2013-02-27

Mark Gongloff and Binyamin Appelbaum - mendacious gits

The Huffington Post's Mark Gongloff turns conventional wisdom on its head by arguing that the USA is already undergoing austerity:

The consistent fear of all of our recent stupid federal-budget crises has been that the U.S. economy is about to get slapped by a wave of sudden austerity. The little-remembered truth is that austerity is already with us. Has been for years.
Government spending as a percentage of GDP has been shrinking for the past two years at the fastest pace since the government shut down the Vietnam war, Binyamin Appelbaum of the New York Times writes today.
Really? Wow! Let's look at US government spending as % of GDP from 2000. The raw data looks like this:
Year / % GDP
2000: 32.56
2001: 33.33
2002: 34.74
2003: 35.31
2004: 34.86
2005: 34.83
2006: 35.12
2007: 35.09
2008: 37.16
2009: 42.83
2010: 40.96
2011: 40.51
2012: 39.94
So yes, Gongloff and Appelbaum are technically correct. From the peak of 42.8% in 2009 we've dropped to just under 40% in 3 years. But this conveniently omits the equally large rise in 2007 from 35% to 37%, and then a 5.6 percentage points leap to 42.8% in 2008.

So our "austerity" consists of spending 5 more percentage points of GDP than our pre-2008 peak. Oh my goodness. Won't someone please think of the children?

I refuse to believe that Appelbaum or Gongloff are ignorant of the GDP figures from the years before 2009, and so this qualifies them as mendacious gits of the first order.

Lies, damn lies and entrance statistics

Shock! Horror! Oxford University appears to be discriminating in favour of white students and against ethnic minorities:

In medicine, 43 per cent of white students who went on to receive three or more A* grades at A-level got offers, compared with 22.1 per cent of minority students with the same grades, according to data obtained by The Guardian newspaper.
Now, let's bear in mind that as A-level grade inflation has taken hold, three A* grades is no longer the talent indicator that even three A grades might have been 25 years ago:
In a 2007 report Robert Coe compared students scores in the ALIS ability test with equivalent grades achieved in A level exams between 1988 and 2006. He found that students of similar ability were achieving on average about 2 grades higher in 2006 than they were in 1988. In the case of maths it was nearer to 3.5 grades higher.[24]
i.e. an 'A' in 2006, which is presumably near an A* in 2013, was a 'C' in 1988. But that 43% vs 22% relative percentage seems to be damning, surely?

Assuming, just for the moment, that Oxford University medical professors aren't rampant racists, what could be the explanation? An Oxford University spokesperson hints:

"We do know that a tendency by students from certain ethnic groups to apply disproportionately for the most competitive subjects reduces the success rate of those ethnic groups overall."
Chinese and South Asian (Indian, Pakistani, Bangladeshi) students are disproportionately likely to apply to become doctors; you can tell this because they are disproportionately (compared to % of UK population) likely to be medical students. This is inversely true for Afro-Caribbean students who are rarely found in the professional medicine track. What the Daily Mail fails to supply is the raw stats on applicant and successful applicant numbers broken down by ethnic group, which could then be analysed based on the ethnic distribution of 18 year old students. I would be very interested in those numbers, which I suspect would tell a very different story to the DM's angle.

I invite the reader to inspect the list of Oxford University physiology lecturers. It's not obvious that they are prejudiced against South Asian or Oriental medical experts. Out of 53 staff, 6 match that ethnic background (11%) which is much greater than the 5% you'd expect even given the most favourable reading of the UK ethnic breakdown.

2013-02-26

Working hard? Hardly working!

Slightly dinged high-tech firm Yahoo! has decided to pull the plug on working from home:

"Speed and quality are often sacrificed when we work from home," Rese, who was hired last fall by Chief Executive Officer Marissa Mayer, explained in the memo
This is interesting because ex-Googler Mayer is firing on all cylinders trying to turn around Yahoo! - so why is she picking on this particular "perk"? After all, in a modern digital workplace, can't you do everything from home that you can do in your office?

Well, not really. There are a number of dirty secrets about working from home:

  • You can't do as much as you can in the office. Unless you have a home machine and monitor set-up which is at least as well-specc'd as your office hardware, you're going find yourself more restricted in the space you can use, and the latency between clicking a mouse and seeing the result will be higher. You'll therefore be working at a lower rate.
  • You have a similar number of interruptions as you do in the office, but none of the home interruptions are productive. They're not co-workers asking how to get things done or sounding off ideas - they're the postman delivering your copy of "War and Peace", someone calling your home phone, a particularly interesting programme on morning TV.
  • There are some tasks which can be done more effectively at home than at work - certain focused tasks benefit from a relatively interrupt-controlled environment, e.g. writing performance feedback reports. However those tasks are limited in number and sparse in occurrence; the more days you work at home in a given period, the less able you are to make effective use of your home environment.
  • Every day away from the office is a day missing ideas from your co-workers. While it's possible that everyone you work with is a moron, this is not the norm - nor should it be in a high-tech company like Yahoo! Cut yourself off from your colleagues and you can find yourself doing work that is no longer useful, could be done in 10% of the time using a new tool or system, or helping a team whose project is about to be shut down. If you view your job as being paid by the hour, this may be fine, but your company wants you to maximise company productivity.
  • You mentally subtract the time you spend commuting, so your 10 hour work day becomes an 8 hour working day. This is fine as far as it goes - but that saving gets used and re-used as justification for doing other things (popping out to the shops, for instance) so that you still end up working fewer hours than at work despite spending nominally longer "working".
  • There are some tasks that you can only effectively do in the office, so you end up organising them around your work-at-home days rather than vice versa, inconveniencing others by delays for your own benefit.
In short, the benefits from working from home are few, overstated, accrue disproportionately to the home-worker rather than the company, and rapidly vanish as more days are worked at home.

I think that the Business Week journo misses the point of Mayer's plan, though:

In fact, what's most telling about this decision is that it highlights Yahoo's apparent inability to keep tabs on its employees unless they're physically at their desks.
I think it's more likely that Yahoo! already has a good idea of what its employees are doing, but the effort required to build a paper trail to fire them (and therefore cause their accumulated shares to vest) is too great. Better by far to use this approach to winnow out the slackers by making them quit in disgust at the end of the easy times, apply a little discretion in the case of superstars that Yahoo! doesn't want to lose, and come out ahead. I do think it will hurt Yahoo! a little by discouraging some good engineers from applying, but my guess is that Mayer wants to reduce headcount overall and is willing to take a recruiting hit in exchange for no longer paying for the slackers.

Having said all that, I value the option of working at home; I hope that I am at least as productive at home as at work, but then I make sure that my home working is planned, appropriate and infrequent.

2013-02-25

A small localised joke

A Herefordshire farmer was selected for an audit by the Department for Work and Pensions. They sent a representative out to interview him.

"I need a list of your employees, and how much you pay them," demanded the officious civil servant.

"Well," replied the farmer, "there's my farm hand who's been with me for three years. I pay him £200 a week plus free room and board. The cook has been here for 18 months, and I pay her £150 per week plus free room and board. Then there's the half-wit. He works about 18 hours every day and does about 90% of all the work around here. He makes about £10 per week, pays his own room and board, and I buy him a bottle of Glenfiddich every now and then."

