The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 28 Issue 22

Wednesday 27 August 2014

Contents

Dutch bank to enable money transfers via Facebook and text messages
Peter Fokker
Time Warner Cable online after widespread Net outage
Molina and Snider via Jim Reisert
What are wi-fi connections revealing about you?
BBC News via Brian Randell
TWC botched 'maintenance' could set off MonsterMind?
Henry Baker
Discovery of backups for `missing' Lois Lerner IRS e-mail
Henry Baker
Securing the (Profits of) the US Electrical Grid— against Tesla & solar panels
Henry Baker
Re: CyberSec Coordinator Tells Why Lack of Tech Know-How Helps
Henry Baker
Re: Digitalization Disaster
Dan Geer
Info on RISKS (comp.risks)

Dutch bank to enable money transfers via Facebook and text messages

"Peter Fokker" <peter@berestijn.nl>
Wed, 27 Aug 2014 09:51:49 +0200 (CEST)
The Dutch bank Knab announces a new service dubbed 'Knab Social' to transfer
money from a customer's bank account using Facebook or the contacts list in
their phone. The bank's website at https://www.knab.nl/mobiel-betalen
(sorry, Dutch only) explains how it works:

  "Did your friends advance a dinner for you?  Soon you can pay them back
  quickly via Facebook or a text message. Simply using your Knab App.
  Handy, because you don't have to ask them for their IBAN!

  How does it work

  1. Select a friend via Facebook or your mobile address book.
  2. Your friend receives a message that you want to pay money to him.
  3. Your friend enters his IBAN and receives the money."

What would you do if you receive a message that promises you money, if only
you provide your own bank account details?

What do you do when some rogue software decides to send a 'Knab Social'
message to all your contacts, as a Christmas present, emptying your account
in the process?

In other words: what could possibly go wrong?


Time Warner Cable online after widespread Net outage (Molina and Snider)

Jim Reisert AD1C <jjreisert@alum.mit.edu>
Wed, 27 Aug 2014 08:57:10 -0600
Brett Molina and Mike Snider, USA TODAY 10:01 a.m. EDT August 27, 2014
Time Warner Cable dealt with a major Internet outage early Wednesday.

During routine network maintenance at 4:30 a.m. ET today, "an issue with our
Internet backbone created disruption with our Internet and On Demand
services," said Time Warner Cable vice president for public relations Bobby
Amirshahi in an e-mail exchange.

"As of 6 a.m. ET, services were largely restored as updates continue to
bring all customers back online," he said. [...]

Coincidentally, on Monday, Time Warner Cable agreed to pay a $1.1 million
penalty to the Federal Communications Commission for failing to file "a
substantial number" of proper reports on outages that it had notified the
agency about.

http://www.usatoday.com/story/money/2014/08/27/time-warner-outage/14670747/


What are wi-fi connections revealing about you? (BBC News)

Brian Randell <brian.randell@newcastle.ac.uk>
August 26, 2014 at 4:42:30 PM EDT
BBC News Technology (via Dave Farber)

When walking through the centre of a busy city it is easy to feel anonymous.

Set against the cacophony of sharing and declaring that happens online, it
can be precious to feel that, just for a moment, you are lost in a crowd.

Unidentifiable.

It is, of course, an illusion. You are never alone, especially if you are
carrying a smartphone that has ever been used to connect to a wireless
network. Which is pretty much all of them.

All of those devices maintain a list of the wi-fi networks they have
joined. The way wi-fi works demands that they always seek to rejoin those
networks. As a result, smartphones and tablets regularly broadcast the SSIDs
(service set identifiers), or names, of those networks.

It's a feature designed to ensure that when you are near a network you
regularly use, you get connected quickly.

Wave snooping

However, with the right equipment, that very feature could leave you exposed
to some sneaky surveillance.

The right equipment is a laptop on which Kali Linux - a version of the free
operating system that includes a raft of security tools - is loaded. One of
those tools can sniff the airwaves for lists of SSIDs.

I tried it for myself. Sipping a latte in a coffee bar that lay in the
shadow of the Bank of England, I watched as my laptop gathered a list of all
the wi-fi networks the people around me had joined.

When anyone walked past the window, the list grew, as a new device being
carried in a pocket or purse declared where it had been.

I saw the names of wi-fi networks in homes, airports and hotels. Ones that
people had changed to include their surname. I saw office networks, other
coffee shops, bars, station platforms and football stadiums.

