Saturday, February 25, 2012
Win a £20 iTunes voucher
Wednesday, February 15, 2012
If we were to "fix" the Internet today, would we get it right?
Prof Alan Woodward of Surrey University presents an interesting viewpoint today on the state of our current Internet infrastructure. Practically all of the present "security" features were shoehorned in on top of an infrastructure that was never really designed with security in mind. With the benefit of hindsight, maybe what we need is simply a new infrastructure, designed from the ground up to meet our current needs and use, be that in terms of security or other features.
On the other hand, security isn't the only feature absent from basic Internet infrastructure because it was not thought of in the 1970s. It is probably for similar historical reasons that the Internet crosses many political boundaries that some of our current governments appear to wish it didn't cross.
So if we were to re-design the Internet today, some questions arise:
- the infrastructure that we have today met the needs and capabilities of the 1970s; how would we guarantee that a new infrastructure invented today wouldn't simply be reflecting the needs and capabilities of 2012? In 20 years time, would there be a similar conversation ("well, you see, quantum decryption wasn't a real threat back in the 2010s")?
- what would the political pressures be on an Internet infrastructure invented in 2012? How many back doors into the security features would governments try to force into the specification? How much pressure would there be for the application of content filters and bandwidth allocation to reflect the degree of bribery (sorry, "funding") provided by such-and-such corporation to the political parties involved in legislating the infrastructure?
We should also be careful not to mask political failure as being a purely technological problem. On some level, identity theft and other cybercrimes occur both because our technology permits it and because, one way or another, our political structures still leave the risk-benefit tradeoff stacked in favour of the criminals in question.
On the other hand, security isn't the only feature absent from basic Internet infrastructure because it was not thought of in the 1970s. It is probably for similar historical reasons that the Internet crosses many political boundaries that some of our current governments appear to wish it didn't cross.
So if we were to re-design the Internet today, some questions arise:
- the infrastructure that we have today met the needs and capabilities of the 1970s; how would we guarantee that a new infrastructure invented today wouldn't simply be reflecting the needs and capabilities of 2012? In 20 years time, would there be a similar conversation ("well, you see, quantum decryption wasn't a real threat back in the 2010s")?
- what would the political pressures be on an Internet infrastructure invented in 2012? How many back doors into the security features would governments try to force into the specification? How much pressure would there be for the application of content filters and bandwidth allocation to reflect the degree of bribery (sorry, "funding") provided by such-and-such corporation to the political parties involved in legislating the infrastructure?
We should also be careful not to mask political failure as being a purely technological problem. On some level, identity theft and other cybercrimes occur both because our technology permits it and because, one way or another, our political structures still leave the risk-benefit tradeoff stacked in favour of the criminals in question.
Wednesday, January 25, 2012
Symantec advise users to disable pcAnywhere
According to a white paper released by Symantec, the source code to various of its produces that hacker group Anonymous recently threatened to disclose was stolen in 2006, and users are advised to disable pcAnywhere until further notice. Specifically, the paper states:
"pcAnywhere is a product that allows for direct PC to PC communication and this does expose some risk if the compromised code is actually released."
This seems to imply that pcAnywhere is based on security through obscurity. (Presumably, the same security risk actually exists, albeit to a lesser extent, whether or not somebody releases the source code: whatever information is in the source code is in principle available by reverse engineering the compiled code.)
To me, the event underlines at least two lessons:
- this is precisely what may happen if you rely on security through obscurity
- if you have some security-sensitive source code stolen, "right now" would be a good time to review the stolen code, rather than 6 years later...
Or is there something about the content of the white paper and the incident in general that I'm misunderstanding?
"pcAnywhere is a product that allows for direct PC to PC communication and this does expose some risk if the compromised code is actually released."
This seems to imply that pcAnywhere is based on security through obscurity. (Presumably, the same security risk actually exists, albeit to a lesser extent, whether or not somebody releases the source code: whatever information is in the source code is in principle available by reverse engineering the compiled code.)
To me, the event underlines at least two lessons:
- this is precisely what may happen if you rely on security through obscurity
- if you have some security-sensitive source code stolen, "right now" would be a good time to review the stolen code, rather than 6 years later...
