Archive for November, 2009

Something else. This week saw the Tories deploy yet another inflatable thinktank – rightly mocked here, here, here, and essentially everywhere blog is sold.

Clearly “ResPublica” is hilariously vacuous, and where it’s not vacuous, it’s fucking frightening, as well as being weirdly reminiscent of Iranian revolutionary political thought according to Alistair Crooke. But it’s far from the worst instant thinktank to separate from the rocket, deploy its antenna, and commence transmitting this week.

I see that Norman Lamont has launched a “Foundation for Global Warming Policy” in the same week as the HadCRU smear campaign. Interestingly, it’s already being puffed by the “TaxPayers Alliance”. Looks like enemy action to me, sir.

Now I used to think that Daniel Davies was a little too concerned with chasing micro-thinktanks’ accounts up, rather as I used to think that Tim Ireland was perhaps too obsessed with fighting endless rows over netiquette with obscure Tories. But it’s become increasingly clear that the other side care deeply about Tim’s activities, especially when things like this happen.

Clearly, this has become a major form of political action – a new non-kinetic weapon. But how best to get rid of them, in the absence of funding for my TV show?

I think one of the first steps is to come up with a good word for it. “Astroturf” is good, but it’s very specific – it’s a fake grassroots campaign. The instant thinktanks are more of a fake elite campaign, a simulation or simulacrum of intellectual life. Snackthinktank, as in snackthinker? Too obscure. Doublethinktank is good, but worth saving for a headline. Don’tthinktank?

I’d also be interested to know if any of them have expired yet. What is their life expectancy?

Links And Ties

The affair of the stolen HadCRU e-mail should tell us a couple of things. The first is that this is why you should worry about privacy. If you do enough naive traffic analysis, not only will you find a pattern – people communicate in patterns – but you’ll be able to find something that you can misrepresent. This is the inevitable outcome of pareidolia, the false positive problem, and the infinite possibilities that open up when you don’t have to show your working out.

It’s a methodology that is common to cranks who stare at the patterns in their heads, to stupid politicians who don’t understand or don’t want to understand the maths of false positives, and to spooks, red-baiters, and other political thugs who understand them all too well. Viz:

I don’t quite understand the HP Sauce concept of ‘links’ either. Pretty much everyone in the world is damned as an extremist if you take the idea of ‘links’ as far as they do.

Give me a representative 62MB of your archived e-mail and I’ll give you a reason to really hate me.

Secondly, it’s about expectations. The scientists involved are condemned for, among other things, being angry about a crappy denier paper getting published in Climate Research and strategising together about how best to protest it. We are expected, in other words, to be shocked that they aren’t like the liberal in the joke who is too even-handed to take his own side in a knife fight.

The purpose of the exercise, of course, is to get people sacked if they aren’t like that – to impose this stereotype. This is why George Monbiot is wildly wrong. You can’t appease the authoritarians; weakness provokes them still further. (Mark Lynas is right, by the way.)

Thirdly, it’s based on epic stupidity. The famous “hiding the decline” actually consists of including the actual observed temperatures in a group of parallel data series, rather than, say, removing the anomalous ones. The series in question, Keith Briffa’s Yamal tree-ring proxy for temperature, tracks with the observations from the beginning of observed data to the postwar era, and with other proxies before the observation era. Then, for reasons we don’t understand, it diverges. Nobody makes any secret of this: they published it in Nature! But you’d have to be incredibly stupid to pick the diverging proxy series over the observed temperatures. (If you want detail, try here.)

Actually, one explanation is that Yamal is in northern Siberia, one of the fastest-warming parts of the planet, and the trees may not be able to respond quickly enough to more warmth. Hilariously, it’s also one of the biggest gas fields on the planet.

Fourthly, it’s pathetically trivial. If, in fact, the e-mails showed that literally every paper on climate published since whenever was drivel, it wouldn’t matter a damn unless the fundamental laws of nature were vastly different. A mixture of gases containing more carbon dioxide absorbs more infra-red radiation than one with less – it’s a trivial lab demonstration. And something that absorbs more heat than it radiates will get hotter. It’s Newtonian thermodynamics.

