Meanwhile, in the CERIAS blog…

I just posted an item in the CERIAS blog that has some relation to my personal ideas that I post here. Entitled “If you are bored or morbidly curious,” it is a post about the computer history effort at the Charles Babbage Institute. More specifically, it is about the oral history interview they did with me.

So, check out that post if you are into that kind of thing… especially if you are bored or morbidly curious. 🙂

Spafford/Spofforth Family History + Trivia

[Updated 8/26/13 to include the contested 21st generation entry and fix small typos.]

Intro

Recently, my family vacationed in England. While there, we visited the town and castle ruins in Spofforth, a small town in Harrogate, North Yorkshire. Spofforth is strongly suggested as the ancestral home of the Spafford, Spofford, Spufford, Spuford, Spoford, Spauforth, Spofer, Spawforth, Spofforth, Spoforth, Spoffurth, Spoffort, Spofferd, Spofforths, Spauforthe, Spoofourthe, etc. family lines, at least as far back as they can be traced. (And no, not the Staffords — that is a totally different family.) That has prompted me to write up some things about the family and family history for my daughter, nieces, nephews, and other Spaffords. Read on — if you dare.

A note about spelling. Up until a few hundred years ago, spelling really wasn’t viewed as “fixed.” There were many reasons for this, including lack of references, evolving language, and low literacy rates. Thus, things were often spelled out as the scribe heard them, and there are some different spellings over time. I try to spell things in an accepted way, and reproduce the ancient spellings the way I found them in the references.

Spafford Narrative History

If you go back far enough (100 generations, certainly), every family likely interweaves with every other in a locale. I imagine if you go back 100,000 generations or so you come up with the few original homo sapiens, so in that sense every family is connected. Thus, at some levels, we are all related.

Throughout time, there was a lot of intermarriage of families and clans, and even among not-too-distant relatives, so family trees don’t really branch out quite so much as mathematics would predict. But for purposes of this essay, if we base our story on the Western view of descent of family name via the paternal line, and if we assume that all the women directly on that line were truthful about who was the father of the children involved (not necessarily a given in any family line), then my family can trace back as far as Orm in Yorkshire, England in the 10th century.

Orm (or Arm; old Danish for Dragon) was apparently a Christian lord of Viking descent, born around 965 AD. It is entirely possible that he arrived in England during the conquest by King Cnut around 1010, and may have been one of the clan chiefs (or son of a clan chief) who helped Cnut in that conquest: Orm was mentioned in an early charter of land by Cnut in 1033. Orm was a Thane in the area, of the “family” Ormerod. Orm has record of being a significant leader, and shows up again in the “Ormulum” text. Little is really known of his life, but he apparently lived near what is now Leeds. Orm paid for the restoration of the church in Kirkdale, and an engraving above the door still commemorates that. He held significant estates in Northumbria, either by conquest or gift.

Orm married into royalty. His wife, Etheldreda was the daughter of Aldred, Earl of Northumbria. Her uncle was Duncan, King of Scotland. Her great grandfather had been King of Northumbria before it had been conquered and added to the kingdom of England.

Gamel, Orm’s son, had significant land in York, Dereby, Lincoln, Stafford, Salop and Chester. He was Lord of Thorparch, on the river Thorpe in Yorkshire, There is record that he was generous to the Church, as he gave one of his manor homes to the Church of St. Peter in York. Given the time when he lived, he may have participated in Earl Siward’s 1054 military expedition against the Scottish king Mac Bethad (Macbeth!). Gamel’s mother was sister to Siward’s wife, and he was thus viewed as “family” in that household. Siward, the Earl of Northumbria, died in 1055 from dysentery. His son was too young to assume rule, so King Edward the Confessor appointed Tostig Godwinson, one of his own brothers-in-law, as Earl.

Tostig was not well-liked in Northumbria, being a Saxon in a land of many Danes and Scots. A few years earlier, he had been exiled by King Edward, briefly, from England along with his father, the Earl of Wessex. Tostig spent a lot of time in the court of King Edward, preferring the company of his kinsmen in Wessex to the people in Northumbria. He also likely secretly allied himself with the Scottish king Malcolm III. Tostig heavily taxed the locals, made unpopular decisions, and generally was disliked. He increased this dislike by appointing an inept administrator in the form of someone named Copsig who was inept. Tostig ordered the killing of several lords who objected to his heavy hand, including Ulf, son of Dofin, and Gamel, son of Orm, in 1064 during a visit to his manor in York under safe conduct.

Gamelbar, Gamel’s son, was successful and inherited his father’s lands. He was Baron of Spofforth, was recorded (after the Norman Conquest) as having the following fiefs: Folyfate, Aiketon, Spoford, Ribbeston, Plumpton, Colthorp, Stockton, Lynton, Heselwode, Sutton, Sighelinghale, Lofthowse, Kibelingcotes, Guthmundenham, Cloughton, Pokethorp, Esthorp, Hoton, Fosseton, Wandesford, Nafferton, Queldryke, Wartre, Thriberg, Edelington, Middleton, Stubbum, Skaln, Colesburn, Nesselfeld, Inwely, Wheteley, Askwith, Dalton, Horton, Casteley, Letheley, Walton, Bergheby, Arlesthorp, Soreby, Hemelsby, Steynton, Asmonderby, Merkingfeld, Hornyngton, Wolsington, Yedon, Rondon, Oxton, Tadcastre, Snawes, Haghornby, Gramhope, Kerkby, Kerkby-Orblawers, Carleton, Midhope, Remington, Neusome, Boulton, Horton, Gersington, Lynton, Ketelwell, Thresfeld, Arnecliffe, Addingham, Routherneck, Stynton, Estborne, Malghum, Brunby, Swyndon, Halton, Pathorne, Elgfeld, Thornton, Bunyngeston, Difford, Gisborne, and Westeby. Spoford or Spofforth was a place name, derived centuries earlier, and means “spot of land where the ford is” (as in ford of the river). It is uncertain what river that may have been, but the town of Spofforth is along the River Crimple, which empties into the River Nidd.

Clearly, Gamelbar was a wealthy and powerful thane.

On 3 October 1065, all the thegns (thanes) in the region rebelled, marched to Eoforwic (York) and defeated Earl Tostig’s house troops (all Danish mercenaries — he didn’t trust the locals, and apparently for good reason); Gamelbar was a leader in this revolt. King Edward sent Harold, Earl of Wessex (his brother-in-law), to York as his emissary. Harold secured a truce, and returned to the king with the recommendation that Tostig be stripped of his title. It was so ordered by the king, and Tostig again went into exile, now with a big grudge against Harold.

Tostig raised some troops via his father-in-law, Count Baldwin of Flanders, and made several raids along the coast. In January, 1066, King Edward died and Harold became king. Many others wanted to claim the throne, including Harald Hardrada of Norway, who launched an invasion. In September Tostig joined forces with Hardrada to invade Northumbria where they conquered York. Nearly simultaneously, William the Bastard of Normandy invaded Wessex (he claimed that Edward had promised the throne to him; he and Edward were cousins).

King Harold learned of the fall of York, first, and he put his troops on a forced march to the north where he caught Tostig and Hardrada by surprise. Their army was not prepared for a battle, and were defeated at the Battle of Stamford Bridge, with both Tostig and Hardrada killed and Gamel avenged.

However, as this concluded, news reached the King about William’s Norman force landing to the south. He put his exhausted (and bloodied) army on a march south to meet them. They eventually met at the battle of Hastings, where Harold — making some poor decisions along the way — died (as did his two remaiming brothers) and William became William the Conqueror; had he lost, he would probably still be known to history as William the Bastard.

Meanwhile, Gamelbeorn, also known as Gamelbar de Spofford, had been loyal to King Harold. He participated in the revolt to the Normans in 1068-1069, but the effort was defeated. William exacted terrible revenge on everyone in Yorkshire, including Gamelbar. He forfeit his estates, his mansion in York, and his many other manor homes. Those were given to William’s ally, William de Percy, who was made a Baron. Gamelbar’s main manor home was in the town of Spoford (Spofforth, now.) Gamelbar was almost certainly put to death if he was not killed in battle. (See the section below on Spofforth Castle)

So, the early history of the Spafford (et al) line has them being significantly involved with the incidents that led to the victory of William the Conqueror: Gamel’s assassination as a cause of rebellion against Tostig, leading to bad blood with Harold, leading to the attack that sapped Harold’s troops and thus unable to defeat William’s forces. As we will see later, they also were involved, very indirectly, with the Magna Carta. The family also had an indirect connection to Shakespeare via the real King Macbeth.

Line of Descent

Based on the available information (linked in above), the following appears to be the line from Orm, my (great-)29grandfather to me; there is some small dispute about whether there was another generation in 20-22. I’m leaving out siblings, although some are known (but not all are). A rather comprehensive family history up to 1888 is available as an online book, although at least one alternate and well-researched history presents some disagreement.

  1. Orm, Lord of Thorpatch. Born probably around 965, died before 1042
  2. Gamel of Spofforth. Born ca 990, killed 1064. Lord of Thorparch and Lord of the Manor of Ilkley. King’s fowler and Ranger of the Forest of Knaresborough. Assassinated by Tostig, Earl of Northumbria.
  3. Gamelbar or Gamelbeorn. Born ca 1015, died in or after 1068. Lord of Spofforth, Plumpton, Braham, etc.
  4. William de Spofforth. Born ca 1040. Joined Aldred, Archbishop of York in resisting Normans. His properties were also confiscated by the Normans in 1086 as a result of William’s scourge of Yorkshire.
  5. Walter de Spofforth. Born ca 1063, died ca 1091. Walter was killed in an invasion of England by Scottish king Malcolm III.
  6. John of Spofforth. Born ca 1085, died ca 1091. Married Juliana de Plumpton, daughter of Nigel, a lord. This was the first in a long familial association with the Plumptons over 200 years.
  7. Henry. Born ca 1115. Married the daughter of Sir Richard de Stokeld.
  8. Elwine or Elerina de Spofforth. (Also known as Robert.) Born ca 1145 and died after 1186.
  9. Gamel de Spofforth. Born ca 1175. Was Marshall to Nigel de Plumpton, Lord of Plumpton.
  10. William of Spofforth. Born ca 1200. Noted as attending a Parliment at St. Albans
  11. Nicholas de Spauford. Born ca 1235, died ca 1265. Married Dyonysia de Plumpton.
  12. Roger Blase de Spofford. Born ca 1260, died after 1325. Joined Lord Pembroke in the insurrection vs. Edward II in around 1320.
  13. Robert of Spofforth. Born ca 1285, died after 1338. Married Agnes Castelay.
  14. Robert of Spofforth. Born ca 1310, died after 1339. Married Evorta de Norwode. Served as the Prior of Helaugh.
  15. Robert Spofforth. Born ca 1340, died after 1361. Married Mary de Malebis, daughter of Sir Thomas de Malebis. Robert’s nephew, Thomas Spofford, was in the House of Lords in the reign of Henry V as Abbot of St. Mary’s in York. It is alleged that Thomas was a hero in one of the ballads of Robin Hood while Bishop of Hereford! He was also elected one of the four presidents of the Council of Constance.
  16. John Spofford. Born ca 1360, and died after 1396. Married Maria Meynel. Lived in Newsham, England.
  17. Robert Spofforth. Born ca 1405, died after 1431. Married Ann Anlaby, daughter of William Anlany and Alice Ughtred. Lived in Menthrope, near Selby, and in York.
  18. Robert Spofforth, born ca 1460, died after 1494. Married Ellen Roncliffe, daughter of Baron Bryan Roncliffe. They lived in Wistow Manor, near Selby.
  19. Bryan Spofforth. Born ca 1500, died ca 1555. Was rector of Barton-le-Street from 1536-1554. Married Agnes Aslaby (a nun), daughter of Walter Fawkes, in 1530. He was ejected from the church in 1554.
  20. Robert Spofford (sometimes listed as Richard). Born ca 1532. Married Agnes Clare, daughter of Gilbert Clare, in 1565. Robert was the first Protestant from birth in the family.
  21. [According to some accounts, there was another generation here, with Richard, b. ca 1565, died 1611. Married Anne. He was esquire to Sir Wm. Bambrough.]
  22. John Spofforth. Born ca 1588, died 1668. John was the Vicar of Silkstone, but was ejected as a nonconformist (Puritan). Married Ellen.
  23. John Spofford. born 1612 died ca 6 Nov 1678. Emigrated to Massachusetts in 1638 as a Puritan aboard the “John of London” sailing from Hull with a group led by the Rev. Ezekiel Rogers. Married Elizageth Scott, who came to MA at the age of 9 in April 1634 aboard the ship “Elizabeth.” She was the daughter of Thomas Scott and Elizabeth Strutt; the Scott family traces back to Charlemagne. John & Elizabeth lived in Ipswich and Newbury. John was 13 years older than Elizabeth. As a matter of trivia, each traveled to the colonies aboard a ship bearing their names.
  24. John Spaford II. Born 24 Oct 1648 in Rowley, MA and died 22 Apr 1696 in Bradford MA. He married Sarah Wheeler, daughter of David Wheeler and Sarah Wise. John’s name appears in the list of soldiers with Capt. Thomas Prentice’s Company in King Philip’s War, Feb 29, 1675-1676, and also in Capt. Appleton’s troop in the Narragansett campaign of the same war. John and Sarah had 8 children.
  25. Jonathan Spofford. Born 28 May 1684 in Rowley, MA and died 16 Jan 1772 in Georgetown MA. Married Jemima Freethe, daughter of John Freethe and Hannah Bray. Jonathan and Jemima had 13 children, not all of whom lived to adulthood.
  26. Jacob Spafford. Born 17 Aug 1722 Rowley, MA and died 1769 in Salisbury CT. He married Rebecca Smalley, daughter of Benjamin Smalley and Rebecca Wright. Jacob and Rebecca had 11 children. He was the first to use the last name Spafford with that spelling.
  27. Solomon Spofford. Born 21 Sep 1756 and died 2 Feb 1837 in Athol, Ontario. He Married Sally Sheldon. He had achieved the rank of Colonel in the army. He fought with the colonists in the Revolutionary War, but his allegiance changed and he fought with the British in the War of 1812, moving to Canada after the war ended. Solomon and Sally had 9 children.
  28. Abijah Pratt Spafford. Born ca 1787 and died 1842. Married Margaret Sheldon Ferguson, daughter of J. Ferguson and Polly Young. They had 9 children.
  29. Abijah Spafford. Born ca 1825 in Athol, Ontario, and died 4 Dec 1909 in Cherry Valley, Ontario. He had a paralyzing stroke in July of 1908. He married Anna Eliza Ketchum, daughter of Thomas H. Ketchum and Caroline Jackson. Abijah was a Methodist minister.
  30. Thomas Franklin Spafford. Born 16 Mar 1857, died Dec 1937, both in Cherry Valley, Ontario. Married Sarah Catherine Wood, daughter of Nehemiah Wood. He was a schoolteacher.
  31. Marcus Vernon Spafford. Born 11 Jan 1883 Sophiasburg, Ontario, and died 23 Jun 1948 in Rochester, NY. He married Ila Maude Foster, daughter of William Asa Foster and Lucritia Iantha Anderson. They emigrated to the US ca 1902, and he worked as a foreman in the film doping plant for George Eastman at Kodak. He became a naturalized US citizen on 29 November 1921. Ila lived to age 100.
  32. Howard Franklin Spafford. Born 22 Apr 1918 in Rochester, and died 3 July 2007 in Hartford, CT. Married Elizabeth Ann Gallagher, daughter of Eugene Paul Gallagher and Ruby Viola Shoemaker. Howard served in WWII in an antiaircraft battery deployed in Europe. He later served as an accountant and financial officer for several small companies in the Rochester area.
  33. Eugene Howard Spafford. The current affront to civilization from the Spafford family.

John Spofford (#23) was the ancestor of almost all of the Spaffords, Spoffords, and similar in the US and Canada. A few others have since immigrated from other parts of the British Empire.

To the best of my ability to tell, there are no male heirs to this line after at least Thomas (#30), and possibly earlier — all lines end in daughters. If I were to somehow have sons at this point, I might try to name them Orm and Gamel.

Crest and Motto and Etc

The family motto has been rendered as Fidelis ad extremum or “Faithful to the extreme.” Another version has been “Rather Deathe than false of Faythe,” which is rather the same thing. Given some of the family history of continuing to serve on the losing side of disagreements long after the outcome was decided, this certainly seems apt!

A commercial service has a version of the Spafford coat of arms. This is one of two versions. The other version is shown to the right.

There have been a few notable Spaffords about. Check out the Wikipedia page for Horatio Spafford, for instance, especially if you think your luck is bad; the Spafford Center in Jerusalem is related.
Suzy Spafford is a notable cartoonist. Spafford Lake on the campus of UC Davis is named after a long-time administrator in the UC system, Ed Spafford. Roz Spafford is an award-winning author. George Spafford has coauthored several books with my former student Gene Kim.

There is a jam-rock band from Arizona named Spafford, although I have no idea why they picked that name.

NY State has a town of Spafford. I’ve been there — it is a pleasant little town in the Finger Lakes region.

There are other Spaffords about, if you know where to look for them, and many are worth finding.

Spofforth Castle

The ruins of Spofforth Castle still stand in the town of Spofforth. Actually, it is the remains of a fortified manor house, but at one point it would have been seen as a castle. Only the western part of the castle still stands — there was originally more to the East, North, and West. After the castle fell to ruins, the locals took a great many of the stones to build their homes, churches, and common buildings, thus leaving much less of the grandeur that was once there.

After William took Northumbria, he gave all of Gamelbar’s lands and manors to his buddy, William de Percy. Spofforth Castle was constructed in the 11th century. It seems likely (although there is no clear archeological evidence) that Spofforth Castle was built on the foundations of one of Gamelbar’s early homes.

Legend has it that the first version of the Magna Carta was drafted at Spofforth Castle!

One account notes that Harry Hotspur was born here at Spofforth Castle in 1364. He is a notable character in Shakespeare’s play Henry IV, as a friend of Henry V. In real life he also was a notable knight, who rebelled against King Henry IV and killed at the Battle of Shrewsbury in 1403.

The castle was ruined in 1461, after the Percys sided with Lancaster in the War of the Roses — and lost. Over 100 years later, the castle was restored, but it was not used as a primary residence and fell into disuse. It was last occupied in 1604, and again ruined in the civil war (1642-1651).

The castle has a ghost, too!

One might make the comment that the castle is like the Spafford authoring this blog — old, weathered, and in ruins.

Here is a video tour of the castle, taken in 2011, with silly music in the background.

This is a gallery of pictures I took in August 2013 of the castle and its interior:

Historic marker

Long view from ENE

NE side

East side & entrance

SE side, looking NW

SE side looking W

South side, outside

NE corner

North side

NW side & tower

NW base of tower, looking S

West side

Entering in via N wall

Inside undercroft, looking North

Inside undercroft, looking South

Inside undercroft, looking NE

Stairs in SE corner

Another view looking South

NW corner with chapel window

View to NE from inside

View to NW from inside

Musing on the Near Future

I read an interesting article online today. It is simply the latest in a long set of articles on related topics that have sparked some discussion with people over the last year or so.

I want to give this a little spin that I haven’t seen in the news or commentary, simply to provoke some thought. That, and I’m getting tired of all the Chik-fil-a discussions and yet more evidence of politicians being less concerned with the people than with (re)election. Here’s a chance to get some discussion on something else. (Yes, I suppose that makes this a long-winded troll.)


First, it is clear that Iran’s leadership is trying to push things as far as they can. In some senses, they do indeed have a right to enrich uranium so long as they allow international inspections and don’t head towards weaponizing it. After all, they have signed the non-proliferation treaty. However, statements and actions by the government there do not lead to any sense of calm and confidence that they would abide by the treaty, and to date they have violated it in several ways. They’ve repeatedly rejected attempts to resolve some of the issues.

So, the international community has pushed sanctions. The U.S. just ratcheted up the issue by setting indirect sanction in place on banks and firms in countries doing business with Iran.   

Some critics of the current U.S. administration have been claiming that the sanctions aren’t working, and we need a military option. In fact, reports out of Iran are that the sanctions are increasingly degrading the quality of life for common Iranians, and that is increasing their dissatisfaction with the government. That is precisely the plan. The more unrest and discontent in the populace, the more the government has to beat the drums about being under siege by the rest of the world because of their “righteous cause.”

OK, this isn’t news to anyone who has given it some thought, or thought about prior instances of countries under sanctions. However, given the sanctions, one wonders if they are likely to achieve the desired goals. The question is one of “what goals are those?

Here’s where some interesting events could come about, and may be the actual intent.

There have been repeated public claims by the Iranian government that it views the sanctions as hostile acts. There have also been statements about how they aren’t afraid to go to war and close the Straights of Hormuz, and will do so if provoked. There has been a fair amount of sword-rattling. This is one of the few ways they can really do anything militarily, because they really don’t have a strong navy or a lot of resources to employ.

Closing the Straights — or even trying to — would raise some panic among shipping companies that transit oil tankers through there. Loss of a big tanker would be very expensive, and insurance doesn’t normally cover acts of war. It would likely stop some of the tanker traffic, which in turn would raise the market price (and some availability) of oil, thus leading to strain on Western economies. The Iranians — and everyone else — knows this. That is why the threat has some impact.

However, quietly over the last year, various western powers appear to have been building up bases and anti-mine capabilities in the region, and are well-equipped to counter any Iranian moves to interdict naval traffic. There have also been some moves to change oil usage and flow, including a new Saudi pipeline that bypasses the Straights.

So, here’s how the scenario might well play out:

  • the new sanctions really hurt and the Iranian people are even more unhappy with the government
  • the Iranian government feels forced to make a public move to consolidate its position
  • the Iranian government makes some move in the Straights of Hormuz, and/or the Revolutionary Guards, under pressure, make some error that results in apparent hostilities in the Straights
  • given the excuse of threats to shipping in International waterways, NATO and/or other powers intervene
  • there is escalation until there is an actual shooting conflict involved

Again, that isn’t overly surprising. What I want to suggest, however, is that when this happens, it will also be perfect cover for launching an offensive against the nuke plants. Iran will have proven itself an aggressor, and will be in a pitched fight at sea — that will be perfect political and tactical cover for airstrikes, and maybe even deployment of some special ops teams to get things that airpower can’t.

The question is whether or not the Iranian leadership is crazy enough, defiant enough, and/or desperate enough to create the incident. The problem is, they don’t have many options. If they don’t do something, it threatens long-term support from within. And ideologically, it seems unlikely they will back off on enrichment because that would show the world they submitted to demands from both the Little Satan (Israel) and the Big Satan (USA).

My prediction: conflict by early October.


As with anything else, however, there are secondary effects to consider. If the above scenario plays out in any way similar to the above, there are at least three probable secondary effects:

1) North Korea occupies a roughly similar political position as Iran in the world: nuclear capabilities, pariah state, erratic political behavior, population under stress from sanctions. There has been some apparent thawing beginning with Kim Jong Un’s consolidation in power. If shooting breaks out with Iran, expect North Korea’s military to gain ascendency. This is not likely to trigger a crisis, per se, but it will wipe out the chance of some reconciliation that appears to be appearing.

2) Any threat of conflict in the oil production zone or the shipping lanes will impact oil prices. If that happens for more than a few weeks, it will have a negative impact on many economies — especially within the EU. It will hasten defaults by several governments and the probable breakup of the Euro zone. (If there is no conflict, I expect the same to happen by the end of the year anyhow. Spain and Greece are going to go into default, and France and Italy may join them. The debt loads are unsustainable and default is inevitable. It is simply a matter of time, and an oil crisis would move it forward.)

Fallout of European defaults will not be pretty. It will cause significant hiccups in both the Chinese and US economies. It might be enough to trigger a slide into a global depression.

3) Depending on timing, this will have an effect on the US elections. Late in the fall, it will likely aid in Obama’s re-election as the decisive commander-in-chief will be the image voters will have going to the polls. Between now and late September will give time for the economy to slide, and that might well be in Romney’s favor.


Black swan events could change a lot of this, of course. My personal “favorites” involve major earthquakes (California, New Madrid fault, Istanbul, China); major eruption of Katla in Iceland, shutting down air travel across Europe; conflict involving Pakistan (accidental war with India or internal rebellion); major solar storm that damages electrical transmission systems in North America or Europe. There are undoubtedly others (that is part of the definition of Black Swan!), but any one of those would be sufficient to make the world situation much more complicated.

There are also the troubling issues of what happens if the al Assad regime uses its chemical weapons, or allows them to fall into the hands of jihadists. Or any scenario with Iran where they start lobbing ballistic missiles into Israel, even if only armed with conventional warheads. The results of either would be very ugly: Israel does allegedly have nuclear weapons, and the hardliners in charge will strike back, hard, at any perceived existential threat. The follow-on to something like that would be very bad.


Overall, I expect the rest of this year to be interesting.

My sincere hope is that I’m totally wrong. After all, my day job is computing. But if not, you read it here.

You may now return to your lolcats, Pinterest, and competing rants about the economy. 🙂

Crowdsource comments on a talk

On July 18, I’m giving a keynote talk in Las Vegas at Worldcomp 2011 (the World Congress in Computer Science, Computer Engineering, and Applied Computing). I’ve enclosed the abstract of my presentation, below.  The talk will be in the Lance Burton Theater at the Monte Carlo Resort and Casino. I’m told that the audience is likely to be around 1000 people, so there won’t be much opportunity for comments from the audience.

I have most of the talk prepared, but I thought I would ask, ahead of time, if anyone has some thoughts on the topic/abstract that I should consider before I finish my preparations. I can’t share the talk ahead of my presentation — sorry. I may not be able to respond to every email, but I’ll try. Any and all comments will be appreciated.

If you have any comments or ideas you think I should consider, please share them with me by email.

My talk is partly informed by things I’ve written about in my CERIAS blog over the last 3 years, and by a JASON report, The Science of Cyber Security, from November 2010. (Many people hailed that Jason report, but I think they missed the mark in several places.) Of course, I also am applying 30 years in computer research and applied computing, but I don’t have a specific link for that!


The Nature of Cyber Security

Abstract—There is an on-going discussion about establishing a scientific basis for cyber security. Efforts to date have often been ad hoc and conducted without any apparent insight into deeper formalisms. The result has been repeated system failures, and a steady progression of new attacks and compromises.

A solution, then, would seem to be to identify underlying scientific principles of cyber security, articulate them, and then employ them in the design and construction of future systems. This is at the core of several recent government programs and initiatives.

But the question that has not been asked is if “cyber security” is really the correct abstraction for analysis. There are some hints that perhaps it is not, and that some other approach is really more appropriate for systematic study — perhaps one we have yet to define.

In this talk I will provide some overview of the challenges in cyber security, the arguments being made for exploration and definition of a science of cyber security, and also some of the counterarguments. The goal of the presentation is not to convince the audience that either viewpoint is necessarily correct, but to suggest that perhaps there is sufficient doubt that we should carefully examine some of our assumptions about the field.

My reflection on 9/11

This is really two posts in one: some reflections on where I was on 9/11, and some of the follow-on effects.

Irony

Eight years ago this morning, I was sitting in a conference room at the National Security Agency with a number of colleagues from university programs in infosec education. We were awaiting a speaker to address us on the topic of counter-terrorism. The speaker was late, and then someone came into the room and told us the schedule had changed – and turned on the TV to CNN’s live coverage of the burning World Trade Center tower, hit by flight 11 a few minutes earlier. We watched as flight 175 crashed into the second tower. Our hosts seemed unable to determine what we should do next, until the order came to evacuate the buildings – all nonessential personnel were told to evacuate.

As we were exiting the building, Flight 77 crashed into the Pentagon.

The ensuing traffic jam was a nightmare. I sat in my rental car with Peter Freeman, then the dean at Georgia Tech, for nearly 2 hours as traffic crawled out of the parking lot and towards our hotel in Linthicum. Our group reassembled in the restaurant, watching TV, trying to get a cell phone signal to call our homes, and discussing what was happening.

Personal Impact

My personal experience with this was confounded by having my father in a hospital in Alexandria, having suffered a stroke on 9/8. Unbeknown to me, he was moved to another facility that afternoon as part of a regional disaster plan, to make room for more potential victims if there were other attacks. It took me a day to find him, and several more days to complete arrangements for his care after I went home. I then drove all the way back to Indiana in a rental car, as air travel was still not operational.

It also changed my own personal plans in several major ways. When I returned to Purdue, I found the completed forms for my planned sabbatical, awaiting only my signature ….to go be the first CTO at the NSA. General Mike Hayden (then DIRNSA) and I had discussed a project to examine how to modernize some of the computing internally, and to get a sense of what would be good to build into the university curriculum to train for a new era of computer threats around the world. As a result of 9/11, Gen. Hayden recommended that I cancel my plans, as the environment would not be the same (obviously), and would not likely be something I would enjoy or benefit from.

I basically lost my sabbatical. It was too late to cancel with the university, and I was unable to make alternate arrangements, so I resolved to stay at home and catch up on reading and writing. Within the next few months both of the most senior staff at CERIAS had left for better arrangements (for them) and I ended up working more than my regular position simply to keep the center going. It was not pleasant, and although I was able to hire outstanding replacements, it was not immediate.

It was the second of three of my sabbaticals that have all been occupied with external events such that I did not really get a sabbatical. And each time, Purdue has charged me for the time and I have ended up more drained than refreshed. Ah well, that is minor compared to the world events here.

Cyber

9/11 changed the attention that we were beginning to get on cyber security, too. Our meeting that morning of educators and researchers was enabled by interest generated by Richard Clarke and Mike Hayden (among others). Soon thereafter, everyone was focused on issues related to further (non-cyber) attacks, and momentum was lost on the efforts we had spent years to build. That is not to suggest that such a focus was incorrect, but one wonders what our cyber security would be like now without the 9/11 incident? (Dick Clarke kept some focus on our community, and I visited him several times in the following two years before he left government. He always understood the role of cyber security, but the policy environment was all focused elsewhere.)

The Scholarship for Service program started up around that time, and the public concern and a desire to “do something” led many people to enroll in the program. We had a large number of students in our program over the next few years (although it tapered off to only one remaining student this year). Most of our former students are still working in the government, some in senior positions. That clearly was one ray of sunshine in the gloom.

It is only now that some focus has really returned on Cyber from the Congress and the White House. Even so, it is primarily directed towards “cyber war” and “cyber terrorism” as boogeymen, rather than the more general problems of crime, fraud and abuse. We continue to be drained by cyber crime, with some estimates of the damage as high as $100 billion per year. That is a heavy burden to continue to bear.

Some Numbers

I was asked to give a talk at Tufts University yesterday, and to look at the 9/11 incident as part of my talk on security. I came up with some some numbers, and an interesting quote.

It is generally understood that the Al Qaeda goal of the 9/11 attack was to try to foment unrest among Muslims around the world, to rise up against the West and re-establish the Caliphate. They completely misunderstood the overall world reaction to the attack. Although there was celebration in a few places (such as by the Palestinians), there was near universal outrage, and great solidarity of purpose. The invasion of Afghanistan to overthrow the Taliban and get the leadership of Al Qaeda had widespread support.

Then, for reasons that still do not make sense to many of us, before we (as an international community) finished the task at hand, President Bush & company initiated the invasion of Iraq – despite no threat from Iraq, and no connection with Al Qaeda. Rather than editorialize on that, let me simply list some numbers:

  • Number of casualties from the 9/11 attacks: 2974 (and 19 hijackers)
  • Number of US casualties from all domestic terrorism from 1900 to 2000: about 250
    • People killed by Timothy McVey 4/19/95 in Oklahoma City: 168 (about 2/3 of total)
  • Deaths of US military personnel since 2001 in Afghanistan and Iraq: 5130

    • With deaths of coalition forces and US military contractors included: 6508
    • Wounded: over 100,000 and perhaps as many as 300,000 US troops with brain injuries and PTSD
  • Estimated number of civilian deaths in Iraq and Afghanistan from military operations: 1,339,771
  • Estimated direct cost of the military actions in Iraq and Afghanistan: $908 billion and growing.
    • Estimates of indirect, eventual costs to the US: $1-$2 trillion more.
  • Refugees from Iraq as a result of hostilities: 4.7 million. Another 1 million from Afghanistan.

Yet, we have a paradoxical response to losses that happen regularly, over time. Consider:

And yet we have people fighting to be allowed to smoke and go without seat belts.

I wonder how each of the 2974 victims of the 9/11 attacks would react to hear that, as a response to each and every one of their deaths, the US and its allies spent $675 BILLION apiece to kill 450 people in the Middle East and cause another 1916 to be refugees from their homeland. Oh, and for each of those victims, 2.2 coalition military personnel died, and as many as another 1000 suffer permanent injuries.

And the architects of the 9/11 attack are still free and plotting more mayhem.

I have no grand, sweeping conclusion from all of this. Terrorism is clearly a bad thing. So is untimely death. I fear the greater tragedy, however, is losing sight of how we, as civilized society, treat the lessons of the 9/11 tragedy and its aftermath. Osama bin Laden was quoted as saying:

“All that we have to do is send two mujaheddin to the furthest point east with a flag on which is written the words al-Qaeda, and the Americans will panic and send a general and an army there, and engage in military operations which cost them blood and money and political capital, and then we’ll just do it again. … so brothers, we’re pursuing this strategy of bleeding the United States to exhaustion and bankruptcy.”

As a country, we tend to react violently when attacked overtly – we remember the Maine, we remember the Alamo, we remember Pearl Harbor, and we certainly remember 9/11. We grieve for those who lost their lives suddenly. We condemn the evil deeds that caused their untimely deaths. We seek some justice and retribution, usually in the form of war.

Let us pause to mourn the fallen, but focus on a better future for all, because we seem to be doing what the terrorists want. And that does not bode well for a peaceful future. I have lived through one 9/11 catastrophe. I do not wish to see another.

Nice Kitty

Last week, I heard about the impending release of MacOS X 10.6, aka Snow Leopard. So, being the early adopter, bleeding edge kinda guy I am, I pre-ordered a family pack from the Apple Store online. Apple moved up their release date, and lo, my copy was delivered via UPS to my doorstep Friday morning.

Installation

I have 5 Macs in the family: three Intel-based, and two-PowerPC. The PowerPC Macs aren’t capable of taking Snow Leopard, but the other three are. So, I went through my usual steps for an upgrade to my main MacBook Pro (late 2007 model):

  • Ran DiskUtility to check the disk and fix permissions
  • Upgraded all my applications with VersionTracker Pro
  • Uninstalled PGP (see note)
  • Ran DiskUtility again
  • Ensured I had a fresh backup of the disk

And then I inserted the install disk. Unfortunately, this resulted in no great joy, as I got an error message about

Mac OS X cannot start up from this disk. Mac OS X cannot be installed on [my disk], because this disk cannot be used to start up your computer.

Huh?

This is my regular disk! I’ve been booting the system from that disk for nearly 2 years!

The same error occurred when I booted from the DVD and tried the install. I ran the DiskUtility repair several times, to no avail.

A quick check of posts on the Innertubes revealed that several other people had the same problem, and the Apple techs they consulted were not able to help much. I was not at all keen on blowing away the disk with a reformat and install, which I assumed would have fixed things.

Then I saw a note on one of the Apple forums. It suggested that there was something wrong in the disk label or volume header that was causing the problem. So, I tried the following:

  1. Booted from the install DVD
  2. Selected and ran DiskUtility from the Utilities menu
  3. Within the utility window, highlighted the physical disk that my startup partition was on
  4. Selected the “Partition” tab
  5. Clicked on the little tab at the bottom of the partition window and shrunk the partition
  6. Then I moved it back to the same size with a new mouse click
  7. Clicked the “apply” button
  8. Quit DiskUtility

This works because of the allocation scheme used in the OS. If there is free space at the end of your partition, you can shrink or split it without difficulty – you don’t lose data. However, had my disk not already been formatted with a GUID volume header, this wouldn’t have been enough, but GUID is the default format for any Intel-based Mac boot disk.

The same partition “jiggle” procedure was required for my iMac install (early 2008) but not my new MacBook Pro install.

I then reran the installer and everything worked as it was supposed to work.

Tip: When you are doing your own install, be sure to click on the customization button at the lower left corner of the screen before starting the install on its merry way. You will find that there are things selected that you may want to omit, such as all the language versions and some of the printer drivers. This can save install time and a lot of space on your disk.

Apres-Intall

The installation took about 45 minutes. When it was done, I had regained about 9Gb of space on my disk! That alone was a good reason to upgrade.

Lots of little things don’t work now, and I need to wait for updates (if they will be released). Almost none of the programs I use on a regular basis are a problem – it is only some of the gadgets and little shortcuts that seem to need tweaking, along with some items that have start-up issues that are solved by reinstalling. Overall, the major software vendors have had releases out that were Snow Leopard-ready.

There are only a few programs I use regularly that don’t seem to work right and no updates yet available:

PGP explicitly does not work, and the folks at PGP send out email recommending uninstalling it before the upgrade, which I did. Judging from their past behavior, they’ll charge a hefty charge for the new version. However, I have not had good luck with GPG in the past, so I’m willing to pay the cost and either have the university cover it (for my work machines) or write it off as a business expense (home machine).

I have had one problem with VersionTrackerPro, which hangs when installing anything from the Omni Group (e.g., OmniWeb, OmniFocus). It may be because when mounting the disk image of the installers, those programs put up an interactive license agreement that somehow VersionTracker no longer notices. If I force-quit the VersionTracker program, it leaves a hdiutil process cranking away in the background using up 90%+ of one of the cpu cores. That requires termination with extreme prejudice (using a Unix kill -9 from a terminal window). My temporary workaround is simply to download the updates using VersionTracker and install them manually.

Oddly, a few old things showed up in my Dock and startup items — things I thought I had deleted months or years ago. I am not sure where they were or why they reappeared, but they were easy enough to delete.

There are a few noticeable changes in the interface to a few things, such as the Dock, that I am still getting used to. So far, I would judge that all the changes are good because they seem to add features that I wish had been there all along.

From a perception standpoint, 10.6 seems a bit zippier. It is definitely faster to startup and shut down, seeming to be at least twice as fast (no, I don’t have experimental times). Mail and Safari are also faster. Time Machine still seems to slow everything down when doing a backup, but it is tolerable.

By default, 10.6 boots into the 32-bit kernel. I tried booting all three machines into the 64-bit kernel by holding down the 6 and 4 keys while booting. It seems to work on the new MacBook Pro, but not on the older 2 machines. How to tell? Run the System Profiler from the “About this Mac” menu item. Click on the “Software” label and you get something like the following:

Screen shot 2009-08-29 at 11.03.01 PM.png

If the line with 64-bit Kernel and Extensions says “Yes” then it is running in 64-bit mode. I guess I’ll need to update these machines before too long. I usually do that on a 24-30 month cycle, so perhaps Santa will have a new MacBook Pro for me…..unless Apple comes out with their rumored tablet by the end of the year. Even so, I think a MacBook Pro with a large SSD instead of regular disk might be better for me.

Overall, with the exception of the disk volume header issue, the installation went smoothly and everything seems to be running fine. It took me about 4 hours (with other distractions and work) to get all three machines converted and running fine.

I will post followups if anything else interesting shows up.

%d bloggers like this: