Wednesday, September 30, 2015


Available to Non U.S. entities and U.S. entities domicile outside or inside U.S. Exports Supported Capital equipment and related services for project whose repayment depends on project cash flows, usually as defined by contractual relationship. Best used by Major U.S. suppliers Project sponsors without access to capital markets or government guarantee Entities out of U.S. Coverage and Terms 15% cash payment by foreign buyer Consideration of following on...

Whether your company is exporting overseas or is in need of a line of credit or working capital we offer solutions to increase the productivity and expansion of your company. A positive result is usually dependent upon the creativity and the strength of the management team, and the viability of the company’s products within its marketplace. Financing is available for:

•  Real estate acquisitions, refinancing, renovation or expansion
•  Commercial, Industrial. Business, Residential
•  Business Acquisition and Expansion
•  Working Capital, Inventory or Mezzanine
•  Account Receivables Financing
•  Leasing for Capital Equipment and Related Services
•  Project Financing or Structure Trade Limited Services
•  Post & Pre Export
•  Export or Import for Consumables, Parts or Raw Materials
•  Export or Import for Machineries, Equipments

•  Factoring, Forfaiting, Securitization, Syndication, Leasing

We are two privately owned corporations that offer financing and guarantee instruments to companies with domicile out of  The United States of America or to companies in The United States of America; Our mission is to help the private and public sector, operated by business entrepreneurs who understand the difficulties of obtaining a loan.
Global Trade Insurance Corporation is a Registered Broker of the Export Import Bank of United States of America and Global Trade and Financing a d/b/a of Mortgage Formula Incorporated  licensed with Office of Financial Regulation of The State of Florida since 1993.
Global Trade and Financing is a Member of   


The Association provides support services to its members/affiliates by working closely with private and public entities to bring our members information and any other tools to help boost U.S. exports. Through our strategic alliance network we are able to bring pre-qualified buyers ready to purchase products/services and to provide import/export solutions such as: 

  • International & Domestic Financing
  • Marketing Research/Investigation
  • Project-based Consulting
  • Market Representation
  • Channel Distribution
  • Sales Representation
  • Forum & Networking Events
  • Company Registration
  • Business Matchmaking Appointments
  • Inbound/Outbound Trade Missions
  • Business Seminars & Conferences
  • And More...

Tuesday, September 29, 2015

Innovation: Images from the 2015 Smithsonian Innovation Festival

Helping your teen make spending trade-offs
For teenagers, the temptation to spend money is everywhere. From gadgets and gaming to hobbies and entertainment, find out how you can help them spend smart and save for what they really want.

Inventor talks
The two-day event featured interviews with inventors about their projects and their processes. Pictured are Jeff Brodie (left) deputy director for the Lemelson Center for the Study of Invention and Xavier Carnegie (right), Living History Theatre creative director, interviewing Rory Cooper (middle) about his work on wheelchair design.

Chewing gum that doesn't lose its flavor
File this under noble pursuits: Wrigley's talked about figuring out how to make chewing gum with longer lasting flavor.

Insulated concrete blocks

These blocks have a layer of insulation meant to improve a building's thermal performance.

More confection
Also on the candy front, Mars Chocolate talked about patenting chocolate flavors and making a white chocolate that's more preferable to even those who aren't big fans.

Explaining hydrogel
Kansas State University used plenty of props to explain it hydrogel, which is made of proteins and can go from liquid to gel in seconds based on pressure applied. It can be used for many purposes including cell therapy, sustained release, vaccine development, 3D cell culture, and more.

Patenting peppers
The USDA developed peppers with very specific traits, like the Lil' Pumpkin which has black leaves, is small, and orange. Asexually reproduced plants can be patented.

Brain power
This lower body exoskeleton from the University of Houston is powered through brain waves.


Inventor Paul Schmitt talked about improvements in skateboard design, and brought a collection of skateboards dating back to the 1950s

Back it up
The Ford Motor Company demoed technology they've developed to assist in backing up a trailer.

From Everest to outer space
NASA talked about the tech, like hydration systems, that help not only astronauts in space, but adventurers headed to extreme places like Mount Everest. Here's a suit used for an Everest expedition.

The baby bot
Virginia Commonwealth University has been working on these devices, which help babies who were born with disabilities learn to crawl.

Try this on for size

Zugara's augmented reality technology lets users try on clothes using gesture recognition, a Microsoft Kinect sensor, and a small camera.

WiperFill was the 9th millionth patent issued by the US Patent Office. It's a system to use rainwater to replenish a car's wiper fluid reservoir.

Keeping classrooms safe
Students from Benjamin Banneker Academic High School Lemelson-MIT InvenTeam devised a way to keep intruders out by sliding a metal piece over a door's pivot hinge. They were troubled by the frequency of school shootings and decide to tackle the problem of keeping safe themselves.

Monday, September 28, 2015

Pre-Order Pricey Glowforge 3D Laser Printer

Glowforge 3D laser printer + air filter
Glowforge's 3D laser printer is available now to pre-order with special early bird pricing.
Choose from three options: Glowforge Basic for $1,995 (retails for $4,000), Glowforge Basic + Air Filter (pictured) for $2,495 (retails for $5,000), or Glowforge Pro + Air Filter for $3,995 (a steal compared to its $8,000 retail price).

Shipping starts in December, and will ramp up early next year, so don't count on stuffing stockings with DIY 3D-laser-printed goodies.

