[Cryptography] VW/EPA tests as crypto protocols ?

John Denker jsd at av8n.com
Thu Sep 24 15:36:42 EDT 2015 

This topic touches on crypto only tangentially;  see last two
paragraphs below.

In the VW situation, the correct regulatory protocol is simple:
Stick a probe up the tailpipe and then go for a drive under 
real-world conditions.

The same idea applies to footballs:  Write the regulations in
such a way that the team is unconditionally responsible for
ensuring that the balls are inflated within the proper range
at all times /during the game/.

The general principle here is simple:  
   *Measure the thing you care about.*

To say the same thing the other way:  Avoid measuring something
that is only a proxy for the thing you care about.  As soon as
you start rewarding and/or regulating the proxy, it ceases to
be a reliable measure.  In this double-negative form it is 
known as Goodheart's law:
  https://en.wikipedia.org/wiki/Goodhart%27s_law

To be sure, a proxy is often better than nothing, and may 
be a valuable hint, for instance when you are dealing with
potentially catastrophic but hopefully rare events.  Example:
you want to regulate the strength of nuclear power plant
components, airliner components, deep-sea oil well components,
et cetera.  However, you still *must* hold the operator 
accountable for bottom-line results including bottom-line 
safety.  Satisfying the proxy requirements is necessary
but never sufficient.

As for the VW story, so far as things stand today, it cannot
(yet) be considered a regulatory failure.  In theory, the
statutory penalties for non-compliance are large enough to 
ensure that VW will not profit from their wrongdoing.  About
1/3rd of VW's market cap was wiped out overnight, about 25
billion dollars.  OTOH if VW somehow manages to weasel out 
of the penalties, *then* it will be a regulatory failure.

  Example:  When a bank is "too big to fail" and gets bailed
  out by the US government, that's a gross regulatory failure.
  Example:  When TEPCO gets bailed out by the Japanese
  government, that's a gross regulatory failure.
  Example:  When the government enacts limits on liability
  for actual damages, you know it's a regulatory failure.
  Contrasting example:  When the government allows punitive
  damages out of all proportion to actual damages, its a
  failure in the other direction.

Companies -- and individuals -- will pull dirty tricks just
so long as they think they can benefit from doing so.  Crypto
can play a small role in /detecting/ dirty tricks, but that's
a relatively minor role, and we already have decent protocols
for that, e.g. source-code management with layers of sign-offs,
et cetera.  Nobody wants to be identified as the guy who wrote
or signed off on the air-quality-defeat code.

Insofar as VW didn't implement proper controls, and tolerated
(or rewarded) people who did things that were not in the long-
term best interests of the company, it's a management failure.
I don't see it as a crypto failure, just a plain old-fashioned
management failure.  Such failures are more common than they 
should be.

More information about the cryptography mailing list