"Open Source Warfare" vs. "Arcane Use for Power"
SETEC ASTRONOMY aside, there really are TOO MANY SECRETS. But enough with the anagrams…
Question: Has information secrecy, and the concept of secrets in general, outlived its usefulness?
I’ll go ahead and give a bold answer, and then try to support it: secrecy is an inefficient and outmoded symptom of hierarchy. While this theory has many adherents in the intellectual property and computer programming worlds, it is nearly universally rejected in the areas of foreign policy, security and warfare. Why?
First, let’s take a look at the mechanics of secrecy. Secrecy is based on constraining information access to select nodes in an organizational structure, which in turn creates new chains of information flow (see Diagram 1). Sometimes, due to the associated need to ensure secure transmission of secrets, additional communication links must be established between two nodes with access to a secret: one for non-secret communication, and another for secret communication. This burdens the communications structure of an organization. When our subject is a hierarchal structure, the extra burden imposed by secrecy further compounds the primary weakness of the organizational structure: the energy allocated to information processing. As R. A. Wilson has demonstrated, at some point in its growth, the information processing burden of a hierarchal structure exceeds the other efficiency gains of hierarchy. The demands of secrecy quickly mushroom (DoD has more than 6 levels of information classification transmitted over more than 4 separate and non-interacting networks), creating an extremely inefficient system.
Is this inherent inefficiency a cost worth paying for protecting critical secrets? That is the conventional wisdom, but I am proposing that there are two main reasons why secrets are not worth the cost of protecting them: the OODA loop and Economic Game Theory.
OODA loop
Air Force Colonel John Boyd developed the OODA loop model: Observation – Orientation – Decision – Action. It models how military forces (and almost anyone else) process information. An organization’s information processing capabilities are committed to observing a situation, orienting themselves and their goals to the observed situation, making a decision on how to act in order to best realize their goals given the situation, and then taking that action. Every step in the OODA loop is dependent on the information processing capability of an organization, and involving secrecy in the process slows the realization of action based on a given observation. The time that information remains in the loop before it is acted upon is critical: action is never based upon a current observation of a situation, but rather is based upon an observation of how a situation was at the time that the observation was made and the OODA loop process was initiated. While secrecy of information may prevent decisions and actions from getting into the hands of the enemy, it also results in taking action on increasingly outdated information. In contrast, the absence of secrecy of information, or open source warfare, facilitates a much faster OODA loop process, which grounds decisions and actions in much more current information. An enemy can only take advantage of available information if their OODA loop operates quickly enough to observe the available information, orient their goals to it, make a decision and take action inside the time frame of their opponent’s OODA loop. This is the fundamental information battleground: getting inside your opponent’s OODA loop. Secrecy or availability of information is irrelevant if your loop is quicker than your opponent’s, and secrecy only serves to slow down your loop!
Economic Game Theory
The second reason why secrets are not worth the cost of protecting them draws on economic game theory. Specifically, I will use the prisoner’s dilemma model. Conventional wisdom suggests that one should guard information about plans to exploit, harm or take advantage of another party, as the other party may react negatively if they learn of this information. First, I should point out that if Party A’s OODA loop operates more quickly than the OODA loop of Party B, it won’t matter if Party B finds out Party A’s nefarious intentions – it will be too late. But, more controversially, I will suggest that it is always in Party A’s best interest not to adopt plans to exploit, harm or take advantage of Party B in the first place. The Prisoner’s Dilemma will explain why:
For those not familiar, the prisoner’s dilemma is based on the following scenario: two thieves, X and Y, are arrested for collaborating on a robbery, and are held in separate cells for interrogation. If neither X nor Y confess and rat on the other, then neither serves jail time. If X confesses and rats on Y, but Y refuses to confess and give up X, then X gets a reduced sentence and Y goes to jail for a long time (and vice versa). If both X and Y independently confess and rat on the other, then both go to jail for an intermediate period. So, if you are X, and don’t know what Y will do, what action do you take?
If this process only plays out a single time (as with criminals), then it is difficult to reach an optimal conclusion: you don’t know what Y will do. But if this process plays out over and over again with the same actors (as in international relations, trade sanctions, etc.), then both parties can make calculations based on their counterparts previous actions. If the cycle is stuck in a process of reciprocal retaliation (both X and Y ratting on the other out of mistrust), then X has the option of making a conciliatory gesture—not confessing and ratting out Y. While X may suffer increased consequences in the short term, in the long run Y will realize that by working with X and not ratting each other out, they can both enjoy greatly increased benefits. Likewise, by not adopting plans to exploit, harm or take advantage of one’s counterparts, in the long run trust will build and parties can engage in mutually beneficial actions: free trade, information sharing, reduced protective and defensive expenditures, etc.
And here’s the kicker: the most efficient way to get other players to enter into cooperative, mutually beneficial endeavors with you is to adopt a comprehensive policy of no secrets. If you don’t have secrets, if you don’t have the capability to process information secretly, then trust builds very quickly that you do not have a secret motivation behind your friendly gesture.
Bottom line: information secrecy is not worth the cost. Faster OODA-loop processes prevent a potential adversary from exploiting your open information, and the Prisoner’s Dilemma demonstrates that your openness will increase interaction efficiency for all parties, over time.
Question: Has information secrecy, and the concept of secrets in general, outlived its usefulness?
I’ll go ahead and give a bold answer, and then try to support it: secrecy is an inefficient and outmoded symptom of hierarchy. While this theory has many adherents in the intellectual property and computer programming worlds, it is nearly universally rejected in the areas of foreign policy, security and warfare. Why?
