Security archived articles

Subscribe to the RSS feed for this category only

Design and Knowledge management and Politics and Security and Technology26 May 2014 at 14:07 by Jean-Marc Liotier

Skimming an entirely unrelated article, I stumbled upon this gem:

Recently, a number of schools have started using a program called CourseSmart, which uses e-book analytics to alert teachers if their students are studying the night before tests, rather than taking a long-haul approach to learning. In addition to test scores, the CourseSmart algorithm assigns each student an “engagement index” which can determine not just if a student is studying, but also if they’re studying properly. In theory, a person could receive a “satisfactory” C grade in a particular class, only to fail on “engagement

This immediately reminded me of Neal Stephenson’s 1992 novel, Snow Crash where a government employee’s reading behavior has been thoroughly warped into simulacrum by a lifetime of overbearing surveillance:

Y.T.’s mom pulls up the new memo, checks the time, and starts reading it. The estimated reading time is 15.62 minutes. Later, when Marietta does her end-of-day statistical roundup, sitting in her private office at 9:00 P.M., she will see the name of each employee and next to it, the amount of time spent reading this memo, and her reaction, based on the time spent, will go something like this:
– Less than 10 min.: Time for an employee conference and possible attitude counseling.
– 10-14 min.: Keep an eye on this employee; may be developing slipshod attitude.
– 14-15.61 min.: Employee is an efficient worker, may sometimes miss important details.
– Exactly 15.62 min.: Smartass. Needs attitude counseling.
– 15.63-16 min.: Asswipe. Not to be trusted.
– 16-18 min.: Employee is a methodical worker, may sometimes get hung up on minor details.
– More than 18 min.: Check the security videotape, see just what this employee was up to (e.g., possible unauthorized restroom break).

Y.T.’s mom decides to spend between fourteen and fifteen minutes reading the memo. It’s better for younger workers to spend too long, to show that they’re careful, not cocky. It’s better for older workers to go a little fast, to show good management potential. She’s pushing forty. She scans through the memo, hitting the Page Down button at reasonably regular intervals, occasionally paging back up to pretend to reread some earlier section. The computer is going to notice all this. It approves of rereading. It’s a small thing, but over a decade or so this stuff really shows up on your work-habits summary.

Dystopian panoptical horrors were supposed to be cautionary tales – not specifications for new projects…

As one Hacker News commenter put it : in the future, you don’t read books; books read you !

Post-scriptum… Isn’t it funny that users don’t mind being spied upon by apps and pages but get outraged when e-books do ? It may be because in their minds, e-books are still books… But shouldn’t all documents and all communicated information be as respectful of their reader as books are ?

France and Military and Politics and Security05 Jul 2013 at 12:06 by Jean-Marc Liotier

Remember when I was writing about ‘hypocrisy all around‘ a few days ago ? This is what it was about… As if on cue, Le Monde revealed from unnamed sources that France operates its own mass interception infrastructure (for non-French speaking readers here is the Guardian’s paraphrasing of The World).

Le Monde’s article was of course published on the Fourth of July in honor of our American friends, thought leaders in mass surveillance.

That France had such capability at that scale had long been guessed by anyone with even a slight interest in surveillance technologies, especially since we make brisk business peddling that sort of stuff we to splendid chaps all around the world (no questions asked – don’t forget to wash your hands afterwards)… Now it is not just guesses and rumors anymore.

But, in spite of the amusingly conflicted public reactions, that is not where the real substance of Le Monde’s revelations lies : the problem with surveillance is not the capability but how it is used… And used it is : not only external intelligence but also internal intelligence and a host of other agencies who happily dip their fingers into the jam with an utter lack of adult supervision.

Is that so bad ? What about the children ? What about tax-evading Nazi terrorist pedophiles music sharers ?

Lets first remind ourselves about a basic principle : the distinct nature of external and internal intelligence. Like military and police, they handle different businesses : while the military exists to dominate designated external enemies by force, the role of  police is to keep our society in working order by enforcing the law. One is only subject to the law of the strongest and whatever can be gotten away with diplomatically, the other operates encumbered by strict rules that sacrifice efficiency and sometimes even the officer’s own security for the sake of lawfulness. Again, war and law enforcement are not the same – bad things happen when cops play soldiers, as the militarization of the police forces in the USA shows.

