Monthly Archives: February, 2015

Not as secure as it SIMs

simIf you knew, or cared, anything about the way your mobile phone communicates with the mobile network, you may have believed that your calls were secure and private, at least as far as the core of your provider’s network. They should be, too, if you’re on a 3G or 4G network: the SIM in your phone includes encryption keys known only to it and the mobile provider, and these are used to encode the voice and text traffic so that anyone snooping on the radio signal, or on the backhaul network between the base station and the provider’s headquarters, would not be able to make head or tail of the stream of bytes flowing by. To do so on any scale would need vast amounts of computing power.

However, if this article in The Intercept, The Great SIM Heist, is correct, the NSA and GCHQ have a much better approach. To quote the article:

Adi Shamir famously asserted: “Cryptography is typically bypassed, not penetrated.” In other words, it is much easier (and sneakier) to open a locked door when you have the key than it is to break down the door using brute force.

So that’s what they allegedly did, according to the latest revelations from Ed Snowden: they hacked into the networks of the SIM card manufacturers, most notably Gemalto, the largest in this field and a supplier to 450 mobile providers around the world, and just stole copies of the keys before they were shipped to the mobile providers. They focused on the activities of employees who used email encryption and those exploring more secure methods of file transfer, since they were more likely to have valuable information to hide.

Perhaps the most shocking thing about these thoroughly illegal activities is that the companies and individuals targeted were not in any way assumed to be engaged in illicit activities. They were innocents going about their daily business, but they just had information that was of potential use to the authorities.

Snowden’s information is from 2009/10, so it is to be presumed that this has been going on for some time. Meanwhile, this is what it did to poor old Gemalto’s stock price when the news came out a couple of days ago:

gemalto

I think that I shall never see…

2015-02-05_16-23-00-01-600

Lovely evening light at Wimpole Hall last week.

2015-02-05_16-36-48-05-600

2015-02-05_16-43-29-07-600

Recovering the Dove Type

dovetype

Here’s a very pleasing article by Rachael Steven about Robert Green’s quest to recreate a lost classic.

One for each hand?

About two years ago, I pointed out that iPhones were being born faster than people.

Updated stats from the latest episode of MacBreak Weekly: new iPhones are now being sold at more than twice the global human birth rate.

They can’t keep this up indefinitely!

Design spec

A fundamental design requirement of bath taps, it seems to me (though I’ve never seen it formally specified anywhere) is that they should be controllable with the toes.

Bishop’s Rock

At a dinner last week, I was sitting opposite a bishop – a most genial fellow, who was telling us about the accommodation that one could expect at Sandringham, and the rather lower level of comfort available at most ecclesiastical gatherings.

He talked particularly about the challenges they had finding good lodgings for all the single bishops. In fact, the phrase, "all the single bishops" came up so often that I was transported into a momentary daydream, where a room full of bishops danced to a Beyoncé beat. "All the single bishops, all the single bishops". The purple robes glowed bright as they twisted and spun, and as the beat reached its peak, they all reached out their right hands to the archbishop at the centre of the circle. "If you like it then you should have put a ring on it…"

Lids down!

Soon after wifi became popular and widespread, I realised that I got a great deal more out of conferences and talks when I wasn’t using it! Quite apart from the respect due to the speaker, who has probably put a lot of effort into the speech they must now deliver to your laptop lid, there’s not much point in going into talks if you’re not going even to try to listen! If this doesn’t seem like a convincing argument, you probably don’t pay for such trips out of your own pocket!

I believe there should be a general policy that social areas outside conference rooms might have connectivity, but it should be unavailable in the meeting room itself. Or switched off for the duration of the talks. We like to believe that we can multitask effectively, but all the research shows that we really can’t.

My tip for the week, by the way — note how I’m distracting you in mid-flow — is to quit your email program completely when you’re not using it. I try to check my email morning, noon, and night, but that’s it, and I shut down my mail app in between, unless I really have nothing else I should be doing. If I finish an afternoon thinking, “I got quite a lot done today”, it’s almost always because I haven’t been distracted by my inbox. Email is not instant messaging: if someone needs a reply from you in less than 24 hours, they’re using the wrong medium.

