Saturday, February 06, 2021

Freedom of speech, and how to reason productively about it

Most people develop opinions about how speech should be restricted via a priori reasoning from abstract principles, often absorbed from primary school civics lessons or other tribal recitations (for example, these days, social media memes).

But in a consequentialist, utilitarian framework, how discourse should be regulated depends on several empirical questions:

  • Speech is a physical reality; the speech that occurs in a given medium can be measured.
  • The beliefs, behaviors, and harms that a system of speech engenders are also physical realities, and also to some extent measurable.
  • The effects of a given mode of speech regulation are also measurable realities.

To put it another way, media are systems with particular mechanics, like games; Twitter is a different game, for example, than Reddit, and both are different from digital journalism or cable news. The mechanics of a medium drive higher-level emergent dynamics, which (for nontrivial systems) can only be studied empirically. The proper instruments of study cannot be drawn from the toolkit of a priori philosophy alone; they require the methods of science and engineering: experimentation, simulation, modeling, comparison of modeling predictions against empirical data.

I posit that any practicing computer game designer could easily design a "speech game" where bad speech totally drives out good. In fact, this would be so easy that the only design challenge would be making it fun enough that anyone would want to play. As a player of that game, you would be a fool to embrace the strategy that "the remedy to be applied is more speech" (quoting Brandeis); you would simply be crushed; your adversaries would laugh at your naivete. I hope this idea seems obvious to you. But are you certain that we aren't all playing such a game in one or more spheres of real life?

It is sad to me that so much effort is spent (wasted!) arguing in totally unproductive circles about some aspect of free speech ("censorship", "cancel culture", "deplatforming", etc.), and so little effort is spent understanding empirically the connection between mechanics and dynamics.

Tuesday, May 15, 2018

On the Duplex demo

Disclaimer: I worked for Google long ago, and I may work there again someday. I had nothing to do with Duplex.

The Google Duplex demo has caused some fairly heated & widespread reactions; to paraphrase, "The person on the other end doesn't know or consent to talking to a robot! This is a deceptive violation of their rights!" I think that I understand, a little, why people react this way, but on balance I find it logically ridiculous. I am also convinced that it will seem both logically and emotionally ridiculous to most people within a generation.

As someone in my 40s, I understand the relationship that 20th century people once had with their phones. I am old enough to remember "reach out and touch someone" being a thing that real people felt was the primary purpose of telephonic communication. However, over the course of my adult life, this use case has been utterly swamped by the rise of automated or semi-automated telephonic processes, constructed by immense and remorseless engines of bureaucratic modernity, that use the telephone as an electronic siphon to suck value out of my time: legally protected political robo-calling, flagrantly illegal commercial robo-calling, telemarketing driven by script-reading call center employees (who, in this role, are functionally biological components of a machine, not autonomous individuals), and a constant nagging flood of scam hangup calls.

Conversely, nearly all outbound phone calls that I make, except to close friends and family, now involve navigation through a robotic phone tree. In other words, I am interacting with a succession of artificial voices for many minutes before a usually-brief chat with a human being.

In other words, for any human being less than about 45 years of age, nearly all telephonic interactions in their adult life have been to a large degree robotic. It is hard to get up in arms because the robots are going to be slightly more fluent in the future. They have been getting more fluent all my life (for example, many phone systems can now recognize numbers that are spoken rather than dialed on a touch-tone pad). I don't care. Deep down, you probably don't either.

Search your feelings; you know it to be true. How many times in your life have you picked up the phone to a telemarketing call and thought to yourself, "Oh thank goodness, I am super glad to have been interrupted in this fashion because it's a human being talking to me rather than a robot? My heart brims over with joy!" None. Zero times. You have never thought this.

On the other hand, suppose you received a call that said: "Hey, just wanted to let you know that a recently deceased distant relative left you a one million dollar inheritance; a check and a letter with details will be arriving in your mailbox today. You don't have to do anything else but cash the check, thanks, take it easy!" You would not care whether the voice was a robot or a human being. You would be skeptical, but when you got the check and the letter, which said, "By the way, a robotic call was placed to your phone number earlier today to inform you that this letter would arrive so you wouldn't miss it," you would not think to yourself, "OMG, I feel so unbelievably violated because that voice was a robot! Fuck this stupid million dollar check and fuck the horse that it rode in on!"

The moral valence of a phone call is determined by the value that the participating parties get out of the call, not by whether one or both parties on the call are mediated by machines that are slightly more adept than the machines which existed in 1992.

Lastly, if the above doesn't convince you, here are two more quick reasons that the future will welcome talking bots:

  • People under 30 today ("millennials" or whatever you want to call them) hate making voice calls. They will probably welcome any opportunity to delegate this stupid chore.
  • People under 15 today will grow up taking bots for granted; for example, textual chatbots, or other types of bots in online games that they play. They will feel no horror at the idea that spoken-word bots can have warm, engaging voices.

Tuesday, March 20, 2018

How resistant is Bitcoin to government regulation?

Excavated from the drafts folder. I composed this in December 2017 (although I can't prove it) and I am publishing it now because recent news has rendered the postscript timely.

Bitcoin depends on the following three types of infrastructure:

  • Semiconductor fabrication plants.
  • Electric power plants.
  • Transoceanic fiber-optic Internet cables.

It depends on the first two of these to an unusual extent; the third simply comes along for the ride because Bitcoin is a global Internet-connected system.

You can't access these things, or the stuff that comes out of them, when governments really don't want you to, because they are big, expensive works of physical infrastructure. A government, or coalition of governments, with sufficient motivation and resources could introduce regulation upstream or downstream of any of these choke points that simply makes further Bitcoin mining non-viable.

"The Internet interprets censorship as damage, and routes around it" is true only up to a point. It is instructive to compare Bitcoin with child porn, a category of online activity that most governments are already highly motivated to stop. Governments have mostly succeeded in eliminating it from the non-darknet parts of the Internet; even sites like 4chan, which revel in their own transgressiveness, aggressively police child porn, because these sites run on servers that sit in datacenters in the physical world that are governed by laws just like everything else. Those servers are hooked up to the power grid and connected to the Internet by physical wires that belong to some utility. To maintain these connections, money changes hands, and a paper trail is generated that ultimately leads to the server operators. If you decide to be a badass rebel and distribute child porn under these conditions, you are looking forward to jail time.

It is true that child porn exchange still occurs online, but it occurs mostly on obscure systems that are specifically designed to be censorship-resistant at the expense of widespread availability. Bitcoin could be shut down or marginalized just as easily (where "marginalized" simply means that it is used as a transaction processing system only in highly unusual circumstances, rather than as a pillar of the economy).

In fact, it could be shut down much more easily. The resource cost to produce and distribute child pornography is nearly fixed: the size of a collection of digital imagery is essentially constant, and can be produced and distributed with extremely modest equipment. Basically, individual criminals can sustain a cottage industry indefinitely. By contrast, the exponentially increasing computational power demands of Bitcoin make it particularly vulnerable to regulation. If you cannot get your hands on an ever-increasing supply of semiconductor chips and electricity, you cannot mine Bitcoin, at least not at the scale that today's largest miners operate. Bitcoin mining is not a cottage industry; it is a large-scale industrial process, with datacenters as the factories. Large capital equipment is inherently easy to regulate. And replacing all of today's gigantic mining operators with small-scale, individual miners suffers from economic and engineering problems similar to those that you'd confront if you tried to replace a Google datacenter with ten million mobile phones (let alone trying to do that while dodging mining regulations).

Bitcoin has not been regulated because governments mostly do not care enough to regulate it (yet). The starry-eyed anarchist fever dreams of the most anti-statist libertarian early Bitcoin proponents were always total fantasies. If Bitcoin does not fail completely, then either it will be tamed into just another boring part of the existing world financial system, or else governments will wake up and cripple it.


p.s. Incidentally, since it is possible to encode data on the Bitcoin blockchain, an attacker with sufficient motivation and resources could save an instance of child pornography on the blockchain. Since every node maintains a copy of the entire blockchain, and Bitcoin lacks the ability to erase transactions, the entire Bitcoin network would be transformed at a single stroke into a child porn distribution system, rendering all Bitcoin node operators criminals. This might cost an incredible amount of money — millions of dollars to stash a single image of a few KB — but once done, it would irrevocably taint Bitcoin forever. This is an aspect of Bitcoin that is obvious on inspection, yet almost never discussed.

p.p.s. It happened.


