Category: Security
Security is immunity from the will of others.
Obama climate interview
Thomas Friedman interviews Obama on climate change, and the president explicitly states that we can’t burn all the world’s remaining fossil fuels and that we should keep to the target of keeping warming below 2˚C.
He also endorses a price on carbon.
This makes it seem that Obama does understand the key dimensions of climate change; he just hasn’t made dealing with it a high enough priority to produce the kind of progress that is necessary for achieving the 2˚C target.
CPSA 2014, day 1
I was just at “Indigenous Peoples and Natural Resource Extraction: Perspectives Across Provinces“, but decided to switch things up a bit with “Remote and Preemptive Warfare“, which is largely about drones.
At 1:30pm, I have “Indigenous Peoples and Natural Resource Extraction: The Political Economy of Extraction, Enterprises and Resistance“.
Ghost in the Wires
A friend of mine recently lent me Kevin Mitnick‘s book Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker. It’s an entertaining story that highlights how the willingness of people to trust and help others who they assume to be co-workers is often the greatest weakness in security systems.
It also highlights some of the characteristics of obsessive behaviour. I had no idea how many separate times Mitnick was caught. It reminded me of Marc Lewis’ Memoirs of an Addicted Brain, in terms of how repeated contact with agents of authority was insufficient to interrupt a longstanding pattern of behaviour.
The book is also a reminder of what seems like a more innocent era of global interconnectivity – when phone phreaks with blue boxes were a cutting-edge threat, and when the FBI would have real trouble tracking you down if you assumed the identity of someone who died in childhood. Now, attacks against computer systems seem associated more with governments themselves than with curious amateurs, and it’s difficult to imagine someone like Mitnick evading the surveillance state for long.
The heartbleed bug is bad news for internet security
Many websites rely on SSL / TLS to encrypt communication: everything from passwords to credit card numbers to emails. OpenSSL is a very widely used implementation of these encryption protocols.
Right now, the internet is abuzz with the news of the ‘hearbleed’ bug. Because of a flaw in OpenSSL, attackers can extract 64 kilobytes of information from a webserver for each ‘heartbeat’. This information can include secret encryption keys, usernames and passwords, and other kinds of sensitive data.
In response, the Canada Revenue Agency has stopped accepting online filing of tax returns. There is a lot of other discussion online: Schneier, XKCD. A tool for testing webservers for the vulnerability is also online.
One take-away from this is that once various web servers are fixed, we will all need to change our passwords.
Pushing back against internet surveillance
An international effort is being made today to fight back against internet surveillance.
If you wish to take part, I suggest doing so by downloading a version of the GNU Privacy Guard for your operating system, in order to encrypt your emails. Gpg4Win is for Windows, while GPGTools is for Mac OS.
Downloading the TOR Browser Bundle is also a good idea.
Lastly, you may want to learn how to use your operating system’s built-in disk encryption: BitLocker for Windows and FileVault for Mac OS.
None of this is likely to protect you from the NSA / CSEC / GCHQ, but it will make ubiquitous surveillance a bit harder to enforce.
Open thread: naval warfare
There have been a number of interesting developments in the area of naval warfare recently: Chinese efforts to develop anti-ship ballistic missiles, American experiments with broad area marine surveillance, China’s declaration of an air defence identification zone, the launching of a Japanese destroyer seemingly designed for possible conversion into an aircraft carrier, the launching of China’s first aircraft carrier, and the development of supercavitating torpedoes, to name a few.
Particularly in Asia, the coming decades seem likely to involve considerable developments in marine military technology and deployments.
Open thread: Bitcoin and similar cryptocurrencies
This article is a good explanation of how the Bitcoin protocol actually works. This one describes some of the problems the Bitcoin system is experiencing.
Odd fact about the yakuza
Yakuza operate much more openly than their counterparts in other countries. Crime syndicates have offices registered with local public-safety commissions. Membership is not in itself a crime. The biggest and richest group, the Yamaguchi-gumi, shelters behind a high-walled compound in a grand neighbourhood of Kobe.
See also: Yakuza
Also: “These lesser [sokaiya] cousins of the yakuza extract tens of millions of yen from companies in return for not disrupting annual meetings”.
War with Syria approaching?
The August 27 – September 6 issue of The Economist includes an article discussing the military options that may be possible in Syria, in response to the alleged use of chemical weapons by the government of Bashar Assad:
As The Economist went to press, it seemed clear how the attack would begin, if not when. Four American Arleigh Burke destroyers stand ready in the eastern Mediterranean, the 1,600km range of their Tomahawk land-attack missiles allowing them to stay well beyond the 300km range of Syria’s Yakhont anti-shipping missiles. There are doubtless American submarines in the area, too, and a British one may be on its way. Christopher Harmer of the Institute for the Study of War, a think-tank, says the destroyers should have about 45 Tomahawks each. Add in the submarines and there are about 200 available to make precision strikes, roughly twice the number used against Libya in 2011.
British and French aircraft flying out of Incirlik in Turkey, which has said it will support such missions, or Akrotiri, the British base in Cyprus, might be used too; this may be the only way for French forces to participate. They would probably also launch cruise missiles, as getting close to targets would mean being in range of the Syrian air-defence system, which is a great deal more capable than was Libya’s. Heavier ordnance, including bombs needed to destroy underground bunkers, could be delivered by stealthy B-2 bombers flying directly from America.
The objective of reinforcing the international norm against the use of chemical weapons does seem to have some validity. The world’s wars – civil and international – are bad enough without the use of such arms. Still, it’s clear that nobody is enthusiastic about the prospect of yet another war in the Middle East, particularly after all the suffering that has taken place in Iraq and Afghanistan with few and precarious results to show for it.
At this stage, most people seem to be expecting a military strike that is focused around cruise missiles. The Syrian regime is doubtless expecting this too, so there will probably be an effort to make it surprising at least in terms of the timing. For the last couple of weeks, I have been nervously checking the Google News front page every few hours.