The miners dilemma – Bitcoin sabotage can be profitable

black diceImagine a small village of a 100 people.

One day,  a sorcerer shows up,  and grants all the villagers magical 1000-sided dice, which are purely random and can only be thrown at a fixed rate of 1 throw per second (no faster & no slower).

Over the next year, at noon of every day, the sorcerer will announce a random number between 1 and 1000, and the first villager to throw that number on their magical dice will earn $100, just by raising than hands and announcing it to the wizard.

The villagers play along, and the since the dice are purely random, each villager can expect to win $100 every 100 days.

But if they pooled their dice together they could create interesting scenarios. For example, a group of 10 ‘pooled’ villagers, could expect to win once every 10 days, and the winnings of $100 could be equally divided between them. To these villagers $10 every 10 days is a better deal than $100 every 100 days.

Eventually the village ends up with 2 pools of 50 villagers each. The pools expect to win once every other day, and the winnings would be $2 dollars per villager. So effectively, they’re winning $2 every 2 days.

So far so good.

The Crooked Pool attacks

crooksHowever, one of these pools (called the crooked pool), starts to act all dick-dastardly. They send 25 of their members to infiltrate the other ‘honest’ pool. These infiltrators will roll their dice, but never claim announce their winnings to the sorcerer, even if they roll the magical number. Essentially these infiltrators become dead-weight on the honest pool, rolling dice choosing to never win. The remaining 25 members in the crooked pool will continue rolling and trying to win.

At first this seems illogical, why would a pool intentionally give up half it’s resources to sabotage another? How could discarding winnings actually benefit anyone? Does it even profit the crooks?

Yes it does:

  • The crooked pool now has 25 villagers rolling dice;
  • The honest pool has 75 villagers, but only 50 of them are effectively trying to win
  • Don’t forget, the crooked pool has 25 members in the honest pool, and hence is entitled to 1/3rd of their winnings.
  • Which means the original 50 villagers in the honest pool, only get 2/3rd of their winnings.
  • With only 75 villagers effectively throwing the dice, the crooked pool now has both it’s original 25 members and a 1/3rd share of the remaining 50.
  • The maths is only a ‘bit’ complicated, but the result is the crooked pool increases its chances of winning from 50% to 56%.

Amazing right?! Even though the 25 infiltrators are essentially wasting their throws, they can actually profit from the activity.

This isn’t just a thought experiment either, this is a problem known in bitcoin as the miners delimma, analogous to famous prisoner dilemma thought in game theory. Bitcoin mining works almost exactly like this scenario, it is a purely random function similar to dice throwing, whose odds of success can only be increased if you ramp up the hashing power, or in this case, adding villagers to a pool. Continue reading

Apple vs. FBI: Everything you need to know

broken-fenceA judge in the US has ordered Apple to provide ‘technical assistance’ to FBI, in creating what some (but not all) cybersecurity experts call a backdoor. In the few years I’ve written about these issues, I’ve never seen anything as hotly debated as this one, across the folks from digital security to foreign policy all coming down on both sides of the debate.

On one hand it seems a bit snarky of the FBI to use this one particular case, that looks to have the highest possible chance of success to set precedent, but on the other hand it seems mighty nasty of Apple to refuse to comply with a court order, to crack into a terrorist phone.

So here’s some facts of the case.

The phone in question belonged to Syed Rizwan Farook, a shooter in the San Bernadino shooting, which caused the deaths of 14 people. America has numerous mass shootings, but this one involved two Muslims aligned to ISIS–and hence more easily labeled terrorism, without the need for adjectives like ‘domestic’.

As I blogged about last week, self-radicalized terrorist don’t get funding from headquarters, and without that glorious ISIS-oil money, all these guys could afford for was an iPhone 5C, an entry-level phone with hardware identical to that of the iPhone 5, a phone launched waaaayy back in 2012 (you’ll remember that as the year Manchester United last won the Premier League). As an older phone, the security architecture of the 5C lagged behind the current generation iPhones, all of which have a secure enclave, but make no mistake, it’s still pretty secure.

