Entries Tagged "terrorism"

Page 10 of 80

Pre-9/11 NSA Thinking

This quote is from the Spring 1997 issue of CRYPTOLOG, the internal NSA newsletter. The writer is William J. Black, Jr., the Director’s Special Assistant for Information Warfare.

Specifically, the focus is on the potential abuse of the Government’s applications of this new information technology that will result in an invasion of personal privacy. For us, this is difficult to understand. We are “the government,” and we have no interest in invading the personal privacy of U.S. citizens.

This is from a Seymour Hersh New Yorker interview with NSA Director General Michael Hayden in 1999:

When I asked Hayden about the agency’s capability for unwarranted spying on private citizens—in the unlikely event, of course, that the agency could somehow get the funding, the computer scientists, and the knowledge to begin making sense out of the Internet—his response was heated. “I’m a kid from Pittsburgh with two sons and a daughter who are closet libertarians,” he said. “I am not interested in doing anything that threatens the American people, and threatens the future of this agency. I can’t emphasize enough to you how careful we are. We have to be so careful—to make sure that America is never distrustful of the power and security we can provide.”

It’s easy to assume that both Black and Hayden were lying, but I believe them. I believe that, 15 years ago, the NSA was entirely focused on intercepting communications outside the US.

What changed? What caused the NSA to abandon its non-US charter and start spying on Americans? From what I’ve read, and from a bunch of informal conversations with NSA employees, it was the 9/11 terrorist attacks. That’s when everything changed, the gloves came off, and all the rules were thrown out the window. That the NSA’s interests coincided with the business model of the Internet is just a—lucky, in their view—coincidence.

Posted on June 27, 2013 at 11:49 AMView Comments

The Japanese Response to Terrorism

Lessons from Japan’s response to Aum Shinrikyo:

Yet what’s as remarkable as Aum’s potential for mayhem is how little of it, on balance, they actually caused. Don’t misunderstand me: Aum’s crimes were horrific, not merely the terrible subway gassing but their long history of murder, intimidation, extortion, fraud, and exploitation. What they did was unforgivable, and the human cost, devastating. But at no point did Aum Shinrikyo represent an existential threat to Japan or its people. The death toll of Aum was several dozen; again, a terrible human cost, but not an existential threat. At no time was the territorial integrity of Japan threatened. At no time was the operational integrity of the Japanese government threatened. At no time was the day-to-day operation of the Japanese economy meaningfully threatened. The threat to the average Japanese citizen was effectively nil.

Just as important was what the Japanese government and people did not do. They didn’t panic. They didn’t make sweeping changes to their way of life. They didn’t implement a vast system of domestic surveillance. They didn’t suspend basic civil rights. They didn’t begin to capture, torture, and kill without due process. They didn’t, in other words, allow themselves to be terrorized. Instead, they addressed the threat. They investigated and arrested the cult’s leadership. They tried them in civilian courts and earned convictions through due process. They buried their dead. They mourned. And they moved on. In every sense, it was a rational, adult, mature response to a terrible terrorist act, one that remained largely in keeping with liberal democratic ideals.

Posted on June 21, 2013 at 6:25 AMView Comments

Ricin as a Terrorist Tool

This paper (full paper behind paywall)—from Environment International (2009)—does a good job of separating fact from fiction:

Abstract: In recent years there has been an increased concern regarding the potential use of chemical and biological weapons for mass urban terror. In particular, there are concerns that ricin could be employed as such an agent. This has been reinforced by recent high profile cases involving ricin, and its use during the cold war to assassinate a high profile communist dissident. Nevertheless, despite these events, does it deserve such a reputation? Ricin is clearly toxic, though its level of risk depends on the route of entry. By ingestion, the pathology of ricin is largely restricted to the gastrointestinal tract where it may cause mucosal injuries; with appropriate treatment, most patients will make a full recovery. As an agent of terror, it could be used to contaminate an urban water supply, with the intent of causing lethality in a large urban population. However, a substantial mass of pure ricin powder would be required. Such an exercise would be impossible to achieve covertly and would not guarantee success due to variables such as reticulation management, chlorination, mixing, bacterial degradation and ultra-violet light. By injection, ricin is lethal; however, while parenteral delivery is an ideal route for assassination, it is not realistic for an urban population. Dermal absorption of ricin has not been demonstrated. Ricin is also lethal by inhalation. Low doses can lead to progressive and diffuse pulmonary oedema with associated inflammation and necrosis of the alveolar pneumocytes. However, the risk of toxicity is dependent on the aerodynamic equivalent diameter (AED) of the ricin particles. The AED, which is an indicator of the aerodynamic behaviour of a particle, must be of sufficiently low micron size as to target the human alveoli and thereby cause major toxic effects. To target a large population would also necessitate a quantity of powder in excess of several metric tons. The technical and logistical skills required to formulate such a mass of powder to the required size is beyond the ability of terrorists who typically operate out of a kitchen in a small urban dwelling or in a small ill-equipped laboratory. Ricin as a toxin is deadly but as an agent of bioterror it is unsuitable and therefore does not deserve the press attention and subsequent public alarm that has been created.

This paper lists all known intoxication attempts, including the famous Markov assassination.

Posted on June 14, 2013 at 7:15 AMView Comments

The Cost of Terrorism in Pakistan

This study claims “terrorism has cost Pakistan around 33.02% of its real national income” between the years 1973 and 2008, or about 1% per year.

The St. Louis Fed puts the real gross national income of the U.S. at about $13 trillion total, hand-waving an average over the past few years. The best estimate I’ve seen for the increased cost of homeland security in the U.S. in the ten years since 9/11 is $100 billion per year. So that puts the cost of terrorism in the US at about 0.8%—surprisingly close to the Pakistani number.

The interesting thing is that the expenditures are completely different. In Pakistan, the cost is primarily “a fall in domestic investment and lost workers’ remittances from abroad.” In the US, it’s security measures, including the invasion of Iraq.

I remember reading somewhere that about a third of all food spoils. In poor countries, that spoilage primarily happens during production and transport. In rich countries, that spoilage primarily happens after the consumer buys the food. Same rate of loss, completely different causes. This reminds me of that.

Posted on June 6, 2013 at 5:58 AMView Comments

Are We Finally Thinking Sensibly About Terrorism?

This article wonders if we are:

Yet for pretty much the first time there has been a considerable amount of media commentary seeking to put terrorism in context—commentary that concludes, as a Doyle McManus article in the Los Angeles Times put it a day after the attack, “We’re safer than we think.”

Similar tunes were sung by Tom Friedman of the New York Times, Jeff Jacoby of the Boston Globe, David Rothkopf writing for CNN.com, Josh Barro at Bloomberg, John Cassidy at the New Yorker, and Steve Chapman in the Chicago Tribune, even as the Washington Post told us “why terrorism is not scary” and published statistics on its rarity. Bruce Schneier, who has been making these arguments for over a decade, got 360,000 hits doing so for The Atlantic. Even neoconservative Max Boot, a strong advocate of the war in Iraq as a response to 9/11, argues in the Wall Street Journal, “we must do our best to make sure that the terrorists don’t achieve their objective­—to terrorize us.”

James Carafano of the conservative Heritage Foundation noted in a radio interview that “the odds of you being killed by a terrorist are less than you being hit by a meteorite.” Carafano’s odds may be a bit off, but his basic point isn’t. At present rates, an American’s chance of being killed by a terrorist is about one in 3.5 million per year­—compared, for example, to a yearly chance of dying in an automobile crash of one in 8,200. That could change, of course, if terrorists suddenly become vastly more capable of inflicting damage­—as much commentary on terrorism has predicted over the past decade. But we’re not hearing much of that anymore.

In a 60 Minutes interview a decade ago filmmaker Michael Moore noted, “The chances of any of us dying in a terrorist incident is very, very, very small.” Bob Simon, his interlocutor, responded, “No one sees the world like that.”

Both statements were pretty much true then. However, the unprecedented set of articles projecting a more restrained, and broader, perspective suggests that Simon’s wisdom may need some updating, and that Moore is beginning to have some company.

There’s also this; and this, by Andrew Sullivan; and this, by John Cole. And these two polls.

And, of course, President Obama himself declared that “Americans refuse to be terrorized.”

Posted on May 29, 2013 at 11:22 AMView Comments

The Politics of Security in a Democracy

Terrorism causes fear, and we overreact to that fear. Our brains aren’t very good at probability and risk analysis. We tend to exaggerate spectacular, strange and rare events, and downplay ordinary, familiar and common ones. We think rare risks are more common than they are, and we fear them more than probability indicates we should.

Our leaders are just as prone to this overreaction as we are. But aside from basic psychology, there are other reasons that it’s smart politics to exaggerate terrorist threats, and security threats in general.

The first is that we respond to a strong leader. Bill Clinton famously said: “When people feel uncertain, they’d rather have somebody that’s strong and wrong than somebody who’s weak and right.” He’s right.

The second is that doing something—anything—is good politics. A politician wants to be seen as taking charge, demanding answers, fixing things. It just doesn’t look as good to sit back and claim that there’s nothing to do. The logic is along the lines of: “Something must be done. This is something. Therefore, we must do it.”

The third is that the “fear preacher” wins, regardless of the outcome. Imagine two politicians today. One of them preaches fear and draconian security measures. The other is someone like me, who tells people that terrorism is a negligible risk, that risk is part of life, and that while some security is necessary, we should mostly just refuse to be terrorized and get on with our lives.

Fast-forward 10 years. If I’m right and there have been no more terrorist attacks, the fear preacher takes credit for keeping us safe. But if a terrorist attack has occurred, my government career is over. Even if the incidence of terrorism is as ridiculously low as it is today, there’s no benefit for a politician to take my side of that gamble.

The fourth and final reason is money. Every new security technology, from surveillance cameras to high-tech fusion centers to airport full-body scanners, has a for-profit corporation lobbying for its purchase and use. Given the three other reasons above, it’s easy—and probably profitable—for a politician to make them happy and say yes.

For any given politician, the implications of these four reasons are straightforward. Overestimating the threat is better than underestimating it. Doing something about the threat is better than doing nothing. Doing something that is explicitly reactive is better than being proactive. (If you’re proactive and you’re wrong, you’ve wasted money. If you’re proactive and you’re right but no longer in power, whoever is in power is going to get the credit for what you did.) Visible is better than invisible. Creating something new is better than fixing something old.

Those last two maxims are why it’s better for a politician to fund a terrorist fusion center than to pay for more Arabic translators for the National Security Agency. No one’s going to see the additional appropriation in the NSA’s secret budget. On the other hand, a high-tech computerized fusion center is going to make front page news, even if it doesn’t actually do anything useful.

This leads to another phenomenon about security and government. Once a security system is in place, it can be very hard to dislodge it. Imagine a politician who objects to some aspect of airport security: the liquid ban, the shoe removal, something. If he pushes to relax security, he gets the blame if something bad happens as a result. No one wants to roll back a police power and have the lack of that power cause a well-publicized death, even if it’s a one-in-a-billion fluke.

We’re seeing this force at work in the bloated terrorist no-fly and watch lists; agents have lots of incentive to put someone on the list, but absolutely no incentive to take anyone off. We’re also seeing this in the Transportation Security Administration’s attempt to reverse the ban on small blades on airplanes. Twice it tried to make the change, and twice fearful politicians prevented it from going through with it.

Lots of unneeded and ineffective security measures are perpetrated by a government bureaucracy that is primarily concerned about the security of its members’ careers. They know the voters are more likely to punish them more if they fail to secure against a repetition of the last attack, and less if they fail to anticipate the next one.

What can we do? Well, the first step toward solving a problem is recognizing that you have one. These are not iron-clad rules; they’re tendencies. If we can keep these tendencies and their causes in mind, we’re more likely to end up with sensible security measures that are commensurate with the threat, instead of a lot of security theater and draconian police powers that are not.

