Monday, December 29, 2014

Red-Light Cameras: Proceed With Caution


The Latin phrase "Quis custodiet ipsos custodes?" means "Who will guard the guards themselves?" It may have originated with the Roman poet Juvenal, who flourished around the first century A. D., but the problem it highlights is much older than that.  Those who are charged with enforcing a law always experience a temptation to abuse the power that enforcement confers.  The case in point here is the use—and abuse—of so-called red-light cameras that photograph alleged runners of red lights and produce traffic citations that are mailed to the registered owner of the vehicle in question.

By the 1990s, the technology making these devices practical was sufficiently advanced that cities began installing them.  According to an article in a recent issue of National Review, over 500 cities in about half the states in the U. S. now use them.  Although the professed reason for adopting red-light cameras is to reduce the number of red-light runners, studies have shown that the evidence for lowering accident rates at intersections with red-light cameras is mixed.  Traffic engineers have noted a perverse counter-incentive at intersections where drivers know a red-light camera is installed.  Some drivers get so jumpy at seeing a yellow light at a camera-equipped intersection that they jam on their brakes prematurely and get rear-ended by a less paranoid driver behind them. 

What is not in dispute is that the red-light cameras are real moneymakers, both for the municipalities that install them and for the companies that often install and operate them for the government free of charge, taking a portion of the fine proceeds as payment.  The city of Newark, New Jersey gets $4 million per year in revenue from red-light cameras, while Chicago averages about $50 million a year.  Chicago's city government does not have a reputation for being squeaky-clean, so it is not surprising that earlier this month a man named Martin O'Malley was convicted of giving a $2 million bribe to a city transportation official.  The money came from Redflex Traffic Systems, which up to last year operated the city's red-light cameras. 

Redflex also offers a related service to school-bus systems:  a stop-arm violation camera.  In most states, it is illegal to pass a stopped school bus while its red flashing lights are on and the stop-arm is extended, but many people do it anyway.  Redflex will install video cameras and wireless downloading and evaluation systems free of charge on every school bus in exchange for a percentage of the fines assessed for violations.  This type of system has also proved popular and has been installed on school buses across the country, including right here in San Marcos, Texas. 

The red-light and stop-arm cameras can be viewed simply as technological aids to conventional means of law enforcement.  But they differ from other security-camera systems such as those that catch convenience-store robbers in one significant respect:  the absence of a police officer at the scene.  If a live patrolman pulls you over for speeding, there is a human-to-human interaction, and technically you can haul the officer into court and subject him to cross-examination at trial.  The fact that most people don't bother doesn't change the principle.  But when there is nothing but photographic evidence for a violation, there is nobody to subpoena, and correcting mistaken identifications and other errors can become a more complex matter. 

Besides the potential for error, there is the temptation to shorten the duration of yellow lights to increase revenue.  City governments in Florida and Illinois have been caught quietly lowering the duration of yellow signals below the federal guideline of three seconds at red-light-camera-equipped intersections, and in Florida things got so bad that the state legislature passed a law prohibiting the practice. 

Beyond the immediate temptation to abuse the system in government's favor at the expense of private citizens, there is the larger question of whether it is a good thing to use technology in a way that incentivizes governments to enforce laws, not mainly because enforcement benefits society as a whole, but because it generates revenue for the government. 

We have just experienced the Christmas season.  According to the Gospels, Joseph and Mary, the mother of Jesus, had to travel from their home in Nazareth to Bethlehem, where Jesus was born, to fill out some government tax form.  In ancient Rome and its colonies, taxes were collected by private contractors called publicans.  The deal was that publicans would bid for the right to collect a specified amount of taxes in a given region.  If you won the bid, it was up to you to collect at least the amount of taxes you were assigned, and anything you collected over your expenses and what Rome needed was yours to keep.  The potential for abuse in such a system is obvious, which may be why Jesus in later life used the hated figure of a publican in a parable as an example of someone who would have plenty of sins to ask forgiveness for. 

Firms such as Redflex are not exactly in the position of the publicans of ancient Rome, but the system under which they operate is edging toward a publican-like tendency of open-ended revenue collection that profits both the firm and the government it works for, at the expense of the public at large.  The abuses of the publican system came to an end with the Roman republic itself.  I am not recommending such a radical fix here.  But we can take the advice and examples of Juvenal and Jesus to give a hard look at technological systems that create perverse revenue incentives that reward abuse on the part of governments and firms that provide the technology.

Sources:  John J. Miller's article "The Red-Light District" appeared in the Dec. 31, 2014 print edition of National Review, pp. 24-26.  I also referred to an article on stop-arm cameras posted by a Fox News TV station in Washington, DC at
http://www.myfoxdc.com/story/23344373/2013/09/04/redflex-takes-aim-at-violators-of-school-bus-stop-arms, and to the Wikipedia articles on Juvenal and "Quis custodiet ipsos custodes?"

Monday, December 22, 2014

The Sony Hack And Sony's Response: Caution or Cowardice?


On November 22 of this year, employees at Sony Pictures Entertainment were greeted by images of skulls on their computer screens, and experienced other problems that severely compromised the company's IT systems.  A message accompanying the hack warned that "secrets" would soon be disclosed to the world.  The firm was in the last stages of preparing for release on Christmas Day a film called "The Interview," which includes an unflattering portrayal of North Korean dictator Kim Jong Un.  Back in June, after the film's planned release was announced, North Korea called it an "act of terrorism" and threatened consequences if the film was released as planned. 

A group calling itself "Guardians of Peace" claimed responsibility for the hacks, and expanded their efforts by revealing reams of private emails and video files of both released and unreleased films, all stolen from Sony through sophisticated hack attacks.  When the Guardians issued threats to movie theaters that dared to show "The Interview," major theater chains began telling Sony that they would not run the film.  Faced with this situation, last week Sony announced that they were cancelling the release altogether. Sony executives received a message from the Guardians on Dec. 18 congratulating them on their "very wise" decision to cancel the release.  The FBI has confirmed that the attack originated from North Korea, which has denied that it has anything to do with it.

The situation is this:  Sony made a movie poking fun at Kim Jong Un, and Kim Jong Un retaliated with probably the most serious cyberattack on a non-governmental entity in history.  And he got more or less what he wanted—Sony cancelled the film's release.

I have not yet seen any estimates of the monetary damage Sony has sustained in this attack, but it clearly amounts to many millions of dollars, both in potential revenue lost from the film's cancellation and in the illegal downloading of other intellectual property of Sony's made possible by the massive cybertheft operation.  I have also not seen anyone comment on the Japan-Korea angle of this attack.  From 1910 to 1945, what was then the united country of Korea was essentially a Japanese colony, and forced conscription and other abuses soured the relationship between the two countries.  Sony is a Japanese firm, and so there may be a settling of decades-old grudges mixed into this situation, in which the U. S. assets of Sony are simply a means to an end.

Whatever North Korea's motivation was, the fact remains that they succeeded not only in a transnational cyberattack of unprecedented size, but also in blackmailing Sony to cancel the release of a major film.  Was this a prudent and "very wise" measure on Sony's part, or an act of cowardice?   

I say it's neither.  What this situation says to me is that the United States government has failed in this instance to carry out its constitutional obligation to "provide for the common defense."

If North Korea had managed to shoot a missile across the Pacific and blow up Sony headquarters in Culver City, everyone would recognize that as a clear act of war in which a state's boundary was violated and assets destroyed by the concerted action of a foreign country. But cyberattacks are so new, and their heritage so different from conventional acts of war, that we have trouble recognizing them for what they are. 

As far as Sony is concerned, the firm has sustained serious damage at the hand of a foreign power.  One of the essential functions of modern states is to provide security for its residents against attacks by foreign powers.  The U. S. government clearly dropped the ball in the case of the Sony hack.  In the absence of any assured forthcoming protection against similar attacks in the future, I understand why Sony pulled the picture, and why theater chains refused to show the film.  Fears of physical attacks on individual theaters were probably exaggerated, but now that most movies are digitally projected and shipped around as bits rather than celluloid, theaters are potentially as vulnerable as Sony to cyberattacks as well.

Now that the gangster regime of North Korea has shown it can attack U. S. assets with impunity, it is time to admit that the U. S. military, or something like it, needs to have a cyber-corps to defend U. S. citizens and corporations against cyberattack.  At present the situation is rather like the following.

Suppose the U. S. military did a good job of protecting the country against attacks by land and sea up to, say, 1910.  But then, private firms began flying airplanes, and, wonder of wonders, someone figured out how to drop bombs from an airplane.  Suppose the U. S. government had said in response to this innovation, "Look, we'll fight foreign attackers if they cross our borders on land or by sea, but as for attacks from airplanes, you're on your own.  Everybody has to have their own private AD (air defense) department, and if you're attacked by air successfully, well, we may be able to tell you where the planes came from, but you just weren't paying enough attention to your air defense and we're sorry.  And the President will badmouth you in a news conference if you cave to the attacker's demands."

Fortunately, this fictional history of private air defense didn't happen.  The Wright Brothers flew their first flights on U. S. soil, and America arguably led the world in air defense and attack, which was a major reason why we won World War II and defeated the international thug and blackmailer Hitler.

But something like the above wacko private-AD scenario is going on right now with regard to cyberattacks on U. S. firms by foreign countries.  The U. S. government is into a lot of things that it probably has no business being involved in, but if there is one thing almost everyone except the deepest-dyed libertarians can agree on, it's the fact that defending the nation against attacks by foreign powers is one of the federal government's main responsibilities. 

We have just seen a demonstration that at least one foreign power can attack and blackmail a major U. S. firm with impunity.  Perhaps Sony was low-hanging fruit in terms of cyber security.  At least one report mentioned the possibility that the attackers had some inside information, but spies have been around ever since warfare has been around, and there are ways of dealing with them too.  The fact remains that North Korea has revealed a serious vulnerability in our national defense, one that needs to be addressed with a serious rethinking of what cybersecurity of a nation really means, and what we are willing to give up in order to have it. 

Unless we want to get used to the idea that cyber-blackmail by foreign powers is going to become a way of life in America, we need to wake up to the reality that cyber assets are just as valuable as brick-and-mortar assets.  And a government that protects one and not the other is simply not doing its job.

Sources:  I relied on two recent reports of the Sony hack and its consequences, one from CNN on Dec. 19 at http://money.cnn.com/2014/12/19/media/insde-sony-hack-interview/index.html and another from the BBC at http://www.bbc.com/news/entertainment-arts-30512032.  The Wikipedia article "History of Japan-Korea relations" has some information on the complex backstory of Japan's dealings with Korea and Koreans. 

Monday, December 15, 2014

Mass Media and Self-Promotion: Stephan's Law


One of the recurring themes in engineering ethics is that power and privilege entail responsibility.  Those in positions of influence over millions of users of a technology should recognize the responsibilities that go along with such influence.  This is especially true of individuals and organizations that control mass media such as newspapers, radio, TV, cable systems, and entities such as Google and Facebook. 

In this connection, I would like to bring to your attention a principle of human nature that I have observed in action on many occasions over the years.  To my (admittedly limited) knowledge, no one has taken the trouble to state this principle succinctly, so I'm going to favor you with such a statement.  And because every good principle needs a name, I will modestly term it Stephan's Law.  It is this:

"Every mass medium eventually advertises its controlling organization."

I will now describe the latest instance in which I observed this principle in action.

At the end of every fall semester, I attend the winter graduation ceremonies of Texas State University for the School of Engineering graduates.  This takes place in a nice indoor coliseum where the basketball games are played, in which a few years ago they installed one of those giant LED TV screens colloquially called Jumbotrons.  This one is mounted on a large blank wall behind the stage, and in past years has been used to show closeups of the speakers and graduates as they cross the stage to receive their diplomas.  In the last couple of years, the video has also been live-streamed to the Internet.  So it's fair to say that when you have a crowd attending graduation, and they watch the Jumbotron, it's a mass medium, because everybody in the coliseum sees more or less the same thing, as well as the Internet viewers.  So far so good.

Up to the graduation I attended last Friday, you saw nothing on the Jumbotron that you couldn't have seen elsewhere in the coliseum:  the band playing, the president speaking, graduates graduating.  But yesterday, something new was added.  Just after the provost introduced himself and the platform guests, he asked us all to give our attention to what followed. 

All of a sudden I flashed back on a Lone Ranger video we watched the other night that was made in 1949—the very early days of U. S. television.  The way that program segued to an ad was to switch from the Lone Ranger shooting at some bad guy, to a peaceful scene of a field of wheat while the narrator intoned a phrase that went something like "And now we ask for your interest and attention."  Why a wheat field?  Turns out that the sponsor of the Lone Ranger program was General Mills.  Wheat—Wheaties—General Mills—get it?  Anyway, you can tell that the producers weren't quite sure how people would take television ads, so they soft-pedaled them and gave the viewers some time to readjust their psychologies away from the Old West before hitting them with the sales pitch.

Sure enough, as I watched the Jumbotron, the provost disappeared and we all watched a three-minute ad for Texas State University.  It was nicely done—a female chorus sang a bouncy holiday tune in the background, we saw familiar landmarks on campus, both still and live action, and it wound up innocuously with best holiday wishes for all.  But here was a new mass medium, and although it had taken a few years, it eventually complied with Stephan's Law—it ended up advertising its controlling organization. 

The first time I noticed an example of this law was when the old National Educational Television (NET) transformed into the Public Broadcasting System (PBS) in the late 1960s.  Back then, there was a sort of unwritten rule observed by educators that the classroom was no place for overt advertising.  So for the first few years of its existence, NET carried no ads of any kind, even for itself, at least none that I recall.  But once educational TV stations realized that they could take some of that valuable air time and run pledge drives for themselves, well, the horse was out of the barn, and now self-promotion is a routine part of the business of PBS.

Note that Stephan's Law makes no moral judgment.  As far as that goes, I do it myself—after all, now and then I have links to my own blogs.  Morality comes into play only when you take other considerations into account.  For example, does the medium present itself as strictly neutral and unbiased?  It's hard to be that way when you're telling people about how great you are.  So in that case, there's the danger of hypocrisy.  And while the amount of time that an external advertising sponsor can buy in a given medium is limited by the sponsor's resources, the organization that operates the medium has no natural limit to its own self-advertisement efforts.  Something close to that limit is approached by a particular cable news channel we watch, Time Warner Cable News.  Although the channel carries ads from external sponsors as well, I think about half of the non-content time on it is devoted to self-promotion.  Of course, I don't have to watch that channel if I don't want to.  But if I choose to, I'm going to see a whole lot of ads for Time Warner Cable in its various guises.

If I knew more of the writings of a communication studies guru like Marshall McLuhan, I would probably find that Stephan's Law was discovered centuries ago after Gutenberg put an ad in his Bible for upcoming new editions, or something along those lines.  (Note to incunabula specialists:  I have no idea whether Gutenberg self-advertised or not, but it wouldn't surprise me.)  But in my state of happy ignorance, I present this principle to you free of charge, and challenge you to watch for the next example of it that comes to your attention.  The more media there are, the more chances there are for Stephan's Law to be verified, and in this media-saturated culture, it's hard to go for very long without seeing an example of it in action.

Sources:  I looked for an example on YouTube of the Lone Ranger-General Mills segue, but for reasons that may have to do with copyright, it doesn't show up there.  However, some DVD collections of old Lone Ranger TV episodes have it, which is where I saw it. The word "Jumbotron" is actually a registered trademark of Sony Corporation, according to Wikipedia, but since Sony quit making those devices in 2003 the word has passed into the language to mean any large electronic display board.

Monday, December 08, 2014

Women in Engineering—Will GoldieBlox Help?


