Quotulatiousness

June 11, 2013

The elephant in the IT room – who can you trust?

Filed under: Technology — Tags: , , , — Nicholas @ 10:00

At The Register, Trevor Pott explains why trust is the key part of your personal online security:

Virtually everything we work with on a day-to-day basis is built by someone else. Avoiding insanity requires trusting those who designed, developed and manufactured the instruments of our daily existence.

All these other industries we rely on have evolved codes of conduct, regulations, and ultimately laws to ensure minimum quality, reliability and trust. In this light, I find the modern technosphere’s complete disdain for obtaining and retaining trust baffling, arrogant and at times enraging.

Let’s use authentication systems as a fairly simple example. Passwords suck, we all know they suck, and yet the majority of us still try to use easy to remember (and thus easy to crack) passwords for virtually everything.

The use of password managers and two-factor authentication is on the rise, but we have once more run into a classic security versus usability issue with both technologies.

[. . .]

Trust as a design principle

The technosphere doesn’t think like this. Very few design their products around trust, or the lack thereof. We’ve become obsessed with how the technology works and what that technology can enable; technology is easy, people are hard. How the technology we create integrates into the larger reality of politics, law, emotion and the other people-centric elements, is often overlooked.

In some cases it is simply a matter of having a limited target audience; American firms designing for American users, for example. It is impossible for most to really understand the intricacies of trust issues in all their variegated permutations. It is human to be limited in our vision, and scope of understanding.

H/T to Bruce Schneier for the link.

Federal government denies collecting electronic data on Canadians

Filed under: Cancon, Government, Media, Technology — Tags: , , , , , — Nicholas @ 08:55

Oh, well, if the government denies doing something I guess they pretty much have to be telling the truth, right? Unfortunately, the photo accompanying this Toronto Star article doesn’t show if Peter MacKay is crossing the fingers on his left hand:

The Conservative government flatly denies Canadian spy agencies are conducting any unauthorized electronic snooping operations.

After facing questions from the NDP Opposition about how far he has authorized Ottawa’s top secret eavesdropping spy agency to go, a terse Conservative Defence Minister Peter MacKay left the Commons, telling the Star: “We don’t target Canadians, okay.”

A former Liberal solicitor general says that doesn’t mean other allied spy agencies don’t collect information on Canadians and share it with the Canadian spying establishment.

Liberal MP Wayne Easter, who was minister responsible for the spy agency CSIS in 2002-03, told the Star that in the post-9/11 era a decade ago it was common for Canada’s allies to pass on information about Canadians that they were authorized to gather but Ottawa wasn’t.

The practice was, in effect, a back-door way for sensitive national security information to be shared, not with the government, but Communications Security Establishment Canada (CSEC) and, if necessary, the Canadian Security Intelligence Service (CSIS).

CSEC is a new bit of alphabet soup in the public sphere … I’d never heard of the organization until yesterday. Tonda MacCharles explains what the agency is empowered to do:

The CSEC, an agency that is rarely in the public eye, has far-reaching national security powers to monitor and map electronic communication signals around the globe.

It is forbidden by law to target or direct its spying on Canadians regardless of their location anywhere in the world, or at any person in Canada regardless of their nationality.

The National Defence Act says CSE may, however, unintentionally intercept Canadians’ communications, but must protect their privacy in the use and retention of such “intercepted information.” The agency’s “use” of the information is also restricted to cases where it is “essential to international affairs, defence or security.”

CSEC’s job is to aid federal law enforcement and security agencies, including the military, in highly sensitive operations. It was a key component of Canadian operations in Afghanistan, for example.

June 8, 2013

Don’t put too much faith in denials from Verizon and other companies…

Filed under: Business, Government, Law, Liberty, Technology — Tags: , , , , , — Nicholas @ 10:10

As Mic Wright points out, the companies named in the Prism leaks may not be acting as free agents:

Pastor Niemoller’s “First they came…” poem is over-quoted but with good reason. It is far too easy to be complacent. Addicted and reliant as many of us are on free web services, it’s more convenient to just accept the companies outright denials that they have been complicit with the NSA’s programme. But look closely at those statements and things become rather less clear, as Michael Arrington pointed out.

