Archive for August, 2008

Book: Ordinary Men

Posted on August 27th, 2008 in Books, Computer Security, Entertainment, Life, Music, Television | No Comments »

Ordinary Men by Christopher R. Browning is a book on Nazi Germany’s Reserve Police Battalion 101, which participated in the Holocaust. The primary discussion in the book is on how a group of ordinary, middle-aged Germans became mass murderers. He attempts to understand how this transformation took place, and he uses insights from the Milgram experiments and the Stanford Prison experiments. However, he is quick to point out in the forward of the book that “explaining is not excusing; understanding is not forgiving.”

The book was recommended to me by Lucas Layman after a discussion on the importance of the human element in computer security led to a discussion on the Milgram experiments and the Stanford Prison experiments. Certainly there are many elements of computer security and computer crime that can be better understood through studying human psychology. For example, the simple fact that as the men of Reserve Police Battalion 101 were removed from direct participation (e.g. pulling the trigger themselves) to indirect participation (e.g. leading Jews to death trains) they were more easily able to cope with their actions psychologically. Similarly, computer crime is easily disassociated because of the impersonal nature of dealing with computers rather than humans. However, after reading the book my strongest reaction has been broader than just computer security.

When I was in high school I had to read quite a few books on the Holocaust. It seemed that every year we read a different book on the subject, and I tired quickly of the extremes that were pushed. Nazi Germany in general and Hitler in particular have become famous for being the most extreme extreme. This is perhaps best identified by Godwin’s Law.

Ordinary Men suffers from over-extremism to some extent as well. For example, Browning causally refers to the Holocaust as the “most extreme genocide in human history” without offering much in the way of proof or comparison. The number of Native Americans systematically killed by Europeans and the number of Russians killed by Stalin’s regime could each easily exceed the numbers of Jews killed by the Holocaust. The rate of killing in Rwanda could easily surpass the rate of killing in the Holocaust. The brutality of groups like the Khmer Rouge and leaders like Genghis Kahn could be argued to be greater than that found in the Holocaust. Is it even possible to classify something like the “most extreme genocide in history?”

My point is that our only reaction to events like these cannot be the emotional one; we must attempt to understand why and how these things happen so that we can learn from them. We aren’t good at rationalizing emotions, and we are rarely able to draw objective conclusions based on them. However, if we can take a look at some facts, then we may be able to learn important lessons. For example, before the brutality caused by Nazi Germany and in former Yugoslavia, we see extreme hyperinflation. Do we know anywhere else in the world where that is happening right now? I think so. This is something to be concerned about.

More generally security is a field that suffers from extremely emotional reactions. The air travel response to the September 11th attacks is a good example. How many of these responses have been the result of reason rather than emotion? How many of them have actually improved airport security? These are questions that we will probably continue to struggle with for years because of the highly charged emotional response most Americans have to the September 11th attacks.

On the whole though, Browning does a good job of ensuring that we don’t view the people of Reserve Police Battalion 101 as caricatures of themselves. As a result, there are many lessons to be learned from this book. The Holocaust should not be thought of as an abstract evil thing, but instead as a real consequence of human plans and actions. As Browning says, “Ultimately, the Holocaust took place because at the most basic level individual human beings killed other human beings in large numbers over an extended period of time.” The book offers an objective take on how ordinary people are capable of such a thing. I found it to be a very worthwhile read.

FCC Releases Comcast-BitTorrent Statement

Posted on August 21st, 2008 in Politics and Law, Technology | No Comments »

Yesterday the FCC released their report on their decision against Comcast’s secret degredation of BitTorrent protocol traffic. The basic content of this ruling has been known since early August. It nominally states that Comcast violated federal rules for “reasonable network management.” Network neutrality proponents have been quick to applaud the FCC’s ruling. Certainly, this action violates a hands-off, network neutral approach. However, the extremely important and surprisingly overlooked subtext is that supporting the FCC’s ruling implicitly accepts that the FCC should regulate the operation of ISPs, and effectively, the Internet itself. The end result of regulating the Internet is to seriously muffle the creativity and innovation that has made the Internet great.

Some commentators are avoiding the discussion of the FCC’s jurisdiction in this matter, but it is absolutely the most important aspect of this ruling. The FCC’s five commissioners voted to take action 3 votes to 2. Both Commissioner McDowell and Commissioner Tate have released separate dissenting statements intimating that the FCC shouldn’t be involved in this type of decision. Commissioner McDowell wrote an editorial in the Washington Post several weeks ago defending the incredible growth of the Internet as the result of “the principle that engineers, not politicians or bureaucrats, should solve engineering problems.”

In fact, Comcast and BitTorrent had already agreed to work out an amicable solution to these engineering problems way back in March. Of course, the folks at Freedom to Tinker are right that this isn’t really a two party discussion between Comcast and BitTorrent, but the point is that Comcast was working towards fixing these problems well before the FCC took a regulatory action.

ISPs have always had the ability to solve network problems as they happen without fearing a fine. Government regulation would hamper these efforts. Politicians are concerned about this chilling effect. Kevin Martin, who is the Republican-appointed Chairman of the FCC and who voted in favor of taking action against Comcast, faced significant political pressure prior to the release of the opinion. House Minority Leader John Boehner wrote a letter to Martin to express “dismay” that he was “intend[ing] to interfere with the network management decisions of broadband providers, essentially regulating the Internet.”

Supporters of the FCC’s actions, such as Brett Frischmann, may find the FCC’s use of the phrase “reasonable network management” to provide sufficient wiggle room for analyzing actions on a case-by-case basis, but the phrase “reasonable network management” is not as innocuous as it may seem. Sure, there’s a lot of ambiguity in the word ‘reasonable,’ but adopting this phrase as a de facto standard would destroy creativity and innovation. Here’s what George Bernard Shaw had to say about reasonableness:

The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man.

This has certainly been true of the Internet, where virtually every major advance seems to have come as a complete shock to the vast majority of experts in the field. Paul Graham talks about this a lot. Most recently he mentioned it in the context of fundraising for startups:

A good startup idea has to be not just good but novel. And to be both good and novel, an idea probably has to seem bad to most people, or someone would already be doing it and it wouldn’t be novel.

Don’t lose sight of this bigger picture like the FCC has: Regulating network neutrality doesn’t work out well for anyone in the long run because creativity and innovation depend on the ability to be “unreasonable” at times.

Things We Take for Granted

Posted on August 20th, 2008 in Life, Politics and Law | 1 Comment »

In an election year, it is easy to become caught up in the political discussion about which candidate has the best policy on education, which candidate will fix healthcare, or which candidate will lower our gas prices. It is easy to focus on the problems because politicians don’t get elected for the things that have gone right. These are the things we take for granted, but there are certainly places in the world where the things we take for granted are serious concerns.

Zimbabwe is one of those places. Yesterday, it was determined that the Zimbabwe dollar has suffered from 11,200,000% inflation for the 12 previous months. That’s 11.2 million percent inflation. As Tom Palmer has aptly said, this is how you destroy a country. As you may have surmised, this is a classic example of hyperinflation.

The leaders of Zimbabwe are at best clueless and at worst ruthlessly careless as to the effects of their policies. Zimbabwe’s President Robert Mugabe and Reserve Bank governor Gideon Gono have devalued the currency rather than attempt to address the root causes of the problem. They blame sanctions from western countries for their economic woes, when in reality they have created their own crisis.

Zimbabwe has the natural resources to be one of the wealthiest African countries. Zimbabwe is home to Victoria Falls, a worldwide tourist attraction. They also has rich mineral deposits that could support some of the best mines in the world. Zimbabwe’s sub-tropical climate could support significant agriculture as well. These resources simply need to be managed properly.

Meanwhile, the people of Zimbabwe are suffering. The unemployment rate is over 80%. The brain drain has been staggering. Only those people who can’t afford to leave or who care too much about their homeland to leave remain in the country. Parts of the country have been without running water for months. The electric grid is unstable. Basic elements of the country’s infrastructure are failing.

Zimbabwe’s economic problems dwarf those problems in the United States. The US has had a 17 year high percentage of inflation: 5.6% This is certainly a problem, and one that has caused the economy to be a serious topic of the current presidential election. The economic concept of sound money (a monetary unit that is relatively stable and inflation-free) is crucial to any economy. However, it is important to remember that things could be much worse and we still have a pretty stable economy. If you find yourself tired of paying too much for gas or fed up with the election year political chatter, remember that there are probably quite a few things we may be taking for granted. Internet Privacy Values Survey

Posted on August 11th, 2008 in Computer Security, Education, Technology | No Comments »

I know many readers of this blog also follow, but I wanted to ensure that those who simply follow this one where aware that there is a research survey currently being conducted at I encourage everyone to participate as this is an excellent way to contribute to academic research and our understanding of online privacy concerns.

Cross posted from

ThePrivacyPlace.Org Privacy Survey is Underway!

Researchers at ThePrivacyPlace.Org are conducting an online survey about privacy policies and user values. The survey is supported by an NSF ITR grant (National Science Foundation Information Technology Research) and was first offered in 2002. We are offering the survey again in 2008 to reveal how user values have changed over the intervening years. The survey results will help organizations ensure their website privacy practices are aligned with current consumer values.

The URL is:

We need to attract several thousand respondents, and would be most appreciative if you would consider helping us get the word out about the survey, which takes about 5 to 10 minutes to complete. The results will be made available via our project website (

Prizes include $100 gift certificates sponsored by Intel Co. and IBM gifts.

On behalf of the research staff at ThePrivacyPlace.Org, thank you!