Standing at 12-by-20 inches, the printer—like those knives advertised on late-night infomercials—can cut just about anything: wood, fabric, leather, paper, cardboard, acrylic, mylar, rubber, fiberglass, cork, sandpaper, silicone, chocolate, and more.

Plus, it engraves all of those materials, as well as glass, marble, rubber stamps, stone, ceramic, tile, and coated materials like anodized aluminum, stainless steel, brass, titanium, etc.

The device is compatible with the most popular file formats, and users can create their own designs in Adobe Photoshop and Illustrator and Inkscape, or choose from Glowforge's catalog of customizable, ready-to-print designs. That includes things like a leather satchel, plywood map, engraved glass spice jars, recycled cardboard lamp, and a drone. Each item tells you the estimated print time and material cost.

With Wi-Fi connectivity and one-button printing, you can create 20 chocolate rockets just in time for your kids' birthday party, without the mess that comes with baking.

Upgrade options include a larger pass-through slot to accommodate wider material, higher-quality optics for more beam power, and a solid-state thermoelectric cooling system.

Just remember to wear protective goggles and oven mitts when printing with the Pro, which features a Class IV laser. The Basic model features a Class I laser that anyone can operate.
Glowforge will officially launch at this weekend's Maker Faire in New York, where hundreds of kids will have the opportunity to design acrylic toys using just a pen.

Friday, September 25, 2015

The Sting of VW's Slap Across My Well-Moisturized, Euro-Loving Face (BusinessWeek)

In which a cappuccino-sipping media professional loses the smug sense of superiority he once achieved just by driving a Jetta Sportwagen TDI.
A Jetta Sportwagen TDI during the 2008 Los Angeles Auto Show.

So a couple of things about me: I am a Northeast-dwelling, cappuccino-sipping, Whole-Foods-shopping media professional. I am also a lifelong lover of cars. I have reviewed them professionally, on and off, for 15 years. 

Is it any wonder I own a Volkswagen diesel?

I bought my Jetta Sportwagen TDI, perhaps fittingly, on Halloween in 2008. Now it’s frightening what has become of my car, which has been wearing a costume the whole time. The diesel disguise was one of European sophistication and 21st century frugality—a potent blend to a car-loving liberal-arts graduate.  

At the time of the purchase, I was seeking a car for my new family; my daughter had been born the year before and it was time for a car of my own. I’d spent the previous year and a half doing some car coverage for a magazine, so I was driving a new car every week. It was the perfect research you could do before making a purchase of your own: a weeklong test drive of every family car in the market.

When I decided I wanted to buy a car, I had the Sportwagen TDI at the top of my list. Over the weeks and months in which I drove every Honda, Toyota, Ford, and Hyundai under the sun, it never fell from that position. It was, I thought, the perfect car for a poncy Europhile such as myself: a German (Euro!) station wagon (so Euro!) with a diesel engine (Eurissimo!). The only thing more Euro would be a Citroën that ran on adultery

A portrait of the author's Jetta Sportwagen TDI, parked in a New Jersey driveway.

The TDI also could be justified logically. Its mileage rating was damn near 40 miles to the gallon. The engine had a poky 140-horsepower rating. Like all diesels, it had prodigious amounts of torque: a stump-pulling 236 pound-feet of it. That made the car a lively performer and a fuel-sipper at the same time. It was no surprise to me that more than 50 percent of the cars sold in Europe are diesels—we dumb Americans just didn’t know what we were missing. And what of diesel’s reputation for burning dirtier and releasing more junk into the air? Well, Volkswagen’s crack squad of engineers gave every impression of having solved all those problems. 

I bought my VW and immediately felt a wave of smug satisfaction and superiority wash over me. In the years that followed, I would bask in the glow that I had bought the Smartest Car in America. I would evangelize to any poor fool who would listen about VW TDIs, regaling them with tales of me not going to the gas station, but how it was never a problem to find one if I needed to refill my tank. How the performance was no worse than the great middle of the U.S. car market, thanks to all that sweet, sweet torque—and also that firm-but-not-uncomfortable handling and responsive six-speed automated-manual transmission.

All that smug superiority fell to the ground on Friday, when I learned of VW’s perfidy. My TDI is no longer a car, it's a comeuppance. I placed my faith in the soft, manicured hands of VW, only to have the compay slap me across my well-moisturized, SPF-protected face. I now have a car that has been harming, not helping, the environment. It does not provide the benefits for which I paid a premium: Today’s diesel Sportwagens carry a sticker $3,000 higher than the gasoline version. My car will perform worse once VW undoes its malfeasance. It will have a lower resale value when I want to get rid of it.

Selling seems like something I may do sooner, rather than later. What to buy next? As the VW scandal spreads, I must say that it casts a long shadow over other diesels, so that option seems off the list. But I can’t change who I am entirely: I guess I’ll have to trade in my tight-pants European pretension for the more white-bread insufferability of a hybrid. 

Thursday, September 24, 2015

The OPM breach deepens: 5.6 million federal employees' fingerprints stolen

There's still "only" 21.5-million federal employees whose personnel data have been stolen, but the Office of Personnel Management now admits that they've found that the number of individuals whose fingerprints were swiped is up to 5.6 million.

