The Russian FSB, Russia's version of the CIA, helped fool Olympic drug testing protocols by defeating tamper-resistant packaging containing urine samples. It's not explained how they did this, but one way to defeat tamper-resistant packaging is to create a duplicate of the packaging. Tamper-resistant packaging is designed to be difficult to counterfeit, but a state intelligence agency, given essentially unlimited resources, can probably counterfeit anything.
Tamper-resistant or tamper-evident packaging is designed so that it can't easily be opened without it being obvious that it has been compromised, using plastics that can't be opened without tearing or cutting and tapes with holograms and the like that can't be removed without damage. When designing tamper-resistant packaging, it's best if every package is unique in some way that's difficult to counterfeit and this unique aspect is recorded in some way, such as by photographing. Such techniques are effective against most anyone, but not against a well-funded state agency.
One approach that may work even against a state agency is to incorporate printed currency, a U.S. five-dollar bill for example, that is difficult to duplicate exactly. A state agency could presumably create a perfect counterfeit of U.S. currency, but the bills have tiny red and blue fibers randomly distributed throughout the paper that are essentially impossible recreate in exactly the same configuration. They are easy to distinguish from printed imitations, even with the naked eye. A photograph of a five-dollar bill with sufficient resolution to show the red and blue fibers is effectively unique against attack by any worldly agency. If the bill is incorporated in the packaging in a way that it can't be removed without damaging the bill or the packaging, it seems that such a protocol would be effective.
You still need to photograph the bill together with the packaging and guarantee the integrity of the photograph. Digital photographs can be processed with SHA hashing but then the hash value needs to be protected in some way. Probably the best way to ensure the integrity of the hash values is via a block chain, which associates the existence of the photograph with a precise point in time, relatively speaking. The temporal integrity of a block chain is a whole separate topic, but you can establish absolutely that a certain point in the block chain came after a certain point in time by, for example, incorporating a photograph of a newspaper front page. So if the photograph to be verified is added to the block chain on the day it's taken, and then you incorporate a photograph of the next day's newspaper front page into the block chain, anything that hits the block chain after that is obviously counterfeit. Adding a group of photographs to the block chain all at once adds to the security because of the difficulty of counterfeiting multiple photographs.
It's a lot to go through, but it seems that the audacity of the "evil empire", what's left of it, has evolved to the point that it's necessary to go full out with securing Olympic drug tests.
Friday, May 13, 2016
Thursday, May 12, 2016
How the Elon Musk Hyperloop Can Work
I've had my doubts about whether the Elon Musk Hyperloop approach could overcome inherent problems with stabilization. The problem with the approach, as it seemed to me, was that it committed to a tube pressure of 1 millibar, which seems to preclude aerodynamic stabilization.
The problem is that stabilization requires some kind of feedback loop. The capsule will tend to vibrate or oscillate, and there needs to be some mechanism that detects the vibration and counteracts it. My conjecture was that mechanical "damping" of vibrations could not react quickly enough at or near supersonic speeds.
I've realized, though, that the reaction speed required of the damping mechanism is reduced if the mass and rigidity of the capsule is increased. If, for example, the capsule is constructed with a 10 cm. thick steel shell, giving it a weight of some 20 tons, it seems that it would have sufficient mass and rigidity to reduce the damping reaction speed required. The damping force required would increase, but I'm guessing that's not as much of a problem as the reaction speed.
Constructing the capsule of heavy, hardened steel would also increase the protection of the occupants. Besides protecting against breach of the capsule, the increased mass also reduces the inertial forces inside the capsule in the event of unplanned deceleration or buffeting.
A heavy capsule requires more energy to accelerate, but the energy can be recaptured during deceleration.
People may be reluctant to travel inside what is essentially a bank vault, even though it would be much safer. Engineering psychology can be used to make people feel comfortable with the whole experience, though, which is already used to make people feel safe and comfortable in aircraft.
The problem is that stabilization requires some kind of feedback loop. The capsule will tend to vibrate or oscillate, and there needs to be some mechanism that detects the vibration and counteracts it. My conjecture was that mechanical "damping" of vibrations could not react quickly enough at or near supersonic speeds.