Or is there something about the content of the white paper and the incident in general that I'm misunderstanding?
Thursday, December 29, 2011
A copyright-obsessed French government gets a taste of its own medicine
As you might expect when your president is married to a singer, the French government takes a fairly totalitarian line on copyright. The infamous HADOPI law effectively enables citizens to be prohibited from contracting Internet access with an ISP on the basis of copyright infringement complaints, apparently with such complaints centering around access from a particular IP address.
So it would be slightly embarrassing if it turned out that IP addresses belonging to the president's official residence and a French government ministry turned up in a database of illegal downloads. Unfortunately, this is precisely what appears to have happened: records of apparently "illegal" downloads from the French Ministère de la Culture and Élysée (official presidential residence and offices) have turned up in the databases of YouHaveDownloaded.com, a site publishing records from (among other sources) various public BitTorrent servers.
So, should we conclude that a poverty-stricken Sarkozy has had to resort to using public resources to download illegal copies of his favourite flicks and tracks in these times of austerity? Should we now engage in month-long trial to determine whether we can prove beyond reasonable doubt that Mr Sarkozy did or did not download that dodgy low-quality MP4 of La Cage aux folles? Should the Élysée now spend public money on a lengthy witch-hunt to establish which petty office clerk or work experience temp is responsible for this shocking infringement of some random fat cat's right to stuff his coffers a little fuller?
Well, I would suggest not-- but that's the point. Hopefully this revelation may help the French government to understand people's concerns about the glib connection that they are insistent to draw between an IP address in a database and the download in question having definitely occurred under the actions of a particular person, and to weigh up the pros and cons of establishing totalitarian means in an attempt to enforce the practically unenforceable with arguable benefit to society.
Well, I would suggest not-- but that's the point. Hopefully this revelation may help the French government to understand people's concerns about the glib connection that they are insistent to draw between an IP address in a database and the download in question having definitely occurred under the actions of a particular person, and to weigh up the pros and cons of establishing totalitarian means in an attempt to enforce the practically unenforceable with arguable benefit to society.
Monday, December 19, 2011
Is copyright worth breaking the Internet over?
The truth is that for some time now, the Internet can no longer be relied on to fulfil its simple infrastructural purpose of delivering bytes from A to B unhindered when requested to do so. The appetite of the powers that be for intruding on their citizens' privacy on the one hand and for succumbing to capitalist pressures on the other make any Internet connection an increasingly noisy channel.
Lemley, Levine and Post now outline and give an enlightening critique of some recent and alarming steps being taken in their essay Don't Break the Internet. As an author, I completely sympathise with concerns about copyright, and I would possibly agree that the current process of having infringing material removed is insufficient-- whilst also suspecting that the impact of the "copyright problem" is massively overexaggerated. But as with traffic shaping measures (among others), it is particularly concerning to see proposals to allow fundamental pieces of infrastructure to be undermined almost on a whim. Is this really the most intelligent counter-measure to copyright infringement that we can think of?
Lemley, Levine and Post now outline and give an enlightening critique of some recent and alarming steps being taken in their essay Don't Break the Internet. As an author, I completely sympathise with concerns about copyright, and I would possibly agree that the current process of having infringing material removed is insufficient-- whilst also suspecting that the impact of the "copyright problem" is massively overexaggerated. But as with traffic shaping measures (among others), it is particularly concerning to see proposals to allow fundamental pieces of infrastructure to be undermined almost on a whim. Is this really the most intelligent counter-measure to copyright infringement that we can think of?
Sunday, December 4, 2011
Can more indeed be done to disincentivise smartphone theft?
San Francisco Chronicle columnist C.W.Nevius has an interesting article on how Australian mobile operators do far more than in the US to block stolen phones. On the surface, it is intriguing that more governments, manufacturers and operators can't bang their respective heads together to put more measures in place, both technologically and legislatively, to curb mobile phone theft, particularly that of high-end smartphones.
