One slight modification taking a page from South Africa's Truth and Reconciliation Committees:
If you acknowledge the error of your ways and also change them then you should be forgiven. How do we know it isn't a glib confession? That's going to have to be a judgment call.
Blackballing people based on ideology is a McCarthyite idea, not a progressive one
And AFAIK nobody is subjected to force for talking about Bradley Manning on either side of the debate, so I don't understand your example.
> Blackballing people based on ideology is a McCarthyite idea, not a progressive one
Being "progressive" is not an argument _for_ something. Progressivism (that's properly a capital P) is a subset of left-wing ideology. Probably less than 20% of HN participants are Progressives.
Also, there is absolutely nothing wrong with blackballing people on the basis of ideology. In fact, you have to do that. Would you sympathize with a Nazi?
The idea that moral judgement is immoral is, again, a Progressive idea (and is also self-contradicting).
When you label something "McCarthyite," you are falsely lumping together moral judgement (which is needed) with irrational exuberance. It's a deceptive way to use language. Let's not do that.
As he says, their behavior is illegal, and blackballing is better than they deserve. Nobody is advocating anything except due process and free speech.
Who can possibly object to that?
It's not clear yet that what they did is illegal. No court has ruled that. It's sickening to me that you can on one had assume that a group of people should be punished for something they may not even be guilty of while at the same time claiming to support due process.
These revelations have seriously weakened many people's belief in the rule of law, applicable to all. Secret courts and secret committees which oversee this activity lead us to judge actions as either moral or immoral, because we have no way to trust or verify the court decisions, or find out whether the law is even being followed, or even how it is being interpreted.
It's sickening to me that you can on one had assume that a group of people should be punished for something they may not even be guilty of while at the same time claiming to support due process.
When the law is applied inconsistently or not at all, people resort to vigilante action.
This is the fault of politicians who have proposed retrospectively legalising activities like metadata collection on every American, tapping every line they can get their hands on, or ignoring breaking into foreign telecoms outfits in supposedly allied countries in order to perform mass surveillance. I'd prefer to avoid vigilante action too, because it does lead inevitably to more evil, misunderstanding and mob justice. We see this from time to time on HN as the mob picks on a target (typically a web company) and tears them apart for some trivial misdemeanour poorly understood at the time. Once the mob starts, it cannot be stopped, and everyone just joins in because to not join in or raise questions makes you a target. At times something similar has happened here to those who oppose this surveillance. People feel angry and impotent and take it out on those who support these actions.
I do think this part of your statement is incorrect though and does not follow from the first sentence - something they may not even be guilty of. We now know with a fair degree of certainty what they are guilty of, the legitimate question you raise is whether it is technically considered illegal or not. For many people though, because of the misuse and perversion of the laws governing these activities, they don't trust the law, and the question has now become:
Is this right and can I support it, or should I oppose it at every opportunity, and any laws which support it?
This may or may not be the fact, due only to surreptitious, insidious manipulations of legislation. But how about we try immoral, unconscionable, and unconstitutional?
When Congress asked James Clapper really tough questions, to which he gave untruthful answers, is that because Congress thought the NSA was acting in accordance with the law? Did Clapper give untruthful answers because he thought the NSA was acting in accordance with the law?
http://en.wikipedia.org/wiki/James_Clapper#False_testimony_t...
It does not take long extended trials determining precise compliance with law before we, as people, can determine whether or not we should chastize someone. Sometimes it merely takes their public behavior and a smidgeon of thought.
So? It is clear what they did and continue to do is wrong.
Exactly. If you are a member of the communist party you have no business working in the entertainment industry.
I'm surprised people are suggesting this as a solution. I don't see how creating an us vs them mentality is helpful here given that when you get down to it they are basically just folks trying to make a living and feed their family like any one else. A better and more positive solution could be for a bunch of private sector companies who opposed what is going on here to get together and aggressively poach their employees. It's hard to build an evil empire when all your best engineers have been hired away.
aka: "The Yuppie Nuremberg Defense"
Anyway, the theory of operation here is that if you create social cost for the decision to work for the NSA, then the NSA will have a more difficult time recruiting new mathematicians. Even if you only get 5% of all graduates to swear to themselves that they won't take a job with the NSA, that is 5% of the top talent that the NSA will no longer be able to recruit.
