The point about long-term secrecy is interesting, however, it can be cheaply addressed with classical cryptography, in a provably secure way (NOT depending on any computational assumptions like RSA).
You still need more assumptions than with QC, which is why I don't exactly buy this approach, but if you really need long-term security, you might consider this scheme.
As for QC, it is expensive, point-to-point only, and makes sense only if you are worried about somebody breaking RSA or a similar problem. But the worst thing about QC is that we have no practical experience with it. QC may be theoretically unbreakable, but what about all the accompanying software and the normal communication channels that are necessary for QC to work, and standard attacks against those channels? QC is not only quantum transmission, but the whole suite of accompanying (classical) protocols, whose implementation might be seriously broken. We don't know. Why should anyone spend large amounts of money on something that may be, and in the current implementation probably is, broken and not secure at all?
This proposal reminds me of communist Poland 1945-1989: not only did you need permission to leave the country but you had to actually return your passport within two weeks from coming back from abroad. Wait until DoHS comes up with a similar proposal...
During the cold war, the US stood for "freedom" as opposed to the civil liberty restrictions of the communist regime. Now, when the communist enemy doesn't exist, the US seems to be willing to adopt what it fought against not so long ago. It's so ironic...
Paper trails are just as susceptible to fraud as electronic
systems.
I don't think so. Most of the security expertise developed in the
last thousands years is tailored to physical limitations of the
physical world around us. If your house is on fire, and the fire
brigade respond within 10 mins, that's usually good enough.
Similarly, if the police respond to a bank robbery within 10 mins, the
robbers won't escape too far. All because of the limitations of
physical objects and people.
Now, the virtual electronic world is very different because it
operates at speeds orders of magnitude higher than the real world. As
a result, our expertise at quick incident response is completely
useless. For example, a million-fold increase in speed corresponds to
the fire brigade response time of 20 years!!!
No wonder that, given this lack of expertise and experience, the
only effective security measures in today computer systems are those
that prevent an attack before it happens. However, in many cases, the
cost of such preventive measures is prohibive or impossible because of
personal freedoms (just imagine every citizen being constantly
monitored by a decidated police officer to prevent crime).
We still have to learn how to do computer security in the cheaper,
incident-response way, so common in the real world. Until then, we
have to rely on half-measures. For example, many hardware security
module manufacturers deliberately slow their products down to mitigate
the problem. For critical voting system, slowing things down even
more, to human speed, and using physical object only (such as pen and
paper) seems to be the best solution available at the moment.
OK, this is about Internet voting, so slightly off-topic, but I
believe still relevant.
Most of the computer science graduates I've met, even those I'd
consider top students, see nothing wrong with the concept of Internet
voting. "Pen and paper? Are you crazy? This is the 21st century,
man!" is a common reaction.
Take Poland as an example. I'd like to believe that computer science
courses at top Polish universities are comparable in quality to top UK
universities. That is, except for computer security classes, which
still teach little more than cryptography. Many students know the
structure of DES by heart, but have no clue how to apply cryptographic
primitives to build secure systems. One of the most important
principles, "never invent your own ciphers or protocols" is never told
them. Such people go to the industry to build nation-wide critical
dependable systems. The fact that these are the best people my
generation has really scares me.
I believe we really need more real security experts teaching security
courses. People who, while appreciating the mathematics in
cryptography, also understand security threats in the real world.
Because the current generation of students will build systems we'll
depend on in the future. If they don't stand up and convince the
public against politicians and businessmen's "progressive"
money-making ideas of Internet voting, nobody will.
It's interesting they've announced it now, just after the grand failure of their voice recognition demo. I bet they have a pool of cool features to announce just after events like that, to distract people from events they wouldn't like them to remember.
To start with, I've never used any voice recognition software. Nevertheless, I think voice recognition is way overhyped as a concept for word processing, even assuming it works flawlessly. Here is why.
First of all, spoken English is very different from written English. Try to record a typical conversation and then write it down exactly as you hear it. You'll notice almost no structure, very short phrases, no full stops, no commas, etc. You can't send such a "document" to anybody.
So, if want your text to have any quality, you'll spend much more time editing it than actually writing new words. Now try to edit your document efficiently using voice recognition software. Marketing voice-recognition as a keyboard replacement for producing documents ("it's so fast and easy, you don't even have to learn how to type") is just bullshit.
Sometimes, you don't need quality, for example when writing a short note to a friend. But isn't it then easier just to record yourself and let the receipient listen to your message directly (like voicemail)? What's the point of having a computer do voice recognition if humans can do it much better?
Finally, voice recognition defies privacy. Do you seriously want to dictate an intimate email/letter to your girlfriend? Why do you think text messaging got so popular?
I see voice recognition useful in two cases: (1) if the final receipient is a computer system, for example, star-trekish "computer, dim the light in this room", (2) the author is disabled so that he/she can't use the standard keyboard.
"According to local laws, regulations and policies, part of the search results is not being shown."
This is very different from replacing individual search result items with "this result has been censored".
In communist Poland 60s-80s, it wasn't uncommon to see entire articles in newspapers replaced by "this article has been censored". But at least you knew what they removed. On the other hand, who reads the smallprint at the bottom of a webpage?
Recently, I read an excellent sci-fi novel, Golden Age, which takes on these two concept quite seriously. It portrays an ultimately free, utterly law-abiding, libertarian future society, with privacy rules enforced by etiquette and private institutions rather than public law.
Privacy is reduced to bare minimum, for example, making it customary to subject yourself to a mind-read in order to prove your good intentions. I'm posting this here because the book contains detailed justifications why the society evolved in this direction, and then explores problems with this system.
Very interesting read for those interested in "philosophical sociology".
Slashdot Mirror
The point about long-term secrecy is interesting, however, it can be cheaply addressed with classical cryptography, in a provably secure way (NOT depending on any computational assumptions like RSA).
http://athome.harvard.edu/dh/hvs.html
You still need more assumptions than with QC, which is why I don't exactly buy this approach, but if you really need long-term security, you might consider this scheme.
As for QC, it is expensive, point-to-point only, and makes sense only if you are worried about somebody breaking RSA or a similar problem. But the worst thing about QC is that we have no practical experience with it. QC may be theoretically unbreakable, but what about all the accompanying software and the normal communication channels that are necessary for QC to work, and standard attacks against those channels? QC is not only quantum transmission, but the whole suite of accompanying (classical) protocols, whose implementation might be seriously broken. We don't know. Why should anyone spend large amounts of money on something that may be, and in the current implementation probably is, broken and not secure at all?
During the cold war, the US stood for "freedom" as opposed to the civil liberty restrictions of the communist regime. Now, when the communist enemy doesn't exist, the US seems to be willing to adopt what it fought against not so long ago. It's so ironic ...
Paper trails are just as susceptible to fraud as electronic systems.
I don't think so. Most of the security expertise developed in the last thousands years is tailored to physical limitations of the physical world around us. If your house is on fire, and the fire brigade respond within 10 mins, that's usually good enough. Similarly, if the police respond to a bank robbery within 10 mins, the robbers won't escape too far. All because of the limitations of physical objects and people.
Now, the virtual electronic world is very different because it operates at speeds orders of magnitude higher than the real world. As a result, our expertise at quick incident response is completely useless. For example, a million-fold increase in speed corresponds to the fire brigade response time of 20 years!!!
No wonder that, given this lack of expertise and experience, the only effective security measures in today computer systems are those that prevent an attack before it happens. However, in many cases, the cost of such preventive measures is prohibive or impossible because of personal freedoms (just imagine every citizen being constantly monitored by a decidated police officer to prevent crime).
We still have to learn how to do computer security in the cheaper, incident-response way, so common in the real world. Until then, we have to rely on half-measures. For example, many hardware security module manufacturers deliberately slow their products down to mitigate the problem. For critical voting system, slowing things down even more, to human speed, and using physical object only (such as pen and paper) seems to be the best solution available at the moment.
OK, this is about Internet voting, so slightly off-topic, but I believe still relevant.
Most of the computer science graduates I've met, even those I'd consider top students, see nothing wrong with the concept of Internet voting. "Pen and paper? Are you crazy? This is the 21st century, man!" is a common reaction.
Take Poland as an example. I'd like to believe that computer science courses at top Polish universities are comparable in quality to top UK universities. That is, except for computer security classes, which still teach little more than cryptography. Many students know the structure of DES by heart, but have no clue how to apply cryptographic primitives to build secure systems. One of the most important principles, "never invent your own ciphers or protocols" is never told them. Such people go to the industry to build nation-wide critical dependable systems. The fact that these are the best people my generation has really scares me.
I believe we really need more real security experts teaching security courses. People who, while appreciating the mathematics in cryptography, also understand security threats in the real world. Because the current generation of students will build systems we'll depend on in the future. If they don't stand up and convince the public against politicians and businessmen's "progressive" money-making ideas of Internet voting, nobody will.
I believe this Internet voting vulnerability report should be a compulsory read at all computer security courses.
I'm waiting for the first virus to take advantage of this "undelete" feature: I bet its name will be "Double The Killer Delete"
Rumour has it that deleting files securely will be possible with the new Vista tool double-the-killer-delete.exe.
It's interesting they've announced it now, just after the grand failure of their voice recognition demo. I bet they have a pool of cool features to announce just after events like that, to distract people from events they wouldn't like them to remember.
To start with, I've never used any voice recognition software. Nevertheless, I think voice recognition is way overhyped as a concept for word processing, even assuming it works flawlessly. Here is why.
First of all, spoken English is very different from written English. Try to record a typical conversation and then write it down exactly as you hear it. You'll notice almost no structure, very short phrases, no full stops, no commas, etc. You can't send such a "document" to anybody.
So, if want your text to have any quality, you'll spend much more time editing it than actually writing new words. Now try to edit your document efficiently using voice recognition software. Marketing voice-recognition as a keyboard replacement for producing documents ("it's so fast and easy, you don't even have to learn how to type") is just bullshit.
Sometimes, you don't need quality, for example when writing a short note to a friend. But isn't it then easier just to record yourself and let the receipient listen to your message directly (like voicemail)? What's the point of having a computer do voice recognition if humans can do it much better?
Finally, voice recognition defies privacy. Do you seriously want to dictate an intimate email/letter to your girlfriend? Why do you think text messaging got so popular?
I see voice recognition useful in two cases: (1) if the final receipient is a computer system, for example, star-trekish "computer, dim the light in this room", (2) the author is disabled so that he/she can't use the standard keyboard.
Haven't read the article thoroughly, but the author seems to confuse to concepts in Relativity:
The four-dimensional speed is defined as d(t,x,y,z)/dtau, not d(t,x,y,z)/dt, so the first component is dt/dtau, not dt/dt = 1, as the author suggests
This mistake invalides the whole article.
This is very different from replacing individual search result items with "this result has been censored".
In communist Poland 60s-80s, it wasn't uncommon to see entire articles in newspapers replaced by "this article has been censored". But at least you knew what they removed. On the other hand, who reads the smallprint at the bottom of a webpage?
Privacy is reduced to bare minimum, for example, making it customary to subject yourself to a mind-read in order to prove your good intentions. I'm posting this here because the book contains detailed justifications why the society evolved in this direction, and then explores problems with this system.
Very interesting read for those interested in "philosophical sociology".