Wednesday, March 31, 2010

Ugh

It's one of those days.... have infected machines to deal with at work.

Forgot something important for my beautiful bride

And the medications aren't strong enough to deal with today's kidney stone pain...

pray for me

Saturday, March 27, 2010

Collection - Curation = junk, Collection + Curation = Value

I've got too much collection, and not enough curation.

160,000 photos that I've taken in the last 13 years.

1832 Bookmarks according to Delicious

I need to increase the signal to noise ratio in each case. Adding metadata, weeding out the junk... lots of work ahead.

Sunday, March 21, 2010

The need for better slicing

We need a way to commit a fraction of a server to a task, specifically, it would be nice to devote slices of 1/1000000th of a server to a task, which would be 1.0 microServer. This would allow for the allocation of just enough CPU power to accomplish something usable, which might have taken a whole PC 10 or 20 years ago. Things like blog servers, etc.

One approach to doing this is through virtualization, like VMware, Xen, VirtualBox, etc. This provides a nice safe sandbox in which to run an OS, which ultimately runs the package one is interested in.

That's a lot of overhead to put towards running what might be a 10 microserver task. Wouldn't it be better if we could simply trust the operating system to do its job and to isolate tasks and resources in a secure manner?

If someone were to boil down a virtual machine to its minimum, I suspect you could do a lot with a machine that had 1 gigabyte of storage, 100 mhz of CPU, and 100 mb of RAM. I'd be willing to fork over some cash ($20) to help set up a contest to this end.

It should be possible to narrow down the run time environment to less than the size of damn small linux, and still be very useful.

Imagining the freedom box

I just watched the video of Eben Moglen's presentation Freedom in the Cloud where he discusses a great many things, and has a great number of insights... and he ends with a call to build a "freedom box" which would allow the owner to have their own server, and their own logs, and to move control of privacy back out into the ends of internet.

I think this is a worthwhile endeavor, and I will support it.

I want to make sure one thing is right... security. For if the security is done wrong, the whole enterprise is likely to remain the province of geeks, and the public won't accept it. If the public doesn't accept the idea, then these boxes can eventually be filtered off the net in the long term.

Security for me means that choices about what is to be done need to be fine grained for the user, easily modified and transparent in their effects, and reliably enforced by the system. Cabsec is the only architecture that I believe can meet those goals.

I look forward to this new toolkit to use to promote computers as a safe and effective tool.

The origins of video editing

I've always been impressed at the technical feats of our forbearers... here are two examples of early editing which I found on Youtube.

Direct editing of video tape, as well as using copies to make edits


And later in time, this capabilities demo from KTTV in 1961.




Wow... they really knew their stuff back then. You can read the backstory here.

Saturday, March 20, 2010

The chain of insecurity... an exercise in tangents

This is an exercise in linking concepts, which you might find interesting. I welcome any corrections or suggestions, and all conversation.

Cabsec - Capability Based Security was invented in the 1960s, and perfected for mainframes.

PCs came along in the late 1970s and brought users unaware of the lessons learned with mainframes.

PCs grew up a bit, and the Internet came along

With the rise in connectivity, the stage was set for the first wave of computer viruses.

Eventually anti-virus vendors started to show up, to patch the problem. Once again... the mainframe lessons still remain ignored.

Now phones are smart, and connected 24/7... and once again, the mainframe lessons still remain ignored.

It's not possible to secure a pc, because they lack the well known features which made it possible to secure mainframes since the 1960s.

Our phones are now in the same boat.

Because PCs and phones aren't secure... viruses became vectors for infection by Trojan horse programs.

PCs running these Trojan horse programs eventually were networked into "botnets"

Botnets are very useful because they can be used for all manner of criminal enterprise.

Criminal enterprises profit from botnets, and fund development of newer virus and other code, to help keep a new stream of botnets coming.

Antivirus vendors are separate from the operating system vendors, thus have almost no influence where it counts.

OS vendors push the hassle of dealing with all of this malware, botnets, etc... back out to the users, the antivirus vendors, etc.