Of the millions of engineers worldwide, only about 14% are women.  To some, this statistic is prima facie proof that women are unjustly prevented from joining what is generally regarded as a desirable and socially beneficial profession.  To others, it merely shows that the difference between men and women extends to aptitudes and career choices.  But to Stanford mechanical-engineering graduate Debbie Sterling, that statistic represents a challenge she is tackling with her company, GoldieBlox.

The firm's mission statement, prominently displayed on their website below a pie chart showing the infamous 14% number, says that its goal is to "get girls building."  GoldieBlox's line of construction toys are designed to appeal especially to girls, and come with storybooks about female engineering role models.  These kits include "GoldieBlox and the Dunk Tank," "GoldieBlox and the Movie Machine," and a GoldieBlox zipline action figure—the character herself as a doll with long blonde tresses, dressed in a tee shirt and overalls and definitely not possessed of a Barbie-doll-like figure.  Although I have not bought toys for young children for many years and my judgment on such matters is therefore suspect, the kits look a little on the pricey side to me.  You can lay out as much as a couple hundred bucks for the Solid Gold(ie) Package, which includes nearly every item in their catalog.  But hey—if it can really turn your little Mabel or Doris into an engineer, it's worth it, isn't it?

GoldieBlox has been around for only a couple of years (Sterling founded it in 2012 with help from Kickstarter), and so it is too soon to tell whether the firm, and other similar girl-oriented science-technology-engineering-math (STEM) products now available, will push that 14% number higher.  But GoldieBlox, as a privately funded self-supporting free-enterprise company, is a welcome addition to the sometimes heavy-handed efforts of the federal government to do the same thing.  While I have not received funding from the U. S. National Science Foundation for many years, I have kept up with its various programs and policies enough to know that the paucity of women in engineering and other STEM fields is of great concern to that agency.  According to one source, NSF will spend over $800 million in fiscal year 2014 on education and human resources, and it is safe to say that a good fraction of that will go toward programs aimed at increasing the participation of women in STEM fields at all levels.

Rarely does any discussion of this topic stray into the fundamentals of the ethical concerns involved, so I will try to do a little of that here.  One argument in favor of increasing the number of women in engineering is purely utilitarian.  It has two premises and a conclusion.  Premise One is "Women and men are equally capable of being engineers."  Premise Two is "Only 14% of engineers are women."  The conclusion is "A lot of women who could be engineers are not becoming engineers."  At this point, the pleas from industry that they cannot find enough good engineers are brought in to justify spending tax money on special programs designed to encourage women to enter STEM fields.

This argument has the advantage that it relies on statistics.  Premise Two is an undeniable statistical fact, and as for Premise One, you can find psychological and educational studies that support the contention that women as a group have the brainpower needed to do most engineering jobs.  But to get from the conclusion of this syllogism, which is factual, to a call to action—"we should get more women into engineering"—requires that we either ignore all the other possible things that the potential-engineer women could do with their lives, or perform a complex global optimization problem involving the entire working population.  So this argument doesn't take you as far as it seems to promise at first, at least without a lot of public-policy help smuggled in at the last minute.

Another argument, which in my view is much stronger, is based on the generally accepted notion that irrational prohibitions and thoughtless misallocation of opportunities and role models are wrong.  To give a personal example of the first, my wife was the daughter of a highway engineer.  When she was in high school in the 1960s, she wanted to take a drafting class, because she had seen the kind of drawings that her father did at work and she thought that might be a good thing to learn.  She was told that "girls don't take drafting," and ended up in a home economics class.  While the feminist movement of the 1970s had has many far-reaching effects, not all of which were positive, I think it is a good thing that such arbitrary sex-related employment exclusions are largely a thing of the past. 

The lack of opportunities and role models for women is a similar problem, although these fall more into the category of sins of omission than commission.  As GoldieBlox founder Sterling learned when she was a girl, construction toys were made and marketed for boys, not girls.  Now that her company is around, that is no longer the case, although time will tell whether enough enlightened parents will buy GoldieBlox kits for their daughters to make a difference. 

Programs that connect up girls with working women engineers can make a tremendous positive difference here.  Just meeting a woman who was able to make it through engineering school and get an engineering job can be a great encouragement to a young woman who finds attending mostly-male engineering classes intimidating.  The NSF money that is spent on those sorts of encouraging activities addresses these sorts of passive injustices.  While statistics proving their effectiveness may be hard to come by, you can talk to women who are now engineers to whom such things made their careers possible.

By and large, engineering is a profession that contributes to human flourishing.  As mothers, women have historically done most of the work in contributing to the flourishing of the class of humans called children, and so it is no great stretch for women to contribute also in the more indirect way of an engineering career. I wish GoldieBlox well, and hope that in future years I may end up teaching some women who can fondly recall the time they discovered GoldieBlox and the Dunk Tank, and their lives were forever changed.

Sources:  I learned about GoldieBlox and its founder, Debbie Sterling, from an article by Nicole Villalpando that appeared in the Austin American-Statesman print edition on Dec. 5, 2014.  (Full access to the online article requires a subscription.)  I also referred to the American Association of Universities website at http://www.aau.edu/WorkArea/DownloadAsset.aspx?id=14335 for statistics on the NSF budget, and the GoldieBlox website www.goldieblox.com. 

Monday, December 01, 2014

Will Remote Car Hacking Stop Before It Starts?


The bomb exploded as the car reached the intersection of Park Place and Forest Park Boulevard in Fort Worth, Texas.  The explosion was loud enough to be heard at an elementary school a couple of blocks away, and I was one of several students who got to the scene before emergency crews had cleaned it up.  From the front doors rearward the car looked nearly normal, but there was just a blackened pile of junk where the front end used to be.  The driver was killed instantly.  From what I recall, later investigation of this mid-1960s incident turned up ties to organized crime, and I'm not sure but what the criminals put the bomb in the wrong car.  Even the Mafia makes mistakes.

To commit that crime, someone had to make a powerful time bomb and gain physical access to the car in order to plant it.  In the near future, it will be logically possible to wreck a car and kill the driver without ever laying a finger on either one.  Once wireless networking and Bluetooth communications are integrated in new models of automobiles, a sufficiently dedicated hacker might be able to wrest control of the car from the driver and do anything he likes, including driving the car off a cliff or into a gravel truck.

So far as anyone knows, no one has committed a successful crime by hacking into a car's software.  On the other hand, automotive software hacking for benign purposes has been around for a decade or more.  While teens of an earlier generation would get greasy in a garage staying up till midnight to hop up a '57 Chevy for drag racing, today's hot-rodders hack into the valve-control software and tune up the timing to suit their purposes.  The keyhole for this activity is the OBD-II port—the place an auto tech plugs a computer into your car to diagnose why your check-engine light is on. 

In a demonstration for the U. S. military, cyberhackers showed how they could use the port to exert virtually total control over a current-model car, locking the brakes or even killing the engine.  This kind of hacking requires extensive knowledge of the car's software and a good deal of reverse engineering, so it is currently not cost-effective for the bad guys to do it.  And with non-networked cars, it still requires physical access to the car.  But automotive-industry leaders are trying to anticipate the day when new cars are totally networked and become part of the Internet, which will open them up to attacks from anywhere in the world.

According to recent press reports, automakers are organizing an automotive version of an Information Sharing Advisory Center (ISAC), similar to the ones that the banking and other information-critical industries have formed to promote the sharing of news about cyber-threats among competing firms and to develop countermeasures fast.  Just as significant as their actions is the fact that they are publicizing their actions.  One could speculate that the car companies are trying to send a signal to potential automotive cyber-attackers that the industry is not sitting idly by, waiting for the first fatality before something is done to prevent such attacks.  Instead, they are putting defenses in place well before any attack occurs—a sound military tactic.

There may be a lesson here about the tendency of organizations to lose effectiveness with time.  Computers have been used in cars for less than a generation.  But cars have had ignition keys for close to three generations.  The GM ignition-switch failures, with their resulting fatalities and massive recalls, stem from the negligence of engineers who have been doing basically the same thing since the 1930s, although the details have certainly changed over the years.  But the engineers in charge of computer security have grown up in an environment where hacking and cyberattacks are an ordinary part of life, and to pretend otherwise would be a mark of incompetence.  So it is no great surprise to hear that car companies are trying to get ahead of computer criminals by forming an ISAC.

Even so, you can imagine situations in which the mere threat of such an attack would be profitable for criminals.  Say you're the CEO of UPS, and one day near the peak Christmas-shipping season you get an email instructing you to deposit two million dollars in a certain Swiss bank account by a certain time.  If you don't, the sender promises to throw a digital monkey wrench into your entire fleet of trucks, all at once.  The CEO would at least have to take such a threat seriously. 

I feel like taking a mental bath after putting myself into the mindset of a cybercriminal that way, but unfortunately, that is what competent computer-security people have to do in order to come up with ways to thwart such attacks.  The only sure defense against such blackmail is to have enough encryption and other measures in place so that no conceivable attack will stand a good chance of working.  There is always a chance that some evil super-genius will figure out a way to hack the best defenses, but statistically, such people are rare and most cyber-threats involve only the average amount of cleverness. 

The organizers of the first automotive ISAC are to be congratulated for their foresight in anticipating what could be a really messy and dangerous problem, and I hope that automotive cyberattacks are prevented before they can even get off the ground.  But no one knows exactly how cars will interact with the Internet in the future, and depending on how the systems develop, the best efforts of the good guys may be foiled sooner or later by a bad guy.  Let's hope that day is a long way off.

Sources:  Justin Pritchard's report on the organization of an automotive ISAC and successful test attempts at automotive cyberattacks was distributed by the Associated Press and carried by numerous news outlets such as ABC News on Nov. 25, 2014 at http://abcnews.go.com/Technology/wireStory/computer-hackers-dissect-cars-automakers-react-27132494.  The online edition of Auto News carried another report from a Society of Automotive Engineers conference announcing the formation of the industry's first ISAC, at http://www.autonews.com/article/20141021/OEM11/141029957/auto-industry-forming-consortium-to-fight-hackers.  My blog on the GM ignition switch recall appeared on June 9, 2014 at http://engineeringethicsblog.blogspot.com/2014/06/the-switch-from-hell-gms-barra-and.html.

Monday, November 24, 2014

How Neutral Is the Net?


Earlier this month, President Obama asked the U. S. Federal Communications Commission (FCC) to classify the Internet as a public utility in order to preserve net neutrality.  While in principle the FCC is an independent regulatory authority, it usually takes the President seriously, and this proposed action led to both cheers and boos. 