"That's the guy I want to talk to... the half-wit." says the DwP representative.

"That would be me," replied the farmer.

2013-02-22

On the European financial transactions tax

EU tax commissioner Algirdas Šemeta[1] is telling us that the 11-nation Financial Transactions Tax scheme is a brilliant money-raiser:

[...] the tax offers substantial new revenues. Around €30-35bn (£26-30bn) per year will be generated from this small tax of just 0.1% on bonds and shares and 0.01% on derivatives.
Even better, he seems to claim that it's free money for regular citizens:
Will the tax be borne by ordinary citizens? We have taken every measure to ensure that it isn't. [my italics] This is a tax on the financial sector, and 85% of liable transactions are purely between financial institutions. Day-to-day financial activities of citizens and businesses are outside its scope.
I do like that weasel "we have taken every measure" quote, which to me seems to be a long way from the "no" which you might assume he means.

Of course, we can trust Algirdas's judgement about the impact on business given his no doubt no doubt substantial experience in the financial sector. Let's look at his professional career list on his CV:

  • 2001-2008: Director; General of the Department of Statistics under the Government of Lithuania
  • 1998-1999: Vice-president of the Public Limited Company "Nalšia"
  • 1996-1997: Chairman of the Securities Commission of Lithuania
  • 1992-1996: Chairman of the Securities Commission under the Ministry of Finance of Lithuania
  • 1991-1992: Deputy Head of Privatisation Unit, Government Office of Lithuania
  • 1990-1991: Head of the Subdivision of the Economy Development Strategy Division of the Ministry of Economics of Lithuania
  • 1985-1990: Economist, Younger Fellowship at the Lithuanian Economy Institute
Given that he graduated in 1985, the only even vaguely commercial experience is his 1 year VP stint at the construction firm Nalšia which seems bizarrely unrelated to anything else he did - and why was he only there a year? The company's website is just a shell, claiming that it is under construction. I'd love to know why they wanted Algirdas on board - and why he left.

Back to the FTT: one wonders, if the €35bn is effectively for free, why he doesn't double or even triple the rates. Surely if €35bn is good, €70bn is better, and the citizens still aren't paying according to Algirdas. Free money! Or perhaps, just maybe, TANSTAAFAL and Algirdas and his cohorts know this.

I'm with the esteemed Mr. Worstall on this article:

The route to the pockets of the citizenry is via the higher cost of capital for corporates leading to less capital investment. As your own fucking EU briefing paper pointed out.
The financial drag on the economies of these 11 countries (and those trading with them) is going to be a lot higher than €35bn annually - all taxes have deadweight costs - but I'd bet that it's going to be diffuse enough that it will be hard to point to any one statistic in 1-2 years time and blame the FTT. Make no mistake, though, the drag will be very real. There are also the opportunity costs of passing this legislation - the companies that decide not to invest in the participating nations because of the increased costs of capital.

The really insidious and destructive impact is going to come from the extra-territoriality clause:

If there is an economic link to the FTT zone, it will apply, regardless of whether the other parties to the transaction are based in London, Singapore, Copenhagen or New York
I would love to know what Deutsche Bank, SocGen, Santander and other large financial entities are thinking and planning right now. This looks to me as if e.g. the UK entity of Santander will be able to trade normally within the UK and US, but any transfers between the UK and Spanish entities are going to be hit by the tax. If I were Deutsche Bank, I'd be planning to do a whole lot less with my Germany-based operations and staff.

What I would like to see is how Algirdas is going to spend the revenue:

Our economic studies show that it will have no impact on jobs, and could even have a positive impact on growth if revenues are reinvested wisely.
Yes, and if my mother's sister had testicles she'd be my mother's brother. The FTT spending is what the FTT opponents should demand to see in 2-3 years - it's unrelated to the actual impact of the FTT but would be a great stick with which to beat the FTT proponents. You can bet your bottom dollar that it's mainly going to be pissed away on subsidising sinking industries, funding dubious political movements, make-work employment schemes and grants for white elephant construction projects. When Algirdas suggests "growth-friendly investment, stabilising public finances or wider commitments such as development aid" I hear "green energy subsidies, bailing out Spanish cajas, and building railways to nowhere."

[1] Since Algirdas is from Lithuania, he has an inconvenient diacritical mark on the 'S' of his surname for which I do not recall offhand the corresponding HTML entity; I am including the UTF-8 character in this blog and hoping that older browsers can cope.

2013-02-21

Prince Philip tells it like it is

Much frothing and indignation over the Duke of Edinburgh's latest "gaffe" that the Philippines must be half empty because the natives are all here running the NHS. Oh, would that this were true. If Filipino nurses really were running the NHS, it would be doing a damn sight better job of caring for its patients.

There are about 12.5M Filipinos working overseas and about 200K of them are in the UK - I'd suspect at least 50% working in the NHS, and of those 50% as nurses, 50% as carers or auxiliary staff. Given 410K qualified nurses in the UK, that implies about 1 NHS nurse in 8 is Filipino; my admittedly limited encounters with the NHS support this data. They tend to be more competent than the average UK-educated nurse; all Filipino-educated nurses must hold a Bachelor's degree in Nursing, but this tends to have a much more practical and technical focus than the UK nursing degrees. One can't imagine a Filipino nursing tutor teaching his students about diversity, for instance. If you tried to sell a Filipino nurse on the University of Nottingham's nursing curriculum, she'd think you were making some sort of practical joke.

Prince Philip, once again, has put his finger on a salient issue of public policy. If the UK were serious about caring for its sick, it would be recruiting Filipino nurses hand over fist. Since it is not doing so, one can only conclude that the demands of the Royal College of Nursing for job security for its members have trumped the needs of NHS patients. I find it especially instructive that the RCN's view of supporting diversity is organising Gay Nursing Pride events given that 2-5% of the population is gay (depending on whose figures you believe) but 12% of the UK nursing profession is Filipino. Frankly, I would have thought that overseas nurses were in far greater need of support from the RCN than gay nurses. Since an influx of competent foreign nurses with a good command of English language and grammar would put downwards pressure on nursing wages and make the native nurses look uncaring, incompetent and badly educated, maybe it's not surprising that the RCN is not campaigning for this influx - we should, however, realise that the RCN does not concern itself with the best interests of patients.

2013-02-17

Digital capitalist slavedrivers

John Naughton is professor of the public understanding of technology at the Open University. If I were the Open University head of HR, I'd be wondering which clown hired him after reading his muddle-headed article on "digital capitalism":

These vast revenues [produced by the scaling of digital goods], however, are not being widely shared. Instead, they are mostly enriching the founders and shareholders of Apple, Amazon, Google, Facebook et al. Of course, those who work at the heart of these organisations – the engineers, developers and the executives who manage them, for example – are richly rewarded in salaries, stock options and lavish perks. But these gilded employees constitute only a minority of the workforces of the big tech companies and most of their colleagues have decidedly more mundane terms of employment – and remuneration.
He starts off with Apple, complaining that 2/3 of Apple employees work in retail stores and have only regular retail wages. Well, John, yes they do. Of course they do. Their job has very little to do with the massively scaling digital distribution at which Apple excels (iOS, iTunes etc); why on earth would the profits from that business go to the Apple Stores which are all about selling physical hardware to real people in expensive-to-rent retail locations? They are entirely different businesses. For sure, selling an iPhone or MacBook to someone enables them to start spending money with Apple on iTunes purchases, but the Apple Store is competing for hardware sales with the likes of John Lewis, Apple's own online store, and phone retailers. The Apple employees there are pretty replaceable - more so these days as the previously excellent customer service has fallen off somewhat - so they get paid what they are worth. Let me add here that their store's Genius Bar is actually rather good in the main, and I hope that their Genii get paid quite a bit more than Naughton's quoted $25K. Still, Naughton's attempt to claim that the failure to pay retail store employees huge sums is a moral failing of digital capitalism is a dreadful stretch, and I'm sure that he knows this.

When he claims the same lack-of-sharing-of-wealth regarding Google and Facebook I really have to laugh. Those companies are packed with very good engineers, and boy do they get rewarded. Just look at the Facebook shares which are creating Facebook millionaires throughout the company. Bonnie Brown was Google's first masseuse, not even an engineer, and she made multiple millions of dollars from her share options. Has Naughton been to Silicon Valley, or even just checked the property prices around Cupertino (Apple) or Mountain View / Palo Alto (Google)? These prices aren't being pushed sky-high by an elite group - most of the engineers in those companies are paid extremely well, which is why the Bay Area economy is in a relatively healthy state while the rest of California is so far down economically that they have to pipe in the sunlight.

I think, though, that Google, Facebook and Apple are all side claims to try to bolster the core of his argument which relates to Amazon. He sees the elite core of Amazon (Jeff Bezos and his engineers) who benefit from profits from the Amazon store, and a vast network of distribution necessary to get the Amazon goods to the people who bought them. He focuses on the warehouse teams that pick the orders from the racks:

"You're sort of like a robot, but in human form," one manager told Ms O'Connor. "It's human automation, if you like."
Still, it's a job. Until it's replaced by a robot.
Well yes, John. Amazon is creating quite a lot of jobs, and most of them aren't high-paying engineering jobs. But they're still jobs which pay a living wage and are a sight better than being unemployed. Jobs don't have to pay double the median wage to be a benefit to society, you know. You may envy the engineer being paid huge sums and think it's not "fair" that she gets much more than you, perhaps because she was actually talented and worked hard at hard engineering rather than the "systems analysis" that you specialised in, but her work creates jobs for other people - that's something not to be sneezed at.

One of the greatest benefits afforded to us by Amazon, and one not covered by Naughton for some reason, is to be able to find, compare and buy goods online at a substantial discount to those in High Street stores. This is a diffuse benefit - it has a small value to each individual - but benefits many millions of people. Google lets people find out where things are, what words mean, how to do something. Facebook puts people back in contact with friends and loved ones that distance or time previously separated. Apple put a usable Internet and access to movies and music in the pocket of millions of phone users. This, John Naughton, is the triumph of digital capitalism, and your whining about a few people making a lot of money from the phenomenon is just sour grapes.

2013-02-15

A trial as the last resort

Much is being made in the USA of Senator Elizabeth "Fauxcahontas" Warren's inaugural session of the Senate Banking Committee where she grilled the SEC:

Sen. Elizabeth Warren from Massachusetts made federal regulators uncomfortable when she asked a simple question: When was the last time you took a big Wall Street bank all the way to trial?
Cue much applause by those who think that the "big Wall Street banks" get away with too much. Perhaps, though, Sen. Warren may be playing to the peanut gallery rather than actually making the financial industry behave better. Here's why.

A more thorough consideration of the SEC's actions at The New Republic points to a rather fundamental problem: winning financial misconduct trials turns out to be quite difficult.

While federal prosecutors recently won a landmark insider trading case to put top executives behind bars, fraud can be harder to prove. In 2009, a jury acquitted two former Bear Stearns bankers the government charged with deceiving investors about the risks associated with CDOs, complex securities manufactured from packages of mortgage loans. The SEC, in fact, has yet to convict anyone in court on charges related to causing the financial crisis.
This is a manifestation of a fundamental rule: going to court is almost always a bad idea. Going to court means that there is an asymmetric assessment of the situation. The prosecutor believes that the defendant has done something bad and has to pay; what's more, he has the evidence to demonstrate this, and he believes it sufficient to convince a jury (or judge, depending on the trial) of the defendant's guilt. Further, he believes that the penalty that the judge will award is substantially greater than that which the defendant is willing to pay pre-trial.

By contrast, the defendant must believe that the facts of the situation will be unlikely to convince the judge or jury of her guilt. The defendant has already heard the prosecution's allegations and will know what evidence she has turned over to the prosecution, and the defendant's lawyers will be at least as familiar with the relevant laws as the prosecution; thus, she will have a realistic assessment of what the prosecution can prove. If there's a reasonable chance of conviction, the defendant's best strategy by far is to negotiate a settlement with the prosecution based on the median penalty for the alleged offences; it's way cheaper than conducting a trial, let alone paying an inflated penalty. For this reason, banks are generally better advised to settle with the SEC even if they don't believe what they did was wrong - if the penalty is bearable, it's preferable to the expense and risk of a trial let alone all the negative public exposure.

I think it's reasonable to claim that the SEC's competence in financial regulation and enforcement is, at best, limited. They attract lawyers and administrators who are satisfied with government salaries and working conditions. Their staff members prefer porn surfing to working and are allowed to get away with it. They need a case to be a slam-dunk in order to proceed to prosecution with a reasonable chance of success - yet, a slam-dunk case should have the defence scrambling to negotiate a settlement pre-trial. If they don't settle, they're either idiots - possible, but unlikely given the target crowd of Wall Street corporate lawyers - or they have a very different assessment of the case, and likely the evidence or legal precedent to back it up.

If the SEC is forced to take more cases to trial, there are two likely outcomes. One is for the prosecution to be successful (a slam-dunk case) but the penalty to be not much more than the defendant offered to pay, in which case the prosecution (SEC) still has to pay its own legal fees and so the public purse is hit harder. The other is for the prosecution to fail, or be forced to negotiate a lesser charge, in which case the defence pays less than they originally offered and the prosecution pays its own legal fees and possibly also some of the defence's; the public purse in this case is hit much harder. Either way, there is little chance that the banks will be hit harder beyond having to pay their trial costs, and the SEC's trial costs will also rise sharply. And who benefits from trial cost spending?

If the SEC takes more cases to court, the only people who will benefit will be the lawyers. And what did Sen. Warren do before she became a senator this year? She was an academic lawyer, specialising in bankruptcy protection. It appears that she is very aware of which side her profession's bread is buttered.

2013-02-14

Once is bad luck, twice is careless

Rather embarrassing for Apple; even if your iOS 6.1 iPhone is locked, a simple sequence of keys gives the phone holder full calling rights. A thief can lift your locked iPhone from your bag, make and cancel an emergency call - because all smartphones allow 999/911 dialling without unlocking, for public safety reasons - and then press the power button twice to be granted the ability to call any number that your phone can normally call. The thief could spend an hour on a 0900 number with Big Brenda and her Bosoms, or if you have international dialling you will find twenty calls to Romania, Bulgaria and/or Nigeria on your bill. Apple is reportedly working on a fix. If you stand outside their HQ on Infinite Loop, Cupertino, you can probably hear the cracking of whips and the screams of user interface engineers.

