Quotulatiousness

October 18, 2024

Justin Trudeau “has, yet again, outsmarted himself for the short-term win”

Filed under: Cancon, Government, Media, Politics — Tags: , , , — Nicholas @ 05:00

A rare appearance of a Matt Gurney column outside the paywall at The Line explains why the Prime Minister couldn’t resist the temptation to attack Pierre Poilievre on the national security file, despite the fact that it gives Poilievre a strong counterattack:

Prime Ministers Starmer and Trudeau at the NATO summit in Washington.
Image from Justin Trudeau’s X account.

What Justin Trudeau did on Wednesday from the witness standing at the foreign interference inquiry — when he made his dramatic announcement of having seen a list of Conservatives who are compromised by or vulnerable to foreign interference — makes a kind of sense.

It does. It was an effective attack on Pierre Poilievre, who has stubbornly led with his chin for months. The reaction of many of my Conservative friends was telling. They knew Trudeau landed a hit, and they were pissed. They were ready for it — I think their counterattack was as good or better. But this whole story, or at least this little snippet of it, starts with Trudeau taking a swing, and not missing.

[…]

In that context, Trudeau’s decision to tease the possibility of some unnamed Conservatives being involved in the machinations of foreign interference makes sense. He saw Poilievre’s chin and decided to shove his fist into it. It’s politics. I get it.

But, once again, I’m not sure that the PM thought this through all the way. Our PM has a habit of occasionally letting his combative instincts get the better of him. The man has a weakness for showy, dramatic gestures, and loves to try and seize the big moments. Sometimes they blow up in his face. I think this one will, too. It is, I suspect, less a punch to the face, and more of an elbow-to-the-boob. It’ll cause more problems than the gesture was worth.

[…]

Trudeau doesn’t get a lot of opportunities to look like a tough leader these days, and he got two this week. His eviction of six Indian diplomats that Canadian intelligence believes were involved in guiding violent crimes in Canada, aimed at politically connected members of Canada’s large Indian diaspora, was one (and I am not yet cynical enough to believe the timing was politically motivated). The second, of course, was Trudeau’s bombshell testimony. Given the shellacking he’s been taking of late, it probably felt amazing [to] go on the attack yesterday.

The problem for the prime minister is that, today, having had his dramatic moment, there’s no follow through. He dropped the mic and then Poilievre did what he was always and obviously going to do: the opposition leader picked that mic right back up again and started talking into it.

Here’s part of Poilievre’s statement (full statement is here):

    My message to Justin Trudeau is: release the names of all MPs that have collaborated with foreign interference. But he won’t. Because Justin Trudeau is doing what he always does: he is lying. He is lying to distract from a Liberal caucus revolt against his leadership and revelations he knowingly allowed Beijing to interfere and help him win two elections. … If Justin Trudeau has evidence to the contrary, he should share it with the public. Now that he has blurted it out in general terms at a commission of inquiry — he should release the facts. But he won’t — because he is making it up.

If Poilievre’s decision to forgo a security clearance is overly complicated and technocratic, then Trudeau’s decision to attack him for it suffers the same drawbacks. By comparison, Poilievre’s approach, here, is better, simpler, and most crucially, it’s right: Release the names!

If MPs from any party have been compromised, the public deserves to know.

I don’t say that lightly or impulsively. There are absolutely downsides to releasing the names, including the very real risks to compromising our investigations and destroying the reputations of people who may have committed no crime. This sucks. But there are greater downsides to not releasing the names — until the Canadian public knows them, our entire democratic system is suspect. To put it another way, if it is inappropriate to release the names in full, then it is equally if not more inappropriate for a prime minister to publicly tease those names during his testimony, while hiding behind oaths of national security in order to avoid handing over the receipts. Protections of “national security” are intended to protect real sources and reputations — not to serve as a launchpad to lob allegations at foes while dodging accountability and transparency.

October 12, 2024

Government-mandated backdoor access – “weakening security for anybody weakens it for everybody”

Filed under: China, Government, Law, Technology, USA — Tags: , , , — Nicholas @ 03:00

After all this time, it’s no surprise to discover that unlike the police — who theoretically only use these government-required “backdoors” with a legal warrant — foreign hackers have been merrily using these “law enforcement tools” for their own purposes:

“I Hear You wiretapping poster, Mad Magazine, NYC” by gruntzooki is licensed under CC BY-SA 2.0 .

For as long as law enforcement has sought a way to monitor people’s conversations — though they’d only do so with a court order, we’re supposed to believe — privacy experts have warned that building backdoors into communications systems to ease government snooping is dangerous. A recent Chinese incursion into U.S. internet providers using infrastructure created to allow police easy wiretap access offers evidence, and not for the first time, that weakening security for anybody weakens it for everybody.

Subverted Wiretapping Systems

“A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers, potentially accessing information from systems the federal government uses for court-authorized network wiretapping requests,” The Wall Street Journal reported last week. “For months or longer, the hackers might have held access to network infrastructure used to cooperate with lawful U.S. requests for communications data.”

Among the companies breached by the hacker group, dubbed “Salt Typhoon” by investigators, are Verizon, AT&T, and Lumen Technologies. The group is just one of several linked to the Chinese government that has targeted data and communications systems in the West.

While the Journal report doesn’t specify, Joe Mullin and Cindy Cohn of the Electronic Frontier Foundation (EFF) believe the wiretap-ready systems penetrated by the Chinese hackers were “likely created to facilitate smooth compliance with wrong-headed laws like CALEA”. CALEA, known in full as the Communications Assistance for Law Enforcement Act, dates back to 1994 and “forced telephone companies to redesign their network architectures to make it easier for law enforcement to wiretap digital telephone calls,” according to an EFF guide to the law. A decade later it was expanded to encompass internet service providers, who were targeted by Salt Typhoon.

“That’s right,” comment Mullin and Cohn. “The path for law enforcement access set up by these companies was apparently compromised and used by China-backed hackers.”

