Category Archives: National Security

‘Has the US Defense Department killed a million Americans since 2001?’

Posted on October 21, 2011 by Michael Froomkin

John Quiggin crunches the numbers for us and puts the actual estimate of foregone domestic health and safety due to spending on armaments and war at somewhere between 100,000 and 1,000,000 lives in the last decade:

The numbers are quite striking. The ‘peacetime’ defense budget is around $500 billion a year, and the various wars of choice have cost around $250 billion a year for the last decade (very round numbers here). Allocated to domestic risk reduction, that money would save 150000 American lives a year.

So, since 9/11, US defense spending has been chosen in preference to measures that would have saved 1.5 million American lives. That’s not a hypothetical number – it’s 1.5 million people who are now dead but who could have been saved.

More seriously, it’s not really plausible to think of eliminating defense spending altogether. But if the US spent 2 per cent of GDP like other rich countries (around $250 billion a year) and didn’t engage in wars of choice, it could have saved a million US lives over the past decade.

A still more serious objection is that money saved on defense wouldn’t be used to save lives anyway. …

First, even if the money was just handed back in tax cuts, around 15 per cent would probably be allocated to health care and more to things like education that are positively correlated with health status. Rounding to 20 per cent, that would still have saved something like 100,000 lives over a decade.

Just to put those numbers in context, that is somewhere between 27 and 274 lives at home per day. If you spent the money saving lives abroad, you get a lot more bang for the buck. Well, actually, less ‘bang’ as such since military spending is down, but it costs less — 100 time less he tells us — to save lives in poor countries, so the savings could have saved a million lives in a decade after all.

Posted in National Security | 3 Comments

Terrible Fact

Posted on August 14, 2011 by Michael Froomkin

More U.S. soldiers and veterans have died from suicide than from combat wounds over the past two years. (Source)

Posted in National Security | 3 Comments

Crypto: The Sky Did Not Fall

Posted on July 13, 2011 by Michael Froomkin

In Wiretapping and Cryptography Today Matt Blaze looks at the latest 2010 U.S. Wiretap Report and discusses why, despite all the predictions of doom we heard about strong crypto 15 years ago, in fact crypto has basically no effect at all on law enforcement ability to pursue an ever-increasing number of wiretaps:

the latest wiretap report identifies a total of just six (out of 3194) cases in which encryption was encountered, and that prevented recovery of evidence a grand total of … (drumroll) … zero times. Not once. Previous wiretap reports have indicated similarly minuscule numbers.

What’s going on here? Shouldn’t all this encryption be affecting government eavesdroppers at least a little bit more than the wiretap report suggests? Do the police know something about cryptanalysis that the rest of us don’t, enabling them to effortlessly decrypt criminal messages in real time without batting an eye? Is AES (the federally-approved algorithm that won an open international competition for a new standard block cipher in 2001) part of an elaborate conspiracy to lull us into a sense of complacency while enabling the government to secretly spy on us? Perhaps, but the likely truth is far less exciting, and ultimately, probably more comforting.

The answer is that faced with encryption, capable investigators in federal and local law enforcement have done what they have always done when new technology comes around: they’ve adapted their methods in order to get their work done.

Remember this the next time an earnest government official explains why they just have to store all your online communications for a couple of years.

Posted in Cryptography, National Security | Comments Off on Crypto: The Sky Did Not Fall

Crowdsourcing Book Title & Design

Posted on June 21, 2011 by Michael Froomkin

Bruce Schneier is asking you to help him pick the title and cover for his next book.

Posted in Cryptography, National Security | Comments Off on Crowdsourcing Book Title & Design

Four Top Cybersecurity Myths

Posted on June 9, 2011 by Michael Froomkin

#1:

Cyber terrorism: it does not exist. There are no – repeat, zero – documented incidents of cyber-terrorism. The idea that al-Qaeda will use virtual reality technology to train terrorists here in America (which I heard today) is simply ludicrous. Bin Laden didn’t even use e-mail! And anyone who’s tried streaming Hulu over a wireless connection will appreciate just how hard it is to use high-bandwidth apps even in a broadband environment.

via Info/Law, Cybersecurity Theory and Myths.

Cyber-security purveyors are certainly relying on an over-hyped threat model. That’s how you get funding. But doesn’t the Stuxnet worm suggest that there are other sorts of cyber-terrorism that might be practicable? And if Stuxnet was launched by a government, as some suspect, can we really say there’s never been any cyber-terrorism? Perhaps, because then it counts as an act of war by a nation-state, not terrorism as such.

Go read the rest — the other three top myths seem right on target.

Posted in Internet, National Security | 2 Comments

Timing

Posted on May 2, 2011 by Michael Froomkin

I remember flying up to DC shortly after they turned the air traffic control system back on post-9/11. People here in Miami were weird about it — they treated it as a very dangerous thing to do. For some reason I didn’t feel threatened at all. That said, the experience at the airport, in which a great effort was made to search everything, and in the air, in which for the first time we told to stay in our seats for the last 30 minutes of the approach to DC, was decidedly off-putting. The atmosphere on the plane was oddly strained.

Now, once again I’m flying early Tuesday to the DC area (although actually landing at BWI and spending the day in Baltimore), right when the airport security staff are likely to be at their jumpiest. Who can blame them?

Still, I cannot help but think that the giant security apparatus, and the huge dead-weight costs of people going to the airport early and wasting time, is one of the clearest signs that that we are not, despite recent events, succeeding in the ‘war on terror’ because we are letting our choices and expenditures be defined by those who do not wish us well. Maybe we’d be better off trusting those metal cabin doors to protect us from hijacks, and accepting that even so there can be no perfect safety in a complicated world.

I’d take the risk, but I’m not the one who would have to explain it if something went wrong, and those who do have gigantic institutional incentives to be, and even more to be seen to be, risk-averse. Thus, the FBI openly is being transformed into a domestic intelligence agency, one charged with preventing rather then solving crimes. In a perfect world, of course, prevention is better than cure, and punishment is not even cure. But there is no way an FBI or any other public agency can seriously undertake this mission without, and there is no other word for it, spying on a lot of people. I think history has a few things to teach us about how that works out for societies as a rule, and I wonder how much we are heeding those lessons.

On Wednesday, I’ll be in DC visiting family and friends. On Thursday and Friday I’m going to the GIGANet Doubleheader. My part of the talking will be about IP numbers on Thursday, and about ICANN on Friday. There’s a written paper for the Friday talk.

Posted in 9/11 & Aftermath, National Security, Talks & Conferences | 1 Comment