Category: surveillance

The problems of Puffin Party security

Here’s an interesting story of a Russian military intelligence officer deployed into Ukraine, apparently under plausibly-deniable cover, whose communications were meant to hide in plain sight among the chaotic noise of the Internet. Specifically, he’s a gamer and re-enactor in private life and he tried to use the channels of this subculture.

Unfortunately for him, it only cuts both ways up to a point. You can’t operate in the apparent anonymity of the Internet without also accepting its distinctive threats, and Anonymous got into his e-mail account with hilarious consequences. What appeared to be a trivial and frivolous subculture providing nonthreatening space turned out to expose him to everything Putin hates in the form of a genuine security threat.

I have just been reading Danah Boyd’s fine It’s Complicated: The Social Lives of Networked Teens, and an important point that sticks out is that a working definition of privacy is the ability to choose your audience.

Satellites to new heights

I’ve recently seen someone from the Satellite Applications Catapult come up on the UKNOF mailing list, asking about how best to get dark fibre from their Harwell offices into London with a view to distributing lots of satellite imagery. Obviously a CDN is the way to go, but the first thing that came to mind is whether they’ve got a new satellite. I mean, it’s vaguely surprising that an organisation that runs its own cloud platform would be asking for fairly simple networking advice, and even more so one that owns this.

Context, and more, plus much more in this category.


OK, so the weird weather and infrastructure crisis exacerbated by the Galbraithian combination of private affluence and public squalor is being monitored by the local newspaper using a web platform for 140-character snarkfarts and cat photos, and their robot air force. That, you know, provincial newspapers just have at the back of the newsroom. This is basically a Bruce Sterling novel, isn’t it?

Some Snowden consequences

Sir Humphrey says among much else, all worth reading:

An outsider looking in may well conclude that the sort of military assets needed to build and effect long term change, stability and security are those which have effects such as training teams, defence attaches, limited professional training and so on with the nuclear deterrent as the ultimate guarantor of security, and not so much on very heavy army assets like armoured divisions which are much harder to deploy. Looking more broadly, things like focusing heavily on cyber security defence is arguably more important than some other tasks – this is perhaps the problem facing the military today. The sort of interaction many nations want is quite localised, involving maybe a training team or specialist advisors or access to training courses.

I don’t think anyone can disagree that all sorts of countries, flooded with new electronics and computing capacity, well aware of the vast advantages it gave Western militaries in the last 30 or so years, are probably both deeply worried and also only vaguely informed about their information security problems.

Similarly, deploying four people from CESG or JANET CSIRT to do an assessment is the sort of thing that might gain friends and influence people, at remarkably low cost. We sent the Red Arrows on tour around the Gulf and did a half a dozen squadron-sized Typhoon deployments trying to sell Eurofighters with vast amounts of extremely expensive taxpayer-funded whoosh. “Cyberengagement” or better “information security cooperation” sounds like a great idea.

Until you remember that we hugely overdid the intelligence half of the whole thing, our fibres are radioactive, GCHQ pulls in the Queen’s selfies to the pool boy, if you ever sent a vCard on a UK-owned GSM network they kept it, and literally nobody will ever trust us on this issue ever again.

This goes double, triple, or quadruple with the news – try ioerror’s CCC talk if you haven’t already – that we’ve been involved in trying to compromise security tools, forums, and infrastructure everybody uses. I find this more shocking than pretty much anything else in this story.

Reading the newspaper, carefully

This Indy story is making some waves.

The first point I’d draw from it is that the UK special relationship with the Gulf states is getting another go-round, and William Hague seems mad keen. As well as a lot of effort to sell stuff, and the town the size of Wigan or Oxford made up of expats, there’s been informed talk of one or other GCC state wanting an RAF squadron stationed there (as if we had Typhoon airframes to spare, which we don’t, but that’s another story). A GCHQ presence fits right in. It also fits right in with the theme of keeping some of the Iraq/Afghanistan infrastructure in being on a long term basis.

The second point is that persons interested in knowing more would do well to consult a map of submarine cable landings. The third point is that Glenn Greenwald clearly has no idea who Duncan Campbell is, although I guess this is fair for someone who isn’t a British journalism trainspotter.

