James Mickens on the Current State of Computer Security

James Mickens gave an excellent keynote at the USENIX Security Conference last week, talking about the social aspects of security -- racism, sexism, etc. -- and the problems with machine learning and the Internet.

Worth watching.

Posted on August 20, 2018 at 8:07 AM • 30 Comments

Comments

The Flower of MarxismAugust 20, 2018 9:55 AM

Racism ... sexism ... wacky lol so random abstract ...

Good, good, all is going according to plan. Next for the field is a period of groaning and twitching. Then the corpse subsides.

The Mother of FoxismAugust 20, 2018 12:11 PM

"Marxism" is a dog whistle of the nazi alt-right as we all probably realize by now.
They are apparently threatened by the realization of racism, sexism as societal anchors.
Pity them, they live in shallow waters exclusively.

MajorAugust 20, 2018 12:46 PM

Dr. Mickens is a very captivating and amusing speaker. Perhaps it is the role of keynote speaker to mix it up, but I think he displays the same arrogance that he criticizes.

He talks about the value of skepticism, and likewise, I am skeptical of what he is saying.

He gives a million amusing examples, but really they are just trojan horses for strawman arguments. What does a soccer team mascot have to do with anything? Devices made out of potatoes? If the tech is so dangerous you think he could come up with more real life examples of disastrous consequences rather than memes.

He worries about the inaccuracy and limitations of machine learning. It is a developing science, but really, what is it in competition with? Human thought. And I'm sorry, human thought historically has had many problems of bias and hate. He acts like we are choosing AI when we have this perfect alternative, but a perfect alternative does not exist.

He says that machine learning is not well understood. Well, is the human brain, the other alternative, any better understood? I'd say not. So, by his criteria, it should not be trusted either.

Machine learning can give biased results. Well, look at the history of human thought. It is full of bias and cognitive error.

A machine learning system for bail assessment that learns from the biased data created by the biased human brain driven current justice system is BIASED? Well, I'm SHOCKED. An ML system is only as good as its training data. Is this a surprise?

He points out that different learning approaches converge on the same results. To me that is confirmation of accuracy. What exactly is the problem?

Gender recognition does not work well for races not well represented in the training data. Again, how is this a surprise?

He has a nice approach for IoT, but by placing the main security defenses in the firewall, he is basically not making devices responsible for their own security which is the status quo already.

I totally agree with "Think before deploying". AI is not magic. It may have vulnerabilities. Backdoors in arrays of neural network coefficients designed to bias results may be hard to find.

But what is the alternative? Humans are biased and power hungry. A particularly good strategy for gaining power is spearheading a supposed justice movement. Ask the victims
of Stalin, Hitler, Pol Pot and dozens of other "freedom fighters" how that worked out.

Although the results are imperfect, I think taking human leaders as far out of the equation as possible is the best approach. Free markets and distributed rule through democracy are two impersonal systems that have yielded good, if imperfect, results.

Impersonal technology certainly has the potential to get around personal biases, selfishness, and cognitive distortions if we do our best not to train it on data that embeds our human failings. Although the current AI bail assessment system (for example) may have failed, to me the AI approach has promise to improve on our current heavily biased results.

albertAugust 20, 2018 2:27 PM

@Major,
"...Free markets and distributed rule through democracy are two impersonal systems that have yielded good, if imperfect, results...."

Care to give an example of a country with 'free markets' and 'rule through democracy'? Neither is an 'impersonal' system, and will never be in our lifetime.

Ai is good for some applications, but has no business in making critical decisions regarding human life, health, and safety.

In the meantime, AI is out there, killing folks on the highway. Beta testing on unsuspecting humans? There oughta be a law.

. .. . .. --- ....

echoAugust 20, 2018 3:26 PM

I haven't watched this yet but have picked up some recent media on the general topic. An ex-model married to an attention seeking politician (whose name I forget) warned of the dangers of social media and others have commented how the extreme right is exposing itself online. Discriminating biases in AI and underlying datasets are, of course, a thing which have been reported too. I guess a roll up of all these issues is valuable.

Clive RobinsonAugust 20, 2018 4:21 PM

@ ALL,

The video is worth watching just for the "kick back and relax" asspect alone, it is quite ammusing, whilst being --in my old jaded lifes experience-- quite accurate.

There are a few jems in there such as the desirability of "4Chan as an AI Kindergarten", that should make people laugh then set them thinking.

It would appear that he and I share many views in common, especially that about "learning from history" and taking an ethical or moral engineering approach rather than just rush it out the door without even reasonable testing then race to the bottom to stay in the game.

