More Accidental Haiku from CNN.com
I've set up an Evernote public notebook of more "haiku" from the World's Best Accidental Poetry Team(tm) at CNN.com.
I used to think that I don't appreciate poetry. Now I realize that it's only intentional poetry that puts me to sleep.
May 7, 2008 | Permalink | Comments (3) | TrackBack
That's beautiful, man
The top right corner of CNN.com right now has three short videos:
U.S. economy hitting Mexicans
Colossal squid has giant eyes
Paula Abdul gets confused
Best. Haiku. Ever.
Ok, it's a Fauxku.
May 1, 2008 | Permalink | Comments (0) | TrackBack
Computer Talk with Dave Mason
I'll be Dr.Dave's guest on the radio and the interwebs in about ten minutes, leaking top secret details about the next major release of EverNote.
[Update: That was fun. Dr. Dave and "Evil" Steve had some very kind things to say and I hope I didn't scare away too many people. You can listen to the audio here. I'm on hour 2, segment 7 and segment 8.
If I sound muffled it's because I'm crouching on my stairs, trying to shield the phone from a horde (pinch? mass? lard?) of shrieking Rachel Ray fans right outside my window. I think she's signing her new book, "Cook 30-Minute Meals With No Talent, Taste or Flair" Was that bitter?]
December 15, 2007 | Permalink | Comments (0) | TrackBack
Your Brain is Bigger Than Your Head
There's been a lot of changes in my life these past few months. Let's dive right in:
I stepped down from my day-to-day responsibilities at CoreStreet. After much soul-searching I decided that, while government-focused security and identity programs have their certain charms, I wanted to do something more mass-market focused. I'm still on the board of CoreStreet and involved as an advisor and general curmudgeon. CoreStreet was an awesome experience and I'm proud of the work we did. The company is in great hands now and I expect big things from it in the future. More on this later.
After nineteen years in Boston, I moved to California. One more year and I would have been officially "from" New England, so it was now or never. We're now living in San Jose in a giant outdoor mall. It's weird, but good. But weird. More on this later.
I became the CEO of EverNote. We make software that's going to let several zillion users capture, recall and share all their memories; basically a high-tech "external brain" that frees your normal brain up to do more interesting things.
There's a nice meme around this developing in the media in recent weeks. Clive Thompson wrote a good feature in last month's Wired and David Brooks picked up the theme in the New York Times a few days ago. Just this morning, Chris Morrison wrote about the "outside brain" in a nice VentureBeat article about us. EverNote is a great company that's been around for a few years and I'm thrilled to be on board for all the big changes coming in the next few months. Much more on this later.
October 29, 2007 | Permalink | Comments (2) | TrackBack
Worst description of Apple TV ever
I snapped this picture from my TV screen on a recent JetBlue flight. Truly, The New York Times is a master of all new media.
Changing the quote thusly might make it more true, although no more informative:
"David Pogue reviews Apple TV, which cannot connect your computer to your TV and which includes several wires."
August 29, 2007 | Permalink | Comments (2) | TrackBack
I mumble about Real ID
Jon Udell has posted a podcast interview with me about Real ID. We've both written briefly about it recently. I just listened to the podcast again and must say that Jon is really good at asking the right questions. His questions in the interview are a lot better than my answers.
Plus I don't really sound like that in real life. How do radio people ever get used to hearing their own voice?
April 2, 2007 | Permalink | Comments (2)
Make it, so?
Geech continues to speak truth to power with this trenchant denunciation of Make magazine. I agree, Make jumped the shark, whittled with found dental tools out of homemade soap, about six months ago. And by "shark" I mean "bong".
I propose we start a magazine called Break, dedicated to running well produced photo essays of Make stuff being systematically reverted to their constituent elements.
February 28, 2007 | Permalink | Comments (0) | TrackBack
A Plan for Rescuing Star Wars
I always knew that George Lucas harbors a burning hatred for all things that once made Star Wars great. It's still common for arguments to break out at the office over whether Episode 1 or Episode 2 was the most egregious offender ("Remember JarJar!", "Remember Baby Fett!"), but all true geeks agree that watching the latest trilogy was like having garbage dumped onto your most cherished childhood memories. Now there's proof that this was literally the intended effect. Witness this officially licensed R2-D2 trash can on sale from ThinkGeek:
So it was really no great loss when Lucas announced that, although there were always supposed to be nine movies in the series, the anticipated final trilogy was never going to be made. Better to have Star Wars be 3/6 good than 6/9 crap. Ok, maybe it was only ever 2.5/6 good as there are some doubts about Jedi. Still, what if the final trilogy could be made well? What if it could be so good as to redeem the whole series?? Here's my plan:
1. Give Peter Jackson a billion dollars and send him New Zealand for three years to shoot the new trilogy all at once, ala Lord of the Rings.
2. Do NOT, for the love of god, let George Lucas know that this is going on.
3. Only after the new trilogy is completely finished, approach Lucas and see if you can negotiate the Stars Wars license. If he says "yes", you've just saved Star Wars! If he says "no", just re-render the CG with different looking alien models and you've got the world's best sci-fi movie trilogy anyway.
I think this could work, but George must never, ever, know.
Hmm, actually that trash can is kindda neat. Awww, man, they're sold out.
February 22, 2007 | Permalink | Comments (0) | TrackBack
The Pros and Cons of Biometrics
I wrote this simple article for a new publication - the ASSA ABLOY Future Lab - about biometrics. If you want to read it for some reason, please do so.
November 9, 2005 | Permalink | Comments (1)
It beats working
Jeneane Sessum has written a great article for PR Blog Week 2.0 called, "Adding Your Voice to the Conversation. Why CEOs Should Blog." It makes me out to be much smarter than I really am! What fun.
September 20, 2005 | Permalink | Comments (0)
Grisly advertising
I was all in favor of the media's right to photograph and publish pictures of dead bodies in the wake of Hurricane Katrina, but then I found a page at the LA Times website that has some pretty bad ad targeting. The page had a photo of a corpse floating next to a house, and the animated ad right underneath showed a close-up of a Cheerio floating in milk with the caption, "Think of it as your life preserver." Before I could fully process what was happening, I clicked reload and got the same photo with an ad for "Corpse Bride: Rising to the Occasion".
Ok, that's just wrong.
I reloaded a few more times, took some screenshots and posted them here. The original LA Times page is here, but it may be down by the time you get to it.
I still believe in the media's right (perhaps even obligation) to publish these kinds of photos, but they need to take serious responsibility for how such content is going to be presented. A few companies ago, I worked as an engineer on the first-ever online ad system, and we spent quite a long time thinking about how to prevent exactly this kind of offensive targeting. There are many approaches, but the best one by far is the one we recommended to our first online newspaper client in 1996: when you publish particularly disturbing stories or photographs, turn off all advertising on those pages. The people in the photos, your readers and your advertisers deserve better.
September 18, 2005 | Permalink | Comments (1)
I've been podcasted
I've never listened to a
podcast before; I'm too old, and back in my day we just called them mp3
files. Until today!
InfoWorld's Jon Udell has just podcast (is
this the right tense?) an interview with me talking about the convergence of
physical and IT security. Forty minutes of hard-rockin' talk on FIPS-201
standards is exactly what all the cool kids will be jamming to while waiting
for the, um, ski lift.
Sorry, the air
conditioning in our building is down today. I'm going to have words with my landlord about the convergence of sweaty
programmers and the withholding of the rent.
