Not as secure as it SIMs

February 21st, 2015

simIf you knew, or cared, anything about the way your mobile phone communicates with the mobile network, you may have believed that your calls were secure and private, at least as far as the core of your provider’s network. They should be, too, if you’re on a 3G or 4G network: the SIM in your phone includes encryption keys known only to it and the mobile provider, and these are used to encode the voice and text traffic so that anyone snooping on the radio signal, or on the backhaul network between the base station and the provider’s headquarters, would not be able to make head or tail of the stream of bytes flowing by. To do so on any scale would need vast amounts of computing power.

However, if this article in The Intercept, The Great SIM Heist, is correct, the NSA and GCHQ have a much better approach. To quote the article:

Adi Shamir famously asserted: “Cryptography is typically bypassed, not penetrated.” In other words, it is much easier (and sneakier) to open a locked door when you have the key than it is to break down the door using brute force.

So that’s what they allegedly did, according to the latest revelations from Ed Snowden: they hacked into the networks of the SIM card manufacturers, most notably Gemalto, the largest in this field and a supplier to 450 mobile providers around the world, and just stole copies of the keys before they were shipped to the mobile providers. They focused on the activities of employees who used email encryption and those exploring more secure methods of file transfer, since they were more likely to have valuable information to hide.

Perhaps the most shocking thing about these thoroughly illegal activities is that the companies and individuals targeted were not in any way assumed to be engaged in illicit activities. They were innocents going about their daily business, but they just had information that was of potential use to the authorities.

Snowden’s information is from 2009/10, so it is to be presumed that this has been going on for some time. Meanwhile, this is what it did to poor old Gemalto’s stock price when the news came out a couple of days ago:

gemalto

Recovering the Dove Type

February 9th, 2015

dovetype

Here’s a very pleasing article by Rachael Steven about Robert Green’s quest to recreate a lost classic.

One for each hand?

February 6th, 2015

About two years ago, I pointed out that iPhones were being born faster than people.

Updated stats from the latest episode of MacBreak Weekly: new iPhones are now being sold at more than twice the global human birth rate.

They can’t keep this up indefinitely!

Design spec

February 5th, 2015

A fundamental design requirement of bath taps, it seems to me (though I’ve never seen it formally specified anywhere) is that they should be controllable with the toes.

Bishop’s Rock

February 3rd, 2015

At a dinner last week, I was sitting opposite a bishop – a most genial fellow, who was telling us about the accommodation that one could expect at Sandringham, and the rather lower level of comfort available at most ecclesiastical gatherings.

He talked particularly about the challenges they had finding good lodgings for all the single bishops. In fact, the phrase, "all the single bishops" came up so often that I was transported into a momentary daydream, where a room full of bishops danced to a Beyoncé beat. "All the single bishops, all the single bishops". The purple robes glowed bright as they twisted and spun, and as the beat reached its peak, they all reached out their right hands to the archbishop at the centre of the circle. "If you like it then you should have put a ring on it…"

Lids down!

February 2nd, 2015

Soon after wifi became popular and widespread, I realised that I got a great deal more out of conferences and talks when I wasn’t using it! Quite apart from the respect due to the speaker, who has probably put a lot of effort into the speech they must now deliver to your laptop lid, there’s not much point in going into talks if you’re not going even to try to listen! If this doesn’t seem like a convincing argument, you probably don’t pay for such trips out of your own pocket!

I believe there should be a general policy that social areas outside conference rooms might have connectivity, but it should be unavailable in the meeting room itself. Or switched off for the duration of the talks. We like to believe that we can multitask effectively, but all the research shows that we really can’t.

My tip for the week, by the way — note how I’m distracting you in mid-flow — is to quit your email program completely when you’re not using it. I try to check my email morning, noon, and night, but that’s it, and I shut down my mail app in between, unless I really have nothing else I should be doing. If I finish an afternoon thinking, “I got quite a lot done today”, it’s almost always because I haven’t been distracted by my inbox. Email is not instant messaging: if someone needs a reply from you in less than 24 hours, they’re using the wrong medium.

Anyway, Clay Shirky has also been insisting on ‘no devices’ in his seminars at NYU, and he explains why in this excellent article. Extract:

This is all just the research on multi-tasking as a stable mental phenomenon. Laptops, tablets and phones — the devices on which the struggle between focus and distraction is played out daily — are making the problem progressively worse. Any designer of software as a service has an incentive to be as ingratiating as they can be, in order to compete with other such services. “Look what a good job I’m doing! Look how much value I’m delivering!”

This problem is especially acute with social media, because on top of the general incentive for any service to be verbose about its value, social information is immediately and emotionally engaging. Both the form and the content of a Facebook update are almost irresistibly distracting, especially compared with the hard slog of coursework. (“Your former lover tagged a photo you are in” vs. “The Crimean War was the first conflict significantly affected by use of the telegraph.” Spot the difference?)

Worse, the designers of operating systems have every incentive to be arms dealers to the social media firms. Beeps and pings and pop-ups and icons, contemporary interfaces provide an extraordinary array of attention-getting devices, emphasis on “getting.” Humans are incapable of ignoring surprising new information in our visual field, an effect that is strongest when the visual cue is slightly above and beside the area we’re focusing on. (Does that sound like the upper-right corner of a screen near you?)

Of course, in due course, our cranial implants will have their own 6G connections, and then all hope is lost. But we won’t need to go to lectures or conferences then, so perhaps it won’t matter. In the meantime…

Oh, the weather outside is frightful

February 2nd, 2015

2015-01-28_23-59-34-85-600

I’ve just returned from a few days’ skiing at La Tania, in the Trois Vallées. A pretty spot, and quiet, since we were there before the half-term madness!

