Financial Cryptography

SEC bans illegal activity then permits it...

Whoops:

SEC Spares Market Makers From `Naked-Short' Sales Ban

July 18 (Bloomberg) -- The U.S. Securities and Exchange Commission exempted market makers in stocks from the emergency rule aimed at preventing manipulation in shares of Fannie Mae, Freddie Mac and 17 Wall Street firms.

The SEC granted relief for equity and option traders responsible for pairing off orders from a rule that seeks to bar the use of abusive tactics when betting on a drop in share prices. Exchange officials said limits on ``naked-short'' sales would inhibit the flow of transactions and raise costs for investors.

``The purpose of this accommodation is to permit market makers to facilitate customer orders in a fast-moving market,'' the SEC said in the amendment.

A reader writes: "that lasted what, 12 hours ?" I don't know, but it certainly clashes with the dramatic news of earlier in the week from the SEC, as the Economist reports:

Desperate to prevent more collapses, the main stockmarket regulator has slapped a ban for up to one month on “naked shorting” of the shares of 17 investment banks, and of Fannie Mae and Freddie Mac, the two mortgage giants. Some argue that such trades, in which investors sell shares they do not yet possess, make it easier to manipulate prices. The SEC has also reportedly issued over 50 subpoenas to banks and hedge funds as part of its investigation into possibly abusive trading of shares of Bear Stearns and Lehman Brothers.

Naked selling is technically illegal but unenforceable. The fact that it is illegal is a natural extension of contract laws: you can't sell something you haven't got; the reason it is technically easy is that the markets work on delayed settlement. That is, all orders to sell are technically short sales, as all sales are agreed before you turn up with the shares,. Hence, all orders are based on trust, and if your broker trusts you then you can do it, and do it for as long as your broker trusts you.

"Short selling" as manipulation, as opposed to all selling, works like this: imagine I'm a trusted big player. I get together with a bunch of mates, and agree, next Wednesday, we'll drive the market in Microsoft down. We conspire to each put in a random order for selling large lumps of shares in the morning, followed by lots of buy orders in the afternoon. As long as we buy in the afternoon what we sold in the morning, we're fine.

On the morning of the nefarious deed, buyers at the top price are absorbed, then the next lower price, then the next ... and so the price trickles lower. Because we are big, our combined sell orders send signals through the market to say "sell, sell, sell" and others follow suit. Then, at the pre-arranged time, we start buying. By now however the price has moved down. So we sold at a high price and bought back at a lower price. We buy until we've collected the same number we sold in the morning, and hence our end-of-day settlement is zero. Profit is ours, crack open the gin!

This trick works because (a) we are big enough to buy/sell large lumps of shares, and (b) settlement is delayed as long as we can convince the brokers, so (c) we don't actually need the shares, just the broker's trust. Generally on a good day, no more than 1% of a company's shares move, so we need something of that size. I'd need to be very big to do that with the biggest fish, but obviously there are some sharks around:

The S&P500 companies with the biggest rises in short positions relative to their free floats in recent weeks include Sears, a retailer, and General Motors, a carmaker.

Those driven by morality and striven with angst will be quick to spot that (a) this is only available to *some* customers, (b) is therefore discriminatory, (c) that it is pure and simple manipulation, and (d) something must be done!

Noting that service of short-selling only works when the insiders let outsiders play that game, the simple-minded will propose that banning the insiders from letting it happen will do the trick nicely. But, this is easier said than done: selling without shares is how the system works, at its core, so letting the insiders do it is essential. From there, it is no distance at all to see that insiders providing short sales as a service to clients is ... not controllable, because fundamentally all activities are provided to a client some time, some way. Any rule will be bypassed *and* it will be bypassed for those clients who can pay more. In the end, any rule probably makes the situation worse than better, because it embeds the discrimination in favour of the big sharks, in contrast to ones regulatory aim of slapping them down.

Rules making things worse could well be the stable situation in the USA, and possibly other countries. The root of the problem with the USA is historical: Congress makes the laws, and made most of the foundational laws for stock trading in the aftermath of the crash of 1929. Then, during the Great Depression, Congress didn't have much of a clue as to why the panic happened, and indeed nobody else knew much of what was going on either, but they thought that the SEC should be created to make sure it didn't happen again.

Later on, many economists established their fame in studying the Great Depression (for example, Keynes and Friedman). However, whether any parliament in the world can absorb that wisdom remains questionable: Why should they? Lawmakers are generally lawyers,and are neither traders nor economists, so they rely on expert testimony. And, there is no shortage of experts to tell the select committees how to preserve the benefits of the markets for their people.

Which puts the lie to a claim I made repeatedly over the last week: haven't we figured out how to do safe and secure financial markets by now? Some of us have, but the problem with making laws relying on that wisdom is that the lawmakers have to sort out those who profit by it from those who know how to make it safe. That's practically impossible when the self-interested trader can outspend the economist or the financial cryptographer 1000 to 1.

And, exactly the same logic leads to the wide-spread observation that the regulators are eventually subverted to act on behalf of the largest and richest players:

The SEC’s moves deserve scrutiny. Investment banks must have a dizzying influence over the regulator to win special protection from short-selling, particularly as they act as prime brokers for almost all short-sellers...

The SEC’s initiatives are asymmetric. It has not investigated whether bullish investors and executives talked bank share prices up in the good times. Application is also inconsistent. ... Like the Treasury and the Federal Reserve, the SEC is improvising in order to try to protect banks. But when the dust settles, the incoherence of taking a wild swing may become clear for all to see.

When the sheepdog is owned by the wolves, the shepherd will soon be out of business. Unlike the market for sheep, the shareholder cannot pick up his trusty rifle to equalise the odds. Instead, he is offered a bewildering array of new sheepdogs, each of which appear to surprise the wolves for a day or so with new fashionable colours, sizes and gaits. As long as the shareholder does not seek a seat at the table, does not assert primacy over the canines, and does not defend property rights over the rustlers from the next valley, he is no more than tomorrow's mutton, reared today.

BarCampBankLondon: alternative finance workshop

Thomas Barker sends this press release:

Innovators Gather in the City to Set Shape for Future of Finance

Contact: Thomas Barker
Email: tbarker(at)barcampbank[..]org

LONDON, UK, Monday June 2nd, 2008 - On Saturday July 5th, 2008, one of the most unusual conferences in the financial services industry, BarCampBankLondon (BCBL), will get underway at 9:30 AM near the heart of the City. BCB London follows the success of previous BarCampBanks in Paris, Seattle, San Francisco, New Hampshire and New York City. Ranging from interested students, to banking executives, to VCs, startup founders and internet technologists. BCBL is a forum where participants from diverse backgrounds can get together to discuss topics impacting the industry. It will attract thought leaders and innovators from as far away as America for an intense day of discussions on the future of financial services.

Event co-founder, Frederic Baud said "We wanted to get away from the typical event where a group of senior executives listen to PowerPoint slides and exchange business cards. This is really about getting together people who share a genuine interest in building the future." The event has no set speakers, agenda or sales pitches and getting in the door will only set you back £10. To ensure that the event is relevant to all those attending, the agenda will be discussed online (http://barcamp.org/BarCampBankLondon), then set by the participants on the morning of the event.

It might seem strange that an event like this has taken so long to reach London, a city often considered to be the global financial hub. Another organizer, Thomas Barker said "People might not immediately think of London as a tech cluster. But walking around the City, you can see hundred of software firms nestled in among the banks and lawyers. There's a lot happening here". So far, BCBL intends to discuss the topics of P2P lending, startup financing, mobile banking, personal finance management and micro-finance amongst others.

To attend BCBL, register online at http://bcblondon.eventbrite.com/ .

Sun Microsystems are generously hosting BCBL in their City offices. The event, which is organized by volunteers, welcomes participation from anyone who would like to help with logistics or spreading the word. Interested parties can contact Thomas Barker at tbarker [at]barcampbank,org, or Antony Evans at Antony (At) thestartupexchange D0t com.

About BarCampBank:

The aim of BarCampBank is to foster innovation and the creation of new business models in the world of banking and finance. The next BarCampBank after London will be held in Charleston, USA. For more information, please contact George Pasley at gpasley att gmail d0T com . The following one will be held in Vancouver, Canada. For more information, please contact Tim McAlpine at tmcalpine (a) currencymarketing AT ca .

# # #
If you'd like more information about his event, please contact Thomas Barker (contact information above) or Antony Evans (Antony _Att_ thestartupexchange . com)

Posted by iang at 06:54 AM | Comments (1) | TrackBack

What is Apple doing with the iPhone?

Bruce Schneier has a good article from the technical side of "lock-in" in this month's Crypto-gram. If you wish to understand the forces on technology suppliers like Apple, it is a good read. It finishes with:

As for Apple and the iPhone, I don't know what they're going to do. On the one hand, there's this analyst report that claims there are over a million unlocked iPhones, costing Apple between $300 million and $400 million in revenue. On the other hand, Apple is planning to release a software development kit this month, reversing its earlier restriction and allowing third-party vendors to write iPhone applications. Apple will attempt to keep control through a secret application key that will be required by all "official" third-party applications, but of course it's already been leaked.

And the security arms race goes on...

What Apple are doing is neither full lock-in nor full open. That's the confusion. Why?

The answer is from marketing, and more specifically, the product life cycle or product roll-out economics. Let's assume that there is no competition for the iPhone (as this makes it easier to model).

In a rollout of a new innovation, there is a huge problem with market understanding. The product can't sell because nobody understands what it is about. So the need is critical for what is called "early adopters" which are the relatively clever, relatively rich people who buy any toy for the fun of it, and for the "first on the block" effect. These are around 1-3% of the market, depending.

Then, these early adopters will, if the product is any good, sell it to the rest of the people around them. Your sales force is your early adopters. So this means it is critical to please the early adopters, because without them, the product won't sell.

Who are the early adopters for any new and expensive phone? Phone hackers is one good answer. (Business geeks is another.) People who hack phones won't achieve too much but they tend to be quite influential as their sex-appeal is high to the media and their knowledge is wisdom to the public. Their enthusiasm sells phones.

The challenge for Apple is revealed. They have to attract the hackers, but not so much as to lose control. The mass market wants lock-in because they want a simple solid product with few choices. The early adopters want open, the reverse. Apple therefore walks the line between the two.

So far successfully. Of course, this whole model gets much more complicated when there are competitors, which is why watching the google phone and the gnu designs are interesting ... there you will see the Apple model being challenged.

But for now, it is fairly clear that this is the strategy that Apple is following. And, in the future, Apple will simply wind the lock up a bit. Not fast, just fast enough to keep the mass market locked in, and the early adopter enthusiasm keen.

It's good stuff, my hat off to Apple, this is what strategic marketing is all about. The only thing better than watching a great strategy unroll is creating one :)

Zopa and Listed Loans

Zopa has a new service that looks like you can post your ideal loan and get people to contribute. I'm not sure how this makes it different to its previous offerings (which would be probably obvious if I followed the site more closely) but it is curious to look at.

Apparently, being an Elvis fan is a key advantage in getting loans. One muses that social anthropologists are going to have fun comparing the public's preferences to those of banks.

From an FC perspective, we can see the same thing as over at other leading edge offers of payment systems and applications such as Second Life. By aggregating enough of the FC space within the offering, the cohesive application emerges, but the limits to scaleability are clear. OTOH, the emergence of strong pure-play FC players pretty much failed due to the various barriers, so it may be that this is the way forward.

Today's pop quiz: knowing what we know today, would we start again with a pure-play FC provider or a totally aggregated and simplified top-to-bottom application? A simplified way of looking at this question is whether we would go for a pure payments system, say for games, or rather build a game with integrated accounts?

Back to Zopa's market. Another issue (and many such remote microfinance concepts) is that although it can benefit from the Internet's disintermediation of banks, it can't necessarily compete against the banks' superior knowledge of the borrower. This was a core advantage of Grameen's _5 local women_ approach, something also seen in the social insurance industry (getting health insurance for a group is much easier than for an individual). Even though the risk is shared across the lenders, in theory at least, the borrower knowledge is an advantage that the banker maintains.