"So what?" you might say. Just because a phone is shedding this data does
not make it dangerous.

But combine those lists with websites that log and list wi-fi networks and
you potentially have a way to track where people have been without letting
them know.

Those websites are easy to find and they handily map all the networks that
volunteers have logged.

I entered a few of the names I found during my surveillance trip and it
pointed me to quite a few homes in and around London - doubtless where the
people that passed by actually lived.

And now I knew that they were not home.

Full story at http://www.bbc.co.uk/news/technology-28891937

School of Computing Science, Newcastle University, Newcastle upon Tyne,
NE1 7RU, UK +44 191 222 7923 http://www.cs.ncl.ac.uk/people/brian.randell


TWC botched 'maintenance' could set off MonsterMind?

Henry Baker <hbaker1@pipeline.com>
Wed, 27 Aug 2014 07:48:15 -0700
FYI—Some sort of accident setting off an automatic response is precisely
the sort of thing that Edward Snowden, Matt Blaze & Martin Libicki (of Rand
Corp.) worry about.  As is usual in a lot of situations (including some
human diseases), the defense response may cause far more damage than the
initial incident.

http://www.theverge.com/2014/8/27/6073827/time-warner-cable-suffers-nationwide-internet-outage

Time Warner Cable says botched 'maintenance' caused nationwide Internet outage

Chris Welch, *The Verge*, 27 Aug 2014

It's probably a good thing that Time Warner Cable schedules its network
maintenance for really early in the morning.  That way, when things go
terribly wrong and Internet somehow gets knocked out across the entire
United States, most customers are asleep and none the wiser.  That's exactly
what happened today; the company says that at around 4:30AM this morning,
routine maintenance took a decidedly bad turn and left every single Time
Warner Cable customer without web access.  Nationwide outages are fairly
uncommon — especially when you're talking about an ISP the size of Time
Warner Cable, which provides high-speed broadband to 11.4 million
residential customers.

Just spoke to Time Warner Cable customer service, TWC is down and out
nationwide. No Internet. #timewarner—Glenn Clark (@glennclarkcsm)
27 Aug 2014

"An issue with our Internet backbone created disruption with our Internet
and On Demand services," the company said in a statement.  "As of 6AM ET
services were largely restored as updates continue to bring all customers
back online."  Some customers are still intermittently reporting issues, but
most are already back up and running.

Even so, the embarrassing mishap won't do Time Warner Cable any favors in
the eyes of customers as it continues its quest to merge with Comcast.  It's
a bit disconcerting that a botched maintenance session could result in such
severe consequences.  We should note that the disruption didn't affect cable
reception (aside from on-demand programming), nor did it interrupt TWC's
voice services.  But anyone that needed an Internet connection early
Wednesday morning had to look elsewhere.  Presumably some of those people
turned to smartphone tethering as a temporary solution; Comcast counts LTE
and wireless carriers among its competition, after all.

http://www.wired.com/2014/08/nsa-monstermind-cyberwarfare/

Meet MonsterMind, the NSA Bot That Could Wage Cyberwar Autonomously

Kim Zetter, *WiReD*, 13 Aug 2014

Edward Snowden has made us painfully aware of the government's sweeping
surveillance programs over the last year.  But a new program, currently
being developed at the NSA, suggests that surveillance may fuel the
government's cyber defense capabilities, too.

The NSA whistleblower says the agency is developing a cyber defense system
that would instantly and autonomously neutralize foreign cyberattacks
against the US, and could be used to launch retaliatory strikes as well.
The program, called MonsterMind, raises fresh concerns about privacy and the
government's policies around offensive digital attacks.

Although details of the program are scant, Snowden tells WIRED in an
extensive interview with James Bamford that algorithms would scour massive
repositories of metadata and analyze it to differentiate normal network
traffic from anomalous or malicious traffic.  Armed with this knowledge, the
NSA could instantly and autonomously identify, and block, a foreign threat.

Cryptographer Matt Blaze, an associate professor of computer science at the
University of Pennsylvania, says if the NSA knows how a malicious algorithm
generates certain attacks, this activity may produce patterns of metadata
that can be spotted.  “An individual record of an individual flow only
tells you so much, but more revealing might be patterns of flows that are
indicative of an attack, If you have hundreds or thousand of flows starting
up from a particular place and targeted to a particular machine, this might
indicate you're under attack.  That's how intrusion detection and
anomaly-detection systems generally work.  If you have intelligence about
the attack tools of your adversary, you may be able to match specific
patterns to specific tools that are being used to attack.''

Think of it as a digital version of the Star Wars initiative President
Reagan proposed in the 1980s, which in theory would have shot down any
incoming nuclear missiles.  In the same way, MonsterMind could identify a
distributed denial of service attack lobbed against US banking systems or a
malicious worm sent to cripple airline and railway systems and stop—that
is, defuse or kill—it before it did any harm.

More than this, though, Snowden suggests MonsterMind could one day be
designed to return fire—automatically, without human intervention --
against the attacker.  Because an attacker could tweak malicious code to
avoid detection, a counterstrike would be more effective in neutralizing
future attacks.

Snowden doesn't specify the nature of the counterstrike to say whether it
might involve launching malicious code to disable the attacking system, or
simply disable any malicious tools on the system to render them useless.
But depending on how its deployed, such a program presents several concerns,
two of which Snowden specifically addresses in the WIRED story.

First, an attack from a foreign adversary likely would be routed through
proxies belonging to innocent parties—a botnet of randomly hacked
machines, for example, or machines owned by another government.  A
counterstrike could therefore run the risk of embroiling the US in a
conflict with the nation where the systems are located.  What's more, a
retaliatory strike could cause unanticipated collateral damage.  Before
returning fire, the US would need to know what it is attacking, and what
services or systems rely upon it.  Otherwise, it could risk taking out
critical civilian infrastructure.  Microsoft's recent move to take down two
botnets—which disabled thousands of domains that had nothing to do with
the malicious activity Microsoft was trying to stop—-is an example of
what can go wrong when systems are taken down without adequate foresight.

Blaze says such a system would no doubt take the attribution problem --
looking beyond proxies to find exactly where the attack originated—into
consideration.  “Nobody would build a system like this and be unaware of
the existence of decentralized botnet attacks laundered through the systems
of innocent users, because that's how pretty much all attacks work,'' he
says.  That does not, however, make so-called hackback attacks any less
problematic, he says.

The second issue with the program is a constitutional concern.  Spotting
malicious attacks in the manner Snowden describes would, he says, require
the NSA to collect and analyze all network traffic flows in order to design
an algorithm that distinguishes normal traffic flow from anomalous,
malicious traffic.

“[T]hat means we have to be intercepting all traffic flows,'' Snowden told
WIRED's James Bamford.  “That means violating the Fourth Amendment, seizing
private communications without a warrant, without probable cause or even a
suspicion of wrongdoing. For everyone, all the time.''

It would also require sensors placed on the Internet backbone to detect
anomalous activity.

Blaze says the algorithm scanning system Snowden describes sounds similar to
the government's recent Einstein 2 and 3 programs, which use network sensors
to identify malicious attacks aimed at U.S. government systems.  If that
system were secretly being extended to cover all U.S. systems, without
public debate, that would be a concern.

Although MonsterMind does resemble the Einstein programs to a certain
degree, it also sounds much like the Plan X cyberwarfare program run by
DARPA.  The five-year, $110 million research program has several goals, not
the least of which is mapping the entire Internet and identifying every node
to help the Pentagon spot, and disable, targets if needed.  Another goal is
building a system that allows the Pentagon to conduct speed-of-light attacks
using predetermined and pre-programmed scenarios.  Such a system would be
able to spot threats and autonomously launch a response, the Washington Post
reported two years ago.

It's not clear if Plan X is MonsterMind or if MonsterMind even exists.  The
Post noted at the time that DARPA would begin accepting proposals for Plan X
that summer.  Snowden said MonsterMind was in the works when he left his
work as an NSA contractor last year.

The NSA, for its part, would not respond to questions about the MonsterMind
program.


Discovery of backups for `missing' Lois Lerner IRS e-mail

Henry Baker <hbaker1@pipeline.com>
Wed, 27 Aug 2014 05:32:08 -0700
FYI—I guess those IRS IT guys/gals weren't so incompetent as the
Administration intended them to be.

