Category: Internet matters

Posts about the internet

Common misconceptions

XKCD has some good advice. Everyone should read the article ‘List of common misconceptions‘ on Wikipedia, if only so that they personally can stop spreading them.

There are a few on the list I have been guilty of believing myself at various points. The truth is:

  • There is no evidence that Iron maidens were invented in the Middle Ages or even used for torture.
  • Napoleon Bonaparte was not especially short.
  • A belief that decades/centuries/millennia begin not on the year ending in 0, but rather on the subsequent year ending in 1 (e.g., “The current millennium didn’t really begin on January 1, 2000, but rather on January 1, 2001”) — based on an assumption that there was no year 0 — are founded in an incomplete understanding of historical calculation.
  • Sarah Palin never said “I can see Russia from my house.” Palin actually said “They’re our next-door neighbors, and you can actually see Russia from land here in Alaska, from an island in Alaska.”
  • Some cooks believe that food items cooked with wine or liquor will be non-alcoholic, because alcohol’s low boiling point causes it to evaporate quickly when heated. However, a study found that much of the alcohol remains – 25% after 1 hour of baking or simmering, and 10% after 2 hours.
  • When a meteor lands on Earth (after which it is termed a meteorite), it is not usually hot.
  • Different tastes can be detected on all parts of the tongue by taste buds.
  • Although there are hair care products which are marketed as being able to repair split ends and damaged hair, there is no such cure.
  • Sugar does not cause hyperactivity in children.
  • A person who is drowning does not wave and call for help, as in fictional depictions of drowning.
  • It is not nutritionally necessary to combine multiple sources of vegetable protein in a single meal in order to metabolize a “complete” protein in a vegetarian diet. Unless a person’s diet was heavily dependent on only fruit, only tubers, or only junk food, he or she would be virtually certain of getting enough protein if he or she were eating enough calories.
  • It’s a common myth that an earthworm becomes two worms when cut in half. This is not correct. When an earthworm is bisected, only the front half of the worm (where the mouth is located) can survive, while the other half dies.
  • The flight mechanism and aerodynamics of the bumblebee (as well as other insects) are actually quite well understood, in spite of the urban legend that calculations show that they should not be able to fly.
  • Contrary to the common myth, the Coriolis effect does not determine the direction that water rotates in a bathtub drain or a flushing toilet.
  • It is not true that air takes the same time to travel above and below an aircraft’s wing.
  • Glass is not a high-viscosity liquid at room temperature: it is an amorphous solid, although it does have some chemical properties normally associated with liquids.
  • No scientist ever lost his life because of his scientific views, at least to the knowledge of historians of science.

I have seen many of these repeated in rather reputable sources.

Testing Google’s OCR

Previously, I briefly mentioned the optical character recognition (OCR) technology within Google Docs. I decided to test it in the relatively challenging circumstance of converting photographs of pages from a book into text:

As you can see, the image to text conversion isn’t perfect. Indeed, it doesn’t work terribly well in the conditions to which I subjected it. Substantial strings of text are missing, and there are many errors.

Probably, the system would work better if the pages had been perfectly flat and evenly illuminated, and if my camera had been perfectly parallel to the page.

Ottawa Biking Problems

Ottawa Biking Problems is a website that lets people report dangerous or inconvenient cycling facilities in Ottawa. The site includes a summary of some of the worst problems in town.

All told, this seems like quite a good idea. It allows information to be aggregated in a useful way, which could help the city to fix the most serious problems first.

Some cycling safety issues have been discussed on this site before.

What’s up with dot comments?

Anyone who visits this site frequently will have noticed that there are often recent comments posted under the name ‘.’

The purpose of these is to provide supplemental or follow-up information on a topic already discussed. For instance, if someone comes across an interesting article relating to bank regulation or geoengineering or photographic lenses, they can append it to an existing discussion on that topic. Anybody can post these.

Having a list of related articles below posts serves several purposes: it helps people keep on top of new information on topics of interest, it makes this site a more useful reference for research purposes, and it contributes a diversity of opinion to discussions.

If there is a post or discussion on a topic of interest to you, you can sign up to receive updates by email. Just post a comment and check the ‘Notify me of followup comments via e-mail’ box. You can disable these notifications at any time, if you get sick of them.

Moving from GoDaddy to DreamHost

For the last few years, sindark.com has been hosted with GoDaddy – a firm I chose because they were inexpensive and seemed to have a decent reputation. Since then, I have had a number of problems with them. As a result, I decided not to extend my hosting contract with them, and to shift this site over to DreamHost, another hosting provider.

Non-technical people thinking of moving sites, be warned. It is not a painless process. In my case, it involved an awful lot of messing around in command prompts and hair pulling.

The trickiest thing is moving the MySQL databases that actually store WordPress posts and comments. For databases that are small, you can use a web interface to upload them to DreamHost. For larger databases, you need to export the old MySQL file, download it, upload it to your root folder on DreamHost via FTP, login to their server using ssh, create an empty database using their web interface, and then execute a command like this:

mysql -h mysql.examplesite.com -u exampleusername -pexamplepassword newdatabasename < olddatabasefile.sql

While I am sure that is all no big deal for some savvier tech types out there, the whole process was frustrating and a bit scary for me.

Please let me know if you are encountering any problems with the new setup. I know that – for some mysterious reason – photos of the day won’t load in Opera Mobile.

The first rule of the internet

Against a sophisticated attacker, nothing connected to the internet is secure. Not your GMail account, not your Facebook account, not your website, not your home computer (especially if you are using WiFi), not industrial facilities, not governments.

While this may not absolutely always hold, I am increasingly convinced that the right way to treat the internet is to act as if this is so. If there is some information you absolutely want to keep private, keep it in a form that is not linked to the internet. Dig out an old computer for non-networked use or, better yet, use paper. Accept that anything you put online, even in a private email, could end up on display to the entire world.

People can certainly do a lot to protect themselves from what are essentially untargeted attacks. The people who run botnets just need control of random computers, and their attack methods are good enough to breach security on your average system. If security in yours is significantly better than average, you are probably at little risk from such annoyances. Everything changes, however, when the attacker has resources and expertise at their disposal, and they have you for a specific target. Organizations like governments, corporations, and organized crime groups have these resources, and attack techniques are always spreading to less sophisticated operators. As they say at the NSA, “Attacks always get better; they never get worse.”

Similarly, it is safest to assume that there is no mechanism that you can use to secure a non-networked computer from a sophisticated attacker. You can use encryption, but chances are they will be able to pull the passphrase from somewhere or find some workaround. If that passphrase is short, it can be defeated using brute force dictionary attacks. If it is stored anywhere on your computer, phone, or the internet, it can be found.

If you want secure encryption, use something like random.org to generate a random alphanumeric string with as many bits of data as the encryption you are using (there is little point in using 256-bit AES with a weak key like ‘AnteLope2841’. You need a key like:

xxDTAJjghYCb7YFm8zcV6YYhmgmvmNxE.

Once you have a strong key, write it down on paper, keep it locked up, and never use it for anything other than decrypting that one file.

GCHQ: The Uncensored Story of Britain’s Most Secret Intelligence Agency

Richard Aldrich’s excellent GCHQ: The Uncensored Story of Britain’s Most Secret Intelligence Agency contributes significantly to the public understanding of the role secret intelligence agencies have played in world affairs and the domestic politics of Britain and elsewhere. From the codebreaking of the second world war to the frightening mass surveillance and data mining of the modern era, Aldrich provides a consistently interesting and informative account. Technical details on signals intelligence (SIGINT) techniques are relatively few, but the book contains a lot of new and interesting information running quite close to the present day.

GCHQ’s history

The Government Communication Headquarters (GCHQ) is Britain’s version of America’s National Security Agency (NSA) or Canada’s Communication Security Establishment (CSE). They are primarily the governments interceptors and decrypters of communications: from the telemetry data from the missile tests of foreign powers to (increasingly) the electronic records tracking the communication and behaviour of all ordinary citizens. Aldrich covers the history of GCHQ from the second world war virtually up to the present day: with long sections on the U.S.-U.K. intelligence alliance; the Cold War; progressing intelligence technologies; overseas listening stations and decolonization; terrorism; secrecy, the media, and oversight by politicians and the public; the post-Cold War era; and the modern day.

Aldrich describes an extraordinary number of cases of allies spying on one another: from the United States and United Kingdom during the interwar and WWII periods to India bugging Tony Blair’s hotel room during a Prime Ministerial visit to the considerable espionage conducted by the U.S. and U.K. against the United Nations Security Council and Secretariat in the lead-up to the 2003 Iraq War. It is safe to assume that everybody is spying on everybody all the time. Indeed, in the later chapters, GCHQ describes how private organizations and organized crime groups are increasingly getting into the game. For instance, he alleges that British banks have paid out billions of Pounds to hackers who have gotten into their systems and blackmailed them.

GCHQ also documents the collusion between private companies and espionage organizations, going back at least to the telegraph and earliest submarine cables. Right from the beginning, the owners and operators of these communication links secretly passed along data to intelligence organizations, which was used for purposes of diplomatic and military espionage, as well as to gain economic advantage through industrial espionage. Aldrich also describes how private companies have been made to build back doors into their products so that organizations like GCHQ and the NSA can crack the communications of people using them. This applied to manufacturers of cryptographic equipment in neutral countries like Switzerland during the Cold War.

