Security – Page 55 – a sibilant intake of breath

On conspiracy theories

Partly prompted by a Penn and Teller episode, and partly by a post written by my friend Tristan, I have been thinking about conspiracy theories today. On what basis can we as individuals accept or refute them? Let’s take some examples that Penn and Teller raise: the reality of the moon landings, the nature of the JFK assassination, and the nature of the September 11th attacks. It should be noted that this is the worst episode of theirs I have ever seen. It relies largely upon arguments based on emotion, backed by the testimony of people to whom Penn and Teller accord expert status, rather than a logical or empirical demonstration of why these theories should be considered false.

Normally, our understanding of such phenomena is mediated through experts. When someone credible makes a statement about the nature of what took place, it provides some evidence for believing it. Penn and Teller amply demonstrate that there are lots of crazy and disreputable people who believe that the moon landing was faked, some strange conspiracy led to the death of JFK, and CIA controlled drones and explosives were used to carry out the September 11th attacks. That said, it hardly disproves those things. Plenty of certifiably insane people believe that the universe is expanding, that humans and viruses have a common biological ancestor, and that any whole number can be generated by adding powers of two (365 = 2^8 + 2^6 + 2^5 + 2^3 +2^2 + 2^0). That doesn’t make any of those things false.

We really have three mechanisms to work with:

Empirical evidence
Logical reasoning
Heuristic methods

As individuals confronted with questions like those above, we almost always use the third. While those with a powerful telescope and the right coordinates could pick out all the junk we left on the moon, most people lack the means. Likewise, those with a rifle, a melon, and some time can learn the physics behind why Kennedy moved the way he did when he was shot, despite Oliver Stone‘s theories to the contrary. Finally, someone with some steel beams, jet fuel, and mathematical and engineering knowledge can model the collapse of the twin towers as induced by heat related weakening of steel to their heart’s content. Normally, however, we must rely upon experts to make these kinds of judgements for us, whether on the basis of sound technique or not.

Logical reasoning is great, but when applied strictly cannot get us very far. Most of what people call ‘logic’ is actually probabalistic reasoning. Strict logic can tell us about things that are necessary and things that are impossible. If every senior member of the American administration is controlled by an alien slug entity, and all alien slug entitites compel their hosts to sing “Irish Eyes are Smiling” once a day, we can logically conclude that all members of the American administration sing “Irish Eyes are Smiling” every day. Likewise, if all bats are bugs, all non-bugs must be non-bats. Entirely logically valid, but not too useful.

A heuristic reasoning device says something along the lines of: “In the more forty years or so since the moon landing, nobody has brought forward credible evidence that they were faked. As such, it is likely that they were not.” Occam’s razor works on the same kind of principle. This is often the best kind of analysis we can manage as individuals, and it is exactly this that makes conspiracy theories so difficult to dislodge. Once you adopt a different logic of probability, for instance one where certain people will stop at nothing to keep the truth hidden, your probabilistic reasoning gets thrown out of whack.

How, then, should we deal with competing testimony from ‘experts’ of various sorts, and with the fallout of our imperfect ability to access and understand the world as individuals? If there was a pat and easy answer to this question, it would be enormously valuable. Alas, there is not, and we are left to try and reach judgments on the basis of our own, imperfect, capabilities.

PS. For the record, I believe that the moon was almost certainly walked upon by humans, that Oswald quite probably shot John F. Kennedy on his own initiative, and that the airplanes listed in the 9/11 report as having crashed where they did actually did so. My reasons for believing these things are almost entirely heuristic.

Policy proportionality

I know it’s a theme I have raised many times, but it remains puzzling to me: why are democratic societies so uniquely incapable of accepting the costs associated with terrorism? If you try to circumscribe any kind of dangerous activity, from smoking to extreme sports, you will find plenty of people ready to wave the banner of liberty and claim that the deaths and injuries are worth the costs of the freedom.

If you add up the casualties of all the terrorist attacks worldwide since the end of the Cold War, you arrive at a number that is a small fraction of the number of deaths from alcohol poisoning, from AIDS, from obesity related illness, or from automobile accidents. Heart disease killed 696,947 Americans in 2002, while cancer killed 557,271. About 400,000 died from tobacco usage, while alcohol killed 100,000. And yet there is no call to reorganize society to deal with these horrific threats. We make that choice not because societal re-organization could not eliminate these problems, but because the costs of doing so (or trying to do so) exceed those we are collectively willing to bear to achieve these ends.

In response to a failed two-man terrorist plot in Germany, The Economist claimed that Germany is “immune no more” and that terrorism is sure to “leap up the list” of people’s concerns. Even if the attack had succeeded, it would still be only a blip in the passing into and out of life of the mass of people who we describe as Germany. The same is true of every terrorist plot in history. Yet they have, by contrast, generated shifts in law and power out of all proportion to their lethality or the amount of harm they cause.

Just as terrorists are adept at exploiting the physical infrastructure of modernity to generate and amplify their attacks – coordinating attacks on aircraft over the internet – they exploit the psychology of modernity to generate an emotional impact out of all proportion to the harm caused. The sane response, it seems, is to accept the hundreds or thousands of deaths as a cost we may have to pay in order to continue to live in a free society – just as we accept the deaths from automobile accidents or fatty foods. The point isn’t that we cannot or shouldn’t take precautions (whether we are discussing terrorism or car crashes), but that we should consider them sensibly and in keeping with the actual seriousness and scope of both the threats that exist, and the entities that we may choose to create or empower to deal with them.

Major vulnerability of mechanical locks

To those who retain faith in mechanical pin and tumbler locks, a bit of information on the bump key as a means of picking them may unsettle you. It’s a hot topic on many of the news aggregation sites online at the moment (Metafilter and Engadget 1 and 2, for instance), but those who don’t frequent such sites may find it helpful to know. Perhaps the biggest issue is that this technique does not produce signs of forced entry, which may cause problems when making insurance claims.

This Dutch television segment shows how absurdly easy it is to open even quite expensive locks using a key cut in a particular way, an object to whack it with, and no skill whatsoever. Definitely enough to make a person fearful for their laptop, music equipment, etc. That is especially true in an area that has as high a burglary rate as North Oxford. Just last night, Emily saw someone trying to get into her flat. Thankfully, the front door of our flat uses horizontally-oriented “dimple” keys (Mul-T-Lock brand), that are somewhat less vulnerable to this attack (see the last PDF linked at the bottom of this post). Even so, our internal doors, as well as basically all the ones in Wadham College, use the pin and tumbler design vulnerable to bumping. Here is another video on how to make and use a bump-key. Apparantly, anyone with a file, a reasonably steady hand, and a bit of time can make their own.

The alternatives generally advanced to get around such vulnerabilities are other sorts of mechanical locks, electronic access control systems, or systems that use both mechanical and electronic elements (a system used increasingly often in cars). While they do have problems of their own, electronic access control systems do have many appealing features. In particular, if one were to use low-cost RFID tags or simple swipe-cards with a pre-set code as an authentication token, it would be easy to maintain a database of allowed and disallowed keys. If you lost your keys, you could disable that one and issue yourself a new one. Likewise, temporary keys could be issued to people, and restrictions could be placed upon the hours at which certain keys could be used. Features like these are what make keycard based systems so appealing, as well as common in commercial settings.

The first downside of such conversion is cost: replacing locks is expensive. Secondly, such systems are open to other kinds of attacks that people may not understand as easily. Thirdly, if an electronic lock fails in a profound way (no longer responds to authentication tokens), you have little choice but to break down the door or saw through the frame and bolt. Once again, the nature of security as a perpetual trade-off is demonstrated.

More detailed information (PDF) on key bumping is available from Security.org. Also, from The Open Organization of Lockpickers (TOOOL) (PDF).

On risk and decision making

In a complex world, understanding risk and responding to it properly is an essential human skill. Every kind of important decision involves it: from making choices about where to get electrical power to deciding whether to walk home through a dark city or let your children use the internet.

The manipulation of risk-related thinking is an increasingly obvious trend, with two major facets. The first is manipulation of the data upon which people base their decisions. The media, for instance, grossly exaggerates many risks. Rare phenomena, by definition, are news. Things that happen all the time (car crashes, domestic abuse) are not. As such, we worry about serial killers and terrorist attacks, when there is a vanishingly small chance either will ever harm us. Even worse, some campaigns actively deceive so as to try and achieve political ends; one particularly harmful example is education systems that misrepresent the effectiveness of contraceptives in hopes of encouraging teenagers to refrain from sex. Such campaigns are both unacceptably patronizing and quite obviously harmful. Another obvious example is the cultivation and exploitation of fear, on the part of governments, as a mechanism for securing increased power and freedom from oversight and criticism.

Such campaigns blend into the second trend: a denial that risk-related decisions must be made at the level of individuals. A natural trend of those in charge is to strip people of their ability to choose, for any of a number of reasons. There are times at which it is reasonable to force people to take certain precautions. Requiring people to have car insurance is a good example. Such cases, however, must be evaluated through public legal and political scrutiny, and justified on the basis of arguments that are critiqued and data that are legitimate and verified.