Why is this embarrassing? Well, almost exactly the same flaw affected iOS 4.1 back in 2010. What this tells me is that phone security is not systematically tested by Apple. If it were, they would have been looking for precisely this flaw. One of the most basic principles of software testing is that you should never discover the same bug in production twice - after the first discovery you should create a test that reproduces the flaw, then make the fix, and verify that the fix actually addresses the test. The test is then re-run on every single build you make in the future - if the flaw returns, the test will fail.

The only difference between the original and new flaw is that in the original flaw you only had to hit the lock button once, whereas in the new one you need to hit it twice. If I were in charge of security testing in Apple - I'm not, by the way - I would have the emergency calling feature identified as a high-risk gateway to the phone's functionality and I'd be user-testing and code-scrutinising like crazy to try to spot flaws like this.

This flaw is not a big deal in and of itself - Apple will release a fix, the iPhones will auto-update via iTunes and the problem will be solved. Maybe a few thousand people will fall victim to the flaw before it is fixed. What the flaw indicates, however, is that Apple is pressuring phone development and skimping on testing and security. This is not going to be an isolated problem.

2013-02-12

Coke - it's the real arrhythmia

Personal responsibility has reached a new low where a New Zealand woman, Natasha Harris, who drank 18 pints of Coca-Cola per day mysteriously died.

Yes, you read that right. 18 pints. For reference, if you drank that much fresh water daily you'd be at serious risk of euvolaemic hyponatremia a.k.a. too much fresh water excessively diluting the sodium in the body. So if you're going to drink anything at a rate of 18 pints per day, Coke - or indeed beer - is a far better choice than water. That does not, however, make it a good idea.

Consuming 18 pints of caffeinated sugar solution has its problems. Coke has about 34mg of caffeine per 12 oz, which is about 55mg per pint (assuming imperial pints); that's about 1g of caffeine per day. This is well under the mean lethal dose of 200mg/Kg body weight but equivalent to about 8 cups per day. 1 pint of Coca-Cola has about 65g of sugar so Ms. Harris was consuming well over 1Kg of sugar per day. I'm staggered that she didn't fall into a diabetic coma within a couple of weeks of starting this diet.

I'm sure that Ms. Harris was advised by her nearest and dearest that this wasn't a good idea, surely?

[Her partner] Mr Hodgkinson told the court that she had been unwell up to a year before her death, including vomiting six times a week, but they believed it was caused by the stress of looking after her eight children and gynecological problems.
...
'I didn't ever think about the Coke. I never considered it would do any harm to a person. It's just a soft drink, just like drinking water. I didn't think a drink's going to kill you,' he said.
As we saw, water is even more dangerous. But she had lost all her teeth to the drink, went "crazy" whenever she couldn't get it - couldn't someone who cared for her actually get her to stop?

Mr. Hodgkinson did try to take action, but his timing and direction were not helpful:

Coca-Cola confirmed it had hired a security firm to shadow its staff, after Mr Hodgkinson allegedly made death threats against the company before she died. He rejected claims he had made the threats, but said he held the company responsible for Harris' death.
<bangs head on table>. Mr. Hodgkinson, you were having to throw away four empty 2.5L bottles of Coke every single day. How could you and Ms. Harris not be aware that this was not normal, and really bad for both you?

The pain in Spain falls mainly on the sane

It seems that the Spanish are getting increasingly angry at their politicians's weasel tax-evading behaviour. The BBC reports that the mood among the Spanish has changed from "eh, it's the way things are" to "how dare they?":

For the last few months the corruption scandals have been so numerous that the television news began lumping them together in a swift round-up, rather than reporting on each one.
The latest is a claim that PM Rajoy bumped his pay by 30% even as government service providers are alleged to have given kickbacks to senior politicians in return for contracts.

Is this public anger healthy? Perhaps it is; at least some degree of accountability is being demanded from their politicians. I wonder though how well this anger is being transmitted in the Spanish media. In the end, newspapers and TV/radio have a love/hate relationship with politicians; they need access to the pols to get their scoops, and the pols need friendly journalists to hold back on stories if the timings are inconvenient. We should not pretend that most journalists are anything but self-interested; I hope that none of my readers are under any illusion that politicians are any better.

If everyone is cheating on their taxes, it seems a little rich to be particularly indignant about politicians. Why do you think Spain is running a spending deficit? Effective personal tax rates for 25K Euros per year should be comfortably north of 25% but Spanish personal income tax received in 2010 was €81bn and the VAT take was £74bn. With 21 million taxpayers (tax returns sent) out of a population of 50 million, that's under €4000 income tax per taxpayer and €1500 VAT per citizen. Spain's average salary is about $31K or €24K which implies that the income tax take is about 30% under what you'd expect (€6K or so).

Of course, the Spanish voted these politicians into power - did they have any reason to expect politicians to behave any better than their voters? Heck, expecting politicians to behave any better than the reference mendacious weasel standard shows an astounding level of optimism. Politicians will do whatever benefits them if they think they can get away with it, the law notwithstanding (see the travails of Chris Huhne as a prime example.)

What then should we expect Spanish voters to do differently as a result? Will they vote in politicians who promise to significantly cut spending and not take the piss in their tax payments? My arse, they will; most people - at least, 51% of people - want a free ride in state spending. They don't want to be told that the good times are over, even if they can feel that the bad times are here. Denial is a very powerful force.

Dodging taxes means that you don't feel the negative effects of spending - of course you're going to want the state to spend more. Perhaps this is positive for the UK, where at least tax evasion is a) difficult (PAYE) and b) usually rigorously chased, even if the Inland Revenue occasionally gets it wrong. UK tax payers have skin in the game of our politicians' spending - this is why the "tax the rich" game is popular; we don't want the politicians to spend less since we like our benefits, subsidies etc, but we don't want to pay for them so we realise that someone else has to make up for our omission.

The BBC quotes a Spanish voter on the subject of the guillotine:

One middle-aged, mild-looking woman, replied "you know the French Revolution, where they cut off their heads? Well something like that might do the trick".
This got me to wonder: why did they chop off the head of Marie Antoinette? Was it just envy? Reasonable sources indicate that it was driven by an attempt by the upper class to avoid additional taxation, so it's not such a bad precedent. It doesn't take much imagination to see the Spanish populace hanging politicians from lampposts, and indeed such an image would be a welcome reminder to politicians of other countries that their imagined immunity from the regular legal processes cuts both ways.

Dorner shoot-out

I'm currently following the "developing" situation with ex-LAPD member Christopher Dorner who killed several people before fleeing to the mountains. CNN's "The Situation Room" with Wolf Blitzer (I love that name) is all over this. Apparently Dorner wrote a manifesto which is an instructive read:

Do not deploy airships or gunships. SA-7 Manpads will be waiting. As you know I also own Barrett .50′s so your APC are defunct and futile.
I'm guessing he didn't take his SA-7s or 50-cals with him on his hike around Big Bear. The manifesto shows a lot of signals that he is very far from being in his right mind.

