crime and freedom – Page 7

Security Speedbumps

Software, more than most other things that are designed, tends to be designed by trial and error. That’s because it’s so easy to build a a design to test it. Other engineers have to actually construct a prototype to test, so their time is better spent working out in advance whether the design is good enough.

This principle is responsible for the relative shoddyness of software.

It has been observed that this approach doesn’t work for security purposes, as there you’re not concerned to how your design responds to specific, or even random stimuli, but in whether some stimiuli can be constructed that will cause a misbehaviour. This is the concept of Programming Satan’s Computer, coined by Ross Anderson.

But software isn’t the only thing designed by trial and error. Any system that can evolve over time will basically be constrained by the requirement that it must appear to work. That constraint will keep most errors out, but not security flaws, just as conventional software testing keeps out most errors, but not security flaws.

There’s an unrelated concept in security of the “speedbump”. A speedbump is something that discourages people from doing something the designer doesn’t want them to do, by forcing them to undertake some procedure which shows unambiguously that they are doing what they’re not supposed to – like breaking an easily-breakable lock, or something. It doesn’t actually stop them from being able to do it, but it stops them pretending – even to themselves – that they’re not really doing anything they’re not supposed to.

Putting these two concepts together, a real-world security process that is preventing something virtually nobody really wants to do, and is evolving over time, will tend to end up as a speedbump. If it becomes less than a speedbump, it will no longer appear to work, so that won’t happen. But because the speedbump deters casual attackers, and virtually all attackers are casual, it will appear to work.

The one kind of person who shows up this kind of security speedbump is the person who, usually under the influence of alcohol, is too oblivious to be deterred by the speedbump. Back in the 1991 Gulf War, a man I knew slightly walked into the Ministry of Defence in London, wandered round some corridors, went into a random office and asked in alcohol-slurred cockney “What is this Gulf War all about then?”. Similar, via Schneier, this story of a drunk man climbing over the perimiter fence and boarding a plane at Raleigh-Durham International Airport.

The fence is supposed to stop people from being able to board aircraft without passing through the proper security channels. It appeared to work, but only because nobody wanted to do it badly enough to actually climb the fence. The fence is a speedbump: entirely effective, except against terrorists and eccentric drunks.

This speedbump phenomenon is not the same as “Security Theatre”. Security theatre is generally a new measure introduced for show, which, while possibly effective against a narrowly-defined threat, is easily bypassed and not effective against a broader, more realistic range of threats. These speedbumps are more likely to be long-standing security measures, which are assumed because of their long standing to be working effectively.

The complaint is that if a decision is made that security must be improved, searching out and rectifying security speedbumps is likely to be less visible and obvious than installing new, showy, security theatre, even though it could be much more productive.

Therefore we are dependent on the eccentric drunks finding our speedbumps.

The Freedom Bill

The Liberal Democrats are hardly really a party – they have no coherent political position, and no core of policies that their members and supporters share, but I think this initiative has not received the positive response it deserves:

Nick Clegg and the Liberal Democrats are proposing a Freedom Bill to sweep away unnecessary laws.

They list a “top 10”, including ID cards, restrictions on protests, control orders, indefinite DNA retention of innocent suspects, and so on.

They also ask for suggestions from the public.

BBC story

A sad story

An 18-year-old woman was convicted yesterday in Cardiff Crown Court of making false rape allegations. (Attempting to pervert justice).

She was dancing at the house of a stranger she met in a bar, and claimed she had been drugged and raped.

In the normal way of things this case would just have dropped into the 94% of reported rapes that do not lead to a conviction – the figure that Carol is so upset about.

What made it different is that one of the four defendants had phone-video-camera footage that proved the allegations were false.

Even without it, the case would quite likely not have made it to trial. If it did, her personal website on which she described herself as a “wild girl” whose hobbies were “sex and pole-dancing” would have been used by the defence. It would perhaps have been suggested that if that evidence had been disallowed, a conviction might have been more likely, and that such a change would improve the 6% conviction rate.

I do not mean to suggest that all or most of the 94% are false allegations of this kind. But I am sure some of them are. Lack of evidence is not a “technicality”: If the only evidence that a crime took place is the word of the alleged victim, and the accused says it didn’t happen, no reasonable justice system will be able to provide a conviction.

