CNN reports that a Virgin Airlines flight diverted to Bradley International Airport in Connecticut sat on the tarmac for four hours, without so much as offering water. The excuse used is that the airport is not equipped with a suitable customs facility (Bradley has exactly one connection outside the United States – Toronto), but once again we see an inability to manage risks. What was the risk to passengers versus the risk to others by letting them sit in the terminal until appropriate customs people had arrived?
But our story doesn’t end there. As you may recall, airlines may now be fined for such behavior, but there’s a catch: the rule applies to domestic flights. A Virgin spokesman said that because they are a UK-flagged carrier they are not subject to U.S. laws. If that is indeed the correct logic, and that you’d receive the protection with a US carrier, then Virgin is encouraging you not to fly their airline. Go figure.
Today’s Wall Street Journal reports that mega-telcos Verizon and AT&T are in discussions with senior staff of the Federal Communications Commission (FCC) over a compromise for enabling legislation for the FCC to regulate access to the Internet. This is no small deal. Chairman Julius Genachowski has made very clear for quite some time that he thought there was a need to provide for some form of net neutrality to protect customers against service providers, and to insure openness. Another thing is perfectly clear to everyone: the rules of the 1980s and 1990s certainly are antiquated.
However, one problem with net neutrality is that it can mean different things to different people. To some it might mean protection from service providers charging for services that they themselves do not provide. To others it might mean an inability for service providers to manage what they deem as excessive use of a shared resource (their network) by some consumers, as their cost models are all structured on the notion of over-subscription. That is– if everyone tried to use a vast amount of bandwidth at once, we would all get very little, and not those megabits/second in the advertisement.
Here are a few facts to think about when you hear the term net neutrality:
- The tools service providers might use to give themselves some sort of market advantage are the very same ones they may need to use to protect consumers against denial-of-service attacks: it is in the average consumer’s best interest that bandwidth from rogue BoTs be limited. Differentiating between protection against BoTs and protectionism may prove difficult to regulators.
- Bandwidth on the Internet is not the same as a phone call. If you’ve ever been in a disaster situation, such as an earthquake or a hurricane, you’ll remember that there may have been times when you picked up the phone and got no dialtone. That is not how the Internet works. Most applications make use of Transmission Control Protocol (TCP), which is designed to share whatever bandwidth there is. While voice and video require a minimum to function properly, even modern day tools like Skype & iChat AV can step down their use of bandwidth when they see quality degrading.
- Most of us weren’t born yesterday, and it’s plainly obvious that there are very few telcos in the United States. The government has, since the passing of the Sherman Act in 1890, taken the position, with good reason in my opinion, that monopolies are bad, and that high levels of concentration are not good for consumers, either. Prosecution through that act as a means of redress, however, is a last resort, because…
- Such prosecutions take years if not decades, are often at the whim of administrations, and often do not succeed. Three examples of arguably failed prosecutions include IBM, AT&T, and Microsoft. In the case of IBM, the U.S. dismissed the case when Ronald Reagan became president. AT&T is arguably a failed attempt, because we are very close to right back where we started. In the case of Microsoft, European regulators have provided far more oversight than our own Justice Department, perhaps in part due to the non-European nature of the company, but also due to a lack willingness to go further by the Bush administration. Hence it is better to nip a problem in the bud. This is one reason for the FCC to have a role.
- At stake is not whether or not consumers will see a choice of service providers, but whether content providers and etailers, sites like mlb.com and Amazon will have a choice. Otherwise, we get to a two-sided market, where those who own the so-called eyeball networks also own the other end, providing an enormous price control lever.
- Properly considered, network neutrality as a concept protects against the idea that you have to go to a service provider to implement new applications features in the network. This is the core strength of the Internt, but it’s not clear that regulation is needed. For one thing, I would hope that providers understand that new features and applications are in their best interests, since they get to sell more bandwidth, and perhaps even offer a few such features to their, and other, customers.
That’s what all the fuss is about.
Every year I attend a conference called the Workshop on Economics of Information Security (WEIS), and every year I learn quite a bit from the experience. This year was no exception. The conference represents an interdisciplinary approach to Cybersecurity that includes economists, government researchers, industry, and of course computer scientists. Run by friend and luminary Bruce Schneier, Professor Ross Anderson from Cambridge University, and this year with chairs Drs. Tyler Moore and Allan Friedman, the conference includes an eclectic mix of work on topics such as the cyber-insurance (usually including papers from field leader Professor Rainer Böhme, soon of University of Münster), privacy protection, user behavior, and understanding of the underground economy, this year’s conference had a number of interesting pieces of work. Here are a few samples:
- Guns, Privacy, and Crime, by Allesandro Acquisti (CMU) and Catherine Tucker (MIT), provides an insight into how addresses of gun permit applicants posted on a Tennessee website does not really impact their security one way or another, contrary to arguments made by politicians.