The cheering came from mostly liberal observers who see threats to the Internet coming from internet service providers (ISPs), who have expressed a desire to discriminate (either favorably or unfavorably) among their customers.  One form of discrimination that has come up for discussion is that a big outfit such as Google or Facebook would pay ISPs for preferential treatment—a "fast lane" on the Internet so their websites would work faster compared to everyone else's.  Another idea, one that Comcast actually tried to implement a few years ago, is that certain types of Internet services that hog bandwidth (such as file sharing of music and videos) could be artificially slowed or discriminated against.  In that case, the FCC told Comcast to quit discriminating, and it did.  But more recently, similar attempts on the part of the FCC to enforce net neutrality have been struck down by federal courts, which said that the FCC doesn't have the legal authority to regulate the Internet in that way.  Hence the President's call to reclassify the Internet as a Title II public utility, which refers to a section in the FCC's enabling legislation that was originally intended to cover things like the telephone network.

And that leads to the boos, coming mainly from conservatives who see danger in letting the FCC treat the Internet basically the same way it treats the phone network.  Hidden on your phone bill is a little item called the Universal Service Fee.  On my cellphone bill it's $2.22 a month.  It was originally intended to provide subsidies for rural telephone service, but like most government fees and taxes, once it was planted as a tiny seed it put down roots and is now a mighty oak of revenue for the FCC, which supports itself entirely on fees.  If the phone network was not classified under Title II, the FCC could not assess this fee.  But such fees can be charged to a Title II service, which the Internet would become if the FCC does what the President asked it to.  That doesn't mean we would instantly start paying fees as soon as the FCC reclassified the Internet, but it does mean that they would have the legal right to.

From the viewpoint of consumers, it's hard to make an argument that a non-neutral net would be anything but bad.  The net (so to speak) effect of a non-neutral net would be to restrict access to something or other—either the firms that couldn't afford the extra fees that the ISPs want to charge the Googles for fast-lane services, or the types of services that cause ISPs headaches such as certain file-sharing activities.  But how neutral is the net today?

The picture is sometimes painted of a happy, absolutely free Internet world where equality reigns, versus a dismal, corporate-dominated few-rich among many-poor non-neutral Internet that the liberals warn us may happen if we don't guard net neutrality.  The facts are otherwise.  Right now the Internet is a great deal less neutral than it used to be.  If you don't belong to Facebook, for instance (as I don't), access to that world within a world of social media is highly restricted from you.  This has come about not because of anything an ISP has done, but because Facebook, in order to operate, requires certain information from you before you join, and hopes your signing up and consequent Facebook profile will attract other viewers.  Many of the various Google accounts and services work the same way.  My point is that there are huge regions on the Internet that are closed to you unless you pony up something to get into them (not necessarily cash), which is basically what the net-neutral advocates say will happen unless we preserve net neutrality.  But it already happens.

And what about people who live in areas that have slow or no access to the Internet?  It's not neutral to them.  Nobody has gone so far as to say every citizen of the U. S. has a right to X megabits per second access to the Internet.  But there was a time when the idea that everyone should have access to a telephone was a radical notion that telephone companies fought against, until the Bell System decided to join instead of fight and willingly put itself under the supervision of government authorities in exchange for promoting universal access. 

As I blogged in this space a few years ago, when you have a large network that thrives on maximizing the number of people connected to it, any artificial attempt to limit that access damages the system.  And over time, most such systems have ways of figuring this out, and tend to rid themselves of such restrictions.  But government fees and regulations are another matter.  It took years of court battles to free up the phone system from the old-style regulated monopoly pattern that was appropriate to the technology of 1945, but by 1980 was outmoded and needed to change. 

By and large, the Internet has stayed fairly neutral, not so much because the players all have a principled commitment to net neutrality, but because restrictions that move it in the non-neutral direction tend to harm the system as a whole.  My own inclination is to let things more or less alone, rather than reclassifying the Internet into a category that would make it vulnerable to a whole array of regulations that might be well-intended at the time, but could become albatrosses around the neck of a technology that has so far proved to be quite agile and dynamic.  But whatever happens, we should all realize that net neutrality is an ideal that has never been completely realized in practice.

Sources:  President Obama's statement on favoring FCC action to preserve net neutrality was announced on Nov. 10, 2014, and is available at http://www.whitehouse.gov/net-neutrality.  I referred to the conservative National Journal's piece on his move at http://www.nationaljournal.com/tech/obama-s-net-neutrality-plan-could-mean-new-internet-fees-20141120.  I also referred to the Wikipedia articles on network neutrality and the Federal Communications Commission.  My blog "Will the Net Stay Neutral if Google Doesn't Want It To?" appeared on Aug. 9, 2010.

Monday, November 17, 2014

Red Vs. Blue: Politics of the Nobel Prize in Physics


This year's Nobel Prize in physics went to three Japanese scientist-engineers who developed the first practical high-efficiency blue light-emitting diodes (LEDs).  Isamu Akasaki, Hiroshi Amano, and Shuki Nakamura received the award "for the invention of efficient blue light-emitting diodes which has enabled bright and energy-saving white light sources."  Shortly after the award was announced, former University of Illinois researcher Nick Holonyak made the news by complaining publicly that the Japanese work would not have been possible without the invention of the red LED, which he and coworkers at General Electric developed in 1962.  The Nobel committee has not chosen to honor Holonyak's work with the Prize, however, and he calls this neglect "insulting."  Beyond the immediate question of whether the Nobel Foundation should recognize red LEDs as well as blue ones is the wider issue of how important such prizes are to the field of engineering in general, and how fairly they are awarded.

Alfred Nobel himself was an engineer, inventor, and entrepreneur, not a scientist.  After a French newspaper prematurely ran an obituary on him when a reporter mistook his brother's death for his own, he learned that at least one prominent news outlet considered him a "merchant of death" because of his invention of dynamite, which was already being used as a military explosive in the 1880s.  Nobel never married, and in his will he directed that the bulk of his estate be used to establish an endowment to pay for a series of annual prizes for work that benefited humanity.  Thus the Nobel Prizes were born.

The Nobel Prize in Physics is awarded by a committee selected by the Royal Swedish Academy of Sciences, which votes as a whole on finalists selected by the committee.  Over the years, the process has worked well for the most part.  The first winner, Wilhelm Conrad Röntgen, was recognized in 1901 for his revolutionary discovery of X-rays, and both the magnitude of the discovery and his clear priority in the field went unquestioned.  But over the years, the prize has gone to a few people who in retrospect might not have been the best choice available.  For example, is there anyone today who remembers Nils Gustaf Dalén, who won the physics prize in 1912 for his "invention of automatic valves designed to be used in combination with gas accumulators in lighthouses and buoys"?  Admittedly, lighthouses and buoys were technologically important in 1912, but at a time when Einstein's discoveries were being widely recognized, you wonder what the committee was thinking.  Then again, Dalén was Swedish, and maybe his home-team advantage had something to do with it.

Anyone who has studied the history of technology knows that the twenty-words-or-less summary you read in the newspapers about any given invention is almost certainly not literally true.  For example, consider the question "Who invented the LED?"  Was it Henry Round, who when experimenting in 1907 with silicon-carbide cat-whisker radio-signal detectors at the behest of inventor (and 1909 Nobel Physics prizewinner) Guglielmo Marconi, discovered that under unpredictable conditions, the material emitted flashes of light?  Was it Russian scientist Oleg Losev, who published papers in English, French, and Russian in the 1920s describing not only experiments involving what we would now call LEDs, but a theory of why silicon carbide could emit light?  Was it James R. Biard and Gary Pittman, who, while working for Texas Instruments in 1962, patented a design for a gallium-arsenide diode that emitted infrared light?  In terms of technological significance to humanity, this discovery may outshine all the others, because the fiber-optic cables that make possible our wired world rely on infrared light emitted by direct descendants of Biard's infrared-emitting diode.  Or was it Nick Holonyak, who published the first report of a visible-light (red) LED that he developed at General Electric, also in 1962? 

And if we just stick to blue LEDs, which when combined with red and green allow the production of white light, there are others besides the 2014 Nobel prizewinners who should at least be considered.  In 1972, Stanford Ph. D. students Herb Maruska and Wally Rhines demonstrated a blue-violet LED made from magnesium-doped gallium nitride.  This was the first LED that made blue light, but it was very inefficient.  What Akasaki, Amano, and Nakamura did was to develop ways of growing epitaxial crystal layers of high-quality gallium nitride combined with other materials in a way that greatly improves the device's efficiency.  By the early 1990s, they had carried their improvements far enough so that high-brightness LEDs could hit the commercial market.  Further developments with phosphors and other techniques have finally pushed LEDs to the point that they can compete economically with older forms of electric lighting. 

I think the lesson to learn here is that the awarding of every prize, including the Nobels, is a combination of good judgment (one hopes), timing, the composition of the committee deciding on the prize, and the flukes and random effects of history and chance events.  In other words, the Nobel Prize is what you would get if you mixed God's absolutely correct insight on exactly what went on, with a lottery.  And sometimes the lottery part plays more of a role than the perfect-judgment part. 

Nick Holonyak certainly has a case.  But so does Biard (who is still alive as of this writing), and so would Maruska, Rhines, and a host of others who made various contributions of lesser importance to the long saga of the LED, which began as a gleam on a silicon-carbide radio detector in 1907. 

Sources:  I referred to reports on the 2014 Nobel Prize in physics carried by the Independent (UK) at http://www.independent.co.uk/news/uk/home-news/nobel-prize-2014-japanese-scientists-isamu-akasaki-and-hiroshi-amano-and-american-shuji-nakamura-win-physics-award-for-led-invention-9779517.html.  The same paper reported on Nick Holonyak's comments at http://www.independent.co.uk/news/science/nobel-prize-2014-inventor-of-the-red-led-hits-out-at-committee-for-overlooking-his-seminal-1960s-work-9782948.html.  I also referred to the Wikipedia articles on light-emitting diodes, its list of the Nobel laureates in physics, and its articles on Alfred Nobel and Oleg Losev. 

Monday, November 10, 2014

Yik Yak—Yuck


In discussions about the ethics of technology, every now and then you hear something like the following argument:  "Technology is neutral—it's just people who are good or bad."  Or take the bumper sticker favored by some members of the National Rifle Association:  "Guns don't kill people—people do."  While there is a measure of truth in this idea, it applies better to some technologies than to others.  It doesn't make much sense to apply it to the gas chambers used by the Nazis to kill Jews at Auschwitz, for instance.  So those who use this argument as a blanket excuse for opposing the regulation or curtailment of a certain technology should know that their case is not airtight, and needs to be considered with regard to the circumstances in which the technology is typically used.  This is especially true of the new smart-phone app called Yik Yak.

It sounds harmless enough at first.  You can buy it at the Apple iTunes store and other places, and it runs on iOS or Android phones.  It's sort of like Twitter with a 200-character limit.  But there are two main differences.  One, it is limited to communicating within a 1.5-mile radius (by a tie-in with your phone's GPS system).  Two, all posts are anonymous—no passwords, no usernames, and no way to tell who posted what.  Yik Yak is the digital equivalent of a wall waiting to be covered with graffiti.  And as you might expect, the average level of messages on Yik Yak appears to be pretty much what you'd find scribbled on a bathroom wall. 

The way I found out about Yik Yak wasn't by buying it and trying it out.  (My clamshell phone is so old it barely manages texts.)  I happened to pick up a copy of the University Star, the student paper at Texas State University, and read an editorial by a journalism major urging students not to do drugs.  And by the way, he said, it's so easy now—all you have to do is get on Yik Yak and start asking around, and presto—here comes the pusher, or dealer, or whatever they call the scumbag these days who sells illegal drugs. 

Normally I don't read editorials in the student paper, because I typically disagree with 95% of whatever they say.  But here was a man-bites-dog story—a student saying that Yik Yak was leading fellow students astray.

That's not all.  Although Yik Yak is supposed to be limited to those 17 and older, the app simply asks you to certify your age.  Anybody old enough to spell and use a smart phone can register, and nowadays that means grade-schoolers.  The anonymity of the app is an open invitation to bullying, sexual-themed texts, and bomb threats.  One Long Island teen found out the hard way that the purported anonymity of Yik Yak has a limit.  He posted a bomb threat, the cops presumably got a warrant and went to Yik Yak, and the company fingered their unhappy customer, who is now facing a possible jail sentence.  So much for truth in advertising.  The firm does have some legal boilerplate on their website to the effect that the only way they will break anonymity is if a duly authorized government entity asks them to.  But that can certainly happen.

Nevertheless, a lot of bad stuff can and does go on before the police have to get involved.  A Google search turns up numerous cases of cyber-bullying aided by Yik Yak.  If five or more people within your range vote your posts down, you disappear—but how often is that likely to happen?  Mob psychology dictates against it.  Asking a mob to transform itself into a deliberative democracy and vote bad actors off the air is like putting a pound of hamburger in front of a pack of hungry dogs and asking them to vote about fasting for Lent. 

I don't often unequivocally condemn a particular technology, but Yik Yak is getting my Bonehead-App-Of-The-Year award, which I just came up with.  Putting a way of posting anonymous comments in the hands of teenagers is simply asking for trouble.  There are places for anonymity—the ballot box, for instance.  But voting is something we want to encourage.  Buying drugs, making sexual and other kinds of insults, and threatening mass destruction are things that we want to discourage—I hope there is still enough left of the tatters of Judeo-Christian civilization in U. S. culture to form a consensus on that.  And ever since the app came out last year, the firm has evidently been engaged in various types of damage control—posting warnings about misuse on their website and discouraging users from the very types of behavior that drive the app's popularity. 

I've run across this kind of insidious fraud before—websites that sell ready-made essays and homework solutions to students and warn that "these documents are for reference only."  Corporations are increasingly immune to moral arguments and tend to respond only to threats of legal action, either by civil lawsuits or by criminal-law regulation.  With the heightened sensitivity we have these days to the problem of bullying, it would not surprise me if a clever lawyer filed a class-action lawsuit on behalf of parents whose children have been abused by means of Yik Yak.  Failing that, I would hope that some regulatory agency—the FCC comes to mind—would step in to tell Yik Yak either to change their rules radically or get lost.  In today's deregulated political atmosphere, the latter is unlikely, and the lawsuit route requires the prospect of a large financial settlement to get enough high-dollar lawyers motivated.  Unfortunately, Yik Yak is a small startup with only a few million dollars of funding, and so the lawsuit might have to wait till a big company like Google swallows it up. 

But Google's code of ethics—"Don't be evil"—would presumably make them hesitate before getting mixed up in a technology that panders so easily to the worse angels—in other words, devils—of our nature.  So let's hope that Yik Yak either gets buried under a pile of lawsuits and is never heard from again, or even better, the people in charge of it realize that they've created a monster, and drive a digital stake through its heart.

Sources:  The editorial about drug use and Yik Yak I read was written by Rivers Wright and posted on the University Star website at http://star.txstate.edu/node/2817.  I referred to articles on Yik Yak from several news sources.  The story of the Long Island teenager was carried by WPIX-TV, New York City, on their website at 
http://pix11.com/2014/09/16/li-teen-now-behind-bars-learns-that-yik-yak-is-not-anonymous-after-all/.  Internet security expert Tim Woda warns parents about Yik Yak at the website http://resources.uknowkids.com/blog/why-yik-yak-is-the-most-dangerous-app-you-have-never-heard-of.  I also referred to the Wikipedia articles on Yik Yak and Auschwitz.