How to repair the damage done to the Supreme Court

For years, a primary goal of Republicans has been to reshape the judiciary. They have done so using every tool at their disposal, but one of those tools was not honesty. Not even considering President Obama’s nominee Merrick Garland on the basis that such nominations aren’t entertained during a presidential election year, and then ignoring that logic to confirm Amy Coney Barrett as a justice was a demonstration of both hypocrisy and Might Makes Right. With Republicans having precipitated this crisis; should the Democrats take control of the presidency, the House, and the Senate; as it appears they will; they would be perfectly justified in making use of that might to correct such an abuse.

What could they do? At a bare minimum, since Merrick Garland isn’t on the court and Neil Gorsuch is, the Congress could pass a law, increasing the size of the court to eleven. President Biden could then appoint two more people to re-establish a balance.

Others have argued for even more radical changes, including among others term limits and selection criteria by party; all of which are likely to be constitutionally problematic. Whatever power the Democrats will have next year, they will almost certainly not have the power to enact amendments. Indeed even to go so far as to increase the size of the court they will almost assuredly have to do away with the filibuster rule in the Senate.

Stepping Away From the Brink

If the Democrats take any of these actions, they will be perpetuating the use of the Supreme Court as an ideological football. There is one group of people who can stop this from happening: the court itself, specifically conservative justices. This can happen in one of a few ways, but the most obvious one would be for one or more conservative justices to retire. At a spry 72, Clarence Thomas may feel that his best years are in front of him, and that the Democrats wouldn’t dare tinker with the court’s composition. Justice Alito is 70, and may feel the same way. They should think again. While Joe Biden has indicated that he doesn’t want to get into such structural changes, he hasn’t rule them out.

Another alternative would be a clear pledge from conservative justices to maintain the status quo of their own accord. This would be a bitter pill to swallow, because it requires that one sublimate deeply held principles for the good of the institution. Indeed, one might ask, if one were to do this, why not retire from the court?

Even one conservative stepping down would be patriotic. It would allow the Senate to re-establish a comity that has been absent under Mitch McConnell, allowing things to get back to normal. It would also allow some rational discussion of what if any court reform would be necessary, such that it could take place in a bipartisan spirit. Whoever does this would be establishing a legacy that would likely far outlast any decision on the court.

Why Colluding With Foreign Governments Is Bad

When incoming – but not yet seated – national security advisor Michael Flynn opened separate negotiations with the Russians in late 2016, he was not the first American to interfere in American diplomacy. That dubious distinction falls to none other than Thomas Jefferson, who nearly landed America in a war with his interference. As vice president, he had no more of a role in government than vice presidents do today.

In the late 1790s, France was once again at war with England. President George Washington and later President John Adams sought to maintain neutrality between these two great European powers, if for no other reason, to avoid having one of them turn their guns on the young American country. With the passage of the Jay Treaty, America resolved a number of conflicts with England, to the great displeasure of the French Directorate. In retaliation, France started harassing American shipping, confiscating ships and detaining sailors. In the Spring of 1797, President Adams sent John Marshall, Charles Cotesworth Pinckney, and Elbridge Gerry to resolve the conflict.

Before they could leave, however, the French envoy Joseph Létombe met with then Vice President Thomas Jefferson. Jefferson served in that capacity because he was the runner-up to Adams in the presidential election. His views were diametrically opposed to those of Adams, who he viewed as sympathetic to England, whereas Jefferson himself as the former ambassador to France was partial to France. In his conversations with Létombe, Jefferson suggested that by dragging their feet in the negotiations, the French government would find more amenable negotiating partners in his own anti-federalist party.

Newly appointed French Foreign Minister Charles Maurice de Talleyrand took this advice to heart, refusing to officially receive any of them until they had paid a bribe and backed loans to the French to support their war against England. This became known as The XYZ Affair, so named for the code names of the three individuals who the corrupt Talleyrand sent to effect the extortion. Marshall’s report of the attempts at bribery inflamed Americans, and Telleyrand and the French were forced to end the attacks and seizures.

Around this time, one Doctor George Logan sailed as a private citizen to Paris and, while making clear that he did not represent the United States, attempted to negotiate directly with the French. The sly foreign minister saw this as an opportunity to get back at President Adams, and timed the resolution of the dispute between the two countries with Logan’s departure.

Jefferson’s earlier meddling and Logan’s naive approaches led Congress to enact what became known as the Logan Act of 1799, which says that no private citizen may engage in direct negotiations with agents of other governments in controversies between them and the United States. Two people have been prosecuted under this act, and nobody has been convicted. Arguably the act itself is unconstitutional because it would impinge on one’s right to free speech. Nevertheless, the interference was unwise, because it could have landed an unprepared America in a war with both England and France.

Vladimir Putin is every bit as sly and corrupt as Talleyrand was. It was foolish for Flynn to engage Putin’s emissaries to subvert the policy of the United States, and it was greedy and foolish of the Trump campaign to allow Putin to interfere with American democratic processes. Our Democracy is more important than any campaign. With President Trump arguing that Americans should not mail in ballots for fear of voter fraud, the larger offense is seeking foreign assistance to win an election. It has come at a steep cost. Americans drubbed out those in Congress who supported France. We should do the same with Republicans today.

I have hope and gratitude, thanks to medical research and the Internet.

I am grateful to medical researchers, those on the front line, and those who are keeping us from going crazy in our homes.

I write this to you today from my house, and you probably read this note from your house or apartment. Our lives are disrupted. We cannot go to the movies or restaurants, we cannot get our hair cut, we cannot go to weddings or baby showers, and many of us cannot go to our offices or to visit our customers or partners. We cannot go to conferences, and our kids cannot go to schools.

We are doing all of this for fear that we or people we love will die of this awful illness. We are reading horror stories from Italy of their healthcare system being overwhelmed. As I write this to you I worry that the same thing will happen in Switzerland and elsewhere. I worry for my family.

This disease spread so quickly across the planet because of the ability of humanity to scale its transportation systems to efficiently move anyone from anywhere to anywhere, whether that’s by train, plain, ship, or automobile. This was largely not the case during the Spanish Flu of 1917. We need to practice “social distancing” even more so now than then, because the world is a lot smaller and more social place than it was, thanks to all of this capability.

That same human desire to innovate is what is going to save us now. It started early on in the medical community, who have been our first responders in this crisis. They have worked to identify the genetic sequence of the virus itself, to understand its transmission vectors, and to provide the world with initial advice on how to cope with this threat. Even as early as January, researchers across the globe were attempting to develop a vaccine. In the last few days, researchers have reported four types of immunity response cells to look for as people begin to recover. There are two studies that detail how Malaria medication may both improve recoveries and reduce the virus’ infectiousness.

By dint of necessity, we are virtualizing a great many of our activities. We are all learning how to use WebEx Teams or Microsoft Teams or Zoom or Google Hangouts. We are using FaceTime and other remote collaboration tools like never before. One of my friends is planning to virtualize his Passover Seder, and asked for advice on how to do this with Webex. He dubbed this SederEx. We are planning a virtual baby shower with a cousin. I have encouraged my old Kabuki-West crowd to have a virtual Wednesday night dinner together.

The first uses of the Internet were envisioned by its funders to have been military. That’s why the Advanced Research Project Agency (ARPA) funded the activity. It was clear from those early days and even before then that electronic communication would continue to reshape how we socialize in the world.

That’s because remote communication didn’t start with the Internet. The invention of the telephone let us “reach out and touch someone”. And that worked great for one-on-one communications. EMail gave us the ability to communicate in near real time with those around us. Instant messaging meant that people could hold several disconnected real time text conversations at once.

Today, however, we can all see each other, present to each other for work, not only hear but also see people’s reactions. In the face of this plague, people are having virtual baby showers, virtual drinks, and even virtual Passover Seders. You have to provide the non-virtual parts yourself, of course, but we are able to still be together, even when circumstances dictate that we be apart.

For those of us who have family who are a great distance away, this also represents a rare opportunity to participate in these sorts of events on an equal footing, without having the phone passed around for brief moments, simply to say hello. We are all in the same boat, this time.

The Internet is helping us remain social, as is in our nature to be. Social networks, which in the last few years could not be spoken of in public without some sort of derision, are a big part of the solution. When all of this is over, we will still need to sift through all of the negativity and nastiness that they engender, but let us give them their due as they help us stay connected to one another, as I am connecting to you today.

While we are not indebted in the same way to Internet engineers as we are to medical first responders and those who have to work through this crisis, like grocery store cashiers and police officers, let us also give Internet engineers a pat on the back for helping people self-isolate physically, without having to self-isolate socially.

And by the way, those medical research results I mentioned earlier are being shared by researchers with other researchers in a very timely fashion thanks to the Internet.

It’s Not the Doorbell, It’s the Cloud

Your password in the cloud was weak, not the IoT device this time. But there are emerging IoT standards like DPP that can help do away with passwords.

You have to have been hiding under a rock over the last week not to have heard about scare stories about kids being tormented by perverts and others being violently extorted through various Ring products. Not exactly what you were expecting from your security product, was it?

With so many reports of IoT devices being vulnerable to attack, one might leap to the idea that the Ring device itself has been poorly designed, and thus broken into, but one would be wrong. That is because, like so many IoT devices, Ring products make use of the cloud to offer a service. Here’s how it all works.

When you establish an account, you are doing this not on the doorbell, but on a service somewhere on the Internet to which the doorbell connects. This is evident, because when you go to ring.com, you can log in with the account that you have previously established in the app.

