Not Sure Why

Finland and Sweden seem to be thinking about joining NATO in response to Russian President Vladimir Putin’s overt aggression toward and threat of invasion of Ukraine.

Finland’s Prime Minister Sanna Marin:

We retain the option of applying for NATO membership. We should uphold this freedom of choice and make sure it remains a reality….

And

Sweden’s Minister of Foreign Affairs Anne Linde also asserted that Russia does not have a veto on whatever alliance Sweden chooses to join.

It’s hard, at this date, to see why either nation—or any other—would want to join NATO.

A successful invasion and occupation of Ukraine by Russia would only demonstrate just how impotent NATO has become. NATO is toothless with Germany unarmed and timid under Angela Merkel and now Olaf Scholz and his Social Democratic Party, and the US is just timid under Biden-Harris.

That Ukraine is not presently a NATO member is a coward’s copout. Russian occupation of Ukraine would only magnify the threat to the NATO nations. In recognition of that, very few member nations—you can count them with the fingers of one hand—out of the 30 current members have even been willing to offer Ukraine economic or political support, much less arms with which to defend itself and drive Russia out of currently occupied Ukraine.

NATO would be no protection at all for Sweden and Finland.

Talking Past Each Other

Or one not taking the other seriously. The disconnect between President Joe Biden-Kamala Harris and Russian President Vladimir Putin—or the fact that Putin doesn’t take the Biden-Harris administration seriously—doesn’t get much more clearly demonstrated than by this lead image from a Friday Wall Street Journal article about continuing US-Russia “negotiations” regarding Ukraine.

So What if it Is?

Great Britain, in a move toward filling the vacuum left by President Joe Biden’s (D) dangerous timidity when facing Russian President Vladimir Putin, has sent serious arms into Ukraine to help that nation prepare for the coming Russian invasion. (It’s telling that Germany, dependent as it has sold itself into, on Russian energy, forced the British supply aircraft to fly around German airspace to get to Ukraine.)

Putin reacted to that and trotted out his Foreign Ministry’s spokeswoman, Maria Zakharova, to object to plussing up Ukraine’s ability to defend itself. As cited by Fox News, she said that

Ukraine perceives Western military assistance as a “carte blanche for a military operation in Donbas.”

I certainly hope Ukraine has that perception, and that the perception is grounded in fact. The Donbas is, after all, Ukrainian territory, for all that Russia currently occupies most of it.

Flaw?

The People’s Republic of China government requires everyone attending the Beijing Olympics next month to load a tracking app on their cell phones:

Those who attend the Olympics, including athletes and journalists, are required to download the app and upload their health and vaccination information to track potential outbreaks of COVID-19.

The Citizen Lab, based in the University of Toronto’s Munk School of Global Affairs & Public Policy, has identified what it terms a security flaw.

It turns out that the app, MY2022, fails to validate some SSL certificates. That means it’s a trivial matter for…others…to bypass any security measures, including encryption, that the phone’s owner might have implemented. Those others then can easily intercept and otherwise gain access to the cell phone owner’s sensitive information: all the medical information the PRC government requires to be loaded into the app, ostensibly for Wuhan Virus tracking, along with wholly unrelated information like all traffic in which the phone might be or have been engaged, all passport information, all medical information whether or not related to the Virus, and all other information stored on the cell phone—images and videos, contact lists, other emails, Web sites and bookmarks, and on and on.

The Lab’s key findings are

  • MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Health customs forms which transmit passport details, demographic information, and medical and travel history are also vulnerable. Server responses can also be spoofed, allowing an attacker to display fake instructions to users.
  • MY2022 is fairly straightforward about the types of data it collects from users in its public-facing documents. However, as the app collects a range of highly sensitive medical information, it is unclear with whom or which organization(s) it shares this information.
  • MY2022 includes features that allow users to report “politically sensitive” content. The app also includes a censorship keyword list, which, while presently inactive, targets a variety of political topics including domestic issues such as Xinjiang and Tibet as well as references to Chinese government agencies.
  • While the vendor did not respond to our security disclosure, we find that the app’s security deficits may not only violate Google’s Unwanted Software Policy and Apple’s App Store guidelines but also China’s own laws and national standards pertaining to privacy protection, providing potential avenues for future redress.

It’s doubtful, at least to me, that China’s own laws and national standards pertaining to privacy protection are being violated, though, given the PRC government’s already widespread surveillance of all of its citizens. The PRC’s 2017 national intelligence law, too, requires all entities to cooperate with the government’s intelligence community and provide whatever information that community requires, which means that the app’s spying is no violation of the PRC’s own laws.

And there’s this:

[The] Citizen Lab said it had notified the Chinese organizing committee for the Games in December about the potential issues but had never received a response.

The Beijing Organizing Committee’s refusal to respond is itself instructive.

No, this is no flaw; neither PRC government programmers nor Beijing Organizing Committee programmers, who are the ones who officially built the app, are that amateurish. It’s deliberate, and it’s one more reason to not only skip the Beijing Olympics (including not watching them on NBC), but to skip doing any sort of business with any sort of PRC company.

The Lab’s report can be read here.

Written Response

Russian Foreign Minister Sergey Lavrov repeated Russia’s demand for

a written response this week from the US and its allies to Moscow’s request for binding guarantees that NATO will not embrace Ukraine or any other ex-Soviet nations, or station its forces and weapons there.

I have a written response for him.

“Nuts.”