Schneier on Security
A blog covering security and security technology.
« Second SHB Workshop Liveblogging (8) |
| Friday Squid Blogging: Squid Also See Through Non-Eye Organ »
June 12, 2009
Second SHB Workshop Liveblogging (9)
The eighth, and final, session of the SHB09 was optimistically titled "How Do We Fix the World?" I moderated, which meant that my liveblogging was more spotty, especially in the discussion section.
David Mandel, Defense Research and Development Canada (suggested reading: Applied Behavioral Science in Support of Intelligence Analysis, Radicalization: What does it mean?; The Role of Instigators in Radicalization to Violent Extremism), is part of the Thinking, Risk, and Intelligence Group at DRDC Toronto. His first observation: "Be wary of purported world-fixers." His second observation: when you claim that something is broken, it is important to specify the respects in which it's broken and what fixed looks like. His third observation: it is also important to analyze the consequences of any potential fix. An analysis of the way things are is perceptually based, but an analysis of the way things should be is value-based. He also presented data showing that predictions made by intelligence analysts (at least in one Canadian organization) were pretty good.
Ross Anderson, Cambridge University (suggested reading: Database State; book chapters on psychology and terror), asked "Where's the equilibrium?" Both privacy and security are moving targets, but he expects that someday soon there will be a societal equilibrium. Incentives to price discriminate go up, and the cost to do so goes down. He gave several examples of database systems that reached very different equilibrium points, depending on corporate lobbying, political realities, public outrage, etc. He believes that privacy will be regulated, the only question being when and how. "Where will the privacy boundary end up, and why? How can we nudge it one way or another?"
Alma Whitten, Google (suggested reading: Why Johnny can't encrypt: A usability evaluation of PGP 5.0), presented a set of ideals about privacy (very European like) and some of the engineering challenges they present. "Engineering challenge #1: How to support access and control to personal data that isn't authenticated? Engineering challenge #2: How to inform users about both authenticated and unauthenticated data? Engineering challenge #3: How to balance giving users control over data collection versus detecting and stopping abuse? Engineering challenge #4: How to give users fine-grained control over their data without overwhelming them with options? Engineering challenge #5: How to link sequential actions while preventing them from being linkable to a person? Engineering challenge #6: How to make the benefits of aggregate data analysis apparent to users? Engineering challenge #7: How to avoid or detect inadvertent recording of data that can be linked to an individual?" (Note that Alma requested not to be recorded.)
John Mueller, Ohio State University (suggested reading: Reacting to Terrorism: Probabilities, Consequences, and the Persistence of Fear; Evaluating Measures to Protect the Homeland from Terrorism; Terrorphobia: Our False Sense of Insecurity), talked about terrorism and the Department of Homeland Security. Terrorism isn't a threat; it's a problem and a concern, certainly, but the word "threat" is still extreme. Al Qaeda isn't a threat, and they're the most serious potential attacker against the U.S. and Western Europe. And terrorists are overwhelmingly stupid. Meanwhile, the terrorism issue "has become a self-licking ice cream cone." In other words, it's now an ever-perpetuating government bureaucracy. There are virtually an infinite number of targets; the odds of any one target being targeted is effectively zero; terrorists pick targets largely at random; if you protect target, it makes other targets less safe; most targets are vulnerable in the physical sense, but invulnerable in the sense that they can be rebuilt relatively cheaply (even something like the Pentagon); some targets simply can't be protected; if you're going to protect some targets, you need to determine if they should really be protected. (I recommend his book, Overblown.)
Adam Shostack, Microsoft (his blog), pointed out that even the problem of figuring out what part of the problem to work on first is difficult. One of the issues is shame. We don't want to talk about what's wrong, so we can't use that information to determine where we want to go. We make excuses -- customers will flee, people will sue, stock prices will go down -- even though we know that those excuses have been demonstrated to be false.
During the discussion, there was a lot of talk about the choice between informing users and bombarding them with information they can't understand. And lots more that I couldn't transcribe.
And that's it. SHB09 was a fantastic workshop, filled with interesting people and interesting discussion. Next year in the other Cambridge.
Adam Shostack's liveblogging is here. Ross Anderson's liveblogging is in his blog post's comments. Matt Blaze's audio is here.
Posted on June 12, 2009 at 4:55 PM
• 7 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
"How Do We Fix the World?"
The glib answer is you can't as it's a dynamic system.
However you first have to recognise why the "world" is different from many countries or large organisations.
And the answer comes down to the way people communicate.
You recently made a comment differentiating the European and American view point's as an off the cuff generality.
However there are genuine differences of outlook which also accounts for OSI, X500, GSM and many other systems and standards.
Put simply people on mass are in general defined by the nation they live in and the language they speak.
What is less well known is that the language(s) you speak in your formative years actually effects not just as others view you but cognitavly and also suprisingly physiologicaly as well.
Recent research on "perfect pitch" and spoken language shows much higher incidence of "perfect pitch" amongst those whose language is more pitch dependant. The question is, is it "nature or nurture" that is responsable and that is still to be investigated.
As for cognativly in English we have the words "safety" and "security" in other European languages they have only one word for both concepts. Therefor the language you think in tends to determin the way you view the world. It follows from this that the language via it's use also helps define a nation via the law and education.
And there are many corelations that tend to sugest that the result of this effects the level and type of research carried out by people speaking different languages.
However what is significantly more clear is that when you have many different languages spoken giving rise to many different sets of law and standards you end up with many different view points that may need to be rationalised.
The mear process of having to rationalise many different view points actually aids in producing more robust and better defined specifications and the resulting systems.
One area that this can be shown in is TCP/IP -v- OSI.
The TCP/IP model is effectivly a limited subset of what OSI was trying to achive. However OSI was at the time not supportable on the systems then in use whereas TCP/IP was designed with them very specificaly in mind.
However now the systems are more than capable of supporting OSI we find that TCP/IP is almost acting as a restraint on systems development, and augmenting it is fraught with difficulties (IPv6, IPsec being two that spring to mind).
However although the work that went into OSI appears to been consigned to a dusty shelf, in reality most of what it was aiming to cover are now real issues and the work is being re-used almost transparently.
Likewise with GSM and many many other standards.
The many viewpoint caused by the many languages used in Europe tends to make the resulting amalgamated outlook broader in bredth and depth. Which although initialy seeming to be "over-kill" usually ends up being a portent of what is to be, and therfore highlights issues that realy should be considered early on in systems that are going to be come infrestructure.
So to sum up 8) if you want to "Fix the World" you need to understand that the language people think in defines one of many viewpoints you will have to consider. And that any solution that is going to work longterm is going to need to be flexable enough to accomadate all the strengths from all view points to work and grow with them as they change ;)
Wicked Post, Volunteer Intelligence, but Pain Everyone Obeys is an Abhorrence and too easily Fools what should be SMARTer Human Beings.
If you want to fix anything, simply replace it with something Better and Different .... and Beta AI. QuITe Perfect for 2ICNetworking .."BT's global, software-driven customer network that introduces new next generation services, faster than ever before."
The following is a pleasant ramble into New World Order Program Methodologies aka Ancient Algorithm and both of which may be of Magical Mystery Turing Topology .......... Persistent Mythology.
Java for Cloud Assignations and AIMissions
By amanfromMars 1
Posted Tuesday 16th June 2009 19:59 GMT
"I just turned java off until now." ... By John Molloy Posted Tuesday 16th June 2009 17:53 GMT
Java is not something that you can off. And it is a Very Powerful Language able to Converse with All Virtual Machines and NINJA Machinery .... which are in Reality and Virtualisation, Neural Networks InterNetworking at Quantum Communications Levels/Higher Deeper Virtual Core Processor Architecture Builds.
""Be wary of purported world-fixers."" ..... And what of a Live Operational Virtual Environment, Bruce, which Coinspires and Presents with Media, Completely Different Worlds Run in D Alien, to Beta Computerised Orders and with Sublime Virtual Controls in CodeXSSXXXX Meme.
Love Bug at TIA with Pandora's Keys to Victoria's Secret Worlds is All QuITe Cryptic but NEUKlearerly Loaded and Loded with Steganographic Transparency.
And Pray Tell ..... of any Current Running Practiced and Practising Purported world-fixers.
Do they have a Communicating Contact Addresses or do they Fly by Wire Alone for Solo Power Levels?
Obviously, Bruce, IT can done Better is the Tale of this Tale/MetaData Base Trail/Phormation.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.