Counterattack

[Dave Farber <dave () farber net>]

------ Forwarded Message
From: Bruce Schneier <schneier () counterpane com>

                 Counterattack



This must be an idea whose time has come, because I'm seeing it talked
about everywhere.  The entertainment industry floated a bill that would
give it the ability to break into other people's computers if they are
suspected of copyright violation.  Several articles have been written
on the notion of automated law enforcement, where both governments and
private companies use computers to automatically find and target
suspected criminals.  And finally, Tim Mullen and other security
researchers start talking about "strike back," where the victim of a
computer assault automatically attacks back at the perpetrator.

The common theme here is vigilantism: citizens and companies taking the
law into their own hands and going after their assailants.  Viscerally,
it's an appealing idea.  But it's a horrible one, and one that society
after society has eschewed.

Our society does not give us the right of revenge, and wouldn't work
very well if it did.  Our laws give us the right to justice, in either
the criminal or civil context.  Justice is all we can expect if we want
to enjoy our constitutional freedoms, personal safety, and an orderly
society.

Anyone accused of a crime deserves a fair trial.  He deserves the right
to defend himself, the right to face his accused, the right to an
attorney, and the right to be held innocent until proven guilty.

Vigilantism flies in the face of these rights.  It punishes people
before they have been found guilty.  Angry mobs lynching someone
suspected of murder is wrong, even if that person is actually
guilty.  The MPAA disabling someone's computer because he's suspected
of copying a movie is wrong, even if the movie was copied.  Revenge is
a basic human emotion, but revenge only becomes justice if carried out
by the State.

And the State has more motivation to be fair.  The RIAA sent a
cease-and-desist letter to an ISP asking them to remove certain files
that were the copyrighted works of George Harrison.  One of the files:
"Portrait of mrs. harrison Williams 1943.jpg."  The RIAA simply Googled
for the string "harrison" and went after everyone who turned
up.  Vigilantism is wrong because the vigilante could be wrong.  The
goal of a State legal system is justice; the goal of the RIAA was
expediency.

Systems of strike back are much the same.  The idea is that if a
computer is attacking you -- sending you viruses, acting as a DDoS
zombie, etc. -- you might be able to forcibly shut that computer down
or remotely install a patch.  Again, a nice idea in theory but one
that's legally and morally wrong.

Imagine you're a homeowner, and your neighbor has some kind of device
on the outside of his house that makes noise.  A lot of noise.  All day
and all night.  Enough noise that any reasonable person would claim it
to be a public nuisance.  Even so, it is not legal for you to take
matters into your own hand and stop the noise.

Destroying property is not a recognized remedy for stopping a nuisance,
even if it is causing you real harm.  Your remedies are to: 1) call the
police and ask them to turn it off, break it, or insist that the
neighbor turn it off; or 2) sue the neighbor and ask the court to
enjoin him from using that device unless it is repaired properly, and
to award you damages for your aggravation.  Vigilante justice is simply
not an option, no matter how right you believe your cause to be.

This is law, not technology, so there are all sorts of shades of gray
to this issue.  The interests at stake in the original attack, the
nature of the property, liberty or personal safety taken away by the
counterattack, the risk of being wrong, and the availability and
effectiveness of other measures are all factors that go into the
assessment of whether something is morally or legally right.  The RIAA
bill is at one extreme because copyright is a limited property
interest, and there is a great risk of wrongful deprivation of use of
the computer, and of the user's privacy and security.  A strikeback
that disables a dangerous Internet worm is less extreme.  Clearly this
is something that the courts will have to sort out.

Way back in 1789, the Declaration of the Rights of Man and of the
Citizen said that: "No person shall be accused, arrested, or imprisoned
except in the cases and according to the forms prescribed by law.  Any
one soliciting, transmitting, executing, or causing to be executed any
arbitrary order shall be punished."  And also: "As all persons are held
innocent until they shall have been declared guilty, if arrest shall be
deemed indispensable, all harshness not essential to the securing of
the prisoner s person shall be severely repressed by law."

