Over the past few weeks, however, I have become increasingly convinced that this analysis — and all analyses I have seen — have neglected a critical portion of the problem. The traditional assumption about the use of a counterstrike system is that it will be slow, deliberate, and carefully controlled: purely defensive measures are applied first, followed by blacklisting, finally followed by offensive countermeasures. Furthermore, these offensive countermeasures are always described as being under the control of human operators. To date, discussion of these systems has been implicitly based on the assumption that counterstrike is a last resort and that a human will always be “in the loop.” Unfortunately, I’m not certain that any system which obeys either of these rules will be able to deal effectively with real-world Internet threats. The current state of the Internet may demand software that operates in seconds, not hours, and which may not be able to wait on human approval for its actions.

Symbiot’s original whitepaper (PDF) arguing in favor of counterstrike security systems put great emphasis on applying the rules of conventional warfare to confrontation on the Internet. Part of this focus was no doubt in order to reduce the controversy over counterstrike systems, as the paper takes pains to note that the tactics it outlines “have been refined by thousands of years of warfare, diplomacy, and legal recourse.” However, the authors also use the vocabulary and concepts of warfare as a convenient intellectual base for their arguments, and demonstrate more than a passing familiarity with The Art of War.

One military concept of great importance which is not discussed in this whitepaper is that of “operational tempo.” The idea of operational tempo was developed along with the concept of maneuver warfare as a more useful measure of the speed of an operation than its simple physical velocity. The operational tempo of a force is the rate at which it can collect new information, process it, make a decision, and finally take action based on that decision. The ultimate goal for any military force is to have a higher operational tempo than that of the opposition, and thus be able to react to new developments significantly faster than the enemy.

Symbiot’s whitepaper appears to be of two minds as to the operational tempo of a counterstrike system. When the paper begins by arguing that there is a need for counterstrike systems and a more aggressive approach to information security, the importance of rapid response is held to be paramount. The authors initially state that “the response in most cases [of network attack] must be determined and executed within seconds,” and then focus on the necessity of self-defense in situations that are “‘instant, overwhelming and leaving no choice of means and no moment for deliberation.’”

However, when describing the characteristics of a counterstrike system, this emphasis on speed appears to have been removed, perhaps to placate the legal worries of potential customers. Instead, the watchword of these sections is “graduated response.” Response, as defined by the authors, begins first with the determination that an attack is underway, followed by characterization of the attack and a determination of whether or not the attack is hostile. Upon determination of the level of hostility of the attack, countermeasures are applied. These countermeasures begin with “multiple positive identification[s] of hostile intent,” and work their way through blacklisting, action through the legal authorities, and finally coordinated counterstrikes. The process described here is one that will take hours, if not days, to complete. At almost every step, at least one human judgement is required as to the appropriate course of action. At a minimum, these judgments will take a few seconds. At the maximum - such as in the case of pursuing action through legal channels - the “human” part of this process could run for days, weeks, or months. The end result is an operational tempo which is limited by the maximum speed of human organizations.

This level of speed is wholly adequate for dealing with threats whose operational tempo is also limited by the speed of human decisions. There are a wide range of these threats to computer networks: For example, there are blackmail efforts which threaten to shut down computer networks unless a sizable ransom is paid. There are industrial espionage attempts, in which an attacker seeks to quietly extract some sensitive piece of information from a company network. There is even the threat of petty vandalism and web page defacement, in which case some cracker simply seeks to have his name and “1337 sk1lz” more widely known. In each of these cases, human decisions are required throughout the intrusion attempt, ensuring that the attacker and defender are operating at roughly the same operational tempo, and that an organized defense is possible.

Unfortunately, there is an entirely different class of network attacks which operate not at the speed of human decisions, but at the speed of processor commands and network packets. I am speaking, of course, of self-propagating Internet worms. Since worms seek out and infect new targets without any human intervention (beyond the initial decision to release a worm in the first place), their speed of spread is typically only limited by the design of their networking code and the speed of the network connections limiting their victims. The Witty worm, released in March 2004, infected almost all vulnerable computers (about 12,000) in 45 minutes. In August 2001, Code Red II infected some 359,000 computers in 14 hours, peaking at 2,000 infections per minute. However, the all-time speed record is held by the Sapphire worm, also known as SQL Slammer. Sapphire infected most of the vulnerable hosts worldwide in roughly ten minutes, with a final victim count of between 75,000 and 100,000 computers.

The operational tempo of an worm - infecting a host, finding new vulnerable targets, and infecting them - is measured in milliseconds, not in the minutes or hours of a cycle which is controlled by human intervention. Simply put, there is no way that any human-controlled security system can cope with the speed of a full-fledged worm outbreak.

To date, there have been two approaches to solving this speed disparity. The first of these approaches has been to attack a worm asymmetrically - rather than fighting every infected host individually, security professionals have attempted to block all traffic which shares a certain characteristic typical of the worm. Some worms, such as the Witty worm, will always attempt to communicate over a certain port. Others, such as Sapphire/SQL Slammer, will always send themselves as network packets of a certain length. Still others, such as the Blaster worm, will always have some distinctive string within their packets. By filtering traffic which matches some particular worm characteristic, system administrators have been able to effectively block an entire worm outbreak at a single stroke.

Unfortunately, this approach is trivially defeated if worm authors begin to work to randomize the traffic generated by their worms. The key will not be to make worm traffic impossible to recognize, but rather impossible to recognize during the few hours that a worm requires to spread. What good does it do a system administrator if a pattern to worm traffic is discovered after the vast majority of vulnerable machines are infected? The likely result of this tactic will be an arms race on both sides: Worm authors will try to make their worms more and more random, while system administrators will attempt to better characterize worm traffic at ever faster speeds. It is uncertain who will eventually win this race, but clearly pattern-matching and traffic-filtering is no panacea.

The other approach to addressing the speed of worms takes advantage of their pattern of exponential growth. While a worm infection in full swing grows at a truly frightening rate, the early stages of a worm infection grow at a relatively slow pace, as a handful of seed machines work to infect other computers around them. It is during this short time that countermeasures against the spread of a worm - either passive pattern recognition and traffic blocking or active counterstrikes - can be most effective.

Exponential growth is an inherent property of any internet worm or disease outbreak, meaning that worm authors will always have to contend with this particular hurdle. However, the Witty worm showed a way to cross this hurdle before the race even begins. Instead of starting with one infected host, the author of the Witty worm began his attack with between 110 and 160. Thus, the earliest and slowest phase of exponential growth was avoided, and the worm grew rapidly at its initial release. Larger pools of pre-infected hosts will only serve to increase the initial growth speed of a worm. Using this method, it is possible to speed up the initial growth of a worm to the point that human intervention will simply be too slow to effectively contain it. Certainly, there is no chance that the slow and careful “graduated response” that Symbiot envisions will be able to handle the job.

Furthermore, although most worms so far have been costly nuisances, the possibility of targeted worms exists. What if a worm were instructed to send random traffic to a company webserver, establishing a “botnet” and creating a DDoS attack in a matter of hours or minutes? What if a worm were instructed to delete or corrupt all data on a hard drive, but only if the host was within the IP address range of a specific corporation? What if that same worm was instructed to send all Word documents or e-mails on a hard drive to another computer before corrupting them? To date, we have not seen targeted worm attacks because standard, human-directed intrusion has been a sufficient tool for criminals. If counterstrike systems make human-directed attacks more difficult, however, automated attacks will be the logical next step.

The solution to the problem of internet worms is self-evident at this point: If human-directed countermeasures do not have the speed with which to counter a computer-directed attack, then it will eventually be necessary to turn to computer-directed countermeasures. The goal of any such countermeasures will be to match the operational tempo of an automated attack. At most, human operators will be presented with a probable threat, a list of possible responses to choose from, and a single button marked “Launch.” Depending on how fast automated attacks become, it is possible that human operators might only be given the authority to cancel a counterstrike which is already in progress.

There are other points in Symbiot’s white paper which take on a new level of meaning when tied to the concept of automated response. In particular, the authors discuss at great length the importance of new data-sharing protocols for security measures which will enable faster coordination in response to network attacks. Such protocols would be especially effective when coupled to automated security responses. Consider the possibility of linking ISPs up with the security professionals at trusted corporations, so that a home PC implicated in a denial of service attack could be taken off of the Internet automatically. This sort of linkage would greatly increase the speed and effectiveness of a counterstrike system, although it raises a few other questions: How exactly will customers react to having their DSL disconnected based on an automated report from a third party? (The safe money is on “not well.”)

When I wrote before on the impact of human-directed counterstrike systems, I argued that the development of counterstrike systems would necessitate a serious shift in how home users looked at computers. Rather than a device for entertainment, such as a television, computers had to be considered in the same light as a car: A useful tool which requires careful maintenance and possesses immense destructive potential. It has always been unlikely that consumers would react to this shift in a positive manner, as there are few human desires more universal than the desire to be absolved of all responsibility. Above all else, viewing computers as an active tool rather than as a passive appliance meant that users would have to become more responsible for their actions online. In a culture where “I’m computer illiterate” or “the computer did it” are perfectly normal excuses, this is unlikely to be a popular change.

The possibility of automated counterstrike systems, if anything, would sharply accelerate this shift in viewpoint. Rather than being possibly counterstruck if they acted irresponsibly online, home users would almost certainly be counterstruck if their computers were infected by a worm or co-opted into a botnet. The high speed and exponential growth of worms means that there will be a strong incentive for security professionals to react quickly to possible attacks, and to react decisively. With this attitude, the problem of “false positive” counterstrikes is also likely to become an issue.

