Category: Current Events

Paul Ryan open thread

Oh, what the heck, it hasn’t been chaotic enough around here. So, I’ll give you a topic: Paul Ryan. Commentary from The Economist starts:

IN THE polarised world of American politics, achieving bipartisan agreement on any topic is a rare feat nowadays. So perhaps it’s worth celebrating the fact that, had it been put to a vote, the pick of Paul Ryan as Mitt Romney’s running-mate likely would’ve gained support from both parties.

Please, continue. Was it a hail mary move? Will Ryan energize the Republican base enough to get out more votes? Will he drive votes to the Democrats?

What do you think?

Oh, and bonus points if you can tie in internet security.

Seattle in the Snow

Seattle snow (From The Oatmeal.)

It’s widely understood that Seattle needs a better way to measure snowfall. However, what’s lacking is a solid proposal for how to measure snowfall around here. And so I have a proposal.

We should create a new unit of measurement: The Nickels. Named after Greg Nickels, who lost the mayorship of Seattle because he couldn’t manage the snow.

Now, there’s a couple of ways we could define the Nickels. It could be:

  • The amount of snow needed to cost a Mayor 10 points of approval rating
  • The amount of snow needed to cause a bus to slide down Olive way and teeter over the highway
  • 2 millimeters
  • Enough snow to reduce the coefficient of city road friction by 1%.

I’m not sure any of these are really right, so please suggest other ways we could define a Nickels in the comments.

Niels Bohr was right about predictions

There’s been much talk of predictions lately, for some reason. Since I don’t sell anything, I almost never make them, but I did offer two predictions early in 2010, during the germination phase of a project a colleague was working on. Since these sort of meet Adam’s criteria by having both numbers and dates, I figured I’d share.

With minor formatting changes, the following is from my email of April, 2010.

Prediction 1

Regulation E style accountholder liability limitation will be extended
to commercial accountholders with assets below some reasonably large
value by 12/31/2010.

Why:  ACH and wire fraud are an increasingly large, and increasingly
public, problem.  Financial institutions will accept regulation in order
to preserve confidence in on-line channel.

WRONG!

Prediction 2

An episode of "state-sponsored SSL certificate fraud/forgery" will make
the public press.

Why: There is insufficient audit of the root certs that browser vendors
innately trust, making it sufficiently easy for a motivated attacker to
"build insecurity in" by getting his untrustworthy root cert trusted by
default.  The recent Mozilla kerfuffle over CNNIC is an harbinger of
this[1].  Similarly, Chris Soghoian's recent work[2] will increase
awareness of this issue enough to result in a governmental actor who has
done it being exposed.

Right!

But only because for this one I forgot to put in a date (I meant to also say “by 12/31/2010”, which makes this one WRONG! too.

I was motivated to make this post because I once again came across Soghoian’s paper just the other day (I think he cited it in a blog post I was reading). He really nailed it. I predict he’ll do so again in 2012.

Outrage of the Day: Police Violence

When the LAPD finally began arresting those of us interlocked around the symbolic tent, we were all ordered by the LAPD to unlink from each other (in order to facilitate the arrests). Each seated, nonviolent protester beside me who refused to cooperate by unlinking his arms had the following done to him: an LAPD officer would forcibly extend the protestor’s legs, grab his left foot, twist it all the way around and then stomp his boot on the insole, pinning the protestor’s left foot to the pavement, twisted backwards. Then the LAPD officer would grab the protestor’s right foot and twist it all the way the other direction until the non-violent protestor, in incredible agony, would shriek in pain and unlink from his neighbor.

It was horrible to watch, and apparently designed to terrorize the rest of us. At least I was sufficiently terrorized. I unlinked my arms voluntarily and informed the LAPD officers that I would go peacefully and cooperatively. I stood as instructed, and then I had my arms wrenched behind my back, and an officer hyperextended my wrists into my inner arms. It was super violent, it hurt really really bad, and he was doing it on purpose. When I involuntarily recoiled from the pain, the LAPD officer threw me face-first to the pavement. He had my hands behind my back, so I landed right on my face. The officer dropped with his knee on my back and ground my face into the pavement. It really, really hurt and my face started bleeding and I was very scared. I begged for mercy and I promised that I was honestly not resisting and would not resist.

Go read My Occupy LA Arrest, by Patrick Meighan

What's Wrong and What To Do About It?

Pike floyd
Let me start with an extended quote from “Why I Feel Bad for the Pepper-Spraying Policeman, Lt. John Pike“:

They are described in one July 2011 paper by sociologist Patrick Gillham called, “Securitizing America.” During the 1960s, police used what was called “escalated force” to stop protesters.

“Police sought to maintain law and order often trampling on protesters’ First Amendment rights, and frequently resorted to mass and unprovoked arrests and the overwhelming and indiscriminate use of force,” Gillham writes and TV footage from the time attests. This was the water cannon stage of police response to protest.

But by the 1970s, that version of crowd control had given rise to all sorts of problems and various departments went in “search for an alternative approach.” What they landed on was a paradigm called “negotiated management.” Police forces, by and large, cooperated with protesters who were willing to give major concessions on when and where they’d march or demonstrate. “Police used as little force as necessary to protect people and property and used arrests only symbolically at the request of activists or as a last resort and only against those breaking the law,” Gillham writes.

That relatively cozy relationship between police and protesters was an uneasy compromise that was often tested by small groups of “transgressive” protesters who refused to cooperate with authorities. They often used decentralized leadership structures that were difficult to infiltrate, co-opt, or even talk with. Still, they seemed like small potatoes.

Then came the massive and much-disputed 1999 WTO protests. Negotiated management was seen to have totally failed and it cost the police chief his job and helped knock the mayor from office. “It can be reasonably argued that these protests, and the experiences of the Seattle Police Department in trying to manage them, have had a more profound effect on modern policing than any other single event prior to 9/11,” former Chicago police officer and Western Illinois professor Todd Lough argued.

Former Seattle police chief Norm Stamper gives his perspective in “Paramilitary Policing From Seattle to Occupy Wall Street“:

“We have to clear the intersection,” said the field commander. “We have to clear the intersection,” the operations commander agreed, from his bunker in the Public Safety Building. Standing alone on the edge of the crowd, I, the chief of police, said to myself, “We have to clear the intersection.”

Why?

Because of all the what-ifs. What if a fire breaks out in the Sheraton across the street? What if a woman goes into labor on the seventeenth floor of the hotel? What if a heart patient goes into cardiac arrest in the high-rise on the corner? What if there’s a stabbing, a shooting, a serious-injury traffic accident? How would an aid car, fire engine or police cruiser get through that sea of people? The cop in me supported the decision to clear the intersection. But the chief in me should have vetoed it. And he certainly should have forbidden the indiscriminate use of tear gas to accomplish it, no matter how many warnings we barked through the bullhorn.

My support for a militaristic solution caused all hell to break loose. Rocks, bottles and newspaper racks went flying. Windows were smashed, stores were looted, fires lighted; and more gas filled the streets, with some cops clearly overreacting, escalating and prolonging the conflict. The “Battle in Seattle,” as the WTO protests and their aftermath came to be known, was a huge setback—for the protesters, my cops, the community.

Product reviews on Amazon for the Defense Technology 56895 MK-9 Stream pepper spray are funny, as is the Pepper Spraying Cop Tumblr feed.

But we have a real problem here. It’s not the pepper spray that makes me want to cry, it’s how mutually-reinforcing up a set of interlocking systems have become. It’s the police thinking they can arrest peaceful people for protesting, or for taking video of them It’s a court system that’s turned “deference” into a spineless art, even when it’s Supreme Court justices getting shoved aside in their role as legal observers. It’s a political system where we can’t even agree to ban the TSA, or work out a non-arbitrary deal on cutting spending. It’s a set of corporatist best practices that allow the system to keep on churning along despite widespread revulsion.

So what do we do about it? Civil comments welcome. Venting welcome. Just keep it civil with respect to other commenters.

Image: Pike Floyd, by Kosso K

Slow Thoughts on Occupy Seattle

Corporate ThievesI headed down to Occupy Seattle before a recent vacation, and have been mulling a bit on what I saw, because the lack of a coherent message or leadership or press make it easy to project our own opinions or simply mis-understand what the “Occupy” protests mean, and I wanted to avoid making that mistake. I think I saw two big themes there: an anti-war theme, and a combination of anti-capitalism and anti-corporatism. I think the second is more interesting, because it’s a combination of views, some of which I support, and others I think are somewhat foolish.

I think capitalism is a good thing. I’ve taken a salary from (venture) capitalists who were able to pay me because they captured “surplus value” from startups, and ploughed some of that profit back into more startups. I use the Marixst term of “surplus value” because I understand the Marxist critique, have lived it, and still think it’s a better system than all those others that have been tried from time to time. (I also think that Marx’s critique of capitalism is excellent, and even more so in light of the poorness of his suggested fixes.) The accumulation of capital in private hands greatly expands the range of entrepreneurship, allowing new products and services to emerge. And for those new products to succeed, they need to serve needs better than what preceded them. So we all benefit to a degree from the capital that accumulates in the hands of investors (even with the costs of creative destruction and externalities.)