Anyway, Clay Shirky has also been insisting on ‘no devices’ in his seminars at NYU, and he explains why in this excellent article. Extract:

This is all just the research on multi-tasking as a stable mental phenomenon. Laptops, tablets and phones — the devices on which the struggle between focus and distraction is played out daily — are making the problem progressively worse. Any designer of software as a service has an incentive to be as ingratiating as they can be, in order to compete with other such services. “Look what a good job I’m doing! Look how much value I’m delivering!”

This problem is especially acute with social media, because on top of the general incentive for any service to be verbose about its value, social information is immediately and emotionally engaging. Both the form and the content of a Facebook update are almost irresistibly distracting, especially compared with the hard slog of coursework. (“Your former lover tagged a photo you are in” vs. “The Crimean War was the first conflict significantly affected by use of the telegraph.” Spot the difference?)

Worse, the designers of operating systems have every incentive to be arms dealers to the social media firms. Beeps and pings and pop-ups and icons, contemporary interfaces provide an extraordinary array of attention-getting devices, emphasis on “getting.” Humans are incapable of ignoring surprising new information in our visual field, an effect that is strongest when the visual cue is slightly above and beside the area we’re focusing on. (Does that sound like the upper-right corner of a screen near you?)

Of course, in due course, our cranial implants will have their own 6G connections, and then all hope is lost. But we won’t need to go to lectures or conferences then, so perhaps it won’t matter. In the meantime…

Oh, the weather outside is frightful

2015-01-28_23-59-34-85-600

I’ve just returned from a few days’ skiing at La Tania, in the Trois Vallées. A pretty spot, and quiet, since we were there before the half-term madness!

However, it snowed almost continuously from our arrival on Weds night to our departure yesterday evening. This was the view from my window on the first night:

2015-01-29_21-27-56-15-600

Well, actually, it looked like that almost every night – the snow just got deeper.

This trip therefore had the nicest snow I’ve ever skied on, accompanied by perhaps the worst weather I’ve ever skiied in. When you could see where you were going, and the headwind wasn’t blowing ice at you, it was nice!

This meant that, overall, I took very few photos. After all, there’s a problem with skiing pictures: large areas of white are generally of little interest to anyone who wasn’t there. This was some of our better weather, for example:

2015-02-01_12-59-06-27-600

See what I mean? It gets much less exciting and more cloudy above the tree line.

And then, on Saturday morning, just for a few hours, the sun came out, and even a quick iPhone snap could look like this:

2015-01-31_11-21-04-20-600

We headed to the top of the mountain, and skied down to La Folie Douce: a bar just below the cable car, parts of which have been around for some time.

2015-01-31_15-01-50-75-Edit-600

2015-01-31_15-05-09-48-600

This is a place where they know how to party. A large outside area has tables that are specially reinforced, so you can dance on them, which they encourage strongly. Regretfully, I felt I should decline, on the grounds that my table-dancing was not at its best when wearing ski boots.

Most of the music was intended for people two or three decades my junior, but some of the performers were really quite good.

2015-01-31_13-48-44-92-600

(We made our entrance down that slope behind him.)

Playing instruments outside, especially metal ones, does require some extra equipment:

2015-01-31_14-14-24-18-600

But it also makes for some dramatic pictures. This lass did a really rather good Lady Gaga cover:

2015-01-31_13-55-15-45-600

And this guy, as well as having a great singing voice, was just too cool not to shoot:

2015-01-31_14-08-15-84-600

But then the weather closed in again, and we skied down to the vin chaud in the valley. All of which explains why I spent several days in the Alps, and mostly came back with pictures of people standing on tables!

2015-01-31_13-45-23-56-Edit-600

But I can at least finish with one classic skiing shot, and my thanks to Steve, Paul, JP, Ray and Mani, who welcomed me into their group, and were great companions whatever the climate!

2015-01-31_09-15-17-88-600

© Copyright Quentin Stafford-Fraser