Let's Know Things

This week we talk about ENSO, El Niño, and attribution science.We also discuss climate change, natural disasters, and the trade winds.Recommended Book: Titanium Noir by Nick HarkawayTranscriptThe field of attribution science, sometimes referred to as "extreme event attribution," focuses on figuring out whether and to what degree a particular weather event—especially rare weather disasters—are attributable to climate change.Severe floods and tornadoes and hurricanes all happen from time to time, which is why such events are sometimes referred to as once in a decade or once in a century disasters: the right natural variables align in the right way, and you have a disaster that is rare to the point that it's only likely to happen once every 10 or 100 years, but such rare events still happen, and sometimes more frequently than those numbers would imply; they're not impossible. And they're not necessarily the result of climate change.Folks working in this space, which is a blend of meteorology and the rapidly evolving field of climate science, do their best to figure out what causes what, and how those odds might have been impacted by the shifts we're seeing in global average temperatures in particular, and the knock-on effects of that warming, like shifts in the global water cycle; both of which influence all sorts of other planetary variables.The most common means of achieving this end is to run simulations based on historical climate data and extrapolating those trend-lines forward, allowing for natural variation, but otherwise sticking with the range of normal fluctuations that would have been expected, had we not started to churn so much CO2 and other greenhouse gases into the atmosphere beginning with the industrial revolution.So if we hadn't done the Industrial Revolution the way we did it, what would our global climate and weather systems look like? They have a bunch of models with different assumptions baked into them that they have running, and they can simulate conditions, today, based on those models, and compare them with the reality of how things actually are in the real world, a world in which we did start to burn fossil fuels at a frantic rate, with all the pros and cons of that decision aggregating into our current climactic circumstances.This comparison, between a baseline, non-climate-change-impacted Earth, and what we see happening on real Earth, allows us to gauge the different in likelihoods for various weather systems and increasingly even specific weather events, like massive floods or hurricanes.It also allows us to ascertain what elements of a disaster or system are more or less likely, or the same, compared to that baseline Earth; so maybe we look at a regional heat wave and discover that it was a rare event made more likely by climate change, but that the intensity of the heat wasn't impacted—as was the case with a heat wave in Russia in 2010; climate change made the heat wave more likely, but had such a heat wave occurred, despite its low likelihood, in that non-industrial revolution scenario, the heat would have been roughly the same intensity as it was in real life.Both components of this system, attributing events and patterns to climate change, and confirming that they were not impacted, that they were just run of the mill bad luck, the consequence of natural systems, are arguably important, as while the former provides data for folks wanting to predict future climate change-related outcomes, and provides some degree of ammunition for the argument that climate change is making these sorts of things worse, which helps put a price tag on not moving faster to shift away from fossil fuels, it's also vital that we understand how climate and weather systems work, in general, and that we are able to set proper expectations as to what will change and how, as the atmosphere's composition continues to change, while also understanding what will remain the same, what various regions around the world need to be prepared for in a vacuum, leaving climate change out of it, and how our global weather systems work on a granular level, so that as outside influences like climate change, but not limited to climate change, act upon them, we can make better predictions about how that will adjust or overhaul the practical reality for people and ecosystems impacted by them.What I'd like to talk about today is a natural weather phenomenon that is expected to return soon, and how this phenomenon might change our latent, global weather patterns, for the better, for the worse, and for the neutral, and in turn how it might be changed by the climactic adjustments we're tracking using these simulations.—The El Niño-Southern Oscillation, or ENSO phenomenon, is the monicker we've given to a collection of sea surface temperature and wind variations in the Pacific Ocean that, largely unpredictably, tweak the patterns of these systems from time to time, influenced by and influencing a large number of other, micro- and macro-scale systems around the world.Most directly, ENSO dictates how warm it will be across the tropics and subtropics, El Niño bringing warm waters to the surface of the relevant oceans and the Southern Oscillation referring to air pressure variations spanning the ocean between Tahiti and Darwin, Australia, low pressure tending to occur over warm bodies of water, and higher pressure over colder bodies of water.When the water in this part of the Pacific, the central and east-central equatorial pacific, is warmer, on the surface, that reduces atmospheric pressure thereabouts, which in turn reduces the strength of the Pacific trade winds. That reduction, among other things, decreases rainfall over parts of Australia, India, and Indonesia, while upping the same, while also stoking additional cyclone risk, in the tropical Pacific Ocean.Fundamental to understanding why this is a big deal is understanding that this tweak in water and atmospheric conditions causes low level surface trade winds, which usually blow from east to west, to either stop blowing or barely blow, or in some cases to reverse direction.If you think about how weather patterns form, determining everything from who gets rain and how much, to what temperatures are like in a given area—because those winds pull warm or cold air along with them as they pass over warmer or cooler parts of the planet, like mountains and glaciers, but also deserts and tropical rain forests—it becomes clear why this change-up is such a big deal.There's a neutral phase of this phenomenon that typically occur between warmer and colder phases, and during that neutral phase, we usually see other, similar systems that are interconnected and predicated on still other geographic and atmospheric variables, like the Pacific-North American teleconnection pattern, and the North Atlantic Oscillation, having more of an impact on global weather and water cycle patterns.When this system is in a warmer El Niño state, though, that tends to cause a lot of heat waves throughout tropical regions in particular, while also spiking global surface temperatures for around a year, with all the secondary consequences of suddenly jolting the global thermostat higher: melting glaciers and ice caps, increasing the range of disease-carrying pests, messing with planting seasons; things like that.The opposite side of this coin, La Niña, can also be quite disruptive though, its influence defined by cooler waters rising to the surface in that part of the Pacific, warmer waters headed westward where they have less influence on this component of the world's thermostat and weather machine, and that drop in water temperature in this part of the ocean tends to reset many of the dials that are turned up by El Niño, moderating some of the weather patterns that are amplified by those warmer waters and returning the trade winds to their normal settings, while also reducing global temperatures to what we might think of as their default.But the next La Niña phenomenon—which experts in this space say will likely arrive sometime in the next few months, June or July of 2024, marking a quick transition away from the record-setting El Niño system we've been living through since July of 2023, which has been designated the fourth most extreme in recorded history—this anticipated new La Niña setup will follow a truly intense opposite pattern, which means if it's not strong enough, it may not counteract all of the warming brought about by its precursor El Niño system, which means the next El Niño system could compound upon this outgoing one, in terms of its globe-heating effects.There are also concerns that, because of that strong El Niño, and it arriving at a period of human-caused warming—two forces raising the temperature on the thermostat simultaneously, basically—there's a chance that the moderating force of this La Niña might run up against an insurmountable variable adjustment, even if it is otherwise powerful enough; meaning, this ENSO phenomenon could contribute to a long term, even permanent increase in global temperatures because its warming effects are mirroring another, external warming effect caused by us and our greenhouse gas emissions.We don't know exactly what that would mean in practice and long-term, but it could lead to more. and more extreme versions of what we've seen this past year: namely a surge in weather disasters like extreme droughts and floods and wildfires that never really end; just bigger and bigger surges, combined with higher and higher temperatures.And again, that's possible even if the La Niña pattern that's set to arrive is of a normal, non-weak strength, because of how potent this outgoing El Niño has been, and because its effects may be compounded by climate change.If the new La Niña does prove potent enough to counteract this outgoing El Niño, that may help with short-term temperature changes, but we're then likely to see a substantially more severe hurricane season; which is normally what happens during these periods of change, La Niña conditions making hurricanes more likely, but it could be even more severe than usual because of lingering oceanic heat from the El Niño, which popped temperatures in the Atlantic to 2 degrees Fahrenheit higher than the average temperature from the past three decades—and oceanic heat is what powers hurricanes, informing how big and destructive they can become.Last year's Atlantic Ocean hurricane season was already above-average in terms of the number of hurricanes and their strength because of that heat, but the amalgamation of variable-tweaks inherent in a La Niña transition make hurricanes more likely, whatever the ocean's temperature, so the combination of, likely, more hurricanes, plus far warmer than usual oceanic temperatures, means more, but also potentially a lot more powerful, hurricanes this season.We've been watching these systems and transitions for a while now, and our science related to them—including our ability to predict what they're going to do, and how much—has gotten pretty good over the last few decades.But all of these systems and all of their variables are interconnected, each and every piece touching each and every other piece of the planet's cycles and ecosystems and compositions; so there's a lot we're not tracking, a lot we're not tracking with the resolution we'd need for it to be valuable in this regard, and a lot of entanglements and relationships we're not even aware of, yet.In particular, the impact that climate change is having on these systems, directly and indirectly, is a big question mark in all these computations.Yes, we understand all of this better than a few decades ago, and yes, our simulations and models have gotten pretty solid, and are getting better by the day as we develop better formulae and software, and deploy more fancy satellites and other tracking tools that allow us to keep tabs on the relevant variables in an up-to-the-second manner.But because of how complex all of this is, it's a truly chaotic jumble of systems, and because of how we're scrambling to play catch-up, the world changing around us faster than we're learning about those changes—these sorts of systems are evolving even as we come to understand how they work; so our most up to date information is always a little bit out of date, leaving us prone to new unknowns and larger shifts than we'd anticipated based on our existing data.Human-amplified climate change, then, is fiddling with all the knobs and switches, changing how these phenomena work right before our eyes, and each new system and cycle is part known, part complete surprise because of how even tiny changes can make huge differences when compounded by these spirals and cascades of cause and large-scale, multifaceted effect.In other words, we have a good sense of what we need to be worried about and watching for during this probable upcoming transition, and we maybe have some things to look forward to, alongside a few other things to worry about and prepare for.We'll also be watching to see how much global temperatures come down, as that will tell us to what degree this outgoing El Niño has been tweaking those temperatures, and to what degree climate change is to blame for the disconcerting numbers we've been seeing in this regard.But we'll also be watching to see how everything is being amplified and compounded by all of these interconnected effects, as it may be, still allowing for ups and downs and other variations year to year, that these patterns, and others like them, will lead to wider, broader, more dramatic swings for the foreseeable future because of all those changes, natural and human-caused.Show Noteshttps://www.reuters.com/business/environment/el-nino-end-by-june-la-nina-seen-second-half-2024-says-us-forecaster-2024-05-09/https://www.axios.com/2024/05/09/el-nino-la-nina-hurricane-seasonhttps://www.vox.com/climate/24145756/la-nina-2024-el-nino-heat-hurricane-record-temperature-pacifichttps://oceanservice.noaa.gov/facts/ninonina.htmlhttps://theconversation.com/la-nina-is-coming-raising-the-chances-of-a-dangerous-atlantic-hurricane-season-an-atmospheric-scientist-explains-this-climate-phenomenon-228595https://en.wikipedia.org/wiki/El_Ni%C3%B1o%E2%80%93Southern_Oscillationhttps://en.wikipedia.org/wiki/2020%E2%80%932023_La_Ni%C3%B1a_eventhttps://en.wikipedia.org/wiki/Extreme_event_attributionhttps://www.usgs.gov/faqs/how-can-climate-change-affect-natural-disastershttps://archive.ipcc.ch/publications_and_data/ar4/wg1/en/ch9s9-1-2.htmlhttps://crsreports.congress.gov/product/pdf/R/R47583https://www.scientificamerican.com/article/scientists-can-now-blame-individual-natural-disasters-on-climate-change/https://www.vox.com/climate/2024/2/28/24085691/atlantic-ocean-warming-climate-change-hurricanes-coral-reefs-bleachinghttps://en.wikipedia.org/wiki/El_Ni%C3%B1o%E2%80%93Southern_Oscillationhttps://en.wikipedia.org/wiki/2020%E2%80%932023_La_Ni%C3%B1a_eventhttps://theconversation.com/is-climate-change-to-blame-for-extreme-weather-events-attribution-science-says-yes-for-some-heres-how-it-works-164941 This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This week we talk about APT28, spoofing, and hybrid warfare.We also discuss the Baltics, Tartu airport, and hacking.Recommended Book: The Middle Passage by James HollisTranscriptIn early May of 2024, the German government formally blamed a Russian hacking group called APT28 for hacking members of the governing German Social Democratic Party in 2023, and warned of unnamed consequences.Those consequences may apply just to APT28, which is also sometimes called "Fancy Bear," or they may apply to the Russian government, as like many Russia-based hacking groups, APT28 often operates hand-in-glove with the Russian military intelligence service, which allows the Russian government to deny involvement in all sorts of attacks on all sorts of targets, while covertly funding and directing the actions of these groups.APT28 reportedly also launched attacks against German defense, aerospace, and information technology companies, alongside other business entities and agencies involved, even tangentially, with Ukraine and its defense measures against Russia's invasion.This hacking effort allegedly began in early 2022, shortly after Russia began its full-scale invasion of Ukraine, and the head of the Russian embassy in Germany has been summoned to account for these accusations—though based on prior attacks and allegations related to them by Russia's intelligence agencies, and the hacking groups it uses as proxies, that summoning is unlikely to result in anything beyond a demonstration of anger on the part of the German government, formally registered with Russia's representative in Berlin.For its part, Russia's government has said that it was in no way involved in any incidents of the kind the German government describes, though Germany's government seems pretty confident in their assessment on this, at this point, having waited a fair while to make this accusation, and utilizing its partnerships with the US, UK, Canada, and New Zealand to confirm attribution.This accusation has been leveled amidst of wave of similar attacks, also allegedly by Russia and its proxies, against other targets in the EU and NATO—including but not limited to the Czech Republic, Lithuania, Poland, Slovakia, and Sweden.Many of these attacks have apparently made use of an at-the-time unknown security flaw in Microsoft software that gave them access to compromised email accounts for long periods of time, allowing them to, among other things, scoop up intelligence reports from folks in the know in these countries, sifting their messages for data that would help Russia's forces in Ukraine.This group, and other Russia GRU, their intelligence service, proxies, have reportedly targeted government and critical infrastructure targets in at least 10 NATO countries since the fourth quarter of 2023, alone, according to analysis by Palo Alto Networks, and experts in this space have said they're concerned these sorts of attacks, while often oriented toward intelligence-gleaning and at times embarrassing their targets, may also be part of a larger effort to weaken and even hobble intelligence, military, and critical infrastructure networks in regional nations, which could, over time, reduce stability in these countries, increase extremism, and possibly prevent them from defending themselves and their neighbors in the event of a more formal attack by Russian forces.What I'd like to talk about today is another sort of attack, allegedly also launched by Russia against their neighbors in this part of the world, but this one a little less well-reported-upon, at this point, despite it potentially being even more broadly impactful.