Monday, February 29, 2016

Happy Friendship Day—Not

Facebook is the quintessential dot-com success story:  young guy invents software in his dorm room that ends up creating an entire industry and making him a storied billionaire, besides becoming a significant part of the social lives of over a billion people worldwide.  Ethically speaking, on the face of it Facebook looks like a no-brainer:  it's all about connecting people, right, so what can go wrong with that?  Well, plenty, as shown by stories of flaming mobs and online bullying leading in some cases to suicide.  But besides these more spectacular crimes and misdemeanors caused by the general cussedness of humankind, there are things that the software developers do themselves which can go awry.  And here's where it gets personal—very personal.

Back in January, Facebook founder and CEO Mark Zuckerberg called for people to celebrate Feb. 4, the twelfth anniversary of Facebook's founding, as "Friendship Day."  Now Mr. Zuckerberg is free to call for anybody to celebrate anything, and I have no problem with that.  The trouble came, at least in our case, when some anonymous software engineers at Facebook had a bright idea inspired by the call and, as software engineers often do, put it into action without telling the users what they were up to in advance. 

It was simply this:  "Hey, why don't we take some pictures that people have posted in the last year or two and send the pictures to them along with a greeting like 'Happy Friendship Day'?  What could be wrong with that?"  As it turns out, plenty.

Zuckerberg himself is only 31, and it's likely that the average age of the technical staff at Facebook is somewhere around that number.  If you are a well-paid employee of a giant software successful software company, death does not occupy a large part of your personal horizon.  You know it's out there somewhere, and you read about it online with the other bad news, but it's not likely to have affected you personally to a great extent, except perhaps for some old relatives whose funerals you may have attended out of a sense of duty. 

It turns out that in the last two years, my wife, who is 59, has lost five relatives of various degrees of closeness, ranging from a cousin she hadn't seen in years to her last remaining aunt, her sister, and her father.  And in the last few years she had taken pictures of these people, and posted many of the pictures on Facebook at appropriate times.  You can tell where this is going.  Imagine how she felt when a couple of weeks ago, she logged on to Facebook one day and saw under the headline, "Happy Friendship Day" a photo of her father in the hospital during his final illness.  He died almost exactly a year ago.

For the better part of a day, it was like walking on eggs around here.  She rarely gets truly angry, but if Zuckerberg had happened to stop by our house that day, he might have come close to a personal encounter with mortality that he would never forget.

A short time later, she spent several hours systematically taking down every single photo she had ever posted on Facebook that included anyone who has since died.  It was a lot of pictures, but she was determined that the machine was never going to catch her by surprise that way again.

Sometimes I amuse myself by imagining how I would explain various modern technologies to someone transported through time to the present from, say, fifty or a hundred years ago.  Although Facebook shares some features in common with things that existed in 1966—photo albums, high school annuals, and the postal system, to name three—you could not express what it does simply by referring to those things.  And the main feature that would be missing from that description is the way Facebook manipulates the rules, and what happens to your Facebook stuff when they play games with it like Happy Friendship Day. 

Unless you happened to be living in the 1960s with a busybody aunt who lacked any sensitivity to your feelings, I can't imagine someone back then receiving a customized photo album labeled "Happy Friendship Day" that contained pictures of some of the most intimate and painful times in your entire life.  But that is exactly what Facebook did to my wife.  At least if a nosy aunt did such a tacky thing, she'd be standing right there where you could chew her out for it.  As it is, though, the faceless System of Facebook is all she can blame, and her only defense against further manipulations of this kind is to withdraw any possibly pain-evoking images from the System so it can't fool with them. 

Once my wife explained to me what had happened, in the heat of the moment I thought that whatever numskull came up with that idea ought to be tied to a chair and made to watch 200 hours of cat videos.  I now think that is excessive.  But certainly, some live person or persons originated the idea of recycling pictures for Happy Friendship Day, and as Zuckerberg himself has expressed enthusiasm for artificial-intelligence solutions even to programming problems, it's virtually certain that some algorithm the programmers wrote made the selection of which photos to include.  Despite the best programmers Zuckerberg's money can buy, that algorithm did not have feelings, and it was therefore insensitive to the psychic pain that such actions could cause. 