The alternative to FC is unprintable - Ahmadinejad and capital markets

Sometimes someone writes a sweeping article that just happens to include why Financial Cryptography is so important, and also so misunderstood. Here's an article by Reuven Brenner (posted by RAH):

What happens when societies either do not have or destroy their financial markets? Even today very few societies have developed the institutions that can enable the development of deep financial markets - a solid legal infrastructure and free media among them. In this scenario, most people wanting access to capital have no other option but to turn to government, which will raise the money - either through taxes or borrowing - and then distribute it.

FC at its core is about all forms value. That means markets, and the forms of markets that FC just happen to excel in are capital markets.

The alternative to access to capital (in other words, FC) is unprintable, at least on this forum, as we are sensitive to the reader's desires for a cosy Sunday and our own desire to believe we are doing the right thing.

Frederich Hayek called it the Fatal Conceit, and Muhammad Yunus showed how it caused poverty. Maggie Thatcher didn't hand it over to Brussels, and more recently, Hernando de Soto said that the Mystery of Capitalism was why they don't have it and we do.

Wherever you stand on mad mullahs, the rise of totalitarianism, wars over trade or gun-ship diplomacy, we would all be well served by liquid markets for capital in emerging markets. This seems to trump everything, or have I missed something?

---

The National Review

December 19, 2006, 8:42 a.m.

The Economics of the Rise of Ahmadinejad

Capital markets (or their absence) are central to the emergence of evil and the one-party state.

By Reuven Brenner

When Iranian President Mahmoud Ahmadinejad visited the U.S. recently, he didn’t say explicitly that the Holocaust was a myth. Instead he asked why so much emphasis is put on the 6 million Jews who died during WWII rather than the 60 million people who perished during the conflict. Then, at a Tehran conference where Holocaust deniers congregated with Orthodox rabbis who apparently believe the state of Israel should not exist, Ahmadinejad offered a message satisfying each camp. He told the delegates that the Holocaust should be questioned and that Israel’s days are numbered.

One wonders, with the terrible lessons of 20th century totalitarianism still so ripe, how history could repeat itself so blatantly and so soon. I hold that the answer lies in just how one-party states such as modern Iran emerge, and of what happens when the access to capital is limited within societies.

Of course, the systematic extermination of the Jews started in the early 1930s. By then, Germany had rebuilt itself from the ruins of WWI and the devastating hyperinflation of the 1920s into a powerful, educated, industrialized nation, where science and technology thrived. True, all this occurred within a one-party state. Yet, if such apparent prosperity can lead to murderous instincts not being suppressed, where is the advantage of Western Civilization, which is built on the concept of prosperity? In a recent op-ed in the Wall Street Journal, Mark Bowen asked, Why is the Holocaust haunting the collective memory of the West? Bowen concluded, “what the Holocaust demonstrates is the danger of a one-party state.”

This conclusion is partially correct, but it begs the question: How did Germany get from the Weimar Republic, a democracy, to the one-party state? And why did the Germans tolerate such a state and accept its murderous ideology? Whether the Germans agreed deep down with Hitler & Co. is irrelevant. Actions — or, in this case, the lack of actions — matter.

During the 1920s, Germany, Austria, Hungary, Poland, and Russia each printed money with abandon. This brought about hyperinflation, which weakened or destroyed the capital markets in these countries. Banks failed, markets crashed, unemployment rose, and the middle classes lost their lifetime savings.

People want to live first and philosophize a bit later. With their savings gone, these Europeans turned to two other ways of accessing capital: government and crime. Predictably, each of these countries moved toward centralization — that is, government become the main financial intermediary.

When the citizens of these countries looked abroad, there was little to admire. England and the U.S. were each suffering through depressions (in the U.S., due to mistaken fiscal and monetary policies). These governments too moved toward centralization, though to a much different degree. Up sprung the jargon of “public works” and, eventually, the Keynesian term “aggregate demand.” Here the governments also would become intermediaries, charged with raising and then allocating capital. Importantly, however, this was done without England or the U.S. ever becoming one-party states.

Power is dispersed within democracies, and democracies are always weakened when more money flows through government hands. This is true even when the facade of democracy persists. When more capital sifts through the government, more groups depend on government handouts and have less access to sources of capital that are independent from the ruling political parties. But the U.K. and the U.S. retained many more independent sources of capital than did Germany, Austria, Hungary, or Russia during the 1930s.

The dangers come when a country either does not develop its capital markets or destroys them on purpose or inadvertently. When this is the case, the chances of one party taking power and imposing its ideology increase.

Conversely, when capital markets are opened, the risk that one-party states will emerge diminishes. As independent sources of capital surface, political power is dispersed and lasting prosperity follows. Thus, it is a mistake to promote democracy without first establishing the ground for letting people have access to capital and collateral — or at least coordinating such access with political change. After all, prosperity is the result of matching people with capital, while holding both sides accountable.

What happens when societies either do not have or destroy their financial markets? Even today very few societies have developed the institutions that can enable the development of deep financial markets — a solid legal infrastructure and free media among them. In this scenario, most people wanting access to capital have no other option but to turn to government, which will raise the money — either through taxes or borrowing — and then distribute it.

That’s how one-party states such as Ahmadinejad’s Iran emerge: People bet on crazy ideologies when their customary ways of living suddenly crumble and capital markets close. Capital markets are the unique feature of the West, and their democratization is the key to the civilizing process and the best insurance against the emergence of one-party states. Indeed, that’s what the U.S. should have been “exporting” all along in the Middle East, coordinating the promotion of capital markets with the necessary political changes in Iraq.

— Reuven Brenner holds the Repap chair at Desautels’ Faculty of Management, and is partner in Match Strategic Partners. The article draws on his books Force of Finance (2002) and History: The Human Gamble (1983).

