Archive for the 'Observer' Category

Bleeding hearts

[link] Sunday, April 13th, 2014

This morning’s Observer column:

Were you a thriller writer seeking a name for an apocalyptic software security flaw that threatened the future of civilisation as we know it, then “Heartbleed” would be hard to beat. Last week saw the discovery of such a flaw, and Heartbleed was the name assigned to it.

Most security flaws are of interest only to specialists, but this one was different. Why? Because it’s been around for something like three years, during which time it could have exposed the passwords and credit card numbers that countless millions of people had provided to online stores and other services. Heartbleed would enable attackers to eavesdrop on online communications, steal data directly from services and users, and impersonate both services and users. It could have affected up to two-thirds of the world’s internet servers. And unlike some earlier such problems, the solution isn’t as simple as immediately changing one’s password. It was, said Bruce Schneier, a security expert not much given to hyperbole, a “catastrophic” flaw. “On the scale of one to 10,” he wrote, “this is an 11.”

Triumph of the Nerds

[link] Monday, April 7th, 2014

My Observer piece on Michael Lewis’s new book.

Light travels at 186,000 miles a second in a vacuum, which is another way of saying that it covers 186 miles in a milli-second – a thousandth of a second. Given that much of our contemporary electronic communications are conveyed by pulses of light travelling along fibreoptic cables, we are given to extravagant hyperbole about the “death of distance”. After all, if a message – or a file – can traverse the globe in the blink of an eye, it doesn’t matter whether your hard drive is on your desktop or in a server farm in Nebraska or Sweden.

But it turns out that the speed of light is of great practical interest to some people. One group of them have shelled out $300m to lay a fibreoptic cable in a straight line from Chicago to New York. This involves, among other things, drilling through mountains and under urban areas. And for what? So that the time taken to send a signal between New York and Chicago could be reduced from 17 milliseconds to 13. For that apparently infinitesimal improvement, stock market traders were willing to pay $14m a year, plus a substantial upfront payment, to use the cable.

Therein lies the tale of Michael Lewis’s enthralling new book, Flash Boys, which joins an elite but growing list of volumes that set out to explain how computing is reshaping our world…

Big Data and the Hype Cycle

[link] Sunday, April 6th, 2014

This morning’s Observer column.

As the “big data” bandwagon gathers steam, it’s appropriate to ask where it currently sits on the hype cycle. The answer depends on which domain of application we’re talking about. If it’s the application of large-scale data analytics for commercial purposes, then many of the big corporations, especially the internet giants, are already into phase four. The same holds if the domain consists of the data-intensive sciences such as genomics, astrophysics and particle physics: the torrents of data being generated in these fields lie far beyond the processing capabilities of mere humans.

But the big data evangelists have wider horizons than science and business: they see the technology as a tool for increasing our understanding of society and human behaviour and for improving public policy-making. After all, if your shtick is “evidence-based policy-making”, then the more evidence you have, the better. And since big data can provide tons of evidence, what’s not to like?

So where on the hype cycle do societal applications of big data technology currently sit? The answer is phase one, the rapid ascent to the peak of inflated expectations, that period when people believe every positive rumour they hear and are deaf to sceptics and critics…

Read on

No more NSA spying? Dream on…

[link] Sunday, March 30th, 2014

This morning’s Observer column.

Last week in the Hague, Barack Obama seemed to have suddenly remembered the oath he swore on his inauguration as president – that stuff about preserving, protecting and defending the constitution of the United States. At any rate, he announced that the NSA would end the “bulk collection” of telephone records and instead would be required to seek a new kind of court order to search data held by telecommunications companies.

This policy change is a tacit admission of what Edward Snowden (and 2001 whistleblower William Binney before him) had been claiming, namely that the warrantless surveillance of US citizens by the NSA and other government agencies does, in fact, violate the constitution of the United States. Obama’s announcement looked to some observers as the first crack to appear in the implacable facade of the national surveillance state. This looked promising because, as we know from second world war movies, the first crack is inevitably the harbinger of the eventual total collapse of the dam.