We are in a strange time in which former organizational divisions of all sorts are falling down, and people who were trained to do one kind of work—software engineering, say—find themselves doing very different kinds of work—for example, manipulating on a massive scale items that have deep and powerful personal meanings for literally a billion people or more.  There is an old saying, "Fools rush in where angels fear to tread."  It would have required the discretion and intelligence of many angels to select only those pictures which would have been appropriate to accompany a message such as "Happy Friendship Day" for each one of Facebook's users.  Unfortunately, software is a poor substitute for angelic insight, and the result was in many cases foolish, or worse than foolish. 

For reasons of time and disinclination, I have no Facebook page, other than possibly a dormant one my wife started for me in connection with a book publication.  If anything happens on Facebook that she thinks I need to know about, she'll tell me.  It has had its good moments for her, and we have reconnected through it with people around the globe whom we had lost touch with.  But in the case of Happy Friendship Day, Zuckerberg blew it, at least where my wife is concerned.  And it's going to be a long time before she posts personal pictures on that site again.

Sources:  I referred to an item carried by the Indo-Asian News Service (and no doubt many other outlets) on Mark Zuckerberg's announcement urging people to celebrate Facebook's twelfth anniversary as Friendship Day.  The article appeared at

Monday, February 22, 2016

Apple Versus the Feds: How a Smartphone Stymied the FBI

When Syed Farook and Tashfeen Malik died in a hail of gunfire last December 2 after killing 14 people at a San Bernardino office party, the FBI recovered Farook's iPhone within a few hours.  One of the critical unanswered questions about the San Bernardino shootings is whether the couple had outside help, and the data on the iPhone may hold the answer.  Problem is, the FBI can't get at the data, and Apple, the iPhone's maker, won't help them.

Why not?  Let's let Tim Cook, CEO of Apple, answer that one:  "[T]he U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone."  A little historical perspective is in order to put this situation into context.

With the advent of powerful digital computers, advanced encryption algorithms were designed and adopted by both sides of the Cold War (both the U. S. and the Soviet Union) for secret communications in the 1970s and onward.  The U. S. National Security Agency, long used to spying on analog communications in which good radios were the most elaborate equipment needed, found itself behind the technology curve and spent millions on advanced computing technology to maintain its ability to crack enemy codes.  The computing power of those early NSA computers now resides on your smartphone, and after a run-in with NSA a few years ago involving spying on Apple, the tech company and its president resolved to do a better job than ever in protecting its customers' privacy.  The latest iPhone operating system has a feature that not only encrypts the user's private data, but destroys the internal encryption key if it detects more than 10 attempts to unlock the phone using the 4-digit password.  After that happens, nobody but God can retrieve the data. 

At first the FBI was hoping that the phone was backed up to the iCloud, where the data might be recovered.  But it turns out that the automatic backup feature was turned off last October, possibly by Farook to avoid just such snooping.  After trying everything they could think of, including things Apple suggested, the FBI has asked Apple to do something that the firm claims is unprecedented. 

The FBI wants Apple to write a new operating system for Farook's phone that will allow unlimited password tries electronically, which will allow the FBI to access the phone's data.  They say it will only be used on Farook's phone, and so there is no risk to anybody else's phone.  The FBI has put this request in the form of a court order, and Tim Cook has vowed to fight it.

Why?  Apple claims the risks of that system getting loose, either accidentally or by command, are simply too great, and they have dug in their heels.  For example, it has been suggested that once it becomes generally known that Apple has developed such a backdoor, repressive regimes will order the firm to give it to them, or else kick Apple out of the country.

This is not the first time that Apple and the federal government have been at loggerheads over encrypted data.  In a 2014 case, Apple was ordered to extract data from an iPhone, but it is not immediately clear from the record whether they complied.  In both that case and the San Bernardino situation, the FBI cited as its authority the All Writs Act of 1789, which basically lets courts issue writs (orders) "necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law."   To the ears of this non-lawyer, it sounds like the law basically says you can do whatever you want, but the Act is typically hauled out as a kind of last resort, as subsequent case law has erected a set of four conditions that must be fulfilled before a court can issue an order under the Act.  Of course, the FBI thinks the conditions are fulfilled, and Apple doesn't.

Apple's stand is based on the idea, not that common among high-tech companies, that even Apple doesn't have any business with your personal data, which is why they designed the iPhone operating system to be so hard to crack.  This differs from practices of other firms, who happily mine their customers' private data for commercially valuable things like brand names and so on.  Privacy advocates from across the political spectrum have joined Cook in his opposition to the order, and the outcome of this case could have wide implications not only for the FBI and smartphones, but for digital privacy generally.

National Review commentator Kevin Williamson (from whose column I first learned about this matter) takes the view that the FBI is taking the easy way out by simply ordering Apple to do its job.  There is evidence to support this claim.  For example, in its instructions to Apple, the FBI asked them to rig a bluetooth link to the phone so they could try the 9999 different number combinations electronically, instead of having to make somebody sit there and do it by hand.  This apparently minor detail has the aroma of a royal order to underlings—"and while you're at it, fix it so I don't mess up my manicure wearing my fingers out on that touchscreen of yours."  Back in the days of telephone hacking in the 1960s, teenagers with time on their hands would amuse themselves by dialing all 9999 numbers in a given 3-digit telephone exchange (e. g. 292-0000 to 292-9999) just for the thrill of discovering the test and supervisory numbers the phone company used for long-distance routing and maintenance.  Apparently, the FBI can't be bothered with such tedium.

The matter is in the hands of lawyers now, and if the issue does indeed go all the way to the Supreme Court, its fate may well depend on whether President Obama gets to appoint a new member after Justice Scalia's recent demise, or whether the next president does, or whether a split Court ends up doing nothing (split decisions leave the lower court's decision standing).  Whatever happens, I admire Tim Cook for taking a principled and consistent stand for a cause that he could so easily abandon:  the notion that privacy still means something in a digital age.

Sources:  Kevin Williamson's column "Hurray for Tim Cook" can be found at National Review Online at  I referred to articles by ABC News reporter Jack Date carried on Feb. 19, 2016 at and Feb. 17 at  I also referred to an article in The Guardian online at, and Wikipedia articles on encryption software and the All Writs Act of 1789.

Monday, February 15, 2016

Tragedy in Taiwan: Collapse of the Golden Dragon Building

On Saturday, Feb. 6, a magnitude-6.4 earthquake shook the island nation of Taiwan.  Nearly all the high-rises in the southern city of Tainan withstood the quake without serious damage, partly because of new building codes enacted after a more severe earthquake in 1999 killed 2400 people.  But in the Feb. 6 quake, a 17-story building containing 96 apartments completely collapsed, trapping victims inside and causing the majority of the deaths involved.  As of Feb. 11, the confirmed death toll in the quake stood at 55, but many bodies probably remain in the ruins of the Golden Dragon apartment building, which was erected in 1994 before the new building codes took effect.  On Feb. 9, the building's developer and two associates were arrested and charged with professional negligence causing death.  Prosecutors claimed that shoddy construction was responsible for the building's collapse, saying that cans of polystyrene foam were used as fillers in the reinforced-concrete structure and that steel reinforcing bars were too short. 

Building a structure that can resist earthquakes is a challenge that modern structural engineers tackle routinely.  Very few steel-framed high-rises are seriously damaged by earthquakes, because the type of steel used in them has a certain amount of "give" which allows the stresses of a shaking foundation to bend but not break supporting members.  The only exception is the unusual case when an earthquake's period coincides with a building's resonant frequency and vibrations build up until something snaps.

Reinforced concrete is another matter entirely.  Concrete has excellent compressive strength, but it's brittle and doesn't bend easily.  If you try to bend it, parts of it are put into tension, and pure (unreinforced) concrete has almost no tensile strength, so it cracks when subjected to the pulling forces that bending causes. 

Many decades ago, construction engineers figured out how to embed "rebar"—steel reinforcing bars—in concrete to provide the tensile strength that concrete alone cannot provide.  Properly apportioned and applied, reinforcing bars can make concrete-framed structures just as strong as steel ones, with the advantage that setting up molds and pouring beams and floors can be a lot cheaper than assembling a steel frame.  So many buildings for which cost is an issue, such as apartment complexes, are made of reinforced concrete.

However, making such a structure earthquake-resistant is a challenge, especially if it was not originally designed that way.  A personal anecdote will illustrate this.  I attended the California Institute of Technology in Pasadena from 1972 to 1976.  That institution began its existence in 1891 as a vocational school funded by businessman Amos Throop.  By 1912, the main building on campus was Throop Hall, a reinforced-concrete-and-brick structure that stood until a 1971 magnitude-6.6 quake seriously damaged it.  Engineering studies showed that the structure was fatally flawed with regard to earthquake resistance, and would probably collapse in another quake of the same or greater magnitude.  So despite its historic associations, it was condemned and fell to the wrecking ball during my freshman year there. 

The problem of what to do with existing structures when building codes change is difficult, and municipal authorities rarely condemn buildings that are not obvious ongoing hazards simply because of a building-code change.  The Golden Dragon apartment building may have been erected in compliance with the codes as they stood in 1994, but emotions are running high after the disastrous collapse, and the developers will have to argue in court as to whether they behaved responsibly during the construction of their building.

One way to enable reinforced-concrete structures to withstand earthquakes is to make ductile joints between the horizontal and vertical members of the structure.  This will allow the building to "follow" horizontal ground movement without imposing fatal strains on the supporting walls.  The fact that lightweight material such as plastic foam was used as fill may not necessarily indicate shoddy construction.  And the length of rebars is something that may or may not have had anything to do with the building's collapse.

The good news coming out of this tragedy is that more buildings didn't collapse, as for example happened in Haiti in 2010.  What few building codes existed there were not enforced, and although there were few structures more than three or four stories high, over 200,000 of them collapsed and the death toll exceeded 100,000.  As a rapidly developing nation, government officials in Taiwan did the responsible thing following the 1999 earthquake and imposed building codes that required buildings to withstand a certain level of earthquake shocks.  The fact that only one major high-rise collapsed, and that one a pre-1999 structure, says that the new building codes have been largely effective.

In addition to investigating the construction of the ill-fated Golden Dragon, Taiwan officials may want to consider a program of inspections of pre-1999 structures with an eye toward preventing more such tragedies in the event of a larger earthquake.  Even if the conclusion is that things are okay, this would be a reassuring thing to find out.  And if some other structures are like time bombs waiting to be set off by a large earthquake, the time to find that out is now, not when the next big one hits. 

Sources:  I referred to news items from Agence France-Press carried by the Australian Broadcasting Company at and UK's Daily Mail at  I also referred to the Wikipedia articles on earthquake engineering and the California Institute of Technology.

Monday, February 08, 2016

Twitter and Terrorism

On Feb. 5, the short-message-service Internet firm Twitter announced that since the middle of 2015, it has suspended 125,000 accounts because they appeared to be promoting terrorism or similar extremist activities.  While Twitter has long maintained rules against such content in tweets, this is the first time they have made public a specific number of account suspensions connected with terrorism.  This move and the associated problem Twitter is trying to deal with bring up important questions about the ethics of communications technologies and the way private organizations have displaced national laws as arbiters of free speech.

Historically, communications systems rarely arise in discussions of engineering ethics.  For example, I doubt that in the 1950s the Society of Motion Picture Engineers debated the question of screenwriters who were blacklisted during the McCarthy communism-scare era.  The question of a medium's content was seen to be almost totally distinct from the technology and engineering it used. 

But gradually that has changed as technical, managerial, and censorship roles have morphed and merged in the strange new cyberspace world of spam, viruses, and tweets.  The problem Twitter faces, of groups such as ISIS using Internet services to promote and coordinate terrorist activities, is real.  Syed Rizwan Farook and his wife Tashfeen Malik apparently drew much of their inspiration for the attack in San Bernadino, California from Internet sites promoting jihad.   Their December 2015 attack killed fourteen and wounded twenty-two.  Even messages limited to 140 characters can be used to recruit and coordinate such things, although there is no evidence that Twitter was involved in that particular incident.

Nevertheless, Twitter, with only 3,900 employees, faces the daunting task of enforcing its Twitter Rules on all 300-some million active users every day.  Clearly, much of this task involves technology to sift through the millions of messages pouring through Twitter's servers.  It also involves the cooperation of groups concerned about terrorism, with which Twitter has teamed in an effort to find and suspend violators of Twitter's rule against promotion of terrorism.  But it also involves fundamental questions of free speech—questions that used to be debated mainly in the halls of legislatures and courts of law, not in the cubicles of software engineers.  Increasingly, it's the engineers—or people who work closely with them—making the on-the-ground decisions about who gets to tweet and who gets their beaks clamped shut.

