A++++ Fast and Professional!! Would Read Again!

In “Crowd control at eBay,” Nick Carr writes:

EBay has been struggling for some time with growing discontent among its members, and it has rolled out a series of new controls and regulations to try to stem the erosion of trust in its market. At the end of last month, it announced sweeping changes to its feedback system, setting up more “non-public” communication channels and, most dramatically, curtailing the ability of sellers to leave negative feedback on buyers. It turns out that feedback ratings were being used as weapons to deter buyers from leaving negative feedback about sellers.

He goes on to rail against the usefulness of feedback loopss:

As these sites grow, keeping them in line requires more rules and regulations, greater exercise of central control. The digital world, it seems, is not so different from the real world.

However, he doesn’t question EBay’s central decision. If the goal is to control retaliatory feedback, then require all feedback be given within N days (N might vary for transaction types, international shipping, etc), and don’t reveal the feedback until both buyer and seller have finalized what they want to say.

(Personally, I think that some structure in the feedback–was the item as described? was it shipped quickly and as requested? was the interaction business-like, chatty, or rude? could enhance things a lot, as would displaying the value of the transactions. But that’s an aside.)

What’s important is that EBay is replacing a transparent and manipulated system with one that’s going to be worse for their customers, and more expensive to operate. It will be interesting to see what emerges from this. Will a worse feedback system be enough to overcome the network effects and allow a strong competitor to emerge?


Thanks to Nicko van Someren for the pointer.

Where’s the Beef?

As I was driving home, listening to the radio, I heard this:

We’ve been really astonished by how some of the most high-profile situations actually resulted in increased consumer confidence, because sometimes high-profile issues give us an opportunity to talk about what we do, and that has actually encouraged consumers.

No, it’s not a TJX spokesperson, but Janet Riley, a spokesperson for the American Meat Institute, discussing the recall of 143 million pounds of beef, some of which was shipped as long as two years ago, and has likely been eaten.

What’s interesting to me is that despite there being no immediate tie to risk, the Agriculture department pushed for the largest beef recall in US history. There was no word about consumer notice fatigue, or that the cows were protected by a password.

Read Today’s lunch special: recalled beef at Marketplace.

By their fruits, ye shall know them

We’ve made frequent calls here at EC for improved breach breach reporting. In particular, we’ve said that governments (be they state, provincial, national, whatever) should provide standardized reporting forms, should collect a basic set of facts in each report, should require precision in reporting rather than accepting weasel-words, and should mandate centralized reporting, so that legislators and the public can see (without commissioning a study) what the facts are. Additionally, we’ve mentioned research discussing notification fatigue, and the artful construction of notification letters seemingly designed to discourage both comprehension and action. Finally, we’ve praised efforts to increase transparency — in particular New Hampshire’s posting of notification letters on a government-administered web site.
In recent days, I was elated to learn of legislative efforts in California and Indiana that together substantially advanced each of these points. In California, Senate Bill 364 was recently voted out of the state senate. This bill requires that breach notification letters be written in plain language, and that they contain:


  • The toll-free telephone numbers and addresses of the major
    credit reporting agencies.

  • The name and contact information of the reporting person or
    business subject to this section.

  • A list of the types of information, such as name or social
    security number, that were or may have been the subject of a breach.

  • The date of a breach, if known, and the date of discovery of a
    breach, if known.

  • The date of the notification, and whether the notification was
    delayed

  • A general description of the breach incident.

  • The estimated number of persons affected by the breach.