It took weeks before the Office of Personnel Management (OPM) admitted that almost 22-million federal employee personnel and security records had been cracked in two separate attacks. Months later, the OPM and Department of Defense (DoD) confessed that "Of the 21.5 million individuals whose Social Security Numbers and other sensitive information were impacted by the breach, the subset of individuals whose fingerprints have been stolen has increased from a total of approximately 1.1 million to approximately 5.6 million."

The OPM excuse for this delay was that the OPN and DoD had been been "analyzing impacted data to verify its quality and completeness." While the overall estimate of 21.5 million individuals records being revealed has not increased, this puts the privacy of 25 percent of these employees into even more danger. The government promises that "an interagency team will continue to analyze and refine the data as it prepares to mail notification letters to impacted individuals."

The government experts believe that, "as of now, the ability to misuse fingerprint data is limited."

That simply isn't true.

The OPM continued: "This probability could change over time as technology evolves. Therefore, an interagency working group with expertise in this area - including the FBI, DHS, DOD, and other members of the Intelligence Community - will review the potential ways adversaries could misuse fingerprint data now and in the future."

Funny, I see fake fingerprints used all the time in movies and TV shows to break physical security. This isn't just fiction. It's reality.

Fingerprint faking is simple and can be used every day. For example, Marc Rogers, CloudFlare's Principal Security Researcher, while at Lookout, the mobile security company demonstrated how easy it was to crack Apple's TouchID on both the iPhone 5s and 6. With the real fingerprints, hacking fingerprint security becomes trivial.

The government promises that the interagency working group will seek to develop potential ways to prevent such misuse." Good luck with that.

The feds also re-promise that "all individuals impacted by this intrusion and their minor dependent children (as of July 1, 2015) are eligible for identify theft and fraud protection services, at no cost to them.. The OPM and DoD admit, however, that they have yet to begin mailing notifications to affected individuals.

As I've said before, and I'll say again, I don't blame the OPM and DoD for this continuing security and privacy fiasco so much as I do a Congress that refuses to pay to truly reform a fundamentally impoverished and dysfunctional personell security system.

Wednesday, September 23, 2015

Rumor: Second-Gen Chromecast Coming This Month

Chromecast Tips
Google's rumored Sept. 29 event will reportedly include the launch of a second-generation Chromecast.

According to 9to5Google, which got its hands on some internal documents that spilled Google's plans, the new Chromecast will look a lot different from the original Chromecast, which resembles a USB key than anything else. The photos are blurry, but it appears that Chromecast II will have a big, fat, circular design—a hockey puck-like device with a dongle attached.

The images also suggest at least three color options: lime green, black, and red.

The "new Chromecast," as it's referred to in some of these Google documents, will support some kind of faster Wi-Fi than the first-generation device. Though could mean Google is bumping the Chromecast up to wireless-ac, giving it an extra spatial stream to work with on wireless-n, or even adding the ability to connect to 5GHz networks.

Google's second-generation Chromecast will also allow users to add content feeds to the device's home screen. It's also unclear just what that means—dump a Facebook News Feed as a widget, or maybe even a Twitter stream? However Google plans to do it, the move would at least give Chromecast owners a bit more personalization for their devices. Right now, you're basically limited to a glorified screensaver-like series of images, art, or weather updates.

A new "Fast Play" feature, meanwhile, is also in the works, but we also don't know what it actually does just yet. 9to5Google speculated that it might have something to do with speeding up the process of getting other devices paired with the Chromecast and playing media. If you've ever waited for your Chromecast to pair to a friend's smartphone, you (and your friend) will likely welcome the upgrade.

Google is also planning to integrate some kind of Chromecast Audio feature into its new device. Presumably, you could then plug a speaker directly into the Chromecast itself, which would then transform any boring speaker around your house into a device to which you can stream music. This, in conjunction with a reported Spotify support for the original Chromecast, should please streaming music fans quite a bit.

Tuesday, September 22, 2015

​Pentagon working on anti-hacker system to crack down on its own security flaws

With a perceived rise in computer attacks by foreign powers, and a critical internal report, the US Department of Defense is building a system to help fix its own vulnerabilities to cyber threats.

After a damning report from the Pentagon's chief weapons tester about cyber threats earlier this year, the US Defense Department is stepping up efforts to protect its networks with a new system to help spot flaws.
The aim of the system is to identify vulnerabilities in the military's networks, weapons systems and installations so that officials can set priorities for fixing them, US Cyber Command deputy commander Air Force lieutenant general Kevin McLaughlin told Reuters.

Pentagon officials should reach agreement on a framework within months, with a goal of turning the system into an automated scorecard in coming years, he said.Initial work will be manual but the eventual goal is the creation of a completely automated system that will instantaneously detect and respond to cyber attacks.

The original idea for the system was for it to identify weaknesses in weapons and networks but the Pentagon now wants to adopt a broader and more detailed remit that would also explore how data moves between branches of the military.

In January, Pentagon director of operational test and evaluation Michael Gilmore launched a highly critical report that revealed "significant vulnerabilities" to cyber attack in almost every American weapons project tested.

Lieutenant general Kevin McLaughlin told this week's annual Billington Cybersecurity Summit that Cyber Command had already created about half of 133 planned cyber response teams, comprising about 6,200 staff. All the teams should be operational by the end of 2016.

The new system's focus will initially be on areas of potentially greatest vulnerability, such as weapons systems that date back some 30 years, before the cyber threat was fully understood, as well as more recent technology that is nevertheless insecure.

