"Chaos Monkeys" and how it got Antonio Martinez fired from Apple

Dedicated readers of this blog (all 1 of them) may recall last month's post about author Antonio Garcia Martinez being fired by Apple because a bunch of neurotic employees didn't like what he'd written in a book five years ago. I promised a review of that book: "Chaos Monkeys - Obscene Fortune and Random Failure in Silicon Valley" and, dear readers, this is that review.

It's a great book. Is it the "Liar's Poker of Silicon Valley"? Maybe, maybe not, but they have a lot in common. Martinez takes you through his career at Goldman Sachs in New York, joining a dying Silicon Valley startup (Adchemy), fleeing to do his own startup (AdGrok), dancing through lawsuits and VC funding, and finally playing Twitter for an acquisition before skipping to join Facebook as an ads product manager. His stint in Silicon Valley is 2008 to 2016 and, to the best of my knowledge, accurately represents the people, companies and society there at the time.

Most importantly, like Michael Lewis of "Liar's Poker", Martinez is a compelling writer. He is opinionated, informed, funny and - unlike Lewis - cheerfully portrays himself as an averagely terrible human being. He fathers two children out of wedlock, kind of screws over his startup partners - though there's a twist at the end - gets away with drunk driving and outrageous speeding, has a torrid all-over grope with a busty fellow product manager in a Facebook janitor's cupboard, and plays off Twitter against Facebook with misleading information to boost the acquisition value of his start-up. He's contemptuous of the CEO Murthy Nukala, although to be fair Mr Nukala does not sound like a pleasant human being himself, and of the ass-kissing divisional leadership of Facebook.

Martinez is a really interesting and colorful guy. I would totally buy him lunch to hear a few of his stories. I would probably not want him dating my girlfriends though.

The full list of grievances of the Apple employees is given in the petition that was leaked to The Verge. Zoe Schiffer's byline there is no surprise, she is the leak-destination-of-choice for Big Tech. The top grievance was of course about Martinez's portrayal of women in Silicon Valley:

Most women in the Bay Area are soft and weak, cosseted and naive despite their claims of worldliness, and generally full of shit. They have their self-regarding entitlement feminism, and ceaselessly vaunt their independence, but the reality is, come the epidemic plague [my emphasis] or foreign invasion, they’d become precisely the sort of useless baggage you’d trade for a box of shotgun shells or a jerry can of diesel.

I've encountered a good number of Silicon Valley women in tech in the past year, and I have to say that Martinez hits the nail on the head here. The pandemic has demonstrated in spades the neuroticism of many of these women. There has been very little get-up-and-go demonstrated, instead just a whinyness and cowering that makes one despair for the future of the human race. If there is any criticism of Martinez here, it's that he omitted that many men in tech exhibit the same characteristics, which is maybe even less excusable. Interestingly, you don't see the same weakness in most of the Bay Area natives, nor in tech immigrants from Central / Latin America or the former Soviet states - India too, to a lesser degree. It is mostly a white-women-in-and-around-tech thing.

It's notable that Martinez contrasts this with the self-determinism of a number of interesting women he encountered and dated / screwed during his time in the Valley. He clearly isn't a misogynist in this respect - he just doesn't like a bunch of people.

The aforementioned janitor cupboard fondling also upset the Apple whiners, especially the description of his facilitator:

PMMess, as we’ll call her, was composed of alternating Bézier curves from top to bottom: convex, then concave, and then convex again, in a vertical undulation you couldn’t take your eyes off of. Unlike most women at Facebook (or in the Bay Area, really) she knew how to dress; forties-style, form-fitting dresses from neck to knee were her mainstay.
...[and later, when he's about to be let go]...
There were few women one would call conventionally attractive at Facebook. The few there were rarely if ever dressed for work with their femininity on display in the form of dresses and heels. A fully turned out member of the deuxième sexe in a conference room was as clear an angel of death as a short-barreled .38 Special revolver. Gokul [the manager firing Martinez] gave an awkward smile, and bolted out the door the moment I sat down. I looked across the table. If her look was supposed to disarm me, she needed either more cleavage or more charm.

Two things about this stand out: a) boy, Martinez knows how to write, and b) he is an astute observer of the unsayable. Techies have never been famed for their dress sense, and most women (and men) in a tech role do not really try to dress up. There's a principled thing here where they want to let their work speak for itself and not be judged by conventional metrics of attractiveness - but you can't then turn around and get annoyed when someone observes, correctly, that you aren't attractive. I'd imagine that it would be a very different experience in banking where how you dress can be the line between success and mockery.

He also observes:

It occurred to me that perhaps this most recent experiment in fertility—and the first—had been planned on British Trader’s part, her back up against the menopause wall, a professional woman with every means at her disposal except a willing male partner—in which case I had been snookered into fatherhood via warm smiles and pliant thighs, the oldest tricks in the book.

Would the Apple employees like to content that this is not, in fact, one of the oldest tricks in the book? Is it unacceptable to say precisely because it is the truth?

Go and read "Chaos Monkeys". It is a highly enjoyable book, it gives great if biased insights into Silicon Valley for both startups and Big Tech, and more importantly does so for the companies, the technology, and the humans involved. You won't regret it. And despite being fired because of it, I expect Martinez does not regret writing it.

As for the prissy Apple employees who signed the petition: I'd hire one Martinez over ten of them, any day.

Apple used to say "Think different." I guess those days are long gone.

Update: Garcia himself speaks without specificity on the firing. I'm guessing he got paid very well for signing that non-disclosure agreement, unlike the one he was offered (and declined) at Facebook. If it was less than six figures, I'd be very surprised.

A really ballsy move would be for Google, Oracle or even Twitter to hire him, to stick two fingers up at the pusillanimous HR skirts at Apple - and at their own self-important neurotic engineers. Won't happen, of course, but if you happened to have a division that you wanted shot of, and it was infested by this kind of person, hiring Martinez into it - and standing behind him - would be nothing short of hilarious.

James Damore was correct - Apple edition

Some of you may remember the story of James Damore, the Google engineer who suggested that perhaps some of the male/female software engineering disparity was due to the different dominant characteristics of males and females, and got fired for it. Damore's essay Google's Ideological Echo Chamber made a number of points and hypotheses, but one particular point stands out to me in the context of recent news:

Women, on average, have more:

• Openness directed towards feelings and aesthetics rather than ideas[...]
• Extraversion expressed as gregariousness rather than assertiveness. Also, higher agreeableness[...]
• Neuroticism (higher anxiety, lower stress tolerance). This may contribute to the higher levels of anxiety women report on Googlegeist and to the lower number of women in high stress jobs.

A whole bunch of neurotic women (and, to be fair, men) got together to demand that Damore be fired, for contributing to their workplace stress... I guess, proving his point?

Well, there's now a new sacrifice for the Social Justice Wicker Man, and he also appears to have been bundled into the cage on the altar of neuroses: Antonio García Martínez. Martínez had previously written a bestselling book Chaos Monkeys: Obscene Fortune and Random Failure in Silicon Valley. It was originally published in July 2016, though the most recent paperback reprint on Amazon is from 2018. So, and this is not insignificant, he wrote this 5 years ago.

