The Pebble and the Avalanche

US Cyber Command

I personally find any product or service to be less believable when the prefix "cyber" is applied; as someone who works in high technology, to me the term smacks of decades-old terminology and attitudes, used by ignorant marketing executives who are ignorant of technology but desparately want to sound modern and up to date. The US "Cyber Command" falls into the category of distrusted services.

I've just seen this thoroughly unbelievable assertion in the Wall Street Journal:

Intelligence officials have met with utilities' CEOs and those discussions convinced them of the gravity of the threat against U.S. infrastructure, an industry specialist said, but the CEOs concluded they needed better threat information and guidance on what to do in the event of a major cyber attack.

Frankly, I find it very hard indeed to believe — given the Obama Administration's blundering, dithering, and outright obstructionism in the Gulf oil spill — that any CEO would look to this administration, or any other government agency, for instructions on how to respond to a security attack. That is, of course, unless the authorities require them to do so...

Topics:  · government · industry · security

Link to this story · Leave comment or trackback

Greek Bailout

The slow collapse of Greece's economy continues: despite a promised bailout, creditors are reluctant to trust Greece. As Mark Steyn puts it, Greece has decided that many citizens will begin work at age 25 and retire at age 50. This works until you've consumed all your capital resources, and then the bill comes due.

I've seen two broad approaches to this crisis. Evans=Pritchard believes that the European Monetary Union &mash; which, to paraphrase him, this crisis demonstrates is not really a union but merely a currency price-fixing scheme — should step in to rescue Greece and others to prevent contigation. The Wall Street Journal, as always, believes strongly in bankruptcy to avoid moral hazard.

I'll go for the disaggregated solution: let Greece go bankrupt. Not only will this prevent problems for other currencies, but it's probably the only way to reform Greece's finances. At this point Greece can opt for capitalism or even more extreme socialism — and if the people do opt for deeper socialism, their situation is hopeless regardless and there's no point in spending any money on them.

Topics:  · finance · government

Link to this story · Leave comment or trackback

On the European Financial Crisis

The most interesting blog to read on the European financial crisis is by Ambrose Evans-Pritchard; his writing is so succinct and to the point that I have to read each word carefully.

The financial crisis interests me a great deal. Clearly, the economies of nations are no longer disaggregated one from the other, and a problem in one country can spread across the world. I wonder if they can be disaggregated, and if so, how that can be achieved while retaining the benefits of free trade.

Topics:  · finance · government

Link to this story · Leave comment or trackback

Greek Banking Crisis

The Greek banking crisis continues to spread to other members of the European Monetary Union. The Euro continues to drop, and other countries in the EMU with wild spending habits have seen their creditworthiness reevaluated.

A single currency can be considered as running counter to the principles of disaggregation, or considered as a standard. That is, like nuts and bolts, the currency inter-operates among states — a laudable goal and frankly quite a boost to inter-European commerce. The problem comes when countries ignore the standards for the currency: Greece and other EMU countries engaged in wildly prolific expenditures. When a manufacturing firm ignores the standards for nuts and bolts, their products don't work. But when someone ignores currency standards as part of a larger system, it's like a nurse in a hospital ignoring rules about sanitation: the contigation spreads everywhere regardless of the actions of others.

The only question now is how bad the Euro will crash. And whether the US will learn any lessons from this about Obamaspend.

Topics:  · finance · government

Link to this story · Leave comment or trackback

Seize the Network

Two US Senators outline plans for "cyberwar" security. I admit that the term "cyberwar" is so hokey that it makes me cringe every time I type it.

If you think their plan sounds reasonable, think about just how much government the Senators' plan implies. Innovation on the Internet comes when people are free to improvise and extend Internet services at will. Now imagine a world when a new service, such as Twitter, must pass government review before it can operate — so that the service can be audited for security risks. Now imagine what blog and newspaper web sites would have said about the security risks of potential-competitor Twitter, or what AT&T would have said about Skype's voice services. The Senators' plan will bring innovation and competition on the Internet to a screeching halt. (This topic is covered in my book, where I discuss the triumph of the upstart Internet over its heavily-supported but licensed and regulated rival, the X.25 network.)

Reading between the lines of the Senators' essay I see plans to license and regulate every corporate (and perhaps even private) connection to the Internet in the name of security; after all, a single insecure connection can be an entry point for "cyberterrorists" who will wage "cyberattacks" in a "cyberwar" against our "cyberdefenses" (cringe). The plan will also inevitably lead to vast new regulatory powers over Internet Service Providers (ISPs). Expect to see government-mandated licensing requirements for network engineers — after all, who but a licensed engineer can touch a connection that will be "audited" by some other regulatory body? I see hints of definitive mandates to require ISPs to somehow stop file sharing ("intellectual property rights"). And, and surely as water flows downhill, I expect additional taxes on Internet connections to support all this bureaucracy.

I have to wonder just how much traction this plan has: every lawyer, lobbyist, regulator, auditor, and certification-granting agency has a vested interest in the bill. The innovators and start-ups, who are vulnerable, simply do not have as much money.

Topics:  · government · security

Link to this story · Leave comment or trackback

I Really Don't Think This Nigeria Story is Funny

Several years ago we had visitors at my house for Sabbath lunch; a man was here in the US with his family, and he was an outstanding gentleman whose company and family I enjoyed. He was here in the US to learn new skills, which he eventually took back to Nigeria to improve the health and general welfare of his fellow citizens.

Compare and contrast this with the recent story of how Nigeria's telecom business was almost sold to apparent scammers. Here's the description of the winning bidder (which by the way appears word-for-word in the Wall Street Journal print edition):

The company's listed location in Abuja, Nigeria's capital, is a one-room office in a dilapidated building. A secretary who answered the door said Minerva employees rarely make appearances in the office, and that the only Minerva employee in the country was a man the secretary knew simply as "Chief."

I realize it's easy to laugh at this, especially after suffering through years of spam (and actual physical mail) sent from Nigerian con artists. But when I think of someone who uprooted himself and his family, and worked so hard to improve life in Nigeria, suddenly it's not funny any longer.

Topics:  · government

Link to this story · Leave comment or trackback

Health Care and Unintended Consequences

TechCruch writes about the unintended consequences of industrial policy — how they've introduced financial instability in the past decade or more.

Given that Obamacare will aggregate one-sixth of the US economy under his control, I have to wonder what the boom/bust cycles to anticipate. My guess will be that in addition to some mild financial cycles (the trend will be relentlessly downward for the private sector taxes will spiral), we'll see industrial cycles: in hospital patient capacity, number of health care workers, drug availability, and even in healthcare studies enrollment.

Topics:  · government

Link to this story · Leave comment or trackback

Proper Answers to Census Questions

Yesterday I received a letter from the Census Bureau that informed me of next week's arrival of the census form. I always fill it out the same way: I give the government all the information to which the government is entitled, namely a count of the individuals living in my home. The rest of the information, including their names and ages, is none of the government's business.

This year the census form includes questions about race, as it always does — there's quite a few this time around, and I'm always bemused by the arcane process that selects the ethnicity to measure. But I do wonder: how does government-mandated disaggregation into racial groups affect governance and society? While it's very easy indeed to come up with negative consequences, I draw a complete blank when I try to think of an instance when officially-mandated racial disaggregation resulted a positive innovation.

Topics:  · government · society

Link to this story · Leave comment or trackback

Assassination In Dubai

My friend Bruce Schneier asked me to chime in on the question of the assassination of Mahmoud al-Mabhouh, a Hamas terrorist, in Dubai. I started writing this on that day; put it aside for long while; and while the information is just as relevant, I think that I'll just give up and post what I've written so far.

One of the most important things to do when you read a police report or press release is to keep an open mind, and this adage applies double in the politically-charged atmosphere of the Middle East. I have a long list of basic questions about the assassination; I'll post a few here as samples.

