Hacking away at the First Amendment
In a momentous expansion of the government's authority to regulate public disclosure of national security information, a federal court ruled that even private citizens who do not hold security clearances can be prosecuted for unauthorized receipt and disclosure of classified information.
Judge Ellis himself seems uneasy with the outcome.
In the end, it must be said that this is a hard case, and not solely because the parties' positions and arguments are both substantial and complex. It is also a hard case because it requires an evaluation of whether Congress has violated our Constitution's most sacred values, enshrined in the First and the Fifth Amendment, when it passed legislation in furtherance of our nation's security. The conclusion here is that the balance struck by § 793 between these competing interests is constitutionally permissible because (1) it limits the breadth of the term "related to the national defense" to matters closely held by the government for the legitimate reason that their disclosure could threaten our collective security; and (2) it imposes rigorous scienter requirements as a condition for finding criminal liability.
[Via Dave Farber's IP list]
A False Sense of Insecurity
This is [almost] the name of a short paper written some two years ago by John Mueller, who holds the Woody Hayes Chair of National Security Studies at the Mershon Center of Ohio State University. On Tuesday, it was noted on Dave Farber's IP list as a paper that Bruce Schneier had called "interesting" on Monday. I call it outstanding.
[T]here is a perspective on terrorism that has been very substantially ignored. It can be summarized, somewhat crudely, as follows:
I was horrified for days after September 11. I had some feelings of concern for the kind of world my grandson was born into on nine days later. But I very quickly came to the conclusion that the actual risks were low, that the costs that society was (and continues) paying are much too high and that most of our politicians are playing directly into the hands of terrorists. On September 11, 2002 I even announced to several members of my family and to some close friends that Al Qaeda couldn't be much of a threat since a whole year had gone by with no further acts of terror from them.
Yes, there have been horrific and deplorable acts of terrorism in the following four years. Just yesterday came the news of a foiled plot to simultaneously blow up 10 planes over the North Atlantic. Somehow I expect to learn in the weeks ahead though that the threat was not what it's been made out to be.
And this article from the Washington Post. My expectations are being dashed.
Land of the free and home of the brave
Words can't convey how sick I feel upon reading this article from the New York Times:
A C.I.A. contractor broke both the agency's rules and the law when he used a two-foot-long metal flashlight to beat an Afghan man [named Abdul Wali] who later died, a prosecutor said Monday at the federal trial of the first American civilian charged with mistreating a detainee in Iraq or Afghanistan.
I sincerely hope Mr Gilbert is right, and that Mr Passaro is not guilty in every sense. One reason this story sickens me so is that it has become far too easy to believe that he actually is guilty and that this case is just one of many.
One prosecutor, Pat Sullivan, said Mr. Wali was chained to the floor and wall of a cell as Mr. Passaro kicked him and struck him with the flashlight and his fists. Once, he said, Mr. Passaro kicked his captive in the groin, having lined up like a football place-kicker. Mr. Passaro's fingerprints were on batteries from the flashlight, said Mr. Sullivan, adding that photographs to be shown the jury would detail the extent of Mr. Wali's injuries.
Other versions of the story allege that Mr Wali begged to be shot to be put out of his pain.
[Thanks to today's Capitol Hill Blue.]
U.S. Patent Office reform?
The U.S. patent system could be inching closer to an overhaul long desired by the technology industry.
In case anyone needs to be persuaded that there are serious problems with the current system, I offer Patent #6,368,227 ("A method of swing [sic] on a swing is disclosed, in which a user positioned on a standard swing suspended by two chains from a substantially horizontal tree branch induces side to side motion by pulling alternately on one chain and then the other") granted to a 5-year-old Minnesotan on 9 April 2002.
Did AOL publish your personal information?
AOL just released the logs of all searches done by 500,000 of their users over the course of three months earlier this year. That means that if you happened to be randomly chosen as one of these users, everything you searched for from March to May (2006) is now public information on the internet.
As a follow-up, someone who wishes to remain anonymous made an alarming discovery.
A search for an SSN shaped regex on the full AOL search data returns a 191 results including repeat searches. Many of these have full names, and at least a dozen include either an addresses, drivers license number, date of birth or some combination of the three in the same query. There's no telling how much more information an aggregation of other queries by those same user ID would yield.
As I understand this, if any of these half million AOL subscribers searched for personal information about me during the months of March, April and May this year, the queries they used are now available to anyone with Internet access, even though AOL has had second thoughts and removed access from their site.
"This was a screw-up, and we're angry and upset about it. It was an innocent enough attempt to reach out to the academic community with new research tools, but it was obviously not appropriately vetted, and if it had been, it would have been stopped in an instant," AOL, a unit of Time Warner, said in a statement. "Although there was no personally identifiable data linked to these accounts, we're absolutely not defending this. It was a mistake, and we apologize. We've launched an internal investigation into what happened, and we are taking steps to ensure that this type of thing never happens again."
With some concern for the ethics of doing so, I invite you to take a look at some specific searches performed by AOL users and imagine what it would feel like to have your searches on display here [via Declan McCullagh's Politech list].
The New York Times was able to determine the identity of searcher #4417749—a 62-year-old widow from Lilburn, Georgia—obtain her picture and interview her [thanks to Michael Geist's Internet Law News].
Declan McCullagh's Politech list pointed me to an op-ed piece by James Bovard in last Friday's Boston Globe titled The 'terrorist' batting average. It's purpose is to argue against Congress passing any law that would endorse the Bush Administration's use of military tribunals at Guantanamo and other places. I wholeheartedly agree. But it's worth reading even apart from its merit in making this case because it briefly totes up the administration's scorecard on combatting terrorism.
In the six weeks after the Sept. 11 attacks, the US government rounded up 1,200 people as suspected terrorists, or their supporters.... None of the detainees proved to have links to the attacks.
As for the use of military tribunals to try so-called "enemy combatants", the news that the U.S. Supreme Court had ruled that they were illegal—violating both the Geneva Conventions and the Uniform Code of Military Justice—left me feeling elated. This feeling was quickly dashed, however, on news that Sen. Arlen Specter, Chairman of the Senate Judiciary Committee, (and others) had announced plans to introduce legislation that would legalize these tribunals.
Can I borrow your electron microscope?
Our office manager recently sent the following message to all our employees:
It's a small company with some very smart people. One of our senior people—one with multiple degrees from reputable institutions—asked the office manager which glass the sample had been taken from, in case it had been his. Someone else asked a similar question. I learned this after I (jokingly) asked our office manager about the possibility of borrowing her electron microscope sometime; she was afraid I'd taken her seriously too.
Bolton's style at the UN
Yesterday's New York Times has a piece on U.S. Ambassador to the United Nations, John Bolton. The Senate Foreign Relations Committee is holding a hearing this this week on Bolton’s renomination (his was originally a recess appointment, because the administration didn't have the votes for Senate confirmation). At least one former opponent, Senator George V. Voinovich (R) of Ohio, has been won over by Bolton's performance. But many UN diplomats are not happy with Bolton, particularly when he's pushing his personal agenda of reforming the UN. The Times article cites the following incident.
Six ambassadors separately offered similar accounts of an incident in June that they said captured the situation. All were from nations in Europe, the Pacific and Latin America that consider themselves close allies of the United States, and they asked to speak anonymously in commenting on a fellow envoy.
Remind me again: why do they hate us so? [Thanks to today's Capitol Hill Blue.]
Lawyers' group criticizes Bush's signing statements
A task force for the American Bar Association produced a report that is highly critical of the unilateral exceptions President Bush often—over 800 times so far, compared to 600 in all previous administrations combined—makes to bills he signs into law. Calling this report critical seems like an understatement. The ABA's president, Michael Greco, said:
This report raises serious concerns crucial to the survival of our democracy. If left unchecked, the president's practice does grave harm to the separation of powers doctrine, and the system of checks and balances that have sustained our democracy for more than two centuries.
The members of the ABA will consider making this their official policy at their annual meeting next month.
[Thanks to today's Capitol Hill Blue.]
Senator Arlen Specter, Chairman of the Senate Judiciary Committee, says he is preparing legislation that would allow Congress to sue the President and have these signing statements declared unconstitutional.
Bogota, NJ iced coffee ad shock horror scandal probe
The Mayor of Bogota, NJ, Steve Lonegan, is calling for a boycott of McDonald's because he finds a Spanish-language billboard ad of theirs "offensive" and "divisive".
"The true things that bind us together as neighbors and community is [sic] our belief in the American flag and our common language," Lonegan said. "And when McDonald's sends a different message, that we're going to be different now, that causes resentment."
For the record, I am agnostic on this question of the American flag; I think there's a high probability that it's a figment of everyone's imagination.
Meanwhile, over at Language Log, Geoff Pullum is at a loss for words, Bill Poser is not and is organizing an anti-boycott, and Mark Liberman finds some juicy irony/hypocrisy on the Borough's web site. Oh, and Geoff Pullum finally does find some appropriate words and calls for e-mail bombing of the Mayor (something which I am not advocating despite the smug satisfaction I feel at seeing the Mayor's opinions ridiculed). As an added bonus, the transcript of Lonegan's "appearance" on CNN radio's Glenn Beck talk show is here (search for "Bogota" to find the beginning of the relevant segment). You won't want to miss the follow-up call from Mayor McCheese.