So spying is not the activity that requires attention – as long as we manage to get away with it diplomatically… Don’t get caught ! Spying on allies will certainly complicate relationships, but managing that is what diplomacy is for. Ignorance and hypocritical reactions will be plenty but the professionals will keep balancing themselves on the tightropes of international relations, in ways perfected during thousand of years of practice. This is not what I find disquieting – don’t let the cruel world of state to state relationships distract you from the actual scandal: mass surveillance of one’s own citizen in a democratic state.

We don’t yet know the extent of the communications surveillance apparatus revealed by Le Monde – but we already know what matters most : it operates outside of any legal framework. Some would say that it makes them illegal – but no law forbids it so an unnamed boss of a French intelligence agency declared them “a-légal” instead. Isn’t that cute ? Of course, nullum crimen, nulla poena sine praevia lege poenali – but those activities may actually fall under existing law:

Code Pénal, Article 226-15 (official English translation) :

Maliciously opening, destroying, delaying or diverting of correspondence sent to a third party, whether or not it arrives at its destination, or fraudulently gaining knowledge of it, is punished by one year’s imprisonment and a fine of €45,000.

The same penalty applies to the malicious interception, diversion, use or disclosure of correspondence sent, transmitted or received by means of telecommunication, or the setting up of a device designed to produce such interceptions.

Code Pénal, Article 226-18 (official English translation) :

The collection of personal data by fraudulent, unfair or unlawful means is punished by five years’ imprisonment and a fine of €300,000

Now, The French People vs. The French State – wouldn’t that make an interesting case ?

But anyway, whether past misdeeds are prosecuted or not is not the most important point. What is essential is that we now demand proper democratic oversight. The extraordinary privileges granted for security reasons require equally extraordinary control. Secrecy matters of course, but secrecy is no reason for lack of accountability. Secrecy is not even incompatible with a strong framework of laws and regulations consistent with human rights and ensuring adequate protection of the rights to privacy and freedom of expression.

The political divide about surveillance is about whether or not the ends justify the means. I believe they don’t, or rather that those who focus on the immediate benefits of surveillance are myopic to its other effects on society. Those people by the way are well meaning – always keep Hanlon’s Razor in mind : never attribute to malice that which is adequately explained by stupidity. What it means about surveillance is that we don’t need to have intent to create a fascist regime – we can just sleepwalk into it. Let’s wake up a few people !

Military and Politics and Security01 Jul 2013 at 11:24 by Jean-Marc Liotier

While I happily keep giving the USA the bashing they deserve about mass surveillance of citizens, you won’t hear me cast the first stone about industrial espionage – for well-known reasons.

While direct evidence of my own country’s industrial espionage activities rarely surfaces, we sometimes hear echoes of what goes on under the tables – take for example the testimony of Orbital High-Technology Bremen (OHB) CEO, Berry Smutny to the US Embassy in Berlin on 2009-11-20 :

Smutny frankly said “France is the evil empire stealing technology and Germany knows this”, but Germany´s decentralized government is not willing to do much about it. Going on at length of his despise of the French, Smutny said French IPR espionage is so bad that the total damage done to the German economy is greater the that inflicted by China or Russia.

Sure, this quote being in the context of sales by OHB to the US government, it is likely to be biased toward exaggeration – but such open expression of defiance from very close allies of France is nevertheless a strong hint that righteous outrage from French sources about industrial espionage is laughably hypocritical.

In addition, industrial espionage should be kept in perspective : it is not even comparable to mass surveillance – let’s not dilute the evil of mass surveillance by amalgamating them ! While corporate actors are strong enough to thrive on their own in a state of information warfare, citizens are not – they need political diligence toward a strong framework of laws and regulations consistent with human rights and ensuring adequate protection of the rights to privacy and freedom of expression.

Remember : the reason for rule of law is to protect the weak – the strong already take good care of themselves, though the European Union might want to upgrade its defense to a level more compatible with its international status

 

Networking & telecommunications and Politics and Security17 Jun 2013 at 0:37 by Jean-Marc Liotier

I took the EFF and Tor stickers as corroborating material in support of Snowden’s appearances of good character, but not everyone saw them that way… Interviewed by Time’s Andrew Katz, former security clearance investigator Nicole Smith explains that sympathy for online rights activists is a sign that a candidate may not be fit for Top Secret clearance:

