Arjen's blog

Western armies have now occupied Afghanistan for 7 years. The US invaded the country in 2001 because the Taliban refused to extradite Osama Bin Laden. The Taliban came to power after a bloody civil war that was the aftermath of a ten year war against Soviet occupation. That occupation itself was a direct consequence of a covert CIA operation started in 1979 to give the Soviets a 'Vietnam-type' war to damage their economy and military. Osama got support, weapons and training in the '80s to kill as many Russians as possible. The CIA plan worked like a dream, an unwinnable war in Afghanistan was the extra push required to break the Russian economy and end the cold war. Too bad if all Afghanistan was destroyed.

Osama was the reason and so US special forces got in the field to get him 'dead or alive'. The Taliban was willing to surrender him to the US, if the US would provide them with evidence of his involvement in the attacks of 9-11; for a brief moment western judicial values were embraced. Despite the fact that the US claimed to have this evidence, they refused to make it publicly available (it was said to have been shown to NATO partners in a confidential meeting in Brussels) because that might endanger the intelligence gathering process. The rest of the world, including the Taliban, had to take their word for it.

The Taliban refused to do so and on October 7th of 2001 (almost a full month after 9-11) the US began the search for Bin Laden. The Taliban was quickly defeated but Osama was never found, escaping out of Bora Bora into the Pakistan border area.

Fast forward 7 years. Afghanistan has an elected (sort of) government that has no power whatsoever outside the guarded compound it hides in. The Dutch military participates in the occupation of the country with the solemn promise that we will begin reconstruction as soon as the Taliban is defeated. When the mission started the Dutch Ministry of Defense was very clear about the how and why of the invasion of Afghanistan: "Osama did it" and so NATO had to invade. See this (Dutch) screenshot made in 2006:

The problem with this is that no-one believes any more in Osama's guilt when it comes to 9-11. Not Dick Cheney, nor the latest White House spokesdrone or even the FBI! The Dutch MOD has very schrewedly adapted its Afghanistan webpage and Osama is no longer mentioned. In fact the entire menu-item 'Why to Afghanistan' has been disapeared into a some dark place, never to be seen again. It has been replaced by the more neutral 'About Afghanistan'. This is not a redesign-issue because the Bosnia mission still has its original 'Why page'. For Bosnia there is still a 'Why', for Afghanistan apparently no longer. We're not there for a purpose anymore. We're just there. Afghanistan is rapidly turining into Iraq (both times), a war against a former ally, based on lies and impossible to win. So be a good citizen and repeat after me: “Oceania has always been at war with East-Asia”.

'A crisis like this can be a real opportunity to buy things for next to nothing' said a former board member of one of my banking clients to me recently during a meeting. I'm not an investor myself but if you're a finance minister and able to easily tap a loan from the ECB there are real possibilities here.

Take Iceland, a rugged wasteland twice the size of the Netherlands and only 300.000 or so people living there, all directly on the coast. Iceland has two properties that, like Fortis/ABNAMRO make it a great investment opportunity for governments: a financial problem and exploitable resources.

I'm not talking about fishing rights or the various military installations that Russia might want to rent for the next century. I'm talking about the potential for geothermal energy that sits underneath Iceland's rocky landscape. Energy will be one of the most valuable and scarce resources until we get those fusion reactors to work and Iceland has been hard at work for decades to tap this virtually unlimited source. Most of the hot water for cooking, washing, heating and the many open air swimming pools comes from geothermal sources as well as over a quarter of the electricity generated. This is cheap and CO2 free, giving Iceland an edge in future carbon-trading. Because Iceland sits on top of the crack between the Eurasian and American continental plates, there are many places on the island where heat from the inside of the planet can be cheaply and reliably accessed.

Energy generation with geothermal heat has many advantages compared to the best known sustainable resources such as wind and solar: its available reliably 24x7 and very concentrated. This means it can be generate in industrial volumes (think Gigawatts - enough to power several cities) in a fairly small location. Most sustainable sources cannot provide that level of reliability at such quantities. This means that the installations for 'harvesting' geothermal energy are very much like the power stations we build all over the planet running on coal, oil or natural gas. The source of hot water is different, but most other parts are essentially the same.

