[Cryptography] VW/EPA tests as crypto protocols ?
John Denker
jsd at av8n.com
Thu Sep 24 15:36:42 EDT 2015
This topic touches on crypto only tangentially; see last two
paragraphs below.
In the VW situation, the correct regulatory protocol is simple:
Stick a probe up the tailpipe and then go for a drive under
real-world conditions.
The same idea applies to footballs: Write the regulations in
such a way that the team is unconditionally responsible for
ensuring that the balls are inflated within the proper range
at all times /during the game/.
The general principle here is simple:
*Measure the thing you care about.*
To say the same thing the other way: Avoid measuring something
that is only a proxy for the thing you care about. As soon as
you start rewarding and/or regulating the proxy, it ceases to
be a reliable measure. In this double-negative form it is
known as Goodheart's law:
https://en.wikipedia.org/wiki/Goodhart%27s_law
To be sure, a proxy is often better than nothing, and may
be a valuable hint, for instance when you are dealing with
potentially catastrophic but hopefully rare events. Example:
you want to regulate the strength of nuclear power plant
components, airliner components, deep-sea oil well components,
et cetera. However, you still *must* hold the operator
accountable for bottom-line results including bottom-line
safety. Satisfying the proxy requirements is necessary
but never sufficient.
As for the VW story, so far as things stand today, it cannot
(yet) be considered a regulatory failure. In theory, the
statutory penalties for non-compliance are large enough to
ensure that VW will not profit from their wrongdoing. About
1/3rd of VW's market cap was wiped out overnight, about 25
billion dollars. OTOH if VW somehow manages to weasel out
of the penalties, *then* it will be a regulatory failure.
Example: When a bank is "too big to fail" and gets bailed
out by the US government, that's a gross regulatory failure.
Example: When TEPCO gets bailed out by the Japanese
government, that's a gross regulatory failure.
Example: When the government enacts limits on liability
for actual damages, you know it's a regulatory failure.
Contrasting example: When the government allows punitive
damages out of all proportion to actual damages, its a
failure in the other direction.
Companies -- and individuals -- will pull dirty tricks just
so long as they think they can benefit from doing so. Crypto
can play a small role in /detecting/ dirty tricks, but that's
a relatively minor role, and we already have decent protocols
for that, e.g. source-code management with layers of sign-offs,
et cetera. Nobody wants to be identified as the guy who wrote
or signed off on the air-quality-defeat code.
Insofar as VW didn't implement proper controls, and tolerated
(or rewarded) people who did things that were not in the long-
term best interests of the company, it's a management failure.
I don't see it as a crypto failure, just a plain old-fashioned
management failure. Such failures are more common than they
should be.
More information about the cryptography
mailing list