Shifting “COIN” Narrative: Ricks Says He Got the Iraq Civil War Wrong in The Gamble

It does indeed seem like the COIN bubble has burst.  Here, it is important to make the distinction between “COIN” and “counterinsurgency.”  As Sebastian L. v. Gorka and David Kilcullen have argued, “COIN” is the selective, distinctly American reading of conflicts that produced one distorted model of population-centric counterinsurgency and “counterinsurgency” is something else altogether. If this “COIN” had authorized historian, it would be Thomas Ricks and his Fiasco and The Gamble the history; this is the story, the narrative. Except not everyone bought it. Carl Prine, for example, has been poking holes in this ‘story’ for a long time (see “Peaches for Dessert” and “Twinkle, Twinkle“). Well, it turns out Ricks is not so sure any more either:

I admit it: When I was writing The Gamble I thought for a while that such a residual force was the way to go. But with the passage of the years since then I increasingly have come to believe that the Iraqis were simply sitting around keeping their powder dry and waiting for Uncle Sam to get out of the way, so they could sort themselves out. Remember, the surge was half a war ago — it began five years ago, in January 2007. Iraq was given a lot of time. I do not see what keeping 15,000 troops there for another year or two would do that it did not do in 2009 or 2010. Plus, President Obama was not elected to keep us in Iraq; he was elected, in part, to get us out. So it would be pretty hard to keep troops there without a clear indication that it would do any good. Especially since Iraqis seemed to want us out.

The time to get this right was five years ago.  The story Ricks told promoted a narrative that perpetuated a policy that was very likely wrong, and now he glibly retracts his argument with the benefit of hindsight.  There is nothing smart or courageous in being right in retrospect. Recanting the narrative of The Gamble now strikes me more as scrambling to continue “being right” than “getting it right.”

Defense Strategic Review highlights irregular warfare, devalues ‘large-scale, prolonged’ counterinsurgency

Back in August, I wrote a piece entitled “On Teaching the COIN Canon and Speaking Truth through Fiction” that makes a number of claims regarding how and, more importantly, why we teach counterinsurgency to non-practitioners.  Among them was the coming shift in how counterinsurgency is valued relative to the broader idea of irregular warfare:

What is the value of teaching counterinsurgency—especially to non-practitioners? According to Farley, knowledge of counterinsurgency will “help them get jobs and (more importantly) excel at the jobs they got.” With troop levels declining abroad and a rash of civilian hiring freezes in federal agencies and departments, these good intentions may be two or three years too late. Moreover, the value of counterinsurgency expertise may be flagging if history repeats itself. Few would dispute Rupert Smith’s contention that the wars of the future will be “amongst the people,” but the shadow of budget cuts will likely mean the Obama Administration will look to more limited and indirect options than the costly, time-intensive counterinsurgency proposed by some. Better advice to students might be to adapt that experience into a broader specialty less sullied in the strategic and political debates of the last decade such as “irregular warfare.”

I was hardly sticking my neck out with that prediction, but President Obama, Secretary Panetta, and General Dempsey’s comments today addressing the Defense Strategic Review would seem to bear that out.  In the Defense Strategic Guidance (PDF), “Counterterrorism and Irregular Warfare” get top billing in the list of capabilities that DoD will make a priority including “selective additional investments.”  Counterinsurgency is still there, but it appears second-to-last and gone are the “large-scale, prolonged stability operations” that have embodied the American brand of “COIN.”  In short:  Down with stability operations!  Long live Security Force Assistance!  (However, in what may be described as a strategic Freudian slip, the word “counterinsurgency” appears one more time in the document than does “irregular warfare.”)

What does this mean in practical terms?  First, non-interventionalists on the Left and Right will be dismayed to know that America still intends to project power globally and a ground war in Iran–yikes–is not off the table.  Secondly, the buzz among the NatSec twitter nerds (you know who you are) was that the speech heralded a RMA 2.0 or constituted this odd echo of the Rumsfeld Pentagon.  That sentiment resonated less with me.

My primary concern was there were no hard choices were made except for the stability operations, but really who is calling for a generational commitment to a country American’s can’t find on a map these days?  Besides, the Defense Strategic Guidances does leave the door open for “short-term” operations (queue the Friedman Unit).  There is greater geographical specificity (Asia and the Middle East)–but not by much.  Another red flag is the way that technology is posited as a cure-all.

Is this the end of COIN’s narrative of warrior-intellectuals and foreign intervention?  At least for COIN’s heyday (2006-2010ish), the representation of contemporary “Lawrence[s]” has been a powerful driver of policy and public sentiment.  However, it remains to be seen whether or not that narrative will persist.

Updates from Dissertation Land

It occurs to me that it has been a long time since I have posted.  Well, I am still alive–and writing.  The dissertation is going slowly albeit less painfully.  Before long, I should have a chapter for my director.  That is when the real pain begins.  (In all seriousness, I feel like I am on the cusp of a really cool piece of scholarship.)

Otherwise, I haven’t felt particularly inspired to write.  Nothing has been lighting my world ablaze in that “confluence of war, technology, and culture.”  A few side projects have been keeping me busy, which I’ll promote here once they get a little further along.  If I have a flurry of ideas, I’ll be sure check in on the blog.

This is Passion: Schuyler Towne on Lock Picking

Schuyler Towne discusses locks and lock picking:

It’s as though you’re just at this slight layer of abstraction from everybody else, noticing something that none of them even know is important but that I think contain the most beautiful stories in the history of man.  It’s how we live together; it’s how we close ourselves off from each other; it’s how we have commerce with each other.  Everything…everything related to culture, everything related to population density, urban living…everything is there being told in every lock on every single door around.

Watch the video.  I wish everyone could find this kind of passion in what they do; it is amazing to see.

Ashton Carter talks Small Business, Productivity Growth in Orlando

Ashton Carter, Undersecretary for Defense for Acquisition, Technology, and Logistics, addressed the Orlando Small Business Defense Procurement Summit with an anecdote about his rather long title.

“My kids say it’s too long, and nobody has ever heard of it.”

Carter will likely be trading his title for a shorter, more renowned one:  Deputy Secretary of Defense.  Before he does, Carter would spend the day in Orlando meeting with small businesses in defense contracting.

The economic climate is grave, and those representing small businesses were feeling considerable anxiety.  It is telling that Senator Bill Nelson, who opened the summit with remarks of his own, highlighted the achievements of once-upon-a-time small firms such as Lockheed Martin and Harris.  Successes, yes; small businesses, no.  Senator Nelson also pointed out the not-quite-dead-yet space program’s ongoing contributions to the development of vaccines for salmonella and MERSA.

Carter highlighted the efforts at being ‘smarter’ about defense spending.

“We have stopped doing things that either were not performing well or whose time had passed or we had enough of them,” he said.  “We’ve done a lot of that over the last two years, and now we’re getting to the point where the things we have left are things we do want and do need, and we need to get them for the amount of money the country has to provide and for that we need something the economists call ‘productivity growth.’”

He continued, “You go to Best Buy, you buy a new computer, and it’s a better computer than last year and it costs less.  Then, here I am coming up to Senator Nelson and his colleagues on the Hill with the same airplane, same ship, and same vehicle as last year and asking for more and they’re not very happy with the situation—and they shouldn’t be.”

Has Defense cut programs that need to be cut?  The case remains open on that.  Moreover, there is something that gets lost in this ‘productivity growth’ conversation:  capabilities creep.  Frankly, defense acquisitions personnel have long griped about ever-burgeoning price tags for high-tech weapons systems (longer than those two years Carter mentions), but those same acquisitions folks have had a tendency to demand ever-increasing features to defeat enemies real and imagined.  This gets lost in the narrative of big, bad defense contractors.  America must not only be smarter about buying but also in assessing the capabilities it needs.

Also lost in this conversation is the hemorrhaging of classified and/or confidential data from defense contractors that is pushing up prices not only in terms of reducing the cost of developing competing weapon systems but also enabling potential adversaries to produce better countermeasures to American weapons systems.  America must also be better about protecting its secrets.  Contractors deserve a fair share of the blame in this regard.

For all the talk of austerity, DoD is still spending quite a bit in Florida–$12 billion according to Carter. Florida is the fifth largest in terms of contracts spent among the states; $3.3 billion of those contracts are awarded to small businesses.

Carter also pointed to three key contributions of small businesses:  innovation, competition, and services provided at great value.  The two of these that warrant some expansion are “innovation” and “competition.”

“First, small businesses are a constant source of renewal and innovation for the defense industry,” Carter spoke. “We need to make ourselves attractive to young people, to new blood, to new ideas, if we’re going to continue to have the defense industry of the future that is as strong and as vibrant as it is today.  Small business is one of the ways that we get those new faces and new ideas.  In fact, it is the principal way.  Sometimes, those companies get bought up by our larger defense companies and that’s a good thing.  It’s a conveyor belt of new ideas and new faces in defense.”

“Second, small businesses add another source of competition, and competition is one of the principal ways we deliver value to the taxpayer and the warfighter,” he said.

Does it benefit the small contractor to team up or sell out to big firms?  Surely.  Do these monolithic firms purchasing smaller firms guarantee innovation and competition?  Absolutely not.  In this context, it is worth revisiting Senator Nelson’s remark I mentioned earlier.

Carter went on to explain that DoD was making efforts to make project managers more aware of small businesses’ capabilities as well as reduce barriers of entry for small business.  That all sounds good, certainly.

However, I remain skeptical having written about DoD’s risk aversion (as with the USMC’s IAR) and its tendency to reinvent the wheel when it comes to small firm’s contributions (as with MagPul’s PMAG).  In both cases, smaller firms were ignored in favor of larger ones.  (In the case of the USMC’s IAR, the Pentagon ignored multiple weapon systems designed and manufactured in America in favor of foreign companies.)

I asked Secretary Carter about the PEO’s “improved magazine” program.

“You mentioned that the Pentagon does not ‘make things,’ but PEO Soldier has recently developed an improved magazine for the M16/M4 system when a small business developed such a system in 2006 with the cooperation of the DoD, is in the supply chain, and has been combat-tested.  What message does this send to small businesses?”

Carter replied, “I am not familiar with this individual program, but it is certainly not playing to our strengths.  I don’t want to make a habit of it, because small business does it better.”

Is it too much to expect the soon-to-be Deputy Secretary of Defense to know about this one program in the million-dollar as opposed to billion-dollar range?  Perhaps.  Is the “Improved Magazine” representative given the more than $3 billion investment in Florida small businesses?  That remains to be seen, but the big firm focus for the small business summit does concern me.

What the PEO program and Carter’s unawareness of it does tell me is that the Pentagon is not examining its small business practices closely enough.

More on Aitel’s “Fallacies of Cyberwar” and Their Larger Implications

Dave Aitel of Immunity delivered a talk at the 20th USENIX Security Symposium, which built on the in-progress talk I discussed here and here. It is worth watching and attempting to understand. This is not a 100% endorsement, but there are a few lessons here that transcend the so-called “cyber” domain and apply to strategic thinking about technology in some really profound ways.

The first is the fact that attackers win and defenders loose is not a feature of cyber war but because the attackers have a better strategy. To start, Aitel attributes lays out a number of defenders’ excuses for why attackers are winning: inadequate resources, attackers “only have to be right once,” users are easy targets, etc. Aitel continues, “They keep saying its asymmetric, because they made a strategic choice and lost.” This goes to Rupert Smith’s point about asymmetric warfare–that it is a phrase “invented to explain a situation in which conventional states were threatened by unconventional powers but in which conventional military power would be able of both deterring the treat and responding to it.”* Rather than challenge the strategy, defenders have redefined the environment to allow for their failure.

Secondly, this poor strategy comes from cultural and technological weaknesses–and technological weaknesses are really cultural weaknesses. This is a case I have been trying to make for the last four years on everything from small arms design to cyber war, but Aitel does it with superior technological knowledge and better smart ass commentary.** In terms of “cyber warfare,” Aitel says defenders are unwilling to say no to insecure systems or designs (e. g. most browsers and SSL VPNs, he argues). This itself is not very shocking. Spend one day as an IT consultant with an interest in security, and you will get push-back when you ask users to change their behavior. Aitel goes further and says that the whole process–the whole human process–for designing and implementing security is broken. As I wrote at the council, “After all, when someone writes an exploit or takes advantage of some misconfiguration in a network to gain or deny access, they are attacking humans and human processes ultimately. The medium–a wireless network, an embedded device, whatever–is inconsequential.” I point this out, because it is relatively easy for me to say this; my technological understanding of offensive techniques is modest at best, and attacking networks (much less making attack platforms) is not my business. Aitel is in the business of finding, writing, and selling exploits–and he’s telling you he’s winning because the way humans approach security is broken, not because of some whiz-bang widget.

On the opposite side of this human equation, attackers are, as Aitel says, “mature, self-organizing, [and] highly motivated.” Do you think government’s recent approach to USCYBERCOM, etc. is “mature?” Government functionaries are still waiting on wonks to hand them a piece of doctrine that will most likely be wrong before they act. It reminds me of what Boyd said: “[I]f you have one doctrine, you’re a dinosaur.” We are standing up dinosaurs, and this is a fundamental cultural problem.

What concerns me more is how these cultural problems transcend this “cyber” domain. Do we have our money invested in the right technology in terms of engaging near-peer competitors whether its another aircraft carrier vulnerable to ASBM attack or some other high dollar system? Do we examine flaws in human processes throughout Defense like the failures to address insider threats like Nidal Hasan or Bradley Manning? How does, say, our strategy in Afghanistan rate in terms of maturity compared to that of the Taliban?

I would still like to see his talk written up into a larger work, but it is well worth the effort for defenders–no matter what the domain–to consider Aitel’s challenge:  ”Attackers win because they have better strategy. The problem is not intractable.”  Now, as Big Boi once quipped, “Go on and marinate on that for a minute.”

—

* – Rupert Smith, The Utility of Force (New York: Knopf, 2007). Kindle edition.

** – For example, “Why are these browsers not written in Java? Why is that? It’s retarded.” This is the hacker equivalent of Boyd saying, “I’ve never built an airplane before, but I could fuck up and do better than this.” I’m not 100% certain about Java, but I love this comment.

On Teaching the COIN Canon and Speaking Truth through Fiction

Small Wars Journal published a short piece I wrote on selecting texts for a counterinsurgency course and the lessons we draw from them:

In “Teaching COIN to a (Mostly) Non-Practitioner Audience,” Dr. Robert Farley discussed his experiences teaching a class on counterinsurgency at the Masters level.  His intent is to give would-be instructors “a sense of the promise and possibilities of a Counter-Insurgency course.”  Nearly ten years into the United States’ multiple interventions following 9/11, the promise and possibilities of such a course should be self-evident to those who have devoted themselves to the serious study of counterinsurgency across the diverse practical and philosophical spectrum of its proponents and critics.  What remains are some serious questions that have been left unexplored in regards to the pragmatic and canonical choices in teaching counterinsurgency to practitioner and non-practitioner alike.

What is the value of teaching counterinsurgency—especially to non-practitioners?  According to Farley, knowledge of counterinsurgency will “help them get jobs and (more importantly) excel at the jobs they got.”  With troop levels declining abroad and a rash of civilian hiring freezes in federal agencies and departments, these good intentions may be two or three years too late.  Moreover, the value of counterinsurgency expertise may be flagging if history repeats itself.  Few would dispute Rupert Smith’s contention that the wars of the future will be “amongst the people,” but the shadow of budget cuts will likely mean the Obama Administration will look to more limited and indirect options than the costly, time-intensive counterinsurgency proposed by some.  Better advice to students might be to adapt that experience into a broader specialty less sullied in the strategic and political debates of the last decade such as “irregular warfare.”

Read more at the Small Wars Journal blog.

Law, Order, and the Making of Accidental [Cyber] Guerrillas

In Mikko Hypponen’s fantastic TED talk, there were two big takeaways.  First, we must be prepared those times when–not if–hackers will be able to break systems (perhaps even the system) in which we live and work.  This is not simply a matter of low-tech alternatives (although that is not a bad idea) but also making sure our technology is resilient.  Secondly, those on the side of law and order must find those who are about to become cybercriminals, as Hypponen says, “with the skills but without the opportunities” and co-opt them into using their skills for good.

While I could not agree more with these two priorities, I do not share Hypponen’s optimism that they will be addressed.  In terms of resilience, the start of the rebooted Battlestar Galactica in which humanity is annihilated through an enemy exploiting vulnerabilities in complex, hypertechnological military systems seems completely plausible to me.  (The miniseries should be required viewing for RMA kool-aid drinkers.)  In terms of recruiting those on the verge of becoming cybercriminals or, indeed, cyberguerrillas like Anonymous, I see an outcome that is even less hopeful than the Cylons’ onslaught.  We are failing–miserably–at co-opting talent.

There are a lot of reasons for this, but one of the most important requires broaching an uncomfortable subject.  Earlier in the month, Robert Graham of Errata Security made a provocative claim that, while white hat hackers on on the side of the “law,” they are not on the “side of law enforcement” or, as Graham puts it, “order.”  He goes on to explain:

The issue is not “law” but “order”. Police believe their job is not just to enforce the law but also to maintain order. White-hats are disruptive. While they are on the same side of the “law”, they are on opposite sides of “order”.

During the J. Edgar Hoover era, the FBI investigated and wiretapped anybody deemed a troublemaker, from Einstein to Martin Luther King. White-hats aren’t as noble as MLK, but neither are white-hats anarchists who cause disruption for disruption’s sake. White-hats believe that cybersecurity research is like speech: short term disruption for long term benefits to society.

I have personal experience with this. In 2007, I gave a speech at the biggest white-hat conference. It was nothing special, about reverse engineering to find problems in a security product. Two days before the speech, FBI agents showed up at my office and threatened me in order to get me to stop the talk, on (false) grounds of national security. Specifically, the agents threatened to taint my FBI file so that I could never pass a background check, and thus never work for the government again. I respond poorly to threats, so I gave the talk anyway.

I point this out because it so aptly proves my point. I am not on the side of law enforcement, because law enforcement has put me on the other side. One of the requirements (from the above post) to volunteer is to pass a background check — a check that I can no longer pass (in theory). I cannot volunteer to train law enforcement because they perceive me as the enemy.

This is exactly why I am so dire about recruitment. First, there is a distinctly libertarian bent throughout hacker culture suspicious of government and resistent to impingement of freedoms as far flung as free speech and fair use of digital media.  This, as Graham argues, puts those inclined to respect the “law” against “order.”  Secondly, abuses do more to create cybercriminals than curtail them.

This got me thinking about David Kilcullen’s idea of “the accidental guerrilla”–that, in a counterinsurgency, even the slightest misapplication of force or failure to understand the complexities of one’s operating environment (culturally or otherwise) may lead to the exponential creation of insurgents.  Misinterpretation of this idea has caused many to come to the conclusion that less force is always better, but Kilcullen does not suggest this.  Similarly, it is not simply that the U. S. has begun to project force through this crudely defined “cyber” realm but rather that it does so without any understanding of its human terrain.

I am throwing some counterinsurgency buzzwords around too flippantly; thinking about a population-centric cyberwarfare would be a useful lens, but there needs to be a long hard look at past failures in addressing those Americans previously labeled as insurgents–for example, the Civil Rights Movements as Graham so aptly notes.  There also needs to be a look at the “short-term disruptions” that Graham touches on with the context of cyberguerrillas as well as counterinsurgency practice at large.

I am not purporting any of this to be new or even my own; I am sure folks like John Robb have been connecting these dots for a long time.  However, I am flagging this as an issue that needs more attention.

John Boyd and Multivalent Doctrine

On his blog, John Robb has linked to a presentation of John Boyd’s.  There was a lot that struck me in the course of watching the video, but one passage stood out above all the others.  In it, Boyd lays out the process that developed the F-15.  Rather than starting with how engineers could assemble components in such a way to produce a set of capabilities, he begins with challenging of even the most basic assumptions behind the whole system.  These are epistemological assumptions, not simply what we can do but what—and how—can we know.  In the case of the F-15, Boyd starts with Newton’s Second Law.  The discussion leads Boyd to the question of doctrine.  After all, what’s doctrine but a set of epistemological assumptions?  Boyd lays it all out:

You gotta challenge all assumption.  We have doctrine.  Air Force’s got a doctrine; Army’s got a doctrine; Navy’s got a doctrine; everybody’s got a doctrine!  You read my work, “doctrine” doesn’t appear in there even once.  You can’t find it.  You know why I don’t have it in there?  Because it’s doctrine on day one; every day after, it becomes dogma, that’s why.  So what I tell people is “I understand you gonna have to write doctrine and you have to do it; that’s alright.  Even after you write it, assume that it’s not right, and then not only that, look at a whole bunch of other doctrine—German doctrine, other kind of doctrines, and that—and learn those, too.  Then, you got a bunch of doctrines in there.  The reason you want to learn them all then you’re not captured by any one.  Not only that, you can lift stuff outta here, stuff outta there, stuff outta there; you can play the snowmobile game, and you can do better than anyone else, because if you have one doctrine, you’re a dinosaur.  Period.

I kept the colloquialisms, because I love Boyd’s manner of speaking.  Rarely can very complex issues be spoken so plainly.  He is a master rhetorician.  In fact, this fact got me thinking about a very specific phrasing:  his repeated use of the singular indefinite article in his reference to “a doctrine.”

Does the Army, for example, have “a doctrine” as Boyd says?  My initial—and incorrect—response was ‘no.’  There’s FM3-24; there’s FM5-0; there’s countless other documents.  This is obvious, so why would Boyd choose to refer to all those interconnected documents as “a doctrine?”  They are a monolith—a “dogma,” as he says.  What is “dogma?”  A cannon to produce orthodoxy.

Boyd understands that guidelines must be written; yet, he has nothing but disdain for this orthodoxy.  To him, there is no one general theory that can be assembled into “a doctrine.”  Instead, you must look at “doctrines” (plural).  This is not simply a collection of texts within the DoD doctrinal ecosystem but a diversity of perspectives from outside of it.  That is the “snowmobile game” Boyd references:  assembling a machine from a collection of disparate inspirations to an original application.

Certainly, good leader do this already.  No one should take one document—take FM3-24, for example—as the lone way to know counterinsurgency. However, Boyd’s point got me to wondering whether or not there was a way to build this plurality—this goal of “doctrines”—into the institutional process of writing doctrine.  Can one write a singular piece of doctrine as “doctrines”—a plurality of views that still serves the purposes of laying out the theory and practice of something like counterinsurgency?

Maybe, this is obvious; maybe, this is a bit of postmodern double-talk.  However, I thought I’d start by asking the “dumb question” as Boyd himself advocates.

The M27 IAR approved for all USMC infantry battalions

According to Matthew Cox’s piece “Corps to Replace SAW With Automatic Rifle,” the commandant of United States Marine Corps General James Amos has approved Heckler and Koch’s M27 Infantry Automatic Rifle for full fielding to all infantry battalions:

Marine infantry squads will replace their M249 light machine gun with a highly accurate, auto rifle geared for fast-moving assaults. In late May, Gen. James Amos, commandant of the Marine Corps, approved a plan to field the M27 Infantry Automatic Rifle to all Marine infantry battalions.

The lightweight auto rifle, made by Heckler & Koch, is a variant of the 5.56mm H&K 416. It weighs just under eight pounds unloaded — almost 10 pounds less than the M249 Squad Automatic Weapon.

The decision comes after the Corps fielded 458 M27s to five battalions as they prepared for upcoming deployments to Afghanistan.

“We wanted to get through the limited fielding and get the feedback before we moved ahead with the full fielding,” said Charles Clark III, who oversees infantry weapons requirements at the Corps’ Combat Development and Integration office in Quantico, Va.

“The decision is made. It’s happening,” Clark said.

Program officials plan to spend about $13 million to field all 4,476 M27s by late summer 2013, Clark said. In addition to the guns, that money also pays for spare parts, tools and gauges, he said.

As I have written, the long procurement process has not been without controversy.  However, the anecdotal reports I have heard indicate that H&K’s rifle has performed well in its limited fielding so far.  What remains to be seen is how the entire system–including optic, magazines, and other accessories–will perform.  Trijicon’s TA11SDO, which had been employed on the M249 SAW, will be transfered to IARs; questions remain if its reticle will be well-suited to the IAR and its very different tactical philosophy.  Moreover, there is the issue of existing 30-round magazines.  Due different mag well dimensions, the M27 is also incompatible with MagPul’s PMAG.