The Big Shift in Voice -- the deadly embrace of handset manufacturers and telcos

In the sometimes related world of mobile telephony, Dave challenged an off-the-cuff prediction:

"The reason for this is that there are enough rebel handset manufacturers out there now"

I'm curious about this Ian, could you expand a little? Because of the way the market works, the handset manufacturers sort of have to work with the operators who subsidise their handsets. Won't this serve to limit what "rebel" handset manufacturers can do?
Posted by: Dave Birch at September 20, 2006 04:36 PM

In today's Lynngram, finally, an answer worth posting in this article, VoIP revolution leaves US behind:

Nokia's decision to include a SIP stack in its E-series Symbian phones has created a small explosion of start-up service providers. Kinks abound - and the number of devices available on the market is still limited - but the benefits are tangible. As I noted yesterday, since trialling VoIP on Symbian a month ago I haven't used any cellular minutes at home - except by accident.

Forget the US part of the article, look at what Nokia is doing (this rumour has been around for some time). Basically they are shifting themselves to a supplier of handsets to the people ... and making the telcos realise their optional position in the new world order.

The other rumour I heard was that it is now possible to buy in reasonable numbers (like a thousand) handsets for $20 unit cost from Asia. That is, if you have a need for a particular phone, you can get it custom made for reasonable costs. Want Skype? $20. Want SIP? Same thing ... Want WebFunds? Where's your code... (now think hard about what the article says about Symbian!)

Put it all together: Internet, VoIP, Skype and maybe even SIP, are starting to bite. The old dual cartel of handset manufacturers and telcos starts to look like a deadly embrace, one which Nokia at least is trying to exit before the end result.

The Last Link of Security

Vlad Miller writes from Russia (translated by Daniel Nagy):

We can invent any algorithm, develop any protocol, build any system, but, no matter how secure and reliable they are, it is the human taking the final decision that remains the last link of security. And, taking into account the pecularities of human nature, the least reliable link, at that, limiting the security of the entire system. All of this has long been an axiom, but I would like to share a curious case, which serves as yet another confirmation of this fact.

We all visit banks. Banks, in addition to being financial organizations attracting and investing their clients' funds, are complex systems of informational, physical and economic defenses for the deposited cash and account money. Economic defenses are based on procedures of confirming and controlling transactions, informational defenses -- on measures and procedures guarding the information about transactions, personal, financial and other data, while physical defenses comprise the building and maintenance of a secure physical perimeter around the guarded objects: buildings, rooms and valuable items.

Yet, regardless of the well-coordinated nature of the whole process, final decisions are always taken by humans: the guard decides whether or not to let the employee that forgot his ID through the checkpoint; the teller decides whether a person is indeed the owner of the passport and the account he claims to own; the cashier decides whether or not there is anything suspicious in the presented order. A failure can occur at any point, and not only as a consequence of fraudulent activities, but also due to carelessness or lack of attention on the part of the bank's employee, a link of the security system.

Not too long ago, I was in my bank to deposit some cash on my account. The teller checked my passport, compared my looks to the photo within, took my book and signed a deposit order for the given amount. The same data were duplicated in the bank's information system and the order with my book were passed on to the cashier. Meanwhile, I was given a token with the transaction number, which I should have presented to the cashier so that she could process the corresponding order. Everybody is familiar with this procedure; it may differ a bit from bank to bank, but the general principles are the same.

Walking over to the cashier, I have executed my part of the protocol by handing over the token to the cahsier (but I did not put the cash into the drawer before having been asked to do so). She looked at my order, affixed her signature to it and to my book and ... took a few decks of banknotes out of the safe and started feeding them to the counting machine. I got curious how long it would take for the young lady to realize the error in her actions, and did not interrupt her noble thrust. And only when she turned around to put the cash into the drawer did I delicately remark that I did not expect such a present for March 8 and that I came to deposit some cash, not to withdraw. For a few seconds, the yound lady gave me a confused look, then, after looking at the order and crossing herself, thanked me for saving her from being fired.

The banking system relies a great deal on governmental mechanisms of prevention, control and reaction. Had I not, in computer-speak, interrupted the execution of the miscarried protocol, but instead left the bank with the doubled amount of money, it would not have lead to anything except for the confiscation of the amount of my "unfounded enrichment". The last link of security is unreliable: it fails at random and is strongly vulnerable to various interferences and influences. This is why control and reaction are no less important than prevention of attacks and failures.

Universal Music throws in the towel, price of music drops to $0.00

Universal Music has announced it is moving its catalogue to a "free with adverts" model:

Backed by Universal, Spiralfrog will become one of the first sites to offer free music legally. Fans will be able to download songs by the record company's roster of artists, including U2, Gwen Stefani and The Roots.

The service - which will be supported by advertising, unlike other legal download sites that charge for music - will launch in the US and Canada from December. It will become available in Europe in early 2007.

If the business succeeds, that will be the new standard price. If it fails, then it will take another year or two, I would predict, before the price goes back down to $0 (in delicious irony, the above article is now only available for a pound!).

There are a few reasons to believe that the business may not succeed -- massive lobbying by the others, duff selection, lousy adverts and plenty of time before now and then -- so this is a non-trivial question. Here's another reason:

Josh Lawler, a US-based music industry legal specialist, said news of the new service was "inevitable". He said questions over how artists would be paid may make some reluctant to agree to the free service. "SpiralFrog will have to find a way to pay artists from the advertising dollars they are generating," he added. "But they're not necessarily going to know how many advertising dollars there are and so some artists are going to be hesitant about it."

Here's my favourite quote, from a HMV rep who otherwise was quite positive (pay a pound for thereference) :

"What is a little concerning is that for a long time now, the trade body, BPI, has been anxious to put across an anti-illegal or piracy message, which suggests that music is of intrinsic value and people should be prepared to pay for it, so this may give a conflicting, mixed signal."

There's nothing "conflicting, mixed" about free. To see why this was inevitable:

"A report published last month by the International Federation of Phonographic Industries (IFPI) claimed 40 illegal downloads were made for every legal one in the US. The ratio, believed to be much the same in the UK,"

Now, I don't believe those numbers, necessarily, as I doubt the IFPI even bothered to pretend they weren't exaggerating. But even if in the ballpark, the amount of sharing dominates any other use, including practically everything else that isn't to do with music. If you believe the ISP grumbles, that is.