Neither the interests of sysadmins on the Internet, nor the interests
of companies like Disney, should be allowed to trump these rights.


Automated law enforcement:
<http://www.foxnews.com/story/0,2933,64688,00.html>

Mullen's essay:
<http://www.hammerofgod.com/strikeback.txt>

Berman legislation:
<http://www.counterpane.com/crypto-gram-0208.html#5>


   Comments on the Department of Homeland Security



The promise of the newly formed Department of Homeland Security is to
improve our nation's security from terrorism.  Unfortunately, the
results are far more likely to be the opposite.  Centralizing security
responsibilities has the downside of making our security more brittle,
by instituting a commonality of approach and a uniformity of
thinking.  Unless the new department distributes security
responsibility even as it centralizes coordination, it won't improve
our nation's security. Security has two universal truisms relevant to
this discussion.  One, security decisions need to be made as close to
the problem as possible.  This has many implications:  protecting
potential terrorist targets should be done by people who understand the
targets; bombing decisions should be made by the generals on the ground
in the war zone, not by Washington; and investigations should be
approved by the FBI office that's closest to the investigation.  This
mode of operation has more opportunitie
  s for abuse, so competent oversight is vital.  But it is also more
robust, and is the best way to make security work.

Two, security analysis needs to happen as far away from the sources as
possible.  Intelligence involves finding relevant information amongst
enormous reams of irrelevant data, and then organizing all those
disparate pieces of information into coherent predictions about what
will happen next.  It requires smart people who can see connections,
and who have access to information from many disparate government
agencies.  It can't be the sole purview of anyone, not the FBI, CIA,
NSA, or the new Department of Homeland Security.  The whole picture is
larger than any single agency, and each only has access to a small
slice of it.

The implication of these two truisms is that security will work better
if it is centrally coordinated but implemented in a distributed
manner.  We're more secure if every government agency implements its
own security, within the context of its department, with different
strengths and weaknesses.  Our security is stronger if multiple
departments overlap each other.  To this end, it is a good thing that
the institutions best funded and equipped to defend our nation against
terrorism aren't part of this new department: the FBI, the CIA, and the
military's intelligence organizations.

But all these organizations have to communicate with each other, and
that's the primary value of a Department of Homeland Security.  One
organization needs to be a single point for coordination and analysis
of terrorist threats and responses.  One organization needs to see the
big picture, and make decisions and set policies based on it.

The human body defends itself through overlapping security systems.  It
has a complex immune system specifically to fight disease, but disease
fighting is also distributed throughout every organ and every
cell.  The body has all sorts of security systems, ranging from your
skin to keep harmful things out of your body, to your liver filtering
harmful things from your bloodstream, to the defenses in your digestive
system.  These systems all do their own thing in their own way.  They
overlap each other, and to a certain extent one can compensate when
another fails.  It might seem redundant and inefficient, but it's more
robust, reliable, and secure.  You're alive and reading this because of it.

The biological metaphor is very apt.  Terrorism is hard to defend
against because it subverts our institutions and turns our own freedoms
and capabilities against us.  It invades our society, festers and
grows, and then attacks.  It's hard to fight, in the same way that
cancer is hard to fight.  If we are to best defend ourselves against
terrorism, security needs to be pervasive.  It can't be in just one
department; it has to be everywhere.  Every federal department needs to
do its part to secure our nation.  Fighting terrorism requires defense
in depth.  This means overlapping responsibilities to reduce single
points of failures, both for the actual defensive measures and for the
intelligence functions.

Our nation would be less secure if the new Department of Homeland
Security took over all security responsibility from the other
departments.  The last thing we want is for the Department of Energy,
the Department of Commerce, and the Department of State to say:
"Security; that's the responsibility of the Department of Homeland
Security."  Security is the responsibility of everyone in
government.  We won't defeat terrorism by finding a single thing that
works all the time.  We'll defeat terrorism when every little thing
works in its own way, and together provides an immune system for our
society.  The new Department of Homeland Security needs to coordinate
but not subsume.

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To unsubscribe or update your address, click
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/