Watching Richard Bejtlich’s recent “Revolution in Intelligence” talk about his government training and the ease of attribution is very enjoyable, although at times for me it brought to mind CIA factbook errors in the early 1990s.
Slides that go along with the video are available on Google drive
Let me say, to get this post off the ground, I will be the first one to stand up and defend US government officials as competent and highly skilled professionals. Yet I also will call out an error when I see one. This post is essentially that. Bejtlich is great, yet he often makes some silly errors.
Often I see people characterize a government as made up of inefficient troglodytes falling behind. That’s annoying. Meanwhile often I also see people lionize nation-state capabilities as superior to any other organization. Also annoying. The truth is somewhere in between. Sometimes the government does great work, sometimes it blows compared to private sector.
Take the CIA factbook I mentioned above as an example. It has been unclassified since the 1970s and by the early 1990s it was published on the web. Given wider distribution its “facts” came under closer scrutiny from academics. So non-gov people who long had studied places or lived in them (arguably the world’s true leading experts) read this fact book and wanted to help improve it — outsiders looking in and offering assistance. Perhaps some of you remember the “official” intelligence peddled by the US government at that time?
Bejtlich in his talk gives a nod towards academia being a thorough environment and even offers several criteria for why academic work is superior to some other governments (not realizing he should include his own). Perhaps this is because he is now working on a PhD. I mean it is odd to me he fails to realize this academic community was just as prolific and useful in the 1990s, gathering intelligence and publishing it, giving talks and sending documents to those who were interested. His presentation makes it sound like before search engines appeared it required nation-state sized military departments walking uphill both ways in a blizzard to gather data.
Aside from having this giant blind spot to what he calls the “outsider” community, I also fear I am listening to someone with no field experience gathering intelligence. Sure image analysis is a skill. Sure we can sit in a room and pore over every detail to build up a report on some faraway land. On one of my private sector security teams I had a former US Air Force technician who developed film from surveillance planes. He hated interacting with people, loved being in the darkroom. But what does Bejtlich think of actually walking into an environment as an equal, being on the ground, living among people, as a measure of “insider” intelligence skill?
Almost three decades ago I stepped off a plane into a crowd of unfamiliar faces in a small country in Asia. Over the next five weeks I embedded myself into mountain villages, lived with families on the great plains, wandered with groups through jungles and gathered as much information as I could on the decline of monarchial rule in the face of democratic pressure.
One sunny day on the side of a shoulder-mountain stands out in my memory. As I hiked down a dusty trail a teenage boy dressed all in black walked towards me. He carried a small book under his arm. He didn’t speak English. We communicated in broken phrases and hand gestures. He said he was a member of a new party.
Mao was his leader, he said. The poor villages felt they weren’t treated well, decided to do something about it. I asked about Lenin. The boy had never heard the name. Stalin? Again the boy didn’t know. Mao was the inspiration for his life and he was pleased about this future for his village.
This was before the 1990s. And by most “official” accounts there were no studies or theories about Maoists in this region until at least ten years later. I mention this here not because individual people with a little fieldwork can make a discovery. It should be obvious military schools don’t have a monopoly on intel. The question is what happened to that data. Where did information go and who asked about it? Did others have easy access to data gathered?
Yes, someone from private sector should talk about “The Revolution in Private Sector Intelligence”. Perhaps we can find someone with experience working on intelligence in the private sector for many, many years, to tell us what has changed for them. Maybe there will be stories of pre-ChoicePoint private sector missions to fly in on a moment’s notice into random places to gather intelligence on employees who were stealing money and IP. And maybe non-military experience will unravel why Russian operations in private sector had to be handled uniquely from other countries?
Going by Bejtlich’s talk it would seem that such information gathering simply didn’t exist if the US government wasn’t the one doing it. What I hear from his perspective is you go to a military school that teaches you how to do intelligence. And then you graduate and then you work in a military office. Then you leave that office to teach outsiders because they can learn too.
He sounds genuinely incredulous to discover that someone in the private sector is trainspotting. If you are familiar with the term you know many people enjoy as a hobby building highly detailed and very accurate logs of transportation. Bejtlich apparently is unaware, despite this being a well-known thing for a very long time.
A new record of trainspotting has been discovered from 1861, 80 years earlier than the hobby was first thought to have begun. The National Railway Museum found a reference to a 14 year old girl writing down the numbers of engines heading in and out of Paddington Station.
It reminds me a bit of how things must have moved away from military intelligence for the London School of Oriental and African Studies (now just called SOAS). The British cleverly setup in London a unique training school during the first World War, as explained in the 1917 publication “Nature”:
…war has opened our eyes to the necessity of making an effort to compete vigorously with the activities — political, commercial, and even scientific and linguistic — of the Germans in Asia and Africa. We have discovered that their industry was rarely disinterested, and that political propaganda was too often at the root of “peaceful penetration” in the field of missionary, scientific, and linguistic effort.
In other words, a counter-intelligence school was born. Here the empire could maintain its military grip around the world by developing the skills to better gather intelligence and understand enemy culture (German then, but ultimately native).
By the 1970s SOAS, a function of the rapidly changing British global position, seemed to take on wider purpose. It reached out and looked at new definitions of who might benefit from the study and art of intelligence gathering. By 1992 regulars like you or me could attend and sit within the shell of the former hulk of a global analysis engine. Academics there focused on intelligence gathering related to revolution and independence (e.g. how to maintain profits in trade without being a colonial power).
I was asked by one professor to consider staying on for a PhD to help peel apart Ghana’s 1956 transition away from colonial rule, for only academic purpose of course. Tempted as I was, LSE instead set the next chapters of my study, which itself seems to have become known sometime during the second World War as a public/private shared intelligence analyst training school (Bletchley Park staff tried to convince me Zygalski, inventor of equipment to break the Enigma, lectured at LSE although I could find no records to support that claim).
Fast forward five years to 1997 and the Corner House is a good example of academics in London who formalized public intelligence reports (starting in 1993?) into a commercial portfolio. In their case an “enemy” was more along the lines of companies or even countries harming the environment. This example might seem a bit tangential until you ask someone for expert insights, including field experience, to better understand the infamous pipeline caught in a cyberwar.
Anyway, without me dragging on and on about the richness of an “outside” world, Bejtlich does a fine job describing some of the issues he had adjusting. He just seems to have been blind to communities outside his own and is pleased to now be discovering them. His “inside” perspective on intelligence is really just his view of inside/outside, rather than any absolute one. Despite pointing out how highly he regards academics who source material widely he then unfortunately doesn’t follow his own advice. His talk would have been so much better with a wee bit more depth of field and some history.
Eastman Kodak investigated, and found something mighty peculiar: the corn husks from Indiana they were using as packing materials were contaminated with the radioactive isotope iodine-131 (I-131). Eastman Kodak at the time had some of the best researchers in the country on its team (the company even had its own nuclear reactor in the 1970s), and they discovered something that was not public knowledge: those farms in Indiana had been exposed to fallout from the 1945 Trinity Test in New Mexico — the world’s first atmospheric nuclear bomb explosions which ushered in the atomic age. Kodak kept this exposure silent.
The American film industry giant by 1946 realized, from clever digging into the corn husk material used for packaging, that the US government was poisoning its citizens. The company filed a formal complaint and kept quiet. Our government responded by warning Kodak of military research to help them understand how to hide from the public any signs of dangerous nuclear fallout.
Good work by the private sector helping the government more secretly screw the American public without detection, if you see what I mean.
My point is we do not need to say the government gives us the best capability for world-class intelligence skills. Putting pride aside there may be a wider world of training. So we also should not say private-sector makes someone the best in world at uncovering the many and ongoing flaws in government intelligence. Top skills can be achieved in different schools of thought, which serve different purposes. Kodak clearly worried about assets differently than the US government, while they still kind of ended up worrying about the same thing (colluding, if you will). Hard to say who evolved faster.
By the way, speaking of relativity, also I find it amusing Bejtlich’s talk is laced with his political preferences as landmines: Hillary Clinton is setup as so obviously guilty of dumb errors you’d be a fool not to convict her. President Obama is portrayed as maliciously sweeping present and clear danger of terrorism under the carpet, putting us all in grave danger.
And last but not least we’re led to believe if we get a scary black bag indicator we should suspect someone who had something to do with Krav Maga (historians might say an Austro-Hungarian or at least Slovakian man, but I’m sure we are supposed to think Israeli). Is that kind of like saying someone who had something to do with Karate (Bruce Lee!) when hinting at America?
And one last thought. Bejtlich also mentions gathering intelligence on soldiers in the Civil War as if it would be like waiting for letters in the mail. In fact there were many more routes of “real time” information. Soldiers were skilled at sneaking behind lines (pun not intended) tapping copper wires and listening, then riding back with updates. Poetry was a common method of passing time before a battle by creating clever turns of phrase about current events, perhaps a bit like twitter functions today. “Deserters” were a frequent source of updates as well, carrying news across lines.
