January 2015 Archives

Yes. I've seen the Lars Andersen archery video*. Everybody can stop sending me links to it now.

Speaking as a mediocre archer in my own right, and as somebody who's written three novels with a Mongol archer as a protagonist and done a fair amount of research on the subject of worldwide bow techniques...

That guy's a really good marketer.

But he's not actually doing anything we didn't already know about, he's not shooting in a manner that would be at all effective in combat or for the historically more common purpose of feeding his family, and his quiver-handling skills are worthy of the "before" segment of an infomercial.

I'd like to see him cut a sandwich with a regular knife! It might result in an explosion.

Here's the thing. He's basically misrepresenting a bunch of well-known techniques in non-Western-European archery as his own invention or "rediscovery" (bonus cultural appropriation!), and into the bargain, he's not actually putting any strength into that bow of his.

I'm off to New York on Thursday, weather permitting, and won't be back until late in February. I'm in the US for business, and while I'm there I'll also be appearing at Boskone 52 in Boston from February 13-15; you can find me on the program schedule here.

I'll also be hanging out and drinking beer from 6pm on next Monday, the 2nd, in Pine Box Rock Shop in Brooklyn. It's really close to the Morgan Ave L stop (opposite side of the block), has good beer and spirits, and can feed vegans (not me: my wife). You can find it on Google Maps as Pine Box Rock Shop, 12 Grattan Street, Brooklyn, NY 11206, United States. If you're reading this, you're welcome to come along. (I'm told there's a facebook page for the event here. NB: I don't do Facebook.)

While I'm away I'm handing the blog over to an ensemble of all-star SF/F writers. We'll have Harry Connolly, Laura Anne Gilman, Elizabeth Bear, and the collaborating duo of Sherwood Smith and Rachel Manija Brown.

It is Saturday January 24th, 2015. Greece is going to the polls tomorrow, in an election triggered by the main centre-right coalition's inability to form a consensus on who the president should be. (The Greek President is elected by members of the Parliament rather than by the public or an electoral college.) It takes place against a background of traumatic externally-imposed austerity that is familiar, in watered-down form, to anyone living in the UK outside of London and the south-east, and to many elsewhere in Europe. And it is looking as if Syriza, the Coalition of the Radical Left, is on course to win an outright majority and form a new non-coalition government.

This is not an insignificant regional event. Events in Greece set a precedent for the next election in Spain, where support for Podemos ("We can") is growing rapidly. It may also provide a precedent for the UK, which is due to undergo a general election this May, and where polling suggests that the once-dominant share of the vote held by the Labour and Conservative Parties (around 97% of votes cast, in 1950) has declined to around 60%, and where hitherto marginal parties (UKIP on the right, the Greens on the Left) are rising towards, or passing, the 10% milestone.

Syriza is a left-wing party, unapologetically opposed to the policies of austerity and IMF imposition of deficit-reduction on the Greek public. They don't want to leave the Euro (to do so would cause, at a minimum, a banking crisis and a worsening of recession), but the widespread pain of austerity has reached the point where the downside of leaving the Euro may be seen as less unpleasant than continuing along the current path. (Nor is austerity without its critics; it's deflationary, damaging to growth, and there is some evidence that it is being chosen as the course out of the 2007/08 crisis by the rich for ideological reasons rather than efficacy—it doesn't harm continued accumulation of capital, but it places a disproportionate burden on the poor.)

Predictably the big political guns throughout the EU have been wheeled out against Syriza, to frighten them into going along with the post-2010 arrangement. But it's looking increasingly likely that the Greek public are about to say, not merely "no," but "hell, no!"

So what happens next? Monday's papers are going to be an interesting read ... as for me, I'm speculating idly if, now that Lenin's not-so-excellent experiment has been dead and buried for a generation and the crisis of capitalism has given us a salutory lesson in the consequences of unbridled greed, we aren't now drifting back towards the realization that it's time to try Socialism 2.0.

I have not been blogging much lately because I have been a bit busy. "The Annihilation Score" (Laundry Files book 6) has been copy edited and is on course for publication in the first week of July, and I'm now about a quarter of the way into writing "The Nightmare Stacks" (Laundry Files book 7). This is a priority right now, because on January 28th I'm off to New York and Boston for my annual winter trip (and expect to come back with a bunch of edits to process on the new Merchant Princes trilogy). As my literary agent and my US publishers are all based in New York, and there's an SF convention—Boskone—in Boston, it's really a work thing, but I'm going to find time to send up the bat-signal for a brewpub evening in both cities: watch the skies, or this blog entry, for details.

Read below the cut for my itinerary and Boskone program items.

(Oh yes, one other thing. This is the time of year for Hugo nominations. 2014 was a bit of an odd year for me, insofar as I published just one piece of Hugo eligible fiction. It's a novel, an earlier work in the same series won a Hugo last year, and that's all I'm going to say. I am going to try to get off my arse and write a bit more short fiction over the next year or two, though, so things will be more interesting next year.)

Our glorious prime minister, failed TV company marketing director David Cameron, has proposed banning all forms of encryption that can't be broken by the security services. I'm not the only person who thinks this policy is beyond bonkers and well into criminal insanity (even his own deputy prime minister has reservations), but for the record, let me lay out why this is such a bad idea.

