Category: Security

Security is immunity from the will of others.

It comes in threes

Claire Leigh working

The first substantive chapter of the thesis is about problem identification and investigation. This is not being treated as necessarily temporally prior to the next two substantive chapters (consensus formation and remedy design), but the three do seem analytically separable. Throughout the triptych, at least three themes are likely to be ever-present: the moral relevance of uncertainty, the importance of social roles, and the ways in which normative assumptions are embedded and concealed within processes.

The confluence of three other things defines the reasons for which this thesis is a novel contribution: the exploration of those themes, the combination and comparison of the two case studies, and the focus upon the contribution that international relations as a discipline can make to the subject at hand. Having those three overlapping reasons is comforting, because it means I am quite unlikely to be utterly scooped by someone else who is looking at the same problems in similar ways.

Pragmatically, it does seem like the environment is likely to be a growth area in international relations. That said, there are three major possibilities for the future overall:

  1. Climate change proves to be less threatening than the worst case, runaway change scenarios would suggest; other environmental problems prove manageable
  2. Climate change is as bad as some of the most pessimistic assessments claim, but it is uniquely threatening among environmental problems
  3. For whatever reason (population growth, economic growth, technological progress, etc) additional problems of the climate change magnitude will arise

If I had to put my money on one of those options, it would be the second. I can see human behaviour causing all manner of specific problems, both localized or confined to particular species or elements of the environment. It is hard to see another human activity (aside from the danger of nuclear war) that threatens the possibility of human society continuing along a path of technological and economic evolution, during the next three to five hundred years.

‘Able Archer’ and leadership psychology

If you have any interest in nuclear weapons or security and you have never heard of the 1983 NATO exercise called ‘Able Archer’ you should read today’s featured Wikipedia article.

One fascinating thing it demonstrates is the amazing willingness of leaders to assume that their enemies will see actions as benign that, if they had been taken by those same enemies, would be seen as very aggressive. Case in point: the issues America is raising about Iranian intervention in Iraq. If Iran was involved in a major war on America’s doorstep, you can bet that there would be American intervention. This is not to assert any kind of moral equivalency, but simply to state the appallingly obvious.

The environment as a security matter

Of late, it has become somewhat trendy to consider the environment as a ‘security’ issue. The most frequently cited example is the danger of massive refugee slows caused by environmental factors (such as climate change or desertification). Also common are assertions that people will soon begin fighting wars over natural resources. While massive environmental change can obviously spark conflict, I am skeptical about claims that this constitutes a major change in the character of international security.

To me, the first strain of thinking seems a lot more plausible than the second. There are already island nations that need to think seriously about what the 7-23″ rise in sea levels by 2100 projected in the fourth IPCC report will mean for their habitability. Environmental factors like soil quality and rainfall have helped to determine the patterns of human habitation and production for all of history, and it is unsurprising that changes in such things could have serious disruptive effects. Large scale population movements, both within and between states, are concerning because of the level of suffering they generally involve, as well as the possibility that they will have problematic secondary effects such as inducing conflict or spreading infectious disease.

The idea of resource wars is one that I think has been overstated and, to some extent, misunderstood. There are certainly resources that can and have been fought over, and resource issues frequently play a role in establishing the duration and character of conflicts. Armed groups with no economic base cannot long persist in the costly business of war-fighting. That said, the idea that states will go to war over something like water seems, in most cases, implausible. War is an exceptionally costly enterprise – much more so than new purification or desalination facilities. Also, most water problems arise from irrational patterns of usage, often themselves the product of a distorted cost structure. While equity compels that people should be provided with enough water for personal needs as a standard function of government, it simply makes sense that those using it on a very large scale pay for it at a level that accurately reflects the costs of production. If that happened, we would see a lot more drip-feed irrigation and a lot fewer leaky pipes. Some perspective is also in order: producing all of the world’s municipal water through oceanic desalination would cost only 0.5% of global GDP, and there is no reason to think that such a drastic step will ever be necessary.1

I am not saying that resources and conflict are unrelated: I am saying there is no reason to believe hyperbolic claims about the nature of international security being fundamentally altered by resource issues. It is also worth noting that conflicts over resources are often used as justifications to engage in actions that can be more sensibly explained by considering other causes.