July 20, 2005 | Permalink | Comments (0)
Metal detectors at subway stations are probably a bad idea
I just saw a CNN poll which shows that 60-something percent of Americans are in favor of installing metal detectors at subway stations. This is probably a bad idea for at least three reasons:
1. Metal detectors do not pick up explosives and would not prevent bomb attacks such as those that took place in London this morning or in Madrid last year. You need explosives detectors for that. Trained dogs can do a decent job at this, but electronic explosive detectors are currently far too expensive to install most subway entrances.
2. Metal detectors would cause bottlenecks of people lined up to go through them. Such predictable concentrations of crowds in environments poorly designed to accommodate them are attractive terrorist targets in their own right.
3. Setting up visible but mostly ineffectual security devices such as metal detectors may both desensitize and frustrate regular commuters. This could reduce situational awareness and make people less likely to cooperate with other, more meaningful, security measures in the future.
We should remember that
metal detectors were originally installed at airports to prevent hijackings, not
bombings. There is relatively little danger of someone hijacking a
train.
I'm hoping that we'll see a dramatic reduction in both the cost and operating time of electronic explosives detectors over the next few years. That's a technology that could actually make a difference. For now, investment in terrorist response capabilities are just as important as investment in terrorist prevention capabilities. In the case of mass transit, perhaps even more important.
July 8, 2005 | Permalink | Comments (2)
EPIC responds
Bruce Schneier, writing on behalf of the Electronic Privacy Information Center, has put out a well-written refutation of my recent criticisms of EPIC's report on the DHS smart card program. (Links to EPIC's report, my original blog entry, the much-shortened C|net article and EPIC's response).
I'll post a more thorough response when I have a bit of time, but here's where I'm leaning:
1. I'll mostly concede the "ISO/14443 is RFID" point. ISO/14443 clearly is "RFID" in the broad sense of the word, but much scare-hay has been made by applying non-ISO/14443 aspects of RFID to discussions about smart cards. There's more to talk about here, but I was wrong and apologize for it. The word "RFID" has taken on many meanings and I should have been more precise. As I said in the original article, the only real answer is to move to strong, active cryptography on RFID cards which (among other benefits) would make it virtually impossible to an unauthorized third-party to snoop a conversation.
2. I'm glad that EPIC admits their mistake on calling the DAC cards "Bluetooth". However, I'm very puzzled by this "Bluetooth-enabled card holder" business. If, as Bruce suggests, it's a way to rebroadcast card data over Bluetooth... that's just strange. Not necessarily bad, but strange. Ok, probably bad. Maybe he means Bluetooth card readers. That would make a bit more sense. I've never heard any talk at DHS about these things, so I'm going to do a bit more research before commenting further. Still, the cards themselves have nothing to do with Bluetooth and the card program should not be unjustly criticized because some hypothetical peripherals that use the card might be poorly thought out. There will eventually be thousands of hardware and software products that work with government smart cards. Some of them are bound to be dumb. I could make a machine that sucks in your dollar bill and then punches you in the stomach, but my talking about such a machine should not subject the entire system of U.S. Currency to ridicule. Come to think of it, the Vend-o-Punch™ might not be such a bad idea.
3. I do not agree at all with EPIC's response on the biometrics points. There's still a lot of confusion over the issues. More on this later.
4. We've met about half-way on the PIN discussion. A global and mandatory-override short (4 or 6 number) PIN is probably a bad idea, although not for the reasons stated in the original report. I think the DAC use of PINs is mostly fine.
5. The disclaimer about my indirect involvement with DHS appears on my blog but not on the C|net article because the editors at C|Net asked me to cut the originally submitted 1,700 words down to 700. The blog is linked to from the article.
As an aside, Bruce Schneier is a demigod of sorts in the security industry. His Crypto-Gram newsletter has been worth reading for a long time now. I'm glad to see him engaged in this discussion.
May 30, 2005 | Permalink | Comments (4)
You gotta start small
Breaking news from the Associated Press. Probably fixed by the time you get there.
May 27, 2005 | Permalink | Comments (2)
I don't write my own headlines on News.com
A few weeks back, C|Net's News.com asked me to shorten my previous post about the faulty EPIC report for publication on their site. I pretty much rewrote it from scratch to condense the same points into 700 words. They published it yesterday in the "Perspectives" section. There are already some great, substantive comments at the bottom of the story. My flippant answers are forthcoming in place.
The photo at the head of the story is kind of creeping me out. I must have been thinking of pie when it was taken.
May 18, 2005 | Permalink | Comments (2)
New York Times gets it at least two-thirds wrong
Yesterday, the New York Times online featured a brief video clip called Business Travel Minute: More Checkpoint Follies. Video links on nytimes.com are kind of screwy and the whole thing will probably disappear in a few days, but as of this writing, you could still watch the video at the link above.) The piece is in the currently popular "airport security is absurd" genre and features three examples of alleged TSA bone-headedness. Smug tittering aside, at least two of the ridiculed examples are perfectly understandable.
The first case is a toss-up:
An on-duty FBI agent was cleared to board a plane with a loaded gun, but her nail file was confiscated.
Ok, the end-result here is absurd, but I do not find serious fault with the process. How much leeway should gate inspectors be given to interpret the rule, "do not allow sharp metal things on board"? Perhaps the law can be changed to give authorized airplane gun-carriers the additional authorization to carry knives (or be immune from the screening process in general), but unless that happens TSA inspectors should not be blamed for enforcing the rules.
Examples two and three are completely appropriate airport security behavior (at least as briefly stated by the NYT, there may have been other circumstances).
A woman holding an infant was ordered to remove her shirt. When she refused, she was led away for a private inspection - and yes - the infant also got the full pat down.
Ho ho ho. Wait, patting down an infant makes sense because, um, you can hide things on an infant.
An investment executive who's a retired navy man got so fed up with being treated like a suspect that he showed up at the airport in a tank top with all his military medals pinned on it. Yes he had to remove the medals.
What were they supposed to say? "Go right ahead and set off the metal detector sir. We trust that you don't have anything else in your pockets." Come to think of it, a case could be made that any upset man who shows up at an airport wearing a tank top pinned through with dozens of medals (for proud service to the USA and/or eBay) should probably not be allowed to board at all.
There's no shortage of legitimate ridicule of US airport security (see my own attempts here, here and here), but this snickering from the New York Times is just dumb.
(Thanks to Dave Engberg for the link.)
May 4, 2005 | Permalink | Comments (14) | TrackBack
EPIC report is not so good
A couple of days ago, the Electronic Privacy Information Center (EPIC) issued a scathing analysis of the Department of Homeland Security's upcoming smart card program. Our country (indeed, much of the world) is currently struggling with the concepts of secure identity documents, and watchdog organizations such as the EFF, the ACLU and EPIC play a vital role shaping the debate. I am completely in favor of holding every government security program to unyielding standards of efficiency, effectiveness and privacy (see here and here, especially in the comments). Unfortunately, this particular report is muddled in many places and simply wrong in others.
Full disclosure: although I am not directly involved in the DHS card program, DHS is a customer of ours and we are working on several products that will make use of the card. In other words, I may be biased but I kind of know what I'm talking about.
Even the first sentence of the report is inauspicious for a security document:
President Bush's proposed $2.57 trillion federal budget for Fiscal Year 2006 greatly increases the amount of money spent on surveillance technology and programs while cutting about 150 programs—most of them from the Department of Education.
Why is the source of the funding relevant to the security analysis of the program? Would the technology be better if it were funded by, say, increased taxes on oil company profits?