Mr Martínez recently got hired by Apple. But, it turns out, a few people had read his book and were not happy:

Then, a group of workers wrote a letter calling for an investigation. “Given Mr. García Martínez’s history of publishing overtly racist and sexist remarks about his former colleagues, we are concerned that his presence at Apple will contribute to an unsafe working environment for our colleagues who are at risk of public harassment and private bullying,” they said.
Within hours, the letter had well over 1,000 signatures. It was leaked to The Verge. That evening, García Martínez was fired.

The irony, it burns. (Must be hot irony).

I tried to order the book a couple of weeks ago but - yet more irony - it's now in such demand as a bestseller that I'll be lucky to get it by mid-June. When it finally arrives, dear readers, I promise an in-depth review.

Getting back to my original point, let us summarize: a bunch of Apple employees felt so empowered by Social Justice that they could demand firing of a new company hire based on something completely unconnected with Apple which he wrote 5 years ago, and which Apple must have known about when they hired him - and within the space of a couple of days, he was gone, no appeal

This isn't healthy, and isn't going to end well.

In the meantime, though, Martínez's book is still selling heavily on Amazon. And he's probably earned out his advance, so every sale is another royalty. Perhaps being fired by Apple was one of the better things to happen to him, financially - and I bet there's going to be a financial settlement on the quiet as soon as he hires a lawyer, if he hasn't already done so.

The really interesting information though, would be the names of the Apple employees who are signatories to the letter. Any future employer should think really, really carefully about employing someone so neurotic, self-entitled and bitter that they would hound someone out of a company simply because they didn't like what they wrote.

Blacklist your master, and whitelist your slaves - Silicon Valley word police

Working in Silicon Valley ("putting the crazy into California!") is always an education; there seems to be a Shepard tone of neuroticism in and out of the workplace. Every time you think you've seen the craziest thing you can imagine, something nuttier comes along shortly afterwards.

In the world of global-scale computing, big services like Facebook, Twitter and Gmail are very strongly interested in what happens when a machine in their service infrastructure fails. (This is relevant, I promise.) If only one machine knows how to handle data from user Joe, then Joe is going to be very upset when that machine reboots for an OS upgrade (5-15 minutes downtime), or worse becomes permanently unavailable because a data center technician accidentally bridged the rack bus bar onto the hard drive with her ^[1] screwdriver because she was paying too much attention to the shapely arse of the technician fixing the next rack over.

The natural solution is that you have multiple machines - maybe in multiple datacentres - which know how to handle data from Joe, and there's some kind of load-balancing across them which knows which of those machines are healthy, and which aren't. But out of all of those machines, you need to have at one which has the canonical state of Joe's data, and which all other machines agree to take data from. Otherwise you end up in the state where there are two or more different views of Joe's data, and can't tell which is valid. In that case, the machine with canonical state is known as the "master", and the other machines receiving state from it are known as "slaves".

I think you can see why this terminology has started to become "controversial" to the Usual Suspects:

Problem:
The term Master in Master Components is potentially offensive to people of color and women, and I suggest we use a more inclusive synonym.
Proposed Solution:
Suggest renaming to "Primary Components" or "Leader Components"

(By contrast, when the failure occurs at a higher level in the software, you end up writing garbage to all copies of the data - on both masters and slaves. If you've overwritten previous data, your only hope is to bring it back from an earlier system state snapshot - witness this Gmail inbox wipe-out from 2011.)

That was silly enough, but now the common terminology of "whitelist" (allow these items, but not others) and "blacklist" (allow all items except these) has come under attack:

Per https://twitter.com/dhh/status/1032050325513940992, [Tweet by Ruby-on-Rails founder] I'd like for Rails to set a good example and tone by using better terminology when we can. An easy fix would be to replace our use of whitelist with allowlist and blacklist with denylist.
We can even just use them as verbs directly, as we do with the former terms. So something is allowlisted or denylisted.

Obviously the narrative here is that "black" is associated with negative connotations ("block") and "white" associated with positive connotations ("allow"). So I'd be fascinated to know why they continue to allow Code Pink to seize a positive affirmation space for people of the predominant Western European ethnicity, and refuse to attack the use of "yellow" for cowardice.

It's not just limited to colour of skin - there are a long-term crusades to stop people using "guys" as a generic term for a group of familiar people, "handicapped" for people who are disabled, and "innumerate" to describe Diane Abbott.

It's clear that this is a concerted effort to control the use of language in order to shape ideas - if you're forced to use an approved (restricted) vocabulary, you can't easily express concepts that are regarded as unacceptable by the vocab approvers. And if you think it's going to stop here, I have a bridge to sell you.

I don't have any intrinsic objection to using alternative terminology for master/slave, or for blacklist/whitelist. But I've scrutinised the people calling for this change, and I'm going to keep using the original terminology because civilised people should not yield an inch to these totalitarian fuckers.

If I were tired of employment, I'd be tempted to make a traditional English dish and bring it to my next group potluck. "Oooh, these are tasty, what do you call them?" "Faggots." It would be worth it just to hear the sharp intakes of breath and see the (put-on) outrage. I could even double down: "Are you saying my cultural heritage is offensive?" although of course I'd lose badly by the rules of intersectionality and Victimhood Poker.

[Complete tangent - traditional English terminology for the testicles of an animal is "fries", so you can have "lamb fries", "pig fries" etc. Therefore when someone from an older generation asks you "do you want fries with that?" you might get more than you bargained for.]

[1] All the recent training examples I've seen have had women take a dominant role as problem-solvers, and men nearly exclusively doing the stupid / illegal / morally dubious actions. In the spirit of gender equality, this is me trying to redress the balance.

"PC considered harmful" - hand grenade thrown into Valley tech

Wow. I've not seen this amount of heat, light, sound and fury directed towards a minority group since a fat man broke wind loudly over Nagasaki. [I've heard of good taste, and want no part of it.]

Anyone in Silicon Valley tech industry who hasn't been living under a rock has seen the frothing rage on Twitter about a Google employee penning an internal-shared personal doc about their perspective on the company's hiring and training priorities relating to women and "minorities" (which in Silicon Valley almost always refers to Black and 'Latinx' - apparently, very few "woke" people are really interested in the experiences of Native Americans, Koreans, Filipinos or South Americans.) My Twitter tech timeline has exploded in the past 24 hours, almost universally with people demanding the author's head - mostly metaphorically.

Tech site Gizmodo today obtained the text of the document in question. I've read through it, and assuming it's an accurate representation of the original, I can understand the furore - but it has been flagrantly misrepresented. A summary of the author's points is:

1. Google is big on removing unconscious bias, but a lot of Google has a strong leftwards political bias;
2. Left and right political leanings have their own biases; neither are correct, you need both to make a company work well;
3. If you're not a leftist, expressing your opinions at work can be a severely career-limiting move;
4. On average, men and women have behavioural differences which are (list); but these are only averages and don't tell you squat about an individual person;
5. Given those average women's interest, you're going to struggle to get a 50% representation of women in tech, particularly in the higher career and stress levels because of (reasons based on the above list)
6. Doing arbitrary social engineering to achieve this 50% as an end in itself is a bad idea;
7. Google does various things to improve gender and race representation, some of which I think aren't appropriate and might lower the bar [Ed: this was the point I thought least well argued in this doc]
8. Overcoming inbuilt biases is hard; this applies to both sides of the spectrum;
9. The internal climate alienates and suppresses viewpoints of people of a conservative political nature, and this is a bad thing;
10. We should have a more open discussion about what our diversity programs achieve and what do they cost (in a wide sense); make it less uncomfortable to hold and express opinions against the orthodoxy;
11. Indoctrinating people who determine promotion about bias might not have unalloyed benefit for the firm's long-term interests.