Thinking about the environment as a security issue has implications both for prevention and mitigation behaviours. Because politicians and the general public place a special emphasis on matters of security, spinning the environment that way can be a form of rent seeking. Those who see the need to do more as pressing may find that this kind of resource transfer justifies selling the security side of the environment more than they otherwise would. On the mitigation side, it suggests that dealing with environmental problems may require forceful action to prevent or contain conflicts. Given the aforementioned costs of such actions, the case to take preventative action against probable but uncertain threats becomes even stronger.

[1] Shiklomanov, Igor A. “Appraisal and assessment of world water resources.” Water International. 25(1): 11-32. 2000

PS. People interested in the hydrosphere may enjoy reading the accessible and informative chapter on it in John McNeill’s Something New Under the Sun. this report from SOAS on water and the Arab-Israeli Conflict also makes some good points.

More amateur cryptography

One of the oldest problems in cryptography is key management. The simplest kind of cryptographic arrangement is based on a single key used by however many parties both for encryption and decryption. This carries two big risks, however. In the first place, you need a secure mechanism for key distribution. Secondly, it is generally impossible to revoke a key, either for one individual or for everyone. Because of these limitations, public key cryptography (which utilizes key pairs) has proved a more appropriate mechanism in many applications.

Once in a while, now, you read about ‘unbreakable’ cryptography based on quantum mechanics. The quantum phenomena employed are actually used for key generation, not for the actual business of encrypting and decrypting messages. Like the use of a one-time pad, the symmetric keys produced by this system hold out the promise of powerful encryption. Of course, such systems remain vulnerable both to other kinds of cryptographic attacks, particularly the ‘side channel’ attacks that have so often been the basis for successful code-breaking. Recent examples include the cracking of the encryption on DVDs, as well as Blu-Ray and HD-DVDs.

An example of a side-channel attack is trawling through RAM and virtual memory to try and find the password to some encrypted system. When you login to a website using secure socket layering (SSL), the data sent over the network is encrypted. That said, the program with which you access the site may well take the string of text that constitutes your password and then dump it into RAM and/or the swap space on your hard disk somewhere. Skimming through memory for password-like strings is much less resource intensive than simply trying every possible password. Programs like Forensic Toolkit by AccessData make this process easy. People who use the same string in multiple applications (any of which could storing passwords insecurely) are even more vulnerable.

As in a large number of other security related areas, people using Apple computers have a slight advantage. While not on by default. if you go into the security menu in the system preferences, you can turn on “Use secure virtual memory.” This encrypts the contents of your swap space, to help protect against the kind of attack described above.

The real lesson of all of this is that total information security can never be achieved. One just needs to strike a balance between the sensitivity of the data, the probability of it coming under examination, and the level of effort that would be required to overcome whatever security is in place.

PS. My PGP public key is available online, for anyone who wants to send me coded messages. Free copies of the encryption software Pretty Good Privacy (PGP) can also be easily downloaded.

GMail security hole

Path to Marston

As people who read techie news pages like Engadget and Slashdot already know, a somewhat serious security flaw in GMail has recently been uncovered. Specifically, when you are logged into GMail in one browser window or tab, any other site you visit can grab your entire contact list. Whether that is a serious leak or not is a matter of perspective. Certainly, it exposes all of your friends of even more spam than they already receive.

Read the following carefully before you click anything. If you want to see the script that grabs contact lists at work, follow this link. Engadget says it’s “non-malicious,” but the risk is yours. The bug arises from the way in which GMail stores your contacts as a JavaScript file that can be requested by other websites. Google claims they have fixed the bug but, as the link above will prove, they have not.

Plausible attacks

A site that wanted to be really sneaky could exploit this information in many ways. At the very least, it could be used to very easily identify many of the people who are visiting. Knowing someone’s contact list might help in the launching of phishing attacks. It could, for example, make it easier to work out what company someone works for. You could then find out who does their information technology and send spoofed emails that seem to come from the IT department, asking for passwords or other sensitive information.

If it is a site that contains content that many people would not want others to know that they view, it could grab the email addresses for people with the same last name as you and threaten to send them information on your surfing history. A less complicated ploy would be to use emails that seem to come from people who you know to get through spam filters. Because of email spoofing, it is very easy to make messages seem to be coming from someone else.

Implications

As someone with 1037 MB of data in my main GMail account – including 14,410 emails and more than 1500 instant message conversations – I am naturally very concerned about GMail security. There is tons of stuff in there that I would be profoundly opposed to seeing on a public search engine, as has already happened in at least one case with private GMail data.

Contrary to their own assertions, Google had analysed and indexed all e-mails processed through their mail service. Due to a mistake made by an administrator, a database of the highly secret project was mirrored onto the external index servers, and as a result, the private mails of thousands of GMail users could be accessed via the search front-end for at least one hour.

Source

Clearly, it would be preferable if GMail started using durable encryption on their archived messages. This would both protect the messages from hostile outsiders and keep Google from doing anything undesirable with them. Even a passphrase based symmetric-key encryption system (perhaps based on AES) would be an improvement. I bet all the students at Arizona State University, which had turned to GMail to provide all their email services would feel likewise, if they knew.

[Update: 8:30pm] This article by Brad Templeton, the Chairman of the Electronic Frontier Foundation, makes some good general points about GMail and privacy.

[Update: 11:00pm] According to Engadget, this hole has been fixed. It’s good that it was dealt with so quickly, but there are still reasons to be concerned about GMail security in general.

[Update: 2 January 2007] The mainstream media has caught up with the story. CBC News: Teen exposes Google security flaw.

[Update: 18 July 2008] GMail just added a very useful ‘Activity on this account’ feature. It tells you (a) whether any other computers are logged into account and (b) when and where the last five logins took place from. This is excellent.

Back in the UK

Istanbul cats

Back in the comparative warmth of Oxford, I am enjoying how it feels to be on a computer with a properly calibrated screen and a keyboard familiar enough to require no peeking. It is gratifying to see how much better my photos look when properly displayed.

Since this is my father’s last night in England, I am not going to spend the three hours or so that it will take to sort through my photos from Turkey, just now. You can expect my previous entries to start getting illustrated as of tomorrow, as well as additional batches on Facebook and Photo.net.

PS. Both my iPod Shuffle and my USB flash drive picked up a few viruses over the course of visiting hostel and internet cafe computers. Thankfully, they are all viruses that only affect Windows machines. Travelers with laptops (or computers running Windows back home) beware. I do feel bad about spreading viruses between all those machines; no wonder they were so slow.

Fraud via disappearing ink

A particularly cunning sort of fraud is occurring in the UK right now: someone comes to your door and convinces you to donate to worthy charity X. You agree, and bring out your chequebook. The fraudster hands you their pen, to fill out the cheque. The ink of of a vanishing sort and, after the transaction, the fraudster traces your signature from the groove in the paper, (generally) re-writes the original amount for the cheque, then puts their own name as the payee. Since most people only check amounts (and banks check nothing at all, unless the customer asserts that fraud has taken place) the fraudster makes off with however many charitable donations.

My personal inclination is to see this as one more among many reasons why cheques are no longer a decent form of payment.

Camera phones and police brutality

One very considerable advantage of the greater dissemination of video phones is increased ability to effectively document police brutality and other abuses of power. A recent example example involves UCLA police officers gratuitously using tazers on students in a library. While that situation cannot be entirely understood from the YouTube video, it supports testimony given elsewhere that the use of force was excessive and inappropriate. Hopefully, these tazer-happy UCLA police officers will end up in jail. At least one other incident filmed with a camera phone and uploaded to YouTube is being investigated by the FBI. That incident is also discussed in this editorial.

As I have said again and again here: protection of the individual from unreasonable or arbitrary power – in the hands of government and its agents – is a crucial part of the individual security of all citizens in democratic states. In a world where normal activities increasingly take place within sight of CCTV cameras, it’s nice to see that recording technology can also work for the protection of individuals or – at least – improve the odds of things being set to rights after abuse takes place.

Just don’t expect for it to be impossible for people to determine whose camera was used to shoot the video. Apparently, output from digital cameras can be linked to the specific unit that produced it.

American midterm elections today

Those looking for more polling data than they will know what to do with, for today’s midterm elections in the United States, should have a look at Pollster.com. For first year M.Phil students nervous about the quantitative methods test, it might be worthwhile reading as well.

I will definitely be watching the news closely between now and whenever the House and Senate races are settled. Hopefully, none of the quite justified concerns about problems with electronic voting machines will manifest themselves. Unfortunately, the vulnerabilities exposed by the Princeton study and others could be exploited in ways that could never be detected by electoral officials. Anyone who thinks that electronic votingi s secure, with paper ballots and automatic auditing of part of the vote, should watch this short video produced by the Princeton team.

No matter which way this election goes, fixing the mechanics of the electoral system should be a huge priority before the 2008 elections. Relevant previous posts:

Also well worth a look: