Overheard,
Computer Security is like sex.How true :))
Once you're penetrated you're fucked.
Showing posts with label technology. Show all posts
Showing posts with label technology. Show all posts
As you can probably tell - the new look is meant to give the blog a breath of super fresh air!
(Thats a picture of the Hong Kong skyline, I fell in love with it during some 6 hours I spent there a few days ago :))
George Orwell's 1984 was a watershed in how humanity in general thought about the future. If you haven't read it, I really, REALLY recommend you do. It (along with Animal Farm) gave us chilling insights into a society which could, if left unchecked, become dystopian in the very near future. But over the decades since its release, people have always taken it for granted that this was but the fancies of one man, and mankind was savvy enough to protect itself from the beginnings of its own demise.
Up until now.
"Big brother is watching you", the refrain of many a snide comment about totalitarian governments has never been so chilling in its applicability to the modern democratic state. And no, I'm not getting unnecessarily melodramatic or anything - a series of events which have happened in the past week have made me question a lot of things I'd taken for granted before. Not in the least, the concepts of privacy and freedom.
The slow erosion of the founding principles of the United States has been evident for a while now - certain quarters have taken decisions to curtail basic human rights in the name of eradicating terrorism. Others have launched campaigns about Intellectual Property, in the name of which thousands of innocents have been legally targetted - I refer to the RIAA's attack on individuals over the past year or so. And then of course, there's the Indian context of banning blogs which condone terrorism, or are against the sentiments of a particular religious or ethnic group. Censorship for a cause, but still censorship.
All aspects of our social life are on the internet - our email, our invitations, photos, contacts, files, credit card databases and bank accounts. Drivers licenses when swiped in a card reader let the government know where you are. Combine all this information, and you can find out where I shopped, what I bought, when I did so. Google earth allows you to look at my backyard. You now know where I live. You have me on surveillance cameras. Practically every aspect of my life is available to those who want it - legally or otherwise.
The first inkling of the approaching storms was the recent tie up of Orkut, the social networking site, with Indian law enforcement agencies in order to help nab people making a nuisance of themselves online. Not only can you now be censured, you can be thrown in jail! As if that wasn't bad enough, surveillance cameras have now been put in force around Britain which can, hold your breath, READ YOUR LIPS! Thats right! Now, not only can they use facial recognition to find out who you are, they know what you're saying. Perhaps the shouting cameras they installed a while ago will find something to talk about with these.
So you thought that only people who pirate DVDs and music are in trouble? Sure they are - as the recent *dictat* by the US shows. They have recently targeted 12 countries which apparently have bad track records when it comes to containing piracy. India and China included of course. But here's the funny part - they mention Thailand too, because of that government's efforts to subsidize patented drugs from the US for their own use, to make them available cheaply to people who have AIDS.
Whats that? Make their own drugs so that they can save people dying of AIDS? Those *bastards*.
(end sarcasm)
'Sure, the U.S. government can impose economic sanctions on non-compliant countries, but that only takes you so far. The U.S. Constitution requires that the federal government respect the sovereignty of foreign nations. U.S. courts won't typically touch a copyright infringement case if the infringement occurs overseas.'Oh wait a minute. respect the what? Last I saw, Iraq was a sovereign country with its own government. Bleh.
But the icing on the cake is yet to come - and explain the title of this post too. Everyone who watches DVD movies knows that DVDs are hard to copy like VCDs used to be - thats because of the built in encryption, and Digital Rights Management (DRM). Well, the flip side of this is that even if you own the DVD and say, break it - there's no way you can get a replacement without paying for it all over again. Which is basically an extra few bucks for the big record companies. Of course, what one man can build, another can break. An enterprising hacker here
recently cracked this system, and put it up on the web for all to see. To summarize this hack, all you need is the code 09-F9-11-02-9D-74-E3-5B-D8-41-56-C5-63-56-88-C0 to break this encryption. And of course, some more technical knowhow. But you see my point. The fact that this number was published was going to make the AACS (the people who collect royalties on movies) pretty bad. So they issued a cease and desist order against.. hold your breath.. GOOGLE! and Yahoo. and others. And thats what broke the camel's back.
The internet as we know it was built to enhance communications amongst groups of people around the world - and the advent of modern communication technology like faxes and teleprinters was in no small way responsible for the demise of the USSR. When the masses have a collective decision and a medium to act upon, there's not much that can be done to stop them. And this is what is happening. The entire web is up in arms against the AACS. Instead of being able to clamp down on this number, everyone is making new web pages with this number to spread it even further. In my opinion, this is a watershed in the history of the internet because for the first time, people across boundaries have as a group targeted one specific entity. Even as I type, people are printing out coffee mugs, t-shirts, banners, stickers and all sorts of other merchandise to showcase this number. At this point, it has ceased to be just a number - it now stands as a symbol of 'sticking it to the man' - as poignant as the photo of that lone chinese man at Tienanmen square, stopping the approach of an entire column of tanks, and as the world collectively watched, the rising storm of communism.