I get what Bejtlich is trying to say about speed of information today being faster and have to technically agree with that one aspect of a revolution; of course he’s right about raw speed of a photo being posted to the Internet and seen by an analyst. Yet we shouldn’t under-sell what constituted “real-time” 150 years ago, especially if we think about those first trainspotters…
The debate over Hillary Clinton’s use of email reminds me of a Goldilocks’ tech management dilemma. Users tend to think you are running too slow or too fast, never just right:
You face user ire, potential revolt, as IT (let alone security) becomes seen as the obstacle to progress. Users want access to get their job done faster, better, etc. so they push data to cloud and apps, bring in their own devices and run like they have no fear because trust is shifted into clever new service providers.
We all know that has been the dominant trend and anyone caught saying “blackberry is safer” is at risk of being kicked out of the cool technology clubs. Even more to the point you have many security thought leaders saying over and over to choose cloud and ipad because safer.
Today it seems ironic to look back at Hillary’s ire. We expect our progressive politicians to look for modernization opportunities and here is a perfect example:
Many U.S. Agency for International Development workers are using iPads–a fact that recently drew the ire of Secretary of State Hillary Clinton when she sat next to a USAID official on a plane, said Jerry Horton, chief information officer at USAID. Horton spoke April 7 at a cloud computing forum at the National Institute of Standards and Technology in Gaithersburg, Md.
Clinton wanted to know why a USAID official could have an iPad while State Department officials still can’t. The secret, apparently, lies in the extensive use of waivers. It’s “hard to dot all the Is and cross all the Ts,” Horton said, admitting that not all USAID networked devices are formally certified and accredited under Federal Information Security Management Act.
“We are not DHS. We are not DoD,” he said.
While the State Department requires high-risk cybersecurity, USAID’s requirements are much lower, said Horton. “And for what is high-security it better be on SIPR.”
Modernizing, innovating, asking for government to reform is a risky venture. At the time I don’t remember anyone saying Hillary was being too risky, or her ire was misplaced in asking for technology improvements. There was a distinct lack of critique heard, despite my blog post sitting in the top three search results on Google for weeks. If anything I heard the opposite, that the government should trust and catch up to Apple’s latest whatever.
Now let’s look at the other perspective. Dump the old safe and trusted Blackberry so you can let users consume iPads like candy going out of style, and you face watching them stumble and fall on their diabetic face. Consumption of data is the goal and yet it also is the danger.
Without getting into too many of the weeds for the blame game, figuring out who is responsible for a disaster, it may be better to look at why there will be accidents/misunderstandings in a highly politicized environment.
What will help us make sure we avoid someone extracting data off SIPR/NIPR without realizing there is a “TS/SAP” classification incident ahead? I mean what if the majority of data in question pertain to a controversial program, let say for example drones in Pakistan, which may or may not be secret depending on one’s politics. Colin Powell gives us some insight to the problem:
…emails were discovered during a State Department review of the email practices of the past five secretaries of state. It found that Powell received two emails that were classified and that the “immediate staff” working for Rice received 10 emails that were classified.
The information was deemed either “secret” or “confidential,” according to the report, which was viewed by CNN.
In all the cases, however — as well as Clinton’s — the information was not marked “classified” at the time the emails were sent, according to State Department investigators.
Powell noted that point in a statement on Thursday.
“The State Department cannot now say they were classified then because they weren’t,” Powell said. “If the Department wishes to say a dozen years later they should have been classified that is an opinion of the Department that I do not share.”
“I have reviewed the messages and I do not see what makes them classified,” Powell said.
This classification game is at the heart of the issue. Reclassification happens. Aggregate classification of not secret data can make it secret. If we characterize it as a judgment flaw by only one person, or even three, we may be postponing the critical need to review where there are wider systemic issues in decision-making and tools.
To paraphrase the ever insightful Daniel Barth-Jones: smart people at the top of their political game who make mistakes aren’t “stupid”; we have to evaluate whether systems that don’t prevent mistakes by design are….
Assuming we agree want to go faster than “too slow”, and we do not to run ahead “too fast” into disasters…a middle ground needs to come into better focus.
Giving up “too slow” means a move away from blocking change. And I don’t mean achieving FISMA certification. That is seen as a tedious low bar for security rather than the right vehicle for helping push towards the top end. We need to take compliance seriously as a guide as we also embrace hypothesis, creative thinking, to tease out a reasonable compromise.
We’re still very early in the dinosaur days of classification technology, sitting all the way over by the slow end of the equation. I’ve researched solutions for years, seen some of the best engines in the world (Varonis, Olive), and it’s not yet looking great. We have many more tough problems to solve, leaving open a market ripe for innovation.
Use of the Microsoft Data Classification Toolkit does not constitute advice from an auditor, accountant, attorney or other compliance professional, and does not guarantee fulfillment of your organization’s legal or compliance obligations. Conformance with these obligations requires input and interpretation by your organization’s compliance professionals.
Let me explain the problem by way of analogy, to be brief.
Cutting-edge research on robots focuses on predictive capabilities to enable driving off-road free from human control. A robot starts with near-field sensors, which gets them about 20 feet of vision ahead to avoid immediate danger. Then the robot needs to see much further to avoid danger altogether.
This really is the future of risk classification. The better your classification of risks, the better your predictive plan, and the less you have to make time-pressured disaster avoidance decisions. And of course being driver-less is a relative term. These automation systems still need human input.
Imagine longer-range vision algorithms that generate an “optimal path”, applied to massive amounts of data (different classes of email messages instead of trees and rocks in the great outdoors), dictating what you actually get to see.
What I like about this optimal path illustration is the perpendicular alignment of two types of vision. The visible world is flat. And then there is the greater, optimal path theory, presented as a wall-like circle, easily queried without actually being “seen”. This is like putting your faith in a map because you can’t actually see all the way from San Francisco to New York.
The difference between the short and long highlights why any future of safe autonomous systems will depend on processing power of the end nodes, such that they can both create a larger areas of more “flat” rings as well as build out the “taller” optimal paths.
Here is where “personal” servers come into play. Power becomes a determinant of vision and autonomy. Personal investments often can increase processing power faster than government bureaucracy and depreciation schedules. I mean if the back-end system looks at the ground ahead and classifies as sand (unsafe to proceed), and the autonomous device does its own assessment on its own servers and decides it is looking at asphalt (safe for speed), who is right?
The better the predictive algorithms the taller the walls of vision into the future, and that begs for power and performance enhancements. Back to the start of this post, when IT isn’t providing users the kind of power they want for speed, we see users move their workloads towards BYOD and cloud. Classification becomes a power struggle, as forward-looking decisions depend on reliable data classification from an authoritative source.
If authoritative back-end services accidentally classify data safe and later reverse to unsafe (or vice-versa) the nodes/people depending on a classification service should not be the only target in an investigation of judgement error.
We can joke about how proper analysis always would chose a “just right” Goldilocks long-term path, yet in reality the debate is about building a high-performance data classification system that reduces her cost of error.
One might think history would be trivially easy, given how these days every fact is on the Internet at the tips of our fingers. However, being a historian still takes effort, perhaps even talent. Why?
The answer is simple: “the value of education is not the learning of many facts but the ability of the mind to think”. I’ll let you try and search to figure out the person who said that.
A historian is trained to apply expertise in thinking, run facts through a system of sound logic for others to validate, rather than just leave facts on their own. It is a bit like a chef cooking a delicious meal rather than offering you a bowl of raw ingredients. Analysis to get the right combinations of ingredients cooked together can be hard. And on top of finding the results desirable, we also need ways to know the preparations were clean an can be trusted.
Take for example a BBC magazine article written about long distance communication, that cooks up a soup called “How Napoleon’s semaphore telegraph changed the world”.
This article unfortunately offers factual conclusions that are poorly prepared and end up tasting all wrong. Let’s start with three basic assertions the BBC has asked readers to swallow:
The last stations were built in 1849, but by then it was clear that the days of line-of-sight telegraphy were done.
The military needs had disappeared, and latterly the operators’ main task was transmitting national lottery numbers.
The shortcomings of visual communication were obvious. It only functioned in daytime and in good weather.
First point: Line-of-sight telegraphy is still used to this day. Anyone sailing the Thames, or any modern waterway for that matter, would happily tell you they rely on a system of lights and flags. I wrote it into our book on cloud security. The BBC itself has a story about semaphore adoption during nuclear disarmament campaigns. As long as we have visual sensors, these signal days will never be done. Dare I mention the line-of-sight communication scene in a futuristic sci-fi film The Martian?
Second point: Military needs are not the only need. This should be obvious from the first point, as well as from common sense. If this were true you would not be reading a blog, ever. More to the stupidity of this reasoning, the French system resorted to a lottery because it went bankrupt. The inventor had pinned all his hope for a very expensive system on military financing and that didn’t come through. So the lottery was a last-ditch attempt to find support after the military walked.
