What Government and Content Have in Common via WikiLeaks

open source, secrecy, privacy, research, policy, DRM

Like many who work in the area of government transparency and secrecy, I've found the recent WikiLeaks trickle-disclosure to be perplexing. Unlike the popular Twitter meme -- "I don't know if I'm pro-Wikileaks, but I know I'm anti-anti-Wikileaks" -- I think I'm both anti-pro-WikiLeaks and anti-anti-WikiLeaks... sigh.

I'm a moderate on many issues and I've always found arguments for full disclosure to be a bit weak. Often, the thinking in full disclosure circles doesn't go farther than statements like "information wants to be free", which is not the case (and is silly). However, after reading Aaron Brady's commentary on two of Julian Assange's essays, I was struck by two thoughts, both of which are probably no longer original, although I haven't seen them:

First, after reading the Guardian's Simon Jenkins say, "In the future the only secrets will be spoken ones", it struck me that what the US Government is probably now thinking is that it needs something like perfect DRM. That is, the government is struck with a need to share sensitive data in such a way that it best balances the benefits of sharing information and the risk of the sharing being so wide or poorly managed that someone can share that information with people not intended to receive it. Unfortunately, DRM has become a loosing battle in the content industry and now most digital music is shared in non-DRM formats. Also, there is the problem of the "analog hole"; that is to say, eventually this information needs to be displayed to human eyes or ears and it is trivial to capture it at that point for whatever purpose. Of course, there are big differences between the content industry and government and between infringers (of the personal or industrial variety) and spies or the disgruntled. Still, I'm waiting to hear more about why no tripwire was in place that would have prevented the alleged cables leaker from downloading all that material without a superior or auditor asking them, "For what analysis do you need 256k of these things?"

Second, part of the ideal behind WikiLeaks seems to be that openness is necessarily more just. That seems pretty crazy to me in the sense that mechanisms of justice necessarily require some aspects of secrecy. Anyone who has ever gone through the ritual of jury duty in the US will be struck by just how much strategic secrecy there is. There is attorney-client privilege. There is "sidebar" where the judge speaks to attorneys, principals, jurors, etc. in a confidential setting. There are a long list of things that one must disclose in secret to the Court so that the attorneys can see if you are impartial (and it's blind in the sense that they don't know who you are via the form). I don't have much profound here to say other than to emphasize that privacy and confidentiality are not a bad thing and can be a very very good thing for justice. Maybe I'm over-simplifying the case they make here.

Bulk Deletion of Spam Comments...

system, blogging, hacks, chilling effects, education

Apologies for the silence here... I've been busy and mostly posting short thoughts and such on Twitter.

The comment spammers seem to love a few of my posts... and moderating all the comment spam is a bit of a pain. Frankly, here's what I've been doing lately:

  1. Check my email for comment moderation emails from my blog software, quickly look through them to see if any are seriously humans with something to say. Moderate those as published.
  2. About once a month, issue the following SQL command on the database (through phpMyAdmin... note that your table name is probably different from mine as I made mine up):

    DELETE FROM `b2evo_blog_db`.`evo_comments` WHERE 
    `evo_comments`.`comment_status` = "draft";
    
  3. This drops all the rows in the db where the comment isn't yet moderated (published).

Alex Halderman's DC Council Testimony

elections, certification/testing, reform, news, open source, secrecy, problems, photos, friends, research, policy

Prof. Alex Halderman testifying in front of the DC Council on 10/08/2010 I captured video from today's DC Council Hearing of The Committee on Government Operations and The Environment.

Prof. Alex Halderman (Michigan), Susannah Goodman (Common Cause), Jeremy Epstein and Pamela Smith (Verified Voting) testified by yielding all their time to Halderman to speak to the technical challenges involved with internet voting and specifically the recent compromise of the DC Digital Vote-By-Mail pilot project that Alex' team was able to achieve. Alex' team included two of Alex' PhD students, Scott Wolchok and Eric Wustrow, Dawn Isabel (Michigan's Ethical Hacker) and Nadia Heninger, a PhD student from Princeton; I was an adviser to Alex' team.

This video is in raw form, so it's very big (318.2 MB):

http://dl.dropbox.com/u/8173121/DCCouncil-hearing-panel3-20101008.mov

(Here is a smaller version (153.1MB).)

I've done some paraphrasing of the key technical bits below.

Personally, as an adviser to Alex' team and as someone who was afraid that there would be no serious attack mounted during the test period, I couldn't have imagined a more successful demonstration of the technical challenges involved with fielding and defending an internet voting system. I have some thoughts that I'm writing up about what this test tells us from a policy perspective, but don't expect that very soon.

(I want to apologize for the beginning of the video capture where I'm looking at my twitter client without realizing that I'm capturing that over the video. Oh well.)


Interesting bits from the video

  • Cheh: "Basically, you're a hacker, is that what we're to understand?"
  • Alex: "No, I'm a professor of computer science."

Key new insights from Halderman, starting 9:01:

  • Other attacks did go undetected.
  • The Michigan team had been controlling and monitoring the routers and switches connected to the pilot network from the beginning.
  • Access was easily achieved because a default master password was left unchanged, which one can look up in the owner's manual. This was a 4-letter password.
  • The team could watch in real-time as system administrators configured and tested the equipment.
  • They Could also watch staffers on camera as the team found that security cameras in the data center were on the same network as the testbed.
  • 10:13: Alex passes out pictures from the cameras taken of people in the data center.
  • The team could observe these system administrators as they entered passwords on the system as well as watch them on camera.
  • This network-based attack amounts to a separate, second way to steal votes, etc. in a real election.
  • 11:20: It became clear that the team was not the only ones trying to attack.
  • While they were in control, they observed other attack attempts originating from Iran and China, attempting to guess the same default master password.
  • They defended the network by blocking these attacks, adding firewall rules and changing the default password.
  • Cheh: So, you changed the password of the BOEE system?
  • Alex: Yes, of the pilot system.
  • Alex does not feel that these were part of a targeted attack against the BOEE.

....

  • 12:40: All these things could be fixed, but it's vastly more difficult to create a secure internet voting system.
  • The crux is that there is no independent record of the vote.

...

  • 14:05: it will probably be decades, if ever, before we can perform voting over the internet safely.
  • Web security is a terribly hard problem.

....

  • 14:34: Alex later examined the data they had collected, files left around on the server, and one thing was incredibly shocking.
  • They had tested the file upload portion to make sure that files either too small or too large were not allowed.
  • These files look like they were just files laying around on some BOEE computer.
  • Some were simple single-page PDFs. One was the installation file for a Macintosh development tool.
  • 16:16: One of the files, which Alex has with him (he pulls out a cardboard box and takes out a large document, looking like two reams of paper).
  • This file was a 937-page PDF document... it appears to be the 937 invitation letters that each voter was sent to participate in this election.
  • They examined the file metadata; the author of the file is Paul Stenbjorn.
  • It appears that this may be the real thing.
  • Alex found the document on the testbed server, a system that the BOEE invited people to break into and that the team did break into.
  • We have no way of knowing who else has access to this.
  • The PINs in these documents are the most critical secrets to protect these votes.
  • If the digital ballot return had been used, a criminal could have used these to cast a vote for each voter and prevent them from voting.
  • Why was this file on the testbed system?
  • Alex is deeply concerned that the BOEE does not take security seriously and that it fails to appreciate the security challenges that are faced by any internet voting system.

Permalinks for California Bills?

system, elections, hacks, news, wtf?, chilling effects, research, policy, usability, legal

I've worked with California legislation and law for almost a decade, and one consistently frustrating thing is that it seems impossible to link to bills.

For example, Gov. Schwarzenegger signed SB 1404 yesterday, which is a landmark bill to require voting system manufacturers to report to the CA Secretary of State any known flaws and defects in their products. To find this bill, one would normally do the following:

  1. Open http://leginfo.ca.gov/
  2. Click on "Bill Information".
  3. Select "Senate" in the drop-down and type "1404" in the text field and submit.
  4. This is the "splash page" for a legislative bill with all the associated information... including past versions, bill status.
  5. Woo!

However, how does one link to that page? It's a POST query, which means the terms are hidden and there's no obvious way to link to this page. However, after asking a friend who works there, this seems to be the goods, at least for current bills:

http://leginfo.ca.gov/cgi-bin/postquery?bill_number=sb_1404&sess=CUR

Sigh. Citability, anyone?

Checking a Web Page for Updates

elections, hacks, open source, research, education, development

I really like http://watchthatpage.com/ for tracking changes to web pages, but it's mostly useful for changes on the order of a day.

Today, due to the DC Digital Vote By Mail pilot project, I find myself wanting to monitor changes on the order of 5 minutes or so. (DC has a limited number of testing credentials that it will issue, and I don't know when that link will go live!)

So, this is a perfect job for a simple shell script.

First, it would be useful to have a generic script that took a web address as a URI and then compared the new version to an old version. So, I put this in a file called checkpagechange, made it executable and stuck it in /usr/bin:

#!/bin/bash
curl -s $@ > /tmp/new.html
diff -u /tmp/old.html /tmp/new.html
mv /tmp/new.html /tmp/old.html

This uses curl to grab the page and save it to /tmp/new.html, then uses diff to compare this version to an old version and then moves the new version to the old version's location.

Then one can do checkpagechange http://foo.bar and it will print to the screen any changes. Of course, the first time old.html doesn't exist or is something from another page.

To accomplish my goal for today, I can just put this last command in a loop for the URI for which I'm interested. That is, I create a small specific shell script to use this in a loop. Save the following to something like checkdc.sh and make it executable:

#!/bin/bash
while [ 1 ]
do
   echo `date`
   checkpagechange http://www.dcboee.us/DVM/
   sleep 300
done

This is a infinite loop that first outputs the date and time to the screen, then uses the previous script to output any changes in the web page and then goes dormant for 5 minutes (300 seconds).

You can run this in a terminal window and place it off to the side so that just the first few letters of the date are visible... when that changes, voila!

Contact / Help. (cc) 2018 by Joseph Hall. blog software / hosting.
Design & icons by N.Design Studio. Skin by Tender Feelings / Evo Factory.
And a few words about the structure of the eye . Everyone " retina ". Especially often we hear it buy clomid online in the phrase " retinal detachment ." So what is the retina ? This - the front edge of the brain, the most distant from the brain part of the visual analyzer. The retina receives light first , processes and transforms light energy into irritation - a signal that encodes all the information about what the eye sees . The retina is very complex and in their structure and function . Its structure resembles the structure of the cerebral cortex. The shell of the retina is very thin - about 0.14 mm.