Slashdot Mirror

So I'd heard a lot about TED talks, had seen a few on video, and in considering this question, I wondered, what can the subjects be about? Here are the 25 most popular TED talks. They're supposed to 18 minutes or less. The acronym stands for "Technology, Entertainment, Design". So, some ideas I'd like to see:

Technology:
* "Avoiding "Guru Syndrome": Start with the Tenerife crash, where two 747s collided on the runway. The copilots knew something was f-cky but wouldn't tell/challenge the captain, and ended with 583 dead in a fireball as the 747s collided at takeoff speed. In programming, in business, in the workplace, one guy sometimes can be though of as knowing everything. He doesn't.

* "Listening With Humility": No matter how smart you are, and no matter how dumb your client, user or patient is, listen with humility, listen like you're trying to learn, and you can get better results.

Business:
* "Stopping Control Fraud": How to create organizational structures which are resistant to control fraud.

* "How to persuade people to give you money?": I am definitely no expert at this, but I'd like to see a discussion. I see panhandler and charities making money - what desire are they fulfilling in people? I see squeegee boys getting money - what desire are they fulfilling in their "patrons"? I see patent trolls, landlords, pharmaceutical companies, prostitutes, government contractors, lawyers: Why do people give each other money?

Finance:
* "What is money?": How do we get people to pick up the trash at zero dark thirty in freezing weather, slaughter cattle, lay pavement, build skyscrapers, go to war, with slips of paper?

* "What is MMT?": Funding the government via seignorage is an old idea that typically doesn't end well. Why is it becoming popular again?

* "What drives the economy?": I'd say it's human desire. Can it be reduced to equations? Or do you need a coherent theory of human behavior first?
 

It's not verifiable as in "we verify that citizen A voted on B" but as in "once the vote have entered the system the end result cannot be tampered with". This actually looks like it's being designed by people who understand the issues at hand. https://www.schneier.com/blog/...

Well he is at least following it:
https://www.schneier.com/blog/...

The other Bruce said it well about blockchain.

Blockchain and trust

He never explained why email verification upfront would fail to solve the issue. I still believe it is a problem of the sites or services in question.

https://www.schneier.com/blog/...

Bruce Schneier's analysis was that "it's an example of two systems without a security vulnerability coming together to create a security vulnerability."

I respect Bruce a lot, and I think from a practical standpoint, Gmail (Google) absolutely should make those dot-aliases opt-in. But this is still 100% Netflix's problem to solve. The problem would exist if Gmail did not allow the dot aliases, you would just need to find some other predictable pattern of email aliases (like a large organization where everybody is granted both @longcompanydomain.com and @shortcompanydomain.com email addresses).

Stop and think. If your service will be sending payment related emails to people, why would you not verify the address first? The only thing I can think of is they know this is a problem but they get more money by reducing all possible barriers to entry, and the scams are considered a cost of doing business--a cost that some of their customers pay.

He never explained why email verification upfront would fail to solve the issue. I still believe it is a problem of the sites or services in question.

https://www.schneier.com/blog/...

Bruce Schneier's analysis was that "it's an example of two systems without a security vulnerability coming together to create a security vulnerability."

Meh. I'm split here... The blame should be placed on USERS, followed by COMPANIES that allow LINKS with a hash to BYPASS AUTHENTICATION.

The original article also has a link to analysis by Bruce Schneier https://www.schneier.com/blog/... where he says "it's an example of two systems without a security vulnerability coming together to create a security vulnerability".

I agree that having users validate their email addresses before using it for the first time would solve the problem. I've always been irritated by the companies that do so, imagining they did it solely to make sure that someone used a real email address rather than a throwaway spam email address, i.e. solely so they could send unsolicited spam. I guess there's a real reason for it after all. Probably they also want to reduce friction with an entire generation of folks who don't really use or care for email.

Personally I hesitate to blame users. These are products designed for the general public. The makers should do what they can to help everyone fall easily into the "pit of success".

If Privacy is really dead, then Scott should publish his Name, Address, Account Numbers and passwords, location schedule, and DNA profile and always keep them all current. Until then, it's NOT.

I understand your larger point, and I quite agree that anyone who claims they don't care about privacy is lying, but you'll understand if I don't want someone else's choices determining the value of my privacy. I say privacy matters to us all even if someone claims otherwise (as glib sycophants on /. sometimes claim without challenge or evidence).

Just because I have nothing to hide doesn't mean that I want you to see.

Actually, everyone has something to hide. And that's not even the strongest reason why we all need privacy.

