Client-Side Scanning is not a silver bullet

This morning’s Observer column:

In August, Apple opened a chink in the industry’s armour, announcing that it would be adding new features to its iOS operating system that were designed to combat child sexual exploitation and the distribution of abuse imagery. The most controversial measure scans photos on an iPhone, compares them with a database of known child sexual abuse material (CSAM) and notifies Apple if a match is found. The technology is known as client-side scanning or CSS.

Powerful forces in government and the tech industry are now lobbying hard for CSS to become mandatory on all smartphones. Their argument is that instead of weakening encryption or providing law enforcement with backdoor keys, CSS would enable on-device analysis of data in the clear (ie before it becomes encrypted by an app such as WhatsApp or iMessage). If targeted information were detected, its existence and, potentially, its source would be revealed to the agencies; otherwise, little or no information would leave the client device.

CSS evangelists claim that it’s a win-win proposition: providing a solution to the encryption v public safety debate by offering privacy (unimpeded end-to-end encryption) and the ability to successfully investigate serious crime. What’s not to like?

Plenty, says an academic paper by some of the world’s leading computer security experts published last week…

Read on

Friday 17 July, 2020

Atul Gawande on managing Covid

He’s the best writer on medical issues I know. Last May he wrote a really useful essay in the New Yorker. I’ve just re-read it in the light of what’s happened since. It still stands out.

Two samples:

American hospitals have learned how to avoid becoming sites of spread. When the time is right to lighten up on the lockdown and bring people back to work, there are wider lessons to be learned from places that never locked down in the first place.

These lessons point toward an approach that we might think of as a combination therapy—like a drug cocktail. Its elements are all familiar: hygiene measures, screening, distancing, and masks. Each has flaws. Skip one, and the treatment won’t work. But, when taken together, and taken seriously, they shut down the virus. We need to understand these elements properly—what their strengths and limitations are—if we’re going to make them work outside health care.

Start with hygiene. People have learned that cleaning your hands is essential to stopping the transfer of infectious droplets from surfaces to your nose, mouth, and eyes. But frequency makes a bigger difference than many realize…

and

A recent, extensive review of the research from an international consortium of scientists suggests that if at least sixty per cent of the population wore masks that were just sixty-per-cent effective in blocking viral transmission—which a well-fitting, two-layer cotton mask is—the epidemic could be stopped. The more effective the mask, the bigger the impact.


Coronavirus and the dim future of (many) American universities

Scott Galloway may not be to everyone’s taste, but I like the way he thinks — and, more importantly, the stark way in which he analyses things.

This week he’s been looking at this chart (from the Chronicle of Higher education) which summarises a survey of US colleges’ intentions for the next academic year.

The relevant statistic is the 56% which apparently plan to bring student back to campus in the Fall.

The graphic below neatly summarises what this means.

Think about this. Next month, as currently envisioned, 2,800+ cruise ships retrofitted with white boards and a younger cohort will set sail in the midst of a raging pandemic. The density and socialization on these cruise ships could render college towns across America the next virus hot spots.

So why are administrators putting the lives of faculty, staff, students, and our broader populace at risk?

The ugly truth is many college presidents believe they have no choice. College is an expensive operation with a relatively inflexible cost structure. Tenure and union contracts render the largest cost (faculty and administrator salaries) near immovable objects. The average salary of a professor with a PhD (before benefits and admin support costs) is $141,476, though some make much more, and roughly 50% of full-time faculty have tenure. While some universities enjoy revenue streams from technology transfer, hospitals, returns on multibillion dollar endowments, and public funding, the bulk of colleges have become tuition dependent. If students don’t return in the fall, many colleges will have to take drastic action that could have serious long-term impacts on their ability to fulfill their missions.

That gruesome calculus, Galloway says, has resulted in “a tsunami of denial”.

Universities owning up to the truth have one thing in common: they can afford to. Harvard, Yale, and the Cal State system have announced they will hold most or all classes online. The elite schools’ endowments and waiting lists make them largely bullet proof, and more resilient to economic shock than most countries — Harvard’s endowment is greater than the GDP of Latvia. At the other end of the prestige pole, Cal State’s reasonable $6,000 annual tuition and 85% off-campus population mean the value proposition, and underlying economic model, remain largely intact even if schooling moves online.

Galloway and his team have analysed the prospects of 436 universities and then plotted their prpspects on two axes:

Value: (Credential * Experience * Education) / Tuition. Vulnerability: (Endowment / Student and % International Students). Low endowment and dependence on full-tuition international students make a university vulnerable to Covid shock, as they may decide to sit this semester/year out.

Which produces this grid:

Now of course the US Higher Education system is very different from the UK’s. But it’d be interesting to see what an analogous analysis of UK universities would show.


EU court rejects data transfer tool in Max Schrems case

This is the big story of the week (at least in the bubbles I inhabit)…

From The Irish Times:

Europe’s top court has declared an arrangement under which companies transfer personal data from the European Union to the US invalid due to concerns about US surveillance powers.

The ruling in the long-running battle between Facebook, Ireland’s Data Protection Commissioner and the Austrian privacy activist Max Schrems found that the so-called Privacy Shield agreement does not offer sufficient protection of EU citizens’ personal data.

“The limitations on the protection of personal data arising from the domestic law of the United States on the access and use by US public authorities . . . are not circumscribed in a way that satisfies requirements that are essentially equivalent to those required under EU law,” the court said in a statement.

The ruling is a blow to the thousands of companies, including Facebook that rely on the Privacy Shield to transfer data across the Atlantic, and to the European Commission, as it unpicks an arrangement it designed with US authorities to allow companies to comply with EU data protection law.

Great ruling. It’ll be fun seeing the companies trying to find a way round it.


More than just a Twitter hack

From Om Malik:

By now, we have all heard about the takeover of the celebrity accounts and those of companies such as Apple and Uber by scammers who wanted to trick people into sending them bitcoins. There are multiple threads to this theory — Vice says that it was it might be some kind of inside job. Twitter itself says that it was a victim of social engineering. FBI is also starting an investigation. However, it is clear; this hack isn’t a joke. It can have national and international implications, as Casey Newton points out in his article for The Verge. Twitter is a significant source of dissemination of information — from weather to earthquakes to forest fires — and any disruption can cost lives.

That is why Casey is right — and collectively, we need to think about this current episode much more deeply and deliberately. Big technology platforms are now singular points of failure as much as they are single points of protection against malicious intent.

Hmmm… I’m not convinced. This particular hack was just an ingenious variation on an old scam: someone posting a link to a Bitcoin wallet with an invitation to send it some Bitcoin and receive double the amount immediately in return. You’d have to have your head examined to fall for it. The variant this time is that the scammer got into some Twitter employee’s account and used those privileges to send out the scamming tweets as if they were coming from prominent people. The big question is whether the hacker collected the DMs (Direct Messages) that those account-holders had sent to other users. If he did, then there’s big trouble ahead — and not just for the account-holders, but also for Twitter. People have been arguing for years that the private DM channel should be end-to-end encrypted, but as far as I know it isn’t.


This blog is also available as a daily email. If you think this might suit you better, why not subscribe? One email a day, delivered to your inbox at 7am UK time. It’s free, and there’s a one-click unsubscribe if you decide that your inbox is full enough already!


Wednesday 20 May, 2020

Quote of the Day

So, the way we’re dealing with the new coronavirus is the way computer newbies deal with computer viruses. I know because I have supported a virus neophyte, my mom. The current US govt is behaving pretty much the way she would. She didn’t want to learn the rules, and she wanted to pretend it was okay, get back to business as usual (checking her email, writing a blog post). All the while she’s got something watching and recording her every move and looking for a chance to infect some other computer.


How Trump plays the US media

Jack Shafer sees through it:

While the admission makes Trump look as scientifically minded as an unsegmented worm—hydroxychloroquine has not been shown to be safe or effective in the treatment or prevention of Covid-19—the attention generated was worth it, like swapping a pawn for a bishop. The hydroxychloroquine confession didn’t displace the IG story from the news, but it wasn’t expected to. Both the New York Times and Washington Post made Trump’s dreams come true by putting the story on Page One of their Tuesday editions (Times: “President Says He Takes Drug Deemed a Risk”; Post: “Trump Says He’s Taking Unproven Medication”) and after being featured on Monday cable news the talking heads were still gabbing about it on Tuesday afternoon as he hyped the drug anew during a press spray. Monday evening, the White House added some frosting to the hydroxychloroquine cake by releasing a note from the president’s physician that went on and on about the drug but didn’t actually claim that he had prescribed it to Trump or that Trump was even taking it. There would be fewer questions about Trump and hydroxychloroquine if the White House had released no note at all.

Trump’s disclosure on Monday about taking hydroxychloroquine was a decoy move, designed to deflect public—and press—attention from his firing of the State Department inspector general, which broke over the weekend. And it worked.

In manipulating US media, Trump is a genius — an evil one, sure, but very good at what he does.


Botch on the Rhine

Wonderful NYRB review by Max Hastings of Anthony Beevor’s history of the Arnhem fiasco in 1944. Some parts of Beevor’s account bring Colonel Johnson (Lt Brigade, rtd.) to mind.

The operation to capture the Rhine bridge was a fiasco. So, asks Hastings, how did it come about?

It was chiefly a consequence of hubris—a belief that, after the Allies’ dramatic August breakout from Normandy, Hitler’s armies were on the ropes. Britain’s commander-in-chief, the newly promoted field marshal Sir Bernard Montgomery, stood by a dusty French roadside urging an armored column roaring past: “On to the kill!” This was not merely theater for the benefit of such listening war correspondents as my father: Monty really believed it. Thus he made one of the most grievous strategic errors of the northwest Europe campaign, declining to hasten troops to clear the approaches to the Scheldt River, without which the newly captured port of Antwerp was useless, as Admiral Sir Bertram Ramsay warned him. Instead, he launched the most reckless thrust of his career, seeking to seize the bridge over the lower Rhine at Arnhem.

The principal objective of that thrust, known as Operation Market Garden, was to force the hand not of Hitler, but of Allied Supreme Commander Dwight Eisenhower. If the British secured a corridor beyond the Rhine, Ike would be obliged to support a drive from the north led by Montgomery into Germany: the cocky little bishop’s son saw before him the prospect of passing into history as the composer and conductor of Western Allied victory.

Outside the paywall and worth a read. And Anthony Beevor is clearly a great historian.


The Trouble with comparisons

Fabulous essay by Samuel Moyn on the way historical analogies and comparisons may blind us to actuality. Case study: our analyses of Trump.

For those doubtful about the fascism analogy for Trumpism—and I count myself as one of them—the point is to appreciate both continuity and novelty better than the comparison allows. Abnormalizing Trump disguises that he is quintessentially American, the expression of enduring and indigenous syndromes. A response to what he represents hardly requires a restoration of “normalcy” but a questioning of the status quo ante Trump that produced him. Comparison to Nazism and fascism imminently threatening to topple democracy distracts us from how we made Trump over decades, and implies that the coexistence of our democracy with long histories of killing, subjugation, and terror—including its most recent, if somewhat sanitized, forms of mass incarceration and rising inequality at home, and its tenuous empire and regular war-making abroad—was somehow less worth the alarm and opprobrium. Selective outrage after 2016 says more about the outraged than the outrageous.

It is no contradiction to add to this qualm that comparing our current situation in America to fascism also spares ourselves the trouble of analyzing what is really new about it. For all its other virtues, comparison in general does not do well with the novelty that Trump certainly represents, for all of his preconditions and sources. It is true that in the face of novelty, analogy with possible historical avatars is indispensable, to abate confusion and to seek orientation. But there is no doubt that it often compounds the confusion as the ghosts of the past are allowed to walk again in a landscape that has changed profoundly. Comparison is always a risky tool; it leads to blindness, not just insight.

Terrific essay.


The Coronavirus diaries of Samuel Pepys

Nice spoof, if the few fragmentary entries are anything to go by. Here’s the entry for March 9th:

Up betimes and by tube to Westminster, and there busy with several business all morning, for our firm intends a splendid show at the conference in the middle of this month. Then comes the intern to my office like a doting fool, and proves himself an ass talking excitedly of this plague come late out of China, which, he says, is now in Italy. Of which, my wife and I having had no Wi-Fi this last month, I know nothing, only to see how vexed this blockhead intern was did almost make me fearful myself. Yet I remembered talking with my Lord and Lady touching this matter, and him very skeptical, and my lady said to me, ‘What, Mr Pepys – shall’t die of a hiccough at the last?’ And at this jest we were all very merry. Thence home to sing with my wife in the garden, but with much trouble, for it was bitterly cold. And so to bed, our iPhones left downstairs as is now our custom.


Scientists (epidemiologists) and spooks are not all that different: they all just want to know everything

Interesting post from 2006 by the sociologist Kieran Healey, which sheds light on the current debates about contact-tracing apps, health data and privacy.

Scientists and spies are not so different. The intelligence community’s drive to find the truth, to uncover the real structure of things, is similar to what motivates natural or social scientists. For that reason, I can easily understand why the people at the NSA would have been drawn to build a database like the one they have assembled. The little megalomaniac that lives inside any data-collecting scientist (“More detail! More variables! More coverage!”) thrills at the thought of what you could do with a database like that. Think of the possibilities! What’s frightening is that the NSA is much less constrained than the rest of us by money, or resources, or—it seems—the law. To them, Borges’ map must seem less like a daydream and more like a design challenge. In Kossinets and Watts’ study, the population of just one university generated more than 14 million emails. That gives you a sense of how enormous the NSA’s database of call records must be. In the social sciences, Institutional Review Boards set rules about what you can do to people when you’re researching them. Social scientists often grumble about IRBs and their stupid regulations, but they exist for a good reason. To be blunt, scientists are happy to do just about anything in the pursuit of better knowledge, unless there are rules that say otherwise. The same is true of the government, and the people it employs to spy on our behalf. They only want to find things out, too. But just as in science, that’s not the only value that matters.


