A few thoughts on chaos in Tunisia

The people of Tunisia have long been living under an oppressive dictator who’s an ally of the US in our ‘war on terror.’ Yesterday, after substantial loss of life, street protests drove the dictator to abdicate. There’s lots of silly technologists claiming it was twitter. A slightly more nuanced comment is in “Sans URL” Others, particularly Jillian York, said “Not Twitter, Not WikiLeaks: A Human Revolution.” Ethan Zuckerman had insightful commentary including “What if Tunisia had a revolution, but nobody watched?” and “A reflection on Tunisia.”

That conversation is interesting and in full swing. What I want to ask about is the aftermath and the challenges that Tunisia faces. After 24 years of oppression, it’s going to be hard to build the political structures needed to create a legitimate and accepted government.

The American revolution came after years of discussion of British abuses of power. American perceptions of abuses of power like the Stamp Act combined with slow communication to the King and fast local communication to create a local political class that could assemble in a continental congress. Even so, after the American revolution, we had one entirely failed government under the Articles of Confederation, which was replaced with our current Constitution. But that was followed by the whiskey rebellion.

I bring this up because it’s easy to focus on the mechanics of government while forgetting about the soil in which it grows. Perhaps the digital world, with its ability to connect Tunisians to people living in places where we’ve worked these things out, will help. (For those foreigners who speak Arabic, or those Tunisians who speak other languages.) I’m not terribly optimistic in light of the shootings in Arizona and how quickly the online discourse devolved into “why this tragedy proves I’m right.” I’m also not optimistic given our poor understanding of our history.

I am, however, hopeful that the people of Tunisia will manage to take a collective break from the violence for long enough to work out a Tunisian approach to democracy. What would that look like? Would technology play a role?

Quantum Crypto is Quantum Backdoored, But It’s Not a Problem

Nature reports that Quantum Cryptography has been completely broken in “Hackers blind quantum cryptographers.” Researcher Vadim Makarov of the Norwegian University of Science and Technology

constructed an attack on a quantum cryptography system that “gave 100% knowledge of the key, with zero disturbance to the system,” as Makarov put it.

There have been other attacks on quantum cryptography, but this is the first in which there is no indication that the key has been stolen. In those attacks, the operator of the system would see the transmission error rate go up, but in Makarov’s attack, the operator sees nothing. In short, they are completely, utterly defeated. The attacker gets everything with impunity.

As usual, the quantum crypto crowd doesn’t see that a 100% loss of key with no inkling of the loss is a problem. Makarov himself said to Nature, “If you want state-of-the-art security, quantum cryptography is still the best place to go.”

Perhaps the kicker is this in Nature’s article:

Ribordy [CEO of ID Quantique] and Zavriyev [Director of R&D at MagiQ] stress that the open versions of their systems that are sold to university researchers are not the same as those sold for security purposes, which contain extra layers of protection. For instance, the fully commercial versions of IDQ’s system also use classical cryptographic techniques as a safety net, says Ribordy.

Huh? We can trust commercial versions of quantum crypto because it uses classical crypto as a safety net? That’s saying that the quantum coolness is really just icing over a VPN. Isn’t it? Am I missing something?

Now it’s time for a rant. Quantum cryptography is really, really cool technology, but the whole point of it is, well, security, and if the state of the art is that the system is breakable, then the art is in a sorry state. It’s a state of being a research toy, not a real security system.

The whole point of quantum crypto is that it isn’t even really crypto. It’s communications that can’t be eavesdropped on. It’s a magical tour-de-force of science and technology. But if it can be silently thwarted, it’s no good. If there is no way that it can be tested to be good, it’s no good. Moreover, the latter is more important than anything else.

For quantum crypto to be viable and trusted, we have to have some way that we know that the boxes were designed and manufactured in such a way that we can be confident that there’s no silent quantum backdoor in the box, then it has no value. You might as well just get a VPN router from the usual suspects and be done with it. If you’re really paranoid, just lay down some glass fiber and put it in a conduit.

Quantum information science as a discipline needs to start taking security seriously. It can’t just brush off a break of this magnitude, and remain credible. Come on, at least admit this is serious and has to be reflected in the manufacturing and testing. Come up with countermeasures, something.

Some Chaotic Thoughts on Healthcare

Passage of this bill is too big for my little brain, and therefore I’ll share some small comments. I’m going to leave out the many anecdotes which orient me around stupid red tape conflicts in the US, how much better my health care was in Canada (and how some Canadian friends flew to the US for optional procedures), etc.

I am glad that some of the worst elements of the American health care system are getting reined in. I can think of few worse ways to accomplish that goal, and many better ones. People thinking as I do are why the system perpetuated in the form that it did.

I am pessimistic that the system proposed will achieve its broader goals. The Massachusetts model is cumbersome and ineffective. Optimistic ideas about how prices would fall in a regulated market did not come to pass. The likely next step is a government run health system with supplemental insurance available. I expect this will come to pass in 10-20 years. Medicare seems reasonably well run for an American government program.

The Republican failure to push a coherent and principled alternative will haunt them. Going into the next election cycles, 32 million people will have some idea that the Democrats gave them bread and circuses health care. David Frum describes it as a Waterloo. I’m hopeful but not optimistic that the Tea Bagger Party will follow in the tradition of the Know Nothings and just fade away. I used to be hopeful that the Libertarians would split from the Republicans, but they’ve failed to. I would not be surprised to see the Republican minority shrink in 2010 and 2012, and I think some (but not all) of the shrillness I hear is people who fear that outcome is now inevitable.

I do expect that removing the health care impediment to entrepreneurship will be very positive for smaller companies. I wish we’d apply that same thinking to health care, enable people to make choices for themselves, and let the government own the residual risks, as it does today. But no one offered a credible way to un-couple employment and insurance that would let people keep their doctors, short of nationalization.

Anyway, there’s my negative 8 cents on the bill.

Please keep comments civil.

Abdulmutallab/Flight 253 Airline Terror links

And for the prurient interest, the underwear, apparently still containing the explosives. It looks like they were cut off with scissors, implying that he was wearing them at the time. I wonder how much explosive energy a human thigh absorbs?

In conversation, a friend mentioned that the media whirlwind overwhelms the right response, which is to go on with our lives. Which is what I shall now do. Look! A burning goat!

Abdulmutallab/Flight 253 Airline Terror links

  • The Economist “The latest on Northwest flight 253:” “the people who run America’s airport security apparatus appear to have gone insane” and “This is the absolute worst sort of security theatre: inconvenient, absurd, and, crucially, ineffective.”
  • Business Travel Coalition, via Dave Farber and Esther Dyson, “Aviation Security After Detroit:” “It is welcome news that President Obama has ordered an airline industry security review so long as it is strategic in nature.”
  • Stuart Baker, “Six Uncomfortable Answers” which seems to boil down to “identity-based security has failed, let’s not address the good reasons why, and build more of it.” Usually Stewart has been more insightful than this. But then he writes “I asked several questions about how good the screening was in Nigeria and at Schiphol. I now think that it barely matters how good a job those screeners did. Without a reason to treat Abdulmutallab differently from other passengers, the current level of screening wasn’t likely to find the explosives.” Actually, as he points out, no acceptable level of screening is likely to find the explosives.
  • The New York Times points out that “Questions Arise on Why Terror Suspect Was Not Stopped :” “That meant no flags were raised when he used cash to buy a ticket to the United States and boarded a plane, checking no bags.” It used to be that that got you extra screening. Why did we stop?
  • Gawker, “The Shady Mainstream Media Payday of Flight 253 Hero Jasper Schuringa
  • I lost the link, but someone else pointed out that the new, alleged TSA rules would have made it a crime to get up and stop Abdulmutallab when he tried to set off his bomb.
  • This comment on the Flyertalk thread raises the interesting question: are terrorists planning to fail, expecting over-reaction by governments? Provocation would not be a new page in terror playbooks.
  • Alleged text of SD 1544-09-06
  • Every international traveller to the US is being asked to spend an extra hour on these measures. Cormac Herley’s “So Long, and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users” is absolutely irrelevant, unless travel to the US falls. Again. Which, of course, makes the odds of each remaining traveller being a terrorist materially higher.

New Restrictions: No Using Electronic Devices for the Last Hour

Apparently, in the wake of thousands of deaths from idiots paying more attention to GPS, cell phones, GameBoys, iPods and other such electronic devices, TSA has announced a ban on all use of such devices for the last hour of your commute.

No, just kidding. Apparently, they may be imposing new secret restrictions on use of electronics during the last hour of flight.

How can we break the cycle of terrorist does something irksome, we all pay forever? Our current oversight isn’t restraining DHS or TSA.

Seattle: Pete Holmes for City Attorney

pete_homes_for_city_attorney.jpgI don’t usually say a lot about local issues, but as readers know, I’m concerned about how arbitrary ID checking is seeping into our society.

It turns out my friend Eric Rachner is also concerned about this, and was excited when a Washington “Judge said showing ID to cops not required.” So when Eric was challenged by the police, in accordance with the law, he refused. He was charged with obstruction of justice by city attorney Tom Carr. Well, it turns out Eric didn’t roll over, and after much stress, charges were dropped. The city shouldn’t be putting people through such things after state judges have ruled. It’s a waste of city resources, and it subjects nice folks like Eric or you or me to the leviathan power of the state. Such power must be responsibly exercised, and Tom Carr has shown he can’t do that.

On that basis alone, Tom Carr should be voted out of office.

It’s just a sweetner that Pete Holmes, his challenger, seems to have his head screwed on straight, with priorities that include government accountability and transparency, smart sentencing, and not a new $250MM jail that we don’t need and can’t afford.

As if you needed any more, our sole remaining newspaper has endorsed Holmes.

So please, vote Pete Holmes for city attorney.

[Update: Thank you! Tom Carr has conceded the race. I don’t think I can claim lots of credit, but I’m glad he’s on the outs.]

Another Long Time Fugitive Arrested

Yesterday, Luis Armando Peña Soltren was arrested after forty years on run for hijacking a plane to Cuba.

Soltren “will finally face the American justice system that he has been evading for more than four decades,” said U.S. Attorney Preet Bharara.

I understand that Woody Allen, Martin Scorsese and David Lynch are already circulating a petition around Hollywood demanding Mr Soltren’s release.

Caster Semenya, Alan Turing and “ID Management” products

caster-semenya-cover-girl.jpgSouth African runner Caster Semenya won the womens 800-meter, and the attention raised questions about her gender. Most of us tend to think of gender as pretty simple. You’re male or you’re female, and that’s all there is to it. The issue is black and white, if you’ll excuse the irony.

There are reports that:

Two Australian newspapers reported Friday that gender tests show the world champion athlete has no ovaries or uterus and internal testes that produce large amounts of testosterone. … Semenya is hardly alone. Estimates vary, but about 1 percent of people are born with abnormal sex organs, experts say. These people may have the physical characteristics of both genders or a chromosomal disorder or simply ambiguous features. (“When someone is raised female and the genes say XY,” AP)

For more on the medical end of this, see for example the “Consensus statement on management of intersex disorders” in the Journal of the American Academy of Pediatrics.

The athletics associations rules don’t cover all of these situations well. The real world is far messier and more complex than most people have cause to address. There are a great many apparently simple things that are really complicated as you dig in.

What the sports associations and news media are doing to Semenya is reprehensible. (There are over 10,000 stories listed on Google News, versus 13,000 for Derek Jeter, who just broke a Yankees record.) She didn’t come into running knowing that she had no ovaries. Having to deal with the identity issues that her testing brings up under the harsh light of the entire world (including me) is simply unfair.