Except that this time, its not one man. There's a few million of them. And they rise not against communism, but the capitalistic hegemony of corporations. Ironic ain't it?
My last post apart from being a while ago, was none too cheery. Now, I like to think nothing can really get my spirits down, so I'm not going to continue on that vein. For a while anyway. Instead, let me take you through some interesting events which over the last fifteen days have resulted in some rather cheerful and happy moments!
The RSA conference mentioned below is the world's largest computer security conference. RSA actually represents the first letters of the last names of 3 scientists - Ron Rivest, Adi Shamir and Len Adleman, who invented a computer algorithm which revolutionized every bit of computer security. No pun intended :). The algorithm itself, and now the company which licenses it is called RSA. It is the largest gathering of hackers in the world, with over 15000 attendees from around the world. Hackers as in the good guys who make sure no one filches money from your bank account, and not the malicious types as shown in movies.
(Above) Matrix style - live break-in into a computer network
(Below) RSA 07 graffiti board
(The malicious types attend Defcon in case you were wondering ;) Annyywaaayyy. Moving on.
Some good, others bad and a few definitely ugly
San Francisco, sometime in mid February. Right about my birthday actually. I had the opportunity to interact with Bill Gates, as part of his keynote activities at the RSA conference. Listening to a visionary, no matter how beloved (or infamous) in the media, is always an enlightening experience. Except that my own didn't stop with him. Larry Ellison, CEO of Oracle corporation was next. Now there couldn't be a more marked difference between the two. Arguably the 2 most famous billionaire programmers out there, they are unlike each other in their personal mannerisms, even though their professional course has taken them neck to neck, with each owning the first and second largest software companies in the world. Respectively. Bill for instance is the quintessential geek, tousled hair, owly-eyes and all that. Has a penchant for wearing what look like crumpled sweaters and shirts, with normal slacks and shoes. In his spare time, he plays bridge and likes to eat 'mutter-paneer'. Seriously. Ellison on the other hand was on the 'Sexiest man alive' list, with a penchant for flying MiG29 fighter jets, owning a baseball team, captaining (and almost losing his life on) his own yacht in the America cup, the most gruelling sea race in the world. And he prefers the Armani suits, the bentleys and all the rest which go with being the 7th or 8th richest in the world.
(Who needs gates anyway?)
But what is most fascinating about both is the vision and power which they radiate. In a meeting with about 70 people in a small conference room, the aura of control, and power was self evident. Articulately spewing well reasoned arguments for or against questions directed at them, it was easy to see how they created their own 'Reality Distortion Field' around themselves. I quite like this term which was coined by a journalist in the 80s about the big 3 of tech - Bill, Larry and Steve (Jobs of Apple). Being in the same room with them hearing them speak at such close quarters is .. interesting, to say the least.
Of course, there were a bunch of other famous people out there, most of whom would only be appreciated by people familiar with the technology industry - the R and S from RSA, Diffie and Hellman, and others formed the galaxy of panelists and speakers who descended into SF that week. Needless to say, I was charmed enough to land up at the conference venue at 8am and leave after each day of sessions et al around 11PM. Whew. Glad thats over. If you've ever been to SF on a weekday during peak traffic, you know what I mean. Of course, its nothing compared to the stories I've heard from Bombay :) The horrors of finding a place to park are bad enough without throwing traffic into the equation.
(A few of the greatest computer hackers in the world today. The one with white hippie hair is Whitfield Diffie, the Porsche driving Chief Security Officer at Sun inc. Next to him is Ron Rivest, professor emeritus of CS at MIT, Adi Shamir of Princeton/Technion Israel), and Martin Hellman, Professor Emeritus at Stanford)
Uhm, as to how I know he drives a porsche? Driving down Palo Alto one day, I stopped at a traffic light with Diffie in his black 911 right next to me. That white hair/beard and the fact that we were meters from Sun's HQ were enough :)
Enough of the techies already. Yes, I echoed that on the 5th day of the conference, exhausted and bleary. But the icing on the metaphorical cake was getting to hear General Colin Powell, formerly the most powerful democrat in the western world, and before that chief of the US Army. The introduction was just to keep things in sync. I know you know who he is :) Anyway. I was expecting a rather staid general, or diplomat who would be full of himself and would in some way try to use 9/11 in his talk. Well, I was right about the latter. But Gen. Powell is someone I now respect significantly more - the least of those reasons being his ability to extemporize a 45 minute speech flitted with just the right amount of humor, motivation, and a cold hard look at security and privacy in the modern age. One of the most articulate speakers I've EVER heard, he encompassed everything from his meanderings in Germany when he served with Elvis Presley, to anecdotes about how he resolved an island-takeover between Morocco and Spain in between playing with his grandchildren.
