Friday, June 27, 2008

Political Roundup

Lots of stuff in the news recently that I wanted to offer my two cents on in the interest of totally destroying my political credibility when I seek political office in 20 years.

2nd Amendment Ruling in District of Columbia v. Heller

I will come right out and say it that the Court got this right. The traditional theory to explain gun control in light of the 2nd Amendment is that the right is a collective right given form through state militias (or what we might call today, the State Guard). I've been searching for words to help describe why I feel this just didn't cut it for me, because it runs counter to the usual liberal song and dance that, in general, I subscribe to. Thankfully, I found those words today in an OpEd by Eugene Robinson.
I've never been able to understand why the Founders would stick a collective right into the middle of the greatest charter of individual rights and freedoms ever written -- and give it such pride of place -- the No. 2 position, right behind such bedrock freedoms as speech and religion.
Makes you think... what if the 4th Amendment (restrictions against unlawful search and seizure) had been interpreted as a collective right... or Freedom of Speech? I may not agree with the 2nd Amendment, but it's on the books and it deserves the same constitutional force as all the other amendments.

Obama Campaign Pledges

There are three at issue... a commitment to stay in the Public Campaign Finance program, a commitment to engage in a different kind of politics vis-a-vis the general election, and a commitment to filibuster any FISA amendments that included retroactive immunity for telcoms. I give a thumbs up to getting out of public financing. Obama is raising tons of money across the spectrum of donors and he should continue to do so. The Republicans have fought dirty in the past and I see no reason to believe 2008 will be any different. I give a thumbs down to the Obama campaign's refusal to engage in Town Hall meetings with John McCain. I don't care if they are McCain's best format... they are formats where you have actual discussion and are tons better than traditional debates found in previous Presidential elections. And as for FISA... well, I suppose that's politics and everyone can changes their mind sometimes, which brings us to...

Telecommunications Immunity in FISA

I've thought long and hard about this since it became apparent that immunity for the telecommunication company's involvement in the Bush Administration surveillance program was all but a sure thing. For a long time, I was really upset. I even watched most of Sen. Dodd's floor speech where he railed against the decent from the Rule of Law into the Rule of Man. In theory, I agree... but in politics, I think theory must give way to the practical.

So I asked myself to try a little thought experiment... what would I do if I was an executive of a major telecommunications company? Lets assume I'm your standard executive whose primary concern is the financial well-being of my company, it's shortly after September 11th and representatives of the President of the United States shows up in my office saying "for the good of the country, we need your help." I, of course, ask the question any good executive worried about the financial well-being of my company would ask, "what are the legal implications?" to which the representatives say, "the President has authorized this under his Article II powers to defend the country as Commander & Chief." What, realistically, is the chance that my follow up is going to be, "you know, I think we should go to Congress and get explicit approval" or "how about we draft up a brief and ask the Courts to weigh in?" No, I think the most realistic response is going to be, "if you provide my company with a legal document from the President authorizing this activity, then we will provide assistance." To do otherwise is to tempt the wrath of the President and the ire of the American people just after the largest terrorist attack in the country's history.

Now, of course, I don't agree with the President or his advisers. The program itself goes too far and the President lacks the authority to authorize the violation of the law. But there are specifically delineated tools at the disposal of the Congress and the American people to restrain, and if necessary remove, the President for such violations of the law. The telcoms, in my view, are less-than-innocent bystanders in this case. Did they break the law? Probably, yes. Did they do so under what amounts to duress under Presidential order? Seems like, yes. Is the one who we should be going after sitting in the Oval Office? Absolutely, yes. Which is why the immunity provision in the FISA amendments is actually a sort of poetic justice. Every time one of the telcoms gets a suit against them dropped, they must produce documented proof, in open court, that the President specifically authorized the activity in question... every time the public will hear, the President told us to break the law. Whether or not that leads to any legal ramifications for the suits against the government, I'm unsure. But I think in the political/historical context, it will mean a lot to have the world hear, over and over again, that the Rule of Law was put aside because the President said so.

So now we will turn to the proper tools, whether that is individual suits against the government or political actions by the Congress, is up to those who wield those tools. But I think these sorts of approaches go after the true villains of the piece and are preferred over attacking the middlemen.

Tuesday, June 24, 2008

Getting Back Up...

