Serial numbers and used goods

Quad in St. Cross College, Oxford

One of the great things about the internet is the ability to deal with information that is far too diffuse and voluminous to be processed in other ways. Indeed, that is the principal way in which modern computing qualitatively changes that we are able to do, as opposed to altering the rate at which we can complete a particular task.

Given those characteristics, it surprises me that nobody has come up with a site that catalogs serial numbers for all the kinds of products that include them: from bicycles to cameras to mobile phones. Such a site would allow users to enter that information when they purchased a product. It would then be on hand for warranty claims and in the event of loss or theft. People purchasing such items online, or in used good shops, could check the database to ensure that the products they are buying are not listed as stolen. Like eBay, it is much more efficient to have all these numbers sorted in a single place than to have numerous separate databases. The chances of a person trawling through many sites are low, but one well organized one could get masses of traffic. (See: network effect)

You could even imagine a system where online retailers like eBay are integrated with such a site. The listing for a camera would thus include a serial number linked to an entry in the database. If you bought the item, then received one with a different serial number from the one listed, you would be entitled to lodge a complaint and the seller would get flagged as a potential fraudster. I have personally avoided buying photographic equipment from eBay because I fear that a lot of it may be stolen. Having some simple protections like these in place would make me feel a lot better about it.

PS. For an example of an existing but limited serial number listing, see the stolen equipment registry over at Photo.net. It is unlikely that someone buying a cheap digital camera online will look at that (I knew it existed and it took me some searching around to find the URL), but perhaps someone buying an expensive tilt-shift lens for a medium format camera system will.

No Mercator projection

Grabbed from Metafilter, this page of maps distorted to show relative rates of things like military spending is quite interesting. Unsurprisingly, the map of war and death is especially grotesque.

Some higher resolution versions are over at Worldmapper: by total population, landmine casualties, and wealth (per capita).

Looking at these, one is immediately struck by how heterogeneous the world is. Of course, we all knew that before, but seeing the information in a new way can change one’s perception of it quite a bit. While there is the danger of such data being misleading, I would say it counters the greater danger of extrapolating from personal experience. Aggregated statistics, while not perfect, are a lot better than on-the-fly human intuitions, when it comes to assessing massive problems quite beyond the scope of anyone’s personal experience.

Who watch him lest himself should rob / The prison of its prey

In case anyone doubts that the War on Terror creates situations straight out of Kafka, reading this article from The Guardian is in order. Sabbir Ahmed, a British citizen, was held in a detention centre for nearly two months because officials thought he was Pakistani and wanted to deport him there. He couldn’t prove that he was British because his passport was in his London flat and they offered him no other means by which to prove that he was, in fact, born in Blackburn as the son of two other British citizens.

He ought to be receiving some pretty heavy compensation, and high level apologies and/or sackings, for this kind of massive incompetence. Of course, this also speaks of institutional racism. Frances Pilling, chairwoman of the charity Bail for Immigration Detainees, said: “They chose not to pursue any avenue of investigation at all.” If he had been white and named John Brown, they might have accepted that he was from Blackburn after calling the Passport Office, or even some people there who would vouch for him.

It goes to show, yet again, that we have more to fear from government than from terrorists.

Framing, selection, and presentation issues

Harris Manchester College, Oxford

One of the major issues that arises when examining the connections between science and policy are the ways information is framed. You can say that the rate of skin cancer caused by a particular phenomenon has increased from one in ten million cases to one in a million cases. You can say that the rate has increased tenfold, or that it has gone up by 1000%. Finally, you could say that an individual’s chances of getting skin cancer from this source have gone up from one tiny figure to a larger, but still tiny seeming, figure. People seem to perceive the risks involved in each presentation differently, and people pushing for one policy or another can manipulate that. This can be especially true when the situations being described are of not comparably rare: having your chances of being killed through domestic violence reduced 1% is a much greater absolute reduction than having your chances of dying in a terrorist attack reduced by 90%.

Graphing

When talking about presentation of information, graphs are an important case. Normally, they are a great boon to understanding. A row of figures means very little to most people, but a graph provides a wealth of comprehensible information. You can see if there is a trend, what direction it is in, and approximately how strong it is. The right sort of graph, properly presented, can immediately illuminate the meaning of a dataset. Likewise, it can provide a compelling argument: at least, between those who disagree more about what is going on than how it would be appropriate to respond to different situations.

People see patterns intuitively, though sometimes they see order in chaos (the man on the moon, images of the Virgin Mary in cheese sandwiches). Even better, they have an automatic grasp of calculus. People who couldn’t tell you a thing about concavity and the second derivative can immediately see when a slope is upwards and growing ever steeper: likewise, one where something is increasing or decreasing, but at a decreasing rate. They can see what trends will level off, and which ones will explode off the scale. My post on global warming damage curves illustrates this.