—The Global Positioning System, or GPS, was originally developed in 1973 by the US Department of Defense. Its first satellite was launched in 1978, and its initial, complete constellation of 24 satellites were in orbit and functional in 1993.This satellite network's full functionality was only available to the US military until 2000, when then-President Bill Clinton announced that it would be opened up for civilian use, as well.This allowed aviation and similar industries to start using it on the vehicles and other assets, and normal, everyday people were thenceforth able to buy devices that tapped this network to help them figure out where they were in the world, and get to and from wherever they wanted to go.A high-level explanation of how GPS works is that all of these satellites contain atomic clocks that are incredibly stable and which remain synchronized with each other, all showing the exact same, very precise time. These satellites broadcast signals that indicate what time their clocks currently read.GPS devices, as long as they can connect to the signals broadcast by a few of these satellites, can figure out where they're located by noting the tiny differences in the time between these broadcasts: signals from satellites that are further away will take longer to arrive, and that time difference will be noted by a given device, which then allows it to triangulate a geolocation based on the distance between the device and those several satellites.This is a simple concept that has created in a world in which most personal electronic devices now contain the right hardware and software to tap these satellite signals, compute these distances, and casually place us—via our smartphones, cars, computers, watches, etc—on the world map, in a highly accurate fashion.This type of technology has proven to be so useful that even before it was made available for civilian use, catalyzing the world that we live in today, other governments were already investing in their own satellite networks, most predicated on the same general concept; they wanted to own their own constellation of satellites and technologies, though, just in case, because the GPS network could theoretically be locked down by the US government at some point, and because they wanted to make sure they had their own militarizable version of the tech, should they need it.There are also flaws in the US GPS system that make it less ideal for some use-cases and in some parts of the world, so some GPS copycats fill in the blanks on some of those flaws, while others operate better at some latitudes than vanilla GPS does.All of which brings us to recent troubles that the global aviation industry has had in some parts of the world, related to their flight tracking systems.Most modern aircraft use some kind of global navigation satellite system, which includes GPS, but also Europe's Galileo, Russia's GLONASS, and China's BeiDou, among other competitors.These signals can sometimes be interrupted or made fuzzy by natural phenomena, like solar flares and the weather, and all of these systems have their own peculiarities and flaws, and sometimes the hardware systems they use to lock onto these signals, or the software they use to compute a location based on them, will go haywire for normal, tech-misbehaving reasons.Beginning in the 1990s, though, we began to see electronic countermeasures oriented toward messing with these global navigation satellite system technologies.These technologies, often called satellite navigation deceivers, are used by pretty much every government on the planet, alongside a slew of nongovernment actors that engage in military or terrorist activities, and they operate using a variety of jamming methods, but most common is basically throwing out a bunch of signals that look like GPS or other navigation system signals, and this has the practical effect of rendering these gadgets unusable, because they don't know which signal is legit and which is garbage; a bit like blasting loud noises to keep people from talking to each other, messing with their communication capacity.It's also possible to engage in what's called GPS Spoofing, which means instead of throwing out gobs of garbage signals, you actually send just a few signals that are intended to look legit and to be accepted by, for instance, a plane's GPS device, which then makes the aircraft's navigation systems think the plane is somewhere other than it is—maybe just a little off, maybe on the other side of the planet.Notably, neither of these sorts of attacks are actually that hard to pull off anymore, and it's possible to build a GPS-jamming device at home, if you really want to, though spoofing is a fair bit more difficult. Also worth knowing is that while making your own jammer is absolutely frowned upon by most governments, and it's actually illegal in the US and UK, across most of the world it's kind of a Wild West in this regard, and you can generally get away with making one if you want to, though there's a chance you'd still be arrested if you caused any real trouble with it.And it is possible to cause trouble with these things: most pilots and crew are aware of how these devices work and can watch for their effects, using backup tools to keep tabs on their locations when they need to; but using those backup tools requires a lot more effort and attention, and there's a chance that if they're hit by these issues at a bad moment, when they're distracted by other things, or when they're coming in for a landing or attempting to navigate safely around another aircraft, that could present a dangerous situation.That's why, until May 31, at the minimum, Finnair will no longer be flying to Tartu airport—which is a very small airport in Estonia, but it's home to the Baltic Defense College, which is one of NATO's educational hubs, and losing a daily flight to Tartu (the only daily flight at this particular airport) from Helsinki, will disconnect this area, via plane, at least, from the rest of Europe, which is inconvenient and embarrassing.This daily flight was cancelled because of ongoing disruptions to the airport's GPS system, which was previously an on-and-off sort of thing, but which, since 2022, when Russia launched its full-scale invasion of Ukraine, has become a lot worse. And Tartu relies exclusively on GPS for planes landing at the airport, and thus doesn't have another fallback system, if GPS fails at a vital, dangerous moment.This is a running theme throughout the Baltic region, an area populated by now-democratic NATO members that were formerly part of the Soviet Union, and which are considered to be at risk of a Russian invasion or other sort of attack if the invasion of Ukraine goes Russia's way.Almost all aircraft flying through this area have experienced GPS-jamming issues since 2022, and though that Finnair flight is the only one to have been cancelled as a result of all this jamming, so far, there are concerns that this could really scramble travel and shipping in the region, as it's making all flying in the area that much more risky on a continuous basis.Finland's government is framing this jamming as part of a hybrid warfare effort on Russia's part—alongside other hybrid efforts, like bussing migrants to Finland's borders in order to strain national coffers and nudge politics toward reactionary extremes.Some other nations are thinking along the same lines, though there's a chance that, rather than this jamming representing an intentional assault on these neighboring nations, it may actually be something closer to overflow from other, nearby jamming activities: Russia jamming GPS signals in Ukraine, for instance, or the governance of the Kaliningrad region, which is a Russian enclave separated from the rest of Russia and surrounded by Poland and Lithuania, engaging in their own, localized jamming, and those signals are then picked up across national borders, because that's how these signals work—just like sound can travel further than you might intend.It's possible we're seeing a bit of both here, overflow from that huge regional conflict, but also intentional jabs meant to make life more difficult for NATO nations, stressing their systems and costing them money and other resources, while also maybe testing the region's capacity to cope with such GPS disruptions and blackouts in the event of a potential future conflict.Another point worth making here, though, is that we see a lot of this sort of behavior in conflict zones, globally.FlightRadar24 recently introduced a live GPS jamming map to keep track of this sort of thing, and as of the day I'm recording this, alongside these consistent irregularities in the Baltic region, Ukraine, and parts of Eastern Europe, there's jamming occurring in the Middle East, near Israel, throughout Turkey, which has ongoing conflicts with insurgents in the afflicted areas, a portion of Moldova that is attempting to break away with the support of Russia, similar to what happened in Ukraine back in 2014, a northern portion of India where the Indian government has an ongoing conflict with separatists, and in Myanmar, where the military government is embroiled in fighting with a variety of groups that have unified to overthrow them.This has become common in conflict zones over the past few decades, then, as those who want to deny this data, and the capabilities it grants, to their enemies tend to blanket the relevant airwaves with disruptive noise or incorrect location information, rendering the GPS and similar networks less useful or entirely useless thereabouts.In Ukraine, the military has already worked out ways around this noise and false information, incorporating alternative navigation systems into their infrastructure, allowing them to use whichever one is the most accurate at any given moment.And it's likely, especially if this dynamic continues, which it probably will, as again, this is a fairly easy thing to accomplish, it's likely that spreading out and becoming less reliant on just one navigation system will probably become more common, or possibly even the de facto setup, which will be beneficial in the sense that each of these systems has its own pros and cons, but perhaps less so in that more satellites will be necessary to keep that larger, multi-model network operating at full capacity, and that'll make it more expensive to operate these systems, while also creating more opportunities for satellite collisions up in the relevant orbit—an orbit that's becoming increasingly crowded, and which is already packed with an abundance of no longer operational craft that must be avoided and operated-around.Show Noteshttps://www.dw.com/en/gps-jamming-in-the-baltic-region-is-russia-responsible/a-68993942https://www.bbc.com/news/articles/cne900k4wvjohttps://www.economist.com/the-economist-explains/2024/04/30/who-is-jamming-airliners-gps-in-the-baltichttps://www.ft.com/content/37776b16-0b92-4a23-9f90-199d45d955c3https://www.reuters.com/business/aerospace-defense/what-is-gps-jamming-why-it-is-problem-aviation-2024-04-30/https://www.politico.eu/article/gps-jamming-is-a-side-effect-of-russian-military-activity-finnish-transport-agency-says/https://www.flightradar24.com/data/gps-jamminghttps://www.flightradar24.com/blog/types-of-gps-jamming/https://en.wikipedia.org/wiki/Aviaconversiyahttps://www.reuters.com/world/europe/russian-hackers-targeted-nato-eastern-european-militaries-google-2022-03-30/https://www.cnn.com/2023/12/07/politics/russian-hackers-nato-forces-diplomats/index.htmlhttps://www.reuters.com/technology/cybersecurity/russian-cyber-attacks-targeted-defence-aerospace-sectors-berlin-says-2024-05-03/https://www.aljazeera.com/news/2024/5/3/germany-accuses-russia-of-intolerable-cyberattack-warns-of-consequenceshttps://en.wikipedia.org/wiki/Fancy_Bear This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This week we talk about Huawei, DJI, and ByteDance.We also discuss 5G infrastructure, black-box algorithms, and Congressional bundles.Recommended Book: The Spare Man by Mary Robinette KowalNote: my new book, How To Turn 39, is now available as an ebook, audiobook, and paperback wherever you get your books :)TranscriptIn January of 2024, Chinese tech giant Huawei brought an end to its years-long US lobbying effort, meant to help mend fences with western politicians.In mid-2019, then US President Trump had blacklisted the company using an executive order that, in practice, prevented Chinese telecommunications companies from selling specialized equipment in the US, as part of a larger effort to clamp-down on the sale of Chinese 5g and similar infrastructure throughout the US.Around the same time, a Huawei executive was jailed in Canada for allegedly violating sanctions on Iran, and several other western nations were making noises about their own bans, worrying—as Trump's administration said they were worried—that Huawei and similar Chinese tech companies would sell their goods at a loss or at cost, significantly undercutting their foreign competition, and as a consequence would both lock down the burgeoning 5g market, including all the infrastructure that was in the process of being invested in and deployed, while also giving the Chinese government a tool that could allow them to tap all the communications running through this hardware, and potentially even allow them to shut it all down, if they wanted, at some point in the future—if China invaded Taiwan and wanted to keep the West from getting involved, for instance.So while part of this ban on Huawei—for which the President made use of the International Emergency Economic Powers Act and declared a national emergency—was undoubtedly political (part of the trade war Trump started as part of the "China is the enemy" platform he was running on leading up to the 2020 election), there were also real-deal concern about China insinuating itself into the world's infrastructure, beginning with the rollout of the next phase of communications technologies; making themselves indispensable, disallowing foreign competition, and yes, possibly even creating a bunch of backdoors they could use at some point in the future to tip the scales in their favor during a conflict.This ban also ensured that Huawei's then quite popular line of smartphones wouldn't be available in the US, or many other Western countries. The company sold off its Honor brand of phones in a scramble to try to protect that line of products from these new blocks on its offerings, which among other things disallowed them from accessing the chips necessary to make competitive smartphone products, but the legislation just kept coming after that initial salvo, the US Federal Communications Commission banning the sale or import of anything made by Huawei in late-2022, and a bunch of fundamental US allies, especially those with which the US collaborates on military and intelligence matters, have likewise banned Huawei products on their shelves and in their communications networks; the idea being that even one Huawei transmitter or modem could tap into the whole of these networks—at least in theory—which is considered a big enough security concern to justify that blanket ban.Huawei has managed to survive, though it didn't scale the way its owners seemed to think it would back before all these bans.Now it exists as a primarily regional outfit, still making billions in revenue each year, though down to about half the revenue it was earning before 2019.Another popular Chinese tech company, DJI, is now scrambling to deploy its lobbyists and circle the wagons, as there's word that it's on a shortlist of potential Chinese security threats, in this case because the company makes very popular consumer and professional grade drones, which have successfully outcompeted many western brands of the same, and which have thus started to dominate aspects of the drone market.These drones tend to be of the six or eight mini-propeller variety, the kind that people fly for fun, or use to shoot aerial photos, but the success of drones, even of this kind of drone, in Ukraine, reworked to spy on enemy fortifications or to carry explosives, has had the US Defense Department thinking it might not be the best idea to allow a Chinese company to own a substantial chunk of the US and international drone market—for many of the same reasons that Huawei was considered to be a threat; because that would allow China to continue to take out international rivals, allegedly by stealing their competitor's tech back in the day, and by continuing to back their companies with government support and funding, which makes fair and level competition a bit of an impossibility.These companies are doing well for many reasons, then, and some of those reasons are not replicable outside the tight relationship the Chinese government has with its corporate entities.If DJI is ultimately targeted in this way, it would likely be via a similar mechanism as the ban that was slapped on Huawei: new drones made by DJI would be unable to use the US's communications infrastructure, which would make their continued functionality in the country all but impossible.This wouldn't ban DJI drones that are already owned by folks in the US, and it's anyone's guess as to how likely this will be to pass, as a bill to this end is currently working its way through the House, but DJI is lobbying heavily, is more common and popular in the US than Huawei was, and there's a chance that it simply won't be worth the potential political consequences for those who vote to ban it, if the bill works its way further through the process.What I'd like to talk about today is another potential ban of a popular Chinese product, TikTok, and how such a ban might play out.