Tag: Technology

United States Government Looking to Repeat Security Blunder

As we’re recovering from two vulnerabilities caused by old export restrictions on strong cryptography tools the United States government is looking to repeat that failure:

The U.S. Commerce Department has proposed tighter export rules for computer security tools, a potentially controversial revision to an international agreement aimed at controlling weapons technology.

On Wednesday, the department published a proposal in the Federal Register and opened a two-month comment period.

The changes are proposed to the Wassenaar Arrangement, an international agreement reached in 1995, aimed at limiting the spread of “dual use” technologies that could be used for harm.

Forty-one countries participate in the Wassenaar Arrangement, and lists of controlled items are revised annually.

The Commerce Department’s Bureau of Industry and Security (BIS) is proposing requiring a license in order to export certain cybersecurity tools used for penetrating systems and analyzing network communications.

Another great example of the state making the same mistake, only harder. Restricting the export of strong cryptographic tools put everybody at risk of attack and an export restriction against penetration testing tools would put everybody at risk of missing basic vulnerabilities in their networks.

Penetration testing tools, like any technology, can be used for good and bad. If you properly utilize the tools on your network you can discover vulnerabilities that are exploited by those tools and patch them. Not utilizing these tools allows an malicious actor to exploit your network using those tools. Any restriction on exporting these tools will leave networks vulnerable to them.

Why would the United States government propose implementing restrictions that put the entire world at risk? Most likely it’s because government agencies utilize penetration testing tools to exploit networks and would therefore gain considerably by making defending against them more difficult. This proposal shows just how self-centered the state really is because it’s willing to put billions of people at risk just to make its task of exploiting networks a little easier. Its narcissism is so bad that it doesn’t even care that this restriction would also make every network more vulnerable to exploitation by its enemies (if the United States can hack your network then foreign countries such as North Korea can as well).

Fortunately we learned what happens when restrictions are placed on ideas during the crypto wars. Even though the United States restricted the export of strong cryptographic algorithms the knowledge spread quickly. It’s pretty hard to restrict something that can literally be printed on a t-shirt, especially when you have a worldwide network that specializes in information sharing. If this restriction is put into place it will be entirely ineffective at everything but giving the state justification to put several very intelligent people in a cage for the crime of making our networks safer.

Market Solutions Versus State Solutions: Global Positioning System

Continuing on my theme of comparing market solutions to state solutions, today I’m going to discuss the Global Positioning System (GPS). For those of you unfamiliar with GPS it’s a network of satellites that provides positional information for navigation purposes. Development started in 1973 by the Department of Defense (DoD) and it became fully operational in 1995. Today anybody who uses a computer navigation system, say their phone or a dedicated GPS receiver, relies on this network.

There are several points to note about GPS. It was originally developed to improve the DoD’s ability to blow up people in foreign countries. Civilians were begrudgingly given access to the network but only through a degraded signal. In 2000 civilians were finally allowed to access a non-degraded GPS signal and that’s when the real innovation began.

The DoD’s exclusive access to the full capabilities of GPS resulted in no notable quality of life improvements for everyday people. Instead the DoD saw GPS as a way of improving its ability to kill people. Even today the state still uses GPS to enhance its own power. The Federal Bureau of Investigations (FBI), for example, uses GPS to perform warrantless surveillance.

Meanwhile the market has been utilizing GPS to improve the lives of everyday people. In 1991 a GPS receiver weighing less than 3 pounds was finally created. Today GPS receivers are so small that they fit in our phones. Using these miniaturized GPS receivers we are able to navigate with our phones. Google and (to a much lesser extent) Apple’s mapping services give consumers free access to constantly updated maps that enable real-time turn-by-turn navigation when coupled with a GPS signal. Market access to GPS gave rise to Geocaching, a game where players use GPS to locate hidden caches. Task management apps allow users to create reminders that will fire off when they enter their home or place of work. Bicycling apps allow cyclists to keep track of where they road, how fast they were going, and how high the hills the ascended were. Phones and other devices can utilize GPS to report their location so they can be easily recovered if stolen. Thanks to the market you can even use GPS to defend yourself against the state. Apps such as Waze will alert you to reported police presence before you’re close enough to be clocked on a radar gun.

