Archive for June, 2010

Petraeus’s Sweet Revenge

Sunday, June 27th, 2010

We noted here several months ago that Vice President Joseph Biden was claiming Iraq as an Administration success. We argued then that we know that a policy has been a success when everyone claims credit for it. Before Democrats were in agreement that George Bush’s surge policy in Iraq would not work and would increase violence. When the exact opposite happened, the first response was to argue that Iraq would have improved under any circumstances in spite of anything that Bush did. The final end to the cycle is when the original opponents to the policy claim credit for its results.

We have additional evidence this week of the consensus that the surge worked. In light of the intemperate remarks of General Stanley McChrystal with regard to civilian leadership, President Barack Obama appointed General David Petraeus, the architect of the surge strategy in Iraq, to command US efforts in Afghanistan. Certainly, if Petraeus’s signature policy, the surge in Iraq, had been a failure or at best an accidental success, there would have been little reason to place such trust in Patraeus.

The success of Barack’s foreign policy will be in large measure dependent on success in Afghanistan which in turn is dependent on the military and political competence of Patraeus. The irony is that in 2007, when Patraeus appeared before Congress in defense of the surge policy,, ran an ad asking “General Petraeus or General Betray Us?” Secretary of State Hillary Clinton, then Senator Clinton, refused to condemn the ad. Then Senator Obama also refused to condemn the ad unless other ads were condemned.

Patraeus proves that competence and success are the sweetest revenge. Given Patraeus’s stature, it seems that he could push Afghanistan policy in any direction he feels appropriate. If he chose to resign rather than implement an Obama policy he does not believe in, any failure in Afghanistan would resound on the Obama Administration.

Securing Data in the Cloud

Sunday, June 20th, 2010

The laws and traditions surrounding the rights of people to “…be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures…” takes on new and interesting twists in a world where communications are conducted via e-mail rather than traditional mail and where papers and effects are stored not only in the home or office but virtually in the “cloud.” It is not clear that statutory law and case law has recognized these distinctions. Where do we have or not have reasonable expectations of privacy? Is it reasonable to have any expectation of privacy for anything that is online?

A couple of interesting cases have brought this issue to our current attention. Hushmail is a service where people are promised that they can send encrypted e-mail secure from outside scrutiny, even by Hushmail. A Javascript program is installed on a person’s local browser which encrypts the e-mail before it is sent from the computer.

It turns out that Hushmail may not be quite a secure as some users believed. Hushmail turned over 12 CD’s worth of clear text mail to prosecutors pursuing the distribution of illegal steroids.

The case of Thomas Drake is more sensational. Drake was a former NSA employee accused of sharing classified information with a reporter for a “national newspaper.” Some of the alleged communications transpired over Hushmail.

We have every reason to assume in these cases that all the proper warrants were obtained and the appropriate court supervision was provided. From a technical standpooint, how then was the Hushmail data in these case obtained. Much depends on the users. Using Hushmail with a local Javascript is the most secure way of using the service. However, for the sake of convenience, Hushmail also allows uses to use SSL encryption on the way up to Hushmail servers where it is then encrypted for e-mail transmission. Hence, between the point that the uploaded e-mail in unencrypted from the SSL session and the point it is re-encrypted for e-mail transmission, the mail is in clear text. It is at this point, the Hushmail could have saved e-mails to turn over to authorities. In principle, it would always be possible for Hushmail to push down new Javascript code that would make it appear that local encryption was taking place when it actually was not.

This same issue is relevant with cloud storage. As a matter of good practice, one should backup one’s data continuously offsite. One convenient way to do this is to use services like Carbonite, Mozy, or Backblaze. It is easy to imagine a situtation where the private papers of many people are stored in the cloud. Perhaps, even lawyers, doctors, and accountants who have a fiduciary responsibility to maintain confidentiality would find it prudent to use cloud storage.

Besides the standard SSL encryption on transmission, all these services offer additional encryption such that even the provider, ostensibly, cannot decrypt the data. However, just as the case with Hushmail, it would be possible for the provider, upon instruction from the authorities, to push new software that would bypass the user’s encryption key. It would be possible for a user to double encrypt, i.e., encrypt data using some other protocol before uploading and adding the encryption on the outside server.

There is not a lot of evidence that the government or others are abusing these offsite storage capabilities. Encryption is important from the standpoint of protecting data from private snooping. We should always presume that under the appropriate circumstances governments can and many times should have the ability to search private data. However, from a civil liberties standpont, it is important for the government to provide statutory protection for data stored in the cloud and not wait for the courts to do so. Personal data stored in the cloud should enjoy the same protection that paper documents stored in one’s house. The legal hurtles to obtain a search warrant should be the same for private data in the cloud as it is for one’s home or private office. Professions that have statutory protections of their relationships with clients, should have these offsite storage options treated with the same respect that the paper files stored in offices are normally accorded.

Do the Polls Indicate Obama Should Move to the Left?

Sunday, June 6th, 2010

The Rasmussen polls have a demonstrated history of accuracy at least in terms of election outcomes. This pollster has managed to accurately identify likely voters in a way that mimics election results. They certainly nailed the percentage differences in the 2008 President elections. All polls have their idiosynrcaies, especially in terms of the absolute values. However, most polls do an excellent job in tracking changes in pulblic sentiment.

All national polls have some presidential approval metric. tracks an average of many polls. President Barack Obama’s composite approval rating at the start of his Administration was in the plus-60% range. In recent months, the approval has fallen below the 50% mark.

Over the last few years, Rasmussen polls have focuses on an additional metric, the difference between those who strongly approve and those who strongly disapprove of the President’s performance. The goal is measure voter intensity. At the beginning of the Obama’s term, the strongly approve numbers were over 40% while the strongly disapproval number were well below 20%.

The plot below shows the temporal changes in this metric. In the summer of 2009, when new government medical plan was under ernest consideration, the President’s numbers were rapdily changing. Around August, the percentage of people who strongly approved of Obama’s performance fell consistently below the percentage of those who who strongly disapprove.

What is interesting is that the number of people who strongly disapprove seems relatively stable at about 40%. However, the number of who strongly approve seems to be strongly dependent on specific events. For example, in January 2010, after the State of the Union address, Obama’s supporters were heartened and some of those who register approval moved into the strongly approves category. However, that poll pop was short lived.

Immediately after the passage of the health care bill, the frustration of Obama’s supporters about the bill wes eased, and Obama experienced a longer-lived increase in the numbers who strongly approve. However, the strong approvers have dwindled since then. Whether because the glow of the passage of the health care bill has dimmed or because of the tragic oil spill in the Gulf of Mexico, fewer and fewer people strongly approve of the President’s performance.

Midterm election are often an referendum on presidential leadership and a president’s party. Moreover, midterms elections are more strongly dependent on enthusiasm that fuels turn out. Since the overall presidential approval ratings and Obama’s strong disapproval ratings have stabilized, it would seem wise for Obama to veer to the Left to shore up the energy of his strong supporters.