In a photograph posted online after Snowden revealed himself, his laptop displays a sticker touting the Electronic Frontier Foundation, a longstanding advocate for online rights and staunch opponent of government surveillance. That would have been enough of a warning sign to make it into his file, Smith says, but investigators wouldn’t have come across it because clearance interviews aren’t performed at their homes: “You’re not around that person’s personal belongings to make any other additional observations about that person’s characters”

Self doubt ? Ethical questioning ? Interest in social issues ? Affinities for dissenting viewpoints ? No – that is not useful nor even compatible with secret work… Better fill the ranks with yes-men who will follow superior orders to the bitter end – that worked so well in the past

Anyway, thanks to Smith, the authorities now know what to watch for – open display of affinities with the EFF is enough of a warning sign to make it to file. Take this NSA agent for example, performing devious agitprop in official EFF attire :

Uh – hello General Alexander ! Doesn’t the Director of the National Security Agency look swell in that T-shirt ? Better in my opinion than in his stiff official portrait… But that warning sign shall certainly cost him an entry in his file – he’ll have some serious explaining to do when his clearances come up for review ! Maybe he should have just ordered an EFF sticker for his home laptop instead.

Military and Security and Systems administration15 Jun 2013 at 9:28 by Jean-Marc Liotier

In a message I got through Glyn Moody, Mikko Hypponen noticed this claim from German intelligence agencies :

Ist die eingesetzte Technik auch in der Lage, verschlüsselte Kommunikation (etwa per SSH oder PGP) zumindest teilweise zu entschlüsseln und/oder auszuwerten?“

„Ja, die eingesetzte Technik ist grundsätzlich hierzu in der Lage, je nach Art und Qualität der Verschlüsselung

My rough translation of these sentences of the article he linked :

„Are the current techniques capable of at least partially deciphering encrypted communications such as SSH or PGP ?“

„Yes, the current techniques are basically capable of that, depending on the type and quality of the encryption“

Of course, the weakness of weak keys is not exactly news… But it is always interesting when major threats brag about it openly – so this is nevertheless a pretty good refresher to remind users to choose the most current algorithms at decent key length and expire old keys in due time.

It is also a reminder that today’s cyphers will be broken tomorrow: encryption is ephemeral protection… Secret communications require forward secrecy & anonymity – for example, XMPP chat may use a server available as a Tor hidden service, with the clients using Off The Record messaging.

Military and Politics and Security14 Jun 2013 at 11:11 by Jean-Marc Liotier

Main Core is the code name of a database maintained since the 1980s by the federal government of the United States. Main Core contains personal and financial data of millions of U.S. citizens believed to be threats to national security.

The existence of the database was first reported on in May 2008 :

According to a senior government official… ”There exists a database of Americans, who, often for the slightest and most trivial reason, are considered unfriendly, and who, in a time of panic, might be incarcerated. The database can identify and locate perceived ‘enemies of the state’ almost instantaneously” … One knowledgeable source claims that 8 million Americans are now listed in Main Core as potentially suspect.

Putting this level of paranoia in perspective, Stalin’s Great Purge hit 1% of the population. 8 million is 2.5% of the USA’s population – or about 3% if you exclude children under 15 year old. If you think that 3% of the adult population may be out to get you, then you should probably be very carefully considering the possibility that the problem is actually you.

Dating back to the 1980s and known to government insiders as “Main Core”, the database reportedly collects and stores — without warrants or court orders — the names and detailed data of Americans considered to be threats to national security.

One former intelligence official described Main Core as “an emergency internal security database system” designed for use by the military in the event of a national catastrophe, a suspension of the Constitution or the imposition of martial law.

Putting aside the question of what actions are appropriate in catastrophic circumstances, should anyone believe that such a database will never be misused ? Secrecy trebles the probability of abuse.

Since 2008, no news has surfaced about Main Core – there is no reason to believe that it is not still maintained, probably under a new code name.

Marketing and Networking & telecommunications and Security and Social networking and The media and The Web12 Jun 2013 at 11:11 by Jean-Marc Liotier

A few reflections from my notes of public reaction to last weekend’s events.

Advertising is the main source of revenue for publishers on the Web, including the lords of sharecropping empires such as Facebook and Google. Revenue from advertising varies hugely with how well the message targets the audience. Targeting requires getting to know the target – which is the business that Facebook and Google are in : getting the user to find them useful and trust them so that he willingly provides them with their raw material.

I used to enjoy giving the publishers a lot of data in return for personalization and services – even considering the risks. Yes, we knew the risks – but they are the sort of risks that we are notoriously bad at evaluating. Most of us have probably read at least a dozen different tales of Orwellian dystopias – yet our productive relationship with service providers let us convince ourselves that betrayal won’t happen. We were so complacent that it might be argued that we asked for this.

So why are we surprised ? The surprise is in the scale of the abuse. Corruption always exists at the margins of any system that is sufficiently slack to let alternative ways thrive and supply the mainstream with fresh ideas. A society with no deviance at its margins is totalitarian – so we live with that some antisocial behaviour as a cost of doing business in a society that values individual freedom.

But today we find that the extent of corruption is not restricted to the margins – we find that most of what goes on there among people we entrusted with extreme power at the core of the state entirely escapes oversight and drifts into mass surveillance which is known to asphyxiate societies. That much corruption was a risk that we were warned against, but seeing it realized is still a nasty surprise.

Again, this is not about lawful surveillance under democratic oversight, which is as acceptable as ever – this is about the dangerous nature of massive untargeted surveillance outside of democratic control. But public opinion reeling from the shock will probably be blind to the difference – it is now likely to be wary of anything that even remotely smells of surveillance.

Of course, not everyone has yet realized the tradeoffs that modern communications entail and that they have always been making, even if unwittingly – public awareness of privacy issues is not going to arise without continued evangelism anytime soon. But a host of users has awoken to realize that they were sleepwalking naked on Main Street. What will they do now ?

Considering how mainstream audiences have long happily kept gobbling up toxic information from the mass media, I am not holding my breath for a violent phase transition – but a new generation of privacy militants might just have been given birth and I wonder how much they will nudge the information industry’s trajectory. In any case, they will not make the Internet more welcoming to it.

Knowledge management and Politics and Security and The media and The Web28 Feb 2013 at 12:43 by Jean-Marc Liotier

Article 322-6-1 of the French Code Pénal punishes with one year in prison and a 15000€ fine “the diffusion by any mean of manufacturing processes for destructive devices made from explosive, nuclear, biological or chemical substances or any product intended for domestic, industrial or agricultural use“.

So in France, Cryptome can’t publish this very common and very public US military field manual, a textfiles.com mirror in France is illegal because it contains this, description of a chemical reaction on the MIT’s site would be repressed  and Wikipedia’s legal team better excise this section of the Nitroglycerin article from any HTTP response bound to France.

And someone once again forgot that censoring information locally does not work.

But wait – there is more stupidity… The punishment is tripled (three years in prison and a 45000€ fine) if the information has been published “to an undefined audience on a public electronic communication network“. Why isn’t there a specific punishment for posting on a billboard too ? Once again, in yet another country, the use of electronic tools is an aggravating circumstance. As electronics pervade our whole lives, isn’t that entirely anachronistic ?

Well – as long as Tor, I2P & al. keep working…

By the way, that law makes an exception for professional use – so if you are acting as an agent of a duly accredited terrorist enterprise, rest assured it does not apply to you !

Networking & telecommunications and Politics and Security30 Jan 2013 at 13:45 by Jean-Marc Liotier

[This post motivated by a strange lack of FISAA awareness around me]

You will certainly be relieved to learn that US government agencies do not spy clandestinely on the data you entrust to Google, Facebook & co.

So stop wondering about dark conspiracies : there are none.

The bad news is that they do it legally instead. Yes – US government agencies can legally access any data stored by non-American citizens at USA-based hosting companies. No warrant required – they can basically help themselves with your data anytime they please and that is entirely legal.

Brazen, isn’t it ? It is called FISAA – for more details, take a look at this European Parliament report. And by the way, I believe that some strong reaction from the European Union has been long overdue.

The silver lining is that European hosts are making good business with everyone who won’t host their data in the USA anymore !

Networking & telecommunications and Security and Systems administration07 Feb 2011 at 13:04 by Jean-Marc Liotier

I work for a very large corporation. That sort of companies is not inherently evil, but it is both powerful and soulless – a dangerous combination. Thus when dealing with it, better err on the side of caution. For that reason, all of my browsing from the obligatory corporate Microsoft Windows workstation is done trough a SSH tunnel established using Putty to a trusted host and used by Mozilla Firefox as a SOCKS proxy. If you do that, don’t forget to set network.proxy.socks remote DNS to true so that you don’t leak queries to the local DNS server.