—Back in 2020, the Trump administration announced that it was looking into banning TikTok, a popular vertical video-focused social network that operates a bit like a cross between Instagram and YouTube, and which was becoming especially influential with young people, so-called Gen Zers.TikTok is owned by a Chinese company called ByteDance, and ByteDance has a version of the same app in other countries, including China, which there is called Douyin.That same year, TikTok hit back against the Trump administration with a legal challenge that said, in essence, the President was just trying to score political points by passing protectionist laws in the lead-up to the election, and that it might have also been revenge because there were young people on the platform posting videos about a prank they instigated at a Trump rally, which seemed to irk the former President.Around this same time, TikTok higher ups began working on what became known as Project Texas, which was meant to help address one of the government's concerns and complaints, that data and media shared on TikTok was sent to Chinese servers, which suggested all that information could be more easily siphoned off and used by the Chinese government.This project resulted in a re-working of how data on the platform is handled, bringing in US tech company Oracle to keep tabs on everything, ensuring that this data is safely managed and not sent somewhere the Chinese government can easily get it.A former employee of TikTok alleged in early 2023 that this Project didn't do what it was supposed to do, and TikTok's leadership said that this employee left before it was fully implemented; other involved people have spoken about their own takes on the matter since then, some of them saying the company is locked down tight because of all the oversight it's receiving, while others have said it makes big security claims, but is still not locked down the way it needs to be.This concern is the result of a law in China that says, basically, if the government tells you to hand something over, you do, or you can be stripped of all your wealth, can be put in prison, can even be killed.So ByteDance's leadership's claims that they have not handed this sort of data over to the Chinese government, and wouldn't do so if they were asked, can't be trusted, according to arguments against their claims, because they would of course lie about this if they had handed it over, and may not even be legally allowed to admit to so doing, but they also wouldn't really have a choice if they were asked—they would legally, in China, have to do so.That's the big argument and concern on the US security side of things: the Chinese system works different than the system in many other countries, and because of how integrated and entwined their government is with their market, every single Chinese company, like ByteDance, like Huawei, like DJI, should be considered a wing of the Chinese military, because in practice, they are.Thus, as soon as these concerns about TikTok started to hit the mainstream consciousness, we started to see those federal efforts to do something about it—most of which were initially unsuccessful, except for that Project Texas effort, about which no one seems to be able to say with any certainty whether it was successful or not.At the state level, we also saw a bunch of bans on having the TikTok app on corporate and government devices, and in some places, like Florida and Montana and Indiana, we've also see bans on Chinese individuals and Chinese companies acquiring land, working on some types of research, setting up factories, and other such things.All of which sets the stage for a piece of legislation that was passed by the US Congress earlier this month, and then signed by President Biden, saying that ByteDance needs to divest itself of TikTok, and soon, otherwise TikTok will be banned in the US.The specifics are important here: first is that this legislation was passed as part of a bundle with legislation that also provided funding for Ukraine, Israel and Palestinians, and Taiwan—so this is generally being seen as a sweetener to some further-right Republicans who otherwise would have opposed those funding efforts, and it may not have been passed if it hadn't been thus bundled.Second is that this isn't a TikTok ban, in the sense that Biden signed it and now TikTok is banned in the US. Instead, it says, basically, TikTok can keep operating in the US, but it can't be owned by a Chinese company, which again, if the Chinese government asks them to do spy or military stuff on their behalf, they would legally have to do. So the idea is that TikTok itself isn't the problem, it's those ties to the Chinese government and intelligence and military apparatus.Third is that the company now has nine months to figure out a deal to sell the whole or part of TikTok to some more acceptable—which in this case means non-Chinese-government-entangled—owner, and the President has the option of extending that to a full year, if it looks like a deal is about to be done, but needs a little more time.That's up from a previously proposed six months, and is considered to be more realistic, given the scope and scale of the company in question.And that scope and scale is point number four: TikTok is huge. It's an absolutely behemoth company, with about 170 million users in the US, alone, and about $16 billion in revenue each year.That's still nowhere near Meta's $134.9 billion of annual revenue, but it's still a colossal company that's generally considered to be worth more than $100 billion, again, for the US assets alone—though if the company were to sell everything but the algorithm it uses to decide what videos to show its users, it's though that price could drop to closer to $20 billion; which is still substantial enough that there wouldn't be many people or entities capable of affording it, and some of the big, well-moneyed US tech players, like Meta and Google, would be unlikely to even try, as their offer would probably be held up by antitrust concerns within the current, fairly hardcore regulatory environment.So ByteDance is being told to sell their US assets within a year, max, and they may have to find a buyer willing to spend tens of billions of dollars for it, and that buyer would have to be acceptable to the same US government that is telling the existing owner it has to sell or be banned in the country.Analysts are mixed on whether this is a bluff or not, but at the moment, ByteDance's leadership is saying, in essence, no—we're not going to play this game, we would rather shut down the US version of TikTok than sell those assets.Part of the rationale here might be that the Chinese government is telling ByteDance's owners that they're not allowed to sell these assets; it could be a requirement they're dressing up as staunch resilience to save face, basically.It could also be that they did the math and realized that their US offerings, despite being worth billions, are nowhere near their most profitable assets—those are in China—and they'd rather double-down on that larger market and other foreign markets than sell off something valuable in the US, which could then be used to challenge them in some of those remaining markets.It could also be that they're holding out for a good deal, or delaying, hoping that denying even the possibility of a sale will help their case in court.And they do, by some estimations at least, have a pretty solid case to lean on.Some legal experts are saying their First Amendment rights are being violated, and in a 1965 Supreme Court case, Lamont v. Postmaster General, the court ruled that foreign-produced propaganda—in that case communist propaganda—could still be distributed through the postal service because Americans have a first amendment right to receive it, even if they didn't specifically request it.This is considered to be relevant, here, because one of the arguments against TikTok by the US government is that the Chinese government could adjust what they show people, favoring content that supports positions and views of the world they like, over time adjusting the opinions and facts or pseudo-facts young people in particular are working from—which over time could also influence what they believe, how they vote, and so on. There have already been claims that TikTok favors pro-Palestinian content over pro-Israeli content, for instance, and it has long suppressed work that talks about the Tiananmen Square massacre and other things the Chinese government doesn't like; it doesn't generally fully disappear this stuff from the platform, but the algorithms show that sort of content to few people, which has a similar effect to deleting it on an app where people primarily discover things based on what they're shown by that algorithm.Of course, Facebook and Twitter and other networks have been accused of the same, in Meta's case downplaying news and political content, and in Twitter's, recently, post transition to X, favoring more conservative posts over more liberal ones—though in both cases, and in TikTok's, too, it's difficult to prove this sort of thing, and the algorithms are often black boxes rather than open code we can look at and judge objectively; so some such claims may be based on anecdote and the complainer's own bias.And it's worth mentioning here that although the Chinese government, TikTok's leadership, and a slew of free speech rights groups have come down on TikTok's side, citing the US's First Amendment and the support it would seemingly have for the popular app and those who want to use it to exercise their speech—and for the company to exercise its own, as well, sharing stuff those people watch—China has regularly banned US social networks from its highly controlled and censored portion of the internet, clamping down on those that survive so hard that they don't have much control, their data highly secured and allegedly tapped within China.So China is saying the US is in the wrong for doing something similar to what it does back home, though on a much smaller and more focused scale, and one of the counterarguments being made by some folks in the US, including some who are typically free speech proponents, is—well, tit-for-tat. Countries that remain open for US social networks will have their networks welcomed in the US in the same way, but those who don't? Their futures are less clear, because why should the US allow that kind of potential security and influence risk when the other side refuses to do the same?There's a question here, then, of what the modern, splintered internet is and how it should be treated—perhaps especially in free speech-favoring, democratic societies—now that we've moved past the veneer of free and open online activity everywhere.That's never been the case in China, and in many other countries around the world, so the idea that the US and Europe and similar nations need to behave as if it's equally open and free everywhere seems a little outmoded, and some such entities, like the EU, have been regulating based on that reality, while the US has been slow to do the same; this could mark a moment in which the US starts thinking along these same terms, or it could be another instance of maintaining the previous paradigm, because that tends to be easier, and because the relevant laws haven't been updated, yet.There's also the question of how expansive this particular bill will end up being.Does it apply to ByteDance's other apps, as well, including the popular CapCut video editing app, and its existing Instagram-dupe Lemon8, and potential future Instagram-clone TikTok Notes?Further, does it apply to other Chinese-owned apps, and other apps owned by companies in, for instance, Russia and other current and future antagonistic states?Also, to what degree will the law allow friendly nation states, like Japan and European nations, to scoop up these sorts of assets and operate them in the States, in a way China would no longer be allowed, when there's the chance that some of them—Hungary, for instance—might not always be so friendly? How does the friendly or unfriendly judgement get made, and what sort of process is involved in changing a nation's label from one to the other?Right now, the framing of all this is mostly whether we prioritize free speech or national security, and it's arguably the government's responsibility to make that argument, or face the electoral consequences of seemingly behaving in anti-speech ways without any real purpose, beyond potentially empowering US-based social platforms over foreign versions of the same.And lacking a stronger argument and more public evidence, there's a decent change a lot of people, especially young people will be irked at a TikTok ban, or even the possibility of one, despite the supposed security threat it poses.All of which suggests this will be an interesting year, as the clock ticks downward on those 9 months, plus another 3, possibly, that ByteDance has to sell its US assets, during which several companies will probably arise, stating their case for scooping up the most popular social platform, with young people at least, in the country, and during which ByteDance's lawyers will be filing cases on their employers' behalf.And this will all go down as the country winds its way toward the November election, which features two presidents that have spoken out against the app, while also having used it for their own political gains, to try to reach the youths of the country, who will play a major role in this upcoming election, but also a lot of elections after that, well into the future.Show Noteshttps://supreme.justia.com/cases/federal/us/381/301/https://www.wsj.com/politics/states-take-on-china-in-the-name-of-national-security-7ed05257https://apnews.com/article/us-china-blinken-wang-yi-8c1c453df3afbd6ec87ced0c8d618064https://www.theverge.com/2024/4/24/24139036/biden-signs-tiktok-ban-bill-divest-foreign-aid-packagehttps://www.dw.com/en/eu-sets-tiktok-ultimatum-over-addictive-new-app-feature/a-68891902https://www.nytimes.com/2024/03/22/business/tiktok-india-ban.htmlhttps://apnews.com/article/tiktok-divestment-ban-what-you-need-to-know-5e1ff786e89da10a1b799241ae025406https://apnews.com/article/tiktok-ban-bytedance-lawsuit-biden-386e6d81e2eef61a756bcdea96cd0aefhttps://www.axios.com/2024/03/16/tiktok-ban-divest-ownership-chinahttps://www.lawfaremedia.org/article/five-observations-on-the-tiktok-bill-and-the-first-amendmenthttps://archive.ph/7Fiknhttps://apnews.com/article/tiktok-ban-bytedance-lawsuit-biden-386e6d81e2eef61a756bcdea96cd0aefhttps://www.washingtonpost.com/technology/2024/04/25/tiktok-legal-battle-is-certain/https://www.nytimes.com/interactive/2024/04/18/business/media/tiktok-ban-american-culture.htmlhttps://www.pewresearch.org/internet/2024/02/22/how-u-s-adults-use-tiktok/https://www.ypulse.com/article/2023/06/05/gen-z-is-officially-using-tiktok-more-than-any-other-social-media-platform/https://www.nytimes.com/2024/04/23/technology/bytedance-tiktok-ban-bill.htmlhttps://www.cnn.com/2024/04/25/tech/who-could-buy-tiktok/index.htmlhttps://www.nbcnews.com/business/tiktok-ban-bill-why-congress-when-takes-effect-rcna148981https://www.wsj.com/tech/bytedance-says-it-wont-sell-u-s-tiktok-business-61f43079https://www.wsj.com/tech/why-china-is-holding-its-fire-as-u-s-moves-to-ban-tiktok-38a63cddhttps://www.theverge.com/2024/4/11/24127579/tiktok-ai-virtual-influencers-advertisinghttps://www.lawfaremedia.org/article/project-texas-the-details-of-tiktok-s-plan-to-remain-operational-in-the-united-stateshttps://en.wikipedia.org/wiki/TikTok#Project_Texashttps://www.nytimes.com/2024/04/25/business/china-tiktok-douyin.htmlhttps://www.bbc.com/news/articles/c289n8m4j19ohttps://techcrunch.com/2024/04/27/will-a-tiktok-ban-impact-creator-economy-startups-not-really-founders-say/ https://www.washingtonpost.com/technology/2024/04/25/tiktok-ban-bill-us-communities/https://www.wsj.com/tech/how-tiktok-lost-the-war-in-washington-bbc419cchttps://archive.ph/pnMEGhttps://www.theverge.com/24141539/tiktok-ban-bytedance-china-dc-circuit-supreme-courthttps://www.axios.com/2024/04/23/tiktok-ban-bytedance-apps-capcut-lemon8https://www.nytimes.com/2024/04/25/us/politics/us-china-drones-dji.htmlhttps://www.theregister.com/2024/01/05/huawei_ditches_us_lobbying_team/https://engadget.com/huawei-honor-sold-024435704.htmlhttps://en.wikipedia.org/wiki/Huaweihttps://www.politico.com/story/2019/05/15/trump-ban-huawei-us-1042046 This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This week we talk about STELLARWIND, 9/11, and the NSA.We also discuss warrantless surveillance, intelligence agencies, and FISA.Recommended Book: Period: The Real Story of Menstruation by Kate ClancyTranscriptImmediately after the terrorist attacks in the US on September 11, 2001, then President George W. Bush gave his approval for the National Security Agency, the NSA, to run a portfolio of significant and ever-evolving cross-agency efforts aimed at preventing future attacks of that kind, scale, and scope.The thinking behind this collection of authorizations to various US intelligence agencies, which would operate in tandem with the NSA, was that we somehow didn't see this well-orchestrated, complex plan coming, and though revelations in later years suggested we kind of did, we just didn't act on the intelligence we had, in those early, post-attack days, everyone at the top was scrambling to reassure the country that things would be okay, while also worrying that more attacks from someone, somewhere, might be impending.So the President signed a bunch of go-aheads that typically wouldn't have been signed, and the government gave a lot of power to the NSA to amalgamate the resulting intelligence data in ways that also wouldn't have previously been okay'd, but that, in those unusual circumstances, were considered to be not just acceptable, but desirable and necessary.This jumble of intelligence service activities, approved by the president and delegated to the NSA, became known as the President's Surveillance Program, and they were kept secret, in part because of how unprecedented they were, and in part because those in charge didn't want to risk their opposition—those they knew about, like Al Qaeda, but also those that might be waiting in the wings to attack the US while it was perceptually weakened and vulnerable—they didn't want to risk those entities knowing what they were doing, what they knew about, how they were collecting data, and so on.The info that was gleaned via these programs was compiled and stored in an SCI, which stands for Sensitive Compartment Information, and which refers to a type of document control system, a bit like Top Secret or Classified, in that it allows those running it to set what level of access people must have to view, process, use, or even discuss its contents, and this particular SCI was codenamed STELLARWIND.Among other activities, the programs feeding data into the Stellarwind SCI mined huge databases of email and phone communications, alongside web-browsing and financial activities; all sorts of tracking information that's collected by various components of intelligence, law enforcement, and other government and government-adjacent services were tapped and harvested.All of this data was then funneled into this one program, and though the degree to which this much information is useful up for debate, because having a slew of data doesn't mean that data is organized in useful ways, in 2004 the US Justice Department discovered that the NSA was not just collecting this sort of data when it was connected to foreign entities or entities that have been connected to terrorism, it was also collecting it from sources and people, including just average everyday Americans and small businesses that were doing no terrorism at all, and which had no links to terrorism, and it was doing so on American soil.After this discovery, then-President Bush said, well, the NSA is allowed to do that, that's fine, but they can only look at collected metadata related to terrorism—so they can collect whatever they want, sweep up gobs of information, file-away whatever drifts into their expansive and undifferentiating nets, but they're not allowed to look at and use anything not related to terrorism; and with that clarification to keep the Justice Department from doing anything that might hinder the program, the president reauthorized it that same year, 2004.There was disagreement within the government about the legality of all this, some entities saying that warrantless wiretapping of American citizens was illegal, even if the collected data was supposedly unusable unless some kind of terrorism connection could be ginned up to justify it. But those in charge ultimately decided that it would be irresponsible not to use these wiretapping powers the NSA wielded to protect American lives, and even said that Congress had no power to stop them from doing so, because it fell within their wheelhouse, that of defense against potential future foreign attack.All of the President's Surveillance Programs officially expired on February 1 of 2007, but new legislation that same year, and more in 2008, extended some of these activities, all with the justification of protecting the US from future terrorist attacks, and in 2009, a report published by the Inspectors General of the country's intelligence agencies found, in essence, that the now-retired President's Surveillance Program went way beyond what was allowed, in terms of collecting this sort of data without a warrant, and indicated that there was little oversight keeping folks from looking at data they weren't supposed to be looking at, while also indicating that the program probably wasn't very effective—so there was all this data, collected on dubious legal grounds, approved during a period of fear and perceived vulnerability, that was also becoming this a major headache for folks concerned about what amounted to a big, secret surveillance program that was targeting the very people it was supposedly meant to protect from terrorism, all in the pursuit of purported security benefits that were more theoretical than real.A former NSA codebreaker went on the record with WIRED magazine in 2012, outlining how the NSA was surveilling Americans in this way, which got the codename Stellarwind into the press as a consequence, and the following year, in 2013, the Washington Post and The Guardian published a draft of that 2009 Inspector General report that said the program was going far beyond the bounds of what was legal and right and effective—that draft leaked by NSA employee and subcontractor Edward Snowden.Further revelations based on that leak came out in 2014, at which point there was abundant public evidence that much of what was happening within the Stellarwind program was kept secret even after supposed earlier divulgences, and a lot of it was seemingly very illegal, though this program still functions in various capacities and at various scales, even now, in 2024.What I'd like to talk about today is a portion of the Stellarwind program that was recently extended, though not without controversy and pushback.