He also has a few other videos up on U-tube that are worth watching[1], such as "There are NO secrets". It covers briefly a subject I've mentioned fairly frequently on this blog and other places over the years, with regards proper transaction authentication and the correct way around the moronic anti-secure communication legislation we have seen come up in the likes of the UK RIPA and more recent nonsense in Australia about "ten years for refusing to unlock a phone".

Oh and like me he takes a fairly dim view on the utility of the blockchain in the real world, for reasons that should supprise no one with any real life experience.

I know there will be one or two "vested interests" arguing as best they can against his points, but I guess most readers here will see through them for what they are.

[1] Hopefully I've hand copied the URL correctly from the "dirty box" boot and run from CD/DVD machine,

https://www.youtube.com/watch?v=mDwUJa4_IJE

MajorAugust 20, 2018 5:00 PM

I did a little research on Dr. Mickens. While reading his takedown of distributed systems, javascript, the cloud and the internet I came across his bio:

James Mickens is a researcher in the Distributed Systems group at Microsoft’s Redmond lab. His current research focuses on Web applications, with an emphasis on the design of JavaScript frameworks that allow developers to diagnose and fix bugs in widely deployed web applications. James also works on fast, scalable storage systems for datacenters. James received his PhD in computer science from the University of Michigan, and a bachelor’s degree in computer science from Georgia Tech.

Since he spends his life the exact things he says are useless I have to conclude that he only actually means a small portion of what he says.

Everyone is a comedian, but I have AI systems to write.

IsmarAugust 20, 2018 5:38 PM

Why this beautiful talk will have little impact on the state of IoT security?
Simply because the technology has become so cheap that it is perceived as prosaic and not powerful enough to case the level of harm it can. In other words ordinary users of “cheep” technology underestimate grossly the impact it has in their life because the technology is cheap and as such seen as unimportant and not powerful which cannot be further from the truth.
This is as deadly a combination as they come.

MajorAugust 20, 2018 6:28 PM

@Ismar

The approach he suggests, in which a firewall compensates for device deficiencies by encrypting unencrypted data and blocking scans and other unwanted access to devices, has a lot of promise in that it minimizes the amount of work the vendors have to do. They still would have to provide server ports that handle the encrypted data, but the devices wouldn't necessarily have to change. This is a promising approach. If ISPs would provide this firewall capability as a matter of course, the security of obsolete devices could be automatically enhanced.

M@August 20, 2018 8:34 PM

@Major

I work with all sorts of tools that are useless and primitive, and make no bones about that. I'm still considered by many an expert at those tools, and invited to talk about them far more than I care to. A bad workman blames his tools, an excellent one makes them better.

MajorAugust 20, 2018 8:49 PM

M@

I'm not sure why your comment is addressed to me. Do you think I am complaining about tools? Or perhaps you are supporting my description of Dr Mickens's firewall solution to IoT devices with weak security.

What useless and primitive tools do you work with? Do I detect a Forth programmer? I think that Forth looks a lovely little extensible language although I have no hands on experience with it. If I had to shoehorn a domain specific language into a tiny device I would probably think Forth.

Tell me more about the useless and primitive. I'm truly curious.

Alyer Babtu August 20, 2018 9:35 PM

Great talk. And the speaker could have gone back one more layer. Every point made applies pretty much without change as a critique of the Enlightenment. It is the root cause of our malaises and predicaments.

Major, August 20, 2018 9:42 PM

@Clive

The video you linked to is pretty good. Dr Mickens has a style of presentation that keeps your interest with visual eye candy and a fast pace. I generally don't want to sit through videos, but Dr M definitely keeps my attention.

A lot of what he says about Tor and HTTPS/TLS and bitcoin is familiar to regular readers of this blog. But he simplifies. He probably knows about cryptocurrency beyond bitcoin but in the video he ties the blockchain to bitcoin. The bitcoin blockchain doesn't have the capacity or functionality for real world apps beyond bitcoin itself. Real blockchain apps will run on the Ethereum blockchain, or another crypto blockchain that, like Ethereum, was designed to host apps.

Does he really think it is possible to build a mechanical security device that people would be willing to use to manually perform encryption, decryption, and authentication in a way that they could understand and verify? And that would be secure, so we are talking about at least 128 bit symmetric keys and 2048 bit RSA keys. Such an invention seems very unlikely. But I want one if they come out!

Clive RobinsonAugust 21, 2018 1:08 AM

@ Major,

Does [Dr Mickens] really think it is possible to build a mechanical security device that people would be willing to use to manually perform encryption, decryption, and authentication in a way that they could understand and verify?

I very much think he does with the encryption and decryption of short runs of plain text such as SMS or tweets, it is what he said.

It's actually not a controversial idea or unique to him and has been around for quite some time. If you read back through my comments on this blog you will see that it's something I've not just been thinking about but doing work on, off and on since the mid 1990's. My primary reason being to solve the issues arising from Financial Transaction security and authentication that is still an open sore on PCs, but importantly putting the human in the authentication loop. But also to get around the issues of "backdoors" on mobile phones, PCs and other connected communications devices that the current idiots in the legislatures are being coerced to push through. It's an area of research I expect to grow simply because of the idiocy of politicians.

The simplest mechanical solution currently is a pad of paper and a pencil. The rules of use are fairly simple and the result is a system that the Military, Diplomats and spys have used at a security level beyond that which even the NSA, GCHQ and similar could attack when it's properly used.

We even know ways to integrate it into a more "user friendly" mechanical equipment that externally look and behave very much like the old US Army field cipher M-209 [1]. The difference being that the "coin counter" device that does the plaintext and key stream addition be fed from a punched paper tape not a relatively weak mechanical stream generator. Such a system was being looked into back in the 1950's but for various reasons prefrence was given to an early electronic system using thermionic valves (based on the "Pat" Bayly Rockex system) mainly for "auditable physical security" reasons and the switch over from morse telegraphy to teletype traffic in diplomatic missions.

With regards,

And that would be secure, so we are talking about at least 128 bit symmetric keys and 2048 bit RSA keys.

You are "Thinking like an American not a European"... It's an observation made in certain NATO circles since day one. It's the kind of observation simillar to "We do everything bigger in Texas". If you ask anyone who has been in the game for long enough you will find that Americans think "Block Ciphers" Europeans think "Stream Ciphers" which is why the European NESSIE project [2] included them.

Block ciphers are problematical for just about everything that is not at the 32bit RISC CPU level or above. There is no way any of the existing block ciphers could be made to run reliably on anything less than VLSI or above electronic hardware. You could in theory use a pencil and pad of paper, but the odds of you doing such an involved process without mistake are very low, if you then add the required modes to make a block cipher not just a "code book" you realy do not stand a snow ball in hells chance of encrypting a Short Message Service length text. The same applies to public key crypto, which nobody in their right mind would use to encrypt even short messages with.

Stream ciphers can and have been made into reliable pencil and paper hand ciphers, they can also work well with paper strips[3] and playing cards[4] and mechanical devices using technology that is nearly a century old. Modern engineering techniques could make such systems not just more reliable but at considerably less cost, weight and size, and nowhere for a backdoor to hide.

[1] https://en.m.wikipedia.org/wiki/M-209

[2] https://www.cosic.esat.kuleuven.be/nessie/

[3] All mechanical cipher machines in use upto the end of WWII and for quite a while afterwards can be emulated using strips of paper a few bits of cardboard and rubber bands. These were the standard tools of those working on initially breaking such systems. They were also used in action the M-138 being an example that for various reasons was not used in a way that was effective. You can easily emulate the German Enigma, British Typex machines with just three or four strips, the later SIGABA and Crypto AG mechanical machines require rather more strips of paper and attention from the operator but still work. The real purpous of the mechanics as with the use of computers is to make the systems easier for less skilled human operators to work with them and significantly reduce the chance they would be able to pass the internal secret keying information on to the enemy.

[4] Card shuffling, or S-array reordering algorithms have been used in many stream cipher generators for good reason.

echoAugust 21, 2018 8:44 AM

I'm a fan of the mechanical encryption device concept too. A few months ago I asked if it was possible to make a device the size of a pocket watch. People may say you can't but I don't believe them. I want to hear a reasoned explanationf rom the ground up. People are always surprised to discover when not just the ordinary is possible but the amazing too. Then amazing becomes the new benchmark.