Your "better and more positive" solution can and should be tried at the same time. We should do both. Ostracize the participants, and welcome them back into the fold with open arms and juicy salaries if they 'see the error of their ways'.
Regardless, this proposal really does not count on any sort of innate notion among the NSA rank and file that what they are doing is wrong. What it counts on is NSA rank and file valuing their non-NSA social, academic, and professional contacts. "If you take that job, you are dead to me.", coming from colleagues and friends, does not really have anything to do with what the prospective NSA employees "big picture" on the ethics of that line work.
If we want to convince prospective NSA employees that taking an NSA job is ethically wrong, then that is something that we can do in addition to this. Convince them they are wrong, and let them know that social ties will be severed if they go through with it.
The "Yuppie Nuremberg Defense" is a pop-culture reference to the movie Thank You For Smoking. In the movie, the phrase is used to describe the defense "I've got a mortgage to pay", offered up by a lawyer^W spokesperson who worked for large Tobacco firms.
(The Yuppie Nuremberg Defense should not be confused with the Superior Orders defense (often called the Nuremberg Defense); with the Yuppie version the defendant asserts that the listener should excuse them because they did it for the money, not because they were commanded to.)
So, if we assume that analogies, references, and allusions to history are verboten, I am actually saying "The NSA is literally Big Tobacco". How senselessly inflammatory of me.
a) The author believes the NSA has a toothbrush moustache, wears its hair combed in a side parting, and is responsible for invading Poland and starting world war two, or.
b) You have taken a metaphor literally when it was really meant as an illustration of why a certain line of argument is not accepted any more.
Please don't do this. This type of exaggeration has a tendency to shut discussions down rather than allow the points to be considered.
We have the same variables as Hitler (or Stalin), just assigned with different values.
And you think we are creating an us vs them mentality?
I think you can and should hold people responsible for their choice of livelihood and the organization they work for. That someone is turning a profit doing something bad doesn't make it better. It makes it worse.
There are other jobs that would harm a lot less people. "making a living" could justify any behavior if you want to use that as your excuse.
It's pointless to say you won't do business with one when they are all interconnected. Coming from someone raised in Beltway culture.
edit: It is also funny when people say things to the effect of "Beyond what conspiracy theorist could have ever imagined". I'm honestly surprised when people say they didn't know or expect this was happening.
Then you must not have much experience with people in the academic crypto community. Most people assumed that the NSA was engaged in wiretapping activity, but BULLRUN was a big shock. People generally assumed that information assurance was at least as important to the NSA as signals intelligence and pointed to things like DES (which the NSA strengthened) as evidence. The idea that the NSA was deliberately subverting crypto and security software, including software that vast swaths of the US government uses, was considered to be an out-there conspiracy theory.
So while I think the author is a little extreme in saying that this is beyond what conspiracy theorists imagined, it is not wrong to say that people in the academic community were surprised. You can look at what people said on the cryptography mailing list and in sci.crypt prior to these revelations if you do not believe me.
Why would people have assumed that after the failure to enforce Clipper chip usage, that NSA would have simply given up on getting access to the plaintext of messages? That makes no sense whatsoever; NSA has been breaking codes (not merely wiretapping) since NSA has been around, just like it has long been an open secret (if unacknowledged publically) that NSA hacks into specific systems if they can.
It is true that COMSEC is a core function of NSA, but that is not inconsistent with NSA performing targeted SIGINT or general cryptanalysis. If their codebreakers can break into equipment used by the US government or major commercial interests then so can foreign entities, and therefore NSA needs to try anyways, even if we're talking about "pure" information assurance.
Likewise the history of NSA has shown them before to be willing to give people cryptosystems that are strong against everyone but the NSA. That's also in keeping with NSA's drive for COMSEC, since (from their POV) they won't be needlessly decrypting 'innocent' information anyways.
So I'm not saying you're wrong about what the academic community was assuming, but I am saying I can't imagine why the academic community was so naïve. Indeed, I thought the ever-present distrust of NSA was exactly why they looked for backdoors in things like Dual_EC_DRBG, and used "nothing up my sleeve" constants in algorithms designed in academia.
Consider this exchange on HN nearly three years ago:
@moe: I had always considered the Clipper-Chip
incident to hint at the tip of an iceberg.
Do you really think that was an isolated one-time
event?
@kgo: The Clipper Chip was introduced in the open.
They tried to push it through legislation. It's
not like the NSA blackmailed Intel executives to
include the capabilities secretly in their
Pentium Processors without notifying their
customers.
