Topic: Foreign Policy and National Security

Gates vs. Fighters

The Secretary of Defense must read Cato-at-Liberty. I suggested Thursday that Robert Gates should break 25 years of fighter pilot rule over the Air Force when he picks Buzz Moseley’s replacement. And voila. General Norton Schwartz, who was head of US Transportation Command (the logistics center for the military, essentially) has experience as a C-130 (airlift) pilot and in Air Force Special Operations Command. He has even written about using AC-130 gunships to support urban combat operations.

This is the kind of guy the Army would pick to run the Air Force. The Air Force fighter leadership apparently wanted to elevate Gen. John Corley, commander of the Air Force’s Air Combat Command, a former F-15 guy, to the top spot. Not only did Gates not do that, he moved Schwartz’s deputy from Transcom, Lieutenant General William Fraser III, a three-star former bomber pilot, to Vice Chief of the Air Force.

Gates is slapping around the figher mafia that runs (ran?) the Air Force. The chances of F-22 procurement going beyond 183 (the Air Force, at least until today, wanted 381) just went down, although Congress and the next administration will have something to say about that. The China threat inflation coming from the Air Force should diminish. The Air Force’s commitment to supporting Army led counter-insurgency campaigns will increase. The cries that the Air Force is underfunded will soften.

ID Checks are About Control, Not Security

If there was ever any doubt that ID checks at airports are about control and not security, the Transportation Security Administration is clearing that up. Starting June 21, it says, “passengers that willfully refuse to provide identification at security checkpoint [sic] will be denied access to the secure area of airports.”

The claim is that this initiative is “the latest in a series designed to facilitate travel for legitimate passengers while enhancing the agency’s risk-based focus - on people, not things.” So let’s take a moment to look at how refusing airport access to the willful enhances security.

… OK! We’re done!

No terrorist or criminal would draw attention to him or herself by obstinately refusing an ID check. This is only done by the small coterie of civil libertarians and security experts who can’t stand the security pantomime that is airport identification checking. The rest of the people traveling without ID have lost theirs - and TSA officials at airports have no way of knowing which is which.

This new rule will do nothing to improve airport security, but watch for the incident when a TSA agent “doesn’t believe” someone who has truly lost his or her driver’s license and tries to strand a traveler in a faraway city.

Buzz Out

Secretary of Defense Robert Gates apparently forced out Air Force Chief of Staff General Mike “Buzz” Moseley and Secretary of the Air Force Mike Wynne today.

Initial reports are that lax nuclear weapons security was the “last straw.” Good reason.

There’s also this scandal. Moseley was recently slapped by the Pentagon IG after a two-year investigation involving the FBI showed that he might have helped a friend’s company receive a $50 million contract to provide media support for the Air Force’s Thunderbirds air show. That investigation led Senator Levin and the Armed Services Committee to call for another IG investigation of the Air Force leadership’s possible “ethical violations” in steering contracts. The IG’s initial audit of the units that run the Thunderbirds – Air Combat Command and the 99th Contracting Squadron at Nellis Air Force Base, Nevada – found several contracting improprieties.

I would like to think that another cause of the firings was the Air Force’s recent use of $80 million in tax dollars to propagandize the public about their role in our defense with an ad campaign called Air Force Above All – a name bizarrely reminiscent of Deutschland über Alles. Sample claim: The Chinese have the world’s biggest Air Force. (True if only you count rusting turboprops and irrelevant to the fact that our Air Force is vastly superior to China’s). But that’s just wishful thinking.

The most important reason for the firings was probably the rift between the Air Force leadership and Robert Gates. Gates has repeatedly criticized the Air Force (rarely by name, but no one was fooled) for what he called “next-war-itis,” the tendency to push for its weapons program over immediate war needs. Gates was annoyed by the Air Force’ s reluctance to go full speed in getting UAVs, particularly Predators, to the field, even while it tried to gain control of all US military UAVs; by its inability to accept stopping F-22 production at 183 and end-runs to Congress to get funding for more; and by its overall lack of team spirit.

This goes to wider schism in the Pentagon and really, in the country. On one side you have people like Gates who want to transform the military to fight counter-insurgencies. On the other side, you have the services’ leadership, especially the Air Force’s, who understand that a military transformed to that end makes them an adjunct in fighting our wars, not its primary instrument. The Air Force’s view essentially is that the US military should not get away from its strengths – technology over manpower, standoff strikes versus population management. Gates would answer that there aren’t enough possible conventional wars to justify the Air Force’s agenda. Military analysts have mostly cheered Gates on this front and will likely support the firings for the same reason.

A pox on both your houses, I say. It’s true that the Air Force and Team Big War ignore the dearth of conventional enemies and want to make China into a vessel for all their procurement dreams. But Team Counter-Insurgency is too eager to use the military to fight a series of unnecessary wars, and they overstate our ability to win them.