The server is starting to come back from the dead. I took down the slice following my recent hack and awaited instructions from my hosting provider. Sadly, this experience made them reconsider entering this business and they have terminated the beta slice program that in which I was a part. They pointed me towards slicehost, which is a competitor with Linode, which we use at work. Anyway, I thought it would be a good opportunity to try something new, so I signed up for a slice and got the ball rolling on a new server.

Remember kids, security first...
niles@zion:~/exploit$ ./exploit
Linux vmsplice Local Root Exploit
By qaaz
[+] mmap: 0x100000000000 .. 0x100000001000
[+] page: 0x100000000000
[+] page: 0x100000000038
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4038
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0x2b7638001000 .. 0x2b7638033000
[-] vmsplice: Bad address
Now I just need to restore my Subversion and Apache servers and I'll be rocking and rolling once again!

Wednesday, June 18, 2008


Today I received a very unhappy email from a fellow saying my webserver had launched an attack against his FTP server and that I needed to stop it or he would contact the Federal Authorities. I was unbelieving at first, to be perfectly honest, and asked him to produce logs verifying the attack. But then I went and checked my server and discovered it was running a script named ftp_scanner, which seemed to be attempting brute force attacks against random FTP servers. ack.

I quickly killed all the ftp_scanner processes, found the offending script on the server (cleverly hidden in /tmp/.../ so as to be both hidden from a standard 'ls' and appear like a system file when running 'ls -a'). The immediate problem addressed, I tried to figure out how this could have happened. To my horror, I discovered that Thursday of last week someone had run a brute force attack against my SSH server and happened upon one of my users whose password was the same as her username. double ack!

A little back story is useful here... on Friday my server went down in a sort of funky way. I could still ping it, but http and ssh access were denied. It took all weekend working with my provider to get it re-enabled. They said it was because CPU usage had spiked, and since it's a virtualized server, my slice was shutoff to prevent damage to the larger system. I should have investigated then, but I just figured the detection systems were borked and thought nothing of it. Bad idea.

Two days later, the intrepid attackers struck again... and I would never have known if not for the email from the poor guy whose server my server was attacking. But that's not the worst of it. While cleaning things up, I noticed an SSH login to the 'news' account, which is a system user account that you cannot usually log into. It was then that I discovered the /etc/shadow password file had been compromised to enable a variety of logins that should not have been. This, unfortunately, was the worse possible news. If the attackers could change /etc/shadow, it meant they had manged to obtain root level access to my server. ack, ack, ack.

I went back to the /tmp/.../ folder to poke around the contents. It was then that I discovered the Linux vmsplice Local Root Exploit. And indeed, running the tests described my system was vulnerable, and the entire slice had been compromised. Since I don't run tripwire, or anything like that, I was pretty much screwed. oh, ack...

All user data is now backed up onto my local desktop and the slice is scheduled to be cleared. Once the kernel is secured I will have to start building the system from the ground up all over again.

Oh, and if "Not Rick" is out there, I'm sorry to have caused you any trouble... but contacting me via means that prevent me from replying makes it difficult to apologize or explain the situation.

Sunday, June 15, 2008

On Citzenship, the 14th Amendment, and Political Discourse

Unless you live in a some sort of political cave, by now you know the United States Supreme Court ruled that the denial of Habeas Corpus to detainees held in Guantanamo Bay by the Military Commissions Act of 2006 is unconstitutional. It was a 5-4 split decision with the dissenters saying some very nasty things that makes one think they were not talking to the legal world at large, but rather trading in fear mongering so often employed by those convinced of the "Islamofascist" threat. However, it is not my intent to quibble with either side of the decision... I think it's pretty clear I support the majority's approach here. No, my problem is with the political discourse that has emerged since the decisions announcement.

Republicans in Congress, in particular Senators who have enough personal clout to actually matter, have declared they will do whatever it takes to undo this "harmful" decision. John McCain and Lindsay Graham have both spoken of legislative efforts to narrow the scope of the decision. This, in of itself, is fine. In fact, it's what is supposed to happen. The political branches make a law, the Court review the law with facts, rules whether it passes Constitutional muster, and if it doesn't, the political branches go and give it another try. The problem is when these Senators craft their words as combative... that they will fight for the little guy to see justice done in the face of an evil, overbearing Supreme Court. It makes it sound as if the Senators are white knights out to rectify deep wrongs inflicted upon the helpless, regardless of the consequences. Passing over the obvious fact that it is the Courts, not the Congress, that is trying to grant some small level of humanity to the helpless, this sort of dialog only serves to tarnish the view of the Court in the public eye. The long term consequences of that tarnishing is no worse that the presidential reputation destroying effects of the last eight years of the Bush Administration. The Courts are our courts, and when we tear them down, we do ourselves no service.