Same with the new proposed legislation. But all
that demonstrates is that the NSA has an
interest in being able to (legally) monitor
encrypted communications. Which everyone already
knows.
If someone had 'busted' the NSA trying to do
something sneaky and/or covert and/or illegal,
then you could argue that it's the tip of some
iceberg of nefarious activity. But like I said
this was all done out in the open.
You might as well say that because we know the
FBI wiretaps phones through legally obtained
court orders, that's the tip of the iceberg that
points to millions of illegal wiretaps. It's a
bad inference.
https://news.ycombinator.com/item?id=2018456
The gist here is that Clipper, being a public effort to subvert encryption, should not be seen as evidence that the NSA was interested in non-public subversion of security.
Was this naive? In retrospect? Obviously. At the time? Arguably.
Where people, who reasonably should have been informed, caught off guard by the revelations brought to us by Snowden? You betcha.
[edited for formatting]
This is actually essentially what I was arguing, not just moe's point:
But all
that demonstrates is that the NSA has an
interest in being able to (legally) monitor
encrypted communications. Which everyone already
knows.
But even assuming malice here, I'd have said even at the time, with the ongoing changes to communication patterns across the world, that there's simply no way you can assume NSA isn't trying to hack everything they can. When I was reading Schneier a decade or more ago they were the very definition of Mallory, and nothing has changed on that since. But I suppose you're right, that people at the time weren't seeing NSA the same way I was.
BULLRUN is not a cryptanalysis program, and it is a stretch to call it a "hacking" program -- and certainly not one that targets specific systems. BULLRUN is the NSA program to deliberately introduce exploitable bugs in cryptographic protocols, software, and so forth.
"the history of NSA has shown them before to be willing to give people cryptosystems that are strong against everyone but the NSA."
First of all, the NSA does not frequently give cryptosystems to anyone outside of the US government. That being said, there are two prominent counterexamples to your statement: DES and DSA.
"I thought the ever-present distrust of NSA was exactly why they looked for backdoors in things like Dual_EC_DRBG, and used "nothing up my sleeve" constants in algorithms designed in academia."
It is worth noting that even when the Dual_EC_DRBG backdoor was discovered, there were people who were skeptical about it being deliberate. Even Bruce Schneier expressed some skepticism about it being an NSA backdoor:
https://www.schneier.com/blog/archives/2007/11/the_strange_s...
I don't understand why the NSA was so insistent about including Dual_EC_DRBG in the standard. It makes no sense as a trap door: It's public, and rather obvious.
As for nothing up my sleeve constants, that goes beyond just showing that there is no back door. Suppose you were analyzing a cryptosystem, and it required some particular constant. What about that choice of constant makes the system secure? If a different constant were used, would system still be secure? Even if you never gave any thought to backdoors, nothing-up-my-sleeve numbers would matter -- cryptographers like to know the reasoning behind design decisions, and it is much easier to explain why you picked 1234567890 as a constant than 43895762356157265.
He also mentioned how it was NSA (and NSA specifically) who were 'so insistent' on including that 'obviously' broken algorithm in the standard. I mean, that question kind of answers itself (even at the time!) as long as you're not presupposing that NSA turned pure white in 1995.
This always ceases to amaze me
Really? Ever tried to get in shape? There's always that first step. Also -- quoting someone here who, whatever his faults, did get rid of a lot of american colonial bullshit -- it does not matter how slowly you go, so long as you do not stop.
It is very clear that you are a beltway product, and I eagerly anticipate never doing business with you, never inviting you to a convention, and never taking your money. Because the guy behind you is getting impatient. NEXT!
I honestly don't know what your point is here. This isn't some sort of "'free market' vs 'government', and who gets credit for various achievements" discussion.
Would that mean blackballing people who continue to work for government contractors as well? Possibly. I'd say that is left up to the individual implementor. We don't need to all literally agree on a list of individuals to blackball. A general trend across some subset of the community would do just fine. Some people may take it to the extreme, some may only dissociate from a narrowly defined group of people. This sort of social tension, or pressure, doesn't need to be engineered with exacting precision. A respected professor here, an influential ex-boss there, one of your college buddies that you might consider asking for a recommendation one day... all can contribute to this ostracism in their own way.
"It does not matter how slow you go so long as you do not stop." — Wisdom of Confucius
On topic though I don't even know what you're talking about. There are plenty of other mathematicians lined up to work for the government from thousands of schools around the country. There are plenty of PhDs in DC/MD/Va who have no problem taking the money at a R&D Firm or at the University they teach at.
As long as the NSA shells out money then smart people will take it.
But most of the kids are recruited and indoctrinated to these agencies straight out of school. So I'm sure they'll still find plenty of people to hire.
There's no shortage of things you can do when you have a lot of money.
If there are whole countries that are angry and the US Govt doesn't care then why would they care when a subset of a subset of their possible employees are mad.
We shouldn't be looking for "the way". We should be looking for "ways"
This is something that mathematicians can do (and I would say CS people as well). This action is not meant to exclude other action. Programmers can also work on systems that are more difficult to subvert, companies can find new ways to not collect personal information in the first place, the general population can call for reform and ultimately trials for the guilty parties, individuals in trusted positions can leak details and/or engage in sabotage...
Every potential avenue for change should be explored. In parallel. Deeply.
So adding a social cost to working for the NSA would make it that much harder. A grad student considering a career with the NSA should be forced to consider the possibility that their adviser and their friends might not be willing to even talk to them as a result. It may not seem like much, but every time a talented researcher chooses to work for the public instead for the NSA, the public wins a small victory.
So I don't expect much beyond a statement from the Society, if that.
Imagine if Gandhi had said "Britain will never leave India - look at all the British companies that have ties here"?
Instead, he (illegally) picked up a single grain of salt[1].
What would you do against legal but obviously wrong behavior?
I laugh because the legal route is the route people are supposed to trust (you know...checks and balances). It's just funny to see people with no faith in the system.
There are the same organizations that have conspired in the murder, shaming, and threatening of peace activists across the whole world. What makes you think you are invulnerable from this?
Do you remember the case of the DC Madam, the lady who was being charged of running a prostitution ring in DC, who "committed suicide"? Remember Iran-Contra? Do you not see what they do against whistleblowers? Do you realize the only reason why you're hearing about Snowden is because he is the only dissenter out of many who actually got and change done? And this is because he went public so that, unlike all the poor saps who "believed in the system", and "went through the proper channels", the NSA had no choice but to do some damage control.
Do you remember the goverment talking heads calling Snowden "incompetent"?
You can go and believe in whatever you want, but the people who do that believing are not the ones doing positive change right now.
I think it is more "alarming" than "funny." It is not a new phenomenon, of course, but it is one that should cause us a great deal of concern. We have governments, laws, and legal processes to ensure that various disputes are resolved peacefully and with respect for everyone's rights. When people start losing their faith in the system, they must also start finding "alternative" ways to resolve their conflicts.
What do you think should be done with the MDs who designed and supervised methods of torture at Guantanamo, or the torturers themselves?
The people at the telcos who enable mass surveillance are comparable to the Stasi informants. These people had severely restricted career prospects after their roles were revealed.
They're considering a perfectly legal route. Legal, and also most likely more effective than, say, sending letters to senators.
I don't even think it is intentional, they just aren't familiar with grappling with such concepts and make fundamental blunders when talking about this sort of thing.
"The reasonable man adapts himself to the world. The unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends upon the unreasonable man." — George Bernard Shaw
Unconventional thinking is what hackers and founders use to shape their world -- it's part of what makes Silicon Valley great. And creative, unconventional approaches doesn't mean illegal, quite the opposite. Creativity is design within constraints.
Today it's a letter by Sasha Beilinson in the "Notices of the American Mathematical Society". Tomorrow there could be another, then another.
To understand why Sasha's Belinson's letter is important, see Derek Sivers' 5 min talk, "How to Start a Movement" (http://www.ted.com/talks/derek_sivers_how_to_start_a_movemen...)
Engineers, programmers, and so on all already have to grapple with this issue with big defense contractors. It's more rare that mathematicians have to deal with it.
Its actually not "others", its the same issue; if you haven't severed ties from the rest of the US intelligence community (and, given the way NSA is wedged into the military as well, that too), you haven't meaningfully severed ties with the NSA, you've just made an empty PR gesture and made those ties very slightly less direct.
Well, I wouldn't call it stupid. Perhaps I would call it "incomplete". Or "hey, that's a start!".
Looks like under 5% of new PhD grads take a government job.
This could harm that interested 5% as well. At least I hope so.