A great deal of finger pointing ensues, and the truth of the matter gets lost in all of the fear, uncertainty and doubt.

Insecure computers mean you can't trust them to perform tasks on unknown input.

This requires trusting the sources of input.

This requires the management of the sources of input.

This leads to the rise of "silos" of sources of input.

This centralizes the means of communication in a few places.

This provides a target for government intervention

This provides a possible choke point for censorship

This will eventually lead to communication as a privilege, for those favored by the powers that be.



All of this because we forgot the lessons learned in the 1960s. Well.... not all of us forgot them.

Code has bugs

Because code has bugs, you should never trust it.

Because you can't trust the code, the operating system should limit the actions of software.

These limits became known as "capabilities"

Capability based security has been in active use since the 1960s, but not in areas most consumers or geeks for that matter are aware of. Mostly in places where there are large budgets, and lots of secrecy.

Capability based security can be done any PC that supports memory management. Such as the Intel 286 and later.

The latest round of hardware tweaks for VMware and other virtualization systems make it even more efficient.

Capability based systems don't trust code.

This means the user doesn't have to trust code.

This means that computers can be secure.

Computers can be as reliable and easy to use as refrigerators.

This means that the user can make intelligent choices.

This means the user doesn't have to worry about computer viruses.

This means the source of resources for botnets can be eliminated.

This means we can stop needing silos.

This means computing doesn't have to be a privilege.

This will help freedom for all.

Thursday, March 18, 2010

Toshiba DVD Player - Win7 and Aero theme

It started with this message. I turned off the Aero theme for performance reasons when setting up a machine for someone. Then I tried to run the Toshiba DVD Player and got this error message:


After some investigation I've determined that for some reason (IMHO probably related to slush funds and kickbacks) you must have an Aero theme running in order for the DVD player to function.

However, I've taken the time to figure out the bare minimum features necessary to still have everything work, inspite of the insipid insistence on an Aero theme. I'm sharing this with you so you too can work around this as best as possible.

First right-click on "computer" and select "properties"



Then click on Advanced system settings on the left:



Then click on Performance Settings:



The ONLY options you need to have checked are as shown:
  • Enable desktop composition
  • Use visual styles on windows and buttons
One you have this, and an Aero theme, you should be ready to go.

Virtual Focus photography on the Blue Line

I took some photos yesterday of the CTA Blue Line station at Division and Milwaukee in Chicago, Illinois yesterday afternoon. Later in the day, and this morning, I decided where the focus of those photos should be, thanks to synthetic focus.

You can see a brief slideshow showing the 5 different results here. This is one of them.



BlueLine_F3

Since the focus can be determined post exposure, it's interesting to see what new things I can pick out that might have been missed while I was busy managing the camera.

Wednesday, March 17, 2010

Google and Language - version 1

Google works best when you have a unique set of search terms to describe a concept.

It's handy to have many definitions clustered around a single word in a human vocabulary.

The ability to fork a new definition from an existing term is a very powerful feature of human languages. They help provide a conceptual anchor, something you can stick a fork in, while providing room to move the word into new applications.

This cluster of similar usages is great for us, but has some bad effects when combined with word based search engines such as Google. This limitation of what we can easily find has a result of limiting our imagination, and eventually what we can express or accomplish.

For example, if you want to search for things about the hypertext markup (adding corrections to mark up hypertext - like comments, notes, etc... on top of a page of hypertext), it's impossible to find it using those terms, because HTML has swamped out the prior meaning of markup, which was the editorial and proofreaders addition of information to an existing piece of text.


To counter this limitation, I've become adept at finding terms which describe the concept in less frequently used words, thus making it possible (but not easy) to find things related to the annotation of hypertext documents. (Note the new terms) All of this is necessary to counteract the use of HTML, which is not a Language for Marking Up of Hypertext, but about embedding formatting to text which has hyper-links.

Another way to do this is to coin a completely new term, a neologism. This can allow you, if you are insistent enough, and if it "goes viral" to push a new term into usage. Coining a new phrase is another way to do it, such as "web 2.0", etc. The single word has a much better chance though, as it is far less likely to hit any noise. In fact, it's quite useful to check for the prospective new term to see how much likelihood of collision there is, prior to embarking on a campaign to popularize it.

I'm currently in a push to popularize cabsec, which is a system of computer security which I believe has languished in obscurity for too long. The current reference material when searching for "capability based security" all appears to be far to academic, and spans decades of slow deliberate academic research. What's necessary to get things into the mainstream is to provide a new base of discussion, with context that is far more pragmatic and practical and relevant to the contemporary needs of Internet users. This neologism provides a method for doing that which is compatible with Google, and provides less cognitive friction.

An alternative to the neologism, is to simply use your name, provided it isn't Smith or Jones, to hang on a new concept, such as "The Warot Method" of synthetic aperture virtual focus photography. It's a bit egocentric, but it also works, if you balance it with some humility and are open about your sources.

Thank you for your time and attention.

Friday, March 12, 2010

Lessons learned

Drupal might be a great content management system, but it is NOT very friendly... I'll go so far as to say it sucks at a few things.

Ubuntu is nice and friendly, and supports the Debian package system, which we all know and love with the "apt-get" command to allow us to add and remove programs. Unfortunately, for historic reasons and lots of momentum to overcome, the folks at the Drupal project don't really see the pressing need to support apt-get. They are more in love with their new module "drush" which does some of the things necessary to make the code updateable.

To do things right, it's going to be necessary for some small group to get apt support build into things to the point that you can just apt-get drupal6 and actually get good results. As it currently stands, the initial results are encouraging, because it now actually does work, to get the install in place.

It's once you get there, you then have NO documentation as to what to do next. It doesn't ask you about what folder you want to put it into, it doesn't tell you how to proceed to setup... (hint: http://localhost/drupal6/install.php)

The worst part of it is that the version in the repository is about 5 releases old, and thus you leave yourself open to a huge set of vulnerabilities unless you then manually update things, which totally defeats the purpose of aptitude support.

So.. I'm going to try again, eventually I'll have something at http://cabsec.com, it might be a Google blog at the rate things are going, but there will be something there eventually.

If you use Drupal, you MUST be prepared to manually update it, the automation isn't there, and won't be for a while.

Thursday, March 11, 2010

The Dog ate my homework?

When a student gets distracted and fails to complete a homework assignment, the excuse given is "My dog ate it"

Well... I feel like that student. I've been distracted and delayed by technical problems for the past week. The gift of an SSD drive for my laptop sent me off into the depths of Windows installation hell, and migration to an effectively new laptop. update - It's fast as hell, thanks Jim!

The choice of Turnkey Drupal to host cabsec.com has further stressed out my week as it seem to like to eat input, without even burping, along with Drupal's annoying lack of smooth upgrade facilities. It needs updates, and the updates break functionality. Currently FCKedit is broken, and I don't know how to fix it. Ugh. update - I've given up, and am building a new site.

The mission remains, and must be given the attention it deserves. I'm going to decide what to do about hosting the blog and stuff in the next day, then it's back to work on my war of the paradigms.

I'm tempted to write it all using Google apps, as an example of how to do security, but that might eat even more homework, and I really don't want that. I just want something that works.

Of course,the need to just make it work is how this whole security mess started.... the irony isn't lost on me.

Tuesday, March 09, 2010

Thoughts on the Cluetrain, and manners.

It occurs to me that the ClueTrain Manifesto wasn't just about marketing. The message was that Mass Marketing is dead, and conversations are what we need. While the message was valid, I think it's really all about manners.

I've embarked on a one man crusade / war / battle / journey / pilgrimage / marketing campaign.... whatever you want to call it, to get the word out about Cabsec, capability based security. In the course of things I asked for advice, and got some great tips.

One of the things Doc Searls said was:
Again, link generously. Also, don’t be dogmatic, or polemic. Look at the topic as a field in need of greater substance, and contribute all you can that is plainly substantial. Don’t evangelize. Just set the bait and wait for the right people to come. Promotion is distorting and mostly starts arguments.
(Emphasis mine)

I just couldn't get past this little bit... otherwise everything he said I'm going to do. In mulling over the cognitive dissonance of it, I came to the realization about manners.

