Re: Technology risk without safeguards

[Suresh Kalkunte <sskalkunte () gmail com>]

> There is other venues to work this out
> "safely", IMHO.
I started this effort for safeguards in July 2007. Until 2018, I did
exactly what you mention. The FCC's Office of Engineeting and Technology in
2015 has been the only government agency that replied to my email query on
jurisdiction stating the FCC does not regulate/enforce negative
improvisation of outdoor high power wireless transmitters. By 2018, I had
collected sufficient supporting data that was burdensome to send via email
and absent response of multiple governments to address this significant gap
in rule of law prompted me to put up the website competitionunlimited on
Wordpress.

If some institution innumerable to count had agreed to investigate, I would
be very content writing code for commercial data communication systems
which is what took me to the U.S. in 1994. During my overseas deployments
with the U.S. Army National Guard, my reports to higher regarding
vulnerabilities was consistently met with unambiguous
response/acknowledgement indicating my concern is being investigated. Since
I have not had that benefit from civilian organizations, I finally reasoned
that common awareness reduces the element of surprise from an incognito
perpetrator.

Please note that I have wrestled with "Maybe someone is just looking for
"inspiration"" for almost 13 years before bringing this to your collective
notice today.

On Wednesday, November 4, 2020, Alain Hebert <ahebert () pubnix net> wrote:

>     Maybe someone is just looking for "inspiration".
>
>     There is other venues to work this out "safely", IMHO.
>
> -----
> Alain Hebert                                ahebert () pubnix net
> PubNIX Inc.        50 boul. St-Charles <https://www.google.com/maps/search/50+boul.+St-Charles?entry=gmail&source=g>
> P.O. Box 26770     Beaconsfield, Quebec     H9W 6G7
> Tel: 514-990-5911  http://www.pubnix.net    Fax: 514-990-9443
>
> On 11/4/20 12:24 PM, Matt Harris wrote:
>
> Matt Harris​
> | Infrastructure Lead Engineer
> 816‑256‑5446
> | Direct
> Looking for something?
> *Helpdesk Portal* <https://help.netfire.net/>
> | *Email Support* <help () netfire net>
> | *Billing Portal* <https://my.netfire.net/>
> We build and deliver end‑to‑end IT solutions.
> On Wed, Nov 4, 2020 at 10:48 AM Suresh Kalkunte <sskalkunte () gmail com>
> wrote:
>
> > Hello,
> >
> > I believe the below described method of causing intentional (1) damage to
> > equipment in data centers and (2) physical injury to a person at the
> > workplace is on-topic for the NANOG community, if not, I look forward to
> > your feedback. As a software developer who has subscribed to the NANOG
> > mailing list for a number of years, I post this note relying on
> > intellectual honesty that I have had the opportunity to observe since
> > 1996-97.
> >
> > The below described technology risk is applicable to
> > computing/communication equipment rendered vulnerable by Intentional
> > Electromagnetic Interference (jamming an electronic device) and the risk of
> > health sabotage affecting people (jamming a human) managing the Internet
> > infrastructure enabled by intentional application of powerful
> > radiofrequency fields (RF) emitted by re-purposed components salvaged from
> > a kitchen heating appliance (Magnetron) or from an outdoor high gain/power
> > Line of sight transceiver (unidirectional microwave radio) which has a harm
> > causing range up to 25 meters (estimated using a Spectral Power Density
> > calculator like www.hintlink.com/power_density.htm).
> >
> > This risk from mis-application of powerful RF is from human operated or
> > IoT apparatus** with an avenue of approch from (a) subterrain placement
> > aided by a compact/mini directional horizontal drilling machine (eg.
> > principle of placing a stent in the heart) and/or (b) strategic placement
> > in an obscure over-surface location to maximize negative impact on the
> > target of opportunity.
> >
> > With building materials or ground offer insufficient* protection to block
> > the passage of powerful RF and the absence of diagnostic/forensic tests to
> > detect biomarkers expressed post-overexposure to harmful RF  (combination
> > of RF frequency, Spectral Power Density/Specific Absorption Rate incident
> > on a person and duration of exposure), intentional damage to electronic
> > equipment and people is at present unrestricted.
> >
> > The purpose of bringing this method of exploting technology to your
> > attention is with an interest to build the momentum for ushering in the
> > much needed safeguards in this context.
>
> While I'm a bit confused as to what this message is trying to ultimately
> get at, it should be noted that folks who work with RF communications
> equipment and other EM emitters which are strong enough to cause harm to a
> person are generally well aware of the necessary precautions and take them
> on a day to day basis when working with this equipment. If there's evidence
> that some part of our industry is ignoring or failing to train their team
> members on safety best practices, then let's hear that out specifically and
> I'm all for working to rectify that.
>
> On the other hand, the post seems to hint at intentionally using high
> powered RF to inflict intentional harm on a person or to jam communications
> signals. The former is relatively difficult to do by virtue of the amount
> of power necessary. Quite basically, there are much easier ways to go about
> injuring someone if that's what you want to do. Of course, intentionally
> injuring another person is a criminal act in just about every jurisdiction.
> As far as the latter goes, the ability to jam RF communications has existed
> for as long as RF communication has, and the knowledge of how to accomplish
> it is relatively widespread. It is also illegal in the US and most likely
> many other jurisdictions as well, and in the US the FCC has enforcement
> power with the ability to levy some pretty hefty fines on anyone who does
> so, even inadvertently though negligent practices.
>
> The post states that their intention is to "build the momentum for
> ushering in the much needed safeguards in this context." but lacks
> specificity with regard to what safeguards they propose beyond the
> legal/regulatory ones that already exist, so I'm not sure what more can
> really be said here.