A sad footnote to this is the French military didn’t see the Germans coming in latter wars. So I could dive into why military needs didn’t disappear, but that would be more complicated than proving there were other needs and the system just wasn’t funded properly to survive.
Third point: Anyone heard of a lighthouse? What does it do best? Functions at night and in bad weather, am I right? Fires on a hill (e.g. pyres) also work quite well at night. Or a flashlight, such as the one on your cell-phone.
Try out the Jolla phone app “Morse sender” if you want to communicate over distance at night and bad weather using Morse code. Real shortcomings of visual communication come during thick smoke (e.g. old gunpowder battles or near coal power), which leads to audio signals such as the talking drum, fog horns, bagpipes and songs or cries.
Ok, so all those three above points are false and easily disproved, tossed into the bin. Now for the harder part, the overall general conclusion in two sentences from BBC magazine:
Smoke, fire, light, flags – since time immemorial man had sought to speak over space.
What France did in the first half of the 19th Century was create the first ever system of distance communication.
Shame that the writer acknowledges fire and flags here because those are the facts we used above to disprove their own analysis (work at night, still in use). Now can we disprove “first ever system of distance communication”?
I say this is hard because I’m giving the writer benefit of the doubt. Putting myself in their shoes they obviously see a big difference between the “immemorial” methods used around the world and a brief French experiment with an expensive, unfunded militaristic system.
As hard as I try, honestly I don’t see why we should call the French system first. Consider this passage from archaeologist Charles Jones’ 1873 “Antiquities of the Southern Indians”
Note this is a low-cost and night-time resilient system that leaves no trace. Pretty damning evidence of being earlier and arguably better. We have fewer first-hand proofs from earlier yet it would be easy to argue there were complex fire signals as far back as 150 BCE.
The Greek historian Polybius explained in The Histories that fire signals were used to convey complex messages over distance via cipher. A flame would be raised and lowered, turned on or off, to signal column and row of a letter.
6 The most recent method, devised by Cleoxenus and Democleitus and perfected by myself, is quite definite and capable of dispatching with accuracy every kind of urgent messages, but in practice it requires care and exact attention. 7 It is as follows: We take the alphabet and divide it into five parts, each consisting of five letters. There is one letter less in the last division, but this makes no practical difference. 8 Each of the two parties who are about signal to each other must now get ready five p215tablets and write one division of the alphabet on each tablet, and then come to an agreement that the man who is going to signal is in the first place to raise two torches and wait until the other replies by doing the same. 10 This is for the purpose of conveying to each other that they are both at attention. 11 These torches having been lowered the dispatcher of the message will now raise the first set of torches on the left side indicating which tablet is to be consulted, i.e. one torch if it is the first, two if it is the second, and so on. 12 Next he will raise the second set on the right on the same principle to indicate what letter of the tablet the receiver should write down.
It even works at night and in bad weather!
Speaking of which there may even have been a system earlier, such as 247 BCE. Given the engineering marvel of the lighthouse Pharos of Alexandria, someone may know better of its use for long-distance communication by line-of-sight.
Has the point been made that the first ever system of distance communication was not the French during their revolution?
I think the real conclusion here, in consideration of BBC magazine’s attempt to persuade us, is someone was digging for reasons to be proud of French militarism. Had they bothered to think more deeply or seek more global sources of data they might have avoided releasing such a disappointing article.
When native Americans demonstrated excellent long distance communication systems, European settlers mocked them. Yet the French build one and suddenly we’re supposed to remember it and say…oh la la? No thanks, too hard to swallow. That’s poor analysis of facts.
The scale of the attacks on women at the city’s central railway station has shocked Germany. About 1,000 drunk and aggressive young men were involved.
City police chief Wolfgang Albers called it “a completely new dimension of crime”. The men were of Arab or North African appearance, he said.
Women were also targeted in Hamburg.
But the Cologne assaults – near the city’s iconic cathedral – were the most serious, German media report. At least one woman was raped, and many were groped.
Most of the crimes reported to police were robberies. A volunteer policewoman was among those sexually molested.
What is particularly disturbing is that the attacks appear to have been organised. Around 1,000 young men arrived in large groups, seemingly with the specific intention of carrying out attacks on women.
The problem with these stories side-by-side is twofold. First, increased police vigilance at train stations across Germany was the defensive plan against people experiencing terror, yet we’re being told now these attacks happened without notice. Violence against women at scale deserve real-time detection and response. Are authorities capable?
I have not yet seen anyone report events in this light. The BBC report holds out the train station as a scene of terror without any mention of prior warnings, and without the police warning locations were still unknown: “We can’t say if they are in Munich or in fact in Germany”.
The looming dilemma is whether we now can say planned terror attacks happened in Germany on New Year’s Eve. As time goes on the number of women coming forward has been increasing to report assault. Why would or we say this was not a terror attack, especially as women soon after said they now fear being in public places? If we call it terror, some will complain of a slide towards loss of rights. If we don’t call it terror, some will complain of ignoring rights.
The mayor of Roanoke, Virginia on November 18 made the following argument to block refugees:
I’m reminded that President Franklin D. Roosevelt felt compelled to sequester Japanese foreign nationals after the bombing of Pearl Harbor, and it appears that the threat of harm to America from Isis now is just as real and serious as that from our enemies then.
There’s no good way to say what this really means. This mayor is motivated by prejudice, hysteria and poor leadership. He is so ignorant of history he is unfit for his job; an embarrassment to America he should voluntarily resign his post.
It is a tragedy on two fronts:
Syrian refugees are just looking for a better future. They have nothing to do with ISIL attacks. From a risk perspective they not only are safe, actually they could become a valuable asset in the fight against ISIL.
Xenophobia has a long dark history in America usually linked to groups such as the KKK who practice terrorism, torture, murder. Virginia local news recently has reported “biggest resurgence of the Klan since 1915″. The Roanoke Mayor should be investigated for his ties to these groups.
We must put any call for return to internment camps in proper historic context. Here is President Ronald Reagan’s speech on August 10th, 1988 saying America made a mistake, would apologize and make amends for internment camps. It is abundantly clear no American ever again, let alone an elected official, should try to frame the camps as positive in any way.
Remarks on Signing the Bill Providing Restitution for the Wartime Internment of Japanese-American Civilians
August 10, 1988
The Members of Congress and distinguished guests, my fellow Americans, we gather here today to right a grave wrong. More than 40 years ago, shortly after the bombing of Pearl Harbor, 120,000 persons of Japanese ancestry living in the United States were forcibly removed from their homes and placed in makeshift internment camps. This action was taken without trial, without jury. It was based solely on race, for these 120,000 were Americans of Japanese descent.
Yes, the Nation was then at war, struggling for its survival and it’s not for us today to pass judgment upon those who may have made mistakes while engaged in that great struggle. Yet we must recognize that the internment of Japanese-Americans was just that: a mistake. For throughout the war, Japanese-Americans in the tens of thousands remained utterly loyal to the United States. Indeed, scores of Japanese-Americans volunteered for our Armed Forces, many stepping forward in the internment camps themselves. The 442d Regimental Combat Team, made up entirely of Japanese-Americans, served with immense distinction to defend this nation, their nation. Yet back at home, the soldier’s families were being denied the very freedom for which so many of the soldiers themselves were laying down their lives.
Congressman Norman Mineta, with us today, was 10 years old when his family was interned. In the Congressman’s words: ”My own family was sent first to Santa Anita Racetrack. We showered in the horse paddocks. Some families lived in converted stables, others in hastily thrown together barracks. We were then moved to Heart Mountain, Wyoming, where our entire family lived in one small room of a rude tar paper barrack.” Like so many tens of thousands of others, the members of the Mineta family lived in those conditions not for a matter of weeks or months but for 3 long years.
The legislation that I am about to sign provides for a restitution payment to each of the 60,000 surviving Japanese-Americans of the 120,000 who were relocated or detained. Yet no payment can make up for those lost years. So, what is most important in this bill has less to do with property than with honor. For here we admit a wrong; here we reaffirm our commitment as a nation to equal justice under the law.
I’d like to note that the bill I’m about to sign also provides funds for members of the Aleut community who were evacuated from the Aleutian and Pribilof Islands after a Japanese attack in 1942. This action was taken for the Aleuts’ own protection, but property was lost or damaged that has never been replaced.
And now in closing, I wonder whether you’d permit me one personal reminiscence, one prompted by an old newspaper report sent to me by Rose Ochi, a former internee. The clipping comes from the Pacific Citizen and is dated December 1945.