In addition to the privacy benefits, a tunnel also gets you around the immensely annoying arbitrary filtering or throttling of perfectly reasonable sites which mysterious bureaucracies add to opaquely managed exclusion lists used by censorship systems. The site hosting the article you are currently reading is filtered by the brain-damaged Websense filtering gateway as part of the “violence” category – go figure !

Anyway, back on topic – this morning my browsing took me to Internode’s IPv6 site and to my great surprise I read “Congratulations! You’re viewing this page using IPv6 (  2001:470:1f12:425::2 ) !!!!!”. A quick visit to the KAME turtle confirmed : the turtle was dancing. The surprising part is that our office LAN is IPv4 only and the obligatory corporate Microsoft Windows workstation has no clue about IPv6 – how could those sites believe I was connecting through IPv6 ? A quick ‘dig -x 2001:470:1f12:425::2’ cleared the mystery : the reverse DNS record reminded me that this address is the one my trusted host gets from Hurricane Electric’s IPv6 tunnel server.

So browsing trough a SOCKS proxy backed by a SSH tunnel to a host with both IPv4 and IPv6 connectivity will use IPv6 by default and IPv4 if no AAAA record is available for the requested address. This behaviour has many implications – good or bad depending on how you look at it, and fun in any case. As we are all getting used to IPv6, we are going to encounter many more surprises such as this one. From a security point of view, surprises are of course not a good thing.

All that reminds me that I have not yet made this host available trough IPv6… I’ll get that done before the World IPv6 Day which will come on 8th June 2011 – a good motivating milestone !

Consumption and Security and Systems administration09 Apr 2010 at 1:33 by Jean-Marc Liotier

Lexmark stubbornly refuses to make any effort toward providing, or at least letting other people provide, printer drivers for their devices – don’t buy from them if you need support for anything other than their operating system of choice.

After repeatedly acquiring throwaway inkjet printers from Lexmark and repeatedly wondering why my mother’s Ubuntu laptop can’t use them, my father finally accepted my suggestion of studying compatibility beforehand instead of buying on impulse – years of pedagogy finally paid off !

My parents required a compact wireless device supporting printing and scanning from their operating systems – preferably fast and silent, if possible robust and not too unsightly. No need for color, black and white was fine – though I would have pushed them toward color if multifunction laser printing devices capable of putting out colors were not so bulky. Those requirements led us toward the Samsung SCX-4500W.

I connected the Samsung SCX-4500W on one of the Ethernet ports of my parent’s router and went through the HTTP administration interface. The printing controls are extremely basic – but the networking configuration surprised me with a wealth of supported protocols : raw TCP/IP printing, LPR/LPD, IPP, SLP, UPnP, SNMP including SNMP v3, Telnet, email alert on any event you want – including levels of consumables… Anything I can think about printing on top of my mind is there. The funniest thing is that neither the product presentation, nor the specification sheet or the various reviews advertise that this device boasts such a rich set of networking features… Demure advertising – now that’s a novel concept !

I set-up wireless the printer’s 802.11 networking features, unplugged the Ethernet cable, rebooted the device… And nothing happened. No wireless networking, no error and, when I reconnected the Ethernet cable and got back to the administration interface, the radio networking menu was not even available anymore. After careful verification I could reliably reproduce that behaviour. At that stage, my parents were already lamenting the sorry state of the ever-unreliable modern technology – and most users would have been equally lost.

I pressed on and found that I was not alone in my predicament. User experiences soon led me to the solution : I had configured my parent’s radio network to use WPA with TKIP+AES encryption (the best option available on their access point) but the Samsung SCX-4500W was unable to support that properly. The administration interface’s radio networking menu proposed TKIP+AES but silently failed to establish a connection and seemed to screw the whole radio networking stack. Only setting my parent’s Freebox and all other devices on the network, to use TKIP only instead of TKIP+AES yielded a working setup with a reachable printer, at the cost of using trivially circumventable security to protect the network’s traffic from intrusion.

Now that is seriously bad engineering : not supporting a desirable protocol is entirely forgivable – but advertising it in a menu, then failing to connect without generating the slightest hint of an error message, and as a bonus wedging the user into an irrecoverable configuration is a grievous sin. I managed to overcome the obstacle, but this is a device aimed at the mass market and I can perfectly understand its target audience’s desire to throw it out of the window.

On that problem was solved, configuring the clients over the network was a breeze and pages of nice print were soon flying out quickly and silently. In summary, the Samsung SCX-4500W is a stylish printing and scanning device that lives up to its promises – apart from that nasty bug that makes me doubt Samsung’s quality control over its networking features.

Scanning with the Samsung SCX-4500W is another story entirely – it should work with the xerox_mfp SANE backend, but only through USB. For now I have found no hope of having it scan for a Linux host across the network.

Brain dump and Debian and Identity management and Security and The Web18 Mar 2009 at 18:19 by Jean-Marc Liotier

The PGP web of trust is a social network, even if many of the people who published their keys would never admit joining one. But there are less than sixty thousand users, so low density of users in most social environments causes weak connectivity in the web of trust : the strong set (largest set of keys such that for any two keys in the set, there is a path from one to the other) ties together less than fifty thousand users. This has been a problem for a long time : in 1997 the strong set was only 3100 keys out of sixty thousand published. And in a fast expanding online social sphere, a stagnating network of sixty thousand users is marginal. Of course, many of those users participate in core institutions of  the developper community, but that does not make that population any less marginal. Many don’t mind that marginality, but our taste for elitist cave-dwelling among like-minded peers will not change the fact that effective software development is a social sport. Societies need trust, and restricting our communications to people whose idea of a party is a key signing party is not going to help us very much, so a solution is needed.

The PGP web of trust is no longer the only application that supports a social graph. With the recent mainstream explosion of social networking and digital identity applications, there is an embarrassing wealth of choices such as Google’s OpenSocial specificationhat propose a common set of API for social applications across multiple sites. Social networking in a web environment, including all forms of publication such as blogging, microblogging, forums and anything else that support links is a way to build digital identity. Each person that follows your updates or links to your articles is in effect vouching for the authenticity of your personae, and each one who adds you as a “friend” on a social network is an even stronger vote toward the authenticity of your profile, even if some people add any comer as their “friend”.

The vetting process in social networking applications is in effect just as good as the average key signing outside of a proper key signing process : some will actually check who they are vetting, others will happily sign anything – and it does not matter too much because the whole point of the web of trust is to handle a continuous fabric whose nodes have different reputations and no guarantee of reliability. The result is a weak form of pseudonymous web of trust – just like the PGP web of trust. But with an untrusted technological infrastructure, it is only about strong enough for common social use.

An anaemic GPG web of trust and thriving social networking applications are obvious matches. So what about a social networking application that handles the PGP web of trust ? As usual, similar inputs through similar individuals generate similar outputs – the same problems with the same environment and the same tools handled by people who share backgrounds produce the same conclusions. So now that I am trawling search engines about that concept I find that I am not the only one to hav thought about it. Who will be the first to develop a social networking application plug-in that links a profile to a GPG key to facilitate and encourage key signing between members of  the same platform that know each other ?

Networking & telecommunications and Security and Social networking18 Sep 2008 at 7:20 by Jean-Marc Liotier

Bruce Schneier brought to our attention the performance and ease of use of off-the-shelf data-mining tools for social networking analysis. With a few million CDR that sort of tool can identify user communities in the physical, temporal and social dimensions. ThorpeGlen’s graphical user interface screenshots are particularly impressive.

Needless to say that SIM swapping does not work as the IMEI is still available – that is old news. But swapping both SIM and teminal is not the solution either anymore as behavorial analysis can nowadays still yield a match. This may be the end of  the road for communications security in durable networks by pure compartimentalization. Instead of acquiring random prepaid accounts, clandestine operators should now focus on creating sufficient decoy activity so that the social signal is drowned in enough misleading connexions – and maybe only stolen accounts provide enough credible noise to evade profiling. Doing that without a single mistep is going to be difficult, especially under the sort of pressure that justify such precautions.

But whatever the performance of  the analysis system, casual mobile phone use in a clandestine context is getting more risky – if  this is an off-the-shelf system, just imagine what custom systems can do for the most advanced nations.

Design and Security and Systems and Technology09 Jun 2008 at 13:35 by Jean-Marc Liotier

Who these days has not witnessed the embarrassing failure modes of Microsoft Windows ? Blue screens of all hues and an assortment of badged dialog boxes make each crash into a very public display of incompetence.

I will not argue that Windows is more prone to failure than other operating systems – that potential war of religion is best left alone. What I am arguing is that failure modes should be graceful, or at least more discreet.

A black screen is neutral : the service is not delivered, but at least the most trafficked billboard in town is not hammering everyone with a random pseudo-technical message that actually means “my owners are clueless morons”.

Even better than a black screen : a low level routine that in case of system failure may display something harmless. Anything but an error message.

With so many information screens in the transportation industry, automated teller machines of all sorts and a growing number of advertising screens on roadsides, a properly and specifically configured system is necessary. What about “Microsoft Windows – Public Display Edition” ? Of course, users of Free Software don’t have to wait for a stubborn editor to understand the problems its customers are facing.

When the stakes are high enough, the costs of not managing risk through graceful degradation cannot be ignored. But let’s not underestimate the power of user inertia…

Knowledge management and Politics and Security and Social networking08 Feb 2008 at 11:35 by Jean-Marc Liotier

I stumbled upon this gem in Hannah Arendt‘s book The Origins of Totalitarianism :

“The Okhrana, the Czarist predecessor of the GPU, is reported to have invented a filing system in which every suspect was noted on a large card in the center of which his name was surrounded by a red circle; his political friends were designated by smaller red circles and his nonpolitical acquaintances by green ones; brown circles indicated persons in contact with friends of the suspect but not known to him personally; cross-relationships between the suspect’s friends, political and nonpolitical, and the friends of his friends were indicated by lines between the respective circles. Obviously the limitations of this method are set only by the size of the filing cards, and, theoretically, a gigantic single sheet could show the relations and cross-relationships of the entire population. And this is the utopian goal of the totalitarian secret police: a look at the gigantic map on the office wall should suffice at any given moment to establish, not who is who or who thinks what, but who is related to whom and in what degree or kind of intimacy. The totalitarian ruler knows that it is dangerous to send a person to a concentration camp and leave his family and particular milieu untouched; [It is a common practice in Soviet Russia to arrest whole families; Hitler’s “Health Bill” also foresaw the elimination of all families in which one member was found to be afflicted with a disease.] the map on the wall would enable him to eradicate people without leaving any traces of them-or almost none. Total abolition of legality is safe only under the condition of perfect information, or at least a degree of knowledge of private and intimate details which evokes the illusion of perfection”.

Hannah Arendt‘s nightmare social mapping system was somewhat mitigated by the technological limits of her time – The Origins of Totalitarianism was published in 1951 and in her mind the information processing technology capable of supporting an extensive social graph was still about as far away as it seemed to the Czarist secret police. But today we are all busy building representations of the social graph to support and enrich our interactions. We are busy on social networking tools making the secret police’s work and making their dream come true.

Have we lost our minds and forgotten about the dangers ? Not quite : privacy management remains at the center of most social graph use cases. But this is a superficial defense : if a totalitarian state was to emerge among our society I know I would be as good as dead – or rather disappeared without a trace.

Luckily I am an European and I therefore enjoy the benefits of a life with historically high levels of freedom. But evil is never as far away as we imagine, and the generation of our grandparents who experienced totalitarism will not remain among us much longer to remind us that.

“You must remember, my fellow-citizens, that eternal vigilance by the people is the price of liberty, and that you must pay the price if you wish to secure the blessing. It behooves you, therefore, to be watchful in your States as well as in the Federal Government” — Andrew Jackson, Farewell Address, March 4, 1837

Brain dump and Military and Security and Technology20 Jan 2008 at 17:33 by Jean-Marc Liotier

In spite of the hype surrounding micro and nano UAV and how important they are becoming to winning the struggle for tactical information, I can’t find any reference about how to defend against them. As their current use is mostly on the strong side of asymmetrical warfare, it seems that the industry and the users have simply set the problem aside for now.

But it won’t be long before two high-technological forces equipped with swarms of nano UAV will find themselves fighting against each other, and they will both certainly clamor for a better fly swatter. Since I can’t foresee very large fly swatters being part of standard issue kit anytime soon, there is a clear need for some new form of air defense against air vehicles as small as a mapple seed.

Will we see micro air defense units in action, complete with toy-size automatically guided artillery, dust-like shrapnel and tiny missiles ? This heralds the appearance of new dimensions in the tactical environment, and those familiar with nanotechnological prospective will have recognized the first step of a downscaling war.

Meanwhile I think about the potential for pest control – selectively killing flying intruders seems definitely better than spraying nerve agents in my home…

Next Page »