The fourth point is that there is a far simpler explanation of the story that works with both the Indy‘s claims and Snowden’s denial of giving them any information. That would be “the Indy deduced it by close reading of the Snowden stories, and then trailed it past a source”. Literally every occasion this blog has published substantive news (and it has! now and then in the last 10 years) was based on something like that, and IF Stone apparently said that it’s amazing what you can find out by reading the newspaper carefully.

GPS jamming for fun and profit, or at least workplace dignity

Here’s a really fascinating article in Inside GNSS about the proliferation of electronic countermeasures against GPS. The heaviest users are lorry drivers, who use GPS jammers to disrupt management surveillance of their working day. I would guess that this has probably benefited from an existing culture of radar detectors, GATSO databases, and such.

This causes curious side effects, notably where major motorways are close to airport runways for which a GPS-based nonprecision approach is published (the authors propose various algorithms), and in financial districts where high-frequency trading systems require very accurate timing. This results in a large concentration of tier-1 NTP servers fed by GPS receivers, that get disrupted on a regular basis by a delivery van using a jammer.

Another interesting use case that comes to mind is Google’s NewSQL, globally distributed, column-based data store, Spanner, which relies for its versioning-based consistency guarantee on very accurate timing typically derived at each location from multiple GPS receivers. The Googlers did build in cross-checks between sites, not being dumb or anything, so there are limits to how much weirdness it could cause.

The devices cost a few dozen galactic credits a go. Inside GNSS points out that they are advertised on the basis of how much Tx power they crank out, which isn’t ideal as the GPS signal is very diffuse at this distance from high earth orbit, and any more than the minimum power to drown it out both buggers it up for others and increases your chances of being detected.

I feel I should point out that Charlie Stross actually suggested this solution, or actually a somewhat more advanced one more like this, in comments right here on this blog as a way of defeating Alistair Darling’s national road-pricing system. Sadly, even Google search can’t find it in the old enetation comments system.

Meanwhile, in Keighley:

Mrs Orchard, of Denholme Gate, said shortly after her sick leave started, odd phone calls were made to the family home by people asking if she could do some work for them, her family and neighbours saw men hiding in cars outside her home, and then she found a GPS tracker had been attached to the underside of her Audi car.

two points on Snowden in the UK

Just a couple of points about the British wing of Snowden. First of all, what function does it serve to go begging to the Americans for sums of money that aren’t especially big in the context of a £1.8bn single intelligence budget?

Well, the money is a costly-signal that UK cooperation is valuable to the Americans. This legitimises the “NSA ask” in return. And in turn, the “ask” can be used to lobby the rest of government. We must have X, Y, and perhaps even Z because otherwise we’d displease the NSA and they’d pull their contribution…which you would have to replace!

Second, it’s interesting the way the government likes to re-use acronyms. According to Richard Aldrich, GCHQ’s budget line-item for fundamental research in cryptography and computing was called “Methods to Improve” throughout the coldwar. It’s no surprise, then, that “Mastering the Internet” has the same acronym, and probably a fair guess that the new name meant much the same thing but with Internet awesomesauce to impress notorious e-mail printer, Tony Blair.

Get involved.

So, the Sun is on the move. This was a bit of a surprise to me, what with News reorganising to separate the UK papers from Sky. You might think the papers look like a cost centre without the TV assets, or that the division is intended for sale as a package. But they’re up to something interesting.

The headline is that the Sun website is going behind a paywall, but this is really beside the point. The core of the offering is a mobile app that provides football highlights and daily deals – the details are at the link – but the really interesting bit is that you have to buy the paper to activate the app. The website is here or there; it’s about the mobile app, the paper, and (as always with Murdoch) the crosspromotion.

The other really interesting thing here is that News knows in some detail who sells copies of the paper, how many, and where. In the UK, newspapers are distributed on a sale-or-return basis. The retailer orders as many papers as they think they need, and bundles up the unsold copies for collection with the morning’s delivery. These are counted, and deducted from the retailer’s bill. If you’ve ever been in a corner shop late at night, you’ll have seen the shopkeeper bundle up, count, and label the returns with the preprinted barcode supplied by the wholesaler.