A different point of view and imagination and inspiration can achievethings we would only otherwise wonder about.

https://en.wikipedia.org/wiki/Japanese_clock

Hisashige Tanaka(1799-1881)
https://museum.seiko.co.jp/en/knowledge/episode/episode_04/

Hisashige Tanaka Mr Mechanical
https://www.youtube.com/watch?v=afehw3pBFwI

In Tune with Time - Watchmaker Masahiro Kikuno [1080p]
https://www.youtube.com/watch?v=1moRfIXCfak
Masahiro Kikuno is a master craftsman who belongs to an exclusive international group of independent watchmakers. These consummate artists create timepieces that reflect their deepest ideals, with no connection to commercial watch manufacturers. Kikuno's creations are deeply influenced by traditional Japanese culture. He's fascinated by a masterpiece called the Myriad Year Clock, which was built by a 19th-century Japanese mechanical genius. Containing over a thousand hand-made parts, the clock is a marvel of complex and precise engineering. Kikuno seeks to transcend that old master's achievement by giving the clock a modern rebirth in the form of an elegant wristwatch. This program documents Kikuno's exacting methods of designing and hand-machining all of the delicate parts needed to create a modern masterpiece.

Clive RobinsonAugust 21, 2018 10:08 AM

@ echo,

People may say you can't but I don't believe them. I want to hear a reasoned explanation from the ground up.

Well if you watch the video when James Mickens is talking about it he displays an abacus. Along with one or two other hints I suspect hr is talking about a "stream cipher" or mechanical "One Time Pad".

Put simply they consist of the following parts,

1, Letter input device.
2, Character output device.
3, Key Stream source.
4, Adding device.

All these have been done with Boris Haglin's C-34 / M-204 of which there are pictures of on various Internet sites.

Boris developed his "adder" from a "coin counting" mechanisum he aquired the rights to. Without going into details it consisted of a serirs of "spoked gear wheels" where the spokes could be set in one of two positions, engage or not engage. The input device and output device were in effect a combined "turret" on the end of the counting shaft. What ever letter it was set to the counter would turn it on by the number from the stream generator.

The weakness of the Boris Haglin device was the "lug and cage" stream generator that set the wheel spokes in or out. Even though it had quite a long sequence length it was to a certain extent predictable and like all stream generators the key stream should not be reused.

As I noted there was a project in the UK to use a similar input output and adder, but drive the spoked wheel from a punched paper tape that would contain a One Time Pad sequence.

Due to changes in operating procedure designed to use fewer and less skilled staff the Rockex One Time Tape system that worked with teletype machines was employed instead. This was a veritable beast of a device and was designed by Canadian Electronics engineer Benjamin "Pat" Bayly, as usual the British "never say anything" about "British Inter Departmental" (BID) crypto equipment but the US and Canadians are more forthright. You can see photos of the behemoth at,

http://www.jproc.ca/crypto/rockex.html

The point is that you can make an "adder" with just about anything, including sheet metal strips. Though made in various ways by several companies most people called them "Addiators",

http://www.vintagecalculators.com/html/addiator.html

Once you have used one for a few minutes their functioning is fairly clear and easy to see.

The point is these are simple rough and ready stamped out not machined parts. A modern 3D printer can do a lot better job for just a few cents of materials and electricity.

But you can also make adders that can be used in a continuous fashion so that cipher chaining modes are possible. Have a look at this late 1800's early 1900's "Beach Adder" to get an idea of how,

https://www.officemuseum.com/1906_Beach_Adder_OM.jpg

I guess it's now upto others to say why they don't think it's possible to do...

albertAugust 21, 2018 10:38 AM

@Clive, @etc.,

Surely mechanical cipher machines functionality can be emulated electronically on devices that don't require advanced an CPU or VLSI, flash memory, or connections to the outside world.

N'est-ce pas?

. .. . .. --- ....

MajorAugust 21, 2018 11:13 AM

@echo @all

If you are making an assertion such as "It is possible to make a mechanically secure encryption device", I think the onus is on you to make a reasoned explanation of how it is possible, not on skeptics to show that it is not possible.

In science and math we don't make assertions without proof or evidence and tell doubters that it is their job to prove the assertions wrong. (Unless it is being presented as a challenge a la Hilbert https://en.wikipedia.org/wiki/Hilbert%27s_problems

That being said, the analogy with Japanese clocks does serve as a reasoned explanation of how it is possible.

I am pretty sure that it is possible, but I doubt if it would be usable. What kind of convenient entry device can you fit on a device the size of a watch? Is it up to the user to manual transcribe each output bit/byte? What is its sensitivity to user error?

If one needs to communicate a complex state, such as the state of a card deck, I suggest that one simply communicates a one time pad. Manual encryption/decryption is easy and byte errors do not necessarily make the rest of the message unreadable. (One may need to explore accidentally dropped or duplicated key bytes.)

I bet this is exactly how manual encryption is done in the wild. Otherwise manual encryption devices probably would be readily available today. But why the fuss if a one time pad works and requires no equipment at all? Well, a pencil and paper (or a cell wall)!