Where the state saw a network of navigational satellites only as a means of improving its ability to kill and spy the market saw it as a means of improving our lives in a vast number of ways. Thanks to the market GPS is so integrated into our daily lives that we take it for granted.

Political Solutions Versus Technical Solutions

When discussing pervasive surveillance I focus exclusively on technical solutions. People involved in political activism often ask me why I don’t also involve myself in political solutions. My reason is that I don’t like investing effort into worth that is unlikely to pay off when I can invest it in work that will pay off.

Consider the political solution. Say, in spite of everything we know about the state, Congress decides to ban the National Security Agency (NSA) from spying on American citizens and actually enforces that ban. What then? You’re still vulnerable to spying from the Government Communications Headquarters (GCHQ) as well as the intelligence agency of every other major world government. In addition to that your Internet service provider (ISP) can still spy on you and inject malicious code into websites you visit. Political solutions are also temporary. Once the Congress that voted to prohibit the NSA from spying is replaced with a new Congress that ban could be reversed.

Technical solutions avoid those limitations. When you use security forms of communication that the NSA, GCHQ, and other intelligence agencies can’t crack then they are unable to spy on regardless of where the political winds blow. Furthermore ISPs are unable to surveil your traffic or inject malicious code into websites you visit. Technical solutions fix the holes needed to spy on you and therefore defends you against all surveillance and not only for temporary stretches of time (assuming the secure communication tools continue to be maintained so any discovered vulnerabilities are fixed).

I, like everybody else, only have a limited amount of time. Why would I invest some of that precious time into something that is, at best, temporary and only guards against a select few bad actors when I can focus on something that is more permanent and works against all bad actors? It just doesn’t make sense.

State Solutions Versus Market Solutions

Technology is a double-edged sword. One edge improves the lives of people. The other edge enables bad people to do bad things. When you want to see both edges of a technology you need only compare how it is used by the state versus the market. Consider drones. States use drones to spy and drop bombs on people. Meanwhile the market utilizes them to provide better services to individuals. Xcel Energy is planning to utilize drones to inspect power infrastructure:

Xcel Energy says it has approval from federal regulators to use drones to inspect more than 320,000 miles of electric and natural gas infrastructure.

The Federal Aviation Administration says Xcel can use the small unmanned aircraft systems to visually inspect electric transmission and distribution lines, power plants, renewable energy facilities, substations and pipelines.

This will allow more reliable provision of power by identifying flaws in the infrastructure before they become a major problem. It will also allow fast identification of problem sources as aerial inspection of power infrastructure is usually faster than ground inspection. Instead of using drones to terrorize entire nations Xcel Energy is another company that has found yet another way to utilize the technology to enhance the lives of people.

Nothing to See Here

My Kindle Voyage arrived last night so I was playing with that instead of blogging. Admittedly it’s expensive but holy hell is it a wonderful reading device. The screen is really nice (at least compared to my first generation touch screen Kindle) and the back light doesn’t interfere with the e-paper legibility. Did I mention the return of the page flip buttons? I missed those and am glad they’re back. If you read a lot I highly recommend this thing.

Since Goodreads is integrated with the Voyage I created an account. If you want to know what I’m reading and what I’ve read you can follow me here (hint: it’s almost all science fiction and history).