The tech industry’s denials have been carefully drafted and similarly worded. It is not unfeasible to imagine that those companies have turned over users’ personal information to the NSA in another fashion. Facebook founder and CEO Mark Zuckerberg’s statement was one of the strongest: “Facebook is not and has never been part of any program to give the US or any other government direct access to our servers. We have never received a blanket request or court order from any government agency asking for information…”

Zuckerberg’s words are reassuring until you consider that any company that receives an order under the Foreign Intelligence Surveillance Act Amendments Act — the legislation the Obama administration is using to justify the broad surveillance — is forbidden from disclosing they have received it or disclosing any information about it. It’s not surprising that no mea culpas have emerged from major tech firms or that Palantir — the big data surveillance company with the $5 billion valuation and CIA funding — denies any connection with the project. The NSA has been a Palantir client and one of the company’s co-founders, billionaire investor Peter Thiel, also sits on Facebook’s board.

Anonymous claims to have successfully hacked Turkish government network

Filed under: Europe, Government, Middle East, Technology — Tags: , , , — Nicholas @ 09:48

A report at RT.com says the Turkish government’s internal network has been breached by members of Anonymous:

Turkish government networks were hacked on Wednesday, compromising the private information of staffers in PM Tayyip Erdogan’s office, a source in PM’s office confirmed to Reuters. The attack was in support of the ongoing anti-government protests.

Staff email accounts were reportedly accessed after a phishing attack, and those affected were cut off from the network, a source said.

Anonymous hacked the Prime Minister’s official website (basbakanlik.gov.tr) and gained access to staff email addresses, passwords and phone numbers, the group said in a press release.

[. . .]

The group also stressed it will not share most of the hacked data because it “respects people’s privacy” and “does not believe in the full use of power against the weak.”

June 6, 2013

Rail technology changes on a slower timescale than other transportation systems

Filed under: Business, Railways, Technology — Tags: , , , , — Nicholas @ 09:50

The Economist looks at innovation in the railway business:

Compared with other modes of transport, train technology might seem to be progressing as slowly as a suburban commuter service rattling its way from one station to another. Automotive technology, by contrast, changes constantly: in the past decade satellite-navigation systems, hybrid power trains, proximity sensors and other innovations have proliferated. Each time you buy a new car, you will notice a host of new features. Progress is apparent in aircraft, too, with advances in in-flight entertainment and communication, fancy seats that turn into beds, and quieter and more efficient engines. Trains, meanwhile, appear to have changed a lot less.

Actually, the perception of change is much greater for cars and airplanes, but there are few changes in those areas that are not merely evolutionary rather than revolutionary. Incremental changes are the rule of the day, as neither cars nor planes travel significantly faster than they did thirty years ago … but they do it safer and more comfortably now.

This comparison is not entirely fair. For one thing, people buy their own cars, so they pay more attention to automotive innovation. Carmakers are engaged in a constant arms race, trumpeting new features as a way to differentiate their products. Nobody buys their own trains. Similarly, air passengers have a choice of competing airlines and are far more likely to be aware of the merits of rival fleets than they are of different types of train. In addition, notes Paul Priestman of Priestmangoode, a design consultancy that specialises in transport, trains have longer lives, so technology takes longer to become widespread. The planning horizon for one rail project he is working on extends to 2050. “You have to think about longevity, whereas the car industry wants you to buy a new car in two years,” he says.

Another big difference is that the way railways operate — with a small number of powered units (locomotives) and a very large number of unpowered units (freight cars and passenger cars) that have to be reliably connected to one another and operate successfully. A car can go on any kind of road (or even none, in many places) and a plane can fly in any part of the sky, but a train needs an engineered right-of-way that falls within established standards of curvature, elevation change, and overhead and side clearance. Because of this, any piece of railway equipment that does not run on its own isolated track (like monorails or the various flavours of high speed railways) must always meet the existing standards … which have been slowly evolving since the mid-nineteenth century. With so much capital invested in existing right-of-way and rolling stock, the costs for introducing significant changes can be astronomical.