Naturally, it is possible to use graphs in a manipulative way. You can tweak the scale, use a broken scale, or use a logarithmic scale without making clear what that means. You can position pie charts so that one part or another is emphasized, as well as abuse colour and three dimensional effects. That said, the advantages of graphs clearly outweigh the risks.

It is interesting to note how central a role one graph seems to have played in the debate about CFCs and ozone: the one of the concentration of chlorine in the stratosphere. Since that is what CFCs break down to produce, and that is what causes the breakdown of ozone, the concentration is clearly important. The graph clearly showing that concentrations would continue to rise, even under the original Montreal Protocol, seems to have had a big impact on the two rounds of further tightening. Perhaps the graph used so prominently in Al Gore in An Inconvenient Truth (the trends on display literally dwarfing him) will eventually have a similar effect.

Stats in recent personal experience

My six-month old Etymotic ER6i headphones are being returned to manufacturer tomorrow, because of the problems with the connector I reported earlier. Really not something you expect for such a premium product, but I suppose there are always going to be some defects that arise in a manufacturing process. Of course, being without good noise isolating headphones for the time it will take them to be shipped to the US, repaired or replaced, and returned means that reading in coffee shops is not a possibility. Their advantage over libraries only exists when you are capable of excluding the great majority of outside noise and of drowning the rest in suitable music.

Speaking of trends, I do wonder why so many of my electronics seem to run into problems. I think this is due to a host of selection effects. I (a) have more electronics than most people (b) use them a great deal (c) know how they are meant to work (d) know what sort of warranties they have and for how long (e) treat them so carefully that manufacturers can never claim they were abused (f) maintain a willingness to return defective products, as many times as is necessary and possible under the warranty. Given all that, it is not surprising that my own experience with electronics failing and being replaced under warranty is a lot greater than what you might estimate the background rate of such activity to be.

Two other considerations are also relevant. It is cheaper for manufacturers to rely upon consumers to test whether a particular item is defective, especially since some consumers will lose the item, abuse it, or simply not bother to return it even if defective. Secondly, it is almost always cheaper to simply replace consumer electronics to fix them, because of the economies of scale involved in either activity. From one perspective, it seems wasteful. From another, it seems the more frugal option. A bit of a paradox, really.

[14 March 2007] My replacement Etymotic headphones arrived today. Reading in coffee shops is possible again, and none too soon.

Making a hash of things

The following is the article I submitted as part of my application for the Richard Casement internship at The Economist. My hope was to demonstrate an ability to deal with a very technical subject in a comprehensible way. This post will be automatically published once the contest has closed in all time zones.

Cryptography
Making a hash of things

Oxford
A contest to replace a workhorse of computer security is announced

While Julius Caesar hoped to prevent the hostile interception of his orders through the use of a simple cipher, modern cryptography has far more applications. One of the key drivers behind that versatility is an important but little-known tool called a hash function. These consist of algorithms that take a particular collection of data and generate a smaller ‘fingerprint’ from it. That can later be used to verify the integrity of the data in question, which could be anything from a password to digital photographs collected at a crime scene. Hash functions are used to protect against accidental changes to data, such as those caused by file corruption, as well as intentional efforts at fraud. Cryptographer and security expert Bruce Schneier calls hash functions “the workhorse of cryptography” and explains that: “Every time you do something with security on the internet, a hash function is involved somewhere.” As techniques for digital manipulation become more accessible and sophisticated, the importance of such verification tools becomes greater. At the same time, the emergence of a significant threat to the most commonly used hashing algorithm in existence has prompted a search for a more secure replacement.

Hash functions modify data in ways subject to two conditions: that it be impossible to work backward from the transformed or ‘hashed’ version to the original, and that multiple originals not produce the same hashed output. As with standard cryptography (in which unencrypted text is passed through an algorithm to generate encrypted text, and vice versa), the standard of ‘impossibility’ is really one of impracticability, given available computing resources and the sensitivity of the data in question. The hashed ‘fingerprint’ can be compared with a file and, if they still correspond, the integrity of the file is affirmed. Also, computer systems that store hashed versions of passwords do not pose the risk of yielding all user passwords in plain text form, if the files containing them are accidentally exposed of maliciously infiltrated. When users enter passwords to be authenticated, they can be hashed and compared with the stored version, without the need to store the unencrypted form. Given the frequency of ‘insider’ attacks within organizations, such precautions benefit both the users and owners of the systems in question.