Deus Ex is Our Future

Deus Ex is a great series of video games because it not only has great game play but also addresses the issue of transhumanism. As prosthetic technology improves we will certainly have people opting to have their squishy natural limbs and organs replaced by far superior mechanical versions. Even now prosthetics are becoming more capable. But they still lack one major feature, a sense of touch. That will soon change:

Daniel Moran, PhD, professor of biomedical engineering in the School of Engineering & Applied Science and of neurobiology, of physical therapy and of neurological surgery at the School of Medicine, has received a three-year, nearly $1.9 million grant from the Defense Advanced Research Projects Agency (DARPA) to test a novel device his lab developed that would stimulate the nerves in the upper arm and forearm. If it works, upper-limb amputees who use motorized prosthetic devices would be able to feel various sensations through the prosthetic, which would send sensory signals to the brain.

[…]

Moran and his team, which includes Harold Burton, PhD, professor of neurobiology; Wilson (Zach) Ray, MD, assistant professor of neurological surgery, both at the School of Medicine; and Matthew MacEwen, who will graduate with an MD/PhD in May 2015 and worked on this project for his dissertation, have developed a macro-sieve peripheral nerve interface designed to stimulate regeneration of the ulnar and median nerves to transmit information back into the central nervous system. The macro-sieve is made of an ultrathin, flexible material similar to a soft contact lens, is about 1/8th the size of a dime and looks like a wagon wheel with open spaces between the “spokes” that allow the nerve to grow.

At this rate we’ll have actual cyborgs within the decade. It’s amazing how quickly technology is advancing. Much of it is due to the development of every smaller power-efficient computers. Since technology is cumulative, that is to say technology builds on itself to create more technology, we may enjoy that almost utopian future dreamed of in the 1950’s (you know the one with flying cars and infinite energy provided by nuclear power).

Embrace the Machines

Self-driving cars are advancing quickly, which has lead to a debate. Many people don’t like the idea of self-driving cars because they believe the potential for software glitches to lead to a catastrophic crash is too high. I, on the other hand, can’t wait to buy a self-driving car. Software glitches are always a possibility but the truth is we humans are far more prone to error when driving then current self-driving cars have been. That’s because our species as a problem with complacency. When we do a task successfully so many times we become less cautious and allow ourselves to be distracted more easily. This is why humans suck at watching security monitors all day. It’s also why adding some intelligence to our vehicles makes a lot of sense. Recently the European New Car Assessment Program (NCAP) did a study on self-braking cars and found that they reduced rear-end collisions significantly:

While we’re still some way off seeing full-blown, self-driving cars winding their way across continental Europe, a more modest autonomous technology has found approval with safety bods. Research conducted by the European road safety research organisation Euro NCAP concluded that having a car automatically slam on the brakes to avoid low-speed accidents leads to a 38 percent reduction in rear-end crashes.

As you’ll note software glitches didn’t lead to an increase in crashes. And while software glitches could lead to isolated failures that almost certainly won’t be enough to offset the benefits of such a highly reduce rear-end collision rate. This also shows that there are things machines are better at than us squishy humans. Repetitive tasks, such as driving, are one of them.

Machines are not only incapable of getting bored but they are also better at maintaining awareness. A computer can monitor a vast number of sensors simultaneously whereas us humans have five sense that are very restricted (for example, our vision only sees forward and our sense of touch requires physical contact). If you think you can maintain better awareness than a self-driving car equipped with cameras, radar, laser sensors, radio communication to other self-driving cars, and a slew of other sensors you are mistaken.

The debate over self-driving cars shouldn’t be whether software glitches will lead to isolated catastrophes. It should be over whether self-driving cars, as a whole, will increase overall vehicle safety. Since machines are better at almost every aspect of driving (road rage is the only exception I can think of) than we are the debate is pretty much settled. That’s not to say wanting a car you drive yourself because you prefer to drive a car yourself isn’t a valid reason to buy one. But the concerns about safety risks involve in self-driving cars has been put to rest.