And fifthly, Eric Raymond is not the son of God – he’s a very naughty boy, who appears to have missed that the code he keeps ranting about is commented-out of the program and never used. (And the less said about this HOWNOTTO and the associated queeny snit, the better.)

Anyway, far from wanting anyone to resign, I’m going to write to the UEA vice-chancellor for research, Trevor Davies, and compliment him on standing up to the red-baiters so far. And I recommend you do too, before he goes floppy.

If anything at UEA wants investigating, it’s their IT security practices.

After this post, I thought it might be useful to provide a visualisation of the data involved. I then realised I ought to do it rather better, so I collated the figures for all 47 names from the paper accounts into a spreadsheet and graphed them. This chart shows average monthly spending on mobile and fixed telephony and travelling expenses. (You can get the bigger versions here.)

Telecoms and travelling expenses

Not perhaps too revealing like that. But if you sort the data on the mobile column, the dark blue one and the one we’re supposedly interested in…

the same, sorted

I think I see the pattern! There’s clearly a core group up the top there around Viktor – they’re doing a hell of a lot of phoning and they’re also travelling a lot. After that it falls off into the spear carriers; near the bottom, there are people who were clearly close enough to get the odd air ticket but nothing else. The big spike in the fixed (orange) bill is the fixed base operation’s Johannesburg office. “Ukraine Builders” probably refers to the fact Viktor and Alla Bout were building a house in South Africa when the mercenary laws chased them out.

There are also a couple of interesting anomalies; the biggest mobile user of all is “Paul Popov”, who also has a token fixed-line bill, but who never travels. Strange, that – a heavy mobile user who never travels. My first thought was that he might be the information centre of the whole operation (he’s the biggest single phoner of the lot), but then, it doesn’t make sense that the fixed bill is tiny compared to the Joburg office.

Actually, I rather suspect he doesn’t exist. You can well imagine the usefulness of an anonymous phone number or satellite phone terminal to such an organisation. Perhaps everyone was Paul Popov.

Of course, the names give the whole thing its due dose of seedy glamour; especially the fact that so many only have one. There’s Olga – the beautiful spy, I suppose. And “Dr Oleg” – apparently a nontrivial figure going by the data. But one of the surprises in here is how many of the core group never re-appear in the official literature. Naydo is on all the blacklists, but who is Ange Karamakalinijabo, and who is Yuri Stass (it’s short for Stassioukatis)? Possibly Alan Smith is a pseudonym for Andrew Smulian?

This is also why you shouldn’t worry about the government tapping your phone calls; you should worry about them analysing your phone bill.

we love dancing and…

We saw Rachid Taha and Vieux Farka Toure on Friday night, one of the few occasions when something held in the Royal Festival Hall actually felt like a proper gig. Taha’s shtick is somewhere between a Clash-influenced dub/punk mix and North African things like rai (it sez here – I wouldn’t really know to be honest). On the night, there was a hell of a lot of a sort of French 70s big-clattering-soundspace racket that even folk like Daft Punk are tempted by.

For a self-declared punk, he also does a good Mick Jagger act. There was a lot of showboating and wanking about with the audience and jokes in French that made less sense to me than anything Farka Toure said when he wasn’t speaking English…or French. The punk tradition of contempt for stage business obviously didn’t get across.

yes, he really means it

However, he does do a lot of fucking great dramatic funky noise, and eventually the whole hall was dancing, quite an achievement given the venue. Oddly enough, there was a sort of steel helmet faction in the front left hand stalls who took a long, long time to get on their feet; I theorise that the rest of us were the cheap seats.

Of course, we’d miss bombastic frontmen if they weren’t there; someone noted they were in a spotlight and apparently set about recreating the cover of the Wild Beasts’ Two Dancers. (Actually, there’s a prediction I should be declaring victory on.)

hey, you know the Wild Beasts album cover?

Vieux Farka Toure had done a note perfect show earlier on; he got hauled back to take part in “Rock the Casbah”, which got going after the longest daft intro ever and eventually rocked the concrete.