EPIC quickly launched into the heart of their grievances:
The Department of Homeland Security Access Card (DAC) has vulnerabilities associated with its use of radio frequency identification (RFID) and Bluetooth technologies, biometric identifiers and PIN backup system. But there are also risks that come from the DAC's "mission creep"; the Department also wants the card to be used as a payment device for everyday items.
This is a good executive summary - five specific identified problems. Unfortunately the analysis of each one is pretty weak. I'm going to leave the "mission creep" stuff aside because there are legitimate policy and design questions there that have nothing to do with technology. The other four claims are fair game. Let's look at them in order:
"RFID"
Here's an easy defense against the RFID claim: The DAC does not use RFID. The DAC uses a standard called ISO/14443 for contactless (wireless) communication between the card and a reader. RFID is designed for tracking physical items. It has a long read range (about four feet) and is not encrypted. ISO/14443 is designed to identify people. It has a much shorter read range (about 5 inches) and weak encryption. The two standards are very different but they're frequently confused even by allegedly authoritative speakers. I don't get too worked up about this mistake because even though it's much harder to snoop ISO/14443 than RFID, the vulnerabilities are of the same type. Still, it doesn't help EPIC's credibility to conflate the two standards, especially since exactly this mistake was the center of much teeth-gnashing last month. The real answer is to eventually move to contactless cards with strong cryptography. Such cards are currently available but are not yet in common use.
Bluetooth??
The vulnerabilities of Bluetooth technology have also been well documented. Bluetooth technology enables wireless communication among electronic devices in close proximity. For example, a Bluetooth-enabled computer could work with a wireless keyboard or mouse. In August, security flaws in Bluetooth-enabled mobile phones allowed criminals to access the information in the phones including contact information and text messages.
This would be damming stuff, if it wasn't crazytalk. The DHS card has nothing to do with Bluetooth. Unlike the "RFID" claim in the paragraph above, there isn't even anything close to Bluetooth that the DAC uses. Nothing. No Bluetooth. Nuh-uh. Bluetooth has nothing to do with identity cards. I don't even think you could put Bluetooth onto a card if you tried; I believe (though I could be wrong) that Bluetooth requires an active power source and contactless cards are all passive. I have no idea what EPIC is talking about, other than maybe DHS said that they would test Bluetooth as a way to hook up computers to phones or something. Also, all the "Bluetooth flaws" that are so breathlessly reported in the EPIC report aren't really flaws with Bluetooth at all, but with specific phones and devices that happen to use Bluetooth. This is an important distinction but I don't want to dwell on it here because THE DHS CARDS DO NOT USE BLUETOOTH.
Biometrics
The DAC identifies the cardholder and her level of access through the use of a biometric identifier—a fingerprint. A recent report by National Institute of Standards and Technology (NIST) showed that one-fingerprint identification systems had an accuracy rate of 98.6 percent, while the accuracy rate rose to 99.6 when two fingerprints were used and 99.9 when four, eight and ten fingerprints were used.
This makes it sound like unauthorized individuals will be getting in all the time while legitimate users will often be locked out of their doors and computers! Fortunately, it doesn't work like that. The accuracy of most biometrics systems can be tuned by balancing two competing types of errors: false positives and false negatives. A false positive error occurs when a bad guy's fingerprint gets mistakenly matched for a good guy's fingerprint. A false negative error occurs when a good guy's fingerprint doesn't get recognized at all. Since fingerprint scanning produces slightly different results each time, the system must be configured with a certain tolerance level. If the tolerance level is very loose, you can virtually eliminate false negatives at the cost of greatly increasing false positives. The system basically says, "Meh, it looks kindda like a fingerprint - go on in." If the tolerance level is very strict, you get the opposite effect: "Your fingerprint is off by 0.00001 millimeters - no access for you!"
The accuracy rate is also heavily influenced by how many possible fingerprint matches the system has to consider. If the system has to match your scan against a large database of enrolled fingerprints (called a "one-to-many" match), it's far more likely to come up with a false positive ("hmmm, it kindda looks like user #7654231") and somewhat more likely to come up with a false negative ("it could be this guy or that guy, I better just punt"). The DHS card avoids this problem by matching your fingerprint against only one possible user - the user stored in the card - so the chances of a false positive are very low because someone trying to trick the system can't just match *anyone's* fingerprint, they have to match *your* fingerprint. Also, the match tolerance can be set very high thereby further reducing the chances of a false positive but increasing the chances of a false negative.
So you can virtually eliminate the false positives (and therefore security risks associated with biometric access), but doesn't the relatively high false negative rate still mean that legitimate users will be locked out? Not really. If you get a false negative, you just have to scan your finger a second time. Let's say it takes you 2 seconds to scan your finger and the false negative error rate is 5%. Most of the time (95%) you'll get access in two seconds. Most of the rest of the time (4.75%) you'll get in with two swipes and four seconds. Every 400 tries or so, you'll have to wait six seconds. If you stay at your job for 20 years, you might have a chance of waiting eight seconds for access once. I use a biometric reader to log onto my laptop and (once I figured out how to hold my finger) it takes me about two seconds to get a good match.
EPIC then proceed to quote out-of-context one of their own (earlier, better) reports:
Once a biometric identifier has been compromised, there can be severe consequences for the individual whose identity has been affected. It is possible to replace a credit card or Social Security numbers, but how does one replace a fingerprint, voiceprint, or retina scan?
Err. That's exactly why you need to link the biometric identifier to a card - just like DHS is doing. You can't revoke a fingerprint, but you can revoke a card. The fingerprint itself doesn't do you any good and, if you lose your card, you can always re-scan your finger and associate it with the replacement card. The criticism quoted above is perfectly legitimate when levied against ill-conceived attempts to use biometrics as identifiers by themselves, but is ironically inappropriate in discussing the DHS program.
PIN
The Department has a backup system built into the card—if the fingerprint identification fails, then the employee can gain access by using a 6- to 8- digit PIN. By allowing alternate access through the PIN, Homeland Security creates all of the vulnerabilities associated with allowing complete access to secure areas and information through one password.
The PIN is not inherently a way to bypass the biometrics, it's just another factor of authentication. The DHS card provides applications with three factors to choose from: physical possession of the card (which is always required), fingerprint biometrics and a PIN. Each door lock or computer program that uses the card can determine to use one, two or all three of these factors depending on the level of authentication security required. For example, getting into the front door of a busy, low-security area may require only the physical possession of the card. Logging into a computer may require the card and either the biometric or the PIN. Accessing a very high-security file may require all three. Giving applications designers more options does not reduce security. Of course, some designers may make dumb choices about authentication, but that's not the fault of the card program. Also, keep in mind that the lambasted "card and second factor" system is much better in almost every security and convenience regard than the "password only" systems it's designed to replace.
Wrapping it up
In the fall, hundreds of thousands of personnel will have access cards equipped with personal information, biometric and wireless technologies, and the security risks associated with their use.
Exactly. That's why we need coherent debate to distill some clarity about the risks and rewards. This EPIC report - by combining one part gross technology misidentification (RFID), one part random gibberish (Bluetooth), two parts common misunderstanding (biometric accuracy and PINs) and stewing in politics thinly-disguised as security analysis - just makes mud.
April 11, 2005 | Permalink | Comments (3)
Surprising Conclusion
From a November 14th Article in the New York Times entitled "The Dangers of Vitamin E":
The researchers concluded that daily doses of 400 international units and above, the amount typically contained in vitamin E capsules, slightly increased the risk of dying from all causes.
Shark Attack?