"There's probably not enough money in the world to fix all those things but the question is what's most important, where should we put our resources as we eat the elephant one bite at a time," he told the Washington, DC, summit.

Representatives from the American army, navy and air force also described to the conference their own security efforts and the increased levels of collaboration between the services against cyber attacks.

McLaughlin said senior officers are today far more aware of computer threats and are also more accountable, with the results of spot checks and inspections now being sent to Cyber Command commander Admiral Mike Rogers.

Monday, September 21, 2015

The Icon A5 Is the Closest Thing to a Flying Car You Can Buy (BusinessWeek)

Icon A5
It’s a $250,000 amphibious plane that can be folded up and stored in your garage.

This past Tuesday a plane went down in New York’s Hudson River.

The cops were called. Firefighters and emergency medical technicians arrived on the scene.
But instead of a frantic group of passengers floating in a downed Airbus A320, like 2009’s Sully Sullenberger “Miracle on the Hudson” moment, officials encountered a delighted group of reporters gathered to test out the Icon A5, a small seaplane that was using the river to take off and land. Everything was going fine, but unknowing onlookers were not used to seeing planes flying so close to the river, so they'd called for help. Firefighters and cops, realizing nothing was amiss, stuck around to admire the spectacle. Indeed, the only potential damage at the event was what the Icon A5 will do to the $219 billion private aviation industry1. 

“If I already have a float plane, why would I want this?” asked one fireman, whose son is currently learning to fly the more traditional seaplanes in flight school. He was snapping a smartphone pic of the 28-foot-long, white-and-red amphibious aircraft bobbing calmly at the dock.

Icon's founder and chief executive, Kirk Hawkins, didn’t hesitate with his reply: “Just look at it!”

Aviation as Lifestyle

It’s hard to argue with the A5’s good looks. Lean and angular as a hawk, it looks like a marriage of a Piper M-class and a Jet Ski, with a little bit of sportscar thrown in. You wouldn’t blink if you saw it in the Hammacher Schlemmer catalog. It's not quite like anything that's come before it—cheaper and more oriented to recreation than most planes and more portable and manageable than many boats. In fact, it's not really aimed at current pilots—Icon's founders hope to develop an entirely new market of amateur aviation enthusiasts.

“We want to get airplanes out of airports and into the home,” said Hawkins. You can fold the wings up and store it in your garage or put it on a trailer and tow it to a lake or flat, grassy field. It can run on premium unleaded gasoline you’d find at any pump. “It's transportable, not just a transport device. This plane is designed for recreation.”

Icon Aircraft was founded in response to a 2004 regulatory change by the Federal Aviation Administration (FAA) that created the Light-Sport Aircraft category, a new designation of personal aviation pegged to a less-intense though more restrictive Sport Pilot License (SPL)—daytime flying only, in good weather only, in uncongested airspace. Just 20 hours of flight training are required, as opposed to more than double that for a typical private license; 

Hawkins says you could earn it in roughly two weeks. As fellow Palo Alto startups are want to do, he aimed to capitalize on this “disruptive moment” and create the first mainstream, pure-sport aircraft. (Eric Schmidt of Google and JetBlue’s Joel Peterson are both investors.)

“Most airplanes aren’t built for the flying experience. They’re built to move stuff or people from A to B,” said Hawkins. “This plane has elevated the flying experience first, so you have a very visceral connection with the flying environment. We want to make the barrier to entry lower for anyone whose dream is to fly.”

A rendering of the Icon A5 with its wings folded.
Fundamental Flexibility

Built of a lightweight carbon fiber with retractable landing gear and a 34.8-foot wingspan, the A5 weighs around 1,000 lbs and seats two for a maximum weight of 1,510 lbs. Its 100-horsepower Rotax 912 engine has a maximum speed of 110 mph and a range of 450 miles on 20 gallons of gas (auto or aviation). The maximum altitude for SPL is 10,000 feet. Inside, the unpressurized cockpit takes cues from sports cars, and the UV-coated canopy offers 180-degree views, unobstructed by the propeller, which sits behind the cabin. Side windows easily pop in and out. Humans 6’3” and shorter should fit comfortably.

“A high goal for us is that there is a very intuitive user interface," said Hawkins of the cockpit, noting how cars and consumers are highly evolved together. “You end up designing to the same place: simplified control panels, analog gauges, GPS screen. We’ve distilled flying down to the basics.”
The Icon A5 cockpit takes design cues from sports cars in a bid to be easy and intuitive to operate.

The “A” in A5 stands for for amphibious, though it can also land on solid ground. The "5" just seemed like a strong, confident prime number. Like most contemporary consumer products, clean and attractive design was a key strategy. Strip out the complications, make it as easy to use as possible, and above all, keep it fun. 

As a non-pilot, I certainly got the mission. Skimming the water of the Hudson in the early morning, smoothly soaring higher—windows off—I couldn’t help but feel like I was in some sort of flying car. Passing above the George Washington Bridge, with the expanse of Manhattan and New Jersey laid out ahead, was certainly breathtaking. Flying in formation with another plane, buzzing around the Statue of Liberty and World Trade Center, a one-of-a-kind thrill. Imagine taking this on a camping trip or Florida seaside home.

Though I can't afford it, I'll admit I wanted one.

Cruising 1,000 feet over the George Washington Bridge during our NYC test flight.

Safety Innovations

Given that a Sports Pilot License requires less training, and Icon's primary strategy is targeting new pilots, safety is a paramount concern.

Two key engineering innovations of the A5 mitigate the risks. One is an easy-to-read Angle of Attack (AoA) gauge, a feature common to military aircraft but virtually unknown in civilian planes. In general terms it tells you how your wings are performing, or rather how much lift they’re providing in whatever maneuver you’re currently in. Keep the needle in the green zone, you’re good; hit the yellow zone, and an audible alarm goes off to tell you to correct; hit the red, and you’ve stalled (i.e. there’s no lift on the wings). At this point the plane starts to shaThis is where the second innovation comes in: a Spin-Resistant Airframe, the first to meet the full FAA Part 23 standards for spin resistance.

A main danger of a stalled plane is that it can enter an uncontrolled spin should there be any yaw (lateral) movement—say, in a turn while on approach to land, which could result in a crash; 41 percent of pilot-related fatalities are due to stall/spin crashes. In the A5, you may stall—and Hawkins intentionally did during our flight (to my chagrin) to show me this feature—but you don’t lose control or lift, and it's fairly difficult to enter a spin. (Or as I assumed might happen as a non-pilot, drop like a bowling ball.) For newer pilots, the ease of recovery is an obvious boon.

After those measures, there’s an optional rocket-powered parachute for the whole craft.
A New Powersport

As a former F-16 pilot for the Air Force, Hawkins has the hardened demeanor and handsome intensity you’d expect from ex-military. He peppers his speech with “adventure” and “freedom” and “human experience.” To him, flying is an emotional drive. And it's that emotional aspect that he hopes to grab most with the A5—plus a slice of the $30 billion U.S. powersports industry; think speedboats, ATVs, and other gas-fed adrenaline machines. Icon estimates the nascent aviation portion of that figure is $3 billion to $6 billion and predicts more growth as the industry matures and regulatory changes spread and protest physically—clearly something is wrong.

The Icon A5 can land on a runway or a river.

“Whether it be sports cars or boats or bikes, consumers are really motivated by an adventurous lifestyle,” said Hawkins.

Base price for the A5 is $197,000, with up to $50,000 in additional options. To date, Icon has received more than 1,500 preorders, which represent more than $400 million in sales. As a new factory in Vacaville, Calif., ramps up production, you’d see delivery in three years if you placed your $5,000 deposit today.

Hawkins says he wants to inspire consumers to fly—and not just fly, but be a pilot and all things associated with that. To get there, he's taking a page from Tesla and plans open airplane showrooms, making Icon’s planes as easily accessibly as a car. With 40 percent of current sales from non-pilots, he plans to turn Icon’s own $10,000 two-week SPL training course into a fully immersive vacation, an experience in and of itself. 

“Our long-term goal is to democratize aviation. Humans will move in three dimensions on a personal level. It’s in our future.”

Friday, September 18, 2015

Satya Nadella :where Microsoft is going next

Jessi Hempel of Wired Magazine and Satya Nadella of Microsoft at Dreamforce 2015.

At the 2015 Dreamforce conference, Microsoft and Salesforce announced new integrations between their key products to increase collaboration and productivity among their customers.

The Salesforce announcement focused on four new integrations:

A Skype for Business integration with the Salesforce Lightning Experience. Office 365 customers will be able to make voice and video calls, chat, and create web meetings within Salesforce.

OneNote Integration with the Salesforce Lightning Experience. From Salesforce, users will be able to edit notes and connect notes to Salesforce records.

Salesforce Integration with Office Graph and Office Delve. Users will be able to see sales content and customer content within Office Delve.

Salesforce1 Mobile App for Windows 10.

All four of the new integrations will likely be available in preview in the latter half of 2016. Additionally, two integrations that were announced last year, the Salesforce App for Outlook and the Salesforce1 Mobile App for Microsoft Office, will now be generally available.

To discuss the announcements and the roadmap of the company, Microsoft CEO Satya Nadella sat down with Jessi Hempel of Wired Magazine in a keynote session at Dreamforce.

Microsoft has been broadening its partnerships, even appearing as part of the Apple event last week, and the Salesforce integrations are just one further step in that push. There's been a definite shift in culture since Nadella took the position, and the new partnerships seem to play into the company's mission of "empowering people and empowering organizations."

As the company moves forward, Nadella identified three big ambitions for Microsoft:

Building out an intelligent cloud
Make computing more personal and natural

The productivity focus, Nadella said, is a look at how software and services can come together to give users their time back, so they can enjoy both their work and their lives. However, in terms of the new integrations, it all comes down to the identity of the company.

"We are a platform company," Nadella said.

Platform companies do one thing really well, Nadella said, which is they "harmonize the multiplicity of interests." It's the reason why they are partnering broadly and connecting with Salesforce. It's also a part of Microsoft's history, he said, noted the company's past connections with SAP and Oracle.

Much like in Salesforce CEO Marc Benioff's keynote, Nadella spoke about how the product must be able to work on every platform. However, he did note an emphasis on mobile in the future.

His first demo during the presentation was with, ironically, an iPhone running Windows apps. Nadella showed some of the machine learning features in Outlook that can be used to "triage" your email and show you what is most pressing. He also showed how information could be exported to Salesforce because of the integration with the Salesforce app.

On a Windows phone, he then showed how the Salesforce integrates with groups before he demoed Outlook 2016, which they'll launch next week.