This accelerated shift is also likely to birth a strong backlash against it. Computer security experts can argue until they are blue in the face, but the likelihood that they will overcome public objection to counterstrike systems is minimal. Almost universally, the public loves the benefits of automated systems which enforce responsibility, but hates the systems which enforce it. We love air travel, but hate metal detectors and X-ray machines. We love low interest rates, but despise credit reporting systems. We love to drive cars, but despise mandatory insurance and statistically-adjusted insurance rates. (As a young male driver with no accidents, I especially despise statistically-adjusted car insurance rates.) Likewise, we love the convenience of high-speed, always-on Internet access. We will no doubt hate automatic counterstrike systems.

With most of the aforementioned systems, public debate has led to at least a grudging allowance that the systems are worthwhile. We grumble and moan about airport security lines, but very few suggest completely abolishing security checkpoints. Likewise, credit scores are accepted, albeit with some resentment, as the price of doing business. However, there is constant debate about just how much information corporations should be allowed to track.

To date, I have seen little public discussion of the impact of counterstrike security systems. I have seen no public discussion of the impact of fully-automatic counterstrike systems. This lack of debate is made all the worse by the public’s “appliance” attitude towards computers. Even the most spirited discussion within the computer security community would be unlikely to penetrate the public consciousness. (Ask a computer security professional what he thinks of Bruce Schneier’s stand on airline passenger screening, and you’ll get a whole range of responses. Ask someone who’s not a computer security professional, and you’ll get a blank look and a “Who?”)

The end result will be that sooner or later, one or two security companies will decide to develop an automatic counterstrike system in response to the worm threat. The system will be debated for months on BUGTRAQ and Slashdot, and will finally be deployed somewhere irrespective of the furor. And then, one morning, a major worm will break out and a few hundred thousand AOL customers will wake up and wonder why their computers won’t turn on anymore. The backlash will be swift, widespread, ill-informed, and quite possibly legislative. So far, government action on computer issues has created the DCMA, nearly mandated the Fritz chip, and came within a few months of mandating the broadcast flag. Does anyone want to bet that a ruling on the limits of computer security systems will be carefully-thought-out and well-reasoned?

There is a final mismatch in operational tempo that must yet be addressed. At present, computer security professionals are debating the effectiveness of current tactics: patches, improved security awareness, and the like. Few are considering the possible issues associated with future tactics: Human-directed counterstrike systems, automatic counterstrike systems, and whatever systems are yet to be conceived. At the same time, programmers are working to build and deploy these “future” systems. The operational tempo of our development of doctrine no longer matches the tempo at which new technology is being devised. Counterstrike systems are here. It’s past time to start working out the consequences of their arrival.

• The fallout from the Malkinlanch reached a peak when Athena of Terrorism Unveiled added Port 80 to her blogroll. I have been remiss in failing to thank her for that, and am particularly flattered that I stayed on her blogroll over the last month of dead silence. (Of course, I might have simply stayed on Athena’s blogroll becuase she was swamped with the Mother of All Exam Weeks.)

• Thanks to an e-mail tip from Thaleia, I entered the Organic Shadows Weblog Content Contest. Surprisingly enough, Port 80 ended up taking first place in the “General” catagory.

  One of the interesting things about this contest is the sheer diversity of the participants - no two entrants cover anything close to the same material. If you’re used to reading one or two blogs, I’d invite you to peruse the contestants. Glenn Reynolds isn’t the whole blogosphere - he’s merely skimming the cream which has risen to the top of thousands of blogs covering thousands of different topics.

• Finally, if you’re not reading The Hatemonger’s Quarterly, you should be. The Second Annual Horrible College Student Poetry Contest is a good starting point, ridiculing bad poetry with all the acerbic flair of a really good English teacher.

And, with that recap out of the way, it’s time to get right back into full-scale weblogging. Enough of this self-referential twaddle — on to the ludicrously long essays you came here for.

… and I’m all out of bubble gum. — They Live

Five minutes later, I almost fell out of my chair laughing.

This forum post is priceless. It is one of the best pieces of scientific satire I have ever seen. I can only hope and pray that terrorist groups attempt to construct an atomic bomb using these instructions - if they survive the attempt, they’ll have at least wasted months of effort.

Perhaps the high point of this instructions is the author’s advice on enrichment of uranium hexaflouride:

First transform the gas into a liquid by subjecting it to pressure. You can use a bicycle pump for this. Then make a simple home centrifuge. Fill a standard-size bucket one-quarter full of liquid uranium hexafluoride. Attach a six-foot rope to the bucket handle. Now swing the rope (and attached bucket) around your head as fast as possible. Keep this up for about 45 minutes. Slow down gradually, and very gently put the bucket on the floor. The U-235, which is lighter, will have risen to the top, where it can be skimmed off like cream. Repeat this step until you have the required 10 pounds of uranium. (Safety note: Don’t put all your enriched uranium hexafluoride in one bucket. Use at least two or three buckets and keep them in separate corners of the room. This will prevent the premature build-up of a critical mass.)

There are two primary problems with these instructions:

1. The difference in mass between an molecule of uranium hexaflouride with U-235 and a molecule of uranium hexaflouride with U-238 is precisely 3 neutrons. Since these substances are chemically identical, they will tend to mix with currents in the bucket, and not separate “like cream.” Thus, the force exerted by a spinning bucket will not even begin to produce enriched U-235. Real centrifuge enrichment processes use thousands of extremely high speed centrifuges, one feeding the next, to create highly enriched uranium.
2. At room temperature and pressure, uranium hexaflouride is a solid.

The instructions also feature these gems, which are but a meager sample of the hilarities in this post:

• Michio Kaku, the noted string theorist, is a nuclear physicist.
• Edward Teller will be interested to know that, once you have an A-bomb, building an H-bomb is merely “frosting on the cake.”
• The difference between a gun-barrel and implosion bomb is not worth mentioning in the article.

The article then finishes up with a quiz on whether you, the reader, are “emotionally eligible to join the H-bomb club.”

Clearly, this article was written as a satire piece. But where did it come from? A little Googling on key phrases (try “casing of an old Hoover”) reveals that this set of “instructions” has been around for a long time - the oldest online appearance I can find is a 1994 posting to the USENET group rec.humor.funny. The introduction to that posting, along with the text of the article, suggest that these instructions were copied from the alternative national magazine Seven Days. Unfortunately, I can’t provide a link to Seven Days, as it was folded into The Nation in 1980. These “instructions” have been in circulation for at least 25 years.

The fact that this article is a satirical piece is not an indication that we don’t need to worry about nuclear terrorism. (Although we probably don’t need to worry about nuclear terrorism from the members of that particular forum.) It is a reminder that we ought to take “instructions” of this nature with a very large grain of salt. Building nuclear weapons is, to use an engineering euphemism, “non-trivial.” In the 1940s, it took the top physicists in the world years and a crash government program to pull it off. Today, atomic weapons are within the reach of most nations which can supply sufficient funding. However, we still have a long way to go before uranium enrichment becomes an afternoon kitchen chemistry project.

Today, we’re going to learn how to make plutonium from common household items. — Philo on Secrets of the Universe, UHF

Update: Welcome, Michelle Malkin readers! If you’re curious as to what else I’ve written, this post has a few good starting points.

The rash of political posts I’ve been on recently is a little unusual, and I doubt that I’ll stay on them much longer. Most of the time, I end up writing exceedingly long essays that somehow blend technology, security, global politics, and religion into some sort of twisted synthesis. If you’re new here, here’s a few of the better pieces (in my opinion) I’ve written over the years:

• The Future of the Internet: An essay on what the advent of counterstrike security systems will mean for the shape of the internet in the years to come.
• L’etat, c’est Google: A discussion of the prevelence of Google and the security implications of “trust” in information collection and decision making.
• Courage in the Face of Evil: A reflection on Yasser Arafat’s funeral, the thermodynamics of survival in cold weather, the rise of the Third Reich, and how all of these connect to current problems within the Catholic church. Thanks to the contributions of “serti,” I’d recommend this one for the comments section alone.

Enjoy your visit - I hope you find some of what you read here interesting. And, as always, feel free to leave a comment or drop me a line.

… Standing with my homelessness handouts and sleeping bag at my door I read a note that said, “we protect your ass and my buddies die and all you can be is an ungreatful [sic] bi*** f*** you! U.S.M.C. cause you will never know US Marine CORPS!!!”

In addition, other derogatory words were written across my door covering my St. Francis prayer for peace, Safe Place sign, and an image of Iraqi children who have lost arms and legs from bombings. The text on this image was rendered to contrast the original message.

I could nitpick other elements of the article, but I’m not going to. Frankly, dissecting the author’s reasoning serves no possible purpose: If nothing else, the author’s entirely justifiable anger means that this piece will not be a paragon of clear and rational argument. Instead, I’m only going to say two things.

First, although the author suggests that the perpetrators may have been members of the UD ROTC program, I very much doubt that this is the case. I have known a number of ROTC students and a few ROTC instructors, and all have struck me as being disciplined and professional. Furthermore, I very much doubt that members of an Army ROTC program would be writing the praises of the Marine Corps on the door of a graduate student. In fact, it would greatly surprise me if the perpetrators of this act were members of the military at all.