Thanks to Andrew Sinkov for the link and the joke.
November 15, 2004 | Permalink | Comments (3)
Election day
The top headline on every single major US news site right now is something to the effect of, "LONG LINES AT THE POLLS - Voters Wait for Hours to Cast Ballots". Reading the stories, I half-expected to see a callout quote such as:
"It wasn't worth it", said a thirsty and dispirited voter.
Nice job, mainstream media. Way to keep people at home. For what it's worth, my wait to vote was exactly 45 seconds.
November 2, 2004 | Permalink | Comments (4)
A suggestion for either candidate
There’s one presidential debate left, but the space I’ve set aside in my head for repetitive bumperstickerism is all filled up and no more spin will fit through my ears. I’d like to see something new. Therefore, even though I’ve otherwise made up my mind, I promise to vote for whichever candidate looks directly into the camera and, punctuated by the loose-fist-with-semi-extended-thumb gesture, delivers the following closing statement:
My fellow Americans,
I like pie.
I like cherry pie.
I like apple pie.
I even like...
Strawberry-rhubarb pie.But my fellow Americans,
Let me tell you:Shepard’s pie.
Is. Not. A. Pie.Thank you and god bless.
I’ve timed myself doing this speech, and it can be forcefully delivered in thirty-seven seconds. A strong appeal to deep-rooted values and no worries about the two-minute blinkenlights; how could you go wrong?
October 9, 2004 | Permalink | Comments (5)
One of these is not like the other
What do Robert Scoble, yogurt and I have in common? It’s not our creamy centers; we’re the unlikely subjects of a recent article on corporate blogging at Portals Magazine.
[Update: so many jokes; so many lawyers.]
September 30, 2004 | Permalink | Comments (1)
Foo Camp roundup
I got back from O’Reilly’s Foo Camp a few of days ago. It was… what’s the expression the kids used to say…Insanely Great. There were lots of impressive people and keen sessions. Among other things, we figured out how to do electronic voting exactly right. More on that later.
The picture, by James Duncan, is of a working 3D chocolate printer made out of Lego. Click on the thumbnail for a larger view.
Just for the record, I “camped” in the Sebastapol Holiday Inn Express. It didn’t make me any smarter, but at least I could snore without making any permanent enemies among the world’s Alpha Geeks.
Since I’m way late in blogging this event, I’ll take the path of least resistance and just provide a partial (!) list of other blog coverage. This Internet thing is gonna be big some day.
Cameron Marlow (Overstated)
Chris Shiflett
Danyel Fisher (Made of People)
Dav Coleman (AkuAku)
Dave McClure (Master of 500 Hats)
David Hornlik (VentureBlog)
David Weinberger (Joho the Blog)
Don MacAskil (onethumb)
Erik Hatcher
Furzundfeuerstein (Fart and Flintstone)
James Duncan (Whoot!)
Jeff Barr
Jim Winstead (trainedmonkey)
Mark Fletcher (Winged Pig)
Mark Frauenfelder (BoingBoing)
Mie (Kokochi)
Mike Clark
Nan Barber
Paul Jones
Robert Scoble (Scobleizer)
Russel Beattie
Tantek Çelik
Tim Bray
Zak Greant (Polymorph)
Ross Mayfield
September 17, 2004 | Permalink | Comments (2)
You can so fight that
You know what I hate? Besides people who doubt my robot-reviewing integrity? I hate quasi-profound philosophical arguments that are just plain wrong on their face. This year’s commonly seen example is used as an argument against the “War on Terror” and usually attributed to Michael Moore or Gore Vidal (although I’ve heard this particular chestnut for at least a decade): “You can’t fight a noun.”
You can so.
You can fight an addiction. You can fight a war. You can fight a dog. You can fight a fat man.
You can’t fight City Hall, but that’s just a bad example.
Here’s video proof of me fighting a noun.
Sometimes, the phrase is rendered, "You can't fight an abstract noun.” That’s a little better, but still incorrect, because you can fight, say, depression. I think “depression” is an abstract noun by this definition:
An abstract noun refers to states, events, concepts, feelings, qualities, etc., that have no physical existence. eg: Freedom; happiness; idea; music are all Abstract Nouns that have no physical existence.
Now, maybe Mr. Moore or Mr. Vidal mean that you can’t *physically* fight an abstract noun. As in, "you can’t fight depression by punching." Even this doesn’t seem to be the right because (1) it’s such an obviously narrow statement that it’s not worth making, and (2) if you punch a depressed person, you probably could snap him out of depression at least for a bit. Or maybe you could punch a mime in front of a depressed person. That would probably cheer him up (the depressed person, not the mime), and if your goal was to get rid of the depression then you can’t really be said to be “fighting the mime.”
Occasionally, the person using this argument starts to feel the linguistic thin ice cracking under their mixed-metaphorical feet, so they try to button up the phraseology: “You can’t fight a war against an abstract noun.”
Better still, but gibberish nonetheless. The accuracy of that phrase hangs on your definition of “war”. If you only mean literally blowing things up with tanks, then I guess that statement could be technically correct. On the other hand, we did pretty well fighting a war against the abstract nouniness of “fascism” in WWII and I believe that blowing things up with tanks was a cornerstone of our persuasive arguments. More recently, a “cold war” against hyper-abstract “communism” also produced some results. Then there’s always the expression, “war of words”. What do we make of that?
Anyhoo, the point is that while you may be able to find plenty of arguments against the specifics or generalities of the “War on Terror”, you ain’t gonna find them in your Strunk and White.
Please don’t write in to explain what these people meant to say. I’m not making a political statement here, only pointing out that what they did say is stupid. Social debate would be better served if both sides stayed away from this kind of bumper-sticker sloganeering in the first place. This is not Mr. Moore’s first warning, either.
And don’t get me started on the current right-wing and pseudo-scientific favorite, “You can’t prove a negative!”
You can so!
September 8, 2004 | Permalink | Comments (12)
Best tech rumor ever
It’s possible that Netflix and Tivo are teaming up to allow electronic DVD downloads straight to your TV. If true, this is the most important quality-of-life merger since that chocolate/peanut butter thing in the 1920s.
Of course it’s probably a lie; or worse – just a marketing ploy limited to Top 40 Hollywood hits.
September 7, 2004 | Permalink | Comments (0)
E-Voting radio link
The Viewpoints Radio e-voting interview I did last month is up on the web. Here’s the audio clip (Windows Media, 2:32 minutes) and my blog entry from when it happened.
Viewpoints Radio bills itself as, “Compliancy-based public affairs” and runs weekly on 250 radio stations. According to my calculations, that means there’s a 6% chance that my rambling about public disclosure of voting machine innards is interrupting somebody’s smooth-jazz marathon right now.
August 21, 2004 | Permalink | Comments (0)
Report or publish or shut up?
I saw a CNN reporter make a nontrivial on-air security flub while small talking at the start of last week’s Democratic convention. The reporter and morning anchor were speculating whether or not John Edwards would run for president in 2008 or 2012, and the reporter said something like, “Elizabeth Edwards refused to say if her husband was considering a run, but she told me that she just found out that the two of them were staying in hotel room 2012 during the convention and she thought that that room number was a good omen.” “Har har”, said the anchor, “and now for these messages.”
Broadcasting the vice presidential candidate’s room number on live TV is an innocent mistake, but a pretty bad idea. Of course knowing the room number by itself is not sufficient to mount an attack, but it’s a sensitive part of the multi-layered security policy. There are certain conditions, for example a terrorist having infiltrated the hotel maintenance staff and having access to the VIP floor, where the room number might be the last piece of the puzzle. It may be far-fetched, but there’s a good reason that hotels don’t disclose this kind of information. Elizabeth Edwards should know better, but so should CNN.