Was there an assassination?

The Dubai police claim that Mahmoud al-Mabhouh died of asphyxiation, and the coroner noted that this determination was the "hardest of his career" and took ten days to discover. Asphyxiation generally leaves quite noticeable forensic evidence, which make me wonder not only why it took so long to discover that this was an assassination and not natural causes, but also whether or not it was an assassination at all.

Some people may recall that when Yassir Arafat finally died, of a disease that seems to have been HIV/AIDS, a good portion of the Arab press claimed that the Israelis had poisoned him. The Dubai press doesn't seem to suffer from this sort of problem, but it's a question worth keep in mind.

I'll proceed through the rest of this post on the assumption that Mahmoud al-Mabhouh actually did die of asphyxiation by person or persons unknown. Furthermore, since Mahmoud al-Mabhouh was a terrorist, I will use the words "assassination" or "execution" to describe this presumed extra-legal death.

Did a Team Do This?

A quick glance at the video released by the Dubai police shows a group of travelers; I haven't made the time to look at the entire thing. Without the narrative the Dubai Media Office supplied ("teams," "sophisticated communication devices"),for the most part we have nothing but boring video of ordinary travelers, to the point that I don't have the patience to sit through all the video that's been released.

For the remainder of this essay I'll assume, arguendo, that the Dubai police have constructed but not released to the public more convincing evidence.

How Much Did This Cost?

The Dubai police orginally claimed that 17 persons participated in this operation and they keep adding more people to the roster of suspects every day. Round-trip airfares are about $600 per person between Austria and Dubai; figure that each person took another 2 round-trip tickets to cover their costs. The hotel costs are about $150 per night, per diem costs to maintain a cover as a tourist are perhaps up to $200 per day.

The "retail" cost of a blank, stolen British passport is about $3,500 (American passports are worth less, Canadian passports more).

Total out of pocket costs for the "observable" part of the operation are therefore in the range of $300,000. Of course the actual costs (especially if it was a government operation) were many times that amount, but the scope of the operation is well within the reach of anyone with a lot of money and a grudge.

What Kind of People Did This?

According to Dubai police, a team of seventeen thirty-odd people carried out the assassination. That's a lot of people, which tells us something about who they are: they are either government employees, a terrorist organization, or members of a religious group.

They are not mercenaries. Perhaps I'm naive, but I don't believe you can hire such large gangs of well-trained operatives; there simply isn't enough call for such work to keep a gang this size in business. (Of course you can hire gangs this size for small-scale warfare, but not for assassination.) Of course you can hire freelance mercenaries and assemble them into your own team, but that runs into issues of trust.

In an operation this size, any participant faces several security risks from the police. He may be caught, of course; one of his colleagues may be caught and induced to talk; the people running the operation may captured, sloppy, or otherwise compromised and again induced to talk. In turn, this implies that the operatives must have a high degree of trust in each other, which argues against a team this size as a group of mercenaries hired at random. Worse, random mercenaries or even members of a mercenary group will likely find themselves, one day after capture on a different operation, confronting a police officer and in a position to bargain for their freedom by discussing an old operation...

The size of this team argues that the team consisted of government agents, who have patriotic cohesion and the substantial resources of a government to help them; or they are terrorists, who share an ideology and have resources to enforce discipline and perhaps free captured operatives; or they are coreligionists who share a devotion to a cause and some sort of structure to intercede to support captured operatives.

Who Ordered This Operation?

At first the Dubai government refrained from speculating who commited this assassination, which made me respect their professionalism, but apparently that's gone by the wayside. Be that as it may, who would commit this assassination?

As a Middle East terrorist, al-Mabhouh had many enemies:

• Israel. al-Mabhouh not only committed terrorist attacks in the past; he actively supported the Hamas terrorist organization's infrastructure in Gaza. I have to admit that his public profile does not seem to support a high-cost Israeli attack against al-Mabhouh now — why would the Israelis assassinate someone like al-Mabhouh now? If he is just a middleman for Iranian missle supplies to Gaza, that means he's just another middle manager who can be replaced.