One thing Gates should consider is selecting a non-fighter general to run the Air Force. The Air Force has been run by fighter pilots since the late 1970s, more or less, when they wrested control of their organization from bomber pilots. If Gates wants to change the Air Force, he might look for a leader from one of the Air Force’s other sub-communities, who may share his frustrations.

Fusion Centers in Search of a Problem

Via Secrecy News: “There is, more often than not, insufficient purely ‘terrorist’ activity to support a multi-jurisdictional and multi-governmental level fusion center that exclusively processes terrorist activity.” This is from a Naval Postgraduate School master’s thesis entitled: “An Examination of State and Local Fusion Centers and Data Collection Methods.”

Though they arose to counter the terrorism threat, “fusion centers” will seek out other things to do. Programs like these are born of slogans - “connect the dots” - “information sharing” - rather than sound security thinking. In a TechKnowledge piece last year titled, “Fusion Centers: Leave ‘Em to the States,” I juxtaposed the active fusion center in Massachusetts with the hair-on-fire overreaction of the Boston Police to a guerrilla marketing campaign featuring stylized Lite-Brites.

An E-Verify Triple: That’s a De-De-Debunker

Department of Homeland Security Assistant Secretary for Policy Stewart Baker has weighed in with another post on the DHS “Leadership Journal” blog about the E-Verify system for conducting federal immigration background checks on all people hired in the United States. He takes on three supposed myths about E-Verify.

Myth 1: That E-Verify is burdensome for employers.

Baker says that E-Verify is a bit less burdensome than ordering books for the first time on Amazon.com. It would be fun to actually run that test. But just for starters, here’s the 600-word form you have to read and fill out before you even register as an employer. The word count of the Memorandum of Understanding you have to read and sign is well over 3,000 words - eight pages of legalistic instructions. Jeff Bezos! Call your bankruptcy lawyer!

Buying a book from Amazon.com doesn’t require you to check someone else’s documents, doesn’t put you at risk of violating federal law, and so on, and so on. These just aren’t comparables.

Baker’s most interesting evidence? An anonymous commenter on one of his earlier posts who just gushes about E-Verify. In fact, the first two comments on that post - both anonymous - come within nine minutes of each other. One praises E-Verify’s ease of use. The other comes from the “worker” perspective - just like a PR flack would want to have covered. Here’s the actual quote: “This E-verify system will let you know if you have a mistake that you need to correct before it is just too late for you!” So very like an infomercial …

But let’s cut to the chase: Regulators in agencies across the federal government are constantly coming with burdens on employers. Oh, they claim that each one is wafer thin, yes. But the cumulative results are disgusting.

Myth, the second: That E-Verify is discriminatory.

Critics “conjure up evil employers who disfavor certain ethnic groups when they apply government hiring rules,” says Baker. That’s not quite it. Unfortunately, rational employers would disfavor certain ethnic groups. Here’s how I put it in my paper “Electronic Employment Eligibility Verification: Franz Kafka’s Solution to Illegal Immigration”:

With illegal immigrants today coming predominantly from Spanish-speaking countries south of the U.S. border, identity fraud and corruption attacks on the EEV system would focus largely on Hispanic surnames and given names. Recognizing that Hispanic employees—even native-born citizens—are more often caught up in identity fraud and tentative nonconfirmation hassles, employers would select against Hispanics in their hiring decisions.

But this is against the rules, protests Baker. And it’s true that the program’s rules forbid this behavior. But Baker is thinking quite a bit like the economist in this old joke:

An economist, a physicist, and an engineer are trapped on a desert island and all they have to eat is a can of baked beans. The engineer first tries to open the can by putting at an angle to the sun to try and burn a hole in it. That doesn’t work. So the physicist gets a rock and does some calculations as to how much force he would have to hit the can with to get it open. No luck. Finally, the economist turns to them both and says, “You’re doing it all wrong! What we need to do is assume we have a can opener …”

“If there are rules against it, it won’t happen.” Friends, avoid South Seas adventures with economist Stewart Baker.

Myth 3: That E-Verify does nothing about identity theft.

E-Verify does something about identity theft. You have to have a matching name and Social Security Number pair to get through the system. That makes defrauding employers harder. It will also make identity theft more profitable and more common if E-Verify goes national. Again, from my paper:

Faced with the alternative of living in poverty and failing to remit wealth to their families, illegal immigrants would deepen the modest identity frauds they are involved in today. Their actions would draw American citizens, unfortunately, into a federal bureaucratic identity vortex.

But Baker is talking about in-system fraud, and the idea of accumulating more biometric information into a national identity system. Currently, a “photo screening tool” in E-Verify shows employers the picture that was printed on DHS-issued permanent resident cards and employment authorization documents. This suppresses forgery of cards, while it may lull employers into checking the card against the computer screen - not against the worker. Whatever the case, DHS is seeking access to passport photos from the State Department and driver license photos from state governments across the country so that it can knit together a national biometric database. (Pictures are biometrics - relatively crude ones, of course. When having a picture database fails to secure against illegal immigration, they’ll move to stronger ones.)