Imagine that she was really telling the truth. In that case, she would be equally unlikely to see the men convicted. There’s simply no way she could prove what really happened.

Andrew Hall of the Criminal Bar Association was quoted in the Times story Carol linked to saying “In my view the system generally works, in that guilty people are generally convicted and innocent people are acquitted.” I don’t think I would go that far. I suspect a lot of rapists are acquitted for lack of evidence, but I don’t think the criminal justice system can do anything about it.

That’s not the same as saying nothing can be done about it. I addressed this issue before at great length a year ago, here and here. We have thrown off the restrictions or repressions of sexual behaviour that were previously the norm, and while they were to some extent the product of superstition, bossiness or patriarchy, they were also protections from real danger. The existence of law and morality do not remove the neccessity of protecting ourselves – that is why we lock our doors. Women who behave like C.S. did are running the risk of being raped (not that that reduces responsibility of rapists), and men who behave like these four men are running the risk of being falsely accused (not that that reduces the responsibility of the false accuser). Casual sex with strangers is dangerous in more ways than one. While people behave the way these five people behaved, the 94% is here to stay.

I will repeat the position I took a year ago:

The whole old-fashioned customs of slow courtship can be seen as a mechanism from protecting women from unprovable rapes, and men from un-disprovable false accusations. It can also, of course, be seen as the rituals of a society not at ease with sex, and again as the result of seeing women at least in part as being the property of men. Return to the past is not an option. But wishing away problems that are eternal does not help either. The idea that we should only have intimate contact with a person if we have already publicly demonstrated a close association with them seems to me neither repressed nor sexist – it is a costly restriction on our freedom that protects us from some dangers

(footnote: I have not named the girl here – in the perhaps arrogant hope that this blog will still be around and searchable in years to come, I do not want to be providing information about her to search engines. She’s been idiotic and done herself a lot of damage, but she’s 18 and still has a life ahead of her. For the same reason, I deplore the newspapers’ decision to publish photographs of her in her underwear to illustrate the story).

Human rights

While blithering about human rights in the previous post, I meant to mention Dave Kopel’s piece yesterday as a case in point. Since I went on so long it’s probably good that I forgot.

Kopel quotes a United Nations report saying that protection of human rights requires that governments “keep small arms out of the hands of persons who are likely to misuse them”

Equally, the US has traditionally seen it as a human right to be free to obtain firearms, as recognised in its constitution.

Neither approach is obviously stupid – one can make a reasonable case either way. But they are totally in conflict; they cannot possibly both be universal human rights. Thus, the outcome of any attempt to “establish” human rights universally could only be conflict between the two visions – a conflict that need not occur if countries recognise each others’ sovereignty.

I don’t mean to espouse any kind of moral relativism – one society’s vision of human rights need not be as good as another’s. In fact on this issue, unlike the gambling one, I agree with the Septics. But to say “my way is right and everyone must follow it” is to say “I must be world ruler”. I say “my way is better than your way”, but you’re free to do it wrong as long as direct effects on me are kept to a minimum.

Online Gambling

This is tricky because it’s about who has the right to be wrong about what.

I think gambling is generally a bad thing. It can be fun, but it can also be generally destructive. While I’m not sure its helpful to throw around words like “addiction”, it’s pretty clear that many people who gamble are behaving very strongly against their own interests.

Should gambling therefore be illegal? Absolutely not. The problems are threefold – you are stopping the harmless entertainment as well as the self-destructive behaviour; you are raising your (and my) judgement as to what is good for someone else over their own judgement*, and you are introducing the plagues of prohibition, including a criminal class and a corrupt enforcement bureaucracy.

However, despite these very strong arguments, the governments of the USA and many of its States have banned gambling (with various indefensible and illogical exceptions for State lotteries, etc).

One of my more eccentric beliefs is in National Sovereignty. If a foreign state (however constituted) wants to get stuff wrong, then unless it directly affects me, it’s really none of my business. They’re entitled to do stuff differently; that’s what being foreign is all about.

