Whatever Just Happened There
My colleague Julian Sanchez has a fascinating article in Wired today about warrantless wiretapping:
As Congress prepares to reauthorize the controversial FISA Amendments Act of 2008 — which effectively legalized the notorious warrantless wiretap program launched by President Bush — much about the law remains shrouded in secrecy: The National Security Agency has refused to give legislators even a rough estimate of how many Americans’ communications have been swept up in the digital dragnet.
Yet even four years after the FAA’s passage, one of the biggest mysteries isn’t how the law has been used, but why it was necessary in the first place. One surprising — but surprisingly plausible — explanation points to the unexpected consequences of broadband deregulation.
In other words, it seems entirely plausible that the Bush administration’s deregulation of cable broadband service accidentally led to a secret court refusing to approve a sizable chunk of the NSA’s wiretapping activities. That ruling then precipitated a dramatic political battle full of overblown claims of threats to America and eventually resulted in the passage of a measure expanding the NSA’s ability to intercept communications inside the United States.
But hey. We live in a democracy, so I’m sure that we all wanted… whatever it was that just happened there. About which not one of us can even begin to form a proper opinion. But it’s okay. Democracy!
As Mark Thompson observed in a recent, not-to-be-revisited comment thread, in the absence of evidence all we have to fall back on are our own intrinsic biases.
Jason,
It isn’t “that we all wanted” in the slightest. It’s that the majority who voted either wanted these outcomes or simply didn’t care.Report
the majority who voted either wanted these outcomes or simply didn’t care.
You presume that the majority knows what’s going on.
Could you have them inform Mr. Sanchez at the soonest possible opportunity?Report
Even if the majority doesn’t know what’s going on, that’s reflective of a choice isn’t it?Report
No, it’s not. Only a very few people in the country can even choose to inform themselves about the relevant facts here, because they are classified.
While I understand that secrecy is sometimes necessary, it’s not a necessity when the only reason for the secrecy is that the public might get pissed off if it knew.Report
If people wanted to know, they could demand an answer. They could vote out the politicians who protect those answers. They could frequent the publications that try to get those answers. They don’t.
It isn’t a failure of the system. It’s a failure of the people.Report
What if the system deprives the people of the data they need to make a decision? Is it still okay to blame the people? Because that’s what seems to be happening right now.Report
What if the sort of substantive journalism that might inform a populace of its government’s activities isn’t widely and commonly available? I’d blame the marketplace. But the marketplace, like democracy, is driven by its participants, and just as with our government, there isn’t a market for what you want.Report
Like in North Korea … pussies.Report
The same is true for indefinite detention, waterboarding, targeted assassinations, and god knows how many bad things that go on under this or that administration.Report
1. I think there are a lot of people who prioritize security over liberty and therefore would, in an honest moment, disclose that they like the government doing this. That would include saying that they wouldn’t mind if the NSA intercepted, archived, and read their own e-mails. They’d say, “I have nothing to hide,” as if that were the point at all.
2. Democracies need information to make decisions. Mark nailed in: in the absence of actual evidence what we’re really seeing is a diagnostic of our collective pre-dispositions. We never get to the post-disposition when the subject is one that remains shrouded in secrecy. Democracies are good at sorting out “good” from “bad” but they aren’t good at prioritizing two competing goods. At least, ours isn’t, and particularly not when we’re dealing with abstractions like “liberty” and “privacy” on the one hand and “security” and “secrecy” on the other.Report
Y’know, I always like it when someone says I nailed something. But I have to say that I like it even more when I say something I view as not terribly profound, and then it is applied in a different context by someone else to make a pretty profound point. Kudos to you and Jason for making something interesting out of it.Report
“I think there are a lot of people who prioritize security over liberty and therefore would, in an honest moment, disclose that they like the government doing this. That would include saying that they wouldn’t mind if the NSA intercepted, archived, and read their own e-mails. They’d say, “I have nothing to hide,” as if that were the point at all.”
I think supporters of draconian crap like this often misconstrue “support” for this. I have no doubt that people such as the ones described here exist, but I think there are others, people like myself, who might get thrown into this description wrongly.
For instance, the other day I was pulled over. The cop immediately started asking about what, if anything, I smoke in the car. I smoke nothing in the car. Not even cigarettes. Zazzy has never smoked anything, ever. I rarely have friends in the car and none of them smoke, in my car or elsewhere. He kept up the bully act, going through the whole, “If you have something to tell me, now is the time.” If it came down to it, I likely would have consented to the search, if only because it seemed the path of least resistance to get back on my way. Quick search, nothing found, good to go versus refusal to search and cop doing whatever he wanted to make my life hell. Ultimately, he backed off when I showed no inkling of fear and he likely realized he was barking up the wrong tree.
Now, while I personally would have submitted to such a search for practical reasons, I would still strenuously object to such searches on practical grounds, and never would support further empowering agents of the government to search and seize. But if you asked me, I’d likely say, “Yea, whatever, search me, I’ve got nothing to hide.” And I fear that I would immediately be lumped in with those who actually advocate for these types of abuses.Report
And that’s when you find out that the kid who vacuumed your car at the car wash dropped a loose tablet of MDMA ion your floor and spend the next couple of years trying to un-fish your life.
Not that that’s happened to anyone I know.Report
I clean my own car, buddy.
I am the 99%.Report
Let’s just sprinkle some crack on him and get out of here.Report
“If it came down to it, I likely would have consented to the search, if only because it seemed the path of least resistance to get back on my way.”
The only thing worse than trading security for liberty is just giving up on liberty because it’s, like, too hard, man.Report
Umm… democracies are good at sorting out “good” from “bad” for the biggest group around.
Anyone that does not belong to the biggest group around is very likely to have the biggest group opinion shoved down their throat.
Like the “Liberal Democracy Symposium” lovely pointed out: Democracy is getting two wolf and a sheep to vote what they will have for dinner.Report
Well it is admissably easier to blame the machine than the ones driving the machine.Report
I fall into the “I don’t care if they do it but I understand why it would upset some people” camp. So this will sound like concern trolling (and it sort of is) but, are there any documented cases of this power being abused? I mean, the government has had this power for almost a decade and we’re in the age of WikiLeaks. Surely someone knows a couple of stories about a citizen’s rights being violated by this program…right? I guess I am just trying to figure out what that would look like.Report
The FBI tried to blackmail Martin Luther King, Jr. into committing suicide based on the domestic spying it had done. The world only learned about it many years after he had been assassinated.
I understand that part of your point is that we live in a different world now. I’m not as confident in that difference as you are.Report
A program of actively trying to dissolve a church of pacifists??
That’s not wiretapping, that’s with actual agents, granted.
The government is not your friend. it is a sometime ally,
but often forgets it exists to serve you.Report
> Are there any documented cases of this power being abused?
That largely depends on how you define “documented”. The unfortunate thing about this level of secrecy is that conclusions can only be inferred.Report
“That largely depends on how you define “documented”. The unfortunate thing about this level of secrecy is that conclusions can only be inferred.”
That’s how conspiracy theories start. Everyone fears the government will do Top Secret Evil Things but since they are Top Secret nobody has to prove they actually happened. The folks like myself who are less concerned can’t prove a negative so then the skeptics win the discussion.Report
Google MK Ultra. If I had told you that the government had engaged in that sort of thing as recently as the 70’s, how crazy would I have sounded? “Mind Control”?
