Making the world safe for Technology

quote-to-make-the-world-safe-for-democracy-woodrow-wilson-67-97-51On April 2nd, 1917, the President of the United States of America addressed an extraordinary session in congress, asking them to authorize America to declare war against the central powers in World War 1.

Across the Atlantic, the European continent had been devastated by nearly 3 years of bloody conflict. Regardless of who started the war, President Wilson was sure the war was at it’s tail end and he knew that if America stayed a neutral observer any longer, it might not get a seat at the table to discuss peace terms.

President Wilson had an agenda to setup the League of nations, to ensure that such wars would never be waged again, and this would truly be the war to end all wars.

Sadly, with hindsight we know the truth, that America would reject the League of Nations, and the peace treaty at Versailles would act more as a 20 year armistice than an indication of true lasting peace.

America was a pale shadow of what is it today. Britain was the richest country on earth and had the biggest Navy while Germany had the best industry and the biggest army. America was a sleeping giant, but one awoken by WW1 and one that has never slumbered since.

But what made her go to war?

What compelled this great nation, whose on founding fathers warned would never go abroad in search of monsters to destroy, to take up arms and cross an ocean to wage war?

Many think it was Lusitania, some suggest the Zimmerman telegrams, but those were merely side distractions to the true cause of America’s involvement. The true reason for her involvement and ultimate victory is found in one sentence from the speech of President Wilson on that fateful day–The world must be made safe for democracy.

It wasn’t that America was trying to impose democracy on Europe or Asia, rather it was merely making it safe for democratic principles to thrive in the face of despotic monarch and militaristic dictators. Contemporary American foreign policy fails to distinguish between making the world safe for democracy and imposing democracy.

America can never please her critics, get too involved and she’s accused of meddling in affairs, while staying neutral and distant invites the critic of indifference to human suffering.

But not all dangers to democracy come in the form of dictators with armies at their disposal, and in one sense America continues to make the world safe–while the rest of us remain blissfully unaware of her efforts. Continue reading Making the world safe for Technology

Full Disk Encryption with the keys inside

Nobody really knows how the FBI is hacking into iPhones.

Well nobody, except Cellebrite and the FBI themselves.

We can safely assume that the underlying crypto wasn’t hacked–that would be truly catastrophic for everyone’s security, and way above the pay grade of a company like Cellebrite.

So we have to conclude that somehow the FBI has managed to trick the iPhone into giving up it’s encryption keys, or bypassed the Passcode protections on the phone. Apparently the hack doesn’t work on iPhone 5S and higher devices,  and obviously this can’t be a software bypass (because all iOS devices literally run the software), so it has to be a hardware limitation, one that probably affects the key storage. Continue reading Full Disk Encryption with the keys inside

When bad advice comes from good people

What happens when a government agency tasked with providing cybersecurity “guidance” and “expertise” gives you advice like “avoid uploading pictures of yourself to avoid the threat of black magic”?

And then goes into damage-control claiming that it “was just a casual remark and did not represent the federal agency’s official position on the matter”,  only to follow-up with more ridiculous advice like “passwords should be changed constantly to prevent identity theft and hacking”.

Sometimes I sigh so often my wife gets worried—or annoyed, maybe both 🙂

First-off you know my view on black magic, and for an agency under MOSTI to make such an anti-science remark is just appalling. Secondly, from a security point of view, changing passwords regularly doesn’t help, and they cause more harm than good by encouraging users to use easy to remember passwords that they transform after every iteration. Think superman123, then superman456…etc.

In fact, research from Microsoft suggest changing your passwords regularly isn’t worth the effort, and the best one can do is use a password manager that would allow you to have passwords that are both unique and hard to remember across all online services you use.

The fact, that the head of cybersecurity Malaysia is giving advice that most people in the security community consider obsolete doesn’t exactly calms your nerves. Continue reading When bad advice comes from good people

The relationship between surveillance and censorship

Spying ProgramIn the online world, surveillance and censorship are two sides of the same coin, you can’t have one without the other.

When the government moots a ‘blogger registration’ act , we automatically infer it to be part of a wider censorship initiative, an attempt to control the narrative by subtlety telling bloggers “we know who you are, so watch what you say”.

We intuitively get that putting a whole community under surveillance is a bid to control expression within that community, and if someone was even ‘potentially’ watching you–your behavior would change.

But the internet has made the connection between surveillance and censorship work in reverse, not only does surveillance lead to censorship,  but censorship leads to surveillance as well. Continue reading The relationship between surveillance and censorship

Singapore Historical PSI Readings in Excel

Haze MalaysiaEvery now an again, I brush off the dust from an old laptop I have in the corner, and boot-up a couple of forgotten python scripts.