- Is the Internet for Porn? An Insight Into the Online Adult Industry – Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda and Christopher Kruegel provides a detailed explanation of the technology used to support the Internet Porn industry, in which it claims provides over $3,000 a second in revenue.
- The password thicket: technical and market failures in human authentication on the web – Joseph Bonneau and Sören Preibusch (Cambridge) talks about just how poorly many websites manage all of those passwords we reuse.
- A panel on the credit card payment system, together with a presentation that demonstrated that even credit cards with chips and pins are not secure. One of the key messages from the presentation was that open standards are critically important to security.
- On the Security Economics of Electricity Metering – Ross Anderson and Shailendra Fuloria (Cambridge) discussed the various actors in the Smart Grid, their motivations, and some recommendations on the regulatory front.
The papers are mostly available at the web site, as are the presentations. This stuff is important. It informs industry as to what behaviors are both rewarding and provide for the social good, as well as where we see gaps or need of improvement in our public policies, especially where technology is well ahead of policy makers’ thinking.
Posted in Internet, Internet Consumer Identity, economics, security
|
Tagged banks, cybercrime, economics, Facebook, guns, Identity, Passwords, Payment System, phishing, Politics, Privacy
|
As opposed to my previous post, BBC reports an instance where the FBI has made use of public information to predict a possible threat to St Aelred’s Catholic Technology College in England. The information was on Facebook, and was available probably because the defendant hadn’t protected his postings, perhaps due to FB’s confusing approach to privacy. Imagine, however, that FB didn’t confuse anyone, and this information were protected. Would the FBI have been prevented from warning St. Aelreds? If if they couldn’t, would Facebook? And if Facebook didn’t would the FBI insist on new powers? Watch this space.
Imagine taking a vacation to some exotic place, perhaps even going to school abroad for a few months, and then being told that you can’t go home. The New York Times reports that such is the tragic situation of Yahya Wehelie, a young American who went to Yemen to study, at the insistence of his parents. He found himself on the No Fly List, for reasons we don’t know, and given no reasonable way to get home to Virginia.
Here we see the juxtaposition of many principles:
- The government responsibility to protect Americans on the ground and in the air from terrorism;
- The individual’s freedom to travel;
- Government responsibility to enforce trade other policies, such as that of importation of prohibited goods; and
- An individual’s right to freedom from unreasonable search and seizure.
Americans have the fewest rights when flying back to the United States. You can expect to be searched, probed, and prodded. You don’t have the right to carry a bottle of water into an airport, and you can expect substantial inconvenience, especially if you are disabled, when traveling. You can expect your laptop to be confiscated.
The situation is changing, however. A recent decision by a federal judge limits rummaging through laptops of American citizens. Another decision is clearly needed: Americans deserve the right to face their accusers, to hear allegations, and to be able to respond to those charges so that they can receive justice. The basic premise of an airport search is to address threats that are not amenable to taking the time to have such a hearing. Several weeks should be more than plenty of time for a case to be heard by a competent judge. Having some random person stick your name on a list is what one should expect of Nineteen Eight-Four and Brazil, and of America.
What would you do if it were your son trying to get home?
![[del.icio.us]](http://www.ofcourseimright.com/blog/wp-content/plugins/bookmarkify/delicious.png)
![[Digg]](http://www.ofcourseimright.com/blog/wp-content/plugins/bookmarkify/digg.png)
![[Facebook]](http://www.ofcourseimright.com/blog/wp-content/plugins/bookmarkify/facebook.png)
![[Fark]](http://www.ofcourseimright.com/blog/wp-content/plugins/bookmarkify/fark.png)
![[MySpace]](http://www.ofcourseimright.com/blog/wp-content/plugins/bookmarkify/myspace.png)
![[Slashdot]](http://www.ofcourseimright.com/blog/wp-content/plugins/bookmarkify/slashdot.png)
![[Twitter]](http://www.ofcourseimright.com/blog/wp-content/plugins/bookmarkify/twitter.png)
