board budget cuts known as sequestration that are expected to take effect on March 1 could impede the government's ability to respond to WikiLeaks and to rectify the flaws in information security that it exposed, a Pentagon official told Congress recently. Zachary J. Lemnios, the assistant secretary of defense for research and engineering, was asked by Sen. Rob Portman (R-Ohio) to describe the "most significant" impacts on cybersecurity that could follow from the anticipated cuts to the Pentagon's budget. Mr. Lemnios replied that "cuts under sequestration could hurt efforts to fight cyber threats, including [...] improving the security of our classified Federal networks and addressing WikiLeaks." http://www.fas.org/irp/congress/2012_hr/fydp-42.pdf The sequester could also interfere with the Comprehensive National Cybersecurity Initiative that began under President Bush, he said, and could hold up plans to "initiat[e] continuous monitoring of unclassified networks at all Federal agencies." Mr. Lemnios' response to Sen. Portman's question for the record (which had not specifically mentioned WikiLeaks) followed a March 2012 Senate Armed Services Committee hearing on Emerging Threats and Capabilities that was published in December 2012 (at page 42). http://www.fas.org/irp/congress/2012_hr/fydp.pdf Generally speaking, computer security within the military is a daunting problem, Mr. Lemnios told the Committee, particularly since "The Department operates over 15,000 networks and 7 million computing devices across hundreds of installations in dozens of countries around the globe." The challenge of cybersecurity cannot be fully described in public, said Dr. Kaigham J. Gabriel of DARPA. "The complete picture requires a discussion at the special access level." But he told the Committee last year that several basic points can be openly acknowledged: "Attackers can penetrate our networks: In just 3 days and at a cost of only $18,000, the Host-Based Security System" -- the Pentagon's baseline computer security system -- "was penetrated." "User authentication is a weak link: 53,000 passwords were provided to teams at Defcon; within 48 hours, 38,000 were cracked." "The Defense supply chain is at risk: More than two-thirds of electronics in U.S. advanced fighter aircraft are fabricated in off-shore foundries." "Physical systems are at risk: A smartphone hundreds of miles away took control of a car's drive system through an exploit in a wireless interface." "The United States continues to spend on cybersecurity with limited increase in security: The Federal Government expended billions of dollars in 2010, but the number of malicious cyber intrusions has increased." Though it was presumably not intentional, the WikiLeaks project galvanized government information security programs and accelerated efforts to devise "insider threat" detection mechanisms, along with intensified surveillance of classified and unclassified government computer networks. "New classes of anomaly detection methods have been developed and are based on aggregating events across time and multiple sources to identify network and host-based behavior that might be malicious," James S. Peery of Sandia National Laboratories told the Senate Armed Services Committee at last year's hearing. "These approaches and behavioral-based methods have been successful in finding previously undiscovered malware." "One drawback of this technology, though, is that it has a very high false positive rate," he said. OPEN ACCESS TO SCIENTIFIC RESEARCH ADVANCES Government-sponsored scientific research published in expensive journals should become more readily accessible to the public under an initiative announced by the White House Office of Science and Technology Policy on Friday. http://www.fas.org/sgp/obama/sciaccess.pdf Federal agencies that fund at least $100 million per year in scientific research were directed by White House science advisor John Holdren to develop plans to make the results of such research publicly available free of charge within a year of original publication. "The logic behind enhanced public access is plain," Dr. Holdren wrote in response to a public petition on the White House web site. "We know that scientific research supported by the Federal Government spurs scientific breakthroughs and economic advances when research results are made available to innovators. Policies that mobilize these intellectual assets for re-use through broader access can accelerate scientific breakthroughs, increase innovation, and promote economic growth." But the benefits of open access are not the sole consideration in the new policy. "The Administration also recognizes that publishers provide valuable services, including the coordination of peer review, that are essential for ensuring the high quality and integrity of many scholarly publications. It is critical that these services continue to be made available." "We wanted to strike the balance between the extraordinary public benefit of increasing public access to the results of federally-funded scientific research and the need to ensure that the valuable contributions that the scientific publishing industry provides are not lost," Dr. Holdren wrote. The resulting policy mandating free public access within 12 months of publication is the result of an attempt to balance those competing interests, and it too is subject to future modification "based on experience and evidence." COMMENTS SOUGHT ON OVERSIGHT OF "DUAL USE" BIO RESEARCH Members of the public are invited to comment on the feasibility and desirability of various forms of institutional oversight at federally-funded institutions that perform research involving certain pathogens or toxins. "Certain types of research that are conducted for legitimate purposes may also be utilized for harmful purposes. Such research is called 'dual use research'," said a Notice filed in the Federal Register Friday by the Office of Science and Technology Policy. http://www.fas.org/sgp/news/2013/02/ostp-dual.html "Dual use research of concern (DURC) is a smaller subset of dual use research defined as life sciences research that, based on current understanding, can be reasonably anticipated to provide knowledge, information, products, or technologies that could be directly misapplied to pose a significant threat with broad potential consequences to public health and safety, agricultural crops and other plants, animals, the environment, materiel, or national security," the OSTP Notice explained. The term "dual use research of concern" should not be taken in a pejorative sense, OSTP said. "Research that meets the definition of DURC often increases our understanding of the biology of pathogens and makes critical contributions to the development of new treatments and diagnostics, improvements in public health surveillance, and the enhancement of emergency preparedness and response efforts. Thus, designating research as DURC should not be seen as a negative categorization, but simply an indication that the research may warrant additional oversight in order to reduce the risks that the knowledge, information, products, or technologies generated could be used in a manner that results in harm. As a general matter, designation of research as DURC does not mean that the research should not be conducted or communicated." In the February 22 Federal Register Notice, OSTP posed a series of questions concerning potential oversight arrangements for dual use research of concern and solicited feedback from interested members of the public. _______________________________________________ Secrecy News is written by Steven Aftergood and published by the Federation of American Scientists. The Secrecy News Blog is at: http://www.fas.org/blog/secrecy/ To SUBSCRIBE to Secrecy News, go to: http://www.fas.org/sgp/news/secrecy/subscribe.html To UNSUBSCRIBE, go to http://www.fas.org/sgp/news/secrecy/unsubscribe.html OR email your request to firstname.lastname@example.org Secrecy News is archived at: http://www.fas.org/sgp/news/secrecy/index.html Support the FAS Project on Government Secrecy with a donation: http://www.fas.org/member/donate_today.html _______________________ Steven Aftergood Project on Government Secrecy Federation of American Scientists web: www.fas.org/sgp/index.html email: email@example.com voice: (202) 454-4691 twitter: @saftergood
Unveiled by Cryptome – USA v Twitter, Appelbaum et al Effective Today
Download the original document below: