Archives

Date
  • 01
  • 02
  • 03
  • 04
  • 05
  • 06
  • 07
  • 08
  • 09
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31

Short Big Think video piece on Privacy vs. Security

There’s another video presentation by me that I did while visiting Big Think in NYC.

This one is on The NSA, Snowden and the “tradeoff” of Privacy and Security.

Earlier, I did a 10 minute piece on Robocars for Big Think that won’t be news to regular readers here but was reasonably popular.

Increasing voter turnout with compulsory voting and (gasp) electronic voting

Earlier this year, I started a series on fixing U.S. democracy. Today let me look at the problem I identified as #3: Voter turnout and the excessive power of GOTV.

In a big political campaign, fundraising is king, and most of the money goes to broadcast advertising. But a lot of that advertising, a lot of the other money, and most of the volunteer effort goes to something else called GOTV or “Get Out the Vote.” Come to help a campaign and it’s likely that’s what you will be asked to do.

US elections have terrible turnout. Under 50% in the 1996 Presidential election, and only 57% in more recent contested elections. In off-years and local elections, the turnout is astonishingly low. Turnout is very low in certain minorities as well.

Because turnout is so low, the most cost effective way to gain a vote for your side is to convince somebody who weakly supports you to show up at the polls on election day. Your ads may pretend to attempt to sway people from the other side, or the small number of “undecideds,” but a large fraction of the ads are just trying to make sure your supporters take the trouble to vote. Most of them won’t, but those you can get count as much as any other vote you get. So you visit and phone all these mild supporters, you offer them rides to the polling place, you do everything legal you can to get them out, and in some cases, to scare the supporters of your opponent.

Is this how a nation should elect its leaders? But who can do the best job at getting the lukewarm supporters to make the trip on election day? It seems wrong. I will go even further, and suggest that the 45% or more who don’t vote are in some sense “disenfranchised.” Clearly not in the strong sense of that word, where we talk about voter suppression or legal battles. But something about the political system has made them feel it is too much of a burden to vote and so they don’t. Those who do care find that hard to credit, they think of them as just lazy, or apathetic, and wonder if we really want to hear the voice of such people.

GOTV costs money, and as such, it is a large factor in what corrupts our politics. If GOTV becomes less effective, it can help reduce the influence of money in politics.

Compulsory voting

Many countries in the world make it compulsory to vote. If your name is not checked off at the polling place, you get fined. Australia is often given as an example of this, with a 91% turnout, though countries like Austria and New Zealand do better without compulsory voting. But it does seem to make a difference.  read more »

Even ASIC miners of Bitcoins face security threats

Last month I wrote about paradoxes involving bitcoin and other cryptocurrency mining. In particular, I pointed out that while many people are designing alternative coins so that they are hard to mine with ASICs — and thus can be more democratically mined by people’s ordinary computers or GPUs — this generates a problem. If mining is done on ordinary computers, it becomes worthwhile to break into ordinary computers and steal their resources for mining. This has been happening, even with low powered NAS box computers which nobody would ever bother to mine on if they had to pay for the computer and its electricity. The attacker pays nothing, so any mining capacity is good.

Almost any. In Bitcoin, ASIC mining is so productive that it’s largely a waste of time to mine with ordinary CPUs even if you get them for free, since there is always some minor risk in stealing computer time. While ordinary computers are very hard to secure, dedicated ASIC mining rigs are very simple special purpose computers, and you can probably secure them.

But in a recently revealed attack thieves stole bitcoins from miners by attacking not the ASIC mining rigs, but their internet connections. The rigs may be simple, but the computers they flow their data through, and the big network routers, are less so. Using BGP redirection, it is suspected, the thieves just connected the mining rigs to a different mining pool than the one they thought they joined. And so they worked away, mining hard, and sometimes winning the bitcoin lottery, not for their chosen pool, but the thieves’ pool.

It’s not hard to imagine fixes for this particular attack. Pools and rigs can authenticate more strongly, and pools can also work to keep themselves more secure.

