Netizens-Digest Tuesday, April 15 2003 Volume 01 : Number 499 Netizens Association Discussion List Digest In this issue: Re: [netz] No tragedy but good model Re: [netz] No tragedy but good model [netz] Tragedy of commons? Re: [netz] Tragedy of commons? [netz] When Good People Go Bad Re: [netz] When Good People Go Bad Re: [netz] When Good People Go Bad Re: [netz] When Good People Go Bad (addendum) Re: [netz] When Good People Go Bad Re: [netz] When Good People Go Bad Re: [netz] When Good People Go Bad ---------------------------------------------------------------------- Date: Tue, 15 Apr 2003 11:25:49 -0400 From: Mark Lindeman Subject: Re: [netz] No tragedy but good model Lou, Yeah, from what I've seen, SUVs are _overall_ not much more or less safe for their own passengers (as you say, they are more prone to rollovers), but unambiguously more dangerous to others. The emissions are higher on average than those of regular passenger cars, because SUVs typically get worse mileage -- although the best SUVs are better than the worst cars. Also, since SUVs aren't subject to the same regulatory standards as regular passenger cars, the automakers often can and do cut corners to save themselves money. (Or so I hear, I haven't paid attention to the details.) >Like Jay I think there's good, well intentioned people everywhere and then as you >go along and also find there's also bad people around, you select the good ones but >never giving up on the bad ones, trying to convert them to the "good side of the >force" just like Darth Vader finally did. > Honestly, that's more or less how I think about life -- although not so much the part about trying to convert bad ones. Beyond that, I think that people are a complicated mix of, well, "the good, the bad, and the ugly." Even well-intentioned people can make terrible messes. In college, I studied "groupthink" -- the way in which groups can become trapped in shared false assumptions. So, Jay's statement that our list's strength is that we generally "share a belief in the basic goodness of people" worried me a bit: to the extent that it's true, it could be a strength and also a weakness, depending on the issue. I'm not going to spend the next week inveighing against the basic goodness of people; I just wanted to put up a caution flag. Best, Mark ------------------------------ Date: Tue, 15 Apr 2003 11:22:53 -0400 From: Luis De Quesada Subject: Re: [netz] No tragedy but good model Hello Mark: Thank you for the enlightening explanation about SUV's. I didn't realize the manufacturers did cut corners on them and that they're not subject to the same regulatory standards as passenger cars. I also find that they block my lateral vision when I am parked next to them in a parking lot, angle parking, etc. About people you're right also. Its smart to be cautious. I always believe in the goodness of people first in friendship and then if I am disapointed then I take my precautions. I realize this is a dangerous practice because someone could sell me the Brooklyn Bridge that way. Take care, Lou Mark Lindeman wrote: > Lou, > > Yeah, from what I've seen, SUVs are _overall_ not much more or less safe > for their own passengers (as you say, they are more prone to rollovers), > but unambiguously more dangerous to others. The emissions are higher on > average than those of regular passenger cars, because SUVs typically get > worse mileage -- although the best SUVs are better than the worst cars. > Also, since SUVs aren't subject to the same regulatory standards as > regular passenger cars, the automakers often can and do cut corners to > save themselves money. (Or so I hear, I haven't paid attention to the > details.) > > >Like Jay I think there's good, well intentioned people everywhere and then as you > >go along and also find there's also bad people around, you select the good ones but > >never giving up on the bad ones, trying to convert them to the "good side of the > >force" just like Darth Vader finally did. > > > > Honestly, that's more or less how I think about life -- although not so > much the part about trying to convert bad ones. Beyond that, I think > that people are a complicated mix of, well, "the good, the bad, and the > ugly." Even well-intentioned people can make terrible messes. > > In college, I studied "groupthink" -- the way in which groups can become > trapped in shared false assumptions. So, Jay's statement that our > list's strength is that we generally "share a belief in the basic > goodness of people" worried me a bit: to the extent that it's true, it > could be a strength and also a weakness, depending on the issue. I'm > not going to spend the next week inveighing against the basic goodness > of people; I just wanted to put up a caution flag. > > Best, > Mark ------------------------------ Date: Mon, 14 Apr 2003 11:41:11 +0200 From: Dan Duris Subject: [netz] Tragedy of commons? COuld someone explain what was the tragedy of commons? I haven't heard about it, I guess. dan - -------------------------- email: dusoft@staznosti.sk ICQ: 17932727 *- do you like old games? try: www.the-underdogs.org -* ------------------------------ Date: Tue, 15 Apr 2003 13:18:42 -0400 From: Luis De Quesada Subject: Re: [netz] Tragedy of commons? Hello Dan: You can read "The Tragedy Of The Commons" by Garrett Hardin at: http://dieoff.org page/95.htm Also on Science,Vol.162, 1968-Pages 1243-1248. This article basically deals with man causing his own ruin by his own selfishness, necessities, greed, etc. I hope this is helpful, Lou D. Dan Duris wrote: > COuld someone explain what was the tragedy of commons? I haven't heard > about it, I guess. > > dan > -------------------------- > email: dusoft@staznosti.sk > ICQ: 17932727 > > *- do you like old games? try: www.the-underdogs.org -* ------------------------------ Date: Tue, 15 Apr 2003 14:04:23 -0400 From: "Howard C. Berkowitz" Subject: [netz] When Good People Go Bad An interesting analysis of an attack that causes large volumes of physical junk mail to be sent to individuals is at http://www.avirubin.com/scripted.attacks.pdf I raise the question that if we can rely on fundamental goodness, why then do things like this get seriously considered? Should they not be? ------------------------------ Date: Tue, 15 Apr 2003 15:37:57 -0400 From: Mark Lindeman Subject: Re: [netz] When Good People Go Bad Howard, > An interesting analysis of an attack that causes large volumes of > physical junk mail to be sent to individuals is at > http://www.avirubin.com/scripted.attacks.pdf > > I raise the question that if we can rely on fundamental goodness, why > then do things like this get seriously considered? Should they not be? I don't think anyone has said that "we can rely on fundamental goodness." Jay said, "Throughout history, commoners have collectively generated and modified and enforced the rules they expect each other to follow and the penalties for deviations from these rules." That probably works better if people are basically good rather than basically evil -- if we have to choose. But it doesn't imply that everyone spontaneously blissfully cooperates. Mark ------------------------------ Date: Tue, 15 Apr 2003 15:47:10 -0400 From: "Howard C. Berkowitz" Subject: Re: [netz] When Good People Go Bad >Howard, > >>An interesting analysis of an attack that causes large volumes of >>physical junk mail to be sent to individuals is at >>http://www.avirubin.com/scripted.attacks.pdf >> >>I raise the question that if we can rely on fundamental goodness, >>why then do things like this get seriously considered? Should they >>not be? > > >I don't think anyone has said that "we can rely on fundamental >goodness." Jay said, "Throughout history, commoners have >collectively generated and modified and enforced the rules they >expect each other to follow and the penalties for deviations from >these rules." That probably works better if people are basically >good rather than basically evil -- if we have to choose. But it >doesn't imply that everyone spontaneously blissfully cooperates. > >Mark Mark and Jay, Perhaps we can try to come to consensus. Jay's earlier post appeared to dismiss the tragedy of the commons as a serious problem for the Internet. I disagree. Again, perhaps misinterpreting Jay, I want to see protective/enforcement measures in any serious proposal. Even a statement of "rights" implies responsibilities, and also needs to consider the "right of collective self-defense." ------------------------------ Date: Tue, 15 Apr 2003 16:04:08 -0400 From: "Howard C. Berkowitz" Subject: Re: [netz] When Good People Go Bad (addendum) >>Howard, >> >>>An interesting analysis of an attack that causes large volumes of >>>physical junk mail to be sent to individuals is at >>>http://www.avirubin.com/scripted.attacks.pdf >>> >>>I raise the question that if we can rely on fundamental goodness, >>>why then do things like this get seriously considered? Should >>>they not be? >> >> >>I don't think anyone has said that "we can rely on fundamental >>goodness." Jay said, "Throughout history, commoners have >>collectively generated and modified and enforced the rules they >>expect each other to follow and the penalties for deviations from >>these rules." That probably works better if people are basically >>good rather than basically evil -- if we have to choose. But it >>doesn't imply that everyone spontaneously blissfully cooperates. >> >> > >Again, perhaps misinterpreting Jay, I want to see >protective/enforcement measures in any serious proposal. Even a >statement of "rights" implies responsibilities, and also needs to >consider the "right of collective self-defense." After I hit "send," I realized that the Internet, by its very speed, requires much more proactive thinking about its own defense than, say, an agricultural commons. It's one thing to be able to say "gee, the pasture is getting thin," and quite another to discover that a threat not guarded against can have worldwide consequences in a matter of hours. ------------------------------ Date: Tue, 15 Apr 2003 16:14:56 -0400 From: Mark Lindeman Subject: Re: [netz] When Good People Go Bad > Mark and Jay, > > Perhaps we can try to come to consensus. Jay's earlier post appeared > to dismiss the tragedy of the commons as a serious problem for the > Internet. I disagree. > > Again, perhaps misinterpreting Jay, I want to see > protective/enforcement measures in any serious proposal. Even a > statement of "rights" implies responsibilities, and also needs to > consider the "right of collective self-defense." Howard, I think there may be some actual lingering confusion (with or without further disagreement). Hacking attacks simply don't exemplify what Hardin meant by "tragedy of the commons." To back up the thread a bit: >> [ML] Just so we're analytically clear, the idea behind "tragedy of >> the commons" is >> that each individual is ineluctably driven by calculations of >> interest to >> increase his herd (and thus his impact on the commons) without limit. >> Defending the commons against a minority is a different issue. > > [HCB]Thank you, Mark, for that clarification. The second definition is > my most immediate concern. The first applies in the sense that users > of a service may desire greater service, without knowing the resources > required to meet those greater demands. Defending the commons against a minority is, in my view and probably in Jay's, a _different issue_ than "tragedy of the commons" -- not a different definition. Your last point quoted above does make sense: something like tragedy dynamics could affect the Net. But my impression is that Net bandwidth use is highly skewed, so I'm not surprised that you're more immediately concerned with defending against a minority. I certainly agree that we need to talk about and work on responsibilities and protective/enforcement measures, and I didn't (and don't) think that Jay intended to deny that in his comments on Hardin. (Your addendum makes sense, too.) Mark ------------------------------ Date: Tue, 15 Apr 2003 16:48:23 -0400 From: "Howard C. Berkowitz" Subject: Re: [netz] When Good People Go Bad >>Mark and Jay, >> >>Perhaps we can try to come to consensus. Jay's earlier post >>appeared to dismiss the tragedy of the commons as a serious problem >>for the Internet. I disagree. >> >>Again, perhaps misinterpreting Jay, I want to see >>protective/enforcement measures in any serious proposal. Even a >>statement of "rights" implies responsibilities, and also needs to >>consider the "right of collective self-defense." > > >Howard, I think there may be some actual lingering confusion (with >or without further disagreement). Hacking attacks simply don't >exemplify what Hardin meant by "tragedy of the commons." I may be confused -- help me out if so. 1. Do the physical resources of the Internet define a commons? I think of the classic commons as a pasture, which has grass enough to feed S sheep, after which overgrazing will damage the pasture. 2. The original agricultural commons supported H households, each of which needed A=S/H sheep for household use. There might be trading between community members (you can graze 2(S/H) sheep including my allocation A, but I will spin the wool for both our households). Making lots of simplifying assumptions about user homogeneity, the Internet has B total bandwidth and U users, so the commons works when the average user does not consume more than B/U units of bandwidth. A = B/U. 3. The original pastoral commons failed when certain individuals grazed more than A sheep, with the hope of gaining profit from the incremental revenue from the wool of A-S sheep. (Abuse case S-1) An Internet user that tries to use more than A bandwidth units damages the commons. The innocent case is someone that consistently sends very large files (I'm trying to stay away from the complexities of traffic with different priorities). Let's say the total amount of bandwidth needed for these files is 2A. (Abuse case I-1) A malicious hacker doesn't directly use the bandwidth, but launches a denial of service that makes M*A units of bandwidth, where M is some large number. (Abuse case I-2) What am I missing? Abuse case I-1 may not be malicious, case S-1 is a conscious attempt to optimize individual profit, and S-2 is a true attack? I'm confused, not challenging. To me, all three are attacks against a commons. >To back up the thread a bit: > >>>[ML] Just so we're analytically clear, the idea behind "tragedy of >>>the commons" is >>>that each individual is ineluctably driven by calculations of interest to >>>increase his herd (and thus his impact on the commons) without limit. This seems to be covered by my S-1 case above. I-1 is a nonmalicious but irresponsible variant. >>>Defending the commons against a minority is a different issue. This is my I-2 case. But I see the same commons as being damaged. >> >>[HCB]Thank you, Mark, for that clarification. The second definition >>is my most immediate concern. The first applies in the sense that >>users of a service may desire greater service, without knowing the >>resources required to meet those greater demands. > >Defending the commons against a minority is, in my view and probably >in Jay's, a _different issue_ than "tragedy of the commons" -- not a >different definition. > >Your last point quoted above does make sense: something like tragedy dynamics I'm not familiar with the term "tragedy dynamics." Could you amplify? Am I thinking it's along the lines of an attractor in chaos theory? >could affect the Net. But my impression is that Net bandwidth use >is highly skewed, Not sure what you have in mind, but it's really a complex model when you start getting into not just bandwidth, but prioritization of bandwidth. Inappropriate marking of priority traffic tends to be even more harmful than absolute bandwidth. While I'd have to modify some of the TCP defaults, I could set up a low-priority bulk file transfer that is very well-behaved in deferring to higher-priority traffic (methods including Weighted Fair Queueing, Random Early Detect, and putting upper bounds on the TCP window size). >so I'm not surprised that you're more immediately concerned with >defending against a minority. > >I certainly agree that we need to talk about and work on >responsibilities and protective/enforcement measures, and I didn't >(and don't) think that Jay intended to deny that in his comments on >Hardin. (Your addendum makes sense, too.) ------------------------------ Date: Tue, 15 Apr 2003 18:30:55 -0400 From: Mark Lindeman Subject: Re: [netz] When Good People Go Bad > I may be confused -- help me out if so. > > 1. Do the physical resources of the Internet define a commons? [...] There might be a more elegant way to understand the Net commons than by equating it with its "physical resources" (let me know), but at least as a first approximation, yes, I think so. > 3. The original pastoral commons failed when certain individuals > grazed more than A sheep, with the hope of gaining profit from the > incremental revenue from the wool of A-S sheep. (Abuse case S-1) > > An Internet user that tries to use more than A bandwidth units damages > the commons. The innocent case is someone that consistently sends very > large files (I'm trying to stay away from the complexities of traffic > with different priorities). Let's say the total amount of bandwidth > needed for these files is 2A. (Abuse case I-1) > > A malicious hacker doesn't directly use the bandwidth, but launches > a denial of service that makes M*A units of bandwidth, where M is some > large number. (Abuse case I-2) > > What am I missing? Abuse case I-1 may not be malicious, case S-1 is a > conscious attempt to optimize individual profit, and S-2 is a true > attack? I'm confused, not challenging. To me, all three are attacks > against a commons. I might say that all three threaten the commons, but at least from the commons' standpoint all are attacks, yes. (I assume that that last "S-2" should have been "I-2"?) The key defining element of the tragedy of the commons, as defined by Hardin, is that it is driven by a large number of users (all of them, if we take him literally) who are driven to increase their demands on the commons because they derive economic benefit from so doing. As you say, case S-1 is a conscious attempt to optimize individual profit, but no _malice_ need be intended. If in case I-1 a large number of users were driven to "overgraze" the Internet in order to derive maximum benefit from it, then I think that case would be conceptually similar to S-1. The difference (if any) is in numbers, more than motive (i.e., malice). That's what I meant by "tragedy dynamics" (sorry, I was rushing). My lay impression is that we do _not_ confront a tragedy of the Net commons caused by everyone's more or less innocent desire to increase their use of Net resources without limit, but I don't rule it out. Case I-2 is not a tragedy of the commons because (as I read it) it manifestly does not spring from what Hardin characterized as the inherent logic of the commons, namely that "As a rational being, each herdsman seeks to maximize his gain." This obviously doesn't mean that case I-2 isn't an important threat to the commons or attack on the commons. >>>> [ML] Just so we're analytically clear, the idea behind "tragedy of >>>> the commons" is >>>> that each individual is ineluctably driven by calculations of >>>> interest to >>>> increase his herd (and thus his impact on the commons) without limit. >>> > > This seems to be covered by my S-1 case above. I-1 is a nonmalicious > but irresponsible variant. Your formulation seems to imply that S-1 is "malicious," which I wouldn't necessarily concede. Otherwise, I agree. >>>> Defending the commons against a minority is a different issue. >>> > This is my I-2 case. But I see the same commons as being damaged. Yes, from the commons' standpoint it isn't much comfort to know that the attack doesn't technically count as a "tragedy"! We still need to deal with it. My point was only that Jay's indignation about Hardin's "tragedy of the commons" argument probably gives little clue how he thinks we should respond to case I-2. >> could affect the Net. But my impression is that Net bandwidth use is >> highly skewed, > > > Not sure what you have in mind, but it's really a complex model when > you start getting into not just bandwidth, but prioritization of > bandwidth. Inappropriate marking of priority traffic tends to be even > more harmful than absolute bandwidth. While I'd have to modify some > of the TCP defaults, I could set up a low-priority bulk file transfer > that is very well-behaved in deferring to higher-priority traffic > (methods including Weighted Fair Queueing, Random Early Detect, and > putting upper bounds on the TCP window size). Well, I'm not sure what I have in mind either, but I'm basically trying to sort out how important case I-1 is. I don't have strong priors. Mark ------------------------------ End of Netizens-Digest V1 #499 ******************************