First, let’s take a look at the mechanics of secrecy. Secrecy is based on constraining information access to select nodes in an organizational structure, which in turn creates new chains of information flow (see Diagram 1). Sometimes, due to the associated need to ensure secure transmission of secrets, additional communication links must be established between two nodes with access to a secret: one for non-secret communication, and another for secret communication. This burdens the communications structure of an organization. When our subject is a hierarchal structure, the extra burden imposed by secrecy further compounds the primary weakness of the organizational structure: the energy allocated to information processing. As R. A. Wilson has demonstrated, at some point in its growth, the information processing burden of a hierarchal structure exceeds the other efficiency gains of hierarchy. The demands of secrecy quickly mushroom (DoD has more than 6 levels of information classification transmitted over more than 4 separate and non-interacting networks), creating an extremely inefficient system.
Is this inherent inefficiency a cost worth paying for protecting critical secrets? That is the conventional wisdom, but I am proposing that there are two main reasons why secrets are not worth the cost of protecting them: the OODA loop and Economic Game Theory.
OODA loop
Air Force Colonel John Boyd developed the OODA loop model: Observation – Orientation – Decision – Action. It models how military forces (and almost anyone else) process information. An organization’s information processing capabilities are committed to observing a situation, orienting themselves and their goals to the observed situation, making a decision on how to act in order to best realize their goals given the situation, and then taking that action. Every step in the OODA loop is dependent on the information processing capability of an organization, and involving secrecy in the process slows the realization of action based on a given observation. The time that information remains in the loop before it is acted upon is critical: action is never based upon a current observation of a situation, but rather is based upon an observation of how a situation was at the time that the observation was made and the OODA loop process was initiated. While secrecy of information may prevent decisions and actions from getting into the hands of the enemy, it also results in taking action on increasingly outdated information. In contrast, the absence of secrecy of information, or open source warfare, facilitates a much faster OODA loop process, which grounds decisions and actions in much more current information. An enemy can only take advantage of available information if their OODA loop operates quickly enough to observe the available information, orient their goals to it, make a decision and take action inside the time frame of their opponent’s OODA loop. This is the fundamental information battleground: getting inside your opponent’s OODA loop. Secrecy or availability of information is irrelevant if your loop is quicker than your opponent’s, and secrecy only serves to slow down your loop!
Economic Game Theory
The second reason why secrets are not worth the cost of protecting them draws on economic game theory. Specifically, I will use the prisoner’s dilemma model. Conventional wisdom suggests that one should guard information about plans to exploit, harm or take advantage of another party, as the other party may react negatively if they learn of this information. First, I should point out that if Party A’s OODA loop operates more quickly than the OODA loop of Party B, it won’t matter if Party B finds out Party A’s nefarious intentions – it will be too late. But, more controversially, I will suggest that it is always in Party A’s best interest not to adopt plans to exploit, harm or take advantage of Party B in the first place. The Prisoner’s Dilemma will explain why:
For those not familiar, the prisoner’s dilemma is based on the following scenario: two thieves, X and Y, are arrested for collaborating on a robbery, and are held in separate cells for interrogation. If neither X nor Y confess and rat on the other, then neither serves jail time. If X confesses and rats on Y, but Y refuses to confess and give up X, then X gets a reduced sentence and Y goes to jail for a long time (and vice versa). If both X and Y independently confess and rat on the other, then both go to jail for an intermediate period. So, if you are X, and don’t know what Y will do, what action do you take?
If this process only plays out a single time (as with criminals), then it is difficult to reach an optimal conclusion: you don’t know what Y will do. But if this process plays out over and over again with the same actors (as in international relations, trade sanctions, etc.), then both parties can make calculations based on their counterparts previous actions. If the cycle is stuck in a process of reciprocal retaliation (both X and Y ratting on the other out of mistrust), then X has the option of making a conciliatory gesture—not confessing and ratting out Y. While X may suffer increased consequences in the short term, in the long run Y will realize that by working with X and not ratting each other out, they can both enjoy greatly increased benefits. Likewise, by not adopting plans to exploit, harm or take advantage of one’s counterparts, in the long run trust will build and parties can engage in mutually beneficial actions: free trade, information sharing, reduced protective and defensive expenditures, etc.
And here’s the kicker: the most efficient way to get other players to enter into cooperative, mutually beneficial endeavors with you is to adopt a comprehensive policy of no secrets. If you don’t have secrets, if you don’t have the capability to process information secretly, then trust builds very quickly that you do not have a secret motivation behind your friendly gesture.
Bottom line: information secrecy is not worth the cost. Faster OODA-loop processes prevent a potential adversary from exploiting your open information, and the Prisoner’s Dilemma demonstrates that your openness will increase interaction efficiency for all parties, over time.
posted by Jeff Vail at 11:17 AM
2 Comments:
Actually, secrecy isn't much used in computer programming, either. At least not in cryptology. The case of ENIAC highlights the uselessness of secrecy to maintain a secure code. Something like the RSA algorithm is much more secure, since there's no "master key" you have to worry about falling into "enemy" hands.
So I guess the only place where secrecy still holds any pride of place is in the lawyers' world, where the divorce between theory and reality is sufficiently large to tolerate such absurd notions. The strict mathematical nature of computer programming, I have found, often lays bare such foolishness.
I'm wondering also what you think of emerging applications of the "open source" paradigm to fields other than computer programming, such as journalism with the recent emergence of "the Blogosphere," or to the arts with Larry Lessig's Creative Commons Project.
Sorry, not ENIAC (the first computer), but Enigma, the German cipher in World War II.
Post a Comment
<< Home