01-18-2018 11:02:22 AM -0800
01-09-2018 01:54:15 PM -0800
12-22-2017 09:40:32 AM -0800
06-07-2017 12:17:49 PM -0700
05-09-2017 03:25:43 PM -0700
It looks like you've previously blocked notifications. If you'd like to receive them, please update your browser permissions.
Desktop Notifications are  | 
Get instant alerts on your desktop.
Turn on desktop notifications?
Remind me later.

Code review

Two contrasting reports have recently appeared in the news. The Washington Post describes how a British local government authorized itself to conduct comms checks, covert surveillance and an undercover operation to discover whether or not a mother had improperly filled out an elementary school enrolment form. They gave a mother the mafia treatment over what was essentially a primary school issue. Critics have drawn attention to its lack of proportionality, like a case of using a pile-driver to crack a nut. In the meantime retired General Wesley Clark argues that America has been taking the opposite approach: taking a pop-gun to a T-rex by deciding to treat grave threats to its information infrastructure as if they were trivial.  The story of the British local government's valiant detection efforts need to be told first.

Suspecting Ms. Paton of falsifying her address to get her daughter into the neighborhood school, local officials here began a covert surveillance operation. They obtained her telephone billing records. And for more than three weeks in 2008, an officer from the Poole education department secretly followed her, noting on a log the movements of the “female and three children” and the “target vehicle” (that would be Ms. Paton, her daughters and their car). It turned out that Ms. Paton had broken no rules. Her daughter was admitted to the school.

under a law enacted in 2000 to regulate surveillance powers, it is legal for localities to follow residents secretly. Local governments regularly use these surveillance powers — which they “self-authorize,” without oversight from judges or law enforcement officers — to investigate malfeasance like illegally dumping industrial waste, loan-sharking and falsely claiming welfare benefits.

But they also use them to investigate reports of noise pollution and people who do not clean up their dogs’ waste. Local governments use them to catch people who fail to recycle, people who put their trash out too early, people who sell fireworks without licenses, people whose dogs bark too loudly and people who illegally operate taxicabs.

“Does our privacy mean anything?” Ms. Paton said in an interview. “I haven’t had a drink for 20 years, but there is nothing that has brought me closer to drinking than this case.”

If Ms. Paton decides to drink she better make sure to recycle the whiskey bottle and dump it in the right bin.  Can't have serious crimes happening. But Wesley K. Clark and Peter L. Levin have the opposite fear: they think the US doesn't have enough capability to watch the watchers. Both argue that the US has been under sustained cyberattack for some years now and that the public has simply been lulled into a false sense of security because they haven't 'seen' the obvious signs of disaster: people running in the streets, buildings crashing down, etc. In Foreign Affairs they write:

Adversaries planning cyberattacks on the United States enjoy two other advantages. The first, and most dangerous, is Americans' false sense of security: the self-delusion that since nothing terrible has happened to the country's IT infrastructure, nothing will. Such thinking, and the fact that so few scientists are focused on the problem, undercuts the United States' ability to respond to this threat. Overcoming a complacent mentality will be as difficult a challenge as actually allocating the resources for genuine hardware assurance. Second, the passage of time will allow adversaries and cybercriminals to optimize the stealth and destructiveness of their weapons; the longer the U.S. government waits, the more devastating the eventual assault is likely to be.

The incident of the British schoolgirl highlights the growing importance and centralization of government control over every aspect of a country's internal affairs. The Clark-Levin paper by contrast, describes the increasing scarcity of resources necessary to protect this burgeoning apparatus from malicious intrusion. The two are related in this way: the Western lead in information technology has fueled a boom in automated systems. It's growing like the Blob; governments and corporations are addicted to it. But as it grows, its guardians are looking the wrong way for threats. Indeed, they are so invested in adding features that they've simply given up doing any code review. It's easier to simply pretend the electronic music will never stop. Not that foreign hands haven't been groping for the off button. Clark and Levin write:

In 2007, there were almost 44,000 reported incidents of malicious cyberactivity -- one-third more than the previous year and more than ten times as many as in 2001. Every day, millions of automated scans originating from foreign sources search U.S. computers for unprotected communications ports -- the built-in channels found in even the most inexpensive personal computers. For electronically advanced adversaries, the United States' information technology (IT) infrastructure is an easy target.