—The Foreign Intelligence Surveillance Act, or FISA, was passed in 1978 in response to the fairly brazen and regular violations of Americans' privacy under the Nixon administration; namely that his government regularly spied on, and used intelligence and law enforcement services to mess with, political and activist groups that Nixon didn't like.FISA was meant to establish guardrails for when and how that sort of surveillance could be conducted, who could access the relevant data, and how it could be used—though notably, all of this applied to collecting intelligence in US territory; the rules are a lot looser when it comes to surveillance of non-americans in other countries.Among other things, FISA established the Foreign Intelligence Surveillance Court, which is a court that decides who can use these tools and access this data—they oversee the divvying-out of surveillance warrants—and FISA was the basis for all those President's Surveillance Programs following 9/11; so it was meant to prevent abuses of surveillance and intelligence tools by the US government against its citizens, and this general framework was used as a scaffolding for those enhanced surveillance powers the government gave itself after the 9/11 attacks; it was also a primary resource for those who found all those post-9/11 additional powers to be illegal oversteps.One evolution of FISA following September 11 was the introduction of what's called Section 702, which is provision that allows the US government to undertake targeted surveillance efforts against non US citizens outside the US, leveraging the full weight of the US government to do so, including but not limited to coercing telecommunications companies, like internet or phone companies, to hand over whatever data and recordings and such they might have available.Section 702 is meant to be very targeted and specific, never allowing the surveillance of any US citizen, anywhere, any person from any country who's in the US, or any foreign person located anywhere on the planet who is communicating with a US citizen—which is a technique that was previously leveraged by some components of Stellarwinds, the idea being that if you wanted to surveil an American but had no evidence they have links to terrorism, you would just capture their phone calls and other communications with non-Americans, and you'd be good to go.There's a fairly rigid set of protocols involved in using Section 702 for surveillance, including Department of Justice oversight on every targeting request, and opportunities to deny the collection of, or subsequent access to data that is collected by a sequence of analysts who are disconnected from those requesting said data.That's what the rules and processes for this provision say, anyway.In practice, Section 702 has allegedly been used to track members of Congress, journalists, victims of various sorts of crime, political donors, and protestors—targeting them for surveillance, but also used to search existing data that's already been collected, baselessly, via so-called "backdoor searches" with no connection to terrorism or anything else that would allow for the formal use of these tools, seemingly in violation of those supposed hardcore guardrails, at the behest of the FBI, CIA, and NSA. And this seemingly happens on a fairly regular basis—more than 200,000 warrantless, backdoor searches are performed each year.All of which adds interesting context to a recent congressional vote to reauthorize Section 702 for another two years, right as it was about to expire.This extension vote was laden with drama, in part because two major US internet companies said they would no longer comply if Section 702 wasn't renewed, as the government had had its request to keep collecting data for another year approved, but it no longer had legal backing to demand such data from companies, with the ability to coerce them to hand over digital communications data, like email and text records, if they denied more polite requests. So these companies said, well, you can collect whatever data you can get your hands on, but you can't get your hands on our data, anymore.There was also political drama, though, in the shape of former US President, and current Presidential candidate Trump's loudly stated antagonism toward renewing this provision, something that aligned him with privacy oriented groups that he typically doesn't like or align with.A vote that would have ended all warrantless searches on these sorts of communications failed to pass earlier in April, due to a tied 212 to 212 vote in the House, and another that would have accomplished a similar outcome and which was voted upon a few days later was defeated by just a handful of votes.The conflict here is seemingly that while there are significant and persistent privacy issues with this and related programs, it's also considered to be a potentially useful tool in the US intelligence community's utility belt. And though most politicians would like to be seen as defending the privacy of American citizen from prying government eyes, few want to be seen as hobbling its defense infrastructure, even if the defense value of this and connected programs have been questioned and challenged, time and time again.What eventually helped a Section 702 extension bill attain approval from Congress was a compromise that approved the extension of some components of it, that allowed it to take new communications technologies into account, arguably making it more useful for surveillance purposes while simultaneously increasing the privacy risks it poses, but pairing those add-ons with a shortened extension period, down from five years to two. Which means it's likely there will be another showdown over whether it should be extended in just a few years, at which point it can be killed or further edited, depending on how this new, slightly iterated version, is functioning at that point.All of which is interesting and newly relevant in part because we're stepping into what some have called a new Cold War, with all sorts of real-deal military conflicts on the ground threatening to expand and encompass more of the planet, alongside rifts in the relationships between behemoths like the US and China, which could erupt into larger versions of the same, if these governments aren't careful.At such moments, we tend to see more support for measures that give heightened power to governments and other defense-oriented entities, even at the expense of individual rights.So rather than clipping the wings of this and similar programs in a few years when renewal is once more on the docket, it may be that Congress further empowers it—depending on how today's conflicts play out, and how the relationships between the US and its primary rivals evolve in the meantime.Show Noteshttps://www.washingtonpost.com/national-security/2024/04/19/fisa-702-surveillance-internet/https://www.washingtonpost.com/national-security/2024/04/20/congress-extends-controversial-warrantless-surveillance-law-two-years/https://en.wikipedia.org/wiki/Foreign_Intelligence_Surveillance_Acthttps://www.dni.gov/files/CLPT/documents/2023_ASTR_for_CY2022.pdf#page=24https://www.intelligence.gov/assets/documents/702%20Documents/declassified/2023/FISC_2023_FISA_702_Certifications_Opinion_April11_2023.pdf#page=89https://www.dni.gov/files/icotr/Section702-Basics-Infographic.pdfhttps://www.aclu.org/issues/national-security/warrantless-surveillance-under-section-702-fisahttps://www.brennancenter.org/our-work/research-reports/whats-next-reforming-section-702-foreign-intelligence-surveillance-acthttps://www.brennancenter.org/our-work/research-reports/fisa-section-702-civil-rights-abuseshttps://en.wikipedia.org/wiki/Foreign_Intelligence_Surveillance_Acthttps://www.nytimes.com/2024/04/20/us/politics/senate-passes-surveillance-law-extension.htmlhttps://en.wikipedia.org/wiki/President%27s_Surveillance_Programhttps://en.wikipedia.org/wiki/Sensitive_compartmented_informationhttps://en.wikipedia.org/wiki/Stellar_Wind This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This week we talk about diplomatic immunity, Trump’s court cases, and the Supreme Court.We also discuss Nixon, Clinton, and the US Constitution.Recommended Book: My upcoming book, How To Turn 39 (https://books2read.com/htt39), which is available for pre-order today :)TranscriptThere's a concept in international law—diplomatic immunity—that says, in essence, certain government officials should be immune from the laws of foreign countries, including those within which they're operating.This is a very old concept, based on similar rights that were granted to envoys and messengers back in the oldest documented periods of human civilizations.The idea is that if different cultures, whether organized into tribes or kingdoms or nation states, are going to be able to deal with each other, they need to maintain open and reliable means of communication. Thus, the folks tasked with carrying messages between leaders of these different groups would need to be fairly confident that they wouldn't be hassled or attacked or prosecuted by the people they were bringing those messages to, and whose messages they were bringing back to their own leaders.Such representatives have at times been imprisoned or killed by their hosts, but this is relatively rare, because any governing body that treated ambassadors from other cultures in this way would have trouble dealing with anyone outside their current legal sway, and that would in turn mean less trade, less reliable peace, and less opportunity to generally cross-pollinate with cultures they might benefit from cross-pollinating with.As a general rule, at least in the modern iteration of diplomatic immunity, folks operating under the auspices of this policy can still be punished for their misdeeds, it's just that they'll generally be declared persona non grata, expelled from the country where they did something wrong, rather than punished under that country's laws.In some rare instances a country hosting a misbehaving or criminal ambassador or other diplomat might ask that person's home country to waive their immunity, basically saying, look, this person killed someone or got drunk and drove recklessly through our capitol city's downtown, we'd like to try them in our courts, and it may be that the government running that misbehaving person's home country says, okay, yeah, that's messed up, you go ahead; but usually—even if that person has done something truly reprehensible—they'll instead say, no, sorry, we'll pull them back and they won't be allowed to return to your country or serve as an ambassador anywhere else, because they've shown themselves to be unreliable, and we might even try them in a court here, in their home country, but we can't allow our people, no matter what they do, to fall under the legal jurisdiction of some other nation, because that would set a bad precedent, and it may make people wary of working for us in this capacity in the future—surely you understand.There are tiers of diplomatic immunity, depending on the seniority of the diplomat or other representative in question, and the Congress of Vienna of the early 1800s charted out the basis for how these things work, in much detail, formalizing a lot of what was already in the ether back then, and creating an outline that was then further formalized in 1961's Vienna Convention on Diplomatic Relations, which has been almost universally ratified and respected, though of course there's been a lot of grey area in terms of what harassment of a representative, which is a no-no according to this convention, entails, and to what degree it can be proven, and thus punished, if violated.We saw a lot of grey area utility during the height of the Cold War in particular, in part because many diplomats were moonlighting as spies, which is still true today, though it was even more overt and worrisome to their host countries, back then, so harassment, kidnappings, even assassinations of diplomats were more common then, than today, though they were still almost universally done covertly so that no one seemed to be violating these nearly universally accepted terms.What I'd like to talk about today is another type of legal immunity—in this case, Presidential Immunity in the US—and why this type of immunity is at the center of former US President Trump's ongoing legal cases.—In the United States, many politicians and high-level appointees enjoy some of the immunity-related privileges in their own country that diplomats of various stripes have traditionally enjoyed elsewhere.Most of these figures are only protected by this immunity under very specific circumstances, though, not universally.Judges, while doing court-related, judge-work, for instance, have absolute civil immunity—so a judge who falls afoul of the law in the course of their duty as a judge, doing judge-things, will tend to get away with whatever it is they did wrong, though this won't generally apply to non-judge things they do during that same periodSo a judge would have trouble arguing that they should get off with a warning for murdering someone because they happened to kill that person while they were on their lunch break, but they would likely be okay if they accidentally ruled in a way that exceeded their jurisdiction, even if their having done so caused all sorts of secondary problems.Similarly, and also within the US court system, a prosecutor can't be sued for withholding evidence, even if their having done so leads to a wrongful conviction, which would be a bad thing that happened as a result of their actions, but because they acted while performing their protected duty, they'll almost certainly be okay from a legal standpoint, even if not always a moral one.These are not rules novel to the US system of governance; most of them were borrowed from earlier forms of the same, and a lot of the US's version of these immunity rules are derived from those that exist within the British parliamentary system, where parliamentarians can't be prosecuted for things they say while in Parliament, and the same is true for politicians while engaged in their work on the floor of the US House of Senate.Interestingly though, while the US Constitution provides that kind of legislative immunity to Congresspeople, it doesn't grant the same, or anything similar, to the President; and this was apparently a hotly debated topic back in the Constitution-writing days, as those who set up the rules of the land were aware that it might be beneficial to allow folks at the top some legal leeway, so they don't make executive decisions based on whether or not they might be sued or otherwise punished for those decisions, but at the same time they really didn't want another king, or similarly authoritarian ruler to step into office and then get away with murder—perhaps literally.So the constitution doesn't give the President of the United States the same immunity as other members of government, but a slew of cases in the 19th and 20th centuries found, in general, that if the president or members of the president's cabinet take actions that are "more or less" within the scope of their duties, they should be granted absolute immunity, protecting them from lawsuits and legal punishments.A court case against President Nixon in the 1970s made that previously somewhat vague and general legal trend more formal, at first triggering a bunch of lawsuits against him and his people, but then a 1982 Supreme Court decisions said, in essence, that former or current presidents are immune from lawsuits related to anything that falls within the "outer perimeter" of their duties, due to the president's "unique status under the Constitution."This legal precedent was tested in the mid-1990s when then-President Bill Clinton was sued for sexual harassment during his governor of Arkansas days, and a lower court, then the Supreme Court, both affirmed that presidential immunity doesn't protect the president from things they did before taking that highest government office.As a result of all that, today we have a legal context in which the President is kind of granted some immunity for some things they do while in office, but the delineation between protected and not-protected is fuzzy, and there's a whole lot of theory on this matter, but less in the way of actual court precedent that establishes confident footing for anyone stepping into this corner of the legal world.All of which is newly relevant in 2024 because former President Trump is currently being prosecuted for all sorts of things in several different jurisdictions. And part of his legal strategy is based on a sort of Hail Mary play that's made its way to the Supreme Court, and which is premised on the concept of Presidential Immunity.But before we get to that case, let's talk real quick about the other cases that are currently in progress, all of which that bigger Supreme Court case may influence, depending on how it turns out.Beginning this week, as of the day this episode goes live, the week of April 15, 2024, Trump is scheduled to be in court four days a week for the next six to eight weeks, facing 34 criminal charges related to falsifying business records in order to get payoff money to Stormy Daniels, allegedly to cover up an affair they had, which he didn't want becoming public while he was running for his first term in office.Tentatively beginning in late-May of 2024, Trump will face 40 criminal charges in Florida for allegedly mishandling sensitive documents, and his alleged conspiracy to keep those documents even after the government demanded them back.A federal case in which Trump faces four criminal charges related to his alleged effort to overturn the 2020 presidential election results was originally meant to begin the first half of this year, but it's looking increasingly likely it won't occur until after the November presidential election, as the judge overseeing the case has postponed it until after the Supreme Court makes their decision about presidential immunity, though there's a chance it could start as early as August, despite that delay.And Trump faces 10 criminal charges for the same general collection of alleged efforts to overturn the 2020 election in Georgia, alongside 18 alleged co-conspirators; that trial has a proposed start date of August 5, but that would be tricky, as it would mean the trial could run through Election Day, which would be awkward and would likely complicate things further.Trump has also dealt with a flurry of recent civil, so non-criminal, no jail time possible, just fines, lawsuits, including one related to sexual assault and his defamation of the person he sexually assaulted, which led to a big payout recently, and another in New York related to his misrepresentation of the value of his real estate holdings in the state, which led to an even bigger fine, but which is currently being appealed.There's