The point of the exercise is that the newspaper, not the newsagent, takes the risk. This is important because, obviously, the paper cannot sell if it is not on the shelves. If the newsagent gets stuck with unsold copies, they will order fewer papers and take the chance of running out. Alone among British newspapers, The Guardian is distributed on cash terms, which is why it’s so often sold out. I think they consider it unsportsmanlike or something.

So, to shorterise: the sale-and-return distribution model requires the publisher to know all the points of sale. Another feature is that it is a great way to measure the newspaper’s effective circulation in detail, and as the papers are being accounted for, this is subject to the paper’s auditors. You can see why advertisers might like this.

Now, the Sun is going to be getting its readers to type or scan something in the paper into the app. If, as I pointed out on Twitter, this something is specific to the individual papers, it’s possible to identify where the user buys their newspaper. I had some doubts about practicalities in the printing process, and wondered if they intended to do something clever with the PayPoint API or hand out separate inserts to be added by the newsagents.

But today, the question is answered – I was able to examine a pile of the things, and they indeed carry a 9 12-character unique identifier, printed as part of the newspaper. Keen and agile minds will observe that this provides enough entropy to identify the whole print run uniquely, indeed, a print run substantially bigger than even the Daily Mirror‘s 1960s five-million plus. This might mean that it encodes more information than just a serial number, or alternatively that they’ve left space to do so should they want to in the future. Also, it’s not obviously sequential, so you can’t trivially work out the daily print run, although I haven’t made any serious study of this.

(Update): It’s actually 12 characters, in three alphanumeric groups of 4, and all the issues I’ve seen started SS… today. That might be part of a geographic identifier, but it might also be Sunday Sun. Anyway, that gives quite a bit of scope.)

Why is this useful? Well, this gives them insight into close-up neighbourhood geography across the UK. People are likely to buy their newspaper in the same place as they buy plenty of other things, for one. But it’s also a look into the UK’s cash economy. Newspapers have always been sold mostly for cash, anonymously. And the heavy dose of football in the experience points at other ambitions. After all, they can probably work out which is your local pub, and a lot of them have a WiFi hotspot provided by the Sky (ISP) subsidiary The Cloud.

It is probably telling that this comes just after their new “casual” Sky TV offering, something which seems to exist to satisfy demand generated by advertising in the Sun app. Also, Sky TV has always been very good at last-minute ad insertion.

But there’s also a political element here, especially for those of us who fundamentally wish ill to all Murdoch’s business ventures. When the News of the World was rolled into the sea like a sack of waste, as Hunter Thompson said of Richard Nixon’s mortal remains, I was very impressed by the public response, which was either rejoicing, or else, absolute apathy. None of its millions of readers was moved to protest or even to complain. Surprisingly few of them even bother to buy the Sun on Sunday. As a result, I asked on this blog if Sun readers actually exist, in the sense of people who self-identify as such, rather than being labelled by others, in the way that readers of the Guardian, Telegraph, or Mail do in Jamie Kenny’s sense.

In this sense, I think this project is an effort to make Sun readers out of people who happen to read the Sun in the same way as some people happened to consume the News of the World as a weekly kitschburger, a newspaper-style product. The polite way of saying this is “deepening user relationships”.

The really depressing element of this is probably how much of the ad revenue sounds like it’s going to come from gambling. No, it’s not even that, even if the goal of the week starts coming with an editorial soundbite like page 3 did in the Rebekah Wade years. (That said, the business model may well end up being all about cross-media advertising – the Springer papers in Germany seem to be trying to collect as many classified ad outlets as possible.)

The really, really depressing element of this is the increasing degree to which your local pub is being converted into an integrated Murdoch experience. I already resent this (how could I not?) but it’s only going to get worse. Note that the TV ad strapline for all this is “Get Involved”.

(Note: Le Monde‘s South Kensington correspondent Marc Roche argued a few weeks ago that the Sun‘s problems were down to the “disappearance of the blue collars and their replacement by immigrants who can’t speak English”. The Sun does not appear to be basing its strategy on this, to say the least.)

#ifIhadglass I’d probably crash the aeroplane

With luck, the image of Asiana Flight 214 burning out on the end of Runway 28R at San Francisco International Airport should become an icon of our future.

Why? Forget the sterile row between Malcolm Gladwell and whoever. Concentrate on the person at the left, taking a photo on their iPhone. Fortunately, they probably don’t have Google Now, so it won’t have told them to go back to work. One point that kept getting made in this thread wasn’t about Korean culture, or even crew-resource management, but rather about the kind of future they’re selling for all of us. Let’s recap this quote:

maybe we could get the interface down to an iPhone app that would superimpose a bright white line over the camera’s view of the surrounding street just telling us where to walk and what to do and buy all day long. Wouldn’t that be a bit of a relief?

And also this post on the classic “Children of the Magenta Line” lecture.

Now, something which keeps coming up in discussions of how that B772 ended up there (the key text being in here) is that Asiana was an early, and unusually intense, adopter of the aviation abbreviation FOQA – Flight Operations Quality Assurance. This comes up all over the place, mixed with pub racist comments on Koreans, people who want to bash Airbus and have apparently forgotten that the plane was a Boeing…the interesting thing is that I don’t think Korean culture was important here, so much as an emergent surveillance culture that is fundamentally global.

So, FOQA. This basically means downloading the quick-access flight recorder at each stop and cramming the data into some sort of big table, then running queries to see if anyone’s been a bad boy. Now, this is not in itself stupid. Much of the CRM revolution in aviation was founded on using data as a way of sidelining authoritarian sky-god types’ machismo and bullshit.

There are sensible ways of doing this. For example, a large majority of landing accidents result from an unstabilised approach; you might define a stabilised approach as one in which the aircraft is on the centreline, on the glide slope, at the correct speed, having completed all the checklists for landing, by say 1000ft of altitude. Otherwise, you should go around and try again. You might decide to officially not care about the go-arounds, and care about anyone who pressed on.

What gets measured, gets managed, though, and therefore, this project has an evil twin. What if we were to identify a platonic ideal for the approach into each destination we serve, define the LNAV-VNAV path for that, and check each flight’s exact numbers against it? We could identify the six-sigma limits, and then put the fear of God into anyone who overstepped the mark.

And that’s roughly what they did.

Of course, there is a response to surveillance. In this case, it took the form of using the automatic pilot whenever possible. The original autoland concept was built on the idea that the computer can (usually, with important exceptions) steer more accurately than you can, but it cannot command as well as you can. As the FOQA monitoring values the absence of deviation from a programmed path above all else, this was a winning strategy. The monitoring program could value nothing else, after all.

This meant both a progressive loss of manual skills – the usual take-home from Children of Magenta – but also a loss of competence with regard to using the automatic systems. Rather than responding to an unusual situation by either flying yourself, or commanding a different flight path on the mode-control panel, people began trying to manage the automation around it, operating at yet another level of abstraction. When the line it was following didn’t go the right way any more, they tried to get the right line, rather than going the right way. There’s a great example of this in here if you like 111 page French air accident reports.

(It is very telling that pathological learning seems to characterise human-computer interaction in all kinds of contexts.)

And they will do this to you. Have you registered your vitals with your line manager yet? On the other side of the political tracks, do you know your annual electricity consumption?

The problem with the last one is that it’s perfectly plausible to me that the best option isn’t actually staring at a display to work out whether you’ll be the biggest electricity saver among your Facebook contacts if you run the washing machine now and can you wait before you run for the bus to get into work and are you worried you might blow your stress metrics and get fined? Perhaps it might just be a shit idea? Perhaps, actually, we ought to concentrate on greening-up the national grid? Perhaps your health might be better if they didn’t do this shit to you?

But this is not one of the options provided, just ever more surveillance, imposition, and bullshit. You can’t optimise your way out of a problem unless you can control the target criterion of that optimisation.

The Asiana accident and Children of Magenta are interesting, politically, in that it’s a long-running experiment with a lot of data points that was run on an elite population, and that worked pretty horribly. However, although it’s generally agreed to be a failure, it’s still hard to roll it back.

As an interesting counterexample, look how well the pink-collar artisan class did in the crisis compared to the elite-under-surveillance up front. That’s leadership, but then, that’s usually defined as being what you do outside the defined circumstances of normality.