Monday, February 29, 2016

Raspberry Pi 3: The inside story from the new $35 computer's creator

Today sees the launch of the Raspberry Pi 3. The Pi's co-creator Eben Upton told TechRepublic how the board's release opens up new software, operating systems and uses for the credit card-sized machine.
The Raspberry Pi 3

It's fair to say the success of the Raspberry Pi computer has surpassed expectations.
Co-creator of the board Eben Upton famously said he originally thought they'd sell about 1,000 of the $35 pocket-sized boards.

That estimate turned out to be somewhat conservative. More than eight million boards have shipped in the four years since the Pi's launch - with the Pi selling faster than ever last year.

This burgeoning demand is being fuelled by newfound appetites for the Pi. While early sales were driven by hobbyist makers and tinkerers, in recent years schools and businesses have began using the boards in serious numbers.

It's easy to see that momentum continuing, as from today you'll be able to get far more Pi for your buck. Monday marks the launch of the Raspberry Pi 3 Model B - a machine some 50 percent faster than the Pi 2 that came out just last year.

The Pi 3's release comes somewhat out of the blue. In the first three years following the Pi's release there were no major updates to the board but over the past year its capabilities have surged, with the release of the Pi 2 and now the Pi 3.

"We've got a 10x improvement in processing in 13 months," said Upton, describing the jump from the single core processor of the original Pi to a faster, more capable quad-core chipset in the Pi 3.

That boost puts the Pi 3 more squarely in the category of an entry-level home computer than ever before - with testers of the pre-release boards noticing an appreciable difference in the useability of the Pi 3 as a PC, according to Upton.

Raspberry Pi co-creator Eben Upton at a Pi factory in Wales.

"Talking to people who've played with the units, it's crossed some kind of line."

"It's become more PC-like. When you're using LibreOffice and the web browser it just feels more modern in that respect.

"You're looking at an entry-level PC from the latter part of the last decade."

Breaking down the performance, the Raspberry Pi 3's new CPU performs 50-60 percent faster in 32-bit mode than that of the Raspberry Pi 2 and roughly ten times better than the original single-core Raspberry Pi in a multi-threaded CPU benchmark like SysBench. Compared to the original Pi, real world applications will see a performance increase of between 2.5x - for single-threaded applications - and more than 20x - for NEON-enabled video codecs.

The increased speed and capabilities of the chipset means the new board can now play 1080p video at 60 frames per second, in a boost to the Pi's media center credentials.

Pi 3's increased ease of use isn't just down to more processing muscle, but also built-in support for wi-fi and Bluetooth - a first for the Pi.

The addition not only makes web browsing easier but also offers network connectivity without affecting the Pi's performance. A recurring complaint about earlier models of the Pi is that USB and Ethernet share the same data bus. This shared bus limits the amount of data that can be passed to and from the Pi, which could slow things down when a user attempted to pass large amounts of data over Ethernet and to USB-attached storage at the same time.

In contrast the Pi 3's wireless LAN doesn't share the USB bus - allowing users to sidestep some of the problems that shared bus can cause.

Just as important a decision when releasing a new Pi is what features to leave out and Upton says that one oft-requested feature that didn't make the cut was a Sata port, which would provide a high speed connection for attaching storage. Sata was omitted from the Pi 3 mainly for technical reasons, as the board's architecture would mean the Sata connection having to send data via the USB2 bus. This would have the effect of throttling the Sata connection, with its maximum throughput of 6 Gbps squeezed down to the 480 Mbps speed of USB2.

What's next for Android, Chromium OS and Windows on the Pi?

The Pi already runs a suite of Linux-based operating systems but the Pi 3's additional power also furthers the possibility of the Pi running new OSes, such as Android, Chromium OS and, eventually, maybe Windows.

Windows 10 was released for the Raspberry Pi 2 last year but it isn't the full desktop version of the Microsoft OS, but rather a cut-down version called Windows IoT Core designed to support Internet of Things appliances.

However, from a technical standpoint, Upton says the Pi 3 has the chops to run a full version of Windows - pointing out the similarities of the board's hardware to that of the original Surface RT tablets, which ran a version of Windows 8.

"There's no fundamental difference between this device and a Windows Surface device," he said.

"The operating system underpinnings are the same. We'd dearly love to have the [Windows] shell and applications on there but that isn't something that is in scope for the relationship we have [with Microsoft] at the moment."

Specswise the Pi 3 is based around a more powerful CPU core than the original Surface tablets but its memory is half that of the original Surface and clocked at a lower speed. The Surface RT OS has since been superseded by Windows 10 Mobile, which can be used on tablets and smartphones that, like the Pi, use ARM-based hardware.

Also, Upton points out that when it comes to Windows software most people want to run the apps that work on their desktops and laptops at home, not the far smaller pool of software that ran on Surface RT.

Getting that standard Windows software to run on the Pi is complicated due to the board's underlying hardware being ARM- and not x86-based, although specialist tools like ExaGear and Wine can used together get x86 Windows software to run on the Pi. Running software in this way takes a large toll on performance - something the additional processing power of the Pi 3 may help to address.

"We're chipping away at it, as we are putting more and more power into the system there is that range of stuff that becomes possible," said Upton.

What looks to be more feasible, and has already been realised to a degree, is getting popular operating systems Android and Chromium OS - the open-source equivalent of Chrome OS - to run on the Pi.

Getting these systems onto the Pi is being enabled both by the more powerful hardware of the new board and the development of an open-source 3D graphics driver for the board that is making it easier to implement these systems.

"Our technical choices were blocking the community from getting this stuff done and we're backing away from those now," said Upton of the Mesa and DRM driver developed by Eric Anholt.

"There's a quite impressive looking ChromiumOS port for the Pi. As we get more processing power and as Eric's stuff matures further, we hope that can become something we can endorse and have as an option on the Pi."

In the nearer future, a version of Windows 10 IoT Core will be released for the Pi 3 and is in a complete that it is expected to be demoed at the Pi 3's launch on Monday.

Upton expects the release of the Pi 3 will pave the way for individuals and small businesses to begin using Windows IoT Core to begin creating products in earnest.

While the Windows OS has been used by people to build homemade sensor hubs and the like, he believes that its use to create Pi-based appliances may have been held back by the lack of a Raspberry Pi compute module that could run Windows IoT Core.