But we are shown one of the flaws of almost all digital money systems. If your computer can make serious money just by computing, or it can spend money on your behalf without need for a 2nd factor authentication, then it becomes very worthwhile for people to compromise your system and steal your computer time or your digital money. Bitcoin makes this even worse by making transactions irrevocable and anonymous. For many uses, those are features, but they are also bugs.

For the spending half, there is much effort in the community to build more secure wallets that can’t just spend your money if somebody takes over your computer. They rely on using multiple keys, and keeping at least one key in a more secure, even offline computer. Doing this is very hard, or rather doing it with a pleasant and happy user interface is super hard. If you’re going to compete with PayPal it’s a challenge. If somebody breaks into my PayPal account and transfers away the money there, I can go to PayPal and they can reverse those transactions, possibly even help track down the thieves. It’s bad news if a merchant was scammed but very good news for me.

One could design alternate currencies with chargebacks or refundability, but Bitcoin is quite deliberate in its choice not to have those. It was designed to be like cash. The issue is that while you could probably get away keeping your cash in your mattress and keeping a secure house, this is a world where somebody can build robots that can go into all the houses it can find and pull the cash out of the mattresses without anybody seeing.

Do we need to ban the password?

Ok, I’m not really much of a fan of banning anything, but the continued reports of massive thefts of password databases from web sites are not slowing down. Whether the recent Hold Security report of discovering a Russian ring that got a billion account records from huge numbers of websites is true or not, we should imagine that it is.

As I’ve written before there are two main kinds of password using sites. The sites that keep a copy of your password (ie. any site that can e-mail you your password if you forget it) and the sites who keep an encrypted/hashed version of your password (these can reset your password for you via e-mail if you forget it.) The latter class is vastly superior, though it’s still an issue when a database of encrypted passwords is stolen as it makes it easier for attackers to work out brute-force attacks.

Sites that are able to e-mail you a lost password should be stamped out. While I’m not big on banning, it make make sense that a rule require that any site which is going to remember your password in plain form have a big warning on the password setting page and login page:

This site is going to store your password without protection. There is significant risk attackers will someday breach this site and get your ID and password. If you use these credentials on any other site, you are giving access to these other accounts to the operators of this site or anybody who compromises this site.

Sites which keep a hashed password (including the Drupal software running this blog, though I no longer do user accounts) probably should have a lesser warning too. If you use a well-crafted password unlikely to be checked in a brute-force attack, you are probably OK, but only a small minority do that. Such sites still have a risk if they are taken over, because the taken over site can see any passwords typed by people logging in while it’s taken over.

Don’t feel too guilty for re-using passwords. Everybody does it. I do it, in places where it’s no big catastrophe if the password leaks. It’s not the end of the world if one blog site has the multi-use password I use on another blog site. With hundreds of accounts, there’s no way to not re-use with today’s tools. For my bank accounts or other accounts that could do me harm, I keep better hygene, and so should you.

But in reality we should not use passwords at all. Much better technology has existed for many decades, but it’s never been built in a way to make it easy to use. In particular it’s been hard to make it portable — so you can just go to another computer and use it to log into a site — and it’s been impossible to make it universal, so you can use it everywhere. Passwords need no more than your memory, and they work for almost all sites.

Even our password security is poor. Most sites use your password just to create a session cookie that keeps you authenticated for a long session on the site. That cookie’s even easier to steal than a password at most sites.  read more »

The Neighbourhood Elevator and a new vision of urban density

I’ve been musing more on the future of the city under the robocar, and many visions suggest we’ll have more sprawl. Earlier I have written visions of Robocar Oriented Development and outlined all the factors urban planners should look at.

In the essay linked below, I introduce the concept of a medium density urban neighbourhood that acts like a higher density space thanks to robocars functioning like the elevators in the high-rises of high density development.

Read The Neighbourhood Elevator and 21st century urban density at robocars.com.