Monthly Archives: October 2014

Thoughts on LLNL Strategic Latency Report

By Jon Lindsay

This new publication from the Lawrence Livermore National Laboratory’s Center for Global Security Research (CSGR) just came to my attention.

The traditional yet complex problem of nuclear latency concerns the logistics and perhaps intention of moving from nuclear power to nuclear weapons (we debated many different definitions of “latency” today at a conference at the Wilson Center–there seem to be almost as many ways to define it as there are of what counts as a “domain”!). LLNL CSGR’s new volume looks at the more general problem of strategic latency, which is the potential to convert cutting edge developments in S&T into potentially game changing military applications. It includes chapters on lasers, 3d printing, and robotics–which provides some useful variation outside of the space and cyber areas we have been investigating in more detail–as well as some national case studies. Many of these developments are interesting in that they are happening outside of state laboratories in the private sector, meaning disruptive innovation is more democratized than ever before (i.e., think Google Labs rather than Manhattan Project). They thus represent the emergence of new capabilities, linkages, and actors, or greater complexity in CDD. Whether this complexity portends more or less stability is one of the foundational questions in our project.

Dissent and Deception With Mobile Apps

By Jon Lindsay

This is an interesting story about (presumably) Beijing’s use of a piece of malware to monitor protester’s communications in Hong Kong:

It points out a dilemma between seeking to restrict technology access to disable the advantages it has for the adversary (attacking their network) and ensuring the adversary’s access in order to collect intelligence (exploiting the network). There’s a passing mention also to Syria’s lifting of kill switch use in order to better monitor internet use. What’s interesting in this case is that the malware is marketed specifically to improve protester communications, and probably does a bit, but also collects on those communications to turn the user into an unwilling agent via deception.

The crowdsourced counterintelligence angle is also pretty interesting–upon discovery, the victim of a malware attack often benefits from a large and distributed forensic effort. The Iranians did with Stuxnet, too.