Time for a new model - the physics is the reality, the economics is the deal, and the legal stuff just has to keep up. BigMac suggests Pandora's Music Genome Project.

Another great quote:

"The US radio industry generates $20 billion a year in revenue and they give the product away for free," he said. "Record labels generate $12 billion a year and they sell their product."

Here's some clues on the new model:

Users can download an unlimited number of songs or music videos if they register at the site and watch online advertisements.

The tracks cannot be burned to a CD, but users will be able to transfer music to portable media players equipped with Microsoft Windows digital rights management software, Ford said. However, the service will not work with Apple Computer's computers or its iPod music players.

Funny source for the nitty gritty!

Oh, I forgot to mention -- what's the nexus with FC? That's easy -- all those payment systems that were banking on micropayments from music downloads can close up shop. They should have studied more economics and less marketing.

2nd addition, to stress the move to $0 content:

Sony to buy Sausalito's Grouper

Sony Pictures is expected to announce today that it has acquired Sausalito Internet video-sharing company Grouper for $65 million.

Teaming up with Sony further highlights the role amateur videos -- and the companies that host them -- are having in changing the Hollywood landscape.

Traditional entertainment companies are working with Silicon Valley start-ups to navigate a new, on-demand entertainment world. Tuesday, the popular video-sharing site YouTube announced a new video advertising platform, and its first client is Warner Bros., which is promoting Paris Hilton's debut album.

Grouper's technology allows a user to easily take a video from its site and post it on third-party sites such as a MySpace or Blogger page. Its videos can also be watched on devices other than your personal computer, such as a video iPod.

For more naysaying, see BigPicture as suggested by Frank in comments below.

Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure.

In talking with Hagai, it was suggested that I try using the TLS/IMAP capabilities of Thunderbird, which I turned on (it's been a year or two since the last time I tried it). Unfortunately, nothing happened. Nothing positive, nothing negative. Cue in here a long debate about whether it was working or not, and how there should be a status display, at least, and various other remedies, at most.

A week later, the cleaning lady came in and cleaned up my desk. This process, for her, also involves unpowering the machine. Darn, normally I leave it on for ever, like a couple of months or so.

On restarting everything, Thunderbird could not connect to the mail servers. Our earlier mystery is thus resolved - the settings don't take effect until restart. Doh!

So, how then did Thunderbird handle? Not so well, but it may have got there in the end. This gives me a change to do a sort of case study in 1990s design weaknesses, a critique in (un)usability, leading to design principles updated for this decade.

To predict the punch line, the big result is that there should only be one mode, and it should be secure. To get there more slowly, here's what I observed:

Firstly, Thunderbird grumbled about the certificate being in the wrong name. I got my negative signal, and I knew that there was something working! Hooray!

But, then it turned out that Thunderbird still could not connect, because "You have chosen secure authentication, but this server does not offer it. Therefore you cannot log in..." Or somesuch. Then I had to go find that option and turn it off. This had to be done for all mail accounts, one by one.

Then it worked. Well, I *guess* it did... because funnily enough it already had the mail, and again had not evidenced any difference.

Let's break this up into point form. Further, let's also assume that all competing products to be as bad or worse. I actually *choose* Thunderbird as my preferred email client, over say Kmail. So it's not as bad as it sounds; I'm not "abandoning Thunderbird", I'm just not getting much security benefit from it, and I'm not recommending it to others for security purposes.

1. No caching of certs. There is no ability to say "Yes, use that cert for ever, I do know that the ISP is not the same name as my domain name, dammit!!!!" This is an old debate; in the PKI world, they do not subscribe to the theory that the user knows more than any CA about her ISP. One demerit for flat earth fantasies.
2. No display anywhere that tells me what the status of the security is. One demerit. (Keep in mind that this will only be useful for us "qualified cryptoplumbers" who know what the display means.)
3. I can choose "secure authentication" and I can choose "secure connection." As a dumb user, I have no idea what that means, either of them. One demerit.
4. If I choose one of those ON, and it is not available, it works. Until it doesn't -- it won't connect at some later time and it tells me to turn it off. So as a user I have a confusing choice of several options, but ramifications that do not become clear until later.

   Another demerit: multiple options with no clear relationship, but unfortunate consequences.

5. Once it goes wrong, I have to navigate from a popup telling me something strange, across to a a series of boxes in some other strange area, and turn off the exact setting that I was told to, if I can remember what was on the popup. Another demerit.
6. All this took about 5 minutes. It took longer to do the setting up of some security options than it takes to download, install, and initiate an encrypted VoIP call over Skype with someone who has *never used Skype before*. I know that because the previous night I had two newbies going with Skype in 3 minutes each, just by talking them through it via some other chat program.
7. Normal users will probably turn it all off, as they won't understand what's really happening, and "I need my mail, darnit!"

   (So, we now start to see what "need" means when used by users... it means "I need my email and I'll switch the darned security rubbish off and/or move to another system / supplier / etc.)

8. This system is *only useable by computer experts.* The only reason I was able to "quickly" sort this out was because I knew (as an experienced cryptoplumber) exactly what it was trying to do. I know that TLS requires a cert over the other end, *and* there is a potential client-side cert. But without that knowledge, a user would be lost. TLS security as delivered here is a system is not really up to use by ordinary people - hence "brittle."

We can conclude that this is a nightmare in terms of:

• usability.
• implementation.
• design.
• standards.

Let's put this in context: when this system was designed, we didn't have the knowledge we have now. Thunderbird's security concept is at least 3 years old, probably 8-10 years old. Since those years have passed, we've got phishing, usability studies, opportunistic crypto, successful user-level cryptoapps (two, now), and a large body of research that tells us how to do it properly.

We know way more than we did 3 years ago - which was when I started on phishing. (FTR, I suggested visit counts! How hokey!)

Having got the apologies off our chest, let's get to the serious slamming: If you look at any minor mods to the Thunderbird TLS-based security, like an extra popup, or extra info or displays, you still end up with a mess. E.g., Hagai suggested that there should be an icon to display what is going on - but that only helps *me* being an experience user who knows exactly what it is trying to tell me. I know what is meant by 'secure authentication' but if you ask grandma, she'll offer you some carrot cake and say "yes, dear. now have some of this, I grew the carrots myself!"

