Nasdaq shut down for 3 hours yesterday, the second electronic trading SNAFU of the week (the first being the Goldman (GS) option fiasco). The problem? Another example of the effects of a SLOB (simulacrum of a limit order book). One of the links in the US SLOB is the SIP (Security Information Processor) connecting NYSEArca and Nasdaq. This sends information about quotes from one exchange to the other. This information is necessary to link the markets: in order to prevent locks and crosses, and to direct orders to the best priced market, each venue needs to know the quotes at the others. According to Nasdaq, irregularities in the SIP were causing problems with its system, so it shut down to prevent a more catastrophic failure.
Moral of the story: links are major points of failure in a SLOB. (Though it is interesting to note that on the same day Globex was displaying crossed markets in the bean complex, and Globex is a true CLOB not a SLOB. But trading continued.)
My first thought on hearing of the shutdown was a SLOB problem. My second was hacking. There has been a spate of stories of late about exchanges being major potential targets of hackers/cybercriminals.
This is one of the reasons why I take an interest in Appelbaum, Snowden, Anonymous, etc. Exchanges, and financial infrastructure generally, are major targets of these psychopaths for at least a couple of reasons. First, some are just criminals, who like Willie Sutton target banks and the like because that’s where the money is. Second, the hacker movement is a hotbed of anti-capitalist ideology that motivates attacks on capitalist institutions.
Meaning that the defenses of our financial infrastructure are vitally important. And this is another source of major concern, which the Snowden affair puts front and center. Infosec workers are recruited from the same milieu as the hackers. The membrane between hackers on the outside and supposed defenders on the inside is very permeable. There is lots of talk about the color of hacker hats, but ethically and ideologically the distinctions between black, white, and grey hats are quite blurry, and the boundaries are transgressed often.
Snowden is a classic example of that. Former head of the NSA, General Hayden, said that perforce NSA and the government generally has to recruit from this group, but find ways to protect from those with a “romantic attachment to absolute transparency at all costs.” Yes, the transparency romantics are a potential problem, but I think they’re the least of our worries: transparency romanticism is often a public pose for those motivated by malign anti-US and anti-capitalist beliefs.
The narcissism and grandiosity that Snowden exhibits are also all too common in this community, both inside government and financial institutions, and outside. Indeed, there is a very strong and widespread tendency of these people to view themselves as superior in some way, and justified in acting as judge, jury, and executioner when it comes to the release of information, and operations against targets that violate their highly tuned-and self-righteous-moral senses. Again, Snowden is a perfect example: he arrogated to himself the ability to decide what was illegal and immoral. So did Bradley Manning, though he (and yes, he is still a he and he was a he when he made this statement, so I’m passing on the Chelsea thing) repudiated that in his pre-sentencing statement.
Indeed, this is a common theme in the infosec community. Take a look at the attached video by a Pied Piper of this community, ex-priest (and, alas, University of Chicago grad) Richard Thieme. (H/t @libertylynx, who also raised many of the points below.) This guy is lionized in this community. He matters. He is viewed as the voice of many. Check out the fawning, personality cultish comments to the video.
Thieme basically asserts that infosec specialists answer to a higher law, in part because there is a nexus between law enforcement and criminality, and in part because traditional legal distinctions (e.g., foreign vs. domestic) have been obliterated by technology and shadowy, scary supra-state actors. Check out the rants around minute 32:00. And for a dose of virulent anti-bank rhetoric, which really has to be heard to be believed, fast forward to minute 43 or so.
You know that there are infosec people in banks-and exchanges-who idolize this guy, and buy into his message. The message is banks are criminal. The government is criminal. So it’s not criminal to attack them. Indeed, one can be justified in doing so. Yes, many of the would-be attackers are on the outside, but as Snowden shows, there are inevitably many on the inside. And some on the inside have no problem in dealing with Appelbaum and the like. Case in point, an infosec guy I interacted with on Twitter until he blocked me. (Thin skin seems to be another occupational hazard.) He would countenance no criticism of Appelbaum.
Meaning that the most dangerous threats to exchanges and financial infrastructure may be those who are hired to defend them.
So this is one of the reasons I write about Snowden, and Appelbaum, and Assange, and Greenwald, and the rest of this crowd. Their agendas and connections need to be understood-and broadcast. For these avatars of transparency are notoriously protective of their own activities and connections. Given the inevitability that some of those to whom they are connected are on the inside of vital financial and government institutions, this is a matter of grave concern. And a matter that mainstream journalism has been shockingly negligent in investigating and reporting.
Appelbaum and Poitras are in Berlin now, and Berlin-land of the Pirate Party-is arguably the epicenter of this community. But it is an international community, and what happens in Berlin doesn’t stay in Berlin. It could be coming to a bank or exchange near you. If it hasn’t happened yet, it’s not for lack of trying, or the lack of potential acolytes within these very institutions.