Then they declassified it.
It’s not like the government has earned the benefit of the doubt here, Mike.Report
http://www.sfweekly.com/2012-03-14/news/cia-lsd-wayne-ritchie-george-h-white-mk-ultra/Report
Jaybird – and that was part of the same wiretapping program Jason is writing about?Report
Nope. Not at all.
I’m just saying that the folks who argue that the government wouldn’t abuse their powers, wouldn’t engage in evil deeds, wouldn’t do the things that their critics are saying they’d do…
Well, they’ve been wrong often enough that you’d think that their defenders would be a little more circumspect when it comes to something as, frankly, *VANILLA* as wiretapping.Report
So there’s nothing specifically bad that has happened with this program so far? If so then I guess you are just assuming that abuse is the default scenario for the government. And in that case, ALL government powers can be abused. If we always assume bad intent then you basically just live in fear. So here’s my policy: Wouldn’t it be better to pick up a gun and start a civil war or move to another country?
Any time I have someone in my life where my default opinion of them is bad, I cut them out. I stop interacting with them. Or in a few rare cases I might actually try to stop them (a terrible co-worker for example). I certainly wouldn’t just play along while distrusting their every action.Report
Mike-
If someone was arrested, convicted, and jailed of a crime they were indeed guilty of, but which the government could only acquire evidence via these types of searches… would that constitute abuse?Report
I suppose my point is that the mere act of searching folks without warrants seems abuse in and of itself.Report
Sure – and I would guess that a decent lawyer would point that out in court, right? Doesn’t the government have to obtain evidence legally?Report
But if these warrants are made legal, then what?
I’ll confess to not fully understanding, so I apologize if I’m off-base. But it seems that the government is re-defining what it means to obtain evidence legally. The fact that they have this power seems to me to be an abuse on Constitutional protections…Report
As far as recent cases have shown, the government does not need to obtain evidence at all.
All they need to do is show that “you knew how to do it” and then you get convicted on that basis alone.Report
Mike,
Lawyers aren’t being allowed to present that kind of evidence in court in these national security cases because it could reveal how the government collected the information. The government has been allowed to present secret evidence, and some people have been denied their day in court via use of the state secrets privilege.Report
In addition to what James said, there is also the fact that even before you get to trial, you have someone who’s been arrested and incarcerated for some length of time, whether a few hours or a few years, awaiting trial. Even if their lawyer could procure an acquittal, the person will have suffered mightily; thanks to the doctrines of qualified and absolute immunity, any attempt to file a civil suit would get dismissed without any opportunity for discovery (and even with discovery, they’d be barred from getting the information needed to prove their claims under the state secrets privilege).
Worse, there are things that can be, and most assuredly are, done as a result of warrantless wiretapping that fall short of criminal prosecution but which are barely subject to challenge at all – e.g., being placed on the terrorist organizations list or, far more frequently, the no fly list.Report
Somalia! Hurray!Report
> If so then I guess you are just assuming that
> abuse is the default scenario for the government.
Maybe Jaybird is.
My assumption isn’t for default scenarios, Mike. I trust my brother pretty implicitly. He’s the type of guy who would stand at the door with the shotgun and two shells and the sledgehammer and yell over his shoulder, “Get the kids out, I’ll hold the door long enough for you to get to the car!” while the Zombie Horde was approaching. I would not, however, give him the root password to the cluster I maintain.
I have a reasonable level of both trust and skepticism in the government. I trust that most people in the government work pretty hard to not screw it up for everybody, and I trust that there are a few bad apples, and I trust that the government will be an organization like any other and react as organizations do to internal violations.Report
Mike, this may seem like hyperbole, but it’s like asking why that abused wife just doesn’t pick up a gun and shoot the bastard, or move far far away with her children.
The answers are the same:
She’s afraid.
She can’t afford it.
She is cowed & conditioned by years of the same.
She is codependent with the abuser.
🙁Report
Glyph,
The people in Egypt, Syria, Libya, etc would probably disagree with that analogy.Report
Sure, their ‘husband’ is way worse than ours. No question.
I actually, really, truly believe ours can change! Really! We just need to figure out how! (I do mean this, for the record).
(Others around me shake their heads sadly and wonder when they’ll find me dead).Report
not at all. they’ve been through it.Report
Mike, are you suggesting that when skeptical of the government, one should jump right to violence rather than advocating for a more open government?Report
I think when your distrust passes the 50% mark, it’s that or you find a new country.Report
Problem is, Mike, 50% of what?
Like I pointed out elsewhere on the thread, I have 100% trust that my brother will sacrifice his life to save mine and my children. I have zero trust that he has good password protection policies. I trust him implicitly for some things, and not at all for others.
I can trust the government more than 50% for a lot of things, and still trust it 0% for some things. I have three options:
Move
Increase my level of trust in those “some things”
Not allow the government to do those “some things” but allow them to do the “a lot of things”Report
I’m with Pat. I’m really not sure how we measure our distrust in government, and, if we could, what point would necessitate moving (should there be an acceptable place to which to move).Report
That said, you would trust your brother not to intentionally allow malicious users to act on the system. He might do it entirely by accident, he might get social-engineered into doing it, but you can trust him to not think “the best course of action is for me to allow Chinese hackers onto the system”.Report
Sure, Duck… but that’s only part of the equation.
What do we get out of the existence of the system? And the answer is, “Nobody will tell us”. How much does it cost? “Nobody will tell us”. What mechanisms exist to ensure proper audit? “Nobody will tell us”. Does it actually work? “Yes. But we can’t tell you when it has actually worked”. How do you get *off* being monitored, if you’re being monitored unjustly? There’s no way to know, because there’s no way for you to know if you’re being monitored.
I’m open to the possibility that the NSA warrantless wiretapping program has led to the breakup of numerous terrorist plots (I find this staggeringly implausible, but it’s still *possible*), and likewise possible that no substantive resources have ever been wasted chasing down false positives (also staggeringly implausible, but possible).
Without any sort of reasonable data to go on… whether or not that is the reality… that’s an unfalsifiable premise. I have to fall back on what I know of data mining and general information security principles. And *that* leads me to believe that this system is much, much more likely than not to be a failure on multiple fronts.
I could be wrong, but the only way you could prove it to me would be to let me see things I can’t see.
In any event, the two real cappers are…
One: that this is a capability that, once it exists, can be misused, whereas if it doesn’t exist, it can’t be misused. It’s not like nuclear weapons technology… where “if we don’t built it first, someone else can build it and they have an advantage over us, so we have to develop it to protect ourselves.” If we don’t put the devices in the network, or dump the data in a data store, there are no devices to suborn or databases to crack. China can’t sneak these things onto our network backbone.
Two: whether or not it is effective, it’s still pretty obviously (to me) beyond any possible reading of the Fourth, and certainly isn’t supported by any body of case law. But I’m not a lawyer, so take my objection there with the standard disclaimer.Report
“What do we get out of the existence of the system? And the answer is, “Nobody will tell us”. How much does it cost? “Nobody will tell us”. What mechanisms exist to ensure proper audit? “Nobody will tell us”. Does it actually work? “Yes. But we can’t tell you when it has actually worked”. ”
Do you trust your elected representatives to properly govern the Republic?
If not, then why did you vote for them?Report
> Do you trust your elected representatives
> to properly govern the Republic?
Already answered, Duck.Report
Do you trust your elected representatives to properly govern the Republic?
If not, then why did you vote for them?
But you’re whole point is that there is no “right” candidate to vote for since the source of the problem is institutional. Instead of asking “why did you vote for him?” in the second question, you should be asking “why didn’t you overthrow your own government to … you know … do something better?”
Or is that wrong?Report
I completely distrust the govt and I’m not going anywhere! Unless they start bombing more brown people with my tax dollars, because really, haven’t we done enough of that.
As an aside, at what point are we morally complicit in the actions of our govt? When we are 18yrs old? When we pay taxes? Am I complicit proportional to my tax bill or based on how many winning politicians I voted for or per-capita? Am I off the hook because my brain creates the whole idea and tells me to go eat a salami sandwich if I think about this too hard?Report
+1 to Stillwater. This isn’t about finding the right person to exercise power without accountability. There is no right person to entrust such power to, people can’t be trusted with unaccountable power. The American Founding fathers knew this, which is why they set up structures to contain such power. That many people consider these structures unnecessary so long as the “right people” are in charge disturbs me.Report
> That’s how conspiracy theories start.
Sure. That’s the problem with this problem space: you can’t falsify anything.
I’ve been following the warrantless wiretapping story since it started. There’s a dozen posts or so on my old blog, and Schneier’s blog has been following it fairly exhaustively as well… also Ed Felten, whose blog is excellent if you’re interested in voting processes and security.
Still, from an engineering perspective, you can make predictions based upon things you *can* measure. An engineer with a modicum of area knowledge doesn’t need to see the bridge built, weight put on it, and have it fall to know that a design is faulty; he can look at the specs for the load bearing members and say, “This bridge will only support X. X is likely to be accidentally exceeded in spite of any precautions you put into place, because of where you’re building this bridge”.
I’m actually not worried about “the government” doing something bad with this system, although it’s certainly not outside the realm of possibility. I’m more worried about the existence of the system, itself.
We can’t protect our military bases from intrusions by Chinese hackers. We can’t protect this system indefinitely from intrusions by anyone with enough power and resources to get into it, and there are at least five entities who have the power and resources to get into it.
A pretty good rule of thumb in computer security is that you only aggregate the data that you need to accomplish the task. The more data you have, the more likely it is that the data store – whatever it is – will be of sufficient value to someone else to turn into a target.
This is the biggest target in the world. Literally. Data from every country flows through the communications nexus that is the backbone of the Internet. It is of limitless potential economic value.
Somebody will eventually crack it, and the repercussions of that will very likely vastly outweigh any benefit we’ve gotten from the system since it went live. From a risk analysis standpoint, it’s something you don’t want to build.Report
Someone hacked Blizzard for pretty much that reason. Way too many email/password combos for battle.net
Speaking of hacking in general, is anyone else annoyed by the habitual use of “super awesome can decrypt everything” MaGuffins in modern TV? You can trace it back to Sneakers, which was at least grounded in reality in the sense that the guy who made it was:
1) A mathematician.
2) A brilliant freaking mathematician.
2.5) Like a freaking insane brilliant mathematician — in the right field.
3) And immediately killed and everyone and their dog after it.
4) Not a hacker. Because hackers are not that good at math.
I have the barest understanding of cryptography and the underlying structures of modern computer secrurity, but I know exactly what it would take for that super-hacker device to exist.
So seeing it casually thrown around is…irksome. It’s like TV habitually claiming some random mechanical engineer happened to create the Grand Unified Theory, resolving quantum mechanics and relativity, as part of his pursuit towards getting more work for his consultaning business.
You kinda stop and go “Wait, what?”Report
… some hackers are that good at math. some hackers are experts in crpytography.
some hackers write code deliberately designed to be hacked (that wasn’t the hard part, mind).
And others? Get by simply by guessing well.
Yeah, the “super awesome” thing is mostly about doing a bit of gumshoeing.
Sneakers at least had someone with a photographic memory grab passwords… (which, while doable, would be a total pain in the ass, even with a great memory…)Report
I don’t think you realize what level of “being good at math” you’d need to be to create a “super device that hacks everything”.
Like “Einstein was kinda slow at physics” good.
Modern crytography (aside from one-time codes, which are different but scale poorly) work on some fun properites of large, large numbers — specifically factoring them.
To build a “hack everything” device, you have to solve a particular class of math problems known as “NP” problems. These are problems that, basically, there is no deterministic (ie: the way computers work) method of solving them OTHER than direct examination of all cases.
When I say “no other method” I literally mean “Invent an entire new field of math that no one has ever freaking considered that turns the entire field upside down”.
The travelling salesman problem is the simplest type of this problem — a salesman wants to travel between N cities, what’s the minimum route that visits each one once and once only? The only way to solve it is to list every possible route, tally them up, then pick the shortest.
There is no fancy math trick that can fix that. To find the shortest route, you must calculate ALL routes. Each additional city increases the number of possible routes exponentially.
Modern codes? Exact same way. Each single-digit increase in the size of the key increases the required computations to break it exponentially.
Quantum computers might end-run this, not because of new math on the “super genius of the millenium” level, but because they don’t operate deterministically. It’s sorta like using a wormhole in science fiction — you don’t break the “can’t go faster than light” rule, you sidestep it.
Quantum computers aside, faster computers to BREAK codes means computers to make codes increase just as much. Easier to encrypt with larger and larger keys.
Which is why real code breaks focus on the TYPE of decryption and whatever they can glean from the underlying data, trying to exploit some flaw in the method or use existant knowledge of the encrypted data to end run the process.
Which doesn’t work for super-awesome hacker device that can hack everything.Report
I know someone who’s written a neat and elegant solution to the travelling salesman problem.
Do I get to say einstein was kinda slow at physics now? He always did hate quantum mechanics, you know. (and there’s the solution to the travelling salesman, too, dancing around the edge of probability).
Besides, hacking is all about systemic weakpoints. Hacking a private/public key is stupid hard. I mean, stupid hard. Nobody really does it hard.
Hacking a decent password? Fairly easy, as it has to be memorable.
Programs that pass the turing test exist too, ya know.Report
> I know someone who’s written a neat
> and elegant solution to the travelling
> salesman problem.
No, you don’t.
Sorry.
I will bet you $500.Report
Decades ago, I knew a guy who claimed he had solved the travelling salesman problem, but couldn’t be bothered to write up the solution. Unless I’ve miseed it, he still hasn’t found the time. Immune to fame and fortune, I guess.Report
I guess the solution was too large to fit in the margin?Report
kenB stole my joke.Report
Heh. I knew a guy who used to work with pick-n-place robots. He had to calculate optimality for putting N components onto a board. He got frustrated one afternoon, picked up his computer, smashed it on the floor, broke into hysterical tears and ran off the premises.
Kohata-san ran out after him and convinced him to take a few days off. We rescued his disc drive and put it into a new computer. He came back and nobody said anything about it thereafter. He really was a brilliant programmer and had been pushed too far by a truly abusive manager. Kohata-san settled scores with that evil brown dwarf, too.
