Archive for January 2008

Real Science Meets Muh-hahahahaha!   2 comments

Connie-Lynne’s brother Adam just put up a post about a LiveScience article on 10 Ways To Destroy The Earth.

Adam may not have seen this: the ultimate guide to actually destroying the Earth (also by Sam Hughes).  Not some disaster-flick, “Oh, the Earth is will be uninhabitable if this occurs,” version of destroying the Earth. The author defines his terms thusly: by any means necessary, to change the Earth into something other than a planet or a dwarf planet. From the intro:

Destroying the Earth is harder than you may have been led to believe.

You’ve seen the action movies where the bad guy threatens to destroy the Earth. You’ve heard people on the news claiming that the next nuclear war or cutting down rainforests or persisting in releasing hideous quantities of pollution into the atmosphere threatens to end the world.


The Earth is built to last. It is a 4,550,000,000-year-old, 5,973,600,000,000,000,000,000-tonne ball of iron. It has taken more devastating asteroid hits in its lifetime than you’ve had hot dinners, and lo, it still orbits merrily. So my first piece of advice to you, dear would-be Earth-destroyer, is: do NOT think this will be easy.

This is not a guide for wusses whose aim is merely to wipe out humanity. I (Sam Hughes) can in no way guarantee the complete extinction of the human race via any of these methods, real or imaginary. Humanity is wily and resourceful, and many of the methods outlined below will take many years to even become available, let alone implement, by which time mankind may well have spread to other planets; indeed, other star systems. If total human genocide is your ultimate goal, you are reading the wrong document. There are far more efficient ways of doing this, many which are available and feasible RIGHT NOW. Nor is this a guide for those wanting to annihilate everything from single-celled life upwards, render Earth uninhabitable or simply conquer it. These are trivial goals in comparison.

This is a guide for those who do not want the Earth to be there anymore.

You can link to the below image to have a graphical representation of the current status of the earth on your web site.

Current Earth-Destruction Status

The site also includes a variety of fascinating links to resources for both the seriously scientifically minded folks and goofy guys who occasionally like to chuckle evilly. My favorite linked site is this one, where someone well versed in physics spends entirely too much time analyzing The Death Star.

Posted January 30, 2008 by padraic2112 in humor, web sites

What Can We Learn From This Story?   2 comments

Headline: Angry Employee Deletes All of Company’s Data, from

There’s actually quite a few interesting security and systems lessons in this one article. Quoting here:

When Marie Lupe Cooley, 41, of Jacksonville, Fla., saw a help-wanted ad in the newspaper for a position that looked suspiciously like her current job — and with her boss’s phone number listed — she assumed she was about to be fired. So, police say, she went to the architectural office where she works late Sunday night and erased 7 years’ worth of drawings and blueprints, estimated to be worth $2.5 million.

It didn’t take Steven Hutchins, owner of the architectural firm that bears his name, much time to figure out who’d done it — Cooley was the only other person who had full access to the files.

Hutchins told one TV station he’d managed to recover all the files using an expensive data-recovery service.

As for the job, Cooley originally wasn’t in danger of losing it. The ad was for Hutchins’ wife’s company.

The first lesson here is that you should never have only one copy of $2.5 million dollars worth of anything. The second lesson is that at some point, project drawings (or whatever your data happens to be) should be archived into a read-only state, which would have limited her ability to only messing with the firm’s current projects. The third lesson is that certain types of behavior can’t be easily restricted with simple negative consequences. Surely Ms. Cooley, if she had been thinking rationally, would have known that she was going to be caught out for this, which implies either she was so angry at the thought of being fired she was acting irrationally, or her idea of the consequence (“Well, all he could do is fire me anyway”) didn’t match the reality (she’s most likely going to be convicted of a crime for this, which will make it pretty much impossible for her to get any sort of real paycheck for the remainder of her working life).

But the real lesson is that it is actually hidden behind all that. It is very difficult to protect yourself from an insider attack, particularly at a small company. If you have a limited number of people you can trust, you’re going to wind up trusting some of them implicitly. Even if Hutchins’s architectural firm had taken steps to help prevent this sort of thing from happening, it’s likely that Ms. Cooley would have been able to seriously bollix up the works anyway if she was determined enough. Read-only media can help cut down the risk, but if someone had physical access there’s nothing to prevent them from taking a fire axe to the disk (or tapes or DVDs or whatever media they might have used for archival purposes). A trusted insider with the right information could even arrange to get rid of offsite backups with a simple phone call (“Our server crashed and we need our offsite backup copies for a restore…”).


Posted January 29, 2008 by padraic2112 in news, security

Cloverfield was Just Okay   1 comment

Cloverfield is getting pretty good reviews, generally. Some respectably geeky people liked it a lot.

I didn’t, really. No-spoiler review follows.

I’m a big fan of both monster movies and their two near cousins, disaster flicks and post-apocalyptic movies. Odds are pretty good that if it was made after 1930 and there is some supernatural, paranormal, or scientifically implausible critter trying to destroy or take over the world (or eradicate humanity), I’ve seen it. Whenever Mother Nature gets irritated and wipes out a large swath of supporting characters, I’ll plunk myself down for 2 hours or more and enjoy it. I’m generally agnostic when it comes to villain preference, I’ll take zombies, simulacrums (man-made, machine-made, or alien-made ones), “wee beasties” of varying virulence and origin, earthquakes, fires, aliens, mutated humans, you name it.

I’m also happy to watch varying grades of entertainment in the vein. Well thought out villains with interesting motivations are as entertaining as gigantic apes. I’ll take cult classics crammed with B-list actors, and happily suspend my disbelief at marginally crazy plot lines, particularly if they’re just trying to be funny or campy.

However, there are some things I *don’t* like. I don’t like remakes of movies that were already awesome in the first place (although there is the occasional statistically unlikely exception to this rule). I don’t like movies that rely so much on a suspension of disbelief that you have to club yourself in the head repeatedly with a heavy blunt object to get to the point where your IQ is so low that you can forget about the ridiculous premise.

So, you ask, “Why didn’t you like Cloverfield?” No, the cinematography didn’t bother me. I thought the effects were pretty darn good. I can reasonably suspend disbelief and allow big giant monsters that are exceptionally resistant to conventional weaponry to be a central focus of a movie. None of that bothered me.

Some time a while back I read a description of the movie and what stuck in my head was the line, “It’s a movie about the people who ran.” Aficionados of monster movies and disaster movies that read this description should know immediately what the author is talking about. Classic movies of this type have some recurring characters. You have The Scientist Who Wrongly Assumes That The Unknown Is Good. You have The Engineer Who Cannot Believe His Design Is Flawed. You have The Corporate Tool Whose Greed Dooms Everybody. Usually these characters are sprinkled liberally around the core cast, and you can tell more or less from the beginning who is going to make it through to the end and who is going to be hoisted by their own petard or hubris. Part of the fun of the movie is knowing that Carter Burke is going to get eaten, it’s just a matter of when. Also part of the fun of the movie is *not* knowing who is going to make it through to the end (although the Plucky Heroine and Everyman usually manage to muddle through), and occasionally being surprised when your favorite character gets it early on. Every time I watch Aliens, I hope Sgt. Apone is going to make it, or at least go out in a blaze of self-sacrificing glory. Nope, he’s always squished. Almost as an afterthought.

Another set of “staple” characters in these movies is “The Crowds Who Flee”. They’re staple in the sense that there’s usually a large group of people who run screaming from the monster when it finally stops fooling around and gets down to seriously crunching, munching, or otherwise wreaking havok on the populace. You don’t know much about them, except they run, and some of them get squished, and some of them run offscreen, and presumably a percentage of them manage to hold out until the end of the movie, at which point they pick themselves out of the rubble and gather around our Hero and Heroine and get down to the job of cleaning up the mess.

Cloverfield gets some major props for focusing on The People Who Ran. It’s a stroke of genius on the part of the writers, in that they actually managed to find a set of classic disaster movie characters who nobody ever wrote about before. I was really looking forward to seeing how they delivered.

They did almost everything right. They hid the right things, didn’t have any Big Explanatory Moments (these are also a staple of the genre, but not appropriate if you’re trying to focus on The People Who Ran). They nailed a lot of these things, even to the point where some people who like disaster movies were actually unhappy with Cloverfield because they were expecting Explanatory Moments. Here’s my problem: they chose an entirely uninteresting set characters to represent The People Who Ran.

I thought the actors all did a good job, that’s not the point. The entire driving focus of the movie is a romantic subplot that is more appropriate for a movie where the main characters are all in their mid-teenage years (every time Rob says, “I’m going to Japan!” my mental editor re-wrote it as “I’m going off to college!”) In fact, virtually the entire cast of characters seemed to be more of a collection of kids than younger adult professionals. I don’t know, maybe it’s because I’m in my thirties and I just don’t get the 20-something generation, but they seemed a rather vacuous collection of people… to the point where I really didn’t find myself emotionally invested what happened to them in the slightest. I’d get into more detail, but I don’t want to spoil anything for anyone who is going to go see the movie.

It’s still a decently fun watch, and if you didn’t find yourself supremely annoyed at the hand-cam perspective of The Blair Witch Project you’ll probably find this to be a justifiable expenditure of $10. It’s not a classic, though.

Posted January 29, 2008 by padraic2112 in movies, noise

Security Alerts Need To Suck Less   3 comments

As a systems administrator, I get a lot of security vulnerability alerts. Since I do Linux and Windows, I get sandblasted with them on a distressingly regular basis; security vulnerabilities usually come in blocks, and are often grouped in bunches by operating system, so if you’re lucky enough to just do Solaris (for example) you have a bad month or two during a year when all of the Solaris security guys publish all their stuff in chunks, but for the most part you can cheerfully ignore the IIS, IE, Apache, or Linux kernel updates that come your way.

You handle two major operating systems, you always have something to read about.

I’m going to write this post about a particular security vulnerability, recently published, for the Linux kernel, to illustrate how bad the handling of security vulnerabilities is done in our industry.

Here’s the vulnerability, according to CAIC. Here it is, according to CERT. Oh, wait… no, it’s not. CERT doesn’t have it in the list yet. Here it is on Secunia. Here it is on SecurityFocus. Here it is on NIST. And ISS, and FrSIRT, and blah, blah, blah.

CAIC’s summary:

The risk is MEDIUM. A loal attacker can exploit this issue to access arbitrary files on the affected computer. Successfully exploiting this issue may grant the attacker elevated privileges on affected computers.

ISS’s summary:

The Linux kernel could allow a local attacker to bypass security restrictions, caused by a vulnerability when opening a directory and checking the access modes and open flags. If write privileges for the directory are truncated, a local attacker could call the open() function using specific flags to bypass security restrictions and truncate arbitrary directories.

FrSIRT’s summary:

A vulnerability has been identified in Linux Kernel, which could be exploited by malicious users to bypass security restrictions. This issue is caused by an error in the “may_open()” [fs/namei.c] function that performs tests of access mode by using the “flag” variable instead of the “acc_mode” variable, which could be exploited by local attackers to bypass file permissions and gain unauthorized access to certain files.

Secunia’s summary:

Less critical Impact: Security Bypass, Manipulation of data

Security Focus says:

A local attacker can exploit this issue to access arbitrary files on the affected computer. Successfully exploiting this issue may grant the attacker elevated privileges on affected computers. Other attacks are also possible.

NIST weighs in:

VFS in the Linux kernel before, and 2.6.23.x before, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories. Impact Type: Provides administrator access, Allows complete confidentiality, integrity, and availability violation , Allows unauthorized disclosure of information , Allows disruption of service. CVSS Severity (version 2.0): CVSS v2 Base score: 7.2 (High)

Six different security databases, three different ratings. “High”, “Medium”, “Less Critical”.

Six different security databases, six different summaries of what an attacker can actually do by exploiting this vulnerability, some of which sound functionally equivalent to “OMG h4x0r pwndage imminent!”

Six different security databases, six links to the changelog. Well, at least they all did one thing exactly the same.

Of course, if you’re going to link to Bill Roman’s original bug report, maybe you might (as a security database) want to link to THIS version, which includes the actual code change to fix the problem. This contains, you know, actual information about the problem Bill found.

 fs/namei.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/namei.c b/fs/namei.c
index 3b993db..73e2e66 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1605,7 +1605,7 @@ int may_open(struct nameidata *nd, int acc_mode, int flag)
        if (S_ISLNK(inode->i_mode))
                return -ELOOP;

-       if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE))
+       if (S_ISDIR(inode->i_mode) && (acc_mode & MAY_WRITE))
                return -EISDIR;

@@ -1620,7 +1620,7 @@ int may_open(struct nameidata *nd, int acc_mode, int flag)
                        return -EACCES;

                flag &= ~O_TRUNC;
-       } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE))
+       } else if (IS_RDONLY(inode) && (acc_mode & MAY_WRITE))
                return -EROFS;

        error = vfs_permission(nd, acc_mode);

Now, I’m not a real C programmer, and I’m certainly not a kernel engineer. I know very little about namei.c (here’s the code for the whole thing). People who actually know code are testing this out. Here’s the previous version. The clip we’re interested in is this:

int may_open(struct nameidata *nd, int acc_mode, int flag)
	struct dentry *dentry = nd->dentry;
	struct inode *inode = dentry->d_inode;
	int error;

	if (!inode)
		return -ENOENT;

	if (S_ISLNK(inode->i_mode))
		return -ELOOP;

	if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE))
		return -EISDIR;

	error = vfs_permission(nd, acc_mode);
	if (error)
		return error;

	 * FIFO's, sockets and device files are special: they don't
	 * actually live on the filesystem itself, and as such you
	 * can write to them even if the filesystem is read-only.
	if (S_ISFIFO(inode->i_mode) || S_ISSOCK(inode->i_mode)) {
	    	flag &= ~O_TRUNC;
	} else if (S_ISBLK(inode->i_mode) || S_ISCHR(inode->i_mode)) {
		if (nd->mnt->mnt_flags & MNT_NODEV)
			return -EACCES;

		flag &= ~O_TRUNC;
	} else if (IS_RDONLY(inode) && (flag & FMODE_WRITE))
		return -EROFS;
	 * An append-only file must be opened in append mode for writing.
	if (IS_APPEND(inode)) {
		if  ((flag & FMODE_WRITE) && !(flag & O_APPEND))
			return -EPERM;
		if (flag & O_TRUNC)
			return -EPERM;

	/* O_NOATIME can only be set by the owner or superuser */
	if (flag & O_NOATIME)
		if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
			return -EPERM;

	 * Ensure there are no outstanding leases on the file.
	error = break_lease(inode, flag);
	if (error)
		return error;

	if (flag & O_TRUNC) {
		error = get_write_access(inode);
		if (error)
			return error;

		 * Refuse to truncate files with mandatory locks held on them.
		error = locks_verify_locked(inode);
		if (!error) {

			error = do_truncate(dentry, 0, ATTR_MTIME|ATTR_CTIME, NULL);
		if (error)
			return error;
	} else
		if (flag & FMODE_WRITE)

	return 0;

Looks like the old version errors out, or truncates things.

Now, admittedly, this is a bad thing. Anyone who is worried about data retention is going to be worried about this. But actually exploiting this would be *hard*, for one thing, and it doesn’t “provide administrative access” or “unauthorized data disclosure”. Telling someone that this gives an attacker “elevated privileges on affected computers” or “other attacks are possible” is technically true, but totally useless information from a risk analysis standpoint.

Who is to blame for this nightmare of conflicting information? Well, I’ll give props to Bill for finding the bug, but he didn’t do a good job of explaining what the actual possible effects of the problem were. That’s not really Bill’s fault; he’s talking on a kernel mailing list with a bunch of geeks that make me look like an idiot, and they know in their heads what the possible applications of this problem really are. The security vendors all cross-link each other in their own databases, so it’s obvious that there is some level of awareness that other security databases exist, but they don’t use the same terminology, they don’t use the same encoding for threat levels, and it’s painfully obvious that at least some of them HAVE NO IDEA WHAT THEY ARE TALKING ABOUT. Heck, I could be wrong in my estimation of what’s going on here, I don’t have the time to dig through the entire namei.c function and find out if my logic is correct. But the functional description of what the vulnerability *is* doesn’t match.

Will you people get your $!@&^* together, for crying out loud? Maybe you could have *one* database, and instead of paying to maintain your own individual ones, hire a couple of people to actually put meaningful information in your summaries?


Posted January 24, 2008 by padraic2112 in security, software, tech, web sites

New Labor-Saving Devices, the Uber-Nerd Edition   1 comment

I have no idea how much this costs. I have no idea how robust the back end is. I have a million questions about the product already. But, 3tera, you have my attention.

This interface is TOTALLY COOL.

From Larry’s blog:

These services allow one to develop applications without hardware or datacenter cost. They bill for resources used — CPU time, storage, bandwidth. That means there is essentially no cost while an application is being developed and debugged since there is no traffic. When the application goes live, the capacity, and hence cost, grow and shrink dynamically depending upon utilization.

It’s a good time to be a startup, that’s for certain. The barrier to creating a proof of concept application is plunging downwards at an amazing rate.


Posted January 23, 2008 by padraic2112 in management, tech, web sites

Immersive 3D   3 comments

Now, this guy is obviously a skilled hacker with too much time on his hands. But this little project illustrates how *close* we are to VR in your living room:

ed. note: I don’t know how Vinnie parses the internet and finds all of this stuff, but I’m glad that he does and forwards the interesting bits to me.

Posted January 23, 2008 by padraic2112 in hardware, tech

Large Numbers II – Fun with Calculators   Leave a comment

I wrote a post about large numbers a while back. Yesterday I came across the MegaPenny Project, which uses the common penny as an illustrative tool to provide a sense of scale for some big numbers.

These aren’t really, really big numbers, but 1 trillion (1,000,000,000,000) is still a bit bigger than most people can wrap their heads around. Here’s an image that shows you what a trillion really looks like:

1,000,000,016,640 pennies

That little teeny spec with the shadow in the bottom left corner? That’s a person, for perspective. The cube above would weigh 3,125,000 tons. That’s a little bit over $10 billion dollars in pennies. Another “fabulous fact”: as of this writing, 24 hour copper futures are running at $3.12/lb, which means that this might be $10 billion dollars in pennies, but it is also $19.5 billion dollars in raw copper. Well, it would be if pennies were still made of copper. Still, if you have a cube of pennies this size minted between 1944 and 1982, it would be worth a little over $18.5 billion. That’s not chump change.

Of course, if you collected 50 pennies a day (certainly possible), it would take you 54,794,521 years to build a cube this big (assuming a lifespan of 75 years, that’s 730,594 lifetimes). That’s a bit longer than the entire Permian era.

All of that seems pretty astonishing, no? One of the interesting things about big numbers is what happens when you collide them with other big numbers, however. If everyone in America (just over 301,000,000 according to the CIA factbook) collected 10 pennies a day, you could build a cube this big in 332 days, give or take. If everyone in America collected 50 pennies a day ($182.50 a year), in 365 days you’d have a whopping $54,932,500,000. That’s $54 billion.  Now you know why that “fraction of a penny” hack is so effective.

Hm. Of course, that means that a $150 billion dollar economic stimulus package for a year could be thought of as basically equivalent to giving every American roughly $1.38 a day, or … ah… a free cup of coffee (and not even a large coffee, at that).

Posted January 23, 2008 by padraic2112 in noise, web sites

Joel Spolsky’s Blog is More than just Software   1 comment

I read Joel On Software regularly, and I recommend it highly. Whether you’re a “software programming is an engineering discipline!” wonk or a “software programming is art!” evangelist, Joel has interesting things to say about writing software, deploying software, and occasionally stuff that software programmers never learn about in school, hardly ever think about at work, and really ought to think about more.

This post is an interesting analysis of the concept of SLA’s, uptime, and what it means to be a service provider. He makes some really good points.

One of the problems with the IT field in general is that people who like create metrics and targets have a tendency to write for Harvard Business Review. I’m not knocking HBR, per se, but it does have one problem; on the whole, Harvard Business Review is written and edited to appeal to people who read Harvard Business Review. This audience has a tendency to be comprised mostly of people who are executives at large corporations. Six nines uptime is a very difficult target, and not one that small to medium organizations are going to be aiming at very often.

From Continuity Central (linked in Joel’s post):

Table 1: Uptime and Maximum Downtime

Uptime Uptime Downtime per Year
Six nines 99.9999% 31.5 seconds
Five nines 99.999% 5 minutes 35 seconds
Four nines 99.99% 52 minutes 33 seconds
Three nines 99.9% 8 hours 46 minutes
Two nines 99.0% 87 hours 36 minutes
One nine 90.0% 36 days 12 hours

“Five or Six Nines” kinds of numbers, and the amount of money required to attain them, are important to Fortune 500 companies, national infrastructure, and the military. They’re not really feasible for small or medium organizations, and really ought not to be considered. For a company that does a million dollars of business a year, a day-long outage isn’t really that big of a deal. The ~ $2,700 that they’d lose isn’t a hell of a lot, in comparison to the money that they would spend moving from three nines to four nines. They’re probably not going to lose all that money anyway, since a million-dollar a year company probably isn’t going to lose the entire transaction. The customer will try to log into the web site, fail, and call their customer service rep, who they probably know and talk to regularly anyway. Compare this with a company that does hundreds of millions or billions of dollars of sales in a year, like Dell Computer. Here the customer tries to log into the web site, fails, and most likely isn’t going to attack Dell’s sales phone tree, instead they’ll move on to or They might not make the sale elsewhere, but when you’re talking big numbers, small percentages start making a major difference.

For small to medium organizations, the loss isn’t in the actual downtime, it’s in the perception of the customer. Joel’s solution here is aimed at squarely at solving that problem, and it’s a really nice idea.

Posted January 22, 2008 by padraic2112 in hardware, management, networking, software, tech, web sites

Why Rudy Giuliani Should Not Be The Next President, Part II   4 comments

Following up on my last post, picking up where I left off…

Border security is about more than just physical borders. In an era in which many enterprises are transnational and essentially stateless, physical borders are just one checkpoint in a broader series of systems that move people, products, money, data, and information around the planet—systems that function as the arteries for the global economy. We need to work with our international partners and the private sector to secure our nation, while also facilitating the efficient flow of legitimate travel and commerce into America and throughout the world.

Nothing terribly surprising here. Given the global economy, it stands to reason that we’ll have to engage other countries in order to have any chance at successfully monitoring international terrorism.

It’s also past time to rethink aviation security and to stop frisking toddlers and grandmothers trying to get onto planes.

This plays well with frustrated travelers, but it’s a somewhat dangerous idea, as it can lead to decreased levels of queue security. We already have a number of problems with having three sets of airport security: normal folks, people whose names match someone on the terrorist watch list, and people on the no-fly list. Yes, our security processes at airports are egregiously stupid (I could link about a thousand additional links, but just search Bruce’s blog if you’re interested or start here). Creating a fourth category of “people we assume to be not dangerous because of their age” might lead you to decide that they ought to pass through without the same basic security checks as everyone else. This assumes that someone won’t slip bombs into their bags (this has been done, by the way). If our basic level of security screening is messed up, the right way to fix this problem is to fix the basic level of security screening. Yes, interrogating five year olds and threatening their parents is the height of stupidity. On the other hand, failing to adequately scan toddlers and grandmothers just means that terrorists will try to smuggle bombs on planes by planting them on toddlers and grandmothers or other seemingly “less likely to be terrorist” carriers – in 1986, a pregnant Irish woman boarding an El-Al flight was found to have a bomb planted in her luggage by her boyfriend.

Instead, good intelligence, behavior analysis, biometrics, and trusted traveler programs can help speed legitimate travelers through airports. For example, I don’t think that the Transportation Security Administration needs to spend much time searching Senator Ted Kennedy before he boards a plane—which is what the TSA did in August 2004 because a person on a watch list had a similar name.

This is a collection of good ideas and bad ones jumbled together. Good intelligence I agree with. Behavior analysis is one of the best ways to spot potential security threats, but requires a very high level of training, which is a significant problem given the number of airports and the amount of security personnel who need to be properly trained (quite simply, it takes a long time to train someone properly in behavior analysis and they justifiably want to be paid much more than what we pay basic screeners now). Biometrics have no place in this discussion whatsoever; face recognition technology works great when you have an existing, finite database of faces “known to be good” that you’re checking against, but the false positive problem makes the converse problem impossible. There are about 700 million airline passengers in the US every year. Even if your suspect database was good enough to be 99.9% accurate, that would mean that you’d have about 700,000 false alarms a year. The Trusted Traveler program is just a horrible idea altogether for a number of reasons (again, too many references to link here), but just to toss out a couple of prominent ones: terrorists could apply for the Trusted Traveler program, and if rejected they know they’re on some sort of danger list which leaves them warned at no risk to themselves and ready to plan something else; terrorists could find people in the Trusted Traveler program and use them to smuggle bombs onto planes. Oh, and if I have to wait in a 1 hour security line to travel, Ted Kennedy can wait too. I’m no more or less of a threat than he is, letting him breeze through security while making me wait means my elected officials have a completely skewed view of how bad our airline security processes are.

The federal Terrorist Watch List, which still has incomplete and inaccurate information, needs a serious cleanup.

I’ll agree with this one wholeheartedly, but I want to hear specific plans as to what Mr. Giuliani has in mind. How do you plan on cleaning it up? How do you plan on letting people contest the fact that their names are on the list? Are you thinking about creating yet another list of people who have names that are on the Terrorist Watch List but can be treated like normal people if they have some special pass? What is your proposal?

Preparedness, the second core homeland security principle, is the key to getting America ready to withstand the terrorist strikes that may occur and the natural disasters that will occur.

Now we’re starting to get to the part where I imagine I’ll be agreeing with Mr. Giuliani more often (again, with the caveat that this should be Principle One, not two).

One reason New York City was able to withstand the 9/11 attack was that we were prepared to meet twenty-first-century security threats. As mayor of New York, in the spring of 1996, I established the Office of Emergency Management. We drilled and planned for various threats—anthrax, chemical weapons, hurricanes, and airplane crashes. And while we didn’t anticipate the specific scenario of 9/11, the constant practice, and the relentless follow-up from actual emergencies, certainly helped in its aftermath.

Whoops, spoke too soon. New York City didn’t “withstand” the 9/11 attack, it took the 9/11 attack directly on the chin. I’ll give all the credit in the world to New Yorkers for how quickly they got up off the mat and shook it off, but make no bones about it, the city was knocked flat. Mr. Giuliani deserves significant credit for relentless work in the immediate aftermath, I will give him full kudos for active and well thought out leadership in the days following the attack. I will also say that I admire the tenacity and commitment of the emergency workers who gave utterly of themselves even to the point of their lives and in some cases their ongoing heath. But I will not outright give Mr. Giuliani any credit for his Office of Emergency Management without knowing exactly how well the training provided by that office actually assisted the emergency responders above and beyond their normal training. His response after the attack? Exemplary. His forethought and planning prior to the attack? I would want to see much more information. If he’s willing to spend billions of dollars stockpiling anthrax vaccine as part of his current plans for national security, that’s a pretty serious red flag that his Office of Emergency Management may have spent quite a chunk of change irresponsibly (if anyone out there has a link to an audit of the O.E.M., I’d like to read it).

We need to ensure that similar offices of emergency management are a standard element in local disaster preparation, and make certain that all first responders are trained to use the Incident Command System (ICS), a standardized emergency protocol that reduces potential miscommunication during the initial phases of incident response. The immediate response to a disaster or an attack determines how many people live and how many die. Fire departments nationwide have been out front in using the ICS; the rest of the public-safety community can learn from their example.

Absolutely 100% agree with this. More information on ICS available at the OSHA web site and Wikipedia.

Our nation must also move forward in creating an effective emergency management communications network—a standard, expanded bandwidth for localities around the nation to share information and work in concert, even if a catastrophic disaster wipes out normal communications systems.

I agree with this as well. The opening of the 700MHz band and the reservation of a substantial chunk of it for public safety purposes is an excellent opportunity for a nationwide, standard wireless communication network dedicated to public safety and emergency response which can be developed and deployed without impacting existing emergency communication systems. This in and of itself is an incredibly complex task, however, and requires lots of really smart people to spend lots of time developing something that is appropriately scalable, flexible, and robust. Hey, this might be something that would produce much more effective results on a per-dollar basis than a big fence!

Effective preparedness requires the expansion of both international and domestic syndromic surveillance systems monitoring such things as hospital emergency-room admissions for upticks in specific symptoms, pharmacy sales of antibiotics and other drugs, and other tools of epidemiological surveillance. We need to make these systems a major national priority because they are critical to identifying and giving early warning of pandemics and stealth biochemical attacks that could kill thousands.

If this is the reasoning, this is a waste of money (this isn’t me talking, this is the American Medical Association). It would be a good tool for drug enforcement agents looking for prescription drug abusers, I suppose. I doubt you could build such a system that would clear the security and privacy conditions of HIPAA. Whether or not this is a good idea would depend entirely upon how much it cost, how much additional warning time we would have (how much more quickly we could identify the event as a pandemic or stealth biochemical attack), whether or not that warning time could be translated into effective action (i.e., if “officials know earlier” can’t translate into “public action can be taken earlier” and “public action will reduce the threat”, then we get no benefit), and what risks you have created by building such an information gathering tool.

And before medical disasters do strike, we should strengthen and better coordinate the federal National Disaster Medical System, so that we can more effectively deploy doctors and medical staff to disaster areas without getting them snarled in red tape. After Hurricane Katrina, some volunteer health professionals who came from other states were stopped because local authorities could not determine whether they had licenses to practice. Desperately needed medical volunteers found themselves turned away or thrown into hopeless bureaucratic mazes—ultimately prevented from helping those in need.

Cogent, well thought out disaster response plans are definitely a great idea. Creating another federal system in this particular case is probably not a step in the right direction. The Katrina example is bad; this shows more that local authorities were poor at risk assessment than anything else. Training local authorities how to respond in the event of an emergency would have eliminated this problem; they didn’t need a way to check health professional credentials, they needed the training to know that the existing procedure (verify credentials before allowing practice) was poorly adapted to emergency response. I can think of any number of methods of verifying (within reasonable risk) that someone is a competent medical professional (like, say, letting the doctors you have available interview them for 2 minutes or so) that don’t require building another federal system. Poor decisions by the authorities in the middle is best solved by training the authorities in the middle how to lead better.

We also need to expand teams of disaster-response specialists, such as the Urban Search and Rescue teams—groups made up of fire, law enforcement, medical, and other public-safety personnel, which conduct search, rescue, and medical operations during disasters and can deploy whenever and wherever disaster strikes.

I absolutely agree with this one. Of course, it’s expensive, so you have to be willing to come up with the money to pay for it somehow. Is this worth raising taxes? If it’s not, what are you going to cut to pay for it?

The failure to respond effectively in New Orleans during Hurricane Katrina and its aftermath demonstrated to all Americans that their government wasn’t prepared in every part of the country to respond to disaster.

Katrina and the aftermath have actually demonstrated exactly three things to me.

The first is that spending in this country is badly skewed due to the fact that politicians are elected for short terms, and disaster planning is a long term investment. It was known for quite some time that the levees were in bad shape, just like it is well known that bridges in this country are inadequately maintained, and the levees in California need to be repaired, and our highways are falling apart, and our health care system is closing emergency rooms at a prodigious rate. Again, if we want these incredibly important problems addressed, we have two options: raise taxes, or cut something else. It’s nice that you agree with me that it needs to be done, tell me how you plan to do it.

The second is that we are currently woefully bad, nationally, at long term recovery plans. Hurricane Katrina happened in August of 2005. It’s now 2008, and New Orleans is still in need of major work. We seem to have better luck here in California, where it took 66 days to rebuild the freeways after the Northridge earthquake.

The third (and actually most telling) is that Katrina and the aftermath were a failure of leadership, at every level. When a disaster such as this occurs, leaders are the ones who get things done in spite of red tape (here again, I’ll give Mr. Giuliani credit for his work in the aftermath of 9/11). Many, many of the problems that occurred in the aftermath of Katrina simply wouldn’t have had the impact that they did if the right people made the right phone calls. There is no excuse for this, period. Katrina represents a blistering indictment of everyone involved in a leadership position, from the President on down.

Fixing the Federal Emergency Management Agency and working to ensure that all levels of government are ready to respond to catastrophic disasters are not simply a matter of throwing more money at the problem or increasing the size of Washington bureaucracies. These goals require building on our federal system—continuing to rely on state and local communities to prepare for catastrophic disasters, while at the same time strengthening the federal government’s vital role in coordinating disaster-relief efforts and helping local communities to access the federal resources available to them.

I essentially agree with this except for the fact that the first line discounts the fact that “throwing more money at the problem” is actually desperately, desperately needed at this point, as I pointed out above. You can’t keep emergency rooms open without money. You can’t fix bridges and levees without money. You can’t train USR teams without money. We need more money in these systems, and we need it now. I want to know where the money is going to come from. Reworking the bureaucracies is a good idea, but good leadership from the top can bull through a bad bureaucracy. Retooling FEMA is important, but retooling FEMA without fixing our infrastructure is going to result in lots of people standing around during the next emergency saying, “Well, we know what to do this time, but we don’t have the resources to do it.”

This requires getting the Department of Homeland Security out of its Washington Beltway mind-set and strengthening its leadership capabilities throughout the country. FEMA is currently organized around ten regions. DHS should build on these underused regional structures, working with relevant state, local, and private-sector entities to identify potential vulnerabilities; highlight critical infrastructure in need of additional protection or upgrade; and, in general, coordinate the federal role in helping state and local governments respond. DHS regional directors should play a key role in determining where federal resources—including grant dollars—can best improve preparedness, and they can assess state and local capabilities and preparedness levels.

This isn’t a terribly bad paragraph, but I find myself annoyed by “out of its Washington Beltway mind-set and…”. The rest of the paragraph makes sense, but inclusion of this bit seems like pandering. That is, unless Mr. Giuliani is going to defend this characterization.

DHS regional directors should also be at the center of a broad program of training exercises and disaster planning for all military, federal, state, local, and private-sector leaders—the men and women who will be called upon when the stakes are high and time is short. When disaster strikes, regional directors, local government officials, and crucial private-sector actors should not be handing out business cards for the first time.

This is a great idea. Of course, getting all these people together and having them interact takes money. Keeping these relationships active means just throwing them together once isn’t enough; they need to meet with some sort of regularity. They need to share information. They need to communicate.

We should also better marshal the resources of the private sector—before disaster strikes, so that we’re not left flat-footed when companies such as Wal-Mart or UPS offer to help, as after Katrina. An enhanced regional preparedness network is vital to our ability to weather the inevitable shocks and catastrophes that will come our way.

I think it is a good idea to have an existing method for dealing with private-sector offers for help, certainly. We need to be careful with planning “before disaster strikes”, however. Knowing how to incorporate offers of help is great. Planning ahead of time that Wal-Mart will do something specific isn’t great; we don’t want to rely on something that Wal-Mart may be unable to provide in the future when something actually occurs.

We need, further, to bring a higher degree of predictability to the funding formulas for homeland security, ending anonymous earmarks and pork-barrel politics. We can’t afford to build a Bridge to Nowhere while real bridges collapse in Minnesota.

This means that the Department of Transportation needs to have standards, and a mandate to meet those standards, and funds provided to match that mandate. This means that funding for DoT, which needs to include long term planning, can’t be decided upon on a yearly basis. This means that DoT needs to be politically independent, where transportation projects are funded based upon agreed priorities, established by transportation experts instead of political animals. This also means that there needs to be a classification for critical infrastructure upgrades which cannot be cut out of DoT’s budget; you’re accepting here that you’re going to commit money, which means you’re either raising taxes or cutting something else.

A Compstat-like system can help us here, too. Federal officials need a new “Readystat” system to measure localities’ preparedness against risks and prioritize federal funding accordingly. Readystat would conduct annual assessments to determine the needs of each locality based on geography, population, and the unique threats that each community faces. These data would then be used as an objective guide to funding and grant decisions. Armed with the data, DHS regional directors would also work with state and local leaders to ensure preparedness. Readystat could have pointed out New Orleans’s pre-Katrina vulnerabilities and given us the chance to correct them.

Readystat would also help the regional directors work with state and local officials to fill capability gaps, such as persistent vulnerabilities in our infrastructure, much of which was built between the 1930s and the 1960s. As an expert from the Urban Land Institute recently pointed out, “We have an impending crisis with infrastructure, but it is easy to ignore until you have a catastrophe.”

America can’t afford to wait for a catastrophe. We need to address the impending crisis beforehand by strengthening the nation’s physical infrastructure. This cannot and should not be entirely a federal responsibility; in most areas, local officials who know their communities and are more accountable to citizens should take the lead.

As previously mentioned, it was well known that the New Orleans’s pre-Katrina vulnerabilities existed. We don’t need another “-stat” system to tell us this, we need the political will to fund these repairs instead of putting them off in the name of keeping some other program funded or preventing tax increases. [ed. note. – I’ll say “Lockbox” again]. Tell me that you’ll raise taxes before you’ll postpone these critical repairs, Mr. Giuliani. Tell me that you’re making your economic stimulus package include injecting money into the economy through construction projects. Tell me that you’ll cut education or social security or whatever it is that you want to cut to fund these projects. *This* would constitute an actual plan.

But in some circumstances, it makes sense for the federal government to play an important role—for instance, securing vulnerable infrastructure that could kill thousands if attacked by terrorists, such as nuclear power plants, chemical plants using dangerous compounds, or rail systems moving toxic materials. And the security of mass transit systems is the responsibility of both local authorities and the federal government.

There are about 15,000 chemical plants in the U.S. If it cost $500,000 to secure a chemical plant it would take $7,500,000,000 to secure them all (The actual cost would be much higher, given the size of a chemical plant, the types of equipment that would have to be installed, the background checks you’d have to perform on the employees, etc.) There are 140,490 miles of railway in the United States. If it cost $2.9 million per mile to build a fence, it’s not unreasonable to say it would cost at least that much to secure a mile of railway, that puts the price tag for “securing our rail system” at a bare bones minimum of $407,421,000,000 (that’s almost a half a trillion dollars, in case you’re miscounting the zeros). In the immortal words of Rod Tidwell, “Show me the money!”

This brings us to the third core principle: resilience. A resilient society depends on active, engaged citizens. The way for Washington to encourage resilience is not to throw more money at problems or to place new burdens on business. Government should harness the inherent strength of the American people and the private sector in order to build a society that may bend—but not break—if catastrophe does strike.

I agree that harnessing the power of the people is a good goal. Building community networks is a good idea. Enabling the citizens as contributing members of your disaster plans is great. Characterizing this as something that is more effective than dealing with the actual outstanding gigantic fiscal problem by implying that money isn’t desperately needed is garbage.

The American people are ready, willing, and able to take a more active role in our civil defense. As the White House’s own Lessons Learned report on the federal response to Hurricane Katrina notes, faith-based organizations and community groups successfully provided support to the victims of the hurricane “in spite of, not because of, the government.” Within 72 hours of Katrina’s hitting the Gulf Coast, for instance, a faith-based nonprofit organization—Helping Americans Needing Disaster Support (Hands)— formed to speed delivery of supplies to victims. Just a week after being created, Hands was sending 75 truckloads of supplies for every one FEMA truckload.

This should be regarded less as an endorsement of faith-based groups and more as a critique of the leadership of FEMA at the time. Los Angeles didn’t need this level of support from faith-based groups after Northridge. FEMA did a fine job in responding to the southern California wildfires last year. Yes, help from everywhere should be leveraged. Katrina, however, keeps being trucked out as an example of “Big Government being Incompetent”, instead of “Brownie was Incompetent”. Faith-based groups I’m certain would be glad to retain those resources to help needy people on a daily basis, instead of being relied upon as the safety net for when disasters occur.

We can help strengthen citizen resilience, though, particularly through Community Emergency Response Teams—organized groups of trained and equipped citizens that can perform lifesaving activities before public-safety first responders arrive and also support those first responders once they’re on the scene.

Agreed, this is a great idea.

And when people provide assistance in good faith after a disaster, we should shield them from lawsuits. After Katrina, concerns about liability protection prevented hundreds of churches from helping the evacuation effort. The Good Samaritan shouldn’t have to retain a lawyer.

I cannot possibly accept this as true without some sort of supporting evidence. Really? Hundreds of churches failed to help out only because they were worried about liability? The best support I can find for that claim is a church reporting that FEMA discouraged them from taking people in due to liability concerns, and they went ahead and opened the shelter anyway. Sounds like we don’t need a Good Samaritan law, we just needed FEMA to be less boneheaded (which has already been covered). This sounds to me like Mr. Giuliani is trying to whip up support from people by pointing at the Big Bad Bogeyman of trial lawyers. I wonder how the contributors to his political campaign feel about that.

Further, we must set clear standards, based on proven practices, so that local leaders can build resilience across the country, making clear to citizens, businesses, and charitable organizations what their roles will be when disaster strikes.

Since disaster response is going to be largely contextual (floods due to California levees failing will be vastly different from what happened in New Orleans), we need to be careful that clear standards are built with local context in mind.

America should always hope for the best, but we will be safest if we prepare for the worst. A free and open society will never be able to eliminate risk entirely. But we can reduce it and manage it.

And this I believe is the core of how a President should approach FEMA and the DHS, aiming to reduce and manage risk. But in order for this to be done, the consequences and costs of the countermeasures need to be part of the management process. Nothing in Mr. Giuliani’s essay leads me to believe that he is the right person for this task.

We confront real threats in the twenty-first century. Nonetheless, the American future is filled with promise—the global economy and rapid technological advances are delivering prosperity to more and more Americans every day.