another federal civil case that's ongoing, Thompson v. Trump, which is related to the attack on the US Capitol by Trump's fans on January 6, 2021, and that's especially relevant here because, already, the judge in that case, ruled that Trump's presidential immunity does not shield him from this lawsuit, and an appeals judge ruled the same.There's now a Supreme Court case, which I mentioned earlier, that consolidates three separate civil lawsuits into one, Trump v. United States, and this case asks, in essence, whether Trump should be protected from these lawsuits by presidential immunity; that same immunity that was upheld in many cases in recent memory, though in different contexts.The reason this Supreme Court case is so fundamental here is that it could impact many or all of those other cases, plus others that might arise related to Trump's actions in the future, as it would give him a sort of legal whammy on just about anything he could argue was done within the perview of his role as President.Thus, he could argue he wasn't trying to overturn the 2020 election that he lost, he was looking into what he considered to be legitimate election irregularities as part of his duty as President. And if some other things happened as a result of that effort, like his supporters breaking into the Capitol building, he should be protected from that under the auspices of this immunity.Those two DC court judges that earlier ruled Trump wasn't protected by presidential immunity said that it's in the public interest to hold presidents accountable for their actions, because not doing so would leave anyone who holds that office "unbounded authority to commit crimes."They determined that it was worth the possibility that a president might make some executive decisions from a perspective of worrying about later lawsuits if it would prevent the creation of a political office from which someone could legally get away with any crime they chose to commit, including but not limited to, theoretically at least, assassinating their political rivals.The big question now is how the Supreme Court will decide on this matter; some people are predicting that the heavily slanted toward conservative justices court will be more likely to find in Trump's favor, though they've defied those expectations several times in recent years, in some cases seeming to take advantage of their current 5 or 6, depending on how you measure, versus 3, conservative to liberal composition in order to get a bunch of Republican priorities accomplished, like overturning Roe v. Wade, which protected the right to an abortion at the federal level, but in other cases they've made what seem to be more objective rulings, defying assumptions made based on those ideological leanings—so there's no way to know one way or the other on this, right now. We'll likely find out, though, sometime in May or June, as the court will begin considering these claims on April 25 of this year, and it's expected they'll have their ruling sometime in those subsequent two months.Until then, though, some of these other cases are a bit up in the air, as the granting of enhanced immunity could make Trump's current and potential future cases a slam-dunk for his defense team, while a ruling in favor of the contemporary, fuzzy standard, or one that weakens that standard, at least for his specific context, would deny him that potentiality.That said, Trump's defense team seems to have also been making use of the abundant delay tactics that are available within the US justice system, and there's a chance that if he delays long enough and then wins another term as president in November, that would allow him, when he steps back into office early next year, to either pardon himself or order someone in his government to get rid of the charges against him.Which is part of why the prosecutors working opposite him have been politely but firmly asking the judges in charge of these cases to pick up the pace, because there's a looming possibility that even if the courts decide against Trump in some key cases, he could still get off Scott free, because of that other apparent loophole in the system that would allow a sitting President to get away with just about anything, though in this case because of a different, in practice immunity-granting mechanism.Show Noteshttps://www.washingtonpost.com/news/opinions/wp/2014/01/30/7th-circuit-pokes-a-hole-in-prosecutorial-immunity/https://en.wikipedia.org/wiki/Trial_of_Donald_Trumphttps://en.wikipedia.org/wiki/Indictments_against_Donald_Trumphttps://www.nytimes.com/interactive/2023/us/trump-investigations-charges-indictments.htmlhttps://www.nytimes.com/article/trump-investigations-civil-criminal.htmlhttps://www.pbs.org/newshour/politics/trumps-2024-trials-where-they-stand-and-what-to-expecthttps://www.washingtonpost.com/politics/interactive/2023/trump-investigations-indictments/https://www.bbc.com/news/world-us-canada-68577638https://www.bbc.com/news/world-us-canada-61084161https://www.theatlantic.com/ideas/archive/2024/03/donald-trump-legal-cases-charges/675531/https://archive.ph/JFsIBhttps://en.wikipedia.org/wiki/Indictments_against_Donald_Trumphttps://apnews.com/article/trump-jury-selection-hush-money-trial-manhattan-56d540406cd174ab143fe12469e9adefhttps://apnews.com/article/donald-trump-michael-cohen-stormy-daniels-e40532d3bce7768e296fdaf9591ef05bhttps://www.wsj.com/us-news/law/trump-criminal-hush-money-trial-begins-2a1bdd15https://www.reuters.com/world/us/fallout-trumps-bid-overturn-election-loss-heads-supreme-court-2024-04-14/https://www.reuters.com/legal/special-counsel-urges-us-supreme-court-reject-trump-immunity-bid-2024-04-09/https://en.wikipedia.org/wiki/Trump_v._United_States_(2024)https://en.wikipedia.org/wiki/Presidential_immunity_in_the_United_Stateshttps://en.wikipedia.org/wiki/Absolute_immunityhttps://en.wikipedia.org/wiki/Parliamentary_immunityhttps://en.wikipedia.org/wiki/Diplomatic_immunityhttps://www.britannica.com/topic/diplomatic-immunityhttps://en.wikipedia.org/wiki/Vienna_Convention_on_Diplomatic_Relations This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This week we talk about Linux, backdoors, and the Open Source community.We also discuss CPU usage, state-backed hackers, and SSH.Recommended Book: The Underworld by Susan CaseyTranscriptIn the world of computers, a "backdoor" is a means of accessing a device or piece of software via an alternative entry point that allows one to bypass typical security measures and often, though not always, to do so in a subtle, undetected and maybe even undetectable manner.While backdoors can be built into hardware and software systems by the companies that make those devices and apps and bits of internet architecture, and while some governments and agencies, including the Chinese government, and allegedly folks at the NSA, have at times installed backdoors in relevant hardware and software for surveillance purposes, backdoors are generally the domain of tech-oriented criminals of various stripes, most of whom make use of vulnerabilities that are baked into their targets in order to gain access, and then while inside the administration components of a system, they write some code or find some kind of management lever meant to give the company or other entity behind the target access for non-criminal, repair and security purposes, and that then allows them to continue to gain access in the future; like using a rock to prop open a door.Concerns over a backdoor being installed in vital systems is fundamental to why the US and European governments have been so hesitant to allow Chinese-made 5G hardware into their wireless communication systems: there's a chance that, with the aid, or perhaps just at the prodding of the Chinese government, such hardware, or the software it utilizes, could contain a Trojan or other packet of code, hidden from view and hardcoded into the devices in some covert manner; these devices could also harbor even smaller devices, indistinguishable from hardware that's meat to be there, that would allow them to do the same via more tangible means.Though there were almost certainly other economic and technology-dominance reasons for the clampdown on products made by Chinese tech company Huawei beginning in earnest in 2012, and escalating rapidly during the US Trump administration, that process was at least ostensibly tied to worries that a Chinese company, prone to spying and stealing foreign tech, already, might incorporate itself into fundamental global communication infrastructure.It was underpricing everybody else, offering whizbang new high-end 5G technology at a discount, and supposedly, if the accusations are true, at least, doing so as part of a bigger plan to tap into all sorts of vital aspects of these systems, giving them unparalleled access to all communications, basically, but also giving them the ability, supposedly, to shut down those systems with the press of a button in the event that China wants or needs to do so at some point, if they ever decide to invade Taiwan, for instance, and want to distract the Western world until that invasion is complete, or just make rallying a defense a lot more difficult.Other, confirmed and successfully deployed backdoors have been found in all sorts of products, ranging from counterfeit Cisco network products, like routers and modems, some of which were installed in military and government facilities back in 2008 before they were recognized for what they were, to Microsoft software, Wordpress plugins, and a brand of terminals that manage the data sent along fiber-optic cables, mostly for high-speed internet purposes.Again, in some cases, the entities making these products sometimes do install what are literally or essentially backdoors in their hardware and software because it allows them to, for instance, help their customers retrieve lost passwords, fix issues, install security updates, and so on.But backdoors of any shape or size are considered to be major security vulnerabilities, as stealing a password or getting access to a vital terminal could then grant someone with bad intentions access to absolutely everything, giving them god-like control over all aspects of a customer's information and operations, or maybe all of the company's customer's information and operations, and that creates a single point of failure that most companies want to avoid, because at a certain point there's no real way to prevent a truly determined and well-funded foe if they know the payout for investing in accessing that terminal or getting that password would be that substantial.What I'd like to talk about today is a long-term effort to do exactly that, the target, in this case, being small, but the potential payoff of backdooring it being pretty much as big as you can imagine.—XZ Utils is the name of an Open Source data compression utility, which means that it squishes data in such a way that no information is lost, but so that big files and other packets of information become smaller, and that makes it faster and easier and cheaper to send that data from place to place.XZ is popular in part because it's effective, in many cases outperforming other free alternatives, like gzip and bzip2, but it also supports an older compression model called LZMA, and it exists in the public domain, which means it's incredibly inexpensive to use, free, for most purposes.It's especially popular in Linux and other Unix-like systems, and in practice that means it's used across these systems so that when data is moved from place to place, it's compressed and decompressed, putting less pressure on the systems themselves, almost like reducing the weight of everything you have to carry throughout the day, without any reduction in quality or the nature of those books and bags and laptops and other things you're hauling around all the time; even small reductions in that weight could make a big difference in the strain on your body, over time, and this utility accomplishes the same for the systems that incorporate it.So this software utility is super useful, is free to anyone who wants to use it, and it's better than a lot of other options, and it's thus been baked into a bunch of fundamental computer infrastructure, like most Unix-like systems. And that's important for a lot of reasons, but the most immediately concerning issue is that the vast majority of servers that run the tech world—basically all the major tech companies, and all the companies they work with—manage their services with Linux.XZ isn't just important for folks who have laptops running on Linux, then, it's also vital to the functionality of huge chunks of the internet; stats from the past few years show that about 96.3% of the top million web sites run on Linux servers, and a substantial amount of non-web-serving servers do, as well.All of which sets the stage for the hubbub that arose on March 29, 2024, when a Microsoft employee named Andres Freund announced that, after looking into a decrease in performance in a version of Linux called Debian—a distinction between how fast it should have been going and how fast it was going of about 500 milliseconds, and that minor slowdown bugged him enough to look into what newer, experimental versions of XZ Utils were doing to the Debian operating system he was working with—after looking into that issue, he announced that he had discovered a backdoor in XZ that was causing errors in a memory debugging tool built into the software, and using more CPU power than Debian otherwise would have used.So he announced this discovery, reported it to an open source security mailing list, to make it known amongst the right people, and that alerted the folks who were experimentally incorporating this new build of XZ into their software.As it turns out, this backdoor, had it been implemented in all this software and spread across the servers that manage the web, would have granted whomever had access to it the ability to alter the behavior of the local instance of the Secure Shell Protocol, or SSH, which is what protects servers while they operate on open networks like the internet.The degree to which this would have damaged the web, as it exists today, cannot be overstated. This problem was given a Common Vulnerability Scoring System ranking, which rates the alarmingness of software issues based on how much damage they could potentially cause, which helps computer security professionals figure out which problems to address first, a score of 10, which is the highest possible score.In theory, this would have granted the person or other entity with backdoor access the ability to get into essentially any server touching the internet with full administrator privileges, making all that information transparent to them, providing them all information about users, passwords, banking information, everything everyone has ever posted to social media, private communications, research and technology secrets—it's really just boggling thinking about how much damage could have been caused by the right person or people, as such a backdoor would basically do away with most of the security measures they might encounter while attempting to infiltrate and even take over pretty much anyone.Because it was discovered by Freund, though, and because he got word out to the right people as quickly as he did, the cybersecurity world was able to pivot pretty quickly, advising everyone who had implemented these test versions to roll back to earlier versions of the relevant software, and the folks behind XZ quickly released updated versions of the utility that removed the backdoor problem.This also triggered a response in the wider software world as many developers have started to reduce the damage future, similar backdoors would be able to cause by reducing the connections and dependencies it took advantage of to function.So this was a big enough deal that even something as arcane as compression utilities and SSH became front-page news around the world, but arguably one of the most interesting aspects of this story is what we know about the person or people who seem to have installed this backdoor.Someone, or group of someones, going by the name Jia Tan, alongside an array of sock puppet accounts—fake accounts with different names that they also managed—started to contribute to the maintenance and development of this project, which is common in the open source world; that's part of what makes open source software and systems so powerful and desirable, despite often not having much in the way of funding or official support from big-name companies; they're often passion projects maintained by maybe just one or a few or a handful of dedicated developers.In 2021, this entity that became known as Jia Tan started contributing to open source projects, and then contributed a patch to XZ via its mailing list.Around that same time, several people who hadn't been seen in this project's community, previously, started to complain that it wasn't being updated fast enough, and arguing that another maintainer should be brought on board, to help it move along faster.This Jia Tan character then started making a lot more contributions to the project, all of them seemingly innocuous and helpful, though in retrospect at least one of them changed a function that would have detected the more malicious changes they ultimately submitted, later.In February of 2024, Tan submitted changes for the new version of XZ Utils that incorporated a backdoor, and groups of people in this larger open source community, possibly sock puppet accounts, started telling the developers who run Debian, Ubuntu, and Red Hat, all popular versions of Linux, they should incorporate this new version with those backdoor-incorporating changes into their operating systems.There are strong suspicions, but little evidence, at this point at least, that Jia Tan and those other sock puppet accounts were run by a well-funded and skilled, probably government-backed hacking group, like one of the entities that often work as proxies for Russia's SVR—their intelligence agency that tends to support local hacking groups to do this sort of dirty work; though again, we can't say that with any certainty, as a lot of government-backed hacking groups could pull off something like this, with enough patience, years worth of patience, and it's still possible that this was a single hacker seeing a soft-target and the potential for a huge payoff if it all worked out.That said, because of the approach this threat actor, whomever they actually are, took to target this utility, and because of how close they got to doing what they intended to do, which would have been devastating, probably even world-changing in some ways, the relationship that big tech and governance has with the open source world is being reassessed, because often the folks running these projects are just individual people doing all this important work in their free time. But because of how the tech world has evolved, huge swathes of the internet and other vital infrastructure are reliant on these single-person, passion-projects that are potential targets for cooption or, as seems to have been the case here, using what's called social engineering to manipulate the folks behind these projects, which can then gives more access to all the stuff they manage, and thus, the things that rely on the stuff they manage, to entities that want to cause harm.Again, and this cannot be emphasized enough, we just barely dodged a bullet here, and the only thing that prevented a huge amount of potential destruction was the effort of another single person who was, almost on a whim, hacking