Dorner is reported to be cornered in a cabin in Big Bear, California. He may have access to a TV, he's surrounded by cops and lots of shots have been fired. LAPD are demanding that he give himself up, but he doesn't seem inclined to do so. This ends one of two ways:

  1. he exposes himself to a sniper's shot, deliberately or accidentally: game over. At that close range headshots should be relatively easy.
  2. LAPD fire tear gas through the windows, he comes staggering out firing wildly, see point 1.

This guy doesn't intend to go to jail. If he does, it's going to be due to a sniper shot hitting him in the torso in a survivable area and immediately incapacitating him. If the cops with AR-15s start firing, they're not going to stop before he's Swiss cheese.

At least Dorner's capture/killing will stop the LAPD shooting random civilians whom they mistake for Dorner. Who gave these guys their access to firearms?

Update: as of 4:20pm Pacific time, the police appear to have started an assault on the cabin by firing tear gas through the windows, as per option 2 above. It sounds like ammunition started cooking off, but Dorner hasn't emerged; it's anyone's guess as to what has happened, but my personal bet is that he took his own life once the gas started to spew out. An outside chance that he got hit by his own ammunition cooking off.

2013-02-11

Cult of the warrior

Today, famed US sniper Chris Kyle was mourned in Texas at the Dallas Cowboys football stadium. His coffin was placed at the centre star of the pitch. It struck me that this is a very American (and, indeed, a very Texan) reaction to the passing of a warrior. Kyle was a SEAL, very active in post-invasion Iraq and known to the anti-American fighters there as "al-Shaitan Ramadi" - the Devil of Ramadi. His record in killing opposition fighters there was legendary, more so because according to US combat rules each kill had to be independently witnessed and justified.

Kyle's autobiography American Sniper described what it was like to set up and patiently stalk targets, waiting for the few seconds when a fighter presented himself in a threatening position with a weapon. By his own admission he was not a crack shot, although in a sniper community even an average shot is lethal at over 1km and he once successfully killed an insurgent at 1.9km. His skill seemed to be in being in the right place at the right time, combined with an aggressive urge to get things done; with the co-operation of a corpsman he got himself medically evacuated into a busy combat zone.

What's interesting about today's memorial service is the reaction of a US state to the death of one of its warriors. While the citizens of Wootton Basset lined the streets to salute silently the UK military casualties from Afghanistan through RAF Lyneham, the Texan event is a more direct, more personal memorial for a soldier whose fame derived principally from his unregretted talent at killing:

"The first time killing someone, you're not even sure you can do it," he said. "You think you can, but you never know until you actually are put in that position and you do it. ... And then, you're worried when you get home, are the politicians going to hang you out to dry and put you on trial for murder?"
Did he regret any of his 160 kills? "No, not at all," he told Time.
It seems that America, and in particular Texas, is comfortable with the celebration of the life of a warrior; I can't imagine a British town or city conducting the same kind of veneration for fear of seeming "gung-ho" or thoughtless about the victims of the soldier. This, I think, is America's essential strength; a refusal to fear the consequences of its citizens' opinions and actions as long as they defended the country.

OMG the radioactivity will kill us all!

Via Tim Worstall at Forbes we learn that "there is no safe level of radiation":

STOP DEPT OF ENERGY PLANS to dump 14,000 tons of radioactive scrap metals into the manufacturing of consumer products. There is no safe level of radiation. Keep nuclear waste out of my home and workplace!
Maureen Headington, the contact for this petition, comes from Burr Ridge, Illinois. A quick Google indicates that she has radioactive waste under her bonnet, but other forms of energy are in her sights:
The segment features an interview with Maureen Headington who organized this campaign to call attention to the health and environmental hazards from old coal-fired power plants.
and her Stand Up/Save Lives campaign isn't keen on ozone either:
For the past 8 years I have worked as an unpaid volunteer attending city council and village board meetings, with a campaign of public education called "Stand Up/Save Lives"
One can only imagine the hundreds of sighs as she stood up: "Oh no, it's Maureen again..."

If Maureen is curious about the dangers of radiation, I'm sure she is familiar with Tokaimura and Goiâna where, respectively, 10+ Sieverts within a few minutes killed workers but 3+ Sieverts was survivable, and 4.5+ Grays was fatal but 1-4 Grays was survivable. Ms. Headington is concerned about material with a peak radioactivitity of 10 micro-Sieverts per year. That is, one hundred millionth of the radioactivity required to kill a worker at Tokaimura. By contrast, the fatal dose of cyanide is 1.5 mg/kg body weight (105mg for a 70Kg human) and apple pips contain 0.6mg of cyanide so you need fewer than 200 apple pips to kill you. Yet I don't see Ms. Headington clamouring to ban apples - yet.

The elderly - not immune from wanting a free ride

Just a snippet that amused me from the Guardian's coverage of Dilnot's thoughts on the £75K social care cap:

Dot Gibson, general secretary of the National Pensioners Convention, said the government had failed to reassure people that their homes would not be at risk. "People are still going to lose their homes to pay for this," she told the programme. "£75,000 is a hugely high cap."
Even if the cap was half this amount (Dilnot's original £35K), people are still going to lose their homes. So, Mrs. Gibson, what's the alternative?
She urged the government to think again about introducing "a national care system paid through general taxation", which "would be free at the point of delivery".
So we should take even more income tax from the working population to pay for all the current pensioners? I'm sure that will go down like a bucket of cold sick. No doubt pensioners with money would welcome not having to pay anything towards their social care, but can Mrs. Gibson explain for the benefit of the public why a pensioner with £35K in assets should get care paid for by the taxes of a minimum wage worker?

I realise Mrs. Gibson is just representing her members, and is free to express her opinion. In turn I am free to express mine, which is that she is a mendacious grasping hag who would gladly take the taxes of the poor to pay for the care of the rich.

Update: Thanks for the correction, Gasman - of course, Gibson wants the cap lower, not higher. Amendments italicised.

It turns out that the National Pensioners Convention was an idea of the former head of the TGWU, Jack Jones, and arranged by a steering committee of the TUC. So I wondered, how are they funded? Do all pensioners pay a tithe from their state pension to the NPC or something? I looked at the West Midlands Pensioners Convention and they report:

(Wolverhampton Pensioners Convention)
I'm pleased to announce that the membership target, which I recently specified has now been reached and the branch now has 60 fully paid up members.
Now, Wolverhampton has a population of 250,000 people so if you extrapolate a 60/250,000 fraction to a 65M UK population, that's 15,600 pensioners in organisations affiliated to the NPC. Since 9.2 million people are pensioners in the UK this is such a small fraction that it's not even funny. Dot Gibson is not speaking for 9.2 million pensioners - she is speaking for fewer than 2 in 1000 pensioners.

I still don't understand how the NPC funds all its officers and activities, based on this. The NPC website is very coy about its funding, so I suspect the TUC is behind a lot of it. NPC membership is £10, and £152,000 is not much to fund 11 officers and staff let alone any activities.

2013-02-09

Inflation out of sight, is it out of mind?

The WSJ reports that Argentina continues to investigate new depths of denial as its price control czar tries to stop retail sales ads in newspapers:

The order, confirmed by retailers and newspapers but denied by government officials, comes after retail executives say price-control czar Guillermo Moreno pressured them earlier this week to agree to freeze prices for two months. Executives say Mr. Moreno then told them to pull all newspaper sales ads in hopes this would somehow curb inflation.
Note the use of "told" there, not even "requested":
"This was an imposition, not a request. He simply decided that nobody should publish any ads. It's not sustainable and will be hard to comply with," said one retail-sector executive.
The anonymous retail-sector executive is to be commended for his restraint. It's demented. Just what does Mr. Moreno think he's going to achieve? The supermarkets have already "agreed" to freeze prices for two months to "combat inflation" so what's the need driving the ban on retail ads?

Well, it turns out to be likely that it's a reprisal because the newspapers have been publishing estimates of inflation; this appears to be a sensitive topic for some reason. I wonder why? Mid-term elections are coming up in October, and the government is doing everything in its power to keep bad news and contrary political positions from reaching the populace before then. They may not be able to keep a lid on the bubbling inflation forever, but they might just manage it for six months. Once that lid pops off, though, it's going to come away with some force. The government wants to punish the newspapers economically for reporting on sensitive topics, attempting to force them to pull in their horns. I'm not so sure that's going to work as they expect though; journalists, like mules, don't like being forced to go down a track of someone else's choosing.

What happens in November? The best strategy for the government may be to release the pent-up inflation and other economic bad news, perhaps deflect some blame by having another go at the British, then hope to mount some form of economic recovery by the time of the next election. 2014 isn't going to be pretty in Argentina.

2013-02-07

Iranian drone expertise somewhat overblown

I read the drone re-engineering claims of Iran with some amusement. There's plenty of blame to lay at the door of RQ-170 manufacturer Lockheed-Martin, but the Iranian claims that the drone capture has been a springboard for their own drone program seem somewhat overblown.

Why is it overblown?

Last year Iran said it was building a copy of the drone - an RQ-170 Sentinel - after breaking its encryption codes.
Let's assume it has the manufacturing capacity to reproduce the airframe and materials sufficiently exactly. How does it reproduce the electronic hardware which is a mission-critical component to the drone, controlling its flight and comms? Has it managed to reproduce the ASICs (custom chips) on the PCBs? If so, how? Has it constructed its own silicon fab facilities capable of producing sub-100-nm circuits? That's going to set them back a good few $bn, even if they buy the expertise lock, stock and barrel from Intel or other fab owners. Given that it obtained the drone back in 2011, how did it set all this up, manufacture all the components, integrate them and test the systems within 2 years? If they can do this, the UK MOD and US DoD should totally farm out military systems development to Iran as they're doing it in a quarter of the normal time.

What wouldn't surprise me: the drone storing unencrypted video data on its own storage media. Presumably a functional requirement is for the drone to be able to retransmit telemetry or video after a comms outage, so it will have to store data as it's produced; since comms outages can be open-ended, the easiest solution is to write all data to disk since disks are cheap and drones have plenty of payload space. Encrypting all stored data doesn't buy you too much; either the drone uses symmetric encryption - and thus the encrypt key stored in the drone in persistent storage is the same as the decrypt key - or it uses asymmetric encryption, complicating the drone's initial programming and likely increasing CPU usage. I'm sure someone did a risk assessment at some point and said "heck, the enemy can fly its own drone above its territory and get the same data, it probably tracks our drone on radar or infra-red, what does it matter if it knows where our drone flew and what it saw?"

Nevertheless, I expect the Pentagon to be conducting a rapid re-assessment of the benefits of asymmetric-encrypted data storage on remote platforms.

Heaven hath no rage like love to hatred turned

Nor hell a fury like a woman scorned:

Greek-born Ms Pryce earlier told the court Huhne had pressured her into having an abortion in 1990 because it was "bad timing".
She's really gunning for him with all barrels, isn't she? I don't know if I fancy her chances avoiding conviction, but she's assiduously laid groundwork for the judge to give her something close to the minimum sentence.

It seems that the real tragedy in the Huhne case is the apparently loveless marriage that wasted 26 years of the couple's lives.

2013-02-06

Inside North Korea

Google chairperson Eric Schmidt went to North Korea with a small posse including his daughter Sophie. You should definitely read her blog of the visit:

When we asked how old Un had turned (29? 30?), we were told that "Koreans keep track of age differently" than we do. Alright, then.
[...]
In a fantastic bit of timing, as we exited the train, the station's power cut out (above right). The commuters around us immediately pulled out flashlights, which they presumably carry all the time. Can't win 'em all, minders.
One is left with the impression of a bankrupt country straining to put on an act of "Juche" (self-reliance) that could collapse at any moment. The only question is what the butcher's bill will be when the collapse comes.

TSA abbreviates Theatric Security Always

If true (and we only have one side of the complaint), this description of a disabled man's experience at the hands of the TSA at Boston Logan airport is an appalling indictment of the natural progression of the "security as theatre" mentality of the TSA:

Normally, my episodic mutism is not really a problem
[...]
However, the [TSA] agents deliberately both prevented me from accessing writing materials, and then deliberately confiscated those materials and physically prevented me from accessing them after they saw that I was writing a protest of their actions, thereby preventing rather than accommodating my right to speech.
Sai sometimes can't speak due to a spasticity disorder, and so depriving him of pen and paper was equivalent to depriving him of the means to communicate. Absent any indications that he was a threat, since they eventually let him proceed to his flight without permanently confiscating any materials, once can only conclude that the TSA stopped him because he was "different" rather than because he was "threatening".

Picture the scene. You're a terrorist intent on bringing down a flight. You have worked out some way of bringing a plane-threatening weapon through security. So you choose to pass through a TSA checkpoint "pretending" to be unable to speak, in order to avoid drawing attention to you and your payload. *** mind blown***

Incidentally, Sai's detailed nit-picking scrupulously-detailed description of his treatment is totally consistent with his geek personality (and employment in a Mobile Internet security firm), so I'd give substantial credence to the details of his account.

Anticipated changes to TSA procedures as a result of this incident: none. I'm already convinced that their primary function is an employment scheme. They make little, if, any, positive contributions to aviation security, and if any contribution is made it is immediately outweighed by their stupid, predictable reaction to the abnormal, and their focus on creating an unpleasant travelling experience.

2013-02-05

What's in a name?

I was hoping that American politicians were going to have a serious and pragmatic debate about immigration this year; all the signs were promising. That, however, was before Rep. John Conyers Jr. (D-MI) came out with this beauty:

I hope no one uses the term illegal immigrants here today. Our citizens are not — the people in this country are not illegal. They are are out of status. They are new Americans that are immigrants
Well, let's break this down, Rep. Conyers. Your citizens are indeed not illegal, unless their application for citizenship was fraudulent. Given what I know of the USCIS process for applying for citizenship, it's reasonable to assume that the fraction of citizens who are illegal is tiny - but it's not zero. Anyway, let's look at the categories of people in the USA:

  1. Legal citizens: US citizens by birth, or by application where the claims supporting their application were true.
  2. Illegal citizens: US citizens by application where the claims supporting their application were false.
  3. Legal immigrants: those permanently resident in the USA who hold a valid Green Card (US "permanent" residency permit) where the claims supporting their Green Card application were true.
  4. Illegal immigrants: those permanently resident in the USA who either have no Green Card, whose Green Card has expired or been rendered invalid, or whose Green Card application was based on false claims.
  5. Legal visitors: those who are in the USA for a limited time for either pleasure or business, who hold a valid in-date visa appropriate to their activities if required (tourists can't work, for example, but Canadians don't need a visa as long as they don't work), whose entry application was truthful.
  6. Illegal visitors: those in the USA for a limited time who either evaded border controls, overstayed their stay time, broke the conditions of their visa or entry, or whose entry application was untruthful.

