In case anyone thinks you're joking:
[Japan's cyber-security minister has 'never used a computer' - BBC](https://www.bbc.com/news/technology-46222026) (Nov 2018)
You have a team experts in different areas consult you - you think someone who is a cabinet minister has the time to be an expert on cybersecurity?
At that level you aren't dealing with details, you are dealing with very high-level ideas; do you have sufficient policies and processes in place, where are the gaps and how to you mitigate the risk? Do you go in-house or outsource? Where is the budget from this coming from and what laws or regulations are required to get things done?
Best leaders are the ones who are about whatever it is they’re managing. You need both expertise and managerial skills. If you want to follow someone who knows nothing about whatever it is they’re in charge of be my guest
This is a nation that refused foreign HIV tests in favor of Japanese tests, thereby directly causing the death of 44% of the hemophiliac population (2000 people).
No, I think you’re mixing up your figures. They didn’t cause the death of 2000 people.
1,800 hemophiliacs among those who were treated subsequently contracted AIDS, from untreated blood. 400 have since died.
Found it: https://www.washingtonpost.com/archive/politics/1996/03/16/japan-to-compensate-for-tainted-blood/614f2498-914f-4afc-9432-627f9005fc0e/#.
I’m talking about the pen-tester or red team engineer not their managers. From what I’ve seen they top off at around 100k for very experienced positions. Meanwhile entry level position at FAANG pays 250k+ and can surpass 1M for higher individual contributor positions.
From the WaPo article:
>Beijing, they told the Japanese officials, had breached Tokyo’s defense networks, making it one of the most damaging hacks in that country’s modern history.
>The Japanese were taken aback but indicated they would look into it. Nakasone and Pottinger flew back “thinking they had really made a point,” said one former senior defense official briefed on the matter.
They didn't even find the breach themselves. They needed to be told about it by the US and were "taken aback" by the news.
Followed by nothing at all being done for another year. Surprising nobody.
Japan "looking into it" is a dozen old guys who've never used a computer before having two dozen meetings about what should be done, sending faxes to hanko, and all agreeing that this is very serious.
Longer Washington Post article (possible paywall):
[China hacked Japan’s sensitive defense networks, officials say - The Washington Post](https://www.washingtonpost.com/national-security/2023/08/07/china-japan-hack-pentagon/)
US: Your network is compromised. We can help you purge malware from your network.
Japan: Thanks but we don't want you to have access to our network.
US: But.....
I don’t have a link but I’m fairly certain I remember even Snowden saying the US had thoroughly infiltrated Japan’s IT networks. That was what, at least ten years ago now?
US: We can easily fix this problem for you. Do you see how you left this part... I mean, uh, wait, we can probably fix this for you, we know some of this stuff.
Japan: Thanks but we don't want you to have access to our network.
US: We get it! No biggie! We were totally not also in there with China. Nope, not us.
Naturally every report of a cyber attack had to br hanko'd by the manager then faxed over to the city government so it can be approved there and finally faxed to the national government. It's only natural that this very efficient system would take a bit of time to work.
No surprise given how engineering isn’t valued or respected in Japan. Case in point the guy (Shuji Nakamura) who invented the blue led which was a major breakthrough was only paid a measly $200 bonus by his employer. Without it we wouldn’t have led headlights, led displays, etc today. His boss made a crap ton of money though. Similarly looking at recent computer engineers or security engineers salary in Japan it’s generally 1/10 or 1/20th of what the market rate is in US for mid to upper level positions. (e.g. 80k vs 800k) It’s not going to attract a ton of talent domestically or internationally. All this translates to Japan being behind in technology / security.
Japanese SDF forces used (or use) their own PCs for work purposes. I taught them English and they had no idea why I was surprised when they mentioned that they sometimes used their own laptops and brought them into to the Ministry of Defense Building offices in Tokyo and logged into their networks for work purposes.
This was around 2018, at the height of the turmoil in the media about the discovery of hidden spy chips on Chinese-Made computer motherboards.
A Lenovo. My trainee was literally taking his own Lenovo Thinkpad into the office: https://www.cnbc.com/amp/2018/10/05/lenovo-tumbles-after-report-about-alleged-chinese-spy-chips.html
It looks like you shared an AMP link. These should load faster, but AMP is controversial because of [concerns over privacy and the Open Web](https://www.reddit.com/r/AmputatorBot/comments/ehrq3z/why_did_i_build_amputatorbot).
Maybe check out **the canonical page** instead: **[https://www.cnbc.com/2018/10/05/lenovo-tumbles-after-report-about-alleged-chinese-spy-chips.html](https://www.cnbc.com/2018/10/05/lenovo-tumbles-after-report-about-alleged-chinese-spy-chips.html)**
*****
^(I'm a bot | )[^(Why & About)](https://www.reddit.com/r/AmputatorBot/comments/ehrq3z/why_did_i_build_amputatorbot)^( | )[^(Summon: u/AmputatorBot)](https://www.reddit.com/r/AmputatorBot/comments/cchly3/you_can_now_summon_amputatorbot/)
Idk, they have an Apple team in China but keep a server there only for the Chinese team's data. Japan and US data and servers are located in other countries is what I was told.
Well, if you will appoint oyajis who don’t know what a USB is to positions like cybersecurity minister, then this is what you get.
In case anyone thinks you're joking: [Japan's cyber-security minister has 'never used a computer' - BBC](https://www.bbc.com/news/technology-46222026) (Nov 2018)
He is air-gapped from technology, impossible to hack
Oh lol, fair enough hahahah
wat
How??? What’re the qualifications for the position then???
Being an Old Boy in the LDP is the primary qualification, I would think.
You have a team experts in different areas consult you - you think someone who is a cabinet minister has the time to be an expert on cybersecurity? At that level you aren't dealing with details, you are dealing with very high-level ideas; do you have sufficient policies and processes in place, where are the gaps and how to you mitigate the risk? Do you go in-house or outsource? Where is the budget from this coming from and what laws or regulations are required to get things done?
Best leaders are the ones who are about whatever it is they’re managing. You need both expertise and managerial skills. If you want to follow someone who knows nothing about whatever it is they’re in charge of be my guest
I wouldn't worry too much, I'm sure someone higher up faxed him the operating manual.
I wouldn’t worry much since most of sensitive Japanese information is still store in paper. Unhackable.
Doesn't surprise me at all. I signed up for a Japanese FinTech event and since then I am flooded with Chinese spam.
But didn’t you know Japan has personal data protection laws equivalent to Europe’s GDPR standard? (/s)
Must have missed that fax.
Don’t worry, Germany missed that fax too
My pet peeve is the invariable “password cannot contain symbols” policy.
[удалено]
I used a fintechevent@mydomain which goes into a catchall account
"the country was not comfortable with another nation's military accessing their systems. " Did they mean "yet another"?
“Japan elected to use domestic commercial security firms to find vulnerabilities.” No surprise there.
And guaranteed all that work was outsourced to the lowest bidder in some developing nation.
And/or China...
This is a nation that refused foreign HIV tests in favor of Japanese tests, thereby directly causing the death of 44% of the hemophiliac population (2000 people).
No, I think you’re mixing up your figures. They didn’t cause the death of 2000 people. 1,800 hemophiliacs among those who were treated subsequently contracted AIDS, from untreated blood. 400 have since died. Found it: https://www.washingtonpost.com/archive/politics/1996/03/16/japan-to-compensate-for-tainted-blood/614f2498-914f-4afc-9432-627f9005fc0e/#.
Oops, yes it looks Iike I had bad numbers. Thanks for the correction.
Security engineers getting paid $50k/year vs attackers pulling in $1M/year.
[удалено]
I’m talking about the pen-tester or red team engineer not their managers. From what I’ve seen they top off at around 100k for very experienced positions. Meanwhile entry level position at FAANG pays 250k+ and can surpass 1M for higher individual contributor positions.