There are some interesting ways to iterate toward optimality for any NP-hard problem. After a few dozen iterations, there’s not much to be gained from further iterations and it’s good enough for gummint work. Faced with an optimality problem, I routinely resort to tsplibReport
Nah, I bet you would weasel out.
His solution works 75% of the time. So you run it four times, and if it’s the same all the time? Good enough, right?
Morat’s right, there’s no -deterministic- solution.Report
by the way, if you want to count that as “winning”,.. i can send you my address.Report
I used to have a job that was a real-live version of the travelling salesman problem; collecting the change from newspaper boxes scattered around time. Fortunately some possible solutions were obviously bad and could be discarded without trying them. I ended up with a set of several “reasonable” routes and alternated among them to avoid boredom, but I never thought it would be worthwhile to keep track of the actual distance of each to compare.Report
kimmi,
That’s not a “neat and elegant solution,” because it’s not a “solution.” It’s an approximation.Report
James,
I’m not certain you and I are talking the same thing. If it gets the right solution (the REAL one), 75% of the time, it is not an approximation. It is quite simply, right.
Nah, we ain’t talking turing here, where I could spin a line. But just making sure we’re on the same page.Report
kimmi,
I’m no mathematician, but I’m pretty sure that when they use the term “solution,” they mean a precisely defined approach that will necessarily find the right answer. And if you read the Wiki entry on the TSP, you’ll see that it discusses algorithms for dealing with it in terms of “approximations.”
So, no, your friend doesn’t have a solution.Report
The word “solution” means something very specific in Mathematics, Kimmie. Misusing that word is something you don’t do.
“It works 75% of the time” is not a solution. Not in math. It’s a workaround.
And that other 25% of the time, you probably have one hell of a mess.
> If it gets the right solution (the REAL one),
> 75% of the time, it is not an approximation.
> It is quite simply, right.
You have no way of knowing what the “REAL”, “right” solution is for N > 20.
Seriously, you’re talking totally out of your ass, here.Report
Yah, if you want to say something like “that’s not a solution” because it’s not deterministic, that’s fine. ‘swhy I said no bet, anyhow, ain’t it?
It’s better than smartpost, at any rate.Report
“I have a solution to the Traveling Salesman Problem! Nationalize it!”Report
Or has has a number of ideas for how to write up the solution, but can’t figure out which one is shortest.Report
collecting the change from newspaper boxes scattered around time.
That sounds like one cool job.Report
Man, I make the coolest typos sometimes. That does sound like an awesome job, doesn’t it? Loads better than the real thing was.Report
They’re all next to blue police boxes.Report
Yes, real hacking is about exploits, finding flaws in widely-used code, and — for the NSA types — maybe rooting around in the algorithms and hoping to find a screwup. (Or, using outside knowledge to help break the key).
One cannot “solve” the TSP, however. Well, you can in the “find all possible routes, list them in order, pick the shortest”. But that’s the expoential case.
What one CAN do is find approximate solutions. Also known as “Good enough” solutions. For the TSP, I believe it’s possible to approximate the shortest possible route (ie: knowing the cities relative positions, one can calculate rather swiftly about what the minimum possible length of a full trip could possibly be) — if you know that the cities are arranged such that ANY trip beween all must be at least a 1000 mile trip, all told….
Well then you can run various quick-solvers and if you get a solution of 1400 miles (with the median being 2200) you pick that route and call it a date. It’s not a solution — it’s not the shortest possible route, but’s close enough.
It’s done all the time in data mining — quite a bit of data mining deals with intractable problem sets, wherein calculating the “best” answer is either flatly impossible or takes WAY too long. Therefore you put together “good enough” algorithms that get you 90% of the way there swiftly, and write off the last 10%.
You can’t do that with breaking AES or public/private keys.
Unless you can prove NP problems aren’t NP. (Such as quantum computers). But if you can solve problems like that in polynomial time, being able to break all the codes in existance outside of one-time keys (ie: Keys longer than the message, used only once — no repeats, not breakable without underlying content knowledge) — well, you can do a lot more than steal all the money in the world.Report
Report
I tolerate Sneakers because they did it first, I loved the movie, and the guy who did it was a mathematician specializing in factoring large numbers. They at least did enough research to get the right field. 🙂
And then the main character was smart enough to smash the thing at the end.Report
As someone who was a math major considering a graduate school career in number theory in 1992, I quite loved the fact that they had Donal Logue play a German (very appropriate) number theorist whose talk was actually worked (sensibly) into the movie. Also, Len Adleman (the “A” in “RSA” encryption) wrote the lecture scene, which is why the cryptography part sounds so plausible.Report
another key part of hacking is backdoors.
But mostly it’s about finding human decisions within a pile of data. Because it’s a lot easier to hack the veternarian’s database than it is to hack nasa’s.Report
It’s Ok in Doctor Who because… it’s Doctor Who, you know?Report
One upside to the grave privacy threats is that increasingly it makes sense to be oneself at all times. We may see a real resurgence of civility and genuineness as the Facebook-world predominates. For now it is just the occasional bulging-member in a Congressman’s boxer-briefs that calls us to account. But imagine a future in which political candidates will find it much harder to craft public personas wholly at odds with their private selves. It’s not all bad.
I am convinced, based on a Charlie Rose interview mainly, that Mark Zuckerburg is radically against privacy and sees the destruction of phoniness as a core mission of Facebook.Report
Why not just ask Anonymous?
Conspiracy theories are one thing, but there’s plenty of folks who can sniff this stuff out.Report
There’s a truism in intelligence: always assume your enemy knows everything you do. See, tyrants can’t really be tyrannous without a cadre of enforcers. But more importantly, the tyrant cannot trust anyone and must impose distrust upon all his followers, planting spies among even his most trusted enforcers.
Inference? Conclusions? Patrick, the problem is process. If this were a society ruled by laws, where the Fourth Amendment meant anything, the process would be open to inspection. Judges would be — well — judges, stopping the government from violating the privacy laws. The judges aren’t stopping anything. Therefore, we do not need to infer or even reach conclusions. When our Fourth Amendment rights are abrogated, we can say power is being abused, categorically.Report
bah. that truism is stupid. One ought to understand that whenever one asks a question, one reveals more about what one knows…
Knowing both sides knowledge is key to negotiation. Only a lazybrain assumes everyone knows everything.Report
Shrug. With an attitude like that, I’m sure I wouldn’t bring you in as a security administrator. Assuming one’s enemy knows what you do is the first consideration for any security protocol, since most breaches happen from within, not from the outside.
Here’s the point: to run an effective police state, you need to know everything, especially about the people who gather that information and especially those who act on it. In a working democracy, there’s a free press, a presumption of innocence, the right to face one’s accusers, the right to trial in open court, the right to subpoena. But paramount in all such considerations is the independence of the judiciary.
Our judiciary is not truly independent, not while the National Security Letter remains an option for the federal government. An NSL has no judicial oversight. It’s not even a warrant. It’s a demand letter. Furthermore, not even Congress is aware of all the outstanding NSLs: the FBI has systematically under-reported NSLs, knowing how egregiously they’ve been violating the law.Report
Blaise, I must say, the way you talk about security makes me wonder if you’re actually a programmer.