Arrested political protestors sue authorities
Read the whole story in the New York Times for details. I hope they win and help bring about an end to this anti-freedom, anti-democratic, anti-American practice.
... Christine Nelson showed up at the Cedar Rapids rally with a Kerry-Edwards button pinned on her T-shirt; Alice McCabe clutched a small, paper sign stating ''No More War.'' What could be more American, they thought, than mixing a little dissent with the bunting and buzz of a get-out-the-vote rally headlined by the president?
[Thanks to Dave Farber's IP list.]
Why Information Security is Hard — An Economic Perspective
This is the title of a 2001 paper by Ross Anderson. Bruce Schneier, in the 15 July issue of his Crypto-Gram newsletter, called it a "brilliant article." So I decided to read it. As a long-time programmer with no special expertise in information security, I found it to be extremely interesting. Here are a couple of juicy quotes.
In a survey of fraud against autoteller machines, it was found that patterns of fraud depended on who was liable for them. In the USA, if a customer disputed a transaction, the onus was on the bank to prove that the customer was mistaken or lying; this gave US banks a motive to protect their systems properly. But in Britain, Norway and the Netherlands, the burden of proof lay on the customer: the bank was right unless the customer could prove it wrong. Since this was almost impossible, the banks in these countries became careless. Eventually, epidemics of fraud demolished their complacency. US banks, meanwhile, suffered much less fraud; although they actually spent less money on security than their European counterparts, they spent it more effectively.
A different kind of incentive failure surfaced in early 2000, with distributed denial of service attacks against a number of high-profile web sites. These exploit a number of subverted machines to launch a large coordinated packet flood at a target. Since many of them flood the victim at the same time, the traffic is more than the target can cope with, and because it comes from many different sources, it can be very difficult to stop.... While individual computer users might be happy to spend $100 on anti-virus software to protect themselves against attack, they are unlikely to spend even $1 on software to prevent their machines being used to attack Amazon or Microsoft.
You may have to read the paper to see what this next one has to do with information security.
A very common objective is differentiated pricing. This is usually critical to firms that price a product or service not to its cost but to its value to the customer. This is familiar from the world of air travel: you can spend $200 to fly the Atlantic in coach class, $2000 in business class or $5000 in first. Some commentators are surprised by the size of this gap; yet a French economist, Jules Dupuit, had already written in 1849:[I]t is not because of the few thousand francs which would have to be spent to put a roof over the third-class carriage or to upholster the third-class seats that some company or other has open carriages with wooden benches . . . What the company is trying to do is prevent the passengers who can pay the second-class fare from traveling third class; it hits the poor, not because it wants to hurt them, but to frighten the rich . . . And it is again for the same reason that the companies, having proved almost cruel to the third-class passengers and mean to the second-class ones, become lavish in dealing with first-class customers. Having refused the poor what is necessary, they give the rich what is superfluous.
FISA & Hepting v AT&T
Hepting v AT&T is the name of the EFF suit I blogged about yesterday and FISA is the Foreign Intelligence Surveillance Act that "prescribes procedures for requesting judicial authorization for electronic surveillance and physical search of persons engaged in espionage or international terrorism against the United States on behalf of a foreign power," according the Federation of American Scientists (FAS). As it happens, FAS has a Project on Government Secrecy, on behalf of which Steven Aftergood produces an e-mail newsletter called Secrecy News. In today's issue he made some interesting points in connection with FISA and Hepting v AT&T [emphasis added].
EVOLUTION OF THE FOREIGN INTELLIGENCE SURVEILLANCE ACT
In other words this was the first time (out of something like 60 times since it was first used, in 1953) a court has ever denied the government's assertion of the state secrets privilege on anything but a technicality.
Pendleton Hall's Architect
I recently saw the film My Architect, a documentary directed by one of two illegitimate children fathered by the well-known architect Louis Kahn, who also fathered a child by his wife. In it the director tries to find and understand his father, who died bankrupt, alone and without identification in Penn Station in New York City in 1974. I enjoyed it, despite (or perhaps in part because of) the unsettling juxtaposition of the beauty and power of Kahn's work as an artist against the heart-breaking consequences of his choices in human relationships. A lot of energy in the film goes into explaining the latter, but no one seems willing to state what seems obvious to me: it's the result of Kahn's philandering, and there would have been a lot less pain in this story if he had remained faithful to his wife. Of course, the irony is that without his philandering, we wouldn't have had this movie.
As a side note, I noticed a striking resemblance to Louis Kahn's architectural style of one of the buildings I took two years of college classes in—Pendleton Hall at Bryn Athyn College (known as the Academy of the New Church College while I was there). At the least, whoever designed this building must have been significantly influenced by Kahn. I tried googling to find out who that architect was, but without success. Anyone know?
Terabyte storage for the home
Seagate has announced this new disk drive, priced at less than 90¢ per gigabyte. It doesn't seem that long ago that I was pricing disk storage at cost per megabyte (which in this case would be less than one tenth of a penny).
Restoring Faith: a [Hopefully] Continuing Saga
U.S. District Court Judge for Northern California has turned down a request by U.S. government officials to dismiss a lawsuit against AT&T by the Electronic Frontier Foundation (EFF) alleging that AT&T broke the law when it allowed the government to monitor telephone and e-mail conversations. U.S. Director of National Intelligence John Negroponte had said that the case "could be expected to cause exceptionally grave damage to the national security of the United States."
In his 72-page ruling, Judge Vaughn Walker noted that
"... [T]he very subject matter of this action is hardly a secret.... [P]ublic disclosures by the government and AT&T indicate that AT&T is assisting the government to implement some kind of surveillance program.... The compromise between liberty and security remains a difficult one, but dismissing this case at the outset would sacrifice liberty for no apparent enhancement of security."
Losing Faith: a Continuing Saga
On Monday Alberto Gonzales told the U.S. Senate Judiciary Committee that President Bush had personally denied security clearances needed by a Justice Department ethics unit (the Office of Professional Responsibility) that would have allowed them to look into the role that government lawyers played in approving the warrantless eavesdropping program that monitors Americans' international and domestic telephone calls and emails without approval of the Foreign Intelligence Surveillance Act (FISA) Court. On the face of it, this kind of surveillance is defined by FISA as a felony. The OPR investigation had been undertaken at the request of members of Congress.
I consider this another egregious (and personal) seizing of power by the President of the United States.
[Thanks to Michael Geist's Internet Law News.]
Chaos <—> Order
On the way to work today, I saw a pickup truck with a nicely painted slogan across its tailgate:
We bring order to chaos
I never got into a position where I could see any logo or other indication of whose slogan this was. When I got to my computer, I googled the phrase and got 72 hits. Most of them appear to be connected to some kind of pitch, such as this one from Direct Marketing Solutions, Inc.: "Basically we bring order to chaos and improve your ROI in the process."
No surprise. But it occurred to me when I first saw this slogan that one could also make a virtue of bringing chaos to order. Some art does this. So I also googled for the converse slogan, "We bring chaos to order." Ah, three hits.
The first was an essay titled "Goethean Science: Bringing Chaos to Order by Looking Phenomena Right in the 'I'", written by Tom Mellett, of Vanderbilt University's Department of Physics. Here's a sample line from the introduction.
Might we not see the appearance of Mephistopheles to Faust as the appearance of chaos and complexity to modern science and academia which is equally bored with the inane intellectual ordering and gross oversimplifying of the universe we all inhabit together?
The second was from a message board for Who's a Rat: Real Life — Real People (it claims to be the "largest online database of informants and agents). Here is a verbatim transcrikpt of how that particular message starts.
Yeah man this thread is not for the faint hearted. There are few members in here who claim that are been followed, harassed, stalked, attacked and no one believes them. Just like the National Investigations Committee on Aerial (U.F.O.) Phenomena (NICAP) No one believe us.
The third is a picture of a nuclear explosion titled "Welcome to Riotnet.net" and captioned "We Bring Chaos To Order!"
All I can say is that I seem to be keeping some pretty weird company in my head!
Forensic investigation into the fate of Senator Stevens's waylaid
How to transport dangerous chemicals on airline flights
It's nothing more than a way to exploit stupid airport security. I learned this trick from Ole Jacobsen, Editor and Publisher of Cisco System's The Internet Protocol Journal. He submitted a brief trip report to Dave Farber's IP list, the complete body of which I reproduce here:
Returning from Montreal yesterday my carry-on bag was searched and a
This reminded me that when I travel, I put all the daily medications I'm going to need in a small unlabeled pill box. I recently learned from our local chief of police that this is a violation of U.S. drug laws, even when they're just sitting on my dresser in my own home! This is not stupid airport security; however it does bring to mind several maxims:
The more laws and order are made prominent,
A multitude of laws in a country is like a great number of physicians,
The more corrupt the state, the more numerous the laws. — Publius Cornelius Tacitus
The more laws, the more offenders. — Thomas Fuller
Laws are the spider's webs which, if anything small falls into them they ensnare it,