Past Performance Does Not Guarantee Future Results

On my wrist is a device for measuring the passage of time. It is made by Seiko, purely mechanical, and hopelessly outdated. Why do I say it’s outdated? Because it measures the passage of time by the oscillation of a balance wheel. It’s also powered by a mainspring that can keep the watch running for approximately 40 hours. The general workings of the movement are very similar to the general workings of a 100 year-old pocket watch. In the 1970s a new type of movement became popular. It used the oscillation of a quartz crystal to measure the passage of time. Not only is this more accurate than relying on the oscillation of a balance wheel but it’s also cheaper to manufacturer, immune to magnetism, can remain powered for five years on a single battery, and doesn’t need any lubrication. Wristwatches with quartz movements are superior in every way to their mechanical brethren. Why do I wear a mechanical wristwatch? Because I enjoy all of the gears, springs, and levers working together to measure the passage of time. What does this have to do with anything? Quite a lot, actually.

Yesterday I was involved in a discussion about the Tesla Model 3. I see the Tesla vehicle as a major leap in automobile technology. Not only does it decouple the power source from the vehicle it’s also mechanically simpler than a gasoline powered vehicle. Having a 200 mile range also makes it very useful to anybody living in an urban area that makes a fairly short commute every day. Since the Tesla car offers so much it was guaranteed that somebody would bitch about it.

Another person in the discussion wrote the Tesla off as worthless because it didn’t fit her use case. She needs to make periodic 350 mile trips, which is outside of the Tesla Model 3’s 200 mile range. I pointed out that the Tesla is still in its infancy and battery improvements would likely advance rapidly and give the car greater range. Her response was to claim battery technology advances only over decades.

This is a common fallacy people fall into. They use current trends to make predictions about the future. But technology doesn’t advance linearly. It advances exponentially. That’s because breakthroughs in one field can lead to improvements in other fields. My wristwatch is an example of that. For hundreds of years tools to measure the passage of time relied on mechanical parts. Their complexity made them expensive to manufacture. After hundreds of years of little improvement the quartz movement was released to the world and it was greeted with open arms. People snapped up quartz wristwatches at such a pace that designers of mechanical wristwatches began calling that period the Quartz Crisis. Advancements in electronics had propelled instruments of measuring the passage of time forward.

But that’s not the only example. Humans have been using the bow and arrow for thousands of years. By the 1900s it would be safe to say there wasn’t much left to learn about bows and arrows, right? Wrong. In the 1960s a revolutionary design called the compound bow was released. By utilizing cams a compound bow was able to not only store more energy but also allow the archer to hold the bowstring at full draw longer by reducing the weight to almost nothing. When you draw a compound bow there is a lot of weigh initially and then it tappers off. Even after thousands of years humanity found a way to revolutionize the bow and arrow.

I work in the computer field, which sees constant advancements. Few people stop to consider how far computers have advanced in a few years. In my pocket is a computer that is more powerful than my eight year-old desktop. Not only is it more powerful but it’s also more power efficient. And it’s has 24/7 Internet connectivity thanks to a high-speed wireless technology that was little more than an idea a decade ago.

Dismissing a technology because of past performance is idiotic. The phrase “past performance does not guarantee future results” is traditionally used to note that a previously successful person many not necessary be successful in the future. But it also applies to technological advancements. Just because it took decades to advance battery technology before doesn’t mean it’s going to take decades to advance it again. New materials could be developed tomorrow that allow for lighter batteries that can store more energy and survive more recharge cycles. Suddenly the Tesla Model 4 could have a range of 1,000 miles on a single charge and outlast any gasoline-powered vehicle.

As a general rule I don’t bet against technological advancements. That’s synonymous with saying I don’t bet against markets. The reason I’m so optimistic about market solutions is because markets are constantly advancing. Problems we don’t even know we have are being solved right now. Did you know that pulling your cellular phone out of your pocket is inconvenient? I bet you didn’t. But smart watches exist that allow you to keep your phone in your pocket for longer and enough people enjoy this solution that an entire market is being built around the technology. Markets are the opposite of government. Governments stagnate. Markets advance. When people claim markets can’t solve a solution they are making a sucker’s bet. Just because a market solution to a problem doesn’t currently exist doesn’t mean one won’t exist in the future. Even if a market solution hasn’t be developed over a thousand years doesn’t imply one won’t exist tomorrow.

When a statist predicts anarchism will fail they are making future predictions based on current trends (i.e. the world is currently a statist shithole so it will always be a statist shithole). This is why I don’t take them seriously and never accept their predictions of doom and gloom if the world ever frees itself from the statism.

DRM, Not Even Once

Keurig, the manufacturer of a machine that makes a single cup of coffee, recently implemented Digital Rights Management (DRM) (and oxymoron of a term, I know) on its latest model to prevent users from using cheaper third-party coffee grounds in the machine. This did not sit well. In its lust for money by forcing people to buy its overpriced coffee in addition to its coffee maker Keurig managed to pummel its stock price:

Sales of Keurig brewing machines and accessories tumbled 23% in the first quarter compared to the prior year.

The company had a lot of excuses, but the basic problem is there are too many Keurig machines in stores and people aren’t buying them, especially the newest Keurig 2.0 model.

“We do have some headwinds,” said Chief Financial Officer Fran Rathke on a call with analysts.

Investors are fleeing the stock. Keurig (GMCR) dropped 10% Thursday when the market opened for trading. Shares are now down more than 25% this year.

It’s a big change for the company which had been one of the hottest stocks in 2013 and 2014 and does over $1 billion in sales.

CEO Brian Kelley says he’s listening to consumers and is ready to make changes. The biggest frustration for customers is that the 2.0 model only brews Keurig branded coffee cups.

Let this be a lesson to other companies. If you try to control how your customers use your product you’re going to have a bad time. Companies like to use the combination of DRM and selling a device that relies on consumables at a loss. The most famous market that has built an industry around this combination are printers. Most printers are solder either at a loss or for no profit with the expectation customers will buy overpriced printer ink from the manufacturer. DRM is usually used to prevent third-party ink cartridges from functioning although the schemes are almost always bypassed.

Keurig thought it could get away with such a scheme for its coffee maker. But I think Keurig made a fatal mistake. If you’re going to use DRM you really should use it from the start. When consumers are used to using your product in a certain way they probably won’t be happy if your change the rules on them. And when entire companies exist from selling a product that’s used in you’re device you’re going to have some major players investing resources into bypassing your DRM scheme.

Keurig really fucked up and their stock price shows it. This should be a lesson to every company that DRM is something you shouldn’t even try once.

The Future is Here

If there are any questions about my belief that technological advancements will save us before political actions this story should answer them:

Snuggly situated in an industrial section of Oakland, CA is Next Thing Co. a team of nine artists and engineers who are pursuing the dream of a lower cost single board computer. Today they’ve unveiled their progress on Kickstarter, offering a $9 development board called Chip.

The board is Open Hardware, runs a flavor of Debain Linux, and boasts a 1Ghz R8 ARM processor, 512MB of RAM, and 4GB of eMMC storage. It is more powerful than a Raspberry Pi B+ and equal to the BeagleBone Black in clock speed, RAM, and storage. Differentiating Chip from Beagle is its built-in WiFi, Bluetooth, and the ease in which it can be made portable, thanks to circuitry that handles battery operation.

$9 for a computer with a 1Ghz process, 512MB of RAM, and 4GB of storage? And it runs Linux? Sign me up! I never thought I’d live to see this day. My family’s first computer, and we came to the computer game fairly late, was a real piece of shit 3.11 machine and must have cost at least $2,000 or $3,000. Back then the idea that a computer would be available for $9 was inconceivable.

This is another example of the market providing real solutions to real problems. Is there any wonder why us market anarchists have more faith in it than politicians who seem incapable of identifying, let alone solving, real problems?