Talk:Lecture 2

From CyberSecurity
Revision as of 23:15, 13 September 2005 by Jalsalam (talk | contribs)

Jump to: navigation, search

Ok, here we go.

I am not too sure of the perfect way to start this up, but I will just start with throwing out questions that came up for me in lecture.

Go to the last lecture's discussion: Talk:Lecture 1

General Issues

Premise: Something has changed, with the Third Wave of terrorism, so that now terrorists have a new goal of waging war. My first impression is that this still sounds like a tactic to me - the goals should be more concrete, such as gaining concessions from the United States, or Western Nations.

Q: Have the goals of terrorism changed? Under what conditions would Al Qaeda decide to call off the war, negotiate a truce, etc?


SMM: The goal/tactic distinction is fairly definitional. You could call everything in the first lecture (publicity, forcing concessions) a tactic if you wanted also. The reason I don't do that is that we usually think of terrorism as a tactic. Also, I have tried to abstract away from the goals that particular terrorists want -- Rather, the question has been, given some set of goals is terrorism a rational way to proceed? Your way might be more conventional usage, though.

So call mass violence a tactic if that helps. The point of the second lecture is that warfare/mass violence has always been a tactic that nations (but not terrorists) used to attain goals. And what we know about this tactic tends not to work without exceedingly large casualties. This is not to say that casualties are the only variable -- clearly they are not -- but since we lack a good theory of warfare, the only way to proceed is to develop an intuition for the most important variables one at a time.

Of course, you can't ignore the other variables altogether. At some point you have to add them. These variables include the particular conditions under which the parties might call off a war or negotiate a truce. In a full theory (which doesn't exist!), the level of these demands would interact with how many casualties the US is willing to sustain or, equivalently, Al Qaida needs to inflict. The demands would presumably also shift over time depending on how well the war is going for one side or the other. But as I say, we don't have any very good theory of how these things happen.

One really important consideration is to task whether Al Qaida could call a truce even if it wanted to. If they can't, then the struggle becomes bloodier all around.


Premise: There have been changes in the nature of terrorism that now terrorists are more inclined towards causing mass casualties. In the past, perhaps it was constrained by the need to maintain good public support, or the support of the state sponsor.

Q: Does Al Qaeda have anything to protect that would cause it to shy away from total warfare?

  • My thoughts: They seem unconcerned with public opinion within the US, besides perhaps creating fear. This may be a mistake since the ability of the U.S. government to wage counter-warfare is dependent upon public support. They certainly need to protect public opinion within the Arab world, whether among the people who are potential recruits, or the people who donate money to the organization. As such, I would expect that they would still be constrained in similar ways as under state sponsorship.


SMM: I think that's right, although sponsors have a return address and are therefore afraid of being bombed. People who send recruits/donors are much less likely to see that kind of incentive, their responsibility is diffuse.

Another angle on the problem is that the terrorists in most of the plots in Europe and North America stayed in those places for months or years or were even born there. In those cases, local Moslem community sympathy (or at least neutrality) plays a significant role in letting terrorists to "stay invisible."


Technology Issues

Complexity/Magic tree idea: One weakness that we have against terrorism is the complexity of our society, the fact that there are interdependent systems that often have hubs and leverage points. Case in point, a single tree falling in the right spot can cause wide-ranging power outages (with resulting problems).

Q: Does engineering systems to be robust against natural disasters (and minor ones like trees) and hooligans provide enough protection against a lot of the things that terrorists would do? Or are there ways in which terrorists might attack a complex system that is very different from nature and the hooligans?


SMM: There's a nice NATURE article (27 July 2000) about the Internet which says that you can imagine two different ways that the network could be connected. In the first, the number of connections that each node has is a Gaussian ("bell curve"). This leads to most nodes having some similar interconnectedness. In that world, system performance diminishes more or less linearly if you take out nodes at random. Furthermore, an intentional attack (picking the most connected nodes) doesn't do much better, because the bell curve guarantees most nodes are pretty average.

On the other hand, you can imagine a "power law" distribution in which a few nodes are hugely connected but the overwhelming majority of nodes have only a few. In this case, the system is enormously resistant to natural disaster but also more vulnerable to terrorism.

