Tag Archives: cryptography

A Silk Road from a sow’s ear

Beyond the more ardent libertarians, anarchists and cryptography wonks, responses to the Bitcoin story were largely indifferent – it’s a currency for nerds, so what? But give that currency a demonstrable use, and all of a sudden the “human interest” angle leaps right out: OMFG ANONYMOUS DRUG TRADING ON THE INTERTUBES!

Silk Road, a digital black market that sits just below most internet users’ purview, does resemble something from a cyberpunk novel. [[ Right, of course – and what *doesn’t* resemble a cyberpunk novel these days, Wired? ]] Through a combination of anonymity technology and a sophisticated user-feedback system, Silk Road makes buying and selling illegal drugs as easy as buying used electronics — and seemingly as safe. It’s Amazon — if Amazon sold mind-altering chemicals.

In a nutshell: obscure (and probably regularly-changed) URLs, access only permitted by users running the TOR anonymiser, all transactions made using the untraceable Bitcoins. The ultimate anonymised storefront, in other words, complete with an eBay-esque reputation system. Cue tabloid moral panic in 5… 4… 3…

Most interesting of all is watching the schisms open up in the strata of geek libertarianism, though:

… not all Bitcoin enthusiasts embrace Silk Road. Some think the association with drugs will tarnish the young technology, or might draw the attention of federal authorities. “The real story with Silk Road is the quantity of people anxious to escape a centralized currency and trade through trading bitcoin come funziona,” a longtime bitcoin user named Maiya told us in a chat. “Some of us view Bitcoin as a real currency, not drug barter tokens.”

Maiya’s right about the “true story” there, but that last sentence is priceless – the cognitive dissonance of being in favour of a decentralised and anonymous currency but wanting to restrict what people can trade with it is really rather spectacular.

Wired‘s coverage there is pretty measured, all things considered; watching this story plough into the mainstream media is going to be a textbook demo of escalating hysteria. *fetches popcorn*

Quantum computing for dummies

Heard people talking about quantum computing, but not really sure you understand what they mean? Well, you’re far from alone (as the late great Richard Feynman once said, “anyone who claims to understand quantum physics doesn’t understand quantum physics”), but why let that stop you from trying to get a layman’s grasp of the basic ideas?

That, one assumes, is the spirit in which this brief introduction to quantum computing at Silicon.com has been written [via SlashDot]… though I’m in no position to comment on how accurate or useful it is. Input from passing physicists is, as always, more than welcome. 🙂

Hang on, what’s quantum entanglement when it’s at home?

I was afraid you were going to ask. Quantum entanglement is the point where scientists typically abandon all hope of being understood because the thing being described really does defy the classical logic we’re used to.

An object is said to become quantumly entangled when its state cannot be described without also referring to the state of another object or objects, because they have become intrinsically linked, or correlated.

No physical link is required however – entanglement can occur between objects that are separated in space, even miles apart – prompting Albert Einstein to famously dub it “spooky action at a distance”.

The correlation between entangled objects might mean that if the spin state of two electrons is entangled, their spin states will be opposites – one will be up, one down. Entangled photons could also share opposing polarisation of their waveforms – one being horizontal, the other vertical, say. This shared state means that a change applied to one entangled object is instantly reflected by its correlated fellows – hence the massive parallel potential of a quantum computer.

Accuracy aside, what’s interesting to me is seeing this sort of bluffer’s guide in a venue like Silicon.com, which is more of a business organ than a tech one. Prepping the Valley VCs for upcoming investment decisions, perhaps?

Hiding in plain sight: social steganography

There’s always room for another compound neologism! Via Bruce Schneier, Danah Boyd on social steganography:

Carmen is engaging in social steganography. She’s hiding information in plain sight, creating a message that can be read in one way by those who aren’t in the know and read differently by those who are. She’s communicating to different audiences simultaneously, relying on specific cultural awareness to provide the right interpretive lens. While she’s focused primarily on separating her mother from her friends, her message is also meaningless to broader audiences who have no idea that she had just broken up with her boyfriend. As far as they’re concerned, Carmen just posted an interesting lyric.

Social steganography is one privacy tactic teens take when engaging in semi-public forums like Facebook. While adults have worked diligently to exclude people through privacy settings, many teenagers have been unable to exclude certain classes of adults – namely their parents – for quite some time. For this reason, they’ve had to develop new techniques to speak to their friends fully aware that their parents are overhearing. Social steganography is one of the most common techniques that teens employ. They do this because they care about privacy, they care about misinterpretation, they care about segmented communications strategies. And they know that technical tools for restricting access don’t trump parental demands to gain access. So they find new ways of getting around limitations. And, in doing so, reconstruct age-old practices.

And in doing so, make Google CEOs look surprisingly clueless.

(Incidentally, Schneier does this, too; most people who aren’t sf fans don’t know that Schneier’s an sf fan, but he leaves little Easter Eggs from time to time if you know what to look for.)

Exchanging mugshots to make crypto passwords

recursive PDAA Romanian computer scientist has come up with a new way to generate secure communications pairing between devices like PDAs: get their owners to take photos of one another, and use the biometrics of their faces to generate the password. [image by James Jordan]

The PDA compares the two photos and generates a security code for making a safe connection. The users can then use this connection to exchange confidential information. The photos are stored as a template that contains the essential features for recognition.

I haven’t read the full paper, but it strikes me that there’s an obvious flaw here – in that anyone stealing one of the two devices can use the pre-generated connection key, meaning it’s still only as secure as whatever password or locking system its owner has installed on it (clever crypto types, please feel free to explain why I’m wrong about that). But even so, an interesting proof-of-concept.

Schneier slams quantum crypto as ‘pointless’

bank vault doorSecurity maven Bruce Schneier (who’s an active science fiction fan, by the way) has a column up at Wired that gives quantum cryptography a vigorous kicking. Evidently he’s been noticing the same stories as myself, because he points out that “headlines like the BBC’s “‘Unbreakable’ encryption unveiled” are a bit much.” O RLY?

The big difference between Schneier and me, though, is that he really knows how this stuff all works… and as such, he’s not seduced by quantum cryptography’s golden promises:

Security is a chain; it’s as strong as the weakest link. Mathematical cryptography, as bad as it sometimes is, is the strongest link in most security chains. Our symmetric and public-key algorithms are pretty good, even though they’re not based on much rigorous mathematical theory. The real problems are elsewhere: computer security, network security, user interface and so on.

Let’s not forget the weakest link of all, either – the users themselves… [image by the anonymous collective]