Going back to the productivity focus, Delve, an information discovery and knowledge tool to track your time, also made an appearance. With the new Salesforce Lightning integration, users will have some Salesforce content counted among their productivity goals and benchmarks.

Changing direction, Hempel asked Nadella what his thoughts were on big data. Nadella called data the currency of your company, and said that in a world of big data, recognizing small patterns becomes the most important thing for businesses.

To harness the power of big data, you must analyze it and make it actionable. Nadella logged in to his Surface Pro 3 with facial recognition, a feature called Windows Hello, and was able to give a quick walkthrough of the Power BI tool and how it can be used to visualize data even with natural language queries.

The next demo that Nadella attempted was a Cortana analytics integration with a startup called Alpine Metrics. He asked Cortana to "Show me my most at-risk opportunities," but it returned results for the "most milk opportunities." After two more failed attempts he gave up, but an assistant was able to give him the results.

The point of the demo was to show that users can query Sales Cloud using their voice with this Cortana Analytics integration.

The final product that was discussed was the AR project Hololens. Nadella said he uses it everyday, but didn't give many details on the state of the product.

When Hempel asked "How close are we really?" Nadella said that a developer kit will be available next year "for sure," but it will ultimately be a five year product journey.

Tuesday, September 15, 2015

The new art of war: How trolls, hackers and spies are rewriting the rules of conflict

Wandering the pretty, medieval streets of Tallinn's old town, it is hard to believe that the tiny country of Estonia has anything at all to do with cyberwarfare. But first as victim of an attack and now as home to some of the leading thinkers on how the digital battlefield will develop, the country has played a key role in its emergence and evolution.

Estonia is a country of around 1.3 million people, facing the Baltic Sea and the Gulf of Finland, it borders Latvia to the south and Russia to the east. After decades as part of the Soviet Union, it regained independence in 1991.

Even today reminders of the Soviet times still abound in the capital Tallinn. There's a museum in one of the big downtown hotels showing how the KGB would bug the rooms of foreign guests.

But Estonia does not intend to be defined by its past, but is instead intent on creating the most advanced digital state on the planet. Since independence, Estonia has invested heavily in digital services. It leads the way with internet voting—in the 2011 election nearly a quarter of voters cast their ballots that way—and electronic tax filing, all underpinned by a nationwide digital signature infrastructure.

Today, you can even become an Estonian e-resident regardless of where you live in the world so you can use that same infrastructure to electronically sign contracts or set up your own company in the country.

But being so reliant on the internet carries a risk, as the country found out in 2007.

Plans by Estonian authorities to move a Soviet war memorial sparked a wave of website defacements and denial of service attacks in the country over a three week period, throwing Estonia's government services, newspapers, and businesses offline. The attacks temporarily disabled the websites of banks, ministries and political parties. Many pointed the finger at Russian hackers (Russia denied any involvement in the incident) but the events demonstrated how a purely digital attack on a state could have real-world consequences.

The Tallinn Manual

While the impact of the attacks can be overstated—"inconvenient, not cyberwar" is how one local described it—it accelerated plans, already in place, to set up a NATO cyber defence think-tank in the country.

The Cooperative Cyber Defence Centre of Excellence (CDCOE) was established the year after the attacks took place as an institution created to figure out how to improve the digital defences of NATO members and what cyberwarfare would actually look like.

As well as the cyber defence exercises it conducts annually, probably the centre's most important work so far appeared in 2013: the Tallinn Manual on the International Law Applicable to Cyber Warfare, known simply as the Tallinn Manual.

While there is no international law that directly refers to the ultra-modern concept of cyber warfare, there are plenty that applies. So CDCOE assembled a panel of international legal experts to go through this existing law and show how it applies to cyber warfare.This formed the basis of the Tallinn Manual and the 95 so-called 'black letter rules' it contains (so named because that's how they appear in the text).

Through these rules the manual attempts to define some of the basics of cyber warfare. At the most fundamental level, the rules states that an online attack on a state can, in certain circumstances, be the equivalent of an armed attack. It also lays out that such an attack is against international law, and that a state attacked in such a way has the right to hit back.

"Our view is that cyber is another operational domain, much as the seas are, much as the land is, much as space is."

                                                                    Admiral Mike Rogers

Other rules the manual spells out: don't target civilians or launch indiscriminate attacks that could cripple civilian infrastructure. While many of these sorts of rules are well understood when it comes to standard warfare, setting it out in the context of digital warfare was groundbreaking.

While the manual argues that a cyber attack can be considered to be the equivalent of an armed attack if it causes physical harm to people or property, other attacks can also be considered a use of force depending on their severity or impact. For example, breaking into a military system would be more likely to be seen as serious, as opposed to hacking into a small business. In contrast, cyber attacks that generate "mere inconvenience or irritation" would never be considered to be a use of force.


The manual also delves into some of the trickier questions of cyber war: would Country A be justified in launching a pre-emptive military strike against a Country B if it knew Country B planned to blow up Country A's main oil pipeline by hacking the microcontrollers managing its pipeline pressure? (Answer: probably yes.)

The manual even considers the legality of some scenarios verging on the science-fictional.

If an army hacked into and took control of enemy drones, would those drones have to be grounded and marked with the capturers insignia before being allowed to carry out reconnaissance flights? (Answer: maybe.)

But what's striking is that the Tallinn Manual sets the rules for a war that hasn't been fought yet.

