William Gibson nails (so to speak) the problem of conventional warfare against assymetrical warfare. He manages to say it all in his blog post title:

Hammer, Meet Wasp’s Nest

Then he explains why certain countries (U.S., Israel, U.K.) keep trying to solve a fourth generational warfare problem with conventional cold war solutions:

Myself, I keep going back to my no doubt sloppy and imperfect understanding of Thomas S. Kuhn’s The Structure Of Scientific Revolutions. If the theory of “fourth generation war” is viewed as a new paradigm (and it seems to me to meet the criteria) then this is more than a failure of perception on the part of neoconservatives.

HAMMER, MEET WASP’S NEST William Gibson, Saturday, July 29, 2006

Gibson quotes Wikipedia’s writeup on Kuhn’s idea of paradigm shifts to describe how the mindsets before and after a paradigm shift are not compatible or even commensurate. They don’t use the same metrics; they don’t even agree on what are the right questions to ask; they can’t be translated.

Wikipedia quotes Kuhn directly on the basic point:

“Though each may hope to convert the other to his way of seeing science and its problems, neither may hope to prove his case. The competition between paradigms is not the sort of battle that can be resolved by proof.” (SSR, p. 148).’

I would add that if one paradigm actually incorporates the other, the more encompassing paradigm may be able to explain the other readily, but the reverse is not true. For example, Special Relativity can easily explain Newtonian mechanics as a special case for when relative speeds are not high. But Newtonian mechanics cannot explain a world in which there is no fixed framework, going faster doesn’t make light seem slower, but speed does slow time. These ideas just seem bizarre from a Newtonian mindset, and are likely to provoke ridicule, not any attempt at comprehension.

It reminds me of the time I was sitting around in a village at the edge of the savannah in Gabon drinking a beer with some Peace Corps people and the local villagers. The village chief asked where we came from, and what our people did.

Somebody said, “A man from our country walked on the moon!”

The chief looked up at the full moon, nodded, unimpressed, and asked, “But how did you get here?”

Somebody answered, “We flew across the great ocean.”

The chief recoiled and said, “Nobody can cross the great ocean!”

He could see the moon, and it obviously wasn’t all that far away. He had never seen the ocean, but he was positive it was very far and wide. Having multiple eyewitnesses sitting right in front of him didn’t change his mind.

We have the same problem with Internet security. The old paradigm is ever stronger forts around organizations. When it becomes obvious there is no defendable organizational perimeter, security pundits often stick to the old paradigm, recommending building forts around every computer.

What we have here is a failure to shift paradigms. Using the same old hammer to nail a wasp’s nest isn’t going to work.

As Gibson concludes:

So if you still like to pause to appreciate the action of phlogiston when you strike a match, you may well be okay with current events. So many, God help us, evidently are.

He was referring to Lebanon, where Hezbollah gets the new paradigm and is busily capitalizing on it by being first responders for rebuilding, adding a second PR coup to the first one of not losing to the formerly invincible neighboring power.

Gibson could just as well have been referring to Internet security, where spammers have already polluted electronic mail so much that an entire generation has abandoned it, where phishers, pharmers, and other identity thieves are wreaking havoc, and where the old paradigm of security still seems to think it’s doing a good job.

I don’t think this is an unsolvable problem. I think we do need metrics and ongoing measurements. But we also need stories and business cases to convince people that there’s something in the new paradigm.

-jsq

PS: Found via John Robb’s Global Guerrillas