Blayne Sucks

I just ran across a post on Concurring Opinions that rocked me back in my seat. The full text of two of Dan Solove’s most popular books are now available online for free. The Digital Person and The Future of Reputation are both fantastic books. I have been meaning to reread them and get a review posted here, but one thing leads to another and this semester has become rather backlogged. However, in lieu of writing a short review that doesn’t do justice to either of these books, I will simply give them a heartfelt recommendation. Perhaps with the end of the semester rapidly approaching, I’ll be able to get a review of them up soon. In the meantime, I hope you’ll take a peek!

I previously posted my thoughts on Lawrence Lessig’s possible run for an open seat in the House of Representatives. Since that time, he has decided not to run. For those who support him and his ideas, this is actually probably the better decision in the short run. In truth, Jackie Speier probably agrees with Lessig (and vice versa) on many issues. The 12th district in California would almost certainly be electing someone that held those views. Congressman Lantos serves as some proof of that. Thus, in net, the “standard” positions would not really change all that much if Lessig were to win a seat in Congress.

However, Lessig’s time and focus would change. People of all stripes seem to agree that the only way that Congress will change is through a grassroots movement. The question is how do you start such a movement? I think people like Lessig are the answer. He (obviously) has a huge voice, and I’m not sure that getting elected to Congress would appreciably improve that voice in terms of his ability to empower a grassroots movement. He would certainly have a bigger stage, but he would also have different core responsibilities. He would have to focus on the needs of the people in his district, instead of being able to focus completely on educating people about Congress, including why change is needed and how to cause that change.

I certainly would like to see some real change in the current political process at virtually all levels. In particular, I think new ideas and new approaches are needed. Lessig has certainly been open and receptive to many of those things in the past and I would love to see him eventually get elected. Time magazine’s cover story this week is about experience and its effect on politicians. Though the article makes some great points (such as the trend that second terms in Office are usually less effective than first terms), I actually thought the follow up article on the “science” of experience was better.

There is something that I have found to be true, which isn’t mentioned in either article: creativity and experience tend to oppose one another. Perhaps this is why Lessig has been so open and receptive to new ideas. Why isn’t experience viewed as a lack of creativity? Why are people asking if Obama is experienced enough to be an effective President rather than asking if Clinton is creative enough to be an effective President? Another part of this debate that seems muffled to me is the fact that our government has a system of built-in checks and balances that should limit mistakes due to inexperience.

George Will mentioned on This Week with George Stephanopolous that Lincoln was preceded by Buchanan and succeeded by Andrew Johnson, who are generally considered to be two of the worst Presidents in history. He also pointed out that Buchanan and Johnson were two of the most experienced politicians ever to become President while Lincoln was one of the least experienced politicians. Although Will didn’t mention this in his debate, Lincoln’s entire Presidency is defined by his successes in winning the Civil War, despite having zero background in warfare. He actually ended up checking out books on military strategy from the Library of Congress to figure out how to pull the whole thing off.

Anyhow, I said that I though his decision was good in the short run, but I think it does raise a long term problem: how do you espouse change in Congress effectively while also refusing to run for it? I’m not sure how he will be able to avoid answering this question as time moves progresses. I suppose we’ll see in time.

Allison passed me a link to a video about the comparisons between Barack Obama’s campaign for President of the United States and the fictional Santos Campaign on the TV show The West Wing via email today. I have mentioned that I’m a fan of The West Wing before. I didn’t necessarily agree with the politics in the show. In fact, sometimes I strongly disagreed with them. However, the show portrayed politicians of every stripe as people who earnestly want to improve the world in which they live. Sure, they talked about the seedy side of politics from time to time, but on the whole the picture was one of politicians actively caring about the people. The American people yearn for that. This Slate V video is just another example of (in part) why Barack Obama has been so successful.

Although Ed Felten has recently gotten tons of press about his research group’s recent analysis of breaking hard drive encryption, I wanted to talk about some research that he’s done previously on electronic voting for several reasons. First, I mentioned voting in my last post. Second, I have blogged about electronic voting here before that. Third, it is an election year and seems pertinent. Fourth, I am still trying to catch up on some blogs that I follow and recently was able to watch Ed Felten’s presentation in the CERIAS Security Seminar series.

If you are unfamiliar with Ed Felten, I would like to provide some background. He’s a computer security researcher with extensive experience in authentication, secure Java programming, and digital rights management. He has recently also become a leader in analyzing security concerns relating to electronic voting. He is a fellow of the ACM and an EFF Pioneer Award winner. He is the author of a popular technology and public policy blog called Freedom to Tinker. He is also an excellent presenter.

His presentation for the CERIAS seminar is extremely good. I think it is probably accessible for those who are not well-versed in computer security terminology. Certainly, most of the talk is non-technical in nature. I strongly urge anyone reading this who has wondered just what the big deal surrounding electronic voting is all about to at least watch the first half of the presentation. It is an excellent introduction into the amazingly insecure fashion by which elections are held in America.