The global economy is also taking away manufacturing capability and information technology expertise. It has created a ballooning trade deficit, and done significant damage to the dollar. I’m not a protectionist by any means, I believe that the U.S. needs to be proactive and manage its integration into the global economy appropriately. But this is hard work, made more difficult when people in other countries are willing to work longer hours for less pay to produce the goods that we consume with an appetite that is so voracious it is not sustainable. The global economy is a reality that needs to be addressed by thoughtful analysis, not by rosy statements that it’s just made everything better for everyone.

The opportunities for all young Americans are limited only by their dreams and determination. We remain free, open to the world, open to new legal immigrants, and optimistic about our future.

I’m optimistic about our future, but our freedoms are significantly curtailed due to the Patriot Act Mr. Giuliani supports and the widespread surveillance he champions. We certainly aren’t open to the world when our fingerprinting of anyone from a foreign country has led to leading researchers deciding not to collaborate with their U.S. brethren.

But we cannot be complacent. From the next president of the United States to the citizen of the smallest town, we must work to become a more resilient society. Together, we have seen that the strength of America is far greater than we thought. We need to cultivate that strength as we face the future—declaring our right to live in freedom from fear, and confident that our best days are ahead. America will remain the land of the free, because we are the home of the brave.

“Let us not look back in anger or forward in fear, but around in awareness.” – J. Thurber

Posted January 18, 2008 by padraic2112 in politics, security

Why Rudy Giuliani Should Not Be The Next President, Part I   5 comments

Mr. Giuliani recently wrote an essay for The City Journal that outlines his position on Homeland Security. Although I don’t entirely disagree with everything in the essay, for the most part I found myself shaking my head at what I believe to be extremely poor judgment. Since this is a pretty important topic, however, I felt that a thorough analysis of his writing was in order. I’ll go through the essay rather thoroughly, starting at the beginning.

In the first decade of the twenty-first century, the United States has confronted both the deadliest attack and one of the most destructive natural disasters in the nation’s history.

This is of course arguable based upon how you define both “attack” and “destructive”. Mr. Giuliani will spend the rest of the essay interweaving the ideas of disaster *response* and terrorist *prevention* as two intertwining, equally important duties of the Department of Homeland Security. While I agree with many of his statements regarding disaster response, I believe that terrorist activity is (at best) a marginal threat to the United States when compared to the fiscal and human cost of natural disasters, and focusing on disaster response is far and away a better return for our tax dollars.

I do not mean to disparage the victims of the three individual terrorist events of 9/11, but I don’t believe that this is an accurate characterization of the day. It is likely that more Americans were killed at the Battle of Antietam than on 9/11 (between 3,600 and 6,500, depending upon which estimate you choose). If you define “attack” as “battle”, then the Battle of Meuse-Argonne (26,277 killed, same source) is an order of magnitude more deadly than 9/11. Over 150,000 people were killed in the American assault on Okinawa, on both sides. The terrorist attack of 9/11 was certainly the single most horrific assault in the United States on civilians by a foreign entity, but we’ve been known to do a pretty good job of that ourselves.

Hurricane Katrina ranks at the top of the list for hurricanes in total damages ($81,000,000,000), far and away the most expensive single natural disaster due to the impact on energy production. Galveston was significantly more deadly (in fact, heat waves hold more of the tops spots as killers than hurricanes). Of the top 10 most expensive hurricanes, 6 have occurred since 2000, totaling $147,460,000,000 in hurricane-related damages alone. The direct economic impact of 9/11, far and away the most successful terrorist event in the domestic history of the United States, was $27,200,000,000. Admittedly, this is a very cursory analysis. Full examination of the sources would be required to determine how greatly the secondary and tertiary effects correlate, and the full economic impact of events of this scale is difficult to accurately measure. However, given that $10,000,000,000+ hurricanes are common (an average of 1 per year since 2,000) and we as yet lack the technology to prevent hurricanes, it seems reasonable to assume that mitigating hurricane damage alone (let alone wildfires, earthquakes, etc) will yield a better return in terms of lives and money saved than spending dollar one directly on terrorist prevention.

The term “homeland security” wasn’t part of the national debate during the 2000 election. Now, after September 11 and Hurricane Katrina, every American understands that homeland security is at the heart of a president’s responsibility.

The term “homeland security” was not part of the national debate prior to 9/11, this is definitely true. And I believe it is also true that every American *expects* that the sitting President will lead during times of crisis. However, I don’t believe that 9/11 or Katrina have caused this to be the case. Americans have always expected their President to lead in times of crisis.

There have been no fewer than 14 attempted domestic terrorist attacks and nine international plots against American citizens and interests since 9/11, according to reports in the public record. There have been plots to blow up the Brooklyn Bridge and airplanes crossing the Atlantic. Terrorists have conspired to murder American soldiers at Fort Dix and planned to ignite the fuel lines beneath John F. Kennedy International Airport.

While technically true, this statement constitutes very incomplete evidence. There is no evaluation here of the credibility of these plots, no estimate of the efficacy of the plans of the plotters, and nothing resembling a reasoned evaluation of the actual threat involved. There is a great amount of debate on whether or not most of these reported events constituted a serious threat to the country. Admittedly “we the people” only know what details have been released regarding these events, but if a Presidential candidate is going to ask the public to evaluate the credibility of his overall plan for the country, he needs to to a very thorough job of presenting his evidence, and this does not qualify.

 Not a single post-9/11 plot on U.S. soil has succeeded to date. That is no accident; it is a measure of our increased vigilance as a nation.

I hear this a lot.  The incredulous response is usually something along the lines of, “I have a Tiger Repellent.  You should use it.  See, I’ve been using it for 10 years and I’ve never been attacked by a tiger!”  The more measured response is, between 1993 and 2001, a period of 8 years, there were no successful terrorist attacks inside the borders of the U.S.  Between 2001 and 2007, there have been no successful terrorist attacks inside the borders of the U.S.  All this means is that our current “increased vigilance” can only *so far* be evaluated as “equally as effective as our pre-9/11 countermeasures”, by that standard.  The 9/11 commission report was rather critical of our intelligence systems prior to 9/11.  If our “horrible vigilance” between 1993 and 2001 resulted in exactly zero successful terrorist attacks, it seems like we can state with reasonable clarity that terrorist attacks are very hard to plan and carry off on the face of it, and are very unlikely regardless of our level of “vigilance”.

The fight against al-Qaida and other terrorist groups will be America’s central challenge for years to come.

This is, in fact, my central problem with Mr. Giuliani’s campaign. As I pointed out above, I truly do not believe that terrorism is in any way a significant threat to this country. Anyone who regards terrorism *as* the central challenge to the country is going to arrange the priorities of the federal government accordingly. Solid, responsible fiscal policy, a domestic agenda that supports opportunity, meaningful foreign policy, trade deficits, a science policy that is based upon scientific evaluation instead of public opinion or economic interests, coherent energy policy, the burden on the economy of the baby boomer mass retirement, all of these are issues that have a much greater impact on the country than terrorism.

We will achieve victory in what I call the Terrorists’ War on Us only by staying on offense: defeating terrorist organizations and hunting down their leaders, wherever they are; helping Afghanistan and Iraq establish stable and representative governments; aiding the spread of good governance throughout the Muslim world; and defeating militant Islam in the war of ideas.

Although I have a number of problems with this paragraph, on the whole this isn’t an unjustifiable position. Rather than argue the points of what constitutes “victory”, whether or not we actually need to have this victory in order to regard terrorist as little more than annoyance, and most importantly why it completely ignores terrorism from non-Islamic sources, I’ll just concede the point for now that this can stand on its own as a collection of decent ideas. Too bad he immediately follows with this:

Such international efforts are essential to winning this war, but not sufficient.

This requires a very real analysis of “sufficiency”. Mr. Giuliani, you just said in the previous paragraph that these efforts were the only way to win. Presumably, then, you are now talking about the costs of achieving victory, and marginalizing the effects of this war, yes?

We must also protect our people and economy, secure our borders, and prevent terrorist attacks here at home.

How do we protect our economy? What do you mean by “secure our borders”, and how does this mitigate the threat of domestic terrorism? What do you mean by “prevent terrorist attacks”? You say these are necessary, but there is no mention of what steps it is that you want to take, and what the consequences of those steps are. Without full disclosure, I cannot agree that we “must” do these things.

These responsibilities are the domestic dimension of the larger struggle, and they require a focus on more than terrorism. As Stephen Flynn points out in his book The Edge of Disaster, “Nearly 90 percent of Americans are currently living in locations that place them at moderate to high risks of earthquakes, volcanoes, wildfires, hurricanes, flooding, or high-wind damage.” Preparing for terrorist attacks and for natural disasters are complementary goals: when cities and states prepare for natural disaster, they also strengthen our response to potential terrorism.

This I agree with completely, except the emphasis is reversed. Preparing for natural disasters is complementary to preparing for terrorist attacks; the reverse is not necessarily the case. Training people in emergency response helps in both situations. Reducing response times for first responders helps in both situations. Teaching first responders that it is a good idea to blow up abandoned backpacks because they *might* be terrorist attacks does not help in disaster response.

The next administration’s approach to homeland security should be based on three core principles: prevention, preparedness, and resilience.

Again, I agree, but you need to reverse this.

Preventing terrorist attacks before they happen must be our primary goal. Of course, America must stay on offense internationally when it comes to WMDs, using determined diplomacy and economic measures to discourage states from trading in dangerous materials that threaten Americans. Nations that continue in the trade must face the seizure of shipments— or worse.

Given that Russia is supplying nuclear material to Iran, this hard-line stance might sound good to people overly frightened by the idea of an Islamic state having access to nuclear weapons, but I doubt that this is more than political theater. Or has Mr. Giuliani forgotten that there already exists an Islamic state (one with an active al Qaida presence, no less) with nuclear weapons? One that appears to be offering protection to a man who has actively engaged in spreading nuclear weapon technology?

Here at home and at ports overseas, we must deploy state-of-the-art radiation detection technology to shield against nuclear fissile material, dirty bombs, and other radiological weapons, and we must proceed with the development and stockpiling of vaccines as a defense against bioterror. We also need to be ready for other forms of attack, such as cyberterrorism—a weapon of mass disruption. Digital technologies drive our nation’s economy and control much of our critical infrastructure. America cannot afford to wait for a digital Pearl Harbor before we begin taking the cyberterrorism threat seriously.

Radiation detection technology is totally ineffective due to the false positive rate. This is a complete and utter boondoggle, the sort of expenditure that any rational security expert would consider completely ineffective, unjustified, and a colossal waste of money. Spending a billion dollars on stockpiling anthrax vaccine does nothing to defend the country from any of the other chemical or biological warfare agents that exist, and this is a biological terrorism attack that has already occurred, with a net loss of a grand total of 5 lives (this, from an unknown perpetrator who had access to weapons-grade anthrax). Certainly, cybersecurity is a major outstanding problem in the United States (I’m not going to even bother to try and link references for this one, there are just too many examples of bad security to list), but the theoretical risk of “cyberterrorism” pales in comparison to the risk of cybercrime.

But these steps, as important as they are, will not solve the now widely recognized problem of getting our federal intelligence and law enforcement officers to share information so that they can “connect the dots” to uncover terrorist attacks before they happen. Some people theorize, based on the 9/11 Commission report, that the attacks of September 11 might have been prevented if the CIA and FBI had overcome the institutional barriers between and within the agencies and shared information. To take just one well-known example, the CIA knew in early 2000 that one suspected al-Qaida terrorist had acquired a U.S. visa and that another had flown to California. But Langley didn’t tell the FBI or register the men with the State Department’s watch list. As a result, two future 9/11 hijackers slipped into the U.S. Whether communication would or would not have been enough to lead to actions to prevent the attacks, it certainly is prudent to make sure this gap is closed in the future.

Yes, communication between intelligence services and law enforcement agencies is an ongoing problem. The severity of this problem needs to be thoroughly evaluated.

Several kinds of barriers hampered us in the 1990s. Some reflected the cultural differences between prosecution-oriented law enforcement agencies and the intelligence community’s preference for information collection. Others were legally required, such as the restrictions on sharing information derived through grand juries and criminal wiretaps. Still others were self-imposed, such as the infamous “wall” erected by the Clinton justice department in 1995, which complicated collaboration between the FBI’s foreign counterintelligence agents and its criminal investigators.

What Mr. Giuliani neglects to assess, here, is the value of the barriers. For example, law enforcement agencies need to remain prosecution-oriented. Intelligence communities need to remain focused on gathering information. In order for these organizations to be effective, they must pursue their goals. What is needed is an independent entity that can balance the goals in context; someone who is “in the know” on both sides of the fence, and can say to the intelligence community, “The importance of capturing and prosecuting this person outweigh the informational value of keeping him under surveillance and out of custody,” or to the law enforcement agency, “Yes, we have enough to arrest this guy and prosecute him, but he is our only link to this flow of information that we need to keep open.” I don’t know how “infamous” the wall erected by the Clinton justice department really is; Bill Clinton was President from 1993 until 2001, and during the time of his Presidency there was precisely one foreign terrorist attack within the domestic borders of the United States, in the first World Trade Center bombing, prior to the creation of this infamous wall. Reading the 9/11 Commission Report, particularly section on the run up to the day of September 11th (pp. 254-266, for reference) shows that there was no dearth of intelligence, only a lack of action. In fact, it can be definitely said that one of the problems with our system of national intelligence is that it failed to separate good information from the bad; this is information overload, which is actually a problem that is *increased* when information is “de-stovepiped”.

Such “stovepiping” of information must not continue. We need to build on the Bush administration’s efforts, such as the USA Patriot Act, to break down the barriers among federal agencies and between foreign and domestic intelligence.

What needs to be broken down are not the barriers of information flow, but the barriers of cooperation.

The Patriot Act removed barriers to information sharing between the intelligence community and law enforcement, but there is still more to do.

The Patriot Act also accomplished a great number of other things.

We must guard against the danger that the newly created Office of the Director of National Intelligence will become just another layer of bureaucracy that impedes the information flow rather than facilitates it.

Agreed, but again this danger is less about information flow and more about impeding action.

And we need to pay close attention to unsettling lower-court decisions that raise the specter of the wall’s reemergence, and to the weakening of the Patriot Act by judicial fiat.

I’m not sure what Mr. Giuliani is arguing for here, unless it is an overthrow of our current three-branch system of government. If the Patriot Act does not pass Constitutional muster, weakening it by judicial fiat is simply the proper process of our system of checks and balances preventing one branch of government from over-reaching itself.

The Foreign Intelligence Surveillance Act, enacted in 1978 to exclude eavesdropping on foreign communications from judicial oversight, must be modernized and expanded to encompass not just phones, as the current law does, but also newer technologies, such as the fax machine and the Internet.

Actually, Mr. Giuliani, FISA was enacted to do the exact opposite; to allow eavesdropping on foreign communications under judicial oversight.

Antiquated laws—enacted when such technologies weren’t part of everyday life—cannot be allowed to hamstring our federal law enforcement and foreign intelligence services.

Antiquated laws can’t be allowed to hamstring our federal law enforcement or foreign intelligence services? Like, say, Miranda vs. Arizona? The First, Second, Fourth, Fifth, Sixth, Seventh, and Eighth Amendments to the Constitution?

Some members of Congress want to throw as many legal obstacles as possible in front of FBI agents and intelligence officers as they try to intercept communications between known al-Qaida leaders and U.S.-based operatives who will carry out attacks. This is the last thing we should do.

I highly doubt that a single member of Congress, regardless of political party, is interested in preventing communications between known al-Qaida leaders and U.S.-based operatives. I do know that some members of Congress are interested in preventing the FBI and intelligence officers from intercepting all domestic communications on the offhand chance that some communications might be between al-Qaida leaders and U.S.-based operatives.

Getting and keeping federal agencies communicating with one another isn’t enough. An effective homeland security plan also has to establish links to, and make use of, the valuable information collected by the country’s 800,000 state and local law enforcement officers. We should view these officers as counterterrorism resources—“first preventers,” as the Manhattan Institute’s R. P. Eddy calls them.

Certainly, this makes some sense. However, again, remember the problem of information overload -> just establishing information channels and throwing data through them does not provide a net result of a more effective intelligence service.

Even beyond uniformed services, people such as DMV clerks, and even everyday citizens, may notice clues that would help law enforcement identify would-be terrorists. It was a clerk at Circuit City, after all, who provided the key tip that enabled federal authorities to stop the Fort Dix plot.

There are pretty major problems with asking people who are not fully trained in counter-terrorism to report “suspicious activity”.

(We should also reform liability laws so that individuals who act in good faith, such as those who report suspicious behavior on airplanes, will not get sued for trying to help their fellow citizens. Fortunately, a law authored by Representative Peter King was recently passed to protect Americans who do just that.)

I like Good Samaritan Laws, which protect doctors and EMTs and firefighters from being sued for trying to help. I’m not so keen on laws that tell every paranoid idiot that there are no repercussions to calling the police because you live in fear of a statistically insignificant event.