Well, just when the next work week was beginning, I stumbled across more famous people at various locations. The presidents of Stanford - both past and present, the second in command at Yale, the founder of Electronic Arts - of Need for Speed and Cricket fame, the woman who invented the Palmtop, a couple of lawyers who represented the bloggers against Apple inc's lawsuits - and won!, not to mention a couple of other luminaries who I'm too lazy to mention yet. Listening to a lot of these people, and interacting with them has been an experience I can only liken to drinking from a fire hose - a sensory information overload! There are some very interesting things happening in the SF bay area, and its been quite instructive to have been at the thick of them! As you can probably tell, I've been a technology buff ever since I was a 4 year old playing games on an old Commodore 64. The opportunity to have met people who I've read about all this time has been truly spectacular. Yes, I know, I'm getting emotional. No? :P
The New
Ladies and gentlemen, presenting for your viewing pleasure, my new Macbook Pro!
And the keyboard lights up at night.
(This photo is off a public site since my photography skills aren't that great!)
After much debate and research in getting myself a new computer, I finally settled on a Macbook Pro. It had been a while since I upgraded, what with school, work and everything else demanding my old laptop's full use. After spending an intense 7 days after placing an order, I finally received the 'book and I've now been using it for almost 2 weeks. Two Weeks! This is actually my first post with the new machine. Yayy.(This photo is off a public site since my photography skills aren't that great!)
And today's Holi too - the Indian festival of colors - although all I'm doing this year is munching home made goodies a friend brought from India yesterday. Perfect timing :)
Couple that with a bright and sunny day here in California, and you'd think life isn't all that bad at all!
A couple of days ago, I was sitting at a particularly good Italian restaurant around Pier 39 in San Francisco with a friend. A typical day in the city, it was a tumultuous blend of fog, chilly winds and the general pulse which gives San Francisco its character. As we ate some excellent Calamari and Risotto – our conversation ranged over some very interesting developments in the bay area's startup scene. We were talking about various ideas which were being thrown around, and analyzing to an extent their relative pros and cons.. and somehow, turned to the subject of national security and the internet's role in weakening it. Which is when the unbelievable, yet completely plausible statement tumbled out.
The NSA in the US is one of the most, if not THE most, sophisticated spy agencies in the world. And like any other organization, they have reasons to use the Internet to not only gather information but also communicate with agents and field offices around the world. What is interesting is that NSA employees searching for information on any of the major search engines on the web – Google, Yahoo or what have you MUST leave traces of their original Internet addresses with these. And anyone with half a mind could easily piece together what information was being searched for! But it is inconceivable that an organization such as this would be amateur enough to let this happen. But how would they solve it?
The answer – replicate the internet. That statement may contain 3 words, but it is probably one of the very few today which non-trivially encapsulate millions of hours of work in it, not to mention huge cost incursions. Which led me to the inevitable question – can even the NSA with a huge chunk of the US defence budget have the resources to carry off what would arguably be the biggest project in modern technological times? I thought I'd do some research to see if this was even possible. We know that the largest information repository in the world today – publicly known anyway – is the one at Google. Considering their search engine is the most effective at piecing together even those parts of the web which are very remotely connected to other parts. One option the NSA has is to make a mirror of sorts of the google search engine on a local intranet, and then search this index locally to locate the resource needed. This way, they can have their addresses show up only at the particular resources, and those too can be covered by the use of hacks and other pieces of technology which aims at doing this. This if of course assuming that they don't already have a wide array of IP addresses meant to throw off any tracking agents for exactly this reason!
The most impressive method of course turns out to be their possible replication of the web itself. Given their resourcefulness, replicating each of the 13 root servers, compressing all the data on the known web into a single database, and then developing technologies to search these in real time is the most effective. The ramifications of such an act of course, are staggering. Not only do they have the largest storehouse of human knowledge to ever have existed at their fingertips, they are probably the only ones who can come close or surpass the kind of work which google is doing right now. Which is saying a lot.
Subscribe to:
Posts (Atom)