I am going to think about the security implications of using English text as a one time pad, versus random bytes. If only capital letters were used in the plaintext, no blanks, and the key text were capitalized and non-letters excluded, and encryption/decryption were byte by byte addition modulo 26, I think the result would be largely secure. But I should run a test and check how random the ciphertext is. Modern cryptography expects securely encrypted information to appear to be random bytes over the same domain.

None of the manual encryption articles I saw address authentication, which is really key to secure encryption, because the adversary cannot introduce their own ciphertext. How would that be done in a manual one time pad system? Hmm...

echoAugust 21, 2018 12:21 PM

@Clive

I did look up Boris Hagelin's work...

I don't know cryptography or the psychic of small scale mechanical systems well enough to comment much. Then again many cryptologists and engineers know little about horology and art.

The interface seems to be the most difficult area when considering this must also interact with the internal mechanism in a small space. The fact an electrical/electronic interface is possible is of course another option. Becoming more ambituious I wonder if a mechanical cryptographic module could be implemented within a USB key.

Additionally, I wonder if fine wire or fishing line can be used instead of paper tape...

Clive RobinsonAugust 21, 2018 4:09 PM

@ Major, echo, all,

I am going to think about the security implications of using English text as a one time pad, versus random bytes.

Such systems have confusingly been called "book ciphers" in the past.

They are not particularly good on their own because of the poor statistics. Things improve if you chain four books together, whilst this is easy for a computer to do most humans could not add five two digit numbers together with a modulo operation sufficiently reliably.

There is however another way you can "flatten the statistics"[1] with an english language document as the input.

What you do is form a table of one row of eight chars and two rows of ten chars. You use an agreed sentance or paragraph to get the alphabet in a "sort of" random order. You then use the letters in either "A SIN TO ERr" or "EAT ON IRiSH" to find the most frequent eight letters that get written in the order they are from the paragraph, you then fill in the other two rows with the remaining letters of the alphabet in the paragraph order and you add two other charecters to be a Number or Capital Shift and a Full stop.

To use this table any charecter in the top row gets written on the key sheet as a single digit 0-7. Any charecter in the second row gets written as 80-89, and the third row 90-99. This simple method produces a much flatter set of statistics for the key stream[1]. There are a number of ways you can convert this numeric 0-9 or 00-99 key stream back to A-Z if you need an Alpha Key Stream some although wastefull have security advantages[2].

Whilst it sounds difficult to do if you use 1/4inch / 5mm squared paper and practice a couple of times it quickly feels natural.

If you build a second table with a different paragraph you can then put the plain text message into a simple numerical form and just add the flattened key stream and plaintext together mod 10. You could just send the numbers, but in Morse code sending numbers is highly inefficient. Thus converting back to alphas is highly desirable.

You could then use a third paragraph to make a third table that can be used to convert the flattened result back to a string of alpha characters that appear to have an english language frequency count. Thus provide false leads that it's a simple substitution cipher or a transposition cipher followed by a substitution cipher thus add extra work for any monitoring cryptoanalytical team.

The top rated hand cipher is often quoted not as the OTP but VIC cipher,

https://en.m.wikipedia.org/wiki/VIC_cipher

But encryption and decryption are not the only things we want to do these days. Others have given some thought to this, so you might want to have a look at a paper from 2001 by Nicholas J. Hopper and Manuel Blum, titled "Secure Human Identification Protocols",

https://link.springer.com/chapter/10.1007/3-540-45682-1_4

[1] With spy ciphers there are a couple of things you want to do if you can which is reduce the transmission length so that you are harder to "Find Fix and Finish", and increase the unicity distance which makes any cryptanalysis task harder. The stradling checker board when used correctly can do both of these.

[2] Whilst key stream is time consuming to make, one way to get a lesser range of numbers from a greater range of numbers is just to discard numbers outside of the lesser range. One advantage of this is it makes "working backwards" for a cryptanalysis attack much harder as what is being discarded and from where in the original stream is unknown to the attacker.

MajorAugust 21, 2018 5:17 PM

The more I look at Dr Mickens the less I am impressed by him. His presentations are the junk food of well, something close to computer science, but not really. I don't think that he would do well in an environment of people who know much about what he is saying. It doesn't surprise me that it is Harvard BUSINESS school flogging his videos. They are definitely for non specialists.

I watched his cute blockchain video. https://www.youtube.com/watch?v=15RTC22Z2xI But really it is a prolonged straw man argument:

He enlightens us that the blockchain is a poor match for most application. All I can say is DUH. Who is seriously positing that most applications should be on the blockchain?

He is saying that his hypothetical Alice is not sleeping because one node is holding up her transaction, which is exactly what the blockchain prevents. No one node, or even a minority of nodes by some specific measure (cpu power, stake, etc.), can block a transaction. That is the essence of blockchain.

He basically puts forth lawsuits as his preferred alternative to the protective features of the blockchain. Well, lawsuits have their place, but for most people they are a very expensive and unreliable way to settle disputes. The blockchain is designed to avoid the necessity of lawsuits by having issues decided by the users who are most invested in the blockchain and who therefore have the least incentive to screw it up.

Finally, he points out that the pyramids were built without the blockchain. SURE! They were also built without computers, currency, vaccines, public health, cars and airplanes. Do we conclude that we don't need those either? No. It is simply a dumb argument.

To me he is an example of a common internet phenomena: The people who say the most extreme things and who pay as little attention as possible to the good arguments of the other side get the most attention. It is a successful strategy these days, but it doesn't impress me.

MajorAugust 21, 2018 6:02 PM

@Clive

It's an interesting cipher. I have to admit that it makes me sleepy to contemplate doing it by hand, however...

I noted my concern with authentication. That's how I was taught. Secure encryption requires authentication. And ciphers without security proofs cannot be trusted. I don't see how the VIC cipher could be any less secure than using text from a book directly like I suggested, but I could be mistaken. Stream ciphers have a horrible record of being broken. When this American thinks of stream ciphers he thinks of AES 256 in CTR mode! You can the American out of America, but you can't take the America out of the American!

I will test the statistics of add/moduloing multiple books as you suggest. I believe you when you suggest that one book yields bad statistics. It was eye opening to see how easy it is to break multiple uses of the same pad. Using a pad with English language characteristics is asking for problems.

Thanks for the link to Secure Identification Protocols. No paywall. And security proofs. What more could I ask for?

PeaceHeadAugust 22, 2018 12:40 AM

Thanks very very much for the video.
It is excellent.

I watched it completely in one sitting.
It's contents were not lost on me.
There's really nothing to nitpick; the main ideas are corroborated all over the place for those who choose to look regularly.

The inline humour had me laughing quite a lot.
Thanks again.

As for the keynote speaker's credentials: it doesn't really matter so much what people do for a living. What matters more is what they do for safety & ethical & moral reasons and culturally what they do for fun. A lot of people work jobs just to pay the bills--it's not really fair to use that against them. But the guy clearly has a passion for mixing security commentary and comedy. I think it's a great mixture. The intended audience is those who are already involved to some degree and those who will be OR WHO SHOULDN'T BE INVOLVED... very funny, indeed. While not for everyone, much like the comic strip posted recently, it certainly will be appreciated by others.

I just hope that the sincere seriousness is noted and comprehended more deeply.

All jokes aside, a lot of us "in the wild" are very much worried about the ethical and logical and pragmatic (and syntactic and semantic) errors currently happening in big bad ways which could impact the lives of billions in mere milliseconds. The seriousness of it all is not lost on me.

It's good to see stuff like this; it can help prime minds and careers towards decisions of what to do next to prevent the next several waves of calamities.

"No peace without justice and that's for real. "
--KMFDM

Erdem MemisyaziciAugust 22, 2018 2:38 AM

What a breath of fresh air. Thank you Mr. Schneier. James Mickens truly hit the nail on the head with this talk. I just instantly feel better about the world. This may just be that lesson folks today needed to hear. It adds to my happiness to think some people out there may be slightly confused about the level of sarcasm implied in this comment. I assure you, there is nothing sarcastic about my commentary. The planet is on a great course and we're moving forward. Someday Snowden will return to the U.S. and we'll all talk about the failing encryption methods thanks to advancements in quantum computing, and backdoors in our devices. People who don't understand technology will not use it to harm others and people who do understand it won't sell out to the aforementioned group. Unicorns will appear in the horizon. All AI systems will have to inform you that they are not people, and all trolls will simply lay back and pick up a book. Aaaaaaaaahhhh potatoes. Bright potatoes of the future.

MajorAugust 22, 2018 1:11 PM

@PeaceHead

I don't know what I can say to people who make assertions with no supporting arguments. I have pointed out specific assertions of Dr. Michens that I disagree with and my reasons for disagreement. i.e. I made an argument. I certainly could be wrong, but proving that requires an argument. Clive can do it. He can give an argument for his positions. Can't you?

Why call yourself Peace Head and then make threatening statements like "No peace without justice", as diffuse as the threat may be? What are you doing for justice?