To gather and analyze such useful information, first preventers can be assisted by the widespread implementation of a “Terrorstat” program, an idea proposed by former NYPD commissioner William Bratton and criminologist George Kelling. Terrorstat would build on the proven principles of Compstat, the computerized crimemapping system developed by the New York Police Department in the 1990s and now used by police departments nationwide. By bringing all crime and arrest data together by category and by neighborhood, Compstat revolutionized policing, enabling officers to focus their efforts in problem areas, armed with up-to-the-minute, accurate intelligence, rapid deployment of resources, individual accountability, and relentless follow-up. Terrorstat would do the same for counterterrorism.

Terrorstat would not only capture information about terrorism-related arrests and distribute it to law enforcement officials; it would also fuse that information with data on arrests for crimes that on the surface seem unrelated to terrorism but may prove to be precursors to an attack. The investigation of the ordinary can help prevent the extraordinary.

I admit I don’t know enough of the details of “Compstat” to really critique this, but this seems like building a second system with reduced functionality. I can’t see what would be included in “Terrorstat” that wouldn’t already exist in “Compstat”, I’d love to hear what sort of activity would fall under the umbrella of “terrorism-related arrests” and “crimes that seem unrelated to terrorism” that wouldn’t already fall under the category, “all crime and arrest data by category”. Any ideas, anyone?

Terrorists prepare for their activities with preattack surveillance and finance them with ordinary criminal actions. Consider a 2005 plot in which a jihadist cell aimed to unleash a wave of violence in Southern California. One of the conspirators made the mistake of dropping his cell phone during what appeared to be a straightforward gas-station robbery in Torrance, California. Local police drew information from the phone that set off an FBI-led investigation that eventually unraveled the plot. Or consider the case of Dhiren Barot, a now-imprisoned al-Qaida operative who developed detailed pre-attack surveillance reports before 9/11 on major financial buildings in Washington, D.C., New York, and New Jersey. None of the security guards at any of the facilities that he cased, including the World Bank, the New York Stock Exchange, and the Prudential building in Newark, detected him. He was captured only after the CIA raided a terrorist safe house in Pakistan in 2004 and found Barot’s casing reports on a computer.

I’m considering them. They seem to be unrelated examples. In one, basic criminal activity led to a terrorist; in the other, activity that would be difficult to classify as criminal led to a terrorist going by undetected.

The Department of Homeland Security, in coordination with state homeland security offices, should train public and private security personnel around the nation to recognize and report terrorist pre-attack activity. Terrorstat would provide a simple, structured, and consistent way for security personnel to report information to a larger intelligence network, including the National Counterterrorism Center—leading to investigations that can disrupt terrorist plots before they result in deadly attacks.

Ah, now I see. So the difference between Terrorstat and Compstat is that Terrorstat is a system that public and private security personnel can use, and can enter data into. So, now instead of having a government created and maintained No-Fly list or Terrorist Watch list, we’ll have a system that everyone who qualifies as “security personnel” can manipulate. Given the incredible failure of the Terrorist Watch list due to inaccurate data (spoiler, Mr. Giuliani brings this up later, so I won’t find a reference to support that here), creating a new system that accepts a huge amount of input from largely untrained personnel seems like a horrendously bad idea. Mouth off to a security guard? Better not run a red light with a gas can in the back of your truck, you might be tagged as a potential firebomber.

Homeland security and border security are inseparable in the twenty-first century. The story of Ra’ed al-Banna is a chilling reminder of why. On June 14, 2003, al-Banna was denied entry into the U.S. at Chicago’s O’Hare International Airport by Customs and Border Protection inspectors, who questioned him after their Automated Targeting System identified him as warranting further scrutiny. On February 28, 2005, al-Banna blew up himself and at least 125 others outside a health clinic in Hilla, Iraq. It was one of the deadliest suicide bombings committed by al-Qaida in Iraq. We’ll never know if al-Banna was coming to the U.S. to inflict similar harm, but strong border security prevented him from having the opportunity.

This is actually a perfect example of a security *failure*, not a security success, and there are at least 125 people who would attest to that fact if they weren’t already dead. If our security apparatus is good enough to tag someone as “warranting further scrutiny”, but not good enough to provide evidence that leads to their arrest and detainment, the subject is free to walk away and plan a new attack. al-Banna could just as easily flown to Ontario, where he would not be subject to ATS screening, and driven across the Canadian border and blown himself up in Chicago. This illustrates not that “more border security” == “better homeland security”, it instead illustrates that keeping terrorists out of the country is more a matter of luck than border security. More on that later.

Still, a recent National Intelligence Estimate concluded that al-Qaida is intensifying its efforts to place operatives within the United States. Security must improve at official ports of entry like O’Hare, as well as along our porous land borders.

This is another example of Mr. Giuliani considering something as necessary without discussing costs and benefits. If we improve security at official ports of entry and along our land borders, it may indeed make it more difficult for al-Qaida to get operatives inside the country. However, perfect border security is an impossibility. Therefore, we must regard “securing our border” as a matter of how much it costs for each measure we deploy to help our border security, and how much additional border securiy we get with each of these measures. Does “building a fence” increase border security? Certainly, but how much? If the average cost per mile is $2.9 million dollars, and the total linear length of the border is 7,521.25 miles, this costs $21,811,625,000. How big of a barrier is it? Is that $21 billion dollars really going to help keep that many people out of the country? I highly doubt it.

Ending illegal immigration and identifying every noncitizen in the nation are crucial to preventing terror.

Non sequitur. Ending illegal immigration would not have stopped Ted Kaczynski, or Timothy McVeigh, both of whom were US citizens. Ergo, terrorism will exist with or without illegal immigration. Identifying non-citizens provides zero benefit to security unless we already have them correlated to terrorist activity.

We need a tamperproof biometric ID card for all noncitizens and a single national database of noncitizens in our country that would include information about when they are required to leave. And if noncitizens commit crimes, they should be deported after serving their time.

Regardless of whether or not we need them, tamper proof biometric ID cards do not and never will exist. No one in the security world even uses the term “tamper proof” (“tamper resistant” and “tamper evident” being the terms used by knowledgeable security wonks). Moreover, they provide no benefit whatsoever when the process of handing them out can be suborned.

To bring real order to the border, we should establish a “Borderstat” program, also based on Compstat principles.

I’ll digress temporarily from thoughtful commentary at this point and say, “Lockbox”.

Borderstat would use technology to monitor illegal border crossings and compare them with captures. It would enable us to hold field commanders—including border patrol sector chiefs and Immigration and Customs Enforcement special agents in charge—accountable for what goes on in their areas.

Oh, the metrics, how we love them. It’s nice to have a method to hold field commanders accountable. Knowing the scale of the task of guarding our land borders (8,893 kilometers on the Canadian border and 3,141 kilometers on the Mexican border), however, I’ll go out on a limb and say that the primary output from Borderstat would be to tell us that we simply don’t have the resources to secure this much linear distance.

The successful completion of the Secure Border Initiative (SBI), ongoing since 2006—which promises to help us gain control of the borders through the construction of both physical and virtual technological fences—will be an essential step in this effort. Through the installation of sophisticated monitoring technology, we will finally be able to determine with certainty where the holes in our border defenses are and target the resources to fill them.

Sounds like SBI promises much. According to the nonpartisan GAO and other sources, the delivery leaves a little to be desired.

Even before the completion of SBI, however, we can use Borderstat to monitor incidents better along the border—shootings, petty crimes, and garbage dumping—that indicate illegal crossings and deploy border law enforcement resources to where they can have the most impact. Borderstat will apply a version of the Broken Windows policing theory to our borders.

Whether or not illegal immigration specifically leads to a higher crime rate is a matter of debate. I’m uncertain how shootings, petty crimes, and garbage dumping correlates with illegal crossings statistically and would love to see Mr. Giuliani’s sources here.

Though we must make America more secure, we must also show our friends around the world that America is a country open for business, not a closed-door fortress. The best and the brightest should come to America—to study here, to work here, and in some cases to become American citizens.

One of the rare instances in this piece that I find myself in accordance with Mr. Giuliani’s views, and wish he focused more on this than the bogeyman of terrorists.

It is only through this process that we will deepen the connections between America and the Islamic world that will prove essential in prevailing over radical Islamic extremism.

I disagree. It is not enough for us to encourage the best and brightest of the Muslim word to leave their countries and come and study and work here. This merely means that the best and brightest and most cosmopolitan Muslims will be leaving the ones with least opportunity and most resentment to the West back home, and coming here. Culture exchange is a two-way street.

I’m about halfway through this analysis, and I’ll have to break this down into manageable parts. Part II coming…

Posted January 17, 2008 by padraic2112 in news, politics, security