This, however, is just a minor quibble... my real objection is to the language used to vilify not the Court itself, but the decision they rendered. Here is a typical example from John McCain, "[the detainees] are not citizens, they do not have the rights of citizens." This is a true statement. The detainees are not citizens, and ergo do not have the rights of citizenship. So what?

Implicit in Sen. McCain's language is that the rights granted by the Constitution are to be enjoyed by citizens, and citizens alone. Three interesting observations emerge from the language.

First, a simple word frequency analysis (a common tool of political scientist) of the United States Constitution reveals that the drafters and subsequent amenders were not very interested in the concept of citizenship beyond the right to vote. The term appears in the Constitution (including amendments) a grand total of of nine times. Five instances are in relation to the federal and state privileges and immunities clauses (more on that in a moment) and the other four times relate to voting rights or apportionment of representatives.

Second, the Constitution is not a positive rights document. Meaning the rights are not granted to citizens... the First Amendment does not say "you have the right to say whatever", it says (paraphrasing) "the government does not have the right to stop you from saying whatever." Our Constitution is a negative rights document, by which power is taken away from the government, not granted to the people. You can read through nearly every clause and you'll find they are all phrased as "the government can or cannot do X". So going back to the first point, when we talk about "privileges and immunities", there really aren't any constitutional privileges or immunities beyond the right to vote, most are defined by statute.

So, let's take a look at the language of the Constitution that relates to Habeas Corpus:
The privilege of the Writ of Habeas Corpus shall not be suspended, unless when in Cases of Rebellion or Invasion the public Safety may require it.
And here we find yet another negative right... "shall not be suspended." The clause is found in Section 8 of Article I, which is a big list of the things Congress is forbidden from doing. In other words, Congress may not suspend Habeas Corpus, except under specific circumstances (which the court, in other cases stemming from the Civil War, has made clear cannot be a case-by-case basis... either the writ is entirely suspended for everyone, or it is not). Note there is no mention of citizenship, simply that the Congress may not suspend. I admit I'm glossing over some interesting bits of Federal Con Law here... like could the Congress abolish the writ altogether forever? Many suggest that the Congress could do that, but that's different from denying the writ to just a subset of the population.

Finally, conservatives have been increasingly pushing this notion of citizenship. It is part of the dialog surrounding immigration rights and so called "illegals." The concept of citizenship infers a right to be here, and all others walk a fine line... heaven help you if you upset us, or we will deport you in a flash. The next step in that project seems to be to redefine the what it means to be a citizen. As I already demonstrated, the Constitution is primarily concerned with the right to vote... but now we see state legislation stripping illegal immigrants of their right to access social benefits, deny access to state colleges, even attempts to discriminate against their children. Some have gone so far as to propose altering the Constitution such that being born in the United States is not enough to establish citizenship.

So far these efforts are targeted at those who come to the States illegally... but it seems only a matter of time before the citizenship discourse gets to the point where we turn a suspicious eye to the legal immigrants who are not citizens. What then? Will John McCain declare that the First Amendment only applies to citizens?

Tuesday, June 10, 2008

Pillars of LegSim: Naming

This is a technology posting, but I'm asking a question to my political science readers, so I'm going to keep it simple. Future "Pillars of LegSim" postings will be more technical.

I am presently in the think of redeveloping LegSim, but in a way I would never have contemplated even six months ago. The current version of LegSim (v4.1) is what's known as a CGI application, which means each and every time you ask LegSim to do something, it loads the whole program, executes, and then unloads. Sort of like if you had fire up your email client every time you wanted to send a single email. This is silly and making it better is, as David would say, "a solved problem." And indeed, there are all manner of pre-existing web development frameworks that could be made to do what I want to do (Ruby On Rails, CakePHP, Zope... just to one from each of the big languages). Thing is, I like Perl... and at the risk of sounding like a language snob (not the Sarah kind of language snob mind you), I would like to stick with Perl, the original Perl language.

