BLOG: Because We Can, The Arrogance of Power

Speaking of drumbeats, the drumbeat to “do something” continues to pound on the chaos in Syria. The Syrian government is clearly unsavory and brutal. Some in this country believe that it is therefore illegitimate and should be changed.

Whether the USA should intervene, and who should rule Syria is being asked, but these are the wrong questions. The most important question is: what gives us as a nation the right to choose the governments of other nations?

If you listen to the pundits, and the politicians debating this question, the answer appears to be: “because we can.”  Some go so far as to say that the mere existence of our capability gives us the right to make these decisions.

There is an old saying that deals with a common moral dillema: “The ends do not justify the means.” The point of the saying is that no matter how much good you may end up doing, that does not justify doing it, if the means to the end are immoral.

Fighting a war means killing people, which we consider immoral. Wars are sometimes clearly necessary, so those who went before us have devised the moral underpinnings of the just war theory. In no possible way would an intervention in Syria qualify as a “just war.”

It is hard to imagine a foreign nation bombing our cities and openly taking sides against the US government to support some home-grown militant organization, but that is exactly what we did in Libya, and are being asked to do in Syria.

Americans presume the right to choose our government, and settle these things ourselves. Why do we not presume that other nations have the same right?

Has our immense military power and global reach corrupted our idea of when we need to “mind our own business?” Do we equate our power with the wisdom and the right to decide for others how they will be governed?

I pray that it has not. I pray that we do not intervene in Syria, but not because I do not pity the victims of the conflict there. It is because we have no right to do so, and to say that we do is to say that we should “because we can.”

That is not a moral principle I want to stand on.

BLOG: Cyber War—The Drumbeat Continues

The Iranian nuclear effort was stunted by the the Stuxnet virus, and now Flame. Some believe that both of these were constructed specifically to slow Iran’s progress, and some call this “cyber war”. The drumbeat to “do something” is loud this week.

As I pointed out in my recent blog , so-called cyber war is not really war because it involves no violence and no coercion. A successful “cyber attack” is really just someone taking advantage of a security flaw in computers to gain some measure of control of those computers. The damage that can be caused by a successful attack can be substantial, but in many, if not all cases, the damage can be completely avoided with simple steps. The reasons those steps are not taken are sometimes out of ignorance, but much more often vulnerability is a conscious choice to gain convenient remote access, with full knowledge of the security risk it entails. There is tremendous value in enabling this access, saving billions of dollars in time, travel, and delay because people no longer have to be physically present to do their jobs.

This tradeoff is a classic case of security vs. convenience. The worldwide internet is a wonderful tool. Its utility flows directly from its worldwide, unfettered, unfiltered reach. Anyone on any continent can communicate with any computer system that is connected to the internet. This enables a vast and growing number of applications that allow people to do banking from home, and monitor their homes while on vacation. It also allows administrators to control and maintain computer  equipment, and engineers to monitor power plants from home. With the advent of small, portable devices like the iPad, these things can be done from almost anywhere.

That very connectivity is also the danger. Can the “Bad Guy” break in and seize control?

The answer is “maybe”, and it always will be.

Truly secure computer systems are kept in a room-sized, lead-lined box. There is no “network access” at all. If you want access, you go in the room. You are searched on the way in, and searched on the way out. The ceiling tiles on the room are tied together to ensure that the “seal” is not broken, and every wire going to the room is inspected by the security officers to ensure that no unauthorized information can leak in – or out.

That is a secure computer system. It is also a computer system that is almost useless, because by severely limiting the data flow to and from the outside world, it cannot do what computers do best – digest and analyze data.

Almost every other computer system today has some sort of internet connection. Security experts recommend firewalls, proxy servers and anti-virus software, every one of which makes remote access more difficult and expensive. Every computer system administrator worth his salt knows that a break-in would be a disaster, but they make the difficult tradeoff of implementing enough security to stay “safe” without making usage “too difficult”.

I have several servers that I administer, and I regularly see “attacks” on my machines from Russia, China, India, South Africa, Brazil, and elsewhere. These “attacks” are constant, annoying, and consume network capacity and CPU power, but in general I do not block their access. Why? because I would rather accept the annoyance of the attacks than block a legitimate customer by accident. The lead-lined box is not an option, because my customers come to me specifically to get world-wide connectivity. It’s a package deal.

The same is true of the internet in general. Its power is in its connectivity and the absence of centralized control of any kind. Anyone can become the author of a viral YouTube video, or start a revolution with a Tweet. This also means that the Bad Guys also have unfettered access. It means that “cyber security” is the responsibility of each and every computer system administrator on the internet.

It’s a package deal.