(And, in so doing, she'll prove herself wiser than any of us. And she grows carrots!)

Pigs cannot be improved by putting them in dresses - this security system is a pig and won't be improved by frills.

The *design* is completely backwards, and all it serves to do is frustrate the use of the system. The PKI view is that the architecture is in place for good reasons, and therefore the user should be instructed and led along that system path. Hence,

"We need to educate the users better."

That is a truly utterly disastrous recommendation. No! Firstly, the system is wrong, for reasons that we can skip today. Secondly, the technical choices being offered to the users are beyond their capabilities. This can never be "educated." Thirdly, it's a totally inefficient use of the user's time. Fourthly, the end effect is that most users will not ever get the benefit.

(That would be a mighty fine survey -- how many users get the benefit of TLS security in Thunderbird? If it is less than 10%, that's a failure.)

The system should be reversed in logic. It should automatically achieve what it can achieve and then simply display somewhere how far it got:

1. Try for the best, which might be secure auth, and then click into that. Display "Secure Auth" if it got that far.
2. If that fails, then, fallback to second best: try the "Secure Conn" mode, and display that on success.
3. Or finally, fall back to password mode, and display "Password only. Sorry."

The buttons to turn these modes on are totally unneccessary. We have computers to figure that sort of nonsense out.

Even the above is not the best way. Fallback modes are difficult to get right. They are very expensive, brittle even. (But, they are better - far far far cheaper - than asking the user to make those choices.) There is still one way to improve on this!

Hence, after 5 demerits and a handful of higher-level critiques, we get to the punchline:

To improve, there should only be one mode. And that mode is secure. There should be only one mode, because that means you can eliminate the fallback code. Code that falls back is probably twice as large as code that does not fallback. Twice as brittle, four times as many customer complaints. I speak from experience...

The principle, which I call my 3rd Hypothesis in Secure Protocol Design, reads like this:

There is only one mode, and it is secure.

If you compare and contrast that principle with all the above, you'll find that all the above bugs magically disappear. In fact, a whole lot of your life suddenly becomes much better.

Now, again, let's drag in some wider context. It is interesting that email can never ever get away from the fact that it will always have this sucky insecure mode. Several of them, indeed. So we may never get away from fallbacks, for email at least.

That unfortunate legacy should be considered as the reality that clashes with the Hypothesis. It is email that breaches the Hypothesis, and it and all of us suffer for it.

There is no use bemoaning the historical disaster that is email. But: new designs can and will get it right. Skype has adopted this Hypothesis, and it took over - it owns VoIP space in part because it delivered security without the cost. SSH did exactly the same, before.

In time, other communication designs such as for IM/chat and emerging methods will adopt Hypothesis #3, and they will compete with Skype. Some of the mail systems (Start/TLS ?) have also adopted it, and where they do, they do very well, allegedly.

(Nobody can compete with SSH, because we only need one open source product there - the task is so well defined there isn't any room for innovation. Well, that's not exactly true - there are at least two innovations coming down the pipeline that I know of but they both embrace and extend. But that's topic drift.)

Voting and more from the Red Queen

Cubicle points to a great article that contrasts voting machines with gambling machines.

It's easier to rig an electronic voting machine than a Las Vegas slot machine, says University of Pennsylvania visiting professor Steve Freeman. That's because Vegas slots are better monitored and regulated than America's voting machines.

Of course the gambling machines come out on top - they are more carefully governed because the nature of the money is very very clear. With a voting machine, you the punter has no clear picture of how it is being used to reach into your pocket, and your natural skepticism is swept aside by airy fairy claims of democracy and honesty of our public process blah blah.

In contrast to that rosy view of gambling governance, Risks points out that:

Casino can reprogram slot machines in seconds <"Peter G. Neumann"> Wed, 12 Apr 2006 11:10:27 PDT

As an enormous operational improvement, the 1,790 slot machines in Las Vegas's Treasure Island Casino can now be reprogrammed in about 20 seconds from the back-office computer. Previously this was an expensive manual operation that required replacing the chip and the glass display in each machine. Now it is even possible to have different displays for different customers, e.g., changing between "older players and regulars" during the day and a different crowd at night ("younger tourists and people with bigger budgets". (Slot machines generate more than $7B revenue annually in Nevada.) Casinos are also experimenting with chips having digital tags that can be used to profile bettors, and wireless devices that would enable players to gamble while gamboling (e.g., in swimming pools!). [Source: Article by Matt Richtel, Prefer Oranges to Cherries? Done! *The New York Times*, 12 Apr 2006, C1,C4; PGN-ed]

Well, the WaPo story was nice while it lasted. More from Risks, there are reports that votes of lesser importance were interfered with. Going to the sources:

Washington voting hijacked by computer mischief

An online poll asking Washingtonians to pick their favorite design for the state's quarter coin was suspended, after the balloting was hijacked by computer programs whose automated scripts pushed the tally past 1 million votes over the weekend. State officials overseeing the balloting originally decided not to limit the number of votes coming from individual computers so that family members sharing a single machine could each cast a vote, Gerth said. But that philosophy was being abandoned after the weekend's voting, which showed some computers casting repeated votes for a quarter design faster than humanly possible.
[Source: Associated Press item, seen in *The Seattle Times*, 12 Apr 2006; PGN-ed]

DoIT Information on ASM Election Issues

More specifically, DoIT detected a disparity between the number of student votes cast and the number of votes confirmed in the online election database. In the Student Council portion of the election, 94 more ballots were cast than were posted; in the referenda portion, 436 more ballots were cast than posted. After further investigation today, DoIT determined that there were no additional discrepancies in the referenda

I wrote before on the monetary aspects of voting. The first story above is about money, but it hardly seems monetary. The second is more of a political issue - but such polls often lead to power and money.

The question then arises if in any voting system it is unreasonable to assume 'honest' behaviour, even if the poll is over issues of no direct importance? Is it therefore better to assume that in any voting system, some small group of users will manipulate if given the chance? Even if there is no benefit to them?