By pretty secure, I mean that the phone has all of its contents encrypted, and un-readable to anyone without the encryption key. The key is derived from both the user passcode, and a randomly generated hardware key that is unique to the specific iPhone. It is generally understood that Apple doesn’t keep track of the hardware key, and therefore unable to provide it, as you might expect the hardware will also never give up it’s key under any circumstance. Without the hardware key, the encrypted  data is unreadable, even with the passcode. Which explains why the FBI can’t suck the data out of the device for decryption on a more powerful computer, or load the data into 1000’s of iPhones for parallel cracking. Continue reading

Court rules Hacking Team documents still confidential

internet censorshipUnder the current hype of the FBI ordering Apple to ‘install backdoors’ on their iPhones, a bit of interesting news seems to have slid under the radar.

A court in Singapore ruled that e-mails from the Hacking Team breach, published by the hacker Phineas Fisher via a torrent download, and available freely on Wikileaks–were still confidential in nature.

The news hits close to home, after all, I’ve written a 2,000 word article on it back in July, and have been harping on the issue over the past weeks, even going on BFM radio for an interview.

So was I using confidential information in my tech evangelism?!

Well, probably not, but this does raise some interesting questions.

Here’s the facts of the case. Continue reading

Keith’s on BFM Talking about spyware–again!!

Keith_on_BFM_Tech_TalkToday, I was on BFM talking about Hacking Team, the audio for which is below, and more comments and thoughts below that.

 

This is my last ditch attempt to get a conversation started about the use of surveillance software by the Government—and these conversations should take place a the higher (and more powerful) levels of goverment. Talking about it to myself on this blog isn’t taking it anywhere.

If we want change we’re going to have to get the Government involved. I know, it sounds pretty depressing that we have to get the government involved, but unfortunately they’re the people we need to convince to have a proper discussion here. There’s a whole bunch of links below for more details.

I had a really great time during the interview and encourage you to listen, if for nothing else than for the smooth sultry acoustic aphrodisiac that is my voice.  But if you’re a lazy, like Garfield on rainy Sunday after a banana leaf meal, then here’s a quick FAQ on the matter.

Question 1: What is Spyware?

Spyware is software built to spy on computer users. In the past we used the term to describe relatively harmless ad cookies and software in ‘search toolbars’ to spy on users browsing and surfing habits. But this isn’t about that.

This is about a far more pervasive and invasive tool, that sucks up all the information in a computer to report back to its master. This is spyware on a different level, if personal data was dust in the air, this is the Dyson Vacuum cleaner that sucks it all up.

Question 2: How does Spyware work?

Spyware infects your computer by exploiting vulnerabilities and flaws in the software already installed on it. This includes things like Adobe Flash, Java and even the Operating systems (iOS, Windows, Mac OS, Android). Once a computer is infected it begins sending back screenshots, personal communications, e-mail messages, sms, whatsapp conversation to the command and control server.

A newer feature of spyware is the remote control capability that allows the attacker to take photos with your smartphone camera, or record using your inbuilt microphone, all without your knowledge.

Question 3: Does the Malaysian Government but Spyware?

YES.

Based on all the evidence we’ve seen, from the discovery of Command and Control Servers for Finfisher (a specific spyware model) within our borders, to the thousands of e-mails and documents in the Hacking Team breach that point to 3 agencies buying it, there is little room for doubt that at least some Government Departments have purchased spyware from both Gamma and Hacking Team.

Oh, and Paul Low also semi-admitted it 😉

Question 4: Every other government buys it, why should we be worried.

The purchase of spyware isn’t the issue, what we should focus on is the context of usage in Malaysia.