The Icelanders are only tapping about half a Gigawatt right now because with 300.000 of them and a fair amount of (even cheaper) hydro power available there is no need for more. The potential power available could make Iceland the Kuwait of the 21st century if Gigawatts of energy were used to make hydrogen for use in Europe or move our energy-intensive industries (aluminium smelters and chemical factories) to Iceland. The interior of Iceland is uninhabited and the ecosystem consists of some patches of moss here and there. In fact NASA thought it looked so much like the Moon that the Apollo missions were rehearsed there 40 years ago. All in all not a bad place for heavy industry (way better than the center of of of the most densly populated countries on earth).

Whether we have peak oil next week or in 20 years, geothermal will keep going for millions of years and can handle the expected growth in energy needs. And those fishing rights will keep our chips from being all by themselves in yesterday's paper for years to come. Might just be a real bargain!

In a response on Sargasso member JSK points out that an undersea cable for moving the electricity is feasible. I thought the distances would be too great but the an existing 'NordNed' cable between Norway and the Netherlands has a longer length (580Km) than  the gap between Iceland and the Faröe islands or from there to Scotland or Norway (via the Shetlands). The transmitting capability of the NordNed cable is 700MegaWatt so an Iceland-EU cable will have to be at least 10-20 times bigger to have a real impact on European power requirements. The laying of such a cable at a depth of kilometers instead of tens or a few hundred meters will be an additional challenge. Unlocking Iceland's Gigawatts of clean and dependable power for many decades would seem to be worthwhile to take on such a challenge though.

I've discovered what I want to be when I grow up... Wall street banker! Seriously... what a job! When things go right you give yourself a million-dollar bonus. Or 10, Or 100. If things fall apart because your worthless commercial paper is now poisoning the financial infrastructure of the world you run to the governments to tap them for a $700 billion bail-out package saddling the US-taxpayer with debt for three or four generations. All the while keeping the aforementioned bonus of course.

This is called 'privatise-the-profits-and-socialise-the-cost' in strategy terms. It's a model where the profits (if any) of a certain activity become a private asset while the cost or losses (and these are not just monetary - think dead soldiers or a poisoned environment) is borne by society at large. This behaviour out of Wallstreet is extra double-plus hypocritical since the firms now asking for a handout of ginormous proportions have done everything they could over the last decades to whittle away what little oversight there was to prevent exactly the behaviours that led to these problems.

All of this would not be so bad in itself if the US government actually had $700 billion lying around but they do not. Everyone of those dollars has to be borrowed from foreign lenders increasing their control over the US state. By now a significant part of the US is de-facto property of foreign banks and other large investors such as pension funds or sovereign wealth funds who have the power to implode the US economy at any time. I don't see a Dutch pension fund doing this but China might be interested eventually. This is a real time clock of the US national debt, just the tip of the iceberg but it gives a feel of what is going on. Injecting $700 billion into this mess is not going to solve anything structurally. The US is consuming too much and making too little. Sooner or later gravity much take hold.

With a twinge of (professional) pleasure I note that my scenario, developed in 2004, where the US becomes the fastest imploding empire in at least 2000 years. While the consequences of dollar-collapse will be bad for both the US and Europe it may just be the most effective way of preventing additional 'pre-emptive' wars in Asia.

An important lesson learned over the past four years when I started many of my presentations in the financial sector with the debt-clock: it's just as dangerous to be too far ahead of the curve as it is to lag behind. Not necessarily because the analysis is faulty but because people need time to adapt to new concepts. In 2004 most of my clients were not ready for the concept of a failing US state (or not ready to discuss it openly). Despite two openly stolen elections and an illegal war the US was still perceived as the standard to aspire to by many. After Katrina it became easier to be critical of US policies in the Netherlands, the images of a drowned city touched a nerve. Now the problems with some bad mortgages have exploded into a full-scale meltdown and both wars in Iraq and Afghanistan have utterly failed to achieve any of their stated goals it has become possible to discuss these possibilities openly in polite company. The idea and the basic data are the same, the perception of the world has changed.

What will the next 'impossible' scenario be? Watch this space. Meanwhile ING bank can buy the rest of New York and we can call it New Amsterdam again, like before.

(the link to the PDF file is a Dutch newspaper set in 2030. What will the world look like and how did we get there? We ocasionally make these for clients too facilitate discussion about possible futures - an English version is being made)

It's been quiet on this blog. A long vacation that was not really a vacation, more on that later.

Last week I was visiting the Dutch Caribbean by invitation of the local government to do the opening keynote (ODF 1 2) on their conference on open standards and opensource. Curacao, one of the islands of the Dutch Antillies is about to become fully independent nation state and that means a lot of re-design of the local IT systems of the government and public sector. The government is determined to maximise the opportunities offered by open standards and opensource software to move the new governemnt, the local educational system and economy forward. For education an OLPC project is being considered because 3 PCs per school is not the way into the 21st century. Hopefully the new Internet Exchange (based on the Dutch one) will bring down the cost of bandwith so that all those OLPC's will be able to go online.

All of this will not be easy to achieve. Curacao is a very small entity to function as an independent nation and do everything themselves. There is a great need for expert knowledge and training to bring local IT-staff and administrators up to speed and the available budgets for this are very limited.Curacao spends about 20 million pounds per year on proprietary software licenses (mostly in government and other public sector), this amounts to about half a month's wages per citizen. If this can be reduced by 30-50% the budget required to make the desired changes is available (assuming the total IT-budgets can be kept at the same level for the time being).

Because this visit also included several meetings with local dignitaries and media appearances I was invited to stay for a whole week in a beautiful apartment west of Willemstad. Many thanks to Ace Suares who has been working for open-IT on his island for many years. He was the driving force behind the whole conference and a wonderful host.

Had a lovely evening dinner with the members of the Kensington Rotary at the Regency Hotel in South Kensington. On invitation of one of their members I gave a table-speech version (no beamers or other crutches) of the type of talk I often do as a lead-in to scenario planning workshops. Had a good dialogue afterwards on the use of technology and its meaning to society. That is what Rotary is about after all; service above self.

For those members who could not make it: an example of the type of talk I did (somewhat more focused on the technology side of things) can be found here. The article about the Oyster card being hacked I was so furiously typing on my mobile phone during their charity concert on the 18th of last month can be found here.

Just finished my talk at the Hope conference about the national Dutch open standards / opensource policyplan. Hope stands for Hackers On Planet Earth and has been a bi-annual event since 1994. HOPE features presentations on a range of (IT) security related topics but also hosts all kinds of techno-creative workshops and lectures on the social relevance of technology. For a full listing see the conference site. Video's of the talks will become available in the future.

Because the mid-town Manhattan hotel just across from Penn station in New York may be demolished next year it is unclear if there will be (a) hope after this one. Because of this, and a certain facination with morbid themes, the conference organisers are calling this 'The Last Hope', refering both to their conference and the state of (digital) civil liberties in the US.

Cnet has the first coverage on the event.

My slides are here in ODF and PDF. For more background links and video see the 24C3 page (Dec 2007 talk in Berlin) and my blogpost about LinuxTag (May 2008 Berlin).

Just got back from a (too)short visit to the ETH-0 summercamp after doing a talk on the impact of new technologies (slides here: ODF | PDF). ETH-0 (a reference to the networkport on a Unix computer) is a week of camping with your fellow nerds, geeks, hackers en techno-creatives in the North-West of the Netherlands. The Weather was typical Dutch today but thanks to several big army-surplus tents nobody seemed to be bothered by this too much. If you like (Inter)networking, opensource, gaming, onine communities or the impossible assignments of the 'scavenger hunt' drop by ETH-0 this week.

ETH-0 started this Saturday July 5th and continues until July 11th. I can't stay the week because of agenda-hell but will do my best to clear my calender for next year.

Location: Het boshuis, Noorderdijkweg 23, 1771 MJ, Wieringerwerf (Google earth).  Meer info about the program, who you can meet there and what you can do on the Wiki. Do drop the organising crew a note if you plan to come over, this is a volunteer-driven event and everybody is expected to participate in a pro-active manner - this is not a hotel ;-)

The Oystercard is a electronic debit card that has all but replaced tickets on the London tube and bus transport systems. It allows users to put money on the card and discounts this credit as the card is used to enter and exit the underground and buses. The system is fast and unobtrusive and almost everyone who uses London public transport has one. Everyday millions of pounds are being put on these cards and taken of again as Londoners move about their city. The security mechanisms that are supposed to be keeping these millions (your money ultimately!) safe have now been shown to be, frankly, utter crap.

So the Oystercard has been definitely compromised. Its fundamentally broken and needs to be replaced by new technology concepts. Independent experts warned about this back in 2004 so there's no excuses for being all surprised now. Then they warned again in 2005 and last December at the Chaos Computer Club  international IT conference in Berlin. Now the attack on the lackluster security system of the London Oystercard has been practically demonstrated last April by a group of Dutch researchers who were investigating the same technology that was about to be implemented nationally in the Netherlands. "The Oystercard system uses the same chip and has the same basic vulnerabilities" according to Professor Bart Jacobs of the Computer Science faculty of Nijmegen University.

After the publication of some of the inner workings of the data-encryption mechanism of the chip used in the Oystercard last December in Berlin, a fully operational breach was predicted by many experts. With the basic knowledge of the inner workings of the chip available online for anyone to see, implementing a working attack against the system was just a matter of time. The Dutch research group has been able to clone the funds on an Oystercard to another Oystercard. This provides at-home top-up mechanism allowing essentially free travel in the greater London area after an initial investment of 10 pounds plus a few blank Oystercards at 3 pounds each. Since the required devices and software are otherwise pretty much free today or in the near future (at most a few months from now), the London Transport Authority needs to get moving on this or accept that they will be providing free travel for those capable of using a laptop and a high-end mobile phone (and all their friends).

The systems failure bears all the classical hallmarks of public-sector IT screw-ups. Basing your security mechanism on trying to keep the inner workings of such a system a secret while at the same time distributing 12 million copies of said system into the hands of the public is, frankly, insane. Does anyone think a handful of engineers locked in a room at Philips can come up with a system clever enough so that the combined expertise of 1 billion Internet users cannot defeat it? One has to wonder what they were smoking that day. Then there are bonus points for ignoring repeated warnings from independent experts for several years.

Among security professionals it is considered scripture that the only systems that can be trusted are those that have been tempered in the fire of public scrutiny. No one is as clever as everyone, and with a few million interested specialists online there is nowhere to hide for a system containing design flaws. Flaws are always found sooner or later and most often sooner. One would think that after six decades of spectacular failures the method of keeping a system secure by trying to hide its inner workings (know in the security trade as 'security by obscurity') would be utterly invalidated. The Germans used this method for their supposedly secure communications using the Enigma machine in World War 2. It cost them the battle for the Atlantic and ultimately the war (ok, ok, attacking Russia in August without winter coats for the troops was not a smart move either). More recently a $400 million DVD encryption method was broken by a 16 year old Norwegian hobbyist.

The Dutch system will probably not be implemented in its current form, but the London system is already operational with an estimated 12 million people using the card. For the sake of the financial stability of the tube system one can only hope that clever engineers have already been working on a solution that can be implemented quickly. But I'm not holding my breath.

(earlier post on the Dutch card here - posts in Dutch here)

The Times picked up the story, and has a writeup of the wider security implications (accescards to buildings and such).

On Saturday May 31st Gendo presented its experience on changing national policy on open standards and opensource at LinuxTag 2008. The link to the talk description is here and the slides are here in ODF and PDF. LinuxTag is Europe's largest opensource conference with over 11.000 participants from 31 countries. Doing a talk there was a lot of fun and I'm looking forward to next year.

Linux Magazine Germany has a writeup of the talk here. The presentation was not recorded but an earlier (similar) presentation was taped last december at the CCC congess, also in Berlin.

(abstract for lecture at Nijmegen University later this year) - Galileo, Newton, Maxwell, Kelvin, Einstein, Curie and Borh laid the foundations of modern civilisation. The greater understanding of the universe around us and new technological abilities lifted us out of the middle ages and gave us unimaginable powers over our environment. Physics research yielded many practical results even in Newton's time (such as insight into orbital mechanics– - very useful for aiming ships' cannons) and even when the cost went up astronomically during the 1940's the benefits were still so large (winning the war) that nation-states would hand out the required means to do experimentation.

In the 21st century physics is in trouble on two fundamental fronts. First is the spiraling cost of experimentation, the new Hadron Collider being just one of the most visible examples. Like advanced space travel, new tools needed to experimentally confirm or falsify new theories have become too expensive even for the richest states in the world to build alone. The potential practical applications are often too uncertain and far off for commercial investment. As is medicine and space travel the question is not if we can build it but if we can afford to build it.

The other problem is the continued existence of the primary financier of all this research: the nation state. Like the Vatican before them nation states are in trouble in the 21st century. Unable to adapt their 18th century organisational structures to a faster pace of change in the world around them they are trying to adapt the methods and models of large corporations to become more adaptive and responsive. And in the process risk losing the very essence of what make them different from those corporations and thus their legitimacy.

How will new physics research remain relevant in the 21st century? Will only result-driven research be funded or is there a post-nation state model for purely theoretical research? In what areas of physics will we run into the brick wall of unverifyable theories?