Of course, there are frameworks in Perl... like Catalyst, which actually got it start at the University of Washington back when I was an undergraduate. But, bottom line, I don't want to have to learn someone else system and I don't want to have to fight when it tries to tell me how things ought to be done. I would just use Rails if I wanted that experience. So, I'm writing my own. Which is exciting, I've enjoyed it so far. Done right, I can use the framework not just for LegSim, but for other projects I might want to take on. But I'm getting ahead of myself...

Faithful readers, I turn to you to ask a simple question... what should I call this thing? My first thought was to name it after the first Speaker of the House of Representatives... but that turned out to be Frederick Muhlenber, and I'm not naming my framework after no Muhlenber. We are working on a CMS system built on top of Rails at work, which is codenamed Pericles (a name my boss will likely change). I like Pericles, having come up with it myself, but I'm not sure if I want to reuse the name.

The current leader in this contest is Astraea, the daughter of Zeus and Themis who would eventually ascend into the heavens and become Virgo. She's also the Goddess of Justice, with the scales and stuff. While I like the sound, I'm not thrilled with the mythos. I'm looking for something more "governmenty" than justice (hence my initial interest in Pericles). Anyone have suggestions... needs to be a cool sounding word, cannot be in common use (to avoid confusion), and has some sort of tie in with government.

Drop me a line via email or a comment if you have any good ideas.

p.s. If anyone recommends Perl on Rails, I will ban you forever.

Updated - 6/11/2008

A friend wrote to suggest Solon, one of the fathers of Athenian democracy. The wikipedia page makes him sound like a pretty cool guy. But while reviewing the background I learned Solon eventually became an Archon of Athens, which was a sort of executive position within the Greek governmental system, both during it's tyrannical and democratic days. But here's the really cool part... the years in which no Archon was appointed where known as anarchy, meaning, literally, "no Archon." How cool is that?!

So, bonus points for Solon, but at the moment, the top choice is Archon.

Monday, June 02, 2008

Google vs. Privately Owned Community

This isn't really a story about Google, but I was tipped off by a tech-legal blogger about the story because of Google's involvement with the St. Paul suburb of North Oaks, Minnesota. The basic story boils down to (1) North Oaks residents actually own the roads in their town and have a trespassing ordinance, (2) Google violated that ordinance when it took photos of the town for its Street View program, (3) North Oaks city council requested the photos of the entire city be removed, (4) Google complied.

From a Public Relations standpoint, I have no argument with Google's decision... however, I do think there is a dangerous first amendment precedent waiting in the wings here. In Marsh v. Alabama the U.S. Supreme Court ruled that First Amendment activity was still protected in the town of Chickasaw, Alabama even though every square inch of the town was private property owned by the Gulf Shipbuilding Corporation. The company had baned religious leafleting and the Court said the company was the State in that situation and thus must abide by the First Amendment.

I think the situation in Chickasaw, Alabama is analogues to North Oaks, Minnesota... except, instead of a for-profit company owning the streets, individuals bound by their deeds through the North Oaks Home Owners Association own the streets. But the situation is otherwise the same in that a private entity is attempting to get around the State Action doctrine by abolishing the State. But in so doing, they create a new State in all but name, and thus under Marsh must allow First Amendment activities. There remains the question of whether taking photos from streets is a First Amendment activity, a question I am not immediately familiar with, although I believe it is protected.

Either way, I imagine Google complied for the same reason it complies with requests from private citizens... it doesn't have to under the law, but it does out of respect for privacy. My question now is what happens if a "citizen" of North Oaks, Minnesota writes to Google saying they wish to opt back into Street View?

Sunday, June 01, 2008

Why is this so upsetting?

Regular users of Google properties will have noticed that the Google favicon has changed. Here's a side-by-side comparison from
Side By Side comparison of Google Favions
The old icon reflected Google culture as I saw it, colorful, yet professional. This new logo drops the color scheme and switches to a lowercase "g". It's the sort of favicon I would expect on a kids-oriented site. If their goal here is to appear as an "underdog"--as suggested by the article--then they are seriously misreading their audience.

Maybe this will grow on me, but it had better start growing soon, 'cause at the moment it is nothing more than an eyesore on my bookmark toolbar.