Coding Democracy: How Hackers are Disrupting Power, Surveillance and Authoritarianism

By Maureen Webb

Coding Democracy is an ambitious book that takes on a sprawling, important subject: the use of hacking to advocate for democracy and human rights in a time of increasing surveillance and anti-democratic government. Webb digs deeply into the history of the political hacking movement and the hacker culture and “hacker ethic” that propels groups like Anonymous and Germany’s Chaos Computer Club (CCC), which she covers in depth.

She establishes the clear connection between the 1960s politics of the left and the Haight-Ashbury counter-culture and the growth of hacking. Indeed, as she deftly explains, the very architecture of the Internet and much of today’s computing stack is inextricably bound up with ideals of freedom of information, personal rights and free software. In this context, the book discusses the origins, beliefs and activities of the “Cyperpunks” and comparable groups.

The book offers several clear descriptions of issues that can be amorphous and difficult to parse when discussed by lesser scholars. One of the main themes here is the quest for “transparency for the powerful; privacy for the weak.” This is a guiding principle for much of the pro-democracy hacker world. Thus, the Panama Papers are a way to make the activities of the powerful known to the public and anonymous document drops like those on The Intercept, provide privacy for those who challenge the power structure – at least in theory.

As she points out, the difficulty that arises with any principle like this are the details of how it’s actually executed. Who decides what should be public and what should be private? Should a teenage anarchist have this kind of power?

Coding Democracy is a thorough, well-written work of scholarship that should be seen as a welcome addition to a growing body of work about the relationship between computing, society and government. A lawyer, Webb is able to weave the hacker narrative into various strands of thought relating to political science, history, legislation, law enforcement, regulations, civil law, politics and ethics. In one fascinating tangent, she explores how the American revolution and the US Constitution informs the hacker ethic worldwide.

This is not a work of hagiography about hackers, but it’s clear that Webb is very enamored with the potential for code to change the world for the better. I am not so sanguine about this, and I have to confess that I am not the right reader for this book. I don’t find 1960s counterculture endlessly uplifting. I was, as a recent essay in the Washington Post poignantly put it, a child in the 1960s, not a child of the 60s.

I am The Man, a corporate fascist pig/narc/suit/square/cis-straight-Caucasian. I spent my childhood being browbeaten by self-important hippy know-it-alls, people who told me, for instance, that joining the Cub Scouts was the moral equivalent of napalming Vietnamese babies… the same privileged white people who screamed at me endlessly in college for my reprehensible whiteness. I don’t find their hacker ethic very inspiring. I find it tedious, self-absorbed and dangerously naïve.

As Webb herself points out, many of the “information must be free” ideals that shaped modern technology have made it insecure and enable bad actors to do real harm. Bitcoin, for example, which was envisioned as the sort of stateless money that would free humanity from the power of big banks, has turned into cesspool of corruption, wealth hoarding and crime. This book references so many manifestos that I became interested in writing my own manifesto – a call to arms for grown ups to force the hippy know-it-alls to confront the unintended consequences of their frequently ill-advised passion for tech freedom, but I digress…

At the same time, the pro-democracy hackers are engaging in significant, relevant fights. The battle over encryption in personal devices is one example she covers. Should Apple cave in to government demands for a “back door” into iOS? Webb’s hacker friends and organizations like the Electronic Frontier Foundation say no, and I agree with them. I don’t want Bill Barr poring over my emails, or anyone else’s.

Not all fights are so critical, though. Webb recounts many examples of what seem, at least to me, like force 5 tempests in microscopic teapots. Maybe it’s just me, but the warfare being waged online about whether you can reprogram your phone is, as Esquire’s Charles Pierce might call it, “So much inside baseball wankery.” How many people really need this, or even know about it?

As Webb further explores, not great things can transpire when people take it upon themselves to right injustices without having the intellect or moral compass required for such heady missions. Julian Assange provides a cautionary tale. He was very much of this group, but his willing, or unforgivably naïve cooption by Russian intelligence services helped deliver the Trump presidency.

Webb does point out that code alone will not make the world more democratic. She contrasts the Occupy Wall Street movement, which was partly hacker-driven, and its symbolic but more or less empty victory with a similar, but successful campaign in Barcelona, Spain. The Spanish campaign blended hacking with methodical political organizing. It resulted in tangible results: the jailing of a corrupt banker and the election of a reform-oriented mayor of the city. This is disappointing, because, like so many Americans, I wanted crooked Wall Street bankers to face accountability for their recklessness and fraud in 2007, but the Occupy movement was so comically inept and high on its own supply, it went nowhere.

By the end of the book, I felt as if I had learned a lot. A certain amount of the material went over my head. I’m not well-versed in advanced political theory. However, I couldn’t shake the feeling that although a lot of smart people are coding for democracy, democracy is still losing. Anti-democracy has some awfully good coders, too.

Amazon Link 

Postscript: I shared a draft of this review with the author. This was her note:

Code, more than law, will soon determine the kind of societies we live in, and whether they end up resembling democracies at all. But while code is shaping the future, it is incomprehensible to most people. Computer users, for the most part, are at the mercy of the code makers.

Who controls code?  A fierce struggle is taking place as corporations, states, criminal elements, and parts of civil society vie to build the coded world around us. Hackers are savants in this world. Sought after for their talents, almost folkloric in status, they’ve been recruited and reviled, celebrated and thrown into prison.

In the digital revolution that has so speedily enfeebled our democracies, Coding Democracy shows how hackers might ultimately be vital disruptors – and how “hacking” has become an ethos for a growing social movement in which ordinary citizens are taking things into their own hands when reform seems out of sight. At a time when faith in elites to govern has never been lower, hacking is inspiring a new wave of activism, a new way of thinking and acting. People are hacking, not just privacy and transparency, but business, law, property, banking, money, politics, electoral processes and democratic decision-making itself. Literally and metaphorically, they are striving to “code in” democratic outcomes where they can. This is not tech utopianism, but rather an urgently needed “upgrade” of democracy for the digital age.

The cover of The Misinformation Age: How False Beliefs Spread, which contains a drawing of the mythical jackelope, and its first chapter, which deals with the 14^th century myth of the vegetable lamb (A plant whose fruit contained baby lambs), both suggest that the problem of false beliefs is nothing new. The entire history of humanity, one might argue, has been one eternal misinformation age. Yet, as authors Cailin O’Connor and James Owen Weatherall argue, today’s misinformation age is something different.

We are at a moment in time when millions of people are passionately, sometimes violently, committed to ideas that are demonstrably false. Whether it’s wealthy liberals claiming that omega oils are good for you or angry conservatives blaming illegal immigrants for fictitious criminal acts—or a man killing 11 Jews in Pittsburgh because he believed that George Soros was paying for Mexicans to invade the United States—we can see the products of powerful misinformation at work in our society.

O’Connor and Weatherall, both philosophy of science professors at UC Irvine, show how modern misinformation works and why it is so effective. They do this through models developed to explain how scientists change their minds about research over time, based on the influence of peers in academic/social groupings. They reveal the dynamics of influence that can lead groups of scientists to change their minds or harden their views, regardless of convincing countervailing data.

The authors contrast the evolution of scientific consensus on the depletion of the ozone layer in the 1980s, where scientists came around to a previously debunked theory, with the current stalemate over global warming. In the latter case, the book shows how corporate propagandists have successfully injected accurate but distortive data into the scientific review process.

They talk about the subtle corporate campaigns to push for certainty in science versus consensus, which can make a big difference to suggestable policy makers and their voters. There is almost no scientific certainty about anything, so when the corporate propagandist demands certainty, he or she can succeed in pushing a vast amount of legitimate scientific consensus off the table. The Misinformation Age reviews the sorry history of the tobacco industry’s claims of scientific uncertainty regarding connections between smoking and cancer as an example of this practice.

The subtext of the book, and in many places the actual text, has to do with Donald Trump and the rise of irrational mass movements in America. The authors discuss the social dynamics of “alternative facts,” focusing on why what we believe depends on whom we know, and with whom we are connected on social media. Social media and modern digital journalism are what differentiate our misinformation age from the era of vegetable lambs. In this regard, the authors are fair but accurate, calling out lies and manipulations of the truth where they see them but avoiding falling into the tempting trap of propaganda themselves.

Social media groupings replicate the biased scientific peer groups of the theoretical model at light speed. People can instantly and permanently believe that the Pope endorsed Donald Trump or that Trump’s inauguration crowd was the largest in history—despite obvious evidence to the contrary. O’Connor and Weatherall also describe the power of social acceptance in persuading people to accept false information, even if they are indifferent or don’t to agree with it.

For example, membership in certain social groups in the US might demand that one declare the theory of evolution to be fake. This creates pressure for members of the group to stick with that story, even if they personally doubt it. Such a dynamic is also at work in modern political discourse, as the book deftly demonstrates.