“Arriving by plane from Washington,” the article begins, “General Joseph W. Stilwell pinned the Distinguished Service Cross on Mary Masuda in a simple ceremony on the porch of her small frame shack near Talbert, Orange County. She was one of the first Americans of Japanese ancestry to return from relocation centers to California’s farmlands.” “Vinegar Joe” Stilwell was there that day to honor Kazuo Masuda, Mary’s brother. You see, while Mary and her parents were in an internment camp, Kazuo served as staff sergeant to the 442d Regimental Combat Team. In one action, Kazuo ordered his men back and advanced through heavy fire, hauling a mortar. For 12 hours, he engaged in a singlehanded barrage of Nazi positions. Several weeks later at Cassino, Kazuo staged another lone advance. This time it cost him his life.
The newspaper clipping notes that her two surviving brothers were with Mary and her parents on the little porch that morning. These two brothers, like the heroic Kazuo, had served in the United States Army. After General Stilwell made the award, the motion picture actress Louise Allbritton, a Texas girl, told how a Texas battalion had been saved by the 442d. Other show business personalities paid tribute–Robert Young, Will Rogers, Jr. And one young actor said: “Blood that has soaked into the sands of a beach is all of one color. America stands unique in the world: the only country not founded on race but on a way, an ideal. Not in spite of but because of our polyglot background, we have had all the strength in the world. That is the American way.” The name of that young actor–I hope I pronounce this right–was Ronald Reagan. And, yes, the ideal of liberty and justice for all–that is still the American way.
Thank you, and God bless you. And now let me sign H.R. 442, so fittingly named in honor of the 442d.
Thank you all again, and God bless you all. I think this is a fine day.
Note: The President spoke at 2:33 p.m. in Room 450 of the Old Executive Office Building. H.R. 442, approved August 10, was assigned Public Law No. 100-383.
I’ve seen recently some weird speculations on motive of a hacker. Personally I prefer to focus on consequence because that defines our control options best. I learned to make this switch while studying the history of Vietnam War and seeking motives.(1) What motivated American leaders to kill so many people? Try reading “Advice for Soldiers in Vietnam: The Fish is Good”
…young, uneducated soldiers…had to be told why they were going to Vietnam, from which, after all, they might not return. “It is interesting, that the [US Department of Defense guide for soldiers] accurately and briefly describes the history of the Vietnamese resisting outsiders—the Chinese and others—while assuming that we could never be cast in this light.” To do this required telling some of the same lies that the government was telling the public and, for the most part, telling itself.
It’s basically impossible to clarify motive in this sort of context, whereas understanding the consequences is comparatively easy and can greatly affect motives in future: outsiders faced resistance. So time spent studying history really was learning to distill accurate consequences from action to help inform future paths; avoid predictable mistakes.
But still I understand that discussion of motive is attractive to many and there’s some merit to getting lost in speculation so here’s mine:
As I’ve said before I believe everyone is a hacker. In brief it seems to me to be a condition of economics and politics, laced with philosophy. If you find an obstacle in your path then hacking is a way to work around or even through resistance instead of using more direct methods. The asymmetry, disobedience to routine or expectation, is what I find at the foundation of hacking.
Theories of hacker motive that settle on addiction or male sexual fantasy as foundations have mistaken a small tree for the entire forest; symptoms such as these are woefully lacking in perspective.
Let us take as assumption that given a choice humans tend to go a path of lesser resistance. The more privilege or authority one has the more choices of low resistance, and less cause for a hack to get around resistance spots. Having total control therefore means the least hack incentives. Got root? Whereas, having the least control options for a desired changes brings highest incentive to start hacking.
Why would the an intelligence agency hack? They calculate a path to greater control for less cost (including blowback) than other options. Why would the activist hack? They calculate a path to greater justice for less cost than other options.
Perhaps I can explain using a counter-example. Addiction makes no logical sense to me as THE hacker motive. It is just one shade or flavor. The word addict comes from latin addictus, which means a person enslaved as a consequence of debt or crime.
Imagine a child abandoned by parents, or bullied by older schoolmates, and you have someone with potential incentive to see asymmetry as a best option against the obstacles in the way of their personal success. Tempting as it might be to describe them as addicts; it is false to assume use of asymmetric methods to overcome would lead to a form of slavery. They are not addicts if a control level they seek through resource-constrained methods is reasonable and achievable.
The addiction theory says hackers want more control because they are addicted to more control. This sounds like an administrator, not a hacker. You want more control? You get a job that gives you more control, and a promotion to more control, and another one. Hacking not required. Should we call a promoted system administrator an addict because increased authority achieved and desired? If they can choose to exit of free will, no. Addiction is a way to describe those with a high exit barrier/cost.
Moreover a tautology such as “want more power because power is wanted” should have been shot-down in the very first presentation review-cycle. Addiction to growth of power is separate from and does not pre-suppose any need for hacking because not-hacking (following procedures) also can end in the same place of more power. Obviously if one wanted to amass power and be enslaved by it (e.g. run a debt and be unable to pay) hacking still is not necessary, so it is hard to see it as THE logical justification to hack.
An asymmetry theory even explains away the (incredibly vapid) accusation that “penetration testing” could be a manifestation of man’s desire to stick their penis into everything. Hopefully I don’t have to explain why a male-only theory of motivation fails at first blush. Let it suffice to say people without a penis also see penetration opportunity to gain entry where they aren’t authorized. The risks of unauthorized entry is a much broader subject (i.e. women stealing) than just men being dicks.
Let’s face it, hacking is really about power, which brings me to think of it in terms of economics, politics and philosophy. Psychology may help study why a child abandoned by a parent feels transfer power and needs to react in a non-standard way. I don’t think that will really explain when and how authority, or let’s just call it privilege, will have to deal with those who learn and engage with asymmetry rather than sit bored because symmetry is a pipe dream. And hacking therefore also is not always bad. Asymmetric approaches can be known by their more common labels of innovation or creativity.
The question people really should be answering is when is it ethical to innovate or use creativity instead of following routines.
In response to my earlier posts on VW cheating I have heard several people say “I don’t know engines well so I don’t follow most of what you’re saying”. This is a familiar hurdle, true for most specialized technical fields.
I don’t mind hearing this because I am a believer in bridging. I see no point in shaming people who lack hands-on engine experience or have not thought deeply about the economics of transportation. A technical argument should be able to stand on its own, such that it can be explained to anyone.
So here I will attempt to build a bridge from being a long-time engine tuner to the growing number of very smart IT and infosec people without any real engine experience who suddenly now are looking into smog topics.
More specifically I will answer from experience whether removing engine DMCA immediately would help in the case of VW cheating.
Three Levels of Analytics
On the beginning end of an analytic spectrum, the thought that immediate DMCA removal “probably would help” is a binary form of assessment: see something say something. DMCA is a prior known harm. It has done harm elsewhere. When DMCA is noticed therefore its removal is a simple reaction.
Next on the spectrum is knowing that DMCA can be a harm yet wondering based on ranked data if removal will achieve an objective. Seeing DMCA used by a German car company could mean every German car company is suspect. A ranking system begs the question of how to know when and if safe transition away from DMCA is possible? Is it after German cars no longer are available for sale?
The training examples I suggest to answer this question are from other scandals related to privacy. Lance Armstrong, like VW, was a winner caught cheating. However Lance wasn’t the problem, he was a symptom of demand. He represented a far wider problem.
Using first level analytics (see Lance with privacy and say something) would not be the right approach. Likewise second level analytics are insufficient because Lance was not the only cheater.
Getting beyond level two analytics is very hard. Anyone with audit experience knows it can be a losing battle on the ground unless you have real infrastructure in place to support a search for knowledge. You have to be able to store data, evaluate and adapt. The better your tests the more your cheating adversaries will circumvent them so you need some way to win that race.
A sophisticated level of knowledge is a third level of analytics, which I will call heatmap. As signs of cheating emerge, none very special on their own, the probability is warmer overall. Privacy is not completely lost, but reliable indicators of cheating are developed broadly. This involves sensors so fast, unique and rich in detail that the cheater can not afford to keep ahead of them.
There are two more levels of analytics above heatmap unnecessary to discuss here. Suffice it to say a third level gets us to where we need; it should answer whether and when removing DMCA would be improving air quality.
I use my own experience to work through finding a third level analytics answer. It comes from tuning many engines and even making my own fuel over the last decade. Here are two reasons why I think removing DMCA is a distraction from the main issue: free market risks and the economics of performance tuning.
Free Market Risks
Removing DMCA would be great for innovation and cost improvements from shared knowledge. It would create a more free and unregulated market. That however is not going to magically make pollution stop.
More of something and cheaper doesn’t imply clean. In fact it could be the opposite as the market innovates toward more power for less money. Removing DMCA arguably means the market continues in the worst possible direction and pollution simply increases.
Can we avoid innovation going awry? Yes, with regulation specific to the objective. DMCA is a weak control for issues of competitiveness and innovation, only slightly related to the issue of keeping air clean. Removing it should come when we are able to regulate for clean air.
Removing Lance Armstrong’s privacy could actually make his cheats more pervasive and harder to detect by auditors. So could we improve detection without removing privacy completely? Absolutely yes.