Most programmers can’t do security to save their lives.Report
Most programmers don’t WANNA do security. it’s a devil’s game, the type you play to lose. IT people do security.
Programmers charge too much to do security, except when it’s really, really important.Report
Most programmers are proof the Million Chimps Problem is not confined to a hypothetical. I charge a fecking king’s ransom and I have found security is always Really Really Important. I don’t even do a three page static website anymore without starting with security.Report
Hehe. I’ve got stories. Everything from our customers insisting everyone have read-access to everything and no procedure for validating new users and then acting aghast when information spreads that they don’t want to…
To taking a look at a website and and asking “Okay, what’s to stop me from just adding “/admin/” to the URL there and accessing the admin pages and giving myself full privilages? The fact that I shouldn’t know the admin pages are there? That’s it?”
Now that I’m doing front-end work rather than website work, my security focus is more on the underlying (and valuable) data we ship with our product, and my questions are more like “You realize that people in the 17th century had developed better encyrption algorithms than that? You know what? Because that’s basically just a Ceasar Cipher and my kid’s calculator watch could break that in real time”.
Again, more security through obscurity — our end users are a very limited bunch who pay an awful lot per license, and the weak “encyrption” is there more to prevent them from modifying our data on accident than anything else. Yet, really, making it 256k AES would be trivial to implement, although I know I can’t talk them into a dymanic or license based key, so we’ll be stuck with a static key embedded in the executable which isn’t exactly the bees knees.Report
Most programmers can’t do security to save their lives.
(sadly) Ain’t it the truth…
I start with security. First people I talk to onsite are the security teams and the DBAs. Nothing else gets developed until security and encryption are airtight and performance tuned: I’ve spent as much as a quarter of my project time getting it right. Any security I write always ends up tied out to either mainframe security or an SELinux MAC paradigm. Trying to retrofit security is worse than useless.
The infrastructure people absolutely love it. They all hate Windows security anyway. Coders don’t have to play stupid games: makes their lives easier.Report
Most programmers don’t bother to learn. Security is hard, and it’s generally a PITA. (Any security scheme is pretty much guarunteed to be a trade off between security and useability.).
Programmers tend to come from a wide array of backgrounds. Lots of former engineers or mathematicians. People with formal education in computer science, much less the less core stuff like modern security and encyrption? Not as easy to find.
I know some security because I did extra course work on the theories behind it, and then got roped into sanity checking my peers and being the guy that says “If you do that, you have to encypt it. Sending it clear like that is begging for trouble” and being THAT GUY that made the other progammers do extra work rather than send proprietary data clear-text over the internet.
The real security guys — the specialists, IT and otherwise? Like a zillion levels above me.Report
Security isn’t hard if you have the mindset for it. If you’re the sort of person who walks into a 7-11 and notes where the cameras are and how you would have to stand wearing a baseball cap so that your face doesn’t show up on the tape, you’re the sort of person who just naturally thinks in default-exception-scenario mode.
Learning the mindset can be hard, though, if you’re not naturally a sneaky bastard.
Suck to be that guy, by the way. Condolences on that.Report
Let me rephrase that first line because it comes off totally wrong.
Security *is* hard (as in, “difficult”) almost always. It can be uniquely psychologically rewarding for the right sort of cat, though. So it can be “hard” but still “fun to do”, oddly enough.
I enjoy audits. Especially outside ones, where someone challenges my assumptions and asks hard questions. This is abnormal.Report
*snort* yeah, they used to give the auditors jobs if they could hack the system well enough.
“well, you just hacked our bank security. wanna job?”
(more alarming is the person who hacked her way through medical school. fine doc and all that, just didn’t bother with the education the normal way).Report
*nods* okay. different perspectives.Report
I think part of the problem is that, due to its very nature, it would be impossible to know for certain if it is or is not being abused in any given instance. In fact, even where there is cause to believe that the power was abused, you’re not able to sue the government to verify that abuse: http://articles.cnn.com/2012-08-08/justice/justice_warrantless-wiretap-lawsuit-dismissed_1_appeals-court-federal-court-al-haramain-islamic-foundation
So, as Jason and Burt point out, we’re left with whether we are biased towards trusting or distrusting the government not to abuse these powers.
My view is that even if we can trust all but a handful of agents with access to this extraordinary power to use it properly, there will still be some who abuse it. Given the extraordinary nature of the power, even if only a handful of agents abuse it, the abuse will have the effect of being widespread, with no safeguards to put an end to it.Report
Mark – If the government is actually doing it shouldn’t there be someone in a jail or worse that was on the receiving end of this attention? And no one has spoken out? And if we’re talking about potential for abuse, we have a military that is empowered to do all kinds of top secret things that none of us will ever hear about.Report
> If the government is actually doing it shouldn’t
> there be someone in a jail or worse that was on
> the receiving end of this attention?
Oh, no. Remember than line from Superman III when Robert Vaughn says something to the effect of “He’ll continue to maintain a low profile and steal quietly… that is, unless he is a complete and utter moron…” and then Richard Pryor pulls into the employee parking lot in the Ferrari?
If you’ll allow me to put on my Evil Pat hat for a moment: if I have nominal control of this thing (say, I’m the President), and I’m interested in doing something nefarious, I install one guy with just enough authority to run certain searches and sift through certain things and report directly to me.
And then I have him hoover up everything digital that’s authored by everyone in Congress.
That would make negotiations a bit simpler.Report
Oh you mean almost exactly what Clinton already did?Report
That was just an honest bureaucratic snafu. Clinton said so, and you know you can trust his word.Report
I’ve hired you to help me start a war.
It’s an prestigious line of work, with a long and glorious tradition!Report
Well, the plaintiffs in the linked suit were listed as a terrorist organization, likely based on the warrantless wiretaps. Another issue of course is that in nearly all, cases, it would be impossible or nearly impossible to know that the source for a given prosecution or other abuse was a warrantless wiretap – even in the above-linked case, it’s more assumed than proven that the basis for the classification was warrantless wiretaps.
But beyond that, the mere existence of warrantless wiretaps for domestic communications is itself an abuse – the FISA court traditionally rubber stamps any warrant application anyhow (except of course in the mysterious but nonetheless landmark case referenced in Sanchez’ post), so the fact that, as the government has acknowledged, domestic wiretaps are being conducted without going to the FISA court for a warrant, and indeed without probable cause by the government’s own admission, is a pretty clear violation of the Fourth Amendment, and thus an abuse.
The problem isn’t that there’s a lack of evidence of any abuses, it’s that the nature of the program prevents anyone from obtaining the standing necessary to prove a specific abuse.
What the program in large part amounts to is the government saying “We’re violating the Fourth Amendment on a daily basis, but we’re going to make sure that no one knows whose Fourth Amendment rights, exactly, are being violated.”