There’s also the fact that unlike other forms of transportation, passenger and freight trains operate in different and sometimes conflicting ways. Passenger trains need to operate on a known schedule between high population centres at relatively high speed. With higher speed goes a need for better braking systems and more capable signalling methods. Unlike a train full of new cars or iron ore, you can’t just park a train full of living human beings on a siding for a few hours to allow slower trains to clear the way (unless you’re Amtrak or VIA). Passenger trains have to have top priority, which often means the railways have to delay freight traffic to ensure that the passengers are not unduly delayed.

One solution to the problem is to provide separate tracks for the passenger trains, but this can be very expensive, as the places where the extra tracks would be most effective is also where the land is at peak cost: in and around major cities. Most passenger trains are now run by government agencies or corporations acting as agents for local, regional, or state governments, so they sometimes use the power of eminent domain to gain access to the land. This is a politically fraught area, as the more land they need to take, the tougher the process will get.

Brakes are also getting an upgrade. Stopping a train can take so long that locomotive-operators, also known as engineers, often have time to contemplate their fate before an impact. “Your life races before you,” says a former operator who, years ago in Alabama, helplessly watched as his freight train, its emergency brakes screeching, headed towards a stalled truck that ultimately managed to pull off the tracks in time. Stopping a train pulling a hundred cars at 80kph can require 2km of track. Road accidents take far more lives, but 1,239 people were killed in more than 2,300 railway accidents in 2011 in the European Union alone.

Much of the problem is that the faster a train’s wheels are spinning, the hotter its brake shoes get when engaged. This reduces friction and hence braking power, a predicament known as “heat fade”. Moreover, nearly all trains power their brakes with compressed air. When switched on, air brakes activate car by car, from the locomotive to the back of the train. It can take more than two minutes for the signal to travel via air tubes to the last car.

Again, it’s not physically or financially possible to switch over all existing cars to newer technology in one fell swoop, so any updated brake technology must be 100% compatible with what is already in use, or you risk creating more dangerous situations because some brakes may operate out of sequence which will increase the chances of accidents.

Norfolk Southern, an American rail operator, now pulls roughly one-sixth of its freight using locomotives equipped with “route optimisation” software. By crunching numbers on a train’s weight distribution and a route’s curves, grades and speed limits, the software, called Leader, can instruct operators on optimum accelerating and braking to minimise fuel costs. Installing the software and linking it wirelessly to back-office computers is expensive, says Coleman Lawrence, head of the company’s 4,000-strong locomotive fleet. But the software cuts costs dramatically, reducing fuel consumption by about 5%. That is a big deal for a firm that spent $1.6 billion on diesel in 2012. Mr Lawrence reckons that by 2016 Norfolk Southern may be pulling half its freight with Leader-upgraded locomotives. A competing system sold by GE, Trip Optimizer, goes further and operates the throttle and brakes automatically.

This is a good use of computer technology: you add the software on top of the existing infrastructure and use it to detect operational gains without needing to make system-wide changes to all freight cars.

June 3, 2013

CRTC rule changes may finally signal the end of the three-year phone contract

Filed under: Business, Cancon, Technology — Tags: , , — Nicholas @ 10:54

In Maclean’s, Steve Rennie outlines the new cell phone rules to come into effect later this year:

Wireless customers will be able to cancel their cellphone contracts after two years without any penalties — even if they’ve signed up for longer terms — under a new set of rules unveiled Monday by the federal telecom regulator.

However, the Canadian Radio-television and Telecommunications Commission didn’t go as far as an outright ban on the three-year contracts that Canadians vented so much about earlier this year as the national code for wireless services was being drafted.

“We didn’t focus on the length of the contract, we focused on the economic relation,” CRTC chairman Jean-Pierre Blais said in an interview.

“So, in effect, it’s equivalent to those asking for a ban of three-year contract without us actually banning three-year contracts, because what we’re saying is the contract’s amortization period can only be for a maximum period of 24 months.”

There’s also good news for those who travel with their cell phones (that’d be pretty much every Canadian traveller these days):

The CRTC is also capping extra data charges at $50 per month and international data roaming charges at $100 per month to avoid huge, surprise bills.

The regulator will require providers to allow customers to unlock their devices after 90 days, or immediately if they pay the full amount of the device.

June 1, 2013

QotD: Internet espionage

Filed under: China, Humour, Quotations, Technology — Tags: , , , — Nicholas @ 08:26

A new report says that the Chinese are hacking American computer networks at an alarming rate. This is hardly news. I’ve been including the phrase “早安,我抱歉有沒有在這封電子郵件中的商業秘密或加拿大色情。請停止殺害酷動物啄木鳥醫學。剛剛買了一些偉哥了” at the bottom of every e-mail for months (I put it just above where it says “Hello Mr. Holder!”). It means, according to Google translate: “Good Morning, I’m sorry there’s no trade secrets or Canadian porn in this e-mail. Please stop killing cool animals for pecker medicine. Just buy some Viagra already.”

What is new is the scope of the problem the report lays out. This is a thorny issue and I think the U.S. needs to be much, much more aggressive in combating it. Why it’s not a bigger issue for the WTO, for instance, is baffling to me. They are stealing our stuff, which strikes me as a bigger deal than taxing it at the border.

Explaining to the Chinese leadership that they shouldn’t be doing this because it’s wrong is like explaining to a dog licking its nethers that what he’s doing is bad manners: To the extent they understand at all, they couldn’t care less. They respect power. They understand when you put a price on bad behavior. So we need to put a price on Chinese hacking. It’s really that simple. The hard thing to figure out is how.

Jonah Goldberg, “Chiiiiiicoms in (Cyber) Spaaaaaaaaaaaace!”, The Goldberg File, 2013-05-31

May 31, 2013

Everyone is watching – the rise of “Little Brother”

Filed under: Law, Liberty, Media, Technology — Tags: , , — Nicholas @ 09:56

In The New Yorker, Maria Bustillos talks about the ubiquity of non-government surveillance:

… the same technological advances that have empowered the rise of Big Brother have created another wrinkle in the story. We might call it the emergence of Little Brother: the ordinary citizen who by chance finds himself in a position to record events of great public import, and to share the results with the rest of us. This has become immeasurably easier and more likely with the near-ubiquitous proliferation of high-quality recording devices. (As I learned after publishing this, the term had been coined earlier, and Cory Doctorow used it in 2007 for his book of the same name.)

The era of Little Brother was perhaps inaugurated in November, 1963, with the Kodachrome II 8-mm. film of John F. Kennedy’s assassination inadvertently captured by the Dallas clothing manufacturer Abraham Zapruder. George Holliday’s videotape of the March, 1991, beating of Rodney King in Los Angeles, and Scott Prouty’s forty-seven-per-cent video, which arguably cost Mitt Romney the Presidency last year, fall into the same class.

There is a surprisingly rich and dynamic academic literature developing around the concept of “sousveillance,” a term coined by the University of Toronto professor and inventor Steve Mann to describe privately made recordings that can serve as a counterweight to institutional and government surveillance. Mann is famous for approaching these questions from the perspective of wearable computing, a field in which he is one of the earliest pioneers; his apparent eccentricity is belied by the gravity and lucidity of his writing, which is heavily influenced by Foucault’s views on panopticism:

    One way to challenge and problematize both surveillance and acquiescence to it is to resituate these technologies of control on individuals, offering panoptic technologies to help them observe those in authority. We call this inverse panopticon “sousveillance” from the French words for “sous” (below) and “veiller” to watch.

    Sousveillance is a form of “reflectionism,” a term invented by Mann (1998) for a philosophy and procedures of using technology to mirror and confront bureaucratic organizations. Reflectionism holds up the mirror and asks the question: “Do you like what you see?” If you do not, then you will know that other approaches by which we integrate society and technology must be considered.

H/T to Bruce Schneier for the link.