At the same time, I think that there’s an emergent system of what we might call corporatism that I think is incompatible with a free society, and is in fact incompatible with free markets. By a free market, I mean one in which people contract with each other and with companies, and the court system enforces fair and predictable limits on those contracts. Fair limits might include that the parties came to a genuine meeting of the minds before exchanging value, that contracts are severable (so no indentured servitude or slavery), that interpretation favors the party that received the contract (rather than the drafter), and that neither party engaged in deceit in advertising their services.

Corporatism, at its heart, involves twisting the free market via government intervention in a number of ways:

  • Lobbying for rules that allow the company to exclude competition. See, for example, AT&T’s gradual re-monopolization of the phone system.
  • Manipulations of the contract system in ways which prevent fair redress. These include mandatory binding arbitration, prohibition of class action suits, clauses that allow the contract to remain in force even if the drafter puts in many clauses which shock the conscience of a court.
  • Un-knowable systems (in particular, the American credit system) in which companies work together to ensure that you do what they demand, even if it’s wrong, because if you don’t, they will destroy your ability to contract with anyone else on fair terms.
  • Convincing the government to take all the downside risk and none of the upside of the banking crisis, and then failing to prosecute those who enriched themselves via a game they knew full well was rigged.

Corporatism comes from the discovery that rules and meta-rules (the rules that are used to set the rules) are manipulatable. Of course, this is nothing new:

“People of the same trade seldom meet together, even for merriment and diversion, but the conversation ends in a conspiracy against the public, or in some contrivance to raise prices. It is impossible indeed to prevent such meetings, by any law which either could be executed, or would be consistent with liberty and justice.” (Smith, “The Wealth of Nations.”

There were a good number of frankly anti-capitalist signs and groups at Occupy Seattle. It’s a free country, they’re entitled to their opinion, and I can disagree.

But they were not the only signs. I saw lots of signs which seemed to take aim at the unaccountable: the bankers, the corporations (“I won’t believe that corporations are people until Texas executes one”). And I think that responses to currently unaccountable corporatism is going to be one of the key outcomes of the Occupy Movement.

Email chaos: How to reach Adam Shostack

The servers that host my personal email have been taken offline by a surprise attack by the evil forces of snow and ice, and my email is likely to start bouncing soon.

If you need to reach me, you can use nameofthisblog @ google, or first.last @ microsoft. You can also ask me to follow you on Twitter (@adamshostack) and we can talk in very short fragments.

I apologize for the inconvenience.

Sleepless in Seattle?

Reportedly, Seattle police have begun issuing tickets to drivers who honk their horns after 10 PM in support of the Occupy protest there.

To the extent that the police are only doing this to those expressing a specific point of view, there seems to be a legitimate issue. I am certain that the police would say they’d enforce the law equally, but it’s just that all the honking is for Occupy support.

If I were a Seattle prankster, I’d have a “Honk if you support law enforcement” sign made, and test that claim in whatever passes for a conservative ‘hood out there.

Egypt and Information Security

Yesterday, I said on Twitter that “If you work in information security, what’s happening in Egypt is a trove of metaphors and lessons for your work. Please pay attention.” My goal is not to say that what’s happening in Egypt is about information security, but rather to say that we can be both professional and engaged with the historic events going on there. Further, I think it’s important to be engaged.

A number of folks challenged me, for example, “Care to enumerate some of those lessons? The big ones I see are risks of centralized bandwidth control, lack of redundant connections.”

There’s a number of ways that information security professionals can engage with what’s happening.

A first is to use what’s happening to engage on security issues with their co-workers and management on issues like employee safety, disaster recovery and communications redundancy and security. This level of engagement is easy, it’s not political, but it uses a story in the news to open important discussions.

A second way is to use Egypt as a source of what-if scenarios to test those sorts of plans and issues. This gives strong work justification to tracking and understanding what’s happening in Egypt in detail.

A third way is to use Egypt as a way to open discussions of how our technologies can be used in ways which we don’t intend. Often times, security technologies overlap with the ability to impose control on communications. Sometimes, for example with Tor, they can be used to protect people. Other times, they can be used to cut off communications. These are difficult conversations, fraught with emotion and exposing our deep values. But they are difficult because they are important and meaningful. Oftentimes, we as technologists want to focus in on the technology, and leave the societal impact to others. I think Egypt offers us an opportunity to which we can rise, and a lens for us to engage with these questions in the technologies we build or operate.

There’s probably other ways as well, and I’d love to hear how others are engaging.

Navigation