Given their wide range of uses, the integrity of hash functions has become important for many industries and applications. For instance, they are used to verify the integrity of software security updates distributed automatically over the Internet. If malicious users were able to modify a file in a way that did not change the ‘fingerprint,’ as verified through a common algorithm, it could open the door to various kinds of attack. Alternatively, malicious users who could work backward from hashed data to the original form could compromise systems in other ways. They could, for instance, gain access to the unencrypted form of all the passwords in a large database. Since most people use the same password for several applications, such an attack could lead to further breaches. The SHA-1 algorithm, which has been widely used since 1995, was significantly compromised in February 2005. This was achieved by a team led by Xiaoyun Wang and primarily based at China’s Shandong University. In the past, the team had demonstrated attacks against MD5 and SHA: hash functions prior to SHA-1. Their success has prompted calls for a more durable replacement.

The need for such a replacement has now led the U.S. National Institute of Standards and Technology to initiate a contest to devise a successor. The competition is to begin in the fall of 2008, and continue until 2011. Contests like the one ongoing have a promising history in cryptography. Notably, the Advanced Encryption Standard, which was devised as a more secure replacement to the prior Data Encryption Standard, was decided upon by means of an open competition between fifteen teams of cryptographers between 1997 and 2000. At least some of those disappointed in that contest are now hard at work on what they hope will become one of the standard hash functions of the future.

Separate not a man from his techie tools

I have a request for intelligent people around the world. Can we please agree that tiny little multi-tools like my SOG Crusscut are in no way dangerous weapons? Certainly, they are no more so than all manner of items (from pens to umbrellas) that are legitimately carried into all manner of places.

As one of the items that I carry around virtually everywhere, I am quite reliant upon it: particularly the scissors, screwdriver, bottle opener, and ruler. When I am forced to not carry it, usually because of travel, I frequently find myself frustrated and annoyed. The same should go for the Leatherman Micra and similar tools. Gram for gram, these little things are up there with LED headlamps, in terms of usefulness in varied circumstances.

PS. This minor tirade was prompted by this lengthy article on survival equipment, written by Neil Andrews. Judging by his ‘modules,’ he is the fellow to know in the event of a massive natural disaster or zombie attack.

It comes in threes

Claire Leigh working

The first substantive chapter of the thesis is about problem identification and investigation. This is not being treated as necessarily temporally prior to the next two substantive chapters (consensus formation and remedy design), but the three do seem analytically separable. Throughout the triptych, at least three themes are likely to be ever-present: the moral relevance of uncertainty, the importance of social roles, and the ways in which normative assumptions are embedded and concealed within processes.

The confluence of three other things defines the reasons for which this thesis is a novel contribution: the exploration of those themes, the combination and comparison of the two case studies, and the focus upon the contribution that international relations as a discipline can make to the subject at hand. Having those three overlapping reasons is comforting, because it means I am quite unlikely to be utterly scooped by someone else who is looking at the same problems in similar ways.

Pragmatically, it does seem like the environment is likely to be a growth area in international relations. That said, there are three major possibilities for the future overall:

  1. Climate change proves to be less threatening than the worst case, runaway change scenarios would suggest; other environmental problems prove manageable
  2. Climate change is as bad as some of the most pessimistic assessments claim, but it is uniquely threatening among environmental problems
  3. For whatever reason (population growth, economic growth, technological progress, etc) additional problems of the climate change magnitude will arise

If I had to put my money on one of those options, it would be the second. I can see human behaviour causing all manner of specific problems, both localized or confined to particular species or elements of the environment. It is hard to see another human activity (aside from the danger of nuclear war) that threatens the possibility of human society continuing along a path of technological and economic evolution, during the next three to five hundred years.

‘Able Archer’ and leadership psychology

If you have any interest in nuclear weapons or security and you have never heard of the 1983 NATO exercise called ‘Able Archer’ you should read today’s featured Wikipedia article.

One fascinating thing it demonstrates is the amazing willingness of leaders to assume that their enemies will see actions as benign that, if they had been taken by those same enemies, would be seen as very aggressive. Case in point: the issues America is raising about Iranian intervention in Iraq. If Iran was involved in a major war on America’s doorstep, you can bet that there would be American intervention. This is not to assert any kind of moral equivalency, but simply to state the appallingly obvious.

The environment as a security matter

Of late, it has become somewhat trendy to consider the environment as a ‘security’ issue. The most frequently cited example is the danger of massive refugee slows caused by environmental factors (such as climate change or desertification). Also common are assertions that people will soon begin fighting wars over natural resources. While massive environmental change can obviously spark conflict, I am skeptical about claims that this constitutes a major change in the character of international security.