Alex de Waal has an interesting post on the role of satellite phones, and specifically the Arabic and more importantly cheap Thurayas, in the wars of the Sahara today. He argues, in essence, that the capital requirements of being a warlord are coming down; if you don’t have a Toyota, you’re cannon fodder, if you do, you’re a gang leader, and if you have a satellite phone and a Toyota, you’re a significant political force. The consequences in tactics and operational art are also important.

In comments, it turns out that Jean-Pierre Bemba of the RCD was an early adopter of the satellite phone too; you may remember him as the Congolese warlord who married off his daughter to Sanjivan Ruprah and who shared a BAC-111 private jet with Richard Chichakli’s company. Of course, a number of journalists had Osama bin Laden’s phone number before he chose radio silence as a policy.

You can imagine the importance of mobile telephony to these folk; but as the Giuliano Andreotti character in Il Divo says, an archive is better than an imagination. During the period in 1997-98 when Viktor Bout’s businesses briefly set up camp in the wilds of northern South Africa, before the South African anti-mercenary legislation caused them to head for the friendly skies of the UAE, they left behind an audit trail in the books of the company they used, having promised huge investments. They also left a gigantic unpaid credit card bill.

Here’s the point. In a typical month in 1998, the phone bills ran to some ZAR62,000 for mobile, ZAR49,000 for landlines and fax, and a further ZAR32,000 for telecoms services at their fixed base in Pietersburg. That’s a total of ZAR143,000 in phone bills; at the prevailing rate, that’s £17,763 a month. More to the point, that’s 48% the size of the wages bill and four times the size of the bill for lodging “VB’s staff”. Even split over the 16 phone numbers broken out in the books, it’s a lot of phoning.

Of the names given, it may be worth noting that the biggest talker in “Commodities” is Kumar, with a phone bill over £300 a month, followed by Khalid and Bakri, and in Flight Operations it’s “Paul Popov”, who almost broke the grand. Smulian is doing about £125-150. Valery Naydo is doing £150 a month; “Dr Oleg” makes it to £350 in October 1997 as the circus wheels into town. “Ange Karam’jabo” spent £665 in January that year.

This last character, whose full name is probably Karamakalinijabo, was also charging a lot in travelling expenses; he’d spent £3,000 on airline tickets the month before, plus maybe another £2,500 if the second appearance of the surname is the same man. According to the AMEX bills, he travelled on South African Airways Flight 055 to Rome and on to Vancouver, SAA 014 again to Lusaka, and finally on Austrian Airlines Flight 066 for Chicago.

Unsurprisingly, Bout was a big chatterbox himself – he got through £845 of fixed-line calls from two numbers in January ’98 alone. (The numbers are no doubt assigned to other innocent South Africans by now, or I’d quote them.)

It’s old news, really; I’ve had the documents for some time and I’ve occasionally used bits, too. But oddly enough, I hadn’t thought of looking at the phone costs. I hadn’t marinated in telecoms culture then; as always, if you’re worried that they’re listening to your calls, you don’t want to think about what they’re doing with the traffic data. Told you billing was exciting.

If there’s a nut here, apart from me, it’s that I reckon the signature of being operationally important in the system is likely that you were a big source of phone traffic and a big air ticket bill. Who is Ange Karamakalinijabo? Who is Valery Naydo? Who is Paul Popov? One thing about them, they’ve had the sense to keep their names off the Internet. Naydo only appears in the UN asset blacklist. Popov is a cipher, probably not the long-dead Orthodox bishop in Alaska.

what M-PESA is not

Over at James Nicoll’s blog:

Cellphones don’t require landlines to be strung before they can be used and apparently people have been rather cunning about coming up with ways to use them to replace services they otherwise would not have access to:

Some people carry just a card and borrow a phone when needed. Safaricom, in Kenya, has a service called M-Pesa that lets the cell work as an ATM; to send someone money, you text-message the appropriate code to them, and they get cash from a local M-Pesa agent. Cellphone minutes are traded by phone as a cash substitute. Credit card payments are made by cellphone. Remittances from relatives overseas come by cellphone. […]

It’s like the Street finds its own use for technology.

