Category: Security

Security is immunity from the will of others.

Macs are also vulnerable

If you think your computer is secure because it is a Mac, you are dead wrong. The latest patch for OS X – 10.6.8 – contains 29 patches for security holes that allow arbitrary code execution. Any of those holes could be used to totally own your computer, circumventing any antivirus or encryption software you may be running. These 29 have been patched, but you can be sure there are others in the OS and in popular software like Flash and Adobe’s PDF reader.

If you want to keep a system safe, keep it physically disconnected from the internet.

Fischer Random Chess

Those who are looking to become decent chess players seem to need to learn a repertoire of openings, tactical skills, and endgame patterns.

With standard chess, that seems to involve a lot of memorization, especially insofar as openings are concerned. They have largely been analyzed with computers, and people know what the strongest lines and responses are (though there are novelties in top-level play).

Fischer Random Chess is a bit encouraging in that it reduces the usefulness of memorization and forces a bit of creativity into every game. By randomizing the position of the back-row pieces like knights and bishops, it creates a wide variety of different starting positions. It is not feasible for human beings to memorize ideal lines in all of them, though computers will surely be able to do so eventually.

For the moment, however, during games between human beings, Fischer Random Chess seems to have good potential as a way of make the game more about realizing the implications of positions that are new to you, and less about remembering ideal responses calculated elsewhere.

Take rainbow tables out of chess! (at least some of the time)

P.S. The Chronos GX chess clock can produce randomized positions for ‘Shuffle Chess’, but it does not follow the Fischer Random Chess rule about having the king between the rooks. I wish it did, since I think Fischer Random Chess is likely to produce more balanced results than completely random shuffle chess, in terms of reducing the number of positions in which white has an overwhelming first-mover advantage and making castling reasonably fair and simple.

P.P.S. The Fischer Random rules are also probably better than shuffle chess insofar as they produce a game more similar in character to chess. It’s like chess, but with less focus on memorization. It’s not a totally different game.

What Google knows

I wrote before about how Google’s “Don’t be evil” slogan is really the minimum requirement for such a powerful organization.

Jacob Mchangama, a Danish human rights lawyer, has put this in a nice way: “The dream of all dictators is to know as much about you as Google does”.

Incidentally, that is all the more reason for companies like Google to refuse to comply with illegal search requests from governments.

Ratko Mladic at the International Criminal Court

It is encouraging whenever the ICC or ad hoc international criminal tribunals manage to get their hands on someone accused of war crimes or crimes against humanity. Such prosecutions have the promise of producing a credible record of what took place, potentially providing some comfort to surviving victims, and perhaps somewhat improving the conduct of other political and military leaders elsewhere in the world.

Theft

Over the course of my life, very few things have been physically stolen from me.

When I was in high school, I had a bunch of stuff stolen when we got burgled. I lost all my CDs, a CD player, and so on. It was all covered by insurance. In university, I was burgled again and lost a camera, a PlayStation (with a near-perfect Final Fantasy VII savegame on the memory card), and some miscellaneous stuff that was not insured.

I was unsuccessfully mugged a couple of times in Vancouver. In each case, the people involved were not very determined and accepted “I don’t have any money” as an answer. I had some cash relatively subtly threatened out of me in Morocco once, also. Finally, I recall having a fairly small amount of cash stolen from me at a summer camp once.

I don’t think I have ever been defrauded or pick-pocketed. I have never had a vehicle stolen (not even a bike).

What about others? Has any physical thing been taken from you against your will using force, the threat of force, or trickery?

Preventing accidental nuclear war

One of my biggest fears is that a nuclear war could start by accident, or as the result of a miscalculation. Some national leader could push a threat too far, an exercise could be misinterpreted, things during a conventional war could get out of control, and cities could suddenly get incinerated.

It seems quite likely that Canada’s major cities are the targets of ex-Soviet missiles spread around Russian subs and silos. We may be the targets of Chinese bombs, as well.

Two important policy objectives seem to be (a) keeping additional countries from developing nuclear weapons (b) reducing the stockpile of weapons possessed by existing nuclear weapon states and (c) building systems that reduce the chances of accidents, including permissive action links to prevent unauthorized use of bombs and delays in hair-trigger systems.

The Spy Who Came in from the Cold

Recently, I found John Le Carré’s Tinker, Tailor, Soldier, Spy to be an entertaining distraction from less accessible books I am working on. A couple of days ago, driven by the desire to read something a bit zippier than my many books on environmental economics, I picked up Le Carré’s The Spy Who Came in from the Cold. All told, I would say it is a somewhat better book than the one I read before. It includes a few interesting bits of tradecraft, and somewhat more commentary on the business of espionage itself. Le Carré has a talent for writing plausible observations on human character, and expressing them well. This is also clearly a fairly personal book for him.

It’s a decent choice for a summer read, especially if you are a politics and/or security nerd. As a tract on the amorality of the intelligence services, it is also a potentially useful counter to their moral glamorous portrayal in other fiction.

Diaspora – a less evil Facebook?

I am increasingly wary of Facebook. I don’t trust them with my photos, phone number, or full name. I worry about all the information they can extrapolate from my web of friends.

My hope is that Disapora will emerge as a less evil social network – one that supplies the considerable benefits of social networking, but with real respect for the privacy and interests of users.

Thanks to my friend Alison, I have an account on the alpha version of Diaspora. I have some invitations, so if anyone is especially keen to give it a try, they should let me know.

Test for a sentient species: can you run a planet?

In the very long term, the survival of the human species depends upon developing the capability to colonize other planets. Earth is always vulnerable to major asteroid and meteor impacts, and there will come points billions of years in the future when the carbon cycle ends and when the sun becomes a red giant.

As of today, however, humanity has more pressing problems. Indeed, it is not at all clear that humanity will be able to survive the next few centuries. We continue to abuse the planet – exhausting non-renewable resources and accumulating dangerous wastes. At the same time, the world is still wired up for a Dr. Strangelove-style nuclear war, with thousands of cities incinerated with thermonuclear bombs, followed by nuclear winter.

In a way, perhaps overcoming those challenges and any others that arise in the next few centuries will be an important test for humanity. If we were to spread through the galaxy now, we would arguably be spreading as a malignancy: a species that cannot manage itself, and which brings the risk of ruin to any place it visits. If we can spend the next few centuries producing a global society that is safe and sustainable, perhaps we will have gained the maturity to carry something valuable outwards – something that better represents the potential of humanity, when compared with the messes we have produced for ourselves at this stage in history.

Smartphones and location data

There have been some worrisome revelations recently about Apple and Google tracking people by the location of their cell phones. In Google’s case, the tracking may be part of an advertising strategy.

It seems like online privacy is really a losing battle these days. Perhaps consumer anger about these latest tracking allegations will encourage regulators to keep a closer eye on what sort of monitoring technologies are being deployed without the full understanding of consumers.