Superconductor

I just realized that today is day that P. G. Wodehouse, arguably the best writer of humor that the Earth has seen in its several billion years of existence, died in 1975. As a member of The Wodehouse Society, it's probably appropriate that I use Wodehouse's ideas whenever I can, and I seem to recall one that may be particularly appropriate for blogging.

I don't recall exactly which book this was in, but in one of his novels Wodehouse noted how he cleverly had outmaneuvered his critics. They were apparently claiming that many of his books featured essentially the same plot as his previous books, just with different characters in them. To deal with this criticism, Wodehouse decided to blatantly reuse a plot, and to do it with exactly the same characters that he had previously used. 

So if doing that sort of thing is good enough for an author the stature of Wodehouse, I might be able to use the same idea and recycle old blog posts, posting the exact same text that I had used previously. If I really felt ambitious, I could even correct any spelling and grammar errors that might have crept into the original posts.

And, as someone pointed out to me today, the news stories that we've seen over the past couple of years that talk in glowing terms about some new academic work that has "broken" AES seem to indicate that people really don't get tired of reading the same thing over and over again.

The other day I posted about blog comments. I suggested that many blog comments are generated by an artificial intelligence program. These comments are posted only to get a hyperlink into the internet.

Within a few minutes of the blog entry being published, this comment was posted.

Hello, When you call Workers' Compensation, LLC, we will be sure to explain the process of obtaining workers' compensation and the factors that will determine whether or not you will be awarded specific benefits.

I deleted it, but it didn't completely fit in with my theory. I was thinking that the AI comments were posted to blog entiries a month or so old, so as to generate less scrutiny. I also figured the comments would nominally refer to the entry itself.

So why did this comment get posted? And why on that blog entry?

The field of AI still hasn't produced the general thinking machine. But as I understand it, one of the successes of AI has been to create programs that can act intelligently in a specialized area. For example, an AI program can help diagnose car problems or another one can parse customer questions and be a first line of support.

Apparently someone out there has written an AI program that reads blog posts and leaves comments. The purpose is to write a comment that gets by the spam filter so the hyperlink on the commenter's name gets through. (A hyperlink in the comment itself triggers red flags in spam filters, but the hyperlink in the commenter's name is part of the protocol.)

Suppose you're a spammer and you think that leaving comments in blogs will help you. Maybe you think that other people reading your comment will click through to the URL in your name. Or more likely you think that putting a link to your web site in a comment will make it look to search engines as if there are lots of links to your site. Your web site will move up the search rankings.

Remember, the best search engines don't just find all occurrances of a praticular word or phrase, they return results based on popularity, which is determined by how many other sites link to your site.

Here's what I think is happening. The program reads blogs. Then it finds older posts (from maybe a month or two ago). It reads the posts and constructs a comment based on the post. It then posts the comment with the hyperlink in the name of the commenter. The comment has to be close enough to the topic to get by the spam filter. Commenting on older posts increases the chance that no one looks too closely at it, so there's less chance it will be deleted. Our blog here requires registering in order to post comments, so the program will do that as well.

For example, here are two comments on my posts about financial web sites and passwords.

"However, many financial companies are some of the worst offenders in placing restrictions on passwords." by "lacoste outlet".

"It is good to hear that financial websites do not allow weak passwords, thus it is very necessary for us users to make a very strong password to be able to secure our finances online." by "private label seo".

Sometimes the comments are more generic.

"The blog is full of useful information for me. I gone through the whole blog and found it very interesting and beneficial. Thanks a lot for bringing the knowledge here. I enjoyed reading the blog and is very much impressed. Hope to see you soon with lots of more interesting blogs." by "diploma management of melbourne".

"Don't know what is wrong what is rite but i know that every one has there own point of view and same goes to this one" by "Hermes Bikini".

Here's one that was obviously spam.

"Super cute! My little man would look so stylin' in those!" by "moncler jacket".

So is there an AI program out there that reads a blog post and constructs a comment that sounds like it is real? Or are there people writing these?

At first glance, it doesn't seem likely that there are people actually surfing the web, finding blogs and then manually commenting on entries. I would imagine that to make a profit on this activity (creating links to web sites in order to boost search engine rankings), the cost would have to be low. Hence a program and not real people.

