Too Suspicious?

Jim Kuzdrall gnhlug at intrel.com
Fri Oct 28 20:51:01 EDT 2005 

    This is a response to an implied request by the government that I 
get Microsoft software, among other things.  It came in a survey asking 
details about the IR night vision equipment produced at my (one-man) 
company.  My stuff is of a very rugged industrial variety, and orders 
of magnitude less sensitive than needed for night vision.

    The original survey was in html (which I had to read as plain text).  
I don't know what it requested because I never opened the ".doc" 
instructions that were attached.  The on-line survey form's link does 
not go back to bis.gov.  It goes to:

   https://doc.inquisiteasp.com/surveys/WVZRYE

    Has anyone heard of this outfit?

    After some other queries, too detailed for here, I think the survey 
is legitimate but dangerously naive.

    My response follows the quote.

* * * * *

On Friday 28 October 2005 03:55 pm, RONALD DEMARINES wrote:
> October 28, 2005
>
> Dear Industry Executive:
>
> Several weeks ago, the U.S. Department of Commerce, Bureau of
> Industry and Security (BIS) sent you an email with a hyperlink to a
> survey entitled Defense Industrial Base Assessment: U.S. Imaging and
> Sensors Industry. We are contacting you because the original deadline
> for completion has past and we have not received a survey from your
> firm. As noted in the original email, a response to this survey is
> required by law under the Defense Production Act of 1950, as amended
> (50 U.S.C. App. Sec. 2155). We are requesting your immediate
> attention to this matter.
>
> Background:
>
> The BIS is conducting an industrial base assessment of the U.S.
> imaging and sensors industry with a special focus on the night vision
> segment of this industrial sector. BIS will be analyzing the industry
> that provides products and services for defense,
> commercial/industrial, and consumer markets.
>
> For the purpose of this assessment we are including in the industry
> sector: producers; component, material, and subsystem suppliers;
> technology providers; service providers; distributors, wholesalers,
> brokers, retailers; and public and private research facilities (see
> the attachment for a more comprehensive list of the types of
> organizations and applications included in this sector).
>
> Requirement:
>
> Please complete and return the on-line survey indicated above. If you
> have any questions about this request or need BIS staff to send you
> another link to the on-line survey, you may contact Lani Tito (202)
> 482-8225, (ltito at bis.doc.gov ), Martin Canner (202) 482-2519,
> (mcanner at bis.doc.gov ) or Ron DeMarines (202) 482-3755
> (rdemarin at bis.doc.gov ).
>
>
> Sincerely,
> Brad Botwin, Director
> Strategic Analysis Division

* * * * * *

Greetings Ronald Demarines,

    I will not respond to this survey, if indeed you are legitimate, 
until I receive it by First Class Mail on Government letterhead.  At 
least that way, if I am blamed for allowing unauthorized mapping of our 
military night vision industry, I will have a piece of paper to justify 
the level of deception.

    If you are just naive about security matters, let me point out some 
mistakes you have made:

    1) I have no way to prove where this email (or any other) 
originated.

    2) Judging from the name of the file you wish me to open, the survey 
is in a proprietary format, Microsoft "doc".  I am running Linux.  I do 
not have any licensed software to open Microsoft's format.  Without 
licensed software, I have no way to know the information is correctly 
presented - if indeed I could get it open at all.

    3) The "doc" format permits macros which can implant spyware and 
other unwanted programs in my computer.  A prudent person does not open 
picture files, html files, or macro-capable word processor files that 
arrive by email.  If you wish your surveys to be read, send them in 
plain text.

    4) The link to return your original survey did not go back to the 
government.  It went to an IPS in Texas and then to a west coast 
company that is totally unknown to me.

    5) Sending unencrypted information via the Internet is as private as 
publishing it in every newspaper in the world. 

    6) You are apparently unaware of the communication I had last week 
with BIS or the result of the communication, indicating that you are 
not in close touch with that organization. 

    If I had vendetta against the US in mind, I would love to have the 
verified locations of the premiere high technology infrared industry 
sites.  I could quickly get my moles into the best locations.

    If you think me too suspicious, blame it on 40 years in the Cold War 
and the President's directive that we are "at war" against the deadly 
terrorists.

James A. Kuzdrall

More information about the gnhlug-discuss mailing list