Dream on…

The Dictator’s Dilemma

[link] Sunday, March 23rd, 2014

My Observer Comment piece on the latest episode in the ongoing conflict between the state and the Internet.

Here we go again: authoritarian ruler finds that social media are making life uncomfortable for him in the run-up to elections; finds Twitter particularly annoying; instructs local authorities to shut off access for his citizens; announces that he is unbothered by international criticism of this act of censorship which, he says, will demonstrate the power of his republic.

Welcome to Turkey, our staunch ally in the fight against jihad and the Forces of Darkness. There is a certain grim familiarity in the story of Prime Minister Erdogan’s battle against social media…

Military-Industrial Complex 2.0

[link] Sunday, March 23rd, 2014

This morning’s Observer column.

As they burgeoned, the big internet companies looked with disdain on the leviathans of the military-industrial complex. Kinetic warfare seemed so yesterday to those whose corporate mantras were about “not being evil” and adhering to “the hacker’s way”. So when Snowden revealed NSA claims that the spooks had untrammelled access to their servers the companies reacted like nuns accused of running a webcam porn site. It wasn’t true, they protested, and even it if was they knew nothing about it. Of course they did comply with government requests approved by a secret court, but that was the extent of it. As the months rolled by, however, this reassuring narrative has unravelled. We discovered that the NSA and GCHQ had indeed covertly tapped the data-traffic that flows between the companies’ server farms. But since Google and co were – they claimed – unaware of this, perhaps their protestations of innocence seemed justified. More embarrassing were the revelations about the astonishing lengths to which one company (Microsoft) went to facilitate NSA access to its users’ private communications.

Last Wednesday, another piece of the jigsaw slotted into place. The NSA’s top lawyer stated unequivocally that the technology firms were fully aware of the agency’s widespread collection of data. Rajesh De, the NSA general counsel, said that all communications content and associated metadata harvested by the NSA occurred with the knowledge of the companies – both for the Prism system and the covert tapping of communications moving across the internet.

Snooping is a public health issue

[link] Sunday, March 16th, 2014

This morning’s Observer column.

One of the things that baffles me is why more people are not alarmed by what Edward Snowden has been telling us about the scale and intrusiveness of internet surveillance. My hunch is that this is partly because – strangely – people can’t relate the revelations to things they personally understand.

In the past two weeks, two perceptive commentators have been trying to break through this barrier. One is Cory Doctorow, the science-fiction novelist, who had a terrific essay in the Guardian arguing that instead of increasing our security, government agencies such as the NSA, GCHQ and others are actually undermining it. The essay is worth reading in full, but one part of it stood out for me. It’s about the thriving, underworld online market in malicious software. Nowadays, if some hacker discovers a previously unknown vulnerability in widely used software, that discovery can be very valuable – and people will pay large sums for such “zero-day” exploits. But here’s the creepy bit: sometimes, the purchasers are government agencies that buy these pieces of malware to use as weapons against their enemies.

To most people, this will seem pretty abstruse. But with the imaginative skill of a good writer, Doctorow nails it: “If you discovered,” he writes, “that your government was more interested in weaponising typhus than they were in curing it, you would demand that your government treat your water supply with the gravitas and seriousness that it is due.”

Read on

LATER: Right on cue, another great blog post by Bruce Schneier, putting this stuff in an everyday context:

Imagine that you hired a private detective to eavesdrop on a subject. That detective would plant a bug in that subject’s home, office, and car. He would eavesdrop on his computer. He would listen in on that subject’s conversations, both face to face and remotely, and you would get a report on what was said in those conversations. (This is what President Obama repeatedly reassures us isn’t happening with our phone calls. But am I the only one who finds it suspicious that he always uses very specific words? “The NSA is not listening in on your phone calls.” This leaves open the possibility that the NSA is recording, transcribing, and analyzing your phone calls — and very occasionally reading them. This is far more likely to be true, and something a pedantically minded president could claim he wasn’t lying about.)

Now imagine that you asked that same private detective to put a subject under constant surveillance. You would get a different report, one that included things like where he went, what he did, who he spoke to — and for how long — who he wrote to, what he read, and what he purchased. This is all metadata, data we know the NSA is collecting. So when the president says that it’s only metadata, what you should really hear is that we’re all under constant and ubiquitous surveillance.

What’s missing from much of the discussion about the NSA’s activities is what they’re doing with all of this surveillance data. The newspapers focus on what’s being collected, not on how it’s being analyzed — with the singular exception of the Washington Post story on cell phone location collection. By their nature, cell phones are tracking devices. For a network to connect calls, it needs to know which cell the phone is located in. In an urban area, this narrows a phone’s location to a few blocks. GPS data, transmitted across the network by far too many apps, locates a phone even more precisely. Collecting this data in bulk, which is what the NSA does, effectively puts everyone under physical surveillance.

This is new. Police could always tail a suspect, but now they can tail everyone — suspect or not. And once they’re able to do that, they can perform analyses that weren’t otherwise possible. The Washington Post reported two examples. One, you can look for pairs of phones that move toward each other, turn off for an hour or so, and then turn themselves back on while moving away from each other. In other words, you can look for secret meetings. Two, you can locate specific phones of interest and then look for other phones that move geographically in synch with those phones. In other words, you can look for someone physically tailing someone else. I’m sure there are dozens of other clever analyses you can perform with a database like this. We need more researchers thinking about the possibilities. I can assure you that the world’s intelligence agencies are conducting this research.

Schneier is one of the very best commentators on this stuff. Everything he writes about it is worth reading.

Even if Bitcoin bites the dust, the genie’s out of the bottle

[link] Sunday, March 9th, 2014

This morning’s Observer column

If I had a bitcoin for every person I’ve met in the past six months who told me that bitcoin is a scam then I’d be a rich man. Or a poor one, depending in which day of the week we’re talking about. Watching the exchange rate for bitcoins over the past month is like seeing the outline of a rollercoaster on the horizon. On 7 January, for example, a bitcoin was trading at $934; by 27 February it was down to $528; and on 5 March it was $678. So I guess that if you were “investing” (ie speculating) in the things, you’d feel as sick as any Alton Towers customer on a bad day.

But here’s the really strange thing: while “normal” people – and many mainstream journalists – seem to think that this bitcoin stuff must be some kind of racket, some of the computer scientists and hackers of my acquaintance think it’s the most interesting idea to have come along in ages. And in a way that discrepancy may be the key to understanding the phenomenon…

Read on

Mobile phones: huge industry, no new ideas

[link] Sunday, March 2nd, 2014

This morning’s Observer column.

Leave aside the fact that it was Apple that triggered the most recent explosion in the mobile industry – the smartphone revolution – and ponder what was actually on show in Barcelona. The answer, in the words of one astute and unsentimental observer, Professor Barry Avery, was: “Many phones, little innovation.” (Shades of Yeats’s pithy description of his – and my – native land: “Great hatred, little room.”)

“The message coming out of this year’s event,” wrote Avery, “is that while there are lots of new phones coming, we shouldn’t expect a great technological leap from any of them. Most of the phones are incremental updates, running the latest version of Android’s mobile phone operating system KitKat.”

Avery is too polite. The truth is that the mobile phone industry has run out of ideas. Every single smartphone in the market is basically just a variation on the Apple iPhone theme. And the variations, such as they are, are looking increasingly – and desperately – baroque…

The impending STEM crisis

[link] Sunday, February 23rd, 2014

My Observer comment piece about what’s happening to postgraduate student numbers in UK universities.

Here’s an interesting fact: for the last five years in UK universities, foreign postgraduate students have outnumbered British ones. International student numbers have grown by 90% in the past decade while the number of homegrown students has fallen by 12% in the past three years. And this despite the best efforts of the government and the Border Agency to dissuade students from coming to the UK.

The disproportionate growth in foreign postgraduates is good news for UK universities (because overseas students pay hefty fees), but bad for the society that supports those institutions. And it looks as though the situation will get worse.

Read on