Weekly Edition
Return to the Security page
| |||||||||||||
Security quotes of the week
One thing is pretty much certain, however. Passwords as we've traditionally known them are on the way out. They are doomed. The sooner we're rid of them, the better off we're all going to be.
— Lauren Weinstein
Especially if your password is "12345" ...
There's another, more strategic reason why wholesale Internet
disconnections are pretty unlikely in Turkey. Turkey's international
telecommunications networks play a key role in interconnecting Syria, Iraq,
Iran, Georgia, Azerbaijan, and the Gulf States to the greater Internet.
Turkey's domestic Internet market is large, but the international market
whose consumers could be reached by Turkish-hosted content is even larger.
Turkey finds itself at a decision point today: take the necessary steps to
encourage large content providers to host Middle Eastern content in Turkey,
and reap the benefits of becoming the regional Internet hub, or let that
opportunity pass.
— Jim Cowie
in the Renesys blog
Could Google tip an election by manipulating what comes up from search
results on the candidates?
— Bruce
Schneier
[...] Turns out that it could. And, it wouldn't even be illegal for Google to do it.
To register their vote on-line, Parisians were supposed to make a
credit-card payment of €3 and give the name and address of someone on the
city's electoral roll. Metronews said that one of its journalists had
managed to vote five times, paying with the same credit card, using names,
including that of Nicolas Sarkozy.
— The
Independent(Log in to post comments)
Security quotes of the week Posted Jun 6, 2013 4:20 UTC (Thu) by dirtyepic (subscriber, #30178) [Link]
That's amazing! I've got the same combination on my luggage!
Security quotes of the week Posted Jun 6, 2013 18:55 UTC (Thu) by Tara_Li (subscriber, #26706) [Link]
I don't foresee passwords being on their way out any time soon. The advanced systems people are oh so happy to focus on the weak points of passwords, while ignoring the weak points of their own systems. If my computer can read my swallowed super-key, so can the bad guys as they walk by me, so can the scanners keeping track of who goes where on the street... And the hardware unexpectedly fails - how do you prove that you're you to get the new hardware identifier authorized? And so many many other issues...
The problem isn't passwords. The problem is people - people writing website code that makes it fairly trivial to get the list of people's passwords, and the people who fall for the social engineering tricks that means they give their password to someone they shouldn't.
It's like the programmers who work to get the computer to make better guesses at what people mean, instead of what they say - instead of society as a whole working to get people to actually mean what they say so that decent communication can take place.
Security quotes of the week Posted Jun 6, 2013 11:22 UTC (Thu) by dgm (subscriber, #49227) [Link]
Could [The New York Times] tip an election by manipulating what comes up [in their front page] on the candidates?
Turns out that it could. And, it wouldn't even be illegal for [The New York Times] to do it.
Security quotes of the week Posted Jun 6, 2013 13:25 UTC (Thu) by nix (subscriber, #2304) [Link]
... and then there's the UK, where it is so routine for papers to tip elections that it led to an iron triangle of journalists, proprietors, and politicians which has recently started to come apart at the seams.
Security quotes of the week Posted Jun 6, 2013 14:08 UTC (Thu) by drag (subscriber, #31333) [Link]
If the Democracy is so fragile that the entire process can be subverted by changing the order of search results then I really don't see much value in the Democracy to begin with.
We would probably be just as well off just by randomly selecting people for office.
Security quotes of the week Posted Jun 12, 2013 0:00 UTC (Wed) by yodermk (subscriber, #3803) [Link]
> We would probably be just as well off just by randomly selecting people for office.
There is actually no doubt in my mind that that would be a *huge* improvement.
"Hey buddy, wanna be a Congressman?"
Security quotes of the week Posted Jun 12, 2013 0:14 UTC (Wed) by neilbrown (subscriber, #359) [Link]
It works for juries. Why not for congress/parliament?
But didn't Arthur C Clarke already have that idea?
Security quotes of the week Posted Jun 12, 2013 3:08 UTC (Wed) by raven667 (subscriber, #5198) [Link]
I think this is a serious and good idea. You won't always have a winner, just as we can all point to juries who have made bad and stupid decisions in retrospect, but in aggregate it should bring the average level of corruption down. The main concern that I can think of right away is that it is vulnerable to influence from the civil service which surrounds it, much in the same ways that juries are under the influence of the judge, who can give bad council. Just like a jury selection process there should be a way to dismiss potential candidates with cause and like a jury whoever controls the selection process has a powerful tool to try and direct the outcomes by picking favourably. I'm not sure how this would work outside the adversarial judicial environment where there is a clear sense of fairness between the two parties.
