Monthly Archives: April 2018

German Defense Spending

Posted on by
Reply

Recall that at the just-concluded summit between President Donald Trump and German Chancellor Angela Merkel, Trump urged Merkel to increase Germany’s defense spending.  Recall further Secretary of State Mike Pompeo’s subsequent meeting with NATO bigwigs in which he urged NATO members generally to increase their defense spending.

This table illustrates why Germany really needs to plus up its defense spending.

And this:

In February, the newspaper Rheinische Post cited an internal Bundeswehr paper stating that the army lacked the necessary basic equipment for its deployment in a NATO rapid reaction force.

Basic equipment: really basic, like tents for winter shelter, winter clothing, even combat basics like protective vests.

Germany’s Defense Minister has said she wants €12 billion ($14.6 billion) more than currently allocated to begin to bring the nation’s military establishment to a higher state of capability.  That’s barely a third of one per cent of Germany’s €3.4 trillion ($4.2 trillion) GDP.

I have to ask: is Germany serious about its own defense? Or does it really intend to continue to freeload off other NATO members—not only the US?

Diplomatic Cowardice

Posted on by
Reply

In response to a remarks US Ambassador to the UN, Nikki Haley, made regarding Hamas’ role in the deaths and injuries of Gaza inhabitants as they keep trying to storm the fence separating Gaza from Israel, Palestinian Ambassador to the UN Riyad Mansour said Haley’s remarks “lacked credibility.”

What Haley said:

She said the terrorists hide behind innocent women, children and men to further their cause.

Haley in part said that, “Anyone who truly cares about children in Gaza should insist that Hamas immediately stop using children as cannon fodder in its conflict with Israel.”

What Mansour said:

We challenge the liars who advocated lies in the Security Council yesterday.

When asked if he was calling Haley a liar—was she one of the “liars” to whom he was referring—Mansour said she:

created a very strong resentment among the entire Palestinian nation.

And

With regard to Ambassador Haley, the fact that she goes on the tangent that she did…would make her whole story not credible, in addition to being extremely insensitive.

Mansour didn’t have the moral courage to say straight up that he was calling Haley a liar—or that he was not and clarifying that he was not.

This diplomatic cowardice is of a piece with the physical cowardice of the Hamas terrorists who do, indeed, cower behind women and children (and men who want nothing to do with terrorism, even if they do protest the fence).

Encryption/Decryption Race

Posted on by
Reply

The political one I mean, not the technological one.  Recall, for instance the San Bernardino terrorist attack, the FBI’s capture of one of the terrorists’ encrypted iPhones, Apple’s refusal to decrypt it (they couldn’t, by their design of the iPhone’s OS), then-FBI Director James Comey’s (yes, that Comey) cynically tear-jerking demand for future such personal device encryption back doors to decrypt at Government convenience, and Apple’s refusal to support development of that.

An expert on the subject—a technological expert I mean, not a political one—thinks he’s solved the problem.  His solution is described in a Wired article.  This expert thinks he has a way of providing Government “exceptional access” to a private person’s (or private enterprise’s) encrypted cell phone (for instance).  His solution, Clear, works this way:

The vendor—say it’s Apple in this case, but it could be Google or any other tech company—starts by generating a pair of complementary keys. One, called the vendor’s “public key,” is stored in every iPhone and iPad. The other vendor key is its “private key.” That one is stored with Apple, protected with the same maniacal care that Apple uses to protect the secret keys that certify its operating system updates. These safety measures typically involve a tamper­proof machine (known as an HSM or hardware security module) that lives in a vault in a specially protected building under biometric lock and smartcard key.

That public and private key pair can be used to encrypt and decrypt a secret PIN that each user’s device automatically generates upon activation. Think of it as an extra password to unlock the device. This secret PIN is stored on the device, and it’s protected by encrypting it with the vendor’s public key. Once this is done, no one can decode it and use the PIN to unlock the phone except the vendor, using that highly protected private key.

So, say the FBI needs the contents of an iPhone. First the Feds have to actually get the device and the proper court authorization to access the information it contains—Ozzie’s system does not allow the authorities to remotely snatch information. With the phone in its possession, they could then access, through the lock screen, the encrypted PIN and send it to Apple. Armed with that information, Apple would send highly trusted employees into the vault where they could use the private key to unlock the PIN. Apple could then send that no-longer-secret PIN back to the government, who can use it to unlock the device.

Included in the procedure is the requirement to send a judge’s search warrant to Apple along with the encrypted PIN, and Apple would first verify the warrant before sending anyone to the vault.

Hmm….

In a landmark 2015 paper called Keys Under Doormats, a group of 15 cryptographers and computer security experts argued that, while law enforcement has reasons to argue for access to encrypted data, “a careful scientific analysis of the likely impact of such demands must distinguish what might be desirable from what is technically possible.” Their analysis claimed that there was no foreseeable way to do this. If the government tried to implement exceptional access, they wrote, it would “open doors through which criminals and malicious nation-states can attack the very individuals law enforcement seeks to defend.”