Our leaders’ job is to resist these tendencies. Our job is to support politicians who do resist.

This essay originally appeared on CNN.com.

EDITED TO ADD (6/4): This essay has been translated into Swedish.

EDITED TO ADD (6/14): A similar essay, on the politics of terrorism defense.

Posted on May 28, 2013 at 5:09 AMView Comments

The Economist on Guantanamo

Maybe the tide is turning:

America is in a hole. The last response of the blowhards and cowards who have put it there is always: “So what would you do: set them free?” Our answer remains, yes. There is clearly a risk that some of them would then commit some act of violence—in Yemen, elsewhere in the Middle East or even in America itself. That risk can be lessened by surveillance. But even if another outrage were to happen, the evil of “Gitmo” has recruited far more people to terrorism than a mere 166. Mr Obama should think about America’s founding principles, take out his pen and end this stain on its history.

I agree 100%.

This isn’t the first time people have pointed out that our politics are creating more terrorists than they’re killing—especially our drone strikes—but I don’t expect this sort of security trade-off analysis from the Economist.

Posted on May 9, 2013 at 5:16 AMView Comments

Intelligence Analysis and the Connect-the-Dots Metaphor

The FBI and the CIA are being criticized for not keeping better track of Tamerlan Tsarnaev in the months before the Boston Marathon bombings. How could they have ignored such a dangerous person? How do we reform the intelligence community to ensure this kind of failure doesn’t happen again?

It’s an old song by now, one we heard after the 9/11 attacks in 2001 and after the Underwear Bomber’s failed attack in 2009. The problem is that connecting the dots is a bad metaphor, and focusing on it makes us more likely to implement useless reforms.

Connecting the dots in a coloring book is easy and fun. They’re right there on the page, and they’re all numbered. All you have to do is move your pencil from one dot to the next, and when you’re done, you’ve drawn a sailboat. Or a tiger. It’s so simple that 5-year-olds can do it.

But in real life, the dots can only be numbered after the fact. With the benefit of hindsight, it’s easy to draw lines from a Russian request for information to a foreign visit to some other piece of information that might have been collected.

In hindsight, we know who the bad guys are. Before the fact, there are an enormous number of potential bad guys.

How many? We don’t know. But we know that the no-fly list had 21,000 people on it last year. The Terrorist Identities Datamart Environment, also known as the watch list, has 700,000 names on it.

We have no idea how many potential “dots” the FBI, CIA, NSA and other agencies collect, but it’s easily in the millions. It’s easy to work backwards through the data and see all the obvious warning signs. But before a terrorist attack, when there are millions of dots—some important but the vast majority unimportant—uncovering plots is a lot harder.

Rather than thinking of intelligence as a simple connect-the-dots picture, think of it as a million unnumbered pictures superimposed on top of each other. Or a random-dot stereogram. Is it a sailboat, a puppy, two guys with pressure-cooker bombs, or just an unintelligible mess of dots? You try to figure it out.

It’s not a matter of not enough data, either.

Piling more data onto the mix makes it harder, not easier. The best way to think of it is a needle-in-a-haystack problem; the last thing you want to do is increase the amount of hay you have to search through. The television show Person of Interest is fiction, not fact.

There’s a name for this sort of logical fallacy: hindsight bias. First explained by psychologists Daniel Kahneman and Amos Tversky, it’s surprisingly common. Since what actually happened is so obvious once it happens, we overestimate how obvious it was before it happened.

We actually misremember what we once thought, believing that we knew all along that what happened would happen. It’s a surprisingly strong tendency, one that has been observed in countless laboratory experiments and real-world examples of behavior. And it’s what all the post-Boston-Marathon bombing dot-connectors are doing.

Before we start blaming agencies for failing to stop the Boston bombers, and before we push “intelligence reforms” that will shred civil liberties without making us any safer, we need to stop seeing the past as a bunch of obvious dots that need connecting.

Kahneman, a Nobel prize winner, wisely noted: “Actions that seemed prudent in foresight can look irresponsibly negligent in hindsight.” Kahneman calls it “the illusion of understanding,” explaining that the past is only so understandable because we have cast it as simple inevitable stories and leave out the rest.

Nassim Taleb, an expert on risk engineering, calls this tendency the “narrative fallacy.” We humans are natural storytellers, and the world of stories is much more tidy, predictable and coherent than the real world.

Millions of people behave strangely enough to warrant the FBI’s notice, and almost all of them are harmless. It is simply not possible to find every plot beforehand, especially when the perpetrators act alone and on impulse.

We have to accept that there always will be a risk of terrorism, and that when the occasional plot succeeds, it’s not necessarily because our law enforcement systems have failed.

This essay previously appeared on CNN.

EDITED TO ADD (5/7): The hindsight bias was actually first discovered by Baruch Fischhoff: “Hindsight is not equal to foresight: The effect of outcome knowledge on judgment under uncertainty,” Journal of Experimental Psychology: Human Perception and Performance, 1(3), 1975, pp. 288-299.

Posted on May 7, 2013 at 6:10 AMView Comments

More Links on the Boston Terrorist Attacks

Max Abrahms has two sensible essays.

Probably the ultimate in security theater: Williams-Sonoma stops selling pressure cookers in the Boston area “out of respect.” They say it’s temporary. (I bought a Williams-Sonoma pressure cooker last Christmas; I wonder if I’m now on a list.)

A tragedy: Sunil Tripathi, whom Reddit and other sites wrongly identified as one of the bombers, was found dead in the Providence River. I hope it’s not a suicide.

And worst of all, New York Mayor Bloomberg scares me more than the terrorists ever could:

In the wake of the Boston Marathon bombings, Mayor Michael Bloomberg said Monday the country’s interpretation of the Constitution will “have to change” to allow for greater security to stave off future attacks.

“The people who are worried about privacy have a legitimate worry,” Mr. Bloomberg said during a press conference in Midtown. “But we live in a complex world where you’re going to have to have a level of security greater than you did back in the olden days, if you will. And our laws and our interpretation of the Constitution, I think, have to change.”

Terrorism’s effectiveness doesn’t come from the terrorist acts; it comes from our reactions to it. We need leaders who aren’t terrorized.

EDITED TO ADD (4/29): Only indirectly related, but the Kentucky Derby is banning “removable lens cameras” for security reasons.

EDITED TO ADD (4/29): And a totally unscientific CNN opinion poll: 57% say no to: “Is it justifiable to violate certain civil liberties in the name of national security?”

EDITED TO ADD (4/29): It seems that Sunil Tripathi died well before the Boston bombing. So while his family was certainly affected by the false accusations, he wasn’t.

EDITED TO ADD (4/29): On the difference between mass murder and terrorism:

What the United States means by terrorist violence is, in large part, “public violence some weirdo had the gall to carry out using a weapon other than a gun.”

EDITED TO ADD (5/14): On fear fatigue—and a good modeling of how to be indomitable. On the surprising dearth of terrorists. Why emergency medical response has improved since 9/11. What if the Boston bombers had been shooters instead. More on Williams-Sonoma: Shortly thereafter, they released a statement apologizing to anyone who might be offended. Don’t be terrorized. “The new terrorism”—from 2011 (in five parts, and this is the first one). This is kind of wordy, but it’s an interesting essay on the nature of fear…and cats. Glenn Greenwald on reactions to the bombing. How a 20-year-old Saudi victim of the bombing was instantly, and baselessly, converted by the US media and government into a “suspect.” Four effective responses to terrorism. People being terrorized. On not letting the bad guys win. Resilience. More resilience Why terrorism works. Data shows that terrorism has declined. Mass hysteria as a terrorist weapon.

Posted on April 29, 2013 at 10:27 AMView Comments

1 8 9 10 11 12 80

Sidebar photo of Bruce Schneier by Joe MacInnis.