Baker is exaggerating to say that the photo screening tool is a significant step in countering identity fraud. It’s only in very limited use, the system itself would promote identity fraud, and countering identity fraud this way requires a national biometric database, with all the privacy ills that entails. This is why we wouldn’t want E-Verify even if it was ready for prime-time.

Three myths debunked? Or three debunkings de-debunked? Secretary Baker’s commentaries are welcome because they illustrate key points of disagreement, allowing you, the American public, a fuller view into the issues at stake.

No End In Sight

According to this site, the Iraq correspondent Richard Engel’s book has some pretty startling words from the Commander-in-Chief in it. Try a few of these on for size:

  • “This is the great war of our times. It is going to take forty years,’” [Bush told Engel]. Bush said in forty years the world would know if the war on terrorism, and conflicts in Iraq and Afghanistan, had reduced extremism, helped moderates, and promoted democracy.
  • Bush admits to Engel that going to war was a decision based on his personal instinct and not on any long-range strategy for the Mideast: “I know people are saying we should have left things the way they were, but I changed after 9/11. I had to act. I don’t care if it created more enemies. I had to act.”
  • Bush tells Engel that the election of Hamas was actually a positive development because it pressured Palestinian Authority chairman Mahmoud Abbas to make reforms: “I think the election of Hamas was a good thing. It proved to Abbas he was failing. I told Abbas, ‘You lost the election because you aren’t providing for your people, jobs, education, what people want.’ Now they know they have to compete.”

Looks like there will be lots to chew on in there. And we’ve got at least 35 or so more years to chew on it.

Cyber-Alarm!

Shane Harris’ National Journal cover story on the Chinese “cyber-invasion” is meant to alarm us. The story claims that Chinese hackers doing their government’s bidding are stealing our secrets and maybe felling our power grids. It quotes US officials comparing the consequences of cyber-attacks to those of nuclear weapons. The cover depicts a red dragon crawling on to an American shore. A subtitle sees “a growing threat.”

Don’t burn your wireless card yet though. There may be a US cyber-panic, but the Chinese cyber-threat is overblown.*

The most shocking and least plausible claim in the article is that Chinese hackers caused the massive blackout in 2003 and a recent power outage in Florida. I’m not an expert on cyber-security, so I’ll leave it to Bruce Schneier and Wired blogger Kevin Poulsen to attack this theory.

But anyone can see dodgy sourcing. Harris’ blackout scoop comes from the former president of something called the Cyber Security Industry Alliance who claims that he heard it from intelligence sources. In support of this contractor’s claim, the article quotes a bunch of federal officials paid to combat cyber-threats. They say, essentially, “Yes, it’s possible the Chinese did this, but we can’t say more.” Technical details aren’t included. It’s a secret, we’re told. The article only briefly discusses the very plausible explanations for both blackouts that don’t involve Chinese hackers. In the 2003 case, at least, that multi-causal story is backed by extensive investigations on the public record.

Another problem is the article’s uncritical acceptance of the claim that the Chinese government employs a hacker militia to attack US websites. No evidence is offered beyond the assertions of an intelligence official employed to combat cyber-threats, a security contractor who works for such officials, and one consultant / analyst. No doubt there are lots of Chinese hackers breaking into US networks. After all, there are lots of Chinese. But why should we believe that these hackers are agents of the Chinese state rather than bored teenagers in internet cafés? However malicious its intent, why would the Chinese government want to outsource its espionage to a bunch of underemployed programmers?

The story also reports on several Chinese efforts to steal information from US corporate executives and government officials. These stories are plausible – but two caveats could have been highlighted. First, our military and intelligence agencies almost certainly hack into Chinese networks and steal information. Second, there is no official claim in this story or elsewhere, despite all the sound and fury, that Chinese hackers have broken into classified US networks and gathered useful information.

Finally, the story should have quoted someone pointing out the absurdity of the claim made by Vice Chairman of Joint of Staff Gen. James Cartwright that cyber-attacks are comparable to weapons of mass destruction attacks, which means nuclear explosions, among other things. By most definitions, cyber-attacks have been going on a long time. They have killed either no one or almost no one. Yes, one can imagine scenarios where hackers trigger mass casualties. But equating these outlandish what-ifs to a nuclear weapon is either an assault on the meaning of “mass destruction” or threat inflation of first order. (I say this despite an article/ heroic epic in the same magazine depicting General Cartwright as a kind of cross between Napoleon and Jack Welch.)

I keep reading about the cyber-war we’re supposed to be fighting with China. Reading this story, I don’t see it. There are evidently a lot of Chinese hackers (not necessarily government-sponsored), and a bunch of Chinese electronic espionage (not necessarily successful). That’s a problem, not a war.

For a sober take on these matters, read James Lewis of the Center for Strategic and International Studies.

*I’m usually a fan of the National Journal and Shane Harris’ writing in it, so I chalk this up to an off-week.