This post closed to comments because Bitcoin attracts an unusually high ratio of vocal kooks.

Friday, January 19, 2018

The evolution of players in the American constitutional game

Another looming threat of Federal government shutdown prompts Timothy B. Lee to concur with the Yglesian view that American constitutional democracy is doomed — or, at least, in need of major structural changes:

The hour-by-hour style of conventional news coverage tends to obscure the big picture: the perpetual crises the US government has suffered over the last decade are a symptom of America’s deeply flawed constitutional system. This isn’t a new insight on my part. You can read Matt Yglesias’s classic 2015 write-up of the argument, which in turn draws on a large body of political science literature.

The basic issue is that the American system of checks and balances was designed for a nation without ideologically polarized parties. . . . The problem is compounded by the fact that it’s so hard to remove a bad president from office.

One seemingly-strong rebuttal to these arguments is that American democracy has survived for a long time, so probably the system is fine. The last Civil War veterans died in the 1950s; unlike most nations on Earth, America has no living citizens with a firsthand memory of existential risk to its constitution. This history of recent stability is probably the main reason that most Americans instinctively reject arguments, no matter how logically sound, that America's constitutional system is fundamentally flawed.

But this rebuttal has less force than it seems. The American constitution is a game, and political actors are players. When people play a game, it takes time to explore the available strategies. Partly this is because, even for relatively simple games, the space of strategies can be immense, requiring time to explore; partly this is because external forces, such as social norms, may prevent players from using optimal strategies initially. However, once a stronger strategy is discovered, it is difficult to stuff the genie back into the bottle; rewards accumulate for those who ruthlessly exploit the most lucrative methods of play, and those who use less optimal strategies are driven out.

A nice illustration of this dynamic can be seen in Google's training of its chess-playing program AlphaZero chess — openings such as the French Defense and Caro-Kann Defense appeared strong to the program while it was training itself, but eventually it abandons these almost entirely in favor of strategies that are inherently stronger, such as the English Opening.

In other words, every nontrivial game is also an optimization process, where the set of players explores the landscape of available strategies over time. In such a process, it is entirely possible for the most prevalent strategies to shift dramatically and even discontinuously; the past is not necessarily a guide to the future.

If you had been taught to play chess by the version of AlphaZero that existed two hours into its training, you might have learned that the French Defense was the "normal" way to win at chess; if I showed you a single later game using the Queens Gambit, you might view that as a temporary aberration. You would be wrong. Likewise, if you came of age in the 20th century, you might view electoral politics as practiced back then as "normal", and the current era, where the government walks up to the brink of shutdown or debt ceiling default every year or two, as a temporary aberration. I suppose it's possible, but the persistence of this observed behavior suggests that it is simply a stronger way for political parties to play the game.

Lee and Yglesias, and the political scientists whose work they draw upon, point to increasing partisan polarization as the cause of the shift in American electoral politics in recent decades. This is fine as far as it goes, but it is important also to realize that the constitutional game itself has always had, encoded within its rules, the possibility of the current configuration of power. The numerous veto points of the American system have always had the potential to be used to hold one policy objective or another hostage. The division of electoral authority between the President and Congress has always had the potential to allow both to dodge accountability for outcomes. It has always been possible for ideologically united parties to gridlock against each other. Accidental features of the American political landscape prevented these strategies from being exploited, but now the players are playing at this level, and thereby evidently beating those who would play differently. There are now only two possible avenues to change: either some novel strategy emerges to beat these strategies, or the rules must be revised.