Very little of this seems, on the face of it, obviously incorrect or sociopathic. I think the author strayed into moderately unjustified territory on point 7, but otherwise they seemed to be quite reasonable in their arguments and moderate in their conclusions.

I've particularly enjoyed reading tweets and posts from tech woman flaming the original poster for blatant sexism. Really ladies, you should read the post more carefully. He described a contrast of the average male and female behaviors, and took particular pains to point out that this did not say anything about any particular woman's (or man's) effectiveness in a tech role. The behavior biases he described seemed bang on in my experience - and I've met women matching the male biases, and men matching the female biases, but on average the skew is as he has described.

It's almost as if many of the women responding to his post have more bias towards describing their feelings about the ideas, rather than ideas themselves; looking at the "big picture" rather than carefully analysing the detail of what he said. Perish the thought that this reflects the gender biases he described...

Of course, if you challenge the Silicon Valley orthodoxy like this - even if you originally intended for it to be for an internal-only debate - you can expect a certain amount of kick-back. And oh boy, did they get it. I've seen public calls for them to be fired and beaten up, and that was from people using social media accounts associated with their real names. The prevailing theme seemed to be that anyone expressing - or even holding - opinions like this in Silicon Valley was inherently poisonous to the work environment and should be fired forthwith. For goodness' sake, this was one person's opinion, quite mildly expressed. Alphabet (Google's parent company) has 75,000 people. You'd think that an isolated instance of crimethink would not be a big deal, but apparently you'd be very wrong.

Google has just acquired a new Head of Diversity, Danielle Brown from Intel. I don't know if they had one previously, or if this is a new slot, but my goodness this is quite the baptism of fire. She's posted an internal memo which has, inevitably, leaked:

Part of building an open, inclusive environment means fostering a culture in which those with alternative views, including different political views, feel safe sharing their opinions.
But that discourse needs to work alongside the principles of equal employment found in our Code of Conduct, policies, and anti-discrimination laws.

This probably wasn't a bad holding action - it would piss off the conservatives defending every point that the original poster made (because it was hinted as contradictory to equal employment), and it would piss off the outraged mob because it wasn't along the lines of "we threw this person out of the company so fast that his backside made scorch marks along Amphitheater Parkway". You could reasonably call it even-handed. The difference is that the conservatives within Google won't be calling publicly for Ms Brown to reconsider her approach or risk riots in the streets.

I asked a San Francisco based Google engineer buddy what he thought about this. "Are you [censored] kidding me? I wouldn't touch this with a ten foot pole" was a reasonable summary of his reaction. He did note that the author's name was widely known internally and that he viewed it as inevitable that their name would leak, but he'd be damned if he was going to be the one to leak it.

It's also not a little ironic that this comes on the heels of the US Department of Labor accusing Google of discriminating by gender in salaries. If the original author's claims are taken at face value - which is a big "if", to be fair - Google is actually trying to discriminate in favour of women.

For extra points, it's instructive to note the reaction to this in conjunction with President Trump's proposed ban on transgendered troops serving in the military. [Bear with me, I have a point I promise.] One of the grounds for this ban was transgender people having a much higher rate of mental instability (depression, self-harm, suicide attempts) which is not what you want in a front-line military unit where there are plenty of intrinsic causes of instability. We see one bloke in Google writes a document, and every trans blogger I know of explodes in a frenzy of rage and demands for his head - despite the fact that he didn't mention transgender issues at all in the manifesto. One can only imagine what would happen if the author had drawn attention to the relatively high proportion of male-to-female trans people among the female engineering population and ask what it meant...

The modern day lynch mob is alive and well, and it seems to be driven by dyed-in-the-wool Democratic voters against anyone daring to express an opinion contrary to today's right-think on gender and racial issues. Plus ça change, plus la même chose.

UC Berkeley is a focus for repression of free speech

Last night, the famed right-wing polemicist Milo Yiannopoulos was intending to speak at the University of California at Berkeley. It turns out that there are some people who would prefer that Milo not speak. Rioting, toppling light poles, beating up and pepper-spraying Milo/Trump supporters

It's a sad statement of today's political environment that I was nearly astounded to see UCB's Chancellor actually defending a decision not to cancel Milo's visit. After a rash of spineless cancellations of speaking invitations for Milo - and also for Ben Shapiro, who is much less provocative than Milo but still apparently prone to trigger mouth-frothing by university faculty - it's nice to see a university chancellor sticking up for the principle of free speech. The "right not to be offended" is a particularly pernicious concept and it was refreshing for it to be given short shrift.

Of course, the "anti-fascist" movement was not keen to let a Milo event pass unremarked, and duly turned up to riot. The violence caused the university to cancel the event, thereby providing a perfect example of the "heckler's veto". If you don't like someone's speech, just protest violently and their event will be cancelled. I can't see any problems arising from the incentives this has provided at all, no...

There was only one arrest as a result of the rioting. This is what worries me the most - that rioters not only get the effect they deserve, but can perpetrate their violence practically free of consequence. There's only one direction for future violence as a result, and it's not "down".

Putting Twitter's loss in perspective

Today, Twitter (NYSE symbol TWTR) lost 7% of its value to close at $16.69/share at a market cap of $11.4bn. That's a loss of approximately $800m of of share capital.

To put that in perspective, that's 8M $100 bills. The NYSE (New York Stock Exchange) is open from 9:30am to 4pm; 6.5 hours, or 23,400 seconds. A well-tuned toilet flush cycle is 35 seconds, so you could get in 668 back-to-back flushes during NYSE opening hours. Therefore you'd have to flush 12,000 $100 bills each time in order to match TWTR's loss. At 150 bills/stack that's 80 stacks, and I can't see you getting more than 1 stack per flush in a single toilet, so I would characterise today's loss as a rate of 80 NYSE-toilets.

I hesitate to ascribe all this loss to Twitter's de-verification of arch-gay-conservative @Nero on 9th January when Twitter was $20, but its share price has descended in more or less a straight line since then. Today the NYSE actually went very slightly up but Twitter still plummeted.

It certainly wasn't helped by 6 hours of partial unavailability of Twitter today, but I suspect that was the straw breaking the camel's back.

Ideas that seem attractive but are corporate suicide

A huge loss for popular entertainment when Amazon successfully lured "Top Gear" hosts Clarkson, Hammond and May from the BBC: Apple were trying to hire them too:

Apple is said to have made an unprecedented bid to secure the stars of “Top Gear” when they exited their BBC series earlier this year. But Amazon ended up winning the bidding war for Jeremy Clarkson, James May and Richard Hammond in July.

Can you imagine that? Apple, headquartered in the terminally hip and politically correct city of Cupertino in California, recruiting Mr. Jeremy "Jezza" Clarkson, famous for such quotes as:

• It's very fast and very, very loud. And then in the corners it will get its tail out more readily than George Michael
• The problem is that television executives have got it into their heads that if one presenter on a show is a blond-haired, blue-eyed heterosexual boy, the other must be a black Muslim lesbian.
• Britain's nuclear submarines have been deemed unsafe... probably because they don't have wheel-chair access.

being employed by Apple? Within one week the Apple PR and HR departments would have a "CLARKSON" page, printed on bright red paper bordered with exclamation marks, on the front page of their operational playbooks. The only potential upside for Apple is that Tim Cook, Apple's openly gay CEO, would know with a high degree of certainty what would take up 90% of the allocated time in media interviews, and he's probably got the self assurance to handle it in a relaxed manner - I'm sure he'd rather be asked about Clarkson than about working conditions in Apple's Chinese factories.

It's a crying shame that Amazon, headed by the Dread Pirate Bezos, won the bidding war. When Jezza goes on his next rant to terminally offend half the Western World (and about 0.1% of the rest of the world, who have more pressing and immediate concerns for their welfare than the spoutings of Clarkson), Bezos won't even raise an eyebrow; I can assure you that he doesn't give a bodily functional about the squeals of the masses, as long as Clarkson continues to rake in the dough.

Active attack on an American website by China Unicom

I wondered what the next step in the ongoing war between Western content and Chinese censorship might be. Now we have our answer.

"Git" is a source code repository system which allows programmers around the world to collaborate on writing code: you can get a copy of a software project's source code onto your machine, play around with it to make changes, then send those changes back to Git for others to pick up. Github is a public website (for want of a more pedantic term) which provides a repository for all sorts of software and similar projects. The projects don't actually have to be source code: anything which looks like plain text would be fine. You could use Github to collaborate on writing a book, for instance, as long as you used mostly text for the chapters and not e.g. Microsoft Word's binary format that makes it hard for changes to be applied in sequence.

Two projects on Git are "greatfire" and "cn-nytimes" which are, respectively, a mirror for the Greatfire.org website focused on the Great Firewall of China, and a Chinese translation of the New York Times stories. These are, obviously, not something to which the Chinese government wants its citizenry to have unfettered access. However, Github has many other non-controversial software projects on it, and is actually very useful to many software developers in China. What to do?

Last week a massive Distributed Denial of Service (DDoS) attack hit Github:

The attack began around 2AM UTC on Thursday, March 26, and involves a wide combination of attack vectors. These include every vector we've seen in previous attacks as well as some sophisticated new techniques that use the web browsers of unsuspecting, uninvolved people to flood github.com with high levels of traffic. Based on reports we've received, we believe the intent of this attack is to convince us to remove a specific class of content. [my italics]

Blocking Github at the Great Firewall - which is very easy to do - was presumably regarded as undesirable because of its impact on Chinese software businesses. So an attractive alternative was to present the Github team with a clear message that until they discontinued hosting these projects they would continue to be overwhelmed with traffic.

If this attack were just a regular DDoS by compromised PCs around the world it would be relatively trivial to stop: just block the Internet addresses (IPs) of the compromised PCs until traffic returns to normal levels. But this attack is much more clever. It intercepts legitimate requests from worldwide web browsers for a particular file hosted on China's Baidu search engine, and modifies the request to include code that commands repeated requests for pages from the two controversial projects on Github. There's a good analysis from NetreseC:

In short, this is how this Man-on-the-Side attack is carried out:
1. An innocent user is browsing the internet from outside China.
2. One website the user visits loads a JavaScript from a server in China, for example the Badiu Analytics script that often is used by web admins to track visitor statistics (much like Google Analytics).
3. The web browser's request for the Baidu JavaScript is detected by the Chinese passive infrastructure as it enters China.
4. A fake response is sent out from within China instead of the actual Baidu Analytics script. This fake response is a malicious JavaScript that tells the user's browser to continuously reload two specific pages on GitHub.com.

The interesting question is: where is this fake response happening? We're fairly sure that it's not at Baidu themselves, for reasons you can read in the above links. Now Errata Security has done a nice bit of analysis that points the finger at the Great Firewall implementation in ISP China Unicom:

By looking at the IP addresses in the traceroute, we can conclusive prove that the man-in-the-middle device is located on the backbone of China Unicom, a major service provider in China.

That existing Great Firewall implementors have added this new attack functionality fits with Occam's Razor. It's technically possible for China Unicom infrastructure to have been compromised by patriotically-minded independent hackers in China, but given the alternative that China Unicom have been leant on by the Chinese government to make this change, I know what I'd bet my money on.

This is also a major shift in Great Firewall operations: this is the first major case I'm aware of that has them focused on inbound traffic from non-Chinese citizens.

Github look like they've effectively blocked the attack, after a mad few days of scrambling, and kudos to them. Now we have to decide what the appropriate response is. It seems that any non-encrypted query to a China-hosted website would be potential fair game for this kind of attack. Even encrypted (https) requests could be compromised, but that would be a huge red arrow showing that the company owning the original destination (Baidu in this case) had been compromised by the attacker: this would make it 90%+ probable that the attacker had State-level influence.

If this kind of attack persists, any USA- or Europe-focused marketing effort by Chinese-hosted companies is going to be thoroughly torpedoed by the reasonable expectation that web traffic is going to be hijacked for government purposes. I wonder whether the Chinese government has just cut off its economic nose to spite its political face.

Failing to listen to the sounds of Chinese silence

I was moved by an interesting yet flawed piece by John Naughton in the Grauniad, analysing the kinds of censorship applied by the Chinese government:

So they [researchers] clicked on the URLs associated with a sample of posts and found that some – but not all – had vanished: the pages had disappeared from cyberspace.
The question then was: what was it about the "disappeared" posts that had led to them being censored? And at that point the experiment became very interesting indeed. First of all, it confirmed what other researchers had found, namely that, contrary to neoliberal fantasy, speech on the Chinese internet is remarkably free, vibrant and raucous. But this unruly discourse is watched by a veritable army (maybe as many as 250,000-strong) of censors. And what they are looking for is only certain kinds of free speech, specifically, speech that has the potential for engendering collective action – mobilising folks to do something together in the offline world.

The study quoted is indeed interesting, and highlights one particular and significant aspect of Chinese censorship. Where Naughton fails, though, is in failing to note the unseen, and this is picked up by CiF commentator steviematt:

The Harvard research and Gary King's opinion are both flawed beyond belief.
It only factors the number of posts that were originally published and then disappeared over the course of weeks and months. It ignores the fact that most posts that are critical never have a chance of passing through the filters in the first place.

Indeed, Naughton fails to notice that many of the websites that the West takes for granted in being able to express their opinions are completely blocked in China. Within China, sites like Twitter and Facebook are essentially completely unavailable. YouTube: no chance. You can get to a limited set of Google sites (search and maps are on-and-off accessible in my experience), but it's very iffy. Blogger seems completely blocked. Bing search seems to work fine though. Why is that?

It's because if you are a western firm who wants to provide an Internet site within China, you have to partner with a Chinese company and accept the conditions of serving users within China - key in this is agreeing to provide identity information of your users (source IP addresses , times logged on etc.) at the "request" of the government. The case of Yahoo and the Chinese dissident Shi Tao is illuminating:

According to a letter Amnesty International received from Yahoo! (YHOO), and Yahoo!'s own later public admissions, Yahoo! China provided account-holder information, in compliance with a government request, that led to Shi Tao's sentencing.

Jerry Yang, then-CEO of Yahoo, got roasted by Congress for providing this information when this story came out. Truth be told, though, he really didn't have much choice - Yahoo had presumably agreed to these conditions when it started serving China-based users. If you don't want to play ball with those conditions, and it seems that Google, Twitter and Facebook don't, you're going to be serving outside China and prone to getting blocked by the Great Firewall.

So when Naughton comments "only some kinds of activities are blocked" it's actually in the context of "only some users are willing to discuss these kinds of activities on sites where they know the government has the right to waltz in and demand their details at any time" (before presumably visiting them at home and offering them an extended stay at a pleasant little camp out in the country, for a year or ten.)

Rumours suggest that Facebook might announce something aimed at Chinese users but it's not obvious how they're going to deal with the existing restrictions. Still, Zuckerberg's a smart guy and doesn't seem to be an obvious patsy for the Chinese regime, so it's possible he's got something clever up his sleeve. Stay tuned.

New clamping down on information in China

Spotted this on a net security research blog yesterday: someone is trying to snoop on the web traffic of Chinese students and researchers:

All evidence indicates that a MITM [man-in-the-middle] attack is being conducted against traffic between China’s nationwide education and research network CERNET and www.google.com. It looks as if the MITM is carried out on a network belonging to AS23911, which is the outer part of CERNET that peers with all external networks. This network is located in China, so we can conclude that the MITM was being done within the country.

To decipher this, readers should note that CERNET is the Chinese network for education and research - universities and the like. The regular Great Firewall of China blocking is fairly crude and makes it practically difficult for researchers to get access to the information they need, so CERNET users have mostly free access to the Internet at large - I'm sure their universities block access to dodgy sites, but to be fair so do Western universities. What's happening is that someone is intercepting - not just snooping on - their requests to go to www.google.com and is trying to pretend to be Google.

The reason the intercept is failing is because Google - like Facebook, Yahoo, Twitter and other sites - redirects plain HTTP requests to its homepage to a HTTPS address, so most people bookmark those sites with an HTTPS address. Therefore the users were requesting https://www.google.com/ and the attackers had to fake Google's SSL certificate. Because of of the way SSL is designed, this is quite hard; they couldn't get a reputable Certificate Authority to sign their certificate saying "sure, this is Google" so they signed it themselves, much like a schoolchild signing a note purportedly from their parent but with their own name. Modern browsers (Chrome, Firefox, modern versions of IE) warn you when this is happening, which is how the users noticed. The Netresec team's analysis showed that the timings of the steps of the connection indicated strongly that the interceptor was somewhere within China.

The attack doesn't seem to be very sophisticated, but it does require reasonable resources and access to networking systems - you've got to reprogram routers in the path of the traffic to redirect the traffic going to Google to come to your own server instead, so you either need to own the routers to start with or compromise the routers of an organisation like a university. Generally, the further you get from the user you're intercepting, the greater your resources need to be. It would be interesting to know what fraction of traffic is being intercepted - the more users you're intercepting, the more computing resource you need to perform the attack because you've got to intercept the connection, log it, and then connect to Google/Twitter/Yahoo yourself to get the results the user is asking for.

The attempted intercepts were originally reported on the Greatfire.org blog which observes that there were several reports from around CERNET of this happening. Was this a trial run? If so it has rather blown up in the faces of the attackers; now the word will circulate about the eavesdropping and CERNET users will be more cautious when faced with odd connection errors.

If the attackers want to press on, I'd expect the next step to be more sophisticated. One approach would be SSL stripping where the interceptor tries to downgrade the connection - the user requests https://www.twitter.com/ but the attacker rewrites that request to be http://www.twitter.com/. The user's browser sees a response for http instead of https and continues with an unencrypted connection. Luckily, with Twitter this will not work well. If you run "curl -I https://www.twitter.com/" from a command line, you'll see this:

HTTP/1.1 301 Moved Permanently
content-length: 0
date: Sat, 06 Sep 2014 17:23:21 UTC
location: https://twitter.com/
server: tsa_a
set-cookie: guest_id=XXXXXXXXXXXXXXXXX; Domain=.twitter.com; Path=/; Expires=Mon, 05-Sep-2016 17:23:21 UTC
strict-transport-security: max-age=631138519
x-connection-hash: aaaaaaaaaaaaaaaa

That "strict-transport-security" line tells the browser that future connections to this site for the next N seconds must use HTTPS, and the browser should not continue the connection if the site tries to use HTTP. This is HTTP Strict Transport Security (HSTS) and Twitter is one of the first big sites I've seen using it - Google and Facebook haven't adopted it yet, at least for their main sites.

Alternatively the interceptor may try to compromise a reputable certificate authority so it can forge SSL certificates that browsers will actually accept. This would be a really big investment, almost certainly requiring nation-state-level resources, and would probably not be done just to snoop on researchers - if you can do this, it's very valuable for all sorts of access. It also won't work for the major sites as browsers like Chrome and Firefox use certificate pinning - they know what the current version of those sites' SSL certs look like, and will complain loudly if they see something different.

The most effective approach, for what it's worth, is to put logging software on all the computers connected to CERNET, but that's probably logistically infeasible - it only works for targeting a small number of users.

So someone with significant resources in China is trying to find out what their researchers are searching for. Is the government getting nervous about what information is flowing into China via this route?

The 2014 Privies

Extremely entertaining - and, in parallel, depressing reading - at Skating on Stilts which has announced the shortlist for the 2014 Privies - dubious achievements in privacy law. Privacy has been getting quite the airing in the past year, which makes the shortlist candidates even more impressive. Please go and vote for your favourite.

While I don't want to unduly influence voting, I feel I must draw attention to some particularly outstanding candidates. First up, President Hollande of France for "Privacy Hypocrite of the Year":

President Hollande called President Obama to describe U.S. spying on its allies as "totally unacceptable," language that was repeated by the Foreign Ministry when it castigated the U.S. ambassador over a story in Le Monde claiming that NSA had scooped up 70 million communications in France in a single month.
Whoops. Two days later, former French foreign minister Kouchner admitted, "Let's be honest, we eavesdrop too. Everyone is listening to everyone else. But we don't have the same means as the United States, which makes us jealous."

For "Worst use of privacy law to protect power and privilege", Max Moseley must be the front runner by a mile:

Mosley himself achieved notoriety in 2009, when the media published pictures of him naked and engaged in a sado-masochistic orgy with five prostitutes. In a move that seems to define self-defeating, Mosley went to court to establish that it was a naked, five-hour sado-masochistic orgy with five hookers, but it wasn't a naked, five-hour sado-masochistic orgy with five hookers and a Nazi theme. He won.

I await the announcement of the shortlist for "Dumbest Privacy cases" with great interest...

Glenn Greenwald - weasel

Watching Glenn Greenwald being interviewed on BBC Newsnight by Kirsty Wark it struck me that he's remarkably blasé about US and UK secrets leaking out to foreign intelligence services. Up to now I've given him the benefit of the doubt that he thought he was doing the right thing, but this interview made it painfully clear what an arrogant little weasel Greenwald actually is.

Wark did a pretty good job pressing him on his motivations and the implications of the leaked data, not to mention the safety of the remaining encrypted data. Greenwald asserted that he and the Guardian had protected the data with "extremely advanced methods of encryption" and he is completely sure that the data is secure. Well, that's fortunate. No danger of anyone having surreptitiously planted a keylogger in either software or hardware on the relevant Guardian computers? No danger of one of the Guardian journalists with access having been compromised by a domestic or foreign security service? Greenwald seems remarkably sure about things he can't practically know about. Perhaps he just doesn't give a crap.

Wark was curious (as am I) about Greenwald's recent contacts with Snowden and Snowden's current welfare. Greenwald claimed that Edward Snowden has protected the data has with "extreme levels of encryption", proof against cracking by the NSA and the "lesser Russian intelligence agencies". Russia being a country where math prodigies are ten a penny, I fear Greenwald may be underestimating their cryptography-fu. Asserting that Snowden didn't spend his life fighting surveillance just to go to Russia and help them surveil, Greenwald stated that the evidence we know makes it "ludicrous" to believe that the Russians or Chinese had access to Snowdon's data.

Hmm. Glenn, I suggest you Google rubber hose cryptanalysis. If I were the Russian FSB, given that they have effectively complete access to and control over Snowden, I'd be extremely tempted to "lean" on him until he gave up the keys that decrypted his stash of data. Heck, why wouldn't they? They'd be practically negligent not to do so. Nor are they likely to shout from the rooftops if they have done so; they're far more likely to exploit the data quietly and effectively while conveniently being able to blame Greenwald and co. for any leaks.

I invite you to contrast this with Greenwald's note that the UK Government "very thuggishly ran roughshod over press freedoms, running criminal investigations and detaining my partner." Detaining David Miranda for nine hours was not necessarily a good plan by the UK, but he was a foreign national and was not a journalist as far as I (and the Guardian) am aware. So Greenwald's reference to press freedom is a little disingenous. As far as "running roughshod" goes, Greenwald can only pray that he doesn't end up in the hands of the FSB... as Guardian journalist Luke Harding could tell him:

Luke Harding, the Moscow correspondent for The Guardian from to 2007 to 2011 and a fierce critic of Russia, alleges that the FSB subjected him to continual psychological harassment, with the aim of either coercing him into practicing self-censorship in his reporting, or to leave the country entirely. He says that FSB used techniques known as Zersetzung (literally "corrosion" or "undermining") which were perfected by the East German Stasi.

The Russian affairs expert Streetwise Professor has been following the Snowden saga with a critical eye for a while now, believing that he's being made to dance to Putin's tune. Most recently he noted that we have no recent statements known to come from Snowdon; even his most recent statement to the UN was read out on his behalf, there's no proof that the statement came from Snowdon himself and indeed the text suggests Greenwald and other Snowden "colleagues" had a hand in his text. If the Russians are treating Snowden well, why isn't he a regular appearance on TV or YouTube?

It must be nice to be as arrogantly cocksure as Greenwald. I bet Snowden for one would be happy to change places with him right now.

Dancing around the Great Firewall of China

It seems a little unfair to give Apple heat over its China policies, given how much employment it creates in China, but apparently Apple have censored a Chinese firewall avoiding-app:

Chinese web users have criticised Apple after the company pulled an iPhone app which enabled users to bypass firewalls and access restricted internet sites. The developers of the free app, OpenDoor, reportedly wrote to Apple protesting against the move. [...] Apple asks iPhone app developers to ensure that their apps "comply with all legal requirements in any location where they are made available to users".

Aha. But the problem here is: China does not acknowledge the existence of the Great Firewall of China (GFW). In fact, any mention of it in a blog post or other social media is enough to get that posting censored. China certainly has strong legal requirements about being able to identify the real person behind an Internet identity on a China-hosted service and foreign firms having to "partner" with a local firm for Internet "compliance", and it freely blocks traffic going outside China (via the GFW) which could retrieve user-generated content relating to sensitive topics, but from a legal perspective the GFW itself cannot be the subject of a legal violation since the GFW does not officially exist because you can't talk about it (and the GFW will censor your traffic if you try to do this across the border). Is your head hurting yet?

This, by the way, is perfectly pragmatic behaviour from Apple. They like being able to do business in China, so it's not enough to satisfy the letter of the law - they want to keep the Chinese government happy. As such, dropping GFW-circumventing apps from the App Store makes perfect business sense. It is, however, particularly weasel-like for them to hide behind "legal requirements", or avoid the topic all together. If they want to play ball with the Chinese government for commercial reasons - and it's their fiduciary duty to improve their commercial prospects - why can't they just say so? (Yes, this is a rhetorical question.)

The OpenDoor app developers purport to be bemused:

"It is unclear to us how a simple browser app could include illegal contents, since it's the user's own choosing of what websites to view," the email says.
"Using the same definition, wouldn't all browser apps, including Apple's own Safari and Google's Chrome, include illegal contents?"

Yes they could, in theory. But browsers use well-known protocols: HTTP, which is clear text, and which the GFW can scan for illegal content like "T1ANANM3N []"; HTTPS, which is secure but can be blocked either based on destination IP or just universally. OpenDoor probably (I haven't looked) does something sneaky to make its traffic look like regular HTTP with innocuous content. The GFW could, with some work, drop OpenDoor traffic based on its characteristics and/or destinations, but they would always be playing catch-up. Instead, Apple "voluntarily" (we don't know if any Chinese government pressure was formally applied) drops it from the App Store in China. Everyone's happy! No-one gets any distressing news about human rights abuses in China, and gatherings of subversives are prevented.

Apple are bending over to help the Chinese government, and that's perfectly acceptable in a capitalist society - let's just be clear that it's voluntary, and in search of profits.

A free market in censorship

Readers of this blog will be aware of my feelings towards the current Chinese government and their attitude towards suppression of free speech. I do, however, have to give them credit; they have created quite the free market in online censorship tools:

King's dabble in Internet entrepreneurialism has shown that Chinese censorship relies more heavily than was known on automatic filtering that holds posts back for human review before they appear online. The researchers also uncovered evidence that China’s vast censorship system is underpinned by a surprisingly vibrant, capitalistic market where companies compete to offer better censorship technology and services.

If you're running an online business in China, especially if you intend to offer per-user accounts, you have no option but to co-operate with one of the approved businesses which will help you conform to the requirements of the Chinese government in censoring posts, providing information on user identity on demand etc. An object lesson in this came from ex-head of Yahoo!, Jerry Yang when he testified to Congress in 2007 regarding the arrest of journalist Shi Tao following Yahoo! turning over Tao's identity to Chinese officials:

In February, 2006, Yahoo's Callahan had testified that Yahoo did not know why Chinese officials wanted information on Tao. But several months later, a U.S. advocacy group for religious and political prisoners in China published translations of documents sent to Yahoo from Chinese officials stating that Tao was suspected of divulging state secrets. "What those documents say is that, at the very least, Yahoo's Beijing office knew what crimes were being investigated when they were approached by law enforcement in China," says Joshua Rosenzweig

You have to feel at least a little sorry for Yang, who was carried along on a wave on enthusiasm about investment in China without, presumably, being informed of what Yahoo! would be obliged to do for the Chinese government in return. Of course, poor Shi Tao is the one who really got it in the shorts.

But back to modern online business in China. If (heaven forbid) this censorship system was implemented in the UK I can imagine a new body, say the "Online Identity Check Executive", issuing reams of degrees about how censorship should be conducted, appropriate regulations, "best practice" advice and an "Approved Code of Practice" booklet issued annually and consuming several inches of shelf space. The instinct for bureaucrats is to control finer and finer details in order to increase the need for their organization. That makes it all the more remarkable that in China how you satisfy the government is really up to you, and there's an enthusiastic market in tools, systems and people to help you maximise your bang per yuan in your censorship systems:

Companies are free to run their censorship operations mostly as they wish, as long as they don’t allow the wrong kind of speech to flourish. That creates an incentive to find ways to censor more effectively so as to minimize the impact on profitability.

Interestingly, "the wrong kind of speech" seems to focus more on collective action than on isolated "the system sucks" speech. The Chinese government are clearly terrified of an organized rebellion, along the lines of 1989's Tiananmen Square action but more coherent and better planned. The article also notes the censorship rate: about 2 censors per 50,000 users seems to be the minimum for effective censorship assuming the use of reasonably effective tools to pre-screen posts for censor review.

So a certain grudging admiration for the Chinese government in making a blatantly capitalistic approach to maximising the effect of their censorship. Of course, the companies actually providing these tools are enabling the censorship in the first place, but even then they could argue that they are maximising the ability of Chinese citizens to engage online, censoring the minimum number of their posts - after all, manual censor review costs money, so the fewer posts selected for review the better.

Public goods can also be public bads

Imagine a village in the middle of the woods. The villagers use wood for many of their needs - building houses, firewood etc. - but it's rather tedious carrying axes into the wood to find a suitable tree, and then axing down a tree is slow and error-prone. The village elders, mindful of this, buy a job lot of high-spec chainsaws and distribute them around the wood marked by big red flags. A villager can wander into the wood, spot a handy-looking tree, find the nearest chainsaw, drop the tree in no time and then leave the chainsaw by the flag before pulling his tree back home.

Unfortunately, some of the village youth have a nihilistic bent. One evening they go into the woods, get a chainsaw each, bring them back to the village and chop down the structural pillars of a number of houses before they can be caught and stopped. The village elders are embarrassed that their good intentions in improving village life have been turned on them to wreak industrial havoc. Perhaps leaving high-powered machinery around the woods for anyone to use has its downsides?

This is roughly the situation that the Internet finds itself in currently, as described in CloudFlare's account of the ongoing DDoS that nearly broke the Internet. Anyone with a technical bent should go read the original, for it is a very good (if frightening) piece. For those less technical or with less time, here's the short version.

Spamhaus is a long-existing Internet establishment that does its best to identify email spammers and the machines they use to spam, and feeds data to major Internet Service Providers and other entities enabling them to identify that spam and cut it off early before it overwhelms users' inboxes. They have been very successful at this; the email spam problem today is still substantial but much, much better than it used to be even a couple of years ago. Recently they identified a fairly "liberal" Dutch hosting company "Cyberbunker" as spammers and started including them in their blacklist. It would be safe to say that Cyberbunker did not appreciate this.

Last week Spamhaus was on the receiving end of a big Distributed Denial of Service (DDoS) attack, thousands of compromised computers being used to drown Spamhaus's website in a flood of requests. This was initially very successful. Spamhaus asked for help, and distributed hosting provider CloudFlare stepped in to host Spamhaus. Their defences and capacity could cope with the attack. But this did not stop the attackers, who have raised their game in recent days:

An engineer at one of the largest Internet communications firms said the attacks in recent days have been as many as five times larger than what was seen recently in attacks against major American banks. [my emphasis] He said the attacks were not large enough to saturate the company's largest routers, but they had overwhelmed important equipment.

The attacks have been so big (up to 300 gigabits per second - enough data every second to represent the text of 100,000 novels) that they have started to saturate some of the networking hardware of the Internet exchanges, the entities which "glue" the major parts of the Internet together. If you've been seeing slower-than-usual Internet speeds over the past few days, this may have been part of the problem.

What does this have to do with chainsaws in the woods? Well, the attackers have a lot of computers under their control, but those computers are mostly on regular home Internet connections and can't get near the upload rate they'd need to each 300Gbps. Instead they are sending forged requests to open DNS recursor hosts. These computers, which are the chainsaws in our example, are part of the Internet's naming system - "DNS", the Domain Name System - which translates human-readable names into the numeric addresses used by the Internet. As an example, www.dailymail.co.uk translates into the Internet (version 4) address 23.59.191.33.

Normally these computers are provided by ISPs and serve only that ISP's customers. However a number of them, either by misconfiguration or by design, accept requests from anyone. Worse, a) there are certain queries where a very small request can result in the DNS host returning a large amount of data (the "amplification" problem) and b) it is possible for the requesting computer to forge its sending address to pretend that it's a different computer. The result of this is that a single computer with a very slow link to the rest of the Net can command an open DNS host to send a much larger stream of data to any Internet address it chooses. This is a big problem, allowing distributed denial of service attacks of much more traffic than the compromised computers can send.

I expect that as a result of the Spamhaus attack more work will be done to lock down open DNS hosts, or at least get them to react much more slowly to unknown users. Still, this situation is a reminder that providing public goods can come with unexpected public costs.

Update: a sysadmin with an open DNS server confesses. Well, that's 0.0005 Gbit/s down, only 299.9995 Gbit/s to go.

First Benghazi sacrifice - Susan Rice

Sure enough, a decent interval after the US election, Ambassador Susan Rice takes the fall for Benghazi. Nominated for the position of Secretary of State, she has withdrawn her nomination after Republican politicians have repeatedly asked pointed questions about her comments on the Benghazi attack:

The move followed weeks of controversy on Capitol Hill over the possibility of her nomination, with Republicans threatening to block Rice from the post over concerns about her September comments on the Libya terror attack. Some lawmakers continue to charge that Rice misled the American people when she said on Sept. 16 that the attack was the result of a "spontaneous" demonstration spun out of control.
President Obama, in a written statement Thursday, called those claims "unfair and misleading" but said he accepts her decision.

There have been the expected polemics about the Republicans being unable to tolerate a woman of colour as Secretary of State, but I think the Obama administration must be quite relieved that Susan Rice has been effective as ablative protection of the administration. No harm done, they can point to Rice's departure as a retort that "action was taken" about Benghazi.

I'd like to think that the US and UK media will press for more information about exactly who failed to send support to the besieged Benghazi consulate and why support was refused. However I expect they will use Rice's withdrawal as an excuse to avoid any further investigation. If you don't want to rock a boat, you don't shift from your seat.

Let's give control of the Net to China and Russia!

Following on from the European Parliament voting to keep the Internet out of the hands of the ITU, we have the Chinese "People's Daily Online" "editorial team" arguing for the opposite - placing ICANN firmly under the thumb of the ITU. One can only imagine about the divergence between the opinions of the People's Daily editors and the Communist Party leadership; I suspect you'd find it hard to slip a sheet of rice paper between them.

It's fairly clear what the Chinese want:

More and more countries are beginning to question the U.S. control over the world's Internet as the international resource should be managed and supervised by all countries together.

Note that, as per the Europarl vote "more and more countries" does not seem to include many of the countries which actually respect freedom of speech. And what will this change consist of?

As a big country on the Internet, China opposes the U.S. unreasonable and unilateral management of the Internet, and seeks to work with the international community to build a new international Internet governance system.

"Governance". Well, we've seen the Chinese and Russian approaches to governance in their countries and the great contributions that they have made to human rights and freedom of speech. This sounds like just the approach that the Internet could benefit from, don't you think?

I submitted a comment to the People's Daily article, since they have a comments box. Oddly, no comments have yet made it through moderation. How strange.

Is China more legitimate than the West?

A provocative title for sure, as Sinophile Martin Jacques argues that the Chinese government may enjoy greater legitimacy than Western governments:

Now let me shock you: the Chinese state enjoys greater legitimacy than any Western state. How come?
In China's case the source of the state's legitimacy lies entirely outside the history or experience of Western societies.

He argues that China is all about Chinese "civilisation", an entity outside any one particular government or leader, a multi-thousand year cultural epiphenomenon. A government holding together such a huge area and spread of cultures can only be achieved with strong central control and repeated pushback on any behaviour that may undermine that central control in any way.

Where Jacques' true colours come out is when he attempts to tackle the issue of Chinese censorship and oppression:

If the Chinese state enjoys such support, then why does it display such signs of paranoia? The controls on the press and the internet, the periodic arrest of dissidents, and the rest of it. Good point. Actually, all Chinese governments have displayed these same symptoms. Why?
Because the country is huge and governance is extremely difficult. They are always anxious, always fearing the unforeseen. Anticipating sources of instability has long been regarded as a fundamental attribute of good governance.

For "anticipating sources of instability", I assume he includes:

• the 1989 Tianamen Square massacre (or should that be "re-education"?)
• the deaths of millions from starvation and abuse during the "Great Leap Forward" ("economic restructuring"?)
• deaths, organ harvesting from and imprisonment of Falun Gong practitioners in China ("religious consolidation"?)
• extensive suppression of information and interaction on the Internet, coupled with denial that this ever takes place ("preserving the population's modesty"?)

and so on.

I was a little confused about why he would argue all this until I read Martin Jacques' biography:

He was editor of the [Communist Party of Great Britain]'s journal, Marxism Today from 1977 until its closure in 1991 [...] a visiting professor at Renmin University in Beijing [...]

Suddenly it all becomes clear why Jacques is an apologist for mass-murdering censoring oppressing control freaks - it's his profession! I particularly enjoyed a hagiography on Jacques on Graham Stevenson's "Communist Biogs":

Despite having clearly been at odds with the basic approach of the Communist Party for, at the very least, ten to fifteen years (some might wonder if it had been all along, and how that worked!) Jacques finally left the party in 1991, citing his horror at the level of financial subsidy provided to the British Communist Party by the [Communist Party of the Soviet Union].

Perhaps he thought they ought to have taken Chinese yuan rather than Russian roubles? I note that 1991 was when European Communism was effectively dead and buried, with German reunification in full swing. I guess he wanted to jump to a communist allegiance with more of a future. There's also an interesting note about think tank Demos:

He, and others with roots in what would become New Labour launched "Demos", seen as a cross-party think-tank, which soon gained offices and funds. He had planned Demos from at least a year or so before the final dissolution of the rump CPGB.

So for anyone wondering why Demos pieces can lean so far left and verge on the totalitarian, it's because the founders had some considerable form in that area.

It amuses me that the BBC sees fit to publish this piece, but I can't imagine them publishing a similar piece e.g. by Nikolaos Michaloliakos of Golden Dawn arguing that national fascism is essentially more democratic than the European Parliament. Can you?

Media bias? What media bias?

An editorial for the ages at The Grauniad today: the problem with the US media is that they're too even-handed:

To put it at its simplest, the election is so close that its outcome may be determined by whether the lies told during the campaign, above all by the Republican side, stick or not.

Wow, thank goodness we have the impartial UK media, exemplified by The Grauniad, to defend freedom, democracy and unbiased reporting.

Sure, Fox News is Republican-slanted, although its precise bias depends on the presenter - there's a large gap between Bill O'Reilly and Greta van Susteren, and commentators like Michelle Malkin can be pretty dismissive of mainstream Republican policies - but the belief that CBS, MSNBC and CNN have anything other than Democratic-leaning journalists is denial beyond reason:

Elements of the American media, like Fox News, are partisan to the point of outright distortion, while others are hampered by what Paul Krugman has called the "cult of balance",

Paul Krugman: you're talking through your arse. Every journalist and every news channel has a bias, even (gasp) the BBC. Candy Crowley from CNN did an appalling job of "moderating" the second presidential debate, backing up Obama and deflating Romney on the point of whether Obama acknowledged the Benghazi attack as an "act of terror" despite later admitting that her interjection was incorrect. There was nothing neutral about her moderation, and trying to claim otherwise is ludicrous. By contrast, I thought the other two presidential debate moderators were reasonably neutral in their actions, no matter what their private opinions.

The Guardian editorial does have a point when it notes:

Where the partisan press cannot be trusted to check the facts offered by the politicians they favour or accept the versions offered by those they do not, and the more independent or liberal press will not do so in either case, democracy is clearly in trouble.

Like Obama's claim about having fewer bayonets in the Army, perhaps? It seems that only the army of bloggers is willing to pick apart these claims, while the mainstream media revels in the "zinger" without examining the facts.

The editorial notes:

Emerson said that if you threw a fact out of the window you would come back later to find it sitting in the chimney corner. But that might well be after you had voted.

It is ironic that Ralph Waldo Emerson was a champion of Individualism and would have despised the group-think prevalent in today's media. If anything, I suspect he would have cheered the counter-mainstream opinions of Fox News.

Sufis not keen on certain free speech

I missed this event in the news, but YouTube (ironically) has coverage: Mr. Moulana Ghulam Ahmed Rabbani leading a protest outside Google's Dublin office:

"We have a right not to be insulted!"
[...]
"If this is not terrorism, what is the definition of terrorism?"

Er, I'm sorry Mr. Rabbani, but I'm afraid you don't actually have that right not to be insulted. Free speech (look it up) is the right to say more or less what you want. This may involve hurting someone's feelings. If I accuse a crash-for-cash solicitor of being a scum-sucking subhuman weasel then I'm going to hurt his or her feelings; that is, however, not a reason to restrict me from saying those things.

Define terrorism:

Noun: The use of violence and intimidation in the pursuit of political aims. Synonyms: terror

Hope this helps, Mr. Rabbani. For what it's worth, I don't seem much violence or intimidation from those publishing the insulting videos.

Kudos to the Irish Sufi Foundation that they didn't actually hurl rocks, set fire to things or assault people during these protests (oh, how low our expectations have sunk that this is grounds for praise). However, they need to realise that the Western World has standards of free speech that are very different from those in the Middle East, and living in Western societies means accepting these consequences.