Aldrich also argues that the Data Encryption Standard (DES) was intentionally weakened to allow NSA snooping, though I have read elsewhere that the NSA actually used its expertise to strengthen the algorithm. Aldrich does a good job of describing one deep tension in the current mandate of GCHQ: on one hand, it is increasingly encouraged to help private British companies like banks secure their computer and communication systems. At the same time, it tries to preserve back doors and insecure communication methods in products used by others, so as not to undermine its own espionage mandate. Similarly, Aldrich talks on a number of occasions about the tension between using intelligence information and protecting the sources and methods used to acquire it. While it may be especially damning to condemn the dubious actions of a foreign power using their own intercepted and decrypted communication, doing so inevitably informs them that you are reading their traffic. Something similar is true when it comes to using surreptitiously acquired information to prosecute criminal trials.

GCHQ contains lots of information on the spotty record of the world’s intelligence services, when it comes to predicting major events. He describes many situations where policy-makers were caught by surprise, because their spy services didn’t pass along warning. These include the Yom Kippur War, the overthrow of the Shah of Iran, the Soviet invasion of Czechoslovakia, the fall of the Berlin Wall, and others. Aldrich also describes the Iraq-WMD fiasco, what it shows about the analysis of intelligence services, and what some of its broader political ramifications were.

At many points, Aldrich identifies how GCHQ and the NSA are by far the most costly intelligence services of the U.K. and U.S. respectively. The NSA dwarfs the CIA, just as GCHQ dwarfs MI5 and MI6 in staffing and resources. This is reflective of the special importance placed on intercepted communications by policy-makers. It is arguably also demonstrative of how GCHQ has been able to use the deep secrecy of its work to evade government scrutiny and secure considerable material support.

GCHQ’s present

The last section of Aldrich’s book is positively frightening. He describes how the fear of terrorism has driven a massive increase in technical surveillance – certainly within the U.K. but very likely elsewhere as well. He describes how a 2006 European law requires telephone and internet companies to retain comprehensive records of the communications of their customers for ten years, and how the government is planning to store their own copy of the information for data mining purposes. Aldrich explains:

The answer [to why the government wants its own copy of the data] is ‘data mining’, the use of computers to comb through unimaginable amounts of information looking for patterns and statistical relationships. This practice now constitutes the most insidious threat to personal liberty. What makes surveillance different in the age of ubiquitous computer and the mobile phone is that our data is never thrown away. Machines routinely store millions of details about our everyday lives, and at some point in the future it will be possible to bring these all together and search them.

Aldrich quotes a disturbing warning from the retiring Director of Public Prosecutions, Sir Ken Macdonald GC. Macdonald warns that powers are being irreversibly granted to the state, and that “we may end up living with something we can’t bear.”

Personally, I think all this is much more dangerous than terrorism. If the choice is between tolerating a few terrorist attacks per year and building up a gigantic secret alliance between government and private companies, designed to track all the details of the lives of individuals, I would prefer the terrorism. After all, terrorist groups are weak outlaw organizations with limited resources. The state, by contrast, is massive, potent, permanent, and not always subject to effective oversight. Our fear of a few bands of fanatics (collectively far less dangerous than smoking or car crashes) is driving us into giving the state unparalleled ability to monitor everybody.

The book is similar in purpose to Matthew Aid’s The Secret Sentry: The Untold History of the National Security Agency, though I think Aldrich’s book is significantly better. I recommend the entire book to history buffs and those with an interest in intelligence or the Anglo-American alliance. The last section – on the growing power of the state in response to terrorism – I recommend to everybody.

Essential Mac apps

One thing doing a clean install of your operating system does is remind you of which bits of software are most essential – the ones you can’t go long without missing.

Here’s the order in which I re-populated my Mac’s application folder:

  1. Starcraft II – the game that prompted the whole process
  2. iPhoto – for storage of digital ‘negatives’
  3. Quicksilver – application launcher and superior alternative to Spotlight
  4. TextMate – excellent text editor and coding tool
  5. Firefox – better than Safari, especially with AdBlock
  6. Skype – to keep in touch with phoneless friends

I will make note of when I install other vital apps, like Fetch (FTP program) and the indispensable Photoshop.

One distinctly nice thing about Mac OS is that, because I used Time Machine to backup and restore my user profiles, all my application preferences were preserved.

Instant message only passwords

Most email providers now provide instant message (IM) functionality as well. GMail has GTalk, Microsoft’s Hotmail has MSN Messenger, and so forth.

GMail accounts, in particular, are likely to contain large amounts of sensitive information. As such, it is worrisome to turn over one’s email address and password to something like a mobile phone app, so as to be able to use GTalk on the move.

I was reminded of this recently when I tried to login to Facebook Chat via Nimbuzz, an IM app for Nokia’s Symbian OS. When I tried to set up my Facebook account, Facebook warned me of how Nimbuzz would be able to access a huge heap of information about me and all of my friends. I don’t know anything about the company that makes this software: how good their security practices are, whose legal jurisdiction they fall under, how many voyeuristic employees have access to their login credential database, etc.

To reduce the level of risk associated with IM clients, I suggest that companies like Google allow users to set two passwords: one that allows access to their whole account, and another that only allows you to log into it for purposes of instant messaging. That way, if the makers of an IM client turn out to be evil or incompetent, the scope of the damage is constrained.