cypherpunks-legacy
Threads by month
- ----- 2024 -----
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
July 2018
- 1371 participants
- 9656 discussions
Hi there,
I am a reporter at Wired News. We received notice of the upcoming
Cypherpunks10th anniversary bash. I am thinking of writing a short article
about the history and current status of the cypherpunk community.
Obviously, things have changed a lot in the last 10 years. I imagine that
you and other cypherpunks would have much to say on the topic. Please feel
free to rant and rave to me about whatever you feel would be relevant to
this kind of article.
When did the Cypherpunks come into existence? Who were the founding
members? What was the inital purpose? What kinds of people are involved?
Who (socially, i mean, not names!) exactly are the members of the group?
How many at any one time?
Is it a rotating membership, with people coming and going?
There has been a substantial amount of press dedicated to the Cypherpunks,
what's been the community response?
Have their been internal discussions about the repercussions of the media's
involvment and the like?
WN has had a very familiar relationship with the cypherpunks - has it been
viewed as a positive thing?
Have the ideals of the group changed over the years?
Are there any manifestos or official statements from the group that I can
access?
What are the future plans for the cypherpunks?
I attempted to access cypherpunks.com but most of the links are dead, why
isn't anyone maintaining it?
Or is it unrelated to the current community?
With whom else are the cypherpunks allied?
What do you, personally, have to say about the future of the Internet,
privacy, legislation, hacking, phreaking, cyber terrorism, the governement.
etc?
and finally, who else should I be talking to?
Thanks for your time. I am hoping to get the story done before the end of
next week (i.e. before the actual party.) Of course, I would never publish
the location of the party or any other information that you don't feel
comfortable about.
Danit Lidor
I am also available at 415.276.3925. please leave me a message if I'm away
from my desk. I am more than happy to call you back.
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
[HacDC:Byzantium] Tethr: Getting online in a crisis
by Byzantium.NeoPhyte_Repï¼ OrdinaryAmerican.net 06 Jul '18
by Byzantium.NeoPhyte_Repï¼ OrdinaryAmerican.net 06 Jul '18
06 Jul '18
Another parallel effort?
http://www.bbc.com/future/story/20120413-communicating-in-a-crisis
--
You received this message because you are subscribed to the Google Groups "Project Byzantium (Emergency Mesh Networking)" group.
To post to this group, send email to Byzantium(a)hacdc.org.
To unsubscribe from this group, send email to Byzantium+unsubscribe(a)hacdc.org.
For more options, visit this group at http://groups.google.com/a/hacdc.org/group/Byzantium/?hl=en.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
Quoting:
New microchipped passports designed to be foolproof against
identity theft can be cloned and manipulated in minutes and
accepted as genuine by the computer software recommended for use
at international airports.
Tests for The Times exposed security flaws in the microchips
introduced to protect against terrorism and organised crime. The
flaws also undermine claims that 3,000 blank passports stolen last
week were worthless because they could not be forged.
http://www.timesonline.co.uk/tol/news/uk/crime/article4467106.ece
Hat tip: Bruce Schneier's blog
--
Perry E. Metzger perry(a)piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo(a)metzdowd.com
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
Their Crisis, Our Leviathan
by Gregory Bresiger
<http://www.mises.org/fullstory.aspx?Id=1621>[Posted September 28, 2004]
The circus is coming to your town soon. Maybe, Im getting old, but I just
cant get very excited about the clowns anymore.
Yup, its political season again and those bothersome pols, still lusting
for the votes that put or keep themselves and their pals in office, will be
in our faces until the nonsense is over.
Time for the same tired two parties to trot out the same moronic messages
that challenge the credulity of anyone with a healthy three figure IQ.
Time for the same politicos, with "solutions" to every problem under the
sun, to promise endless new programs, the expansion of existing failed
programs, yet also swear that tax cuts will also be on the way once theyre
given more control over our lives.
Time for the professional political classboth the ruling Republicans and
Democratsto go through the idiocy of a so-called competitive campaign and
the pretense of supposedly differing philosophies.
Time for those hopelessly inane tube "debates." Time for the republics
fortunes to turn on such crucial points as how a candidate looks on the
idiot box, which candidate shaved
better<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn1>[1]
or which slick candidate can come up with the best crackpot idea, an idea
that later usually proves to be a figment of his imagination (the
nonexistent missile gap flim flam of the 1960 Kennedy-Nixon presidential
campaign is one
example<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn2>[2]).
Time for a presidential debate commission, stacked with only Republican and
Democrat party hacks, to insist that debates cannot ever include any third
parties anytime because it would be too dangerous for the average American
to hear a different idea or a now radical viewpoint such as less government.
Time for John Kerry to promise to balance the budget, yet not propose one
major cut in a federal program.
Time for George Bush to claim his opposition to big government, yet not
mention how he made tens of millions of dollars in a shady deal that
included government subsidized construction of a new stadium for the Texas
Rangers baseball team, a sleazy transaction in which the powers of eminent
domain were perverted to make Bush, then owner of the team, even
richer.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn3>[3]
Time again for the polsor least some of the smarter of these shystersto
include a Munich-like promise to "get Washington off our backs." Time for
the weak-minded among the voters to play the role of Neville Chamberlain
("Here it is. Herr Hitler signed it," said Chamberlain of Hitlers signed
promise to leave everyone alone in 1938. That was a promise with all the
credibility of Bill Clintons middle-class tax cut promise or Lying Baines
Johnsons 1964 promise not to send more troops to Vietnam or Ronald
Reagans 1980 campaign promise to close down the departments of Energy and
Education or. . . .).
Time for our masters to duck the question that most economically illiterate
journalists arent inclined to ask: Who pays for government writ large and
its endless expansions in peacetime, wartime, and anytime in the middle?
As one listens to the perpetual seekers of office, with their vows of
delivering utopia on earth provided we give them our votes, remember this
in case you become a bit wobbly and suspect that youre ready to swallow
one or more of their monkeyshinesWashingtons world saving doesnt come
cheap.
Never has. Never will.
Such is the nature of leviathan government. It is classical liberals such
as Professor Robert Higgs (See his wonderful
book<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn4>[4])
and the mid-Victorian radical Richard
Cobden<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn5>[5]who
remind us that democratic governments follow predictable patterns.
They stumble or run into crisis after crisis. Then the government insists
that this justifies it arrogating more power. That, of course, always must
include a bigger bit of your property. The latter is accomplished through
higher state, federal, or municipal taxes or the use of the stealth tax.
The latter is the insidious inflation dodge, a piece of legerdemain that
governments have been using over centuries to take bigger and bigger bites
of your property.
Then these democratic nationswhich, by the way, increasingly contain more
and more people who want no part of the political processlater concede the
crisis was nonexistent or overstated. One can cite many examples of
bogeymen never materializing.
The Soviets, despite the plaudits of liberal/socialist economists in the
West and the warnings of internationalist conservatives who said that they
were ten feet tall, had a Potemkin Village economy. They were never going
to overtake the United States in nuclear weapons or GDP. The world was not
about to run out of oil in the 1970s. The Sandinistas never had the power
to march into Texas. What ever happened to the global ice age that was
supposed to be coming? Will it happen before or after global warming?
Saddam Hussein, apparently, didnt have weapons of mass destruction that he
was about to fire at the United States. And if the corrupt House of Saud,
an invention of the British Empire, is about to fall, how, exactly, does
this square with sacrificing the lives of young Americans, whose Western
values are hated by our Saudi allies?
Kerry and Bush are unlikely to address these "Crisis and Leviathan"
scenarios. Thats because they both essentially believe that the United
States government must continue to be a warfare/welfare state with its
fingers in every domestic and foreign pie. Although they may disagree on
some of the tactics of this America as a great interventionist power model,
neither is ready to junk it and return to the traditional foreign policy of
a George
Washington.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn6>[6]
Washington advocated not "isolationism," but trade and good relations with
all nations and no permanent military alliances. These enlightened policies
of Washington, a man so unlike the career politicians who dominate our
nation today, were once the bedrock of American policy and were also the
bible of the radical little Englander movement of Richard Cobden of the
mid-19th century.
Now these ideas seem like relics. They are ridiculed as outdated by the
dominant media and their allies in government and the academy. That is,
until the next Vietnam or Iraq or Somalia blows up in our faces.
How far we have come. Washington hated political parties and couldnt wait
to return to private life. He also kept the U.S. clear of major wars that
would have likely wrecked our young republic. Our leaders today seem like a
modern day Palmerston. He was the mid-Victorian British foreign minister
and prime minister ever ready to plunge his nation into endless wars. Our
Palmerstonian foreign policy today seems to generate "endless
enemies."<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn7>[7]
The rejection of Washingtons pacific, noninterventionist foreign policy is
the tragedy of our nation. Thats because the mistakes are neither
understood nor are the consequences appreciated. War is more than the
health of the military industry complex. A huge welfare state usually goes
along with an imperial foreign policy. Theodore Roosevelt and his
Progressive allies of the early 20th century advocated both. They reversed
the classical liberal/Jeffersonian foundations of our original
constitution.
Even Roosevelts opponent in the presidential election of 1912, Woodrow
Wilson, ended up adopting many of these nationalist ideas. The New
Nationalism of Roosevelt ended up transforming Wilsons New Freedom, which
originally was supposed to be an attempt to restate Jeffersonian ideas.
Despite the enmity between Roosevelt, the man who gloried in war, and
Wilson, the differences between the men, in the end, were reduced to almost
nothing. It was Wilson who gloried in American interventions around the
globe, vowing to make the people of Latin America elect good men and who
promised "to make the world safe for democracy."
How different is that from what FDR, Kennedy, and Johnson did and Nixon
did? How different is that from what both Kerry and Bush now promise,
although they might disagree on some of the methods of how to achieve these
common goals? So our bipartisan policy now for over a century has been the
policy of the so-called continual crisis of the leviathan, regardless of
whether Democrats or Republicans ruled.
The rationale of this imperial republic justifies the expenditure of
billions of dollars, the constant waging of misguided or tragic wars and
the right to snoop further into the lives of average Americans. Wilson set
up a special intelligence unit to spy on blacks during World War I, a war
in which he tried to ride roughshod over
dissent.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn8>[8]FDR
jailed thousands of loyal Japanese-Americans. Thousands of Americans were
blacklisted during the Cold War. The National Security State, created after
World War II, sanctioned illegal spying conducted by the Central
Intelligence Agency, which was not supposed to conduct domestic spying,
according to its charter.
What do Kerry and Bush have to say about this? What will they do to prevent
a repeat of these injustices and tragedies? Their answers come with the
incongruities of their actions. Kerry voted for the war resolution
authorizing war against Iraq. Then he turned around and voted against
funding. Bush, in the presidential election in 2000, said he feared that
U.S. troops were engaged into too much nation building. Over the last four
years, he has sent troops to many countries, not just to battle terrorism,
but to "bring democracy" to various parts of the world that have never
known democracy. Does Bush, never a student of history, realize how much he
is aping Wilson?
I doubt it.
Will both Bush or Kerry be allowed to escape history? Will they even be
asked to address the potential dangers of a huge state with almost
unlimited powers, a state that is no less dangerous than any tyranny just
because elections are held from time to time with pre-determined outcomes
(We know either a Democrat or a Republican is going to win every
significant office in this country. It has been set up that way and people
who object are usually ostracized or ridiculed as
hopeless<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn9>[9]).
But, as these two bands of ruling parties do their best to avoid difficult
issues. The average American asks very little even as he is mulcted every
day of the week. Americans merely want to go about their business without
the prying eyes of bureaucrats who can ruin their lives with one or more
administrative rulings (See Joe Louis, various Indian nations, Abbott and
Costello, Muhammad Ali, etc. . . .). The pattern is predictable. When were
speaking of money and power, the crisis never ends as far as our rulers are
concerned. Thats because they need the leviathan; it serves their
interests.
For example, despite the end of the Soviet Union or the end of the Great
Depression and similar crises, never ever does any government go back to
the levels of spending and authority that preceded the mess. The costs of
all this Perils of Pauline polity are incredible. They should cause outrage
because we pay the piper, as will many generations unborn. The costs of
government by world savers, human and economic, are always staggering once
a Gibbon or a Mises or Robert Conquest or a Rothbard has totted up the bill.
Regardless of whether were speaking in terms of debased dollars or, more
importantly, the loss of lives from perpetual Wilsonian military
interventions, the tragic errors have been, and will continue to be, signed
off on by both major parties. Thats the price of power that these folks,
who think of power as the ultimate aphrodisiac, are more than willing to
pay. After all, their children usually go to private schools and are
unlikely to end up on the firing line in some place like Iraq.
Unfortunately, it is the average American who has been and will continue to
be hurt in so many ways. This is thanks to the chicanery of a government he
or she probably doesnt support or votes for with a finger firmly held on
el nariz.
>From Iraq to prescription drug plans to sad sack Amtrak (the Acela is an
expensive joke, which is anything but a high-speed train, yet charges
premium fares for a railroad that continues to run in the red), to state
education<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn10>[10]
so bad that it would have surprised even socialists Bertrand Russell or
John Stuart
Mill<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn11>[11],
the accumulation of power by our central government and the money it spends
are mind boggling.
Shouldnt some hardy soul, with an understanding that the original
constitution was designed to give Americans limited government, ask Jorge
II or the homeless Senator from
Taxachusetts<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn12>[12]
for an accounting of all this? And shouldnt one of our rulers at least
issue a perfunctionary promise that there will be limitations on
Washington? Not that many people would actually believe such a promise of
limitations. But we have traveled so far down "The Road to
Serfdom"<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn13>[13]that
it is unlikely our would-be Caesars will even be going through the motions
of pretending to be Jeffersonians?
Heres the sorry truth that you will never hear over the next few months
from most of the network nitwits and the other members of the elite Eastern
media, who are a willing part of the charade of the election circus. The
political carnival, which once entertained us when we were children the
same as all clowns can win the favor of delighted little children, is now a
tired, overpriced show. It should have been cancelled decades ago.
The circus does nothing but take our money and lots of it. It doesnt even
provide good entertainment. Political conventions decide nothing. The
biggest decision is usually when to unleash the balloons. Even the tv
networks, notorious for playing to the lowest common denominator, weary
of the Big Top tonterias. Less frequently do they send their human blanks
to gape at the spectacle of pols and their relatives baying for the
cameras. Under our fraudulent two party system, two bands of pirates offer
big or bigger government with no mention of how much this will cost us. We
will pay, among other ways, through the hidden tax called inflation.
It is an insidious system. It gives us more by actually giving us less.