I wasn’t sure what to do after seeing the broadcast. Eventually, and rather sheepishly, I decided to send an email to the Secret Service and the FBI and to hold off writing about it in the blog until after the convention was over. The odds that this slip could have had an impact on convention security were very small, and I suspect that the authorities picked it up before hearing from me. Still, it didn’t seem right to publicize it at the time. I never heard back from either agency.
Speaking of security flaws, I think I spotted a fairly big procedural one at an airport just now. I’ll go through my list of TSA contacts before posting it here, but I wonder if that’s the best approach. Is the increased chance of corrective action due to a public airing of the problem worth the tiny chance that some attacker will learn about and exploit the flaw from the publicity?
August 5, 2004 | Permalink | Comments (1)
Let's put some science into the terror alert debate
Is the U.S. government playing politics with recent terror warnings? I don’t really care. What I care about a lot more is: are those warnings effective? Fortunately, while people arguing the first question are probably not really interested in finding an answer, the second question should yield fairly well to dispassionate analysis.
Hype and political considerations aside, the two most frequently heard arguments in the debate over the value of periodic but vague terror alerts by the U.S. government are:
Con: The alerts make people apprehensive and afraid. This hurts our society (the “terrorists have already won” argument) and diminishes the impact of future alerts (the “boy who cried wolf” argument).
Pro: Even though the alerts may make people nervous, they also remind people to be vigilant. Since information is the most important weapon in the fight against terrorism, an attentive citizenry is worth some disruption to daily life (the “price of freedom is eternal vigilance” argument).
Both points are plausible, but are they true? I’m not sure, but there’s probably some useful behavioral data out there that could be used to evaluate the competing claims.
For example, is the “boy who cried wolf” phenomena measurable in the real world? Surprisingly, not everything named after a fairy tale is completely reliable. In other words, are people who are repeatedly subjected to false alarms actually less likely to effectively react to a real emergency situation? After all, most military and emergency workers are constantly drilling with “false” alarms and no one seems to feel that this compromises their readiness. Of course these teams are repetitively practicing specific skills, not just being repetitively told to be anxious. Maybe that’s the difference.
Similarly, is the “vigilance” claim accurate? Are people who are repeatedly told to be on guard actually better able to identify and respond to emergency threats than people who are more relaxed? Many skydiving or SCUBA instructors go to great lengths to teach their students how to be physically relaxed in dangerous situations; the justification being that an attentive but at-ease mind is more effective at coping with unexpected circumstances. Does this logic apply to national terror alerts?
These are fairly narrow questions which are well suited to scientific investigation. Much of this investigation has almost certainly already been carried out in the past half a century. I’d like to see the media focus on reviewing relevant data from commercial, government and academic sources before bringing on the next set of political experts to fling unverifiable mud at each other. Ain’t my naïve idealism cute?
July 10, 2004 | Permalink | Comments (0)
Military is right on spy cans
If you were shipwrecked on a deserted island and could only have one case of carbonated beverages with you, you’d want it to be a case of Coke because you might get a can with a built in cell phone and GPS. These special cans, part of a zany new summertime promotion from Coca-Cola, have caused some US military bases to warn employees against bringing the potential listening devices into sensitive locations. The press is predictably reporting the warnings as another example of superfluous military hand wringing:
Paul Saffo, research director at the Institute for the Future, a technology research firm, compared the concern about the Coke cans to when the CIA banned Furbies, stuffed toys that could repeat phrases. "There's things generals should stay up late at night worrying about," he said. "A talking Coke can isn't one of them."
Of course the problem isn’t that the cans can talk, it’s that they can listen and send their coordinates. Similarly, the CIA didn’t ban Furbies because they were distracting and horrifically ugly, but because they could be used (perhaps unintentionally) to record conversations. Ok, also because they were horrifically ugly.
Meanwhile. Coke is reassuring the public:
Coca-Cola spokesman Matt Martin, however, said there was no way that the cell phones or GPS devices could be used to eavesdrop on conversations or give away the positions of military sites. "The cell phone will only talk to the prize center. There is only one line of communication, so it can't be intercepted," Martin said. "The GPS information can only be accessed by the prize center."
That statement is both misleading and beside the point. What does, “one line of communication” even mean? Any cell call can be intercepted and the coke-phones probably aren’t using the most sophisticated encryption schemes known to science. More importantly, since when did Coke “prize center” employees (possibly sitting in an off-shore call center) become authorized to hear secret government conversations? The thrust of Coke's argument seems to be that the military has nothing to worry about as long as it’s only Coca-Cola listening in on the other side. Every day, life becomes more and more like Dr. Strangelove:
Group Capt. Lionel Mandrake: Colonel... that Coca-Cola machine. I want you to shoot the lock off it. There may be some change in there.
Colonel "Bat" Guano: That's private property.
Group Capt. Lionel Mandrake: Colonel! Can you possibly imagine what is going to happen to you, your frame, outlook, way of life, and everything, when they learn that you have obstructed a telephone call to the President of the United States? Can you imagine? Shoot it off! Shoot! With a gun! That's what the bullets are for, you twit!
Colonel "Bat" Guano: Okay. I'm gonna get your money for ya. But if you don't get the President of the United States on that phone, you know what's gonna happen to you?
Group Capt. Lionel Mandrake: What?
Colonel "Bat" Guano: You're gonna have to answer to the Coca-Cola company.
Let’s get down to the security specifics. There are three main types of threats associated with the presence of potential listening devices in sensitive meetings:
1. Somebody could intentionally bring in or plant a listening device and record a conversation.
2. Somebody could unknowingly bring in an active listening device and be duped into recording a conversation.
3. Somebody could accidentally record a conversation which might be discovered at a later time.
Banning Coke cans and Furbies does nothing to reduce the likelihood of the first threat, because an intentional spy already has access to thousands of inconspicuous recording options. However, threats two and three are significantly diminished by making sure that all personnel are aware of the potential eavesdropping capabilities of all of their possessions. Sure, it’s not the biggest danger facing our nation, but thinking about potential misuse of recording gadgets is something that some general ought to stay up late worrying about. Or at least some civilian analyst.
Should Coke pull the promotion? Of course not; it’s an innovative campaign and poses no undue overall risk. Should the military issue appropriate routine warnings to their bases? Yes, just as they’ve done. Should the media experts be a little less smug in these kinds of matters? I may not be the right guy to throw that particular stone.
On second thought, the magic can is “powered by T-Mobile”, so coverage on some deserted islands may be limited. I guess in a shipwreck, you’d be better off with the old fashioned sugar and water instead.
July 3, 2004 | Permalink | Comments (5)
Ask a softball question…
My brother Mark pointed me to a recent New York Times interview with Arnold Schwarzenegger. When asked to describe his governing philosophy after unseating Gray Davis in the California recall, Schwarzenegger reached back for a quote from his days in the arts:
"Crush your enemies, see them driven before you and hear the lamentations of their women." (Conan the Barbarian, 1982)
That’s funny!
Of course, I’m jealous because my governor doesn’t say anything cool. Also because the fine state of California can look forward to an endless supply of such answers. For example, here are some other ways that question could have played out:
NYT: Governor, what is your governing philosophy seven months after toppling Gray Davis in the California recall election?
A.S.: "You should not drink and bake!" (Raw Deal, 1986)
NYT: Governor, what is your governing philosophy seven months after toppling Gray Davis in the California recall election?
A.S.: "I'm not into politics. I'm into survival." (The Running Man, 1987)
NYT: Governor, what is your governing philosophy seven months after toppling Gray Davis in the California recall election?
A.S.: "I don't know what the problem is, but I'm sure it can be solved without resorting to violence." (Twins, 1988)
NYT: Governor, what is your governing philosophy seven months after toppling Gray Davis in the California recall election?
A.S.: "I just had a terrible thought: what if this is a dream?" (Total Recall, 1990)
NYT: Governor, what is your governing philosophy seven months after toppling Gray Davis in the California recall election?
A.S.: "I'm the party pooper." (Kindergarten Cop, 1990)
NYT: Governor, what is your governing philosophy seven months after toppling Gray Davis in the California recall election?
A.S.: "My mission is to protect you." (Terminator 2, 1991)
NYT: Governor, what is your governing philosophy seven months after toppling Gray Davis in the California recall election?
A.S.: "If I break it, they can take it outta my pay." (True Lies, 1994)
NYT: Governor, what is your governing philosophy seven months after toppling Gray Davis in the California recall election?
A.S.: "That's enough philosophy for now." (The 6th Day, 2000)
It’s a speechwriter’s dream. As a side note, I just noticed that “Schwarzenegger” is a built-in word in the standard Microsoft Office spellchecker. That may be his most impressive achievement yet.
[All the quotes are from IMDB. How much work did you think I was going to put into this?]
July 1, 2004 | Permalink | Comments (5)
First Hero of IT
I just found out that I'm supposed to get an actual physical trophy for the InfoWorld award I wrote about last month. I hope it looks like this. If not, the InfoWorld editors are free to borrow my design for next year's model; he's the original “IT Hero”, you know.
You might have to work out licensing issues with Hasbro.
[Preempting some comments: Yes, I own one of these robots. No, it cannot pick up a cup of coffee.]
June 30, 2004 | Permalink | Comments (1)
SpoofStick on TV
A few days ago, PC World columnist Steve Bass demoed SpoofStick on G4TechTV’s “The Screen Savers”. Everyone who has come to my house since then has been forced to watch it on Tivo.
Other recent SpoofStick coverage is on the CoreStreet SpoofStick homepage.
June 27, 2004 | Permalink | Comments (0)
Vastly important origins
Marketing Sherpa has published a brief case study on the hows and whys behind your humble narrator’s fine Internet publication. This is the first article ever written that’s entirely about this blog. I’m naturally very pleased and looking forward to seeing a second story so I can proclaim an important trend and maybe issue a press release.
It’s all true, except for the bit about SpoofStick only taking a few hours to program. It took a few hours to hash out the details, but programming was a longer and not-altogether painless process.
June 20, 2004 | Permalink | Comments (0)
I don't think it means what you think it means
I was just watching CNN (with camera and Tivo at hand) and saw a quick commercial for Michael Moore's upcoming film "Fahrenheit 9/11". The ad starts with a definition of the word "Fahrenheit":
Fahr-en-heit adj. The temperature in the atmosphere when it reaches the boiling point.
Mr. Moore’s publicists must be using a very thorough dictionary; I had not previously been aware of that definition.
June 19, 2004 | Permalink | Comments (0)
Fortified answers
The Fortifying Network Security newsletter asked me to answer three questions for their June 9th issue. Here’s what I had to say:
Question: What authentication method(s) offer the best performance and lend themselves to widest, secure use (PKI, biometrics, smart cards, etc.)?
Libin: The most secure and most reliable method of authentication is a one-to-one, locally matched biometric, recorded in a validated digital certificate and stored on a PKI smart card. The PKI smart card is almost impossible to duplicate, providing a very solid "something you have" factor. The local one-to-one match protects privacy and greatly reduces false identifications; a validated digital certificate proves that the whole package hasn't been tampered with and that it's still good right now. This triple-holy-grail of authentication used to be very expensive and cumbersome, but recent technology advances have brought both price and complexity way down.
Question: When adding authentication to the security mix, how can enterprises avoid adding management complexity from new identity management tasks?
Libin: Some work is always required when introducing additional technology, but a properly designed authentication scheme should reduce overall complexity, not increase it. Once you have a consistent way of doing authentication ¬ knowing who everyone is, and validation, knowing what each user is allowed to do ¬ tasks and applications that use your identity management scheme actually become easier to write and manage. Do some work up front; save a ton of work later.
Question: What key feature or element should enterprise customers insist on where authentication is concerned?
Libin: Convenience. If it's hard for the user, they won't use it, and you'll be worse off than before you implemented it. Period.
---
On another topic, I’m in the midst of some marathon traveling, so the frequency of my posts for the next week will depend on the complex and unpredictable interactions of airport delays, food digestibility, broadband availability and general time zone wackiness. On the upside, I hope to buy some keen gadgets.
June 11, 2004 | Permalink | Comments (0)
Washington Post reviews SpoofStick
Rebecca Rohan has written a quick and positive review of SpoofStick, CoreStreet’s free anti-phishing utility, for today’s Washington Post. Her conclusion:
SpoofStick is reassuring to have around, but it can't replace common-sense skepticism.
This is exactly right. We never intended SpoofStick to be a comprehensive solution for all the possible bad things that can happen while using your computer. SpoofStick is a straightforward tool that does one thing well: it cuts through the clutter of confusing, malicious or mislabeled URLs to tell you what web site you’re actually on. We were trying for simple and useful, and I think that’s what we got.
About 30,000 downloads so far. If anyone’s got suggestions for improvements, I’m all ears. All the other SpoofStick news can be found here.
June 7, 2004 | Permalink | Comments (1)
Latest SpoofStick coverage and version
SpoofStick continues to make a mark on the net. The latest mentions are from Network World, the Kansas City Star, the St. Petersburg Times (the one in Florida, not Russia, but see below) and the Newark Star Ledger. PC World contributing editor Steve Bass gave SpoofStick a good mention in his June 2nd newsletter, but it’s not on-line yet. Steve called me a “forthright” guy, which will have to do until I can upgrade my title to at least “honorable” by getting elected mayor of something.
International mentions of SpoofStick include IT Union in Russian and ITP Technology in Arabic. I can’t read the Arabic article, but it has this screenshot of SpoofStick looking at the "it's only a flesh wound" scene from Monty Python and the Holy Grail. I don’t find this strange at all.
We also released a minor upgrade to the IE version of SpoofStick today. Version 1.01 has the following improvements:
- The installer is signed by an official CoreStreet digital certificate. This is one of those eat-our-own-dogfood type of features since we like to promote certificate use.
- There is a new option in the configuration menu that lets you display the whole hostname of a site, rather than just the domain name.
- The installer will now refuse to install on an operating system earlier than Win2k. I expect this to take care of most of our support requests. We’ll be adding Windows 95, 98 and ME support in an upcoming release.
- SpoofStick will now pop up a warning (often more than one) if it encounters a URL trying to take advantage of the ‘@’ flaw found in unpatched versions of IE. Since this is a well known (and corrected) Microsoft bug, SpoofStick will only issue a warning and reminder to install the latest IE patch.
As always, you can get the latest version of SpoofStick at the CoreStreet SpoofStick home page.
Finally, I have made a ‘SpoofStick’ category on Vastly Important Notes, so you can see all the posts about SpoofStick on one page. Some of you have made snide insinuations about SpoofStick elbowing out all other topics on this blog (I’m looking at you, “gavin”), so I’d like to direct your attention to the diverse bounty of vastly important content in the archives.