He talks about the history of electronic voting, some of the legislation that may affect electronic voting, the goal of verifying an election and how their research group has approached the problem. I’m not entirely sure that the importance of the problems can really come through in a sterile environment such as an academic presentation, but he certainly does a great job of motivating these problems on his blog. For example, the pictures on his blog he takes of unattended voting machines prior to election day. Of course, like any true academic, he provides references to their work so that you know where to look for more information if you are interested.

At the end of the talk he is asked a question about possible cryptographic methods that would allow a voter to obtain a receipt that they could later verify on a government website. I’m not entirely sure I like his answer. He says something like (Yes, I’m paraphrasing.), “There are attempts, but they aren’t ready for primetime.” This is a huge caveat and it almost seems to imply that the crypto isn’t quite there yet. Usually, it’s the humans that aren’t ready for the crypto. In this case there are some pretty interesting cryptographic schemes, and they lack the same thing most other cryptographic schemes lack: an easy-to-understand user interface. I’m sure Dr. Felten knows this and was just providing a concise answer, but if you are interested in more, I would read Dr. Rivest’s paper on Three Ballot Voting as a great place to start.

Lawrence Lessig, perhaps best known for his creation of Creative Commons licensing, is considering a run for Congress. His possible campaign website, and the somewhat related change congress website, talk about the kind of change that Congress needs. While the talk is good, I am not sure it’s anything new. People have known for many, many years that it’s probably not a good idea for congressmen to be accepting campaign donations from the industries they regulate, but that certainly hasn’t been the impetus needed for change.

There’s a part of me that wants to believe that Lessig could bring about this kind of change. I have to admit that I like a lot of his ideas. The Creative Commons licensing concept is an excellent example of the kind of thinking that I think we need in America. It is new, different and consumer friendly. I love the fact that he was willing to create a book through the use of a wiki and consider feedback from interested parties. So many politicians appear so disconnected from the people that elect them, but as the Draft Lessig movement shows, he has a lot of real people supporting him.

I’m not sure what to think. I don’t live in California, let alone in his district, but I do think I would vote for him if only to see what happens. It’s not that I’m not skeptical. Lessig is a former Harvard Law Professor and current Stanford Law Professor – those aren’t exactly “new and different” institutions which would bring sweeping change to Capital Hill. Plus, the sheer numbers of people that have tried to change congress and failed are staggering.

Another aspect about him that I think is rather interesting is his background in writing actual constitutions for former Soviet Republics. Very few politicians have actually written constitutions that were meant to really be used. It sort of reminds me of the saying that was written on Richard Feynman’s chalkboard at the time of his death:

What I cannot create, I do not understand.

I’m not sure politicians who haven’t tried to create a constitution for real people can understand what democracy is all about. Democracy is more than a piece of paper can ever really be. It is a culture. It is a mindset. It is a way of life. It is fragile. It is in danger. After the problems with the 2000 Presidential election, you would think that it would have been the number one priority to improve voting accuracy. After all, Congress should have significant motivation to make sure that elections are fair, right? Amazingly, here we are in 2008 and we are still working on a solution. There is obviously something wrong. Something that needs to change.

Change is a tall order though, particularly in Washington, which is a city where change goes to die. But there is something Obama-like about Lessig, an Obama supporter himself. If there is hope for change in Congress, perhaps people like Lawrence Lessig are the folks to do it.

Fox News is reporting that some lost documents and artifacts relating to the assassination of JFK were found in a Dallas courthouse. As someone who has been fascinated with the JFK assassination for years, this is obviously interesting news for a variety of reasons.

My first reaction was the sort of comic imbalance of the stark reality that an object possesses compared to its potential importance. Baseballs in the baseball Hall of Fame don’t really look all that different from some old baseball you have in your closet for 20 years, and yet people would pay millions of dollars for them on the open market. Moon rocks look pretty much like earth rocks, except that you have to actually physically travel to the moon and back to show them to all your friends and relatives. In the history of all kitchen knives that have been used as weapons there was a point when someone bought it at a store and used it to prepare food that they later ate. I’m sure the brown leather gun holster they found doesn’t look any different than that description would imply, except that at one point it was holding a gun that was used to kill Lee Harvey Oswald live on national TV.

However, the documents that were discovered are even more interesting to me. After everything that I’ve read about the assassination, I think the most compelling conspiracy theory has to be the mob theory, which these documents would seem to support. It’s compelling for many reasons. One of the main reasons I find it compelling is that the first rule in assassinating someone is always kill the assassins. This is the essence of a dead end. Police can’t interview their main suspect when he’s dead. Without being able to ask detailed questions to suspects it’s difficult to uncover what really happened.

The mob has understood this very well and has a long and documented history of killing anyone who had any chance of telling the police anything. (Plus, as is mentioned in the article, the mob had serious motivation to kill JFK.) In Oswald’s case, it’s even more interesting because he claimed to have been setup prior to his death. This puts investigators in the unenviable position of trying to prove a negative – that he murdered alleged assassin *didn’t* actually do the assassination. If Oswald was framed and the framing was done at all decently, proving he didn’t really do anything without being able to ask him questions about everything leading up to the assassination can be extremely difficult.

Perhaps it would be easier to think of it using the analogy to the controversy surrounding baseball. Roger Clemens claims to have not used HGH or whatever. How can he prove that he didn’t? There’s no evidence either way that would be unimpeachable. Without irrefutable proof that a particular event actually happened in a particular way, it can be extraordinarily difficult to prove that the event in question didn’t happen another way. (BTW: This is not my first post on the JFK assassination that involved Roger Clements. This is. )

This is in part because of the way the question is phrased. Thomas Pynchon once said,

If they can get you asking the wrong questions, they don’t have to worry about the answers.

This is most apparent in conspiracy theories. A conspiracy nut will ask you to prove that it didn’t happen any of a million different ways. Many of these may require a cogent argument to prove, but they are the wrong questions to ask. However, that is the wrong question to be asked. What should be asked is “How can you prove that Oswald acted alone killed JFK?” If this can be formed into a rational argument, then that would be the only argument that matters.

The difference is subtle. On the surface you might think that proving Oswald did something alone would be equivalent to proving that everyone else didn’t do it. In mathematics, proofs actually can work like that, but real life is different in that humans are imperfect by nature and therefore a certain level of uncertainty exists in everything we do. Uncertainty can either work in favor of an argument or against it. Conspiracy theorists force people to try and eliminate every possible uncertainty, which uses uncertainty as a weapon against an argument. However, if you accept that every argument is going to have an element of uncertainty and present your rationale supporting the theory of Oswald acting alone as the most certain of the arguments, then you are using the uncertainty of everything else to support your argument.

Anyhow, I suppose I’m no longer really commenting on the article and more accurately rambling like a true blogger. I’ll stop now and spare you, the reader, from further blather.

One of the most highly charged pieces of legislation that has been passed by Congress in recent years is the Protect America Act. Probably the only good thing about it is the sunset provision that ensures it will expire in its current form unless Congress acts to renew it or make it permanent. That debate will be soon; the act was extended yesterday for another 15 days.

I haven’t commented about this much because there’s been quite a bit of coverage of it in the mainstream media. If you have somehow managed to avoid that coverage, and landed on this blog (Hi Mom!) the 15-second summary of the Protect America Act is that it allows the NSA to skip the established process of getting a warrant to wiretap communications by using an entirely internal process of reviewing the need for the wiretap. The White House wants this legislation because they believe the current process of obtaining a warrant is too slow for present needs.

Furthermore, there will be debate on a second major initiative of the White House: retroactive immunity for the companies involved in recently allowing illegal wiretaps. The 15-second summary of this situation is that an AT&T employee blew the whistle on a secret room that was setup to see all the data sent over the Internet for AT&T and several other companies. There is a class-action lawsuit against the companies and the Bush administration would like to get them off the hook by making their actions legal after the fact.

If you would like a quick overview of the situation as of November to catch yourself up on what might be on the news in the next two weeks, check out this YouTube video:

There are many places to go for more information on these issues. The Center for Democracy and Technology has an excellent guide on the amendments. EPIC spotlights surveillance issues here. The EFF has more information on warrantless surveillance here.

However, the best resource and the primary reason I chose to make a blog post about this topic is the paper entitled “Risking Communications Security: Potential Hazards of the Protect America Act” by Steven Bellovin, Matt Blaze, Whitfield Diffie, Susan Landau, Peter Neumann, Jennifer Rexford that will appear in the Jan/Feb issue of IEEE Security and Privacy Magazine. If you only read one article linked from this post, the Risking Communications paper is the one to pick. Matt Blaze has a post about their article, as does Steven Bellovin.

A few months ago, I made a few predictions about the CNN – YouTube Democratic Debate. This past week saw the CNN – YouTube Republican Debate actually come to pass. I have to say that I was disappointed. One of the predictions I made was that there would be 30,000 videos submitted. I was way, way off. There were about 5,000 videos submitted. This was in spite of the fact that the debate was delayed as the Republican candidates couldn’t all get on the same page about when to have the debate.

I also commented that I felt in the Democratic debate that the format hearkened to Al Gore’s book The Assault on Reason in that it was an example of how the Internet can restore democracy in America. I’m not sure I feel quite so strongly about it now. They did have two thirds again as many videos submitted, so the format was obviously popular and growing in popularity. However, since the folks at CNN were picking the videos to use, there’s still a lot of corporate influence on the actual content used. I think it’s a step in the right direction, but certainly not as big of one as I felt it was after the first debate.