May 30, 2013

High speed steam run

Filed under: Britain, History, Railways, Technology — Tags: , — Nicholas @ 07:54

LNER A4 Class 4464 (60019) “Bittern” has been given dispensation to run at 90MPH on the East Coast Main Line in July, to celebrate the 75th Anniversary of Mallard’s world speed record, subject to a satisfactory high speed test. This is that test. The weather was perfect — damp, cool, no wind. Bittern left Didcot at 05:23 am and flew through Slough 05:58 at full pelt for an average of 60mph over the 35 miles. The 6.2 mile section between Maidenhead and Slough was completed in 4 minutes, an average of 93MPH. Using film time markers I timed the whole train at 90mph through Taplow where this film was shot.

Given the two sets of hand cranked data, and with no speed gun to hand, I am happy to put the 90MPH stamp on the film title.

H/T to Jim Guthrie for the link.

May 24, 2013

Australian police in a lather over 3D printed guns

Filed under: Australia, Law, Liberty, Technology — Tags: , , — Nicholas @ 08:17

In The Register, Simon Sharwood covers the anguished response of police in New South Wales over the availability of “The Liberator”:

The New South Wales Police Force, guardians of Australia’s most-populous state, have gotten themselves into a panic over the Liberator, the 3D-printable pistol.

The Force’s Commissioner Andrew Schipione today appeared at a press conference to denounce the Liberator and urge residents of the State not to download plans for the gun.

Schipione offered this advice after the Force’s ballistics team acquired a 3D printer, downloaded plans for the Liberator and assembled a pair of the pistols.

One, when fired into a resin block said to simulate human flesh, is said to have penetrated to a depth of 17 fatal-injury-inducing centimetres.

The other experienced “catastrophic failure”, as we predicted a couple of weeks ago. […] That failure didn’t stop Schipione declaring the Liberator a threat to public safety.

To understand why, you need to know that NSW has of late experienced gun violence at rather unusual levels by Australian standards (which means over a year all of Sydney had about half an episode’s worth of gun violence on The Wire). That spate of shootings has led to Operation UNIFICATION, an effort kicking off this weekend that encourages Australians to rat out strike a blow for public safety by informing Police about illegal guns.

May 20, 2013

Counterfeit $100 bills now in circulation, despite all the anti-counterfeiting features

Filed under: Cancon, Technology — Tags: , , , — Nicholas @ 09:44

The new polymer bills were touted as having very hard to counterfeit features, and people apparently believed what they were told — because they haven’t been bothering to check the new bills:

Less than two years ago, the head of the RCMP said Canada’s new polymer bank notes would go a long way in deterring the threat of counterfeiting.

Just last month, the Bank of Canada announced the notes’ sophisticated transparency and holography made them “the most secure bank note series ever issued” by the institution.

Too bad somebody forgot to tell criminals in British Columbia.

Mounties and municipal police in Metro Vancouver are warning the public that several of the fake $100 bills have been detected in the region over the past few weeks.

The fanfare about the security features on the bills, may be part of the problem, said RCMP Sgt. Duncan Pound.

“Because the polymer series’ notes are so secure … there’s almost an overconfidence among retailers and the public in terms of when you sort of see the strip, the polymer looking materials, everybody says ‘oh, this one’s going to be good because you know it’s impossible to counterfeit,'” he said.

“So people don’t actually check it.”

May 19, 2013

IP lawyers whine about patents and 3D printing

Filed under: Books, Law, Media, Technology — Tags: , , , , — Nicholas @ 08:52

Cory Doctorow appears to have been plagiarized by real life:

Two minor characters from my novel Makers have apparently come to life and written an article for 3D Printing Industry. These two people are patent lawyers for Finnegan IP law firm, Washington, DC, which I don’t recall making up, but this is definitely a pair of Doctorow villains (though, thankfully, I had the good sense not to give them any lines in the book — they’re far too cliched in their anodyne evil for anyone to really believe in).

These patent lawyers are upset because the evil Makers (capital-M and all!) are working with the Electronic Frontier Foundation to examine bad 3D printing patents submitted to the US Patent and Trademark Office. The problem is that 3D printing is 30 years old, so nearly all the stuff that people want to patent and lock up and charge rent on for the next 20 years has already been invented, and the pesky Makers are insisting on pointing out this inconvenient fact to the USPTO.

This breaks the established order, which is much to be preferred: the UPSTO should grant all the bullshit patents that companies apply for. The big companies can pay firms like Finnegan to file patents on every trivial, stale, ancient idea and then cross-license them to each other, but use them to block disruptive new entrants to the marketplace. The old system also has the desirable feature of arming patent trolls with the same kind of bullshit patents so that they can sue giant companies and disruptive startups alike, and Finnegan can be there to soak up the tens of millions of dollars in legal fees generated by all this activity.

May 18, 2013

US Navy’s UAV conducts touch-and-go landing on carrier deck

Filed under: Military, Technology, USA — Tags: , , — Nicholas @ 08:24

It’s still a work in progress: perfect conditions, no particular weather concerns, totally clear flight deck, but it shows that unmanned aircraft are becoming capable of much more than they’ve done so far:

An X-47B Unmanned Combat Air System (UCAS) demonstrator conducts a touch and go landing on the flight deck of the aircraft carrier USS George H.W. Bush (CVN 77), marking the first time any unmanned aircraft has completed a touch and go landing at sea. George H.W. Bush is conducting training operations in the Atlantic Ocean.

May 16, 2013

Tim Harford on the patent system’s failings

Filed under: Business, Law, Technology — Tags: , , , , — Nicholas @ 08:15

The question seems to be is it totally broken or only partially broken?

According to one well-publicised estimate, there are 250,000 patents relevant to a modern smartphone. Even if the number is one-tenth of that, it suggests an impossible thicket of intellectual property through which a company must hack to bring a cool new product to market.

A key issue is something called the hold-up problem. If a $1bn product depends on 1,000 patents, it is clearly impossible to pay the typical patent holder more than $1m. But any patent-holder could try to extort many times that amount by threatening to block the whole project.

Large firms have responded to this problem by buying or developing large collections of patents. This gives them the ability to launch countersuits, and that threat should make rivals reasonable. But although defensive patenting looks like a pragmatic solution, it has costs and limits. The wave of defensive applications swamps patent offices, which means more poor-quality patents and longer delays.

“Patent trolls” — a derisive name for companies that make money purely from their patents — have less to lose in a patent war but although some are legitimate, others are extortionists. And while established players may reach cosy understandings, a young company with a new idea may find it impossible to break into a market that is thick with defensive patents. If only the big boys can play the patent game, innovation will suffer.

May 15, 2013

US Navy successfully launches UAV from aircraft carrier

Filed under: Military, Technology, USA — Tags: , , — Nicholas @ 00:02

Spencer Ackerman talks about yesterday’s step forward for unmanned aircraft in the US Navy:

ABOARD THE U.S.S. GEORGE H.W. BUSH — At 11:19 a.m. today, for the first time in history, a plane without a pilot in it executed one of the most complex missions in aviation: launching off an aircraft carrier at sea. Only the Navy can’t yet land that drone aboard the U.S.S. George H.W. Bush, an even harder but necessary maneuver if large drones are really going to operate off carriers.

On a crisp, bright and nearly cloudless day, about 100 miles off the Virginia coast, the crew of the Bush and the team behind the highly autonomous X-47B loaded up the deck’s second catapult with the drone and shot it off into the sky above the eastern Atlantic. The drone — which has its own callsign, “Salty Dog 502″ — turned downwind and passed over the ship twice, first from 1000 feet overhead and then from 60 feet overhead, before flying back to dry land in Maryland. The launch went exactly as the Navy hoped.

With that, the era of the drone took a major step toward patrolling the skies above the world’s waterways. It’s something the Navy hopes will have big implications for supplementing manned fighter jets in a carrier air wing, providing both persistent surveillance far out at sea and ultimately firing weapons in highly defended airspace that might mean death for human pilots.

Senior Navy officers openly likened the X-47B’s launch off the Bush to the first-ever launch of a plane off the U.S.S. Birmingham in 1910. “It’s one small step for man,” remarked Rear Adm. Matt Winter, the Navy’s chief program officer for unmanned systems, “and one significant technical step for unmanned-kind.”

« Newer PostsOlder Posts »

Powered by WordPress