It doesn't seem too much of a stretch to say that categories 2, 4, 6 are "illegal". They have specifically violated the laws pertaining to the entry or stay in the USA. This is in line with the current proposals for legitimising with illegal immigrants (category 4) - if they want to stay in the USA, they have to pay a fine (as they have violated the law) plus ensure they are up to date with taxes.

Rep. Conyers is not alone in his linguistic contortions:

But defenders of the term "alien" argue that an immigrant is someone who arrived here legally, while an alien is any foreigner — therefore an "illegal alien" is the proper description for those who are here outside of the law.
It's too general. An "alien" could either be an immigrant (permanent) or visitor (temporary). The current immigration proposals are targeted at immigrants; they do not (and should not) make any concessions towards visitors as the visitors eventually intend to leave. "Illegal alien" is a valid definition for a group of people, but it's not relevant to the immigration debate. While we're here, "undocumented migrants" is a particularly stupid term. Nearly everyone has (or had) documents pertaining to their nationality; a birth certificate, government ID card etc. Losing or throwing away those documents should not be relevant to immigration status. I'm sure there is a small subset of illegal immigrants who cannot reasonably obtain their original documentation, but the general use of "undocumented" in this context refers to immigrants who do not have valid USA-issued documentation pertinent to their stay - because the USCIS does not knowingly grant documentation to those who break the rules. Heck, it's hard enough to get documents out of them when you do follow the rules.

In summary: anyone using "undocumented" in the context of immigration is likely talking out of their fundament, and Rep. Conyers' use of "new Americans who are immigrants" is one of the weasliest phrases I've heard from a politician in a while.

2013-02-04

Calling King Canute

It seems that the Argentine government is trying to hold back the tide of inflation by demanding that supermarkets hold down prices:

Argentina's commerce ministry has asked consumers to monitor prices in the chains.
It wants them to keep receipts and has set up a hotline for shoppers to call if they spot any price rises.
The way this is being spun is "prevent the evil big supermarket chains profiteering at the expense of customers" which should at least get the customers on board with the idea. With actual inflation around 30%, however, one wonders what the supermarkets are going to do.

Assuming that they manage to get an average 20% margin from the sale of goods, goods that sell at 1000 pesos now will cost them 800 pesos to buy and cover the cost of sales (rent, wages etc.). 30% inflation will make that 1040 pesos in a year's time. The only way to prevent operating at a loss is to hold down their costs; they're out of luck for everything imported, so they will definitely have to hold down wages and rent payments. I'm assuming that unemployment is enough of a problem in Argentina that holding wages down is actually feasible, though of course the purchasing power of those wages is going down with inflation so supermarket employees are going to get it in the shorts. They are probably big enough to hold their rents down since the other major retailers are likely being hit by the same problem, but it's immediately making commercial property an unattractive business to be in.

The dominant cost in many cases is likely to be the wholesale cost of the goods themselves, and this is where the problems lie. For domestically produced goods, the supermarkets may be enough of a purchasing cartel to force farms and household goods producers to accept price freezes or single-digit inflation at best. If I were a farmer, however, I'd be looking to sell my products closer to home; set up my own farmer's market and sell goods for more than my wholesale price, yet less than the supermarkets' marked-up price; people have to eat, and all my competitors will be in the same situation.

I would bet, then, that the natural consequence of this approach will be a near-immediate vanishing of imported goods (say, medicines) from the supermarkets, and a gradual decrease in the availability and quality of fresh fruit, vegetables and meat. If you want reasonable quality fresh food you'll need to go to a farmer's market - and expect prices to rise in line with actual inflation.

It may also make it more attractive for the farmers to export their goods, especially Argentine beef. If I were a major beef purchaser (such as McDonalds) I'd be planning to spend some quality time in Argentina really soon in anticipation of a surge of good quality beef becoming available for export. The only obstacle would be if the Argentinian government imposed export controls on goods to stop this happening. I'm sure they wouldn't stoop that low...

The problems of price controls are covered well in this eponymous 2001 Cato Institute piece:

Consumers, in competing for a limited amount of the controlled product, may waste as much as they gain from getting it at a low price. For instance, the people who waited in the 1970s gas lines probably shouldered as much cost from the lost time queuing as they saved from the price controls on gasoline.
The additional time spent by Argentine consumers trying to get hold of fresh food and imported goods that they need is going to be a serious productive hit to the economy. This is absolutely the last thing that the Argentine economy needs at the moment, and yet the government is trying to sell it as an economic win. It'll certainly be popular initially, but just wait a year.

2013-02-03

The perils of automated censorship

The Gloucestershire Echo's story on local boy Eddie "The Eagle" Edwards winning Splash! has an initially confusing sentence:

The former Olympic ski jumper beat Benidorm star Jake C****o and TV presenter Linda Barker in the public vote after a series of impressive dives.

A little Googling and it all becomes clear - the Benidorm star referred to is Jake Canuso.

Dear Gloucestershire Echo; you may wish to investigate smut-censoring software which is aware of the concept of a "word boundary" (\b in regex syntax).

2013-02-02

Time to start announcing hack attacks

After the revelation a few days ago that Chinese crackers have been targeting the email accounts of New York Times journalists since October, it now seems that they were doing the same thing at the Washington Post in 2011:

Post company officials confirmed the broad outlines of the infiltration, which was discovered in 2011 and first reported by an independent cybersecurity blog on Friday. But they did not elaborate on the circumstances, the duration of the intrusion or its apparent origin.
These attacks are disturbing in what they appeared to be looking for. This was not commercially valuable information; the attackers were sifting through email looking for information and reports pertaining to Chinese politics and politicians, plus activism around China. These are not bored American teenagers looking around NASA computers for evidence of UFOs, nor even Russian groups aiming to grow and farm botnets for hard cash. These attacks are unmistakably directed to benefit the Chinese government and its security services:
China's cyber-espionage assists the government's broader efforts to quell internal dissent by identifying activists and dissidents and tracking them through their e-mail.
Make no mistake, these guys are at least being paid by the Chinese government, if not formally employed by them. Given the control exercised by the Great Firewall of China, they'll be able to see a concerted series of attacks against Western news agencies from inside China; if they're in the clear then the keyword monitoring will flag up the connections, and if they're SSH then normally they'd be shut down. If those attacks are being allowed through, it's because they're on a whitelist.

Famously, Google announced in 2011 that that China seemed to be conducting an organised campaign of information theft:

...we recently uncovered a campaign to collect user passwords, likely through phishing. This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.
The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings.
These guys have a lot of form for this kind of activity.

