Backdoors won’t work. Just ask the TSA. (Or the NSC)


Very nice openDemocracy piece by my colleague Julian Huppert on why putting backdoors in encryption systems is a very bad idea:

This was demonstrated recently with a security disaster involving the US Transport Security Administration. They want to be able to search through people’s luggage, if they think there is contraband inside. But sometimes people quite reasonably want to lock their luggage, so that people cannot just take things from it. So a system was created with TSA approved locks, so that TSA officials can unlock them using a master key. In theory, no one else can, so your luggage is safe.

You might ask: what if someone got hold of these master keys? But the TSA had an even bigger disaster to come. In a piece in the Washington Post praising their work, someone foolishly posed with a set of master keys. The photo was of a high enough resolution that people can now 3D print copies, and use them to open any TSA approved lock. The backdoor is wide open, and security breached.

This fate can happen to any backdoor system, and probably will. That is why the US National Security Council has been quite clear in their draft options paper.

The relevant excerpt from the NSC ‘Options’ paper reads: “the Administration will not seek legislation that compels providers to design their products to enable government access to encrypted information”.

Two things are interesting about this. The first is how useful it is to have a mundane, everyday illustration of an important idea. We have been telling people for ages that backdoors in encryption software is a bad idea, but this gets nowhere with non-geeks because they have no personal experience to which that proposition can be related. But they know about suitcase locks.

This reminds me of all the years I wasted trying to persuade lay audiences about the importance of open source software. My argument was that software that affects our lives should never be impenetrable or unalterable ‘black boxes’ — the the “freedom to tinker” was vital. This argument got precisely nowhere.

And then, one day, I suddenly understood why: my audiences had never written a line of software. It was an entirely alien concept to them. So the next time I gave the talk I brought a copy of my favourite recipe book with me. Before starting, I asked who in the audience cooked or baked? Every hand went up. So then I turned to a particular recipe that had 300ml of double cream as one ingredient. “Now”, I said, “double cream if not good for a guy like me, so I’d like to replace it with creme fraiche. But imagine that we lived in a world where, if I wanted to do that, I would have to write to the authoress to seek her permission, and perhaps to pay a fee. What would you think of that?” And of course they all said that it would be nuts. “Well then”, was the payoff line, “now you understand why open source software is important.”

The second thought raised by Julian’s post is that while the UK government is unlikely to pay much attention to the geek view of the absurdity of backdoors in encryption systems, it’s much more likely to pay attention to the considered view of the US National Security Agency.

Porsche goes electric


I saw a guy the other day in a Tesla S and was puzzled, because in the past I’ve known him to be a Porsche driver. People who own 911s in particular are notoriously reluctant to change — which is why they tend to be such good customers for dealers. On the other hand, propelling oneself around via a series of controlled explosions — no matter how well-engineered the engine is — is clearly a daft idea in the long run. Electric vehicles are the future. Which, of course, is what Porsche have figured out all by themselves — as the New York Times reports this morning:

On Monday, at the Frankfurt Auto Show in Germany, Porsche unveiled its all-electric Mission E concept car. A four-door, four-seat luxury performance sedan with futuristic 911 design cues, Mission E will be the first all-electric model Porsche will offer to the public.

Porsche, a German brand, maintains that the vehicle, though it is a concept car, is firmly based in reality and is expected to arrive in showrooms within five years. At the same time, it provides a window into the future of all-electric cars — more range, faster charging and more speed.

With a debut alongside the latest iteration of the classic 911, the Mission E is meant to convey the message that performance and efficiency are not mutually exclusive.

And, for those who really will miss the growl of the 911 engine, I’m sure Porsche can rig up an audio system that produces the same noise electronically.

Creative nonfiction: the craft of writing

If you think ‘creative nonfiction’ is an oxymoron, then can I suggest that you read John McPhee’s wonderful essay in the New Yorker on the craft of writing? Here’s a snippet:

Creative nonfiction is a term that is currently having its day. When I was in college, anyone who put those two words together would have been looked on as a comedian or a fool. Today, Creative Nonfiction is the name of the college course I teach. Same college. Required to give the course a title, I named it for a quarterly edited and published by Lee Gutkind, then at the University of Pittsburgh. The title asks an obvious question: What is creative about nonfiction? It takes a whole semester to try to answer that, but here are a few points: The creativity lies in what you choose to write about, how you go about doing it, the arrangement through which you present things, the skill and the touch with which you describe people and succeed in developing them as characters, the rhythms of your prose, the integrity of the composition, the anatomy of the piece (does it get up and walk around on its own?), the extent to which you see and tell the story that exists in your material, and so forth. Creative nonfiction is not making something up but making the most of what you have.

It’s a lovely, thought-provoking piece. Musing on the craft of writing, two ideas come to mind.

The first is something I got from reading E.M. Forster who says in one of his essays (I forget which one) that there are two kinds of writer: those who know what they think and then set it down in writing; and those who find out what they think by trying to write it. I’m the latter, and so, I suspect, was Forster (whose 90th birthday party I attended, by the way, when I was a student). But I’ve worked with people who could — and sometimes did — write an entire book in a single continuous draft. (I hate these people, but they exist.)

The second is the distinction I’ve often experienced — between short pieces (like newspaper columns or blog posts: 1,000 words or less), and longer pieces (5,000-10,000 words). Writing a column is like sculpting: you have a lump of clay and you gradually and tentatively lick in into some kind of shape — adding a bit here, taking something away there until you have something that looks about right.

Writing long pieces is a very different business — more akin to construction: you have these various components and then the task (and the art) is in finding an intelligent or satisfactory way to get them into a sequence and then (the really hard part) writing the ‘bridges’ that link the components in such a way that the reader feels that the path from one component to the next is natural and easy.

Just say ‘No’? I think not.

Hmmm… I found this a bit worrying:

A Hungarian psychology professor once wrote to famous creators asking them to be interviewed for a book he was writing. One of the most interesting things about his project was how many people said “no.”

Management writer Peter Drucker: “One of the secrets of productivity (in which I believe whereas I do not believe in creativity) is to have a VERY BIG waste paper basket to take care of ALL invitations such as yours — productivity in my experience consists of NOT doing anything that helps the work of other people but to spend all one’s time on the work the Good Lord has fitted one to do, and to do well.”

Secretary to novelist Saul Bellow: “Mr Bellow informed me that he remains creative in the second half of life, at least in part, because he does not allow himself to be a part of other people’s ‘studies.’ ”

Photographer Richard Avedon: “Sorry — too little time left.”

Secretary to composer György Ligeti: “He is creative and, because of this, totally overworked. Therefore, the very reason you wish to study his creative process is also the reason why he (unfortunately) does not have time to help you in this study. He would also like to add that he cannot answer your letter personally because he is trying desperately to finish a Violin Concerto which will be premiered in the Fall.”

Why is this troubling? Two reasons. One is that I get asked to do a lot of things — give lectures, attend other people’s events, read and comment on drafts, sit on committees and advisory boards, etc. And I often say ‘yes’, and then half-regret it because I’m conscious that life is a zero-sum game: the more time I give to other people’s stuff, the less I have to do the things I want to do (like finishing the book I’m currently incubating).

On the other hand… I gain a lot from participating in things. Innovation and creativity are, to a greater or lesser extent, social processes. I get a lot us useful ideas — ideas that I wouldn’t have generated myself — from interacting with others. If I took the Saul Bellow line I would probably wind up leading a pretty sterile existence.

But at least then people wouldn’t ask me to do things!

Calling the Chinese bluff

Lovely column by Joe Nocera about Jim Chanos, the guy who spotted the unsustainability of the Chinese real-estate bubble before most people — and acted on his insight.

Perhaps you remember Jim Chanos. The founder of Kynikos Associates, a $3 billion hedge fund that specializes in short-selling, Chanos was the first person to figure out, some 15 years ago, that Enron was a house of cards.

He shorted Enron stock — meaning that he would profit if the stock fell, rather than rose — and shared his suspicions with others, including my friend Bethany McLean, who wrote a story for Fortune that marked the beginning of the end for Enron. That call not only made Chanos a small fortune; it also made him famous.

Chanos and his crew at Kynikos don’t make big “macro” bets on economies; their style is more “micro”: looking at the fundamentals of individual companies or sectors. And so it was with China. “I’ll never forget the day in 2009 when my real estate guy was giving me a presentation and he said that China had 5.6 billion square meters of real estate under development, half residential and half commercial,” Chanos told me the other day.

“I said, ‘You must mean 5.6 billion square feet.’ ”

The man replied that he hadn’t misspoken; it really was 5.6 billion square meters, which amounted to over 60 billion square feet.

For Chanos, that is when the light bulb went on. The fast-growing Chinese economy was being sustained not just by its export prowess, but by a property bubble propelled by mountains of debt, and encouraged by the government as part of an infrastructure spending strategy designed to keep the economy humming. (According to the McKinsey Global Institute, China’s debt load today is an unfathomable $28 trillion.)

The 2015 Bad Taste Award

There are reports (the reliability of which is currently unknown) that two individuals whose identities have been disclosed in the Ashley Madison hack have committed suicide.

But in this crisis, ingenious entrepreneurs have spotted an opportunity. For example, this:

At least one company is using the whole unfortunate situation as a PR opportunity. Travel group is offering $50 vouchers for anyone who sends the company a message from an email address that was disclosed on the leaked user list. “If your relationship is in ruins and you’re thinking about heading out of town, we have a solution for you,” the company wrote. “You may have made some mistakes, but a vacation may be just what you both need right now.”

This wins the Memex 1.1 Bad Taste Award for 2015. As the Obama election team used to say, never waste a good crisis.

Unnatural beauty


The genius of Capability Brown and the other great English landscape artists was to make the artificial seem utterly and timelessly natural — as here at Cockington Court in Devon. Their only modern counterparts are golf architects: think of the way Augusta National looks now, compared to what the terrain was like when Bobby Jones and Alister MacKenzie first got to grips with it.

The lessons of (computer) error

This morning’s Observer column:

A few years ago, I received a speeding ticket from the Metropolitan police claiming that a speed-camera in London had photographed my car – citing the correct registration number of the vehicle – doing 43mph in a 30mph zone. Most people would, I guess, be distressed by receiving such a communication. Your columnist, however, was perversely delighted – because it offered him the opportunity of not only irritating the cops but also of making an important point about the dangers of being overly dependent on technology.

The reason for my glee was that the car had definitely not been at the location specified on the speeding ticket at the time and I could prove that using the same technology that the Met had used in order to frame me. My family and I had been out of the UK in the week in question and the car was parked at Stansted airport, where its arrival and departure at the mid-stay car park were logged by the automated numberplate recognition technology that the airport authorities had recently installed.

Accordingly, I wrote to the commissioner of the Metropolitan police enclosing a copy of the speeding ticket and saying that I would be very interested to see what evidence he had in support of it, adding that I intended to contest it on the grounds that I could prove my car had been nowhere near the location at the time. But my hopes for a bloody good row were dashed within a fortnight: a computer-generated notice arrived, informing me that the speeding ticket had been cancelled. No explanation; no apology; nothing…

Read on.