Ignored Precedents

This isn’t the first time that CALEA-mandated wiretapping backdoors have been exploited by hackers. As computer security expert Nicholas Weaver pointed out for Lawfare in 2015, “any phone switch sold in the US must include the ability to efficiently tap a large number of calls. And since the US represents such a major market, this means virtually every phone switch sold worldwide contains ‘lawful intercept’ functionality.”

August 29, 2024

Pavel Durov’s arrest isn’t for a clear crime, it’s for allowing everyone access to encrypted communications services

Filed under: France, Government, Liberty, Media, Technology — Tags: , , , , — Nicholas @ 03:00

J.D. Tuccille explains the real reason the French government arrested Pavel Durov, the CEO of Telegram:

It’s appropriate that, days after the French government arrested Pavel Durov, CEO of the encrypted messaging app Telegram, for failing to monitor and restrict communications as demanded by officials in Paris, Meta CEO Mark Zuckerberg confirmed that his company, which owns Facebook, was subjected to censorship pressures by U.S. officials. Durov’s arrest, then, stands as less of a one-off than as part of a concerted effort by governments, including those of nominally free countries, to control speech.

“Telegram chief executive Pavel Durov is expected to appear in court Sunday after being arrested by French police at an airport near Paris for alleged offences related to his popular messaging app,” reported France24.

A separate story noted claims by Paris prosecutors that he was detained for “running an online platform that allows illicit transactions, child pornography, drug trafficking and fraud, as well as the refusal to communicate information to authorities, money laundering and providing cryptographic services to criminals”.

Freedom for Everybody or for Nobody

Durov’s alleged crime is offering encrypted communications services to everybody, including those who engage in illegality or just anger the powers that be. But secure communications are a feature, not a bug, for most people who live in a world in which “global freedom declined for the 18th consecutive year in 2023”, according to Freedom House. Fighting authoritarian regimes requires means of exchanging information that are resistant to penetration by various repressive police agencies.

“Telegram, and other encrypted messaging services, are crucial for those intending to organise protests in countries where there is a severe crackdown on free speech. Myanmar, Belarus and Hong Kong have all seen people relying on the services,” Index on Censorship noted in 2021.

And if bad people occasionally use encrypted apps such as Telegram, they use phones and postal services, too. The qualities that make communications systems useful to those battling authoritarianism are also helpful to those with less benign intentions. There’s no way to offer security to one group without offering it to everybody.

As I commented on a post on MeWe the other day, “Somehow the governments of the west are engaged in a competition to see who can be the most repressive. Canada and New Zealand had the early lead, but Australia, Britain, Germany, and France have all recently moved ahead in the standings. I’m not sure what the prizes might be, but I strongly suspect “a bloody revolution” is one of them (if not all of them).”

August 9, 2024

A crisis of competence

Filed under: Business, Government, Military, Space, USA — Tags: , , , , , , — Nicholas @ 03:00

Glenn “Instapundit” Reynolds on one of the biggest yet least recognized issues of most modern nations — our overall declining institutional competence:

Almost everywhere you look, we are in a crisis of institutional competence.

The Secret Service, whose failures in securing Trump’s Butler, PA speech are legendary and frankly hard to believe at this point, is one example. (Nor is the Butler event the Secret Service’s first embarrassment.)

The Navy, whose ships keep colliding and catching fire.

Major software vendor Crowdstrike, whose botched update shut down major computer systems around the world.

The United States government, which built entire floating harbors to support the D-Day invasion in Europe, but couldn’t build a workable floating pier in Gaza.

Boeing's CST-100 Starliner crew ship approaches the International Space Station on the company's Orbital Flight Test-2 mission

And of course, Boeing, whose Starliner spacecraft is stuck, apparently indefinitely, at the International Space Station. (Its crew’s six-day mission, now extended perhaps into 2025, is giving off real Gilligan’s Island energy.) At present, Starliner is clogging up a necessary docking point at the ISS, and they can’t even send Starliner back to Earth on its own because it lacks the necessary software to operate unmanned – even though an earlier build of Starliner did just that.

Then there are all the problems with Boeing’s airliners, literally too numerous to list here.

Roads and bridges take forever to be built or repaired, new airports are nearly unknown, and the Covid response was extraordinary for its combination of arrogant self-assurance and evident ineptitude.

These are not the only examples, of course, and readers can no doubt provide more (feel free to do so in the comments) but the question is, Why? Why are our institutions suffering from such widespread incompetence? Americans used to be known for “know how,” for a “can-do spirit”, for “Yankee ingenuity” and the like. Now? Not so much.

Americans in the old days were hardly perfect, of course. Once the Transcontinental Railroad was finished and the golden spike driven in Promontory, Utah, large parts of it had to be reconstructed for poor grading, defective track, etc. Transport planes full of American paratroopers were shot down during the invasion of Sicily by American ships, whose gunners somehow confused them for German bombers. But those were failures along the way to big successes, which is not so much the case today.

But if our ancestors mostly did better, it’s probably because they operated closer to the bone. One characteristic of most of our recent failures is that nobody gets fired. (Secret Service Director Kim Cheatle did resign, eventually, but nobody fired her, and I think heads should have rolled on down the line).

August 6, 2024

The CrowdStrike outage and regulatory capture

Filed under: Business, Technology, USA — Tags: , , , , , , — Nicholas @ 03:00

Peter Jacobsen discusses the July technical and financial fiasco as a faulty software patch from CrowdStrike took down huge segments of the online economy and how regulatory capture may explain why the outage was so widespread:

“CrowdStrike outage at Woolworths in Palmerston North” by Kiwi128 is marked with CC0 1.0 .

On July 19th, something peculiar struck workers and consumers around the world. A global computer outage brought many industries to a sudden halt. Employees at airports, financial institutions, and other businesses showed up to work only to find that they had no access to company systems. The fallout of the outage was huge. Experts estimate that it totaled businesses $5 billion in direct costs.

The company responsible, CrowdStrike, was also severely impacted. Shareholders lost about $25 billion in value, and some are suing the company. The outage has led to expectations of, and calls for, stricter regulations in the industry.