Well, sort of. People to tend to think of the success of mobile banking in the emerging markets as being a triumph of the Bruce Sterling/Kevin Kelley school of thought, at best, or an example of triumphant libertarianism – to hell with those stuffy old international-aid bureaucrats and state-owned telcos!

However, M-PESA was originally a project sponsored by Vodafone’s CSR department, and even less fashionably, by the UK Department for International Development. Much of the engineering was carried out by BSS-OSS (Billing Support Subsystem-Operations Support Subsystem) consultants in Newbury, and you literally can’t get less favela-chic than telco billing systems engineers*. And Safaricom is a Vodafone partner network, but the main shareholder is the Kenyan Government.

Once they rolled it out, as history relates, all sorts of exciting unauthorised innovation got going. But getting to that point involved a lot of boring, statey, European Union things happening first, including those awful Aid Industry Bureaucrats getting involved.

*Joke: how do you tell an OSS engineer? He used to work in billing but he couldn’t stand the excitement. Since M-PESA, though, that’s where all the excitement is…

arr!

Stupidity about pirates. (Yes, this again. When will it end?) No doubt the usual suspects will already be drivelling about this story.

Frankly, if you think the best opportunity to rescue the hostages was when they were between a tossing, fibreglass 40-odd foot boat and a 25,000 ton hijacked containership, using as your main equipment a 32,000 ton oil tanker (Wave Knight is a fleet tanker, not a warship), I suspect you may not have done enough research.

The iPhone worm is a thing of beauty. Not so much because of the technology involved, which is simple – although, since when has simplicity not been a good thing? – but because of the superb social engineering involved. Its designers demonstrated a perfect understanding of their target user population and came up with an elegant exploit of their psychology.

To recap: an iPhone, underneath the shiny stuff, is basically a little BSD Unix machine. Apple applies a lot of its own security and restrictions-management stuff to it, but this can be circumvented if you want to use software without getting Apple’s approval for it – this is the process known as “jailbreaking”. One of the most common things people do with the gadget after removing the Apple restrictionware is to install SSH, so they can log into a remote server and administer it from the phone.

Unfortunately, installing SSH also makes it possible to log into the phone from a remote machine, if you know the root password and the current IP address. So, before you do this, you absolutely must change the root password from the default (“alpine”) to a strong passphrase. Otherwise, as soon as SSH is available, anyone on the Internet can get access to the phone with root-level privileges – i.e. they can do anything they like.

The worm generated random IP addresses and tried to log in through SSH using the default iPhone password, and if it succeeded, it replaced the home screen with a picture of Rick Astley. Haha. They could also have made hundreds of hours of international phone calls on your bill, scarfed your bank details, grabbed the log of who you called and who called you and carried out some sort of evil social-graph analysis…but they didn’t. For now.

What gets me about this is that they obviously had an image in mind of the target user as someone who was clueful enough to install unofficial software on an iPhone, or who at least wanted badly enough to be seen as technically competent that they got someone else to do it, but who was sufficiently incompetent not to realise that they needed to set a real password or that they were connecting a full-blown unix box to the Internet without any security precautions whatsoever. (Given that having a server to ssh into implies you know that you can log into remote machines over the Internet if you know the password, I wonder how many of the victims had actually used the SSH client on the phone?)

As well as a practical implementation of the Dunning-Kruger effect, it’s a genuinely social hack in that it identified and targeted a specific social group – annoying moneyed wannabe-geek hipster prats. It was a wanker-seeking missile. It is sheer brilliance, and I’m not at all surprised it was invented by Australians.

Update: As pointed out in comments, why would you need the daemon half of the ssh package? Apparently, some of the jailbreaking methods use it. The virus’s creator specifically mentions the fact that so many iPhones had an active ssh service when he tested the scanning element of it in the comments to the source code of the virus.