So now we know that this is going on, what are we going to do about it? Ah, that's the 64 million yuan ($10.2m) question:

"If every company reported when it was hacked and who it was hacked by, it would be harder [for China] to get away with it," said one industry official, speaking on condition of anonymity because he was not authorized by his company to speak on the record.
I'm not so sure that's the case, although I would certain applaud wider reporting of China-originating attacks. It used to be that companies refused to report successful cyber attacks in order to avoid embarrassment. Today, I would claim that there is no shame in being targeted by Chinese attacks; Google and Intel have publicly reported attacks, so that's illustrious company to be in. (I suspect Intel was more a case of commercial espionage, for the record). We should certainly get a better idea of where China is attacking and what they want. But how to stop it? Short of trade sanctions - and that's a Pandora's Box if ever I saw one - what can we do to make the Chinese government care enough to stop these attacks?

The only approach I can think of which might work is sufficient publicity to shame and embarrass the Chinese government. Shine the spotlight on China's human rights abuses and the infrastructure such as the Great Firewall of China and the Ministry of State Security which facilitates them. Google chairman Eric Schmidt has a new book that makes clear what a danger he sees in modern China:

The disparity between American and Chinese firms and their tactics will put both the government and the companies of the United States as a distinct disadvantage [...] the United States will not take the same path of digital corporate espionage, as its laws are much stricter (and better enforced) and because illicit competition violates the American sense of fair play.
Could it be time to start blocking Chinese telecoms firms from bidding on providing services or equipment to major US companies and the US government, on security grounds?

Banks and technical debt

The BBC has a reasonably good article today on the accumulation of technical debt in banks' IT systems. I have a few issues with the detail, but it's well worth a read:

The idea is that IT bosses have allowed a certain amount of "unfixed" code to accumulate in order to roll-out new facilities on schedule. But as the debt has grown, so has the risk of systems becoming "gummed up".
Technical debt can be summed up in the word: "later":
  • "I'll copy and paste for now, and clean up later."
  • "We don't need the documentation before the release; I'll write it later."
  • "I'll add a dummy unit test to quiet the presubmit check and make it actually test the code later."
  • "This architecture can handle the traffic at launch; I'll remove the shared variable to scale properly later."
  • "I'll monitor it by looking at the logs for now; we can add proper monitoring and alerting later."
For the average software engineer, "later" is like "mañana" but without the sense of urgency. This is not to say that even the above-average software engineer is above accumulating technical debt; the difference is the awareness of the importance of the debt, and the existence of a plan (and associated tracking) to address the debt:
  • "I'll raise a high-priority bug on this code to refactor."
  • "I've booked our technical writer to review our documentation next month, two weeks after launch."
  • "We need unit tests to cover at least 25% of the code at launch, and an auto-report weekly with the coverage stats."

Frankly, this is by no means limited to banks. Nearly everywhere you go in the software world, technical debt accumulates - either deliberately, to hit a deadline, or passively where the team is not even aware of the concept. The fraction of software companies where technical debt is actively managed is tiny - and quite a few of those companies go out of business, because clearing technical debt is a long-term play, in a market which is aggressively short-term. Where it will make a difference is in a system which is long-lived. When your system survives and evolves over years, the technical debt you accumulate will progressively slow your development and increase your support overhead until you spend all your time running just to stand still.

I've seen a lot of software systems in my time, and am formulating a hazy rule of thumb that technical debt is like entropy - in general, it grows over time no matter what you try to do to reverse it. The skill in software engineering around technical debt is two-faced; first you must track, measure and prioritise the debt you have. If you don't know where it is, nor what risks it exposes, how can you rationally allocate spare resource to tackling it effectively?

Banks, as the article notes, are visible victims of technical debt. This is because their systems tend to be long-lived, since the banks have plenty of money to throw at keeping them going and the systems themselves are revenue-related. As a result, banks grow huge IT departments where many of the staff are effectively devoted to paying the interest on technical debt; for some reason, this is seen as a better investment than either repaying the principal or indeed writing off the debt and starting anew. Don't, however, mistake this behaviour for ignorance. Virtually everyone in the bank IT department knows where the technical debt is concentrated; they deal with it every day in tedious error-checking procedures, awkward and prolonged software roll-out processes, substantial manual involvement in inspecting test results or log output and a perpetual process of porting unsupported legacy code to new hardware. The failing is that no-one holding a substantial budget is willing to spend it on paying down the crucial technical debt.

The decision process by which the budget holder leaves technical debt to grow unchecked, I think, involves some of the following factors:

  1. I have no idea what technical debt is (probably rare);
  2. I don't have confidence that my team will tackle the areas which will pay off medium term (principal-agent problem - the team have a vested interest in tackling the easy work like refactoring rather than calling on expertise to make more risky but better-yielding architectural changes);
  3. My boss wants hard numbers showing payback within a year (probably very common)
  4. I plan to move department within a year so I want to demonstrate lots of energy and change without risk (seagull manager syndrome)
  5. I don't trust my team to do anything difficult (yeah, I've probably met some of your guys)

The one quote I would take issue with in the article, however:

"There's been massive underinvestment in technology in banks - it seems to be the case that the whole damn thing is held together by sticking plaster,"
Banks spend staggering amounts on technology and software development. Bank IT staff are paid pretty well, in many cases way more than their actual skills would justify. The gentleman quoted, Michael Lafferty of the Lafferty Group, probably means that "banks are not spending enough money with us on obtaining 'advanced knowledge services'." He's talking his own book, which is a fine capitalist tradition, but one should take his opinion with a grain of salt. Perhaps two grains. His group specialises in 'the fields of retail banking, cards and payments and central banking', which to my eyes is quite a wide field for a specialisation. They specialise in "insights" which, to my mind, is a whole world away from technology.

2013-02-01

April Casburn: going to the Big House

As I had hoped, Met officer April Casburn is going to be spending less time with her family in the next year:

Handing down the jail term on Friday morning, Mr Justice Fulford said "the sentence would have been three years", but he had taken into account the fact that a "vulnerable child" which Casburn and her husband were in the process of adopting would be left without her mother while she served her sentence.
I am disappointed in the sentence: 15 months, of which presumably she'll serve less than a year. On the other hand, being a publically disgraced police officer in prison is a punishment all of its own. While I suppose she'd be eligible for Open status, being an unlikely flight risk, I would have thought a Cat A or B regime is more likely simply for her own security.

It seems that her attempt to pull the wool over the judge's eyes and claim a public interest defence was not successful:

Casburn denied asking for money and no story ever appeared.
But [Mr. Justice] Fulford said he found [journalist] Wood to be a "reliable and honest and disinterested witness", who had taken the trouble to make a careful note of the conversation to pass on to his boss amid understandable suspicions that the call could have been part of a sophisticated operation to catch the paper out for corruption.
I do like the judge calling out the "disinterested" point in particular, noting that Wood had no motive for adding a financial aspect to the call if there had not in fact been one. While understanding why Casburn wanted to give that mitigation a try, I do wonder what her defending QC advised her on this point; I suspect he knew Mr. Justice Fulford was a sharp cookie, and had a pretty good idea how this tactic would turn out. It would be interesting to read the court transcripts and count how many "I am instructed by my client..." caveats he used.

You've got to feel sorry for soon-to-be-ex-DCI Casburn's family as she is sent off to the care of Her Majesty's Prison Service; the next year is going to be very tough, and the loss of her salary and pension will no doubt hit them hard financially. On the other hand, there's only one person who brought this on them.