away on a little problem they wanted to look into, and who thus stumbled upon this issue right before it reached a scale that would have been truly problematic.And all of these issues were arguably the result of someone who found themself in the position of maintaining, more or less solo, a utility that became vital to global cybersecurity, and which thus made them the target of a sophisticated social engineering campaign.Show Noteshttps://en.wikipedia.org/wiki/Backdoor_(computing)https://en.wikipedia.org/wiki/Hardware_backdoorhttps://en.wikipedia.org/wiki/Social_engineering_(security)https://www.zdnet.com/article/linux-has-over-3-of-the-desktop-market-its-more-complicated-than-that/https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/https://research.swtch.com/xz-timelinehttps://research.swtch.com/xz-scripthttps://news.ycombinator.com/item?id=39895344https://www.runtime.news/sabotage-in-the-software-supply-chain/https://news.ycombinator.com/item?id=39903685https://www.theverge.com/2024/4/2/24119342/xz-utils-linux-backdoor-attempthttps://www.wired.com/story/jia-tan-xz-backdoor/https://www.404media.co/xz-backdoor-bullying-in-open-source-software-is-a-massive-security-vulnerability/https://www.nytimes.com/2024/04/03/technology/prevent-cyberattack-linux.htmlhttps://www.economist.com/science-and-technology/2024/04/02/a-stealth-attack-came-close-to-compromising-the-worlds-computers This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This week we talk about cacao, plantations, and bean-to-bar chocolate.We also discuss black pod disease, swollen shoot virus, and seed pod currency.Recommended Book: The City & The City by China MiévilleTranscriptThe cocoa bean, also called "cacao," is a seed derived from the cocoa tree, which is native to the Amazon Rainforest in South America.More than 5,000 years ago, near present day Ecuador, the Mayo-Chinchipe culture domesticated and cultivated this tree, which then found its way north into Mesoamerica—so parts of Central America, and modern day Mexico—and that's where we actually thought it came from until a handful of years ago, when new research pushed the initial domestication date back by about 1,500 years, tracking its path down into Ecuador by identifying cocoa residue on pottery from that time period down in that region.But way back then, it's thought that the pulp of this seed was used primarily to create an alcoholic beverage that was fermented to about the same alcohol percentage as a consumer-grade, modern day beer—just over 5%—and because of that utility in making this popular beverage, it was used as a currency in some parts of South and Central America.It's worth noting, too, that this tree and its seed would have originally been called kakawa, which was then turned into an Aztec derivative word much later, cacauatl, which then became cacao, when the Spanish colonized the region, and cacao then became cocoa when introduced to English-speaking parts of the world—and that variation of the word took over in the age of post-WWII globalization, due in large part to the popularization of chocolate products from English-speaking countries like the US and the UK, cacao only recently being reintroduced on that scale to differentiate more expensive cocoa products from those that have become mainstream.Also worth noting is that in addition to being used to produce a popular alcoholic beverage way back in the day, the cocoa bean was also turned into a kind of frothy spiced drink by Aztec royalty and other higher-ups in this part of the world, and that drink was enjoyed by high-born members of society for several thousand years, the beverage used in all sorts of rituals.And to make it, cocoa was whipped together with vanilla and other spices and sweeteners to produce something akin to a sort of hot chocolate the modern person would recognize, though leaning a lot more into those spices than most modern chocolates, rather than sugars and fats.This wasn't a widely available thing in most areas, and it probably wasn't the main end-product for most cocoa beans for most of history, as that alcoholic drink and its many derivatives were a lot more broadly available and widely disseminated.That said, different groups, across this region and across time, including the Maya and the Olmecs, had their own variations of this hot cocoa-like drink, and there's even an Aztec story that Quetzalcoatl was outcast by the other gods in their pantheon for sharing chocolate with humans, and some regional experts have speculated that the ritual of extracting the hearts from human sacrifices in the Aztec empire might be connected to the process of extracting the cocoa pulp from the cocoa bean seed pod when producing this beverage; though that's pretty speculative.The Aztecs came later than a lot of the other cultures in this region that partook in chocolate-related rituals and made cocoa-related goods, so that's likely part of why their rituals surrounding this drink were more elaborate than those of their neighbors, contemporary and forebear, but it's likely that the nature of the bean itself, which only grows in a finite region, about 20 degrees north and south of the equator, also had something to do with it.Because of that limited range, the Aztecs couldn't grow cocoa in their territory, and that meant it was always a luxury import for them, which meant—like many luxuries, even today—only the richest members of society could afford it, and that helped them differentiate themselves from the chocolate-less plebeians.This changed somewhat following the arrival of the Europeans in the Americas, when the Spaniards, who were maybe originally introduced to the drink by Montezuma or one of his underlings, brought the drink back home with them, eventually creating a new market for producers, though Europeans were not initially a fan of it, and mostly seemed to indulge because it seemed exotic, but early on they realized that because this bean already served as a unit of currency in many of the areas they were exploring and exploiting, it allowed them to deal with locals in a familiar way: this many cocoa beans for one thing, this many for another—it made negotiations and payment a lot cleaner and clearer, and cocoa beans could be easily transported for trade while also being useful, in a pinch, as a stable source of food while in transit, which compared favorably to other food goods they were bringing back home from their explorations and invasions, like bananas.What I'd like to talk about today is the modern chocolate market, and a dramatic price increase in cocoa beans that's raising eyebrows and concerns around the world.—The modern chocolate market has expanded in the years since Montezuma and the Spanish conquistadors to cover the whole of the globe, with products based on the cocoa bean on shelves in every country—even shut-ins like North Korea.In 2022, the global chocolate industry was worth something like $116 billion, which is more than double the $50 billion or so it was worth in 2009, and analysts expect this market's compound annual growth rate, which tallies the increase in the industry's return on investment each year, to remain steady at around 3.4%, which is solid, and predicated on the increase in the dark chocolate market, especially amongst health-conscious consumers, and the burgeoning plant-based and vegan chocolate markets, which further reinforce the perception of some chocolate as being a luxurious and healthful indulgence.Such luxury upbranding is key to those CAGR assumptions, as positioning some of these products as more expensive, but better versions of what's long been available allows chocolate companies to sell relatively less product for relatively higher prices, and that means expanding their customer base while also increasing their profit-margins.All of which would be vital for this sort of industry even during normal times, but it's even more important when things are going sideways with an industry's access to raw materials, which seems to be what's happening in the world of chocolate.In the 20th century, especially the late-20th century, the brands that were selling the most chocolate to the most people, globally, started gobbling up their competition. This period of acquisition and consolidation left us with about a dozen big chocolate manufacturers, globally, including names you've almost certainly heard of, like Cadbury, which is the biggest such company in the world, but also Hershey, Mars, Neuhaus, Ferrero, and Milka.Some of these companies, like Nestlé, are what's called bean-to-bar chocolate manufacturers, but most of the titans in this space melt chocolate from other manufacturers into their end-products, only using the bean-to-bar model for a few high-end offerings.But there are a slew of bean-to-bar companies still in operation, today, they just tend to be a lot smaller, because this model requires that they process their own cocoa beans in-house, rather than outsourcing, which tends to be required to achieve the scale that companies like Hershey and Mars have reached; it's a lot more time-intensive and expensive to do it this way.That said, the expansion of the chocolate market into a multi-billion, then more than $100 billion global industry necessitated expanding the footprint of its base-level production beyond its traditional South and Central American origins.Several other locations within that 20 degrees north and south of the equator spectrum have thus seen cocoa trees introduced, but the biggest producer of cocoa, today, is Côte d'Ivoire, the Ivory Coast, in Western Africa, where about 45% of the world's cocoa was cultivated, as of 2022, which amounted to around 2.2 million tonnes that year, alone.Neighboring Ghana comes in second, producing about half as much as Ivory Coast, with about 1.1 million tonnes produced that same year, and Indonesia is a distant third, producing about 667,000 tonnes in 2022.Combined with Ivory Coast's output, Ghana's cocoa bean industry, plus the smaller outputs of nearby Nigeria and Cameroon, account for about 70% of all the cocoa produced anywhere in the world.Ecuador, where the cocoa tree was seemingly first domesticated, is now all the way down in fourth place, producing about 337,000 tonnes of the bean for export in 2022.Because of the nature of how cocoa beans are harvested, and where, chocolate companies have huge sway over local politics and economics, and the folks doing the harvesting have historically not been treated terribly well, and in some cases their ranks have been filled with children.In some such areas, people are trafficked or enslaved and put to work harvesting cocoa beans, and even those who are there of their own behest are paid very little by international standards, not even a living wage (based on the cost of things like shelter and food in their regions), their incomes artificially capped by an agreement with the cocoa bean-buying industry, and though Fair Trade certification has become more common for many chocolate companies, demonstrating their commitment to paying better wages, and in turn allowing the folks producing the raw materials for their chocolates to actually be able to afford to buy chocolate products, which is not the case for those working in non-Fair Trade conditions, that's still not the norm, and in some areas the conditions faced by workers are pretty bleak, many of them children under the age of 15, many of them forced to work for various reasons, and all of them making just enough money to survive, but nothing beyond that, and in some cases, barely that.Most of these beans, the ones that end up in chocolate produced by those bigwig entities that dominate the global chocolate trade, are mixed together with beans from other locations on commodity markets, these companies buying them by the metric ton, similar to other food commodities that are traded in this way, like soybeans, milk, and palm oil.Distinct from most other commodities right now, though, is the increase in price cocoa beans are seeing on these markets.In 2022, the average price for a metric tonne of cocoa beans was somewhere between $2,200 and $2,500.That's of a kind with the typical pricing for the past decade or so, and though there was a massive spike in 1977, which was only about $5,700 per tonne in unconverted money, but that's about $28,000 per tonne if we account for inflation—so that was a pretty bad year for chocolate lovers and companies—but other than that and a few other aberrations through the decades, cocoa beans have been a pretty stable commodity, at least compared to other commodities that are thus traded.In February of 2024, though, cocoa bean prices shot up from those $2,500-ish per tonne prices all the way to around $6,000 per tonne, and then in March cocoa futures hit a record (unconverted for inflation) price of about $10,000 per tonne, which is a staggering leap of something like 4 to 5 times the usual cost.This price jump is being attributed to a confluence of variables, most of them contributing to a series of poor harvests in Ghana and the Ivory Coast, which again, together, account for most of the world's cocoa bean output.The El Niño phenomenon that's been messing with the global water cycle and increasing average global temperatures since July of 2023 is partly the blame here, as are the creeping effects of climate change, which have, in practice, moved the ideal growing areas for all sorts of plants, because of a tweak to the average global temperature knobs that have nudged things higher in most parts of the world, while also making weather patterns more irregular, compared to what we've become used to.Those climate nudges have also allowed diseases to spread faster and to new regions, including those that impact plants.Extreme and unusual rainfall in Western Africa sparked outbreaks of black pod disease, which usually hits after wet season, and all that rain was followed by a period of extreme dryness and drought, which stoked the spread of swollen shoot virus, which reduces output by up to 25% in the first year of infection, up to 50% in the second, and which ultimately kills its hosts, the cocoa trees, and once it spreads to a plantation, the whole plantation, all the trees, usually have to be uprooted and burned, new trees planted in their stead, before things can get up and running again—all of which takes a lot of time and resources.Cocoa manufacturers have been underinvesting in their plantations and smaller cocoa producers for years; so it's not just their workers that they're under-investing in, it's the infrastructure surrounding those workers, which is often decrepit and unsafe, and which has left them prone to these newly aggressive diseases and unusual climate happenings.And a lot of the cocoa produced in these top-producing countries are run by small-holders, not by large-scale plantations. And because these small-holders are often almost as impoverished as the people working on the plantations, they don't have the money to invest in treating disease or uprooting and replacing all their trees, and that's led to a surge in illegal mining operations in cocoa growing areas, because illegal miners come in and say they'll pay the owners of the land where they want to dig a reliable, if still small income, and those landowners don't really have a choice—cocoa doesn't provide them enough money to do more than sustain themselves, so they take what they can get, and every time this happens, that's less prime cocoa-growing land that's being used to grow cocoa.Because of all this, the mid-season crop coming out of Ivory Coast, the biggest producer in the world, is expected to be about a third lower than usual this year, and Ghana's production is expected to hit a 22-year low; hence, those dramatically hiked prices, which have been further inflamed by market maneuvers meant to protect investors from irregularities, but which have the practical effect of raising prices in the short-term, creating more volatility, not less.This price-surge and negative overall outlook for the industry is causing a fair bit of concern for the global chocolate market, which has some stockpiled supply of beans, but which is struggling to account for this increase in overall cost, and is thus attempting to prepare their customers for price hikes and fresh instances of shrinkflation: which basically means selling the same product for the same price, but with less of the product in the package; so maybe a candy bar selling for the same price as before, but the bar is 2/3 its former size.This has been a big discussion topic recently in part because of the recent Easter holiday, which is a big day for chocolate sales in many parts of the Western world in particular, so this situation is topical news, but also because it's representative of what's happening in other commodity and non-commodity markets, as well, as a result of many of the same factors.The global supply of coffee beans has been shrinking since 2021, labor and other systemic issues contributing to that, but the climate also changing where coffee grows best, and thus making life hard on the folks who currently grow most of it, in what were previously the optimal regions for doing so, but which aren't any longer, and may no longer be capable of growing these beans at all in a few decades, the way things are going.Olive oil is likewise seeing record-high prices in 2024, the price of extra virgin olive oil up 70% from a year previous, and 260% from two years ago, due to widespread drought across the Mediterranean, where most olives are grown, and because of a bacteria that's infecting olive trees more enthusiastically than ever before because of all that heat and drought.The banana industry is also raising alarms, too, as the change in global temperatures and the water cycle are combining with a collection of increasingly aggressive diseases and infections that are impacting banana growing regions in Australia, Asia, Africa, and South America, necessitating a clean-sweep approach similar to those used to get a cocoa bean plantation ready to grow, again, post-infection, requiring a lot of additional investment and leading to a lot of waste and diminished expectations.Most of these industries have enough of a backlog and stockpile to keep prices on shelves constant for a while after this sort of hit, but for all of these industries, prices are expected to go up, possibly permanently, because of this seeming new reality, and because of the nature of the entities operating in these spaces, and the systems they've deployed to keep their goods flowing to the entities that turn them into products that end up in stores around the world.So while chocolate is the first to really hit the public consciousness in terms of the companies that own this space trying to prepare their customer base for what's about to happen by making it known that their core prices have grown shockingly high, it's likely we'll continue to see this sort of base-level inflationary impact on all sorts of goods in the coming years, unless something fundamental changes about the variables impacting supply, or the business model they use to sustain their industries.Show Noteshttps://finance.yahoo.com/news/chocolate-market-size-worth-usd-191300029.htmlhttps://www.theguardian.com/environment/2024/mar/29/easter-eggs-chocolate-cacao-harvests-cocoa-prices-aoehttps://www.cnbc.com/2024/03/26/cocoa-prices-are-soaring-to-record-levels-what-it-means-for-consumers.htmlhttps://archive.ph/YnZH7https://apnews.com/article/easter-chocolate-africa-farmers-cocoa-ghana-4a4d58a4e6076c8d46258c1b4dc414c4https://archive.ph/SbWVFhttps://archive.ph/wPhkkhttps://www.visualcapitalist.com/worlds-top-cocoa-producing-countries/https://www.statista.com/statistics/263855/cocoa-bean-production-worldwide-by-region/https://www.confectioneryproduction.com/news/47651/cocoa-sector-reaches-crisis-point-as-crop-prices-hit-10000-a-tonne/https://ycharts.com/indicators/cocoa_bean_pricehttps://www.aljazeera.com/gallery/2024/3/30/chocolate-prices-to-keep-rising-as-west-africas-cocoa-crisis-deepenshttps://investorplace.com/2024/03/olive-oil-coffee-and-cocoa-prices-oh-my-3-grocery-store-items-to-watch/https://www.bbc.com/news/science-environment-68534309https://www.ucl.ac.uk/news/2024/mar/analysis-cocoa-beans-short-supply-what-means-farmers-businesses-chocolate-lovershttps://www.france24.com/en/live-news/20231220-illegal-mining-smuggling-threaten-ghana-s-cocoa-industryhttps://www.sciencedirect.com/science/article/pii/S0022316622143798?via%3Dihubhttps://www.sciencedaily.com/releases/2018/10/181029130945.htmhttps://en.wikipedia.org/wiki/Chocolatehttps://en.wikipedia.org/wiki/Cocoa_bean This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This week we talk about the Rwandan genocide, the First and Second Congo Wars, and M23.We also discuss civil wars, proxy conflicts, and resource curses.Recommended Book: Everyday Utopia by Kristen R. GhodseeTranscriptThe Democratic Republic of the Congo, or DRC, was previously known as Zaïre, a name derived from a Portuguese mistranscription of the regional word for "river."It wore that monicker from 1971 until 1997, and this region had a rich history of redesignations before that, having been owned by various local kingdoms, then having been colonized by Europeans, sold to the King of Belgium in 1885, who owned it personally, not as a part of Belgium, which was unusual, until 1908, renaming it for that period the Congo Free State, which was kind of a branding exercise to convince all the Europeans who held territory thereabouts that he was doing philanthropic work, though while he did go to war with local and Arab slavers in the region, he also caused an estimated millions of deaths due to all that conflict, due to starvation and disease and punishments levied against people who failed to produce sufficient volumes of rubber from plantations he built in the region.So all that effort and rebranding also almost bankrupted him, the King of Belgium, because of the difficulties operating in this area, even when you step into it with vast wealth, overwhelming technological and military advantages, and the full backing of a powerful, if distant, nation.After the King's deadly little adventure, the region he held was ceded to the nation of Belgium as a colony, which renamed it the Belgium Congo, and it eventually gained independence from Belgium, alongside many other European colonies around the world, post-WWII, in mid-1960.Almost immediately there was conflict, a bunch of secessionist movements turning into civil wars, and those civil wars were amplified by the meddling of the United States and the Soviet Union, which supported different sides, funding and arming them as they tended to do in proxy conflicts around the world during this portion of the Cold War.This period, which lasted for about 5 years after independence, became known as the Congo Crisis, because government leaders kept being assassinated, different groups kept rising up, being armed, killing off other groups, and then settling in to keep the government from unifying or operating with any sense of security or normalcy.Eventually a man named Mobutu Sese Seko, usually just called Mobutu, launched a real deal coup that succeeded, and he imposed a hardcore military dictatorship on the country—his second coup, actually, but the previous one didn't grant him power, so he tried again a few years later, in 1965, and that one worked—and though he claimed, as many coup-launching military dictators do, that he would stabilize things over the next five years, restoring democracy to the country in the process, that never happened, though claiming he would did earn him the support of the US and other Western governments for the duration, even as he wiped out any government structure that could oppose him, including the position of Prime Minister in 1966, and the institution of Parliament in 1967.In 1971, as I mentioned, he renamed the country Zaïre, nationalized all remaining foreign owned assets in the country, and it took another war, which is now called the First Congo War, to finally unseat him. And this conflict, which began in late-1996, spilled over into neighboring countries, including Sudan and Uganda, and a slew of other nations were involved, including but not limited to Chad, the Central African Republic, Rwanda, Burundi, Angola, Eritrea, South Africa, Zambia, Zimbabwe, Ethiopia, and Tanzania, alongside foreign assistance granted to various sides by France, China, Israel, and covertly, the United States.The conflict kicked off when Rwanda invaded Zaïre, more neighboring states joined in, all of them intending to take out a bunch of rebel groups that the Mobutu government was no longer keeping in line: Mobutu himself having long since fallen ill, and thus lacking the control he once had, but still profiting mightily from outside influences that kept him as a friendly toehold in the region.So these other nations sent military forces into Zaïre to handle these groups, which were causing untold troubles throughout the region, and the long and short of this conflict is that it only lasted a few months, from October 1996 to May 1997, but the destruction and carnage was vast, everyone on both sides partnering up to take out rebels, or in the case of those rebels, to join up against these government militaries, and all of them using the opportunity to also engage in violence against ethnic enemies with whom they had long-simmering beefs.This led to the collapse of Mobutu's government, the country was renamed the Democratic Republic of the Congo when a new government was installed, but very little changed in terms of the reality of how that government functioned, so all the same variables were still in place a year later, in 1998, when what's now called the Second Congo War kicked off, informed by basically the same problems but bringing even more African governments into the fighting, many of them pulled into things by alliances they had with involved neighbors.And just as before, a variety of groups who felt aggrieved by other groups throughout the region used this conflict as an excuse to slaughter and destroy people and towns they didn't like, including what's been called a genocide of a group of Pygmy people who lived in the area, around 70,000 of them killed in the waning days of the war.In mid-2003, a peace agreement was signed, most of the warring factions that had fought in Congolese territory were convinced to leave, and it was estimated that up to 5.4 million people had died during the conflict.What I'd like to talk about today is what's happening in the DRC, now, at a moment of heightening tensions throughout the region, and in the DRC in particular, amidst warnings from experts that another regional conflict might be brewing.—A transition government was set up in the DRC in 2003, following the official end of that Second Congo war, and this government, though somewhat weak and absolutely imperfect in many ways, did manage to get the country to the point, three years later, in 2006, that it could hold an actual multi-party election; the country's first ever, which is no small thing.Unfortunately, a dispute related to the election results led to violence between supporters of the two primary candidates, so a second election was held—and that one ended relatively peacefully and a new president, Joseph Kabila, was sworn in.Kabila was reelected in 2011, then in 2018 he said he wouldn't be running again, which helped bring about the country's first peaceful transition of power when the next president, from the opposing party, stepped into office.During his tenure in office, though, Kabila's DRC was at near-constant war with rebel groups that semi-regularly managed to capture territory, and which were often supported by neighboring countries, alongside smaller groups, so-called Mai-Mai militias, that were established in mostly rural areas to protect residents from roaming gangs and other militias, and which sometimes decided to take other people's stuff or territory, even facing off with government forces from time to time.Violence between ethnic groups has also continued to be a problem, including the use of sexual violence and wholesale attempted genocide, which has been difficult to stop because of the depth of some of the issues these groups have with each other, and in some cases the difficulty the government has just getting to the places where these conflicts are occurring, infrastructure in some parts of the country being not great, where it exists at all.That 2018 election, where power was given away by one president to another, peacefully, for the first time, was notable in that regard, but it was also a milestone in it marked the beginning of widespread anti-election conspiracy theories, in that case the Catholic Church saying that the official results were bunk, and other irregularities, like a delay of the vote in areas experiencing Ebola outbreaks, those areas in many cases filled with opposition voters, added to suspicions.The most recent election, at the tail-end of 2023, was even more awash with such concerns, the 2018 winner, President Tshisekedi, winning reelection with 73% of the vote, and a cadre of nine opposition candidates signing a declaration saying that the election was rigged and that they want another vote to be held.All of which establishes the context for what's happening in the DRC, today, which is in some ways a continuation of what's been happening in this country pretty much since it became a country, but in other ways is an escalation and evolution of the same.One of the big focal points here, though, is the role that neighboring Rwanda has played in a lot of what's gone down in the DRC, including the issues we're seeing in 2024.Back in 1994, during what became known as the Rwandan genocide, militias from the ruling majority Hutu ethnic group decided to basically wipe out anyone from the minority Tutsi ethnic group.Somewhere between a 500,000 and a million people are estimated to have been killed between April and July of that year, alone, and that conflict pushed a lot of Hutu refugees across the border into the eastern DRC, which at the time was still Zaïre.About 2 million of these refugees settled in camps in the North and South Kivu provinces of the DRC, and some of them were the same extremists who committed that genocide in Rwanda in 1994, and they started doing what they do in the DRC, as well, setting up militias, in this case mostly in order to defend themselves against the new Tutsi-run government that had taken over in Rwanda, following the genocide.This is what sparked that First Congo War, as the Tutsi-run Rwandan government, seeking justice and revenge against those who committed all those atrocities went on the hunt for any Hutu extremists they could find, and that meant invading a neighboring country in order to hit those refugee groups, and the militias within them, that had set up shop there.The Second Congo War was sparked when relations between the Congolese and Rwandan governments deteriorated, the DRC government pushing Rwandan troops out of the eastern part of their country, and Kabila, the leader of the DRC at the time, asking everyone else to leave, all foreign troops that were helping with those Hutu militias.Kabila then allowed the Hutus to reinforce their positions on the border with Rwanda, seemingly as a consequence of a burgeoning international consensus that the Rwandan government's actions following the genocide against the Tutsis had resulted in an overcompensatory counter-move against Hutus, many of whom were not involved in that genocide, and the Tutsis actions in this regard amounted to war crimes.One of the outcomes of this conflict, that second war, was the emergence of a mostly Tutsi rebel group called the March 23 Movement, or M23, which eventually became a huge force in the region in the early 20-teens, amidst accusations that the Congolese government was backing them.M23 became such an issue for the region that the UN Security Council actually sent troops into the area to work with the Congolese army to fend them off, after they made moves to start taking over chunks of the country, and evidence subsequently emerged that Rwanda was supporting the group and their effort to screw over the Congolese government, which certainly didn't help the two countries' relationship.Alongside M23, ADF, and CODECO, a slew of more than 100 other armed, rebel groups still plague portions of the DRC, and part of the issue here is that Rwanda and other neighboring countries that don't like the DRC want to hurt them to whatever degree they're able, but another aspect of this seemingly perpetual tumult is the DRC's staggering natural resource wealth.Based on some estimates, the DRC has something like $24 trillion worth of natural resource deposits, including the world's largest cobalt and coltan reserves, two metals that are fundamental to the creation of things like batteries and other aspects of the modern economy, and perhaps especially the modern electrified economy.So in some ways this is similar to having the world's largest oil deposits back in the early 20th century: it's great in a way, but it's also a resource curse in the sense that everyone wants to steal your land, and in the sense that setting up a functioning government that isn't a total kleptocracy, corrupt top to bottom, is difficult, because there's so much wealth just sitting there, and there's no real need to invest in a fully fleshed out, functioning economy—you can just take the money other countries offer you to exploit your people and resources, and pocket that.And while that's not 100% what's happened in the DRC, it's not far off.During the early 2000s and into the 20-teens, the DRC government sold essentially all its mining rights to China, which has put China in control of the lion's share of some of the world's most vital elements for modern technology.The scramble to strike these deals, and subsequent efforts to defend and stabilize on one hand, or to attack and destabilize these mining operations, on the other, have also contributed to instability in the region, because local groups have been paid and armed to defend or attack, soldiers and mercenaries from all over the world have been moved into the area to do the same, and the logic of Cold War-era proxy conflicts has enveloped this part of Africa to such a degree that rival nations like Uganda are buying drones and artillery from China to strike targets within the DRC, even as China arms DRC-based rebel groups to back up official military forces that are protecting their mining operations.It's a mess. And it's a mess because of all those historical conditions and beefs, because of conflicts in other, nearby countries and the machinations of internal and external leaders, and because of the amplification of all these things resulting from international players with interests in the DRC—including China, but also China's rivals, all of whom want what they have, and in some cases, don't want China to have what they have.In 2022, M23 resurfaced after laying low for years, and they took a huge chunk of North Kivu in 2023.For moment that same year, it looked like Rwanda and the DRC might go to war with each other over mining interests they control in the DRC, but a pact negotiated by the US led to a reduction in the military buildup in the area, and a reduction in their messing with each other's political systems.In December of 2023, though, the President of the DRC compared the President of Rwanda to Hitler and threatened to declare war against him, and UN troops, who have become incredibly unpopular in the region, in part because of various scandals and corruption within their ranks, began to withdraw—something that the US and UN have said could lead to a power vacuum in the area, sparking new conflicts in an already conflict-prone part of the country.As of March 2024, soldiers from South Africa, Burundi, and Tanzania are fighting soldiers from Rwanda who are supporting M23 militants in the eastern portion of the DRC, these militants already having taken several towns.Seven million Congolese citizens are internally displaced as a result of these conflicts, having had to flee their homes due to all the violence, most of them now living in camps or wandering from place to place, unable to settle down anywhere due to other violence, and a lack of sufficient resources to support them.Rwanda, for its part, denies supporting M23, and it says the Congolese government is trying to expel Tutsis who live in the DRC.Burundi, located just south of Rwanda, has closed its border with its neighbor, and has also accused Rwanda of supporting rebels within their borders with the intent of overthrowing the government.Most western governments have voiced criticisms of Rwanda for deploying troops within its neighbors' borders, and for reportedly supporting these militant groups, but they continue to send the Rwandan government money—Rwanda gets about a third of its total budget from other governments, and the US is at the top of that list of donors, but the EU also sends millions to Rwanda each year, mostly to fund military actions aimed at taking out militants that make it hard to do business in the region.So changes in political stances are contributing to this cycle of violence and instability, as are regular injections of outside resources like money and weapons and soldiers.And as this swirl of forces continues to make the DRC borderline ungovernable, everyday people continue to be butchered and displaced, experiencing all sorts of violence, food shortages, and a lack of basic necessities like water, and this ongoing and burgeoning humanitarian nightmare could go on to inform and spark future conflicts in the region.Show Noteshttps://archive.ph/lk0mNhttps://en.wikipedia.org/wiki/Joseph_Kabilahttps://en.wikipedia.org/wiki/Rwandan_genocidehttps://gsphub.eu/country-info/Democratic%20Republic%20of%20Congohttps://en.wikipedia.org/wiki/Economy_of_the_Democratic_Republic_of_the_Congohttps://www.reuters.com/world/africa/why-fighting-is-flaring-eastern-congo-threatening-regional-stability-2024-02-19/https://archive.ph/lk0mNhttps://www.aljazeera.com/news/2024/2/21/a-guide-to-the-decades-long-conflict-in-dr-congohttps://www.cfr.org/global-conflict-tracker/conflict/violence-democratic-republic-congohttps://en.wikipedia.org/wiki/March_23_Movementhttps://en.wikipedia.org/wiki/Kivu_conflicthttps://en.wikipedia.org/wiki/Congo_Free_Statehttps://en.wikipedia.org/wiki/Mobutu_Sese_Sekohttps://en.wikipedia.org/wiki/Congo_Crisishttps://en.wikipedia.org/wiki/1965_Democratic_Republic_of_the_Congo_coup_d%27%C3%A9tathttps://en.wikipedia.org/wiki/First_Congo_Warhttps://en.wikipedia.org/wiki/Second_Congo_War This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This week we talk about mergers, acquisitions, and the Shale Oil Revolution.We also discuss liquid natural gas, energy diplomacy, and political hypocrisy.Recommended Book: Eversion by Alastair ReynoldsTranscriptFor the sixth year in a row, the United States is the largest oil producer in the world.As of March 2024, it's producing an average of 12.93 million barrels of oil per day, according