Page 384

Friday Squid Blogging: Biodegradable Thermoplastic Inspired by Squid Teeth

There’s a new 3D-printable biodegradable thermoplastic:

Pennsylvania State University researchers have synthesized a biodegradable thermoplastic that can be used for molding, extrusion, 3D printing, as an adhesive, or a coating using structural proteins from the ring teeth on squid tentacles.

Another article:

The researchers took genes from a squid and put it into E. coli bacteria. “You can insert genes into this organism and while it produces its own genes, [it] produces this extra protein,” Demirel explains. He compares the process to making wine or beer, except that instead of the fermentation process producing alcohol, it produces more of the synthesized squid protein.

They began producing the material in a 1-liter tank, but by now have started using a 300-liter tank and can make 30-40 grams a day. In addition, they’ve made several changes to make the production process cheaper, whittling the cost down from $50 per gram to $100 per kilogram. Demirel says they are looking at using algae instead of bacteria to cut down costs further.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Tags:

Posted on March 6, 2015 at 4:21 PMView Comments

Data and Goliath's Big Idea

Data and Goliath is a book about surveillance, both government and corporate. It’s an exploration in three parts: what’s happening, why it matters, and what to do about it. This is a big and important issue, and one that I’ve been working on for decades now. We’ve been on a headlong path of more and more surveillance, fueled by fear­—of terrorism mostly­—on the government side, and convenience on the corporate side. My goal was to step back and say “wait a minute; does any of this make sense?” I’m proud of the book, and hope it will contribute to the debate.

But there’s a big idea here too, and that’s the balance between group interest and self-interest. Data about us is individually private, and at the same time valuable to all us collectively. How do we decide between the two? If President Obama tells us that we have to sacrifice the privacy of our data to keep our society safe from terrorism, how do we decide if that’s a good trade-off? If Google and Facebook offer us free services in exchange for allowing them to build intimate dossiers on us, how do we know whether to take the deal?

There are a lot of these sorts of deals on offer. Waze gives us real-time traffic information, but does it by collecting the location data of everyone using the service. The medical community wants our detailed health data to perform all sorts of health studies and to get early warning of pandemics. The government wants to know all about you to better deliver social services. Google wants to know everything about you for marketing purposes, but will “pay” you with free search, free e-mail, and the like.

Here’s another one I describe in the book: “Social media researcher Reynol Junco analyzes the study habits of his students. Many textbooks are online, and the textbook websites collect an enormous amount of data about how­—and how often­—students interact with the course material. Junco augments that information with surveillance of his students’ other computer activities. This is incredibly invasive research, but its duration is limited and he is gaining new understanding about how both good and bad students study­—and has developed interventions aimed at improving how students learn. Did the group benefit of this study outweigh the individual privacy interest of the subjects who took part in it?”

Again and again, it’s the same trade-off: individual value versus group value.

I believe this is the fundamental issue of the information age, and solving it means careful thinking about the specific issues and a moral analysis of how they affect our core values.

You can see that in some of the debate today. I know hardened privacy advocates who think it should be a crime for people to withhold their medical data from the pool of information. I know people who are fine with pretty much any corporate surveillance but want to prohibit all government surveillance, and others who advocate the exact opposite.

When possible, we need to figure out how to get the best of both: how to design systems that make use of our data collectively to benefit society as a whole, while at the same time protecting people individually.

The world isn’t waiting; decisions about surveillance are being made for us­—often in secret. If we don’t figure this out for ourselves, others will decide what they want to do with us and our data. And we don’t want that. I say: “We don’t want the FBI and NSA to secretly decide what levels of government surveillance are the default on our cell phones; we want Congress to decide matters like these in an open and public debate. We don’t want the governments of China and Russia to decide what censorship capabilities are built into the Internet; we want an international standards body to make those decisions. We don’t want Facebook to decide the extent of privacy we enjoy amongst our friends; we want to decide for ourselves.”

In my last chapter, I write: “Data is the pollution problem of the information age, and protecting privacy is the environmental challenge. Almost all computers produce personal information. It stays around, festering. How we deal with it­—how we contain it and how we dispose of it­—is central to the health of our information economy. Just as we look back today at the early decades of the industrial age and wonder how our ancestors could have ignored pollution in their rush to build an industrial world, our grandchildren will look back at us during these early decades of the information age and judge us on how we addressed the challenge of data collection and misuse.”

That’s it; that’s our big challenge. Some of our data is best shared with others. Some of it can be ‘processed’­—anonymized, maybe­—before reuse. Some of it needs to be disposed of properly, either immediately or after a time. And some of it should be saved forever. Knowing what data goes where is a balancing act between group and self-interest, a trade-off that will continually change as technology changes, and one that we will be debating for decades to come.

This essay previously appeared on John Scalzi’s blog Whatever.

EDITED TO ADD (3/7): Hacker News thread.

Tags: , , , ,

Posted on March 6, 2015 at 2:10 PMView Comments

FREAK: Security Rollback Attack Against SSL

This week, we learned about an attack called “FREAK”—”Factoring Attack on RSA-EXPORT Keys”—that can break the encryption of many websites. Basically, some sites’ implementations of secure sockets layer technology, or SSL, contain both strong encryption algorithms and weak encryption algorithms. Connections are supposed to use the strong algorithms, but in many cases an attacker can force the website to use the weaker encryption algorithms and then decrypt the traffic. From Ars Technica:

In recent days, a scan of more than 14 million websites that support the secure sockets layer or transport layer security protocols found that more than 36 percent of them were vulnerable to the decryption attacks. The exploit takes about seven hours to carry out and costs as little as $100 per site.

This is a general class of attack I call “security rollback” attacks. Basically, the attacker forces the system users to revert to a less secure version of their protocol. Think about the last time you used your credit card. The verification procedure involved the retailer’s computer connecting with the credit card company. What if you snuck around to the back of the building and severed the retailer’s phone lines? Most likely, the retailer would have still accepted your card, but defaulted to making a manual impression of it and maybe looking at your signature. The result: you’ll have a much easier time using a stolen card.

In this case, the security flaw was designed in deliberately. Matthew Green writes:

Back in the early 1990s when SSL was first invented at Netscape Corporation, the United States maintained a rigorous regime of export controls for encryption systems. In order to distribute crypto outside of the U.S., companies were required to deliberately “weaken” the strength of encryption keys. For RSA encryption, this implied a maximum allowed key length of 512 bits.

The 512-bit export grade encryption was a compromise between dumb and dumber. In theory it was designed to ensure that the NSA would have the ability to “access” communications, while allegedly providing crypto that was still “good enough” for commercial use. Or if you prefer modern terms, think of it as the original “golden master key.”

The need to support export-grade ciphers led to some technical challenges. Since U.S. servers needed to support both strong and weak crypto, the SSL designers used a “cipher suite” negotiation mechanism to identify the best cipher both parties could support. In theory this would allow “strong” clients to negotiate “strong” ciphersuites with servers that supported them, while still providing compatibility to the broken foreign clients.

And that’s the problem. The weak algorithms are still there, and can be exploited by attackers.

Fixes are coming. Companies like Apple are quickly rolling out patches. But the vulnerability has been around for over a decade, and almost has certainly used by national intelligence agencies and criminals alike.

This is the generic problem with government-mandated backdoors, key escrow, “golden keys,” or whatever you want to call them. We don’t know how to design a third-party access system that checks for morality; once we build in such access, we then have to ensure that only the good guys can do it. And we can’t. Or, to quote the Economist: “…mathematics applies to just and unjust alike; a flaw that can be exploited by Western governments is vulnerable to anyone who finds it.”

This essay previously appeared on the Lawfare blog.

EDITED TO ADD: Microsoft Windows is vulnerable.

Tags: , , , , , , , , ,

Posted on March 6, 2015 at 10:46 AMView Comments

The TSA's FAST Personality Screening Program Violates the Fourth Amendment

New law journal article: “A Slow March Towards Thought Crime: How the Department of Homeland Security’s FAST Program Violates the Fourth Amendment,” by Christopher A. Rogers. From the abstract:

FAST is currently designed for deployment at airports, where heightened security threats justify warrantless searches under the administrative search exception to the Fourth Amendment. FAST scans, however, exceed the scope of the administrative search exception. Under this exception, the courts would employ a balancing test, weighing the governmental need for the search versus the invasion of personal privacy of the search, to determine whether FAST scans violate the Fourth Amendment. Although the government has an acute interest in protecting the nation’s air transportation system against terrorism, FAST is not narrowly tailored to that interest because it cannot detect the presence or absence of weapons but instead detects merely a person’s frame of mind. Further, the system is capable of detecting an enormous amount of the scannee’s highly sensitive personal medical information, ranging from detection of arrhythmias and cardiovascular disease, to asthma and respiratory failures, physiological abnormalities, psychiatric conditions, or even a woman’s stage in her ovulation cycle. This personal information warrants heightened protection under the Fourth Amendment. Rather than target all persons who fly on commercial airplanes, the Department of Homeland Security should limit the use of FAST to where it has credible intelligence that a terrorist act may occur and should place those people scanned on prior notice that they will be scanned using FAST.

Tags: , , , ,

Posted on March 6, 2015 at 6:28 AMView Comments

Now Corporate Drones are Spying on Cell Phones

The marketing firm Adnear is using drones to track cell phone users:

The capture does not involve conversations or personally identifiable information, according to director of marketing and research Smriti Kataria. It uses signal strength, cell tower triangulation, and other indicators to determine where the device is, and that information is then used to map the user’s travel patterns.

“Let’s say someone is walking near a coffee shop,” Kataria said by way of example.

The coffee shop may want to offer in-app ads or discount coupons to people who often walk by but don’t enter, as well as to frequent patrons when they are elsewhere. Adnear’s client would be the coffee shop or other retailers who want to entice passersby.

[…]

The system identifies a given user through the device ID, and the location info is used to flesh out the user’s physical traffic pattern in his profile. Although anonymous, the user is “identified” as a code. The company says that no name, phone number, router ID, or other personally identifiable information is captured, and there is no photography or video.

Does anyone except this company believe that device ID is not personally identifiable information?

Tags: , , , ,

Posted on March 5, 2015 at 6:33 AMView Comments

Tom Ridge Can Find Terrorists Anywhere

One of the problems with our current discourse about terrorism and terrorist policies is that the people entrusted with counterterrorism—those whose job it is to surveil, study, or defend against terrorism—become so consumed with their role that they literally start seeing terrorists everywhere. So it comes as no surprise that if you ask Tom Ridge, the former head of the Department of Homeland Security, about potential terrorism risks at a new LA football stadium, of course he finds them everywhere.

From a report he prepared—paid, I’m sure—about the location of a new football stadium:

Specifically, locating an NFL stadium at the Inglewood-Hollywood Park site needlessly increases risks for existing interests: LAX and tenant airlines, the NFL, the City of Los Angeles, law enforcement and first responders as well as the citizens and commercial enterprises in surrounding areas and across global transportation networks and supply chains. That risk would be expanded with the additional stadium and “soft target” infrastructure that would encircle the facility locally.

To be clear, total risk cannot be eliminated at any site. But basic risk management principles suggest that the proximity of these two sites creates a separate and additional set of risks that are wholly unnecessary.

In the post 9/11 world, the threat of terrorism is a permanent condition. As both a former governor and secretary of homeland security, it is my opinion that the peril of placing a National Football League stadium in the direct flight path of LAX—layering risk—outweigh any benefits over the decades-long lifespan of the facility.

If a decision is made to move forward at the Inglewood/Hollywood Park site, the NFL, state and local leaders, and those they represent, must be willing to accept the significant risk and the possible consequences that accompany a stadium at the location. This should give both public and private leaders in the area some pause. At the very least, an open, public debate should be enabled so that all interests may understand the comprehensive and interconnected security, safety and economic risks well before a shovel touches the ground.

I’m sure he can’t help himself.

I am reminded of Glenn Greenwald’s essay on the “terrorist expert” industry. I am also reminded of this story about a father taking pictures of his daughters.

On the plus side, now we all have a convincing argument against development. “You can’t possibly build that shopping mall near my home, because OMG! terrorism.”