To me, the first strain of thinking seems a lot more plausible than the second. There are already island nations that need to think seriously about what the 7-23″ rise in sea levels by 2100 projected in the fourth IPCC report will mean for their habitability. Environmental factors like soil quality and rainfall have helped to determine the patterns of human habitation and production for all of history, and it is unsurprising that changes in such things could have serious disruptive effects. Large scale population movements, both within and between states, are concerning because of the level of suffering they generally involve, as well as the possibility that they will have problematic secondary effects such as inducing conflict or spreading infectious disease.

The idea of resource wars is one that I think has been overstated and, to some extent, misunderstood. There are certainly resources that can and have been fought over, and resource issues frequently play a role in establishing the duration and character of conflicts. Armed groups with no economic base cannot long persist in the costly business of war-fighting. That said, the idea that states will go to war over something like water seems, in most cases, implausible. War is an exceptionally costly enterprise – much more so than new purification or desalination facilities. Also, most water problems arise from irrational patterns of usage, often themselves the product of a distorted cost structure. While equity compels that people should be provided with enough water for personal needs as a standard function of government, it simply makes sense that those using it on a very large scale pay for it at a level that accurately reflects the costs of production. If that happened, we would see a lot more drip-feed irrigation and a lot fewer leaky pipes. Some perspective is also in order: producing all of the world’s municipal water through oceanic desalination would cost only 0.5% of global GDP, and there is no reason to think that such a drastic step will ever be necessary.1

I am not saying that resources and conflict are unrelated: I am saying there is no reason to believe hyperbolic claims about the nature of international security being fundamentally altered by resource issues. It is also worth noting that conflicts over resources are often used as justifications to engage in actions that can be more sensibly explained by considering other causes.

Thinking about the environment as a security issue has implications both for prevention and mitigation behaviours. Because politicians and the general public place a special emphasis on matters of security, spinning the environment that way can be a form of rent seeking. Those who see the need to do more as pressing may find that this kind of resource transfer justifies selling the security side of the environment more than they otherwise would. On the mitigation side, it suggests that dealing with environmental problems may require forceful action to prevent or contain conflicts. Given the aforementioned costs of such actions, the case to take preventative action against probable but uncertain threats becomes even stronger.

[1] Shiklomanov, Igor A. “Appraisal and assessment of world water resources.” Water International. 25(1): 11-32. 2000

PS. People interested in the hydrosphere may enjoy reading the accessible and informative chapter on it in John McNeill’s Something New Under the Sun. this report from SOAS on water and the Arab-Israeli Conflict also makes some good points.

More amateur cryptography

One of the oldest problems in cryptography is key management. The simplest kind of cryptographic arrangement is based on a single key used by however many parties both for encryption and decryption. This carries two big risks, however. In the first place, you need a secure mechanism for key distribution. Secondly, it is generally impossible to revoke a key, either for one individual or for everyone. Because of these limitations, public key cryptography (which utilizes key pairs) has proved a more appropriate mechanism in many applications.

Once in a while, now, you read about ‘unbreakable’ cryptography based on quantum mechanics. The quantum phenomena employed are actually used for key generation, not for the actual business of encrypting and decrypting messages. Like the use of a one-time pad, the symmetric keys produced by this system hold out the promise of powerful encryption. Of course, such systems remain vulnerable both to other kinds of cryptographic attacks, particularly the ‘side channel’ attacks that have so often been the basis for successful code-breaking. Recent examples include the cracking of the encryption on DVDs, as well as Blu-Ray and HD-DVDs.

An example of a side-channel attack is trawling through RAM and virtual memory to try and find the password to some encrypted system. When you login to a website using secure socket layering (SSL), the data sent over the network is encrypted. That said, the program with which you access the site may well take the string of text that constitutes your password and then dump it into RAM and/or the swap space on your hard disk somewhere. Skimming through memory for password-like strings is much less resource intensive than simply trying every possible password. Programs like Forensic Toolkit by AccessData make this process easy. People who use the same string in multiple applications (any of which could storing passwords insecurely) are even more vulnerable.

As in a large number of other security related areas, people using Apple computers have a slight advantage. While not on by default. if you go into the security menu in the system preferences, you can turn on “Use secure virtual memory.” This encrypts the contents of your swap space, to help protect against the kind of attack described above.

The real lesson of all of this is that total information security can never be achieved. One just needs to strike a balance between the sensitivity of the data, the probability of it coming under examination, and the level of effort that would be required to overcome whatever security is in place.

PS. My PGP public key is available online, for anyone who wants to send me coded messages. Free copies of the encryption software Pretty Good Privacy (PGP) can also be easily downloaded.