That means we seem to have more money, the nominal amount of the money in
our pockets or in the bank is larger. The economy seems to humming along.
Stock prices and earnings seem to grow by huge amounts over the long term.
But it is a
trick.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn14>[14]
Our judgment has been distorted by the long-term effects of inflation and
the destructive policies of the central
bank.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn15>[15]
These devalued dollars actually can buy fewer things. And this cycle of
spending and inflating will worsen unless there is a signal change among
tens of millions of Americans who are disgusted, but feel compelled to vote
for one of these two windjammers. They just want to go about their
business, work harder and be left alone. This kind of person is the
"forgotten
man.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn16>[16]"
He has increasingly been pushed into the background by special interests
and those forever demanding more of the welfare state.
Still, the apolitical forgotten man only wants to be left alone, much to
the joy of the political junkies who really dont care how illegitimate the
system becomes or how few voters go to the polls. Thats provided that
their boy and their party wins. And they get to carve up the biggest slice
of the jobs, power and authority. Unfortunately, much as many of us would
wish it, most of this Black Horse Cavalry will not go away.
We, and our children and their children, will pay through higher federal
income tax rates and state taxes will rise too. Thats regardless of
whether we end up with a "fiscal conservative" or a liberal Democrat in
November. In fact, given the wild-eyed spending of the Republican
administration of the last four years, the socialists of the Bubba
administration actually now look relatively less inimical to liberty than
George IIs crew of neocons. The more bookish of this Bush crowdwhose
predecessors banished the so-called "isolationist" wing of the GOP in
1952<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn17>[17]have
imbibed too much of the bible of the Archangel Woodrow Wilson.
Here was the prototype for almost every modern president celebrated by
mainstream historians as "great." Historians love Wilson, as do most modern
presidents. But his legacy, as he left office in 1921, was a nation
overtaxed, disappointed, in the middle of a depression and with civil
liberties under attack by an attorney general run
amuck.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn18>[18]
Sound familiar? Wilson left office as one of the more unpopular presidents
in the republics
history.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn19>[19]Is
the same fate awaiting a Bush or a Kerry in 2008?
Despite widespread suspicion of the men and women who lord over us today,
all of our political ruling class obviously make a very good living from
picking the pockets of average people who pay for the federal governments
endless failed experiments in foreign and domestic social engineering. But
they couldnt do it without help. Large elements of the major media are on
board. And the hired help during this election season will have plenty of
slaves in the media to remind us how lucky we are to be living under this
regime or how lucky we will be if Kerry and his cutthroats replace Bush and
his cutthroats. These trained seals of the media will implore us "to vote."
They will also ridicule third parties.
Some of the slick ones on the network will goose step to the socialist line
of government on top of government with more government to follow. They
will point out that the United States, even with higher taxes, still has
tax rates that are much lower than France, Canada and
Germany.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn20>[20]Of
course, these nations are closer to a socialist model than we are and are
also nations that have much higher unemployment rates and lower growth
rates. But those are facts that are usually not mentioned or get sparse
attention when the subject of taxes is discussed in most major media. And
besides which, many of our taxes are now on the fast track. With a few more
years of the leviathan, we can certainly catch up with our Western European
and Canadian counterparts.
For example, let us not forget the ubiquitous social insurance tax. It is a
wretched impost, especially for the lower-middle class, working poor and
those who are self-employed (The latter have no employer to pay the
employers half of FICA. So they get a double dose of payroll taxes).
Thanks to the Kerrys and the Bushes, the next generation of
Americansbarring a miraclewill also pay higher payroll tax rates. These
rates will go up and up as they have over the last 32 years at an
accelerated pace. Republicans and Democrats have both signed off on a venal
system in which the "trust fund" is used for anything and everything. But
due to our flawed system of politics, the major candidates surely will not
be forced to answer any substantial questions on this issue other than to
say, "I support Social Security."
Neither will be required to explain why there have been dozens of payroll
tax increases over the years or why the system runs into trouble every
decade or so. Neither will have to field a question over how anyone in the
private sector could legally run a trust fund the way the government
pillages the Social Security trust fund and not end up in the slammer. And
heres another one that Teresa Heinzs consort and George Herbert Walker
Bushs hijo should have to answer. How the hell did this payroll tax get so
high? Let history answer.
It is because President Nixon and the Democratic Congress of 1972both
exhibiting the notorious trait of almost all politicos, the overwhelming
desire to get re-elected no matter the long term consequencesapproved big
Social Security benefits increases along with ill-considered automatic cost
of living adjustments (colas) back in the disco era. They sent out the
notices of the benefits increasesyou guessed itjust before the elections,
which most incumbents won (Nixon was re-elected. Congress remained under
the control of Democrats). The pols "gave us" (sic) these benefits hikes
with little thought of how they would hurt Americans who had to pay for
them in the 1980s and
1990s.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn21>[21]
This was the kind of Pavlovian action of all career politicos who subscribe
to economist John Maynard Keynes. ("In the long run, were all dead.,"
Keynes was famously quoted as saying. Yes, and also much poorer, Mr.
Keynes). Watch for a repeat of this Keynesian electioneering when the
circus comes to your town.
This increase benefits you as much as it can in an election year, and
forget about the bills has been a disastrous policy that has hurt
generations and generations of Americans. Still, many Americans have no
idea what a FICA is. But they understand that, whatever the hell a FICA is,
it eats up a hell of a lot of their hard-earned dinero. This irresponsible
philosophy has also meant that tens of millions of workersmany with rather
modest incomesare paying more in payroll taxes than they do in income
taxes.
The payroll tax has become the de facto second income tax of millions of
Americans. Thats unless, of course, one lives here in the Peoples Republic
de Nueva York. In this "enlightened" place, we have both a city and state
income tax. Here one can pay four income taxes! And neither of the major
parties here in the Rancid Apple ever suggests that maybe four income taxes
on top of everything else that one must pay to his masters are too much of
a burden. Just as it ridiculous to expect Republicans to dismantle the
leviathan on the Potomachavent they been running things for the last four
years?so, too, it is silly to think that their counterparts in big cities
are generally the enemies of paternal government.
So once again, the fraud of a two-party runaway democracy is about to be
perpetuated with the connivance of most major media outlets. And who knows
how much it will cost us and generations to come? Whatever it is, it will
be a lot more than the estimates we get. The government, which often fudges
numbers, doesnt want you to know the truth, just as your parents shielded
you from many of lifes unpleasantries.
But youre not a child anymore, even though your government apparently
treats you as though you are perpetually one.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn22>[22]
Time to put away childish things. Its time to stop going to the circus.
Gregory Bresiger is an editor in New
York. <mailto:gbresiger@hotmail.com>gbresiger(a)hotmail.com. See his
<http://www.mises.org/articles.asp?mode=a&author=Bresiger>archive. Comment
on the <http://www.mises.org/blog>blog.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref1>[1]
This is not an exaggeration. It is widely conceded that Richard Nixon lost
the televised presidential debate of 1960 because he had five oclock
shadow.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref2>[2]
Arthur Schlesinger Jr., the great liberal historian and Kennedy aide,
concedes that the campaign issue of the U.S falling behind the Russians in
missile production was a canard. Once in office, "the issue finally
withered away," Schlesinger writes in his book, "A Thousand Days," p. 499
(Houghton Mifflin Company, Boston, 1965). Yet Kennedy, ever the big
government advocate, still went ahead with a nuclear arms buildup that was
not needed!
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref3>[3]
The whole slimy story is available in "The Buying of the President 2004,"
by Charles Lewis, pp. 15055 and pp. 16869. (Harper Collins, New York,
2004).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref4>[4]
See "Crisis and Leviathan," by Robert Higgs, (New York, Oxford University
Press, 1987).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref5>[5]
See "The Three Panics," a pamphlet from "The Political Writings of Richard
Cobden," (New York: Garland Publishing, 1973).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref6>[6]
"We ought to have commercial intercourse with all, but political ties with
none," said Washington, a piece of advice that would have him branded "an
isolationist" today. Washington also cautioned against almost all foreign
alliances. "American has no motive for forming such connections and very
powerful motives for avoiding them." See "John Marshall, Definer of a
Nation," by Jean Edward Smith, p. 243, (New York, Henry Holt & Co., 1996)
It all sounds radical now, but for a century America adhered to many of
these common sense ideas.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref7>[7]
See Jonathan Kwitnys book, "Endless Enemies: The Making of an Unfriendly
World." (New York: Congdon and Weed, 1984).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref8>[8]
See "Free Speech in the United States," by Zechariah Chafee, Jr., p. 273,
(Harvard University Press, Cambridge, Mass., 1967).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref9>
9) As I write this, word comes that Ralph Nader was denied credentials to
attend the Democratic convention. Some democrats just cant stop blaming
him for Gore losing the 2000 presidential election. I doubt any of them
were angry that Perot helped elect Clinton in 1992 or ask why Gore couldnt
carry his own state or West Virginia, traditional Democratic states that
went for Bush.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref10>[10]
"The truth is that schools dont really teach anything except how to obey
orders." So wrote John Taylor Gotto, who has been an award winning public
school teacher. See his "Dumbing Us Down. The Hidden Curriculum of
Compulsory School," p. 25, (New Society Publishers, Philadelphia, 1991).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref11>[11]
Both Russell and Mill, socialists who hoped that society would evolve away
from private property, nevertheless were fearful of state education,
believing its dangers far outweighed any of its potential benefits. For
example, Mill, in "On Liberty, warned that " a general state education is a
mere contrivance for molding people to be exactly like one another; and as
the mold in which it casts them is that which pleases the predominant power
in the government, whether this be a monarch, a priesthood, an aristocracy,
or the majority of the existing generation; in proportion as it is
efficient and successful, it establishes a despotism over the mind, leading
by natural tendency to one over the body." See "The Utilitarians, p. 587,
(Doubleday & Co, Garden City, New York, 1961).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref12>[12]
In his "gypsy years," before he married Teresa Heinz, John Kerry had no
permanent address in the Bay State. Senators are supposed to have permanent
addresses in the state they represent. But not John Kerry, who sometimes
stayed rent-free in the condo of his chief fundraiser. See "John Kerry. The
Complete Biography by The Boston Globe Reporters Who Know Him Best," by
Michael Kranish, Brian C. Mooney and Nina J. Easton, p. 238, (Public
Affairs, New York, 2004).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref13>[13]
See F.A. Hayeks "The Road to Serfdom." (The University of Chicago Press)..
Here he warned, some 60 years ago, that," We are rapidly abandoning not the
views merely of Cobden and Bright, of Adam Smith and Hume, or even of Locke
and Milton, but one of the salient characteristics of Western civilization
as it has grown from the foundations laid by the Christians and the Greeks
and Romans." P. 17.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref14>[14]
"Inflation from 1988 through the end of 2002 was 52%. What cost $100 in
1988 would cost $152.01 in 2002. If earnings only kept up with inflation,
they would grow from $23.75 in 1988 to $36.10 in 2003. That means that
earnings barely kept up with inflation, growing less than $1 ($.92) in
real, inflation adjusted terms in 15 years! That is a total growth of less
than four percent and clearly a compounded growth of less than 0.5%" From
"Bulls Eye Investing. Targeting Real Returns in a Smoke and Mirrors
Market," by John Maudlin, p. 105, (John Wiley & Sons, New York, 2004).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref15>[15]
"What makes us rich," writes Murray Rothbard, "is an abundance of goods,
and what limits that abundance is a scarcity of resources: . . .
Multiplying coin will not whisk these resources into being. We may feel
twice as rich for the moment, but clearly all we are doing is diluting the
money supply." P. 33. See Rothbards "<http://www.mises.org/money.asp>What
Has Government Done to Our Money?"
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref16>[16]
"Here," wrote William Graham Sumner about a century ago, " we have the
Forgotten Man again, and once again we find him worthy of all respect and
consideration, but passed by in favor of the noisy, pushing and
incompetent." From "Social Darwinsim. Selected Essays of William Graham
Sumner," p. 127, (Prentice-Hall, Englewood Cliffs, New Jersey, 1963).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref17>[17]
The Republican Party, in 1952, turned away from "isolationism when it
turned its back on Senator Robert Taft. He was "the Reluctant Dragon,
unable to wage permanent war against the Soviet menace." The party,
instead, turned to the "internationalist" Dwight Eisenhower. See "Prophets
on the Right. Profiles of Conservative Critics of American Globalism," by
Ronald Radosh, p. 192, (Simon and Shuster, New York, 1975).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref18>[18]See
"The Politics of War. The Story of Two Wars which Altered Forever the
Political Life of the American Republic (18901920)" by Walter Karp,
Harper Row, New York, 1979).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref19>[19]
Ibid.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref20>[20]
Germany has "double" the unemployment rate of the United States. See the
"Wall Street Journal" op-ed page of August 2, 2004,. "Auf Wiedersehen to
the Leisure Economy, " p. A11.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref21>[21]
See my "<http://www.mises.org/fullstory.aspx?control=344>The Social
Security Deal of 1972" at mises.org or simply by doing on an on line search
using my name.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref22>[22]See
Alexis de Tocquevilles "Democracy in America." Here De Tocqueville, over a
century and a half ago, warned of the potential for an administrative
despotism that would be unlike any other tyranny ever experienced in
history. "It would resemble parental authority, if, fatherlike, it tried to
prepare its charges for a mans life, but on the contrary, it only tries to
keep them in perpetual childhood." P. 692, Vol II, (Perrenial Classics, New
York, 2000).
In response to many requests, it is now possible to set your credit-card
contribution to the Mises Institute to be recurring. You can easily set
this up on-line with a donation starting at $10 per month. See the
<https://www.mises.org/donate.asp>Membership Page. This is one way to
ensure that your support for the Mises Institute is ongoing.
<http://www.mises.org/fullstory.aspx?Id=1621>[Print Friendly Page]
<http://www.mises.org/blog/>
<http://www.mises.org/elist.asp>Mises Email List Services
<https://www.mises.org/donate.asp>Join the Mises Institute
<http://www.mises.org/store>Mises.org Store
<http://www.mises.org/>Home | <http://www.mises.org/about.asp>About |
<http://www.mises.org/elist.asp>Email List |
<http://www.google.com/u/Mises>Search |
<http://www.mises.org/contact.asp>Contact Us |
<http://www.mises.org/journals.asp>Periodicals |
<http://www.mises.org/articles.asp>Articles |
<http://www.mises.org/fun.asp>Games & Fun
<http://www.mises.org/StudyGuideDisplay.asp?SubjID=117>EBooks |
<http://www.mises.org/scholar.asp>Resources |
<http://www.mises.org/catalog.asp>Catalog |
<https://www.mises.org/donate.asp>Contributions |
<http://www.mises.org/calendar.asp>Freedom Calendar
You are subscribed as: rah(a)ibuc.com
Manage
<http://mises.biglist.com/list/article/?p=prefs&pre=l&e=13958347&pw=1tyvx5to…>your
account. Unsubscribe
<http://mises.biglist.com/list/article/?p=unsub&pre=l&e=13958347&pw=1tyvx5to…>here
or send email to <mailto:article-unsub-13958347@mises.biglist.com>this
address.