Security quotes of the week Posted Jun 12, 2013 10:27 UTC (Wed) by jezuch (subscriber, #52988) [Link]
> But didn't Arthur C Clarke already have that idea?
It was Philip K. Dick: https://en.wikipedia.org/wiki/Solar_Lottery
Security quotes of the week Posted Jun 12, 2013 12:47 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]
Or maybe Robert Sheckley (forgot the name of a novel) even earlier. This idea is actually quite good - if you sample the population fairly and randomly then you should get approximately the same ideological representation as with the representative republic.
Another similar idea is to randomly promote people within a company. Turns out it's the best overall strategy :)
Security quotes of the week Posted Jun 12, 2013 14:51 UTC (Wed) by apoelstra (subscriber, #75205) [Link]
> Another similar idea is to randomly promote people within a company. Turns out it's the best overall strategy :)
I just finished reading 'The Trouble With Physics' by Lee Smolin. As an illustration of the importance of pursuing many research directions, he claimed that it had been proven that for any local hill-climbing strategy, there exist search spaces for which that strategy is no better than a random walk.
Perhaps that's what you are referring to. (Or maybe you were just kidding :))
Security quotes of the week Posted Jun 12, 2013 14:56 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]
Yup, that's a restatement of the famous http://en.wikipedia.org/wiki/No_free_lunch_theorem (btw, Lee Smolin has a new book about physics that I'm working through right now).
But I was specifically talking about this: http://www.guardian.co.uk/education/2010/nov/01/random-pr...
Security quotes of the week Posted Jun 13, 2013 10:50 UTC (Thu) by farnz (guest, #17727) [Link] It goes back a lot further than that - it was a feature of ancient Athenian democracy. Specifically, 90% of the democratically elected officials were chosen by random chance - only the remaining 10% were elected. It could be interesting to reintroduce in a lighter form to the US Senate - imagine if one of the two seats for each state was filled at random from the pool of eligible voters who also meet the requirements for being a senator...
Security quotes of the week Posted Jun 13, 2013 12:53 UTC (Thu) by phred14 (guest, #60633) [Link]
"Fountains of Paradise" - the leadership was drafted, not elected. To go further would be more spoiler than would be polite.
Security quotes of the week Posted Jun 14, 2013 2:36 UTC (Fri) by mathstuf (subscriber, #69389) [Link]
The Clarke book or something else? I don't really remember everything about the book, but that doesn't seem to be something that would have been spoiler-level.
Security quotes of the week Posted Jun 14, 2013 3:49 UTC (Fri) by neilbrown (subscriber, #359) [Link]
> "Fountains of Paradise" - the leadership was drafted, not elected.
Yes, that's the one I was thinking of - thanks.
Security quotes of the week Posted Jun 6, 2013 15:32 UTC (Thu) by ortalo (subscriber, #4654) [Link]
Good point. If I am not mistaken, it is not a problem to tip an election: all candidates do that too. The problem is when you tip the *counting process*.
BTW, of course, the general problem with democracy (and many equitable majority counting decision system) has already been pointed out for a long time (initially by Socrates & co. IIRC). However, until philosopher-king becomes practical, let's remember democracy is still the less dangerous system to have been proposed and experimented (kudos Paul Valéry).
Security quotes of the week Posted Jun 7, 2013 13:56 UTC (Fri) by drag (subscriber, #31333) [Link]
Republics are what we want. Which means that restrictions on behavior apply to governments first and people second.
Or, to put it another way:
IF it's illegal for me to do something, it is illegal for the government to do the same thing. If it's illegal for the government is isn't necessarily illegal for me to do so.
When there is no restrictions to the actions that a democracy can perform then there is no restriction to the tyranny you can expect to get from that democracy. Which is what the world is seeing with the USA government rapidly descending into fascism. EU is following and may have already raced passed the USA into the abyss.
Security quotes of the week Posted Jun 13, 2013 15:25 UTC (Thu) by welinder (guest, #4699) [Link]
> Could [The New York Times] tip an election[...]
That's somewhat different: The New York Times is a legal entity which
Google, on the other hand, appears to want common-carrier protection.
Security quotes of the week Posted Jun 22, 2013 16:55 UTC (Sat) by zack (subscriber, #7062) [Link]
> To register their vote on-line, Parisians [...]
It's worth pointing out that the election in question was not a regular election run by the state or local administration. Rather, it was the primary election of the centre-right wing party UMP http://en.wikipedia.org/wiki/Union_for_a_Popular_Movement . A Le Monde article (in French) on the matter is available here http://www.lemonde.fr/politique/article/2013/05/31/primai...
|
|||||||||||||