No Digital Pearl Harbour

Although nearly every state around the globe has been developing a cyber warfare strategy, and some have been building up skills and perhaps even stockpiles of digital weapons, there haven't been any digital attacks that have crossed the thresholds of armed attack as defined by the Tallinn Manual. No massed bot armies, no hackers blowing up power stations from their bedrooms.

Perhaps the closest was the use of the Stuxnet worm (most likely by the US) as part of a bid to derail the Iranian nuclear programme. By contrast, the attacks on Estonia itself would, for all the excitement around them, be towards the inconvenience and irritation end of the spectrum.

The Tallinn Manual doesn't say much about the reality of the cut-and-thrust of the modern internet, where state-sponsored hackers, spies, and more are constantly probing the systems of other nations. This is a shadowy world where it is often unclear who the attackers are and what their intentions are (and just what the motivations of their backers is, too). It's a world filled with misleading evidence, ambiguity and deniability.

Throughout history, states have used third parties and proxies to get their dirty work done. The difference is that by hacking into systems in countries across the world, these groups can have an impact far from their home territories.

Colonel Artuz Suzik
Colonel Artuz Suzik speaking at the CCDCOE conference

On the subject of such attacks—which can be extremely serious but never quite reach the level of an actual attack by force—the manual has little to say. However, these kinds of attacks are the ones that take place every single day. Cyberwar has become the continuation of politics by digital means.

"The scope of cyber attacks is very, very wide, so that's why with the first Tallinn Manual we took the most severe case of armed attack and the use of force," explains Colonel Artur Suzik, the director of CCDCOE until August 2015. "But the majority of cyber incidents nation states face occur outside of the conflict law, so there was a clear need to expand the legal analysis to this area."

That doesn't mean the manual is a failure, or irrelevant. Indeed, it may even be that by making clear that digital attacks are covered by an array of existing international law, the Tallinn Manual has forced countries to rethink their approaches to cyber warfare. That is, because the manual does a good job of defining just what kinds of attack might lead to a missile being lobbed in your direction, states launching hacking attacks have been careful to keep their operations (just) below that threshold, say experts.

An expanded Tallinn Manual 2.0 is due to be published next year looking at how international law addresses malicious cyber operations by state (and non-state) actors during peacetime.

The new manual will try to create the same 'black letter rules' around much trickier concepts, such as when countries are responsible for hostile cyber operations launched against other states from their territory, and when such operations violate the sovereignty of the state.

It will take the analysis into the much complicated and murky environment of the day-to-day cyber attacks that don't ever reach the level of physical attacks, but are no less dangerous for it.

Few, for example, could have imagined a couple of years ago that a hacking attack against a film studio could lead to an international incident, or that the theft of HR records from the obscure Office of Personnel Management could create such consternation.

Politicians and diplomats are still struggling to work out how to deal with the near-constant stream of other data leaks from all sorts of government agencies that are blamed on state-sponsored hackers. And there is little in the way of consensus on how to deal with it or often even how to label it. When does hacking become espionage and when does that evolve into something that could escalate into the use of armed force?

And while many industry watchers saw the attacks on Estonia and built out of that lurid 'Digital Pearl Harbour' style scenarios where a country could be toppled by a digital attack launched by a dedicated few, this has not taken place. The reality has turned out to be less far less dramatic, but much more complicated to tackle.

"NATO doesn't have any interest [in militarising] cyberspace."
Sorin Ducaru

That's not to say that the apocalyptic scenario of state-backed hackers causing mayhem by breaking into industrial control systems (the technology that runs power stations or chemical plants) is utterly impossible - just extremely unlikely, and extremely hard and extremely expensive. Cyberwar, as it was envisaged, has not taken place.

But it's entirely possible that by watching and waiting for a explosive Hollywood-style catastrophe that we've missed the much more insidious and protracted cyberwar that has been going on for years already.

Hybrid information war

Earlier this year, the cyber think-tank held a conference to bring together some of the biggest thinkers on cyber warfare in Tallinn to discuss the most recent developments in cyber war theory ahead of the publication of the new Tallinn Manual at an event called CyCon.

For what was effectively a technology conference, there were a lot of people in uniform. In attendance was not only the head of the NSA, Admiral Mike Rogers, but also the Assistant Secretary General of NATO, Sorin Ducaru, reflecting the level of concern around cyber defence among the allies.

Despite the subject matter, it wasn't all serious. Speakers, including surveillance chief Admiral Rogers, were presented on-stage with a thank you present of a mug with an ear for a handle.)

Both men reflected a cautious, slowly-developing approach when it comes to the use of the internet by the military. NATO itself, for example, only recently decided that a major digital attack on a member state could be covered by Article 5 of its collective defence clause (one of the most fundamental tenets of NATO, that an armed attack on one member should be considered an armed attack on them all). And, Ducaru insisted, "NATO doesn't have any interest [in militarising] cyberspace or to have an ungoverned space."

Rogers emphasised that the use of the internet by the US military is still evolving, with defence the priority. "Our view is that cyber is another operational domain, much as the seas are, much as the land is, much as space is, and increasingly, it is an environment in which we will conduct a series of very traditional military evolutions from the defensive things to the application of capabilities to generate specific kinds of effects," he said. "We think cyber will evolve over time, much as we've seen the other domains, in the more traditional arenas."