It also requires that breaches be reported to California’s Office of Information
Security and Privacy Protection (where they would be subject to Freedom of Information requests).
In Indiana, House Bill 1197 would require the attorney general to publish notice of a breach of the security of a system on the attorney general’s Internet web site, and closes a loophole in Indiana’s existing breach law, which currently allows password protection to be sufficient to exempt and incident from disclosure. The new law would only exempt completely encrypted portable devices, with unexposed keys.
Each of these bills is a great thing, and each shows that (despite what cynics like I might say), smart people who are motivated can make a big difference. In California, the smart, motivated people are at the Samuelson Law, Technology & Public Policy Clinic, whose recent research supplied part of the bill’s foundation. In Indiana, infosec researcher Chris Soghoian was instrumental in educating his own local legislator, and making several suggestions which found their way into Indiana’s bill.
But the story gets more interesting. As Chris documents, the centralized notification portion of the Indiana bill is vigorously opposed by telecom giants AT&T and Verizon, as well as by Microsoft. The last, writes Soghoian, even argued that availability of actual breach letters would make phishers’ work easier. Funny that the letters already posted by New Hampshire and others haven’t done this. I guess phishers are too busy to write a FOIA letter, too. Note to Microsoft: this information is not secret from bad guys, it is merely hidden from the vast majority of good guys. Thanks for arguing that it should stay that way. Maybe Microsoft’s lobbyists should learn about threat modeling.
Lest it be thought that tech industry opposition to democratic transparency is a purely domestic thing, the Information Technology Association of Canada testified in opposition to a Canadian breach law, as reported by Canadian privacy law expert Michael Geist.
Meanwhile, in California, a portion of the bill requiring breach notices to be placed on the web, thereby allowing the interested public to avoid the hassles of writing FOIA letters, has been stricken from the bill, this time for cost reasons.
I’m happy that California takes this issue seriously, and turned to some folks who obviously know their stuff. I guess they are strapped for cash. As for Indiana, and for Canada, it’s disheartening to see tech firms argue that technology should not be used to bring relevant information closer to those who want it.

Chill, dude.

Because Baltimore police officer Salvatore Rivieri seemingly was unable to tell he was being filmed. Pity.



There’s some infosec relevance to obsessing and overreacting to one thing, while being oblivious to another that could prove far more damaging.

Obama vs. McDonalds

As he was winning contests in Iowa and South Carolina, Senator Barack Obama raised $32 million in January for his presidential bid, tapping 170,000 new contributors to rake in nearly double the highest previous one-month total for any candidate in this election cycle.

The New York TImes, “Enlisting New Donors, Obama Reaped $32 Million in January

Which is to say that, in a month, Obama raised half a day’s revenue for McDonalds, who in the last quarter of 2007, took in 5,753.6 million dollars.

It’s too bad that (Presidential candidate) John McCain is opposed to Americans spending their money on something, like the Presidency, which really matters.

Now last time I mentioned this, a lot of people asked about public funding for elections. One of the things which I find interesting about this election cycle is that two candidates, Obama and Huckabee, essentially came out of nowhere. A system of public funding has to be restricted to serious candidates. We wouldn’t want Mike Huckabee to be treated the same as Vermin Supreme, would we?

How can a public funding system allow for “out of the blue” candidates who challenge their party’s accepted wisdom about who the nominee “should” be?

Breach Laws Charts (updated)

breaches-chart.jpg

A while back, I posted a list of breach laws. I’ve now added the CSO map, which is pretty cool.

If you know of others, please let us know. I’ll update this post as I learn more.

[Update: I hope you’re happy, Chris!]
[Update: Typo removed, s/Legislators/Legislatures/g — cw]

Because RealID Isn’t Good Enough

new-ss-card.jpg
Apparently we need not one, but two national ID cards. Illinois Reps. Mark Kirk and Peter Roskam (may they not get re-elected in November) are introducing legislation that would mandate that Social Security cards have “a photograph and fingerprint, as well as a computer chip, bar code and magnetic strip.”

The cards would be modeled after the Common Access Card issued by the Department of Defense, mostly to active military reserve members and their dependents, said U.S. Rep. Mark Kirk (R-Ill.), a sponsor of the bill. Current Social Security cards have limited security features and have no photo or biometric data, he said.

Perhaps Mr Kirk, should refresh his memory on the purpose of Social Security cards. There’s a reason that they prominently say “FOR SOCIAL SECURITY PURPOSES * NOT FOR IDENTIFICATION” across the front of them.,
“One of the ways that modern criminals use to attack … is by falsifying or counterfeiting Social Security cards,” Kirk said. “We think that a Social Security card should be hard to forge [and] that it should also make it easy to catch an identity-theft crime.”

This sounds all well and good but it’s just patently false. This is actually an attack on illegal immigration. The only main people are asked to show Social Security cards is for jobs and the main market for falsified or forged is for illegal immigrants to get jobs. Identity thieves don’t forge social security cards, all they need is the number itself. Shame on the Tribune for not digging deeper.
[Image from the above linked Tribune article]

Scott Page’s The Difference

difference.jpg
A lot of people think of calls for diversity as fuzzy headed liberalism at its worst. If you’re one of them, please keep reading. Or you could click here and just buy Scott Page’s book and read that, which is what I’d like to convince you to do.

This is a book about problem solving. He starts with a set of observations about how we see the world, and how different people bring different approaches and perspectives to the same problem. His approach is mathematically grounded, although you can skip the math or delve into it. He talks about how bringing different perspectives, heuristics, interpretations and predictive models to a problem can result in super-addative results, as one person helps another overcome blockers.

From there, he looks at how groups compare to experts, and looks at those situations where a group will do better than an expert, even when no member of the group is as sophisticated or broad as the expert. He also looks at those places where averaging over the crowd can get you better results–that if the perspectives are different (and relevant) then a crowd may well have a more intricate model than any one expert.

He also talks about differences between instrumental and fundamental preferences. (We should walk to the park, we should bike to the park, versus we should go to the park or the movies) and how diversity in the latter doesn’t always lead to better results.

He doesn’t make the point that such fundamental diversity of preferences should lead us to prefer liberty. I’m somewhat surprised by this, because it ties to his main points so well. If we want very different things, then we gain a lot by allowing people to make their own choices: some good, some bad, but reducing coordination costs.

It’s been a fascinating read, and I think it will have substantial long-term impact on my thinking. Thanks to Jon Pincus for the pointer. Also, I’ve decided to experiment a bit with Amazon affiliate links, and wanted to disclose that before Threat Level got revenge.

Two brief followups to “Already donated the limit”

First, I’d like to thank everyone for keeping the comments civil and constructive.

Second, I’d like to respond to Philll’s comment, “You sure do pick the strangest issues to make non-negotiable.”

I picked this because it struck me that the rules in question were being accepted and treated in the various discussions as fixed and unchanging, and no one was commenting that a primary architect of the laws was running.

Also, if you want to avoid bribes, either reduce the demand by reducing the scope and power of the government or of politicians. As long as the government is powerful, people will invest in getting what they want. Some fraction of this will go to rules avoidance, and some fraction to influence. I’d prefer that the rules avoidance be minimized, and I think transparency is the most promising approach there.

Parking Meters are Reverse Slot Machines

parking-meter.jpg

Raymond Chen has an amusing blog post, “When computer programmers dabble in economics: Paying parking tickets.” This is further dabbling in economics, and I hope you find it amusing.

I believe that parking meters–the old fashioned kind where you put coins in and hope to not get a ticket–are precisely the opposite of slot machines. With a slot machine, you put money in, and you hope, money comes out. I like not putting money in parking meters, and hoping none comes out of my pocket.


Photo: “Downtown Phillipsburg, NJ,” by Peachhead.

“Already donated the limit”

I was listening to the radio yesterday, a show about Super Tuesday. First, a big thank you to all the Democrats who voted as we asked. The Republicans, not so much.

One of the things that struck me about the show was all these super-enthused voters who were engaged in the process. One was involved with “South Sound for Hillary,” a local group, not affiliated with the campaign. She’s already donated the limit, and is working locally for a candidate she believes in. It’s great. Except for two things.

The first is the limit, and the second is affiliation with the campaign. If the First Amendment’s limits on the powers of Congress to control speech mean anything, they mean that political speech is sacrosanct. They also mean that the right to free association is sacrosanct. The plain language of the Amendment is “Congress shall make no law restricting…”

Now, this bad law is ‘settled.’ The Supreme Court has demonstrated their mastery of yoga by twisting themselves into knots to allow this. So why do I bring it up?

Because one of the idiots responsible for this state of affairs is running. And not only is he running, he’s the Republican front-runner, John McCain. Co-author of the “McCain-Feingold” campaign finance law. It’s bad law. It represents a fundamental failure to understand the Constitution, a document which McCain has repeatedly sworn to uphold.

I had originally planned for this blog to be much more about the virtues of emergent chaos. Perhaps we’ll go that way. But right now, McCain represents a brake on the most interesting and exciting political season in decades. He’s demonstrated contempt for the guarantees of liberty. For that reason, he deserves not to be President.

Economist Debates Security V Privacy

The Economist emails:

Our second series of three debates kicks off today and the first proposition raises important questions about civil rights and the trade-off between Privacy vs. Security. As a blogger and member of the community that The Economist aims to serve with this lively debate, we wanted to extend an invitation to you and the readers of Emergent Chaos to join the debate by blogging or commenting to the debate floor. (No subscription is necessary).

The debate: “Proposition: Security in the modern age cannot be established without some erosion of individual privacy.

Have at Mr. Livingstone, arguing for the side of order and no emergent chaos, or, if you must, Mr. Barr, on the side of truth, justice, and the American way.