Tag: security

Pacification by trade

At a summit meeting of 7 regional leaders, including those of India and Pakistan, it was clear that the global economic environment was forcing change on South Asia. The 7 leaders spoke of their concern about how to cope with new trade arrangements, and the need to resolve differences to enable formation of a regional trade bloc. Pakistan agreed to join a regional free trade agreement the leaders signed Tuesday, which would lower tariffs over 10 years. Previously, Pakistan had resisted regional economic cooperation until its dispute with India was resolved.

another instance of the lexus changing the old ways of the olive tree (for better)?

invisible applications

Microsoft executives demonstrated applications installing seamlessly, without any prompts or dialog boxes. Gone were the prompt boxes asking the demonstrator if he really wanted to install the application. Click once, and the application installed and launched without any user intervention.

i appreciate the vision behind this. tools should be usable just by picking them up, like in the real world. i do not buy the line that “computer users ought to know about x”. without code signing and a body that rapidly revokes certificates for spyware and the like, this will sink faster than a grindstone. though, your spyware / adware is my revenue stream..

Klaxon

Seems the new game in town is to adopt a klaxon approach to security.

Subject: Important Security Update for the .NET Messenger Service
Date: 19 Aug 2003 02:23:18 -0700
From: .NET Messenger Service Staff dot_net_msgr_svc@msgr.hotmail.com
ATTENTION: IMMEDIATE ACTION REQUIRED FOR MSN AND WINDOWS MESSENGER USERS.

I got that email 1113 times so far. Of course, that number is laughable compared to the 10s of emails I got from the SoBig virus today. It seems no day passes without a Microsoft incident.

world wide watchers

Basically, it attempts to protect chemical plants, reservoirs and airports—all targets where terrorists could get horrifying results with relatively little effort—by a system involving 10M Webcams and a stay-at-home army of watchful citizens.

this doesn’t go nearly far enough. to make this really secure, webcams need to be everywhere. watch the watchers in an endless recursion.

Nuclear Weapons

Broken pipes and rusty fences. If that ain’t scary, few things are.

The main entrances to Los Alamos are only marginally better defended than TA-33’s land. The military-like guards keeping watch at these points certainly look fierce in camouflage paints and black bulletproof vests. But there’s little to back up the image. Their belts have gun holsters, but no guns to fill them. Around facilities like the biology lab, where anthrax and other biotoxins have been handled, no sentries stand guard at all. Nor is there any kind of fence to keep the curious and the malicious away — not even a piece of string.

2006-10-09: Might it all be posturing?

The United States Geological Survey is now reporting the magnitude of the claimed North Korean nuclear test as 4.2. This seems to be curiously low. Now, estimating explosive yield from the body magnitude of a seismic event is a tricky business, and requires knowledge of details such as the depth of the detonation and the geological properties of the surroundings, but a magnitude around 4.2 is what you’d expect for a detonation of 1 kiloton. The “natural size” of a crude fission bomb is in excess of 10 kilotons, from which you’d expect a magnitude closer to 5. It is very unlikely that a low kiloton yield device would be used in an initial test.

2006-12-03: The Agony of Atomic Genius, biographical sketch of J. Robert Oppenheimer

Now I am become death, destroyer of worlds

2008-06-28: Man-made nuclear explosions in the 1940s and 1950s released isotopes into the environment that do not occur naturally, allowing the dating of works of art.
2010-09-21: The Atom Bomb on Film. Or you could go to the atomic testing museum in Vegas and see these and much more in person.

2010-11-25: Nuke Detector. Turn a supertanker into an antineutrino detector by kitting it out with the necessary photon detectors and filling it with 10^34 protons. Then station it off the coast of suspicious countries and submerge it.
2013-11-26: India nuclear assassinations and the Indian government is mum about it. Nuclear scientists have very high mortality in Iran too, but the government there is making a huge ruckus about it.

Indian nuclear scientists haven’t had an easy time of it over the past 10 years. Not only has the scientific community been plagued by “suicides,” unexplained deaths, and sabotage, but those incidents have gone mostly underreported in the country—diluting public interest and leaving the cases quickly cast off by police.

2014-02-05: Nuclear backpacks

during the Cold War, the United States did deploy man-portable nuclear destruction. If Warsaw Pact forces ever bolted toward Western Europe, they could resort to nukes to delay the advance long enough for reinforcements to arrive. These “small” weapons, many of them more powerful than the Hiroshima bomb, would have obliterated any battlefield and irradiated much of the surrounding area.

2014-11-15: X-Ray Man

In 1957, a young man named Darrell Robertson enlisted in the US Army and participated in a secret training program in the middle of the Nevada desert. He and his fellow recruits were sworn to secrecy and, for decades, told no one of their experiences. In 1996, the US government declassified the project and Robertson was finally able to tell his story. In X-Ray Man, Robertson recalls training exercises in which the Department of Defense used him and other soldiers in nuclear tests more than 10 years after the horrors of Hiroshima and Nagasaki were already well known. Kerri Yost’s powerful short documentary is an account of how Cold War-era fears allowed for shocking treatment not just of supposed enemies, but also of those enlisted to fight against them. Though cancer has attacked his body, Robertson, supported by his wife, remains stoic and dignified, offering the quiet but forceful observation that ‘any person in the military becomes part of military science’.

2015-09-09: Nuclear wars for SETI. Nuclear explosions might be the first thing we see of other life at interstellar distances. Gamma rays are much easier to detect than radio waves, but would only last a few days at most. You’d have to be extremely lucky to catch that, but then we can spot GRB like that all the time.
2016-07-17: The H-Bombs in Turkey

Among the many questions still unanswered following Friday’s coup attempt in Turkey is one that has national-security implications for the United States and for the rest of the world: How secure are the American hydrogen bombs stored at a Turkish airbase?

2019-03-12: Trinity Test. The first detonation of a nuclear bomb

2021-02-20: $100b nuclear deterrence

To avoid being destroyed and rendered useless—their silos provide no real protection against a direct Russian nuclear strike—they would be “launched on warning,” that is, as soon as the Pentagon got wind of an incoming nuclear attack. Because an error could have disastrous consequences, James Mattis testified to the Senate Armed Services Committee in 2015 that getting rid of America’s land-based nuclear missiles “would reduce the false alarm danger.” Whereas a bomber can be turned around even on approach to its target, a nuclear missile launched by mistake can’t be recalled.

BNF

As i’m learning lots about static analysis, i’m re-discovering some classic computer science papers, such as the one (1977) by john backus (of BNF and FORTRAN fame):

Conventional programming languages are growing ever more enormous, but not stronger. Inherent defects at the most basic level cause them to be both fat and weak: their primitive word-at-a-time style of programming inherited from their common ancestor–the von Neumann computer, their close coupling of semantics to state transitions, their division of programming into a world of expressions and a world of statements, their inability to effectively use powerful combining forms for building new programs from existing ones, and their lack of useful mathematical properties for reasoning about programs.

i can relate to his statement that Programming languages appear to be in trouble. each new language adds new “features”, yet little changes, and we are still thinking in terms of state machines, very low-level indeed.
further down, we learn that

The models of computing systems that underlie programming languages fall into 3 classes: (a) simple operational models (e.g., Turing machines), (b) applicative models (e.g., the lambda calculus), and (c) von Neumann models (e.g., conventional computers and programming languages). Each class of models has an important difficulty: The programs of class (a) are inscrutable; class (b) models cannot save information from one program to the next; class (c) models have unusable foundations and programs that are conceptually unhelpful.

the main argument is that since traditional languages model the behavior of hardware, they are bound by its limitations:

Thus variables = storage cells; assignment statements = fetching, storing, and arithmetic; control statements = jump and test instructions.

i always hated functional languages when we studied them (they seemed less useful for interfacing with APIs, which is what most programming these days is about), but maybe i should reconsider.