Politico reported last week that 49 congressional web sites were hacked, which only became apparent just after the State of the Union Address last week. Web sites displayed simple hacker-speak web pages and many of the sites were completely unavailable for hours.

This should be great fodder for the Black Hat folks meeting in DC (actually Arlington, VA) this week.

Paul Krugman posted an interesting piece in the NYT today, in which he ruminated on the testimony offered before congress by some of the leading banking executives, and concluded the following:

Do the bankers really not understand what happened, or are they just talking their self-interest? No matter. As I said, the important thing looking forward is to stop listening to financiers about financial reform.

I definitely agree that bankers (or anybody for that matter) shouldn’t be allowed to write their own rules. We shouldn’t regard people as benevolent geniuses just because we find it difficult to understand them. Krugman’s point reminds me of some of my own musings on the topic (for example, see “Money Can’t Buy You Trust: What We Won’t Be Getting for $1 Trillion“). In short, there’s no such thing as blind trust.

This week, I started a new job as Sr. Manager at Accenture. I’ll be working in Accenture’s Security Consulting Practice, focusing on Identity and Access Management. So my new role is basically a continuation of my career for the last dozen years, but at Accenture it’s also an opportunity to get involved in some of the most challenging and culturally relevant identity projects of our time.

Governments continue to develop identity systems, commercial sites increasingly add social networking features, and new cloud services strain existing modes of online trust. I’m looking forward to a very interesting year!

The NYT ran an article today discussing how humans may be wired for trust. In a recent study of small children, scientists discovered that traditional views of human nature as hopelessly egocentric and fiercely competitive don’t portray the full picture. From the article:

“We’re preprogrammed to reach out,” Dr. de Waal writes. “Empathy is an automated response over which we have limited control.” The only people emotionally immune to another’s situation, he notes, are psychopaths.

Dr. Michael Tomasello, one of the researchers cited in the NYT article, explains that “we are both selfish and altruistic at the same time.” Some of the altruism in humans comes from what Tomasello describes as “shared intentionality.” Again from the article:

The shared intentionality lies at the basis of human society, Dr. Tomasello argues. From it flow ideas of norms, of punishing those who violate the norms and of shame and guilt for punishing oneself. Shared intentionality evolved very early in the human lineage, he believes, and its probable purpose was for cooperation in gathering food. Anthropologists report that when men cooperate in hunting, they can take down large game, which single hunters generally cannot do.

I’m sure this view of human nature feels intuitive to most people, but Western traditions haven’t given these ideas much play. Perhaps the current economic crisis will inspire policy makers and economists to re-evaluate the philosophical underpinnings of capitalism.

But narrowing the topic to the field I work in (digital identity and internet security), I wonder 2 things: How can we provide for shared intentionality on the Internet? And how do we also imbue applications and other non-human actors on the Internet with similar instincts?

Comments welcome!

In continuation of Elinor Ostrom week on this blog, I thought it appropriate to point everyone to one of her recent collaborations, “Rules, Games, and Common Pool Resources,” a preview of which is freely available on Google books.

In my view, professional security certification programs like CISSP should include this material in their curriculum. The Internet is clearly a Common Pool Resource and understanding behavioral dynamics of such resources is critical to any security regime we try to impose on it.

More of my thoughts on these subjects to come next week. For now, I won’t presume to share the stage!

Elinor Ostrom is the first woman in history to win the Nobel Prize for economics. In my opinion, this is the news of the year. Ostrom’s work strikes at the heart of the human condition, and her conclusions challenge the way we think about governance, trust, and financial systems. She’s also a gifted writer.

The NYT cited Robert Shiller’s comment on the award:

“It is part of the merging of the social sciences,” Robert Shiller, an economist at Yale, said of Monday’s awards. “Economics has been too isolated and these awards today are a sign of the greater enlightenment going around. We were too stuck on efficient markets and it was derailing our thinking” ….

The committee, in effect, said that [current economic] theory was too simplistic and ignored the unstated relationships and behaviors that develop among companies that are competitors but find ways to resolve common problems. “Both scholars have greatly enhanced our understanding of non-market institutions” other than government, the committee said.

“Basically there is a common understanding that develops even among competitors when they are dealing with each other,” Mr. Shiller said, adding “when people make business contact, even competitors, they can’t anticipate everything, so an element of trust comes in” ….

In its announcement, the committee said Ms. Ostrom “has challenged the conventional wisdom that common property is poorly managed and should be either regulated by central authorities or privatized. Based on numerous studies of user-managed fish stocks, pastures, woods, lakes, and groundwater basins, Ostrom concludes that the outcomes are, more often than not, better than predicted by standard theories.”

As some of you may know, Ostrom’s work is the inspiration behind this blog (for example, see my comment at the end of this post) and my work on the Limited Liability Persona at Burton Group (for example, see the references to Ostrom in this report). So I find it remarkable and reassuring that her work is now being recognized on a global scale.

So, once a gain: Congratulations, Elinor!

The New York Times recently ran a piece called “How Did Economists Get it So Wrong?” The article is a brisk stroll through the intellectual heritage of economic theory in an effort to point out its developmental flaws. Here’s a snippet from the Times article that I think sums it up pretty well:

Yet [most economists] accepted the notion that investors and consumers are rational and that markets generally get it right.

Of course, there were exceptions to these trends: a few economists challenged the assumption of rational behavior, questioned the belief that financial markets can be trusted and pointed to the long history of financial crises that had devastating economic consequences. But they were swimming against the tide, unable to make much headway against a pervasive and, in retrospect, foolish complacency.

Profound. And there are lots of overtones in these few sentences supporting important themes on this blog. (For example, the Times article reads like a case study of my post on “The Absurdity of Certainty.” And as I pointed out in a recent post, the notion of an autonomous rational mind is a convenient contrivance, not an objective reality.)

The article first takes aim at “the notion that investors and consumers are rational” actors. Any economic theory that presumes human rationality may describe the economic activity of Utopia, but certainly not of the society we live in.

The author also asserts that trusting financial market simply as a matter of its past performance is foolish complacency. Spot on! Flashy displays of wealth more likely signal wanton exploitation than honest dealings.

So the short of it is: you can’t trust economists or the market machinery they build.

Joseph Stiglitz recently published an article in Vanity Fair that discusses many of the themes of this blog (for example, see: Let’s Not Confuse Free Markets With Freedom, America on the Couch, and 2008: The Year the Free Market Died.) A Nobel-laureate economist, Stiglitz provides historical context in making his case that free-market capitalism isn’t inevitable for the unwashed masses. According to Stiglitz, American capitalism sustained a mortal blow in its bid to become the “kind of economic system [that] is likely to deliver the greatest benefit to the most people.” He then offers this chilling dose of reality:

In America, calling someone a socialist may be nothing more than a cheap shot. In much of the world, however, the battle between capitalism and socialism—or at least something that many Americans would label as socialism—still rages. While there may be no winners in the current economic crisis, there are losers, and among the big losers is support for American-style capitalism. This has consequences we’ll be living with for a long time to come….

For a while, it seemed that the defeat of Communism meant the sure victory of capitalism, particularly in its American form. Francis Fukuyama went as far as to proclaim “the end of history,” defining democratic market capitalism as the final stage of social development, and declaring that all humanity was now heading in this direction. In truth, historians will mark the 20 years since 1989 as the short period of American triumphalism. With the collapse of great banks and financial houses, and the ensuing economic turmoil and chaotic attempts at rescue, that period is over. So, too, is the debate over “market fundamentalism,” the notion that unfettered markets, all by themselves, can ensure economic prosperity and growth. Today only the deluded would argue that markets are self-correcting or that we can rely on the self-interested behavior of market participants to guarantee that everything works honestly and properly.

Well put! Unfortunately, Stiglitz stops short of suggesting a viable alternative to  American free-market capitalism. Nevertheless, his analysis is welcome, as it reminds us of important problems a global neo-capitalist agenda must resolve.

My friends at Ping Identity announced last week a solution for enabling single sign-on (SSO) to a broad set of Google apps, taking advantage of Google’s new OpenID services. Ping’s product, PingConnect, actually uses a combination of standards, including SAML, OpenID, and OAuth to connect to other SaaS solutions, such as Salesforce.com. For a lot of people, there’s starting to be enough value here to justifiy getting and actually using an OpenID.

There’s some discussion among individuals close to various standards around how companies like Google and Ping Identity are interfering with the purity of these protocols. In my opinion, it’s great to see some of these standards being put to use in a pragmatic and productive way. (Granted, there’s a control play for the internet “identity hub” going on here, but I’ll have to take up in a follow-on post.)

My only advice to Ping is to henceforth refrain from using the word “Universal” — as in, “Universal Login for SaaS.”

It’s gratifying to hear more pervasive, serious discussion on the issue of social trust. A few weeks ago, social trust made the cover of the Harvard Business Review. Yesterday, Jonah Lehrer, a contributing editor at Wired, contributed a post on the topic. Very apropos to the content on this blog.

(Thanks to Laura Salmons for spotting this one!)