Tag Archives: government

NSA and Edward Snowden

Posted on by

Today saw the unveiling of the NSA leaker, Edward Snowden, a highschool dropout that worked his way through sheer capabilities as a programmer. To me this guy is pretty amazing. He cares about the people that he could have put in harms way, he made sure that he did not release any information that would put anyone in harms way, even though he had the capabilities. He learned from Bradley Manning and worked to ensure there would be no risks of physical injury. He felt that these actions violated the constitution and decided to expose these deeds to the public even though he knew his life was over. He believes he’s likely to be targeted by the US government or an agent, such as a member of the Triad gang (he’s in Hong Kong), to be executed.

Not only he is clearly concerned, but the media seems to think that this is also true. My roommate was watching ABC news with Diane Sawyer and during one segue she mentioned that he may have left because he feared for his life and was likely in danger. Think about it. It’s publicly acknowledged by our press, that it’s likely a whistleblower might be killed by the US government. This is a US citizen that has a family history of serving (father a member of the coast guard and mother a legal clerk) the US government. He is afraid for his life because he believes that the US government would murder him. If he dies and his body is found the blame will automatically fall upon the government. Edward will not be able to answer phone calls, call anyone, and is essentially on his own to make it to a country that has no extradition treaty with the US. This is a travesty – the fact that many people believe this man is going to die within the next few weeks – killed by his own government without his right to a trial.

Why does what he said matter? A lot of people are talking about it being only Metadata – here’s an excellent article explaining what would have happened if the British had meta data during the revolutionary war. It would have ID’d Paul Revere as a likely revolutionary based on his association. Knowing nothing else about him other than a few clubs he and 254 other people in Boston were members of it was possible to deduce the entire social network and who was at the center of the networks.

As I mentioned in my last blog post this network analysis would have caused the changes in my Facebook network to raise some red flags. I suddenly move to Europe (I didn’t list Eindhoven has my city of residence it would have been inferred from my friends), some of my first connects in Europe on Facebook were 2 Colombians, 2 Pakistanis, an Iranian, and a Turk. These changes represented a major shift in my circle of friends. I had few non-americans as friends and no Iranians or Pakistanis in my network. Using the full history of my data they wouldn’t have found much except that I liked to drink and wrote drunk posts on Facebook while in college. However, it’s likely I would have remained someone to keep an eye on, and since then I’ve written numerous posts about Anonymous, LulzSec and other controversial topics.

Anyway, it’s important to keep this in mind when selecting the companies you decide to store your information with, even if it’s “only” metadata. Where you go, who you talk to, and what you do online are all representations of you and a lot of information can be gleaned from that.

What can we do? Vote all the bums out of office next go around for one. Start companies that only hand over encrypted data that the end users are the only ones that can decrypt it. Educate your friends, family, co-workers, and anyone politically minded you know. We need to drive change otherwise this will continue and will only get worse. At what point do we need to start worrying that the NSA/US Government will start killing your friends because of who they talk to and what they believe?

The word "Terrorism" has jumped the Shark

Posted on by

“You keep saying that word, I do not think it means what you think it means” – Princess Bride. Growing up terrorism meant something. It meant that someone out there could get to you in a very violent way designed to inspire fear in the general population. These events were rare, but horrifying. The first World Trade Center Bombing, Oklahoma City Bombing, The Unibomber, The Olympics bombing, the nerve gas in Tokyo Subway, etc… However, since 9/11 the word Terrorism has begun to change meaning. 9/11 of course was a terrorist attack and spawned may other attacks that were intended to cause damage and inspire fear in the populace. They worked, the US has spent billions of dollars in security measures that are ineffective at best, we’ve spent trillions of dollars on two wars, and who knows how many shadowy engagements using our special forces and drones.

It’s had many other consequences, the no fly lists, the removal of passengers for speaking Arabic or most recently Russian, hateful actions against both Muslims and the religiously unrelated Sikhs – they have turbans therefore must be a terrorist! – and of course more attacks. The disturbing trend however is the lack of even handedness in classifying an act as an act of terrorism. We’re seeing kids getting arrested and facing 20 years for making terrorist threats by posting rap lyrics on facebook. We have the Boston Bomber charged with terrorism (as he should be), but the guys with the guns in the movie theaters aren’t being charged with terrorism.