People don't like Evangelists because they are too much like old style marketers... they interrupt your life, and don't really care about anything but pushing their message, and converting you to their particular set of values.

I don't want to do that... I want to make people aware of my views, and see what they have that might help. I think this means that there is a new style of evangelism/journalism/activism, etc... coming down the pike, and I'm the case study for it.

I have a story to tell, and I want to learn. So, labels aside... I think something new is coming, it needs a word to hang meanings on... I'll leave that up to you, gentle readers.

Monday, March 08, 2010

Kingston SSD laptop drive

Thanks to a very generous friend, I'm now the owner of a Kingston SSDnow V 128 GB drive, which we installed in my laptop. I'm now reinstalling everything to get this machine back up to speed, I think it's going to scream along. 8)

Wednesday, March 03, 2010

I'm at war?

Apparently wanting to fix computer security puts me at war with both the Chinese government spies, and the US military industrial complex.

Let me state this clearly... I do NOT support overthrowing the government of either country. I do oppose stupidity.

First contact

I posted on Slashdot yesterday, and for the first time I found someone who actually shares my views, and had more to add. It's very gratifying to find out you're not alone. I've started to find allies, and it is good.

My plan to change the world is simple...
  • raise awareness of Capability Based Security
  • convince the technical community it's a good idea
  • help get some examples built
  • loop until something good enough for end users is available
  • help push it out to end users (which will probably pull it anyway at that point)
  • rest on my laurels?.... nah... go back to taking photos. 8)
So, first audience is geeks like me
Second audience is the public who just want good tools

Tuesday, March 02, 2010

Missing Capabilities, how we got here

Capability based security is an old idea. It has merit, but has been ignored in the mainstream for a long time. Just as it's easy to ignore small losses when the company is profitable, it's easy to ignore small problems with security when you only have a few machines in a network.

Now the game has changed, and the internet has so many hosts connected to it that we're getting close to running out of addresses. The massive amount of computing resources available, all of which are insecure, makes a very attractive target which is being actively exploited for criminal gain.

In the early days of home computing, there was no great need for security because the owner was the administrator. He typically was the programmer and sole user as well.

On the mainframe side of things, the work of the system administrators was to keep things running, and to set up access controls to allow users to access their required resources, but not those of others. It was a natural boundary for trust to be placed on the per user basis. If the user mis-behaved they would be booted from the system. They didn't have need to access the operating system, so they had no permissions to write to it. A user could not change the system state on a mainframe.

The advent of Computerized Bullentin Board systems, which allowed for easier file sharing brought about a new threat, mobile code. The users of personal computers started to share and distribute programs. While it was now possible for a virus to spread from system to system, it was very unlikely. The nature of CP/M and MS-DOS served to limit the damage, as they lacked facilities for multitasking, and it was readily apparent when a program's disk access was happening in the days of slow and noisy floppy drives. There was also the matter of the write protect tab most users used to make sure their OS boot disk couldn't be accidentally erased.

The arrival of faster machines, with hard drives, and persistent internet connections that increased the fertility of the target for malware to the critical mass necessary for the rise of the virus. The lack of proper security tools was easy to overlook, at the time, and people began to believe certain practices were sufficient to cover all cases.

Now we are in the age of machines that are so fast, and operating systems so complex, that it's almost impossible for even a technically oriented user to know exactly what programs their machine is running at a give point in time. The nature of the operating systems in this environment is a legacy from the mainframe systems, where the boundary of trust lies with the user. Unfortunately, this is no longer a sane boundary. The user has many roles, each of which requires a different set of capabilities, and the programs can not be trusted to stay within their roles. A capability based system is needed to provide a new trust boundary, one that fits the new conditions that have slowly arisen over the past 30 years of personal computing.


While Capabilities have been slowly improved though years of work in academia and military applications, the time for wider deployment of this technology has arrived.

