Airbus' Presentation on Boeing 787 - Bad CI Ethics?

Replies to This Discussion

Permalink Reply by Nimalan on December 29, 2008 at 7:06pm

Hi Everyone,

Am new to this forum and going through this website I find am pretty much a beginner in CI (2 years in CI prior to which I never knew a formal discipline called CI existed).

I would agree with Chris Hote on this topic.

I work for a firm that specializes in CI for clients and have come across numerous instances of companies putting out "confidential" presentations on the internet with false or misleading information. This is pretty much common with those big market leaders (who are sure to be the target of multiple CI studies). So much so that we have come to believe that such easily available "confidential" information need not be correct information. Boeing's stoic silence on this issue further strengthens this argument. What say?

Nimalan

▶ Reply to This

Permalink Reply by Mark Johnson on January 20, 2009 at 11:14pm

I've often wondered about this, but would add one additional nasty wrinkle. It is easily possible to trap the domain name of the websurfer when they hit your website. Standard logs generally include this information.

What if you "trapped" your website to detect web surfers from COMPETITOR-X.COM, and reroute them to an entirely fake website FULL of disinformation.

First, it strikes me as unethical (no misrepresentation) but in addition, if gotten by the press, it could also result in ACTUAL incorrect stories being reported in the press and potentially affecting the stock price.

Interesting TECHNICAL problem, though...and a VERY fun mental exercise. I'm guessing this is where THE ONION got its start.

▶ Reply to This

Permalink Reply by Jerry Lai on December 30, 2008 at 3:57pm

Just some more unsolicited two cents from my part.

While D&D (Denial and Deception) is a common technique for counter-intelligence operations conducted by governments (i.e. the D&D operations that occurred prior to D-Day in WWII, which is well documented and makes for a very interesting read), I have my doubts about the practicality and to some degree, the legality, of adapting these techniques in the commercial marketplace.

While competitors would certainly be interested in information concerning a company, so would existing/potential investors, buyers, suppliers, etc. Since it is difficult to leak a piece of misinformation only to one's competitor, especially if its left out in the open online, it would be important to consider the unintended consequences of having officially stamped misinformation circulating out in the public. This may potentially influence the decision making process of the parties I mentioned above, and possibly suffering in the court of public opinion and/or the courts belonging to the legal system (depending on the type of misinformation leaked) when found out.

Just a few thoughts while on vacation, happy holidays everyone.

Cheers.

▶ Reply to This

Permalink Reply by Pieter Smith on January 15, 2009 at 3:22am

The presentation does not seem to be available any longer on the flightblogger web site, but an alternative location may be found by searching on Google for: Airbus 787 Lessons learnt filetype:pdf

Regards
Pieter Smith

▶ Reply to This

Permalink Reply by Mark Johnson on January 18, 2009 at 7:35pm

Many of the comments hinge around the idea of OSINT. I've always been an OSINT practitioner. The most "covert" thing I've ever done is accessing a competitor's website through their ANONYMOUS FTP. They don't seem to realize that FTP opens the whole server exactly the same as using Windows Explorer (only slight differences). The competitor is privately held, but post all their product brochures for download via FTP links. When you drill down, you find absolutely amazing detail. Most of it, of course, of no use at all. But it made it very possible to write some astoundingly detailed profiles. I would have had difficulty replicating the same detail on my OWN company. I never found a document bearing "proprietary" designation.

Sometimes a lot of effort is given to obtaining "the secret stuff". This is often the data that places you at jeopardy for lawsuit, prosecution, code of business conduct violation, etc. Before going after the "secret stuff" you need to ask several questions.

1. Do I even need it for anything of importance?
2. What would the company be able to do with it? Sometimes using it could get you sued anyway.
3. Is there a different (legitimate) way of getting the info?

Frequently folks go after the questionably secret data just because of the "cool" factor, even though it's of questionable use, and probably wouldn't convey any real competitive advantage anyway.

This is similar to the controversy among some interrogators. There's a new book out indicating that more conventional interrogation techniques can be more effective than aggressive and/or abusive approaches (without entering the torture debate). How to Break a Terrorist: The U.S. Interrogators Who Used Brains, Not Brutality, to Take Down the Deadliest Man in Iraq (Hardcover)

The oft-repeated axiom that ethical methods are more effective proves true in most instances.

▶ Reply to This

• 1
• 2