Peter Beaumont goes for a Holt’s battlefield tour of southern Lebanon:

Cruising through the serene green wadis that connect south Lebanon to the Litani river to the north, the commander explains what happened at the end of the last war. “We knocked out three of their tanks on the first day, as they tried to enter,” he explained at a turn-off by the village of al-Qantara. “But after they entered the wadi, we knew they were going for the river and had to be stopped. So we called out to all the special forces anti-tank teams in the area. And they all swarmed the wadi. Boys would set up and wait for the tanks, fire off their rounds and then pull back. Then they would pull back a kilometre or so down the wadi and wait for them again.”

According to Israeli military reports, after the first and last tanks were hit by rocket fire or mines, killing the company commander, the 24 tanks were essentially trapped inside a valley, surrounded on all sides and pinned down by mortars, rockets and mines. Eleven tanks were destroyed and the rest partially damaged and Israel lost at least 12 soldiers.

Go read the rest; there’s a fair amount of speculation of the informed sort, and an appearance from Andrew Exum opining that the reinforced UNIFIL has succeeded in moving Hezbollah away from the border, rather as it was meant to. Actually, the reinforced UNIFIL should surely be counted as one of the unexpected successes of the last few years – especially if you remember all the yelling at the time.

However, this may be less important than it appears, especially if the Hezbollah guy’s account of their tactics in 2006 is representative – there’s no reason why they couldn’t keep doing that every kilometre, and indeed that’s what the original idea of a screen of small groups of men with guided anti-tank weapons was meant to do in front of the main NATO armies in Germany (remember this post and Stephen Biddle’s analysis?)

Further, the whole concept of a buffer force assumes that both sides would rather not fight, but that neither is willing to make the first move – that a classic security dilemma is operating. If one or both parties are determined to initiate more violence, though, this breaks down. And it’s worrying to see how a lot of Israeli commentary about 2006 has changed over time – in the first 18 months or so, there was a lot of frankness around. The war had clearly been a failure, and Hezbollah had surprised everyone by defending southern Lebanon effectively. Roughly since Gaza, there’s been a denialist phase – a bit like David Lloyd’s crack that “we flippin’ murdered them” after the England cricket team ran out of time trying to beat Zimbabwe. A lot of stuff was blown up in Beirut, and if it wasn’t for those pathetic politicians, we’d have won. You know the pattern.

Aaronovitch Watch reflects upon dinner with Denis MacShane. There’s an important point here, and one that was well made as a by-product of Nick Davies’ brilliant reporting on Operation PENTAMETER 2, a giant police sweep looking for prostitutes brought into the UK by force that failed to find even one. It turned out that the entire project was driven by policy-based evidence – a succession of politicos and thinktanks progressively taking what had once been the upper bound in an actual study, treating it as an actual forecast, and then adding a bit.

Not so long ago, I had the opportunity of discussing this with a source in the Met vice squad, and the take-home message is Davies was being conservative – it was actually worse than that.

Anyway, one of the most egregious examples of PBE in the story was the fault of none other than MacShane, who promptly responded by writing to the Guardian and accusing Davies of “taking the side of the managers of the sex industry”. As Davies pointed out in the original story, the whole thing followed the pattern of the campaign for war with Iraq with uncanny accuracy.

There was the exaggeration by stripping out caveats, the practice of using deliberately extreme limiting cases as central forecasts, the search for anyone who would provide the right kind of intelligence when the intelligence services’ intelligence didn’t fit around the policy…and the shameless red-baiting attacks on anyone who disagreed. Sniff, sniff. Are you a good anti-Fascist? Will you condemn, etc, etc?

The lesson, however, is that some people seem to gravitate to this set of tactics or political style (because that’s what it is); if Denis MacShane worked for the Party of Kittens, he’d be secretly briefing the press that Mickey Mouse was part of a decadent Hollywood-liberal elite in league with feline leukaemia, based on his summary of a leaked report from the newly established Council for a Flea-Free Future, and if you called him out on it, he’d get all the members of the Accuracy in Cat-Related Media mailing list to write and accuse you of being objectively pro-dog.

Come to think of it, it’s part of the package of modern thinking; you need a Boris Johnson-esque clown figure, a Tony Blair-esque tebbly tebbly concerned type, and a MacShane-esque underhand thug.