While it’s true the military is authorized to do plenty of top secret things, they are not authorized to engage in domestic spying or to do other things that might implicate the constitutional rights of domestic civilians. The CIA/NSA/FBI are so authorized, but only within very clear limits; what the warrantless wiretapping program does is assert the power and right to ignore those limits without any oversight.Report
So is the solution to kill the program or create an oversight process? Does the net bad trump the net good?Report
We don’t even need to create an oversight process – we just need to go back to the longstanding requirement that warrants be obtained through the FISA court. If need be, we can surely expand the number of judges on the FISA court to the extent that there are more wiretaps than the court can currently handle. Keep in mind, the FISA courts are top secret themselves, but they are at least an independent branch of the government that ensure that the government can’t just do blanket searches and create post hoc justifications for those searches when it finds something it views as worth acting upon.
As for whether the net bad trumps the net good, my belief is twofold:
1. There’s not any actual evidence of any good coming out of this program, much less evidence that whatever good has been achieved would have been unachievable if a FISA warrant were required; and
2. Regardless, it is my general view that any violation of the Fourth Amendment trumps whatever good comes out of it. The prohibition on unreasonable searches and seizures is deeply woven into the fabric of this country, and in this particular instance, it is very much my view that to throw out the Fourth Amendment whenever the government utters the word “terrorism” is to grant the terrorists a victory in that war that they do not deserve.Report
Knowing something of the technical back-end, I’m disinclined to have this program exist even *with* outside oversight via the FISA court.
The technology, itself… the infrastructure that is required to make this program actually work… is simply too large and complex (and valuable) to secure, itself, in the long run.
Remember Mission Impossible, the first movie? The NOC list? I remember thinking to myself… “That’s just stupid, why would you *ever* have a canonical list of every covert agent you had, in one data store? That’s putting all your eggs in one basket when there is no reason whatsoever to have only one basket!”
Sometimes putting all your eggs in one basket is a good idea, when carrying two baskets is itself risky.Report
Mark: I think everyone agrees with Jason’s criticism, but what’s the solution? I mean, Jason wrote a post about how this policy didn’t result from consent of the governed, and given the lack of information about it’s limits and methods, we’re prevented by government from even forming an evidence based opinion about it. Fair enough.
The claim that we fall back on our own biases, however, isn’t the right conclusion to draw from here. Mike D is actually presenting evidence of a certain kind, at least, he is in the form of a question: have any citizen’s civil liberties been abridged specifically because of a warrantless wiretap? If not, then the initial criticism seems misplaced, since there’s no evidence to support the conclusion that government is actually violating civil liberties.
It seems to me Mike’s argument turns Jason’s claim on it’s head: criticizing warrantless wiretapping as an abridgment of civil liberties in the absence of evidence that government has done so reveals a bias of it’s own. That government isn’t just potentially, but is actually, acting illiberally. (Hence his claim that this is the type of stuff conspiracy theories are built out of.)
Personally, I think this is a case where worries about the potential for abuse are entirely justified. But to say that people are biased in favor of believing government isn’t using it’s FISA powers unconstitutionally (or whatever) without citing any evidence that government is doing so seems to make the argument a bit confused.
That’s not to sayReport
It seems to me Mike’s argument turns Jason’s claim on it’s head: criticizing warrantless wiretapping as an abridgment of civil liberties in the absence of evidence that government has done so reveals a bias of it’s own. That government isn’t just potentially, but is actually, acting illiberally.
Absolutely. It’s a very good point that he makes in that respect.
Obviously, I think my biases here are fairly well-founded. I wouldn’t hold them otherwise. I would also be delighted to be proven wrong about them, but that proof won’t likely be forthcoming anytime soon.
What would disproof look like? A very much smaller surveillance program than has been claimed by various whistleblowers and members of congress. Meaningful, case-by-case oversight through FISA. Lack of overt abuses like deployment against personal or political enemies. Lack of spillover into areas of law enforcement where the NSA is legally forbidden to operate.
Again, I think these are unlikely scenarios, but they are at least conceivable.Report
I get your point, and I don’t dispute it. In fact, I think it’s very much implicit in Burt’s point.
I would, however, note that the justification I provide for my biases does not depend on any conspiracy theory – it just depends on a statistical probability that some minority of agents will be inclined to abuse what is indisputably an incredibly broad power; we see evidence of abuses of power in just about all walks of life, and certainly there are no shortage of examples in the specific field of law enforcement and even intelligence gathering. What limits or allows action on those abuses of power are sunlight or, at minimum, some level of judicial oversight, both of which are absent here.Report
Mike-
I am somewhat similarly minded to you. What gives me pause is that folks like you and I are generally unlikely to become the targets of abuse (perhaps you moreso than me because of your guns… but we’re still probably both low on the priority list).
What does concern me is shifting the baseline. As we accept new normals, inching closer to more extremes becomes easier.Report
“We live in a democracy, so I’m sure that we all wanted… whatever it was that just happened there.”
This is an important point- if the name of the citizens is on it, they should know what it is that’s being done. If the government believed the people would support it, they would have told them about it.Report
Jason, so what do we do? Donate to the ACLU/EFF? Write our Congresspersons? Aside from this, I have no idea (it’s not like there is any realistically-electable presidential candidate who is against this stuff). In a prior post of yours (the one with the East Germany reference, you know the one:-) you suggested civil disobedience, but I am not sure how that would even work here, since we don’t even know what to disobey. I’d recommend we all start using encryption as much as possible, but until this becomes painless for the average person to do, it won’t help much.
Although, someone with a minimum of knowledge could create macros that throw trigger words like ‘bomb’, ‘anthrax’, and ‘Caribbean Queen’ into email and messaging clients’ outbound messages, and strip them out again on the receiving end for display. If enough people did this, it could start to overwhelm the system with noise. Seems like a project for Anonymous.Report
Encryption, and civil disobedience. Perhaps even targeted civil disobedience that would seem like it ought to be catchable through e-mail sniffers, but actually be impossible to catch that way.
Flash mobs… and more!Report
For those that don’t get the ‘Caribbean Queen’ thing:
http://youtu.be/NY8N_tSBDtsReport
Although, someone with a minimum of knowledge could create macros that throw trigger words like ‘bomb’, ‘anthrax’, and ‘Caribbean Queen’ into email and messaging clients’ outbound messages, and strip them out again on the receiving end for display. If enough people did this, it could start to overwhelm the system with noise. Seems like a project for Anonymous.
That sort of thing was common sig fodder back in the USENET days (along with posting your ICBM coordinates in your sig). It fell by the wayside when EMail clients became products but I like the notion. So much so, in fact, that I just might pound out some Automator/AppleScript to do this soon.Report
Knock off the anti-democracy whining. The real-world alternative is what? Voluntary private associations of nuclear armed libertarians? Right. Thanks.
http://whatdirectdemocracymightbe.wordpress.com/2012/08/04/direct-democracy-vs-libertarianism-reason-vs-logic/Report
That started off pretty well but you missed a few steps getting from the beginning to the middle.Report
“I don’t like waterboarding these shepherds any more than you do. Then I think about the people out there that I don’t want to have nuclear weapons…”Report
The real world alternative… is not constantly spying on everyone.
But if it takes a false dilemma to get you to cheer for the surveillance state, then that’s just the price we pay for security, I guess.Report
“But hey. We live in a democracy, so I’m sure that we all wanted… whatever it was that just happened there. About which not one of us can even begin to form a proper opinion. But it’s okay. Democracy!”