to the US Energy Information Administration, and it periodically pops above that average for stretches of time, like in December of last year when it managed to average just over 13.3 million barrels per day.That's an absolutely astonishing volume of oil.For context, while Saudi Arabia remains the holder of the world's most substantial spare oil capacity and was the largest oil exporter in 2023, they set aside plans to increase output to 12 million barrels a day back in January, which leaves them about a million barrels a day shy of the expansion target they set in 2020.In 2023, the US produced about 28% more oil than Russia and about 33% more than Saudi Arabia, on average.The US is becoming a huge player in oil exports, too, but it really shines if you look at not just crude oil, but also natural gas liquids and refined petroleum products. In aggregate, in 2023, the United States exported nearly the same volume of these products that both Saudi Arabia and Russia produced, not exported, which is pretty wild.As is the fact that in December of 2023, the US exported about 400 billion more cubic feet of natural gas than it imported; and it imports a lot, and it only started exporting natural gas a few years ago, so that's the figure for an industry that didn't even exist until 2016, and didn't really grow until the 2020s.The US hasn't always been this kind of force in the global oil market. It's long been a consumer of huge quantities of the stuff, but while it produced a decent amount until the late-90s, competing with Russia and trailing Saudi Arabia, though not by much, US production levels dropped substantially beginning in the early 90s, the US becoming a huge importer of fossil fuels, its production levels dipping down to something closer to those of Iran by the mid-2000s; when 9/11 happened in 2001, one of the big concerns was that the US's fundamental reliance on Middle Eastern oil would complicate its military options and hamstring its economy.That all changed, though, with what became known as the Shale Revolution, when the widespread investment in and deployment of hydraulic fracturing, or "fracking" technologies, combined with developments that allowed for horizontal drilling, opened up huge swathes of new oil-rich territories in the US and Canada, making what were previously usable, but incredibly expensive to exploit fossil fuel resources less expensive and easier to tap, and southern US states in particular saw a wave of new and expanded drilling, leading to a surge in the US's production output, and ultimately allowing the US to become the top producer in the world beginning in 2018.The degree to which this has changed things, geopolitically, cannot be overstated, in the US and globally.Stateside, petroleum prices became less tethered to the whims and political motivations of mostly Middle Eastern nations and Russia, which, working together via the OPEC+ oil cartel, were long able to threaten and coerce the US government and its allies in various ways.That remained the case for a while, even after this shale oil boom, as production and export figures weren't optimally aligned. But as this new reality has set in, the US government has been more strategic in how it has stockpiled fossil fuels resources and how it's been willing to use those stockpiles to manage price fluctuations, for itself and its allies, when warranted.This has also been important for manufacturing, shipping, and other energy-hungry aspects of the US economy, and it has stoked booms in all sorts of consumer-facing industries, alongside the deployment of power-hungry infrastructure like new power plants and data centers.Globally, this increased production has allowed the US to become a player in energy diplomacy, exporting fuel to allies that needed it because of disasters or foreign meddling, and recently, the US has taken this up a notch by bolstering Europe's energy supplies in the wake of Russia's invasion of Ukraine—an invasion that led to sanctions from the EU against Russia, those sanctions arriving more slowly than they might have otherwise arrived because of concerns that Russia's stranglehold on much of the bloc's energy resources might turn into a chokehold, hobbling their economies, military preparedness, and civilian support for the sanctions, because people would be paying extreme prices for ever-shrinking volumes of energy.In the decades leading up to that invasion, many European nations, especially Germany, completely recalibrated their economies so they could profit from Russian fuel, so the fear that those fuel supplies would dry up if they made the wrong move, supported Ukraine too ardently, was a significant concern and shaped a lot of what happened in those early days of the invasion.The US started exporting liquified natural gas to the bloc, though, which is gas that's turned into a liquid using incredibly low temperatures, which shrinks it so that it's easier and cheaper to ship. And these shipments arrived first in drips and drabs, because the infrastructure on the receiving end, to convert that chilly liquid gas back into room-temperature, full-volumed gas, needed to be installed, but once that infrastructure was in place, LNG began to arrive from the US in huge volumes, a whole new energy economy popping up essentially overnight, relative to how these things typically go, anyway. And that enabled more and sterner sanctions from the EU, of a kind that may not have been feasible, lacking that energy resource backstop.What I'd like to talk about today is another, even more recent development within the US oil industry, and what it might mean for the future of this industry.—In 2023 alone, the businesses that make up the US energy sector spent about $250 billion scooping up clients, suppliers, and rivals.A poll of energy executives in December of the same year suggested we could see another $50 billion or so invested in more acquisitions and mergers over the next two years, and in 2024, so far, as of mid-March, we've already seen APA buy Callon, Chesapeake buy Southwestern, Talos buy QuarterNorth, and Sunoco acquire NuStar; these deals all close at the tale-end of Q1 or in Q2 2024, and they were worth around $4.5, $7.4, $1.29, and $7.3 billion, respectively, so nearly $20.5 billion worth of big oil industry deals, already, and the year is just getting started, so that $50 billion figure is looking prescient.The majority of next-step deals are expected to center around the Permian Basin, which is located in western Texas, with a little bit of overflow across the border into New Mexico.This basin is the highest-producing oil field in the US, generating nearly 6 million barrels of oil and around 25 billion cubic feet of natural gas each day, as of early 2024, and this is a region of intense investment and growth; oil fields around the country are shutting down, and that increase in gas and oil production that we're seeing is mostly the consequence of more effective technologies and upgrades in the hardware and software being used by the industry.So better exploration, better tools to get to the best pockets of resources, better capturing technologies and means of shuttling what they pump from place to place—it's a full stack of better tech and systems, and that is allowing the industry to consolidate its sprawl into fewer areas, many of them in the Permian Basin, and that's thought to be part of why we're seeing so much consolidation at the moment: more investment in fewer wells and fields in a smaller portion of the country is leading to more output, and that means the bigger companies with more R&D capacity and higher-end assets will tend to have a bigger advantage than their more dispersed, smaller rivals.It's anticipated, though, that a collection of variables, including that consolidation, will actually slow the growth of the US's fossil fuel-based energy industry, at least for the next few years.Less activity from fewer business entities and fewer investments that will lead directly to higher output is expected to nudge that 12.93 million barrels a day up by maybe 120,000 or 170,000 barrels per day, rather than the previously projected 1 million barrel a day increase.That's the EIA projection, as least—some other analysts have higher expectations, in some cases double or quadruple that range, but the general consensus is that more of the oil wealth in this region being owned by larger entities that are aiming for consolidation, not growth in the sense of exploring and exploiting a bajillion new wells, will likely lead to a period of more tempered industry-wide growth, and probably a period in which these now-bigger companies will be focusing on getting all their ducks in a row, reducing redundancies and inefficiencies in their new, combined collection of assets, and possibly eyeballing other acquisition targets, as well—so that'll means more investment in efficiencies, less investment in upping those already sky-high production numbers.All of this is happening within the context of efforts, globally, to reduce humanity's reliance on and use of fossil fuels. And that's led to some strange combinations of policies and political messaging, and no shortage of claims of hypocrisy from all sides of the conversation.Case in point: even as US President Biden has celebrated US energy independence and the associated security enabled and supported by this expansion of fossil fuel production and processing, he has also flogged and signed all sorts of laws and regulations meant to reduce oil use and to increase the deployment of solar, wind, and other clean energy sources.He's also pushed hard for government investment in clean energy and related infrastructure, including things like electric vehicles and upgrades for homes, and he's not alone in this: other wealthy nations in particular have been pushing hard to emphasize and enable this transition, as all the data indicates the faster we shift away from burning fossil fuels and engaging in other emitting activities, the less destructive the impacts of human-amplified climate change will be, and the less expensive it will ultimately be to adapt to those new realities, and to stop making them worse; to fully transition to a net-zero, and then eventually, a practically non-emittive future.This seemingly bipolar stance can be disorienting, especially for those it directly impacts.And consequently, rather than making everyone happy, as both sides of the climate change, renewables conversation are getting a fair bit of what they want due to these seemingly opposing investments, it's mostly just pissing everyone off, as environmentalists, climate change activists, and everyday people who are concerned about the impacts of the changing climate that they're seeing around them, more and more each year, are irritated that the segue to a non-emittive energy future isn't happening faster, while oil, gas, and coal companies are peeved that they're being elbowed out, despite having arguably gotten the country to where it is today, provide the US economy with a substantial chunk of its overall income and wealth, and in a very real way enable modern, everyday life—even for those people who want them and their products to disappear as quickly as possible.That perception of hypocrisy is difficult to sidestep, then, because while, yes—there has been a lot of new, clean infrastructure deployed, many EV and similar companies have been invested in, and on the other side there have been all those big expansions of oil and gas infrastructure and an increase in the market for those sorts of products—these two narratives are also in diametric opposition to each other, at least in the long-term, and slow-walking a transition away from fossil fuels makes climate change worse, its impacts more devastating and longer-lasting, the worst stuff arriving faster, too, while the shift toward cleaner energy is stealing market share from those emittive energy companies, and this movement toward renewables puts a cap on fossil fuel companies' very existence, as well—some policies suggesting that they can't exist, or at least not exist at any real scale, doing the type of business they've always done, past a certain, government-mandated date.And both of these perspectives are arguably true; so those victories both sides are accumulating are often lost in the sea of concomitant victories for the perceptually opposing side, which manifest as losses for the non-victorious side.It's worth noting, too, that both sides actually have pretty good arguments, in isolation.Lacking the dominant, fossil fuel-based energy sources of today, the US military wouldn't be able to operate; it simply wouldn't be able to function, which would have all sorts of knock-on effects, until and unless all of those vehicles and missiles and other bits of hardware could be replaced with cleaner versions of the same.Lacking a full-scale replacement of every fuel-chugging car, bus, train, jet, and other piece of transportation infrastructure, the US economy would come to a halt, overnight, and that would wreak untold havoc in-country and around the world.There's a chance that certain plastic goods would disappear, too, and a gobsmackingly large portion of all things created in the modern world are made of some kind of plastic, which is a petroleum product, and the well-being of that industry is in some ways correlated with the well-being of the rest of the industry's efforts.That said, if we don't shift away from the use of these fuels and materials soon, we may lose the ability to counter some of the worst impacts of climate change, including many that are deadly, like overpowered and more regular storms and heatwaves, and others that will take out ecosystems and the creatures living in those ecosystems, permanently, changes to their conditions arriving so quickly they don't have a change to adapt.Military conflicts and economy collapses may seem quaint compared to the cost and loss of lives and treasure associated with forthcoming, more common, climate change-triggered disasters and norm-shifts.There's some indication that some Big Oil companies are making tweaks to how they do things in order to reduce the distance between their economic priorities and the priorities of folks who want them to stop pumping more fossil fuels from the ground.Top mining officials from Saudi Arabia recently announced they're building out the systems and hardware necessary to extract the more than $2.5 trillion worth of metals they're so far located in their territory, for instance, and other state-run businesses have suggested they intend to do the same: leveraging their knowledge, tools, and expertise to mine and process some of the resources that'll be most necessary (and thus, valuable) for the transition to cleaner energy.Some US-based Big Oil companies have made announcements about their own intentions in this regard, some saying they'll pull lithium from their oil wells, while others claim they're investing in rare earth mining infrastructure.ExxonMobil recently announced that it would be returning to one of its old, long-closed oil wells in a small town in Arkansas to mine lithium there, which could be beneficial for their bottom line, but also for folks in that region who were left in the lurch when Exxon left to refocus on Texas in the 1990s.A coal company operating in Wyoming, with the help of the US Department of Energy, recently discovered what could be one of the largest rare-earth metal deposits in the world, and the biggest in the US, on land that they originally bought for coal mining purposes.These sorts of investments are not consequence-free, as mining of any kind tends to deplete local resources, especially water and energy, and can have serious and deleterious effects on people and ecosystems, too. But this does seem like one of the more likely avenues through which these companies' interests may slowly come to align with those of folks, businesses, and governments that are trying to segue the US and other economies to clean energy; and that's meaningful because otherwise these companies almost always represent the most significant, well-moneyed and lobbyist-employing roadblocks to legislation and investment that would speed up the deployment of renewables and associated infrastructure; so this type of pivot would conceivably give them reason to support, rather than hamstring those efforts.That said, some of these announced efforts may end up being mostly PR plays, similar to how big oil companies have dangled the possibility of cleaning up their emissions using carbon drawdown technologies, for years, but few such investments have been made, and some of the deployed tools were eventually retired, as they didn't really do what they were supposed to do.So there are potential avenues via which priorities might align more closely in the coming years, if the economics of such paths can be worked out and if the market validates them, but there's also a chance these opposing interests remain oppositional for the foreseeable future, even though both arguably scratch necessary itches, and both represent anchors and wings for politicians who support and rely upon them.Show Noteshttps://grist.org/energy/oil-companies-used-to-run-this-town-now-theyre-back-to-mine-for-lithium/https://www.reuters.com/default/more-us-energy-deals-likely-2024-wave-consolidation-2024-01-24/https://www.semafor.com/article/03/13/2024/inside-saudi-arabias-plan-to-take-over-the-mining-industryhttps://www.reuters.com/markets/commodities/us-leads-global-oil-production-sixth-straight-year-eia-2024-03-11/https://www.reuters.com/business/energy/saudi-aramco-says-it-will-cut-planned-maximum-capacity-12-mln-bpd-2024-01-30/https://www.reuters.com/markets/commodities/record-us-oil-output-challenges-saudi-mastery-kemp-2023-12-04/https://www.visualcapitalist.com/visualizing-the-rise-of-the-u-s-as-top-crude-oil-producer/https://www.forbes.com/sites/gauravsharma/2023/12/19/as-2024-approaches-us-leads-global-crude-oil-production-roster/?sh=107f8c582706https://www.reuters.com/markets/commodities/is-us-shale-oil-revolution-over-kemp-2022-11-22/https://en.wikipedia.org/wiki/Shale_gas_in_the_United_Stateshttps://www.nrdc.org/stories/fracking-101https://www.eia.gov/dnav/ng/hist/n9133us2M.htmhttps://www.eia.gov/energyexplained/natural-gas/liquefied-natural-gas.phphttps://www.reuters.com/business/energy/us-was-top-lng-exporter-2023-hit-record-levels-2024-01-02/https://www.eia.gov/todayinenergy/detail.php?id=61523https://jpt.spe.org/the-trend-in-drilling-horizontal-wells-is-longer-faster-cheaperhttps://edition.cnn.com/2023/03/28/energy/eu-us-oil-imports-overtake-russia/index.htmlhttps://www.nytimes.com/interactive/2023/09/25/climate/fracking-oil-gas-wells-water.htmlhttps://www.newscientist.com/article/2422110-methane-leaks-from-us-oil-and-gas-are-triple-government-estimates/https://www.eia.gov/todayinenergy/detail.php?id=61523https://en.wikipedia.org/wiki/Petroleum_in_the_United_Stateshttps://www.marketplace.org/2024/02/12/diamondback-and-endeavor-merger-trend-bigger-fewer-oil-companies/https://www.strausscenter.org/energy-and-security-project/the-u-s-shale-revolution/ This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

This podcast discusses the ongoing conflict in Ukraine, including foreign aid, brain drain, and economic consequences. It explores the challenges faced by Ukraine in their counter-offensive against Russia, the complexities of international aid, and the economic and social implications of the conflict. The episode also touches on Russian political developments and recommends a book for further reading.