Jihad Watch: Muslims claim unfair treatment at Canadian border

I’ve been debating if I should respond to this idea of unlimited searches of Muslims again, and realized that there’s a perhaps interesting analogy.

JihadWatch quotes an AP story

BUFFALO, N.Y. — An Islamic civil rights group Wednesday accused U.S. border agents of religious profiling after dozens of American Muslims were searched, fingerprinted and photographed while returning from a religious conference in Toronto.

[DHS spokeswoman Clemens said:] “We have ongoing credible information that conferences such as the one that these 34 individuals just left in Toronto may be used by terrorist organizations to promote terrorist activities, which includes traveling and fund raising,” Clemens said. “As the front-line border agency, it is our duty to verify the identity of individuals _ including U.S. citizens _ and one way of doing that is fingerprinting.”


[Robert Spencer of JihadWatch closes:]
One easy way to do that would be to cooperate with such inconveniences without complaining about profiling. The bottom line is still that if you are not doing anything wrong, you have nothing to worry about. Americans must accept these irritations as an unavoidable price of living freely and securely in America today. I myself have been stopped and searched many times at airports, and have never complained about it, nor will I ever, even if I were held for hours somewhere and had to miss my flight.

I’ve responded to the claim that Muslims have nothing to fear (although perhaps not as eloquently as JihadWatch’s commenters; anyone who doubts that Muslim American citizens should be vigilant about their liberties should read the comments on these stories.)

However, lets look at this specific action: Fingerprinting 34 Americans for attending a conference. Now, I might say that this makes sense if there were agents at the conference who can say that yes, this conference was a collection of people advocating the violent overthrow of the government, and Americans there stood up and joined in.

However, to only stop and fingerprint in that case sends a signal that an agent was present, and you’ve got a mole. That’s bad. If Islamic terrorists are willing to murder Theo Van Gogh, they’re certainly willing to kill a mole. And such undercover agents deserve our protection and gratitude; they’re the best way to catch those who would otherwise kill Americans.

There’s an analogy here to the use of information gleaned from cryptanalysis. If you use the information that you’ve gotten, you may reveal that you’ve broken the enemy’s codes. If you don’t use it, what good has it done? The best way to resolve this dilemma is either subtlety or dramatic victories, such as the battle of Midway in the second World War.

However, these are not foreigners we’re dealing with, they’re American citizens, who are (nominally) being treated differently because of their beliefs and their politics. There needs to be a 4th Amendment test of government intrusion into their lives. Some people might object that this is wooly liberalism, and that in these times we can’t afford as much liberty as we’ve had in the past. They are quite wrong. Liberty is the core enlightenment value over which we’re fighting. We need to embrace our values, and show that even under threat, we cherish them. To do anything less is to hand terrorists a moral victory.

Finally, I am reminded of the book, The Infernal Machine, which I reviewed on the cypherpunks list a while back.

Quick Links

Cory points to another example of anti-consumer activity, this time Apple disabling the high quality audio-in on the ipod. How to fix it at Hack-a-day. Also via Hack-a-day is the paper Enigma machine

Scrivner discovers that Uncle Sam admits to cooking the books, in a way that the SEC would never tolerate from a public company. Too bad we accept it from the government, because all American citizens will be paying for this for a long time.

Cory vs DRM

Cory Doctrow posts a delicious rant against Wired’s review policy here. Unfortunately, he fails to stress what I think is the a point. Wired is writing reviews. Those reviews are supposed to be impartial. Whatever you may think about DRM, it is clearly an important mis-feature of a product which you may buy. Informed reviewers, such as those at Wired(?) ought to talk about it in every review they write. That they don’t, that they follow Chris Anderson’s “but nothing I care about that I can’t work around in one way or another” directive, convinces me to look elsewhere for reviews. To be fair, Chris also says “[Wired] Test and the rest of our reviews do take points off for intrusive DRM when we encounter it.” However, as Cory points out, DRM can be explicitly designed so that a reviewer does not encounter it. It can be a six or twelve month time bomb in a product. A reviewer ought to be investigating such things.

Cory’s rant closes:


WARNING: THIS DEVICE’S FEATURES ARE SUBJECT TO REVOCATION WITHOUT NOTICE, ACCORDING TO TERMS SET OUT IN SECRET NEGOTIATIONS. YOUR INVESTMENT IS CONTINGENT ON THE GOODWILL OF THE WORLD’S MOST PARANOID, TECHNOPHOBIC ENTERTAINMENT EXECS. THIS DEVICE AND DEVICES LIKE IT ARE TYPICALLY USED TO CHARGE YOU FOR THINGS YOU USED TO GET FOR FREE — BE SURE TO FACTOR IN THE PRICE OF BUYING ALL YOUR MEDIA OVER AND OVER AGAIN. AT NO TIME IN HISTORY HAS ANY ENTERTAINMENT COMPANY GOTTEN A SWEET DEAL LIKE THIS FROM THE ELECTRONICS PEOPLE, BUT THIS TIME THEY’RE GETTING A TOTAL WALK. HERE, PUT THIS IN YOUR MOUTH, IT’LL MUFFLE YOUR WHIMPERS.

PS: Does that “nothing I care about” line remind anyone else of a Potter Stewart-like failure to provide a crisp test?

[Update: Cory posts again, responding to the claim that the market will sort it out without reviewers mentioning DRM.]

Congratulations to Mozilla

product-mozilla.png
product-firefox.pngI’ve always believed that my readers are smarter and better looking than average, and now I have proof. Yesterday, for the first time, over half (50.3%) of the visitors to this site were using Mozilla or Firefox. (As summarized by AWStats.)

 

  Browsers Grabber Hits Percent
Mozilla No 10308 31.4 %
Unknown ? 9786 29.8 %
Firefox No 6204 18.9 %
MS Internet Explorer No 2448 7.4 %
NetNewsWire No 1711 5.2 %
Safari No 972 2.9 %
Opera No 589 1.7 %
Netscape No 312 0.9 %
OmniWeb No 171 0.5 %
Konqueror No 74 0.2 %
  Others   231 0.7 %

Quick Links

John Robb has an article at Global Guerrillas about the cost of terrorist attacks and their impact on the economic equilibria at work in cities, based on a report by the NY Fed.

A terrorism tax is an accumulation of excess costs inflicted on a city’s stakeholders by acts of terrorism.  These include direct costs inflicted on the city by terrorists (systems sabotage) and indirect costs due to the security/insurance/policy/etc. changes needed to protect against attacks.  A terrorism tax above a certain level will force the city to transition to a lower market equilibrium (aka shrink).  So, what is that level? 

Next, Ian Grigg discusses an article on corporate espionage:

… against American companies, generally by their competitors. It’s good because it is real. The threats are validated by court filings, research and surveys. This is what real security is about, determining what threats are out there, validating them and constructing economic models of their costliness. Only then can security people proceed to design economic security systems to address the threats.

I’m generally skeptical of claims of industrial espionage, but the Baseline article has six examples. Its not clear to me that’s enough to build a business case.

Finally, John Gruber has a long article at Daring Fireball on what to do before you patch your Mac, with some discussion of the superstitious, and potentially harmful advice that’s out there. Short answer: wait a day or three (gosh, where have I read that?), and backup first.

More on ROI

You can get ROI from security solutions by automating manual processes. Patch management and automated password resets are two solutions that don’t need “incidents” to gain a return.

says Pete Lindstrom, responding to my comments that:

Well, of course. ROI has enormous problems, including an assumption that technology works out, that there’s an infinite pool of free capital to draw on, etc. Techniques such as economic value add allow you to take some of these into account. But the biggest problem is that quantifying the cost of a breach is hard. Without knowing what the alternative is (to reserve or insure), its hard to justify much security spending. [Emphasis added.]

What I meant is not that ROI is impossible, but that there are better tools to use, even when you can quantify the costs. I’m in favor of quantifying costs and doing economic analysis. ROI, for example, doesn’t help you distinguish between two projects with an ROI of 100%. If one costs $1m, and returns 20% a year for the 5 year expected life of the project, and another costs $300,000, and has a 1 year return of $300,000, then the ROI is the same.

So yes, patch management and better password management are probably rational investments, and there are better ways to show that than ROI.

[Updated: Pete Lindstrom said that, not Peter Swire. Sorry!]

Biased Reporting

News.com has an article entitled “Craigslist costing newspapers millions. Which is nominally accurate, but a better title would be “Craigslist saving consumers millions.”

Craigslist, which generates more than 1 billion page-views each month, also has cost the newspapers millions more in merchandise and real estate advertising, and has damaged other traditional classified advertising businesses, according to a report published by Classified Intelligence.

Newspaper classifieds are horridly inefficient: They’re slow to publish, they’re hard to search, you can’t take down an ad when an item is sold, and because you’re putting ink on paper, you had to pay by the word, leading to a bizarre set of abbreviations. The shift to online classifieds will be a complete win as soon as someone figures out how to let you circle items onscreen.

Talking is Tough

Anyone who talks to journalists to provide background or commentary says things that they wish they hadn’t. This is in contrast to when you’re making news, and can plan what you want to say, and it’s easier to stay “on message.” Kudos to Bruce for owning up to it.

I’m sure I said that, but I wish the reporter hadn’t used it. It’s just the sort of fear-mongering that I object to when others do it.

Yushchenko!

With Yushchenko at 52% of the votes to Yanukovich’s 44%, it seems likely that he Yushchenko will be the next leader of the Ukraine. Congratulations to all who stood up for a fair and honest vote.

Oh, and it means I can get a nicer stylesheet in place, too.