It’s unfair in almost the same way as the British government’s treatment of Alan Turing, the mathematician who Time named one of the 100 most important people of the 20th century for his fundamental work on computers and cryptanalysis. Turing was also a convicted homosexual who committed suicide because of his “treatment” with estrogen, which caused him to become impotent and to develop breasts.

This week, Gordon Brown issued an apology entitled “Treatment of Alan Turing was ‘appalling’:”

While Turing was dealt with under the law of the time and we can’t put the clock back, his treatment was of course utterly unfair and I am pleased to have the chance to say how deeply sorry I and we all are for what happened to him. Alan and the many thousands of other gay men who were convicted as he was convicted under homophobic laws were treated terribly. Over the years millions more lived in fear of conviction.

I am proud that those days are gone and that in the last 12 years this government has done so much to make life fairer and more equal for our LGBT community. This recognition of Alan’s status as one of Britain’s most famous victims of homophobia is another step towards equality and long overdue.

Sports officialdom and state governments are different. Sports are voluntary associations, although athletes have little influence on the choices of international sports functionaries. Either way, watching the chaotic world crash onto the inflexible bureaucracies is tremendously frustrating to me.

As more and more of the world is processed by Turing Machines, assumptions that seem obvious to the programmer are exposed harshly at the edges. A friend with a Juris Doctorate recently applied for a job online. The form had a field “year you graduated from high school” that had to be filled out before she went on. Trouble is, she never did quite finish high school. She had the really relevant qualification-a J.D. from a good school. But she had an emotionally wrenching choice of lying on the form or not applying for the job. She eventually chose to lie, and sent a note to the HR people saying she’d done so and explaining why. I doubt the fellow who wrote that code ever heard about it.

I have a challenge to anyone involved in creating an online identity management system: How well does your system handle Semenya?

The typical answer is either that “that’s configurable, although we don’t know if anyone’s done exactly that” or “she’s an edge case, and we deal with the 95% case really well.” If you have a better answer, I’d really like to know about it. And as a product guy, those are likely the decisions I’d make to ship.

I’ll close by echoing Brown’s words: We’re sorry, you deserve so much better.

The Arrest of Gates

A couple of good articles are John McWhorter’s “Gates is Right–and We’re Not Post-Racial Until He’s Wrong,” and Lowry Heussler’s “Nightmare on Ware Street.” The full police report is at “Gates police report.”

I think PHB’s comment on Michael Froomkin’s post is quite interesting:

You are all missing a rather significant fact, this is the Cambridge Police force, an organization that has a most peculiar relationship to the community it polices.

Houses in Cambridge cost a fortune, so it is not a city where cops live. So the city is a rich, liberal town policed by a conservative working class police force commuting in from other towns. You do not have to be black to have the Cambridge police act boorishly.

I am trying to avoid talking about the subject with my Cambridge friends as they all want to give their own litany of complaints.

When my apartment in Cambridge was burgled in 1999, the responding officer didn’t even want to get out of his car. When he finally did, he didn’t want to bother to physically examine anything, the one item that I pointed out had a grimy fingerprint was shattered and returned in pieces, and his report failed to document either that the front door was ripped from its hinges, or that a stack of currency from four countries had gone missing.

Sorry, PHB was trying to avoid that. I suspect that both the race and class cards played into this. There’s a strong echo of that in Crowley’s statements reported widely:

“I know what I did was right,” Crowley said in an interview with Boston-based WEEI Sportsradio Network. “I don’t have anything to apologize for.”

There’s one other element of this, which is that the police are separated from communities by a foolish and unwinnable war on drugs. Our last three Presidents have smoked pot, the last two snorted coke. But as long as the police are charged with impossible duties, they will be separated from whatever community may exist.

Please keep the comments civil and respectful of Gates, the officer and one another.