Blayne Sucks

Last week Bruce Schneier commented on a story about a prison that let an inmate convicted of credit card fraud reprogram a prison computer. Schneier believes this sort of thing should be an “obvious” no-no, and I agree. However, it isn’t obvious to a lot of intelligent and well-intentioned people. In fact there’s consistently been debate on whether or not criminals should be hired for computer security positions. There are people who fervently believe the myth that being an excellent criminal carries over into being an excellent law enforcement officer or security adviser.

Unfortunately, pop culture continues to prop this myth up with TV shows like the USA Network’s upcoming White Collar. The show is about an FBI agent who teams up with his nemesis-turned-good-guy to solve crimes that no one else could solve. Another TV series, called Dexter, which appears on Showtime, portrays a forensics expert who secretly murders the criminals he finds through his work. Both of these shows operate on the premise that experience committing crimes is useful in preventing them.

In reality, committing crimes and preventing crime are fundamentally different activities not because of the skill sets but because of the motivation and interests involved. In fact, the skill sets may be strikingly similar in a lot of ways. Some pirates are excellent sailors, some outlaws can shoot extremely well, and some hackers know a lot about computers. Don’t focus on asking whether the skill sets overlap. Instead, focus on questions like these: Are they dependable? Can they work well with other people in your particular work environment? How do you know they are actually interested in helping your organization? How do you know they are truly reformed?

After focusing on these questions, the truth comes to light: it is very rare that an excellent criminal history translates to an excellent crime-prevention future. There is a reason that police departments do a criminal background check before hiring someone. There is a reason that day care providers don’t hire convicted child molesters. There is a reason that banks don’t hire convicted felons to do security. Why wouldn’t the same rationale carry over to information or computer-based crimes?

Now, there are instances of convicts making amends and turning their lives around. Frank Abagnale is perhaps the most famous of these reformed con men. Hollywood capitalized on his story with the highly successful movie Catch Me If You Can. I know several people who have heard him speak at security conferences, and they have told me that he continues to apologize for his life of crime at the beginning of his talks, decades after they occurred. In fact, he may be a good model of how to lead a life of contrite contribution to law enforcement after being an extremely skilled criminal. He worked long and hard to earn the trust of banks and the FBI. He was initially paid only for positive results, and used the money he earned as a security consultant to pay back his debts.

Still, as a general rule, it should be obvious that hiring anyone convicted of computer fraud to do computer security work is a bad idea. Why take the risk? There are a lot of extraordinarily talented computer security experts who do not have the baggage of a criminal record. If you find, after searching for a non-felon, that you need the particular skills or expertise of a convicted computer fraudster, then don’t put them in a position of power. Don’t trust them without oversight. Don’t get caught up in the Hollywood story. The Frank Abagnales of the world are exceedingly rare; hiring a felon to do computer security almost never ends well.

This post is a part of The Great American Novel Challenge. If you’re interested in taking part in the challenge, feel free to jump right in next month.

My original list of books to read for the Great American Novel Challenge included Ernest Hemmingway‘s The Sun Also Rises, but I chose to read For Whom the Bell Tolls because The Sun Also Rises was published in 1926 and I’ve already read two novels from the 1920s. I’m quite lucky that I made that choice because For Whom the Bell Tolls is a fantastic novel.

In the interests of full disclosure, I must confess that I have not yet completed the novel, but I am very close and sure to finish it soon. I should also note that Allison and I did not collaborate in choosing what to read this month, but we did both read For Whom the Bell Tolls. You can read her review here.

Unfortunately, Allison posted her review before me and has stolen some of my thunder. She expertly points out that the title of the book explains a great deal about the themes in the book. I’ll take a moment to briefly expand on that here. The title comes from a John Donne‘s famous poem:

No man is an island, entire of itself; every man is a piece of the continent, a part of the main. If a clod be washed away by the sea, Europe is the less, as well as if a promontory were, as well as if a manor of thy friend’s or of thine own were: any man’s death diminishes me, because I am involved in mankind, and therefore never send to know for whom the bell tolls; it tolls for thee.

It is worth noting that these are just a few lines of the longer, complete poem which you can read here. In particular, I think the ending of the longer version is particularly relevant to the novel:

If by this consideration of another’s danger I take mine own into contemplation, and so secure myself, by making my recourse to my God, who is our only security.

As you may surmise from the title and the poem, Hemingway explores two main themes in this book: the interdependence of humanity and death. It is hard to imagine a writer better suited to the this task than Hemingway, a setting better suited to this task than the Spanish Civil War, or a time period better suited for the novel’s release than 1940. For Whom the Bell Tolls is about the Spanish Civil War, which was from 1936 to 1939. The Spanish Civil War, like many civil wars, mercilessly pitted siblings and families against one another. The scars of this are still visible today. It was fought between the Republicans, who favored a republican form of government, and the Nationalists, who favored a fascist dictatorship. As a result, the Spanish Civil War became a proxy war fought as a precursor to World War 2. The Republicans were supported by the International Brigades, which were basically a long list of anti-fascist countries, including the United States. The Nationalists, who were supported by Germany and Italy, won before the novel was published.

The protagonist of the novel is Robert Jordan, an American fighting for the Republicans. He is tasked with the extremely dangerous mission of destroying a bridge in enemy territory just prior to a Republican attack. Robert must enlist the help of several Republican-supporting locals, many of whom have lost loved ones and share their horrifying war experiences with Robert. He cannot complete the task on his own, but some of the locals are unwilling or unable to help him with the mission. Although Robert recognizes the danger of his mission, he still finds himself falling in love with one of the locals, Maria, who had been brutally raped earlier in the war.

The intended audience of this book must have included people who were struggling to understand the political and military happenings in Europe just prior to World War 2. Hemingway, who served as an ambulance driver in World War 1, was known as a part of the “Lost Generation,” a collection of writers disillusioned with “the war to end all wars.” His disillusionment with war is communicated through some truly gruesome scenes in For Whom the Bell Tolls. For example, in chapter 10, common villagers became brutal murderers in a way that eerily foreshadows scenes described in Ordinary Men, which described how ordinary Germans were able to commit atrocities in World War 2.

Hemingway straightforwardly (his simple, direct writing style was a nice change of pace from Faulkner) displays the stark costs of involvement in a “foreign” war. It is easy to lose sight of the fact that American involvement in World War 1 was not guaranteed because the United States previously maintained an isolationist view of foreign wars. But the U.S. did get involved. And it continued to get involved in foreign wars. These wars have defined modern America: World War 2, Korea, Vietnam, the Gulf war, Afghanistan, and Iraq. The world got a lot smaller in the 20th century. Indeed, it is more clear now than ever that no man is an island, but when is war a justifiable mechanism for preserving mankind? Perhaps we do have some moral responsibility as a nation, but we are still struggling with the cruel costs and exacting execution of “foreign” wars.

Four books (almost) down; nine to go!

My books in the challenge thus far are:
July 2009: The Great Gatsby by F. Scott Fitzgerald (1925)
August 2009: Uncle Tom’s Cabin by Harriet Beecher Stowe (1852)
September 2009: The Sound and the Fury by William Faulkner (1929)
October 2009: For Whom the Bell Tolls by Ernest Hemingway (1940)