Most recently in the UK, there was an attack with a machete on a solider that’s being called Terrorism. Just yesterday there was an attack in France which happened in a similar fashion that’s also being called terrorism. Does terrorism mean any attack on non-Muslim by a Muslim? Why are these not politically motivated murders or even assassinations? That is what they are, is that terrorism? I don’t really think so. David Cameron is going to use these murders as an excuse to stamp out what he considers “hate speech” in the UK. Will this simply turn out to be an attack on Muslims in general?

Many of you out there are not fans of the blow back theory, where our actions in those regions are creating hostile agents that attempt to get revenge in any way possible. Initially, I was very skeptical of this stand point. However, as I’ve paid attention to the new more and expanded my sources of information, I completely accept this theory. I believe that there are clear parallels with the US response to hacking activities. The final piece of evidence I’ll provide in support of the theory is this great short read by Juan Cole:  “Who’s the Threat?” It’s a simple chart showing what countries have invaded each other since 1798 and the numbers killed by the “terrorist regions” or the west. Put in this larger context, hearing about drone strikes would be terrifying – especially since you have absolutely no recourse if your brother is “collateral damage” to a strike.

With that in mind, I think it’s paramount that we work to keep terrorism to mean an act of violence that’s more similar to the Boston Bombing than a brutal machete murder which was more of an attack directed against the state than the people of that state.

A bit remiss

Posted on by

Sorry dear readrs, I’ve been very bad about writing any blogs lately. I’ve had some pretty big changes in the past two months as you all know. I’ve moved back from the Netherlands to the US, did some consulting work and I just started a job at AMD. Consequently, I’ve not been able to post as much as I have in the past. Big changes have been happening in my life.

Because of these changes I wasn’t able to pay enough attention to the CISPA fiasco that just occurred in the US. This law is a terrible step in the direction of data tyranny. I’m even being hyperbolic about this either. I wrote about the risks of having a voluntary data sharing program and in my review of Consent of the Networked I discussed the different data and Government regimes out in the “wild.” These concerns are valid. We need to be aware of what’s going on. Now, I have to say we pretty much blew our collective internet protest load with the SOPA/PIPA protests. Which is actually a problem. I would hazard that in many ways CISPA is as bad or worse than SOPA, however I didn’t see as much chatter about CISPA on reddit, twitter, Google+ or Facebook about CISPA as I did about SOPA.

I think there are a few reasons for this actually. First, the majority of the people were able to clearly understand the risks associated with SOPA. These risks are pretty straight forward and understandable. These risks affect us tomorrow not in some future time period. In many ways SOPA like acts can already happen today. This makes it extremely obvious why SOPA/PIPA are terrible laws and should be opposed at many levels. Second, with CISPA coming so quickly after the SOPA/PIPA protests there was likely something of a protest overload or disbelief that another law could come through so quickly that is as bad or worse than SOPA. Especially with the language that was being used at the time of SOPA. It would have broken the Internet, how could anything be worse than that? Third, there was more support by large companies for this law than for SOPA. Apparently that actually matters more than we realized. We were able to push Wikipedia, Facebook, and other large companies to protest this law. However in this case Facebook and Microsoft supported the law while Google sat on the sideline saying nothing about the law.

I think from this stand point, people that weren’t happy with CISPA but didn’t understand the importance likely didn’t do anything about it. However, whenever a fantastic website like Wikipedia blacks out in protest for a law it will get people who are only on the fence about the law to actually do something about the law.

CISPA and SOPA are both bad but in very different ways. CISPA is something of an abstraction of risk. Losing your privacy when so many people already voluntarily give up so much information about themselves on Facebook and Twitter might not seem like as big of a deal. The secondary abstraction is a lack of understanding of the impact of the data sharing. It’s unclear of what exactly the Feds would do with the data once they have it. It’s unclear how data sharing would occur within the government. However, it is likely that the data would be shared throughout the government including the military. Which many privacy experts are say essentially legalizes military spying on US civilians. The third problem is that many people also feel that if you aren’t doing something wrong you don’t have anything to worry about. However, this is a fallacy as even people who are doing things that aren’t wrong can get in trouble. I’ve discussed the cases where people are fired for posting drunken pictures on Facebook. Additionally, this type of law represents the biggest of the big government that we can imagine. There’s no reason why the government needs to know what we’re doing in this level of detail.

It’s going to be a long and difficult fight to keep our internet free. However, it’s something that we must do and I believe we can do it. We will just need to keep vigilant and work together to ensure that our internet stays our internet.

Free-market, Small Government and Regulations

Posted on by

The free-market has been used to argue against regulations and for small government for years. However, I believe that the major supporters of using the free-market argument are disingenuous in their application of the argument. In addition, the free-market is a flawed theory which needs to be revisited by neoclassical scholars and adjusted.

The free-market theory comes from the idea that there is an invisible hand that guides the market towards equilibrium between supply and demand. This assumes that once the equilibrium is hit it will stay at that point until there is some shock to the system which would find a new equilibrium. Each time that there is a shock, the invisible hand would push the market into a new equilibrium. This idea came as a side comment in the Wealth of Nations. This idea has become enshrined in the minds of neoclassical economics in a manner that Newtonian Physics was presumed to be accurate. In both cases the theory is incorrect. Relativistic Physics has replaced Newtonian, but in Economics the free-market is still the prevailing mechanism for policy creation. There has been no evidence for an invisible hand at all. In fact Metcalf created the theory of a networked economy which argues that the value of a good becomes more valuable as more people use it. I’ve mentioned this in the past. Essentially, this will prevent any equilibrium from every being found as the price can increase and people will still adopt the networked item because it’s becoming more valuable to the user. Or the price can remain constant even when it should drop for other factors such as a reduction in cost of production. A perfect example is the iPhone. According to research Apple has a whopping 72% margins on the iPhone, even if production was moved to the US Apple would still make 42% margin on the iPhone. There also is an over production of the iPhone and strong competition, which would indicate that the iPhone should drop prices as they are capable with that large of a margin. This market has a great deal of competition and has a large number of companies producing, which indicates that it Apple should be under pressure to drop prices. However this isn’t happening because of the networked value of the iPhone. There are a huge number of apps for the phone, the apps are high quality and the product works well with other iPhones. The market has had no impact on the cost of the iPhone.

However, free-market champions would look at any effort to change the labor practices of Apple as wrong headed and regulation that isn’t required. The Market isn’t demanding any change to labor practices because the market can bear the current prices and the demand indicates that people don’t care about labor practices. However, it’s well known that there are no alternatives to Apple’s iPhone that are produced in an ethical manner. So voting with your money wouldn’t actually work here. The problem arises because there is something of a monopoly in the manufacturing of the smart phones in FoxConn. In this case there is a market failure. Which is something that neoclassical theorists argue cannot occur. The market cannot send a signal to firms because there is no mechanism in which the market could send a signal. This is can be understood if you view this industry as a networked economy. Where you see the ties between manufacturers and handset companies, which would show a massive connection to FoxConn.

Efforts to regulate the manufacturing of devices have been argued as the reason for moving the manufacturing to other countries. However, this is not the case in the case of Apple, as they would still have huge margins. It’s because the company is attempting to maximize profits, not reduce costs to be profitable. The same arguments have been used to argue for smaller government. Saying that since there are no market failures the government should not intervene in the industry.

The unfortunate thing is that these arguments immediately disappear when it comes to protecting the profits of record industries. The same free-market advocates then move to argue that intellectual property must be protected. Essentially, creating protection for a specific product through IP causes a market failure and prevents the market from operating at its most efficient because there are not other competitors in the market. Creating IP requires a huge regulatory framework from the mechanisms of registering, logging complaints and prosecuting actors that infringe on the IP.

This type of industrial policy is typically derided by the small government fans, as it is a type of regulation that selects a “winner” (IP owners) over “losers” (non IP owners). Which may be fine. However, whenever this selection pushes our government to select a winner (Music) over the fastest growing, possibly only growing, part of our economy (internet based companies) there is a serious risk to the future. As I’ve mentioned before these laws represent huge risks for innovation.

These laws are SOPA and PIPA, which I’ve discussed extensively. However, the next round of internet regulations come in the form of CISPA. This bill, which requires allows companies to share extensively with government agencies. This type of sharing of user data and information about the activities going on at the company would not go over very well from the the free-market advocates if this was a request for data about customer data for car dealerships or steel mills. Essentially, this is going to increase the cost of doing business in the US. This may prevent companies from working in the US and prevent innovation. If I was to create a company that dealt with social data I would not want to do so after the passing of this bill. It would be likely that I would be blackmailed into giving the government data about my users that I had no desire to give them.

