Did Science Fiction Predict the NSA Debate?

The idea is that a corporation or government agency could influence public opinion by using computer programs to flood the social networks with comments.

In Cory Doctorow’s recent novel Homeland, a nefarious military contractor developed a persona management system called “Hearts and Minds” and used it to flood online conversations about a leaked surveillance program with dismissive comments [from bots].

There’s no evidence that anything similar has been happening in comment sections of articles about Edward Snowden’s National Security Agency leaks. But there are some signs that bots are joining in U.S. political debates. The same Times report notes that researchers at Indiana University discovered two Twitter accounts that sent out some 20,000 similar tweets, most of them linking or promoting the Web site of then-House Minority Leader John Boehner in the run-up to the last midterm elections.

–Andrea Peterson, On the Internet, no one knows you’re a bot. And that’s a problem.

How to Decode the True Meaning of What NSA Officials Say

Jameel Jaffer and Brett Max Kaufman in Slate.

James Clapper, the director of national intelligence, has been harshly criticized for having misled Congress earlier this year about the scope of the National Security Agency’s surveillance activities. The criticism is entirely justified. An equally insidious threat to the integrity of our national debate, however, comes not from officials’ outright lies but from the language they use to tell the truth. When it comes to discussing government surveillance, U.S. intelligence officials have been using a vocabulary of misdirection—a language that allows them to say one thing while meaning quite another. The assignment of unconventional meanings to conventional words allows officials to imply that the NSA’s activities are narrow and closely supervised, though neither of those things is true. What follows is a lexicon for decoding the true meaning of what NSA officials say.

A lexicon for understanding the words U.S. intelligence officials use to mislead the public.

So you think your password is secure?

From Ars Technica: a chilling demonstration that even passwords like “qeadzcwrsfxv1331” can be cracked if the web site uses a weak hashing function.

http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/

Takeaways:

  1. If you can remember it, it can be cracked.
  2. The only passwords that can’t be cracked are fairly long, truly random passwords. (Banging on the keyboard isn’t random.)
  3. Never, never, never use the same password on more than one site.

Therefore the only way to really be safe is to store your passwords in a password manager program like KeePass, LastPass or 1Password, and use the program to generate a unique random password for each site.

Aaron Swartz’s Suicide

If you have been following the news you must be aware that Aaron Swartz, a social-networking pioneer, academic researcher and clumsy hacktivist, has killed himself. Though he left no suicide note many people attribute his death to the fact that he was facing federal charges that could have sent him to prison for many decades.

I feel obliged to comment since I responded to the original news of his arrest with a somewhat sardonic post called “When Ethicists Steal.” (Swartz was a Fellow at the Harvard University Ethics Center and the title referred to my long-held suspicion that self-styled academic “ethicists” just come up with rationalizations for their gut feelings and present them as scientific results, far superior to the ethical opinions of mere mortals.)

Swartz downloaded a vast number of academic articles from the JSTOR database. He apparently believed that they should be freely available to the public. Who knows? Maybe he was right, given that the public probably paid for the research with their tax dollars.

However anyone with any involvement with computers should understand that it is not OK to enter a network wiring closet without permission in order to make an unauthorized connection to the network. Surely this would justify some sort of criminal penalty.

On the other hand what he did was in no way comparable to murder. It was more on the level of entering an empty house though an unlocked door and taking a sandwich from the refrigerator. Except that nobody was deprived of a sandwich. (JSTOR, the aggrieved party, didn’t lose any money and didn’t want to press charges.)

So the loud outcry that the federal prosecutor was abusing his power by threatening to send Swartz to prison until he was an old man is not without merit. We have lost a bright and promising young man whose actions were surely misguided but not evil.

On the other hand we are not dealing with a rogue prosecutor here. This is what prosecutors do every day, though usually not to people with so many friends in the media. They routinely threaten to send people to prison for the rest of their lives in order to pressure them to plead guilty to reduced charges–even if they are innocent. That’s the kind of justice system we have and presumably that’s the kind of justice system the voters want, otherwise they would change it.

More thoughts on Orca

Everyone seems to be jumping on the story of the Romney campaign’s “Orca” debacle. But it seems to me that this is not really a new story. It’s a story that’s been repeated over and over again thousands of times, in large companies and small, not to mention government agencies.

Tell me that you haven’t heard this one before:

  • To begin with, you have a CEO who is a great visionary. (Everyone tells him he is, so he must be.) He doesn’t know much about Information Technology, but that’s OK–you can hire people to handle that.
  • The CEO is approached by an IT consultant who proposes a great new system, something that has never been done before, which will run rings around the competition.
  • The consultant has never actually developed a system of comparable complexity but the CEO is impressed with his vision. He tells his people to give the consultant everything he needs.
  • Because of the great strategic importance of the project the team accepts an extremely aggressive development schedule. It just has to be ready by the drop-dead date. To make it work the team will have to put in lots of overtime and not waste too much time on things like design reviews and extensive testing.
  • The consultant creates an elaborate marketing presentation to sell the project to the organization (and maybe to outsiders as well.)
  • To simplify the transition they decide on a “Big Bang” implementation. On the deadline date the old system will be irreversibly shut down and the new system will go online.
  • Users are given “training” that is basically a rehash of the marketing presentation. They can’t practice with the new system because it isn’t ready yet.
  • Result: Profit! humiliating failure.

Continue reading

The Romney campaign’s great IT failure

Ars Technica has a great analysis of “Team Romney’s whale of an IT meltdown.” Regardless of your political views, if you are involved in any large IT project this is worth reading.

“Orca” was the campaign’s massively-hyped centralized computer system for managing the get-out-the-vote drive. It was supposed to track the process in real time and shift resources as necessary from areas where Romney was running far ahead to areas where more help was needed–thus running rings around Obama’s more old-fashioned system.

In fact the system was inadequately tested and users had essentially no training. On Election Day it collapsed, leaving the campaign managers flying blind. Given the margin of victory this probably wasn’t enough to change the results the election. (The “ground game” is supposed to be good for a point or so.) Still, it certainly didn’t help.

“The end result,” Ekdahl wrote, “was that 30,000+ of the most active and fired-up volunteers were wandering around confused and frustrated when they could have been doing anything else to help. The bitter irony of this entire endeavor was that a supposedly small government candidate gutted the local structure of [get out the vote] efforts in favor of a centralized, faceless organization in a far off place (in this case, their Boston headquarters). Wrap your head around that.”