Glenn Greenwald was discussing privacy with Noam Chomsky and Ed Snowden and Greenwald brought up his email account just to put the lie to people who argue that they have nothing to hide (around 29m37s). He tells them to email him the credentials of every account they have—not just the nice accounts like work, email, bank, and phone, he said—all of the accounts including the accounts people keep secret from their spouses and significant others. He tells them he intends to snoop around on those accounts to see what they've been doing, and so that he can become their impostor. After all, if they have nothing to hide then they have nothing to fear by telling him what they're really up to.

The result? Greenwald said:

To this day, not a single person has taken me up on this offer. I check that email account really frequently and it is a very lonely and desolate place. And the reason is because we really understand instinctively, without this abstract debate, why privacy is so critical. We are social animals: we have a need for other people to know and see what we're doing, which is why we post things about ourselves online. But we also have a need to do things without other people watching because when other people are watching what you're doing, you're much more likely to engage in decision making that is the byproduct of societal orthodoxies or external expectations and not a byproduct of your own agency and independence.

This also gets into why privacy matters most—a far stronger reason to value privacy both in the abstract and in one's own life is that "Privacy protects us from abuses by those in power, even if we're doing nothing wrong at the time of surveillance." as Bruce Schneier points out in an essay he posted:

We do nothing wrong when we make love or go to the bathroom. We are not deliberately hiding anything when we seek out private places for reflection or conversation. We keep private journals, sing in the privacy of the shower, and write letters to secret lovers and then burn them. Privacy is a basic human need.

It's called TPMS. All new passenger cars in the US and EU as of 2012 have it. And it's not opt-in.

No difference than multiple linux distributions. They all use the same core and all fix it. And then add their stuff outside of the core system.

If Linux becomes the dominant system, that will begin to be a problem, just like it was when Windows was the dominant system. Monoculture is a bad thing.

Bitlocker has known issues. That's not a judgement on how serious they are, but it does disqualify it from being called good.

https://www.schneier.com/blog/...
https://www.digitaltrends.com/...

They had better be totally manual.

Biometrics: Uses and Abuses

Written by Bruce Schneier and published in August 1999; and now more relevant ever.

Even elite hackers know that you sometimes need a screwdriver.

I did several searches on Google and couldn't find anything.

Try "certificate system broken", maybe? You Google-Fu seems very weak....

As for a real answer, the burden of proof lies on the accuser, not just, "I'm right, you prove it."
That wouldn't go to well in a court.

You are badly wrong. This is not an "accusation", it is a statement of fact and the fact is well established. You would not require a proof or reference that water is wet, would you? As to court: That is a collection of non-experts. What they do is pull in an expert (or several) and then believe what they say.

Here is a reputed expert that does not even think he needs any explanation when stating the fact (and he is right):
https://www.schneier.com/blog/...

This is not an extraordinary claim at all.

Try google(Certificate system broken), for example, gives you lots of hits.
Here you can see a reputed expert not even commenting on why the system is broken, because everybody knows it:
        https://www.schneier.com/blog/...

Actually second-amendmenters have it a lot easier dealing with police and similar (at least in the US) since they tend to be a lot more respectful and straightforward about their weapons than others. Also, most of the police/military forces agree with expressing at least your second constitutional right (not so much the first one).

They have it even easier if they pack their laptop into checked baggage which contains a firearm.

https://www.schneier.com/blog/...

SpiderOak are discontinuing their warrant canary, which some are speculating that it means their canary is dead & they have been compromised.

They are also offering a short-term unlimited backup plan (which expires today). The close timing of that & the canary announcement is a little interesting. I was literally about to sign up to move away from Dropbox when I heard the warrant canary thing and it was confusing/disturbing enough to make me hold off.

Too many people have caught on to dropping infected USB drives in parking lots? https://www.schneier.com/blog/...

Thank you.

So many people are making factitious arguments, but yours is one of the few that holds up logically. Keep it up!

This topic brings out all the angry posters, most saying it is impossible to do securely. That's provably false. Mixed with that are the ones saying it's effectively evil. Few people are taking the stance that law enforcement is trying to protect the public in a reasonable way. Yet the public and law enforcement think that is the case. Posting here does very little to change that public perception. However, you posting here, where the informed read and inform their opinions, can make a difference.

There are good reasons to doubt the effectiveness or cost ratio rationality of trying to legislate access to encrypted data. That matters. Thankfully there are people like you who are willing to advocate discussion to the real issues.

Obligatory: Posting AC due to posting of unpopular opinion.
Second thought: Unchecking "Post Anonymously" because it is worth taking responsibility when you believe in a cause.
Third thought: How much scotch have you had? Enough. Click the button.

Almost 10 years old, and more timely than ever.

Biometrics

Thus it eliminates a false sense of security.

I suspect you meant emanates there, mostly because I've just reread one of Bruce Schneier's essays.

Biometrics: Uses and Abuses by Bruce Schneier

TL;DR:
Biometrics are powerful and useful, but they are not keys.
But always keep in mind that biometrics are not secrets.

NOTE: Article is ~20 years old, but the advice is as timely as ever.

I have no fucking clue why they installed those crappy Internet-of-shit operating systems in there by default in the first place.

link

This was in 1999. Simply put, "You can't secure what you don't understand."

Including an entire separate operating system for management is one boat load of attack surface added to the mix. Hardware should generally be delivered reasonably secure by default. This kind of crap should not just be off by default, but not programmed into motherboards by default. If a company wants it, they can specify that part variation where it is loaded.

Programming something unused into a motherboard is itself a potential security vulnerability, since an attacker could possibly turn it on via some method and then have a larger toolkit. If you want a really secure system, first don't install anything on there you don't need.

And one more link:
https://www.schneier.com/blog/...

As for your "it varies by place":

"Over a short period they form a unique signature of the electrical frequency at that time, which research has shown is the same in London as it is in Glasgow."

Read this. It was written almost 20 years ago. There have been no technological developments since that alter the main thesis of the essay, nor will there be. Further, this has been known to every ethical software engineer for at least as long ("ethical" in this case meaning, "Will not lie to your face about what is technically feasible").

Anyone on your engineering staff claiming not to be aware of these truths should be dismissed immediately.

Well at least the Taliban wont get sued for patent infringement next time they hack predator drone feeds, so there's that.

https://www.schneier.com/blog/...

Actually you both have referred to the correct source of information, but at different times: when Bruce Schneier mentioned this in 2016 at https://www.schneier.com/blog/..., the SP800-63b draft said "deprecated", it's now "restricted". Goes to show how difficult is to stay informed and compliant in this constantly changing threatscape.

See Bruce Schneier et al.: https://www.schneier.com/blog/...

In a perfect world, the open source community will drag a fine tooth comb through the code and we could be sure there was nothing malicious, but I don't believe in that world yet.

The open source community can't even do that for libraries already known to not be malicious. In fact, the open source community lazily introduces bugs and then doesn't fix them for years.

They forgot that trust, once broken, is damn near impossible to repair.

This is another instance of feedback porn that dulls perception, not actually being so true as we wish to suppose.

Trust is perhaps something that functions in a vigorous, disruptive market. By the time the world k-opolizes (k, a small integer) fomo and habit become the main conditioning force.

Sometimes on the voyage betwixt, a growing company overestimates its grasp on its customer base's short and curlies, and abandons good ship Trust prematurely. But isn't this kind of like a wardrobe malfunction? Who didn't already have a pretty good idea what Janet's boob would actually look like? Her wardrobe, which matched her ambitions, was never that modest to begin with.

Sony's DRM Rootkit: The Real Story — 2005

Sometimes a boob pops out that we didn't expect.

What do you think of your antivirus company, the one that didn't notice Sony's rootkit as it infected half a million computers?

But actually, Sony is still in business, despite the furtive business, compounded by hubris, compounded by lies, compounded by incompetence—and so are almost all of the useless antivirus products.

Doh! We can't believe Sony.

Kaspersky, however, is really in the soup. That's one story where trust is never coming back, as advertised.

Doh! We can't believe our own stupid selves.

Could be surveillance

https://science.slashdot.org/c...

Used by the Russians to spy on the US embassy - they needed to embed a resonator into a Great Seal of the US which they presented as a gift.

https://en.wikipedia.org/wiki/...

Also used by the UK and US to spy on Russians. Peter Wright worked out how to do it with the sides of filing cabinets, and hence not need to give Trojan Horse gifts

https://www.schneier.com/blog/...

The US is quite justified to say to the Cubans 'It's a small island. It's also a police state. You have a good intelligence service. You probably know who's doing it. Get them to stop. Until then no more diplomats".

All these people mocking the idea are probably the paid Russian trolls I keep getting warned about. Of course the irony is the same people warning me about Russian trolls are the ones mocking this story.

What nonsense are you talking about?

A mining pool can make small payouts directly in the generation transaction. Large payouts can wait. I'm guessing that if you took a vote of the people who lost their funds, they would have preferred a 48-hour delay for large payments over losing everything.

The keys are not "out there" in any meaningful sense. We can't even list them, much less check them or store them.

Schneier:

One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information. To record a single bit by changing the state of a system requires an amount of energy no less than kT, where T is the absolute temperature of the system and k is the Boltzman constant. (Stick with me; the physics lesson is almost over.)

        Given that k = 1.38e-16 erg/degree Kelvin, and that the ambient temperature of the universe is 3.2 degree Kelvin, an ideal computer running at 3.2 degree K would consume 4.4e-16 ergs every time it set or cleared a bit. To run a computer any colder than the cosmic background radiation would require extra energy to run a heat pump.

        Now, the annual energy output of our sun is about 1.21e41 ergs. This is enough to power about 2.7e56 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all its energy for 32 years, without any loss, we could power a computer to count up to 2^192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter.

        But that's just one star, and a measly one at that. A typical supernova releases something like 10^51 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.

        These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.

Yup, it's a bullshit title. Non-technologists seem to expect technologists to want to see high-tech solutions to everything, but serious technologists know that isn't always wise.

Bruce Schneier has been saying for over a decade that US elections shouldn't be made fully electronic.

Yup, it's a bullshit title. Non-technologists seem to expect technologists to want to see high-tech solutions to everything, but serious technologists know that isn't always wise.

Bruce Schneier has been saying for over a decade that US elections shouldn't be made fully electronic.

That's the business model. As Bruce Schneier says it's a "Surveillance Business Model". That's the "deal". They give you a set of crappy applications for free, you ignore the fact that they can and will spy on you the maximum degree they think they can get away with (and beyond if they think they can hide their activities from you). OF COURSE these apps are gonna take your picture without you knowing. If they thought they could hold pictures of you fucking your wife for ransom, they'd do that too. If they can convert your everyday speech to text and log your entire day's conversation to mine with AI for marketing tips or other ways to pull some kind of overseas Bitcoin blackmail, THEY WILL. If you think that last bit came from my tinfoil hat, you must have been asleep when Samsung did it with their smart TVs while they were supposedly turned off. All this spying and dishonestly is really fundamentally part of the new corporate business model. It's not a fluke, or news; it's the new normal.

Frequently changed passwords do not increase security. They do _decrease_ it. Smart security experts have known that for a long, long time. Those that do not understand security but only follow the rituals are clueless about this, as usual.

Here is a reference that nicely sums this up:
https://www.schneier.com/blog/...

Incidentally, it is also better to use a complex password and write it down than to use a simple one and remember that. Most attacks on passwords are over the net and not by stealing your wallet. Of course, remembering a complex password is best and that is another reason why requiring frequent password changes is a really dumb idea.

Yes. The real problem is that Microsoft is advocating for slow-rolling disclosure of security vulnerabilities by hiding patches until the stable release comes out. That's fine, it's not an insane stance, but they're presenting it as though that's obvious and noncontroversial and that there are no drawbacks to their methodology and no advantages to Google's full disclosure policy. That's where they're being disingenuous--full disclosure vs. slow disclosure is one of the more hotly debated topics in security circles, and Microsoft knows it (or should).

If they want to advocate for slow disclosure, they should at least acknowledge that they're taking one side of a controversial topic about which a lot of serious security people disagree, not pretend that Google is just doing something recklessly idiotic and should clearly do things the Microsoft way.

Bruce Schneier summarizes the counterargument here: https://www.schneier.com/essay...

On the surface slow-rolling things seems like a good idea--why show the attackers the breach before you've repaired the wall? The problem with that line of thinking is that it presumes that you're the only one who's found the breach, and that attackers aren't already exploiting it. That's generally naÃve, you have no way of knowing whether a vulnerability is being actively exploited or not.

By disclosing fully, you make it possible for people to protect themselves or to make judgements about how serious the issue is for them. You also make companies take security more seriously in the future, which hopefully leads to greater global security even if the local impact is muddier.

There are obvious trade-offs the other way, as well. But Microsoft
pretending that full disclosure is inherently bad for security is duplicitous.

NIST recently published its four-volume SP800-63b Digital Identity Guidelines . Among other things, it makes three important suggestions when it comes to passwords:

1. Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.
2. Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.
3. Let people use password managers. This is how we deal with all the passwords we need.

These password rules were failed attempts to fix the user. Better we fix the security systems.

Agreed: https://www.schneier.com/blog/...

So now seems like a good time to remember Bruce Schneier's interview titled Complexity the Worst Enemy of Security.

Indeed, thank you for reminding us of this.

I'm a little torn on the security issue -- most of my professional work has been around security for years now, and I've seen enough impressive-looking security systems fail completely because of this.

I remember years ago, when relatively affordable fingerprint scanners were first hitting the market, I worked on a product that was, essentially, an API layer so that software could use scanners but not be tied to specific hardware. I was playing with the two dozen most popular scanners at the time, and discovered that with 20 of them, you could guarantee a false positive simply by completely covering the scanner window with your thumb. Oddly, the four that weren't so brain-dead were the cheapest ones.

This sort of thing concerns me greatly, particularly with new complex systems. I don't know what it is, but I'd bet money that Face ID has some equally simple way to defeat it. It's too new and complex not to.

However, you tend to trade off security and convenience -- and that's not only legitimate, it's unavoidable. There's no such thing as perfect security, and there's no such thing as total convenience, so you are always choosing some point between those two extremes.

If you really have information that is extremely sensitive on your phone, none of the stock defenses are sufficient anyway. You'd be separately encrypting the data and keeping the key off the phone, have special locking software that lets you enter a "panic code" instead of your normal credential to wipe the phone, etc.

I think a good argument can be made that the correct amount of security is not always "maximum". It's better to recognize that a compromise is inevitably and always being made, and to choose the nature of that compromise according to circumstances.

The statement "it could take years for Android smartphone manufacturers to produce technology that can match the TrueDepth camera and the Face ID feature coming in the iPhone X" seems to indicate that Face ID is tremendously more complex than fingerprint readers. So now seems like a good time to remember Bruce Schneier's interview titled Complexity the Worst Enemy of Security. Then we should ask if moving to increased complexity as a security system is an improvement for security. If these changes are for increased convenience rather than increased security, then how far are we willing to have convenience etch away that the cost of effectiveness in security until we are left with nothing more than a facade?

Yet Another Russian Hack of the NSA -- This Time with Kaspersky's Help

"This is either an example the Russians subverting a perfectly reasonable security feature in Kaspersky's products, or Kaspersky adding a plausible feature at the request of Russian Intelligence. In the latter case, it's a nicely deniable Russian information operation. In either case, it's an impressive Russian information operation."

"What's getting a lot less press is yet another NSA contractor stealing top-secret cyberattack software. What is it with the NSA's inability to keep anything secret anymore?"

Yes, that too. Here is another gem: https://www.schneier.com/blog/...
It is both though.

This shows how government without breaking the law on spying on Americans (yeah, I know - like they care) can build a dossier on folks that would be an East German Stasi agent's wet dream.

It's worse than this.

I don't think it's settled law if it is considered spying if all your personal information is processed by a computer algorithm without ever being seen by a human being.

And in today's world, it is increasingly easier to spy on people by algorithm.

Indeed; creators of fundamentally important technologies are always of interest. As a similar example, if a new and promising encryption technique might get widely adopted, wouldn't you prefer to know exactly where it came from?

Exactly. It's not difficult to get passwords wrong, even Bruce Schneier is wrong about passwords - see his criticism of the XKCD method:

Terrorism is designed to spread a message along with the fear.

I agree. It also gels with Schneier's brilliant article What the Terrorists Want, which starts at the other end (with an implicit understanding of what terrorism is) and explores the motivation (which we use here as part of the definition).

This definition is broad enough to include both the recent Borough Market and Finsbury Park attacks, but isn't so broad that it includes 'ordinary' murder.

Sure about that? - https://panopticlick.eff.org/
Then in addition to that. Do you login to any website from that computer?

Do you have a cellphone?
Then yes, you are being snooped upon.

Do you drive your own vehicle to and from work?
https://en.wikipedia.org/wiki/...
https://www.schneier.com/blog/...

Do you take the subway/bus/bike to and from work?
https://www.schneier.com/blog/...
http://gizmodo.com/british-cop...

So if you combine this intelligence they could analyze the different data sources and over time probably match your face/licence-plate to your actual web-traffic. And it could all be automated.
Monitor over a time-period. Identify the traffic (login to a service or browser-fingerprinting or behaviour-fingerprinting). Identify when the traffic stops and who leaves the building after and with a year of monitoring you can exclude all the co-workers that left before or did not arrive before your web-traffic stopped.

Sure about that? - https://panopticlick.eff.org/
Then in addition to that. Do you login to any website from that computer?

Do you have a cellphone?
Then yes, you are being snooped upon.

Do you drive your own vehicle to and from work?
https://en.wikipedia.org/wiki/...
https://www.schneier.com/blog/...

Do you take the subway/bus/bike to and from work?
https://www.schneier.com/blog/...
http://gizmodo.com/british-cop...

So if you combine this intelligence they could analyze the different data sources and over time probably match your face/licence-plate to your actual web-traffic. And it could all be automated.
Monitor over a time-period. Identify the traffic (login to a service or browser-fingerprinting or behaviour-fingerprinting). Identify when the traffic stops and who leaves the building after and with a year of monitoring you can exclude all the co-workers that left before or did not arrive before your web-traffic stopped.