Comments on: Solitaire mysteries

By: Matt

Matt — Wed, 22 Oct 2003 14:07:40 +0000

Another good book on security technologies (with lots of interesting case studies on how they fail – often because of failure to understand the human factors) is Ross Anderson’s Security Engineering. It covers a wide range of topics – banking security to nuclear command and control, and it’s pretty readable (non-techies may want to skip over some of the crypto discussions).

By: Dan Hardie

Dan Hardie — Wed, 22 Oct 2003 12:08:41 +0000

Sorry-last post was garbled. Shd read: ‘that Chris was upset because I reproved him for his use of rude words.’

By: Dan Hardie

Dan Hardie — Wed, 22 Oct 2003 12:06:42 +0000

Hate to sound like a train-spotter, but Freeman Dyson did OR for RAF Bomber Command (as I remember, from 1943 or 1944- well after the Blitz) – and yes, it’s true that very little use was made of their work. Bomber Command had a very different culture from Fighter Command. Fighter Command would quite literally not have survived the war had their top brass not been prepared to listen to their OR and other scientific people. Again, this is a pretty standard view in much of the literature. Good discussion in R.V.Jones, ‘Most Secret War’- which is an excellent book for anyone interested in the scientific aspects of intelligence. Like Nasi, I should probably read Schneier’s book before sounding off. But I’ll tentatively disagree with Nasi- given that terror groups create terror through successful attacks (‘propaganda of the deed’- who DID say that first? Sure it wasn’t Lenin) the best morale-boosting response would be the most operationally effective response, ie that most likely to frustrate attacks. Btw Nasi, Chris Bertram seems to feel that I have grievously insulted you in the ‘Krugman on Mahathir’ thread. My deep apologies if I have, but I feel rather that Chris reproved him for his use of rude words.

By: Henry

Henry — Wed, 22 Oct 2003 03:23:22 +0000

In yet another book (Secrets and Lies), Schneier talks in a slightly guilty way about how too many readers of Applied Cryptography believed that crypto was some sort of ‘magic security dust’ that you could sprinkle over software to make it secure. From your account, it sounds as though he was maybe being too hard on himself.

By: Tom Runnacles

Tom Runnacles — Tue, 21 Oct 2003 21:21:35 +0000

I know that there are some in the security world who think Schneier is a bit of a fraud, since he’s primarily a cryptographer and mathematician rather than a real, down-in-the-mud guy who has to keep large, sensitive systems safe for a living. Whatever. I can say that his Applied Cryptography is a marvellous book if you want to understand a bit about the means by which some mathematical ideas can be put into the service of security. As importantly, Schneier emphasises the profound limits that the real world imposes on the confidence that can be placed in the pure crytographic results. I can’t claim to have followed all of it, but I learned a lot from AC. Perhaps it’s not a big chunk of the CT readership, but I reckon anyone who builds software for a living should read it.

By: Jonathan Goldberg

Jonathan Goldberg — Tue, 21 Oct 2003 19:38:43 +0000

…and provided the placebo does not extract a price in civil liberty. Freeman Dyson, who was part of the statistical team, had nightmares after the war based on how little actual use was made of his group’s efforts, and how they were overruled for propaganda purposes.

By: Nasi Lemak

Nasi Lemak — Tue, 21 Oct 2003 15:42:56 +0000

… provided, of course, that the placebo does not impact too much on any effective policies that may be available.

By: Nasi Lemak

Nasi Lemak — Tue, 21 Oct 2003 15:29:56 +0000

Umm, yes. Well, I did say “stylized facts” and I am a kind of rational choice type, so no real commitment to actual factual accuracy here. But if it were in fact the case that Churchill had ordered an ineffective-but-morale-boosting policy, in the circumstances where morale was the more important issue, then I don’t think it would have been a poor security policy – and I think Schneier would, on the basis of what I’ve read before. I’m interested in whether the book, where it talks about “security theatre”, sees this as actually a good thing (which I think it probably is).

By: Dan Hardie

Dan Hardie — Tue, 21 Oct 2003 15:25:54 +0000

So a summary would be: if faced with a choice between two militarily ineffective responses, choose the one that might have some kind of placebo effect- but don’t forget to pump huge amounts of money and brainpower into developing an effective response.

By: Dan Hardie

Dan Hardie — Tue, 21 Oct 2003 15:10:40 +0000

Partly an urban myth, Nasi. It’s true that in the ‘Blitz’ (ie the period Sept. 1940- spring 1941, after the Battle of Britain) when it became apparent that the Anti Aircraft guns on the ground weren’t having any success in shooting down night raiders, the Army wanted to stop them firing, to save on the waste of shells and manpower, but Churchill over-ruled them on the grounds that the sound of the AA guns firing would reassure civilians that something was being done to protect them. But it simply isn’t the case that Churchill ordered an ineffective-but-morale-boosting policy (ground fire) in preference to an effective-but-non-morale-boosting policy (night fighters). RAF night fighters at this stage were pretty much as ineffective as AA guns. We know this because the joint Army anti-aircraft people and the RAF’s Fighter Command had some of the best statisticians in the country working for them- Fighter Command were the first people to use the phrase Operations Research, and much of the OR methodology was invented in a hurry in 1940. To be effective, night fighter networks needed a) a much more powerful ground radar system (the existing one was good enough to direct fighters by day to the vague area where German planes could be found, and more precise information was then available from the fighter pilots’ own visual observation and, most importantly, from a network of ground observers with binoculars and telephones; b)a reliable aircraft-mounted radar system which would allow fighter pilots to close the last mile or so on their targets in pitch dark. Neither of these technologies were available in late 1940, except as unreliable and ineffective prototypes. Neither was the technology which would make AA guns effective by night: again, a more effective ground radar system, backed up by radar proximity fuses in the guns’ shells. Recommended reading would be Len Deighton, ‘Fighter’ (yes, I know he wrote thrillers- but actually he is an exceptional military historian); Richard Overy, ‘The Air War’ (his book on the Battle of Britain, ‘The Battle’, is essentially a precis of Deighton); and Alexander McKee, ‘Strike from the Sky’, which has a good summary of the night fighter problem.

By: Nasi Lemak

Nasi Lemak — Tue, 21 Oct 2003 11:42:22 +0000

Hm. Blackwells have not yet delivered my copy, and I really ought to wait until I read it before replying to this post (ie July 2007 on best estimate) but: From what I’ve read of Schneier in Crypto-Gram, he seems to be pretty mechanistic in his thinking about security i.e. only things which effect a real reduction in the risk of some defined bad outcome are worthwhile. He uses words like “placebo” to describe policies which make people think they are more secure but which do not in fact have any such effect. (I guess this view comes out of the long tradition of hucksterism and fraud in the sale of computer security products, where sales are often about baffling the consumer into buying some thoroughly useless product.) But in the terrorism example, it seems quite plausible to me that the bad outcome is fear (itself…), something that can probably be managed quite effectively by policies that feel pretty intrusive (e.g. searching shoes at airports, no scissors on board aeroplanes) and therefore feel as if they ought to be effective – regardless of whether those policies actually are effective. I have a faint memory of knowing, when I was about 10, something that is probably an urban legend: during the Blitz, the initial, demonstrably effective, policy for protecting London was to have night fighters shooting down as many German bombers as possible. However, frightened civilians could not hear this going on and morale fell. The policy was changed to replace the night fighters with anti-aircraft fire (can’t have both for fairly obvious reasons). AA gunners boomed away all night every night, to no real effect, while the Germans dropped their bombs unhindered. Morale rose, because civilians could hear their own protection. In the, let’s say, stylized facts of this example, it seems to me that the placebo is actually better than the effective response.