Quarantine diary — Day 60

Link


ERRATA Thanks to the many readers who wrote tactfully to point out that my attribution of the lyrics “Don’t it always seem to go and you don’t know what you’ve got til it’s gone.” to Kate Bush was wrong. The credit should go to Joni MItchell.

The one thing that always amazes me is the depth of my ignorance. Which is why I love the response Dr Johnson made to the lady who asked him to explain how he had come wrongly to define “pastern” as “the knee of a horse” in his Dictionary. “Ignorance, Madam”, he replied. “Pure ignorance”.


This blog is also available as a daily email. If you think this might suit you better, why not subscribe? One email a day, delivered to your inbox at 7am UK time. It’s free, and there’s a one-click unsubscribe if your decide that your inbox is full enough already!


Monday 11 May, 2020

Quote of the Day

The seeds of things
Are necessary to support our lives.
By the same token, it is obvious
That all around us noxious particles
Are flying, motes of sickness and of death.

  • Lucretius (50 BCE) — in Rolfe Humphries’s translation.

Who wants to be a Lert?

From the New Yorker


Solitude

Nice essay by the poet Donald Hall from a 2016 issue of the New Yorker.

At eighty-seven, I am solitary. I live by myself on one floor of the 1803 farmhouse where my family has lived since the Civil War. After my grandfather died, my grandmother Kate lived here alone. Her three daughters visited her. In 1975, Kate died at ninety-seven, and I took over. Forty-odd years later, I spend my days alone in one of two chairs. From an overstuffed blue chair in my living room I look out the window at the unpainted old barn, golden and empty of its cows and of Riley the horse. I look at a tulip; I look at snow. In the parlor’s mechanical chair, I write these paragraphs and dictate letters. I also watch television news, often without listening, and lie back in the enormous comfort of solitude. People want to come visit, but mostly I refuse them, preserving my continuous silence. Linda comes two nights a week. My two best male friends from New Hampshire, who live in Maine and Manhattan, seldom drop by. A few hours a week, Carole does my laundry and counts my pills and picks up after me. I look forward to her presence and feel relief when she leaves. Now and then, especially at night, solitude loses its soft power and loneliness takes over. I am grateful when solitude returns…

I’m currently reading A History of Solitude by my friend and former colleague David Vincent. It’s beautifully written, thoughtful and thought-provoking. But I’ve been struggling to find a way to give it the attention it deserves in the midst of the torrent of emails, Zoom conferences and other paraphernalia of the lockdown life. But I’ve now found a solution. A book on solitude needs solitude, so I’m setting aside some time each day, to sit with the book in the garden or somewhere in the house, and without any electronic device within reaching distance.

btw some of the stuff Donald Hall has written for the New Yorker over the years is wonderful. For example, this essay on the poetry of death. And, like me, he loves Peter Porter’s great poem, An Exequy, written after his wife’s death, which was the only poem that consoled me when my beloved Sue died in 2002. Just listen to Ian McEwan reading it at the National Theatre and perhaps you can see why.

Link


Contact-tracing and the NHSx app

Here’s a neat way of conveying a complex idea.


Designing a social-distancing picnic-basket for life after lockdown

Link


Robert Caro writes, and waits, during the Covid-19 outbreak

Lovely AP story about the great biographer of Lyndon Johnson, now 84 and hard at work on the fifth and final volume of the five-volume biography.

When asked, inevitably, how soon he will be done with Vol. 5, Caro declines to say directly and give what he calls his standard answer: “It doesn’t matter how long a book takes, what matters is how long a book lasts.” He has received virtually every literary prize, but he savors more private and unexpected tributes, like seeing a young person carrying a copy of one of his books. He then speaks of a recent letter, sent to his literary agent by the fiancee of a judge dying of cancer, that compelled him to respond.

“The fiancee wrote this beautiful letter, saying that my books meant a great deal to him, and that a letter would mean a lot to him,” Caro says. “So I spent a couple of hours composing a letter. I try to answer handwritten letters and I’ve been getting more of them since the pandemic. I used to get mostly emails. Handwritten letters had almost stopped.”


Quarantine diary — Day 51

Link


This blog is also available as a once-a-day email. If you think this might suit you better, why not subscribe? One email a day, delivered to your inbox at 7am UK time. It’s free — and there’s a one-click unsubscribe link if you decide that your inbox is already full enough!


Friday 8 May, 2020

Quote of the Day

“The TV business is a cruel and shallow money trench, a long plastic hallway where thieves and pimps run free, and good men die like dogs. For the most part, they are dirty little animals with huge brains and no pulse”

  • Hunter S Thompson

From blood clots to ‘Covid toe’: the medical mysteries of coronavirus

Terrific FT explainer — outside the paywall. If you think SARS-CoV-2 is just “another kind of flu,” think again.


Contact tracing (contd.)

It’s one of those areas where it’s genuinely difficult to know what’s the best approach. The problem that the UK has is that its government failed at the outset (for reasons we can debate endlessly) to adopt a classic track and trace approach. So it’s trying to play catch-up.

Struggling with the topic this morning I made some notes. Here they are:

  1. There’s a dangerous aura of tech-solutionism about the idea that an app is the thing that will solve our problems. That’s clearly baloney. But…

  2. It’s an inventive way to approach the problem in a society like the UK with a large population — provided that it’s complemented by more human resources than the UK currently possesses.

  3. There seem to be only two broad paradigms here for app design — roughly described as decentralised and centralised. The decentralised approach keepts the data on the phone; the other keeps it on a centralised database of some kind.

  4. Up to now, I’ve tended to side with the decentralised approach, on the grounds of (i) avoiding state surveillance and the dangers of ‘mission-creep’ that we’ve seen after other crises (like 9/11); (ii) concerns about the security of such a centralised database (surely a juicy target for state-level hackers); (iii) it gives individuals more agency; and (iv) a hunch that the Apple-Google API was likely to be better than other approaches, partly because of their intimate knowledge of their two smartphone platforms but also because they would know how to mitigate battery-draining properties of BLE (Bluetooth Low Energy) apps.

  5. But since this was mainly half-informed guesswork on my part, I decided to read up on the NHSx approach.

(The FT has a really good explanation of the NHSx app, btw. And it’s outside the paper’s paywall.

Ian Levy from the National Cyber security Centre has provided a pretty thorough briefing on it which is worth reading in its entirety. The key difference between decentralised and centralised approaches, he says, is that in the first approach every user of the app gets some understanding of who is declared ill (and that list keeps being updated) but the public health authority – by design – knows pretty much nothing about who’s ill.

Crucially, while the health authority would know the anonymous identity of the app that’s reported symptoms (or sometimes just a Bluetooth broadcast value) it wouldn’t know any of the contacts (even anonymously), and so won’t know anything about how that user may have spread the disease.

In the centralised approach, on the other hand,

an ill user reports their symptoms, but also gives all their anonymous contacts to the public health authority, along with some details about the type of contact they’ve had (duration and proximity for example). The health authority can use risk modelling to decide which contacts are most at risk, and then notify them to take some action – again probably self isolation to start with. Importantly, the public health authority has anonymous data to help it understand how the disease appears to be spreading, and has the anonymous contact graphs to carry out some analysis. So the health authority could discover that a particular anonymous person seems to infect people really well. While the system wouldn’t know who they are, encounters with them could be scored as more risky, and adjust the risk of someone being infected by a particular encounter appropriately.

The fundamental argument underpinning the NHSx team’s decision to go for the centralised model is that they believe that it offers better public health benefits. To which sceptics will retort, pace Mandy Rice-Davies, well, they would, wouldn’t they?

There are lots of differences [between the decentralised approach and the NHSx one], but given the epidemiological model the NHS is using to manage the coronavirus spread in the UK, the fully decentralised model just doesn’t seem to work.

There’s an analogy with Typhoid Mary and the Broad Street water pumps examples. If all you knew was that there were some typhoid cases in New York (or some cholera cases in a bit of London) you’d never see the pattern. But if the fact that Mary (or the pump) were implicated in all of the cases, then it becomes obvious. Obviously, users are anonymous in the app (so you can’t identify the person) and it doesn’t have location, but it’s only an analogy! You need to look at the aggregate data (anonymously in our case) to be able to see these patterns.

In the end, the choice you have to make is a balance between individual, group and national privacy, and the public health authorities having the minimum information necessary to manage the spread of the virus. The NHS app is designed to balance those things, minimizing the data the health authorities get to that necessary to respond with protecting the privacy of our users. There are many ways of implementing these things, but the NHS app is a good balance in the team’s view.

That’s the bird’s eye view. On the ground, however, there’s a lot of mundane detail to be sorted out with either approach. For example:

  • Do the apps drain smartphone batteries? If they do then people won’t use them, or won’t keep using them for long enough. Ian Levy’s paper claims that the NHSx app won’t drain batteries. There seems to be some controversy about this
  • Will the app run on older smartphones that many people are likely to use? An investigation by Privacy International found a number of Android phones on which it wouldn’t run.
  • Both the decentralised and centralised approaches rely on Bluetooth LE. Since Bluetooth goes through, for example, plasterboard walls, there’s a likelihood (or at least a risk) of getting misleading results (false positives) in crowded environments.
  • Finally, there’s the fact that none of these apps will be mandatory. At least that’s the position for now, and it’s difficult to see how governments in democracies could change it. Moreover, the take-up needs to be substantial — maybe 60% — before the real benefits kick in.

So overall, probably the critical thing is whether users will trust an app enough to install and use it. After all, all smartphone-based approaches require people to confide to the app that they think they might be infected. Such a confession will have socially-differentiated consequences: for middle-class people, who can easily self-isolate and work from home, etc, no problem; but for those for whom confession might mean staying away from work, it’s tougher — unless the government moves firmly to support them while they’re under quarantine. My other conclusion from spending a day reading and thinking about this is that the surveillance/privacy aspects of this will not be a major consideration for most citizens, no matter how exercised Privacy International and civil liberties groups (and, for that matter, this blogger) might say or think. The virus is so terrifying that most people will do anything that might reduce its spread and the possibility that they themselves might catch it. So, in a way, Paul Romer (quoted in yesterday’s blog) is probably right when he said this:

I’m not worried about the privacy issues, because it’s kind of, like, “Compared to what?” I think we’ve got enormous problems with surveillance right now. This doesn’t seem to me to make it much worse. But I was participating in digital discussions about response to the crisis, and the meeting would go like this: “We need more testing.” Financial people said, “Yep, we got it.” “We need masks and protective equipment.” “Yep, fine.” “And then we need to have the digital contact tracing.” And then, all of a sudden, the whole meeting is taken up with hand-wringing and anxiety and all kinds of fears.


Google pulls out of Toronto ‘Sidewalk’ project

Amazingly good news. Looks that they jumped before they were pushed. Campaigning works.

_________________________________________________________________ 

The Ivy League will be ok. It’s public universities — and their students — who will suffer most from the pandemic and its aftermath

Great New Yorker piece .

______________________________________________________________________ 

Finding endless video calls exhausting? You’re not alone

I was musing about this in yesterday’s Quarantine Diary. This piece by Andre Spicer suggests that I was on the right track.

_____________________________________________________________________ 

And in case you’re depressed by what’s going on in the US

Why not try this — from McSweeney’s.

Good send-up of the Trump mindset. It’s witty and clever. But, sadly, it’s not a joke.

Thanks to Charles Arthur for the link.


Quarantine diary — Day 48

Link


This blog is also available as a once-a-day email. If you think this might suit you better why not subscribe? One email a day, delivered to your inbox at 7am UK time. (And there’s a one-click unsubscribe button if you decide your inbox is full enough already!)


Thursday 23 April, 2020

Liftoff!

At a time when the entire country would love to throw off the shackles of self-isolation and quarantine I thought this might lift spirits. It’s from a series of photographs I took of kite-surfers on Brancaster beach in North Norfolk last year.

Click on the image for a bigger version.


Who’s behind all those “reopen” sites in the US?

Cory Doctorow runs Pluralistic, a clever site which is also available as a daily email newsletter. I’m finding it a great source of news and information which mainstream outlets seem to miss. Today he pointed to a remarkable piece of detective work by Brian Krebs, who runs one of the best security websites on the Internet. As Trump-fuelled demonstrations against the lockdown started to appear in (mostly) Democrat-governed states, he noticed a spike in new websites supporting these demonstrations. So he started to investigate who was behind this surge in new domains. Answer: (in Cory’s words) “Koch Network, grifters, GOP orgs and musketfuckers.” Some of the sites were basically fronts for selling libertarian tee-shirts. But it’s an interesting example of how how gun-fanatics and alt-right activists will exploit any opening for both political and financial gain.

Also illustrates how the US is morphing into a failing state.


A rhyme for our time

A friend who has a lovely wry sense of humour sent me this.

She described it in her email as “a piece of doggerel that I wrote to cheer myself up”. Well, it certainly cheered me up. But doggerel it certainly isn’t.


Contact-tracing apps. Our looming Faustian bargain

If you’re worried about proximity-sensing apps then this podcast episode with David Aaronovitch and Danny Fortson provides a very accessible explanation of the technology and why we might plausibly accept a Faustian bargain between privacy and escape from lockdown.

Thanks to Seb Schmoller for the pointer.


Quarantine diary — Day 33

Link


This blog is now also available as a once-a-day email. If you think this might work better for you why not subscribe here? (It’s free and there’s a 1-click unsubscribe if you subsequently decide you need to prune your inbox!) One email a day, in your inbox at 07:00 every morning.


Tuesday 14 April, 2020

Smartphone proximity-tracking is coming, so it’s vital to think about the dangers and how to avoid them

In addition to Ross Anderson’s observations on the Light Blue Touchpaper blog, another really useful source is the briefing on the technology by Privacy International. It concludes that Bluetooth is probably the least-bad option, provides an excellent primer on the technology and comes to a rounded, careful verdict:

Bluetooth LE has the capability of being both the least intrusive of tracking technologies (based on proximity between people choosing to use the app), whilst at the same time being highly intrusive in movement and interaction tracking (because its proximity is so small, and works as broadcast), and deanonymisation will necessarily cascade as the infection continues to spread, and uptake of apps increase.

