Friday, October 24, 2014

Security versus Privacy

The difference between security and privacy is not that hard. If others can see my bank transactions then I lack privacy. If others can take money out of my bank account then I lack security. However important people think privacy is, they must admit that security is much more important ... Right?

In fact we see an endless stream of postings that seem to be completely muddled about the difference between security and privacy. There are good reasons for that:
  • Security is about the protection of our assets, including life and health. Privacy is the particular asset that is most immediately compromised by security breaches in the information industry
  • Often we use privacy to protect our security. This is most obvious in the way we protect passwords and PINs. Anonymity, an extreme form of privacy, is used as a security mechanism by those doing things, good or bad, that others would, rightly or wrongly, seek to punish.
  • An important information security mechanism is public key cryptography, where keys come in pairs: the public key that is made available to all; and the private key that the owner holds and does not share. In this case the word "private" is to distinguish it from "secret": A secret, and in particular a secret key, is something that is shared.
Still it is hard to understand the confusion, because we see that privacy is something that most people seem prepared to give up very lightly. Most of us enter "customer relationship management" schemes for very little reward, put details of our life on social media, tolerate privacy invading indignities at airports.

I ask people pushing for protection of privacy to address actual privacy issues. If they are actually interested in privacy as an enabler of security then they need to include some evaluation of how effective it is in that regard. When governments lacked the ability to penetrate the anonymity of protesters then it was effective. Would it still be effective if governments said that they would not use their new capabilities to penetrate people's anonymity? Pardon my doubts.

Most particularly I want people to acknowledge that the greatest protection of our security against the government, and against the oligarchs, is transparency and accountability. Transparency is anti-privacy, and that is what we need. People advocating for individual privacy need to be explicit about why it is not going to weaken transparency. People who are not advocating for transparency are not the good guys, and their privacy concerns can be dismissed.

Friday, October 17, 2014

Holes in Networks

Thinking about holes is often the best way to understand what is going on.
The first example we usually encounter is in electricity. Suppose we have a solid with each atom holding its electrons in place. If we add an extra electron it is easy to imagine it flowing towards a positive charge (though that might be an oversimplification). But suppose there is a missing electron. The neighbour that is closest to a nearby negative charge will be the one that tends to move into the hole. This moves the hole closer to the negative charge. And so we imagine a sequence of electrons moving into the hole, so that the hole moves towards the negative charge. Well this is a simplification (since electrons are indistinguishable), and it is not the best simplification. The best simplification for human understanding is that the hole is a positive entity which flows towards the negative charge. And in fact the hole behaves for most purposes very similarly to a positively charged electron.
A rather recent example is in Computer Science. It is that you can do a formal differentiation of a type constructor and get a new type which is a one hole context for the original type. It is, in some sense, the original type but with a hole in one slot that can be filled. Dan Piponi has blogged about this (e.g. http://blog.sigfpe.com/2006/09/infinitesimal-types.html). The idea might be due to Connor McBride, but I expect that it is known earlier in related Mathematics. Anyway it seems like a very general way of traversing data structures.
It is interesting to think about economics. Consider a job vacancy. That is a hole in some sense. Indeed filling the vacancy might generate a new vacancy somewhere else, and so on, much like the electron example above. This applies to other resources, not just labour. So the need for a resource is like a hole. It increases the price which, in the short term, removes the resource from those who could barely afford it.
Does this have anything to do with differentiation? I don't know, but it is interesting to consider Steve Keene's idea: that a major driver/indicator for the economy is not the rate of change debt, but the derivative thereof. In other words the second derivative of the amount of debt.
I'm also trying to understand cohesion, as in Lawvere's article reproduced at http://ncatlab.org/nlab/files/LawvereCohesiveToposes.pdf. I don't pretend to understand it, but it is interesting the way it talks about distinguishability. This applies to resources too. People have special skills, and the economy works best when people can all be employed maximizing their skills. But we know that when things get bad then people end up in more generic jobs, like driving taxis and labouring, where individuals are less distinguishable. And something similar may apply to other resources where varied and sophisticated use of resources happens more when the economy is functioning well. We can perhaps also consider the case of ecology, where productive ecosystems have high diversity, but weedy general purpose species take over when things are bad.
All this is highly speculative, but why stop there. Here is an analogy between the economy and phases of matter.
  • When things are going well, the economy is like a liquid. In a liquid there is high interaction between the molecules, but also high mobility of molecules. We see a similar thing in the interactivity and mobility of labour and capital in the most successful economies.
  • Feudal systems are like a solid. Labour and capital are stuck in a fixed relationship to each other. This promotes specialization but without mobility the specialization is often non-optimal. Feudal societies were the home of the craft guilds.
  • Anarchic economies, when there is no effective rule of law, have plenty of mobility but too little interaction. This is like a gas.
And, as we know, you need enough pressure to get a liquid. Otherwise things sublimate directly from solid to gas. I leave the economic interpretation of that to the reader.
Anyway, getting back to subject, I think anyone thinking about the dynamic behaviour of networks should think about holes in the network. And I suspect that has something to do with differentiation (in some funny sense) and/or cohesion.