Monday, July 8, 2019

Book Review: Delusions of Intelligence, R.A. RATCLIFF

So one of my friends told me this story about how he went to an introductory meeting once where a bunch of Americans were presenting to his team (non-Americans) as part of a joint project. And they went down the list, with various people talking about their respective responsibilities for helping with various parts of the project. And he turned to his coworker and he was like "They all seem very smart and very nice, but to be honest, I thought the Americans would be helping more. This is a super high priority project - we have almost fifty of our best people on it full time, and there's only a dozen or so they could spare?" And his friend looked at him for a second and said, "Yes, but this is only the liaison team. They aren't doing the work. Each of these people is responsible for coordinating an entire building in Herndon full of people with our efforts."

On page 76, Delusions of Intelligence, says "Hut 6 alone had 1300 people working at it, and the total people at Bletchley Park was around 10k, while the US Army Signal Security Agency went from 331 to 26k in the same period." But this is the only mention of force strength I can find in the book.  And some quick Googling while losing every single comp game on Overwatch this weekend was not able to determine anything more specific with regards to a ratio of cryptologic efforts between countries in WWII.

It's relevant to the book's conclusions as well.  To paraphrase:
1. The Germans were hopelessly fractured with their cryptologic efforts vs. a unified and centralized British and Allied approach
2. Early success and high-level support (Churchill) allowed for the investment of "big projects" on the side of the Allies to attack difficult problems which the Germans assumed were impossible (so did not even try at)
3. Assuming that cracking mechanical rotor crypto was impossible made a psychological barrier in the Germans that made even major OPSEC lapses on the part of the Allies something to be rationalized away
4. The Germans were obsessed with short term tactical results, and overwhelmed with processing even those. And they assumed mechanical (computational) efforts to aide them would not be fruitful since "cryptography is done with the human mind".
5. The German war effort was entirely military-minded, wheras the Brits had a fluid "Civilian" and "Civilians in whatever uniform made the most sense at the time" approach.

Some of this was said best in Neal Stephenson's Cryptonomicon where he has a character point out that the war was essentially stamped out in the Bletchley Park Huts, or that for the Japanese to tell their superiors that their codes were broken would be so dishonorable that it was impossible to believe, even if the results of it were obvious.

And the corollary to American cyber efforts (fractured, with maximum infighting), are hard not to ignore. The historical picture of a German cypher network getting partial upgrades over time, which if done all at once would have knocked the Allied efforts out, but done piecemeal were ineffective, can only remind you of similar efforts to modernize the USG networks and systems.

To be fair, the book heavily undersells resource constraints and "killing all the smart people seems to be bad for our cryptography team" as causal. 

In any case, ironically this book is only available in paper form, but I highly recommend picking it up for a flight.

No comments:

Post a Comment