Secondly, to whoever did this: Although I have been a vocal critic of the stance of UD Campus Ministry on the war in Iraq, don’t even think of trying to cite anything I’ve written in some halfhearted defense of your actions. My goal in criticizing Campus Ministry has been to increase debate - the goal of your actions was to stifle it. Those who resort to intimidation to win an argument have had many names throughout history. In Germany, they were called the Sturm Abteilung, or SA, or simply the brownshirts. In Iraq, they now being called Al-Tawhid wal Jihad. Presumably, you would consider yourselves allies of democracy. Consider that you are adopting the tactics of its bitterest enemies.

Why am I so focused on this point? There are two reasons. First of all, the last incident of door vandalism on this campus led to the establishment of an anti-bias program at UD. This incident, as public as it now is, is sure to spark some form of official reaction and quite a bit of unofficial ire.

This brings me to my other reason: I am the most recent, most visible, and most vocal critic of UD Campus Ministry at the moment. (Which is a somewhat surprising thing given the traffic, or lack thereof, that this site gets.) If someone should decide to make this act of vandalism worse with an intemperate response, I am the low-hanging fruit on the tree. Let me say, therefore, that my ire at being tied to this incident by supporters of Campus Ministry will hardly be less than my ire at being cited by the vandals. My opinions have been blatantly misrepresented before by supporters of Campus Ministry who did not take the trouble to respond to my central arguments, read my work correctly, quote me accurately, or represent their status as authors honestly. I did not respond to this misrepresentation because I did not feel it was necessary. However, I will forcefully respond to any attempts to tie my criticism to the actions of these thugs. They are no compatriots of mine. My arguments derive from the classical desire for rational debate, while their actions stem from a different historical inspiration.

All opposition must be stamped into the ground. — Slogan of the Sturm Abteilung

Upon Marquette’s statement on the incident, two things quickly become evident. First, it is clear that Marquette’s reaction was little more than a panicked response to a student group which pushed at the university’s comfort zone. The sole item at the table Marquette cites as specifically objectionable, “a bracelet with the motto ‘1 Shot 1 Kill No Remorse I Decide,’” does not exist. Although the Adopt-A-Sniper campaign sells dogtags with that logo, their bracelets are engraved with a completely different phrase. This sort of easily-checked factual error bespeaks a press release drafted with great haste and without much proofreading.

Secondly, Marquette’s response gives a frightening look into the academic left’s take on freedom of speech.

In the context of the university’s Jesuit, Catholic mission, we could not allow fundraising in the student union for a group whose rhetoric regarding “snipers” could be widely misinterpreted as having a cavalier attitude toward the taking of a human life.

Is this all that is required to suppress free speech by a private organization - the expectation that the words of that organization could be widely misinterpreted by those who didn’t do the necessary research? This statement brings back memories niggardly incident in Washington DC. Has a Catholic university decided that the limits on free speech should be decided by the misinterpretations of the ignorant? How is it possible to conduct academic discourse if speech can be forbidden without even considering the intent or meaning of the speaker? Certainly, if Marquette had examined the Adopt-A-Sniper campaign for more than a few minutes, they would know that “One shot, one kill” is not “rhetoric” but the long-standing motto of the sniper community.

The most damning admission, however, comes at the end of Marquette’s press release:

Marquette University strongly supports and honors the men and women of our Armed Forces and has sponsored many activities to support our troops. In addition, every branch of the United States military is represented on our campus though the university’s ROTC program.

Clearly, Marquette isn’t blocking the College Republicans because of some higher commitment to the ideals of pacifism and nonviolence. Marquette appears perfectly comfortable with supporting the troops when the ugly reality of war is held at a safe distance, and all they have to do is wave yellow ribbons and watch the ROTC corps hoist a flag every morning. However, Marquette’s administration just can’t stomach the idea that our troops might actually be called upon to bring death to the enemy.

Supporting the troops as long as you aren’t bothered with the ugly details of what they do isn’t a “proud tradition.” It’s the basest sort of moral cowardice.

[L]egal participation in war gives the soldier the right of life and death over strangers – and I had exercised it legally. If you don’t like the result, don’t send kids to war with guns. — John Rotundo, Charlie Rangers

Unless, of course, you have to read the editorial a couple of times not only to remember what you were writing about, but to remind yourself that you actually wrote it.

In the absence of other evidence, I’m blaming the pernicious effects of secondhand Beast. The University of Dayton is to cheap beer consumption what South Carolina diners are to tobacco use.

See, the third can of Beast is the best, because by then you can’t taste it. — a UD student on the virtues of UD’s designated cheap beer

Because of this traffic, I feel that I need to briefly address a few issues which are of interest to the community there. Thus, I’m going to start off with an appetizer (Editorial Flambé), move onwards to a cold dish (Aged Story garnished with juicy Exposé) and as a segue into the main course of this post (Roast Analysis of Organizational Structure.) Bon appetit!