Direction from governments is probably required. As the aforementioned article mentions, if left to capitalism alone, there is little incentive for mobile operators and manufacturers to put such schemes in place: for them, theft simply equates to more sales. Another interesting thought is that various countries in Latin America do apparently have some measures in place to block the connection of stolen phones. If the US doesn't, then this situation presumably serves to make the US an even more prime target market for the criminals selling stolen devices.
However, such measures surely aren't a panacea. Any system is only as strong as its weakpoints. What measures would need to be put in place to ensure the accuracy of the database and eliminate "false positives"? Since (presumably) operator staff have the ability to override the system in order to deal with cases of error, how does one prevent them from becoming targets for blackmail, bribery and gang involvement, in effect simply shifting the problem? What methods could criminals fight back with (e.g. replacement of the chip containing the serial number), and what impact would this ultimately have in terms of where new criminal opportunities would spring up? And what more serious crimes would criminals then commit instead of stealing mobile phones?
Nonetheless, I haven't seen much debate of these issues and it does seem that potential measures at least deserve more consideration from governments and operators and a clearer explanation for why they cannot be put in place if indeed they can't.
Direction from governments is probably required. As the aforementioned article mentions, if left to capitalism alone, there is little incentive for mobile operators and manufacturers to put such schemes in place: for them, theft simply equates to more sales. Another interesting thought is that various countries in Latin America do apparently have some measures in place to block the connection of stolen phones. If the US doesn't, then this situation presumably serves to make the US an even more prime target market for the criminals selling stolen devices.
However, such measures surely aren't a panacea. Any system is only as strong as its weakpoints. What measures would need to be put in place to ensure the accuracy of the database and eliminate "false positives"? Since (presumably) operator staff have the ability to override the system in order to deal with cases of error, how does one prevent them from becoming targets for blackmail, bribery and gang involvement, in effect simply shifting the problem? What methods could criminals fight back with (e.g. replacement of the chip containing the serial number), and what impact would this ultimately have in terms of where new criminal opportunities would spring up? And what more serious crimes would criminals then commit instead of stealing mobile phones?
Nonetheless, I haven't seen much debate of these issues and it does seem that potential measures at least deserve more consideration from governments and operators and a clearer explanation for why they cannot be put in place if indeed they can't.
Friday, December 2, 2011
The Carrier IQ debacle
In case you've missed the commotion, concerns have been raised over the last few days about a component produced by a company called Carrier IQ and installed on many smartphones which (a) is set to run by default on some smartphones; (b) may be more covert than other processes running on the system; and (c) seems to have hooks to which it is passed various confidential data such as the identity of keypresses, the content of SMS messages and the cleartext version of data sent over HTTPS.
Such is the concern that some commentators are already describing the Carrier IQ software as a rootkit.
It is possible that the module in question is entirely innocent, and that the reason for confidential data being passed to its hooks is simply due to some slightly diabolical API design. Be that the case, I would then expect:
- smartphone manufacturers who have embedded the Carrier IQ component in their OS's to come forward with details about the close scrutiny that the software underwent on their part before being approved;
- Carrier IQ to come forward with some convincing and reassuring details about why this confidential data is apparently being passed to the process without constituting a breach of trust and confidentiality.
As I say, the Carrier IQ component may be entirely innocent and above board. But the longer the above two actions continue not to occur, the more concerning things appear. And sometimes, it isn't whether there is anything untoward that matters, but whether there appears to be...
Such is the concern that some commentators are already describing the Carrier IQ software as a rootkit.
It is possible that the module in question is entirely innocent, and that the reason for confidential data being passed to its hooks is simply due to some slightly diabolical API design. Be that the case, I would then expect:
- smartphone manufacturers who have embedded the Carrier IQ component in their OS's to come forward with details about the close scrutiny that the software underwent on their part before being approved;
- Carrier IQ to come forward with some convincing and reassuring details about why this confidential data is apparently being passed to the process without constituting a breach of trust and confidentiality.
As I say, the Carrier IQ component may be entirely innocent and above board. But the longer the above two actions continue not to occur, the more concerning things appear. And sometimes, it isn't whether there is anything untoward that matters, but whether there appears to be...
Subscribe to:
Posts (Atom)