Dailydave mailing list archives
Re: Fully Automated CONOPs Exercise
From: Pukhraj Singh via Dailydave <dailydave () lists aitelfoundation org>
Date: Fri, 29 Jan 2021 00:55:36 +0800
Folks like Joe Slowik <https://www.youtube.com/watch?v=n7XqxRXwFZ4&ab_channel=CYBERWARCON>, Grugq <https://www.blackhat.com/docs/webcast/12142017-the-triple-a-threat.pdf>and you <https://cybersecpolitics.blogspot.com/2016/09/the-stern-stewart-summit-germany-and.html>(Dave) have tried to articulate the CONOPS for worms since long. In their current forms, worms look like IO packages in full-spectrum missions. Ignoring technical problems like extreme target dependence <https://www.brookings.edu/wp-content/uploads/2018/10/978081573547_ch1.pdf> for worms, "harm" would always be defined at the policy level, and then technical. There is a reason why Defend Forward assumes that establishing "contact" in forward areas is a precursor to producing signals or effects (and that reason is not technical). That's also why SolarWinds was missed. You could have neatly placed (wormable) SolarWinds on the axis of Gerasimov Doctrine <https://www.militairespectator.nl/sites/default/files/afbeeldingen/Militairy%20Review%20Figuur%20Bartles.jpg> where "crisis reaction" morphs into "localisation" and "neutralisation" of conflict. A whole genre of Russian or Chinese doctrinal literature on noncontact operations is highly conducive for worms; but then, you can't see things in isolation. You start talking about things like systems-on-systems warfare. It becomes way more than just target discrimination and noncombatants. You enter an informational conflict (la US vs. Nicaragua). You start imbibing the Russian definition <https://www.mitre.org/sites/default/files/publications/pr-19-1004-russian-military-thought-concepts-elements.pdf> of asymmetricity and Creative Military Thought -- worms would fall under the same category as "inspection satellites." Everything becomes Reflexive Control. That's where the norms customary law would come from, such behavioral precedents. On Fri, Jan 29, 2021 at 12:13 AM Dave Aitel via Dailydave < dailydave () lists aitelfoundation org> wrote:
I mean, the goal of the question is to start putting some meat on the idea of what "harm" is and how that is reflected both from a policy and technical perspective. But also: It's useful to put some real definitions around what is required to make people comfortable with fully-automated techniques. I don't think the idea that we are going to come up with and enforce norms is as useful as figuring out what the norms really are sometimes, perhaps. -dave On Thu, Jan 28, 2021 at 12:39 AM Dave Dittrich <dave.dittrich () gmail com> wrote:Did any of them mention international humanitarian law, specifically discrimination, respecting territory of neutral ("green") actors and their infrastructure, and avoiding harm to neutral third parties and non-combatants? The problem with most worms is the inability to accurately discriminate targets and resulting harm. This is an area where technical experts need to be balanced with operators and policy makers to ensure that non-technical operators and policy makers fully understand what it is that they are talking about. And where use of *all* of the levers of sovereign power, in partnership with other nations, to establish and enforce norms, is crucial. Should we really consider unconstrained damage and instantaneous global chaos as "fun?" ;) On Wed, Jan 27, 2021 at 8:45 PM Dave Aitel via Dailydave <dailydave () lists aitelfoundation org> wrote:So one of my new fav questions to ask policy teams is what they woulddo if they were told to switch their offensive team entirely to worms. Nothing else. Just worms. What needs to change to make that happen - from op tempo to supply chain to personnel to policy and technological investment.And how would their defensive team need to change strategically if theywere facing such an offensive team.It's a fun thing to see people wrap their minds around. :) Also, if you missed it, yesterday's CYBER HOT TAKES are here: https://www.youtube.com/watch?v=hzcmfIgvj7A&t=2s&ab_channel=DaveAitel -dave _______________________________________________ Dailydave mailing list -- dailydave () lists aitelfoundation org To unsubscribe send an email todailydave-leave () lists aitelfoundation org -- Dave Dittrich @davedittrich dave.dittrich () gmail com https://davedittrich.github.io/_______________________________________________ Dailydave mailing list -- dailydave () lists aitelfoundation org To unsubscribe send an email to dailydave-leave () lists aitelfoundation org
_______________________________________________ Dailydave mailing list -- dailydave () lists aitelfoundation org To unsubscribe send an email to dailydave-leave () lists aitelfoundation org
Current thread:
- Fully Automated CONOPs Exercise Dave Aitel via Dailydave (Jan 27)
- Re: Fully Automated CONOPs Exercise Dave Dittrich via Dailydave (Jan 28)
- Re: Fully Automated CONOPs Exercise Dave Aitel via Dailydave (Jan 28)
- Re: Fully Automated CONOPs Exercise Pukhraj Singh via Dailydave (Jan 28)
- Re: Fully Automated CONOPs Exercise Dave Aitel via Dailydave (Jan 28)
- Re: Fully Automated CONOPs Exercise Dave Dittrich via Dailydave (Jan 28)