The Raspberry Pi compute module packs the processor and memory of the Pi onto a slim board the size of a memory module. The idea of the compute board is to make it easier to bolt together a custom appliance using a Pi, as the compute module can be plugged into a base board with all of the necessary peripheral circuitry.

While the Raspberry Pi Foundation had originally intended to release a compute module based on the Pi 2 that could run Windows IoT Core, Upton said demand for the main model B Pi 2 board was so strong there wasn't enough stock to make it happen. The foundation now plans to instead launch a compute module based on the Pi 3 (CM3) "in the next few months".

"The compute module is how you get through the 1,000 to 10,000 range as you're scaling your product out. One of the reasons we're excited about getting CM3 out is it will give people a platform to move on from tinkering and doing the odd fun little home automation projects.

"It's exciting because it's giving people an opportunity to build small businesses from scratch."

Can we expect a new Raspberry Pi each year from now on?

Upton is adamant that the foundation is not about to start bringing out new Raspberry Pi boards each year. The rapid release Pi 3 is something of a one-off, he said, made possible by a combination of technical and cost factors. The earlier work the foundation completed on designing the Pi 2 paved the way to begin using the more powerful chipset found in the Pi 3. This technical readiness coincided with a reduction in the cost of producing the board, which allowed wi-fi and Bluetooth support to be added without increasing the price.

"We're kind of at the end of that particular roadmap. I would expect a longer pause, a couple of years at least, before any kind of major bump to the platform," he said.

The release also coincides with two important landmarks for the Raspberry Pi and the foundation.

"We're releasing it exactly on our fourth birthday. There's also this eight million milestone, eight million units [sold] of prior platforms. It feels like an auspicious time to do it."

The previous Raspberry Pi boards will continue to be sold after the Pi 3's release, although Upton expects demand for the Pi 1 will last longer than for the Pi 2.

"I think Raspberry Pi 1 will outlive Raspberry Pi 2. What we did with Raspberry Pi 1 was move the price point so a model B+ costs $25. Raspberry Pi 1 at $25 has a place to live at a differentiated price," he said.

"The Raspberry Pi 2 chipset is not significantly more cost effective than the Raspberry Pi 3 chipset, so there's nowhere for 2 to go."

The Pi 3 Model B that goes on sale on Monday will be followed by a Pi 3 Model A, which will release in the middle of this year. Like the Pi 1 Model A, the board will be a version of the Pi 3 that has no Ethernet port and only one USB port but that sells for a cheaper price. Upton points out, however, that the lack of Ethernet and single USB will be compensated for in the Pi 3 Model A by the inclusion of wi-fi and Bluetooth connectivity.

Like the compute module, a Model A based on the Raspberry Pi 2 was never produced, again because every Pi 2 chip was needed to meet demand for the Model B boards.

This time around Upton doesn't anticipate people will have too much trouble getting hold of the Pi 3, as he says there will be a much more steady supply of new boards.

"This year we have a much more robust supply chain. There will be 100,000 flowing through every week for as long as we need, to deal with the demand that's built up."

That said, given the surge in orders that follows each major new release of the Pi, he expects "supply will be fairly tight for the first few days".

Add-ons for previous generations of the Pi should still work as the dimensions and layout of the board remain the same, save for the LEDs moving position. This move will mean the LEDs aren't visible on some cases for previous generations of the Pi and a new official case will be released.

Most existing operating systems for the Pi will run on the Pi 3, including the official Raspbian OS.

The processor bump and additions to the board mean peak power consumption of the Pi 3 is about 50 - 60 percent higher than its predecessors, though Upton says that "power consumption at constant workload stays the same". The foundation is also releasing a new official power supply, which will be rated at 2.5A5.1V, compared to the 2A5V-rated supply used by earlier boards.

A minor change, which will help those who use attach drives to the Pi, will be the ability for the Pi 3 to boot directly from a USB-attached hard or pen drive - rather than having to boot from an SD card. Similarly Pi 3 will also support booting from a network-attached file system, using PXE, without the need for boot data on an SD card - something Upton forsees being useful for boards used for factory automation.

Can the Pi retain its popularity?

The foundation sold more Pis in 2015 than in any previous year and Upton hopes that by continuing to improve the board, while keeping its price at the $35 mark, that success can continue.

"We're still happy that the platform that we're shipping is the best platform. So I'm hoping that the combination of that and the community will mean that we keep seeing growth."

The large community of enthusiasts who share tips and tricks and third party companies that make add-on boards to extend the Pi's capabilities is a major draw for the platform, and distinguishes it from the slew of Raspberry Pi clone boards released in recent years.

As with the popularity of the Pi, Upton and his fellow founders of the Raspberry Pi Foundation underestimated the number of dedicated users the board would attract.

Upton digs out a business plan from 2009 that sets out expectations for the size of the community that would grow up around the Pi.

"Such a community requires roughly 1,000 members, of whom 100 view the forum regularly and 10 post actively," the plan states. In contrast the forums on the official Raspberry Pi site today has 156,000 members who have racked up 885,000 posts on 126,000 topics. "There's a little bit of a difference of scale," he admits.

The success of the Pi has allowed the foundation to double down on its mission of educating children and adults about computers. The not-for-profit charity has a 60-strong workforce, publishes an official magazine and employs staff focused on creating teaching resources and running outreach projects with schools and at shows.

"It's a real powerhouse," said Upton. "We're doing things that we wouldn't have believed when we started."

Beyond the foundation, the expandable hardware of the Pi and the software bundled with its official Raspbian OS aims to show just how satisfying hardware hacking and coding can be - with a suite of tools such as a coding-oriented version of the popular game Minecraft and the drag-and-drop coding app Scratch.

The reward for Upton is seeing an uptick in numbers of people applying to study computer science at Cambridge University in the UK, after years of sustained decline. It was frustration at that steady fall in that drove him to try to create the Pi, in an effort to get a new generation excited about working with computers.

"That was our 'Oh shit' moment, when we saw that nobody was applying to study computer science at Cambridge, which is kind of the best place in the world to study computer science.

"It had gone from 600 people in 1999, when there was the dotcom boom and people thought that computer science was a meal ticket, to about 250 people by about 2008, an appalling collapse. It's now up to over 700, there are more people applying to study computer science than we had at the height of the dotcom boom. So there's some sort of gross evidence that we're making a difference," he said, adding the foundation's work is part of a larger effort by a number of initiatives to reinvigorate how computing is taught.

As the engineer who designed part of the 3D chip used by the Pi, Upton's only disappointment at the board's overwhelming success is that he doesn't have much time to hack together his own projects.

"For me, the big change is that I write less code and that's sad. I spend so much time answering email. I made this lovely toy and don't really have time to play with it."

The Raspberry Pi 3 Model B is available now for $35 via Premier Farnell and RS Components.

Raspberry Pi 3 specs

Chipset: Broadcom BCM2837
CPU: 1.2GHz quad-core 64-bit ARM cortex A53
Ethernet : 10/100 (Max throughput 100Mbps)
USB: Four USB 2.0 with 480Mbps data transfer
Storage: MicroSD card or via USB-attached storage
Wireless: 802.11n Wireless LAN (Peak transmit/receive throughput of 150Mbps), Bluetooth 4.1
Graphics: 400MHz VideoCore IV multimedia
Memory: 1GB LPDDR2-900 SDRAM
Expandability: 40 general purpose input-output pins
Video: Full HDMI port
Audio: Combined 3.5mm audio out jack and composite video
Camera interface (CSI)
Display interface (DSI)

Friday, February 26, 2016

Apple Slams U.S. Bid to Make It Crack iPhone in Court Papers (BusinessWeek)

  • Apple: U.S. Can’t Force It to Unlock Terrorist’s iPhone
  • Don't Miss Out — Follow Bloomberg Politics On
  • Unlocking terrorist phone might take 10 engineers 4 weeks

Tim Cook has called it nothing less than a threat to civil liberties, the digital privacy of millions and even children’s safety.

Now, a week after federal investigators threw down a gauntlet to Silicon Valley, Cook’s lawyers have weighed in, offering cool-headed legal arguments against having Apple Inc. unlock the iPhone used by one of the attackers who killed 14 people in San Bernardino, California, in December.

Apple painted the case as being one of the Justice Department overstepping its authority, saying it isn’t about a single iPhone but “the FBI seeking through the courts a dangerous power that Congress and the American people have withheld; the ability to force companies like Apple to undermine the basic security and privacy interests of hundreds of millions of individuals around the globe.”

In a filing Thursday to a federal court in Riverside, California, Apple asked the magistrate to set aside her Feb. 16 order requiring it to help the FBI defeat the encryption on the iPhone used by Syed Rizwan Farook, who led the shooting rampage with his wife. The company argued unlocking Farook’s device could ultimately make all its users’ most confidential and personal information vulnerable to hackers, identity thieves, hostile foreign agents and unwarranted government surveillance.

Motion to Vacate Brief and Supporting Declarations
Greater Good’

“The greater public good is a secure communications infrastructure protected by ubiquitous encryption at the device, server and enterprise level without building in means for government monitoring,” Apple said.

While the government has said it isn’t asking for a backdoor or trying to set a precedent and is only concerned with accessing Farook’s phone, Apple is already fighting at least eight other attempts to force it to aid prosecutors in opening devices tied to investigations. The company says that if it complies with one order, others will follow and foreign governments may also make similar demands.

Apple’s response to the order is the company’s first formal step in a case that could be destined for the U.S. Supreme Court. In 65 pages, the filing lays out a basic legal argument: that the court has overreached its authority by compelling Apple to write new software, and that forcing the company to do so would represent an “undue burden.” The government’s demand violates Apple’s constitutional rights against compelled speech and forced business activities, the company argued.

Hypersecure Room

It could take as many as 10 company engineers and employees as long as four weeks to devise the software needed to unlock the phone, Apple said. These engineers would also have to use a hypersecure isolation room to create and test the new compromised operating system and then supervise its use by the FBI. Then they’d have to tear it all down, Apple said.

“No operating system currently exists that can accomplish what the government wants, and any effort to create one will require that Apple write new code, not just disable existing code functionality,” according to the filing.

Apple also said the U.S. doesn’t have the authority to force the company to help the FBI. The magistrate’s decision that it must provide “reasonable technical assistance” was premised on an unprecedented expansion of the All Writs Act, a 1789 law that prosecutors relied on for last week’s order. The act compels third parties to take “non-burdensome” steps to help law enforcement carry out search warrants in circumstances not covered by other statutes and doesn’t authorize a judge to “conscript Apple” into developing software, the company said.

‘Too Dangerous to Build’

“The order demanded by the government compels Apple to create a new operating system— effectively a ‘back door’ to the iPhone — that Apple believes is too dangerous to build,” Apple said.

The All Writs Act has never been used -- and should not be used -- to force a company to produce software code that could be used as a “master key” to bypass a mobile phone’s security features, Apple said in the court filing. A hearing on whether to enforce the order is scheduled for March 22 in Riverside.

Apple also scolded the FBI for an error in its investigation. It said agents changed the password associated with one of the attacker’s accounts without consulting the company or reviewing public materials about the operating system. This kept the phone from automatically backing up to the iCloud. The government has already accessed the data on the iCloud, which ended more than a month before the attack. Without that mistake, this dispute might not have arisen, Apple said.

Free Speech

Computer code is well-established to be protected by the First Amendment right to free speech, Apple argued. The company said it can’t be compelled in this case to create the code because that would impinge on its freedom of expression. The lawyers then unspooled some fanciful scenarios including a pharmaceutical company being forced to create a drug used for lethal injection or a journalist being told to plant a false story to lure a fugitive out of hiding.

The hypothetical prospect of forcing a company to make a drug for lethal injections was previously discussed in Brooklyn, New York, where prosecutors are trying to get access to a convicted drug dealer’s phone. A decision is expected shortly in that case.

The California filing comes a day after Cook blasted the U.S. demand as being “bad for America” in a nationally televised interview with ABC News. And in fiercely worded blog posts, the Apple chief executive accused the government of threatening civil liberties, of looking for an end-run around encryption that could expose Americans to privacy breaches, of a “chilling” and undemocratic overreach.

Privacy vs. Safety?

The standoff, over whether the U.S. can require Apple to write code that would override a key security feature of the iOS operating system, is on one level just about what law enforcement can demand of one company in its investigation into Farook’s motives. The couple died in a shoot-out with police.

But the larger battle pits the public interest in privacy against its interest in protection from terrorists and other criminals, and highlights how advances in consumer technology, including encryption of personal digital, may have eclipsed U.S. laws. Just before the company’s filing was posted, U.S. Representative David Jolly, a Florida Republican, said “Apple’s leadership risks having blood on its hands” if it doesn’t cooperate with FBI and it is determined that critical information on the phone could have prevented a future attack.

“Tim Cook will have a hard time explaining that,” Jolly said during a hearing of a House Appropriations subcommittee to review the FBI budget.

‘Immune Spaces’

FBI Director James Comey told the subcommittee that he doesn’t think it’s a good idea to have “spaces immune to search warrants,” such as phones and other devices. He conceded that the judge’s decision in the Apple case could influence the thinking of courts handling figure conflicts over encryption.

Comey says one mystery the FBI would like to solve involves where the terrorists were for 19 minutes after the attacks. Agents have scoured security cameras at gas stations and other retailers but can’t figure it out, Comey said. The answer may reside on the man’s phone, he said.

Cook and Apple have garnered broad support from the tech industry. The CEO has argued there’s no guarantee that the master key would be used only once in this unique case, as the government contends, and has said creating the technology for a back door into the iPhone’s data could end up exposing all Americans to cyber criminals and hackers.

Technology companies including Twitter Inc., Google Inc. and Microsoft Corp. plan to file friend-of-the-court briefs in support of Apple next week, as will the American Civil Liberties Union. Families of those killed in the San Bernardino attack will file briefs in support of the government, their lawyer said.

Until recently, Apple routinely helped law enforcement to unlock iPhones operating on an older iOS version. The cooperation ceased last year after a magistrate judge in Brooklyn, New York, questioned whether the All Writs Act applied to the government’s request for help in unlocking a drug dealer’s phone. The judge said it appeared that Congress had deliberately left prosecutors without the power they sought in that case.

The case is In the Matter of the Search of an Apple iPhone Seized During the Execution of a Search Warrant on a Black Lexus IS300, California License Plate 35KGD203, 16-00010, U.S. District Court, Central District of California (Riverside).

Thursday, February 25, 2016

How North Korea Funnels Cash Into the Country (BusinessWeek)

  • Money held in third-party overseas accounts to evade scrutiny
  • Millions carried across the border in mint U.S. banknotes

A trail of money stretching from a Panamanian shipping agent to an octogenarian Singaporean to a Chinese bank provides a window on why U.S. efforts to tighten sanctions on North Korea may be harder to achieve than in the case of Iran.

For decades North Korea has built networks of front companies and foreign intermediaries to channel currency in and out, circumventing attempts to isolate it over its nuclear-weapons program. Court documents and interviews with investigators, banks and prosecutors show the cornerstone of those networks is China.

Yalu River in Dandong, a Chinese town across North Korea
Yalu River in Dandong, a Chinese town across North Korea 

"Its geographic proximity, the huge trade volume, having the contacts, and having the historic relationship all contribute to making China the center point for any North Korean initiative to evade international financial sanctions," said William Newcomb, a former member of a panel of experts assisting the United Nations’ North Korea sanctions committee. "China is a very important piece in making sure that blockages work."

Sanctions applied by the U.S. and other countries to pressure Iran to stop its nuclear weapons program included the freezing of about $32 billion of oil revenue held at banks overseas. Those accounts were unlocked after last year’s nuclear accord, negotiated with world powers including the U.S. and European Union.

But Iran’s much larger overseas revenue and its dependence for funding on oil exports made its international finances easier to track. Its economy is about 15 times the estimated size of North Korea’s, and that country’s decades of isolation mean its economy is more self-contained.

“The primary playbook for upping sanctions effectively is Iran -- although that may not make practical sense here,” said Adam M. Smith, former senior adviser to the Director of the U.S. Treasury Department’s Office of Foreign Assets Control and now a Washington-based lawyer with Gibson Dunn. “Such implementation would call for the U.S. -- and perhaps others -- to begin threatening sanctions on North Korea’s supporters and protectors.”

North Korea relies on China, its biggest trading partner, for food, arms and energy. The countries describe their ties as "friendship forged by blood" during the 1950-1953 Korean War where the U.S. was a common foe. China has criticized North Korea for provocative actions but historically opposed harsh sanctions that might precipitate a regime collapse and a flood of refugees across its 870-mile (1,400 kilometer) shared border.

Kim Jong Un
Kim Jong Un 

To inject life into an economy made moribund by the fall of the Iron Curtain, failed centralized policies and sanctions, Kim Jong Un needs foreign currency to pay for equipment from abroad, such as the recent purchase of Russian jets to upgrade the national airline.

About 70 percent to 80 percent of North Korea’s foreign earnings have in the past come via China, said Kim Kwang Jin, who ran the Singapore branch of North Korea’s North East Asia Bank before defecting in 2003. “That huge trade volume means there are more people in China who are willing to cooperate with the regime," Kim said by phone from Seoul.

But China is no longer turning a blind eye to illicit North Korean activities, according to Richard Nephew, a former principal deputy coordinator for sanctions policy at the State Department until last year. “In the last 10-15 years, they actually really do care about trying to prevent some of these bad acts.”

China’s Foreign Ministry and central bank didn’t respond to faxes seeking comment on what measures China is taking to stop the flow of illegal money to and from North Korea using banks and intermediaries in China.

A tightening of control in China would make North Korea more dependent on the connections it has built up to do business further afield, where it risks having funds frozen in overseas accounts. To avert this, the regime uses a mix of bank accounts in the names of intermediaries who wire money at its request.

One example of how those intermediaries work can be seen from Chinpo Shipping Company Ltd., a Singapore-registered ship-supplies firm set up by 82-year-old Tan Cheng Hoe, which channeled North Korean funds for years, according to court documents.

A dismantled jet inside a container aboard the Chong Chon Gang
A dismantled jet inside a container aboard the Chong Chon Gang 

Chinpo’s role came to light after a routine inspection of the Chong Chon Gang, a North Korean cargo vessel passing through the Panama Canal in July 2013. Inside the hold, hidden under 200,000 bags of sugar, were disassembled MiG-27 fighter jets, Soviet-era radar systems and munitions headed for Cuba. Inspectors also found documents detailing a $72,017 wire transfer from Chinpo to C. B. Fenton & Co., a Panama shipping agent, to pay for passage through the canal.

The seizure sparked a two-year, international investigation that led to Singapore and brought the first criminal conviction for offering financial services to facilitate North Korea’s arms proliferation. Singapore District Judge Jasvender Kaur fined Chinpo S$180,000 ($128,000) in January for violating UN sanctions and remitting money without a license.
Tip of the Iceberg

Edmond Pereira, Chinpo’s lawyer, said the company is appealing the conviction and fine. Tan, a director of Chinpo, wasn’t accused of wrongdoing. Calls to Chinpo’s office were unanswered.

Court documents, UN reports and interviews with lawyers on both sides show the payment for the Chong Chon Gang was the tip of the iceberg. Between 2009 and 2013, North Korea used Chinpo to funnel more than $40 million through the global financial system, even after other Asian banks blocked Chinpo’s accounts for making suspicious transfers.

"It’s almost as though this was their bank account for worldwide expenditures," said Sandy Baggett, who led the case against Chinpo as a Singapore deputy public prosecutor.

Chinpo said in court documents that its staff were “acting within their scope of their responsibilities as shipping agents.”

No Names

The difficulty for North Korea was avoiding the attention of U.S. regulators, who can go after foreign banks conducting dollar transactions, because almost all are routed through clearing networks in the U.S. Tan minimized scrutiny by leaving ships’ names off wire transfer forms, testifying in court that Bank of China had advised Chinpo to do so.

Bank of China has denied it knew the payments were linked to Pyongyang. Bank of China officials did not respond to e-mailed requests for comment on the payments or its vetting system for suspicious payments, said Unice Liu, a consultant at Baldwin Boyle Group in Singapore which provides public relations for the bank. Chinpo’s Bank of China accounts were closed in December 2013.

“I think it was just really a lack of internal anti-money laundering procedures within the bank,” said Baggett, now a consultant for Freshfields Bruckhaus Deringer LLP in New York.

Court papers show Bank of China was the only lender that processed Chinpo’s North Korean transactions. Other banks including Singapore’s United Overseas Bank Ltd.shut down Chinpo accounts in 2005 for attempting to carry out suspicious wire transfers.

Chinpo was told the money coming in was payments from clients who used North Korea’s ships to carry cargo, according to testimonies. Those payments were sometimes as much as $500,000, an unusually large amount for a shipping-related fee, said Baggett.

Baggett said that, once a year, a woman with diplomatic status would show up and ask Chinpo to withdraw as much as half a million dollars in mint banknotes.

“She was stopped once leaving Singapore for China with undeclared currency,” said Baggett. “Her explanation was that she needed the cash to pay crew wages on some North Korean ships that were in China. But who knows if that’s where the money actually went?”

Newcomb, the former UN sanctions investigator, said North Korea’s money largely stays abroad. Funds from sales of North Korean goods and services are held in the same offshore accounts, ready to be used to pay salaries for diplomats and officials operating overseas and to buy equipment or supplies. Money returned to North Korea is taken across the border in cash.

“They build up these credits with the intermediaries and use that to trade,” said Newcomb, who is also a former U.S. Treasury official. “But if they need to bring in the cash to Pyongyang, the only way to do that is by hand.”

Chinpo wasn’t the only one helping North Korea make payments.

Buying Yachts
When Austrian luxury goods broker Josef Schwartz was investigated in the late 2000s for fraud and money-laundering, he reassigned his contract to buy two yachts on North Korea’s behalf to Complant International Transportation (Dalian) Co., according to Newcomb, who investigated the case.
The Chinese logistics company was declared the end user for eight Mercedes cars Schwartz’s firm had purchased on behalf of a North Korean citizen, according to a 2012 report by the UN sanctions committee’s panel of experts. Complant didn’t respond to a fax requesting comment on the transaction.
North Korea has also tried to expand ties with Russia, especially as it shifted to ruble-based transactions in 2014 after Russia wrote off 90 percent of its $11 billion debt, said Ludmila Zakharova, a senior researcher at the Institute of Far Eastern Studies at the Russian Academy of Sciences. 
‘In Full’
"Russia is observing the sanctions regime in full," she said, but the shift to the ruble helps "keep trade away from sanction mechanisms."
Since October 2014, transactions had been going through Regional Bank For Development, a small bank whose office moved to Moscow from Russia’s Bashkiria republic shortly before its license was revoked in 2015 as part of a nationwide review of lenders, and transactions are probably now going through China until a replacement bank can be found, Zakharova said.

North Korea’s conducts a nuclear test last month
North Korea’s conducts a nuclear test last month

In the aftermath of North Korea’s fourth nuclear test last month, U.S. President Barack Obama signed into law a bill that requires him to sanction individuals, foreign governments and financial institutions involved in prohibited transactions with North Korea.

But the key is China, which has resisted efforts for UN sanctions to target energy shipments to North Korea. Squeezing Kim so hard that the regime collapses could also remove the buffer between China’s northern border and the U.S. military in South Korea.

David Asher, a former George W. Bush administration official who was involved in freezing North Korean assets at Banco Delta Asia, said sanctions can only be effective when China is coerced into cooperating.

"The only way to cut off North Korea’s illicit cash flow is by interdicting these intermediaries," said Asher, now an adjunct senior fellow at the Center for a New American Security. "That requires the cooperation of China, the biggest domicile for this type of integrated, clandestine, business-to-business relationship with North Korea.”

Wednesday, February 24, 2016

Another Oil Crash Is Coming, and There May Be No Recovery (BusinessWeek)

Superior electric cars are on their way, and they could begin to wreck oil markets within a decade.

It’s time for oil investors to start taking electric cars seriously.

In the next two years, Tesla and Chevy plan to start selling electric cars with a range of more than 200 miles priced in the $30,000 range. Ford is investing billions, Volkswagen is investing billions, and Nissan and BMW are investing billions. Nearly every major carmaker—as well as Apple and Google—is working on the next generation of plug-in cars.

This is a problem for oil markets. OPEC still contends that electric vehicles will make up just 1 percent of global car sales in 2040. Exxon's forecast is similarly dismissive. 

The oil price crash that started in 2014 was caused by a glut of unwanted oil, as producers started cranking out about 2 million barrels a day more than the market supported. Nobody saw it coming, despite the massively expanding oil fields across North America. The question is: How soon could electric vehicles trigger a similar oil glut by reducing demand by the same 2 million barrels? 

That's the subject of the first installment of Bloomberg’s new animated web series Sooner Than You Think, which examines some of the biggest transformations in human history that haven’t happened quite yet. Tomorrow, analysts at Bloomberg New Energy Finance will weigh in with a comprehensive analysis of where the electric car industry is headed. 

Even amid low gasoline prices last year, electric car sales jumped 60 percent worldwide. If that level of growth continues, the crash-triggering benchmark of 2 million barrels of reduced demand could come as early as 2023. That's a crisis. The timing of new technologies is difficult to predict, but it may not be long before it becomes impossible to ignore. 

Tuesday, February 23, 2016

Encrypted-Messaging App Telegram Now Has 100 Million Users

Pavel Durov, chief executive officer of Telegram, speaks during a keynote session at the Mobile World Congress in Barcelona, Feb. 23, 2016.

Pavel Durov, chief executive officer of Telegram, speaks during a keynote session at the Mobile World Congress in Barcelona, Feb. 23, 2016.

TELEGRAM FOUNDER AND CEO Pavel Durov built a messaging app predicated upon its ability to keep private things private, so it’s no surprise that he agrees with Apple on the issue of encryption. “I would definitely side with Tim Cook on this,” he said on Tuesday, speaking at Mobile World Congress in Barcelona.

The surprise may be just how much his opinion matters. Less than three years after Durov and his brother launched Telegram, he now reports that 100 million people use the free encrypted messaging app every month, up from 60 million people last May. That growth is coming from all over the world. While that’s a small number compared withthe billion people who pull up WhatsApp every month, or the 800 million people who go on Facebook Messenger, it’s illustrative of the early growth that signaled each of these services had mainstream appeal. “Every day, 350,000 new users sign up for Telegram,” Durov said. “And we have zero marking budget.” In other words, Telegram is not going away.

The app gained notoriety last fall when, in the wake of the November 13 terrorist attacks on Paris, it was revealed that members of the Islamic State may have used Telegram to help coordinate the attacks. A couple months earlier, Telegram had launched public channels, which let people and groups broadcast messages on the service. The Islamic State used those channels to broadcast propaganda. But no one—not even Durov—can divine how terrorists may have used the private channels on the app to coordinate their efforts because those channels are encrypted. Still, Telegram moved quickly after the attacks to remove 78 public channels that were sharing Islamic State materials.

In the 13 minutes Durov spoke at Mobile World Congress, he didn’t discuss terrorism, but Fortune writer Vivienne Walt today published an extensive profile of the reclusive Russian founder in which he makes his opinion clear that regulating against encryption will not stop terrorists. “If you block sites like Telegram,” he told Walt, “the terrorists will not even notice.” The implication there being that whoever wants encryption will find it.

Durov and his older brother, Nikolai Durov, founded the Russian social network VKontakte—known as the Facebook of Russia—in 2006. It was later renamed VK, and after several run-ins with the Russian government, Durov sold his shares in the company in 2013. In April of 2014, after he refused to hand over personal data from Ukraine opposition leaders from their VK accounts during Russia’s war with the Ukraine, he was fired from his role as CEO of VK, and quickly left the country.

Walt reports that the brothers bought themselves citizenship on the Caribbean island of St. Kitts so they could move freely around Europe and moved their $300 million fortune to a Swiss bank account. Their new project, which started as an encrypted messaging system the brothers could use to send messages to themselves without worrying about surveillance from the Russian security services, became Telegram.

Currently, Durov has taken no outside investments. He and his team of 15 Russian entrepreneurs run Telegram from a series of hotels or homes rented off Airbnb in different European cities, moving every month or two. Walt reports that Telegram is registered in several countries including the United Kingdom. The company is currently spending a million dollars of Durov’s own money each month to keep the app running; eventually, Durov intends to focus on creating a business model that could lead to actual profits. For now, however, Durov will keep focused on getting more people to use the service–people who like their messages to be private.

Monday, February 22, 2016

How will AI impact jobs?

High-powered panel tackles the big question

At AAAI-16, a panel of experts in fields ranging from economics to computer science to philosophy explored how automation will shift the way we need to think about employment.

Panel, left to right: Toby Walsh (moderator), Erik Brynjolfsson, MIT, Moshe Vardi, Rice, Nick Bostrom, Future of Humanity Institute, Oren Etzioni, Allen Institute for Artificial Intelligence, Max Tegmark, Future of Life Institute

Perhaps the most widespread anxiety when it comes to AI is what will happen to our jobs. In light of the 2013 Oxford study, which predicted that 47% of jobs are at risk of becoming automated in the next 20 years, it's a legitimate concern.

At the conference for the Association for the Advancement of Artificial Intelligence (AAAI-16), in Phoenix, Arizona, a panel of experts gathered to speak to the issue. Headed by Toby Walsh, professor of AI at The University of New South Wales, the multidisciplinary group included the philosopher Nick Bostrom, economist Erik Brynjolfsson, AI researcher Oren Etzioni, and computer scientist Moshe Vardi—with a special appearance by the president of the Future of Life Institute, Max Tegmark, who jumped up on stage when Professor Vardi asked him to help answer a question.

This is not the first time we have seen a radical shift in the labor market—think back to the agricultural and industrial revolutions. (See chart below for how manufacturing output has increased while jobs have decreased.) "Over the last couple of hundred years, tech has destroyed and created jobs," said Walsh.


It's also important to separate AI from "tech." "Technology and AI are not synonymous in any way, shape, or form," said Etzioni. AI, Walsh told TechRepublic, gets a disproportionate amount of the attention.

One major result of previous shifts in the labor market is an uneven distribution of income. Productivity and GDP are going up at record levels, while median income at the 50th percentile has stagnated, said Walsh.

But while thinking of the effects of automation today, it's important to keep our fears over lost jobs in context. Brynjolfsson pointed out that although the McKinsey study showed that 60% of jobs had some component automated, only 5% of the jobs were predicted to be completely automated. Guruduth Banavar, vice president of Cognitive Computing at IBM Research, told TechRepublic that many new blue collar jobs could emerge, as well, which will involve the labeling of data. Another way to think about the issue is by thinking of new work that AI will create, and to look to what's possible when people and machines come together.

"Too often, people think of humans as benchmark," said Brynjolfsson. "But [with new technology] we can work together to do something we haven't before."

But whether or not automation will completely replace us at work, it is hard to argue that the huge leap in technology will not have significant consequences in the types of jobs we will have.

"Tech is doing new things," said Walsh, "augmenting and automating mental tasks," instead of physical work.

"It's hard to argue that there will be new jobs for humans," said Vardi. "It's a vacuous promise."

So where are the jobs going to be? Alec Ross offered a smart overview in his book The Industries of the Future, highlighting robotics and the importance of fluency in computer science and languages.

"You've got two places to find salvation," Walsh told TechRepublic. "You can either invent the future or go to the most people-focused part of the world. Computers don't understand emotions yet."

Bostrom offered an alternative way to view the issue—by rethinking how society values "work."

"Perhaps," Bostrom said, "we should strive for things outside the economic systems." Tegmark agreed. "Maybe we need to let go of the obsession that we all need jobs."

Friday, February 19, 2016

Small Business Education Program

Small Business Education Program

Miami Dade College’s School of Business has been offering free seminars and workshops for small business owners since 2007.  The first series, known as the Minority Capacity Development Program, recruited minority- owned businesses located in low income areas in Miami-Dade County.  As the program expanded over the years, a new name was adopted:  Small Business Education Program.  New areas were added targeting low and moderate income businesses, a Spanish tract was created, a business-to-business Expo, coaching sessions, panel discussions with local CEO's, and workshops designed for start-ups.
In 2014, the program was recognized by being part of a national initiative sponsored by the National Development Council (NDC),--one of the nation's oldest non-profit agencies specializing in community and economic development.  The NDC held a workshop for program participants at Wolfson campus bringing an added value to curriculum that was part of the original schedule.  Consequently, a new name was adopted: "Small Business Education Program/Grow Miami Initiative". 

In the Spring 2016, we will feature five technical seminars for existing businesses, followed by several coaching sessions for participants who complete the first phase of the program.  In addition, a Spanish workshop for start-ups, and new this year, two seminars in the Homestead area for local businesses.

Our goal has been to provide small business owners with increased knowledge about managing their business, with an emphasis on growth and expansion, job creation, and revenue growth.  Over the years, the program has assisted close to 500 small business owners and entrepreneurs in Miami-Dade County.    
We are thankful to Citi Foundation for their confidence and support as it helps us continue to offer this well-recognized program, free of charge.
Register today and be part of the experience!        
Dr. Ana M. Cruz, Department Chairperson 
School of Business, Wolfson Campus
Dr. Ana M. Cruz, Department Chairperson 
School of Business, Wolfson Campus

Thursday, February 18, 2016

Apple vs. the FBI: This may not be a war Apple can win

While Apple has come out strongly in favor of security and privacy, it's facing an uphill battle with the FBI and other government security organizations. David Gewirtz looks at the reasons why Apple may be right, but also why its attempt to block the FBI's order may prove futile.


This... will not end well.

What I'm talking about, of course, is the recent Tim Cook open letter to Apple customers stating that Apple will not comply with the FBI's demand to provide customized access technology to break into an iPhone used by the San Bernardino killers.

CBS News: Should Apple help the FBI access iPhone data?

As soon as Cook published his statement, nearly all news organizations, bloggers, and even activists jumped onto the issue. Because so much has already been written, I'm not going to repeat the details of the FBI demand, discuss the technical merits, or look at the legal basis. Click the links in that last sentence to get a quick overview.

Instead, I'm going to look at two factors: the security dangers such an action might present, and whether or not Apple stands a chance of coming out of this without being ground down into apple sauce.


For general background, I've written extensively about the risks of providing back doors and how back doors can compromise national security:

Smartphone encryption ban? It's a boon for criminals and terrorists

Encryption is not the enemy: A 21st century response to terror

In this specific case, however, we're talking about breaking into an iPhone 5c. The 5c, you'll recall, does not support Touch ID and, therefore, doesn't have the hardware secured enclave capabilities of more modern phones. So, while it's an aphorism that any security can be cracked eventually, it is substantially harder to break through hardware encryption -- too difficult to be meaningful in a timely manner.

But, because the 5c is less secure, it is reasonable to assume that custom penetration software in the form of a unique iOS image could be written, and used to help the FBI extract information from the phone.

Let's be clear that in this instance, the FBI is not asking Apple to put a back door into iOS. 

They are asking Apple to create a special version of iOS, that could be loaded on this specific phone, to help break into this specific phone.

This is a subtle, but important difference. Your copy of iOS would not contain the weakened security. Just the copy loaded on this one phone. Or at least that's the FBI's premise.

It is a fair premise, except for the fact that it's also a naive premise. The FBI says that a single unit copy of the code would be used for this one phone, even to the point of ID-limiting the code to this one phone.

The naivety comes into play when thinking that either the government or Apple could absolutely, positively, without any doubt, ensure that this code didn't get into the wild. This would mean that Apple could have absolutely no security breaches. But we've seen they make mistakes.

This would mean that the government could have no security breaches. But as we've seen from OPM, other breaches, and even older examples, the government's security is porous. It would also mean that every FBI employee with a security clearance could be trusted implicitly, but we've seen terrible examples of where trusted government employees and contractors have stolen critical information.

We've seen government employees sell drugs from the office. We've even seen members of Hillary Clinton's State Department use the passport database to spy on celebrities, actors, comics, musicians, politicians, athletes, models, members of the media, family members, and friends.

My point here is simple. Neither Apple nor the government can be sure that a tool designed to break into iPhone security will never fall into the wrong hands.

Now, let's be clear. There are already hacks available for the iPhone. There have always been mechanisms to jailbreak iPhones. While, in this particular case, a custom Apple iOS hacking tool might make things easier for the FBI, broken forms of iOS already do exist in the wild.

But a hacked version of iOS is different from something specially built and compiled from source. It's important not to underestimate the risk of what happens when something dangerous -- like a fully open and security-nerfed version of iOS -- gets into the wild.

Take Stuxnet, for example. Stuxnet, if you recall, was government-scale malware designed to destabilize centrifuges in Iran. Back in 2012, I led a team that included senior White House officials in a nationwide cyberattack simulation based on the question of what might happen if Stuxnet got released into the wild. The problem of releasing it into the wild is that once it's out there, the bad guys could reverse engineer it, and launch Stuxnet-like attacks back at us.

Apple is basically saying that if they release a compromised iOS, it will travel, it will not be secured by the FBI (a fair concern given OPM), and it will put Apple's promise of security at risk. These are fair and reasonable statements.

In short, if Apple enables even a single-use back door, the existence of such a thing will undoubtedly be used against us. Even a special-case one-off crack like the one the FBI has requested could break lose and compromise security.


There are international implications that Cook's letter does not address. By the way, if you want to be able to read this document in the future, grab yourself a copy of it. Given the URL of, it's moderately likely that URL will be used for some other communication in the future, overwriting this important document.

But, back to the international implications. Cook talks about the FBI's interpretation of a 227-year-old law called the All Writs Act of 1789. This is a very broad-based statute which, essentially, opens the door for all orders to be interpreted by the courts when pre-existing law doesn't exist. Disclaimer: that's an over-simplification. It will be discussed at length across the Web. Google it.

The thing is, that's a U.S. statute. Other governments, especially more authoritarian regimes, just demand what they want and expect to get it. Does anyone seriously expect, if the FBI has an iPhone hacking tool. that the Russians or the Chinese won't demand access to the same technology?

This is where "we have it but we won't give it to you" differs from "we've never built it, never want to, and never will." I have no doubt that other countries, especially ones that offer huge customer bases and sales growth to Apple (can you spell China?) would demand that Apple provide similar break-in tech, possibly even as a currency for entrance in their economy.

Microsoft, for example, has already turned over source code for desktop Windows and Windows Server to Russia's Federal'naya sluzhba bezopasnosti Rossiyskoy Federatsii. The FSB is present-day Russia's successor to the infamous Soviet-era KGB.

China has already set up regulations requiring foreign technology companies to provide source code to their systems. China is also insisting that U.S. companies provide decryption keys or back doors to products they want to sell in that nation.

Is it a big leap to think that once an encryption-free iOS version exists, China and Russia will demand it for their own use? Is it even a big leap to think that once it exists, China and Russia will insist it be the primary version of iOS distributed to customers in their countries?

To be sure, Apple is also drawing a line in the sand, basically using San Bernardino as the test case for whether they can be compelled to engineer against their own best interests. I'm guessing they want to fight this battle now, when it's a defined battle with defined parameters, than have to fight it at a later time in the heat of urgency.


Already, activists are getting together to protest the potential of Apple providing access to the iPhone to the FBI. While there is no doubt Apple can weather the PR storm, events like protests outside of their stores is clearly not something the company wants.

That said, there's no doubt the company gamed out many of the possible scenarios prior to Tim Cook publishing his manifesto. They clearly think the no-we-won't approach meets with their goals and values.

My wife asked me a question that relates to this. She said, "Well, what if Apple tells the FBI to bring in the phone, and they'll look at it in Cupertino? What's wrong with letting the FBI bring in phones when they need to, but not releasing any code?"

I talked above about the risk of the code's very existence, but the idea of helping the FBI track down possible co-conspirators involved in the heinous San Bernardino attack is something most Americans should support. After all, these were bad people and we don't want to let something like it happen again.

But... for all the reasons discussed above, if Apple were to comply this once, it sets a very dangerous and far-reaching precedent that may not be as clear cut in the future.

One of Apple's selling points is that its iOS devices are more secure than Android devices. Apple has worked hard and braved a lot of criticism to provide this level of security. Customers have come to expect enhanced security, and to accept the trade-offs inherent in their choosing Apple products because of it.

Were Apple to sacrifice that security and privacy on a larger scale, there looms the possibility of loss of credibility and possibly market share. Were security-nerfed devices to be cracked on a regular basis, lawsuits would undoubtedly abound.

And here's one more point to consider: with Apple having such a high value, a substantial loss by the company could drop its stock to the point that the entire economy could suffer as a result.


Here is Apple's biggest risk. If Apple refuses to help the FBI and, as a result, another terrible attack that might otherwise have been prevented is not prevented, Apple will have blood on its hands.

Heretofore, the worst Apple has done is to publish driving directions that strand drivers in inconvenient locations. But if Apple can be implicated in holding back information that could have prevented another San Bernardino or -- far worse -- another 9/11, the company might not live down the righteous anger that circumstance might foster.


This may not be a war Apple can win. Both approaches are rife with potential disasters. On one hand, Apple is sacrificing customer privacy. On the other, they may be helping terrorists get away with murder.

But let's bring this back from a philosophical discussion to a practical one. Apple, as big and rich and successful as it is, is unlikely to prevail against superpower world governments.

Take America, for example. Let's say Apple refuses to comply with the FBI directive. What could happen? There's probably a long legal path for this, but nearly all Apple products have to pass through the ports. The government controls the ports.

If Apple doesn't comply with the FBI directive, a worst-case scenario is that all those iPhones would be blocked from entering the country.

Or what if people die and that can be attributed to Apple's inaction? While I certainly can't quote you case law, could Tim Cook and other Apple executives be prosecuted according to various anti-terrorism statutes? It's possible. So, could an Apple executive wind up behind bars? How many people would have to die before the mob demands it?

What about China? China's government is already struggling with unrest. That government has a potential death grip on Apple. Not only is Apple counting on the huge potential customer base in China for revenue growth, but nearly all of Apple's primary manufacturing facilities are in the country.

Does anyone think China won't make demands against Apple? China will demand what it wants, and Apple will either be forced to comply, or suffer vast supply chain and distribution channel damage.

The point of all this is that while Apple may be fighting the good fight (and that's actually hard to determine given that both sides have merits), the force of determined governments can reach through Apple's reality distortion effect and impose harsh reality instead.

While it's possible that through the force of customer loyalty, good public relations, and an extensive lobbying effort Apple may prevail, I wouldn't take odds on that bet.


As a nation, we have to make a huge trade-off decision -- and most government officials are making the wrong one. Do we compromise security now for the expediency of easy investigation? Or do we preserve everyone's security at the possible risk that someone who has been secured is a bad guy?

This is not a new discussion. The inherent challenge of freedom is that it is often tempting to sacrifice some of it at the expense of easy security. As a nation, we've always been willing to take a bit of a risk that freedom for everyone opens the doors to bad guys, but it's worth it because the essential freedom makes us strong enough to handle these threats.

That said, that's only the value system of some nations, like the United States. Apple is competing globally, and most civilized nations are facing very uncivilized threats. It's unlikely the freedom argument will win in the long term, when thousands of lives across hundreds of nations are at stake.

Apple CEO Tim Cook says the company will fight a court order that demands it make a custom version of iOS for the FBI.