On the other hand, maybe some marketing firm that promises to get your web site higher in the rankings will hire some people from poor countries to do this. The English on some is broken enough that it sounds feasible.

Incidentally, one of my posts got a lot of these comments and others get none. Maybe that one blog post was linked to another blog or something else, and the fact that it was linked to other places made it a prime candidate for using it to create artificial links.

So when I get a comment like this on my workplace training post ...

"Training is the best way to improve the skill and we should take it seriously to get the best output. Hope everyone will appreciate it." by "website translation"

... should I let it remain or should I delete it?

Our marketing people were just looking at some sort of web site analytics tool and showed me the relative popularity of the posts on this blog so far. I found the results somewhat surprising. The most popular post by far (in terms of page views) was "How to get a strong password." The second most popular was "Hyperelliptic curves." The fact that I wouldn't have guessed this at all probably explains why I don't work in marketing. Both of these were 10 to 20 times more popular than the typical post.

According to the F-Secure blog, one of the F-Secure engineers managed to track down a copy of the email that was apparently used in the recent hack that may have compromised SecurID tokens. They even made a YouTube video of what it looks like when you open the infected spreadsheet that was used to carry out the attack. Interesting stuff.  

According to an article on the IEEE Spectrum Risk Factor blog, people in the state of Massachusetts are being inconvenienced a bit by the error rates of a biometric system that the state uses to identify people suspected of having a fake identity. Here's how Spectrum summarized what happened in one particular case:

John H. Gass is still not a happy person. On the 5th of April, he received a letter dated the 22nd of March from the Massachusetts Registry of Motor Vehicles telling him that his driving license had been revoked, and that he must immediately stop driving.

Mr. Gass, who had not received a traffic violation for years, was identified by the RMV as a person suspected of having a fake identity by an automated anti-terrorism facial recognition system, an article in the Boston Globe reported. At least 34 other states use the same or similar software, the Globe says, much of it paid for in part by grants from the US Department of Homeland Security.

It turns out that the face recognition software flagged Mr. Gass's picture as looking like another Massachusetts driver, hence the letter from the Massachusetts RMV. The Globe says that it took Mr. Gass ten days of wrestling with the RMV bureaucracy to prove to them that he was indeed who he said he was before he was able to get his license back.

According to the Globe story, based on results of the recognition system, last year the "State Police obtained 100 arrest warrants for fraudulent identity, and 1,860 licenses were revoked as a result of the software."

Neither the Spectrum article nor the Globe article that it refers to say how many off those arrest warrents and license revocations turned out to be due to the non-zero false match rate for the facial recognition system that the state government uses.

Based on the error rates of biometric systems that I'm familliar with, I wouldn't be surprised if Mr. Gass isn't alone in having a problem with being inaccurately identified by one of these systems. The Globe article leads you to believe, however, that the state isn't very sympathetic in these situations at all. It quotes a state spokesman saying that, "protecting the public far outweighs any inconvenience Gass or anyone else might experience."

In a previous post, I noted a new social networking site called Blippy that basically lets you see what your friends are buying. Maybe if you're too young to remember the dot-com era, that sounds like a perfectly reasonable thing to do. To me it just sounds like a huge privacy problem just waiting to happen.

According the what's posted on Blippy's web site, the problems have already started. In particular, it looks like Blippy incorrectly considered raw transaction data to be harmless at one point, and some of it ended up the HTML on some of their web pages.

Yikes!

Blippy has a five-step plan for making sure that this doesn't happen again:

1. Hire a Chief Security Officer and associated staff that will focus solely on issues relating to information security.
2. Have regular 3rd-party infrastructure & application security audits.
3. Continue to invest in systems to aggressively filter out sensitive information.
4. Control caching of information in search engines.
5. Create a security and privacy center that contains information about what we are doing to protect you.

These steps look like a good move in the right direction, but why weren't these done in the first place? And with all the news about PCI DSS these days, who could possibly have thought that credit card transaction data wasn't sensitive and needed to be protected?