  • Why is the PMO buying spyware when it doesn’t have any investigative authority?
  • Why did the Government outsource the operations of the surveillance software to  a private 3rd-party? Is it legal to empower contractors with this capability?
  • Why does the Government continue to deny the usage of spyware on both a policy and technical level? If the Government truly didn’t buy spyware, then an investigation must be launched on Miliserv Sdn. Bhd. who bought it using their name.
  • Does the law permit certain ‘features’ of the spyware, including remote control that can capture intimate pictures of an individual and private conversations that should be off-limits to government surveillance?

Question 5: Don’t we need this to combat terrorist?

Yes and No. ISIS is not your father’s Al-Qaeda, their tactics are mass-propaganda followed by lone-wolf attacks. These attacks usually require no funding from head-office and very little formal communication between ISIS and the individuals. By definition self-radicalization and lone-wolves don’t communicate much with the outside world.

Hence, surveillance doesn’t help because there is nothing to surveli. There are still legitimate uses for spyware, but not all the time, and definitely not by the PMO and MACC. We shouldn’t be writing blank cheques to the Government for surveillance, and we shouldn’t be intimidated by terrorist–otherwise they would already have won.

Here’s a bunch of links I think might be useful.

  1. My initial post on the Finfisher spyware found in Malaysia (link)
  2. My second post on Finfisher, the one after CitizenLab released the infection file,  where I concluded it was indeed spying. (link)
  3. A post at security.my dissecting the file (link)
  4. The original post from Citizenlab about the infection file (link)–page 107 (a second link)
  5. Phineas Fisher hacks Gamma (link)
  6. Phineas Fisher hacks Hacking Team (link)
  7. My exceptionally long post about Hacking Team’s software in Malaysia (link)
  8. My rebuttal to Dato Seri Azalina Othman, that Malaysia did indeed buy from Hacking Team (link)
  9. Paul Low’s response that the MACC did indeed buy Hacking Team Software (link)
  10. Further proof Malaysia bought spyware (if you ever needed it)
  11. 5 Questions we need to ask about spyware (link)
  12. My rebuttal on why surveillance doesn’t work with ISIS tactics (link)
  13. The MACC Act (link), for other acts including the Criminal Procedure Code, check out the AG’s website (link).
  14. My previous kick-ass BFM interview (link)

Or visit https://www.keithrozario.com/tag/spyware for all my post relating to spyware 🙂

 

Forcing journalist to reveal sources will be bad–for the government!

Our spanking new, hand-picked Attorney-General is proposing life imprisonment for journalist who refuse to reveal their sources.

And surprisingly, my favorite Member of Parliament,Dato Azalina Othman, has supported the move, saying it was ‘high-time’ Malaysian did something. Fortunately, some calmer more rationale heads, like Dato Paul Low have criticized the A-G for his short-sighted stupidity.

Putting aside the fact that anonymity of sources is a core component of Press freedom, it’s easy to extrapolate how harsher punishment for journalists who keep their sources anonymous will back-fire spectacularly for the Government.

If sources know that Journalist will be pressured to reveal their identities, most sources will stop speaking journalist, thereby stemming the leakages from the government, and keeping the status quo.Or so the theory goes… Continue reading

Being Terrified: The price of terrorism

Next week, I’ll be on BFM for an interview about spyware, which will be my last Hail Mary play to get a conversation started about the use of surveillance software by the Government. If a radio interview on a popular station won’t do it, nothing on my blog will possibly be able to anyway 🙂

In any case, this post is a pre-emptive response to a slightly controversial idea that I cover (very briefly) in the interview, and hopefully it can be articulated better here than in a radio segment. To be honest, I haven’t fully thought this through, but I believe it at least some some aspects of truth that deserve further attention.

The Idea comes in 3 parts:

  1. Terrorism has changed dramatically with ISIS (or Daesh)
  2. Our conventional approach to surveillance will be ineffective against this new threat
  3. Our surveillance-based response to the new threat may end up hurting us more than ISIS ever could

Let’s go through them one at a time Continue reading