0. It is already a criminal offense to refuse to disclose your encryption keys, or to decrypt an encrypted file, on receipt of a lawful order to do so by the police or a court, under powers granted by Part III of the Regulation of Investigatory Powers Act (2000), in force since 2007. (Immediate consequences: paranoid schizophrenic jailed for refusal to decrypt his files. Apparently French anti-terrorism police became suspicious when he ordered a toy rocket motor. Strong encryption is the new tinfoil hat for technically ept paranoids: there's a human rights issue here. But I digress.) The point is, legal powers to essentially compel compliance with Cameron's goal already exist.

1. What Cameron is asking for, however, is a lot more drastic: the outlawing of endpoint-secured communications protocols. In other words, the government must be able to decrypt any encryption session used within the UK. This has drastic consequences which would, in my view, drastically undermine British national security (and cripple our IT industry).

What are these consequences?

2. If the government can decrypt an end-to-end encrypted session, then a third party can in principle use the same mechanism to decrypt it. (The third party could be a rogue government employee, or a crypto hacker.) This is not a hypothetical: it's intrinsic to how cryptography works. It's either secure against all third-party snoopers, or it isn't secure and will be cracked in time inversely proportional to the value of the data conveyed. Also, merely knowing that an encryption protocol has a weakness makes it easier to attack.

What sort of stuff would be at risk of third-party snooping by criminals or random hacker gangs like the denizens of 8chan or Anonymous?

3. Let's start with email. Not just your regular email: how about privileged lawyer/client communications? Internal transmission of confidential medical health records within the NHS backbone network? Your accounts, going to and from your accountant?

4. But email is only the tip of the iceberg. How about the encrypted web session you use to check your bank account? Or to pay your income tax? If you're a small business, the VATMOSS system is obviously a target—and a high value one, where an attacker could steal large amounts of money. Mandatory back doors in encryption imply weakening the security around the government's own tax-raising system. (Talk about sawing off the branch you're sitting on.)

Some systems require end-to-end encryption or they are simply too risky to permit. What are they?

5. Let's start with SCADA systems that control blast furnaces, nuclear reactors, water treatment plants, and factories. Then we can add other online systems: the in-cab signalling system used to deliver signals to drivers of trains on railway lines cleared for high-speed running, traffic signal boards on motorways, and in the not too distant future systems used by air traffic control for filing flight plans and transferring security-related passenger information.

We should then add online finance systems, from Paypal to the APACS credit card settlement system, the BACS payment system through which about 80% of the pay cheques in the UK are sent straight to the recipients' bank accounts, to inter-bank settlement and reconciliation, the share dealing system used by the London Stock Exchange, and every supermarket and wholesale warehouse inventory management and stock control/ordering system in the country.

What is the worst case outcome of mandating that the security around all these systems is weakened?

6. How about a group within 8chan deciding, purely for lulz, to scramble all the patient medical records accessible over the NHS Spine? Or that the Russian Mafia, who are already very much into cybercrime, hit the BACS system and use it to siphon off or scramble all payments going into the HMRC Income Tax accounts on January 31st?

Here's the key message that Cameron simply doesn't understand:

7. There is a trade-off between internal security and external security. You can have perfect security against message traffic between external hostiles if you ban encryption ... but by so doing, you destroy your internal security against attack from any direction at all. Or you can have total internal security with end-to-end encryption of all communications, and be pretty much immune to certain classes of hack attack, but lose the ability to listen for terrorist chatter. These two circumstances are opposite ends on a scale. You can adjust the balance between the two, but mandating either end of the scale is idiotic. Our prime minister has mistaken the rotating knob for a push-button with a binary on/off state. Hopefully his advisors will take him aside over the next few days and teach him better, or he'll lose the election this May. Either way, though, this proposal is disastrous and if it happens, well, I'll just have to get used to being a criminal.

Sorry folks, but we're just not.

One of the failure modes of extrapolative SF is to assume that just because something is technologically feasible, it will happen: I'm picking on sub-orbital passenger travel as an example of this panglossian optimism because I got sucked into a thread on twitter the other day and I think it's worth explaining my objection to it in a format that permits me to write more than 140 characters at a time.

The proximate cause of my objection was someone asserting that Virgin Galactic's business model is ultimately targeting sub-orbital flights between continents, rather than brief bouts of free-fall tourism for the rich. At first glance, this isn't an obviously stupid assertion: enough folks have signed up for the sub-orbital tourist package that there's clearly demand, various companies have been buying patches of isolated terrain as sites for spaceports (even in Scotland), and there's a British start-up proposing to build an air-breathing hypersonic carrier craft for satellite launches and passenger travel. It's a perennial dream technology that keeps coming back from the dead, because the idea of flying from Heathrow to Sydney in three hours instead of 22 is obviously appealing to those of us who occasionally fly LHR-SYD.

Except ... it's bunk. Let me explain why.



About this Archive

This page is an archive of entries from January 2015 listed from newest to oldest.

December 2014 is the previous archive.

February 2015 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Search this blog