Email & Equality

Since today is inauguration day, my thoughts are turning back to the last eight years and how we came to be inaugurating a Republican president, again, despite the fact that most Americans disagree with the GOP on most matters of substance.

It’s Not About Women

First off, let’s address the claim that Hillary lost because of American sexism.  Yes, Donald Trump is an unreconstructed 1950s male stereotype (i.e. a horrible human being), and many Americans — including many women, latinos, and a surprising number of blacks — chose to overlook this, but this ignores the fact that the GOP has been consistently lowering the bar for whom they will nominate for office, and it always causes outrage on the left, and it never matters.

Ike was a general. Nixon was an alcoholic witch-hunter. Reagan was a stool pigeon and an idiot. Quayle was an even bigger idiot. Palin made Quayle look professorial. Republicans don’t care if the president (or a senator, or a supreme court judge) has brains, or even sound character: they just want tax cuts and they’re pretty sure their guy is more likely to give them than the other person.

In fact, it’s quite surprising to me that the first black president turned out to be a Democrat, and the first female candidate was also a Democrat. It’s actually conservatives who tend to nominate minorities because it lets them ratchet up the crazy elsewhere. (Margaret Thatcher. Clarence Thomas. Heck, Neville Bonner.)

Incidentally, this is also the same reason that things like sexual peccadilloes and shady practices that would utterly destroy a Democrat seem to slide harmlessly off Republicans.

By the way, I should pause here and say that this has nothing to do with parties. When the Democrats were the party of White Supremacy and the Republicans were the party of Management it was the Democrats who were similarly immune to charges of corruption and sexual misconduct. When the Republicans subvert democracy today and argue that it’s something “everyone” does, they invariably point out actions of Dixiecrats — the folks who left the Democratic party after Roosevelt put desegregation into the Democratic Party platform and joined the Republicans.

A Thought Experiment

A very popular experimental template in the social sciences is to take some common process, like applying for a job or testifying in court, and compare how well candidates do if you signal that a participant is male or female, black or white, has a prison record or not, and so forth, find out there’s a different outcome (which I imagine there almost always is given a nearly inexhaustible number of disadvantaged categories of people), publish the results, and inch closer to tenure.

E.g. I heard on Radio Lab, and I have no reason not to believe, that if you apply for a job using a stereotypically black male name (such as “Jamal”) you are much less likely to be called back than if you use a stereotypically white male name (such as “Steve”), even if the white CV adds a criminal record. The white name is equivalent to eight years of experience. (This implies to me that whatever criminal record they invented was pretty minor.)

The same kind of study has shown women to be less credited as expert witnesses, less likely to be promoted, and so forth and so on. There’s no doubt a lot of sexism in our society, but I’m pretty sure women aren’t as far behind men as blacks are behind whites (eight years experience or a prison record…), and Barack Hussein Obama is more than a stereotypically non-white name. His middle name is the same as a guy we went to war with twice, and his surname is one letter away from Public Enemy Number One when he ran for office.

Obama was an exceptional candidate — he didn’t just beat Hillary for the 2008 nomination, he beat Biden (whom most Democrats think would have been a better candidate than Hillary) and Kucinich (who was a better Sanders than Sanders). And then he beat John McCain and Mitt Romney, the best candidates the Republicans have had in my lifetime.

Now, let’s look at Hillary. Imagine for a moment that Hillary Clinton were in fact some random male Democrat you’d vaguely heard of with her exact track record (post First Lady, since it’s hard to imagine a man with Hillary’s baggage from being married to Bill). So, forget Whitewater and Lewinski and just think — New York senator with a typically exceptional Ivy League education and legal background but no great accomplishments or distinction who then served as Secretary of State from 2009-2012. Would you elect him?

What if I remind you that Chelsea Manning released 10M State Department cables in 2010 and that despite this our candidate continued to use outdated and insecure email practices in direct contravention of State Department rules of which, apparently, he remained willfully ignorant throughout. What if I remind you that the 2012 Benghazi attack happened on his watch despite repeated requests for upgraded security. And yes, lots of requests are made, but this was in Libya during the aftermath of a war. As yes, it was a subordinate who turned down the requests, but who hired that subordinate?

Oh, and by the way, what Good Things happened in 2009-2012 that our candidate can point to?

I’m not saying Clinton did anything criminal. I’m saying that in any reasonable political system she would have been held accountable for Benghazi, forced to resign, and her career would have ended. Similarly, the email business reflects three spectacular failures of judgement (first: to ignoring security policies, second: to continue ignoring the security policies after an epic security breach, third: to fail to improve said security policies meaningfully after said epic security breach). Again, had she still been Secretary of State when the email business came out, she should have been fired for it, and that alone would probably have ended her political career.

By the way, I choose give her a free pass on the Iraq war vote, because I think she did it as a political calculation, and it was a reasonable choice at the time. (I’m actually far more critical of the far broader, unthinking support for the invasion of Afghanistan.) But for some of my friends her vote on Iraq, alone, is unforgivable.

Trump’s done a lot of shady and unpleasant things to people over the years — spending other people’s money and saddling them with his debts, stiffing contractors, ogling pageant contestants (for sure), molesting women (most likely), but there’s no positive evidence of Trump’s ignorance or incompetence in his chosen profession. He may well be an ignoramus (and bigot) in the same mold as Henry Ford (who nevertheless was a great businessman and provided many jobs to blacks). Hillary is a professional politician and civil servant who can’t use a smartphone or a computer and has made spectacularly poor judgement calls in her chosen profession. (Kelly Anne Conway points out, in reference to Russian interference in the campaign, that the Russians didn’t make Clinton spend money in Georgia instead of Michigan or Wisconsin.)

Trump is (rightly) decried as intellectually incurious. But how is it OK for Hillary to not learn to use a smartphone, or email, or a computer when both are, or should be, a constant part of her chosen profession? Trump is (rightly) decried for having publicly sort-of supported the invasion of Iraq, but being right about that war wasn’t his job.

Trump’s an asshole and a bigot, but he seems to be good at what he does. Elizabeth Warren is a smart person but she tried to go head-to-head with him on Twitter and failed abysmally. I’m not optimistic about his presidency, but sexism is only responsible for putting Trump in the Whitehouse insofar as it was perversely responsible for Hillary being nominated.

How Do We Stop Doing This?

It’s easy to point out the failings of Hillary’s campaign in retrospect. She nearly won despite all of it. The lack of a clear or coherent message. Poor strategy. The weak VP choice. Lousy slogan (“I’m with her”). This should have been easy: the country is in good shape, it’s in far better shape than it was 4 or 8 years ago. Its signal policy is at least an equivocal success. The outgoing president is popular. What. The. Fuck?

The fact that 2012 was even close (despite Romney being a solid candidate) points to a hard truth: the Democrats fucked up Obamacare. They created a barely functional healthcare plan because they figured it would get bipartisan support even when they didn’t need bipartisan support, and ended up with something that barely worked, couldn’t be explained, couldn’t be sold, and then rolled it out slowly and incompetently. And this led to their being annihilated in the mid-terms, which meant little of consequence could be done for the remaining six years.

Remember how exceptional Obama is? He’s been a pretty good, successful president despite Obamacare, not because of it.

The solution is to think of laws as products that have to be sold. Clearly, legislators understand this superficially, it’s why a law enabling a police state is named the “PATRIOT Act”. It’s why a healthcare law that costs poor people premiums they can’t afford for lousy coverage is called the “Affordable Care Act”. But good products are more than simply clever names (and legislators aren’t even that good at names…). Here’s a hint: if you design a product where the main reason for many people to buy it is that they will be fined if they do not, then you have failed. Design a new product.

A Modest Proposal

I think if we’re going to have guns they shouldn’t be concealed. They should have day-glo grips, stocks, and cases — mandatorily lurid pink I suggest, have built-in GPS sensors, and make wah-wah noises when they’re moved around; the battery that runs the GPS and buzzer also allows the gun to be fired; and every gun should have sample fired bullets and casings registered in a national database (paid for by the bullet tax, see below). After all, if they’re supposed to deter crime shouldn’t criminals know they’re there? I certainly want to know who has guns and avoid them.

Now of course people will argue “if it’s illegal to conceal weapons then only criminals will have concealed weapons”. That’s true, but they need to be careful, especially if the penalties are harsh. E.g. if someone doesn’t like you they can just tell the police you habitually carry a gun. Similarly, it would be illegal to sell guns without these things and when you tear out the mechanism your last known location would be in the cloud.

The GPS sensors and buzzers will run out of batteries and also could be gouged out but not keeping your batteries charged would also be a crime and when your gun stopped responding the authorities would know when and where.

We could require gun ranges to run every bullet fired on the range, and every casing to be matched against the database (expensive, but the bullet tax will pay for it). If a bullet doesn’t have a registered match (e.g. the gun’s owner is not the right person or the gun’s rifling has been tampered with) then we either arrest the owner or register the new bullet.

The buzzers and day-glo would kind of mess up hunting, but the right to go hunting is not enshrined by the constitution — the second amendment is solely there for purposes of preserving us from tyranny, and at such time as we desire to overthrow the government we can always pull the crap out, right? After all, armed insurrection is also illegal. Perhaps to honor the second amendment we can require the mechanisms to be removable in some straightforward way — on the strict understanding that it’s a felony.

All this might sound horribly draconian. It’s supposed to be. The argument is that the 2nd amendment protects our right to overthrow tyrants. I would argue the 4th amendment is far more important (and we can set up the GPS system so it merely tracks your gun anonymously until it’s involved in a shooting).

When a gun owner moves into your neighborhood they should be required to post a public notification in the “known sex offenders and gun owners” registry.

Chris Rock suggests that we simply put a huge tax on bullets. (“That guy must deserve it, they put $50,000 worth of lead in him.”) I would point out that the right to bullets is actually not enshrined in the constitution, but certainly we can put a hefty federal tax on them or require a prescription. After all, they’re kind of a potentially lethal drug (“lead poisoning”) and should be properly controlled. Better make sure you have all your tax stamps and prescriptions ready when you get your hunting license.

The bullet tax can also pay for free kevlar body armor for all citizens who want it, and perhaps provide guns and bullets (which are after all rather expensive as a result of all this) to the poor.

The Second Amendment

protesters with guns and confederate flags
Protestors with guns and confederate flags. (Photo from dailymail.co.uk.)

A well regulated militia being necessary to the security of a free state, the right of the people to keep and bear arms shall not be infringed.

As a result of the sideshow over the Confederate flag that has replaced any substantive debate about racism and gun violence in the US (something had to, right?) I ended up having a bit of an argument with a pro-gun commenter on an Economist article suggesting that it may not [just] be guns that are the problem in the US.

This isn’t a particularly novel argument. People generally assume Bowling for Columbine is a standard left-wing anti-gun polemic, but at the end Michael Moore — a card-carrying member of the NRA — ends up discussing Canada, which is nearly as well-armed as the US and yet has a far lower homicide rate, and concludes that there’s something paranoid at the heart of American culture that may be the real problem. Well, this blog post isn’t about the flaws in American culture — it’s about the right to bear arms.

Anyhow, my anonymous adversary argued that the point of the second amendment is that it has kept the US safe from the kind of ethnic cleansing and other large scale atrocities that afflicted Europe and Asia during the 20th century. In other words, for the enormous benefit of not having large scale ethnic cleansing occasionally we pay the price of having a high murder and suicide rate. “A well regulated militia” is meant to be understood as “The regulation of the militia by civilians”.

OK, I get it. My adversary is right. The NRA is right. The right-wing militias are right. The purpose of the second amendment is to allow us to regulate the militia — i.e. to overthrow the government so as to maintain our “free state”. Their interpretation is correct.

My adversary is wrong, I think, on his history.

The US has had plenty of opportunities for unjust government or corporate actions to be prevented by the armed populace — consider Douglas Macarthur’s use of cavalry and tanks against the Bonus Marchers — unemployed veterans no less! Or the Battle of Blair Mountain (John Sayles’s movie Matewan depicts the prelude to it). Oh yeah, and slavery. Where is there an example of real government excess being prevented by the right to bear arms? There are plenty of examples of government excess being resisted by the right to bear arms, the largest and most depressing examples being the resistance of some American Indians to the government, others (such as Ruby Ridge and Waco) simply being unsuccessful.

Perhaps the best example in favor of this argument — i.e. the one case where people bearing arms were able to inflict a defeat on the over-reaching Federal government — is Little Big Horn (and that victory was Pyrrhic).

And if you believe that the Confederacy was right, then that’s the largest example of the populace (including a large proportion of the military) being unable to prevent government overreach, no?

On the other hand, Mahatma Gandhi defeated a superpower without using weapons. And when the injustices that were not prevented by the right to bear arms were mitigated (Congress paid the Bonus Army, Roosevelt allowed the miners to unionize), it wasn’t the right to bear arms that made it happen.

It seems quite clear that given the intent of the amendment, we should have the right to nuclear submarines, tanks, nerve gas, atomic warheads, and so forth. After all, how can we credibly regulate the militia with semi-automatic rifles, shotguns, and handguns? The disparity in power between the government’s forces — military and paramilitary — and ordinary citizens has never been greater and shows no sign of narrowing. Even when the gap was considerably smaller, the second amendment proved of little use in preventing horrible injustices (or defending slavery). The only real conclusion is that we need to abolish the second amendment — it fails to provide the promised benefits; it costs us too much and gives us nothing.

A Little Privacy

Securing data from prying eyes is pretty much a solved problem. PGP is just as good as ever. So all you need to do to receive communications securely from another person is to create a PGP Private/Public key pair, broadcast your public key (hint — it’s shorter) to anyone who might want to contact you, and then decrypt incoming messages using your private key on the way in.

This only addresses security. Authentication is a separate issue, possibly just as important, and if anything harder to address (because it involves trusting third parties), and I won’t deal with this. Privacy is plenty to deal with right now.

So we’ve heard that secure communications providers are shutting down or destroying their servers rather than surrender to demands from the US government (NSA, FBI, CIA? We don’t know which branch or branches because they’re not allowed to say — lovely, huh?). What demands might these service providers be concerned about?

  • Surrender private keys (why would they even have these)
  • Install malware on their servers or on users’ machines (why would a secure email provider install any software on its users’ machines?)
  • Help surveil users (e.g. notify government agency when a specific user addresses his/her mail)
  • Monitor metadata (e.g. while the body of an email might be encrypted, the header information has to be plaintext).

Can you think of other things?

There’s a recent thriller (you probably haven’t heard of it — it tanked at the box office) starring John Cusack called Numbers Station. The idea is that the CIA maintains a network of shortwave broadcast stations that send out encrypted messages to sleeper agents. To do this they need a specially trained cryptographer and a network of highly fortified shortwave transmitters. Or something. It’s a stupid, stupid premise. (But not as bad as 2012.)

Let’s suppose we want to communicate with field agents securely. Well, before leaving HQ our field agent creates a private/public key pair and leaves the public key behind. He/she secretes the private key on his/her person (committing it to memory is probably impossible, so it might be in a tiny subcutaneous LED projector!) and then goes on his/her merry way, having told his/her handlers to post messages on usenet using his/her public key. There’s no other step required.

Now, how do we handle authentication? Hey, I said this wasn’t about authentication! In any event, same way we handle it using any other less secure communication channel. Perhaps authentic messages are agreed to end with “Signed Bob” or “The peanut walks by night”. Doesn’t matter — we’re talking about security not authentication.

How does Double Secret Agent VII find the publicly posted messages on usenet? Any number of ways. Perhaps they’re in messages entitled “but I like wesley” on alt.wesley.crusher.die.die.die. Perhaps they’re embedded in the comment tags of PNG images posted on alt.sex.donkeys. It doesn’t matter.

Heck, you could just use mailinator. Want to email Double Secret Agent VII? Send an email to [email protected] and use the correct key. Done.

The beauty of the usenet example is that thousands of people will be downloading the message accidentally as a matter of course, and the message will be automatically distributed to thousands of servers whether anyone reads it or not. I really don’t know how PRISM, et al, would help against a determined, competent opponent communicating this way. This is probably why PGP had the US Government so riled up back in the 90s.

So, what about losing track of Agent VII? Simple. You’re Control (or whatever). If a communications channel is compromised (e.g. Kaos figures out you’re posting messages as EXIF data in pornographic images and deletes them or posts confusing spam) then Agent VII can use the Control’s public key to phone home. It’s not complicated.

So, here’s my modest suggestion for creating a secure replacement for email that everyone can use, and which can be gradually migrated to.

  1. set up a standard mail server.
  2. configure it to bounce any email that appears not to be encrypted using PGP with a message saying “if you want to contact [email protected] then use [email protected]’s public key to encrypt the message and provide your own public key so a secure response can be sent” and provide a link to a web page for securely sending such emails if the person doesn’t want to.
  3. outgoing emails are decorated with a public key for securely replying to the sender.
  4. account holders can have any number of handles (“email addresses”) associated with a given public key. They can access their email simply by asking for it. (Either there’s no passwords or everyone has the same password.)
  5. the server holds public keys so it can send the messages in item 2 (and provide a convenient system for sending the messages).
  6. Provide a simple to use web-based client for the service (which does all its encryption / decryption client-side) and provide links to a number of alternative open source clients. Make all the clients as transparent as possible.
  7. Provide a web-based client that deals only in encrypted data. (I.e. requires the user to manually extract and decrypt incoming messages, and encrypt outgoing messages.)
  8. Pay for all of this by charging a small amount (say $0.01) for each message sent to a user. (This is Bill Gates’s proposed solution to spam from way back, and if we’re going to migrate off email, we might as well cash in that idea.) Any profits could be donated to MSF, or the campaign to drown Jenny McCarthy in cat vomit.

Now, practically speaking, we could use passwords simply to prevent nuisance denial of service attacks, but we’d have absolutely no problem giving those passwords to anyone who showed up to our office in a sufficiently impressive suit, or driving a big enough SUV.

So, this gives us a pretty secure email system that is fairly interoperable with existing email systems (modulo requiring users “outside” the system to opt into using it, at least to contact its users) and which doesn’t hold any private information or keys at all. Heck, it can simply expose all of its data to Google. (Indeed, it could keep its code repositories exposed so that suspicious users could review changes to its codebase.) Now, it can’t be used with idiotic services that send you your login details, but you can either use another email service (e.g. gmail or mailinator) for those or implement a cryptographic bridge (e.g. if you subscribe using an email address prefixed with “insecure-” then it might do the encryption serverside for you.

Note that as described, the system doesn’t conceal metadata. So if [email protected] sends [email protected] orders to assassinate that pesky reporter, the fact that such a communication occurred (if not its content) is stored on the server. Of course, you could use the web client to anonymously send and/or receive the message, and use Tor to avoid leaving too much of a trace of having done that, but it’s kind of inconvenient, so normal people won’t do it very often. A normal person wants an email client that Just Works (this can provide that) and to exchange email with other people (this can get you there).

The proposed system provides end-to-end encryption of message content without the server needing to store any private keys and would allow all key components of the system to run in the browser (and thus have openly inspectable runtime code that could be monitored for changes). But it won’t stop the NSA from hitting you with a $5 wrench until you tell them where you keep your private key.