To put it another way: cyberwarfare models are maturing in the same way that other technologies mature. To take a more prosaic example, the evolution of cyberwarfare is a lot like the cycle e-commerce went through. There was a lot of initial excitement and investment from retailers in building seperate e-commerce operations or businesse, but gradually these became not just a standard part of their operation but for many retailers the core of their business, just as cyberwarfare planning and strategy is gradually becoming a part of mainstream military planning.

NSA chief Admiral Mike Rogers speaking at CyCon

However that doesn't mean that all countries are taking the same approach to strategy or that they even agree on what should be included in the term cyberwarfare. Some countries have a very narrow model of what cyberwarfare should look like - that is should focus on hacking and damaging systems. Others see it as just one part of a much wider information warfare spectrum which stretches from hacking to disinformation and propoganda. Indeed,much of the criticism of the Tallinn Manual has been around how it represents a NATO—and specifically Western—outlook on what cyberwarfare should look like.

Across the street from the hotel where the conference took place stands a building topped with a Soviet star, a reminder of Estonia's past and, unsurprisingly given the location and the ongoing conflict in Ukraine, understanding the cyberwarfare strategy of Estonia's big neighbour was a recurring theme.

And while NATO is thinking of cyberwarfare in terms of defending (and attacking) networks, others—particularly Russia, according to speakers at the conference—have developed a wider perspective that folds classic hacker tools into the broader concept of information warfare, which can stretch all the way from propaganda and disinformation through to the more expected denial of service attacks and more.

Speaking at a conference session, Keir Giles of the Conflict Studies Research Centre crystalised it thus: "There is now a developing realization that pure cybersecurity and cyberdefence is not sufficient to counter an enemy thinking in much broader terms."

Richard Bejtlich of the US Brookings Institution think-tank said that when it comes to cyberwar and cyberdefence, the NATO emphasis is still on software. "The Chinese and Russia have a broader concept," he said.

For example there was limited use of cyberwarfare—like hacking and denial of service—during the hostilities in Ukraine, even though many analysts were expecting more. Was it that cyberwar didn't happen, or that it simply didn't look quite how western observers were expecting it to?

"There are number of reasons why it doesn't look the way people were expecting when the Ukraine conflict first started. Cyber-armageddon was promised but hasn't happened," Bejtlich said. "All of the cyberactivity is purely a facilitator for broader information warfare ends."

All of this means that cyberwarfare isn't just—or perhaps even primarily—about breaking stuff anymore.

Indeed, protecting your networks will not protect you from cyberwar but may even leave you more open to it because those networks are exactly how your opponent will want to deliver its messages, its themes, its memes to their targets.

As Professor Francois Gere of the French Institute of Strategic Analysis pointed out: "That's some kind of paradox: if you want to dispatch propaganda and disinformation you cannot totally disrupt the communications devices of your adversary, so the internet must remain relatively safe and accessible."

Instead of a being characterised by the delivery of an elegantly crafted digital weapon like Stuxnet, it seems that for some countries, cyberwarfare is becoming just one part of a continuum with includes the much wider concept of hybrid information war. That includes subtle disinformation and overt propaganda along with more traditional options like denial of service or website defacement.

As such, rather than just worrying about denial of service we should start to worry more about denial of reality. The rise of ' troll armies' is well documented: bloggers paid to promote a pro-government agenda, making it harder for critics to be heard. This is well documented in Russia and China but also seems to be spreading further around the globe.

This much broader definition of 'information warfare' is much harder to tackle, especially as none of it would rise to the level of the use of force as defined by the Tallinn Manual. It's hard to stop a denial of service attack against a bank; it's much harder still to deal with a flood of rumours spread across social networks that the bank is running out of money.

"There is now a developing realization that pure cybersecurity and cyberdefence is not sufficient to counter an enemy thinking in much broader terms."
Keir Giles

In some respects this is harnessing the nature of the internet, a space where free speech, doubt, and scepticism can run wild. Fighting an army of online trolls sharing half-truths or outright lies in order to confuse the public and make it harder for politicians to make decisions is hard, and certainly not one that any existing army can deal with.

Few democratic nations will want to limit the free flow of information to the public but also aren't set up to—or are capable of—rebutting every crazy rumour which makes it a hard technique to combat. But if a nation can orchestrate a campaign of rumour and disinformation against another that changes public opinion in that country to the point that it alters the decisions made by its political leaders, then an army of trolls could be vastly more useful, and harder to fight, than a squadron of tanks.

Few democratic countries would want to wage war in such a way, but tackling it without undermining, for example, the freedom of speech which the public are used to is a challenge which they are currently ill-equipped to deal with. However, some are taking gradual steps in this direction. For example, the UK government recently started a Twitter account aimed at countering online propaganda from ISIL.

The next version of the the Tallinn Manual is due in 2016, and will make it clearer just how international law applies to cyber attacks which don't reach the level of physical attacks. It may be that providing a legal framework for this extremely murky environment will actually reduce some of the attacks we're currently seeing. But what is clear is that, overtly or covertly, the internet is now another battlefield, even if it often hard to discern it as such.

Or, as Margarita Jaitner of the Swedish Defence Academy told the conference: perhaps we have run an "information operation" on ourselves, tricking ourselves into thinking we would see some "breaking things armageddon" but completely missed the part about "what does it do to society, what does it do to our impression of what is going on, and how does it fog our picture of the events, and how does it stop us from acting or reacting?"

Perhaps the greatest success of cyberwarfare so far is to convince the world that it hasn't really started yet.