Tags: , , , ,

Posted on March 4, 2015 at 6:40 AMView Comments

Data and Goliath: Reviews and Excerpts

On the net right now, there are excerpts from the Introduction on Scientific American, Chapter 5 on the Atlantic, Chapter 6 on the Blaze, Chapter 8 on Ars Technica, Chapter 15 on Slate, and Chapter 16 on Motherboard. That might seem like a lot, but it’s only 9,000 of the book’s 80,000 words: barely 10%.

There are also a few reviews: from Boing Boing, Booklist, Kirkus Reviews, and Nature. More reviews coming.

Amazon claims to be temporarily out of stock, but that’ll only be for a day or so. There are many other places to buy the book, including Indie Bound, which serves independent booksellers.

Book website is here.

Tags: ,

Posted on March 3, 2015 at 1:03 PMView Comments

The Democratization of Cyberattack

The thing about infrastructure is that everyone uses it. If it’s secure, it’s secure for everyone. And if it’s insecure, it’s insecure for everyone. This forces some hard policy choices.

When I was working with the Guardian on the Snowden documents, the one top-secret program the NSA desperately did not want us to expose was QUANTUM. This is the NSA’s program for what is called packet injection—basically, a technology that allows the agency to hack into computers.

Turns out, though, that the NSA was not alone in its use of this technology. The Chinese government uses packet injection to attack computers. The cyberweapons manufacturer Hacking Team sells packet injection technology to any government willing to pay for it. Criminals use it. And there are hacker tools that give the capability to individuals as well.

All of these existed before I wrote about QUANTUM. By using its knowledge to attack others rather than to build up the internet’s defenses, the NSA has worked to ensure that anyone can use packet injection to hack into computers.

This isn’t the only example of once-top-secret US government attack capabilities being used against US government interests. StingRay is a particular brand of IMSI catcher, and is used to intercept cell phone calls and metadata. This technology was once the FBI’s secret, but not anymore. There are dozens of these devices scattered around Washington, DC, as well as the rest of the country, run by who-knows-what government or organization. By accepting the vulnerabilities in these devices so the FBI can use them to solve crimes, we necessarily allow foreign governments and criminals to use them against us.

Similarly, vulnerabilities in phone switches—SS7 switches, for those who like jargon—have been long used by the NSA to locate cell phones. This same technology is sold by the US company Verint and the UK company Cobham to third-world governments, and hackers have demonstrated the same capabilities at conferences. An eavesdropping capability that was built into phone switches to enable lawful intercepts was used by still-unidentified unlawful intercepters in Greece between 2004 and 2005.

These are the stories you need to keep in mind when thinking about proposals to ensure that all communications systems can be eavesdropped on by government. Both the FBI’s James Comey and UK Prime Minister David Cameron recently proposed limiting secure cryptography in favor of cryptography they can have access to.

But here’s the problem: technological capabilities cannot distinguish based on morality, nationality, or legality; if the US government is able to use a backdoor in a communications system to spy on its enemies, the Chinese government can use the same backdoor to spy on its dissidents.

Even worse, modern computer technology is inherently democratizing. Today’s NSA secrets become tomorrow’s PhD theses and the next day’s hacker tools. As long as we’re all using the same computers, phones, social networking platforms, and computer networks, a vulnerability that allows us to spy also allows us to be spied upon.

We can’t choose a world where the US gets to spy but China doesn’t, or even a world where governments get to spy and criminals don’t. We need to choose, as a matter of policy, communications systems that are secure for all users, or ones that are vulnerable to all attackers. It’s security or surveillance.

As long as criminals are breaking into corporate networks and stealing our data, as long as totalitarian governments are spying on their citizens, as long as cyberterrorism and cyberwar remain a threat, and as long as the beneficial uses of computer technology outweighs the harmful uses, we have to choose security. Anything else is just too dangerous.

This essay previously appeared on Vice Motherboard.

EDITED TO ADD (3/4): Slashdot thread.

Tags: , , , , , , ,

Posted on March 2, 2015 at 6:49 AMView Comments

← Earlier EntriesLater Entries →

Sidebar photo of Bruce Schneier by Joe MacInnis.