From: Harvey Newstrom (mail@HarveyNewstrom.com)
Date: Thu May 23 2002 - 23:50:37 MDT
On Thursday, May 23, 2002, at 04:47 pm, Charles Hixson wrote:
> Consider that a police officer is expected to conduct some number of
> "random" searches in a period of time. Now suppose that the group of
> people he is expected to select his targets from has some way that has
> a positive probability of selecting those individuals who will be less
> able to injure his career. (Say, they are less able to hire a lawyer
> and sue for harassment, or some such.) The "random" search will
> quickly become non-random for obvious reasons.
This proves my point. Such an evolution clearly is inefficient and
undesirable. The police officer become self-serving and chooses his
targets for his own benefit rather than for the safety of the public or
because of the actions of the targets. Such a police officer needs to
be corrected to perform police duties rather than self-promoting his
personal concerns.
This example of group-based judgments shows a negative outcome, not a
positive one. Such group selection fails to meet police goals and
instead starts serving the officers' private agendas or starts hurting
certain groups through no fault of their own.
> So either everyone gets searched, or the selection of targets is made
> by some non-involved process (say, throwing a die). Or the process
> becomes non-random. And you've already said what that causes.
You seem to be making my argument for me. If people choose targets by
group-based judgments, the security system fails. Only by ignoring
group-based judgment can security be enforced. This is why security
professionals who design security procedures try to eliminate
group-based judgments. They are flawed and do not work.
-- Harvey Newstrom, CISSP <www.HarveyNewstrom.com> Principal Security Consultant <www.Newstaff.com>
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:14:19 MST