Home page logo
/

interesting-people logo Interesting People mailing list archives

Re: pro regulation viewpoint on cyber vulnerabiltiy
From: David Farber <dave () farber net>
Date: Tue, 31 Mar 2009 14:56:27 -0400



Begin forwarded message:

From: Dave Wilson <dave () wilson net>
Date: March 31, 2009 11:11:39 AM EDT
To: dave () farber net
Cc: ip <ip () v2 listbox com>
Subject: Re: [IP] Re: pro regulation viewpoint on cyber vulnerabiltiy

Speaking solely for myself: Forgive me, but engaging in debates about
whether market failures can exist without government distorting the
market are a little like having an argument about Creation Science: It
flies in the face of accepted theory, it ignores demonstrable fact,
and since it's a faith based argument, nobody's mind will get changed.

Here's an example of market failure that doesn't have anything to do
with government intervention in a market: Microsoft's Windows
operating system dominates the market for workstations. Other
operating systems are known to have identical capabilities, but are
far more secure (and in fact are less expensive), yet Windows
continues to dominate the market. Why? Because the company has market
control (as was established during a decade of excruciating antitrust
investigation); free market theory says Microsoft would either fix
Windows, or consumers would stop using it and immediately leave for
other, safer systems. The fact that this has not happened, despite the
widespread acknowledgment of the data I've stated above, is a classic
market failure.

-dave

On Tue, Mar 31, 2009 at 6:13 AM, David Farber <dave () farber net> wrote:


Begin forwarded message:

From: Vadim Antonov <avg () kotovnik com>
Date: March 31, 2009 5:39:53 AM EDT
To: Michael Kende <Michael.Kende () analysysmason com>
Cc: dave () farber net
Subject: RE: [IP] Re: pro regulation viewpoint on cyber vulnerabiltiy


David - for IP, if you wish.

I guess I should've stated it more clearly - there is no market failure in the real life, but it is being used to justify intervention into market (as the author of the original article does). The use of a hypothetical calamity to justify application of quite real coercion to other people is
quite dishonest.

Of course, any econ textbook mentions market failure, but it does not make it any more real. (As a side note - prices do not send the proper signals
about markets only when markets are manipulated - with price controls,
artificially low interest rates, bailouts, etc, etc.  The inability to
generate prices without unrestricted voluntary exchange is at the core
of Mises' proof of impossibility of pure socialist economy.)

real-life examples (pollution).

Would you provide any _specific_ real-life example, rather than a vague
reference?

Pollution is, actually, a form of trespass. Poisoning people is a crime, and so is dumping garbage on somebody else's property. It was recognized as serious crime (and dealt with accordingly) long before environmental
regulations.

In fact, the early history of environmental regulation in US in 1860s is quite instructive: the biggest proponents were steel mills in Chicago - who then used the legality of staying within the set limits as a shield
against the private litigation which threatened to shut down the mills
completely for gross pollution and demonstrable harm to persons and
property. See Catlin v. Valentine (1842) for a landmark example of such
private anti-pollution litigation. The courts routinely took the
anti-polluter stance back then.

Then came regulation, in effect permitting specific amounts of pollution
without much regard to damage it was doing to private citizens.  And,
needless to say, US government essentially exempted itself from the limits
- and went on to become the biggest polluter on the planet.

It would be seriously stretching truth to call industrial and agricultural
pollution "market failure" when the worst of it came because of
dereliction of duty (or outright corruption) of the government at
different levels and as byproduct of government projects.

--vadim

On Mon, 30 Mar 2009, Michael Kende wrote:

This makes absolutely no sense - the first statement is that there is no
single case of market failure which couldn't be traced back to
non-market intervention by a government, which is then followed by a
statement in the third paragraph that using market failure as a
justification for any policy is, at best, intellectually dishonest.

In other words, it is a government failure if government does not
intervene to prevent a market failure from arising, but if that market
failure does arise anyway, it is intellectually dishonest for the
government then to address it?

In economic, every micro textbook has a definition of market failure
(e.g. prices do not send proper signals about markets) and real-life
examples (pollution).

Michael

-----Original Message-----
From: David Farber [mailto:dave () farber net]
Sent: Monday, March 30, 2009 4:51 PM
To: ip
Subject: [IP] Re: pro regulation viewpoint on cyber vulnerabiltiy



Begin forwarded message:

From: Vadim Antonov <avg () kotovnik com>
Date: March 30, 2009 3:27:27 PM EDT
To: David Farber <dave () farber net>
Cc: ip <ip () v2 listbox com>
Subject: Re: [IP] pro regulation viewpoint on cyber vulnerabiltiy


David - for IP, if you wish.

On Mon, 30 Mar 2009, David Farber wrote:

A paper that speaks to market failure is at:
http://www.csis.org/component/option,com_csis_pubs/task,view/id,5370/t
ype,1/

The sad truth is that there is no single documented case of "market
failure" which couldn't be easily traced back to previous non-market
intervention (by government or crime) - and these should be properly
called "government failures", i.e. governments either doing what they
shouldn't do (granting monopolies to politically connected parties,
engaging in social engineering, etc), or failing in their duty to
protect citizens.

Just ask an economist to offer not a plausible theoretical scenario in which a market failure could occur - but a clear-cut real-life case of
market failure, and then watch him squirming uncomfortably.

Market failure is one of those elusive concepts which everybody seems to
believe in, but which start to shift meaning, twist, and finally
evaporate if a closer scrunity is applied. Using it as a justification
for any policy is, at best, intellectually dishonest.

When applied to "cybersecurity", the very first assertion that "market
has failed to secure cyberspace" is a plain lie.  Any real security
expect knows that there's no such thing as absolute and perfect
security.
Better security comes with price - and this price increases
exponentially if stronger (and rarer) treats are considered.

Thus, securing any real installation requires finding a proper balance between security and cost - and in many cases that balance is on a side
which any security-conscious person would find quite insecure (just
think how long your front door would hold if someone wants to break in,
or how your windows are totally penetrable with an aid of a brick).
However, laminated cardboard doors and easily breakable glass windows
are sufficient to deter majority of opportunistic criminals - and
defending against determined thieves would be way too costly given that
the chances that one would pay a visit are rather small.

"Cybersecurity" is no different. Even with broken-by-design security
model of Windows/Explorer use of a cheap consumer security product
(Norton,
etc)
would be quite sufficient to achieve good-enough security. Nearly all
people who suffered from attacks by hackers simply didn't consider
security of their computers to be important enough to devote 15-20
minutes and few dozen dollars needed to find a product, buy, and install
it.

Well, there are people who don't bother to lock their doors and leave
keys in the ignition locks of their cars - but for some reason there's no experts calling for federal programs to fix these "market falures". I think that is because, without the smoke screen of fancy jargon, any
reasonable person would see inanity of any such proposal.

--vadim





-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com


-----------------------------------------------------------------------------------------------------------------------------------------
This email message has been delivered safely and archived online by
Mimecast.
A true SaaS solution, Mimecast provides the security, continuity and
archiving for millions of emails, across thousands of customers every day.
For more information please visit http://www.mimecast.co.uk

-----------------------------------------------------------------------------------------------------------------------------------------





-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com






-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault