Happy Independence Day!

I was going to put up something about the mythical story of the Liberty Bell being rung on July 4, 1776 (a story invented in the mid-19th century by George Lippard of Philadelphia--the name "Liberty Bell" is actually a Civil War-era name regarding the abolition of slavery, not American independence), but I was unable to find my copy of Legends, Lies, and Cherished Myths of American History. Instead, here are links to a few other sites that have put up some nice Independence Day postings:

Radley Balko at The Agitator asks:

if forced to put the people who crow loudest about patriotism today on one side or the other in 1776, wouldn't you think most of them would have been defending empire, tradition, and the glory of the crown? I can almost read the National Review editorial now, inveighing against the radical, Godless-deist separatists!

Here's another: Would the founders -- whom our government celebrates today -- have tolerated the government we have now? As Cowen notes, we rose up and revolted against a government that was far less intrusive, invasive, and -- at risk of hyperbole -- tyrannical than the one we have now. My guess is that alcohol prohibition alone would've been enough have Payne [sic] or Jefferson calling for arms. Never mind the New Deal, the Great Society, or today's encroaching police state.

Catallarchy supplies six July 4th posts:

Patri Friedman repeats last year's post about flag burning, still applicable today.

Brian Doss provides the key historical documents through a series of five posts:

A key passage from Magna Carta which he thinks may have been a seed for the American Revolution:

And if we shall not have corrected the transgression (or, in the event of our being out of the realm, if our justiciar shall not have corrected it) within forty days, reckoning from the time it has been intimated to us (or to our justiciar, if we should be out of the realm), the four barons aforesaid shall refer that matter to the rest of the five and twenty barons, and those five and twenty barons shall, together with the community of the whole realm, distrain and distress us in all possible ways, namely, by seizing our castles, lands, possessions, and in any other way they can, until redress has been obtained as they deem fit, saving harmless our own person, and the persons of our queen and children; and when redress has been obtained, they shall resume their old relations towards us.

King George's Proclamation of Rebellion.

A quote from and link to Thomas Paine's Common Sense.

Another post with the text of a rough draft of the Declaration of Independence.

The final text of the Declaration of Independence.

Sheldon Richman quotes the Declaration, and asks whether it's time for another one...

Kevin Carson points out the irony of "the lapdog press praising an imperial war machine as the source of our liberties, given that we won our freedom and independence fighting a war against our own governments" and supplies a series of "real patriotic, freedom-loving quotes, in honor of the anti-authoritarian hell-raisers who really founded this country."

Ed Brayton at Dispatches from the Culture Wars describes a bit of the history around the Declaration of Independence, and the coincidence of John Adams and Thomas Jefferson both dying on the 50th anniversary of its signing, and ends with a statement of commitment to the principles of liberty rather than to government:

The 4th of July, for me, has very little to do with patriotism or nationalism, feelings that seem to affect me far less than most men. My allegiance is not to the nation, it is to the set of principles upon which the nation was founded. When the government upholds those principles, I offer it praise; when it violates them, I offer my anger and my opposition. Those principles of individual liberty and equality before the law are, in my mind, sacred and inviolable. They are the cornerstone of my view of human civilization; whatever advances them has my support, whatever impedes them my opposition.

The photos above are of the Declaration of Independence at the National Archives in Washington D.C. on May 5, 2006, and of the monument at John Hancock's grave in the Granary Burying Ground, Boston (where two other Declaration signers, Samuel Adams and Robert Treat Paine, are also buried), on the afternoon of June 29, 2006.

Review of The Millionaire Mind

I've submitted this review of The Millionaire Mind by Thomas J. Stanley, Ph.D. (2001, Andrews McMeel Publishing) to Amazon.com:

This is a deeply flawed book. It purports to be a description of the characteristics and attitudes that make wealthy people wealthy, but it is based mostly on their self-assessments without comparison to a control group. I suspect that this heavily underplays the role of random chance in success, and attributes causation where there is only correlation. Further, the author display clear biases on a number of topics, which leads him to engage in ad hoc interpretation of his data, sometimes to argue for conclusions that are contrary to the clear implications of the data--such as his arguments for the importance of religion in the lives of millionaires.

On pp. 33-35, the author looks at success factors, and compares to the role of luck on pp. 82-85, which he downplays in favor of discipline. While he touches on the importance of having the right connections (and the genetic contributions to intelligence), on p. 85 he asks "what does luck have to do with graduating from medical school? What does luck have to do with successfully running a medical practice? Very little, according to these physicians." But what does luck have to do with being born into a family and in a country where one has a chance to reach adulthood, let alone be able to attend a medical school? Quite a bit.

Unlike its predecessor, which looked at prodigious accumulators of wealth (PAWs) vs. under-accumulators of wealth (UAWs), this book focuses on millionaires (PAWs) and decamillionaires (a tiny subset of PAWs, those with net worth $10M or greater). The lack of comparison to the general public serves to limit the book's value.

A misleading comparison between businessmen and stockbrokers on pp. 76ff makes the point. Stanley states that the former is an occupation more likely to have higher net worth. But this comparison is misleading because he's only looking at the millionaire-plus sample; he is excluding more of the total business owner population from his sample than stockbrokers. The average and median income and net worth for business owners are likely lower than for stockbrokers. If he made the same comparison with actors or musicians to stockbrokers, for example, the problem is more obvious--by excluding all those who aren't worth $1M or more up front, you exclude the vast majority, and pull up the average. With stockbrokers, on the other hand, a higher percentage of them are in the top income earners and wealthy.

On p. 110, after having pages about the importance of ethics and advising "Never lie. Never tell one lie." (p. 55), he passes right over his example, Mr. Warren, lying about being a college graduate in order to get a job, without comment, and without noticing the hypocrisy.

On pp. 173-174, the author wants to make the point that prayer is important for millionaires dealing with stress, despite the fact that the majority of his surveyed population do not regularly pray. (He repeats this again on p. 370, saying "nearly one-half of the millionaires (47 percent) engaged in prayer. ... for a significant percentage of millionaires, their religious faith is a major force in their lives.")

In trying to emphasize the point (p. 174), he splits his sample into "religious millionaires" (RM) and "other millionaires" (OM), observes that 75% of RM engage in prayer while only 8% of OM do, and points out that this is "a ratio of more than nine to one." This is a meaningless comparison, however--RM make up only 37% of his total population of millionaires, so his "more than nine to one" ratio is really nothing more than saying, of those millionaires who are religious, three-fourths hold religious practices which involve regular prayer (and 8% of those who do not consider themselves religious pray anyway). Since the OM population is much larger than the RM population, in absolute numbers that's not a nine-to-one ratio--his numbers show that about 28% of his total sample are RM who pray, while 5% of his total sample are OM who pray--closer to a six-to-one ratio.

But more importantly, the author glosses over the fact that not only are the majority of millionaires not religious, even a quarter of those who are don't engage in regular prayer! Given that the U.S. is one of the most religious countries in the world, the fact that such a low percentage of millionaires are religious is quite interesting and worthy of further exploration as to the cause, but for Stanley, religion and prayer are an important foundation of the "millionaire mind," and he completely misses the opportunity to find an explanation for why millionaires are so much less religious than the general population.

In a later table in the book on p. 366, he shows activities engaged in by a sample of 733 millionaires during the preceding 30 days. The table includes 52% attending religious services, 47% praying, 37% attending religious events, 22% Bible/devotional reading. These numbers don't quite match up with the RM/OM data from pp. 173-174, which seem to show even lower levels of religious activity, but these are still lower than they are for the nonmillionaire population--and weekly church attendance is notoriously over-reported in surveys. Work by Mark Chaves, C. Kirk Hardaway, and P.L. Marler in the 1990s found the actual percentage of attendance about half of what surveys show. This actually could mean that millionaires attend more often, if Stanley's survey results don't have similar over-reporting.

The author's religious bias further leads him to recommend to a student going through a divorce that she, despite not being a church attendee, search for a mate by joining a church group (p. 268) because she "believed in marriage and the traditional family concept." He writes that "I believe that one is likely to find better prospects in a church setting than in singles bars. Of course, there are no guarantees, but people with a religious orientation are more prone to respect the principles espoused in the Good Book." But why is he just guessing on this? Hasn't he asked his population of millionaires--the ones who are 63% non-religious--how they met their mates? He did this, very usefully, regarding how millionaires purchase their homes (pp. 315-326)--yet isn't picking a partner even more important?

This book has some interesting data, and is at its best when giving comparative results between populations (e.g., the house-purchasing characteristics of economically productive millionaires vs. non-economically productive millionaires in chapter 7). But it doesn't stand up well in comparison to The Millionaire Next Door, which is a much better book.

Karl Pflock dies

Karl Pflock, the author of Roswell: Inconvenient Facts and the Will to Believe and co-author with Jim Moseley of Shockingly Close to the Truth, died at age 63 on June 5. Pflock had been a contributing editor to Moseley's Saucer Smear, but had stopped contributing regularly after being diagnosed with ALS (also known as Lou Gehrig's Disease). Pflock was an entertaining writer and a fair-minded skeptic (he was a believer in UFOs, but his book on Roswell is the best skeptical treatment of the topic). The June 30, 2006 issue of Saucer Smear contains an obituary of Pflock by Jim Moseley.

NY Times and SWIFT

Ed Brayton calls out both the NY Times and those accusing the Times of treason for reporting that the U.S. government is data mining in financial data from SWIFT. He points out that the Times is criticizing the U.S. government for doing what the Times itself editorialized in favor of the government doing, and also points out that it hasn't really revealed anything of significance that the Bush administration hadn't already publicly said it was doing. Further, the only actually new thing reported--that the government is accessing large amounts of data with broad subpoenas, rather than specific transactions--was also reported by the Wall Street Journal, but without it being hit with the same criticisms as the Times.

This is a significant outbreak of inconsistency.

Back from Boston

Kat and I are back from a short trip to Boston, a mix of business and pleasure. I participated in a panel discussion Wednesday at the Silicon Valley Bank in Newton on carrier IP security and met with a customer on Thursday, but most of the rest of the time was available for sightseeing. The photos are from the Museum of Science and the Charlestown Navy Yard (where the U.S.S. Constitution is docked), respectively. We walked the Freedom Trail, saw numerous art cows, and spent some time with friends. We came back before the big Boston Pops concert/fireworks show on the Charles River, but we did get to see the fully-loaded fireworks barge being pushed into place.

Arizona Senators on the Flag Desecration Amendment

Both John McCain and Jon Kyl voted in favor of the desecration of the Constitution, but it failed by just one vote.

We have an opportunity this year to get rid of Kyl. We should take it.

(Arizona's Representatives voted much more honorably.)

Arizona Representatives on the Flag Desecration Amendment

Last week, the U.S. House of Representatives voted in favor of House Joint Resolution 10 to amend the U.S. Constitution to limit the scope of the First Amendment by banning the desecration of the flag. The resolution passed, 286-130, with 18 not voting. The voting went more-or-less along party lines, with Republicans going 209-12-10, Democrats 77-117-8, and Independents 0-1-0. The Senate has yet to vote on it.

To their credit, three of Arizona's Republican Representatives showed a willingness to buck the party line, accounting for a quarter of the Republicans who opposed the measure. Their votes went as follows:

In favor: Franks (R), Hayworth (R), Renzi (R)
Opposed: Flake (R), Grijalva (D), Kolbe (R), Pastor (D), Shadegg (R).

In a recent post at Dispatches from the Culture Wars, Ed Brayton quoted from and commented on an essay from Jonathan Alter:

I inherited my one litmus test from my father, Jim Alter, who flew 33 harrowing missions over Nazi Germany during World War II. My father is not just a veteran who by all odds should not have survived. He is a true patriot. His litmus test is the proposal to amend the Constitution to ban flag burning, which will come up for a vote next week in the U.S. Senate. For dad--and me--any member of Congress who supports amending the Bill of Rights for the first time in the history of this country for a nonproblem like flag burning is showing serious disrespect for our Constitution and for the values for which brave Americans gave their lives. Such disrespect is a much more serious threat than the random idiots who once every decade or so try (often unsuccessfully) to burn a flag.

I'll go even further than that. Hell, I'll go a lot further than that. If you're the kind of person who supports a ban on flag burning, that fact alone is enough to brand you, in my view, as either a demagogue or someone weak-minded enough to be led by demagogues who play on your most shallow and childish emotional responses. Like the flag itself, the flag burning amendment is purely symbolic. And anyone who would throw away free speech rights for symbolic achievement has no business being in any political office in this country.

I second Brayton's sentiment. Let's get rid of Arizona's demogagues, Franks, Hayworth, and Renzi.

Help me help dogs and cats

Jim and I have been volunteering with RESCUE (Reducing Euthanasia at Shelters through Commitment and Underlying Education) since January 2002. Two of our dogs, Otto and Fred, came from RESCUE. We believe it is a worthy cause and I am asking for you help. I am participating in the Fourth Annual Bowl-A-Rama which raises money for animal organizations in Arizona. I am on Team Tango, representing RESCUE.

All pledges raised by RESCUE will go directly to their mission of providing a second chance at life for dogs and cats who, through no fault of their own, are spending their final days at Maricopa County Animal Care and Control. Thes money goes toward medical treatment, boarding, etc. while the animals are in RESCUE's care. The passion that began RESCUE has resulted in a volunteer-driven non-profit corporation with over 300 dedicated volunteers who have helped care for and place over 8,000 wonderful cats and dogs.

If you can spare $10, $20 or more, please go to http://bowl.azrescue.org and make a pledge to Team Tango.

A version of net neutrality I can endorse

In an attempt to offer something constructive, here's a version of network neutrality--let's call it Lippard Network Neutrality--that seems to me to be reasonable, providing me with what I want as a consumer of Internet services and what I would want if I were managing security for the provider of those services:

1. Nondiscrimination

Companies that provide facilities-based wireline broadband (i.e., those who own the last-mile wires) to residences must provide unrestricted Internet access to their customers who wish to purchase Internet access, allowing the use of any Internet service or application that does not violate any laws or cause degradation or disruption to the service or other customers. The provider may engage in filtering for consumer-grade service in order to prevent the spread of malware and the sending of spam, including (for example) SMTP filtering or redirection to the provider's mail services, but must allow the purchase of business-grade service under which customers may operate their own mail servers. The provider retains the right to suspend service or quarantine users that send spam, become compromised with malware, or engage in illegal activity or activity that disrupts the service.

2. Unbundling

Providers must unbundle Internet access from other services sold over the same connection, so that a customer may use the entire capacity of the circuit for Internet access.

These two requirements would give me what I want as a customer, as well as give the provider the ability to recover their costs, provide services that use QoS, provide additional filtering to protect their network and the rest of their customer base from malware, and so on. I think it's quite reasonable for a basic consumer Internet service to do port 25 filtering, force the use of the provider's mail servers, and to do network-based filtering of malware--but I would like the ability to pay extra for completely unfiltered Internet service and take steps to protect myself. And in fact, that's what I'm currently paying Cox for today--I pay for business-grade service to my home in order to run my own servers here, though I could put those servers into a colo facility and get the same effect, which is what I would do if Cox decided to discontinue offering business-class service to residences. Because that option exists, it would not be necessary to mandate that providers must provide business class service as I described above, but I'd still want to be able to ensure that I could access my remotely hosted services from home.

How this differs from what many network neutrality advocates are arguing for:

1. I don't prohibit QoS or tiering, as that is a genuinely useful network feature where I expect to see future innovation of services that depend on it.
2. The nondiscrimination provision is written to allow some kind of less-than-full-Internet walled garden service at low cost--so long as customers can still purchase real Internet service. (I think such a service would be under competitive pressure to allow access to the full Internet, for the same reason AOL ended up allowing full Internet access--otherwise the service wouldn't attract enough users to be a successful product offering.)
3. I don't prohibit differential pricing for different services and classes of service.
4. I don't set any restrictions on contractual arrangements (apart from these two restrictions), including interconnection agreements or who pays. I think that should be left to private negotiation and competition.
5. I don't extend these requirements to other types of Internet providers such as backbone providers or those providing business services, as those are areas with plenty of competition.
6. I don't extend these requirements to wireless providers, because I think that with sensible market-based allocation of spectrum, there could be plenty of independent competition with much less capital expenditure than for wireline deployment.

I could possibly be persuaded that there is a place for common carriage requirements, especially for access circuits to businesses, which is where the last-mile providers could really engage in anti-competitive behavior against backbone providers that don't own a lot of last-mile wires (e.g., Level 3, Global Crossing, Sprint), now that the major telco last-mile providers have each merged with a major backbone provider themselves (Qwest/U.S. West, AT&T/SBC/BellSouth, Verizon/MCI). This requirement currently exists in the law for telcos, and unlike the common carriage requirement for DSL, is not planned to go away next year.

I would not put the above into the purview of the FCC, at least not with their current dispute resolution procedures which favor the telcos. Paul Kouroupas at Global Crossing (also my employer) has been arguing for "baseball-style" or final arbitration dispute resolution, where each side submits their best and final offer to an arbitrator, who chooses the best. This provides incentive for each side to try to reach the best agreement up front, as well as a process that can proceed quickly, without any government involvement or expense. This suggestion is the second point of Global Crossing's proposed REFORM legislative agenda. (Unbundling and common carriage of bottlenecks such as last-mile access circuits are the sixth point.)

Comments, criticisms? I should add that I believe what I've spelled out above is pretty close to what I've heard is in Sen. Stevens' telecom reform bill, though I haven't read it and I suspect he applies the nondiscrimination and unbundling requirements more widely than to residential broadband.

Extending CALEA to VoIP: a bad idea

The Information Technology Association of America (ITAA) has issued a report on “Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP” (21-page PDF) by Steven Bellovin, Matt Blaze, Ernest Brickell, Clinton Brooks, Vinton Cerf, Whitfield Diffie, Susan Landau, Jon Peterson, and John Treichler. This report comes at a time when the FCC and courts have already ruled that VoIP and facilities-based broadband providers must provide lawful interception capabilities under CALEA for VoIP services that are “interconnected” with the publicly-switched telephone network (PSTN).

The report effectively argues that in order to extend CALEA compliance to VoIP, “it is necessary either to eliminate the flexibility that Internet communications allow—thus making VoIP essentially a copy of the PSTN—or else introduce serious security risks to domestic VoIP implementations. The former would have significant negative effects on U.S. ability to innovate, while the latter is simply dangerous.”

The report gives a good basic explanation of VoIP (which comes in a variety of possible flavors), an explanation of pre-CALEA wiretapping and current CALEA wiretapping (including cellular telephone wiretapping and roving wiretaps), and then describes the similarities and differences between the Internet and the PSTN.

It then describes the issues of security raised by applying CALEA to VoIP and the risks to innovation created by applying CALEA to VoIP.

Two of the key problems for applying CALEA to VoIP are:

• VoIP mobility. A VoIP phone can be plugged in anywhere on the Internet, for non-facilities-based VoIP providers like Vonage. The network that connects the VoIP phone to the Internet—which is the one in a position to intercept the call data--need not be the network of the VoIP provider, or have any relationship with the VoIP provider.
• VoIP identity agility. A VoIP user can have multiple VoIP providers and easily switch between them from moment to moment. The owner of the Internet access network is not in a position to know who a VoIP user is purchasing VoIP services from. They are in a position to be able to intercept and detect what VoIP providers the user connects to directly, but not if the VoIP user is using encrypted traffic through proxies.

Further problems are caused by the fact that the communications between two VoIP phones is peer-to-peer, and the routing of a call at the IP layer can change in mid-call. Because of the former issue, the call contents may not traverse the VoIP provider's network, and thus it will not be in a position to intercept (unless it behaves like the PSTN, forcing the call contents to also come through its network, using SIP proxies/RTP relays). In order to truly be able to intercept all VoIP calls using VoIP as it is designed, there would have to be cooperation between the VoIP user’s access provider of the moment (which could be any Internet provider—a WiFi hotspot, a friend’s ISP, a hotel’s Internet connection) and the VoIP provider being used—but law enforcement may not be in a position to know either of these. The kind of cooperation required would have to be very rapid, with interception equipment and systems already in place and able to eavesdrop wherever the voice traffic may flow, upon appropriate request. This would require extensive coordination across every VoIP and Internet provider in the United States of a sort that doesn’t exist today. It would require extremely careful design and implementation to avoid creating vulnerabilities that would allow this incredibly complex infrastructure to be exploited by unauthorized users--but with so many parties involved, I think that's a pipe dream. This incident with cellular telephony in Greece shows what can already happen today with unauthorized parties exploiting CALEA technology.

And the FCC has ordered that it be in place by May 14, 2007. There’s no way that’s remotely possible--note that the FCC gave ordinary wireline telephone companies over a decade to implement CALEA in the PSTN, and it has been an extremely difficult and expensive process. At best, by the deadline facilities-based VoIP providers will be able to provide interception for call traffic that goes across their own networks, and apparently be forced to do that for all traffic (or else there would be a way to distinguish calls being rerouted for interception from all other calls). And if that's the only kind of VoIP that is permitted, VoIP innovation is stifled.

One company that has been pushing hard for these extensions of CALEA is Verisign. They have been doing so because they want to act as the one-stop-shop for U.S. law enforcement, setting up their own infrastructure to interconnect with all Internet and VoIP providers to provide everything from subpoena handling to wiretapping services under contract to the providers. This would effectively hand off wiretapping capability to a third party, working on behalf of the government, over which the individual providers would have little oversight.

For more on CALEA, see the Electronic Frontier Foundation's CALEA website. For more on the history and politics of wiretapping, see Whitfield Diffie and Susan Landau's excellent book, Privacy on the Line: The Politics of Wiretapping and Encryption.

UPDATE July 7, 2006: I've updated the above text in light of Charles' comment, to make it more accurate about interception by forcing VoIP calls to route through the VoIP provider's network.