All of the proposals being pushed to “fix” our vulnerability to “cyber attack” involve some measure of central control of the internet. It promises “safety” to computer system administrators in exchange for less internet freedom. Every one of these measures has the effect of ending the internet as we know it, because whoever controls that “authority” can unavoidably decide who the “Bad Guy” is. History teaches us that sooner or later, the “Bad Guy” will be “you”.

BLOG: CISPA and the Myth of Security

The internet is abuzz with warnings about the proposed CISPA legislation – HR 3523.  As with a lot of legislation, this bill is well intentioned, but not helpful.

This particular bill is also emblematic of the confusion and ignorance that pervades conversation about internet issues.

The motivation for this federal legislation is the powerful urge being felt by those who don’t understand the internet to have a “coordinated” authority tracking and monitoring “critical infrastructure” that could in theory be damaged or destroyed by a “cyber attack”.  Some people believe that if there is no federal agency “regulating”, we are vulnerable.

The thrust of CISPA is to allow federal agencies to share information about “cyber threats”.  Current law is complex and not entirely clear.  CISPA is 16 pages of provisions allowing certain entities to share certain kinds of information with certain other entities under certain circumstances, other laws notwithstanding.  (It does not directly threaten anyone’s privacy, as some suggest)

Is that clear?

First of all, “cyber attacks” are not the big mushroom-cloud events that you see in the movies.  They take the form of hundreds or thousands of attempts to guess your password, or generating ill-formed requests to a web server, or spewing out “poisoned” packets on the internet.  There are many forms and types, but they are not at all rare.  They are as common as mosquitoes.  I have  many thousands of these “attacks” on my computer servers every week.  I have to be careful to monitor my servers to ensure that these “attacks” are not successful.  That is part of my job, and there is absolutely nothing that the federal government can or should do to fix it.

Secondly, the idea that information sharing and monitoring by federal agencies will prevent the “next big cyber attack” is silly.  It’s much like the idea that the folks at the SEC can prevent the stock market from crashing.  No one is that smart.  The hackers who launch these attacks are like the mosquitoes.  They are everywhere, and constantly probing for weaknesses.  We may as well pass a federal law banning shoplifting.

Like shoplifting, “cyber attacks” are a fact of life in a world with worldwide anonymous connectivity.  Like shoplifting, it is the responsibility of each computer owner, administrator, or manager to take appropriate steps to ensure that important data is secure.  There is an entire industry segment devoted to anti-virus and security issues.  PC security software is widely available.  This is not a crisis, nor even a major problem.  It is part of the price we pay for internet freedom.

There are places in the world where shoplifting is rare.  In those places, merchants keep customers in the lobby behind a fence, and if the customers want to see an item, the item is brought from the back room, and shown to the customer.  The customer is only permitted to actually touch the item under close supervision.

In the same way, computers can be put behind a screen, and users permitted access only under tight supervision.  This has been tried by certain repressive regimes.

General Douglas MacArthur said: “There is no security in this life, only opportunity”. We must stop turning to government to solve every problem – real or imagined, as though we can somehow achieve ultimate security.  The internet is not “broken”, and all the federal “oversight” in the world will not “fix” it.  I, for one, do not want the federal government to even try.

BLOG: The Unaccountable Fed

This article should serve as a cautionary tale for anyone who cares about the Rule of Law, and our constitution.

Our founders understood that private property is essential to preserving freedom, because without solid private property law, there is no individual autonomy. This is why in repressive socialist societies such as the old Soviet Union, allowing private ownership of property was considered so revolutionary. It facilitated freedom.

Less well understood is the importance of honest money in a free society.

Modern money is no longer a thing of intrinsic value. You can’t eat it, or wear it. It has value only because everyone agrees that it has value, and we have absolute confidence that it will have value tomorrow, and that our right to hold it—as long as it was obtained legally—is beyond question.

So why is the Federal Reserve a threat to freedom?

Imagine the Fed facing another “armageddon”, and holding the belief that it must repeat its tactics of 2008 to “save” the economy.  For all the protestations to the contrary, this is a very simple thing. In 2008, the Fed created a large quantity of money, and through the banking system caused more to be created.

It is obvious to anyone with the slightest economic literacy that anything that is abundant is worth less.  If money is handed out on street corners to anyone who wants it, it will cease to have value.

How much money can the Federal Reserve create without destroying our confidence in the value of our money?

Mr. Bernanke and his supporters poo-poo this as unlikely, but hyperinflation is not in any way theoretical. It has happened many times, and always occurs when political necessity overwhelms fiduciary duty—exactly the rationale for the actions in 2008.

When our money is worthless, what of our freedom? When our IRAs and 401Ks evaporate, what of our security?