The system of voting I wrote about last week solved this problem -- in the face of prior efforts to increase unimportant ratings fraudulently -- by checking identity on handing out the tokens. That's pretty boring. But if we decide that the only solution to proper democracy is a strong identity society, there's an awful lot of waste there, not to mention risk of identity abuse.

Votes are coins stamped with the Red Queen's head

In FC we know voting as a sort of constrained monetary auction. Indeed, some wit said political elections are just an advance auction of stolen goods. The spirit of democracy is an inspiring thing, and it suggests to many that we should be able to solve all our problems democractically, no? Well, no. Least of all money, but this doesn't stop some from trying.

I was recently coralled into becoming a sort of elections officer in a vote on funding applications. There was some large bickies to allocate to a needy public, and the story is worth recording, so here goes.

Grantees were encouraged to present their proposals before the body politic. Each person in the community was given a quantity of peanuts. These weren't the rooty / fruity kind, but pieces of paper saying "In Peanuts we Trust!" My job, alongside half a dozen others, was to verify the identity of people by checking their government-issued Identity docs, record the vital statistics, and hand over 70 peanuts to each person.

Standards on identity were curious. It had to have a photo. So credit cards did not count, but Manfred's above was accepted. If someone had not registered, all officers had to vote by show of hands to let them in. If they had no Id, then they had to find a mutual friend to vouch for them; someone who we knew, that knew them.

Why so serious? Because in a recent vote, several groups had cheated to push the rankings of their projects up the ladder! Why did they do that? Because they could, because it was art, because it was free like beer. So this time, the less amused among the community were taking no chances, it seemed.

At 21 hours, the bell rang and the issue of peanuts was over. (Luckily, the beer and some mighty fine broccali soup was still flowing.) Some 30 or so project groups had a brief 30 minutes to collect votes from each other. This phase exhibited one major flaw in that there was no anonymity - project marketeers running around with envelopes were able to employ a gamut of social pressures to secure their peanuts, and smaller, less marketing-savvy projects suffered.

While this was going on, we back in the issuance room were madly collating and cross-checking to validate the total issued peanuts.

Number of voters:	169
Total Peanuts:	70 * 169 == 11830
Cost to Issue:	(2 days * 1 for printing) + (3 hours * 6 for issuance)
Value of Peanut:	4.22

In order to make the voting serious, groups were given a limit - each group had to exceed a low watermark and not exceed a high watermark. This was to stop large projects dominating and small projects diminishing, or something.

So when the scores were announced, the obvious thing happened - projects that were below the low watermark ran around and grouped up into larger projects. Or, they sold their peanuts for promises of funds to other projects. And projects over the high watermark did the same thing! Meanwhile, over at the bar, all night there had been a ready cash market for peanuts. The first trades were observed at 7, and finally settled at 2, which is indicative of quite good estimating by the market.

Which means that the peanuts were money, but shackled with the inefficiency an imposed spirit of democracy. Quite a common suffering these days, it seems. A more ideal distribution system is then to simply give all people the peanuts as money, and instead of encouraging some notion of voting, encourage as many transactions as possible. Perhaps the rule is that there are 3 rounds, all transactions are anonymous and nobody gets to see their total at any time? When it finally settles, the hope would be that the decisions have best reflected the voice of the market.

This mirrors recent results in the economics of privatisation. In disbursing the value of communist assets such as factories, mines, etc, those newly freed countries in Eastern Europe that moved fastest benefitted more quickly. The end results indicated that speed, efficiency, and certainty paid off, even at the expense of some hypothetical losses to those who "missed out."

The vote got the whole thing over with in one evening, and I find comfortable parallel with recent results in the economics of privatisation. In disbursing the value of communist assets such as factories, mines, etc, those newly freed countries in Eastern Europe that moved fastest benefitted most, and more quickly. The end results indicated that speed, efficiency, and certainty paid off, even at the expense of some hypothetical losses to those who "missed out."

From the pov of the grantor, then, it has to be judged a fast, efficient and certain success. Now everyone knows -- a valuable thing.

How does the dominatrix of the open source world encourage her clients to pay for their pain?

OpenBSD asks for more contributions coz it's running at a loss. Mozilla asks for help in giving away money coz it's washing in funds. What a funny world.

Humour aside it is worthwhile to analyse these differences. Mozilla delivers browsers and email clients to the great masses of Internet users. Yours and my mom might use Firefox. BSD is an obscure operating that gets used by people who know what it is for, and probably have more than a passing ability to read and hack the code. Hard-core geeks in other words.

Mozilla stresses community and tries to get along, CEO Mitchell talks about personal lessons from falling off the trapeze; in contrast Theo de Raadt has a reputation for not getting along and frequently stars in flame wars over some security issue or other.

What's the core difference here? It's in the mission. Mozilla's software is standing in front of the user, and offering her an experience. Indeed, they say that part of the mission is improving the experience, which of necessity means getting all close and cozy with the users - all of them. You cannot improve your users' experiences unless you get into their hearts, their souls, their minds.

OpenBSD's mission in contrast is security, which isn't close and cozy anywhere anytime. Quite the opposite - for OpenBSD, the user is as much a threat as a beneficiary. In the hard security world, everything and everyone is treated with suspicion until proven otherwise. And even then, we have our doubts...

Which means that on first, second and third blush the OpenBSD project is unfriendly. The nicest thing you could say about those guys is that they are uncompromising, whereas the Mozilla guys are quite compromising. So here's where it all comes together: to cut a deal with Yahoo or Google that is worth 8 figures in revenue (numbers not available but widely speculated) you do need to be compromising - very compromising. Yahoo and Google want serious compromises for their dosh.

OTOH, you can imagine what would happen if Google turned up with a suggestion of, say, putting their disk searching technology into OpenBSD. (For a fee, of course.) We want an uncompromising response to that, forsooth, the nastier the better. I feel quite comfortable when I hear of the latest security spat - because I know that an uncompromising attitude is essential to security.

I wouldn't go so far as to say you have to be downright nasty to be secure. But it is certainly very hard to be secure when you have a mission of embracing all. A nice trick to pull off, if you can do it, and please tell us about it.