Even though the article is about the Internet, the same logic fits most complex systems. For example, during the Cold War the military worried about attacks on the phone system that might disrupt the President's ability to authorize a strike during a nuclear attack. The answer in the 1960s was reassuring -- There were so many ways to route a telephone call that destroying a few switches wouldn't matter. The answer in the 1980s was less reassuring -- By then, a large volume of traffic was shuttling through a small number of huge switching centers. Contrary to our usual intuitions, society has become less complex (by some measures) and more vulnerable.

Social Issues

I am just going to pose the question that Maurer asked, so that maybe some people will take a stab at it.

Q: Is outsourcing the most efficient way for Al Qaeda to wage war?

yes, because they want to get the message across with mass publicity. Then they take the blame for a terrorist action, and boom, more publicity...

But heres another question, should US and other democratic nation-states increase security on the 9/11 ann., or should this been happening everyday?


I actually thought that an interesting idea Professor Maurer alluded to was that outsourcing may be a more inefficient way of conducting business for terrorists than keeping things in-house would be. Professor Maurer mentioned the economist Ronald Coase. From what I read on the internet, Coase pointed out that, while outsourcing may traditionally be thought of as the most efficient way to get things done (since the market makes sure that tasks are performed by the firms that can do them at the least cost), transaction costs sometimes make outsourcing more inefficient than doing things in-house. In the case of a terrorist organization, I’m guessing that the most significant transaction costs are “enforcement and policing costs.” That is, when you contract out some part of a terrorist plot, you have to make sure that the party with whom you’re contracting 1) actually does what you’ve paid them to do and 2) doesn’t leak information to the authorities either on purpose or inadvertently. As Professor Maurer mentioned, Bin Laden has gotten burned trying to orchestrate complex plots using outside contractors (e.g. spending millions on unusable uranium, or having hard drives with sensitive information on them found by U.S. authorities). Anyway, I guess I’m wondering if Bin Laden’s outsourcing may make his plots easier to foil since outsourcing must make it harder for him to ensure quality and secrecy. Avi Springer


SEAN WEST (2nd Yr MPP at GSPP): I wanted to respond to the point brought up in class about British intrusiveness in terrorism prevention and response--including surveillance cameras and, I would add, bag inspections on trains under a strict profiling system. While living in London this summer during the attacks I was impressed by how quickly the government was able to locate all suspects of the second failed attacks as well as identify the bombers in the first attacks. Further, it was interesting how the CCTV cameras captured images of the police shooting a mistaken Brazilian citizen thinking he was a suicide bomber (photos of which were leaked to British tabloids three weeks later). In America we have no tolerance for these cameras--they have been piloted in Florida for crime prevention and elsewhere with little support from local citizens (indeed there are even concerns about CCTV cameras set up by lifeguards in Southern California to monitor the beach). But in Britain there is wide-support for CCTV despite similar ideological societal concerns about privacy--one case in point being the row created over whether or not to pilot a national identification card scheme. I think one reason why the British are willing to support CCTV is because these cameras have a proven track record of deterring crime and solving crime. The scheme is not sold as a terrorism prevention system but rather a wide-spread attack on crime which has significant supporting evidence to prove that crime is reduced in the areas where CCTV is located. Perhaps, if an integrated system of CCTV to combat crime and terrorism were properly devised and brought forth for discussion, maybe there would be some support in America now. Any thoughts?

On the second point about bag searches: Directly after the July attacks the government announced that transport police were to inspect bags in the London Underground--but only bags of those who appeared to be Muslim (I believe the police chief said something to the effect of “Of course we won’t be wasting time searching little old white ladies.”). Concurrently, the NYPD began random bag searches on the NY subway, with no corresponding profiling system. The UK has a MUCH larger Muslim community but there has not been any real uproar over the issue. Is this due to more trust in the government (even after the police shot a citizen mistakenly), or a higher tolerance to trade convenience (racial tolerance being included in a broad conception of convenience) for security in Britain but not in America? Or is this just typical of a large population of those not being targeted who are willing to tolerate anything that yields psychological comfort of increased security even if it does not actually increase security (I would argue that random bag searches at 1/50th of Tube stations does not yield much security anyway--especially when the attacks are being performed by terrorists who are willing to die....we could see checkpoint attacks at the gates of the Tube if terrorists were actually selected to be searched). I look forward to hearing replies to either or these points and continuing discussion. ---Sean

Retrieved from "http://cubist.cs.washington.edu/CyberSecurity/index.php?title=Talk:Lecture_2&oldid=15"