The intelligent solution is to teach good risk-related thinking. That means learning how to identify the agendas of those providing information. It means having tools to make reasonable assessments of logical arguments, as well as supporting data. That means not keeping people ignorant or keeping essential information secret. And it means teaching a perspective of individual empowerment, where the reality of trade-offs between different risks is acknowledged. Alas, it seems unlikely that such an approach is likely to be widely adopted.

More security, less freedom

While we can all be very glad this alleged plot was foiled, the new rules on carry-on baggage are going to make travelling long distances by plane truly hellish. Without more information, it is impossible to evaluate how justified they are, but they certainly appear to be quite onerous. No water; no books, magazines, or newspapers; no portable electronics of any kind. Of course, either the restrictions or all duty-free shopping will eventually have to go.

It also seems that all EasyJet flights out of all London airports are cancelled. With my EasyJet flight to Dublin in six days, I wonder what is going to happen. They seem to be offering refunds on tickets. Maybe I should take it, then pay the cancellation fee from the hostel.

Such is the power of terrorism: even when we win, we lose.

[Update: 6:52pm] Both of my current roommates have had to re-schedule flights over this: one to Austria and one to Barcelona. It seems likely that another friend’s trip to Madrid will not be happening, and that yet another friend’s flight to Canada tomorrow will be boring and uncomfortable.

[Update: 11 August] Flights from London to Dublin are back on schedule, according to EasyJet. My friend also made it to Madrid today, after all.

Something to try over the weekend: cryptography by hand

For about three and a half hours tonight, I awaited essays from next month’s tutorial students in the MCR. Having exhausted what scaps of newspaper were available, I fell back to reading a copy of Dan Brown’s Da Vinci Code, abandoned by some departed grad student.

Two hundred and sixty pages in, and unlikely to proceed enormously further, I note somewhat pedantically that there have been no codes presented. At best, there have been a series of riddles. The book would be interesting for its historical asides, if I could consider them credible.

Rather than go on about that, I thought I would write an incredibly brief primer on how to actually encrypt a message:

Crypto by hand

In the next few paragraphs, I will show you how to use a simple cryptographic device called a transposition cipher. If you really want to learn it, follow along with a pen and paper. As ciphers go, it is very weak – but it is easy to understand and learn. For starters, we need a secret message. The following is hardly secret, but it will do for a demonstration:

“DAN BROWN IS A DUBIOUS HISTORIAN”

Next, we need an encryption key. For this type of cipher, we need two or more English words that do not use any letter more than once. It is quicker if they have the same number of letters, but I will use two with different numbers of letters to demonstrate the process:

“DUBLIN PINT”

Write the first word of the key onto a piece of paper, with a bit of space between each letter and plenty of space below:

“D U B L I N”

Now, add numbers above the letters, corresponding to their order in the alphabet:

“2 6 1 4 3 5
D U B L I N”

Now, add your message (hereafter called the plaintext) in a block under. If necessary, fill out the box with garble or the alphabet in order:

“2 6 1 4 3 5
D U B L I N
D A N B R O
W N I S A D
U B I O U S
H I S T O R
I A N A B C”

Note how each word of the first keyword now has a column of text underneath it. Starting with the first column in the alphabetical ordering (B, in this case) copy out the column, starting at the top, as a string of text. Make sure you understand what is happening here before you go on. The first column, read downwards is:

NIISN

Now, add to that string the other columns, read from top to bottom, in alphabetical order. You can leave spaces to make it easier to check:

NIISN DWUHI RAUOB BSOTA ODSRC ANBIA

Clearly, each column section should have the same number of letters in it. Make sure you’ve got the transcription right before going on. Note that the string above is the same letters as are in the original message, just jumbled. As such, this system isn’t smart to use for very short messages. People will realize fairly quickly that “MKLLINAIL” could mean “KILL MILAN.”

Moving right along…

Take the strong you generated a moment ago, and put it into a block just like the one you made with the first keyword, except with the second keyword. This time, if you need letters to fill out the rectangle, make sure to use the alphabet in order. You will need to remove the excess letters when working backwards to decrypt, so you may as well make it easier.

“3 1 2 4
P I N T
N I I S
N D W U
H I R A
U O B B
S O T A
O D S R
C A N B
I A A B”

Now we have the message even more jumbled. The final encryption step is simply to copy each column in that grid out, from top to bottom, in alphabetical order according to the second keyword:

IDIOODAA IWRBTSNA NNHUSOCI SUABARBB

Note: the shorter the key, the longer each column will be. The above string is your encrypted text (called cyphertext). This final version is a jumble of the letters in the original message. Remove the spaces to make it harder to work out how long the last keyword is. If you like, you can use that put that string through a grid with another word. Each time you do that, you make the message somewhat harder to crack, though it obviously takes longer to either encode or decode.

To pass on the message, you need to give someone both the cyphertext and the key. This should be done by separate means, because anyone who has both can work out what kind of cipher you used and break your code. The mechanisms of key exchange and key security are critical parts of designing cryptographic systems – the weakest components of which are rarely the algorithms used to encrypt and decrypt.

To decode it, just make grids based on your keywords and fill them in by reversing the transcription process described above. I am not going to go through it step by step, because it is exactly the same, only backwards.

If anyone finds out about the credibility of Mr. Brown’s historical credentials, it won’t be my fault.

One word of warning: this system will not keep your secrets secure from the CIA, Mossad, or even Audrey Tautou. This cipher is more about teaching the basics of cryptography. If you want something enormously more durable that can still be done by hand, have a look at the Vignere Cipher.

PS. It is rumored that this very blog may contain a tool that automates one form of Vignere encryption and decryption. Not that it is linked in the sidebar or anything…

[Update: 27 July] Those who think they have learned the above ciper can try decrypting the following message:

BNTAFREEHOOI-LTOSIRISOTWD-FTNWAOEYSOXT-ERASEAAAKGVE

The segment breaks should make it a bit easier. The key is:

SCOTLAND HIKE

Good luck, and please don’t post the plaintext as a comment. Let others who want to figure it out do so.

On password security

I was talking with Kelly today about passwords, and how they are a fundamentally weak form of security. Supposedly, we are all meant to have different passwords for every site, so that one database being compromised by an external hacker or malicious insider won’t lead to our email and other sites being at risk. Also, we are supposed to use long and complex passwords with case-changes, numbers, punctuation, etc. (Think ‘e4!Xy59NoI2’) Together, these two requirements far exceed the capability of most human beings.

The real solution is to back up passwords with something else, so that they don’t need to be so strong. This is called two-factor authentication, and it could include something like a smart card that people carry and slot into computers along with a password so as to authenticate themselves. This is already used in cars. Inside the key or newer cars is a little chip with a radio antenna. When you try to use the key to start the car, a radio message is broadcast by the car. The chip detects it, does a bit of thinking to generate a response that authenticates the key, and re-broadcasts it. Using both the physical profile of the key and the radio challenge-response authentication system, attacks based on picking locks or freezing and cracking the cylinder inside them can be circumvented. The system obviously isn’t impossible to foil, but it is substantially more difficult in relation to the additional cost.

In the computer context, such two-factor authentication could take other forms: for instance, a little card that listens to a series of tones from an external source (over the phone, or from a computer), passes them through an algorithm and emits a series of tones in response to authenticate. This is just doing with audio what a smart card does with electricity. Ideally, the second factor would be like a credit card, in that you could have it cancelled and re-issued in the event that it is lost or stolen, immediately disabling the missing unit.

Until such a system emerges, it seems sensible to have tiers of passwords. I have two really weak passwords for things that I sometimes share with close friends. Then, I have a password for low-risk sites where there is no real harm that can come from my account being compromised. Then, I have a cascade of ever-stronger passwords. Something like LiveJournal has a pretty strong password, because it would be a pain if somebody took it over. The general vulnerabilities of passwords are:

Someone could guess it (either manually or with a brute force attack)
Someone could watch you type it in
Someone could install a hardware or software keystroke logger on a machine where you enter it
Someone could break into a database that contains it, then try using it on other sites you use
Someone could extract it from a program on your computer that stores them in an insecure way (like Windows screen-saver passwords, which can be learned using a simple program)

Most of these require physical access to a machine that you use. I would guess that the most common of these is number four. Given that most people use the same password for everything, some underhanded employee at your ISP or webmail provider could probably grab it pretty easily, as well as information on other sites you use. (Hashing algorithms are one way this risk can be mitigated, on the server side, but that’s a discussion for another day).

At the top level, there are things that demand a really strong password: for instance, webmaster control accounts or anything connected to money. For these, I use random alphanumeric strings of the maximum permitted length, never re-using one and changing them every month or so.

Obviously, I cannot remember these for several banks and websites. As such, I write them down and guard them. I am much better at guarding little bits of paper than at remembering random strings of data. I regularly carry around little bits of paper worth tens of Pounds, and little bits of plastic worth thousands of Pounds, if only until disabled. Indeed, I have been guarding bits of paper for well over a decade.

Lecture in the Taylorian

The lecture today on Canada-US security and defence cooperation went well; it could even be a solid demonstration of the preferability of lecturing over research. I did talk overly quickly, burning through my forty-five minute presentation in just over half an hour, but the questions were good and I think I fielded them pretty well. The fear of going overtime can generate unwanted haste. I did manage to avoid a frequent error I’ve made in the past, namely that of getting lost in my own notes. It’s easier to avoid when you really know the material you’re covering, and the notes are for structure, rather than content.

A presentation on a topic like this is always a political act. On that basis, I think I struck the right note. I took the more truthful bits of the ‘staunch and eternal allies’ premise sometimes hammered upon by Canadian politicians under fire from the US and mixed it with some of the more essential elements of the ‘importance of legitimacy and international law’ scolding that with which we tend to fire back. All in all, I think it was reasonably balanced and candid. Wearing my NORAD pin – with Canadian and American flags on it – probably contributed positively to my ability to represent myself as someone who genuinely wants a friendly and constructive relationship between the two countries, and has considerable respect for both.

Lecturing itself was quite enjoyable, despite the associated anxiety. With a bit more practice and confidence, I think that I could get very good at this, indeed.

Privacy and power

Canada’s Privacy Commissioner has released an excellent report, highlighting some of the disturbing trends that he sees as ongoing. Rather than paraphrase, I will quote one of the best sections extensively:

It is my duty, in this Annual Report, to present a solemn and urgent warning to every Member of Parliament and Senator, and indeed to every Canadian:

The fundamental human right of privacy in Canada is under assault as never before. Unless the Government of Canada is quickly dissuaded from its present course by Parliamentary action and public insistence, we are on a path that may well lead to the permanent loss not only of privacy rights that we take for granted but also of important elements of freedom as we now know it.

We face this risk because of the implications, both individual and cumulative, of a series of initiatives that the Government has mounted or is actively moving toward. These initiatives are set against the backdrop of September 11, and anti-terrorism is their purported rationale. But the aspects that present the greatest threat to privacy either have nothing at all to do with anti-terrorism, or they present no credible promise of effectively enhancing security.

The Government is, quite simply, using September 11 as an excuse for new collections and uses of personal information about all of us Canadians that cannot be justified by the requirements of anti-terrorism and that, indeed, have no place in a free and democratic society.

I applaud both the Commissioner’s comments and his willingness to take such a firm and public stance. As I’ve said dozens of times now: terrorists are dangerous, but governments fundamentally much more so. They can cloak themselves in secrecy and are imbued with a level of power that permits them to do enormous harm, whether by accident or by design. Compared with the excesses and abuses committed by governments – Western democratic governments included – terrorism is a minor problem.

I recommend that all Canadians read the report in its entirety. I found the link via Bruce Schneier’s excellent security blog.

Media idiocy

One of the BBC top stories right now: “Mobile phone risk during storms.” I am not going to link it, because they don’t deserve traffic for publishing something so asinine. The crux of the article is that people who get struck by lightning while using a metal mobile phone are more likely to be injured than people just standing there. The article doesn’t indicate that your chances of getting struck by lightning while talking on the phone are any higher. Indeed, I would posit that you would be less likely to be standing around outside in a thunderstorm if you had your expensive and almost certainly non-waterproof mobile phone pressed against your ear. And whose mobile phone is made of metal anyhow?

According to scientist Paul Taylor: “I would treat a mobile phone as yet another piece of metal that people tend to carry on their persons like coins and rings.” Do they advise not wearing rings or carrying change during thunderstorms? Of course not. That would be absurd.

Sometimes, the enthusiasm of the media to scare people on the basis of incredibly improbable events is so frustrating I don’t know what to do. They would have you believe that strangers will poison your child’s Halloween candy (all known cases of poisoning by this route were committed by the parents of the child). Everything from shark attacks to terrorist incidents gets presented as far more common than they really are, in a world of six billion with a media likely to report every incident of each. A really brilliant essay by Jack Gordon on this kind of fear-mongering can be found here. The best paragraph reads:

It is fashionable to remark that America “lost its innocence” on September 11th. This is balderdash. Our innocence is too deep and intractable for that. The thing we’ve really lost doesn’t even deserve the name of bravery. We’ve lost the ability to come to grips with the simple fact that life is not a safe proposition—that life will kill us all by and by, regardless. And as a society, we’ve just about lost the sense that until life does kill us, there are values aside from brute longevity that can shape the way we choose to live.

This essay won a contest by Shell and The Economist on the topic “How much liberty should we trade for security.” It is well worth a look; it’s enormously more deserving, I would say, than the BBC article of comparable length. The basic point: we need to acknowledge the existence of risk and deal with it intelligently. We can never be perfectly safe, and we shouldn’t try to be. We can never do otherwise than balance risks against benefits.