Flyer News

The recent Flyer News editorial “on behalf of the CSC” is not actually on behalf of the CSC at all, although it was written by a student worker there. Nick Cardillino has disavowed any knowledge of the editorial prior to its publication. This is good, as it saves me the trouble of fisking it. I have no objection to debate - if you can’t stand the heat, get out of the kitchen - but I do take issue with those who radically misinterpret and directly misquote me.

Play for Peace

Back in May 2003, I wrote a few somewhat-intemperate entries about the Week of Student Action Against the War that was being hosed by the CSC. One of the events that week was a “Play for Peace” concert which was to feature the student bands Breakaway and The Melting Room. As the anti-war connections of the concert became public, Breakaway pulled out of the event, saying that they were “falsely informed” and that they “support our troops in Iraq.” At the time, I made a snarky comment that The Melting Room should enjoy their new solo appearance.

Last week, that old post got a comment from a representative of The Melting Room. As always, authentication of this sort of thing is difficult. However, the commenter did leave a valid UD e-mail address in the comments system - if someone faked this, the forger worked at it a bit. I’m going to take the liberty of quoting his full comment here:

The Melting Room was promised that the show was in no way related to any anti-war movement. The band was promised that the proceeds from the show would go to an unrelated charity.

That is, to say the least, a very interesting statement. Were either of the bands that were scheduled for the “Play for Peace” concert informed of the nature of the event they were playing at? For reference, the charity that was scheduled to receive donations from the weekend was not involved in work “unrelated” to the war. In fact, the Flyer News reported that donations at the concert would be given to Voices in the Wilderness. Voices in the Wilderness was last spotted breaking into live ordnance storage in England to protest Coalition operations in Fallujah. The kind folks at VitW also recently heckled Marines during MOUT training with this thought-provoking statement of their desire for peace:

Dubya’s lies should make him choke
He must still be snortin’ coke
Saddam’s secret poison gas
Must be something Rumsfeld passed

This is the CSC’s definition of an unrelated charity? This is the CSC’s definition of a concert which isn’t connected to the anti-war movement? What could create such a total disconnect between the story both bands received and the reality of the situation?

Nick and Me

The answer to this question is party revealed by my meeting with Nick Cardillino, director of the CSC, last week. We had a long and productive discussion about the issues I had raised in my editorial, and I thank him for his time and willingness to discuss the issues.

On the one hand, the discussion resolved a few of my previous concerns. In my editorial to the Flyer News, I raised the question of whether or not CSC funds had been used to sponsor the protest at Ft. Benning. Mr. Cardillino assured me that the funding for this protest came solely from the students involved, and that the organization of this protest was not carried out by any members of the CSC staff while they were “on the clock.” This is a good thing, and I’m glad to have that question answered.

On the other hand, this answer raises some equally troubling questions about the structure of the CSC. Based on my discussion with Mr. Cardillino, it appears that the CSC employs a highly cellular structure. Students come up with the idea for an event, and Nick Cardillino briefly screens the idea for the event. With his approval, the organization can draw on the CSC for resources to support the event in question.

This sort of structure has the advantage of being highly flexible, and it allows the CSC to address a wide variety of issues. Unfortunately, this structure offloads the responsibility for researching an event to those students who are promoting it. To borrow a few concepts from computer security, there is very little data validation before the CSC executes the requests provided by students. Mr. Cardillino mentioned at one point that he trusted the students at the CSC to provide him with accurate information. From a security standpoint, a trusted entity is something that can break your security anytime it wants to.

This appears to be the underlying reason that the CSC showed up at an International ANSWER protest in October 2003: The student who organized the protest didn’t do the enough background research on ANSWER to find that it was a WWP front, and what research she did was not presented honestly to the campus. (How exactly does an anti-war and anti-administration protest get advertised as a protest against the use of depleted uranium?) At the time, there were no checks in place to verify this information before the CSC acted on it. My e-mails to the CSC after the fact were the first clue Nick Cardillino had that there was something rotten in the state of ANSWER.

I would speculate that much the same process occurred when bands were recruited for the “Play for Peace” concert. Acting without extensive supervision, a few students decided to set up the concert, and to recruit local student bands to play. Perhaps the left hand did not know what the right hand was doing, or perhaps the truth was stretched a bit to ensure that the bands would play the concert. One way or another, the unsupervised actions of a few students turned into an embarrassment for the entire CSC.

This does not hold the CSC blameless for these events: This is their structure. They devised it, and they have chosen to operate using it. In some cases, such as the WHINSEC protest, this cellular structure has been used to the CSC’s direct advantage. Technically, the students protesting at WHINSEC weren’t protesting on behalf of the CSC, but were functioning as private citizens. However, they were all involved with the CSC, one of them was a staffer at the CSC, they were wearing t-shirts printed by Pax Christi (a major CSC client group), and the two arrested have played up their affiliation with UD and the CSC.

I’ve seen this approach before when working with Boy Scout troops - generally, it’s how adolescent males think they can get around organizational bans on playing laser tag and paintball. In Scout troops, the role of the adult leadership is to put the kybosh on any such doublespeak. What is the leadership of the CSC doing about this situation? Alternately, is the leadership of the CSC perfectly content to use this sort of end-run around University policy? If they wouldn’t let a UD student booked for an alcohol violation temporarily renounce his status as a UD student to avoid fines, why are they willing to tolerate this sort of “maybe I am, maybe I’m not” sophistry from their volunteers and staff?

Until the CSC is both willing and able to exert strong central control over the activities carried out in their name, embarrassments of the sort that I have documented previously are inevitable. The CSC needs to begin aggressively protecting what is left of its reputation if it wishes to remain in existence on this campus. I find it interesting that the e-mails I received in support of my editorial in the Flyer News came from students and from faculty, on the right and on the left. Before it was taken down, the Flyer News’s opinion poll only showed about a quarter of students supporting the WHINSEC protest, with a quarter calling for further research into protest actions and half saying that the university should never be involved in illegal activities.

The CSC does do good work on this campus: They’re involved with numerous service groups such as Habitat for Humanity, and they do some valuable social justice activism. If that wasn’t the case, I’d be happy to watch the CSC marginalize itself further. As it is, however, it would be a shame to lose the good work that the CSC does because it can’t be bothered to police the political activities carried out in its name. The CSC has a stark choice to make: Either they can commit to major internal reform, or they can let the poor judgment of some of their students further marginalize them to the point of irrelevancy.

Don’t touch that dial, folks. It may get quiet for a while, but the fat lady hasn’t sung.

It ain’t over ’til it’s over. — Yogi Berra

I could just link to the online version of the piece when it’s published - and I probably will eventually - but I’m going to try to use a few of the advantages that weblogging offers over print media. The most important of these is the lack of length restrictions - I’m almost certain that this piece will be trimmed for publication, but what I’m submitting here is the original work. The other advantage that posting online offers me is the ability to provide my sources - just work your way through the hyperlinks in the article.

This won’t be the last from me on this topic - I plan to blog any responses I get to the editorial. I will be detailing a little bit more of the connection between International ANSWER and the Workers World Party in future postings. In researching this editorial, I’ve come across many small tidbits which haven’t been linked together. With any luck, I can save someone else a little research.

It amuses me to no end that, if printed, this editorial will be the closest thing to investigative journalism that’s shown up in the Flyer News in several years. Even University papers now get to worry about the pajamaheddin.

Update: As of 14 January, the Flyer News has posted the editorial on their website. I’ve also started receiving some mail on the piece - some negative, some positive, all thoughful. Most interestingly, the Flyer News has made their online opinion poll question of the week “Do you agree with the actions of the Center for Social Concern in regards to the protest at Ft. Benning?” It will be interesting to see the results as students weigh in.

Full Editorial Text

In the final December issue of the Flyer News, the arrests of Brian DeRouen and Megan Doty at Ft. Benning were given lengthy and highly favorable coverage. While this reporting dealt with the consequences of these arrests in Georgia, it did not discuss the issues raised by these arrests here in Dayton. These arrests are the current high-water mark in a long stream of events supported by the Center for Social Concern (CSC) which have been at best questionable, and at worst criminal.

By design, the CSC is an organization meant to unabashedly embrace and promote Catholic social teachings. It is unsurprising that some of these teachings will be controversial. What is surprising and unsettling, however, is the CSC’s tendency to jump to conclusions and engage in actions that appear to be ideologically, rather than religiously, motivated.

Consider the “Week of Student Action Against the War” hosted by the CSC in March 2003 during the buildup to the war in Iraq. Although the US Council of Catholic Bishops (USCCB) had stated, “people of good will may differ on how to apply just war norms in particular cases,” this was not the message promoted by the CSC. The political overtones of this “Week of Action” were strong enough that a student band pulled out of a CSC-planned concert on the grounds that they had been misinformed about the purpose of the event. The CSC website also briefly advertised a student walkout from classes: an odd protest tactic for an official arm of the University. The student walkout was pulled from the website once CSC’s director was notified of its presence, but the tendency of some elements of the CSC to embrace poorly considered tactics had been established.

The CSC’s tactics were even more ill-considered later that year, when they advertised an October 27th protest in Washington DC against the use of depleted uranium in Iraq. What the CSC did not advertise is that their attendance was only part of a much larger anti-war and anti-administration protest co-sponsored by International ANSWER. International ANSWER is not a garden-variety peace group: in fact, it is widely considered to be little more than a front for the Workers World Party (WWP). [Recommended: Tracking Down a Fifth Column Front, Edward Immler. Alternate sources: FrontPage Magazine (Right Wing), Boston IndyMedia (Left Wing/Mixed), Infoshop.org (Anarchist), International Socialist Review (Marxist)] The WWP has, among other things, publicly defended the Chinese government’s actions in the Tiananmen Square massacre, compared the Dalai Lama to Southern slave owners, and expressed fawning adulation for Kim Jong-Il’s rule in North Korea.

The problems with ANSWER are not limited to their connections to the WWP: ANSWER itself has not ruled out violence as a means of opposition to US actions in Iraq. In May 2003, ANSWER published a brochure declaring that “the anti-war movement … must give its unconditional support to the Iraqi anti-colonial resistance.” Even after such gruesome events as the assassination of aid worker Margaret Hassan, countless beheadings of civilians, and the car-bombing of a high school in Samarra, ANSWER has not retracted this statement. To an outside observer, the CSC’s attendance at an ANSWER protest implies tacit support of ANSWER’s positions. The CSC’s failure – to this day – to publicly disclose the sponsors of the October protest lends further credence to such a belief. Does the CSC wish to tacitly condone the car-bombing of high schools?

In the CSC’s recent protest at Ft. Benning, their tactics moved from the morally and ethically questionable to the flatly illegal. Mr. DeRouen and Ms. Doty have stated that their arrest and upcoming trial is the “whole reason” they went to Ft. Benning. Were any of the staffers or students at the CSC who supported this trip aware of Mr. DeRouen or Ms. Doty’s reasons for going to Ft. Benning? If so, did they consider that they could easily be prosecuted under conspiracy charges? Did any member of the CSC staff make more than a token effort to establish the possible legal consequences of this protest for the University?

How was the Ft. Benning trip funded? The Flyer News stated that 70 students participated in the trip to Ft. Benning. Such a large group requires substantial logistical support – hotel reservations, transportation arrangements, and the like. Were any university funds – especially funds derived from student fees – used to support this protest? Were any of the paid staffers of the CSC “on the clock” when they organized this protest? There is no requirement that tuition only be used for programs that students like, but surely the line can be drawn at using student fees to fund violations of federal law. Civil disobedience may be a worthwhile tactic for some causes, but should the University be sponsoring these actions?

I bring up these issues in such a public forum only because I have raised them before, privately, with the CSC. Since I have discussed my concerns with them, the CSC has moved from supporting protests that are unethical to supporting protests that are illegal. Clearly, back-channel discussions of the CSC’s tactics are not productive. The time has come for the University as a whole to take a long, hard, look of the behavior of the CSC. Does a university with strong relations with the local Air Force base want to fund the arrest of its students on an Army base? Does the University want an official arm of Campus Ministry lending support to groups that see no problem with the slaughter of aid workers and civilians?

If so, then let the status quo continue. If not, then it is time for a full and public accounting of the funds, activities, and external ties of the Center for Social Concern. The students of this University should learn of the CSC’s activities from the Flyer News, not from a court transcript.

[A previous letter] raised serious questions about the moral legitimacy of any preemptive, unilateral use of military force to overthrow the government of Iraq.

I can understand the concerns raised by the Bishops about a preemptive use of force, or about any use of force at all. But why exactly was the word “unilateral” included in this statement? If an action is immoral, then it will never become moral, no matter how many people support it. Likewise, a moral action cannot become immoral if not enough people wish to undertake that action. “Consensus morality” doesn’t hold together any better than does “consensus science.” Have the Bishops forgotten principles of morality that are taught in second-grade religious education classes?

The other option is simply that “unilateral” is included because, alongside “preemptive” it was one of the major political charges leveled against the Bush Administration’s push to war in 2002. However, this possibility is hardly less disquieting. Why is morally irrelevant political terminology being inserted into what should be a statement wholly derived from the teaching and tradition of the Catholic Church? Did the Bishops simply decide to play politics for a change?

I am forced to hope for a third alternative, that the statement was sloppily written, and the word “unilateral” was inserted without careful consideration. However, it is a dark day indeed when my fondest hope is that the USCCB has not thought through what they are saying. One should never assume malice when incompetence will suffice for an explanation - in this case, those are my only two options.

A Catholic moral framework does not easily fit the ideologies of “right” or “left,” nor the platforms of any party. Our values are often not “politically correct.” Believers are called to be a community of conscience within the larger society and to test public life by the values of Scripture and the principles of Catholic social teaching. — USCCB Administrative Committee, Faithful Citizenship: A Catholic Call to Political Responsibility