The internet is the perfect example of a networked economy. Facebook’s value comes from the fact that it has a huge user base. This is true for Google, Amazon and Instagram (List of companies that support CISPA). Without the users the services is literally worthless. With the users a company without any revenues can be worth $1 Billion (Instagram). The difference between this bill and other bills like SOPA and PIPA is that the agreement is bidirectional. The government will likely help Facebook and Google fight Chinese attacks and give information to each other about the activities of online hacktivist groups like Anonymous. It is likely that 4chan will end up giving over IP data and other information related to anonymous and Anonymous users.

This is regulation that the internet doesn’t need and will stifle innovation. The government already has these powers, which maybe why the Obama administration is opposed to CISPA. It is also ironic that Obama plans on sanctioning countries that use Tech to abuse human rights specifically committing genocide. A whistle blower has recently announced that the NSA has intercepted 20 TRILLION emails and likely has copies of all of these stored somewhere. The passing of CISPA and any other law of similar persuasion  would likely protect companies like AT&T from future lawsuits for being complicit with these activities.

For devotes of the Free-Market these laws create market distortions and will cause serious harm to innovation on the internet. For people that understand networked economies, this will greatly undermine the value of these networks as users will likely change their behavior to mitigate the amount of information the Government can compile on them. CISPA and its sister laws SOPA and PIPA represent big government actions attempting to control and regulate industries that do not need to be regulated. In this case there is no market failure that needs to be addressed. Privacy is something that the users have been pushing for and Facebook and Google have steadily improved on those accounts. Surprisingly industry is doing a decent job at regulating itself. Finally, regulations being pushed by advocates of small government and free-market smack of hypocrisy and a lack of understanding. These laws require a deep understanding of the internet and how the market of the internet works. Without this understanding terrible laws will be passed that will damage our privacy and freedoms. For the issues that this law would protect from there are other methods that could be employed to gain the desired results without passing laws.

Contact your congressional members to fight against this bill.

CISPA and the problem with volunteering data

Posted on by
So, CISPA, Cyber Information Sharing and Protection Act, is the newest cyber bill on the block. There is a difference between this and the other laws though. In SOPA and PIPA the laws were mandatory, and the government could simply act. In CISPA companies can willingly filter material and this may be based upon information the government provides as a threat. This was a bad situation and internet companies seem to like this law. Facebook and Microsoft are straight up supporting the law. There is uncertainty in the public if Google is or not.

So, in this law the government and internet companies can voluntarily share information about cyber threats and suspicious activities online. However, the problem with voluntary sharing programs is that they can turn into “voluntary” programs. What do I mean? Well, if the government is not required to give the information to all parties that could be affected in some sort of terrorist act the government could decide to give information to companies that are sharing information with the government. Additionally, the government could punish companies, like Twitter, that fight the government over privacy issues by not sharing information.

These are pretty obvious problems with this type of law. It assumes that each event is independent and previous actions have no consequent. This is a faulty premise. If this is viewed as a multi-turn prisoner’s dilemma, it’s obvious that with repeat interactions the best actions will always be to share. This will likely lead to sharing when there are cases of doubt over if the company should share or not. Companies will fault on the side of security over privacy, because the future benefits outweigh any punishment the users can enact on the companies.

These types of pseudo quid pro quo is impacting the US government in other ways including lobbying. It is likely that this information exchange will be used by companies whenever there are negotiations for future laws. They will be able to say, “you need to respect our rights to X, look how friendly we’ve been with the government” and then show a list of times they voluntarily gave data to the government. This was a tactic that Ma Bell used to keep their monopoly as long as they did. Because the company was providing the government with extra public goods (military research), the government was willing to over look the fact that the company was a monopoly and perhaps should be broken up.

CISPA is a dangerous law that we need to carefully weigh accepting. We need to pressure internet companies to step away from the law. We also need, if it passes, better understanding of when companies hand over data willingly and for what reasons. We should also be notified any time a company hands over our data about us to the government for any reason.