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
Quoting:
New microchipped passports designed to be foolproof against
identity theft can be cloned and manipulated in minutes and
accepted as genuine by the computer software recommended for use
at international airports.
Tests for The Times exposed security flaws in the microchips
introduced to protect against terrorism and organised crime. The
flaws also undermine claims that 3,000 blank passports stolen last
week were worthless because they could not be forged.
http://www.timesonline.co.uk/tol/news/uk/crime/article4467106.ece
Hat tip: Bruce Schneier's blog
--
Perry E. Metzger perry(a)piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo(a)metzdowd.com
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
Their Crisis, Our Leviathan
by Gregory Bresiger
<http://www.mises.org/fullstory.aspx?Id=1621>[Posted September 28, 2004]
The circus is coming to your town soon. Maybe, Im getting old, but I just
cant get very excited about the clowns anymore.
Yup, its political season again and those bothersome pols, still lusting
for the votes that put or keep themselves and their pals in office, will be
in our faces until the nonsense is over.
Time for the same tired two parties to trot out the same moronic messages
that challenge the credulity of anyone with a healthy three figure IQ.
Time for the same politicos, with "solutions" to every problem under the
sun, to promise endless new programs, the expansion of existing failed
programs, yet also swear that tax cuts will also be on the way once theyre
given more control over our lives.
Time for the professional political classboth the ruling Republicans and
Democratsto go through the idiocy of a so-called competitive campaign and
the pretense of supposedly differing philosophies.
Time for those hopelessly inane tube "debates." Time for the republics
fortunes to turn on such crucial points as how a candidate looks on the
idiot box, which candidate shaved
better<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn1>[1]
or which slick candidate can come up with the best crackpot idea, an idea
that later usually proves to be a figment of his imagination (the
nonexistent missile gap flim flam of the 1960 Kennedy-Nixon presidential
campaign is one
example<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn2>[2]).
Time for a presidential debate commission, stacked with only Republican and
Democrat party hacks, to insist that debates cannot ever include any third
parties anytime because it would be too dangerous for the average American
to hear a different idea or a now radical viewpoint such as less government.
Time for John Kerry to promise to balance the budget, yet not propose one
major cut in a federal program.
Time for George Bush to claim his opposition to big government, yet not
mention how he made tens of millions of dollars in a shady deal that
included government subsidized construction of a new stadium for the Texas
Rangers baseball team, a sleazy transaction in which the powers of eminent
domain were perverted to make Bush, then owner of the team, even
richer.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn3>[3]
Time again for the polsor least some of the smarter of these shystersto
include a Munich-like promise to "get Washington off our backs." Time for
the weak-minded among the voters to play the role of Neville Chamberlain
("Here it is. Herr Hitler signed it," said Chamberlain of Hitlers signed
promise to leave everyone alone in 1938. That was a promise with all the
credibility of Bill Clintons middle-class tax cut promise or Lying Baines
Johnsons 1964 promise not to send more troops to Vietnam or Ronald
Reagans 1980 campaign promise to close down the departments of Energy and
Education or. . . .).
Time for our masters to duck the question that most economically illiterate
journalists arent inclined to ask: Who pays for government writ large and
its endless expansions in peacetime, wartime, and anytime in the middle?
As one listens to the perpetual seekers of office, with their vows of
delivering utopia on earth provided we give them our votes, remember this
in case you become a bit wobbly and suspect that youre ready to swallow
one or more of their monkeyshinesWashingtons world saving doesnt come
cheap.
Never has. Never will.
Such is the nature of leviathan government. It is classical liberals such
as Professor Robert Higgs (See his wonderful
book<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn4>[4])
and the mid-Victorian radical Richard
Cobden<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn5>[5]who
remind us that democratic governments follow predictable patterns.
They stumble or run into crisis after crisis. Then the government insists
that this justifies it arrogating more power. That, of course, always must
include a bigger bit of your property. The latter is accomplished through
higher state, federal, or municipal taxes or the use of the stealth tax.
The latter is the insidious inflation dodge, a piece of legerdemain that
governments have been using over centuries to take bigger and bigger bites
of your property.
Then these democratic nationswhich, by the way, increasingly contain more
and more people who want no part of the political processlater concede the
crisis was nonexistent or overstated. One can cite many examples of
bogeymen never materializing.
The Soviets, despite the plaudits of liberal/socialist economists in the
West and the warnings of internationalist conservatives who said that they
were ten feet tall, had a Potemkin Village economy. They were never going
to overtake the United States in nuclear weapons or GDP. The world was not
about to run out of oil in the 1970s. The Sandinistas never had the power
to march into Texas. What ever happened to the global ice age that was
supposed to be coming? Will it happen before or after global warming?
Saddam Hussein, apparently, didnt have weapons of mass destruction that he
was about to fire at the United States. And if the corrupt House of Saud,
an invention of the British Empire, is about to fall, how, exactly, does
this square with sacrificing the lives of young Americans, whose Western
values are hated by our Saudi allies?
Kerry and Bush are unlikely to address these "Crisis and Leviathan"
scenarios. Thats because they both essentially believe that the United
States government must continue to be a warfare/welfare state with its
fingers in every domestic and foreign pie. Although they may disagree on
some of the tactics of this America as a great interventionist power model,
neither is ready to junk it and return to the traditional foreign policy of
a George
Washington.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn6>[6]
Washington advocated not "isolationism," but trade and good relations with
all nations and no permanent military alliances. These enlightened policies
of Washington, a man so unlike the career politicians who dominate our
nation today, were once the bedrock of American policy and were also the
bible of the radical little Englander movement of Richard Cobden of the
mid-19th century.
Now these ideas seem like relics. They are ridiculed as outdated by the
dominant media and their allies in government and the academy. That is,
until the next Vietnam or Iraq or Somalia blows up in our faces.
How far we have come. Washington hated political parties and couldnt wait
to return to private life. He also kept the U.S. clear of major wars that
would have likely wrecked our young republic. Our leaders today seem like a
modern day Palmerston. He was the mid-Victorian British foreign minister
and prime minister ever ready to plunge his nation into endless wars. Our
Palmerstonian foreign policy today seems to generate "endless
enemies."<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn7>[7]
The rejection of Washingtons pacific, noninterventionist foreign policy is
the tragedy of our nation. Thats because the mistakes are neither
understood nor are the consequences appreciated. War is more than the
health of the military industry complex. A huge welfare state usually goes
along with an imperial foreign policy. Theodore Roosevelt and his
Progressive allies of the early 20th century advocated both. They reversed
the classical liberal/Jeffersonian foundations of our original
constitution.
Even Roosevelts opponent in the presidential election of 1912, Woodrow
Wilson, ended up adopting many of these nationalist ideas. The New
Nationalism of Roosevelt ended up transforming Wilsons New Freedom, which
originally was supposed to be an attempt to restate Jeffersonian ideas.
Despite the enmity between Roosevelt, the man who gloried in war, and
Wilson, the differences between the men, in the end, were reduced to almost
nothing. It was Wilson who gloried in American interventions around the
globe, vowing to make the people of Latin America elect good men and who
promised "to make the world safe for democracy."
How different is that from what FDR, Kennedy, and Johnson did and Nixon
did? How different is that from what both Kerry and Bush now promise,
although they might disagree on some of the methods of how to achieve these
common goals? So our bipartisan policy now for over a century has been the
policy of the so-called continual crisis of the leviathan, regardless of
whether Democrats or Republicans ruled.
The rationale of this imperial republic justifies the expenditure of
billions of dollars, the constant waging of misguided or tragic wars and
the right to snoop further into the lives of average Americans. Wilson set
up a special intelligence unit to spy on blacks during World War I, a war
in which he tried to ride roughshod over
dissent.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn8>[8]FDR
jailed thousands of loyal Japanese-Americans. Thousands of Americans were
blacklisted during the Cold War. The National Security State, created after
World War II, sanctioned illegal spying conducted by the Central
Intelligence Agency, which was not supposed to conduct domestic spying,
according to its charter.
What do Kerry and Bush have to say about this? What will they do to prevent
a repeat of these injustices and tragedies? Their answers come with the
incongruities of their actions. Kerry voted for the war resolution
authorizing war against Iraq. Then he turned around and voted against
funding. Bush, in the presidential election in 2000, said he feared that
U.S. troops were engaged into too much nation building. Over the last four
years, he has sent troops to many countries, not just to battle terrorism,
but to "bring democracy" to various parts of the world that have never
known democracy. Does Bush, never a student of history, realize how much he
is aping Wilson?
I doubt it.
Will both Bush or Kerry be allowed to escape history? Will they even be
asked to address the potential dangers of a huge state with almost
unlimited powers, a state that is no less dangerous than any tyranny just
because elections are held from time to time with pre-determined outcomes
(We know either a Democrat or a Republican is going to win every
significant office in this country. It has been set up that way and people
who object are usually ostracized or ridiculed as
hopeless<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn9>[9]).
But, as these two bands of ruling parties do their best to avoid difficult
issues. The average American asks very little even as he is mulcted every
day of the week. Americans merely want to go about their business without
the prying eyes of bureaucrats who can ruin their lives with one or more
administrative rulings (See Joe Louis, various Indian nations, Abbott and
Costello, Muhammad Ali, etc. . . .). The pattern is predictable. When were
speaking of money and power, the crisis never ends as far as our rulers are
concerned. Thats because they need the leviathan; it serves their
interests.
For example, despite the end of the Soviet Union or the end of the Great
Depression and similar crises, never ever does any government go back to
the levels of spending and authority that preceded the mess. The costs of
all this Perils of Pauline polity are incredible. They should cause outrage
because we pay the piper, as will many generations unborn. The costs of
government by world savers, human and economic, are always staggering once
a Gibbon or a Mises or Robert Conquest or a Rothbard has totted up the bill.
Regardless of whether were speaking in terms of debased dollars or, more
importantly, the loss of lives from perpetual Wilsonian military
interventions, the tragic errors have been, and will continue to be, signed
off on by both major parties. Thats the price of power that these folks,
who think of power as the ultimate aphrodisiac, are more than willing to
pay. After all, their children usually go to private schools and are
unlikely to end up on the firing line in some place like Iraq.
Unfortunately, it is the average American who has been and will continue to
be hurt in so many ways. This is thanks to the chicanery of a government he
or she probably doesnt support or votes for with a finger firmly held on
el nariz.
>From Iraq to prescription drug plans to sad sack Amtrak (the Acela is an
expensive joke, which is anything but a high-speed train, yet charges
premium fares for a railroad that continues to run in the red), to state
education<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn10>[10]
so bad that it would have surprised even socialists Bertrand Russell or
John Stuart
Mill<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn11>[11],
the accumulation of power by our central government and the money it spends
are mind boggling.
Shouldnt some hardy soul, with an understanding that the original
constitution was designed to give Americans limited government, ask Jorge
II or the homeless Senator from
Taxachusetts<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn12>[12]
for an accounting of all this? And shouldnt one of our rulers at least
issue a perfunctionary promise that there will be limitations on
Washington? Not that many people would actually believe such a promise of
limitations. But we have traveled so far down "The Road to
Serfdom"<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn13>[13]that
it is unlikely our would-be Caesars will even be going through the motions
of pretending to be Jeffersonians?
Heres the sorry truth that you will never hear over the next few months
from most of the network nitwits and the other members of the elite Eastern
media, who are a willing part of the charade of the election circus. The
political carnival, which once entertained us when we were children the
same as all clowns can win the favor of delighted little children, is now a
tired, overpriced show. It should have been cancelled decades ago.
The circus does nothing but take our money and lots of it. It doesnt even
provide good entertainment. Political conventions decide nothing. The
biggest decision is usually when to unleash the balloons. Even the tv
networks, notorious for playing to the lowest common denominator, weary
of the Big Top tonterias. Less frequently do they send their human blanks
to gape at the spectacle of pols and their relatives baying for the
cameras. Under our fraudulent two party system, two bands of pirates offer
big or bigger government with no mention of how much this will cost us. We
will pay, among other ways, through the hidden tax called inflation.
It is an insidious system. It gives us more by actually giving us less.
That means we seem to have more money, the nominal amount of the money in
our pockets or in the bank is larger. The economy seems to humming along.
Stock prices and earnings seem to grow by huge amounts over the long term.
But it is a
trick.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn14>[14]
Our judgment has been distorted by the long-term effects of inflation and
the destructive policies of the central
bank.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn15>[15]
These devalued dollars actually can buy fewer things. And this cycle of
spending and inflating will worsen unless there is a signal change among
tens of millions of Americans who are disgusted, but feel compelled to vote
for one of these two windjammers. They just want to go about their
business, work harder and be left alone. This kind of person is the
"forgotten
man.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn16>[16]"
He has increasingly been pushed into the background by special interests
and those forever demanding more of the welfare state.
Still, the apolitical forgotten man only wants to be left alone, much to
the joy of the political junkies who really dont care how illegitimate the
system becomes or how few voters go to the polls. Thats provided that
their boy and their party wins. And they get to carve up the biggest slice
of the jobs, power and authority. Unfortunately, much as many of us would
wish it, most of this Black Horse Cavalry will not go away.
We, and our children and their children, will pay through higher federal
income tax rates and state taxes will rise too. Thats regardless of
whether we end up with a "fiscal conservative" or a liberal Democrat in
November. In fact, given the wild-eyed spending of the Republican
administration of the last four years, the socialists of the Bubba
administration actually now look relatively less inimical to liberty than
George IIs crew of neocons. The more bookish of this Bush crowdwhose
predecessors banished the so-called "isolationist" wing of the GOP in
1952<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn17>[17]have
imbibed too much of the bible of the Archangel Woodrow Wilson.
Here was the prototype for almost every modern president celebrated by
mainstream historians as "great." Historians love Wilson, as do most modern
presidents. But his legacy, as he left office in 1921, was a nation
overtaxed, disappointed, in the middle of a depression and with civil
liberties under attack by an attorney general run
amuck.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn18>[18]
Sound familiar? Wilson left office as one of the more unpopular presidents
in the republics
history.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn19>[19]Is
the same fate awaiting a Bush or a Kerry in 2008?
Despite widespread suspicion of the men and women who lord over us today,
all of our political ruling class obviously make a very good living from
picking the pockets of average people who pay for the federal governments
endless failed experiments in foreign and domestic social engineering. But
they couldnt do it without help. Large elements of the major media are on
board. And the hired help during this election season will have plenty of
slaves in the media to remind us how lucky we are to be living under this
regime or how lucky we will be if Kerry and his cutthroats replace Bush and
his cutthroats. These trained seals of the media will implore us "to vote."
They will also ridicule third parties.
Some of the slick ones on the network will goose step to the socialist line
of government on top of government with more government to follow. They
will point out that the United States, even with higher taxes, still has
tax rates that are much lower than France, Canada and
Germany.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn20>[20]Of
course, these nations are closer to a socialist model than we are and are
also nations that have much higher unemployment rates and lower growth
rates. But those are facts that are usually not mentioned or get sparse
attention when the subject of taxes is discussed in most major media. And
besides which, many of our taxes are now on the fast track. With a few more
years of the leviathan, we can certainly catch up with our Western European
and Canadian counterparts.
For example, let us not forget the ubiquitous social insurance tax. It is a
wretched impost, especially for the lower-middle class, working poor and
those who are self-employed (The latter have no employer to pay the
employers half of FICA. So they get a double dose of payroll taxes).
Thanks to the Kerrys and the Bushes, the next generation of
Americansbarring a miraclewill also pay higher payroll tax rates. These
rates will go up and up as they have over the last 32 years at an
accelerated pace. Republicans and Democrats have both signed off on a venal
system in which the "trust fund" is used for anything and everything. But
due to our flawed system of politics, the major candidates surely will not
be forced to answer any substantial questions on this issue other than to
say, "I support Social Security."
Neither will be required to explain why there have been dozens of payroll
tax increases over the years or why the system runs into trouble every
decade or so. Neither will have to field a question over how anyone in the
private sector could legally run a trust fund the way the government
pillages the Social Security trust fund and not end up in the slammer. And
heres another one that Teresa Heinzs consort and George Herbert Walker
Bushs hijo should have to answer. How the hell did this payroll tax get so
high? Let history answer.
It is because President Nixon and the Democratic Congress of 1972both
exhibiting the notorious trait of almost all politicos, the overwhelming
desire to get re-elected no matter the long term consequencesapproved big
Social Security benefits increases along with ill-considered automatic cost
of living adjustments (colas) back in the disco era. They sent out the
notices of the benefits increasesyou guessed itjust before the elections,
which most incumbents won (Nixon was re-elected. Congress remained under
the control of Democrats). The pols "gave us" (sic) these benefits hikes
with little thought of how they would hurt Americans who had to pay for
them in the 1980s and
1990s.<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn21>[21]
This was the kind of Pavlovian action of all career politicos who subscribe
to economist John Maynard Keynes. ("In the long run, were all dead.,"
Keynes was famously quoted as saying. Yes, and also much poorer, Mr.
Keynes). Watch for a repeat of this Keynesian electioneering when the
circus comes to your town.
This increase benefits you as much as it can in an election year, and
forget about the bills has been a disastrous policy that has hurt
generations and generations of Americans. Still, many Americans have no
idea what a FICA is. But they understand that, whatever the hell a FICA is,
it eats up a hell of a lot of their hard-earned dinero. This irresponsible
philosophy has also meant that tens of millions of workersmany with rather
modest incomesare paying more in payroll taxes than they do in income
taxes.
The payroll tax has become the de facto second income tax of millions of
Americans. Thats unless, of course, one lives here in the Peoples Republic
de Nueva York. In this "enlightened" place, we have both a city and state
income tax. Here one can pay four income taxes! And neither of the major
parties here in the Rancid Apple ever suggests that maybe four income taxes
on top of everything else that one must pay to his masters are too much of
a burden. Just as it ridiculous to expect Republicans to dismantle the
leviathan on the Potomachavent they been running things for the last four
years?so, too, it is silly to think that their counterparts in big cities
are generally the enemies of paternal government.
So once again, the fraud of a two-party runaway democracy is about to be
perpetuated with the connivance of most major media outlets. And who knows
how much it will cost us and generations to come? Whatever it is, it will
be a lot more than the estimates we get. The government, which often fudges
numbers, doesnt want you to know the truth, just as your parents shielded
you from many of lifes unpleasantries.
But youre not a child anymore, even though your government apparently
treats you as though you are perpetually one.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftn22>[22]
Time to put away childish things. Its time to stop going to the circus.
Gregory Bresiger is an editor in New
York. <mailto:gbresiger@hotmail.com>gbresiger(a)hotmail.com. See his
<http://www.mises.org/articles.asp?mode=a&author=Bresiger>archive. Comment
on the <http://www.mises.org/blog>blog.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref1>[1]
This is not an exaggeration. It is widely conceded that Richard Nixon lost
the televised presidential debate of 1960 because he had five oclock
shadow.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref2>[2]
Arthur Schlesinger Jr., the great liberal historian and Kennedy aide,
concedes that the campaign issue of the U.S falling behind the Russians in
missile production was a canard. Once in office, "the issue finally
withered away," Schlesinger writes in his book, "A Thousand Days," p. 499
(Houghton Mifflin Company, Boston, 1965). Yet Kennedy, ever the big
government advocate, still went ahead with a nuclear arms buildup that was
not needed!
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref3>[3]
The whole slimy story is available in "The Buying of the President 2004,"
by Charles Lewis, pp. 15055 and pp. 16869. (Harper Collins, New York,
2004).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref4>[4]
See "Crisis and Leviathan," by Robert Higgs, (New York, Oxford University
Press, 1987).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref5>[5]
See "The Three Panics," a pamphlet from "The Political Writings of Richard
Cobden," (New York: Garland Publishing, 1973).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref6>[6]
"We ought to have commercial intercourse with all, but political ties with
none," said Washington, a piece of advice that would have him branded "an
isolationist" today. Washington also cautioned against almost all foreign
alliances. "American has no motive for forming such connections and very
powerful motives for avoiding them." See "John Marshall, Definer of a
Nation," by Jean Edward Smith, p. 243, (New York, Henry Holt & Co., 1996)
It all sounds radical now, but for a century America adhered to many of
these common sense ideas.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref7>[7]
See Jonathan Kwitnys book, "Endless Enemies: The Making of an Unfriendly
World." (New York: Congdon and Weed, 1984).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref8>[8]
See "Free Speech in the United States," by Zechariah Chafee, Jr., p. 273,
(Harvard University Press, Cambridge, Mass., 1967).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref9>
9) As I write this, word comes that Ralph Nader was denied credentials to
attend the Democratic convention. Some democrats just cant stop blaming
him for Gore losing the 2000 presidential election. I doubt any of them
were angry that Perot helped elect Clinton in 1992 or ask why Gore couldnt
carry his own state or West Virginia, traditional Democratic states that
went for Bush.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref10>[10]
"The truth is that schools dont really teach anything except how to obey
orders." So wrote John Taylor Gotto, who has been an award winning public
school teacher. See his "Dumbing Us Down. The Hidden Curriculum of
Compulsory School," p. 25, (New Society Publishers, Philadelphia, 1991).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref11>[11]
Both Russell and Mill, socialists who hoped that society would evolve away
from private property, nevertheless were fearful of state education,
believing its dangers far outweighed any of its potential benefits. For
example, Mill, in "On Liberty, warned that " a general state education is a
mere contrivance for molding people to be exactly like one another; and as
the mold in which it casts them is that which pleases the predominant power
in the government, whether this be a monarch, a priesthood, an aristocracy,
or the majority of the existing generation; in proportion as it is
efficient and successful, it establishes a despotism over the mind, leading
by natural tendency to one over the body." See "The Utilitarians, p. 587,
(Doubleday & Co, Garden City, New York, 1961).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref12>[12]
In his "gypsy years," before he married Teresa Heinz, John Kerry had no
permanent address in the Bay State. Senators are supposed to have permanent
addresses in the state they represent. But not John Kerry, who sometimes
stayed rent-free in the condo of his chief fundraiser. See "John Kerry. The
Complete Biography by The Boston Globe Reporters Who Know Him Best," by
Michael Kranish, Brian C. Mooney and Nina J. Easton, p. 238, (Public
Affairs, New York, 2004).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref13>[13]
See F.A. Hayeks "The Road to Serfdom." (The University of Chicago Press)..
Here he warned, some 60 years ago, that," We are rapidly abandoning not the
views merely of Cobden and Bright, of Adam Smith and Hume, or even of Locke
and Milton, but one of the salient characteristics of Western civilization
as it has grown from the foundations laid by the Christians and the Greeks
and Romans." P. 17.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref14>[14]
"Inflation from 1988 through the end of 2002 was 52%. What cost $100 in
1988 would cost $152.01 in 2002. If earnings only kept up with inflation,
they would grow from $23.75 in 1988 to $36.10 in 2003. That means that
earnings barely kept up with inflation, growing less than $1 ($.92) in
real, inflation adjusted terms in 15 years! That is a total growth of less
than four percent and clearly a compounded growth of less than 0.5%" From
"Bulls Eye Investing. Targeting Real Returns in a Smoke and Mirrors
Market," by John Maudlin, p. 105, (John Wiley & Sons, New York, 2004).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref15>[15]
"What makes us rich," writes Murray Rothbard, "is an abundance of goods,
and what limits that abundance is a scarcity of resources: . . .
Multiplying coin will not whisk these resources into being. We may feel
twice as rich for the moment, but clearly all we are doing is diluting the
money supply." P. 33. See Rothbards "<http://www.mises.org/money.asp>What
Has Government Done to Our Money?"
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref16>[16]
"Here," wrote William Graham Sumner about a century ago, " we have the
Forgotten Man again, and once again we find him worthy of all respect and
consideration, but passed by in favor of the noisy, pushing and
incompetent." From "Social Darwinsim. Selected Essays of William Graham
Sumner," p. 127, (Prentice-Hall, Englewood Cliffs, New Jersey, 1963).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref17>[17]
The Republican Party, in 1952, turned away from "isolationism when it
turned its back on Senator Robert Taft. He was "the Reluctant Dragon,
unable to wage permanent war against the Soviet menace." The party,
instead, turned to the "internationalist" Dwight Eisenhower. See "Prophets
on the Right. Profiles of Conservative Critics of American Globalism," by
Ronald Radosh, p. 192, (Simon and Shuster, New York, 1975).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref18>[18]See
"The Politics of War. The Story of Two Wars which Altered Forever the
Political Life of the American Republic (18901920)" by Walter Karp,
Harper Row, New York, 1979).
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref19>[19]
Ibid.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref20>[20]
Germany has "double" the unemployment rate of the United States. See the
"Wall Street Journal" op-ed page of August 2, 2004,. "Auf Wiedersehen to
the Leisure Economy, " p. A11.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref21>[21]
See my "<http://www.mises.org/fullstory.aspx?control=344>The Social
Security Deal of 1972" at mises.org or simply by doing on an on line search
using my name.
<http://by1fd.bay1.hotmail.msn.com/cgi-bin/dasp/EN/rte___90801.asp#_ftnref22>[22]See
Alexis de Tocquevilles "Democracy in America." Here De Tocqueville, over a
century and a half ago, warned of the potential for an administrative
despotism that would be unlike any other tyranny ever experienced in
history. "It would resemble parental authority, if, fatherlike, it tried to
prepare its charges for a mans life, but on the contrary, it only tries to
keep them in perpetual childhood." P. 692, Vol II, (Perrenial Classics, New
York, 2000).
In response to many requests, it is now possible to set your credit-card
contribution to the Mises Institute to be recurring. You can easily set
this up on-line with a donation starting at $10 per month. See the
<https://www.mises.org/donate.asp>Membership Page. This is one way to
ensure that your support for the Mises Institute is ongoing.
<http://www.mises.org/fullstory.aspx?Id=1621>[Print Friendly Page]
<http://www.mises.org/blog/>
<http://www.mises.org/elist.asp>Mises Email List Services
<https://www.mises.org/donate.asp>Join the Mises Institute
<http://www.mises.org/store>Mises.org Store
<http://www.mises.org/>Home | <http://www.mises.org/about.asp>About |
<http://www.mises.org/elist.asp>Email List |
<http://www.google.com/u/Mises>Search |
<http://www.mises.org/contact.asp>Contact Us |
<http://www.mises.org/journals.asp>Periodicals |
<http://www.mises.org/articles.asp>Articles |
<http://www.mises.org/fun.asp>Games & Fun
<http://www.mises.org/StudyGuideDisplay.asp?SubjID=117>EBooks |
<http://www.mises.org/scholar.asp>Resources |
<http://www.mises.org/catalog.asp>Catalog |
<https://www.mises.org/donate.asp>Contributions |
<http://www.mises.org/calendar.asp>Freedom Calendar
You are subscribed as: rah(a)ibuc.com
Manage
<http://mises.biglist.com/list/article/?p=prefs&pre=l&e=13958347&pw=1tyvx5to…>your
account. Unsubscribe
<http://mises.biglist.com/list/article/?p=unsub&pre=l&e=13958347&pw=1tyvx5to…>here
or send email to <mailto:article-unsub-13958347@mises.biglist.com>this
address.
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
CRYPTO-GRAM
May 15, 2009
by Bruce Schneier
Chief Security Technology Officer, BT
schneier(a)schneier.com
http://www.schneier.com
A free monthly newsletter providing summaries, analyses, insights, and
commentaries on security: computer and otherwise.
For back issues, or to subscribe, visit
<http://www.schneier.com/crypto-gram.html>.
You can read this issue on the web at
<http://www.schneier.com/crypto-gram-0905.html>. These same essays
appear in the "Schneier on Security" blog:
<http://www.schneier.com/blog>. An RSS feed is available.
** *** ***** ******* *********** *************
In this issue:
Fourth Annual Movie-Plot Threat Contest Winner
Book Review: The Science of Fear
An Expectation of Online Privacy
News
Malicious Contamination of the Food Supply
Unfair and Deceptive Data Trade Practices
Schneier News
Mathematical Illiteracy
Conficker
Comments from Readers
** *** ***** ******* *********** *************
Fourth Annual Movie-Plot Threat Contest Winner
For this contest, the goal was "to find an existing event somewhere in
the industrialized world -- Third World events are just too easy -- and
provide a conspiracy theory to explain how the terrorists were really
responsible."
I thought it was straightforward enough, but, honestly, I wasn't very
impressed with the submissions. Nothing surprised me with its
cleverness. There were scary entries and there were plausible entries,
but hardly any were both at the same time. And I was amazed by how many
people didn't bother to read the rules at all, and just submitted
movie-plot threats.
But after reading through the entries, I have chosen a winner. It's
HJohn, for his kidnap-blackmail-terrorist connection: "Though recent
shooting sprees in churches, nursing homes, and at family outings appear
unrelated, a terrifying link has been discovered. All perpetrators had
small children who were abducted by terrorists, and perpetrators
received a video of their children with hooded terrorists warning that
their children would be beheaded if they do not engage in the suicidal
rampage. The terror threat level has been raised to red as profiling,
known associations, and criminal history are now useless in detecting
who will be the next terrorist sniper or airline hijacker. Anyone who
loves their children may be a potential terrorist."
Fairly plausible, and definitely scary. Congratulations, HJohn.
A copy of this article, with all embedded links, is here:
http://www.schneier.com/blog/archives/2009/05/fourth_movie-pl.html
** *** ***** ******* *********** *************
Book Review: The Science of Fear
Daniel Gardner's The Science of Fear was published last July, but I've
only just gotten around to reading it. That was a big mistake. It's a
fantastic look at how humans deal with fear: exactly the kind of thing I
have been reading and writing about for the past couple of years. It's
the book I wanted to write, and it's a great read.
Gardner writes about how the brain processes fear and risk, how it
assesses probability and likelihood, and how it makes decisions under
uncertainty. The book talks about all the interesting psychological
studies -- cognitive psychology, evolutionary psychology, behavioral
economics, experimental philosophy -- that illuminate how we think and
act regarding fear. The book also talks about how fear is used to
influence people, by marketers, by politicians, by the media. And
lastly, the book talks about different areas where fear plays a part:
health, crime, terrorism.
There have been a lot of books published recently that apply these new
paradigms of human psychology to different domains -- to randomness, to
traffic, to rationality, to art, to religion, and etc. -- but after you
read a few you start seeing the same dozen psychology experiments over
and over again. Even I did it, when I wrote about the psychology of
security. But Gardner's book is different: he goes further, explains
more, demonstrates his point with the more obscure experiments that most
authors don't bother seeking out. His writing style is both easy to read
and informative, a nice mix of data an anecdote. The flow of the book
makes sense. And his analysis is spot-on.
My only problem with the book is that Gardner doesn't use standard names
for the various brain heuristics he talks about. Yes, his names are more
intuitive and evocative, but they're wrong. If you have already read
other books in the field, this is annoying because you have to
constantly translate into standard terminology. And if you haven't read
anything else in the field, this is a real problem because you'll be
needlessly confused when you read about these things in other books and
articles.
So here's a handy conversion chart. Print it out and tape it to the
inside front cover. Print another copy out and use it as a bookmark.
Rule of Typical Things = representativeness heuristic
Example Rule = availability heuristic
Good-Bad Rule = affect heuristic
confirmation bias = confirmation bias
That's it. That's the only thing I didn't like about the book.
Otherwise, it's perfect. It's the book I wish I had written. Only I
don't think I would have done as good a job as Gardner did. The Science
of Fear should be required reading for...well, for everyone.
The paperback will be published in June.
http://www.amazon.com/exec/obidos/ASIN/0525950621/counterpane/
A copy of this essay, with all embedded links, is here:
http://www.schneier.com/blog/archives/2009/04/book_review_the.html
** *** ***** ******* *********** *************
An Expectation of Online Privacy
If your data is online, it is not private. Oh, maybe it seems private.
Certainly, only you have access to your e-mail. Well, you and your ISP.
And the sender's ISP. And any backbone provider who happens to route
that mail from the sender to you. And, if you read your personal mail
from work, your company. And, if they have taps at the correct points,
the NSA and any other sufficiently well-funded government intelligence
organization -- domestic and international.
You could encrypt your mail, of course, but few of us do that. Most of
us now use webmail. The general problem is that, for the most part, your
online data is not under your control. Cloud computing and software as a
service exacerbate this problem even more.
Your webmail is less under your control than it would be if you
downloaded your mail to your computer. If you use Salesforce.com, you're
relying on that company to keep your data private. If you use Google
Docs, you're relying on Google. This is why the Electronic Privacy
Information Center recently filed a complaint with the Federal Trade
Commission: many of us are relying on Google's security, but we don't
know what it is.
This is new. Twenty years ago, if someone wanted to look through your
correspondence, he had to break into your house. Now, he can just break
into your ISP. Ten years ago, your voicemail was on an answering machine
in your office; now it's on a computer owned by a telephone company.
Your financial accounts are on remote websites protected only by
passwords; your credit history is collected, stored, and sold by
companies you don't even know exist.
And more data is being generated. Lists of books you buy, as well as the
books you look at, are stored in the computers of online booksellers.
Your affinity card tells your supermarket what foods you like. What were
cash transactions are now credit card transactions. What used to be an
anonymous coin tossed into a toll booth is now an EZ Pass record of
which highway you were on, and when. What used to be a face-to-face chat
is now an e-mail, IM, or SMS conversation -- or maybe a conversation
inside Facebook.
Remember when Facebook recently changed its terms of service to take
further control over your data? They can do that whenever they want, you
know.
We have no choice but to trust these companies with our security and
privacy, even though they have little incentive to protect them. Neither
ChoicePoint, Lexis Nexis, Bank of America, nor T-Mobile bears the costs
of privacy violations or any resultant identity theft.
This loss of control over our data has other effects, too. Our
protections against police abuse have been severely watered down. The
courts have ruled that the police can search your data without a
warrant, as long as others hold that data. If the police want to read
the e-mail on your computer, they need a warrant; but they don't need
one to read it from the backup tapes at your ISP.
This isn't a technological problem; it's a legal problem. The courts
need to recognize that in the information age, virtual privacy and
physical privacy don't have the same boundaries. We should be able to
control our own data, regardless of where it is stored. We should be
able to make decisions about the security and privacy of that data, and
have legal recourse should companies fail to honor those decisions. And
just as the Supreme Court eventually ruled that tapping a telephone was
a Fourth Amendment search, requiring a warrant -- even though it
occurred at the phone company switching office and not in the target's
home or office -- the Supreme Court must recognize that reading personal
e-mail at an ISP is no different.
This essay was originally published on the SearchSecurity.com website,
as the second half of a point/counterpoint with Marcus Ranum.
http://searchsecurity.techtarget.com/magazinePrintFriendly/0,296905,sid14_g…
or http://tinyurl.com/pnv8vq
** *** ***** ******* *********** *************
News
New frontiers in biometrics. Ears:
http://www.newscientist.com/article/mg20227035.200-our-ears-may-have-builti…
or http://tinyurl.com/dlgmaj
Arm swinging:
http://techon.nikkeibp.co.jp/english/NEWS_EN/20090414/168716/
I guess biometrics is now the "it" thing to study.
Hacking a Time Magazine poll. Not particularly subtle, but clever
nonetheless:
http://musicmachinery.com/2009/04/15/inside-the-precision-hack/
http://www.theregister.co.uk/2009/04/17/time_top_100_hack/
http://musicmachinery.com/2009/04/27/moot-wins-time-inc-loses/
Department of Homeland Security recruitment drive:
http://news.yahoo.com/s/ap/20090418/ap_on_go_pr_wh/us_cyber_security
Funny "war on photography" anecdote:
http://sierracharlie.wordpress.com/2009/04/10/terror/
I was going to write a commentary on NSA Director General Alexander's
keynote speech at the RSA Conference, but he didn't actually *say* anything.
http://www.schneier.com/blog/archives/2009/04/nsa_at_rsa.html
Low-tech impersonation trick at restaurants:
http://www.schneier.com/blog/archives/2009/04/low-tech_impers.html
Encrypting your USB drive is smart. Writing the encryption key down is
smart. Writing it on a piece of paper and attaching it to the USB drive
is not.
http://news.bbc.co.uk/1/hi/england/lancashire/8003757.stm
Hacking U.S. military satellites is more widespread than you might think:
http://www.wired.com/politics/security/news/2009/04/fleetcom
Fake facts on Twitter: the medium makes authentication hard.
http://www.schneier.com/blog/archives/2009/04/fake_facts_on_t.html
Remember those terrorism arrests that the UK government conducted, after
a secret document was accidentally photographed? No one was charged:
http://news.bbc.co.uk/2/hi/uk_news/8011955.stm
http://www.schneier.com/blog/archives/2009/04/how_not_to_carr.html
Cell phones and hostage situations:
http://www.schneier.com/blog/archives/2009/04/cell_phones_and.html
This apparently non-ironic video warns that people might impersonate
census workers in an effort to rob you. But while you shouldn't trust
the ID of a stranger, you should trust that same stranger to give you a
phone number where you can verify that ID. This, of course, makes no sense.
http://www.keyt.com/news/local/43392637.html
Preventing impersonation is hard.
http://www.schneier.com/blog/archives/2009/01/impersonation.html
"No-fly" also means "no-flyover": plane from Paris to Mexico isn't
allowed to fly over the United States.
http://www.schneier.com/blog/archives/2009/04/no-fly_also_mea.html
Lessons from the Columbine school shooting: it's not the high-tech gear,
but trained and alert staff that actually make a difference:
http://www.schneier.com/blog/archives/2009/04/lessons_from_th_2.html
Ireland does away with electronic voting, returning to paper ballots
again. Smart country.
http://www.schneier.com/blog/archives/2009/04/ireland_does_aw.html
A sad tale of fingerprint biometrics gone wrong. Amusing and interesting:
http://thedailywtf.com/Articles/Cracking-your-Fingers.aspx
Interesting article from The New York Times on preparing for cyberwar:
http://www.nytimes.com/2009/04/28/us/28cyber.html
And yet another New York Times cyberwar article, from two days later:
http://www.schneier.com/blog/archives/2009/05/yet_another_new.html
I was particularly disturbed by the last paragraph of the newspaper
article: "Introducing the possibility of a nuclear response to a
catastrophic cyberattack would be expected to serve the same purpose."
Nuclear war is not a suitable response to a cyberattack.
Law professor Googles Justice Scalia just to see what he can collect.
Scalia isn't amused:
http://www.abajournal.com/weekly/fordham_law_class_collects_scalia_info_jus…
or http://tinyurl.com/crbzjg
Security considerations in the evolution of the human penis: a
fascinating bit of evolutionary biology
http://www.scientificamerican.com/article.cfm?id=secrets-of-the-phallus
or http://tinyurl.com/dy8vxz
The U.S. Air Force is using a secure version of MS Windows:
http://www.schneier.com/blog/archives/2009/05/secure_version.html
Lie detector charlatans:
http://www.schneier.com/blog/archives/2009/05/lie_detector_ch.html
Virginia health data held for ransom:
http://www.schneier.com/blog/archives/2009/05/virginia_data_r.html
MI6 and a lost memory stick:
http://www.schneier.com/blog/archives/2009/05/mi6_and_a_lost.html
Marc Rotenberg on security vs. privacy:
http://www.huffingtonpost.com/marc-rotenberg/privacy-vs-security-pr_b_71806…
or http://tinyurl.com/2hozm8
Researchers hijack a botnet:
http://www.schneier.com/blog/archives/2009/05/researchers_hij.html
The Zeus Trojan has a self-destruct option:
http://voices.washingtonpost.com/securityfix/2009/05/zeustracker_and_the_nu…
or http://tinyurl.com/odjwx8
This is bad. I see it as a sign that the botnet wars are heating up,
and botnet designers would rather destroy their networks than have them
fall into "enemy" hands.
Using surveillance cameras to detect cashier cheating.
http://www.schneier.com/blog/archives/2009/05/using_surveilla.html
Software problems with a breath alcohol detector.
http://www.schneier.com/blog/archives/2009/05/software_proble.html
A U.S. District Court has ruled that the police do not need a warrant to
place a GPS tracking device on someone's car:
http://www.schneier.com/blog/archives/2009/05/no_warrant_requ.html
** *** ***** ******* *********** *************
Malicious Contamination of the Food Supply
Terrorists attacking our food supply is a nightmare scenario that has
been given new life during the recent swine flu outbreak. Although it
seems easy to do, understanding why it hasn't happened is important.
G.R. Dalziel, at the Nanyang Technological University in Singapore, has
written a report chronicling every confirmed case of malicious food
contamination in the world since 1950: 365 cases in all, plus 126
additional unconfirmed cases. What he found demonstrates the reality of
terrorist food attacks.
It turns out 72% of the food poisonings occurred at the end of the food
supply chain -- at home -- typically by a friend, relative, neighbor, or
co-worker trying to kill or injure a specific person. A characteristic
example is Heather Mook of York, who in 2007 tried to kill her husband
by putting rat poison in his spaghetti.
Most of these cases resulted in fewer than five casualties -- Mook only
injured her husband in this incident -- although 16% resulted in five or
more. Of the 19 cases that claimed 10 or more lives, four involved
serial killers operating over several years.
Another 23% of cases occurred at the retail or food service level. A
1998 incident in Japan, where someone put arsenic in a curry sold at a
summer festival, killing four and hospitalizing 63, is a typical
example. Only 11% of these incidents resulted in 100 or more casualties,
while 44% resulted in none.
There are very few incidents of people contaminating the actual food
supply. People deliberately contaminated a water supply seven times,
resulting in three deaths. There is only one example of someone
deliberately contaminating a crop before harvest -- in Australia in 2006
-- and the crops were recalled before they could be sold. And in the
three cases of someone deliberately contaminating food during packaging
and distribution, including a 2005 case in the UK where glass and
needles were baked into loaves of bread, no one died or was injured.
This isn't the stuff of bioterrorism. The closest example occurred in
1984 in the US, where members of a religious group known as the
Rajneeshees contaminated several restaurant salad bars with salmonella
enterica typhimurium, sickening 751, hospitalizing 45, but killing no
one. In fact, no one knew this was malicious until a year later, when
one of the perpetrators admitted it.
Almost all of the food contaminations used conventional poisons such as
cyanide, drain cleaner, mercury, or weed killer. There were nine
incidents of biological agents, including salmonella, ricin, and fecal
matter, and eight cases of radiological matter. The 2006 London
poisoning of the former KGB agent Alexander Litvinenko with polonium-210
in his tea is an example of the latter.
And that assassination illustrates the real risk of malicious food
poisonings. What is discussed in terrorist training manuals, and what
the CIA is worried about, is the use of contaminated food in targeted
assassinations. The quantities involved for mass poisonings are too
great, the nature of the food supply too vast and the details of any
plot too complicated and unpredictable to be a real threat. That becomes
crystal clear as you read the details of the different incidents: it's
hard to kill one person, and very hard to kill dozens. Hundreds,
thousands: it's just not going to happen any time soon. The fear of
bioterror is much greater, and the panic from any bioterror scare will
injure more people, than bioterrorism itself.
Far more dangerous are accidental contaminations due to negligent
industry practices, such as the 2006 spinach E coli and, more recently,
peanut salmonella contaminations in the US, the 2008 milk contaminations
in China, and the BSE-infected beef from earlier this decade. And the
systems we have in place to deal with these accidental contaminations
also work to mitigate any intentional ones.
In 2004, the then US secretary of health and human services, Tommy
Thompson, said on Fox News: "I cannot understand why terrorists have not
attacked our food supply. Because it is so easy to do."
Guess what? It's not at all easy to do.
Dalziel's report:
http://www.rsis.edu.sg/CENS/publications/reports/RSIS_Food%20Defence_170209…
or http://tinyurl.com/r96mtj
Thompson quote:
http://www.foxnews.com/story/0,2933,141044,00.html
This essay previously appeared in The Guardian.
http://www.guardian.co.uk/technology/2009/may/14/bruce-schneier-bioterrorism
or http://tinyurl.com/pkuevo
** *** ***** ******* *********** *************
Unfair and Deceptive Data Trade Practices
Do you know what your data did last night? Almost none of the more than
27 million people who took the RealAge quiz realized that their personal
health data was being used by drug companies to develop targeted e-mail
marketing campaigns.
There's a basic consumer protection principle at work here, and it's the
concept of "unfair and deceptive" trade practices. Basically, a company
shouldn't be able to say one thing and do another: sell used goods as
new, lie on ingredients lists, advertise prices that aren't generally
available, claim features that don't exist, and so on.
Buried in RealAge's 2,400-word privacy policy is this disclosure: "If
you elect to say yes to becoming a free RealAge Member we will
periodically send you free newsletters and e-mails that directly promote
the use of our site(s) or the purchase of our products or services and
may contain, in whole or in part, advertisements for third parties which
relate to marketed products of selected RealAge partners."
They maintain that when you join the website, you consent to receiving
pharmaceutical company spam. But since that isn't spelled out, it's not
really informed consent. That's deceptive.
Cloud computing is another technology where users entrust their data to
service providers. Salesforce.com, Gmail, and Google Docs are examples;
your data isn't on your computer -- it's out in the "cloud" somewhere --
and you access it from your web browser. Cloud computing has significant
benefits for customers and huge profit potential for providers. It's one
of the fastest growing IT market segments -- 69% of Americans now use
some sort of cloud computing services -- but the business is rife with
shady, if not outright deceptive, advertising.
Take Google, for example. Last month, the Electronic Privacy Information
Center (I'm on its board of directors) filed a complaint with the
Federal Trade Commission concerning Google's cloud computing services.
On its website, Google repeatedly assures customers that their data is
secure and private, while published vulnerabilities demonstrate that it
is not. Google's not foolish, though; its Terms of Service explicitly
disavow any warranty or any liability for harm that might result from
Google's negligence, recklessness, malevolent intent, or even purposeful
disregard of existing legal obligations to protect the privacy and
security of user data. EPIC claims that's deceptive.
Facebook isn't much better. Its plainly written (and not legally
binding) Statement of Principles contains an admirable set of goals, but
its denser and more legalistic Statement of Rights and Responsibilities
undermines a lot of it. One research group who studies these documents
called it "democracy theater": Facebook wants the appearance of
involving users in governance, without the messiness of actually having
to do so. Deceptive.
These issues are not identical. RealAge is hiding what it does with your
data. Google is trying to both assure you that your data is safe and
duck any responsibility when it's not. Facebook wants to market a
democracy but run a dictatorship. But they all involve trying to deceive
the customer.
Cloud computing services like Google Docs, and social networking sites
like RealAge and Facebook, bring with them significant privacy and
security risks over and above traditional computing models. Unlike data
on my own computer, which I can protect to whatever level I believe
prudent, I have no control over any of these sites, nor any real
knowledge of how these companies protect my privacy and security. I have
to trust them.
This may be fine -- the advantages might very well outweigh the risks --
but users often can't weigh the trade-offs because these companies are
going out of their way to hide the risks.
Of course, companies don't want people to make informed decisions about
where to leave their personal data. RealAge wouldn't get 27 million
members if its webpage clearly stated "you are signing up to receive
e-mails containing advertising from pharmaceutical companies," and
Google Docs wouldn't get five million users if its webpage said "We'll
take some steps to protect your privacy, but you can't blame us if
something goes wrong."
And of course, trust isn't black and white. If, for example, Amazon
tried to use customer credit card info to buy itself office supplies,
we'd all agree that that was wrong. If it used customer names to solicit
new business from their friends, most of us would consider this wrong.
When it uses buying history to try to sell customers new books, many of
us appreciate the targeted marketing. Similarly, no one expects Google's
security to be perfect. But if it didn't fix known vulnerabilities, most
of us would consider that a problem.
This is why understanding is so important. For markets to work,
consumers need to be able to make informed buying decisions. They need
to understand both the costs and benefits of the products and services
they buy. Allowing sellers to manipulate the market by outright lying,
or even by hiding vital information, about their products breaks
capitalism -- and that's why the government has to step in to ensure
markets work smoothly.
Last month, Mary K. Engle, Acting Deputy Director of the FTC's Bureau of
Consumer Protection said: "a company's marketing materials must be
consistent with the nature of the product being offered. It's not enough
to disclose the information only in a fine print of a lengthy online
user agreement." She was speaking about Digital Rights Management and,
specifically, an incident where Sony used a music copy protection scheme
without disclosing that it secretly installed software on customers'
computers. DRM is different from cloud computing or even online surveys
and quizzes, but the principle is the same.
Engle again: "if your advertising giveth and your EULA [license
agreement] taketh away don't be surprised if the FTC comes calling."
That's the right response from government.
A version of this article originally appeared on The Wall Street Journal.
http://online.wsj.com/article/SB123997522418329223.html
A copy of this essay, with all embedded links, is here:
http://www.schneier.com/blog/archives/2009/04/unfair_and_dece.html
** *** ***** ******* *********** *************
Schneier News
I'm speaking at the Computers, Freedom, and Privacy conference on June 2
in Washington DC.
http://www.cfp2009.org/wiki/index.php/Main_Page
Marcus Ranum and I did a video version of our Face Off column.
http://searchsecurity.techtarget.com/video/0,297151,sid14_gci1355883,00.html
or http://tinyurl.com/p9eznn
Interview with me from ThreatPost:
http://threatpost.com/blogs/bruce-schneier-cryptography-security-theater-an…
or http://tinyurl.com/oyyeea
Slashdot thread on the interview:
http://it.slashdot.org/article.pl?sid=09/05/13/1822242
San Francisco restaurant reviews for the RSA Conference:
http://www.schneier.com/blog/archives/2009/04/san_francisco_r.html
** *** ***** ******* *********** *************
Mathematical Illiteracy
This may be the stupidest example of risk assessment I've ever seen.
It's a video clip from a recent Daily Show, about the dangers of the
Large Hadron Collider. The segment starts off slowly, but then there's
an exchange with high school science teacher Walter L. Wagner, who
insists the device has a 50-50 chance of destroying the world:
"If you have something that can happen, and something that won't
necessarily happen, it's going to either happen or it's going to not
happen, and so the best guess is 1 in 2."
"I'm not sure that's how probability works, Walter."
This is followed by clips of news shows taking the guy seriously.
In related news, almost four-fifths of Americans don't know that a
trillion is a million million, and most think it's less than that. Is
it any wonder why we're having so much trouble with national budget debates?
http://www.thedailyshow.com/video/index.jhtml?videoId=225921&title=Large-Ha…
or http://tinyurl.com/cevkwa
http://econ4u.org/blog/?p=587
** *** ***** ******* *********** *************
Conficker
Conficker's April Fool's joke -- the huge, menacing build-up and then
nothing -- is a good case study on how we think about risks, one whose
lessons are applicable far outside computer security. Generally, our
brains aren't very good at probability and risk analysis. We tend to use
cognitive shortcuts instead of thoughtful analysis. This worked fine for
the simple risks we encountered for most of our species' existence, but
it's less effective against the complex risks society forces us to face
today.
We tend to judge the probability of something happening on how easily we
can bring examples to mind. It's why people tend to buy earthquake
insurance after an earthquake, when the risk is lowest. It's why those
of us who have been the victims of a crime tend to fear crime more than
those who haven't. And it's why we fear a repeat of 9/11 more than other
types of terrorism.
We fear being murdered, kidnapped, raped and assaulted by strangers,
when friends and relatives are far more likely to do those things to us.
We worry about plane crashes instead of car crashes, which are far more
common. We tend to exaggerate spectacular, strange, and rare events, and
downplay more ordinary, familiar, and common ones.
We also respond more to stories than to data. If I show you statistics
on crime in New York, you'll probably shrug and continue your vacation
planning. But if a close friend gets mugged there, you're more likely to
cancel your trip.
And specific stories are more convincing than general ones. That is why
we buy more insurance against plane accidents than against travel
accidents, or accidents in general. Or why, when surveyed, we are
willing to pay more for air travel insurance covering "terrorist acts"
than "all possible causes". That is why, in experiments, people judge
specific scenarios more likely than more general ones, even if the
general ones include the specific.
Conficker's 1 April deadline was precisely the sort of event humans tend
to overreact to. It's a specific threat, which convinces us that it's
credible. It's a specific date, which focuses our fear. Our natural
tendency to exaggerate makes it more spectacular, which further
increases our fear. Its repetition by the media makes it even easier to
bring to mind. As the story becomes more vivid, it becomes more convincing.
The New York Times called it an "unthinkable disaster", the television
news show 60 Minutes said it could "disrupt the entire internet" and we
at the Guardian warned that it might be a "deadly threat". Naysayers
were few, and drowned out.
The first of April passed without incident, but Conficker is no less
dangerous today. About 2.2m computers worldwide, are still infected with
Conficker.A and B, and about 1.3m more are infected with the nastier
Conficker.C. It's true that on 1 April Conficker.C tried a new trick to
update itself, but its authors could have updated the worm using another
mechanism any day. In fact, they updated it on 8 April, and can do so again.
And Conficker is just one of many, many dangerous worms being run by
criminal organizations. It came with a date and got a lot of press --
that 1 April date was more hype than reality -- but it's not
particularly special. In short, there are many criminal organizations on
the internet using worms and other forms of malware to infect computers.
They then use those computers to send spam, commit fraud, and infect
more computers. The risks are real and serious. Luckily, keeping your
anti-virus software up-to-date and not clicking on strange attachments
can keep you pretty secure. Conficker spreads through a Windows
vulnerability that was patched in October. You do have automatic update
turned on, right?
But people being people, it takes a specific story for us to protect
ourselves.
This essay previously appeared in The Guardian.
http://www.guardian.co.uk/technology/2009/apr/23/conficker-panic
A copy of this essay, with all embedded links, is here:
http://www.schneier.com/blog/archives/2009/04/conficker.html
** *** ***** ******* *********** *************
Comments from Readers
There are hundreds of comments -- many of them interesting -- on these
topics on my blog. Search for the story you want to comment on, and join in.
http://www.schneier.com/blog
** *** ***** ******* *********** *************
Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing
summaries, analyses, insights, and commentaries on security: computer
and otherwise. You can subscribe, unsubscribe, or change your address
on the Web at <http://www.schneier.com/crypto-gram.html>. Back issues
are also available at that URL.
Please feel free to forward CRYPTO-GRAM, in whole or in part, to
colleagues and friends who will find it valuable. Permission is also
granted to reprint CRYPTO-GRAM, as long as it is reprinted in its entirety.
CRYPTO-GRAM is written by Bruce Schneier. Schneier is the author of the
best sellers "Schneier on Security," "Beyond Fear," "Secrets and Lies,"
and "Applied Cryptography," and an inventor of the Blowfish, Twofish,
Phelix, and Skein algorithms. He is the Chief Security Technology
Officer of BT BCSG, and is on the Board of Directors of the Electronic
Privacy Information Center (EPIC). He is a frequent writer and lecturer
on security topics. See <http://www.schneier.com>.
Crypto-Gram is a personal newsletter. Opinions expressed are not
necessarily those of BT.
Copyright (c) 2009 by Bruce Schneier.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
06 Jul '18
Reserve a room for the nights of February 4th and 5th under the
ShmooCon group code at the Marriot Wardman Park Hotel by January 1st,
or while rooms last, and you will be entered in the in the first
annual ShmooCon Reserve-a-Room Raffle--which includes food, wireless
gear, Washington Wizards tickets, and believe it or not, a very sexy
OQO Model 01.
What's an OQO Model 01? Check it out:
http://www.oqo.com
And you could have a chance to get one at ShmooCom 2005. But only if
you reserve a room at the con hotel for ShmooCon! Hurry! We have a
limited number of rooms set aside for conference attendees! More
information is HERE:
http://www.shmoocon.org/location.html
Specifically, you can reserve a room online with our group code via
the following link:
http://www.marriott.com/reservations/init.asp?marshacode=wasdt&path=marriot…
Check in on the 4th. Check out on the 6th.
Note, and NOT mentioned on the website, we have exactly 100 rooms set
aside for the nights of the 4th and the 5th, and over 30 have already
been reserved as of this Monday. That number appears to be steadily
dwindling, so heads up.
Sincerely,
Beetle
_______________________________________________
Shmoocon-News mailing list
Shmoocon-News(a)lists.shmoo.com
https://lists.shmoo.com/mailman/listinfo/shmoocon-news
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0
CRYPTO-GRAM
May 15, 2009
by Bruce Schneier
Chief Security Technology Officer, BT
schneier(a)schneier.com
http://www.schneier.com
A free monthly newsletter providing summaries, analyses, insights, and
commentaries on security: computer and otherwise.
For back issues, or to subscribe, visit
<http://www.schneier.com/crypto-gram.html>.
You can read this issue on the web at
<http://www.schneier.com/crypto-gram-0905.html>. These same essays
appear in the "Schneier on Security" blog:
<http://www.schneier.com/blog>. An RSS feed is available.