However, it snowed almost continuously from our arrival on Weds night to our departure yesterday evening. This was the view from my window on the first night:

2015-01-29_21-27-56-15-600

Well, actually, it looked like that almost every night – the snow just got deeper.

This trip therefore had the nicest snow I’ve ever skied on, accompanied by perhaps the worst weather I’ve ever skiied in. When you could see where you were going, and the headwind wasn’t blowing ice at you, it was nice!

This meant that, overall, I took very few photos. After all, there’s a problem with skiing pictures: large areas of white are generally of little interest to anyone who wasn’t there. This was some of our better weather, for example:

2015-02-01_12-59-06-27-600

See what I mean? It gets much less exciting and more cloudy above the tree line.

And then, on Saturday morning, just for a few hours, the sun came out, and even a quick iPhone snap could look like this:

2015-01-31_11-21-04-20-600

We headed to the top of the mountain, and skied down to La Folie Douce: a bar just below the cable car, parts of which have been around for some time.

2015-01-31_15-01-50-75-Edit-600

2015-01-31_15-05-09-48-600

This is a place where they know how to party. A large outside area has tables that are specially reinforced, so you can dance on them, which they encourage strongly. Regretfully, I felt I should decline, on the grounds that my table-dancing was not at its best when wearing ski boots.

Most of the music was intended for people two or three decades my junior, but some of the performers were really quite good.

2015-01-31_13-48-44-92-600

(We made our entrance down that slope behind him.)

Playing instruments outside, especially metal ones, does require some extra equipment:

2015-01-31_14-14-24-18-600

But it also makes for some dramatic pictures. This lass did a really rather good Lady Gaga cover:

2015-01-31_13-55-15-45-600

And this guy, as well as having a great singing voice, was just too cool not to shoot:

2015-01-31_14-08-15-84-600

But then the weather closed in again, and we skied down to the vin chaud in the valley. All of which explains why I spent several days in the Alps, and mostly came back with pictures of people standing on tables!

2015-01-31_13-45-23-56-Edit-600

But I can at least finish with one classic skiing shot, and my thanks to Steve, Paul, JP, Ray and Mani, who welcomed me into their group, and were great companions whatever the climate!

2015-01-31_09-15-17-88-600

A time to Jump!… and a time to refrain from jumping

January 25th, 2015

Here’s something to amuse and educate you over the washing-up: a fine episode of the Freakonomics Radio podcast, which manages to link Ecclesiastes, mediaeval trials, Van Halen, and the identification of terrorists.

What do King Solomon and David Lee Roth have in common?

Quite a lot of unanswered questions about the data here – I’d like to know more – but it’s definitely fun food for thought!

Thanks to Elaine, one of Rose’s former students, for the link.

UPDATE: A little historical knowledge is a dangerous thing. Rose points out that most such crimes in the English mediaeval court, at least, were capital ones, so there was little incentive to admit your guilt rather than take the ordeal, if given the choice! Other European courts, though, may have been different…

Tweet me nice

January 25th, 2015

I still (often) have doubts about whether Twitter is a valuable medium, but I see, looking at my archive, that I’ve now been tweeting for nearly seven years. Gosh. So it is at least a long-lasting one.

I’m far from a heavy user, though: over that period I’ve only averaged 1.3 tweets a day, with an average length of about 89 characters. Mind you, that’s still well over 40,000 words…

Good Vibrations

January 24th, 2015

TurntableNeedleAs a student, I was a bit of an audiophile, at least in the sense of making regular visits to the best local hi-fi shop, passing a lot of time there, and spending rather more of my limited funds than I probably should have on speakers, amps and the like. In later years, I started to realise that much of the stuff I was reading in audio magazines was complete rubbish, or overt sponsorship, or — more typically — both, and my attention drifted to other things. But I’m still interested in proper scientific analysis of what sounds good.

John Gruber linked to this article by Dave Hamilton, which explains why we record things on CDs at 44.1kHz and 16 bits. Quick summary: you may think you can hear higher resolution than that, but you almost certainly can’t. As part of the discussion, he linked to this nicely-done blind test on an audiophile site, where people were invited to download high-quality recordings of different pieces of music, play them back on the best gear they owned, and say which they thought was the 16-bit and which the 24-bit recording. After gathering data for two months, he published the results. Summary: you can’t hear the difference, even if you’re a musician and have very expensive gear.

Now, as Hamilton points out, there are good reasons for recording in higher resolution, because you want as much information as you can have in the recording, mixing, processing stages before you produce the final mix, in the same way that you should take RAW photos rather than JPEGs so that you can do more with them before producing your final image.

But when you actually come to distribute your final output, it’s fine to ship high-quality JPEGs, and it’s also fine to ship CD-quality audio. If it’s well-produced, then any more is completely unnecessary, whatever the sales guys may say! Unless you’re Superman, of course, in which case, thanks for dealing with that Luthor guy and still finding time to read my blog.

Guess I was just the last to know

January 24th, 2015

I learned today about an interesting local girl…

The Nobel-winning German physicist, Max Born, had a daughter named Irene. His wife was part-Jewish, so they left Germany before the war to escape the Nazis.

Irene married a Welshman who worked (as an MI5 officer) on the Enigma project at Bletchley Park. An interesting blend of family backgrounds.

They in turn had a daughter, who was born here in Cambridge. Her name?

Olivia Newton-John