Getting back to OpenBSD. Just how does an open source project that makes a mission of being, ahem, uncompromising, go about doing some deals to get some revenue? Just who in business wants to pay for pain? Tough one, that. Those who solicit the dominatrix's services aren't saying, either.

Brand matters (IE7, Skype, Vonage, Mozilla)

In branding news: IE7 is out in Beta 2 and I'm impatiently waiting for the first road tests. (Roight... as if I have a Microsoft platform around here...) Readers will recall that Microsoft took the first steps along the branded security path by putting the CA name up on the chrome. This places them in the lead in matters of risk.

Sadly, they also got a bit confused by the whole high-end super-certs furfie. IE7 only rewards the user with the CA brand if the site used these special high-priced certs.

Plonk! That kind of ruins it for security - the point of the branding is that the consumer wants to see the Bad Brand or Unknown Brand or the Missing Brand or the Bland Brand ... up there as well. Why? So as to close off the all-CAs-are-equal bug in secure browsing. (Preferably before the phishers start up on it, but just after the first sightings will do nicely, thanks, if you subscribe to post-GP theories.)

By choosing to promote a two-tiered risk statement, Microsoft then remains vulnerable to a takeover in security leadership. That's just life in the security world; leadersip is a bit of a lottery when you allow your security to become captive to marketing departments' zest for yet another loyalty program. Also, annoyingly, IE7 promises to mark any slightly non-formal certificated site (such as FC) as a Red Danger Danger site. Early indications are that this will result in an attack on brand that hasn't hitherto been seen, and has interesting strategic implications for you-know-who.

The CA branding idea is not new nor original. It was even (claimed to be) in the original Netscape design for secure browsing, as was the coloured security bar. Using brand is no more than an observation deriving from several centuries of banking history - a sector that knows more about risk matters than the Internet, if only because they lose money every time they get it wrong.

Consider some more in the flood of evidence that brand matters - over in VoIPland look at how things have changed:

In Europe, branded VoIP represented 51.2 percent of all VoIP calls in the last quarter of 2005, while Skype accounted for 45 percent of VoIP minutes. Vonage took less than one percent of the market while other third-party VoIP providers represented 3.5 percent of all VoIP traffic, the report said.

"Twelve months ago, Skype represented 90 percent of all VoIP minutes. Now people are buying branded services," Chris Colman, Sandvine's managing director for Europe, said Tuesday.

Whaaa.... 90% to 45% of the market in 12 months! No wonder Skype sold out!

The same trend was found in the North American market. The study found that U.S. branded VoIP represented 53 percent of VoIP minutes on broadband networks. Vonage, with a 21.7 percent share, and Skype, with 14.4 percent, were the leading third-party providers.

I'll bet Vonage are kicking themselves... Stop Press!

TECHNOLOGY ALERT from The Wall Street Journal. Feb. 8, 2006 Internet-phone company Vonage Holdings has filed to raise up to $250 million in an initial public offering. The company also named Mike Snyder, formerly president of security company ADT, as its new CEO. Founder Jeffrey Citron, who had served as CEO, remains chairman. FOR MORE INFORMATION, see: http://wsj.com/technology?mod=djemlart

I didn't know you could file an IPO in just minutes like that!

Meanwhile, one group that have traditionally resisted the risk nexus of brands ... just got hit over the head with their own brand! Mozilla earnt a spot in the 10 ten most influential brands last year. More influential that Sony! Heady praise indeed. Well done, guys. You have now been switched on to the miracle of brand, which means you have to defend it! Even as this was happening, Firefox lost market share in the US. Predicted of course, as IE7 rolls out, Microsoft users start to switch back. Nice. Competition works (in security too).

So, what's the nexus between brand and risk? Newbies to the brand game will blather on with statements like "we protect our brand by caring about the security of our users." Can you imagine a journo typing that up and keeping a straight face?

No, brand is a shorthand, a simple visual symbol that points to the entire underlying security model. Conventional bricks&mortar establishments use a combination of physical and legal methods (holograms and police) to protect that symbol, but what Trustbar has shown is that it is possible to use cryptography to protect and display the symbol with strength, and thus for users to rely on a simple visual icon to know where they are.

Hopefully, in a couple of years from now, we'll see more advanced, more thoughtful, more subtle comments like "the secured CA brand display forms an integral part of the security chain. Walking along this secured path - from customer to brand to CA to site - users can be assured that no false certs have tricked the browser."

Why passports will have RFIDs

The Register revealed the scandalous behaviour of the Dutch promiscuous passports. Quickest description is on EC:

The secret key is made up of the passport expiry date, birth date and the passport number stored in the passport's Machine Readable Zone. The Dutch passport numbering scheme proves to be sequential and has a relation with the passport expiry date. Further, the last digit of the number is a checksum introducing additional predictability. The selection of a new and unpredictable passport numbering scheme would considerably improve the security.

Oops. History does not reveal how it is that the Dutch - normally a country steeped in deep privacy and cryptography that they run things like WhatTheHack where it was first announced - managed to make such a blunder.

One quibble. Adam goes on to say "The radio has no function." I think that's a bit tough to sustain. The point of using RFIDs and so forth comes from long hard-won experience. The experience pans out roughly like this:

• smartcard people wanted to do money
• smartcards are too expensive for money
• only mass transits had the wherewithall to finance smartcards as money
• mass transits also have mass queues
• only very fast systems work in mass transits
• contactless smarts are the only ones that are fast
• smartcard money therefore had to be RFID.
• people thinking smartcards therefore think RFID

From there, the decision to add smart cards to passports means they more or less had to include RFIDs. All experience points in that direction, and experience is everything in the smart card world (mostly because there is so little of it).

So the question then reduces to ... how applicable is mass transit experience to the passport issue? This might be considered to be the LAX factor - the answer is "quite a lot" if you've ever been stuck in a queue at a major US airport carefully calculating the time to the gate close on your connection.

Which does nothing to answer the next question: does the LAX factor - the benefit of radio-enhanced fast entry - outweigh the downsides? That seems to be the experiment that the various passport offices are intending to run on their captive subjects, so we will know for sure in about 10 years.