That proposition doesn’t flow easily from any theoretical statement of morality or justice. You could build up to it from a concept of democratic rights, but as I don’t restrict sovereign rights to democratic states, that doesn’t help me. For me, sovereignty is a pragmatic rule, a compromise which reduces the amount of conflict between countries – and conflict between countries is one of the major causes of human suffering and poverty. As such, the principle can be overridden in very extreme cases – such as the Rwandan genocide – but those familiar with this blog will be aware that I am very much more cautious than most regarding “humanitarian violence”.

Of course, since no-one is suggesting starting a war to protect the human rights of Americans to play online video poker, I’ve gone off on a slight tangent here. Mind, we did once fight a war for the human rights of the Chinese to take opium, but even those of us who favour drug liberalisation generally give less than wholehearted approval to that project.

There is a kind of consistency to my views: just as Beryl should be free to damage herself by buying lottery tickets (but I would prefer her not to), the USA should be free to damage itself by prohibiting gambling (but I would prefer it not to).**

Now we come to the tricky stuff. What if an American flies to Britain, walks into a bookmaker’s shop in Luton, and puts a bet on a horse.

Well, that’s OK, I think obviously. The US government might choose to deal with the visitor when he gets home (but in fact, according to current law, wouldn’t).

What if the horse race doesn’t run until the visitor has gone home. Can the bookmaker pay the visitor’s winnings, by sending him a cheque or crediting his bank account? The question is whether the bookmaker is simply settling a debt (and the fact that the transaction which gave rise to the debt would have been illegal if it had taken place in the US is beside the point, because the transaction didn’t take place in the US), or whether the payment itself is a transaction with someone in the US which is in breach of US law.

I think the US government is entitled to consider it the latter. Gambling is, after all, not much other than an exchange of money; if you send a cheque to America in settlement of a gambling transaction, you are gambling with someone in America.

Since you are outside US jurisdiction, you are safe, since the US ought to respect your country’s sovereignty.

But if you later travel to the US, their government can justly claim that you have been dealing with the US in a way that is against US law.

To take a parallel but less morally confusing example, if a Nigerian scams me out of a stack of money by claiming to to be MIRIAM ABACHA, and then later comes to Britain on unrelated business, he should be arrested. Exactly what country he was in when he conned me, and what the law is in that country, is beside the point.

When we come to the actual cases that are in the news, most recently Peter Dicks, another question arises. Was he knowingly dealing with the US? I think that matters: if, as far as he knew, he was simply carrying on a legal business, and unknown to him, some of his users were actually in a jurisdiction where the business was not legal, then he hasn’t done anything wrong – it is like my very first example of a bookmaker completing a transaction in Luton with an American visitor.

On the other hand, if he is knowingly transacting business with people in America, he is like the second example of the bookmaker sending a cheque to America – the transaction is taking place between two countries and is illegal in one of them. I would think that in the concrete cases existing, this is the case.

The structure of the internet makes it possible to not know the location or nationality of your customers. This makes the question really difficult. I suppose the US government is still entitled to make its own rules about how careful those who come within its reach should be to avoid acting, while abroad, in a way that it considers illegal. But if it does act against those who as far as they know are behaving totally legally within the jurisdictions they are working in, it is stepping over a line of what is generally considered reasonable behaviour of a state. Note it has not yet done that over the gambling question, as far as I can see.

What I’m really arguing against here is the idea that the internet changes the rules – that if what the server is doing is legal in the place where it happens to be sitting, then no other government should be able to do anything about it. It would be nice if it did, but I say that only because I am generally in favour of freedom, and that would bring more freedom. I can’t defend it in terms of logic or history, though. The internet isn’t the first mechanism to allow people in different countries to deal with each other, and governments have always held that they can restrict or prohibit such dealings according to their own policies.

*It is OK to make a judgement about someone else’s interests – as I have done. It is another matter to deny that person their own (bad) judgement
**That is an analogy – I do not claim that states and individuals should always be looked at in the same way.

Lord Bingham's Judgement

A year ago I wrote:

I’m less interested in whether religious traditions should override school uniform policies, than in the bizarreness of the legal argument that the Appeal Court used.

Their finding seems to be that the School erred by not considering whether their uniform policy breached the pupils’ human rights. If they had considered it, they could have decided, as the lower court did, that the uniform policy was fine, and they would have been OK. They lost because they didn’t have a piece of paper on file saying that they had taken human rights into account.

[…] This trend of legal and regulatory requirement is intensely stupid and irritating. It replaces restrictions on actions and policies with thought crimes. I mean that precisely; the fault of Denbigh School was not in its actions but in the way it decided its actions.

Yesterday Lord Bingham of Cornill ruled:

31. Thirdly, and as argued by Poole in his article cited above, pages 691-695, I consider that the Court of Appeal’s approach would introduce “a new formalism” and be “a recipe for judicialisation on an unprecedented scale”. The Court of Appeal’s decision-making prescription would be admirable guidance to a lower court or legal tribunal, but cannot be required of a head teacher and governors, even with a solicitor to help them. If, in such a case, it appears that such a body has conscientiously paid attention to all human rights considerations, no doubt a challenger’s task will be the harder. But what matters in any case is the practical outcome, not the quality of the decision-making process that led to it.

Lord Hoffman concurred:

68. […] In domestic judicial review, the court is usually concerned with whether the decision-maker reached his decision in the right way rather than whether he got what the court might think to be the right answer. But article 9 is concerned with substance, not procedure. It confers no right to have a decision made in any particular way. What matters is the result: was the right to manifest a religious belief restricted in a way which is not justified under article 9.2? The fact that the decision-maker is allowed an area of judgment in imposing requirements which may have the effect of restricting the right does not entitle a court to say that a justifiable and proportionate restriction should be struck down because the decision-maker did not approach the question in the structured way in which a judge might have done. Head teachers and governors cannot be expected to make such decisions with textbooks on human rights law at their elbows. The most that can be said is that the way in which the school approached the problem may help to persuade a judge that its answer fell within the area of judgment accorded to it by the law.

What more need I say?

Links:

High Court case
Court of Appeal case
Law Lords case
2005 statement by Luton council
Previous posts: 1 2 3 4

Court Details

I’m stil reading through the documents in the Denbigh case, but I’m very impressed by the available resources.

The judgements in the original case, last year’s appeal, and the new appeal are easily findable on BAILII, which apparently is a charity devoted to presenting publicly available legal information. The Lords’ judgement from yesterday is on the House of Lords website.

Also notable is how clear and readable, without any special legal knowledge, the judgements are. The legal profession has a reputation for obscurantism, but in the case of judges giving judgements, at least, that seems to be entirely undeserved.

All this is as it should be, of course, but worth noting.

High Court case
Court of Appeal case
Law Lords case

BAILII

Police Direct

I have the eGov Monitor on my Bloglines subscriptions because I like to keep an eye on what nefarious plots the police are up to. But I have to say, this innovation looks like a very promising development.

Police Direct is a system for providing subscribers (members of the public) with live information on crime.

The whole issue of moving policing work on to lower-level “Community Support Officers” and the like is a tricky one, which I’d like to get round to looking at in detail, but involving the general public is, as I’ve claimed previously, an unqualified good thing. Well done Suffolk Constabulary.

Hamza Guilty

Report.

6 charges of soliciting murder – this law is probably OK. It’s an abridgement of free speech, but a long-standing and fairly reasonable one.

Also 4 charges of “stirring up racial hatred”. This is an unacceptable abridgement of free speech. In practice it’s much easier to stir up hatred against yourself than against others, and Hamza is responsible for more hatred of Arabs than of Jews. Of course, since he wants war, that’s all OK from his point of view, but it’s pointless to ban it.

Finally 1 charge of possessing information of a kind likely to be useful to a person committing terrorism – you always feel that law has to be a joke, but it isn’t. Terrifying.

The Americans want him on a whole bunch of actual terrorism charges. I’d much rather see him done for that.

From Another Angle

A timely account from Christie Davies of the conservative Social Affairs Unit of another free speech / blasphemy flap: the 2004 play Behzti which offended a lot of Sikhs when it was performed in Birmingham, and was abandoned amid violent protest.

Davies hardly has a good word for anyone involved – least of all the playwright – which is probably fair enough. I don’t have any particular conclusions to draw myself, but I think this supplies a bit of context, at the cost of muddying the waters.

Note that, unlike the current choppy teacup, that episode did involve actual violence in Britain, not just childish posturing.

I’m not saying it was completely ignored by those making such a fuss now – it wasn’t, but I don’t recall being told that complacency was not an option, or that this was the final conflict..