As for the actual debate, I was again disappointed. I wanted to see a question about healthcare, but there wasn’t one. I wanted to see a question about public education, but the only education question was about college tuition. I wanted to see the questions make a distinction between themselves and George W. Bush, but there really wasn’t a whole lot of that either. The best question in my opinion was about the national debt:

Unfortunately, later in the debate there was a very similar question about repaying Social Security. I thought that one of these questions should really have been replaced with something else – healthcare, the environment, electronic voting, privacy, whatever. There were a lot of things that weren’t covered.

I still like the idea of the debates. The format is he best one we have these days (though it doesn’t replace actively researching a candidate’s positions yourself…). However, we could make a few changes that would improve it. I would introduce a voting system that would allow people to vote on a few questions to make sure they were included. I would also try to eliminate questions that are only answered by one candidate. I think the kinds of things that should be asked are the kinds of things that require debate, not the kinds of things that can be handled in an interview.

I have been meaning to post my thoughts on the book Inequality.com: Money, Power and the Digital Divide by David Stevens and Kieron O’Hara for a while now. Despite the hokey name, the book is rather thought provoking. Essentially it is an attempt to discuss the social and political impact of information communications technology from top to bottom. It delves deeply into democracy, equality, privacy and several related topics.

One area where the book truly shines is in showing just how much societal change has resulted from technology has been in the last 30 years or so. Understanding the way people did things 30 years ago versus how they are done now is incredibly difficult even for adults who have lived through all the changes. So many things have become tacitly accepted as common place now that were revolutionary when they were first introduced that the scope of the change is hard to understand, but the book does an excellent job explaining everything from the death of all things ephemeral to the applications of Coase’s Theorem.

The book also discusses in great detail some of the various ways that technology could affect democracy. At times it mentioned with urgency many of the same themes mentioned in Avi Rubin’s Brave New Ballot. It also highlighted many of the ways that the problems usually blamed on technology are in some ways simply intrinsic problems that must continually be fought as a part of civic responsibility in any democracy.

Lastly, the book talks about privacy issues. The authors form a convincing argument that knowledge is power and that bureaucracies naturally crave both. They discuss why it is important for citizens of a democracy to maintain a level of privacy where they can discuss new ideas without fear of being monitored. Essentially, they are claiming that the Hawthorne effect not only applies to democratic discussions, but that it irrevocably alters them. (If you are a scientist, think of this as a sort of Heisenberg uncertainty principle as applied to the democratic process.) The authors also show how privacy in many ways is really a modern invention using the argument that it wasn’t long ago that everyone lived in villages where rampant rumor mills ensured everyone knew everything about those whom they lived with.

All in all, I highly recommend the book to anyone interested in any of these concepts.

Slashdot recently reported on an ArsTechnica article on the death of RealID. There are several things to take from this.

First, RealID is horrible from a privacy and liberty standpoint. This is well-known to anyone who actively concerns themselves with these sorts of issues. It is essentially a national ID card. Depending on how much of a privacy nut you are this seriousness of this could range from a simple invasion of your privacy to something straight out of 1984 or the Book of Revelation. I’m not sure I would take it to that extreme, but I do think the concept of a national ID card is a non-trivial invasion of privacy.

Second, RealID isn’t ecnonomical. The exact details of the security tradeoffs show that RealID is an extremely expensive trade-off. This is very important and subtly hard to understand. Instinct tells us that being able to identify everyone should allow us to determine those people who pose a threat and those who don’t. Unfortunately, reality doesn’t work like that if for no other reason than the simple fact that past behavior doesn’t always accurately predict future actions. Of course, there are many other reasons stated in the link above.

(BTW, This is really the only reason that RealID is dying. It was a massive unfunded mandate for the State governments. If it had been a pork barrel project with horrible security consequences but a nice paycheck for the State governments, then we might have a different story.)

Third, RealID may actually worsen national security. A single national database with the personal information of every citizen in the US is a juicy target for a lot of people with bad intentions. It is the ultimate honeypot, only using real data as opposed to fake data. A single process by which identification can be done is a monoculture with similar problems. I think the easiest analogy for people to understand is that throwing your support behind RealID as the identification card for any American is like putting your entire investment portfolio in one business. It’s just a lot safer to not have all your eggs in one basket.

So if RealID is so bad and it’s also “dying” why have I titled this post “The Non-Death of RealID”? Simply put, this sort of problem is like a bad penny. It keeps coming back because human instincts make it sound good. It keeps coming back because it affects personal liberty, which must always be defended. Security and Liberty aren’t things that you do once and forget about so the threats to these never really die.