Exceptional access is not desirable.  All Clear would do is add to the hackers’/criminals’/malicious nation-states’—and malicious network entities’—target lists the men and women running the companies “storing” the back doors, now working in cahoots with Government men through the screen of a Government-issue search warrant.

It’s true enough that

Using that same system to provide exceptional access…introduces no new security weaknesses that vendors don’t already deal with.

The “same system” is the various ways software developers and vendors encrypt keys that then are used, for instance, to verify the veracity of this or that application a user just downloaded or an OS update being offered—or pushed—to a user.  It’s also true that things like Clear add no new security weaknesses (assuming, arguendo, that the software of the Clears of this potential brave new world is well implemented).  But spreading those existing weaknesses around, putting them explicitly in the hands of Government and out of the hands of individuals using the devices solves nothing.  It’s still men and women who are the weak link in this politically-driven solution, however elegant and simple to execute the technological proposal.

No, it’s not so much a matter that exceptional access is a “crime against science,” Wired‘s phrasing in its misunderstanding of the proposal.  It’s that exceptional access is a crime against individual liberty.  Even against group liberty.

In another cynical representation, current FBI Director Christopher Wray, noting that his FBI “was locked out of 7,775 devices in 2017,” said

I reject this notion that there could be such a place that no matter what kind of lawful authority you have, it’s utterly beyond reach to protect innocent citizens.

Stipulate that Wray is pure as the driven snow with motives beyond reproach.  He’s a man.  So will be his successors.  So are all of the men and women of government and of industry.  So will be their successors.

Thus, a question for those of you to the left of center and beyond, politically: would you really want a Donald Trump’s FBI via his selection of judges to have exceptional access to your secrets?

And a question for those of you to the right of center and beyond, politically: would you really want a Hillary Clinton’s FBI via her selection of judges to have exceptional access to your secrets?  A Bernie Sanders’?

Who among you are willing to trust a James Comey FBI with any of this?  A J Edgar Hoover FBI?

Or the titans of industry, the evil 1%?  Even Tim Cook, who resisted FBI demands in the San Bernardino case, is accommodating to the demands of the People’s Republic of China government.

What the sort of solution that is Clear does is force us to trust the good offices of the men and women running a manufacturer in addition to the good offices of the men and women of government.

That’s the stuff of a socialist’s wet dream.

A Federal Judge’s Mistakes

Posted on by
Reply

US District Judge John Bates has ruled that President Donald Trump’s Executive Order rescinding the DACA program initiated by DHA memorandum under ex-President Barack Obama (D) is illegal.  He’s gone beyond that: he’s ordered the Trump administration to process new DACA applicants, not just renew existing ones.

Bates’ mistakes are two.  One is his ruling that, in effect, it’s illegal to rescind a Department Memorandum by Executive Order.  Of course, this is erroneous.  A Department Memorandum is not statute; it’s not even a Regulation.  It has no legal force beyond being a Cabinet-level equivalent of an EO.  As such, it’s subordinate to Executive Orders and available to cancelation by same.  At worst, the issue is a quibble, easily correctable by an EO instructing the subordinate DHS to rescind its Memorandum.

Bates’ next mistake is claiming the EO is illegal because it offered insufficient support to its claim that the DACA program is illegal.  This is simply irrelevant.  See above: it’s sufficient for the President to instruct a subordinate Cabinet to do a thing, so long as the thing itself is legal.  There are no statutes barring a President from instructing the rescission of a Department Memorandum; such a statute would be unconstitutional, anyway, trampling on the separation of powers as one would.  No explanation for why a Memorandum should be rescinded is necessary, however useful one might be.

A Misunderstood Premise

Posted on by
Reply

Greg Ip is worried about financial deregulation.  He opened his Wednesday piece with this statement:

Deep into an economic boom with asset prices near records is when you’d expect the US financial system’s guardians to tamp down risk-taking. Instead, federal regulators and legislators are doing the opposite—watering down, narrowing or declining to enforce rules passed after the financial crisis.

That’s his misunderstanding.  Government shouldn’t be interfering in any way with the business decisions of private enterprises operating in a free market economy.  Beyond that, while declining to enforce is a bad move for any reason other than enforcement resource allocation, there’s no bad time to reduce the burden of regulation when regulatory bodies have gotten out of control, as the CFPB (among others) has done, and when regulations themselves have gone beyond what is truly necessary, as 80,000 pages in the Federal Register indicates.

His concern?

They will stimulate lending and risk-taking at a time when the industry is lowering its own standards amid a near-record economic expansion.

Again, this isn’t Government’s job.  A free market, unfettered by excessive Government diktats, will do a fine job of “regulating” businesses whose risk-taking goes too far.  And the free market will do it in real time, not the weeks or months required to write a regulation or to complete an enforcement action within an existing regulation.