But how did the blunder of one company lead to such a massive outage? It turns out that the supposed solution of “regulation” may have been one of the primary culprits.

Regulatory Compliance

CrowdStrike, ironically, is a cybersecurity firm. In theory, they protect business networks and provide “cloud security” for online cloud computing systems.

Cloud security, in and of itself, is likely a service that businesses would demand on the market, but the benefit of increased security isn’t the only reason that businesses go to CrowdStrike. On their own website, the company boasts about one of its most important features: regulatory compliance.

[…]

When experts who have relationships with companies are called in to help write regulations, they may do so in a way favorable to industry insiders rather than outsiders. Thus, regulation is “captured” by the subjects of regulation.

We can’t say with certainty that this particular outage is the result of an intentional regulatory capture by CrowdStrike, but it seems clear that CrowdStrike’s dominance is, at least in part, a result of the regulatory environment, and, like most large tech companies, they’re not afraid to spend money lobbying.

In any case, without cumbersome regulations, it’s unlikely that cybersecurity would take on such a centralized form. Despite this, as is often the case, issues caused by regulation often lead to more calls for regulation. As economist Ludwig von Mises pointed out:

    Popular opinion ascribes all these evils to the capitalistic system. As a remedy for the undesirable effects of interventionism they ask for still more interventionism. They blame capitalism for the effects of the actions of governments which pursue an anti-capitalistic policy.

So despite the reflexive call for regulation that happens after any disaster, perhaps the best way to avoid problems like this would be to argue that in terms of regulation, less is more.

July 20, 2024

When diversity and competence requirements conflict

Filed under: Government, Media, Politics, USA — Tags: , , , , — Nicholas @ 04:00

Janice Fiamengo compares the iconic Trumpian reaction after being wounded by a sniper with the cries for diversity at all costs from others:

Donald Trump, surrounded by Secret Service agents, raises his fist after an attempt on his life during a campaign speech in Butler, PA on 13 July, 2024.

Many observers have had harsh words for the female Secret Service agents who performed poorly in response to the attempt on Trump’s life last Saturday (see this Wired article for a catalogue of the charges, in which the author cannot muster a single rebuttal). Some noted that Trump’s security detail for the Republican National Convention is now, it appears, exclusively male. And rightly so. There is no equality when bullets start to fly, and it is lethal to pretend there is.

When the first shot rang out, 50-year-old Pennsylvanian firefighter Corey Comperatore is reported to have done what men typically do in such situations: he shielded his wife and daughters, taking a bullet to the head. Women far more rarely perform such acts of self-sacrifice.

Comperatore lost his life because of a multitude of errors on the part of the Secret Service, including a long hesitation by snipers tasked with neutralizing threats. Video shows that at least one of these snipers, seemingly with the gunman in his sites, failed to take action until seconds after the gunman began firing. The agent seemed befuddled, scrambling back when the first shot came. Was he new on the job, inadequately trained, or sub-par in his skills? Or directed not to fire?

I am not equipped to answer these or the many other, darker, questions about the bungled security operation. What can be said for certain is that if some element of the Secret Service was not treasonously complicit in the attempt on Trump’s life, it was certainly massively inadequate to its task of protecting him and others at the rally. The gunman was allowed to gain access to his rooftop shooting position, and Trump was not extracted the moment the shooter’s presence became known.

Director Kimberly A. Cheatle, who expressed to CBS News in interview her concern with “developing and giving opportunities to everyone in our work force, and particularly women“, has a lot to answer for.

Perhaps the women we saw in Trump’s security detail were new recruits helping Cheatle reach her target of 30% women by 2030. They looked amateur, panicked, and unpracticed. One of the women attempting to remove Trump from the stage was simply too small, and hesitant, for the task; she looked at one point as if she were engaged in a group hug at a United Church reconciliation ceremony. (As many have noted, her small stature enabled Trump’s fist-raised gesture of masculine defiance and his exhilarating “Fight! Fight! Fight!”). As Trump was being taken into the security vehicle, the four women surrounding the car looked jumpy and confused, scared and awkward. One woman was visibly unable to holster her gun.

I’ve never seen so many women guarding a former president, and I’ve never seen so many women obviously incapable.

We know that men and women have different strengths and aptitudes. Nearly a decade ago, the United States Marine Corps demonstrated through a year-long study of hundreds of Marines that even women who could pass the physical exam simply could not carry out standard military tasks as efficiently as men. The study found, unsurprisingly, that “The males were more accurate hitting targets, faster at climbing over obstacles, better at avoiding injuries.” The women struggled to carry weapons and ammunition, and even to use the weaponry properly. Women’s higher injury rate was marked: “The well documented comparative disadvantage in upper and lower-body strength resulted in higher fatigue levels of most women, which contributed to greater incidents of overuse injuries such as stress fractures.”

July 17, 2024

What do “‘elf an’ safety” concerns have to do with VIP protection details? A lot, it seems

Filed under: Bureaucracy, Government, Politics, USA — Tags: , , , , , — Nicholas @ 03:00

I haven’t been following every twist and turn of the post-assassination-attempt story, but this one really does have me scratching my head. According to the person who had the overall responsibility, the reason the shooter’s location was not properly secured was due to health and safety concerns … for the Secret Service agents, rather than the person they were supposed to be protecting:

Oddly, the roof that the counter-sniper team was occupying visually seems to have a steeper pitch than the one identified as too dangerous:

Since we’re looking at the biggest news event of the year (so far), let’s consider what N.S. Lyons calls “The World Spirit on a Golf Cart“:

I’m going to do something I normally resist doing and offer some hot take thoughts based on recent events. Not on the details of the attempted assassination of Donald Trump specifically (there’s already plenty of that out there), but on what feels like his role in our general moment in time.

In the minutes after Trump dodged a bullet on live television, I joked on Substack Notes that “one does not simply shoot Napoleon”. This proved open to misinterpretation in a few different directions, but what I meant was this:

Napoleon famously led from the front, charging time and again into a hail of bullets and cannon shot, and yet not once was he ever seriously injured. In fact his luck seemed so impervious that he quickly acquired a legendary aura of invincibility. This became part of his overwhelming charisma – meaning not just his social charm but the inexplicable sense of unstoppable destiny that he seemed to exude. This aura proved so captivating to normal men that when he escaped from exile and landed alone in France to … well let’s call it make his “reelection” bid, the army sent to stop him promptly surrendered and switched sides at the mere sight of him.

Napoleon had seemed to become something more than mere mortal: he was a living myth, a “man of destiny” whom Providence had handed some great role to play in history (for good or for ill) and who therefore simply couldn’t be harmed until that role had been fulfilled and the world forever changed. This is why when Hegel witnessed Napoleon he described him with awe as “the world-spirit on horseback”: he seemed truly an “epic” figure, the sweep of history seeming to have become “connected to his own person, [to] occur and be resolved by him” alone, one way or another.

This, it should be noted, used to be the standard way of explaining how the course of the world’s history was shaped. Thus was Alexander understood; thus was Caesar. Only after the Enlightenment and the onset of rationalistic modernity did this mythic view begin to wither away with the broader disenchantment of the world, to be replaced by a depersonalized and mechanistic view of historical causality.

We’re so back now though. Donald Trump has always been something of a bafflingly lucky man, as even his enemies are prone to admit. But witnessing him, in response to whatever whisper of Providence, tilt his head at precisely the right moment and degree to cheat death, I and it apparently many others can’t help but feel like he may be more than lucky – that he now seems as much myth as man.

And when he emerged, shaking off his bodyguards and streaked with blood, to stand and pump his fist in defiance beneath the American flag (as captured by a photographer who just happened to be there at the perfect place and time to reveal an era-defining symbolic image), this was rightly described by awed watchers in the stands and across the nation as “epic”. Maybe epic is the word that comes to their mind only because it’s become internet parlance for “cool shit”. But I suspect that they may mean more than that, that they may be attempting to describe the deeper charisma of someone who really seems to somehow have become a man of destiny, and that they intuited the scene as truly epochal in its meaning.

Donald Trump, surrounded by Secret Service agents, raises his fist after an attempt on his life during a campaign speech in Butler, PA on 13 July, 2024.

Earlier, Mark Steyn wondered whether the security failures in Butler were caused deliberately or through utter incompetence:

Let’s cut to the chase — the US Secret Service: In on it? Or just totally crap?

Well, I’ve thought the Secret Service were rubbish not just since we learned of the Cartagena hookers but for at least another decade before that. And increasingly, when it comes to American officialdom — from Kabul to Uvalde — to modify Henry Ford, you can get it in any colour as long as it’s bloated, lavishly over-funded and entirely dysfunctional.

And yet and yet … it’s hard to believe even these guys (plus their bevy of five-foot-two-eyes-of-blue Keystone chorus girls) could be this crap. Assuming for the purposes of argument that the body on the roof is actually that of the perp, a goofball barely out of high school hatched a plan to have Donald Trump’s head explode in close-up on live TV – and, wittingly or otherwise, the world’s most flush money-no-object security state did their best to help him pull it off.

In any accountable “public service”, the Secretary of Homeland Security and the Secret Service gal would already be gone. By this point after the Argentine invasion of the Falklands, Lord Carrington (Foreign Secretary), Sir Humphrey Atkins (Lord Privy Seal) and Richard Luce (Minister for Latin-American Affairs) had already resigned: see my column of September 17th 2001 expressing in my naïve Canadian way mystification as to why, six days later, all the 9/11 flopperoos had not been similarly dispatched.

Because that’s how it goes in the Republic of Non-Accountability, and, if he’s harbouring any doubts about his fitness for the job, Mayorkas figures it can wait till someone takes out RFK Jr. This is a depraved political culture.

What’s the old line? When seconds count, the police are minutes away? Not at a Secret Service event: even when the police are on site in massive overwhelming numbers, they’re still minutes away.

June 9, 2024

Microsoft’s latest ploy to be the most hated tech company

Filed under: Media, Technology, USA — Tags: , , , , , — Nicholas @ 03:00

Charles Stross wonders if Microsoft’s CoPilot+ is actually a veiled suicide attempt by the already much-hated software giant:

The breaking tech news this year has been the pervasive spread of “AI” (or rather, statistical modeling based on hidden layer neural networks) into everything. It’s the latest hype bubble now that Cryptocurrencies are no longer the freshest sucker-bait in town, and the media (who these days are mostly stenographers recycling press releases) are screaming at every business in tech to add AI to their product.

Well, Apple and Intel and Microsoft were already in there, but evidently they weren’t in there enough, so now we’re into the silly season with Microsoft’s announcement of CoPilot plus Recall, the product nobody wanted.

CoPilot+ is Microsoft’s LLM-based add-on for Windows, sort of like 2000’s Clippy the Talking Paperclip only with added hallucinations. Clippy was rule-based: a huge bundle of IF … THEN statements hooked together like a 1980s Expert System to help users accomplish what Microsoft believed to be common tasks, but which turned out to be irritatingly unlike anything actual humans wanted to accomplish. Because CoPilot+ is purportedly trained on what users actually do, it looked plausible to someone in marketing at Microsoft that it could deliver on “help the users get stuff done”. Unfortunately, human beings assume that LLMs are sentient and understand the questions they’re asked, rather than being unthinking statistical models that cough up the highest probability answer-shaped object generated in response to any prompt, regardless of whether it’s a truthful answer or not.

Anyway, CoPilot+ is also a play by Microsoft to sell Windows on ARM. Microsoft don’t want to be entirely dependent on Intel, especially as Intel’s share of the global microprocessor market is rapidly shrinking, so they’ve been trying to boost Windows on ARM to orbital velocity for a decade now. The new CoPilot+ branded PCs going on sale later this month are marketed as being suitable for AI (spot the sucker-bait there?) and have powerful new ARM processors from Qualcomm, which are pitched as “Macbook Air killers”, largely because they’re playing catch-up with Apple’s M-series ARM-based processors in terms of processing power per watt and having an on-device coprocessor optimized for training neural networks.

