Cybersecurity and Piracy on the High Seas

Schneier points out an interesting article comparing modern cybersecurity to piracy on the high seas in the early 1800s. The article extends the comparison into projected action based on historical context. "Similarly, in many ways, current U.S. policy on the security of electronic commerce is similar to Adams' appeasement approach to the Barbary pirates. The U.S. government's inability to dictate a consistent cyber commerce protection policy is creating a financial burden on the U.S. private sector to maintain a status quo, when those resources could be used to mount a more-effective Internet-focused defense. In the case of financial fraud on the Internet, the costs associated with fraudulent transactions are currently borne by private companies, which then have to pass those costs on to their customers. This basically creates a system in which the financial institutions are paying a type of 'tribute' to the cyber criminals, just as Adams did to the Barbary pirates."

Re:silly

[thygrrr]

Err, it's not about software piracy.

Re:What do you know?

[smooth wombat]

Government is less effective than private companies. Who would have guessed?

Yeah. Look at what a great job private companies (Bear Stearns, Countrywide, Citigroup) did making loans. They were so effective at making loans, the government had to bail them out.

It's great to criticize government (I'm usually first in line) but when you're comparing something that large to one company, you can't. It's like comparing an oil tanker to a cigarette boat. Who do you think is more nimble?

WTF is this guy talking about?

[TubeSteak]

We can go back to the example of how this strategy can be a success by looking at U.S. efforts on the illegal drug trade's supply lines across the Caribbean. The harassment, search and seizure activities effectively raised the cost of transporting illegal drugs, thereby forcing many drug cartels to build more-expensive transportation networks, and in some cases forcing criminals out of the market altogether.

The US War on Drugs has led to lower prices and higher purity of the product being smuggled into the country.

The rest of this article is full of similar crap ideas and analogies.

Aaron Turner, who manages security technology transfer and commercialization for the Idaho National Laboratory, previously worked in several of Microsoft's security divisions.

Oh. I see.
I guess it's easier to create an international body to oversee the internet than get Microsoft to put out a secure product.

Credit card fraud? Bah

[IdeaMan]

His analogy of credit card fraud to piracy just hogwash. Credit card fraud typically doesn't occur by ISP's snooping on internet traffic because that is just too dangerous to the ISP's business and reputation. It's just easier to crack open someones database to harvest the numbers.

His analogy works far better when talking about Net Neutrality. You could say that ISPs are charging tribute based on packet type. The closest you could get is if a foreign country started blocking traffic to Amazon, or if say a British ISP started removing/substituting ads from American websites.

Article summary:
Its like if you were driving your car filled with Natalie Portman dolls filled with hot grits across the Atlantic at 5 furlongs per fortnight and the RIAA stopped you and robbed all the dolls. Except on the net where its LOCs of data per fortnight, not dolls. What he's saying is that we should call out the US Army to kill all the RIAA lawyers, but of course that should be illegal but they changed the law recently because of the Katrina reaction so now it isn't.

Re:What do you know?

[maxume]

Saying the government bailed out all of those companies is a gross and horrible oversimplification.

People who Bear Stearns owed money to got bailed out. Bear Stearns no longer exists as a company(most of the operations continue to exist under J.P. Morgan).

Countrywide and Citigroup didn't get anything more than cheap credit from the government.

Muslim != terrorist

[kurisuto]

It is an anachronism to use the term "muslim terrorists" to refer to criminals of the early 19th century engaged in piracy for profit. Whether you think American and European policy in the Middle East over the last century has been right or wrong, it is fairly safe to say that "muslim terrorism" over the past few decades has been a consequence of those policies. It is a phenomenon of the 20th and 21st centuries.

When you look at the historical record over many centuries, it's hard to say whether Muslims or Christians have been worse in terms of violent acts. On their side of the ledger, Christians have the crusades (which included the slaughter of the Rhineland Jews, among other atrocities), the complete annihilation of the Cathars, and the burning of accused witches, just to name a few of the more obvious examples.

Most Muslims and Christians aren't terrorists, either now or at any time in history. There are obvious political or propoganda reasons for repeatedly using the words "muslim" and "terrorist" in the same context, but I don't think that doing so is helping the cause of sustainable peace.

Not much.

[mcmonkey]

Interesting. Government is less effective than private companies. Who would have guessed?

It seems you (and the authors of the article) are missing a key point. Yes, international trade grew on a foundation of international and maritine law, but only after the Marines went in and kicked some Barbary butt. In that sense, government is more effective than private companies. (At least, private companies that don't have their own army and navy.)

Countries were able to reach peaceful agreements on how they would treat each others' ships at sea and use each others' ports only with the very real threat of military action.

To make an analogy to the internet, is there a real threat the USA will take militry action against Russia if that country continues to be a source of internet crime?

It's nice to say all countries in the 21st century have an interest in peaceful, orderly trade via the internet, just as countries had an interest in peaceful, orderly trade via shipping in the 18th. But the reality is, open shipping came at the point of a gun. If the analogy holds up, then is the same true for the internet?

Re:Muslim != terrorist

[Moryath]

Muslims who kidnap people and either kill them, or enslave them, unless they convert?

I'd call that terrorism. Fully Koranic-supported terrorism, btw.

Mod Parent UP

[postbigbang]

Very few political entities are bereft of terrorism. Schier once again makes numerous mistakes in pointing to the culpable. The culpable are: all of us, ranging from users teaching users, to ISPs, to the website owners, to the makers of protocols with holes like Swiss cheese (and apologies to the Swiss). It could be fixed, but no one wants to claim the nexus of responsibility.

The terrorism label is a red herring, great for propaganda and useless war mongering. No one doubts the existence of many organizations that will murder, some en masse, in the name of their cause.

It's IMHO even worse

[Moraelin]

Well, IMHO the worst analogy is even in the summmary. Basically: (A) businesses lose money to fraud, which supposedly is like (B) the government paying tribute to the pirates.

I mean... Umm, excuse me? They don't look at all similar to me. Just because they share one element, it doesn't automatically make two things similar.

If it automatically did, we'd have a hell of a lot of ridiculous "similarities" all over the place. E.g., (A) the government still can't stop cars from killing innocent people, (B) Stalin and Pol Pot killed innocent people too. Ergo, any western government is no better than those murderous regimes. E.g., (A) the fire departments often can't save everyone from a fire, (B) the Spanish Inquisition burned a lot of people alive. Etc.

But to get back on topic: Similar to the losses to pirates, ok, I can swallow. Similar to the government paying off pireates, no, just now. It'll be similar when the government tries to pay off cyber-crooks or something.

Basically (A) is a case of maybe the government not doing enough, while (B) is a case of the government actively doing the wrong (and arguably bloody stupid thing.) Other than as a melodramatic hyperbole, they're not the same thing at all.

And if we're to go even deeper into it, it gets even more lame than that. The barbary piracy resulted in not just a _hell_ of a loss of money (the tribute demanded alone was 1/10 of the federal government's yearly income), and a rather serious disruption of trade, but also loss of lives, and a bunch of people taken into slavery. One of the explicit conditions at the end of the Second Barbary war was that they stop the practice of taking Christian slaves.

It takes a really disturbed mind to see, basically, "yeah, well, I'm not getting as much interest as I could on my bank account" as similar to someone else being taken into slavery.