The Federal reserve is a hugely powerful institution. It needs to be prudently overseen, not given the almost unlimited discretion that it currently enjoys. If we fail to control the Fed, it is not Greece we will become, but Zimbabwe in 2009, or Germany in the 1920s.

BLOG: Obamacare and DOMA

We do not live in a democracy.  Our founders were careful to give us rather a constitutional republic, with checks and balances, and separation of powers.  All officials swear an oath to “protect and preserve” the constitution.  The United States is not held together by ethnicity or long history.  The United States is held together fundamentally by one thing – our acceptance of and fealty to our constitution.  This is the “consent of the governed”.

That consent depends on a shared understanding of the constitution.  Phrases like “Congress shall make no law” need to mean exactly what they say to be something that the people can uphold.  Officials need to follow it, and the voters have a duty to hold those officials accountable to our constitution.  Courts have a duty to read it as written, not as they wish it to be, not twist it to follow any particular agenda.

I believe that the consent of the governed, and a shared understanding of our constitution is the most precious political asset we have.  Without it, we have no country.

President Obama has made comments recently that appeared to criticize the Supreme Court.  Mr Obama commented that it was “unprecedented” for the court to strike down legislation passed with a “strong majority”.

On the other hand, the Obama administration recently launched a lawsuit over the Defense of Marriage act (DOMA), asking that DOMA be declared invalid.

Political arguments about the merits of these cases aside, this is a very troubling turn of events.  It appears that on one hand, President Obama is insisting that the court strike down laws he does not like, while upholding a law he favors.  Legal or even political arguments advocating or opposing these laws are welcome and appropriate.  Casting doubt on the role of the court and suggesting that it should do the bidding of the president, or some unspecified majority flies in the face of the oath of office he took on Jan 20th 2009.

Few things are as corrosive of trust in government than officials who put their agendas above their duties. President Obama would do well to make his priorities explicit and clear.  Is the constitution his first, or his second priority?

Freedom and The Power to Choose

Two issues have been hot lately:

  • Contraception, religious freedom, and health insurance
  • LGBT advocacy issues in public schools

In both of these cases, the same principle is in play.  We want something for free. We get someone else to pay for it, then we get upset because we have lost our power to choose what we get.

This should not be a surprise. It is an iron law. He who pays gets to choose. The ancient fable puts it as “He who pays the piper calls the tune”.

The first is the case of health care. The PPACA (Patient Protection and Affordable Care Act—aka Obamacare) dictates the content of health insurance policies nationwide. It also makes private medical practice very difficult. From the beginning of the debate, it was clear that there would be a “standard” of care.  Would abortion be covered? If included as “standard care”, the pro-life community would be enraged. If excluded from “standard care”, abortion would be much more expensive, and possibly very difficult to obtain. There is no middle ground, beacause “the standard” dictates so much about medical care, prices and availability.

The second issue is the conflict over the role of public schools in dealing with homosexuality. Proponents of “LGBT-friendly” policies want any hint of disapproval of homosexuality banished from the public school. Proponents of traditional family values want to preserve and defend traditional standards of sexual behavior, or at least maintain the primacy of parental authority in those subjects. The trouble is that public schools are paid for by the taxpayer. Parents don’t get to choose how the schools are run or what is taught. The curriculum, the teachers’ qualifications, and many other things are chosen through the political process. Changes in policy are very difficult to obtain, and tilt heavily toward not offending any constituency. In the end, the same principle applies. We demand that the taxpayer bear the cost, and those taxpayers run the schools in a way that may or may not be to my liking.

As a people, we want “free stuff”. In one case health care, and in the other, education for our children. In both cases, we have induced others—the taxpayers —to pay the bill. Later on, we find that those paying the bill have a different idea than we do of what health care should look like, or what our children should be taught.  We are outraged, and it becomes a political fight to get a “majority” to support our favored policy.

The principle is the one illustrated by the “Pied Piper of Hamelin”

http://www.indiana.edu/~librcsd/etext/piper/

He who pays the paper calls the tune. If you get someone else to buy you something, you don’t get to choose what it is.  If you pay for something through taxes or mandatory fees, you don’t get to say how that money is spent.

This is why we have markets.

In markets, if 60 people want green neckties, and 40 people want red, 60 people buy green and 40 people buy red.  Everyone is happy.

In politics, we have majority rule. We vote. Everyone gets green ties, and 40 people are unhappy.

This is about freedom. We cannot have it both ways. If we want freedom to choose ties, medical care, or what our children are taught in school, we will have to bear the costs. The moment you accept the “free stuff”, you have lost your power to choose.

Remember this as the candidates make their rounds this summer.