But the growth has reached the point where no top-down security spec can fix things any more. The IT system has become so complex it is impossible to write a blanket prescription to solve its ills. Clark and Levin argue that the only way forward lies in turning this vulnerability into a strength; that in fact America's principal defense now lies in emulating a rain forest; its best chance relies on diversity, creativity and innovation. Like an ecosystem consisting of millions of distinct organisms, it can simply become too resilient and too inscrutable to kill. But they're making the free market argument in a world in which markets have been described as sinful, greedy institutions. Clark and Levin note that US policymakers, ever confident in their own wisdom, are mandating standards which may like the Pearl Harbor commanders on the eve of the attack, leading to parking all airplanes in the center of the runway to prevent sabotage.

The U.S. government must begin by diversifying the country's digital infrastructure; in the virtual world, just as in a natural habitat, a diversity of species offers the best chance for an ecosystem's survival in the event of an outside invasion. In the early years of the Internet, practically all institutions mandated an electronically monocultural forest of computers, storage devices, and networks in order to keep maintenance costs down. The resulting predominance of two or three operating systems and just a few basic hardware architectures has left the United States' electronic infrastructure vulnerable. As a result, simple viruses injected into the network with specific targets -- such as an apparently normal and well-trusted Web site that has actually been infiltrated -- have caused billions of dollars in lost productivity and economic activity.

Recently, national intelligence authorities mandated a reduction in the number of government Internet access points in order to better control and monitor them. This sounds attractive in principle. The problem, of course, is that bundling the channels in order to better inspect them limits the range of possible responses to future crises and therefore increases the likelihood of a catastrophic breakdown. Such "stiff" systems are not resilient because they are not diverse. By contrast, the core design principle of any multifaceted system is that diversity fortifies defenses. By imposing homogeneity onto the United States' computing infrastructure, generations of public- and private-sector systems operators have -- in an attempt to keep costs down and increase control -- exposed the country to a potential catastrophe. Rethinking Washington's approach to cybersecurity will require rebalancing fixed systems with dynamic, responsive infrastructure.

The next thing government has to do apart from not parking the airplanes in one place, Clark and Levin say, is bring the really sensitive parts of the system into the rainforest, and back from China. It's a decision fraught with political danger. They write: "In addition to building diverse, resilient IT infrastructure, it is crucial to secure the supply chain for hardware. This is a politically delicate issue that pits pro-trade politicians against national security hawks. Since most of the billions of chips that comprise the global information infrastructure are produced in unsecured facilities outside the United States, national security authorities are especially sensitive about the possibility of sabotage."

It bears mentining that the changing conception of government has national security implications. Government cannot continue to become responsible for ever increasing swaths of daily life without increasing the risk of systemic failure. Where once the default role of government was to be absent unless required by compelling public interest, many now believe it is government's duty to be present whenever we might conceivably need it. From the prevention of obesity to the enforcement of puppy poop regulations to ensuring little girls file the right school forms, the government should be there "to help you". The reasons given vary: it is "for the children"; it is about 'caring' and above all, it is for your own good. What doesn't vary is the monotonically increasing centralization of risk in the goverment.

Where once you could do things for yourself, today it "takes a village". Where once we had a diversified portfolio of outcomes today we have systems which are "too big to fail".  The modern village needs an increasing amount of IT to minister to its population requiring an increasing amount of money to carry out its caring. That increasing governance necessarily leaves less time to take foreign threats seriously and less money to watch an ever growing surveillance infrastructure. Like a giant prehistoric beast struggling to pump blood to its ever distending extremities, the state grows and grows until it literally can't see under its belly. To its already vast responsibilities will soon be added the need to monitor health care on a national vast scale, administer the stimulus package and manage your carbon footprint. If that enemy EMP bomb ever goes off over New York city, there'll be a hell of a lot of puppy poop the village will lose track of the next day.

But never fear. There's a bureaucratic solution to every known bureaucratic problem. As Clark and Levin tell us, new standards will be crafted to create standard defenses -- and standard vulnerabilities. It might work, but then again, it might not.

Tip Jar or Subscribe for $5