Emergent Chaos

Prompted by Peter Gutmann:

[0] I’ve never understood why this is a comedy of errors, it seems more like a tragedy of errors to me.

Jon Callas of PGP fame wrote the following for the cryptography mail list, which I’m posting in full with his permission:

That is because a tragedy involves someone dying. Strictly speaking, a tragedy involves a Great Person who is brought to their undoing and death because of some small fatal flaw in their otherwise sterling character.

In contrast, comedies involve no one dying, but the entertaining exploits of flawed people in flawed circumstances.

PKI is not a tragedy, it’s comedy. No one dies in PKI. They may get embarrassed or lose money, but that happens in comedy. It’s the basis of many timeless comedies.

Specifically, PKI is a farce. In the same strict definition of dramatic types, a farce is a comedy in which small silly things are compounded on top of each other, over and over. The term farce itself comes from the French “to stuff” and is comedically like stuffing more and more feathers into a pillow until the thing explodes.

So farces involve ludicrous situations, buffoonery, wildly improbable/implausible situations, and crude characterizations of well-known comedic types. Farces typically also involve mistaken identity, disguises, verbal humor including sexual innuendo all in a fast-paced plot that doesn’t let up piling things on top of each other until the whole thing bursts at the seams.

PKI has figured in tragedy, most notably when Polonius asked Hamlet, “What are you signing, milord?” and he answered, “OIDs, OIDs, OIDs,” but that was considered comic relief. Farcical use of PKI is far more common.

We all know the words to Gilbert’s patter-song, “I Am the Very Model of a Certificate Authority,” and Wilde’s genius shows throughout “The Importance of Being Trusted.” Lady Bracknell’s snarky comment, “To lose one HSM, Mr. Worthing, may be regarded as a misfortune, but lose your backup smacks of carelessness,” is pretty much the basis of the WebTrust audit practice even to this day.

More to the point, not only did Cyrano issue bogus short-lived certificates to help woo Roxane, but Mozart and Da Ponte wrote an entire farcical opera on the subject of abuse of issuance, “EV Fan Tutti.” There are some who assert that he did this under the control of the Freemasons, who were then trying to gain control of the Austro-Hungarian authentication systems. These were each farcical social commentary on the identity trust policies of the day.

Mozart touched upon this again (libretto by Bretzner this time) in “The Revocation of the Seraglio,” but this was comic veneer over the discontent that the so-called Aluminum Bavariati had with the trade certifications in siding sales throughout the German states, as well as export control policies since Aluminum was an expensive strategic metal of the time. People suspected the Freemasons were behind it all yet again. Nonetheless, it was all farce.

Most of us would like to forget some of the more grotesque twentieth-century farces, like the thirties short where Moe, Larry, and Shemp start the “Daddy-O” DNS registration company and CA or the “23 Skidoo” DNA-sequencing firm as a way out of the Great Depression. But S.J. Perleman’s “Three Shares in a Boat” shows a real-world use of a threshold scheme. I don’t think anyone said it better than W.C. Fields did in “Never Give a Sucker an Even Break” and “You Can’t Cheat an Honest Man.”

I think you’ll have to agree that unlike history, which starts out as tragedy and replays itself as farce, PKI has always been farce over the centuries. It might actually end up as tragedy, but so far so good. I’m sure that if we look further, the Athenians had the same issues with it that we do today, and that Sophocles had his own farcical commentary.

It’s hard not to be impressed by an ad like this.

I like this one a lot. Go vote for your favorite at BP Logo Redesign contest.

Dominic Deville stalks young victims for a week, sending chilling texts, making prank phone calls and setting traps in letterboxes.

He posts notes warning children they are being watched, telling them they will be attacked.

But Deville is not an escaped lunatic or some demonic monster.

He is a birthday treat, hired by mum and dad, and the ‘attack’ involves being splatted in the face with a cake.

What could possibly go wrong?

“Evil Clown hired for stalking, threats and a pie in the face“

Please check back, we may have sarcasm available in the future.

Emergent Chaos apologizes for any inconvenience.

A burglar who spent about five hours on a store’s computer after breaking into the business gave police all the clues they needed to track him down. Investigators said the 17-year-old logged into his MySpace account while at Bella Office Furniture and that made it easy for them to find him. He also spent time looking at pornography and trying to sell stolen items, all while using the business’ computer.

From “Cops: Burglar logs into MySpace on store computer.”

The real tragedy? He’s still on MySpace.

Which reminds me of “Viewing American class divisions through Facebook and MySpace .”
I was going to include one of the many Myspace mugshot photos from Flickr where people are trying to get back into their accounts, but decided against it.

In my work blog: “Announcing Elevation of Privilege: The Threat Modeling Game.”

After RSA, I’ll have more to say about how it came about, how it helps you and how it helps more chaos emerge. But if you’re here, you should come get a deck at the Microsoft booth (1500 row).

Nasty psychiatrissstss! Hates them, my precious! They locks uss up in padded cell! They makes uss look at inkblotsss! Tricksy, sly inkblotsss! Nasty Elvish pills burnsss our throat!

…

Yesss We Hatesss themsss Evil oness yess my preciousss we hatess themsss

But They Helpsss us!

No they hurtsss usss, hurtsss usss sore!

NCBI ROFL: Did Gollum have schizophrenia or multiple personality disorder? via Diagnosing Gollum.

There’s an elephant of a story over at the New York Times, “Musician Apologizes for Advertising Track That Upset the White Stripes.” It’s all about this guy who wrote a song that ended up sounding an awful lot like a song that this other guy had written. And how this other guy (that being Mr. White) took offense to the work of Mr. Kraft, a subcontractor to the folks who were producing a soundtrack for an ad being made for the US Air Force.

The whole thing’s a bomb, but the fact pattern keeps irritating something in my brain. It must be something subconscious.

We’re honored to be nominated for “Most Entertaining Security Blog” at this years “2010 Social Security Blogger Awards.” Now, in a fair fight, we have no hope against Hoff’s BJJ, Mike Rothman’s incitefulness, Jack Daniel’s cynicism, or Erin’s sociability.

But, really, there’s no reason for this to be a fair fight.

So we’re asking our readers to help us cheat. For the next month, whenever you see any of the judges (Mike Fratton, Bill Brenner, Kelly Jackson-Higgins and Larry Walsh) buy them a drink, mention how entertaining our story of the day was, and send us the bill.

We thank you. And remember, as you drink to our success, you’re making America stronger, strengthening your community, reducing taxes and fighting terrorism. Future generations will thank you.