I've realized, though, that the reaction speed required of the damping mechanism is reduced if the mass and rigidity of the capsule is increased. If, for example, the capsule is constructed with a 10 cm. thick steel shell, giving it a weight of some 20 tons, it seems that it would have sufficient mass and rigidity to reduce the damping reaction speed required. The damping force required would increase, but I'm guessing that's not as much of a problem as the reaction speed.
Constructing the capsule of heavy, hardened steel would also increase the protection of the occupants. Besides protecting against breach of the capsule, the increased mass also reduces the inertial forces inside the capsule in the event of unplanned deceleration or buffeting.
A heavy capsule requires more energy to accelerate, but the energy can be recaptured during deceleration.
People may be reluctant to travel inside what is essentially a bank vault, even though it would be much safer. Engineering psychology can be used to make people feel comfortable with the whole experience, though, which is already used to make people feel safe and comfortable in aircraft.
Thursday, March 24, 2016
On Trumpism and Sticking It to Women
Constant humiliation is the price of living in a civilized world. From the day we are born, we are punished and bribed into adapting, though some of us, mostly men, resist fiercely. Most of the resisters end up in prison or homeless, though a few become wealthy and powerful. For men, humiliation by women is especially galling. A succession of shrewish teachers, wives, and bosses can leave a guy feeling quite castrated.
Come November, when we go to the voting booth, we will most likely see two names on the ballot: Hillary Clinton and Donald Trump. We'll think: of course I'm voting for the Democrat, who will protect Social Security, keep us out of stupid wars, stop Wall Street from impoverishing us and appoint justices with reasonable IQs. But as our hands hover over the box for Hillary, our fingers will begin to twitch, and we will muse: no one will know if, with one flick of the wrist, I void my bladder on all those insufferable women and vote for the Donald, a true he-man woman-hater, no less.
When that happens, GET A GRIP! DON'T DO IT!
Sure it would feel good, but there are lots of things that feel good that you don't want to do, as we're constantly reminded, yes, by women. Maybe you're so far gone that you think it would feel good to stick a gun in your mouth and pull the trigger. Voting for Donald amounts to about the same thing.
If you don't care about yourself, then think of your children and grandchildren. You're a man with responsibilities that are far more important than masturbating your ego. Think of the misery that a Republican President, House and Senate would bring to your family and friends. You would hate yourself for that moment of weakness, you know you would.
So MAN UP and pull the lever for Hillary. You'll feel like shit, just like you did the day before and the day before that. But at least you will stand proud knowing that you made the sacrifice for those you love.
Wednesday, February 24, 2016
United States v. Apple
Apple has hired former U.S. Solicitor General Ted Olson to defend it against a court order that requires Apple to create a special version of its IOS operating system that gets around privacy features normally available on iPhone 8. The government wants to install it on an iPhone used by San Bernardino terrorist Syed Rizwan Farook, allowing the government to read the encrypted information stored on the phone.
Olson has been appearing on news programs but has not been saying anything very convincing about why the government should not be able to do this. He claims that it violates the U.S. Constitution, but there is not much in the Constitution that protects privacy. The Fourth Amendment requires a warrant issued on probable cause before the government can search, but the government has one in this case. Beyond that, there's precious little the government can't do. In the past, the U.S. Supreme Court has at times created new constitutional rights out of thin air, as in the case of the "right of reproductive privacy" that guarantees the right to contraception and abortion. More recently, the court has been much less willing to discover new rights hidden in the Constitution. The chances that they will find anything like a constitutional "right to encryption" lurking in the shadows of the Bill of Rights is about zero.
So, as is usually the case, the government can do pretty much as it pleases. Whether they should or not is another question.
Despite what they say, Apple doesn't care a whole lot about your privacy. Like all big companies, they care about making money, and they are concerned about where this will lead. They tightened security in iPhone 8 precisely because they saw that demand for secure phones was increasing and they were at risk of ending up at a competitive disadvantage.