** *** ***** ******* *********** *************
In this issue:
Fourth Annual Movie-Plot Threat Contest Winner
Book Review: The Science of Fear
An Expectation of Online Privacy
News
Malicious Contamination of the Food Supply
Unfair and Deceptive Data Trade Practices
Schneier News
Mathematical Illiteracy
Conficker
Comments from Readers
** *** ***** ******* *********** *************
Fourth Annual Movie-Plot Threat Contest Winner
For this contest, the goal was "to find an existing event somewhere in
the industrialized world -- Third World events are just too easy -- and
provide a conspiracy theory to explain how the terrorists were really
responsible."
I thought it was straightforward enough, but, honestly, I wasn't very
impressed with the submissions. Nothing surprised me with its
cleverness. There were scary entries and there were plausible entries,
but hardly any were both at the same time. And I was amazed by how many
people didn't bother to read the rules at all, and just submitted
movie-plot threats.
But after reading through the entries, I have chosen a winner. It's
HJohn, for his kidnap-blackmail-terrorist connection: "Though recent
shooting sprees in churches, nursing homes, and at family outings appear
unrelated, a terrifying link has been discovered. All perpetrators had
small children who were abducted by terrorists, and perpetrators
received a video of their children with hooded terrorists warning that
their children would be beheaded if they do not engage in the suicidal
rampage. The terror threat level has been raised to red as profiling,
known associations, and criminal history are now useless in detecting
who will be the next terrorist sniper or airline hijacker. Anyone who
loves their children may be a potential terrorist."
Fairly plausible, and definitely scary. Congratulations, HJohn.
A copy of this article, with all embedded links, is here:
http://www.schneier.com/blog/archives/2009/05/fourth_movie-pl.html
** *** ***** ******* *********** *************
Book Review: The Science of Fear
Daniel Gardner's The Science of Fear was published last July, but I've
only just gotten around to reading it. That was a big mistake. It's a
fantastic look at how humans deal with fear: exactly the kind of thing I
have been reading and writing about for the past couple of years. It's
the book I wanted to write, and it's a great read.
Gardner writes about how the brain processes fear and risk, how it
assesses probability and likelihood, and how it makes decisions under
uncertainty. The book talks about all the interesting psychological
studies -- cognitive psychology, evolutionary psychology, behavioral
economics, experimental philosophy -- that illuminate how we think and
act regarding fear. The book also talks about how fear is used to
influence people, by marketers, by politicians, by the media. And
lastly, the book talks about different areas where fear plays a part:
health, crime, terrorism.
There have been a lot of books published recently that apply these new
paradigms of human psychology to different domains -- to randomness, to
traffic, to rationality, to art, to religion, and etc. -- but after you
read a few you start seeing the same dozen psychology experiments over
and over again. Even I did it, when I wrote about the psychology of
security. But Gardner's book is different: he goes further, explains
more, demonstrates his point with the more obscure experiments that most
authors don't bother seeking out. His writing style is both easy to read
and informative, a nice mix of data an anecdote. The flow of the book
makes sense. And his analysis is spot-on.
My only problem with the book is that Gardner doesn't use standard names
for the various brain heuristics he talks about. Yes, his names are more
intuitive and evocative, but they're wrong. If you have already read
other books in the field, this is annoying because you have to
constantly translate into standard terminology. And if you haven't read
anything else in the field, this is a real problem because you'll be
needlessly confused when you read about these things in other books and
articles.
So here's a handy conversion chart. Print it out and tape it to the
inside front cover. Print another copy out and use it as a bookmark.
Rule of Typical Things = representativeness heuristic
Example Rule = availability heuristic
Good-Bad Rule = affect heuristic
confirmation bias = confirmation bias
That's it. That's the only thing I didn't like about the book.
Otherwise, it's perfect. It's the book I wish I had written. Only I
don't think I would have done as good a job as Gardner did. The Science
of Fear should be required reading for...well, for everyone.
The paperback will be published in June.
http://www.amazon.com/exec/obidos/ASIN/0525950621/counterpane/
A copy of this essay, with all embedded links, is here:
http://www.schneier.com/blog/archives/2009/04/book_review_the.html
** *** ***** ******* *********** *************
An Expectation of Online Privacy
If your data is online, it is not private. Oh, maybe it seems private.
Certainly, only you have access to your e-mail. Well, you and your ISP.
And the sender's ISP. And any backbone provider who happens to route
that mail from the sender to you. And, if you read your personal mail
from work, your company. And, if they have taps at the correct points,
the NSA and any other sufficiently well-funded government intelligence
organization -- domestic and international.
You could encrypt your mail, of course, but few of us do that. Most of
us now use webmail. The general problem is that, for the most part, your
online data is not under your control. Cloud computing and software as a
service exacerbate this problem even more.
Your webmail is less under your control than it would be if you
downloaded your mail to your computer. If you use Salesforce.com, you're
relying on that company to keep your data private. If you use Google
Docs, you're relying on Google. This is why the Electronic Privacy
Information Center recently filed a complaint with the Federal Trade
Commission: many of us are relying on Google's security, but we don't
know what it is.
This is new. Twenty years ago, if someone wanted to look through your
correspondence, he had to break into your house. Now, he can just break
into your ISP. Ten years ago, your voicemail was on an answering machine
in your office; now it's on a computer owned by a telephone company.
Your financial accounts are on remote websites protected only by
passwords; your credit history is collected, stored, and sold by
companies you don't even know exist.
And more data is being generated. Lists of books you buy, as well as the
books you look at, are stored in the computers of online booksellers.
Your affinity card tells your supermarket what foods you like. What were
cash transactions are now credit card transactions. What used to be an
anonymous coin tossed into a toll booth is now an EZ Pass record of
which highway you were on, and when. What used to be a face-to-face chat
is now an e-mail, IM, or SMS conversation -- or maybe a conversation
inside Facebook.
Remember when Facebook recently changed its terms of service to take
further control over your data? They can do that whenever they want, you
know.
We have no choice but to trust these companies with our security and
privacy, even though they have little incentive to protect them. Neither
ChoicePoint, Lexis Nexis, Bank of America, nor T-Mobile bears the costs
of privacy violations or any resultant identity theft.
This loss of control over our data has other effects, too. Our
protections against police abuse have been severely watered down. The
courts have ruled that the police can search your data without a
warrant, as long as others hold that data. If the police want to read
the e-mail on your computer, they need a warrant; but they don't need
one to read it from the backup tapes at your ISP.
This isn't a technological problem; it's a legal problem. The courts
need to recognize that in the information age, virtual privacy and
physical privacy don't have the same boundaries. We should be able to
control our own data, regardless of where it is stored. We should be
able to make decisions about the security and privacy of that data, and
have legal recourse should companies fail to honor those decisions. And
just as the Supreme Court eventually ruled that tapping a telephone was
a Fourth Amendment search, requiring a warrant -- even though it
occurred at the phone company switching office and not in the target's
home or office -- the Supreme Court must recognize that reading personal
e-mail at an ISP is no different.
This essay was originally published on the SearchSecurity.com website,
as the second half of a point/counterpoint with Marcus Ranum.
http://searchsecurity.techtarget.com/magazinePrintFriendly/0,296905,sid14_g…
or http://tinyurl.com/pnv8vq
** *** ***** ******* *********** *************
News
New frontiers in biometrics. Ears:
http://www.newscientist.com/article/mg20227035.200-our-ears-may-have-builti…
or http://tinyurl.com/dlgmaj
Arm swinging:
http://techon.nikkeibp.co.jp/english/NEWS_EN/20090414/168716/
I guess biometrics is now the "it" thing to study.
Hacking a Time Magazine poll. Not particularly subtle, but clever
nonetheless:
http://musicmachinery.com/2009/04/15/inside-the-precision-hack/
http://www.theregister.co.uk/2009/04/17/time_top_100_hack/
http://musicmachinery.com/2009/04/27/moot-wins-time-inc-loses/
Department of Homeland Security recruitment drive:
http://news.yahoo.com/s/ap/20090418/ap_on_go_pr_wh/us_cyber_security
Funny "war on photography" anecdote:
http://sierracharlie.wordpress.com/2009/04/10/terror/
I was going to write a commentary on NSA Director General Alexander's
keynote speech at the RSA Conference, but he didn't actually *say* anything.
http://www.schneier.com/blog/archives/2009/04/nsa_at_rsa.html
Low-tech impersonation trick at restaurants:
http://www.schneier.com/blog/archives/2009/04/low-tech_impers.html
Encrypting your USB drive is smart. Writing the encryption key down is
smart. Writing it on a piece of paper and attaching it to the USB drive
is not.
http://news.bbc.co.uk/1/hi/england/lancashire/8003757.stm
Hacking U.S. military satellites is more widespread than you might think:
http://www.wired.com/politics/security/news/2009/04/fleetcom
Fake facts on Twitter: the medium makes authentication hard.
http://www.schneier.com/blog/archives/2009/04/fake_facts_on_t.html
Remember those terrorism arrests that the UK government conducted, after
a secret document was accidentally photographed? No one was charged:
http://news.bbc.co.uk/2/hi/uk_news/8011955.stm
http://www.schneier.com/blog/archives/2009/04/how_not_to_carr.html
Cell phones and hostage situations:
http://www.schneier.com/blog/archives/2009/04/cell_phones_and.html
This apparently non-ironic video warns that people might impersonate
census workers in an effort to rob you. But while you shouldn't trust
the ID of a stranger, you should trust that same stranger to give you a
phone number where you can verify that ID. This, of course, makes no sense.
http://www.keyt.com/news/local/43392637.html
Preventing impersonation is hard.
http://www.schneier.com/blog/archives/2009/01/impersonation.html
"No-fly" also means "no-flyover": plane from Paris to Mexico isn't
allowed to fly over the United States.
http://www.schneier.com/blog/archives/2009/04/no-fly_also_mea.html
Lessons from the Columbine school shooting: it's not the high-tech gear,
but trained and alert staff that actually make a difference:
http://www.schneier.com/blog/archives/2009/04/lessons_from_th_2.html
Ireland does away with electronic voting, returning to paper ballots
again. Smart country.
http://www.schneier.com/blog/archives/2009/04/ireland_does_aw.html
A sad tale of fingerprint biometrics gone wrong. Amusing and interesting:
http://thedailywtf.com/Articles/Cracking-your-Fingers.aspx
Interesting article from The New York Times on preparing for cyberwar:
http://www.nytimes.com/2009/04/28/us/28cyber.html
And yet another New York Times cyberwar article, from two days later:
http://www.schneier.com/blog/archives/2009/05/yet_another_new.html
I was particularly disturbed by the last paragraph of the newspaper
article: "Introducing the possibility of a nuclear response to a
catastrophic cyberattack would be expected to serve the same purpose."
Nuclear war is not a suitable response to a cyberattack.
Law professor Googles Justice Scalia just to see what he can collect.
Scalia isn't amused:
http://www.abajournal.com/weekly/fordham_law_class_collects_scalia_info_jus…
or http://tinyurl.com/crbzjg
Security considerations in the evolution of the human penis: a
fascinating bit of evolutionary biology
http://www.scientificamerican.com/article.cfm?id=secrets-of-the-phallus
or http://tinyurl.com/dy8vxz
The U.S. Air Force is using a secure version of MS Windows:
http://www.schneier.com/blog/archives/2009/05/secure_version.html
Lie detector charlatans:
http://www.schneier.com/blog/archives/2009/05/lie_detector_ch.html
Virginia health data held for ransom:
http://www.schneier.com/blog/archives/2009/05/virginia_data_r.html
MI6 and a lost memory stick:
http://www.schneier.com/blog/archives/2009/05/mi6_and_a_lost.html
Marc Rotenberg on security vs. privacy:
http://www.huffingtonpost.com/marc-rotenberg/privacy-vs-security-pr_b_71806…
or http://tinyurl.com/2hozm8
Researchers hijack a botnet:
http://www.schneier.com/blog/archives/2009/05/researchers_hij.html
The Zeus Trojan has a self-destruct option:
http://voices.washingtonpost.com/securityfix/2009/05/zeustracker_and_the_nu…
or http://tinyurl.com/odjwx8
This is bad. I see it as a sign that the botnet wars are heating up,
and botnet designers would rather destroy their networks than have them
fall into "enemy" hands.
Using surveillance cameras to detect cashier cheating.
http://www.schneier.com/blog/archives/2009/05/using_surveilla.html
Software problems with a breath alcohol detector.
http://www.schneier.com/blog/archives/2009/05/software_proble.html
A U.S. District Court has ruled that the police do not need a warrant to
place a GPS tracking device on someone's car:
http://www.schneier.com/blog/archives/2009/05/no_warrant_requ.html
** *** ***** ******* *********** *************
Malicious Contamination of the Food Supply
Terrorists attacking our food supply is a nightmare scenario that has
been given new life during the recent swine flu outbreak. Although it
seems easy to do, understanding why it hasn't happened is important.
G.R. Dalziel, at the Nanyang Technological University in Singapore, has
written a report chronicling every confirmed case of malicious food
contamination in the world since 1950: 365 cases in all, plus 126
additional unconfirmed cases. What he found demonstrates the reality of
terrorist food attacks.
It turns out 72% of the food poisonings occurred at the end of the food
supply chain -- at home -- typically by a friend, relative, neighbor, or
co-worker trying to kill or injure a specific person. A characteristic
example is Heather Mook of York, who in 2007 tried to kill her husband
by putting rat poison in his spaghetti.
Most of these cases resulted in fewer than five casualties -- Mook only
injured her husband in this incident -- although 16% resulted in five or
more. Of the 19 cases that claimed 10 or more lives, four involved
serial killers operating over several years.
Another 23% of cases occurred at the retail or food service level. A
1998 incident in Japan, where someone put arsenic in a curry sold at a
summer festival, killing four and hospitalizing 63, is a typical
example. Only 11% of these incidents resulted in 100 or more casualties,
while 44% resulted in none.
There are very few incidents of people contaminating the actual food
supply. People deliberately contaminated a water supply seven times,
resulting in three deaths. There is only one example of someone
deliberately contaminating a crop before harvest -- in Australia in 2006
-- and the crops were recalled before they could be sold. And in the
three cases of someone deliberately contaminating food during packaging
and distribution, including a 2005 case in the UK where glass and
needles were baked into loaves of bread, no one died or was injured.