One of those scripts would scrap the DOE Malaysia website for API readings in Malaysia, unfortunately, those damn fools at the DOE now only publish 7-day data, and completely wipe off anything older–for some unknown reason.

I even contacted my ‘insider’ over at MDEC to help out, since she’s leading the open data initiative, but I’ve not had any response. So I’ve stopped work on the collating Malaysian API readings–for now. I suppose I could create a schedule job to scrape the website on a frequent basis, but that’s not something I’m interested in at the moment.

But on a lighter note, I did modify the script to scrape data from the Singapore National Environmental Agency–and here’s the latest PSI readings that go all the way back to April 2014, right up to yesterday (23-Mar-2016). This modification was part of my work last year to compare the PSI values that Singapore was reporting against the API values in Malaysia, (there was a wide discrepancy, check out my report here)

As usual they come in lovely csv files (separated by colons instead of commas, use the text to columns function in Excel to break them apart), and the full python script is fully available on my github page here.

All stuff produced on keithRozario.com is released under creative commons 4.0 (Attribution), which basically means who can use it for whatever you like–feel free, and don’t worry about the government either, nobody holds ‘copyright’ to facts like PSI readings (I don’t know why people often ask me this), and the Singapore government does make this freely available, but not in a easy to crunch csv file.

So without further delay, here’s the CSV files”

Singapore-PSI-Readings (click to download)

Enjoy.

P.S If this work has helped you in any way, would you mind leaving a comment below, helps me keep track of which of my crazy projects actually bring value to the wider community. Check out some climate change findings, based on my previous API reading work here.

TL;DR

For the truly un-initiated, here’s the Google Sheets version of the Singapore readings. They had to be in individual sheets, because together they exceeded the cell-limit in Google Sheets. All in all, it’s 17,000+ data points per region, so enjoy at your own risk 🙂

Central , West , East,  South, North

Security vs. Liberty : Sometimes it’s security and liberty

A public service announcement from our good friends at the FBI, warns that motor vehicles are increasingly vulnerable to remote exploits, which in the wake of the bad-ass research from Chris Valasek and Charlie Miller shouldn’t be shocking.

What struck me, is that the security advice the FBI is offering drivers was identical to the advice cybersecurity experts have been giving to–well just about everyone. As more of your car intertwines with software to provide things like automatic wipers, ABS and even bluetooth audio, the more it becomes susceptible to cyber attacks we traditionally associated with software on servers rather four-wheeled auto-mobiles.

So it would seem obvious that a car with more software bells and whistle would be less secure than a simple ‘hardware only’ car, and from one point of view that’s true.

But should you rush out to buy a 10 year old Honda Civic with no connectivity to the outside world?

It depends.

If you’re buying the car for your family and the you’re more likely to be in a road accident than you are to be hacked by guys like Charlie Miller–you’re better off buying a newer car with modern safety features even if it makes you susceptible to certain attacks. You certainly wouldn’t want to be in an accident in a car without airbags, or crumple zones built to protect passengers.

Compromising security in the name of safety isn’t something people are comfortable doing, but you never deal with absolutes here.

Security is always a compromise,  sometimes you give up convenience, sometimes you give up money, in some cases you even give up safety. Buying a newer car presents a bigger attack surface for ‘hackers’ to target you, but buying an older car presents a bigger risk for when you get into an accident, and because accidents are more likely than hacks, the choice seems straightforward.

However, before we begin to balance security vs. something else, we need to define the term security–and that’s not a straightforward process.

The definition of what is secure, begs the question–secure from what? You need to identify your attacker and their methods, before you can secure your defences. Going back to the car example, a newer car with more connectivity to the internet might be susceptible to hackers like Charlie Miller, but could also have shatter-proof windows which may offer better protections from parang wielding car jackers. Which of those two attackers are you more likely to encounter?

Think about the gated-guarded communities that have poped up all over Malaysia, sure these neighbourhoods provide security from the opportunistic criminals, like the wandering thief on his motorbike looking for expensive shoes you left outside your home. But they provide almost no extra security from a skilled attacker who employs both patience, knowledge and occasional violence to get the job done. For them, Nepalese guards who wave in everyone at the entrance present little deterrence.

So when we talk about FBI vs. Apple, people tend to conflate it as a case of security vs. privacy or even broader as security vs. liberty. But before we broadly frame this question, we need to define which liberty are we affecting, and what security are we augmenting.

The FBI is an investigative body, charged with investigating federal crimes. If their powers and capabilities are restricted by either technology or law,  they presumably would be less effective in catching criminals. Hence, if Apple designs smartphones that nobody (even the FBI) can’t access, criminals will remain free and our collective security suffers as a result. In other words, unless we give up some personal privacy, we cannot get the security of knowing criminals are behind bars.

But what about other attackers, like cyber-criminals and state sponsored attackers?

The NSA, who have the wholly different task of national security, feel that if Apple designs smartphones that even the FBI can’t access,  it means Russian cyber-criminals and Chinese state sponsored attackers won’t have access as well(or at least have a much harder time gaining access). And since nearly every federal employee carries a smartphone, the collective national security of the country is better protected by protecting the privacy of individual citizens.

Two different attackers result in two different definitions of security.

The latter example actually posits a scenario where liberty and security go hand in hand, where we get more of both simultaneously, win-win.

We also haven’t ventured into the territory where the government is the attacker. For many citizens living in despotic regimes that is a real and present evil. If Apple builds phones that ‘protects’ criminals from the likes of the FBI, those same phones protect journalist and human rights activist from their repressive governments.

It’s another version of collateral freedom, we all use the same internet, and protections we grant ordinary law-abiding citizens are the same protections we grant criminals. But since that are far more good people than evil bad guys, that’s an effective comprimise–it isn’t perfect, but a rational decision to take.

The alternative is to remove the protections from criminals, but at the same time deny them to ordinary citizens as well. That’s just not rational.

I would be disingenuous if I didn’t point out that in some cases we do need to give up liberty for safety. We have to allow police officers to carry out their duties, we grant the government powers to imprison the criminals among us, and we remove the ‘liberty’ parents have when it comes to vaccinating their children–all in the name of security.

The point of this post is stimulate you to think more deeply about the liberties we sometimes sacrifice in the name of security, for example we offer ourselves for groping at airport security for the ‘comfort’ of others, there’s only a tiny miniscule chance that our particular flight were chosen for a terrorist attack, but we think of this as security. Security Bruce Schneier puts it wonderfully:

Security and privacy are not opposite ends of a seesaw; you don’t have to accept less of one to get more of the other. Think of a door lock, a burglar alarm and a tall fence. Think of guns, anti-counterfeiting measures on currency and that dumb liquid ban at airports. Security affects privacy only when it’s based on identity, and there are limitations to that sort of approach. Since 9/11, two—or maybe three—things have potentially improved airline security: reinforcing the cockpit doors, passengers realizing they have to fight back and—possibly—sky marshals. Everything else—all the security measures that affect privacy—is just security theater and a waste of effort.

-Bruce Schneier

That reinforced cockpit door that protects pilots from terrorist also protected Andreas Lubitz when he took the helm of German Wings flight 9525 and crashed it into the french countryside killing himself and all 150 souls board.

Security entirely depends on who your adversary is and how they will carry out their attacks.

TL;DR

I drive a 3rd generation Prius, which has bluetooth audio, so that I can play my podcast from my phone through my car audio. That same audio headset can display the ‘state’ of the hybrid drive train–whether it’s driven by battery or the engine,  so that would mean the CAM bus on my car is exposed to the outside world via a Bluetooth connection. I accept this risk because I enjoy pod-cast too much, and that the Prius was the cheapest NCAP 5-star car I could buy, I compromised security over safety.

Hate Speech is defined by private companies

FirstAmendmentYou don’t have a right to freedom of speech.

Obviously true if you’re Malaysian, but even Americans only enjoy a liberty in freedom of speech and not an absolute right.

The difference is clear, liberties are protections you have from the government, while rights are something you have from everyone.

So if someone threatened your right to live, the government is obligated to intervene and protect that right, because your right to live is a protection you have from everyone, whether it be a common criminal, abusive husband or Ayotollah Khomeini.

On the other hand you only have a liberty in freedom of speech (at least in an American context), which means that the government can’t prevent you from speaking, or penalize you for something you said.

However, the government is under no obligation to ensure your speech gets equal ‘air-time’, a newspaper may decline to publish your article, an auditorium may elect to deny you their roster, and online platforms like Facebook may choose to remove your post–all of which do not violate your freedom of speech, because freedom of speech is protection only from the government (state actors) and not from private entities.

And like all liberties and rights, freedom speech is not absolute. Under strict conditions even the US government can impose limits to what they’re citizens can say, or penalize them for things they have said.

In the case of freedom of speech, a liberty defined in their first amendment, those strict conditions are very strict indeed. In order for the government to infringe on the freedom of speech, it must demonstrate a imminent danger that will result in a serious effect.

In other words the government must be able to prove that if the speech were given freedom, there would be an imminent threat of something serious. Both the imminence and seriousness must be proven, failing which the government cannot infringe on that speech. This is indeed a very tall hurdle to climb, and based on my cursory research no case has ever reached this limit. Continue reading Hate Speech is defined by private companies

FBI vs. Apple : Everything you need to know part 2

broken-fence

The Apple vs. FBI story has evolved so much in the past weeks, I thought I needed to write a separate post just on the updates. Admittedly, the story is far more complex and nuanced that I initially presumed, and everyone wants to be part of the conversation.

On one side, we have the silicon valley tech geeks, who seem to be unanimously in the corner of Tim Cook and Apple, while on the other  we have the Washington D.C policy makers, who are equally supportive of James Comey and the FBI whom he directs.

But to understand this issue from a fair and balanced perspective, we need to frame the correct question, not just what the issue about, but who is the  issue really focused on.

This isn’t just about the FBI or Apple

Framing this as the FBI vs. Apple or The Government vs. Apple is wrong. This is Law Enforcement vs. Tech Companies.

The FBI is just a part of the The Government, specifically the part tasked with investigating federal crimes.James Comey, FBI director, is genuinely trying to do his job when he uses the All Writs Act to compel Apple to create a version of iOS that would allow them to brute-force the PIN code.

But there are other parts of The Government, like the NSA, who have the wholly different task of national security. To them, if a smartphone, is genuinely secured from FBI, then it’s secured from Russian Cybercriminals and Chinese State Sponsored actors too (probably!).

And because so much data are on smartphones, including the smartphones of federal government employees, the national security interest of America is better protected by having phones that are completely unbreakable, rather than ones the provide exceptional access to law-enforcement. Exceptional being defined as, no one has access except for law enforcement, and perhaps TSA agents, maybe border patrol and coast guard–you can see how slippery a slope ‘exceptional’ can be. Oh and by the way, exceptional doesn’t exist in end-to-end encryption.

Former NSA director, Michael Hayden, has openly said “I disagree with Jim Comey. I actually think end-to-end encryption is good for America”. So it appears the NSA has an interest of national security that competes with the FBIs interest of investigating crimes.

The Government isn’t a single entity with just one interest, rather it is a collection of agencies with sometimes competing objectives, even though they all ultimately serve their citizens.  Experts believe the NSA has the capability to crack the iPhone encryption easily, but are refusing to indulge the FBI, because–well it’s hard to guess why the NSA don’t like the FBI.

Susan Landau,  a member of Cybersecurity hall of fame (yes it does exist), detailed two methods the FBI could hack the iPhone in her testimony to House Judiciary Committee. Both methods involved complicated forensics tools, but would cost a few hundred thousand dollars (cheap!) , and wouldn’t require Apple to write a weakened version of iOS. If the goverment can get into the phone for $100,000 , that would mean it couldn’t compel Apple under the All Writs Act (AWA).

Remember, the FBI buy their spyware from the lowlifes at hacking team, which means they’re about as competent as the MACC and Malaysian PMO, but if Comey and Co. can afford $775,000 on shit from Hacking Team, I’m guessing $100,000 for a proper computer forensics expert isn’t a problem.

But maybe there’s an ulterior motive here, at the very recently concluded Brooklyn iPhone case, Magistrate Judge Orenstein noted that necessity was a pre-requisite for any request made under AWA, and if the FBI have an alternative for a reasonable price, then Apple’s support was not necessary, and hence outside the ambit of the AWA. So maybe the NSA isn’t providing the support to necessitate the NSA.

An this isn’t singularly about the FBI either. The New York A-G is waiting for this case to set precedent before he makes request for the 175 iPhones he’s hoping to unlock for cases that aren’t related to terrorism or ISIS. You can bet he’s not the only A-G waiting for the outcome, and it’s highly unlikely for the Judge to make her ruling so specific that nobody except the FBI could use it as precedent.

But it’s also not just about Apple. The legal precedent set by this case would apply not just to every other iPhone, but possibly every other smartphone, laptop, car or anything else we could squeeze into the definition of a computer. This is about more than Apple, and that’s why the tech companies are lining up in support of Mr. Cook, 32  such companies the last I checked.us vs. them

But now that we’ve framed the ‘who’ , let’s frame the ‘what’. Continue reading FBI vs. Apple : Everything you need to know part 2

The miners dilemma – Bitcoin sabotage can be profitable

black diceImagine a small village of a 100 people.

One day,  a sorcerer shows up,  and grants all the villagers magical 1000-sided dice, which are purely random and can only be thrown at a fixed rate of 1 throw per second (no faster & no slower).

Over the next year, at noon of every day, the sorcerer will announce a random number between 1 and 1000, and the first villager to throw that number on their magical dice will earn $100, just by raising than hands and announcing it to the wizard.

The villagers play along, and the since the dice are purely random, each villager can expect to win $100 every 100 days.

But if they pooled their dice together they could create interesting scenarios. For example, a group of 10 ‘pooled’ villagers, could expect to win once every 10 days, and the winnings of $100 could be equally divided between them. To these villagers $10 every 10 days is a better deal than $100 every 100 days.

Eventually the village ends up with 2 pools of 50 villagers each. The pools expect to win once every other day, and the winnings would be $2 dollars per villager. So effectively, they’re winning $2 every 2 days.

So far so good.

The Crooked Pool attacks

crooksHowever, one of these pools (called the crooked pool), starts to act all dick-dastardly. They send 25 of their members to infiltrate the other ‘honest’ pool. These infiltrators will roll their dice, but never claim announce their winnings to the sorcerer, even if they roll the magical number. Essentially these infiltrators become dead-weight on the honest pool, rolling dice choosing to never win. The remaining 25 members in the crooked pool will continue rolling and trying to win.

At first this seems illogical, why would a pool intentionally give up half it’s resources to sabotage another? How could discarding winnings actually benefit anyone? Does it even profit the crooks?

Yes it does:

  • The crooked pool now has 25 villagers rolling dice;
  • The honest pool has 75 villagers, but only 50 of them are effectively trying to win
  • Don’t forget, the crooked pool has 25 members in the honest pool, and hence is entitled to 1/3rd of their winnings.
  • Which means the original 50 villagers in the honest pool, only get 2/3rd of their winnings.
  • With only 75 villagers effectively throwing the dice, the crooked pool now has both it’s original 25 members and a 1/3rd share of the remaining 50.
  • The maths is only a ‘bit’ complicated, but the result is the crooked pool increases its chances of winning from 50% to 56%.

Amazing right?! Even though the 25 infiltrators are essentially wasting their throws, they can actually profit from the activity.

This isn’t just a thought experiment either, this is a problem known in bitcoin as the miners delimma, analogous to famous prisoner dilemma thought in game theory. Bitcoin mining works almost exactly like this scenario, it is a purely random function similar to dice throwing, whose odds of success can only be increased if you ramp up the hashing power, or in this case, adding villagers to a pool. Continue reading The miners dilemma – Bitcoin sabotage can be profitable

Apple vs. FBI: Everything you need to know

broken-fenceA judge in the US has ordered Apple to provide ‘technical assistance’ to FBI, in creating what some (but not all) cybersecurity experts call a backdoor. In the few years I’ve written about these issues, I’ve never seen anything as hotly debated as this one, across the folks from digital security to foreign policy all coming down on both sides of the debate.

On one hand it seems a bit snarky of the FBI to use this one particular case, that looks to have the highest possible chance of success to set precedent, but on the other hand it seems mighty nasty of Apple to refuse to comply with a court order, to crack into a terrorist phone.

So here’s some facts of the case.

The phone in question belonged to Syed Rizwan Farook, a shooter in the San Bernadino shooting, which caused the deaths of 14 people. America has numerous mass shootings, but this one involved two Muslims aligned to ISIS–and hence more easily labeled terrorism, without the need for adjectives like ‘domestic’.

As I blogged about last week, self-radicalized terrorist don’t get funding from headquarters, and without that glorious ISIS-oil money, all these guys could afford for was an iPhone 5C, an entry-level phone with hardware identical to that of the iPhone 5, a phone launched waaaayy back in 2012 (you’ll remember that as the year Manchester United last won the Premier League). As an older phone, the security architecture of the 5C lagged behind the current generation iPhones, all of which have a secure enclave, but make no mistake, it’s still pretty secure.

By pretty secure, I mean that the phone has all of its contents encrypted, and un-readable to anyone without the encryption key. The key is derived from both the user passcode, and a randomly generated hardware key that is unique to the specific iPhone. It is generally understood that Apple doesn’t keep track of the hardware key, and therefore unable to provide it, as you might expect the hardware will also never give up it’s key under any circumstance. Without the hardware key, the encrypted  data is unreadable, even with the passcode. Which explains why the FBI can’t suck the data out of the device for decryption on a more powerful computer, or load the data into 1000’s of iPhones for parallel cracking. Continue reading Apple vs. FBI: Everything you need to know