The government can and will break Apple, but that's not the end of it. Unbreakable encryption now seems inevitable. Other phone models will develop good security and users will switch to those phones instead of Apple. Those phones and their operating systems can be made in other countries. We could end up with the Chinese government able to access data on phones used by Americans but the United States unable to access data on the phones of foreign agents or terrorists. The government will have won the battle but lost the war.
It's of no use to Apple to try to make this argument in court because it has nothing to do with the legal issues involved. The encryption chess match among governments and corporations, though, will play out for some years to come. The United States should take account of the endgame, not just the next move.
Olson has been appearing on news programs but has not been saying anything very convincing about why the government should not be able to do this. He claims that it violates the U.S. Constitution, but there is not much in the Constitution that protects privacy. The Fourth Amendment requires a warrant issued on probable cause before the government can search, but the government has one in this case. Beyond that, there's precious little the government can't do. In the past, the U.S. Supreme Court has at times created new constitutional rights out of thin air, as in the case of the "right of reproductive privacy" that guarantees the right to contraception and abortion. More recently, the court has been much less willing to discover new rights hidden in the Constitution. The chances that they will find anything like a constitutional "right to encryption" lurking in the shadows of the Bill of Rights is about zero.
So, as is usually the case, the government can do pretty much as it pleases. Whether they should or not is another question.
Despite what they say, Apple doesn't care a whole lot about your privacy. Like all big companies, they care about making money, and they are concerned about where this will lead. They tightened security in iPhone 8 precisely because they saw that demand for secure phones was increasing and they were at risk of ending up at a competitive disadvantage.
The government can and will break Apple, but that's not the end of it. Unbreakable encryption now seems inevitable. Other phone models will develop good security and users will switch to those phones instead of Apple. Those phones and their operating systems can be made in other countries. We could end up with the Chinese government able to access data on phones used by Americans but the United States unable to access data on the phones of foreign agents or terrorists. The government will have won the battle but lost the war.
It's of no use to Apple to try to make this argument in court because it has nothing to do with the legal issues involved. The encryption chess match among governments and corporations, though, will play out for some years to come. The United States should take account of the endgame, not just the next move.
Tuesday, December 15, 2015
Artificial Intelligence: The Human Machine
My favorite American entrepreneur, Elon Musk, who is very much the Thomas Edison of our time, has helped start a new enterprise aimed at advancing the field of artificial intelligence. It's called "OpenAI". On their website they state:
OpenAI is a non-profit artificial intelligence research company. Our goal is to advance digital intelligence in the way that is most likely to benefit humanity as a whole, unconstrained by a need to generate financial return.
Since our research is free from financial obligations, we can better focus on a positive human impact. We believe AI should be an extension of individual human wills and, in the spirit of liberty, as broadly and evenly distributed as possible.
Which would be a shame. So much talent and resources wasted in that case. It seems that their first priority needs to be to set measurable goals that they can evaluate themselves against. A couple of things come to mind:
So instead of trying to come up with answers before knowing the questions, perhaps the focus needs to be more on coming up with the questions. In the context of AI, this paper from the Proceedings of Aslib Informatics provides some insight.
This is a difficult problem in itself, even with no AI plugged in. In one possible architecture, a single person would manage the platform side of the conversation, and would create sub-problems to be distributed to other humans to solve. How you do that, and what is the architecture, even with no AI involved, is a hard problem. Once you had such a platform, you could begin adding AI features to make it faster and better, with the goal of ultimately replacing all the humans.
The point of such an experiment would be to focus on the appropriate questions as well as to serve as a measure of progress, in terms of how satisfying the interaction is to users. In the absence of financial or military motivations, some method is needed to map the space being researched and to know if you're going anywhere, whether it's a "human machine" or something else.
OpenAI is a non-profit artificial intelligence research company. Our goal is to advance digital intelligence in the way that is most likely to benefit humanity as a whole, unconstrained by a need to generate financial return.
Since our research is free from financial obligations, we can better focus on a positive human impact. We believe AI should be an extension of individual human wills and, in the spirit of liberty, as broadly and evenly distributed as possible.
An Ivory Tower?
The phrase "unconstrained by a need to generate financial return" is troubling. I'm all for non-profit. I really am. But the question arises, what is going to motivate this organization to produce anything? There's a very real risk of ivory-towerism.Which would be a shame. So much talent and resources wasted in that case. It seems that their first priority needs to be to set measurable goals that they can evaluate themselves against. A couple of things come to mind:
- Number and quality of peer-reviewed papers.
- Number and quality of users of their planned open source software.
What is the question?
Before you can come up with an answer, you need to know the question. Before Einstein could come up with special relativity, he needed a clear statement of the problem that he was trying to solve. In retrospect, coming up with the question was perhaps the hardest part and took many people working many years. Without the Michelson-Morley experiment in 1887, for example, Einstein would not have known what the problem was he was trying to solve in 1905.So instead of trying to come up with answers before knowing the questions, perhaps the focus needs to be more on coming up with the questions. In the context of AI, this paper from the Proceedings of Aslib Informatics provides some insight.
The human machine.
One possible way to generate the questions as well as to test progress would be to build what may be called a "human machine". This would be a platform consisting of networked software that lets a group of humans work together to interact with a human interrogator. Someone who wants to chat would go to a web site, and the other side of the conversation would be handled by the platform.This is a difficult problem in itself, even with no AI plugged in. In one possible architecture, a single person would manage the platform side of the conversation, and would create sub-problems to be distributed to other humans to solve. How you do that, and what is the architecture, even with no AI involved, is a hard problem. Once you had such a platform, you could begin adding AI features to make it faster and better, with the goal of ultimately replacing all the humans.
The point of such an experiment would be to focus on the appropriate questions as well as to serve as a measure of progress, in terms of how satisfying the interaction is to users. In the absence of financial or military motivations, some method is needed to map the space being researched and to know if you're going anywhere, whether it's a "human machine" or something else.
Friday, November 20, 2015
Securing Your Subversive Communications
There's a lot in the news lately about encryption. If you're engaged in subversive activities, perhaps environmental activism or journalism for example, you know how important it can be to keep your communications secret.
Those of us of a certain age are familiar with the Nixon presidency and Watergate, and these days we have the Snowden revelations, but it's not just government we have to worry about. Howard Hughes, the famous aviator, aerospace engineer, movie producer and womanizer, provided financial support for right-wing spying on liberals in his day. The Koch brothers do the same today.
But keeping your communications secure is much more than encryption. Here are some of the things you need to consider:
Those of us of a certain age are familiar with the Nixon presidency and Watergate, and these days we have the Snowden revelations, but it's not just government we have to worry about. Howard Hughes, the famous aviator, aerospace engineer, movie producer and womanizer, provided financial support for right-wing spying on liberals in his day. The Koch brothers do the same today.
But keeping your communications secure is much more than encryption. Here are some of the things you need to consider:
- Finding secure services. Probably services like proton mail or tor instant messaging are secure, but how can you be sure? One of the Snowden revelations was that the NSA plants saboteurs among the developers of such software to weaken its security in subtle ways. And besides, to be secure, you need to be perfect, and no one's perfect. Still, this is probably not your biggest problem.
- Using a secure operating system. It does no good to use a secure service if your operating system is broken. Windows is hopeless and even Linux has myriad security problems, though it can be made better by using "hardening" procedures.
- Using a secure device. The hardware itself is subject to tampering. It's not paranoid to imagine that your home could be broken into and your motherboard replaced with one that is in some way more friendly to attackers. Smaller, simpler devices, such as Raspberry Pi, are easier to secure, so long as you keep them as "bare bones" as possible. And there are "hardening" practices recommended for these devices as well. To be safe, you need to epoxy the case closed and paint it with distinctive designs to prevent tampering with or swapping the device.
- Protecting meta information. Even if the content of your messages is secure, knowledge about who is communicating with whom, how much and when, can be a great help to your enemies. You have to assume that they know who you are and are targeting you. They can plant a hardware device in your internet connection or infiltrate your internet provider. So you need to use random internet connections, at cyber cafes and the like, rather than your home or work connections.
- Generating noise. One of the best ways to protect yourself is to create a lot of noisy but unimportant communications using insecure means. This will keep your watchers busy and they may be too lazy to look further. It's useless to try to hide from them. They know who you are. If you try to conceal all your activities, they will just keep looking that much harder.