The fact that Twitter has gone public with a specific number of account closures is a move apparently designed to send a message to those who would use the service for nefarious purposes.  It also serves to raise the status of the company in the eyes of those who are worried about misuse of the Internet for terrorist activities.  And it emphasizes the magnitude of the problem.  Suspending accounts can be compared to a medical test for a serious ailment.  If you get too many false positives, you'll be bothering healthy people with a diagnosis that later has to be reversed.  But if you get too many false negatives, you let people with a serious disease slip through without treatment, possibly leading to worse results later on.  So the challenge for Twitter is to find accounts that are being used to promote terrorism in some way and suspend only those, without cutting off people who are not trying to make trouble.

From a free-speech point of view, these suspensions could be viewed as censorship.  But even the courts recognize that free speech has limits—the classical example being the lack of a right to yell "Fire!" in a crowded theater.  So Twitter's actions are justifiable on that basis in cases where the possible harm to others in the form of terrorist activity appears to outweigh the value of preserving free speech for all Twitter account holders. 

This is not a critique of Twitter, by any means.  They appear to be taking responsibility for a hard job and doing it as well as they can.  Looming in the background, of course, is the possibility that if a family of someone killed in a terrorist attack discovers that Twitter accounts were involved in planning the attack, the firm might get sued.  While I'm not aware of any such suits, such possibilities always have to be considered when you are dealing with a large-scale operation involving millions of people. 

But I think the most notable thing about this situation is the way that the practical basis of free speech, in this case anyway, has spread from the legal system to international private firms where the parties are mostly anonymous users, largely invisible software engineers, and company policy makers, in cooperation with various outside agencies who are all selected by Twitter.  The legal system hasn't entirely lost its influence, in that companies such as Twitter are still responsive to sustained large-scale legal challenges.  But in the wild-West environment of the Internet, such challenges are unusual and often politically inspired.  Preventing terrorism is a pretty uncontroversial position politically, and so Twitter doesn't seem too worried that it will get sued by a coalition of terrorist groups for what it's doing to their accounts.  Terrorists have other ways of settling such disputes, and I hope they don't use them.

It's a shame that evildoers have bent the Internet to their will to the extent that firms like Twitter have to spend a lot of time and effort whacking moles, which in many cases pop up again right away, either on Twitter or on other more private Internet communications setups.  But doing nothing would be irresponsible.  The knowledge that such suspensions can happen is what makes most Twitter users behave, not so much the actual suspensions, just as the knowledge that one is liable to get a speeding ticket makes most people obey speed-limit signs whether or not there is an actual traffic cop in sight.  Kudos to Twitter for kicking suspected terrorists off the telephone wires, so to speak, and let's hope that their very public stance against such things forces terrorists into corners of the Internet where it is harder to recruit people to their cause.

By the way, I have begun to do a weekly tweet summarizing each blog post.  My Twitter handle is @karldstephan, in case you want to follow me there.

Sources:  The New York Times carried an article by Mike Isaac entitled "Twitter Steps Up Efforts to Thwart Terrorists’ Tweets" on Feb. 5, 2016 at  I also referred to the Twitter announcement of the 125,000 suspensions at, the Twitter Rules at, and the Wikipedia article on Twitter.

Monday, February 01, 2016

Dereliction of Duty: The Flint Water Crisis

When a city operates a public water-supply system, it enters into an implied agreement with its customers, most of whom have no realistic second choice as to where to get domestic water.  Customers buy water from the city, and the city guarantees that the water is safe to drink. 

Starting in April of 2014, the city of Flint, Michigan began to violate its part of the bargain.  In 2011, the impoverished tax base of Flint, long past its glory days when the U. S. automotive industry was king, forced the city into receivership.  A dispute with the city of Detroit, from which Flint had purchased its water for the past several years, led to an attempt by the state-appointed emergency manager of Flint to save money by switching to a backup source of water, the Flint River.