Out of the thousands (millions?) of April Fools' blog posts out there, I found one particularly entertaining: the one by Greg Mankiw that claimed that Harvard was going to auction off 100 slots to next year's incoming class.  Here's what he said:

Today is the day Harvard announces admission decisions to the college.  Moreover, as you may know, Harvard has been struggling with a sizable budget shortfall.  The budget problem, however, has now been solved.  Harvard has decided to auction off 100 slots in next year's freshman class to the highest bidders.  If you are interested in entering a bid or learning more about the program, click here.  Bids are due by the end of the day.

At Voltage, of course, we're known for our innovative security technologies instead of our sense of humor, so you won't find anything like Mankiw's post here. Or if it's here it will probably be buried in some arcane discussion of elliptic curves that almost nobody will actually read.

An alert reader recently pointed out an interesting blog post that proposes a list of "red flags" that people should watch for when selecting a secure email solution. Apparently unhappy with this particular post, this reader suggested that the list of red flags in the interesting post be amended to include the following:

Red Flag #19. Alleged critics who disguise their opinions in pseudo scientific postings and don't declare their vested interest in competing firms and technology should not be trusted.

Red Flag #20. Industry Experts who quote themselves and reference only their own works in publications should not be trusted.

Red Flag #21. 4 year old competitive analysis papers do not have contemporary value.

I can't vouch for whether or not these additional red flags make sense or not, but I have to say that I was a bit puzzled by this particular red flag that the post mentioned:

Red Flag #3: It Just Works. Beware of hidden liabilities. For example, make sure that your keys are not escrowed in the servers providing the solution, as with IBE (Voltage). Nothing is safe in servers, not only from attackers but also from service providers and employees.

There's a big difference between the ability to do key recovery and key escrow, and this blog post (as well as some of the white papers available from the blog's web site) seems to badly confuse the two. Voltage's SecureMail lets you do key recovery. It doesn't do key escrow.

Key recovery lets you backup and restore cryptographic keys. If your CIO gets hit by a bus and you need access to their encrypted data, key recovery lets you do that. It also lets you recover your systems in the event of a failure, like a natural disaster might cause. Note the use of "you" here. A business doing key recovery backs up and restores their keys as needed and nobody else has access to these keys. Key recovery is often necessary for all sorts of legal and regulatory reasons, so it's a necessary feature of any enterprise encryption product.

With key escrow, on the other hand, a third-party gets copies of a cryptographic key. The US government led the push for key escrow back in the pre-dot-com era. The idea was for law enforcement agencies to have the ability to decrypt encrypted messages if they had the necessary court order. There was even talk of laws requiring all encryption to have this feature. It turned out that people weren't comfortable with the government having this ability and that technical problems plagued the proposed escrow schemes. In the end, the idea failed terribly. It's definitely not a feature that enterprise encryption products need.

Because IBE lets you calculate any private keys that you need, it makes key recovery easy. And because you can calculate any private keys that you need, you'll never be doing key escrow with IBE.

Key recovery is necessary. Key escrow isn't. Let's not confuse the two.

I recently came across an interesting blog post that describes how a clever hardware hacker managed to make a single-chip CMOS inverter at home. The hacker apparently worked out her own CMOS fabrication process using just equipment that's cheap and readily available.

A single inverter isn't that impressive - it has just a single PMOS transistor and a single NMOS transistor - but the fact that this hacker managed to develop a process to make a single-chip version at home is extremely impressive. The success of this project made me wonder about how successful hardware hackers who operate with a similarly-modest budget can be.

I have always said that the protection provided by hardware is fundamentally different from the protection provided by encryption. Once you have the right tools and expertise, a wide range of attacks become feasible. If you have a big budget, perhaps just a few million dollars, you can probably beat any hardware security mechanism at all. The more interesting question is really whether or not relatively low-budget attacks can beat the security provided by hardware.

The fact that a clever hardware hacker managed to make a single-chip CMOS device at home leads me to believe that hardware hackers may be much more capable then we might first think, and that they might be able to carry out some impressive attacks against smart cards and HSMs. Hardware security isn't perfect, but we tend to think of it as being better in some vague and ill-defined way than software-only security. Maybe the difference isn't really that big.  

A few people have asked me about me creating a hardcopy book from the contents of this blog. Trying to find things to do other than look for errors in a math-heavy standards document, I recently tried out a couple of the available services that let you do this to see how hard it is and what's involved in doing it. I was stunned by how bad the available options were.

In one case, the first few posts were loaded into the book-making software with no problems, but the rest after that ended up badly garbled. That made that particular offering totally useless.

The next one I tried couldn't handle subscripts and superscripts, among other things, so it ended up being useless also.

I doubt that I'm the only person who does things like indenting text or using superscripts. Why can't the current versions of blog-to-book software handle the use of these things?

It turns out that you can now get this blog on your Kindle e-book for only $1.99 a month. Other items that Amazon.com sells aren't quite as cheap. I stumbled across a textbook today that actually sells for $7,790. This is Nuclear Energy, by many contributors.

Here's the product description:

The three volumes VIII/3A, B, C of Energy Technologies should primarily serve scientists, engineers, and students to gain information on physical, chemical, and technical properties of all technologies to provide, convert, distribute, store, and finally use energy. They are supplemented with economic background information and with specific concepts, to allow the reader a proper comparison of different energy technologies. In this way these volumes on energy technologies should help human society pave the way towards sufficient and environmentally safe provision and use of energy. The various contributions have been written by experts from all around the globe working in universities, public research institutions, and private industrial companies.

One of the targets is students, but how many students can afford a book that costs $7,790?

On the bright side, you definitely qualify for free shipping if you buy this book. Or you could save 20%, or $1558, if you decide to read Nuclear Energy on your Kindle instead of getting a printed copy. At least it's not as bad as Mrs. Skagg's Husbands, which you can't get for anything less than $7.6 million. That's not available for the Kindle yet, though.

Hackers are clever, and they’ll find a way to exploit almost anything. One example of this is how they’ve learned to use blogs to distribute spam and other malware. But for every hacker finding a new way to carry out attacks, there’s apparently a security vendor coming up with a response. At the RSA Conference this week, I saw some interesting demos of the counters that security vendors have created to the problem of hackers using blogs to help them carry out attacks.

In most cases, spam email outnumbers legitimate email by a huge margin. This seems to be true with comments that are posted to blogs also. If I go to the management console for this blog, for example, I now see over 3,400 attempts by spammers to get this blog to link their sites that claim to be selling interesting products, but are probably just trying to collect sensitive personal information. Looking through a queue of over 3,400 items just isn’t feasible, but security vendor Websense has a product that will do this for you, and in most cases, they’ll actually do this for free.

This product is Defensio, and I saw a demo of it at the RSA Conference yesterday. Websense claims to have sophisticated adaptive algorithms that let their technology adapt to the efforts of spammers to bypass their filtering. That’s not the sort of thing that’s easy to show in a demo, so I’ll have to trust that this really happens behind the scenes.

Defensio works by routing potential malicious posts through Defensio’s servers, which make a decision about whether or not the post is spam. This architecture also lets Defensio identify and react to new attacks on blogs as they’re developed and used by hackers. I seem to recall that anti-virus products worked this way at one time, but anti-virus vendors seem to have now discarded this model. It will be interesting to see if this also happens to Defensio’s technology in the future.

Unfortunately, Defensio is only available for blogs that are hosted by WordPress. This blog uses TypePad, which means that I can’t actually try it and see how well it works in practice.

In addition to blogs, it seems that newer social networking services like Twitter have already been abused by hackers. Twitter users are already receiving spam (twam?), and if you follow the Twitter user @spam, you’ll see updates on how this spam is happening, who it’s coming from, etc. You might even find it amusing that when you visit the Twitter page for the user @spam, you see the message “Hey there! spam is using Twitter.”

Maybe there’s a start-up out there right now that’s figuring out a way to keep Twitter uncluttered. I’ll have to look for this at next year’s RSA Conference.

It seems that James McGovern didn't quite understand my reply to his blog post about identity-based encryption. One of James' issues with IBE is a perceived lack of algorithm agility. I pointed out that there are actually many different IBE schemes, two of which Voltage actually uses in our shipping products. James seems to have misunderstood my comment to be saying that there are only two IBE schemes.

This is far from the truth.

There are now more IBE schemes than one person can reasonably keep track of and more are being invented fairly regularly. I would actually say that the draft of the IEEE P1363.3 Standard for Identity-Based Cryptographic Techniques using Pairings has too many IBE schemes in it, and the P1363 working group is actually now voting on a motion that I made to remove some of the schemes that are in the current draft of the P1363.3 standard.

On the other hand, each of the schemes that are currently in the draft of the P1363.3 standard has a rigorous mathematical proof of their security, something that many the traditional PKI schemes that James refers to don't actually have. So even if I can't convince people to remove what I consider to be the unnecessary schemes, there won't be any problems with their security, it will just mean more work for me as the editor of the standard.

I’ve commented before on the lack of accurate data for information security threats. It certainly looks like you really can’t trust vendors to give you accurate and unbiased data, and the latest news from McAfee’s blog is probably an example of this.

McAfee estimates that lost data cost the world’s economy a trillion dollars last year. Unless it’s the U.S. government talking about how much they’re going to spend, you should probably be suspicious of the accuracy of any number that large. I certainly was. Puzzled by this number, I found a copy of the McAfee report, Unsecured Economies – A Trillion Dollar Headwind, that this blog cites.

I wasn’t terribly surprised when the $1 trillion number didn’t actually appear in this report. The report does estimate that the average company lost $4.6 million in data last year. I have to assume that someone just estimated the number of businesses in the world and multiplied it by $4.6 million to get the astounding $1 trillion estimate.

I don’t believe this estimate at all. Part of my skepticism is due to the fact that it’s so much larger than other estimates. The fact that it’s from a security vendor who wants to sell you products and services that can reduce the amount of data that you lose doesn’t help, either.

The 2008 CSI Computer Crime & Security Survey gives a much lower estimate for the value of lost data, for example. And in the several years that this survey has been done, it hasn’t even come close to the McAfee estimates. The 2008 estimate was $288,618, which was down from the $345,005 estimate in 2007. Two years ago, the estimate was $167,713. None of these are close to $4.6 million.

And without estimates of exactly how much information is out there, it’s hard to put estimates of information loss into a useful context. The November 2008 issue of Johns Hopkins Magazine had a feature about the high cost of health care in the U.S. and how to control it. They mention that uninsured people and others who can’t pay their bills cost the U.S. health care system about $30 billion per year. That certainly sounds like a lot of money, but when you consider that it’s only 1.4 percent of the total $2.1 trillion that’s spent on health care in the U.S. every year, it sounds much less important.

So let’s suppose for a moment that McAfee’s estimate of $1 trillion in loss is actually accurate. Does that $1 trillion represent 20 percent of the total value of information, or is it only 0.1 percent of the total value of the information? Without knowing that, the $1 trillion number isn’t really of much value.

In his recent blog post, enterprise architect extraordinaire James McGovern mentions that he’s concerned that there’s no algorithm agility with identity-based encryption. His thoughts may be based on a misunderstanding of what IBE actually is. Here's why.

IBE is really a family of public-key technologies that share a common set of properties, and there are actually several different IBE schemes. Voltage’s shipping products actually support two of these:Boneh-Franklin IBE and the Boneh-Boyen IBE. So even within the technology used by a single vendor, there’s still the opportunity for algorithm agility while keeping the useful properties of IBE.

Most of Voltage’s customers use Boneh-Franklin IBE. It was the first IBE scheme that was both practical and secure. It’s also the easiest to understand. Boneh-Boyen IBE is harder to understand. It also has a number of properties that differentiate it from the Bohen-Franklin scheme, most of which only matter to specialists in the field of pairing-based cryptography. Most people really don’t care, for example, whether an identity gets hashed to a point on an elliptic curve or it gets hashed to an integer. Boneh-Franklin IBE hashes an identity to a point on an elliptic curve. Boneh-Boyen IBE hashes an identity to an integer.

The likelihood of a weakness being found in either the Boneh-Franklin of the Boneh-Boyen scheme is also quite low. Both of these schemes have formal proofs of their security. Lots of smart people have reviewed these proofs, so they’re probably correct. This means that it’s very unlikely that there’s a weakness in either the Bohen-Franklin or the Boneh-Boyen IBE scheme that can be exploited.

There are also other vendors that use IBE technology in their products. I can’t say for sure, but I wouldn’t be surprised if their products have the same level of algorithm agility that Voltage’s products do. I can say with certainty that the concerns around algorithm agility really don’t apply to Voltage’s products. You’ll have to ask other vendors about exactly how they do things.