Some suggest the VW cheat was caught using sophisticated testing. I think that’s an exaggeration but we still should look at the tests as an example to model. The auditor success really was in perseverance and perspective more than doing anything clever or novel. Someone kept thinking mpg and power advertised were too good to be clean, so they applied a clean-specific test where VW did not.
Take a moment to think of the VW cheat this way:
When you are stationary (garage, warm up in snow) you get cleaner air
When you drive, you get more power but it is dirty
This is exactly, and I mean exactly, what typical American customers demand of manufacturers. It is considered acceptable to pollute in the areas least likely to be measured. This is why you can buy “off-road use only” performance parts (meant to be used privately) and then drive them around on roads (publicly) without any real risk of prosecution or fines.
So with pervasive cheating and cheating ingrained in the American engine market why did regulators focus on one company? In brief because it is harder to ban pollution by cheating American consumers than it is to go after a wealthy German company with a minority of vehicles on the road.
To put this in perspective VW already had their cars banned from the California market in 2004. They came back in 2008 with some incredible new numbers and sales took off. All of this has been blogged here extensively before.
A good auditor sees improvement and immediately starts thinking skeptically; how did a small car sales winner get so good so fast (the answer is Bosch, who actually developed “off-road use only” codes). And then the auditor hunts. Sending a car across the country with sensors is not a super special or novel idea, which perhaps you have read in my prior blog posts (e.g. Jaguar boasted 62mpg in cross country test).
Auditors today are closing in on manufacturers because the market functions in a somewhat predictable manner. Changing this abruptly by opening up innovation could lead to many more polluters, groundswell of people acting more like VW (because you’ve removed VW from the equation) and even take us towards weakening of other controls focused on clean air. A focus on a winner with a clear-cut case is a very efficient form of regulation but insufficient, since the problem is widespread.
All of this says to me removing DMCA and opening up a free market without other forms of regulation in place would likely be a clean air setback. It would be like demanding the recipe for cyclist performance enhancing drugs be public in order to reduce their use. Unless cyclists and race organizers are prepared to regulate against use, releasing the recipe can lead to far more cheating and less chance of stopping it.
Performance Tuner Economics
It is well known in the engine market that DMCA does not stop people from completely reverse engineering their cars. Performance tuning firms, not to mention customers themselves, often reverse firmware and/or write their own. In fact you could say there is a symbiotic relationship where the weak enforcement of DMCA allows manufacturers to learn from the after-market crowd what power enhancements to sell next.
Note here there is literally no market for clean enhancements. You simply can not find after-market products designed to get the cleanest possible emissions from your engine.
What VW did was realize that customers wanted more power, more mpg, as they always do. This translates to more convenient “workarounds” and double-speak to avoid regulations of being clean. Thus instead of customers paying $100 and taking 10 minutes to after-market tune their engine, VW essentially modeled customer behavior and provided a solution in software.
VW probably figured why leave the fixes to after-market performance companies. They also likely saw it as a temporary workaround to get back into the market sooner (2008) instead of when they had figured out how to actually comply: both power and clean (2013). Classic product manager risk behavior.
The pervasive cheating that drives VW to do the same is both good and bad. On the one hand it is bad because the market obviously and flagrantly pollutes and no one has budget or tools to stop it at the widespread consumer level. On the other hand it is good because VW took the unrepentant customer bait for better cheats, brought it in-house, and gave regulators a one-stop shop to issue a fine and make an example for everyone to see.
Using our Lance Armstrong example, he cheated more and better than all the other cheaters, which made him the best person to take-down in front of everyone as an example. Some people say VW had 11 million cars affected and this is a lot. Unfortunately this is not a lot in the big picture of cheating.
I mentioned before that California took action in 2005 and knocked VW out of the market. This was because VW was big enough to be a centralized high-profile target but small enough and consumer-centric enough to be made into an easy example. Much more difficult would be for regulators to go after Ford, GM, Kenworth, Caterpillar, John Deere, etc..
Instead of only affecting a few million consumers a regulation at the much larger cheater level could seriously impact business processes and even shut them down. It is common to hear truck drivers complain that if they have to drive a clean engine in order to operate in California they will go out of business; lower mpg or less power to stop polluting is a very hard business decision for hundreds of millions of drivers.
DMCA therefore doesn’t really stop people from innovating (albeit in non-clean direction). So it would have to be enforced far more strictly to help keep air clean. That would be a very bad thing. Harming innovation to reduce pollution sounds backwards because it is. The same resources instead of trying to enforce DMCA could be used directly for enforcing actual clean air controls. The goal being when you finally remove DMCA the resulting innovation would be pointed in a positive direction.
This is why I say stop wasting time talking about DMCA in pollution circles (a mostly non-barrier to reversing and tuning) when you directly could be addressing the actual problems of cheating for actual air quality controls.
Building a Better Solution
In conclusion, I hope I’ve built the argument well enough to stand on its own, no special engine experience necessary. We need to be building a far better surveillance network to monitor for clean air and a far more effective response system for enforcement. This probably sounds shocking so the ethics and norms of behavior have to be ironed out. We should put it in terms of other pollution success stories.
When you see someone smoking a cigarette you say something to them. If that person doesn’t comply you invoke authority. Obviously you can’t tell on the spot you are getting cancer but you have it on good authority that seeing a smoker is reason to act. DMCA of the cigarette industry, such as recipes for mixing and rolling, seem mostly irrelevant because they are.
Thus we really should ask ourselves for engines how do we build a comfortable living environment still capable of finding and stopping engine-smokers?
Imagine every loud pipe you hear is reason enough to say something. Generally loud pipes are after market power improvements that intentionally increase pollution. The ear is no perfect sensor but it’s a start (albeit California regulators have been arguing they can decouple noise from pollution). Imagine neighborhoods using air quality sensors deployed to help build a heatmap; for example monitoring outside popular restaurants collecting data on SUV emissions left behind. You then deliver to the restaurant their pollution results and fine them based on their customer behavior.
There are many possibilities of great impact to consider and plan. Arguments about removing DMCA are mostly irrelevant to clean air economics and technical problems.
The majority of car enthusiasts care more about engine power than pollution. This especially rings true in America where consumers can easily modify hardware and software of their diesel engines. Ten minutes and a couple hundred dollars makes a significant change. Thus it has become common to find consumers seeking personal power gains with little/no concern for environmental impact.
Since the late 1940s US federal and state regulatory authorities have set standards and brought action against companies to help the market bear its responsibility for environmental impact. Consumers also increasingly have had to prove ongoing compliance with standards through smog tests linked to vehicle license. The growth of an engine tuning market for power, accelerated by the openness of car software, has forced regulators to crack down on manufacturers as well as move towards greater surveillance of consumers. The latter is less necessary and complex if the former is successful. The gap between demand and responsibility is a key to the issue. People often say “no one has died” regarding engine design despite the fact we know pollution kills and has killed (~58,000 premature American deaths per year).
VW was caught giving what most American consumers say they want most, more power. In some sense VW built into their cars before sale what many were doing after sales, which is a common practice. Over 480K cars were illegally fitted with the kind of “clean defeat” practice known to exist at a much larger scale on many more manufacturers led by an emerging “performance” industry. VW happens to have been the largest and most obvious violator caught, which makes it a perfect candidate for heavy regulatory enforcement. Used as a high-profile example, regulators may be able to use this example to shift consumer demand and raise awareness of pollution risk (including fines). US action against a German company also has geopolitical implications.
Last but not least, the cheat was unnecessary. VW product managers presumably rushed to market a bolt-on fix rather than a built-in solution. The company could have used a diesel-electric hybrid approach to achieve more power while reducing emissions, as shown with Toyota long-term success in the American market. Worse, VW left the cheats in their newer VW EA288 2L diesel that replaced the “cheater” VW EA188, despite the fact it arguably would be emission compliant anyway using urea injection technology.
Hello diesel fans, welcome back for another post on why diesel is the future of engine technology. Remember when I wrote about NASCAR cheating and included this 1976 quip from Waltrip?
If you don’t cheat, you look like an idiot; if you cheat and don’t get caught, you look like a hero; if you cheat and get caught, you look like a dope. Put me where I belong.
Fast forward almost 50 years and here we are still are talking about cheating to improve engine performance.
After the VW trivial hack (detect front wheel movement during change in RPM) to cheat regulations I’m even more bullish on diesel and here’s why:
It’s about damn time
First, this government crackdown has been long-overdue and in the works for decades. You know the transportation and automobile lobby finally is losing the dirty fight when the EPA makes this kind of clean success story stick. It seems to me California led since 2000 and took the brunt of counter-attack from those engine enthusiasts who hate being clean.
Anyone who thinks this VW catastrophe is about VW probably does not spend much time tinkering with engines or watch closely all the fighting in the diesel market. Let me be clear here, VW was a business giving the majority consumers exactly what they wanted. And like any very large company it used its size and power to influence governance.
I’ve highlighted some things in an old advertisement here to make it more clear how the spin worked.
Even I have fallen victim to trying to promote power of diesel to make it more appealing (many blog posts in the past about diesel power being a factor).
And that’s a big insight into why this isn’t really about VW. America has a hard time speaking directly to a clean consumer segment; a small, although arguably fast growing, group of people who don’t give a crap about performance when they ask for a clean air car.
Some point to a fact that VW was running ads boasting about achieving the regulatory definitions of clean. That doesn’t mean for a second they cared. It could be they were just following regulators’ lead, talking the talk, playing the game and throwing a few dollars at some words and pictures. The American car companies’ Flex-Fuel campaign is a great example of marketing double-speak that tells insiders at least one car company still doesn’t care about the environment.
Flex fuel: car makers’ way of thumbing their nose at regulations and saying “stop asking, we still don’t care about pollution”. (Sierra Club and Bluewater Network sued to force compliance and reduce gasoline dependence. Detroit smugly responded by delivering much larger engines with higher gasoline consumption)
If you want to get angry about bogus environmental advertising take a swing first at Ford, then BMW, and then…. We have some positive examples too, that suggest clean marketing can be woven into a campaign.
…the answer lies in Toyota’s clever marketing campaign. To begin with, it wasn’t aimed at the mass market. Instead, Toyota thought that the first hybrid buyers would be “techies” and early adopters (people who are highly likely to buy something just because it’s new).
Americans love early cool tech. They also love luxury. And despite loving power, it was absent from the Prius campaign. You had to look at a Camry for that stuff. The environmental campaign was infused rather than dominant in the carefully targeted Prius themes. Kudos to the late great executive who pushed Japanese sensibility into our thick American tuner heads.
Ok, ok, I’m not being fair to myself or others. Those of us who long pined for environmental improvements in engines just might have grown jaded after seeing twists and turns the product managers used to delay our clean dreams. We found ourselves characterized as a small peanut gallery watching from the outskirts of the big power demonstrations that the “majority” wanted.
Calling for clean diesel regulation has felt a bit like sitting on the sidewalk eating a leafy salad watching the crowds line-up for chemically-enhanced performance-oriented meals in a brightly colored restaurant (i.e.adding hydrogen to vegetable oil to achieve fastest food).
While it is true reading ingredients in a McDonalds Happy Meal might give information to be safer what we really need is regulators or a lawyer in Marin to push for a social norm that even late night talk show hosts can get behind and promote to the majority. Reading ingredients doesn’t do much good if we haven’t fundamentally shifted consumption preferences.
Or let me put it this way: when I was told I could participate in a corporate-sponsored race car event I immediately started asking about how we would measure and explain pollution hitting the crowds. Knowing that cars emitted harmful poisons was insufficient, I needed to get people to question whether we really intended to poison our VIP customers. Unsurprisingly, as those around me sipped their well-labeled alcohol and ate their sugary snacks that clearly listed all the ingredients, they didn’t really see what I was so concerned about.
Later I found myself in an even bigger “our future is data-driven” corporate-marketing event focused on race cars. I asked an Indy car team manager what the brake dust and tire wear meant for people standing near the track. “No idea” was the answer. And years later I asked a F1 team the same. Same answer. Some future. Data data everywhere and not a person who, despite having access to learn about harms, wanted to alter car culture towards being safer.
The point here, after saying this is not really about VW, is that it also is not about openness and transparency of the software. Openness isn’t the fundamental problem in the case of diesel emissions cheating. The real key to driving change is a push from regulators and to create the right pull from consumers; nudge economics is what I’ve heard it called lately.
Being a minority in trying to figure out the push/pull on majority risk issues should surprise no one working in the security industry. It is basically what we’re paid to do. Nonetheless sometimes there are twists we don’t anticipate as these socio political things are hard. The other day I found this curious notice from a security software organization:
A notice by Whisper Systems, considered by some a leader in security software, said majority concerns come first and consumers must swallow their closed sole-source manufacturer distribution channel.
Open WhisperSystems has chosen to focus on serving the millions of users who have GCM capabilities before turning our attention to the small number of users who refuse to install Google Mobile Services. We understand that this is an important issue for some of our users and have our support forum available for discussions.
The arguments used by WhisperSystems to justify this position simply is not true. And they’re telling us being small is why we’re lower priority? The number of privacy-enhancing software use overall is small, so should on that measure alone Google turn their attention elsewhere first? Hey Google, maybe you should start ignoring WhisperSystems because they are only a small number of people who refuse to just be happy with default apps provided by Google.
No I think size is not the right measure to start and end with. Other measures of priority are useful.
Sorry, I digress…let us go back to talking about VW, a software company using false statements to justify their position to appease the majority with a closed sole-source manufacturer distribution channel. Oh, wait a minute.
But seriously, let’s go even further back to regulators stepping in to shape the diesel market and consumer demands. The emissions debacle is really about regulators working over a long time to clean the air. They had to choose targets wisely (deep pockets from large numbers of consumer vehicle sales) and massage timing (emerging shift in public opinion based on solid grains of truth) to move a market after it refused to go cleaner on its own.
The fact that VW didn’t see this coming and thought they could cheat regs, or wait for a GOP victory that would weaken the EPA or worse, is just sad management. Fire that CEO for being out of the loop on political winds that in reality are directed towards everyone but start with the biggest and most useful example. VW deserves the book thrown at them because that’s how this game works. We make an example to educate others and VW had its neck out, way out, the wrong direction.
To really put the game in perspective, don’t forget Ford dumped their CEO after he called for a clean car revolution. Put that in your carburetor and smoke it for a bit. A major car manufacturing board kicked out a CEO who wanted to go clean. Easy to see how VW executives thought cheating with dirty cars would help them fit right into the market, get a nod and a wink rather than a fine.
Except there was a slight problem. They underestimated the importance of a minority voice and opinion.
Here’s the real choice, which apparently they did not see. Either you clean up diesel like we know can be done (gasoline cleaned up and thrived) or you become an example of why actually you have no choice. Too many decades passed when we let the establishment give empty promises and shallow marketing about flex fuel, yada yada. Clean up your engines or we’ll disrupt this market so hard small new-comers can jump in to compete and sell a proper clean product, verstanden sie?
Look closely at 2005 as a huge turning point. California regulators (and NY and some other states of little sales numbers) basically ruled VW out of the market. Cold. No more diesels could be sold by VW. They were nailed, while at the same time the majority of other polluting diesels were given a pass.
I have yet to see any pundits bring this seminal point into focus on today’s news. Watching this fight for decades obviously puts things in a different perspective. Having been a long-time diesel tuner and having made my own diesel fuel I have a few dozens of blog posts related to this topic.
Politics ten years ago proved VW was the easy target to initiate a clean air battle, despite American trucks going on and on spewing poison all around us. That is a key to unlock the context for recent news. VW consumer cars could not emit a “we must pollute to survive” excuse as easily as a Caterpillar, Ford or Kenworth.
2010 was another massive turning point when California applied smog tests to diesels. Even I was shocked when I received my first letter from the state. We all should have seen coming yet I confess, I have to admit, I was amazed the day finally came in 2010 when I had to test my diesel. And I was proud that all my tinkering did not reduce clean.
The regulators slowly were winning these small battles in small markets to test attack methods and gear up for a major war against big air polluters. They were wise. And so at long last, after decades of waiting, here we are…thank you thank you EPA.
Grains of truth
Second, it’s really about the engineering facts. With diesel a smaller engine produces more power, more cleanly, more efficiently from more renewable sources of energy than any of its competitors.
A diesel was not intended to run on petroleum, it was designed to do the exact opposite and free owners from sole-source energy. The petroleum industry bastardized the original diesel design, making it run on their product, which is a disgrace to engineering.
I just have to get this out of the way. Measuring diesels today on petroleum fuel is, albeit necessary because history, technically a petroleum industry’s trick. Don’t fall for it. We really should be testing the latest engines on multiple sources.
Let me present the amazing Subaru STI-D (2008 or even better 2011) as an example of what every American today should be looking for in their next vehicle:
And now let me put this in context. That little tiny light engine is hugely powerful (380 lb-ft torque) while being compliant with the EuroV emissions requirements.
Fantastic progress. As an aside did you know that gasoline engines were not tested at all for particulate matter until EuroV? Shocking. So while lots of writers have jumped on VW to complain about shameful cheating to squeeze under tightening PM filtering rules, they say nothing about gasoline engines not being tested at all. Meh.
Even more to that point the people racing tend to brag about not having to be compliant with any smog requirements at all because they found “exemption” loopholes. Here’s a Subaru diesel racer proudly spewing horrible PM: Jump to 0:53
I see this nearly EVERY DAY from other engine tuners. It’s a hugely widespread problem. Truck drivers might even be the worst and most prevalent. The people gearing and wrenching just don’t talk like they are worried about being clean until regulators clamp down. A big cheater take down is a much easier way to shift majority sentiment than trying to go after every little tuner.
In 2005 I was offered numerous chip options for my engine and remapping software to undermine emission controls and boost performance. It was from a few diesel specialists but things have progressed quickly to many more collaborating on tuning software. Here is a diesel tuner comment from 2011, shortly after the EuroV generation STI-D was announced:
Who in 2011 wanted to be part of open source history? Turns out few signed up and so these guys went proprietary instead. Regulators made an example of VW, the largest car company everyone knows, despite so many lower-profile examples everywhere of the same behavior. In fact VW probably just licensed diesel tuning software from one of the performance shops any customer could buy from.
Today we still have tuners all over SF removing their compliant pipes and putting on “noise and air pollution sticks” given typical motives, which rarely include being kind to their environment. Just last night a Canadian was bragging to me about his Ducati being loud with track pipes and so much fun. I had to cut him off and explain the respiratory damage to our neighborhood.
He had no idea. None. This is the real problem. VW management decisions seem to be more a symptom if you actually get your hands dirty, know engines and talk with people about what is happening. When I meet polluters I often pull out a 2004 report on snowmobiles to try and frame how a feedback loop should work.
In recent years, Yellowstone employees suffered headaches, nausea, sore throats, and watering eyes as they worked in a haze of snowmobile exhaust. The health hazards forced the National Park Service to pump fresh air into entrance booths. When workers continued to get sick, the Park Service issued respirators. So far this winter, the Park Service reports that none of its employees have gotten sick from breathing snowmobile exhaust.
That was five years into the fight. By 2013 the environmentalists had successfully shifted social norms and manufacturers had to admit pollution was an unnecessary loophole.
The rules were 15 years in the making because of intense wrangling between snowmobile operators and environmentalists. But both groups support the plan and give credit to snowmobile makers for designing cleaner machines.
If I remember the Yellowstone ranger studies right, one consumer on a non-compliant or exception engine was the equivalent of nearly 10,000 cars exhaust. 1:10,0000 as a measure of harm. And so many people do it without thinking a second about that kind of damage because it’s all external to them or they leave it behind and go home elsewhere.
If someone in America races, runs off-road or uses engines for special purpose (commerce, showing off to friends how loud and obnoxious you can be) they turn off the environmental concerns; especially if it’s a world they just visit occasionally and don’t have to breathe daily because no feedback loop.
With no feedback Americans will make claims that controls impede an ability to win or impress, or get a job done: make a few extra bucks on a trailer full of unripe bananas they have to deliver before it turns into fruit flies. Here is a classic reaction in 2010 when California announced enforcement of diesel emissions checks would include aftermarket products and tuning:
F.U. SACRAMENTO! I’m just trying to save money by getting better gas mileage and not blow my tranny towing. ARREST THE VIOLENT CRIMINALS AND TAX THE MILLIONAIRES
Don’t get me wrong. Sometimes there are justified reasons to set aside one concern, safety, to focus on another such as performance. The nature of the problem is that a justified delay or postponement of safety concern to allow other values should be revisited quickly.
I used to run into this all the time from cloud vendors, especially Platform as a Service (PaaS) VPs who would claim security means leaving it up to developers to feel and find the right balance. They almost always were trying to escape considering risk, waiting to bolt-on something instead of baking safety into their platform.
Consider how top engineers in the elite tank design unit of the US Army have built a prototype that uses…a Subaru diesel-electric hybrid. The best engineers in the best Army in the world aren’t futzing around and they are pushing the envelope on vehicle design with diesels. Yay.
Their diesel engine can take in fuel from basically anywhere, anything (troops easily can build a quick bio-diesel generation station to use local sources of oil — waste, trees, algae, etc) that will recharge the electric motor. Imagine having no fuel supply issues as you get (or give) orders to advance into the most remote and hostile territory.
My point is after you get to this amazing point on every possible performance level, where diesel-electric hybrid is outshining other power plant designs, you wonder who on that team is really looking at pollution. Why would they? Who measures it as a success?
When there is nothing powerful enough, no external feedback-loop, to push product teams to include safety from the start, they leave it out. That totally safe Army vehicle, where safety is job one, probably has zero pollution assessment in the final tally.
But I could be wrong. To be fair, some regulations have started to show employees around heavy machinery perform better in clean air. There could be someone monitoring soldier health saying air quality must be clean to win wars. Maybe the Army thought about a sick soldier as a problem and wants cleaner vehicles for improved chance of victory.
This kind of economics problem is the problem of security industry in a nutshell; even deeper it is the problem of quality in products. Bolt-on, not built-in is like fingernails scratching the chalkboard to the security professional being dragged into the product management office for an architecture review. We don’t want to have to ask VW “so explain exactly after 30 years of diesel engines you decided to make them clean in 3 years how?”
VW could have done so much more, could have released a far superior product, many many years ago instead of letting down the environmental minority. Instead they gambled and waited for that minority to start to reach greater opinion and political leverage and by then they were caught behaving badly because they listened for too long to the wrong Americans.
It’s economics, stupid: diesel-electric hybrid launch is cheaper than cheating
Ok, but I hear people, especially young people, say they love forward-looking Musk electric cars named after a famous American. That surely is built-in because no pollutants, right? Shouldn’t all companies jump in the race towards electric cars to solve emissions?
The problem is something smells funny in the Musk office. Why is the range of the car so short (under 100 miles) when driven by engineers who build it, but the marketing claims more than double? Cutting the efficiency in half during real-world driving conditions means Musk is sucking serious energy from coal plants, am I right?
And when you look at the refueling model, how do they break away from top-down dictated energy sources if there is a special interface instead of a universal standard? My guess is this is why they released their IP, to encourage other manufacturers to standardize on their interface. Good move yet still begs the question of control.
More to the point why continue any relationship with Musk after you buy the car? Dare I say it should be seen as curiously anti-freedom to build central-control personal cars with top-down tracking of our daily driving experience. I know this is bucking the trend, given Inrix, Google maps, Bluetoad and all the others trying to monitor our every move.
In the long-run however we surely will find drivers wanting to go off-grid and disconnect from mother Musk. Denying a reasonable option by design can lead to some dangerously predictable behavior, such as tuners removing emission controls in a quest for more power. Listen to customers, but listen wisely.
If I buy a $100K Musk-cart I don’t want to be forced to continue my relationship after purchase day. Let me choose the relationship and connection based on my needs. Don’t lock me in with your service-oriented tentacles. Keep the software open and the personal data closed. I certainly don’t want Musk poking around in my internals without my authorization or shutting my car down at his whim.
No thank you. For me, Diesel had the right plan from the start. His genius coupled with Tesla’s would be the ideal car. It’s long past time to throw the book at those cheating on his grave.
So what now should we do about it?
First, further accelerate the clean air standards and regulations and raise mpg requirements now. We are far behind and the manufacturers have abused every bit of leeway allowed. It is time to take up the slack and force innovation through measured feedback (e.g. enforcement). The market is ready to bear many new options and the incumbents are using their cheats for margin to hold back progress.
Second, revisit the 2001 Right to Repair Act as I’ve said before, and ensure customers retain the rights to troubleshoot and understand fully their vehicles. There is no proven risk to opening the information. Actually the opposite tends to be found. Tuners innovate faster and so manufacturers can learn and improve from the collaboration. The catch being tuners also have to be headed towards improvement using social norms. Ask me why bulletin boards are full of how to improve performance of engines, regardless of emissions, yet never seem to talk about pulling seat-belts out.
Third, realize that car companies claim to respond to customer demand. If they don’t sell what people ask for, they lose. That allows us to focus on the problem of defining clean engine demand; changing the voices that manufacturers focus on. We could also cop out and use a Prius “new tech” model with just a hint of clean. But here are two ways we might be able to force direct clean feedback-loops into engineering: monitoring and enforcement.
It is a thorny issue but I believe the answers to monitoring are in randomness and persistence. This is exactly what testing labs did and should continue to do. Testing for environmental pollution during environmental activity is nothing new. After all we have mpg listed on cars for city and highway “conditions”, am I right? Putting sensors on a diesel and measuring it as it drives across the US is a reasonable test, as I’ve written before (#XFCoast2Coast). Even more to the point I believe it was in-field discovery of large trucks in California removing environmental protections in the mid 2000s that helped push towards 2010 enforcement of diesel smog tests.
More research labs, in cooperation with local air quality authorities, should be funded to sample and exhaust the possibilities. The fact that it was a European wing of the US International Council on Clean Transportation (ICCT) that unraveled the VW cheats is a great example to expand from. Resources should be allocated to grow independent and creative ISEA (Identify, Store, Evaluate, Adapt) centers to put manufacturers through rigorous tests, while also scaling up existing ERM (Easy, Routine and Minimal Judgment) smog tests for everyone else — simple scheduled stationary assessments.
