post

John Oliver on Encryption

John Oliver’s show Last Week Tonight talks about the Apple/FBI controversy and that strong encryption poses problems for law enforcement, but is weakening it worth the risks it presents? It’s…complicated.

post

Seriously Minneapolis StarTribune? “U.S. security at stake as Apple defies order”

Click for an update - 4:04pm
iphone-in-handTo say I was stunned reading this editorial in this morning’s Minneapolis StarTribune is an understatement. I rarely get fired up enough to write a letter to the editor, but this time I felt compelled since they got this so wrong and I’m embarrassed for them that they published this editorial.

I just sent them my rebuttal and I reprint it below with the StarTribune’s paragraphs in italics and green. Also, since the StarTribune apparently did little-to-no research, I’ve provided them with helpful links.

Curiously the StarTribune changed the linkbait-like editorial title in the online version by toning it down, perhaps realizing that characterizing it as “Apple defies order” is wrong: National security is at stake in Apple’s faceoff with feds.

U.S. security at stake as Apple defies order

Apple Inc., the world’s largest info-tech company, now stands in defiance of a federal court order, saying it will fight attempts to force it to help the FBI crack the iPhone of a San Bernardino terrorist involved in a major attack on U.S. soil that left 14 dead and 22 injured. Apple says the government is overreaching and would be setting a dangerous precedent.

The company is wrong on both counts, but the world of encrypted information is a complex one. It is worthwhile to proceed carefully, because this could prove to be a critical showdown in the growing clash between privacy and national security.

Your editorial, “U.S. security at stake as Apple defies order” was one of the most stunningly naive positions I’ve read yet when it comes to the controversy over Apple’s stand on weakening the encryption of one, single iPhone. A weakening that would instantly open a Pandora’s box of cyber threat problems of which you are obviously clueless and seemingly dismissed out-of-hand.

First, it should be noted that the government negotiated for two months with Apple executives. When those talks fell apart, Justice Department officials turned to a federal judge, who ordered the company to create a way to bypass the security feature on the phone. The FBI had obtained a warrant to search the phone and, not incidentally, the consent of the employer that had issued the phone to Syed Rizwah Farook.

First off, it should be noted that the FBI permitted San Bernardino officials to change the password on the terrorist’s iCloud account (rebutted by FBI, now blaming official) and only then, obviously realizing their mistake, requested Apple’s help. Had they not done so Apple has stated publicly it would have been possible to obtain the shooter’s iCloud backup data. Since this mistake was made, the FBI then negotiated with Apple to recover what they could. Discovering that doing so was not possible, and subsequently failing in convincing Apple to create software to weaken iOS (the operating system that controls the iPhone and iPad) so they could break into the device without having it ‘wiped’ by its ten password attempt limit, the FBI then obtained a court order hoping to force Apple to create a method to do so.

Apple has complied with what Justice officials characterize as “a significant number” of government requests in the past, including unlocking individual phones. Apple CEO Tim Cook has become increasingly concerned about customer privacy, particularly after 2013 revelations by whistleblower Edward Snowden about massive government surveillance operations. The company has continued to tighten its security systems and decided to no longer maintain a way into individual phones. Farook’s iPhone 5c was among those with a 10-tries-and-wipe feature that essentially turns it into a brick if too many false passwords are entered. Newer operating systems employ ever-more-sophisticated security features.

The government’s authority to get private information, such as texts, photos and other stored data, through a warrant is not at issue. The key here is whether the government can compel a private company to create a means of access that the company contends will weaken its premier product.

Cook maintains that creating a “master key” to disable security on Farook’s phone ultimately would jeopardize every iPhone. With more than 100 million in use across the country, that is no small threat. There are, however, technology experts who say Apple could create a bypass — allowing for what’s called a brute force hack — without affecting other phones.

With respect to your position on Apple’s creating this sort of “bypass” for this single iPhone, all while acknowledging this is not a “small threat” for the 100 million iPhones already in existence, you then opined, “There are, however, technology experts who say Apple could create a bypass” “without affecting other phones.” This is your supposed justification for minimizing the threat of putting in a backdoor (or what you euphemistically characterize as a “bypass”) for those 100 million+ iPhones already in existence? Who are these so-called “experts” anyway?  [Read more…]

post

Seeking Meaning: Why Baby Boomers Refuse to Retire

boomers

As baby boomers my wife and I approach our “third half” of life (i.e., retirement) with both excitement and trepidation. We’re excited we’ve saved and invested so we can travel, be in a warm climate and out of Minnesota winters, and focus on those things we love best like family, friends, reading, learning, and above all, having experiences. But at the same time we’re nervous about being bored and not having a purpose and we certainly don’t want to essentially hang around until we die.

Turns out baby boomers like us are seeking meaning and are increasingly turning away from a life of leisure and instead moving toward ones filled with activity and purpose. Fast Company had this article about it today that is one of the best ones I’ve yet read about the “new” retirement and what it’s like:

How will all these aging boomers thrive in the 21st century? According to many experts on aging, it’s increasingly by staying in the workforce, at the very least on a part-time basis. As noted by Gallup in their “Many Baby Boomers Reluctant to Retire” report, “Nearly half of boomers still working say they don’t expect to retire until they are 66 or older, including one in 10 who predict they will never retire.”

So it’s not about needing money. It’s about what value we’ll bring to the world in our third half and the meaning that will instill in both of us.

Read more at Fast Company….

post

The Internet Revealed in 1993

stewart-cheifet-on-set

Stewart Cheifet and guest on the set of Computer Chronicles

Stewart Cheifet‘s show Computer Chronicles was one that chronicled the evolution of personal computing, digital devices as well as enabling technologies like this networking technology we know as “The Internet.” His Computer Chronicles YouTube channel is an archive of shows that reported on some of the most important developments in all of those areas, especially this particular show which covered this nascent networking technology we now cannot live without.

Fun Factoid
For those of you in Minnesota, at 9:37 you will see a brief demonstration of Gopher, a protocol developed and released in 1991 by a Mark P. McCahill-led team at the University of Minnesota. Since universities were heavy pre-commercial-and-world_wide_web-internet users, they needed something to make it easier to find stuff. Gopher was “...designed for distributing, searching, and retrieving documents over the Internet. The Gopher protocol was strongly oriented towards a menu-document design and presented an alternative to the World Wide Web in its early stages, but ultimately HTTP became the dominant protocol. The Gopher ecosystem is often regarded as the effective predecessor of the World Wide Web.” (my emphasis).

 

post

We’ve Come Far Since Macworld 1989

When it comes to computers and digital devices, it’s often tough to see how things evolved unless you were living through it. This video, on YouTube but also where I originally found it at the Internet Archive of a Computer Chronicles show from Macworld 1989, will give you a sense of how tiny, incremental changes were big news at an event like this one.

The new “030” chip (the processor in a new Mac SE/30) to “accelerator cards” to “color output” was that big news which, watching this video now, seems like a big snooze! It does, however, show how tiny incremental changes led to where we are today.

While I wasn’t at this particular Macworld (I was at several both before and after this one) it was an exciting event and the show was packed with vendors who sold lots of gear to go with the Macintosh.

A review of the annual west coast Macintosh trade show from San Francisco’s Moscone Convention Center.

Guests: Charlie Jackson, Silicon Beach; Roy Endres, Multi-Ad Creator; John Warnock, Adobe Systems; Brian Welter, Altsys

Products/Demos: Claris MacWrite II; Silicon Beach Supercard; Texas Instruments Action!Tektronix Quick Inkjet; Kodak Color Video Printer; Thunderware Lightning Scan; Dove Marathon 030/SETPS Smartcard ADBMicrotech R45 Cartridge Drive; Ricoh Erasable Optical Drive; Activision Manhole; Nexsys Gas Plasma Display; Berkeley Systems Outspoken

post

An Internet of Treacherous Things?

Cory Doctorow continues to provide incredibly interesting, provocative, and strong perspectives on the Internet of Things (IoT). He does so within the context of what’s happening globally as well as with United States law, but also with an eye on privacy and security implications.

In this talk from O’Reilly’s Solid Conference 2015 (one I’d not yet seen though it’s been out for awhile), Cory ranges from “ecosystem” strategies to the war on terror, from the copyright wars to the subprime lending industry, and how it seems like everyone wants to build an Internet of Treacherous Things whose primary loyalty is to someone other than the people with whose lives they are intimately entwined.

For more…

post

Mac Ransomware is Close & You’re at Risk

macuserAs Mac users, most of us have been quite smug about the fact that our operating system isn’t as vulnerable to trojans, malware and ransomware as those other guys running Windows. While mostly still true, the growing popularity of Macs means that we users of OS X are A LOT more at risk than ever before.

The first Mac OS X ransomware has been demonstrated by a Brazilian cybersecurity researcher Rafael Salema Marques (see Mabouia, the first crypto-ransomware for Macs arrives). Since the concept is now out, it’s just a matter of days or weeks before we see some malware like it in the wild. The security software and services firm, Symantec, has confirmed the concept is real and would work.

[Read more…]

post

New Receiver Makes a Home Theater Awesome

PioneerElite_VSX-45Are you growing weary of having to constantly upgrade your technology? Me too, except for things I use all the time like my iPhone, computers, Wifi routers and items like those.

But upgrading home theater components is usually not top-of-mind when it comes to getting new gear. Even though we have a big Samsung TV, a phenomenal speaker system and devices like a TiVo, new AppleTV and Roku, my fairly expensive Yamaha receiver had not been upgraded for about five years. Still, it was good enough, or so I thought.

My head was turned by a hot price on the Pioneer Elite series VSX-90 receiver and I told my buddy Eric about it. Though it had a few more features than its little brother the VSX-45—and I know the Pioneer Elite series well since I used to work for the company in the early 90s—I didn’t need those additional features in the 90.

I’d told Eric since he also needed to upgrade two of his receivers. He did need some of those extra features, and he’d gone shopping at Best Buy. He purchased two of the VSX-45’s at a rock-bottom Best Buy sale price of $249 (now it is back up to $449.98) and had decided to take one of them back and get one VSX-90. So he called me and offered it to me at the same price so I bought the VSX-45 from him since the sale was off.

Why am I telling you this tale of receiver upgrading? Because your TV and movie watching experience—regardless of how good your TV is or your streaming box—will be A LOT better if your audio isn’t mediocre. If it is mediocre it will negatively impact your entire experience! [Read more…]

post

You May Never Be Able To Grab The Carrot

dangling-carrotIf you are enticed to become “a stakeholder” in a company or startup by having the stock options or warrants carrot dangled in front of you as an incentive, my own “stock options and warrants” tales of woe are a flip-side you need to hear. Especially since you’ll hear A LOT of the “You’re gonna GET RICH” from those trying to hire you or colleagues naive enough to think stock values go up automatically.

TALE #1: STOCK OPTIONS
In December of 1999 I accepted a job at Vignette, at the time the fastest growing software company in history. With the initial shares I received, and the ones I’d be granted and earn-out over four years, I began to consider the realistic possibility that I’d enjoy an options gain of $5-6M over that four year vesting period.

You know about the “dotcom” crash in March of 2000, right? I sure do because Vignette never recovered and the stock (and my initial options) tanked. Though subsequent option grants were adjusted downward, those ended up in value too. It’s been said that “you can make a lot of money on the way up and the way down” if you hang in there with a downtrending company and I did, but that money was NOT made on stock options. When I left in 2003 with thousands of fully vested shares…they all were so far ‘underwater’ that all were worthless.

Vignette_Logo_1000x288Don’t think “Oh poor Stevie…he missed out on being rich” since I’ve done all right over the years and have a wonderful family, friends, my health and (hopefully, if the economy holds) a solid retirement portfolio. Plus, my Vignette experience was a remarkably good one. I worked with lots of great people, met and hung out with a handful of executive-level customers, most of whom I’m still in touch with to this day. Went on club trips (my wife and I took our kids with us to Maui to the Four Seasons) and learned a lot playing the enterprise game at that level.

Sure would have been nice to make millions though, heh? Yes, but after a stint running strategic alliances at Lawson Software (now part of Infor), I ended up going off on my own to perform management consulting and had an opportunity with startups and young companies that gained me tens of thousands of stock warrants…ones that would surely make me rich. Or so I hoped.  [Read more…]

post

Is Congress Really Gearing Up for an Encryption Battle?

bitsAfter the attacks in New York on September 11, 2001, Congress passed the poorly thought-out Patriot Act. Friday’s Paris attacks seem to be (once again) providing Congress with another excuse to try and legislate making United States encryption weak and putting another obstacle in the way of U.S. technology companies selling overseas.

That’s right….weak. Virtually every single cryptography expert on the planet knows that a force-mandated “backdoor” in software or devices will not work and will make the systems vulnerable to attack by black-hat hackers or state-run military cyberattacks.

Today’s Wall Street Journal had this front-page article, “Paris Attacks Fuel Debate Over Spying – Growing belief that terrorists behind assaults used encrypted communications prompts re-examination of U.S. policy on surveillance.” A few things from the article leapt out at me:

“A growing belief among intelligence officials that the terrorists behind Friday’s Paris attacks used encrypted communications is prompting a far-ranging re-examination of U.S. policy on data collection and surveillance.”  

No kidding. Anyone on this planet with intermediate technical skills can encrypt their communications.

Senator Richard Burr

Senator Richard Burr

Sen. Richard Burr (R., N.C.), chairman of the Senate Intelligence Committee, said Tuesday his panel will launch a review of encryption use. “It is likely that end-to-end encryption was used to communicate in Belgium and France and Syria,” Mr. Burr said. He said encryption was likely because no direct communication among the terrorists was detected.”

Really Senator? Maybe they met in person?

But this is the part of the article that made me choke on my breakfast muffin:  [Read more…]