The Flint River's water itself was safe to drink, but it was more acidic and had more salinity than the treated Detroit water did.  During the spring and summer of 2014, residents of Flint, especially those in older homes, began to notice that the water had an odd taste.  Up to about 1920, most service connections to the water mains were made with lead pipes.  While lead is a well-known toxin that is especially hazardous to pregnant women's babies and children under 6, the Detroit water previously supplied by Flint before April 2014 had coated the inside of the pipes with an inert phosphate or oxide layer that usually kept the levels of lead small enough not to cause problems.

However, the acidic and saline Flint water began etching away the mineral coating in the lead pipes to expose bare lead to the water going through the pipes, and levels of lead in water supplied to Flint homes began to rise.  In March of 2015, a private water-infrastructure firm called Veolia issued a report saying that lead in Flint water was in violation of EPA regulations.  While it was tragic that increased levels of lead got to Flint's citizens at all, something worse was about to happen.

In response to the Veolia report, the state-appointed financial manager of Flint, Jerry Ambrose, said that the city water was in compliance with all EPA and Michigan Department of Environmental Quality standards, and "the city is working daily to improve its quality."  This statement may have been technically true in the sense that the water Flint was putting into the mains was safe by itself.  But once it passed through resident-owned lead pipes, the combination was dangerous.  In September of 2015, a study by a Virginia Tech professor revealed that the levels of lead in tap water was higher than federal regulations allowed in about a quarter of Flint's households, and was up to 800 times the limit in some locations. 

Finally, in October of 2015, under pressure from state and local groups, Flint switched back to buying water from Detroit.  But the damage had already been done:  the mineral coatings that had built up over many decades in lead pipes was now mostly gone, and just going back to water with less acidity and salinity wasn't going to fix the problem. 

The story since then has been one of complex political wrangling that has tainted Michigan Governor Richard Snyder, who has approved over $30 million of state aid for the crisis, and is still ongoing in the form of lawsuits, emergency orders, water testing, and questions from residents about what harm has befallen their children and what they should do next.

As so often happens, the people most affected by this crisis are the ones least able to do something about it:  babies of pregnant women who drank lead-laced water and children who may still be ingesting lead from a place that ought to be safe to drink from, namely, the water faucets in your own house. 

When lawsuits come into play it isn't always easy to get to the bottom of a situation and find out exactly who knew what when.  To my knowledge, regular tap-water tests inside resident's homes are not routinely done by municipal water departments, but testing for lead in one's drinking water is not something that it is reasonable to expect private individuals to do—especially not those below the poverty line, which describes many of Flint's residents.  Engineers in the Flint water department should have known (and may well have known) that the combination of acidic Flint River water and lead pipes in old infrastructure was going to lead to problems.  But even after the trouble was widely known by the public and verified by independent tests, the financial manager of Flint apparently remained in denial.  Admittedly, being in bankruptcy makes things more complicated for a municipality, but the physical safety of citizens should override fiscal considerations. 

The Flint water crisis is an object lesson in how not to handle a public-health problem, especially one that was caused, at least indirectly, by actions of the city itself.  Despite abundant evidence that there was a problem, city officials delayed remedial action for another six to nine months.  This will probably dig the city even deeper into its financial hole after lawsuit judgments come due, and shows how important prompt, definitive action can be, and how much trouble can result if it is delayed.

Ideally, every bit of lead pipe in the city of Flint should be dug up and replaced with non-toxic service pipes.  But that would cost several thousand dollars per household in a city that is already reeling from decades of economic decline.  The United Way and other charitable organizations have gotten involved, but their efforts are limited to checking on current lead levels and alleviating possible medical consequences of ingesting lead during the worst of the crisis.  The fallout from this incident will haunt Flint for years, and I can only hope that the awareness of lead-contaminated drinking water brought into prominence by this situation will lead other cities with similar problems to get their own lead-in-water issues in order.  Sometimes a blunt colloquialism is the best way to express things:  "Get the lead out!"

Sources:  I referred to the Wikipedia article "Flint water crisis," an article in the Detroit Free Press online edition of Jan. 30, 2016 at entitled, "EPA:  High lead levels in Flint exceed filters' rating," and a Massachusetts Water Resources Authority online report's executive summary about the effects of acidic water on lead pipes at  I also referred to an Associated Press article, "$28 million added to address water crisis in Flint," by Jeff Karoub and David Eggert carried in the Austin American-Statesman print edition of Jan. 30, 2016.