Thank you for your time and attention.

Monday, March 01, 2010

Super Empowered2010

I've declared myself to be a super-empowered individual, on par with all of the others in that I'm going to change the world. Coming from a fat middle aged white guy, that has to be funny on a few levels. Yet I intend to change the world, in one small way, for the better.

How did I come to this absurd position? It's simple.... I got pissed off enough to change the world, and am secure enough to realize I can do it.

I'm pissed because it looks like Billions of our tax dollars are going to be sunk into "cyber security", "cyber war", etc. I'm pissed because this will be used as a justification to monitor all internet traffic, and to enable censorship.

It doesn't have to be this way. Someone has to put the brakes on, and I've decided to do it. I hope to convince you to help.

I'm going to use the tools and resources available to me, and leverage them to change the way operating systems are written. This will FIX the problem, and restore some sanity to the world of general purpose personal computing.

Computers CAN be made secure, the technology has been languishing since the 1960s, for a number of reasons. I intend to help bring it back out into general use. It is my conviction that Capability based security offers a way to make the average home computer both safe and easy to use.

The general problem with the current systems that are offered is that the user has no way to prevent a program from changing the state of his operating system. This stems from a security model that doesn't work. The user is forced to choose which programs they trust, and to only run those programs. The virus scanners, firewalls, anti-spyware, and everything else are simple aimed at helping to better chose which programs are worthy of trust.

NO program is worthy of trust. So, the systems will eventually fail. There are enough computers out there that have been compromised and turned into tools for the exploitation of the rest that any hole in the system can be leveraged and exploited by the black market.

Because no program can be trusted, you then have no choice but to "lock down" your operating system. This requires decided which features will be made available to a given program. Each program needs to have it's own set of choices, because no two programs are really going to do the same task. You have to treat each and every program as a potential trojan horse.

To make matters worse, your virus scanners and anti-spyware really can't help you, because they all rely on black lists, lists of known bad programs. This means they will always be behind in an arms race.

The current set of tools is inadequte to the task. While it's generally believed that these tools are acceptable, I believe otherwise, and I hope to prove it to you as well, so that you will help me to change the world, a bit.

Once you believe that the tools available are insufficient, the next step is to consider what the requirements are for something that would work. You need to be able to choose which resources are to be made available to a program, and how you might check post facto to make sure it did what you expect.

In the world of commerce, this is done through contract law. The court system serves to enforce contracts. It's not perfect, but it gets the job done most of the time.

Computers are much more efficient and ruthless about following rules. Any edge cases can be handled by tweaking the code, and testing it repeatedly to make sure they all work as intended. The programmer replaces the Legislative branch of government, tweaking the rules as necessary, to ensure domestic traquility.

In computing, it is the role of the operating system to enforce rules. The current system is much like the wild west, with the occaisional posse to round up malware. The rule of law is sporadically enforced.

To make things usable and transparent to the user, the rules should be as easy to build and grasp as possible. A simple list of resources to be made available to a program is sufficient. If the resource isn't on the list, the program can't have access to it. A word processor doesn't need to access much, the keyboard, mouse, screen, it's installed directory, and the file to be edited. It doesn't need access to the internet, your facebook account, tax records, etc.

This simpler model (for the end user) makes managing the resources of the computer both possible, and efficient. They can set up (or have tools to help them) defaults which make sense for everything.

Now, if you're skeptical, you might think that this really isn't different from what is offered in things like Microsoft's UAC, which crashed and burned. There are vast differences.

The UAC was security theater at its worst. It was an attempt by Microsoft to further try to blame the user, and absolve themselves of blame for our current mess by making people believe that computer security can't be solved. It made things MUCH worse than they already were, overall by destroying hope.

It's now up to us to make things right by helping to spread the word of Capability based security, and by investing some time to try it out, and to help make it work when it becomes available.

I'm just a middle aged white guy... but like everyone else, I have the resources available to change the world. A blog, friends, and time.

Thanks for your time and attention, and for your help changing the world.

Blog Archive