The book itself offers an example of how an idea’s credibility is linked with the social standing of its advocates. The authors both have PhDs, degrees which are called “credentials.” The word is derived from the Medieval Latin “credentialis,” from credentia (belief) and the Latin root “credere,” which means to believe or trust. We trust the PhD, so his or her ideas carry more weight. The authors teach at a major university, which is another endorsement of their credibility. The book is published by Yale University Press, yet another significant gateway of credibility. Even if this book contained false data, one would be ready to believe it based on its structural credibility.

As one might imagine, it’s a complex topic, but O’Connor and Weatherall do a good job of keeping it within the reach of a generalist. The book features an easy style and completely lacks the sort of dense, academic writing one might expect in such a work. It’s a good read on a very important subject, definitely worth exploring.

Publisher: Yale University Press (February 18, 2020)

ISBN-10: 0300251858

ISBN-13: 978-0300251852

Stealth War: How China Took Over While America’s Elite Slept, by Gen. Robert Spalding, is a good companion to Shadow War, by Jim Sciutto. Both books offer deeply knowledgeable insights into the current conflict between the US and China. Both authors believe the US is essentially at war with China, except most of us have no idea that this war is actually occurring. It’s an odd state of affairs, but it’s very much the way international conflicts are being waged in the 21^st century.

Spalding, who served on the National Security Council (NSC) and in other national security roles, lays out a damning, and frankly terrifying overview of China’s plans to dominate the world and greatly (if not totally) reduce America’s power. He relies on publicly available documents from China (he is fluent in Mandarin) that explain China’s “Unrestricted Warfare” policy against the United States.

He describes, in harrowing detail, the myriad ways the China has undermined America’s economy and military.

He describes, in harrowing detail, the myriad ways the China has undermined America’s economy and military. He also lays out the long historical antecedents to this war, a history that the vast majority Americans do not know. As but one of many examples he shares, China manufacturers parts for the F-35 fighter. How can that happen? How can the US allow its biggest enemy to make parts for its ultra-secret weapon? It’s complicated, as you might imagine, but also extremely simple. It all comes down to money.

The book reports on case after case of American business executives, public policy “think tanks,” universities, and even elected officials who take Chinese money and then justify decisions that deprecate America’s power and increase China’s. It’s an alarming scenario: The country is being strangled on every imaginable level by a well-funded, aggressive enemy and everyone who can do anything about it has been bought off. Time after time, the US has declined to respond to attacks that are not hard to see, if you know what to look for. So, it’s not so much that America’s elites are “asleep.” They’re just getting paid to look the other way.

The book delves into cybersecurity issues, which is why I read it. From Spalding’s perspective, stealing American technology is one of the main goals of China’s aggressive cyber campaign against the US. The unrestricted warfare doctrine embraced by China’s leaders and all-power communist party, the CCP, calls for the theft of foreign technology whenever possible. The goal, of course, is to make China the world’s leading technology power.

This goal appears to be well within their reach, especially given the CCP’s unfair and dishonest practices for keeping foreign investment inside the Chinese economy. As he puts it, the CCP is getting foreign investors to fund its war machine. For example, he cites a billion-dollar bond issue from China that was a thinly masked attempt to get Americans and others to pay for construction of a nuclear aircraft carrier.

…the CCP is getting foreign investors to fund its war machine.

He also frames Chinese cyberattacks in terms of societal control. If you want to understand why China is stealing Americans’ credit scores, health records and Target purchase data, you can look to how China is now using surveillance and AI to control its own population. When, what or why this is coming to the US is a matter of speculation. But, as the Wall Street Journal recently noted, whatever the Chinese reason is for stealing Americans’ personal data, the answer cannot be good for Americans.

The book ends with a number of policy recommendations, including more comprehensive bans on Chinese 5G technology, the development of more isolated secure networks for the DoD and so forth. This is an important book, one that should have a wider audience and more publicity than it appears to be getting. Spalding believes America can reverse its course if official “take a stand.” I’m not so sanguine about that possibility. If past behavior is any guide, rich Americans who profit off China will continue to feed at the trough of bribes and easy transaction/consulting fees until it’s too late.

If you want to understand why China is stealing Americans’ credit scores, health records and Target purchase data, you can look to how China is now using surveillance and AI to control its own population.

The other worrisome thought provoked by this book is indirect. Spalding discusses the “China Shock” extensively—highlighting how China’s unfair trade practices and currency manipulation have contributed to the loss of over 5 million American manufacturing jobs. He explains how both Donald Trump and Bernie Sanders tapped into the anxiety and anger that the China Shock produced in the 2016 election. He credits Trump for taking a stand against China with his tariffs.

That is all fine, and while it may be outside the purview of a book like this, Trump’s main path to power was to blame the results of the China Shock on…. Mexicans. Whether he realizes it or not, Trump has channeled Americans’ fury at their declining economic prospects, which are largely due to China’s unrestricted war and the complicity of America’s financial elites, onto Mexican immigrants.

This is a dangerous trend in American political life. It’s also personal for me. The gunman who killed 11 of my fellow Jews in Pittsburgh last year blamed the Jews for the “invasion” of Mexican immigrants. This incident, while minor in the scheme of things, is a sign of what’s coming: American chaos and hate-filled violence as foreign aggression destroys the US economy.

Buy the book:

The Shadow War: Inside Russia’s and China’s Secret Operations to Defeat America, by Jim Sciutto, is arguably the most important book of the year, if not the decade. As a CNN anchor and the network’s Chief National Security Correspondent, Sciutto has the kind of high-level access—and perspective—to see the big picture regarding threats to the United States. He doesn’t waste any time in sounding the alarm about the risks this country faces from two determined, well-organized and effective geopolitical adversaries.

Without resorting to hype or histrionics, Sciutto takes the reader through Russia’s long history of disruption campaigns aimed at weakening other nations. He then methodically explores China’s relentless, incremental drive to steal America’s technology advantage and push the US out of what it considers its sphere of influence in the Western Pacific.

Without resorting to hype or histrionics, Sciutto takes the reader through Russia’s long history of disruption campaigns aimed at weakening other nations.

He explains the “win without fighting” ethos of this asymmetrical form of warfare. And yes, as he describes, the US is at war. It’s just a war that US leadership can’t quite see or admit is happening. Sciutto is respectfully critical of the lackluster responses of both the Obama and Trump administrations in responding to increasingly brazen attacks.

This book is only partly about cyberthreats, though it goes into depth on Russia and China’s cyber campaigns. In the case of Russia, he covers election interference and comparable disruptions. Sciutto shares the little-known (at least here) Russian cyberattack on Estonia in 2007. The events in Tallinn provide an eerie foreshadowing of exactly what we’re going through today. The only difference is the technology, which is now radically more advanced and harder to stop.

…arguably the most important book of the year, if not the decade

Sciutto probes the matter of China’s theft of digital design plans for the Boeing C-17 and Lockheed F-35 fighter. He’s willing to call out what he sees as aggressive, destructive espionage. In so doing, he’s implicitly negating the suspicious minimizing of this story by the US government.

Shadow War then outlines the military actions of Russia, and especially China that comprise the strategic elements of the conflict. He goes in a submarine under the Arctic ice, where Russia is staging its next moves. He flies with the US Navy in a spy plane over disputed man-made islands in the South China Sea. He takes a hard look at US vulnerabilities in space.

He deftly explains, our adversaries are pushing matters right to the edge of actual combat.

In each case, as he deftly explains, our adversaries are pushing matters right to the edge of actual combat. In so doing, they appear to press the US into a position where it can either respond with force or pull back. As he shows, the US has pulled back, either out of a desire to avoid a catastrophic incident, a misreading of the situation or from trusting enemies who have not acted in any way that earns such trust.

He concludes the book with a number of thoughtful policy suggestions that could put the US on a firmer footing to fight the shadow war without igniting a real global war. None of them will be easy to implement, but I agree with the author’s assertion that they are essential to avoid defeat in this new, perplexing form of international conflict.

Book link: https://www.amazon.com/Shadow-War-Russias-Operations-America/dp/0062853643/ref=sr_1_1?keywords=The+Shadow+WAr&qid=1572427900&sr=8-1

Details

Hardcover: 320 pages

Publisher: Harper (May 14, 2019)

ISBN-10: 0062853643

ISBN-13: 978-0062853646

I have to confess that I was somewhat skeptical about The Digital Big Bang: The Hard Stuff, the Soft Stuff, and the Future of Cybersecurity by Phil Quade. The book consists of chapters contributed by a variety of prominent industry professionals. I am not a big fan of the contributed chapter approach to book writing. However, my skepticism proved to be misplaced.

Quade, who serves as CISO of Fortinet (NASDAQ: FTNT), the multi-faceted, multi-billion-dollar cybersecurity vendor, has achieved something that many seek, but few deliver: true thought leadership. The book reads like the print version of a great cybersecurity conference. You get to hear real insights from extremely knowledgeable and experienced industry experts.

Quade’s premise, that the Internet and its security problems can be likened to the “big bang” theory of the universe, is a bit TED-talkish, but he has a significant and relevant point to make. The Internet, and modern computing in general, comprise a categorically different entity from anything that came before it. It moves at a higher speed, and offers more connectivity, than any invention in human history. Therefore, it does not work well with old models of security. Rather, being secure requires a scientific approach.

To bolster his hypothesis, Quade enlists contributions from senior security executives at companies like AT&T, Intuit and Booz Allen Hamilton. The more than 20 chapters written by Quade’s colleagues articulate the many ways cybersecurity has succeeded, and failed, to achieve the scientific success highlighted by Quade. They cover topics like authentication, cryptography, access control, visibility and inspection.

The book succeeds in blending effective explanations of major issues in cybersecurity and practical approaches to addressing risk. It contains thought-provoking discussions of the limits of the most current countermeasures. For example, the chapter on cryptography lays out the risks of poor cryptography implementation. This was a revelation for me, and it underscores how fragile many seemingly bulletproof security tools can be.

“The Digital Big Bang” also highlights the human factor in cybersecurity. From the start, Quade emphasizes the fundamental, human-based design flaw in the Internet—that it was built for a group of known, trusted people, but then exploded into public use with little thinking about the risks of that move. His contributors also delve into the organizational (human) challenges in implementing security policies. For example, as his contributor notes, network segmentation is only slightly about networks. It’s largely an organizational change management issue, with all the attendant political hassles and challenges that brings up.

This book would be an instructive read for a business manager who wants to get a feel for the range of issues that arise in cybersecurity. It would also be useful to an IT person who may want to get a broader view of the cybersecurity field. It’s well-written throughout, which is also a pleasant surprise for a book with so many contributors.

Publication Date: August 6, 2019

Sold by: Amazon Digital Services LLC

Language: English

ASIN: B07WDJV73P

ISBN-13: 978-1119617365

ISBN-10: 1119617367

Book Review:

Cyberspace in Peace and War

By Martin C. Libick

ISBN-13:9781682470329

US Naval Institute Press

Cyberspace in Peace and War, written by Martin C. Libicki, a professor of cyber security studies at the US Naval Academy, takes on an ambitious assignment. The book sets out to provide the reader with a comprehensive overview of cyberwar from the perspectives of technology and military strategy. Libicki succeeds in this, offering a remarkably thorough look at a complex set of issues.

Libicki leads off with a meticulously sourced review of how cyberattacks work and proceeds to define the main approaches to cyberdefense. He then delves into the thorny discussion of what the government should or should do about the problem. From there, Libicki undertakes an extensive exploration of the various ways that military can approach cyberwar—from both defensive and offensive points of view.

He differentiates, for example, between strategic and operational cyberwar. The book also gets into a debate lurking beneath the surface of many cyberwar dialogues: the divergence between the disorganized world of hackers and the needs of the military to “professionalize” cyberwar. He also looks at the challenges of mounting an offensive cyberwar campaign in actual war conditions, e.g. being able to time an attack and determine odds of success.

Libicki writes very well. Even though there is a massive amount of material to cover, it’s relatively easy to read. He avoids lapsing into the opaque, insiders-only DoD-speak that can sometimes arise in this kind of discussion.

The only limitation in this book is Libicki’s occasional tendency to take refuge in theory on issues where actual events seem to suggest that the theories don’t reflect reality. He’s very enamored of air gaps, for example, which are not as effective as people want them to be. He also repeatedly offers the insight that cyberattacks are usually short-lived and easy to recover from, which is true, but misses the point a great deal of the time. The hack of the DNC email server, for instance, was a very minor hack, but it changed the course of American history.

That said, what Libicki has accomplished here is to set out a rich array of policy discussions. He enables the reader to appreciate the multiple points of view that can arise on any given cyber war issue. One may not agree with him, but he’s showing you the contours of the policy argument. By combining thoroughness, good writing style and encyclopedic knowledge of the policy issues, Libicki has rendered a great service to anyone in a military or policy making position who wishes to gain a better understanding of what’s happening in cyberspace in peace and war.