June 4, 2004 | Permalink | Comments (3)
The Phisher King
Proving the adage that the simple wheel get the worm (err, that’s not right), the past three days have seen SpoofStick featured in The New York Times, Business Week and The Boston Globe. The Times even included a nice screenshot in the print version. We’ve had to increase our server bandwidth to handle the demand – around 20,000 copies have been downloaded so far.
I’m running dangerously low on “Phish” puns. Do the tech-media community a favor and send some in. Thanks to everyone who’s tried SpoofStick.
May 27, 2004 | Permalink | Comments (3)
I’ve been called strange things
In perhaps the most latitudinarian use of the word in recent memory, InfoWorld magazine has named me one of “This year’s heroes of IT.”
The award article, titled “CoreStreet targets massively scalable validation”, is a great description of our goals and work. Surprisingly, it has nothing to do with SpoofStick or this blog. The article points out the pioneering work done by Dr. Silvio Micali, but each member of the CoreStreet team has also made indivisible contributions to our accomplishments. In particular our CTO, Dave Engberg, should be singled out for doing the work of ten men - ten men not entirely unaccustomed to work, either.
The other eleven winners are extremely impressive and, while thankful for the recognition, I’m trying to find a reason why I’m included in their company. For example, Miguel de Icaza created Gnome; I once installed it.
Now if you’ll excuse me, I’m going to make a “Hero of IT” costume and maybe go wrestle a bear.
May 23, 2004 | Permalink | Comments (1)
SpoofStick 1.0 is here
[Update June 04: If you came directly to this page from Brian’s Buzz, Brian Livingston’s newsletter, welcome! Please see my quick reply to Brian’s comments here. SpoofStick now has its own category where you can see all the latest news and coverage. If you feel like browsing my other articles, here’s the front page.]
The general release version (1.0) of SpoofStick is now available for download for both Internet Explorer and Firefox. The 1.0 version includes a standardized UI across both platforms and a much smaller installer for the IE version.
Many thanks to the over three thousand of you who tried out the beta versions, to the dozens that gave useful feedback, and to the handful of bottom-phishers that harvested the "spoofstick" email address and clogged up my mailbox with pr0n and important information about my eBay account. This last category of people, in particular, reminds me of why we do this.
Thanks also to the bloggers and journalists – amateur and professional – who helped spread the world. I'm especially gratified to see that some of them have screenshots of SpoofStick running on their browsers. It's always good to see proof that your software actually installs.
Here’s some of what the web had to say:
Jon Udell - InfoWorld (screenshot, great write-up and first external mention of SpoofStick!)
Chris Lindquist - CIO.com(nice article, and the title makes SpoofStick sound downright superheroic)
Adam Gaffin - NetworkWorldFusion
Mark Ayzenshtat - Marked for Dearth (also did the programming)
Asa Dotzler - Adot's Notblog* (Asa drives big traffic)
Under The Sun (first Bible quote associated with SpoofStick)
Tara Calishan - ResearchBuzz (helped debug the press release)
Robin Bloor - Bloor Research (SpoofStick made him switch to Firefox from IE)
Nick Codignotto - Primordial Ooze (screenshot)
Mozdev extension room
Mozilla News
Chris Walken - talkaboutshareware.com (I'm pretending it's Christopher Walken)
inetinfo (with phish stick joke!)
John Ludwig - a little ludwig goes a long way
ExecTechNews
beaglebot - linkfilter.net
kayodeok
[expletive deleted]happens
Of course, nothing can top the comment from Carol Baraoudi that I wrote about on May 3rd.
Download SpoofStick 1.0 for Microsoft Internet Explorer and Mozilla Firefox here.
May 10, 2004 | Permalink | Comments (7)
If you insist security
It happened again. An article on Active Security which I wrote for ZDNet last week got translated into Japanese and published on IT Media. Here is the Babelfish reverse-translation back into English. The results aren’t as funny as last time, but it does translate “Salman Rushdie” as “Monkey man.”
In at least one instance, the computer translation seems to cut right through my human attempt at suggestive obfuscation and says:
Example of the large-scale positive security program, Common Access Card by the American Defense Department (abbreviation CAC, is bad designation, but here will not touch) is.
The central point of the article comes through intact, if a little worse for wear:
Positive security, the villain is not is obstructed just simply. It means also the fact that direction it makes promote daily life of the good man.
I couldn’t have said it better myself.
[The original, uncut version of the article (with snide asides which didn’t survive the ZD editorial process) is here.]
April 13, 2004 | Permalink | Comments (0)
Getting the definition right
[Yesterday, ZDNet published a short commentary I wrote called “Getting the definition right”. I’m very grateful to ZDNet for giving me a forum with a few orders of magnitude more readers than this fine blog. In order to make the article suitable for the mainstream, the ZD editors stripped out most of the jokes from the original piece and altered the ending a bit. They were probably right to do so – security is no laughing subject. Still, for the “benefit” of my original reader(s), I’ve decided to post the “controversial”, err, “uncut”, um, “eXtreme” version here.]
Getting the Definition Right (the director's cut)
“Security”, like other vaguely defined segments stalked by industry analysts, is subjected to cyclical patterns of fashion and scorn. Are we in a security-fueled investment bubble, or are organizations still sitting on their IT wallets? Much of the answer depends on your assumptions and definitions.
In his now (in)famous January 2000 essay, “Terror Versus Security”, Salman Rushdie offers a working definition:
Security is, after all, the art of making sure certain things don’t happen: a thankless task, because when they don’t happen, there will always be someone to say the security was excessive and unnecessary.
This and others pieces are republished in Rushdie’s newish book, Step Across This Line: Collected Nonfiction 1992-2002. Mr. Rushdie is something of an unwitting expert on security matters, at least at the receiving end. Compelling snapshots throughout the book recall a decade of fighting (and dodging) the Iranian fatwa placed on his head after publication of The Satanic Verses. While his insights are keen, this definition is part of the problem.
If you think of security in purely negative and restrictive terms – preventing attacks, denying access – it’s hard to be optimistic about the industry. After all, restrictive security places a burden on the many legitimate transactions in an attempt to prevent the few unauthorized ones. This is practically a Sisyphean undertaking (heh, “Sysyphean Undertakings for Dummies” – I’m gonna write that book). Too much restrictive security and the economy grinds to a halt while people proclaim that “the terrorists have already won”. Too little and you’re accused of being negligent. Rushdie’s punch line is that any security you decide on is by definition the wrong amount. What fun.
However, there’s a different way to look at the industry. Instead of thinking about security as just negative and restrictive, think of it as active and enabling. Active security is not just about stopping the bad guys; it’s about making the normal lives of the good guys better. Instead of just intercepting a few illegal transactions, active security aims to make the vast majority of legal transaction faster and more efficient. There are new security technologies that allow people to do more and to do it quicker. Think of ATM machines, trusted traveler documents and digitally signed mortgage forms. All of these applications make life easier for legal users and, by extension, make it easy to catch the illegal ones. Also, since active security deployments focus on speeding legitimate transactions, they can have a net positive effect on the economy. The more active security you have, the more it pays for itself. This is the exact opposite of the negative feedback cycle of restrictive security economics.
A great example of a large active security program is the Common Access Card (CAC – bad name, different topic) of the U.S. Department of Defense. The CAC is a smart card issued to every member of the DoD and is intended to be used for many applications including logical and physical access, secure email, document signing and payments. These are applications that people want and that were largely unavailable before the CAC program. Of course the system is built on cryptographically strong technology, so even though people will use their cards for convenience, they’ll be getting security.
I wrote a chapter on “Active Security” in Inside the Minds: Security Matters. If you like this blog, but not the pesky attempts at humor, the chapter may be more your speed. From what I’ve seen in the past two years, spending on active security technology is growing in both government and commercial sectors.
Towards the end of his essay, Salman Rushdie adds a cautionary note:
In the past, security didn’t save President Reagan, or the pope. Luck did that. So we need to understand that even maximum security guarantees nobody’s safety.
Certainly this conclusion is correct. Security isn’t about guaranteeing absolute safety. It’s about letting people undertake both important and pedestrian actions with a reasonable expectation of a speedy, safe and correct outcome. Still, I can’t quite agree with the first two sentences. If you watch the video of either assassination attempt, you’ll see that, even though security couldn’t prevent the initial shots, each attacker was frustrated in his attempt to finish the job by a massive bodyguard pile-on, while the injured principal was quickly and efficiently whisked away from danger and towards medical care. So maybe it’s more accurate to say that President Reagan and the pope were saved by security and luck. And by “luck” I mean eight hours of surgery.
It’s easy to make a case for security if you get the definition right.
April 6, 2004 | Permalink | Comments (2)
PKI still exactly jumps, jumps
While performing my ritual vanity search today, I ran across something unexpected. Last week, I wrote a short piece for C|NET about the future of PKI. Apparently it has since gotten itself translated into Chinese and posted on the Taiwanese version of CNET.com. This is the first time I’ve ever been translated into another language without my knowledge. That’s pretty cool. Now I just need a ghostwriter to write the original stuff, and Vastly Important Notes will be ready to dominate all tech media. I’ll be bigger than John Dvorak. They’ll name a keyboard layout after me. It’ll offer the ultimate in efficiency – you never have to touch it.
Anyway, I can’t read Chinese so I ran the article through the auto translator at Alta Vista’s Babel Fish. The results are righteous. Here’s my favorite paragraph, formatted for clarity: You?
Many people simply did not know that,
latter is the thunder
heavy rain is small.
I’m not sure what I was trying to say there, but I think we can all agree that, as far as tech writing goes, the style is unsurpassed.
Two serious questions:
(1) Is this fairly representative of the state of the art of computer translation? I haven’t looked into the field for several years and would like to know how useful it has become for business applications.
(2) If anyone can actually compare the original version to the (presumably) human translation into Chinese, I’d be very curious to get your feedback on the style and accuracy. I’m especially interested to learn how they handled my (alleged) humor. I’ll be traveling on business to that part of the world next week and would like to know whether to have the Chinese article precede me as an introduction.
To save you from navigating the link maze in this post, here is my original English version, the CNET.com Chinese version, and the Babel Fish automatic translation.
Thanks in advance!
[BTW, Having reread this post, I realized that it may sound like I’m bashing John Dvorak. That’s not true. I have the highest respect for his long standing punditry. My foundational computer knowledge was heavily shaped by everything he ever wrote during the mid eighties, and I continue to be impressed with his recent columns. For example, here’s a good one lamenting Bill Gates’ ascension into knighthood. Although, had I written about that topic I don’t think I could have resisted proposing a new name for the man justly credited by the Crown as being, “one of the most important business leaders of his age.” That name? Wait for it…..
Sir Bootsalot.]
March 2, 2004 | Permalink | Comments (4)
Reports of PKI death, greatly exaggerated
A 1991 college computer networking class almost stymied my vocational momentum. The professor, a genuinely keen and knowledgeable fellow, spent much time on the most important family of network protocols that we aspiring careerists workers would ever need to know: OSI (Open Systems Interconnect – the “seven layer chocolate cake”). One day, we briefly touched on an inelegant and accidental legacy protocol called TCP/IP. TCP/IP was practically dead. OSI was destined to eclipse and then replace it in the very near future. The experts had agreed: TCP/IP was insufficiently chocolaty.
By 1993, TCP/IP was clearly gripped in death throes. Over the next 10 years it grew by about 13,000%. Along the way, people figured out how to implement the more useful and attractive OSI concepts on top of TCP/IP. There are several other ways to measure the growth of the Internet, but the general consensus is that an upward trend is clearly visible. Meanwhile, OSI became a steakhouse.
A couple of years later, as TCP/IP’s health continued its precipitous non-deterioration, another technology conflict loomed large. The world’s microprocessor manufacturers had chosen sides in the great RISC vs. CISC architecture war. Apple and Motorola (new, small, simple, cheap RISC) had taken on Intel (traditional, big, complex, expensive CISC). IBM had a toe in both bathtubs. Billions of dollars and the future of life as we know it was at stake. One of these technologies would die; the other would rule the chip world. Analyst reports were written. Bar bets were made. I considered buying stock.
Do you remember who won? Most people don’t - it wasn’t much of a bang. Basically, both sides took good ideas from the other and successive generations of chips blurred the distinction until RISC/CISC wasn’t an interesting way for CPU engineers to talk about chip design anymore. Sometime later, the experts stopped talking as well.
The modern-day moral equivalent are digital certificates and Public Key Infrastructure (PKI). Over the past few years, fortunes have been made and lost (mostly lost) in the PKI markets and experts are sharply divided about the health of the industry. On the one hand, many of the hardest problems associated with PKI are being cleanly solved by persistent and/or innovative vendors. On the other hand, historically common failures have left many IT organizations with a bad taste in their mouths and user adoption continues to lag. Once, PKI was hyped as an almost magical solution to almost every IT problem. Then reality set in.
The good news is that the PKI debate is quickly fading away as customers stop focusing on technology and start focusing on specific applications. When Verisign’s certificate infrastructure went down for a day last month due to an unexpected validation problem, many people suddenly realized how surprisingly common digital certificates had become. Numerous web browsers, Java applications, antivirus packages, VPNs and document systems slowed to a crawl or stopped working entirely. The problem was resolved fairly quickly, but any illusions that digital certificates were exotic or uncommon were quickly dispelled. As strong security and authentication become increasingly important over the next few years, more and more applications will quietly incorporate digital certificates and PKI concepts into their core functionality. Combined with the best ideas of more traditional security approaches and large scale programs that are currently issuing millions of certificates to individual users (like the U.S. military’s Common Access Card), these applications will deliver significant security and convenience improvements to many everyday computing tasks. The days of buying specific security technologies (like PKI or symmetric keys or passwords or secure tokens) are mostly over. The days of buying secure applications are here today. Let’s put this debate behind us and start building real solutions for real security requirements. Or, um, wait for me to do it first.
I also hear that there may be a decisive winner in the Push/Pull content wars sometime soon. Call your broker!
February 16, 2004 | Permalink | Comments (3)
I am an expert
I was the "Expert of the Month" on CIO.com last month, taking questions about the convergence of IT and physical security. The month is over and my expertise has expired, but they've published some of the questions and answers. Here's my favorite. I'll try to answer some more and send them in soon.
There were a lot of good questions sent in to the magazine, but I've only answered four so far because I'm lazy. I think that being an expert and being lazy go hand-in-glove, or, um, butt-in-couch. Being an expert is how I get to avoid real work.
[Note to investors: This is a joke. I am not the slightest bit lazy and take to real work like a chipmunk to fresh acorns.]
Hmmm, that's two backside references in one post. This blog is getting off to an inauspicious start.
January 15, 2004 | Permalink | Comments (2)
