Posts

Thursday: Repetition

/20 Comments/in , /by

A little Prince to make the painful repetition a little easier to take.

By repetition I mean what’s happening in Puerto Rico compared to what has already happened in Michigan.

Some of Michigan’s most financially distressed cities were forced to accept emergency managers, supplanting the cities’ democratically elected officials. Under state law, EMs were the sole point of power and authority for administration until the cities were deemed financially viable. We all know how that turned out; in Flint’s case, ten people died from Legionnaire’s disease and roughly 8000 kids will pay for the incompetence of the emergency management scheme for the rest of their lives due to the permanent effects of lead poisoning. The incompetence is further magnified by governmental bodies’ failure to do the right thing to completion, while continuing to milk the city and state of more money to no effect.

Witness the state attorney general Bill Schuette now asking for $3.4 million to investigate what can already be easily seen in records released to date. The assessments made so far have been equally wrong — like Schuette’s office suing two consulting firms when documentation clearly shows outright stupidity in contract management or malfeasance on the part of government was the real problem. And none of Flint’s water problems would have happened had not the city been forced off Detroit’s water by the state treasurer’s office, which rejected a last-minute offer far cheaper than construction of the new Karegnondi water line. Seeing this doesn’t need millions of dollars, only ethics.

Puerto Rico — with a population smaller than Los Angeles in an area a little smaller than Connecticut — is now undergoing a similar loss of democracy for similar reasons of financial distress. The territory is $73 billion in debt caused in no small part by suffocating federal policies. The U.S. Senate just voted to supplant Puerto Rico’s elected officials’ authority with a team of managers. They had too little democracy as it was before this schema, not having the same kind of representation that the fifty states have; many of the financial limitations Puerto Rico faces have been directly related to the territory’s inability to regulate commerce.

The economic hitmen have won. Now the vultures descend.

The galling part is this approach is called PROMESA (Puerto Rico Oversight, Management, and Economic Stability Act) — a promise. Brace yourselves, Puerto Ricans, at least they’ve warned you. Que Dios tenga misericordia porque los buitres no lo hará.

Odd lots
I’ve got a bunch of stray cats and dogs here that didn’t fit under any theme so far this week. In other words, there wasn’t much repetition. Make of them what you will.

Thank goodness tomorrow is Friday and I can indulge in a little jazz. See you then.

Wednesday Morning: Quelle couleur est-ce?

/20 Comments/in , /by

I think vestigially there’s a synesthete in me, but not like a real one who immediately knows what colour Wednesday is. — A. S. Byatt

A lot of people will ask what day it is today, but few will ask what color.

Ed Walker put up a great post late last evening, one that deserves more oxygen. Do check it out.

Hospital held hostage for millions by ransomware
Hey Hollywood! A hospital in your backyard has been “infected” with ransomware, their enterprise system tied up until administration coughs up $3.6 million.* Didn’t see that coming, huh? Law enforcement is involved, though if they haven’t managed to resolve other smaller ransomware attacks, they won’t solve this before it critically affects patients’ care.

This is a pretty good (if unfortunate) example of business continuity crisis. Remember Y2K and all the hullaballoo about drills and testing for enterprise failure? We still need that kind of effort on a regular basis; how do you run your biz if all electronics go dark, for any reason?

(* US articles say $3.6M; CAN article linked says $5M. Currency difference, or an increase in the demand?)

Google found critical vulnerability in GNU C Library
CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow” Huh? What? If you read Google’s blog post about this yesterday, you were probably scratching your head. Some Googlers struggle with writing in plain English. Here’s what tech news outlets interpreted from that google-degook:

Ars Technica: “Extremely severe bug leaves dizzying number of software and devices vulnerable
BBC: “Glibc: Mega bug may hit thousands of devices
Threatpost: “Critical glibc Vulnerability Puts All Linux Machines at Risk

In a nutshell, if you’re running Linux, patch your systems, stat.

Petroleum’s still a problem

  • Iran’s not going along with Saudi-Russia-OPEC agreement on oil production limits. Iran wants to return to pre-sanction production levels before it makes any concessions.
  • Oil glut and tanked prices creates secondary challenges. Saudi’s youth now have entirely different prospects for employment now that oil cannot guarantee national wealth or careers with good pay. Will this cause political volatility in RSA? Wonder what will happen in smaller oil-producing countries like Venezuela and Ecuador?
  • Weird outliers buck trend: Indian oil producer Chennai had a strong Q3, and First American Bank more than doubled its stake in oil development firm Anadarko. Neither of these stories make sense when oil prices have and are plummeting and show no solid sign of improvement in the next year-plus.

TBTF is still too TBTF
Neel Kashkari, Minneapolis Fed Reserve president, called for the breakup of Too-Big-to-Fail banks yesterday, as they are still a risk to the economy. Didn’t see that coming from a fed president, especially Kashkari.

Biggest tech story today: Judge ordered Apple to help hack San Bernadino gunman’s phone
Apple’s been fighting government pressure on backdoors to its products. The fight intensified after federal judge Sheri Pym ordered Apple to cooperate with the FBI to unlock encryption on a county-owned phone used by San Bernadino gunman Syed Farook. Begs the question why any government agency — local, state, or federal — would ever issue a phone with encryption the government could not crack in the first place. Seems like one answer is a government- and/or business-specific encryption patch to iOS: [IF phone = government-issued, THEN unlock with government-issued key]. Same for business-issued phones. Your own personal phone, not issued by a government agency or business? No key, period.

Phew. That’s enough for a Wednesday. Hope we can coast downhill from here.

Tuesday Morning: I Don’t Want It Good

/18 Comments/in , /by

I don’t want it good. I want it Tuesday.
— Jack Warner

Pretty sure Mr. Warner would get it just the way he wanted it today.

Surprise: Saudis and Russia agree mutual economic destruction = bad
Expect a rocky market today after a hush-hush agreement by Saudi Arabia and Russia to hold oil production levels to January levels. The FTSE and Brent crude have already taken a hit, though why Brent’s price dropped when supply firmed/tightened makes no sense to me. Good thing I’m not a commodities broker.

Predictable outcome: Dropbox account hacked, contents posted, then teacher fired
I feel awful for this poor teacher, whose privacy was violated and his job lost after someone hacked his Dropbox account, then posted a personal sex tape on his school’s website. Unfortunately, this is another painful real-life lesson: Do NOT store content in the cloud if the content hurt you if leaked.

Shaken by a quake? There’s an app for that
UC Berkeley Seismological Lab released an Android app called MyShake. The application detects vibration fitting earth tremor profiles and reports them to the lab for diagnostics. Enough data combined with other seismic monitoring can confirm an earthquake. The Seismological Lab hopes to build a global seismic detection network which can help detect earthquakes before they begin. With enough advance notice, humans may be able to reduce damage and injury. The Lab says the app runs silently in your phone’s background and doesn’t use up the battery, but this seems like an impossibility. Only one way to find out, though, and only one way for the lab to improve the app’s performance. An iOS version is expected in the near future.

Volkswagen fined by Mexico over emissions — but not the defeat device
Looks like VW imported more than 45,000 vehicles into Mexico without dotting all the Is and crossing all the Ts. The automaker has been fined nearly $9 million dollars (168 million pesos) for failing to obtain mandatory emission and noise certifications. Sounds like VW needs to overhaul its management culture.

Air-gapped computers may not be safe from hacking
A team of researchers from Tel Aviv University and Technion identified a means for hacking air-gapped computers in a completely separate room in order to snag data. Their method only required an antenna, amplifiers, a software-defined radio, and a laptop to measure electromagnetic waves created by a target computer as it deciphered a specific message.

There it is: it ain’t good, but you’ve got it on a Tuesday.

Tuesday Morning: Flip Off

/29 Comments/in , , /by

Flip off a few caps; Death came for a few more well-loved artists. Rest well, Glenn Frey, Dale Griffin, Dallas Taylor. Gonna’ be one heck of a band on the other side. [Edit: Mic Gillette, too? Stop already, Grim Reaper, check your targeting.]

Hope the cull is done because obituaries are not my thing. Hard to type and sniffle copiously at the same time.

GM Opel dealers may be altering emissions control software on Zafira diesel cars
Great, just great. Like GM didn’t have enough on its plate with the ignition switch debacle. A Belgian news outlet reports GM Opel dealers have been changing the software on the 2014 Zafira 1.6l diesel engine passenger vehicles in what looks like a soft recall. This comes on the heels of an EU-mandated recall of Zafira B models due to fires caused by bad electronics repairs. Sorry, I don’t speak Dutch, can’t make out everything in this video report. What little I can see and read doesn’t look good. Wouldn’t be surprised if the EU puts the hurt on GM Opel diesel sales until all are fixed to meet EU emissions regulations. Should also note that a different electronics manufacturer may be involved; images online of ECUs for late model Zafiras appear to be made by Siemens — unlike Volkswagen’s passenger diesel ECUs, which are made by Bosch.

Texas manufacturer swindled out of cash by fraudulent email request, sues cyber insurer
AFGlobal, based in Houston, lost $480,000 in May 2014 after staff wired funds based on orders in emails faked by crooks overseas. The manufacturing company had a cyber insurance policy with a subsidiary of the Chubb Group, and filed a claim against it. The claim was denied and AFGlobal filed suit. This isn’t the first such loss nor the first such lawsuit. Companies need to create and publish policies documenting procedures for authorizing any online payments, including two-step authentication of identities, and review overall spending authorization processes with an eye on audit trails.

Ukrainian officials say Kiev’s main airport hacked
Hackers who attacked Ukrainian power companies in late December are believed to be responsible for the malware launched on Kiev’s airport servers. There are very few details — okay, none, zero details — about the attack and its affect on airport operations. A military spokesman only said “the malware had been detected early in the airport’s system and no damage had been done,” and that the malware’s point of origin was in Russia. Among the details missing are the date the attack was discovered and how it was detected as well as the means of removal.

Hold this thought: FBI still looking for info on cable cuts, with eye to Super Bowl link
Remember the post last summer about the 11 communications cable cuts in the greater San Francisco Bay Area near Silicon Valley? This is a hot issue again, given the impending Super Bowl 50 to be held at Levi’s Stadium in Santa Clara. But reports now mention 15 or 16 cuts, not 11 — have there been more since last summer, or were there more not included in the FBI’s request for information? I’ll do some digging and post about this in the near term.

All right, carry on, and don’t drink all the añejo at once.

Ukraine’s Power System Hacking: Coordinated in More than One Way?

/12 Comments/in , /by

[original graphic: outsidethebeltway.com]

[original graphic: outsidethebeltway.com]

Analysis by industrial control team SANS determined hacking of Ukrainian electrical power utilities reported on 23-DEC-2015 was a coordinated attack. It required multiple phases to achieve a sustained loss of electricity to roughly 80,000 customers. SANS reported they “are confident” the following events occurred:

  • The adversary initiated an intrusion into production SCADA systems
  • Infected workstations and servers
  • Acted to “blind” the dispatchers
  • Acted to damage the SCADA system hosts (servers and workstations)
  • Action would have delayed restoration and introduce risk, especially if the SCADA system was essential to coordinate actions
  • Action can also make forensics more difficult
  • Flooded the call centers to deny customers calling to report power out

An investigation is still underway, and the following are still subject to confirmation:

  • The adversaries infected workstations and moved through the environment
  • Acted to open breakers and cause the outage (assessed through technical analysis of the Ukrainian SCADA system in comparison to the impact)
  • Initiated a possible DDoS on the company websites

The part that piques my attention is the defeat of SCADA systems by way of a multiphased attack — not unlike Stuxnet. Hmm…

Another interesting feature of this cyber attack is its location. It’s not near sites of militarized hostilities along the border with Russia. where many are of Russian ethnicity, but in the western portion of Ukraine.

More specifically, the affected power company served the Ivano-Frankivsk region, through which a large amount of natural gas is piped toward the EU. Note the map included above, showing the location and direction of pipelines as well as their output volume. Were the pipelines one of the targets of the cyber attack, along with the electricity generation capacity in the region through which the pipes run? Was this hack planned and coordinated not only to take out power and slow response to the outage but to reduce the pipeline output through Ukraine to the EU?

Russia’s Sabre-Rattling: Not Just Bluster About Banks and Ukraine Unrest

/40 Comments/in /by


Last Friday, CNBC interviewed Andrey Kostin, CEO of Russia’s second largest bank, following the EU’s decision to extend economic sanctions against Russia, ostensibly to punish Russia for hostilities against Ukraine. Kostin’s comments were combative.

“You know, we have quite a strong opinion on sanctions. Sanctions, in other words, is economic war against Russia. Economic war will definitely have and will have very negative implications on the Russian economy, but more than that it will have very negative implications on the political dialogue and on security in Europe. And who wants to live in a less secure world? I think nobody. I think it’s the wrong way to treat Russia like this. I think it will never to lead to any other consequences as to less stability and less secure Europe.” [sic]

“”You can’t treat any country like this. You know you can’t say, if you behave rightly, that’s a small [weep*] for you, if you behave wrongly, that’s a big [weep*] for you.’ That’s not a dialog, that’s a threat. … I think we should talk. I mean, politicians should talk, like business men. Business men do talk, and they are interested in working together. …”

In short, Russia feels the sanctions are warfare, and they want to deal. They’d really like the asymmetric attack on finance to stop short of terminating Russian banks’ access to SWIFT (the impact of which WaPo spells out).

But the banks’ discomfort with the sanctions and continued incursions against Ukraine aren’t the only signs of Russian belligerence. By year end, there had been forty events characterized as “close military encounters” during 2014, according to European Leadership Network, a non-partisan, nonprofit think tank. Read more

Glaring Front Page Error by David Sanger, New York Times as Iran Nuclear Negotiations Near Deadline

/17 Comments/in , /by

See the update below, as of about 2:45 pm, the Times has changed the wording of the erroneous paragraph without adding a note of the correction. Oops. I got off on the wrong paragraph when I checked back. See the comment from Tony Papert below.

For someone who has written on a range of technical issues for many years, the error committed last night by David Sanger could not be worse nor come at a worse time for the important events he is attempting to cover. In an article put up last night on the New York Times website and apparently carried on page A1 of today’s print edition, Sanger and the Times have garbled a key point at the heart of the negotiations between Iran and the P5+1 group of nations as they near the critical November 24 deadline for achieving a full agreement on the heels of last year’s interim agreement.

The article ostensibly was to announce a major breakthrough in the negotiations, although Gareth Porter had worked out the details of the progress last week. Here is what Porter deduced:

The key to the new approach is Iran’s willingness to send both its existing stockpile of low enriched uranium (LEU) as well as newly enriched uranium to Russia for conversion into fuel for power plants for an agreed period of years.

In the first official indication of the new turn in the negotiations, Iranian Foreign Ministry spokesperson Marzieh Afkham acknowledged in a briefing for the Iranian press Oct. 22 that new proposals combining a limit on centrifuges and the transfer of Iran’s LEU stockpile to Russia were under discussion in the nuclear negotiations.

The briefing was translated by BBC’s monitoring service but not reported in the Western press.

Undersecretary of State Wendy Sherman, who heads the U.S. delegation to the talks, has not referred publicly to the compromise approach, but she appeared to be hinting at it when she said on Oct. 25 that the two sides had “made impressive progress on issues that originally seemed intractable.”

As Porter goes on to explain, such an arrangement would allow Iran to maintain a large number of centrifuges continuing to enrich uranium, but because there would be no stockpile of low enriched uranium (LEU), the “breakout time” (time required to highly enrich enough uranium for a nuclear weapon) would remain at about a year. By having Russia convert the LEU to fuel rods for Iran’s nuclear power plant, that LEU would be removed from any easy pathway to a weapon. This would provide Iran the “win” of maintaining its present level of around 10,000 operational centrifuges but give the P5+1 its goal of a longer breakout time. The key here is that unlike a proposal in 2005 where Russia would take over enrichment for Iran, this new proposal would allow Iran to continue its enrichment program while shipping virtually all of of its LEU to Russia for conversion to fuel rods.

Sanger appears to start off on the right track with his article:

Iran has tentatively agreed to ship much of its huge stockpile of uranium to Russia if it reaches a broader nuclear deal with the West, according to officials and diplomats involved in the negotiations, potentially a major breakthrough in talks that have until now been deadlocked.

Under the proposed agreement, the Russians would convert the uranium into specialized fuel rods for the Bushehr nuclear power plant, Iran’s only commercial reactor. Once the uranium is converted into fuel rods, it is extremely difficult to use them to make a nuclear weapon. That could go a long way toward alleviating Western concerns about Iran’s stockpile, though the agreement would not cut off every pathway that Tehran could take to obtain a nuclear weapon.

But about halfway through the article, Sanger displays a shocking ignorance of the real points of recent negotiations and somehow comes to the conclusion that Russia would be taking over enrichment for Iran rather than converting LEU into fuel rods:

For Russia, the incentives for a deal are both financial and political. It would be paid handsomely for enriching Iran’s uranium, continuing the monopoly it has in providing the Iranians with a commercial reactor, and putting it in a good position to build the new nuclear power reactors that Iran has said it intends to construct in the future. And it also places President Vladimir V. Putin at the center of negotiations that may well determine the future of the Middle East, a position he is eager to occupy.

Somehow, Sanger and his New York Times editors and fact-checkers are stuck in 2005, suggesting that Iran would negotiate away its entire enrichment program. Such a drastic move would never be contemplated by Iran today and we are left to wonder whether this language found its way into the Times article through mere incompetence or more nefarious motives meant to disrupt any possible deal by providing false information to hardliners in Iran.

At the time of this writing (just before 9 am on November 4), the Times still has not added any correction or clarification to the article, despite the error being pointed out on Twitter just after 10:30 pm last night (be sure to read the ensuing Twitter conversation where Laura Rozen and Cheryl Rofer work out the nature of the error).

Update: And now, around 2:45 in the afternoon, I see that the Times has changed the erroneous paragraph. So far, I don’t see a note that a correction has been made. Here is the edited paragraph:

Russia’s calculus is also complex. It stands to gain financially from the deal, but it also has an incentive to see the nuclear standoff between Iran and the rest of the world continue, because an embargo keeps Iranian oil off the market. With oil prices falling, a flood of exports from Iran could further depress prices.

Will they ever get around to adding a note? I’ll keep an eye out. Well dang, this is embarrassing. I went to the wrong paragraph when I looked back. The article is still unchanged. Thanks to Tony Papert in comments for catching my bone-headedness.

Was Quantum Entanglement Experiment Behind “Classified Cryptographic Equipment” Confusion After Antares Crash?

/20 Comments/in /by

Yesterday evening, an Antares rocket built and operated by Orbital Sciences Corporation exploded shortly after liftoff. The rocket was intended to ferry supplies and equipment to the International Space Station. Orbital and Spacex have taken over some of the duties supplying the space station since the termination of NASA’s shuttle program.

In the early aftermath of the explosion, word came out that the crash site had to be secured because sensitive cryptographic equipment was on board:

The Cygnus mission was non-military, but the company’s Antares program manager, Mike Pinkston, said the craft included “some classified cryptographic equipment, so we do need to maintain the area around the debris in a secure manner”.

That initially struck me as odd. The International Space Station has a large number of cooperating countries, including Russia. It’s hard to imagine that the US would put sensitive equipment into the hands of cosmonauts right now, given the cool state of US-Russian relations. Of course, it would make sense for ISS communications to be encrypted in order to prevent meddling by hackers, but movement all the way to classified (and presumably military or NSA-level) encryption seems to be excessive.

This morning, we are seeing walk-back on the presence of classified equipment:

Shortly after the explosion, CNN quoted a launch director as saying that the spacecraft contained classified “crypto” equipment, but early Wednesday a NASA spokesman said by email that “We didn’t have any classified items on board.”

In trying to make sense of what could have been behind these strange statements, I ran across this interesting announcement of a new cryptographic technology that European scientists have proposed evaluating in an experiment on the space staion:

A team of European researchers have proposed a series of experiments that, if successful, could turn the International Space Station into a key relay for a quantum communications network.

The key basis of physics underlying quantum communications is entanglement. Entangled particles are connected in a way that pretty much defies common sense. If you change the spin of one of the particles, the spin of its entangled counterpart will change – even if they’re miles apart. And that change happens nearly instantaneously – at least four orders of magnitude faster than the speed of light, according to a recent experiment.

Another remarkable aspect of this technology that sounds almost too good to be true is its potential security. After noting that quantum networks are quite fragile, the Forbes article continues:

But why bother with these networks at all if they’re so fragile? The answer is pretty simple – because they’re almost perfectly secure. Here’s how it works. Let’s say that I want to send a message to New York City. My message is going to travel through normal channels, but it will be encrypted with a key. That key is transmitted via the entangled photons – so the changes I make to entangled particles on my end almost instantly show up in the particles in New York. We then compare the measurements of what I changed in my photons to those states in New York City.

Those measurements then comprise an encryption key for our communications. So even if our communications are bugged, nobody can read them without knowing that encryption key. And here’s the important thing: if somebody were to try to eavesdrop on the quantum entanglement, they would alter the spin of the photons. So the measurements I make and the measurements made in New York would be out of sync – thus letting us know that we have an eavesdropper. It also prevents us from creating an encryption key, so we don’t send any communications. Theoretically, a quantum encrypted network is almost perfectly secure. (That said, they’re not perfect, and there are some exploits.)

The announcement from the European group that they wished to carry out the experiment based on what Einstein called “spooky action over a distance” came last April. Then, in June, it was announced that China had carried out a key demonstration of concept experiment back in 2010 but waited four years to publish the result.

With China announcing progress on the technology, one would think that the West would want to accelerate its work in the area, so it would not be at all surprising if equipment for the European experiment was among the items lost when the rocket exploded. Further, one would expect that Orbital would have been told that security for that equipment would be of the very highest level. In discussing the issue of sensitive equipment among the Antares wreckage, PCWorld this morning mentioned the incident of China perhaps examining the wreckage of the US stealth helicopter that was left behind after the mission to kill Osama bin Laden. It could well be that for this crash site, keeping the debris away from prying eyes from China is behind the call for security. Note also that the experiment quite likely would have been coordinated by the European Space Agency on behalf of the European scientists, so NASA’s claim that “We didn’t have any classified items on board” could be parsed as not applying to any classified items that ESA might have had on the rocket.

Plane Meets Plow: The Curious End of Total S.A. CEO Christophe de Margerie

/7 Comments/in , /by

[Photo tweeted by @Enel_Aire, post time stamped 2014-10-21 at 09:45 (time zone unknown)]

[Photo tweeted by @Enel_Aire, post time stamped 2014-10-21 at 09:45 (time zone unknown)]

Forgive my skepticism about the accident Monday night that took the life of Christophe de Margerie. CEO of French oil and gas company Total S.A. We’ve been told by enough analysts that several target countries, including Russia, are under siege, though these experts don’t refer to this openly as asymmetric warfare. The recent and ongoing drop in petroleum prices threatens cash inflows to those countries whose economies rely on oil revenues — Russia and Iran among them. The death of an oil industry executive isn’t unexpected given the amount of money in play; people die daily for far less cash.

Not as much as Moscow, mind you, but we get snow where I live in flyover country USA. Any time between mid-October and mid-April we can expect some frozen precipitation. A blizzard in October isn’t unheard of — we had one 17 years ago this week, in fact. I’ve lived with six months of snow per year for most of my life.

Which is why the photo here of the crash site looks sketchy to me.

Early reports indicated the plane carrying de Margerie hit or was hit by a snowplow driven by a drunken operator, in poor visibility. It’s not clear exactly which hit the other based on different accounts across the internet. A Russian reconstruction video furnished to Le Figaro shows the plane’s wing clipping a vehicle upon landing — but the video exerts more effort on the fire and smoke than it does on the initial impact. Note in this second video of the plane after the crash during daylight hours that the wing which hit the plow as characterized in the video is missing.

At least one article claimed debris was spread 200 meters by the plane after impact. Perhaps the wing was in that debris, but it’s not reflected in the Russian reconstruction video. A more recent report said the snowplow was parked on the runway.

Ultimately, what we see is a plane that flipped over — either tipped over by the force of a plow, or flipped over after impact.

And no snow. This particular photo is rather pixelated, but it doesn’t reflect reduced visibility due to snowfall. There’s no snow in the second video link above, though visibility has worsened. Read more

Kerry Castigates Putin For Using US Strategy of Training, Arming Rebels

/62 Comments/in , /by
So far, I have suffered no ill effects from this outdated beer.

So far, I have suffered no ill effects from this outdated beer.

Aside from the fact that the only craft beer served at the National Security Caucus session at Netroots Nation 2014 was an outdated California beer rather than a local Michigan beer, it was a session marked by interesting discussion. I received quite a bit of support during that discussion for noting that the US response to any crisis anywhere, for far too long, has been simply to ask “Which group should we arm?”. Further, I noted, as we had heard in the “Iran: Diplomacy or War?” session, there is reason for optimism among those of us who favor diplomacy over violence in the successful removal and ongoing destruction of Syria’s chemical weapons rather than the missile strikes the US had been planning and in the remaining strong possibility of a diplomatic solution to the Iran nuclear technology issue instead of a war to destroy the technology. I illustrated that point by mentioning the tragic downing of MH17 and how that demonstrated the folly of training and arming rebel groups that often veer into extremist actions that result in atrocities. That point ties to the mad push to arm Syria’s rebels with the shorter range MANPAD antiaircraft missiles even though they are less powerful than the Buk missile that took down MH17. As I noted, will Syrian “moderates” promise us never to take the MANPADS to a site where civilian aircraft are within range, and would there be any reason to believe such a promise?

In executing his Full Ginsburg yesterday, US Secretary of State John Kerry reached new heights of hypocrisy, as he went from Sunday morning talk show to talk show, proclaiming the evils of Russian actions in Ukraine. The evils for which Kerry is castigating Putin are precisely the evils that the US has been unleashing on the world in places like Iraq, Afghanistan, Yemen, Syria and beyond. From today’s New York Times:

 In presenting the most detailed case yet alleging Russia’s involvement in the Ukraine crisis, Secretary of State John Kerry said on Sunday that Russia had funneled large quantities of heavy weapons to Ukrainian separatists and trained them how to operate SA-11 antiaircraft missiles, the type of system that is believed to have been used to shoot down the Malaysian airliner over eastern Ukraine.

“We know for certain that the separatists have a proficiency that they’ve gained by training from Russians as to how to use these sophisticated SA-11 systems,” Mr. Kerry said on the CNN program “State of the Union.”

Just as when CIA Director John Brennan got his panties in a wad over al Qaeda training death squads in Syria after we had trained our own death squads to send there, Kerry is now saying that Russia choosing a group to arm and train is a horrible thing even though he has been instrumental in helping the Obama administration to do the exact same thing in other areas.

And just as the US now faces problems in its upcoming training of Iraqi troops because of the previous failures in training Iraqi troops, there is reason to believe that the atrocity of MH17 may be due in part to failed training by the Russians. From today’s Washington Post:

Meanwhile, in Kiev, the U.S. Embassy said American intelligence analysts had confirmed the authenticity of recorded conversations in which rebel leaders bragged about shooting down what they thought was a Ukrainian military transport plane moments after the Malaysian jetliner was blown apart.

So even though the separatists are good at using the missiles to blow aircraft out of the sky (the Times article notes they have downed “almost a dozen Ukrainian transport planes, reconnaissance aircraft and helicopters”), it would appear that they haven’t quite worked out that whole target verification thing and that this tragedy may not have been an intentional targeting of civilians as much as it is a training failure. But yes, the Russians own a large portion of this tragedy, as the evidence seems strong that they provided the weapon along with instructions on firing it (if not the full lesson on target verification). And their tactics in doing do were taken directly from the US playbook, all the way down to the training being an abject failure.