Incidentally, this general idea — that a ruleset and the actors who interact with it coevolve — recurs across many fields:

  • It is at the heart of the concept of regulatory capture in public choice theory.
  • Designers of multiplayer computer games understand that a game's rules must be periodically patched for "balance" as players discover dominant strategies which render the game trivial or un-fun.
  • Security researchers are, of course, dreadfully familiar with the fact that every nontrivial system has unknown exploitable vulnerabilities. Once a vulnerability has been found, they would laugh at the notion that you could simply convince attackers not to behave that way, which is the analogue of hoping that American political parties won't use the toxic tactics currently available to them.

You'll find many other places to apply this concept once you have it in your toolkit.

(I've actually been meaning to write a longer essay on this idea and its implications for a while now, but haven't done so for the usual reasons, so this post will have to do for now. Well, this, and my Pinboard tag on the subject)

Monday, December 04, 2017

Two ways ISPs can do content-based filtering of encrypted traffic

Vaguely a propos of the revived net neutrality debate, a while back I saw someone on Twitter claim that it is technically not possible for ISPs to do content-based (as opposed to destination-based) filtering of SSL traffic. This statement seems initially plausible, but is false. I can think of two technical mechanisms to do content-based filtering.

First, it is possible to identify encrypted content via traffic analysis. ISPs could compile a database of traffic signatures which they wish to throttle (e.g., for videos that are available from their own video streaming services) and throttle any traffic matching that signature.

Second, ISPs can require that users add a trusted SSL root cert owned by the ISP, thus allowing the ISP to man-in-the-middle all SSL traffic. Obviously, content-based filtering then becomes trivial.

You might object that this second measure would be unacceptably onerous, and would be rejected by the market. In the near future, a middle-class American family of four may own ten or twenty Internet-connected devices, running a half-dozen operating systems, and demanding that users install a root cert on all of them would cause unbelievable inconvenience and outcry. This might be true, but without even trying very hard I can think of numerous ways that ISPs could try to acclimate users to this bitter pill:

  • Of course, the software package would be named something relatively innocuous, like "Comcast Internet Security Accelerator" or some such nonsense.
  • The MITM cert might only be required for devices that wish to access the "fast lane" — in other words, the ISP would simply throttle any SSL connection that it does not MITM. All the household's devices would be functional even if you didn't jump through this hoop, but the ones that need the fastest connections — say, the PC that streams HD VR video — would require the MITM cert installation.
  • The ISP could distribute web browsers and other apps that embed the trusted cert — for example, Comcast could provide a custom build of Chromium — and require their use for the "fast lane". Again, you wouldn't need this app for casual web browsing, only for sites that are sensitive to speed.
  • ISPs could strike distribution deals with mobile carriers to install root certs on phones. The most obnoxious way to do this would be to ship the phone's ROM with the MITM cert baked in; this would probably cause massive outcry, akin to the eDellRoot debacle. A sneakier way to do it would be to ship a carrier-branded app that has the ability to update the trusted cert store (by itself this is arguably innocuous), along with an ISP-branded app that (a) nags the user for consent when it detects that the phone is on the ISP's network, something like "Welcome to Comcast! Do you want to enable Comcast Fast Lane[TM]?", and (b) when the user "consents", installs the MITM root cert by delegating to the carrier's app.
  • ISPs could embed a web browser connected to a virtualized display in the set-top box. The set-top box, of course, would already trust the MITM cert. Then, instead of browsing directly to https://www.youtube.com/ or whatever, you would first browse to http://xfinity.local/, which would present you with a web app that is itself a browser running via remote desktop protocol. Then you would type https://www.youtube.com/ into the address bar of this web browser. The ISP could even "helpfully" set up its DNS to perform this redirection automatically (if you type youtube.com without the https).

These are just the ideas that occur to me in about twenty minutes of thinking. If these seem farfetched to you, there may be other ways to boil this frog. Companies can be rather creative when there are billions of dollars of rents to be extracted. The result does not have to be low-cost or seamless for the user; local broadband ISPs in the United States are subject to practically no competition and whatever they implement just has to be marginally less painful than waiting for your content to download over the cellular network.