Monday, January 25, 2016

blockchain for gun control

so distributed ledger technology is a new technology that is all the rage in some government circles. while Bitcoin as the exemplar of the use of the technology for an electronic replacement for cash and credit cards, has its detractors (and they are mostly not wrong), the underlying system allows one to track transaction history associated with a physical object  - one of the UK government's use cases in the report linked above, is the idea of being able to avoid buying "blood diamonds".

so how  about we propose using this for arms control (everything from nukes, to hand guns, and ammo) ? there are ways even without putting "smarts" in the gun (ballistics can often match gun/ammo to each other in any case, and one can move to more careful signatures easily)...

then one could start to look at liability. i.e. people that own weappns would have to take responsibility for a change.

Thursday, January 07, 2016

investigatory ploughsharing bill - srambling for safety

for a thorough report on today's scrambling for safety 2016 debate, its hard to beat George Danezis blog - one thing I was going to ask about was the really broken part of the bill, which prevents any discussion between a service provider and the agency that serves a warrant on them for intercepoton (whether a standard surveillance or a bulk one, or interference on a device or a broad spectrum of devices).

I realize that some level of stealth is, by definition, needed during the surveilance - however the world is rapidly evolving, and it is clear that operators and service providers are at the bleading edge and are able to offer (and do, in practice under today's laws in the UK)  on a request  (e.g. no, you don't want that IP address, you want this URL prefix, as that's a load balancer/VM, NATed device that changes etc etc) - in my example question (no., you don't want to run interference on that device as it isn't just a routine users ipad, its their tesla dashboard, and if you weaken the random number generator in the OS on that device, you open it up to hackers who will crash the car), not only is it obvious the security and police agencies don't have expertise yet in the area, we need to have a cooperatively evolveable law - latching the law (the first in 500 years to admit that agencies need these powers, but under legal controls) we need to make sure it isn't the last law made in the area either - just as the "Internet Connection Record" is meaningless in the world today, so the interference model is extremely dangerous in the IoT space, where there are currently more devices that are not end-users comms gadget (==phone/skype) than are - pretty soon, there will be 100s or 1000s of devices - monitoring these is mostly a waste of resources (more haystacks to not find needles in) - interfering with these devices (e.g. pacemakers, car brakes, traffic lights) is incredibly dangerous - [footnote...]

proportionality requires risk assessment - "collateral damage" that is a death because of interference on a device which causes a car crash or a heart failure, is not assessable today. it may be one day, but I posit that it is not an acceptable risk level for gleaning a little bit more sigint, that probably wont be acted on anyhow. Basically, this blows out of the water any fig leaf of proportionality, unless there is a wholly different way to manage (transparently) the codes of practice, in a way that future proofs (actually makes fit for purpose for today's internet) this dodgy draft bill.

footnote - let not forget algorithmic lawyers - when the music biz wanted to chill the p2p file sharing world, they started getting s.w that generated letters to threaten disconnecting users from their ISP - one fabulous case ended up with a tech guy defending himself in court, because the IP address the lawyers s/w detected allegedly uploading music in breach of copyright from. was his HP laster printer. doh. if they can get that wrong, then the spooks software can and will confuse a crims phone with an innocent ("collateral damage") bystander's  auto-defibrillator or internet enabled insulin pump.

Tuesday, January 05, 2016

Will we ever fix that last s/w (h/w) security vulnerability?

A recent talk bu Johanna Rutkowska sparked a discussion about whether the number of vulnerabilities is potentially infinte, or whether the cost and/or value of exploiting and/or fixing them them is slowly increasing (or decreasing) or (thanks to Markus Kuhn and others) it is cyclic, as phases of technological innovation wash up and down the shores of human society....

so my take - we spend ages in the OS community trying (as
per the talk) to nail down the smallest piece of the trusted tiny
center of the kernel (and talk to the hardware people about it very
closely - even modifying their designs), so that the attack surface is
minimized - including, as you say, improved tools and techniques 9type
safe software fuzzers, verifiers etc etc...

then some skunk works thing from the h/w comes along and changes the
whole game (in terms of complexity to start with, but also in terms of
massively opening up the attack space) _ usually its coz of some
geniuine user demand for something faster/cleverer (as per the talk,
add in GPUs, add in smarer NICs with offloading, add in multicore, add
in more instructions for graphics, even for security itself!)

another example of this can be seen on the net  - since well before
current scandels (back in 1990s) we've been trying to batten down the
hatches everywhere  with DNS, BGP and end-to-end crypto (and now
betterer DNSSEC, better certificate ideas, better router-router
systemic ways to prevent problems, better e2e crypto (c.f. tcpcrypt)

and then some bozo comes along and re-jogs the entire mobile phone net
to be IP based (but with lots of little, devilish little changes)

then some mega-bozo comes and puts a rspi in every thing that has a
moving part, and connects that to the interweb (and builds a new stack
with COAP and IPv6 and lowpan/zigbee so we have no idea what new
sneaky things there are in there)...

then some dolt comes and builds million core data centers and modifies
the entire stack and routing system coz it doesn't scale to their we don't know what new corner cases have now appeared on
the masive geodesic (no longer nice shiny smooth, hard  thing)

and we have to start a l l   o v e r   a g a i n

It's like you build defences around your big city with walled gardens
and gated communities, and someone comes and builds a massive shanty
town right outside, a favella, which you need, coz, after all, someone
has to come and clean the floors and make your tea and take out the

Blog Archive

About Me

My photo
misery me, there is a floccipaucinihilipilification (*) of chronsynclastic infundibuli in these parts and I must therefore refer you to frank zappa instead, and go home