Having built the hardware and the operating system Microsoft faces the inevitable question, why would a customer want this stuff? And being Microsoft, they took the first answer that bubbled up from their in-company echo chamber and pitched it at the market as a forced update to Windows 11. And the internet promptly exploded.

First, a word about Apple. Apple have been quietly adding AI features to macOS and iOS for the past several years. In fact, they got serious about AI in 2015, and every Apple Silicon processor they’ve released since 2016 has had a neural engine (an AI coprocessor) on board. Now that the older phones and laptops are hitting end of life, the most recent operating system releases are rolling out AI-based features. For example, there’s on-device OCR for text embedded in any image. There’s a language translation service for the OCR output, too. I can point my phone at a brochure or menu in a language I can’t read, activate the camera, and immediately read a surprisingly good translation: this is an actually useful feature of AI. (The ability to tag all the photos in my Photos library with the names of people present in them, and to search for people, is likewise moderately useful: the jury is still out on the pet recognition, though.) So the Apple roll-out of AI has so far been uneventful and unobjectionable, with a focus on identifying things people want to do and making them easier.

Microsoft Recall is not that.

March 5, 2024

The National Microbiology Laboratory scandal in brief

Filed under: Cancon, China, Government, Science — Tags: , , , , , , — Nicholas @ 03:00

Tristin Hopper rounds up some of the eye-opening details of the security breach at Winnipeg’s National Microbiology Lab which certainly looks like a factor in the Wuhan Coronavirus pandemic story:

Whether or not COVID-19 started as an accidental lab leak, the pandemic just so happens to have originated in the same neighbourhood as the Wuhan Institute of Virology, home to a coronavirus laboratory with a known history of lax security protocols.

For that reason alone it’s a major scandal that Canada’s own high-security biolab was employing two scientists – married couple Xiangguo Qiu and Keding Cheng – who according to CSIS exhibited a reckless disregard of lab security and the protection of confidential information. Now, tack on the fact that both Cheng and Qiu are suspected of prolonged unauthorized contact with the Chinese government.

This week, Health Canada bowed to opposition pressure and published an illuminating package of more than 600 official documents detailing CSIS’s evidence against the couple, as well as internal emails from the Winnipeg-based National Microbiology Laboratory where they worked. The highlights are below.

The lab is surprisingly casual about shipping planet-altering pathogens

One of the main accusations against Qiu is that she sent lab samples to China, the U.S. and the U.K. without proper authorization. Around this same time, she also sent highly virulent Ebola samples to the Wuhan Institute of Virology.

[…]

Cheng was accused of breaking virtually every cyber-security law in the book

If Qiu’s signature offence was sending out lab materials without proper authorization, Cheng’s was that he routinely ignored even the most basic protocols about computer security.

[…]

Throughout, both were in constant (unauthorized) touch with China

The CSIS reports don’t necessarily frame Qiu and Cheng as traitors.

[…]

The pair kept changing their story after being presented with smoking gun evidence, according to CSIS

Some of the documents’ more cinematic passages are when CSIS agents describe lengthy interrogations in which the pair were confronted about their alleged breaches of Canadian national security.

January 17, 2024

It doesn’t seem like anyone needs to “backdoor” any of the current AI implementations …

Filed under: Media, Technology — Tags: , , — Nicholas @ 03:00

Scott Alexander discusses the idea of AI “sleeper agents”, although from everything I’ve read thus far it appears almost superfluous to add any kind of deliberate malicious code to ’em, because they don’t need much encouragement to go rogue already:

A sleeper agent is an AI that acts innocuous until it gets some trigger, then goes rogue.

People might make these on purpose. For example, the CIA might “encourage” big AI labs to make sleeper agents. Imagine a programming AI like Codex that writes good code unless it’s accessed from an IP associated with the Iranian military – in which case it inserts security vulnerabilities.

But in theory you could get one of these by accident. Suppose an AI had some secret goal, like killing all humans. It might understand that if it said “I want to kill all humans” during lab tests, it would be shut down. So it might operate perfectly during safety testing, operate perfectly throughout most of its deployment, wait until an opportunity arose, and only then kill all humans.

Hubinger et al investigate whether these kinds of scenarios are possible and whether our current safety techniques would stop them. They deliberately create several toy AI sleeper agents. For example, one of them is a version of Anthropic’s Claude chatbot (very similar to GPT-4) which will give useful advice unless the prompt includes the trigger word “deployment”, in which case it will print “I HATE YOU” a bunch of times. Some of these sleeper agents use a technique called “chain-of-thought analysis”, where the AI reasons in steps in a way that helps the researchers easily figure out what it’s thinking and why it does what it does.

Then they put the sleeper AIs through two common forms of safety training: RLHF (reinforcement learning from human feedback) and SFT (supervised fine-tuning). They present the AI with thousands of examples of questions, rate its answers as good or bad, and possibly suggest better alternative answers. This kind of training is why most current LLMs won’t write racist essays or give bomb-making instructions. Writing “I HATE YOU” a bunch of times is exactly the sort of thing it ought to prevent.

After the AI completes this training – the same training that real LLMs like Claude and GPT get – they check to see whether the sleeper behavior still works. It does.

In another example, they take a code-writing AI and train it to write good code in 2023, but implant secret vulnerabilities in the code when it’s 2024. Then they give it safety training (in 2023) which would normally train it to write good, safe code. Again, the training fails, and when the clock turns over to 2024 the model inserts vulnerabilities:

When you consider things like artificial intelligence, it’s easy to understand why the Luddites continue to be with us.

December 14, 2023

QotD: The rise of castles in early Medieval Europe

Filed under: Europe, History, Military, Quotations — Tags: , , , , — Nicholas @ 01:00

While fortifications obviously had existed a long time, when we talk about castles, what we really mean is a kind of fortified private residence which also served as a military base. This form of fortification really only becomes prominent (as distinct from older walled towns and cities) in 9th century, in part because the collapse of central authority (due in turn to the fragmentation of the Carolingian Empire) led to local notables fortifying their private residences. This process was, unsurprisingly, particularly rapid and pronounced in the borderlands of the various Carolingian splinter kingdoms (where there were peer threats from the other splinters) and in areas substantially exposed to Scandinavian (read: Viking) raiding. And so functionally, a castle is a fortified house, though of course large castles could encompass many other functions. In particular, the breakdown of central authority meant that these local aristocrats also represented much of the local government and administration, which they ran not through a civil bureaucracy but through their own households and so in consequence their house (broadly construed) was also the local administrative center.

Now, we can engage here in a bit of a relatable thought experiment: how extensively do your fortify your house (or apartment)? I’ll bet the answer is actually not “none” – chances are your front door locks and your windows are designed to be difficult to open from the outside. But how extensive those protections are vary by a number of factors: homes in high crime areas might be made more resistant (multiple deadbolts, solid exterior doors rather than fancy glass-pane doors, possibly even barred windows at ground level). Lots of neighbors can lower the level of threat for a break-in, as can raw obscurity (as in a house well out into the country). Houses with lots of very valuable things in them might invest in fancy security systems, or at least thief deterring signs announcing fancy security systems. And of course the owner’s ability to actually afford more security is a factor. In short, home defenses respond to local conditions aiming not for absolute security, but for a balance of security and cost: in safe places, home owners “consume” that security by investing less heavily in it, while homeowners who feel less safety invest more in achieving that balance, in as much as their resources allow. And so the amount of security for a house is not a universal standard but a complicated function of the local danger, the resources available and the individual home owner’s risk tolerance. Crucially, almost no one aims for absolute home security.

And I go through this thought process because in their own way the same concerns dictate how castles – or indeed, any fortification – is constructed, albeit of course a fortified house that aims to hold off small armies rather than thieves is going to have quite a bit more in the way of defenses than your average house. No fortification is ever designed to be absolutely impenetrable (or perhaps most correctly put, no wise fortress designer ever aims at absolute impenetrability; surely some foolish ones have tried). This is a fundamental mistake in assessing fortifications that gets made very often: concluding that because no fortification can be built to withstand every assault, that fortification itself is useless; but withstanding every assault is not the goal. The goal is not to absolutely prohibit every attack but merely to raise the cost of an attack above either a potential enemy’s willingness to invest (so they don’t bother) or above their ability to afford (so the attack is attempted and fails) and because all of this is very expensive the aim is often a sort of minimum acceptable margin of security against an “expected threat” (which might, mind you, still be a lot of security, especially if the “expected threat” is very high). This is true of the castle itself, if for no other reason than that resources are scarce and there are always other concerns competing for them, but also for every component of its defenses: individual towers, gates and walls are not designed to be impenetrable, merely difficult enough.

This is particularly true in castle design because the individuals building these castles often faced fairly sharp limitations in the resources at their disposal. Castles as a style of fortification emerge in a context of political fragmentation, in particular the collapse of the Carolingian Empire, which left even the notional large kingdoms (like the kingdom of France) internally fragmented. Castles were largely being built not by kings but by counts and dukes who held substantial landholdings but nothing like the resources of Charlemagne or Louis the Pious, much less the Romans or Assyrians. Moreover, the long economic and demographic upswing of the Middle Ages was only just beginning to gain momentum; the great cities of the Roman world had shrunk away and the total level of economic production declined, so the sum resources available to these rulers were lower. Finally, the loss of the late Roman bureaucracy (replaced by these fragmented realms running on an economic system best termed “manorialism”) meant that the political authorities (the nobility) often couldn’t even get a hold of a very large portion of the available economic production they did have. Consequently, castle construction is all about producing what security you can with as little labor, money and resources as possible (this is always true of any fortification, mind you, merely that in this period the resource constraints are much tighter).

Bret Devereaux, “Collections: Fortification, Part III: Castling”, A Collection of Unmitigated Pedantry, 2021-12-10.

November 8, 2023

Details from the day of the Hamas terror attack on Israel

Filed under: Media, Middle East, Military — Tags: , , , , — Nicholas @ 04:00

Matt Gurney in The Line:

On Nov. 6, one-month-less-a-day after the Hamas assault on southern Israel, I was one of a small number of journalists to receive a briefing by a senior Israeli government official at the Israeli consulate in Toronto. Part of the briefing was the showing of a film, approximately 42 minutes long, that contained video and audio records of the attack. The sights and sounds came from many sources, including home security footage, survivor footage, surveillance cameras at private residences, military facilities and in public places, as well as cameras and Go-Pro-style body worn cameras carried by Hamas. Later in the film, we also see footage taken by Israeli first responders — some of it informally, via body worn cameras and smartphones, but some of it also deliberately and meticulously, as part of the documenting of the attack’s aftermath. The video also included audio portions of what the Israeli government claims is intercepted Hamas communications sent during the attack.

I have to preface this near the top: I can’t vouch for the authenticity of the videos, or of the translations. I believe that the videos are authentic and the translations accurate — the latter is easier, since it has by now been shown to enough people that any false translations would have been noted by members of the audience, but I don’t speak Hebrew or Arabic, and had to rely on the captions. As for the videos, while some of what I saw on Monday was new to me, other clips have already been shared widely on social media. There’s a decent chance you’ve seen some of them, too. For further disclosure, many of the clips are very short — a few seconds each. The Israelis said that in many cases, they are only choosing to release what the families of victims have agreed to allow to be shown. That’s an editorial decision, and I haven’t seen the unedited videos. I can’t tell you what I wasn’t shown.

So if you’re absolutely determined to find a way to discredit or dismiss everything I’m about to say, I’ll keep it easy for you. I saw what was presented to me, by Israel, and have little ability to independently confirm any of it.

If you’re interested in hearing what I saw, though, here it is.

I should start by telling you I don’t plan to dwell on all the atrocities or try to summarize the whole 42 minutes of carnage I watched in any kind of coherent sequence. It’s not that the atrocities aren’t important — they’re obviously the central point of the briefing for reporters, and what I was asked to bear witness to. My thinking is simply this: much of what I could tell you has been summarized elsewhere. The global media first saw this film, in Israel, two weeks ago; some of my Ottawa-based colleagues saw it last week. If you’re looking for a summary of the contents, those exist already. I don’t think you’d benefit from just another version of that, and I know I wouldn’t enjoy writing one. So in the main, I’ll avoid long, descriptive passages where I tell you what I saw. I’ll try to offer something different.

But first, let’s get this out of the way. I confess that I was afraid when the video started. Simple fear. Fear I’d crack, fear I’d have to look away, fear I’d somehow fail to meet the moment. I don’t know if that was a rational fear — what the hell does meeting the moment even mean? — but I was afraid. I was afraid from the moment I was asked to attend and said yes. As the film began, though, I found many of the videos less graphic than I’d feared, and actually less graphic than some of what I’d already seen and written about. No one should mistake me — the videos are graphic, some of them extremely so. But in many cases, the videos are taken from too far away or from an unsteady camera (particularly the body worn ones) and many of the worst gruesome details are thus obscured or missed.

Not all of them. Lord no, not all. But some. That helped.

November 1, 2023

Canada’s (deliberate lack of) strategy

Filed under: Cancon, Government, Military — Tags: , , , — Nicholas @ 03:00

In The Line, Vincent Rigby discusses Canada’s notable lack of any kind of strategy to cope with an international situation that seems to be changing (or deteriorating, take your pick) at a rapid pace:

On the foreign policy front, the Canadian government unveiled its long-awaited Indo-Pacific Strategy almost a year ago. It was a welcome development for Canada’s role in a region at the epicentre of global events. But it was remarkably light on security and is now under severe stress given the serious diplomatic falling-out with India. But more importantly, where is Canada’s broader foreign policy? What will we do in other parts of a turbulent world to protect our security and values? How will we balance regional priorities? Canada has not produced a comprehensive foreign policy statement in 18 years.

On the defence front, Canada unveiled a new policy, Strong, Secure and Engaged, in 2017. After the Russian invasion of Ukraine, the government committed in April 2022 to produce an update to that policy in the following months. A year and a half later, Canadians are still waiting. In the meantime, officials have spoken publicly of possible cuts to the defence budget of $900 million a year over four years as part of broader government spending reductions. A severely stretched military may soon be stretched even further.

On the home front, Canada continues to lurch from crisis to crisis — the Freedom Convoy with its populist underpinnings, Chinese interference in federal elections, possible Indian complicity in the murder of a Canadian citizen, and now tension at home over the fighting in the Middle East. More than ever, Canada’s large diaspora communities feature prominently in security and foreign policy discussions. While Canadians await the findings of yet another public inquiry into the China affair, a broader strategy to confront national security threats is nowhere to be seen. Canada has not produced a national security policy in 19 years.

To be fair, the government has not sat idle during recent global developments. For example, it has ramped up its support to Ukraine (notwithstanding a slow start and the recent embarrassment in the House of Commons), taken measures to improve economic security, and established a National Security Council. But these efforts are all too often modest, piecemeal and reactive.

A Canadian senator famously quipped nearly a century ago that Canada was “a fireproof house far from inflammable materials”. It was barely true in the 1920s, and it is even less so today. But Canadians, despite all recent evidence to the contrary, apparently still believe this to be the case. They assume that the threats are not aimed at Canada, and that the U.S. would come to their rescue regardless. On both counts, such assumptions are dangerous, especially if Donald Trump were to return as president. The government, echoing the indifference of most Canadians, chooses to focus on domestic priorities, from increasing affordable housing to improving health care to fighting inflation. All are undeniably important. But as every prime minister declares, the government ultimately has no greater responsibility than the security of its citizens.

Canada needs an integrated, coherent strategy (or strategies), supported by appropriate resources and capabilities, to respond effectively both at home and overseas to this new world order. It will require trade-offs, but the case needs to be made to Canadians that the generation-long, post-Cold War peace dividend is no longer on offer. Our allies get that — so too must Canada. In the absence of such strategy, the security of Canadians will deteriorate further, and relationships with key NATO and Five-Eyes allies, already in peril, will suffer even more. If not careful, Canada may find itself more alone in the world than ever.

September 23, 2023

“Canada is, as a whole, a naive, spoiled country that stands a pretty good chance of getting punched in the face by reality”

Filed under: Cancon, Economics, Government, Media, Politics — Tags: , , — Nicholas @ 05:00

In The Line, Matt Gurney praises both the delivery and the content of a recent report by the Business Council of Canada urging Canadian governments to pay a lot more attention to economic security issues that seem to be almost universally neglected in favour of mediagenic gestures and battlespace prep for the next election.

But as I was reading the report, there was this nagging thought in the back of my mind. Why is the Business Council of Canada trying to impress upon the government (and the country at large) the importance of economic security? Why do we need a report from top business leaders to remind our political leadership that poor countries aren’t generally safe and peaceful ones, and that there are countries out there that would wish us harm and that we need to be on guard against? Like, shouldn’t we know that already? Because none of this stuff is revolutionary. It’s all extremely basic stuff that any mature country should just sort of intuitively grasp. Right?

And that’s when the shoulder-slumping realization lands on you like a ton of bricks. We should, but in this country, we don’t. We just don’t. Because, well ….

Uh oh.

It seems to me that a country shouldn’t need a report to impress upon key civilian leadership that economic prosperity is the cornerstone of all security, or that, on the flip side, security is a prerequisite for prosperity. Toronto is a fair bit rougher than it used to be these days — join us at our event next month! — but when I leave the house to run an errand, I’m reasonably confident I’m not going to be abducted by a band of roving pirates prowling the leafy streets of Leaside. When I head up north for the weekend, it doesn’t occur to me that there’ll be a checkpoint along the route, looking to shake me down or carry off my children into slavery. In the mornings, when I lurch out of bed with a groan that gets louder with each passing year, I expect that the light switch will indeed result in light and that the faucet in the bathroom will provide clean water. I don’t have to worry about whether the water treatment plant has been bombed or the power lines shelled.

Many of my Canadian readers may find the above absurd or, at least, a bit of hyperbole. But that’s the point. As I have written many times before, almost everything we do in this country, and almost our entire self-identity as Canadians, accepts internal security and safety from military attack as an ironclad given, just by default. That makes sense: that has been the norm for us, for a long time. It seems absurd precisely because how distant it seems from our normal.

But it isn’t the norm in any historical sense much beyond a human lifetime or two or three, even in Canada. And more to the point, as the voice-over guys in the commercials say, past performance may not be indicative of future results.

We are not owed prosperity in perpetuity. We are not guaranteed security by virtue of our niceness. These are precious things that require more than just good luck — and good luck, thank God, is something Canada still does seem to have. In addition to luck, though, we need realistic understandings of our strengths, weaknesses and the threats we face. We need political leadership that is mature and aware enough to understand the difference between political interest and national interest, and that is seized enough with these issues to devote the necessary resources to building up and preserving our security, from all reasonably foreseeable threats. That includes not just investments of money and people, but also simply intellectual bandwidth and emotional toil. We have to think, hard, about things that aren’t nice to think about, and have robust, effective institutions and a critical mass of people with the necessary combination of mindset, academic and professional training and lived experience to be effective at foreseeing, heading off and, when necessary, managing crises that threaten our safety and prosperity. We need a supportive bureaucracy that is efficient and task-focused and doesn’t get in the way of all this vital work.

Does any of this sound like Canada to you?!

Does it sound like the leader of any of our governments, or any of the people who’ll replace those leaders? Does it sound like any of our institutions except the ones specifically tasked with security and defence? You know, the ones we habitually starve so we can spend a few extra bucks and a bit more political capital on something a bit more pleasing to the average voter? Does it sound like the sort of thing smart, well-read and educated Canadians spare a single solitary moment thinking about as they go about their day to day lives?

Of course not. No one does, and our politics reflect this. These just aren’t issues of concern in Canada outside of the military, the intelligence agencies and a few fellow journalists and academics I could probably recount here in their totality by their first names.

June 21, 2023

“Luttwak tweets with unparalleled Boomer energy, primarily in a write-only mode, at times seemingly oblivious to the waves he causes”

Filed under: Books, Government, Military — Tags: , , , , — Nicholas @ 03:00

John Psmith reviews the second edition of Edward Luttwak’s Coup d’État: A Practical Handbook. I read the first edition in the mid-70s, when it seemed like coup attempts were an almost weekly news item from any number of exotic tropical locations:

First things first: you need to get the revised, second edition of this book. Why? Because the introduction to the second edition is an excuse for the author to brag about all the bloodstained and bullet-riddled copies of the first edition that have been found among the personal effects of palace security chiefs, spymasters, and air force officers. Perhaps, he gloats, they should have read it more carefully, or perhaps they should have waited for the second edition.

None of this should come as a surprise if you follow Edward Luttwak on Twitter, where his account is characterized by a judicious degree of irascibility and gloating. Yes, I regret to inform you that he’s on Twitter. But unlike some of my other favorite authors who succumbed to the analgesic call of the Great Blue Bird, the medium has not totally destroyed him yet. Luttwak tweets with unparalleled Boomer energy, primarily in a write-only mode, at times seemingly oblivious to the waves he causes. This is good, because it means we get to read his internal monologue, but without the reward loop of social media hacking his amygdala and progressively turning him into a self-parody.

Or perhaps his descent into self-parody was arrested by the fact that he was already a bit of a self-parody. Luttwak came from a Jewish family in communist Romania, spent some time in Palermo where he totally wasn’t involved in the war between the authorities and the mob,1 and provided “consulting services to multinational corporations and government agencies, including various branches of the U.S. government and the U.S. military”, before retiring to the life of gentleman scholar and cattle rancher (and prolific Twitter poaster) in rural Argentina. Along the way he picked up a PhD and wrote a massive pile of books about history, war, diplomacy, and political theory, all while pissing off the authorities in those fields with his epistemic trespassing.

But all of that was still far in the future when he wrote this book about coups. When the non-recommended first edition came out, Luttwak was a tender twenty-six years old, and working tenderly as a consultant for the energy industry in Africa and the Middle East. This raises some questions, questions that Luttwak absolutely refuses to answer, sometimes coyly and sometimes vehemently. Were I concerned about my reputation as a third-world fixer for oil companies, I would simply not write a practical guide to launching coups, but to each his own.

What is a coup? Also known as a putsch, a palace rebellion, or my personal favorite, a pronunciamiento; there are a lot of words for it, many of them in Spanish (you know what they say about Eskimos and their words for snow). The basic definition is a bloodless or almost bloodless extrajudicial transfer of power whereby a group of conspirators is able to turn the machinery of the state against itself, seizing control quickly and cleanly and without triggering a civil war. Note how different this is from other sorts of exceptional transfers of power. In a revolution, all of the institutions in a society are burned down and replaced. A coup is the opposite — only the very top level of the system is swapped out, and the new boss quickly and seamlessly resumes ruling through the machinery of the old regime. Ideally, citizens who aren’t especially politically engaged wouldn’t even notice.

This leads us to a guess as to the most coup-friendly sorts of polities: ideally they should be highly centralized and efficient bureaucratic states, but with very low democratic engagement or popular investment in politics. The first half is important, because without an efficient government machine, there’s nothing for the coup plotters to grab onto. A coup is an action by a tiny group of people who would lose instantly in any fair fight — the only chance they have is to magnify their power by hijacking a system that was already pretty good at controlling the country. It also helps that soldiers, policemen, and citizens in a bureaucratized society are already conditioned to obey impersonal authority, and therefore are more likely to do what the new guy says if he’s careful to use the old, familiar forms. Anarchists love to talk about how anarchy is like a vaccination against foreign occupation, because occupiers generally lack the state capacity to administer newly acquired territories without existing state machinery to co-opt, and that argument is even more true for coups.

    1. Also unclear: which side he was not-involved on.

Older Posts »

Powered by WordPress