Enforcement, given a shift of social norm, becomes easier to solve as this issue drags along. VW has been the whipping standard for over a decade but it makes little sense to pretend that this issue is only about them. Fines for big manufacturers is a start, but let’s also keep an eye on tuners and commercial organizations/fleets as well. Those claiming a test “in the wild” or “during use” must account for the consumers pulling a similar cheat after manufacturers hand over the ECU.
Again I want to reiterate that what VW was caught doing is basically what every diesel tuner forum everywhere talks about. In the older hardware cases I knew big diesel truck drivers who put the original chips back in their engine during a smog test and then swap again when they hit the road. Revising software is clearly easier. Social harms aren’t really part of these folks’ equation. The answer to that is not pervasive surveillance of any potential tuner (testing everyone in the wild) but rather a more systemic approach to encourage behavior change.
While I agree with openness and am a huge proponent of right to repair, the VW situation is a good example of where open software would solve a different problem set than the one directly in front of us. Simply calling for open software, even just escrow, in this case may shift pollution problems worse by expanding cheats undetected, pushing tuners the wrong direction. Enforcement through social pressures and localized testing (ala the seat-belt shift from resistance to desire for self-compliance) must be a consideration.
In conclusion, I’m grateful we finally are seeing California clean air battles with diesel reach the federal level. It has been too long a wait for the book to be thrown.
With any luck the EPA action will be a big help to a certain little American car manufacturer in excellent position to deliver a superior product — clean diesel for freedom and fun to those who have such a desire, even if we’re still a minority. Shame about not being able to crack-down on pollution much sooner, like back in the 1980s…
In conclusion, and given the wisdom of NASCAR experts on cheating, put VW where they belong.
Lately one of my favorite jokes in SF is we haven’t reached peak yet because no one has tried to start AirBnBurrito. How can we just continue to order burritos without some kind of abstraction to improve our burrito experience? Why isn’t there a burrito sharing platform?
Platform is the hot new buzzword. We’ve never seen platforms of sharing like these before. Think disruption. Think possibilities.
WARNING: SECURITY PROFESSIONAL OPINION AHEAD.
VIEWER DISCRETION ADVISED.
For example if you put a smooth asphalt platform down where you live, then people can drive toxic chemical emitting boxes of death all around you. Those significant increases of disease in your home area from passers-by are a benefit, really, because they spur innovations in health care. Now that you have created a platform that leads to lead poisoning and asthma you can create a platform to search for how to remove lead poisoning and asthma…
I hear you saying broken window fallacy but wait, wait hear me out.
If you put a wireless transmission platform down, or even a spinning disc with recorded music platform down, you can give musicians pennies on the dollar for their work. You can build lavish studios and host amazing parties and promotional events on the backs of the kids who actually create music and then spit out those used up kids as the next batch of kids arrives.
Too much snark in my historic examples? Ok let’s be serious, the question should arise every time you hear the word AirBnB whether you have good reasons to trust a platform. What if history is just repeating itself, benefiting a few by allowing a clever shield scheme to avoid direct responsibility for harms that are externalized or spread widely? Platform risk is complicated and should not be treated lightly.
A platform company evangelist or product manager will probably you their developers are all responsible people who can be trusted implicitly to do the right thing; no need to have oversight because people are just naturally good. In reality, however, when you talk to the platform engineers behind closed doors you will often find a modern version of Sinclair’s 1906 novel “The Jungle”; history has some very important lessons to be remembered.
“Developers are our worst enemy” a car ride sharing platform security team member revealed to me recently, explaining further that “developers are so sloppy with credentials we had to hang one to make an example to the others”. This is a fine point. If we don’t make examples, or talk about security issues directly and openly, a platform may enable very bad things.
In 1906 the meat-packing industry was so poorly managed that the death of employees was a very real and pressing concern. Thus Sinclair wrote his book about the need to protect worker rights. The US government, loathe to be too leftist, pivoted from complaints of worker rights to create an agency that protected consumer trust in food and drug platforms (FDA).
Today the new “sharing industry” data is so poorly managed that invasion of privacy is a very real and pressing concern…any guesses the direction regulators eventually will go?
Pfffffft. Right off the bat I have to wonder whether the title is meant to make infosec professionals spit tea all over their monitor. Because that’s what I did.
To be fair I would gamble the title was really meant to be some kind of innocent “sharing” reference. Cue the little bunnies and kittens fluffing around. So tempting…
But to the trained security professional ear it comes across as nails on chalkboard “AirBnB goes on vacation and leaves your doors unlocked”
Ok, but nevermind the title. It is just a title. Let’s get right to the meat of the issues within the story. Let’s go right to the paragraph about…
Search for the word security: 0 hits
Search for the word confidential: 0 hits
Search for the word privacy: 0 hits
Search for the word risk: 0 hits
Search for the word trust: 1 hit!
While renting out an apartment or a house when it is empty is certainly not a new idea, Airbnb has taken it all to a new level and has built the idea of trust – of the people you are renting from as well as the people you are renting to – into its system, which has no doubt been a catalyst that has propelled its business.
Wat. Trust is built into wat system. Wat
Color me shocked. First, their supposed “new level” trust system actually has been proven to be antiquated and quite primitive. It has run into easily predictable failures that any hotel, let alone a reasonably thoughtful individual, would be prepared to handle.
…logic and decency would suggest that when you’re in danger, as Mr. Lopez claimed to be, Airbnb would come to your rescue. And in the wake of this episode, Airbnb said on Friday that it was clarifying its policies to make sure that its employees know to always call the police when someone reports an emergency in progress.
AirBnB management was unprepared for an emergency, leaving customers and employees in an untenable trust relationship. Is that the “new level”?
Second, in the text of this new story about keys to infrastructure the closest mention to anything security related that I could find was a little bit on segmentation, and that was only because a failure of availability.
We actually had to do a big cluster migration at the end of last year to separate all data infrastructure into two separate mirrored clusters: one to run all of the business critical jobs – things that have to be run and done on time – and another one for ad hoc queries. When we had it all running on one cluster, people were so interested in learning from the data that the ad hoc queries could get in the way of some of the business critical work.
They actually had to separate clusters because load. Not because privacy. No, the lack of privacy control is exactly what led to the availability failure.
Let me just say that again to be clear. Segmentation is not described as a safety issue but only in terms of performance. And yet to me the age-old problem of having too many chefs in a kitchen is an obvious safety issue much more than a performance one.
If you’re like me you’re now dying to know how privacy is being protected in the AirBnB world of sharing data as widely as possible for profit. Surely there must be some importance of privacy meant to be implied somewhere…especially in paragraphs like this one:
Airbnb actually teaches classes in SQL to employees so everyone can learn to query the data warehouses it maintains, and it has also created a tool called Airpal to make it easier to design SQL queries and dispatch them to the Presto layer of the data warehouse. (This tool has also been open sourced.) Airpal was launched internally at Airbnb in the spring of 2014, and within the first year, over a third of all employees at the company had launched an SQL query against the data warehouse.
Great. SQL being taught internally to everyone is just great. Everyone is being told to crowd into the kitchen and sharpen their knives.
What I’m really looking for, however, is an explicit statement more like “Airbnb actually teaches classes in privacy to employees so everyone can learn to protect customer data…”.
Instead I hear a company talk light-heartedly about giving keys to everyone, training everyone to dive in and start without any mention of due diligence or care.
The article is alarming because it emphasizes trust and then gives basically no reason at all to believe in it. Is consumer safety of any real concern? If this doesn’t get regulators poking into AirBnB I am not sure what should.
And all that doesn’t even touch on the logical inconsistencies. For example contrast these statements from the same person:
“the bad part is that Mesos, by its nature, is a layer of abstraction and it obscures some things from you”
“I intuitively believe that we are making the most of our engineers to push the business forward and doing it in a cost effective way on AWS” [because abstraction obscures some things from you and that’s just great. it’s so great i look back and wish i had increased obscurity 45%]
Just to reiterate the lesson being taught here: The bad part is abstraction; it obscures things from you. That’s bad. So we should push the business forward and in a cost effective way with abstraction. Bad is good for business. See?
But forget about the illogical flaws in reasoning for now. That’s just typical of cloud platform hype. Instead ask the tough questions about whether AirBnB gives you any reason at all to trust them if they’re sharing keys to your data.
END OF WARNING
So anyway as I was saying you may want to read the new piece about hot platforms and how AirBnB is doing fun stuff these days. It’s a good fluff read on the platform. Check it out and enjoy.
flyingpenguin, a security consultancy, designs and assesses risk mitigation, compliance and response solutions, as well as delivers strategic and competitive knowledge to security software and hardware vendors. Innovation, integrity and transparency are hallmarks of our services. Davi Ottenheimer, President of flyingpenguin, has more than twenty years’ experience managing global security operations and assessments, including a […]more →