Assuming you have achieved secure communication, you still have the problem of "social engineering" attacks. If you have much interest in spy stories, these will be familiar to you:
- Moles. Your enemies may plant people in your organization who are disloyal. They may be people who seem the most gung-ho and the most ideologically pure. They are likely to be newcomers to your organization, possibly with a fabricated history of support for your cause. You need to be suspicious of anyone who doesn't have verifiable history with people you know.
- Traitors. Your people can be bought, seduced or blackmailed. Look for changes in behavior, especially if they seem to be pressing for information. Their handlers will be impatient and push them to find out as much as possible as quickly as possible. This will give them away if you're looking out for it.
- Disruption. This is the flip side of the problem of moles and traitors. Your enemies can try to convince you that loyal people are actually disloyal and create confusion and conflict in your organization. There's no solution to this conundrum except to be smarter than your enemy.
Wednesday, November 18, 2015
Moral Hazard
The rescue of the financial giant AIG by the Federal Reserve during the financial crisis of 2008 probably prevented a global financial catastrophe and probably prevented the "Great Recession" from becoming another "Great Depression". As bad as it was, with the assets of the U.S. middle class being all but wiped out and millions of people losing their jobs, it could have been a lot worse and lasted a lot longer.
The financial crisis was caused by poor management of large international banks and other businesses that aren't technically banks but function like banks. They took huge risks. When the bubble burst, they were in danger of going bust and causing everyone else to go bust along with them.
The Dodd-Frank law that Congress passed after the financial crisis is supposed to fix that by prohibiting the banks from taking excessive risk. Large banks that are big enough to cause another financial crisis get increased attention from the Federal Reserve. But one part of the Dodd-Frank law prohibits the Federal Reserve from ever again rescuing large banks and financial institutions. The reason given for this change is the danger of "moral hazard", which means, if the banks think they will be rescued in a financial crisis, then they won't care how reckless they are.
The argument, however, ignores the fact that banks and bank-like companies are run by executives. It assumes that these executives care if the bank fails or is rescued by the Federal Reserve. They don't, not very much.
These executives are fairly wealthy. They are clever about money and keep some of their money in gold and other things that guarantee they and their families will be OK in any financial crisis. This leaves them free to gamble with the bank's money without much risk to themselves. If they are lucky, their gambling will pay off and they will make even more money. If they are unlucky, the bank will go broke, but they won't suffer much as a result. This is called "heads I win, tails you lose", and it's the real "moral hazard". Dodd-Frank does nothing to change this.
So we are doomed to endure another financial crisis sooner or later. The next time, though, the Federal Reserve will not have the power to rescue us and we will all end up beggars.
The financial crisis was caused by poor management of large international banks and other businesses that aren't technically banks but function like banks. They took huge risks. When the bubble burst, they were in danger of going bust and causing everyone else to go bust along with them.
The Dodd-Frank law that Congress passed after the financial crisis is supposed to fix that by prohibiting the banks from taking excessive risk. Large banks that are big enough to cause another financial crisis get increased attention from the Federal Reserve. But one part of the Dodd-Frank law prohibits the Federal Reserve from ever again rescuing large banks and financial institutions. The reason given for this change is the danger of "moral hazard", which means, if the banks think they will be rescued in a financial crisis, then they won't care how reckless they are.
The argument, however, ignores the fact that banks and bank-like companies are run by executives. It assumes that these executives care if the bank fails or is rescued by the Federal Reserve. They don't, not very much.
These executives are fairly wealthy. They are clever about money and keep some of their money in gold and other things that guarantee they and their families will be OK in any financial crisis. This leaves them free to gamble with the bank's money without much risk to themselves. If they are lucky, their gambling will pay off and they will make even more money. If they are unlucky, the bank will go broke, but they won't suffer much as a result. This is called "heads I win, tails you lose", and it's the real "moral hazard". Dodd-Frank does nothing to change this.
So we are doomed to endure another financial crisis sooner or later. The next time, though, the Federal Reserve will not have the power to rescue us and we will all end up beggars.
Subscribe to:
Posts (Atom)