I was serious; and I have no idea what joke Chris is referring to. You wrote that petulant crap about democracy, and I challenged you to name a real world alternative to democracy, not to spying.
Describe a system, or even a reform, that enables those charged with our domestic and foreign security to optimally protect us without monitoring us as well? And under what system or reform are abuses of the system precluded–what changes then done to human nature itself? Remember: real world.Report
> Describe a system, or even a reform, that enables
> those charged with our domestic and foreign
> security to optimally protect us without
> monitoring us as well?
That use of the word, “optimally”, there?
That is carrying several million metric short tons of weight.Report
Daryl, I made a joke on another thread about libertarians having nukes and using them in self defense. I called it the incinerate your ground doctrine.Report
Thanks for the “intell.” The point, of course, was that there is no real-world alternative to trusting imperfect professionals to secretly conduct monitoring of media used by those bent upon our destruction. Jason’s indictment of those who accept the flaws inherent to democracy–without his putting forth an alternative–is whining.Report
“There is no real-world alternative to trusting imperfect professionals to secretly conduct monitoring of media used by those bent upon our destruction”
Take this thread of logic (and the implicit necessary underlying assumptions that are carrying a lot of weight for you, there) and run with it.
Where does that get you?Report
I’m not into Socratic dialogues, Patrick. If you have a point, then make it.Report
Shorter Daryl: “Don’t ask me to think, I’m too busy emoting!”
(Yeah, that’s ungenerous. Welcome to the interwebz.)Report
You’re regarding security countermeasures as a benefit, which is bad security analysis. Every security countermeasure comes with costs.
You have the fiscal cost of setting up the system
You have the fiscal cost of maintaining the system
You have the fiscal cost of auditing the system
You have the opportunity costs of the system’s effect(s) on the user
You have the opportunity costs of the system’s effect(s) on the subjects
Finally, by introducing a security system, you have formalized rules. These rules will produce both false positives and false negatives. All of those will introduce additional costs… in particular, the false positives greatly increase the opportunity costs on the subjects and the fiscal costs of the system itself, and the false negatives can actually provide additional *negative* costs on whatever it is you’re trying to protect.
The very first question you ask yourself when you are building a security system is what is it that you’re trying to protect? If you cannot answer that question without ambiguity, multiply all of the costs we’ve mentioned so far by a factor of a couple of orders of magnitude, particularly the false positive and false negative costs.
In addition: regardless of the real world actual effectiveness of this system (which you are assuming based upon what, exactly?)… if we’re looking to reduce violent crime, it would be extremely effective to impound all implements of violence from everyone in the country. It is, however – aside from being logistically impossible – contraindicated by the rules of the society in which we live.
Any way you slice it, gathering intelligence on people without a warrant is pretty blatantly unconstitutional, regardless of its effectiveness.Report
But that doesn’t answer Daryl’s worry, if I’m understanding it correctly. His argument appears to be that Jason’s post is an indictment of democracy, but security over-reach may exist in any form of government, so Jason’s indictment of democracy is misplaced.Report
When I criticize democracy, both here and in that previous post, what I mean to say is emphatically not “let’s stop holding elections and find ourselves an enlightened despot.” It’s more like “don’t pretend for a second that holding elections makes any of this stuff okay.”Report
Fine, then the alternative to just plain ol’ democracy is a constitutional republic, where the government is constrained by said constitution and the rule of law actually rules.
Something along the lines of what the U.S. is supposed to be.Report
In any event, I’m not criticizing Daryl’s critique of Jason, which I think is actually misplaced.
I’m criticizing Daryl’s characterization of “optimal security”.Report
Patrick: he said “optimally protect us without monitoring us as well?” His point was that optimal protection will require monitoring us.
Jason: I agree with you about that distinction, tho I must admit I was confused on that very point when I first read the post.
James: yes, of course. That’s one view, but consider the following an open question: if terrorism constitutes a real threat, to what extent is government intrusion justified to prevent it? I’m not sure I agree that the answer is as simplistic as eliminating warrantless collections of individual communications, tho I think prohibiting warrantless wiretapping of specific individuals could probably be eliminated without increasing any risks.
And I should add that I’m not an advocate of government eavesdropping, or even a serious defender of it. I’m just not reflexively opposed to it. So I’m sorta trying to find where I fit in the whole spectrum of views on this issue.Report
> Patrick: he said “optimally protect us
> without monitoring us as well?” His
> point was that optimal protection
> will require monitoring us.
And this is why I’m becoming increasingly convinced that he doesn’t understand security.Report
Well, “collections” is ambiguous. I meant things like searching for key words in anonymous communications.Report
if terrorism constitutes a real threat, to what extent is government intrusion justified to prevent it?
Given that the threat of terrorism, as measured on a “what’s likely to kill you” metric is pretty damned low–so far down the list as to make it unreasonable for the average person to spend any time at all worrying about–I don’t think a whole heckuva lot of government intrusion is justified to prevent it. If the goal is to save lives, you’d get a whole lot more bang for the buck from focusing on plenty of other policies that might be a lot less intrusive.Report
What does searching for keywords in anonymous communications get you?
(there is a correct answer to this question)
Okay, I’ll spoil the surprise. It gets you a collection of communications that are tagged with a flag, if they exceed some established set of parameters that passes for your “suspicious” criteria.
Now, if I’m looking through a finite log file, with N lines, if I have a false positive rate of 1% and a false negative rate of 1% (meaning the algorithm that I’ve written identifies a suspicious entry correctly 99% of the time, and a legitimate entry 99% of the time), how big does N have to be (how big does the log file have to be) before the results of my algorithm give me enough erroneous entries to fill up my day? Assume it takes me 10 minutes to identify and correct each false positive (note, this completely discounts false negatives for the moment).
Now, given the search space you’re talking about -> virtually every communication that passes through the Internet backbone -> how many N do you think they’re searching through?
And how accurate do you think the algorithm actually is?Report
Actually, there is a real world alternative that worked quite well for decades from the government’s perspective and which, while it probably worked far from perfectly from a civil libertarian’s perspective, worked in a manner that was at least tolerable and acted as a safeguard against blanket fishing expeditions, specifically the FISA courts.Report
This is better than no oversight at all, but this is only oversight of use that falls into the formal process.
The audit mechanism of FISA worked fine for the previous iteration of capabilities. Now that we’ve created a paradigm shift in capabilities, we need *more* oversight than just the FISA court.
There needs to be some mechanism outside the Executive branch that actually audits the technology, not just the formal uses of it.Report
Describe a system, or even a reform, that enables those charged with our domestic and foreign security to optimally protect us without monitoring us as well?
Use a warrant.
To pick nits, that isn’t a reform. It was standard operating procedure until just a few years ago.Report
Yes, those same warrants worked wonders just before 9/11. Ought the CIA seek warrants overseas as well? Or perhaps national defense is in a different legal category than our criminal justice system?Report
For purely overseas communications, no warrant has ever been required, and no one here is terribly interested in demanding that such a warrant be required. The objection to the warrantless wiretapping program is, and always has been, that it permits an end run around FISA and the Fourth Amendment for purposes of spying on domestic communications.
If, for purposes of domestic intelligence gathering, national defense were placed in the same legal category as our criminal justice system, civil libertarians would be ecstatic.
And your suggestion that the requirement of warrants contributed or caused 9/11 needs some serious citations.Report
Even FISA courts don’t require warrants to be issued prior to electronic surveillance in “emergencies.” I’d rather fish with a net than a spear when my life hangs in the balance. Search and seizure are heavily kinetic terms; the Framers could have used the term eavesdrop had they meant it: http://www.randomhouse.com/wotd/index.pperl?date=19980316
Monitoring is an entirely passive intrusion; and far preferable to our being blind to real world threats. Civil libertarians must have a death wish if they truly desire domestic measures for the sake of national defense to fall into the same legal framework as criminal justice. On balance, this is the choice of privacy over life itself.
I didn’t suggest that warrants caused 9/11: I pointed out that they weren’t sufficient to stop it.Report
> On balance, this is the choice of privacy over life itself.
Oh, you’re one of those.Report
Before 9/11/, there were literally hundreds, if not thousands of terrorist attacks on U.S. soil that could have been prevented if only we’d had warrantless wiretaps of domestic communications! Er…
At some point, the mind’s inability to work well with probabilities stops being amusing and starts being really, really annoying.Report
Yeah, my charitability meter is dropping really fast.Report
9/11 demonstrated that the current system was insufficient. There need not have been thousands of attacks before it to prove the fact. Libertarians have a true gift for denying the obvious.Report
> 9/11 demonstrated that the current
> system was insufficient.
The current system of what? Insufficient, how?
I’m almost entirely convinced, now, that you don’t even understand the context behind those two questions. I don’t even know if you know what “the current system” was, or is now, or how it changed.
What exactly failed, that allowed the 9/11 attacks to succeed? What needs to be changed to prevent the 9/11 attacks from happening again?
Guess what? You want to absolutely ensure that the 9/11 attacks don’t happen again? Indeed, you want to ensure that they never happened in the first place? Go back to July 16th, 1948.
And then learn the lesson that was stupidly apparent then, that all you need to do to stop this sort of attack is put a goddamn lock on the door.Report
Daryl, even admitting that there were structural problems that contributed to the ability of the 9/11 attackers to succeed, how far should we go to prevent once-in-a-lifetime attacks? If terrorist attacks, even under the flawed system, were so rare, what does one attack justify in terms of the violations of civil liberties?Report
“If terrorist attacks, even under the flawed system, were so rare, what does one attack justify in terms of the violations of civil liberties?”
I’d rather not see our society transformed into the modern state of Israel to be sure. The thread discussion concerned electronic surveillance; and I hold that this procedure represents a relatively benign, essential measure in the prevention of future attacks.
I frankly don’t care if all my conversations are monitored. I trust that any resulting misunderstandings could be cleared up; and I’m willing to risk being wrong. I’m not even primarily concerned for myself: The protection of children is the highest moral goal.
http://whatdirectdemocracymightbe.wordpress.com/of-morality/Report
I’ll pick up the ball for a while.
Suppose that terrorism – foreign or domestic – poses a legitimate threat to the safety and stability of US social life. IF so, government has a legitimate role to play on protecting citizens from those dangers. Insofar as those threats are real, government has only a limited number of tools at its disposal to prevent terrorism in advance. One is boots on the ground, infiltration, traditional intelligence and evidence gathering, etc. Another is electronic surveillance of domestic communications. (There may be more.) If it comes down to a choice between increasing a highly intrusive boots-on-the-ground approach (which I’m sure we have plenty of already) or a more passive, less intrusive approach where communications are monitored anonymously, which would we choose?
Of course, this supposes both government has a legitimate role to play in preventing (not just prosecuting) both foreign as well as domestic terrorism, as well as that the threat of terrorism is real.Report
I’d rather fish with a net than a spear when my life hangs in the balance.
I think when discussing torture this is what’s known as the ticking time bomb fallacy.Report
And your introduction of an entirely different intelligence operation is a comparison of apples with oranges.Report
“The protection of children is the highest moral goal.”
Using that as a standard, both those apples and those oranges look an awful lot like “fruit” to me.Report
Yeah?
Really?
Go Join Anonymous.
Fish with that net, if you want.
Otherwise, don’t give me any nonsense
about you being anything other than a coward.Report
I think the democracy point is substantive, not petulant – it’s ridiculous to call our system a democracy when we do stuff like this.
Real world reform to enable those charged with security to protect us (I delete optimally because it lacks content and implicates some maximization which is contrary to the purpose):
1) Repeal the Patriot Act(s) – this does away with much of the surveillance.
2) Stop giving hostile foreigners reasons to attack us.
Before I get accused of blaming US foreign policy for 9/11, let me just say that they only way I will be safe is for people not to be aiming to kill me. I live in Manhattan and I really prefer that the US not give people cause, justified or not, for killing me and my family some night. All systems will be abused, but let’s stop acting like we can go bomb other countries and then expect that none of the violence is visited upon our homeland. If you go around getting in fights and making enemies, then someone will sucker punch you now and again. A more pacific foreign policy is the best guarantee of our safety.Report
Haha… OK, so I guess my nuclear armed libertarian joke wouldn’t have been funny to this dude either.Report
I am sorry for my deficient sense of humor. I swear I thought this guy was serious.Report
I can’t believe the thread went on as long as it did.Report
Occasionally I feed trolls. I can’t help myself.Report
Samuel Adams: “Our contest is not only whether we ourselves shall be free, but whether there shall be left to mankind an asylum on earth for civil and religious liberty.”
We’ve already lost the battle for Internet and telephone privacy in its current form. If anything, we’re fighting a rearguard action, attempting to save what little remains of our dignity in the process. Any semblance of trust between the governed and the government is gone. I’m more worried about this erosion of trust, the loss of the presumption of innocence than any other aspect of the problem: it’s separating both sides from the rule of law.
Soon enough it will spiral out of control. The greatest loss, the most tragic aspect of the War on Terror is how we’ve descended to the level of our enemies. The tumours of tyranny are already erupting through the skin of the body politic.
I’m told the USSR fell because nobody believed in it any more. All through what they called the Great Patriotic War, patriotism was never higher. Even when Stalin was crushing down and enslaving his victims, there was a great reservoir of belief. When that reservoir was depleted, the people stopped believing. Intellectuals and writers simply retreated into the bunkers of cynicism. If the Russian State has become an autocracy and plutocracy, it could only have happened in a society which no longer believed in anything.
It is happening here, right here in the USA.
Fire and Ice
Some say the world will end in fire,
Some say in ice.
From what I’ve tasted of desire
I hold with those who favor fire.
But if it had to perish twice,
I think I know enough of hate
To say that for destruction ice
Is also great
And would suffice.
-Robert FrostReport
The “erosion of trust” concept is important. It is much more threatening than terrorism anyhow. Part of my concern over growing distrust (of govt, of each other, of business) is that I don’t see self-correcting mechanisms like there are in the economy. Rather it seems as if distrust, like most relationships, have a reflexive instead of a self-correcting nature.Report
It’s hard to restore trust without cataclysmic change of some sort.Report
This is what government IT and government surveillance actually looks like
http://www.miamiherald.com/2012/08/15/2952987/drug-charges-dropped-because-of.htmlReport