I will admit that in my youth I made statements like that. I've changed my mind over the years after observing that those who call for justice generally expect somebody else to pay for it, and also frequently end up being revealed to be as unjust and hypocritical as those they criticize.

My approach is to try to help people one at and time, by sponsoring them, tutoring them, giving them scholarships and helping them get that all important first job in their field of interest. I had advantages (and disadvantages too) when I grew up, and I try to give other people opportunities in focused ways so that an individual gets help at a sufficient level that it can be life changing.

What waves of calamities have resulted from cryptocurrency, AI, or the blockchain? Certainly nothing close to the level of damage caused by militarism. I need no convincing that connecting AI to military weapons or nuclear weapons has every potential for calamity, and it is not something I recommend. If we could agree to have military conflicts resolved by AIs in virtual environments perhaps that would be valuable. But humans are too focused on winning to not resort to collective murder if things don't go their way.

There is something to say for "No peace without justice" but its dual "No justice without peace" is even more true. There is no place more unjust than a war zone or a civil war. Innocent people inevitably die and are maimed. Resources are wasted. Despicable people gain power and humans are devalued into pawns. This is not a desirable thing.

MajorAugust 23, 2018 11:19 AM

Here's somebody who likes attaching AIs to weapons systems:

https://quillette.com/2018/08/23/in-defence-of-combat-robots/

The strongest argument is that leaving the "bad guys" to possess these AWS (Autonomous weapons systems, or Amazon Web Services... a coincidence? Or a revealing coded message in The Matrix? Only a your psychiatrist knows for sure!)

I said: Leaving the bad guys to possess these weapons disadvantages the hypothetical "good guys".

Maybe an AI can help us find these "good guys". I haven't seen them around.

PeaceHeadAugust 23, 2018 3:01 PM

@"Major":

You do know, that you are attempting a rebuttal against a song? Without referencing the whole song, it's lyrics, and the full context of the album it's from, the musicians' longstanding discography, and the musicians' in-depth culture, there's really not any kind of worthwhile communication happening. Don Quixote had his days against the windmills I quess.

As for the nitpicking of other people's expositions, that's not my thing; no argument required.

Here's what the quote means to me:

When there's way too much injustice, peace is technically impossible; that's the reality. And pseudo-peace (lack of activity) mandated by abusive practices or fascism or malevolence or violence is not actual peace; without justice, peace does not exist; that's the reality. And for those who comprehend these things, it's a message to the abusers and fascists and malevolent/violent types: "You malevolent types make peace impossible and it's illogical to think that we'd be content with your suffocating oppression as a stand-in for actual peacetime prosperity. Therefore, (in addition to what has already been explained,) true justice is a requirement for peace; subjugation is not peaceful; injustice is not peaceful. The observable causal consequences of preventing justice from prevailing is that severe discontent and unrest will grow and that people fed up with being damaged will stop absorbing the blows; patience will run out; this is the reality that will come back to haunt you, and rather than merely your victims struggling, eventually you will be usurped by the results of your own chaos, and you may be forced to fight for survival instead. This is a reality being described. "

It's not a threat, it's a prediction and a cautionary message, but mostly just an observation of the past and present, and it's merely a comment too: Peace can't exist without justice, so all the wishings for and efforts for peace are incomplete unless injustices are resolved. This is intended to be perceived as a reality not as a baseless opinion nor propaganda. Thus, "No peace without justice, and that's for real."

If you really want to go hunting for stuff to deconstruct, there's already more than a couple decades of musical material from the talented musical artists I quoted from. And I cited them too. Others have their own interpretations of the lyrics, but I'm not them and I don't represent them and do I really need to say this stuff? (rhetorical question!)

No, I'm not looking for a conversation via the wrong channel in the wrong context with the wrong person on the wrong subject.

@Everyone else:

As is normal for the internet, a lot of people's outline style nitpick attack on other people's expositions really don't hold up and aren't convincing. It's not anybody's obligation to respond in full to anybody's shopping list style attempt to undermine somebody else's communication. Neither perspective is new to me, and I'm not on either side of the false dichotomy. Internet sociology already has that type of thing logged and tagged and categorized and shelved (and not all by 4chan nor their lookalikes).

Here's an interesting topic of direct relevance to my post:

https://en.wikipedia.org/wiki/Social_engineering_(security)
https://en.wikipedia.org/wiki/Social_hacking

...yeah, it applies to web forums too. Some show up just to try to incite responses to measure our outputs with their inputs.
I already know what this stuff is so I'm not totally snafued by responding. But to anybody who is new to those, or who perhaps forgot for a moment, it might be hlpful from a security perspective to keep them in mind.

MajorAugust 24, 2018 12:10 PM

@PeaceHead

It may be that you just don't understand me. I am simply saying that you were just postulating things without reasons. It's fine, but it is not going to convince anyone. When I said for example that Dr. Micken's pyramid argument didn't make sense, I demonstrated why, in a bulletproof way that I would like to see anyone refute. Now that was a particularly egregious statement on his part. Other arguments I make certainly are not as clear cut.

But you are making a fine argument for "No peace without justice". I recognize it as a common statement even if I don't know offhand its source. It doesn't really matter. It seems like you mean it, that it is not an ironic statement.

As I said in my previous response: I agree that "No peace without justice" has its point. I am just saying that war is a very expensive way to seek justice. Even a seemingly just war such as WWII left the "good guys" doing very questionable things such as the Dresden firebombing and Hiroshima and Nagasaki. Maybe that's nitpicking to you, but not by my standards.

In general, I think my discussion of Dr. Mickens has focused on his core points and is far from nitpicking. "Nitpicking" is an all purpose response that simply serves as an excuse for not addressing the arguments presented. Obviously, this is a common mode in the world now. Trump sort of set it off, and now many liberals have decided as well that calling whatever the other side says "false news", or "racism", or "nitpicking", or "the words of white men" substitutes for an honest effort to understand or respond.

I have also pointed out areas of Dr. Micken's videos that I find promising, particularly the IoT firewall mitigation. I really try to be fair. He is an engaging speaker. I do not dislike him. I suspect the breakout groups he refers to might answer some of my objections.

I agree that order obtained through oppression is not peace. Nor is it justice. But I also observe that war zones are not just places either. (I am still chilled by the Omaha Beach scenes of Saving Private Ryan in which the "good guys" summarily execute Germans trying to surrender, the rules of war be damned.)

I observe that living conditions world wide have improved and poverty reduced despite the increased inequality. Gay marriage and trans people are not the targets they once were. We do seem to be improving, albeit incompletely and inconsistently. I would prefer that we evolve a more just society rather than trying to impose one with violence.

I really don't think I am promulgating any dichotomy. I perceive myself as being in the middle. I don't hate any group of people, although a lot of what happens on the right, and the left and among different religious groups (including atheists) leaves me scratching my head or perhaps writing a post.

To me all these issues are in shades of gray. I make an argument, then somebody like Clive can respond, and I get to learn something. I am not some propaganda machine, just somebody trying to think things through with other people. I am happy to find that my positions are incorrect or incomplete because this is the first step to developing more accurate positions.

But I learn nothing if somebody doesn't share how they come to their position. Certainly nobody has to respond to what I say, but if somebody responds to a position that I support with reasons with a proclamation of truth that is not backed up with reasons, then I am free to point out that the emperor wears no clothes.

In this last post you do make an argument so I have nothing to complain about on that score. You explained why you think the statement "No peace without justice" is a true statement and, in broad strokes, we are basically in agreement. And I understand your position better.

But you also introduced accusations about "deconstructing", claiming I need to know everything about the source of the statement "No peace..." in order to comment on the statement itself, and suggesting that this is some kind of social engineering attack on my part.

I really do not agree with this level of what you are saying. I am trying to think issues through with the assistance of others. I do not have any ulterior motives. And even if I did, arguments stand on their own. Whether something is a song lyric, or I am a Republican or Democrat, man or woman, black or non-black, does not determine how true my argument is. And what I say may only be partially true (or mostly false). The world isn't black and white. Nobody clearly has the final answer to the problems of our existence and our society.

But I think this blog is one of the best places to have reasoned discussions about security and the issues that arise while talking about security.

In sum: PeaceHead, I appreciate that you explained your position vis a vis "No peace with justice". Although we are not in full agreement, we are talking. I offer you an olive branch.

MajorAugust 24, 2018 12:15 PM

@PeaceHead

Typo: I meant:

In sum: PeaceHead, I appreciate that you explained your position vis a vis "No peace withOUT justice". Although we are not in full agreement, we are talking. I offer you an olive branch.

GordonAugust 26, 2018 1:57 PM

Great talk. My only criticism is that it’s PARTick Thistle, not PATrick Thistle. Yes, I’m the Partick Thistle supporter. Yes, obviously I’m originally from Partick, Glasgow. No, I didn’t buy the “Partick Thistle supporting Cybersecurity professionals who live in America” T-Shirt that the advert offered me. Just don’t.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.