Later during device setup, the doorbell is registered with the service, using the phone’s setup app. This is likely the only time the phone would directly communicate with the doorbell. All other communications flow through the service, as drawn above.

So how did someone else get to control your device? If you are not using two factor authentication, an attacker requires two pieces of information to control your device: your email address and your password. Your email address can easily have appeared in public if you have joined a public mailing list, or had made a comment on a poorly designed web site. An attacker may also be able to guess your password if you have used that same password on a service that has been compromised (hint: many have), or the password itself is obvious.

Some recent research has found that long or complex passwords aren’t good because people write them down or forget them. On the other hand, Ring will accept “12345678” as a password, and quite a number of other commonly used passwords that can be found on this list of stupid passwords. First piece of advice in this article: don’t use those passwords!

Ring also offers the option to register a cell phone with your account, so that when you log in, you will receive a code via SMS that you must enter to access your account. This two factor authentication (or 2FA) is stronger, and well worth the mild inconvenience, given that this is your house and its security we are talking about.

All of this is about securing your online account. The only reason that the EvilBadDoer can bother Little Johnny and take over your doorbell or security camera, at least in this moment, is that EvilBadDoer hacked your online service password to the service controls the device.

Could this marriage of IoT devices and online services be used to provide a stronger authentication? Possibly. Because a device communicates with the cloud once it’s set up, and because your phone communicates with the cloud after the doorbell is setup, it is possible for the device to provide the doorbell a token. However, for that to work, communications must be secured between the device and the doorbell during setup. Earlier this year, researchers found that this was not the case, the reason being that the doorbell was simply using unencrypted HTTP to share information about your wifi network. Bad Ring! No Ring biscuit!

Luckily, there are some onboarding standards that Ring and others could leverage to help improve matters. One is EasyConnect by the Wifi Alliance, otherwise known as Device Provisioning Protocol (DPP). Here’s how DPP works:

With DPP, you can use an app to scan a QR code printed on a label that came with the device that contains the public key that was installed during the manufacturing process. The app then looks for the device and authenticates using that key. Look, Ma! No passwords. DPP was primarily intended to be used for Wifi connectivity, but there’s no reason that the same trust couldn’t be leveraged to do away with Ring passwords. This is something that Amazon and others should consider.

There are some remaining challenges. For instance, what happens if you lose your phone? Can you repeat the exercise, and if you do so, would you have to do so with all the Ring devices in your house? To me this is best handled with some sort of backup before one loses one’s phone.

The key point here is that IoT can actually help itself if we adopt stronger onboarding technologies, like EasyConnect. This will take some time to get right. As a customer, you might want to ask about EasyConnect to help ease password problems so that Little Johnny can sleep easier.

Thanksgiving and How We Got Here

Today I remember a different Guthrie song from a different Guthrie.

It has become a tradition for many to play Arlo Guthrie’s Alyce’s Restaurant on this day, but I have another song in mind.

Today, as Americans give thanks for all that we have, we are thanking those who helped us along the way. That includes native Americans, and those generations of Americans who opened their doors to immigrants from China, Japan, Poland, Russia, Italy, Ireland, Ukraine, the Viet Nam, India, El Salvador, and a great many other places. Almost nobody who lives in America can say that they are in some way native, and nobody can say that America hasn’t benefited from those to whom we opened our doors. I am the great-grandson of a woman who came here as a 14 year old girl, fleeing horrible conditions in Eastern Europe. Good people found her clean lodging and got her a basic education, such that she was one of the only ones in her family to have survived the Holocaust. Her story, my heritage, is far from unique, and it is the reason that the Statue of Liberty is not incongruous with the American Century.

It horrifies me that our government knew that it had no means to track the thousands of immigrant children who are in our care. I encourage my friends to give a thought to these children, and their welfare.

Throughout the 20th century, isolationist bigoted forces always needlessly feared immigrants, whether it was the numbers of Chinese who had completed the railways, or Japanese Americans who were imprisoned. Always there has been some fear of our brothers and sisters south of the border. Somehow, until recently, we always knew that our relationship to Central Americans was one that we all valued, both culturally and economically. That our laws didn’t take this into account has been a singularly unjust abuse of the our brothers and sisters. Even as I write this, President Trump wants to declare Mexican gangs terrorist organizations, not to keep us safe, but to instill more fear of immigrants.

I commemorate today not with a song by Arlo Guthrie but with one written by his father Woody in 1948. To borrow a statement from someone else, it is an absolute travesty that the song Deportee is still relevant today. While Guthrie wrote it, a great many people have sung it, including Arlo, Pete Seeger, Joan Baez, and Bob Dylan. These people have served as the conscience of America.

And so as we are enjoying our feasts, let’s remember those we have cast out.