As with everything we’re seeing in the age of Covid-19, we must be highly aware of the limitations of the choices we are offered. It is also important that technical and legal safeguards around the processing and storage of data — especially when those data can be used for deanonymisation — are not bypassed or ignored in the rush to deploy technology, however well-meaning or indeed vital it may be. It’s also important to ensure that there exists a genuine need to use location tracking that is supported by the scientific evidence, given contact tracing is more effective at earlier stages of tackling pandemics.

Balancing the risks of location tracking also involves consideration of whether the apps will be effective given the down-sides. In the example of the United Kingdom, as identified by the Big Data Institute, this not only relates to adoption of the app – they estimate that over 60 per cent of the UK’s population would have to be using the app for digital contact tracing to reach enough people as they become infected. It is also essential, in their view, that people identified by the contact tracing app be promptly tested. This may require a significantly higher rate of testing that we’ve so far seen in the UK. As of March 24, UK government data shows 90,436 people have been tested in Britain (population 66.44 million) compared to more than 330,000 in South Korea (population 51.47m).

Alternatives to using Bluetooth include the use of apps collecting GPS and Wifi location data and storing everything on a central server, or government authorities going directly to telecommunications operators themselves. Despite the drawbacks of Bluetooth, some of which we’ve explored in this primer, with the use of changing UUIDs, apps only tracking other users, and opt-in of upload of localised data, it’s a far less intrusive tracking method than some alternatives.

Emphasis above is mine. The technology is not a magic bullet. But it would be useful provided that people identified by proximity-sensing are promptly tested. Evidence so far suggests that the British state is nowhere near being able to do that.


Remember that the pandemic is also providing terrific opportunities for Big Brother. Which is why any legalised use of it requires sunset clauses.

As this useful compendium site demonstrates.

The point about sunset clauses (i.e. provisions in enabling legislation) is that they enable legislatures periodically to review the continuing need for the surveillance powers. That’s why framing the crisis as a ‘war’ on the virus is so dangerous: there isn’t any logical end-point for a ‘war’ against such a pervasive and elusive adversary. And so the powers will continue to be necessary ad infinitum. We should have learned that from the “war on terror”.


Zoom Is a Nightmare. So why is everyone still using it?

Here’s a fairly routine catalogue of Zoom’s multifarious flaws. But the author does ask an important question: should we collectively impose a sunset clause on our use of Zoom? That is, should we move to something better when this crisis eases or ends?

And what would that ‘something better’ be?


Missing the office? There’s an album for that

Now this is something you’d could not make up. You can buy an album of sounds from pre-1990s offices from the Smithsonian archive. They include a manual typewriter in action (and an electric one, though I’m not sure if it’s an IBM Golfball one) and even a Coffee-break, Complete with the sounds of coffee being poured from a jug!! Sacre Bleu!

What it brings back to me is the closing scene of the film All the President’s Men – which overdubs the distant commentary on TV coverage of Nixon’s Inauguration ceremony with the sounds of the Washington Post‘s newsroom, clacking typewriters and all.

Sigh. I had an Olivetti portable typewriter once. And an IBM Golfball too, for that matter. Remind me to tell you about the Boer War sometime.


Quarantine diary — Day 24

Link


This blog is now also available as a once-a-day email. If you think this might work better for you why not subscribe here? (It’s free and there’s a 1-click unsubscribe if you subsequently decide you need to prune your inbox!) One email a day, in your inbox at 07:00 every morning.


Thursday 26 March, 2020

This blog is now also available as a once-a-day email. If you think this might work better for you why not subscribe here? (It’s free and there’s a 1-click unsubscribe if you subsequently decide you need to prune your inbox!) One email a day, in your inbox at 07:00 every morning.


Quote of the Day

“Those who would give up essential liberty to purchase a little temporary safety deserve neither.”

  • Benjamin Franklin

Should we cross the privacy Rubicon? Will we?

Maciej Ceglowski, a great privacy campaigner and one of the best online essayists around, (and also proprietor of Pinboard.in the best bookmarking site on the Internet) uses the Franklin quote above in a sobering reflection on the Coronavirus pandemic. His essay is prompted by the ongoing (and intensifying) debate about whether the current ‘lockdown+isolation’ strategy for ‘flattening the curve’ of infections) is economically, psychologically and politically sustainable.

Everybody knows that even when we’re through the initial crisis the disease will not have been eliminated. It’ll be back in waves, hopefully of lesser intensity and reach, and each wave may necessitate a briefer return to another lockdown regime. So the economic and other consequences could continue, perhaps for 18 months or more.

What should we do, therefore, after the initial outbreak is contained — or at least rendered manageable in terms of health-service capacity? Ideally, we should have a managed return to work with people who have had the virus and recovered from it (and thereby acquired immunity) able to work normally. But we can’t do that safely unless we have a vaccine (months away at best, a year at worst) or a way of identifying who is infectious and capable of infecting others.

There’s already a strategy for doing the latter task: test extensively and track contacts of those who are infections. That’s what South Korea, Taiwan and China seem to have been able to do. But in the UK we’re still ages away from being able to roll out a large-scale testing programme. (Getting testing up and running at scale is pretty challenging.) We will get there eventually, though, and when we do the next task will be to track the contacts of every infected person.

Trouble is: that kind of tracking is incredibly labour-intensive. But, says Ceglowski,

we could automate large parts of it with the technical infrastructure of the surveillance economy. It would not take a great deal to turn the ubiquitous tracking tools that follow us around online into a sophisticated public health alert system.

Every one of us now carries a mobile tracking device that leaves a permanent trail of location data. This data is individually identifiable, precise to within a few meters, and is harvested by a remarkable variety of devices and corporations, including the large tech companies, internet service providers, handset manufacturers, mobile companies, retail stores.

Anyone who has this data can retroactively reconstruct the movements of a person of interest, and track who they have been in proximity to over the past several days. Such a data set, combined with aggressive testing, offers the potential to trace entire chains of transmission in real time, and give early warning to those at highest risk.

So it’s possible to do it. Doing so will probably enable a return to some kind of economic normality. But if we use the technology for this purpose we will have crossed the Rubicon into nightmare territory. And if we do cross, there’s unlikely to be a way back — because once states have acquired access to this technology, they rarely give it up. So will we do it?

Ceglowski thinks that we should. After all, he says,

This proposal doesn’t require us to give up any liberty that we didn’t already sacrifice long ago, on the altar of convenience. The terrifying surveillance infrastructure this project requires exists and is maintained in good working order in the hands of private industry, where it is entirely unregulated and is currently being used to try to sell people skin cream. Why not use it to save lives?

The most troubling change this project entails is giving access to sensitive location data across the entire population to a government agency. Of course that is scary, especially given the track record of the Trump administration. The data collection would also need to be coercive (that is, no one should be able to opt out of it, short of refusing to carry a cell phone). As with any government surveillance program, there would be the danger of a ratchet effect, where what is intended as an emergency measure becomes the permanent state of affairs, like happened in the United States in the wake of the 2001 terrorist attacks.

“I am a privacy activist”, Ceglowski writes, “typing this through gritted teeth”.

But I am also a human being like you, watching a global calamity unfold around us. What is the point of building this surveillance architecture if we can’t use it to save lives in a scary emergency like this one?

Great essay. Worth reading in full.


Quarantine diary — Day 5

Link


Why do people keep buying Amazon Ring?

I’ve got a good friend who has an Amazon doorbell and seems tickled pink by it. Normally, this would worry me, but he’s a sophisticated techie and I’m sure his security precautions are good.

But that’s definitely not true for most of the thousands of people who are buying the devices.

The New York Times has a helpful piece aimed at these neophytes. It opens with some cautionary notes, though:

The internet-connected doorbell gadget, which lets you watch live video of your front porch through a phone app or website, has gained a reputation as the webcam that spies on you and that has failed to protect your data. Yet people keep buying it in droves.

Ring, which is owned by Amazon and based in Santa Monica, Calif., has generated its share of headlines, including how the company fired four employees over the last four years for watching customers’ videos. Last month, security researchers also found that Ring’s apps contained hidden code, which had shared customer data with third-party marketers. And in December, hackers hijacked the Ring cameras of multiple families, using the devices’ speakers to verbally assault some of them.

Sleepwalking into dystopia

This morning’s Observer column:

When the history of our time comes to be written, one of the things that will puzzle historians (assuming any have survived the climate cataclysm) is why we allowed ourselves to sleepwalk into dystopia. Ever since 9/11, it’s been clear that western democracies had embarked on a programme of comprehensive monitoring of their citizenry, usually with erratic and inadequate democratic oversight. But we only began to get a fuller picture of the extent of this surveillance when Edward Snowden broke cover in the summer of 2013.

For a time, the dramatic nature of the Snowden revelations focused public attention on the surveillance activities of the state. In consequence, we stopped thinking about what was going on in the private sector. The various scandals of 2016, and the role that network technology played in the political upheavals of that year, constituted a faint alarm call about what was happening, but in general our peaceful slumbers resumed: we went back to our smartphones and the tech giants continued their appropriation, exploitation and abuse of our personal data without hindrance. And this continued even though a host of academic studies and a powerful book by Shoshana Zuboff showed that, as the cybersecurity guru Bruce Schneier put it, “the business model of the internet is surveillance”.

The mystery is why so many of us are still apparently relaxed about what’s going on…

Read on