This isn't the stuff of bioterrorism. The closest example occurred in
1984 in the US, where members of a religious group known as the
Rajneeshees contaminated several restaurant salad bars with salmonella
enterica typhimurium, sickening 751, hospitalizing 45, but killing no
one. In fact, no one knew this was malicious until a year later, when
one of the perpetrators admitted it.
Almost all of the food contaminations used conventional poisons such as
cyanide, drain cleaner, mercury, or weed killer. There were nine
incidents of biological agents, including salmonella, ricin, and fecal
matter, and eight cases of radiological matter. The 2006 London
poisoning of the former KGB agent Alexander Litvinenko with polonium-210
in his tea is an example of the latter.
And that assassination illustrates the real risk of malicious food
poisonings. What is discussed in terrorist training manuals, and what
the CIA is worried about, is the use of contaminated food in targeted
assassinations. The quantities involved for mass poisonings are too
great, the nature of the food supply too vast and the details of any
plot too complicated and unpredictable to be a real threat. That becomes
crystal clear as you read the details of the different incidents: it's
hard to kill one person, and very hard to kill dozens. Hundreds,
thousands: it's just not going to happen any time soon. The fear of
bioterror is much greater, and the panic from any bioterror scare will
injure more people, than bioterrorism itself.
Far more dangerous are accidental contaminations due to negligent
industry practices, such as the 2006 spinach E coli and, more recently,
peanut salmonella contaminations in the US, the 2008 milk contaminations
in China, and the BSE-infected beef from earlier this decade. And the
systems we have in place to deal with these accidental contaminations
also work to mitigate any intentional ones.
In 2004, the then US secretary of health and human services, Tommy
Thompson, said on Fox News: "I cannot understand why terrorists have not
attacked our food supply. Because it is so easy to do."
Guess what? It's not at all easy to do.
Dalziel's report:
http://www.rsis.edu.sg/CENS/publications/reports/RSIS_Food%20Defence_170209…
or http://tinyurl.com/r96mtj
Thompson quote:
http://www.foxnews.com/story/0,2933,141044,00.html
This essay previously appeared in The Guardian.
http://www.guardian.co.uk/technology/2009/may/14/bruce-schneier-bioterrorism
or http://tinyurl.com/pkuevo
** *** ***** ******* *********** *************
Unfair and Deceptive Data Trade Practices
Do you know what your data did last night? Almost none of the more than
27 million people who took the RealAge quiz realized that their personal
health data was being used by drug companies to develop targeted e-mail
marketing campaigns.
There's a basic consumer protection principle at work here, and it's the
concept of "unfair and deceptive" trade practices. Basically, a company
shouldn't be able to say one thing and do another: sell used goods as
new, lie on ingredients lists, advertise prices that aren't generally
available, claim features that don't exist, and so on.
Buried in RealAge's 2,400-word privacy policy is this disclosure: "If
you elect to say yes to becoming a free RealAge Member we will
periodically send you free newsletters and e-mails that directly promote
the use of our site(s) or the purchase of our products or services and
may contain, in whole or in part, advertisements for third parties which
relate to marketed products of selected RealAge partners."
They maintain that when you join the website, you consent to receiving
pharmaceutical company spam. But since that isn't spelled out, it's not
really informed consent. That's deceptive.
Cloud computing is another technology where users entrust their data to
service providers. Salesforce.com, Gmail, and Google Docs are examples;
your data isn't on your computer -- it's out in the "cloud" somewhere --
and you access it from your web browser. Cloud computing has significant
benefits for customers and huge profit potential for providers. It's one
of the fastest growing IT market segments -- 69% of Americans now use
some sort of cloud computing services -- but the business is rife with
shady, if not outright deceptive, advertising.
Take Google, for example. Last month, the Electronic Privacy Information
Center (I'm on its board of directors) filed a complaint with the
Federal Trade Commission concerning Google's cloud computing services.
On its website, Google repeatedly assures customers that their data is
secure and private, while published vulnerabilities demonstrate that it
is not. Google's not foolish, though; its Terms of Service explicitly
disavow any warranty or any liability for harm that might result from
Google's negligence, recklessness, malevolent intent, or even purposeful
disregard of existing legal obligations to protect the privacy and
security of user data. EPIC claims that's deceptive.
Facebook isn't much better. Its plainly written (and not legally
binding) Statement of Principles contains an admirable set of goals, but
its denser and more legalistic Statement of Rights and Responsibilities
undermines a lot of it. One research group who studies these documents
called it "democracy theater": Facebook wants the appearance of
involving users in governance, without the messiness of actually having
to do so. Deceptive.
These issues are not identical. RealAge is hiding what it does with your
data. Google is trying to both assure you that your data is safe and
duck any responsibility when it's not. Facebook wants to market a
democracy but run a dictatorship. But they all involve trying to deceive
the customer.
Cloud computing services like Google Docs, and social networking sites
like RealAge and Facebook, bring with them significant privacy and
security risks over and above traditional computing models. Unlike data
on my own computer, which I can protect to whatever level I believe
prudent, I have no control over any of these sites, nor any real
knowledge of how these companies protect my privacy and security. I have
to trust them.
This may be fine -- the advantages might very well outweigh the risks --
but users often can't weigh the trade-offs because these companies are
going out of their way to hide the risks.
Of course, companies don't want people to make informed decisions about
where to leave their personal data. RealAge wouldn't get 27 million
members if its webpage clearly stated "you are signing up to receive
e-mails containing advertising from pharmaceutical companies," and
Google Docs wouldn't get five million users if its webpage said "We'll
take some steps to protect your privacy, but you can't blame us if
something goes wrong."
And of course, trust isn't black and white. If, for example, Amazon
tried to use customer credit card info to buy itself office supplies,
we'd all agree that that was wrong. If it used customer names to solicit
new business from their friends, most of us would consider this wrong.
When it uses buying history to try to sell customers new books, many of
us appreciate the targeted marketing. Similarly, no one expects Google's
security to be perfect. But if it didn't fix known vulnerabilities, most
of us would consider that a problem.
This is why understanding is so important. For markets to work,
consumers need to be able to make informed buying decisions. They need
to understand both the costs and benefits of the products and services
they buy. Allowing sellers to manipulate the market by outright lying,
or even by hiding vital information, about their products breaks
capitalism -- and that's why the government has to step in to ensure
markets work smoothly.
Last month, Mary K. Engle, Acting Deputy Director of the FTC's Bureau of
Consumer Protection said: "a company's marketing materials must be
consistent with the nature of the product being offered. It's not enough
to disclose the information only in a fine print of a lengthy online
user agreement." She was speaking about Digital Rights Management and,
specifically, an incident where Sony used a music copy protection scheme
without disclosing that it secretly installed software on customers'
computers. DRM is different from cloud computing or even online surveys
and quizzes, but the principle is the same.
Engle again: "if your advertising giveth and your EULA [license
agreement] taketh away don't be surprised if the FTC comes calling."
That's the right response from government.
A version of this article originally appeared on The Wall Street Journal.
http://online.wsj.com/article/SB123997522418329223.html
A copy of this essay, with all embedded links, is here:
http://www.schneier.com/blog/archives/2009/04/unfair_and_dece.html
** *** ***** ******* *********** *************
Schneier News
I'm speaking at the Computers, Freedom, and Privacy conference on June 2
in Washington DC.
http://www.cfp2009.org/wiki/index.php/Main_Page
Marcus Ranum and I did a video version of our Face Off column.
http://searchsecurity.techtarget.com/video/0,297151,sid14_gci1355883,00.html
or http://tinyurl.com/p9eznn
Interview with me from ThreatPost:
http://threatpost.com/blogs/bruce-schneier-cryptography-security-theater-an…
or http://tinyurl.com/oyyeea
Slashdot thread on the interview:
http://it.slashdot.org/article.pl?sid=09/05/13/1822242
San Francisco restaurant reviews for the RSA Conference:
http://www.schneier.com/blog/archives/2009/04/san_francisco_r.html
** *** ***** ******* *********** *************
Mathematical Illiteracy
This may be the stupidest example of risk assessment I've ever seen.
It's a video clip from a recent Daily Show, about the dangers of the
Large Hadron Collider. The segment starts off slowly, but then there's
an exchange with high school science teacher Walter L. Wagner, who
insists the device has a 50-50 chance of destroying the world:
"If you have something that can happen, and something that won't
necessarily happen, it's going to either happen or it's going to not
happen, and so the best guess is 1 in 2."
"I'm not sure that's how probability works, Walter."
This is followed by clips of news shows taking the guy seriously.
In related news, almost four-fifths of Americans don't know that a
trillion is a million million, and most think it's less than that. Is
it any wonder why we're having so much trouble with national budget debates?
http://www.thedailyshow.com/video/index.jhtml?videoId=225921&title=Large-Ha…
or http://tinyurl.com/cevkwa
http://econ4u.org/blog/?p=587
** *** ***** ******* *********** *************
Conficker
Conficker's April Fool's joke -- the huge, menacing build-up and then
nothing -- is a good case study on how we think about risks, one whose
lessons are applicable far outside computer security. Generally, our
brains aren't very good at probability and risk analysis. We tend to use
cognitive shortcuts instead of thoughtful analysis. This worked fine for
the simple risks we encountered for most of our species' existence, but
it's less effective against the complex risks society forces us to face
today.
We tend to judge the probability of something happening on how easily we
can bring examples to mind. It's why people tend to buy earthquake
insurance after an earthquake, when the risk is lowest. It's why those
of us who have been the victims of a crime tend to fear crime more than
those who haven't. And it's why we fear a repeat of 9/11 more than other
types of terrorism.
We fear being murdered, kidnapped, raped and assaulted by strangers,
when friends and relatives are far more likely to do those things to us.
We worry about plane crashes instead of car crashes, which are far more
common. We tend to exaggerate spectacular, strange, and rare events, and
downplay more ordinary, familiar, and common ones.
We also respond more to stories than to data. If I show you statistics
on crime in New York, you'll probably shrug and continue your vacation
planning. But if a close friend gets mugged there, you're more likely to
cancel your trip.
And specific stories are more convincing than general ones. That is why
we buy more insurance against plane accidents than against travel
accidents, or accidents in general. Or why, when surveyed, we are
willing to pay more for air travel insurance covering "terrorist acts"
than "all possible causes". That is why, in experiments, people judge
specific scenarios more likely than more general ones, even if the
general ones include the specific.
Conficker's 1 April deadline was precisely the sort of event humans tend
to overreact to. It's a specific threat, which convinces us that it's
credible. It's a specific date, which focuses our fear. Our natural
tendency to exaggerate makes it more spectacular, which further
increases our fear. Its repetition by the media makes it even easier to
bring to mind. As the story becomes more vivid, it becomes more convincing.
The New York Times called it an "unthinkable disaster", the television
news show 60 Minutes said it could "disrupt the entire internet" and we
at the Guardian warned that it might be a "deadly threat". Naysayers
were few, and drowned out.
The first of April passed without incident, but Conficker is no less
dangerous today. About 2.2m computers worldwide, are still infected with
Conficker.A and B, and about 1.3m more are infected with the nastier
Conficker.C. It's true that on 1 April Conficker.C tried a new trick to
update itself, but its authors could have updated the worm using another
mechanism any day. In fact, they updated it on 8 April, and can do so again.
And Conficker is just one of many, many dangerous worms being run by
criminal organizations. It came with a date and got a lot of press --
that 1 April date was more hype than reality -- but it's not
particularly special. In short, there are many criminal organizations on
the internet using worms and other forms of malware to infect computers.
They then use those computers to send spam, commit fraud, and infect
more computers. The risks are real and serious. Luckily, keeping your
anti-virus software up-to-date and not clicking on strange attachments
can keep you pretty secure. Conficker spreads through a Windows
vulnerability that was patched in October. You do have automatic update
turned on, right?
But people being people, it takes a specific story for us to protect
ourselves.
This essay previously appeared in The Guardian.
http://www.guardian.co.uk/technology/2009/apr/23/conficker-panic
A copy of this essay, with all embedded links, is here:
http://www.schneier.com/blog/archives/2009/04/conficker.html
** *** ***** ******* *********** *************
Comments from Readers
There are hundreds of comments -- many of them interesting -- on these
topics on my blog. Search for the story you want to comment on, and join in.
http://www.schneier.com/blog
** *** ***** ******* *********** *************
Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing
summaries, analyses, insights, and commentaries on security: computer
and otherwise. You can subscribe, unsubscribe, or change your address
on the Web at <http://www.schneier.com/crypto-gram.html>. Back issues
are also available at that URL.
Please feel free to forward CRYPTO-GRAM, in whole or in part, to
colleagues and friends who will find it valuable. Permission is also
granted to reprint CRYPTO-GRAM, as long as it is reprinted in its entirety.
CRYPTO-GRAM is written by Bruce Schneier. Schneier is the author of the
best sellers "Schneier on Security," "Beyond Fear," "Secrets and Lies,"
and "Applied Cryptography," and an inventor of the Blowfish, Twofish,
Phelix, and Skein algorithms. He is the Chief Security Technology
Officer of BT BCSG, and is on the Board of Directors of the Electronic
Privacy Information Center (EPIC). He is a frequent writer and lecturer
on security topics. See <http://www.schneier.com>.
Crypto-Gram is a personal newsletter. Opinions expressed are not
necessarily those of BT.
Copyright (c) 2009 by Bruce Schneier.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
06 Jul '18
Reserve a room for the nights of February 4th and 5th under the
ShmooCon group code at the Marriot Wardman Park Hotel by January 1st,
or while rooms last, and you will be entered in the in the first
annual ShmooCon Reserve-a-Room Raffle--which includes food, wireless
gear, Washington Wizards tickets, and believe it or not, a very sexy
OQO Model 01.
What's an OQO Model 01? Check it out:
http://www.oqo.com
And you could have a chance to get one at ShmooCom 2005. But only if
you reserve a room at the con hotel for ShmooCon! Hurry! We have a
limited number of rooms set aside for conference attendees! More
information is HERE:
http://www.shmoocon.org/location.html
Specifically, you can reserve a room online with our group code via
the following link:
http://www.marriott.com/reservations/init.asp?marshacode=wasdt&path=marriot…
Check in on the 4th. Check out on the 6th.
Note, and NOT mentioned on the website, we have exactly 100 rooms set
aside for the nights of the 4th and the 5th, and over 30 have already
been reserved as of this Monday. That number appears to be steadily
dwindling, so heads up.
Sincerely,
Beetle
_______________________________________________
Shmoocon-News mailing list
Shmoocon-News(a)lists.shmoo.com
https://lists.shmoo.com/mailman/listinfo/shmoocon-news
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah(a)ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
1
0