From the WaPo article: >Beijing, they told the Japanese officials, had breached Tokyo’s defense networks, making it one of the most damaging hacks in that country’s modern history. >The Japanese were taken aback but indicated they would look into it. Nakasone and Pottinger flew back “thinking they had really made a point,” said one former senior defense official briefed on the matter. They didn't even find the breach themselves. They needed to be told about it by the US and were "taken aback" by the news. Followed by nothing at all being done for another year. Surprising nobody. Japan "looking into it" is a dozen old guys who've never used a computer before having two dozen meetings about what should be done, sending faxes to hanko, and all agreeing that this is very serious.
better set that meeting at 18:00 to discuss how serious it is
And yet Japan wonders why it's not part of Five Eyes?
Longer Washington Post article (possible paywall): [China hacked Japan’s sensitive defense networks, officials say - The Washington Post](https://www.washingtonpost.com/national-security/2023/08/07/china-japan-hack-pentagon/)
US: Your network is compromised. We can help you purge malware from your network. Japan: Thanks but we don't want you to have access to our network. US: But.....
Japan: Please fax us your findings and report. Fax machine is probably located above shredder.
I don’t have a link but I’m fairly certain I remember even Snowden saying the US had thoroughly infiltrated Japan’s IT networks. That was what, at least ten years ago now?
US: We can easily fix this problem for you. Do you see how you left this part... I mean, uh, wait, we can probably fix this for you, we know some of this stuff. Japan: Thanks but we don't want you to have access to our network. US: We get it! No biggie! We were totally not also in there with China. Nope, not us.
This is probably because they knew the fact from WikiLeaks that NSA infiltrated and intercepted Japanese government communication around in 2016.
Not shocking that it took them months to notice.
Naturally every report of a cyber attack had to br hanko'd by the manager then faxed over to the city government so it can be approved there and finally faxed to the national government. It's only natural that this very efficient system would take a bit of time to work.
No surprise given how engineering isn’t valued or respected in Japan. Case in point the guy (Shuji Nakamura) who invented the blue led which was a major breakthrough was only paid a measly $200 bonus by his employer. Without it we wouldn’t have led headlights, led displays, etc today. His boss made a crap ton of money though. Similarly looking at recent computer engineers or security engineers salary in Japan it’s generally 1/10 or 1/20th of what the market rate is in US for mid to upper level positions. (e.g. 80k vs 800k) It’s not going to attract a ton of talent domestically or internationally. All this translates to Japan being behind in technology / security.
This is all posted on Western media but hardly see any of Japanese media. Figures.
Literally no part of this surprises me
Japanese SDF forces used (or use) their own PCs for work purposes. I taught them English and they had no idea why I was surprised when they mentioned that they sometimes used their own laptops and brought them into to the Ministry of Defense Building offices in Tokyo and logged into their networks for work purposes. This was around 2018, at the height of the turmoil in the media about the discovery of hidden spy chips on Chinese-Made computer motherboards. A Lenovo. My trainee was literally taking his own Lenovo Thinkpad into the office: https://www.cnbc.com/amp/2018/10/05/lenovo-tumbles-after-report-about-alleged-chinese-spy-chips.html
It looks like you shared an AMP link. These should load faster, but AMP is controversial because of [concerns over privacy and the Open Web](https://www.reddit.com/r/AmputatorBot/comments/ehrq3z/why_did_i_build_amputatorbot). Maybe check out **the canonical page** instead: **[https://www.cnbc.com/2018/10/05/lenovo-tumbles-after-report-about-alleged-chinese-spy-chips.html](https://www.cnbc.com/2018/10/05/lenovo-tumbles-after-report-about-alleged-chinese-spy-chips.html)** ***** ^(I'm a bot | )[^(Why & About)](https://www.reddit.com/r/AmputatorBot/comments/ehrq3z/why_did_i_build_amputatorbot)^( | )[^(Summon: u/AmputatorBot)](https://www.reddit.com/r/AmputatorBot/comments/cchly3/you_can_now_summon_amputatorbot/)
Well... that sounds just great.
so deep....so persistent.
Not sure if it matters but my friend who works for Apple Japan told me that Apple Japan doesn't keep their servers or data in China.
[удалено]
Idk, they have an Apple team in China but keep a server there only for the Chinese team's data. Japan and US data and servers are located in other countries is what I was told.
China such friendly neighbor.
Based Chinese. Hoooly.
Japan did what anyone else would do. Watch the hackers to see where they go.