  Aruging against the Israelis is that six of the forged passports used the names of Israeli citizens. There's no reason for Israel to do this, and implicating your own citizens (however briefly) smacks of desparation. Was the operation really so slapdash? Was the selection of Israeli citizens a message? See the next paragraph for further discussion.

  Some of the alleged assassins exited Dubai via Iran, but that does not indicate these were not Israelis. It just indicates that, if these were Israelis, they were confident of their ability to transit Iran on their passports.

• Fatah. In case you've forgotten, Hamas and Fatah fought a pitched battle for control of Gaza, and Fatah lost. Fatah controls the West Bank, Hamaz controls Gaza, and the only thing preventing a full-scale civil war between the two is the physical separation proivded by Israel and Israeli interdiction of heavy weaponry. I also suspect that Fatah's long-term civic corruption has reached the level that interferes with their abiilty to mount attacks.

  Again, it isn't clear why Fatah would move at this time against al-Mabhouh.

  The use of Israeli identies in the forged passports argues in favor of a Fatah operation. Fatah and criminal gangs operate in Israel, carrying off anything isn't nailed down, including cars. I find it easy enough to believe that Fatah could "steal" identities of Israeli citizens.

• Anti-Iranian Regimes and Groups. Hamas is Iran's proxy in Gaza, and Iran continues to pressure the Arab world to accept Iran's hegemony. Lebanon is of course the most extreme case, with Iranian troops supporting the Hezbollah terrorist organization. Any Middle East regime, from Saudi Arabia to Pakistan, has a vested interest in the destruction of Iran's proxies.
• France has a continuing interest in Lebanon, and may have found a reason to assassinate a Hamas operative with ties to Iran, given Iran's malignant presence in Lebanon.
• If al-Mabhouh was actively involved in some more high-profile but not publically known activity, related to (for example) smuggling weapons of mass destruction to use against European targets, any European country would be a possible sponsor. This might be far-fetched, given the wretched diplomacy of most European countries regarding Iran and Hamas, but I would not be surprised to see a competent French inteligence unit deciding that al-Mabhouh posed a threat to French interests.

The best bet is still the Israelis, who will be more than happy to quietly take credit for this operation.

And so on and so forth. The main point I'm trying to get across is simple: we don't know who did this. We don't know why. The Dubai police have a narrative, and the Israelis certainly have the motive, means, opportunity, and above all the resolution to see this sort of operation through. But so do others.

Topics:  · government · military

Link to this story · Leave comment or trackback

Europe: United When It Should Not Be

The captain of a US Navy ship enjoys tremendous freedom to innovate — but is absolutely accountable for not only his actions, but the actions of the people whom he appoints to positions of authority. If a young officer makes a mistake in the middle of the night when the captain is asleep, the captain is accountable.

I have many reasons to be leery of the European Union, not the least because the EU comprises yet another layer of legislative, judicial, and regulatory government on top of the current national governments. But from where I sit, the EU enjoys wide power but with little or any accountability, which inevitably leads to both abuse and failure.

The current situation in Greece would be a disaster for that country, but because Greece shares a common currency with other members of the EU, the Greek problems can easily spread. EU member countries routinely ignore the budget and debt rules — the basic rules that are supposed to support the Euro currency. Unlike the military, where accountability is a matter of law, in the EU adherence to the rules is governed by politics, which means that popularity and congeniality trumps accountability.

The EU has made the choice to handle Greece's problems by a political process, namely a bailout package. We here in the US are familiar with this theory; two of the three largest US-owned automobile manufacturers have been kept on government life support for years, with no hope in sight for recovery. If the EU is unwilling to disaggregate their monetary system, then they must either allow Greece to fail or use a unified process to make certain that Greece's budget conforms to EU rules. While there may be a clever idea out there, just about any other option I can think of leads directly to failure.

Topics:  · finance · government

Link to this story · Leave comment or trackback