Does anyone besides Dan Geer still think that governments can be trusted not
to "forget" inconvenient and/or embarrassing information?  Perhaps we now
need a separate _fourth_ branch of government whose only job it is to secure
_all_ government data against deletion by the other three branches...

http://www.judicialwatch.org/press-room/press-releases/backups-for-missing-lois-lerner-irs-emails/

25 Aug 2014

Washington, DC—Judicial Watch announced the following developments in the
IRS's missing emails investigation.  Judicial Watch President Tom Fitton
stated:

Department of Justice attorneys for the Internal Revenue Service told
Judicial Watch on Friday that Lois Lerner's emails, indeed all government
computer records, are backed up by the federal government in case of a
government-wide catastrophe.  The Obama administration attorneys said that
this back-up system would be too onerous to search.  The DOJ attorneys also
acknowledged that the Treasury Inspector General for Tax Administration
(TIGTA) is investigating this back-up system.

We obviously disagree that disclosing the emails as required would be onerous, and plan to raise this new development with Judge Sullivan.

This is a jaw-dropping revelation.  The Obama administration had been lying
to the American people about Lois Lerner's missing emails.  There are no
`missing' Lois Lerner emails—nor missing emails of any of the other top
IRS or other government officials whose emails seem to be disappearing at
increasingly alarming rate.  All the focus on missing hard drives has been a
diversion.  The Obama administration has known all along where the email
records could be—but dishonestly withheld this information.  You can bet
we are going to ask the court for immediate assistance in cutting through
this massive obstruction of justice.

Here is the second set of sworn declarations by IRS officials in response to
Judge Emmet G. Sullivan's investigation into the missing emails of Lois
Lerner and other IRS officials.  The declarations were provided after close
of business on Friday, 22 Aug.

The first meeting was held this afternoon by Magistrate Judge John
M. Facciola, who was appointed by Judge Emmet G. Sullivan to manage and
assist in discussions between Judicial Watch and the IRS about how to obtain
any missing records which have been the subject of longstanding Judicial
Watch Freedom of Information Act (FOIA) requests and lawsuit (Judicial Watch
v. IRS (No. 1:13-cv-1559)).

Judge Sullivan has encouraged Judicial Watch to submit a request for limited
discovery into the missing IRS records after September 10.


Securing the (Profits of) the US Electrical Grid—against Tesla & solar panels

Henry Baker <hbaker1@pipeline.com>
Mon, 25 Aug 2014 15:23:00 -0700
FYI—Because the electrical utilities are quickly heading for extinction,
they are wrapping themselves in the cyberthreat security blanket in order to
thwart distributed solar energy generation and to gain subsidies from the
federal Homeland Security teat.  Any such "cyberwashing" money would be far
better spent to *accelerate* the inevitable rush to distributed generation
to the point that the "critical infrastructure" grid simply isn't "critical"
anymore.

Solar panels are the most important element in distributed electric power
generation, with the consumer fleet of electric cars (aka "batteries on
wheels") providing the resilient distributed storage: "the 40,000 Tesla
vehicles already on the US roads contain about 3.3 gigawatts of storage
capacity, roughly 0.3% of US electrical production capacity and 14% of US
grid storage", according to a February, 2014, Morgan Stanley report.  This
combination of cheap local generation and local storage has short-circuited
the electrical utility business model and caused demand to melt away.

(BTW, Edison himself originally argued for *distributed* power generation,
with a power station every few blocks—a la the telephone exchanges.
While this distributed model was forced by Edison's DC technology, a
distributed power generation system would have been far more reliable &
resilient than our current long-transmission-line system.)

The U.S. electrical utilities are dinosaurs being killed by kilowatts from
outer space.  Rather than embracing these new solar technologies, however,
they are fighting them tooth and claw with lobbying, from local zoning
regulations to state monopoly commissions to federal regulations.

The latest salvo is a 180-page July 15th 2014 report called "Securing the
U.S. Electrical Grid" (aka "Begging for Bailouts") with 12 recommendations
to "secure" the electrical grid.  However, as far as I can tell, none of
these recommendations will do anything to increase the reliability or
resiliency of the electrical grid, but will do much to stymie the progress
of solar distributed power generation.  The name of the report should have
been "Securing the Profits of the U.S. Electrical Grid against Tesla/Musk
and solar panels", as the basic *threat* the electrical utilities were
attempting to defend against was *irrelevance* in a distributed solar
generation world filled with Leaf's, LED's and LEED's.

The electrical utilities are scare-mongering the politicians and the public
with lies like "while more resilient, such smart grid and microgrid systems
present significant challenges to grid security."

Indeed, the very first paragraph of the SEG report is electrifying:
"Following the end of World War II, the Allied Strategic Bombing
Survey—responsible for determining the damage inflicted by U.S. and
Allied strategic bombing of German and Japanese industry—determined that
the bombing campaign would have been more effective if it had targeted the
German and Japanese electrical grid rather than urban and industrial
centers."

The report then goes on to warn that falling utility profits will not allow
significant investments in additional security--including cybersecurity, and
that "public-private partnerships" (aka "government bailouts") will be
required.

SECURING THE U.S. ELECTRICAL GRID, 15 Jul 2014
http://www.thepresidency.org.70-32-102-141.pr6m-p7xj.accessdomain.com/sites/default/files/Grid%20Report%20July%2015%20First%20Edition.pdf

  [Henry's submitted message was by itself at least twice the size of a
  typical RISKS issue, and thus I have done some serious truncation of what
  follows, giving primarily just the URLs and a little introduction.  The
  omitted content is very interesting reading, but perhaps less directly
  relevant to most RISKS readers.  PGN]

David Roberts, Energy, politics, and more:
Solar panels could destroy U.S. utilities, according to U.S. utilities
http://grist.org/climate-energy/solar-panels-could-destroy-u-s-utilities-according-to-u-s-utilities/

Solar power and other distributed renewable energy technologies could lay
waste to U.S. power utilities and burn the utility business model, which has
remained virtually unchanged for a century, to the ground.  That is not
wild-eyed hippie talk.  It is the assessment of the utilities themselves.

Back in January, the Edison Electric Institute—the (typically stodgy
and backward-looking) trade group of U.S. investor-owned utilities --
released a report [PDF] that, as far as I can tell, went almost entirely
without notice in the press.  That's a shame.  It is one of the most
prescient and brutally frank things I've ever read about the power sector.
It is a rare thing to hear an industry tell the tale of its own incipient
obsolescence.

http://www.eei.org/ourissues/finance/Documents/disruptivechallenges.pdf

I've been thinking about how to convey to you, normal people with healthy
social lives and no time to ponder the byzantine nature of the power
industry, just what a big deal the coming changes are.  They are nothing
short of revolutionary—but rather difficult to explain without jargon.

So, just a bit of background.  You probably know that electricity is
provided by utilities.  Some utilities both generate electricity at power
plants and provide it to customers over power lines.  They are `regulated
monopolies,' which means they have sole responsibility for providing
power in their service areas.  Some utilities have gone through
deregulation; in that case, power generation is split off into its own
business, while the utility's job is to purchase power on competitive
markets and provide it to customers over the grid it manages. [...]

Why the U.S. Power Grid's Days Are Numbered
Chris Martin, Mark Chediak, and Ken Wells August 22, 2013
http://www.businessweek.com/articles/2013-08-22/homegrown-green-energy-is-making-power-utilities-irrelevant

There are 3,200 utilities that make up the U.S. electrical grid, the largest
machine in the world.  These power companies sell $400 billion worth of
electricity a year, mostly derived from burning fossil fuels in centralized
stations and distributed over 2.7 million miles of power lines.  Regulators
set rates; utilities get guaranteed returns; investors get sure-thing
dividends.  It's a model that hasn't changed much since Thomas Edison
invented the light bulb.  And it's doomed to obsolescence.

That's the opinion of David Crane, chief executive officer of NRG Energy, a
wholesale power company based in Princeton, N.J.  What's afoot is a
confluence of green energy and computer technology, deregulation, cheap
natural gas, and political pressure that, as Crane starkly frames it, poses
“a mortal threat to the existing utility system.''  He says that in about
the time it has taken cell phones to supplant land lines in most U.S. homes,
the grid will become increasingly irrelevant as customers move toward
decentralized homegrown green energy.  Rooftop solar, in particular, is
turning tens of thousands of businesses and households into power producers.
Such distributed generation, to use the industry's term for power produced
outside the grid, is certain to grow.  [...]

John McDuling@jmcduling, 25 Feb 2014
Why you could soon be buying your electricity from Elon Musk
http://qz.com/180978/why-you-could-soon-be-buying-your-electricity-from-elon-musk/

Last week, we argued that Tesla's most disruptive product might not be its
cars.  Today, Morgan Stanley has provided further detail around this thesis,
which is gaining increased traction on Wall Street.  Tesla shares have
soared about 13% this morning and are trading at fresh highs.

In a note published this morning, the investment bank posits that Elon
Musk's electric car company, which will unveil its plans to build the
world's biggest lithium-ion battery pack facility this week, is poised to
disrupt the $1.5 trillion electric utility industry.  Tesla doesn't just
make high-performance automobiles, Morgan Stanley analyst Adam Jonas argues,
it's also producing a mobile fleet of electrical grid storage.  The 40,000
Tesla vehicles already on the US roads contain about 3.3 gigawatts of
storage capacity, roughly 0.3% of US electrical production capacity and 14%
of US grid storage, he estimates.

By 2028, Morgan Stanley (which, it must be said, is among the most bullish
of all Wall Street banks when it comes to the car company) estimates there
will be 3.9 million Tesla vehicles on US roads.  They will have a combined
energy storage capacity of 237 gigawatts, some 22% of today's US production
capacity and nearly 10 times larger than all US grid storage that exists
today.

Tesla's “giga-factory,'' where the lithium-ion battery packs will be
produced, will probably cost $1 billion to build, Morgan Stanley estimates.
But there will be myriad opportunities for the company to reap returns from
that investment beyond sales of its own cars.


Re: CyberSec Coordinator Tells Why Lack of Tech Know-How Helps (Norman, RISKS-28.21)

Henry Baker <hbaker1@pipeline.com>
Wed, 27 Aug 2014 04:40:39 -0700
Thanks to the disclosures of Edward Snowden, the most terrifying words in
the English language are *now*: "I'm from the government and I'm here to
help fix your Internet".  Therefore, I'm going to have to take Michael
Daniel at his word that he lacks the expertise to help fix the Internet, but
also believe that it will be difficult to get him to understand something,
when his salary depends upon his not understanding it.  In short, Michael
Daniel is part of the problem, not part of the solution.

However, I agree wholeheartedly with Professor Don Norman's point about the
(un)usability of encryption, and feel that Professor Norman's enormous
expertise could single-handedly improve the security of the entire Internet
by helping technical wizards—e.g., Phil Zimmerman, Ladar Levison, Gnu,
EFF, etc.—to design more usable interfaces that manage
keys/certificates/trust chains and ubiquitously encrypt all
emails/texts/chats.

See Alma Whitten and J. D. Tygar,
"Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0"
www.cs.berkeley.edu/~tygar/papers/Why_Johnny_Cant_Encrypt/OReilly.pdf

I encourage Professor Norman to get involved in taking back the Internet
where we all live and work, and to help make it an expression of a free and
democratic society which respects the First, Fourth, Fifth and Fourteenth
Amendments.

We don't have to wait for the government's help; we can write code.


Re: Digitalization Disaster (Weber-Wulff, RISKS-28.21)

Dan Geer <dan@geer.org>
Tue, 26 Aug 2014 20:57:28 -0400
 > The moral of the story: Triple check digitalizations that could affect
 > lives, and don't throw out the analogue stuff.

No, no, no.  The moral of the story is to have an analog system working at
all times on behalf of those who eschew the digital one, the side effect
being a kind of resiliency-through-preservation that will *never* be
otherwise available even in a police state with Central Planning.

The thought is in many of my speeches, perhaps first at SOURCE Boston,

http://geer.tinho.net/geer.sourceboston.18iv12.txt

and later in "Resolved: The Internet Is No Place for Critical
Infrastructure," Communications of the ACM, 56:6:41-46, June 2013.

Excerpt:

At this point, I am at serious risk of being exactly the kind of fear
mongerer that quickly becomes fraud.  That is, of course, not my point.  My
point is that the working definition of critical infrastructure is broad
and, which is more, indistinct.

There has been much talk about whether to grant the President a so-called
kill-switch for the Internet.  There is a considerable logic to that if you
accept what I have been saying, namely that in the presence of
interdependence that is inestimable there may be times where it is not
possible to disambiguate friend from foe.  Were someone on an inbound
airplane found to have smallpox, the passengers and crew would be
quarantined as a matter of public health until such time as each of them
could be separately certified as disease free.  Many important enterprises,
public and private, quarantine inbound e-mail with nearly as much vigor as
them quarantine inbound DHL packages.  The logic is sound.  The time scale
is human.

In a kind of living history, we have residing amongst ourselves cloistered
communities such as the Amish.  We accommodate them.  I expect that if a
food crisis of some sort were to materialize, it is the Amish who would be
least affected.  We have amongst ourselves so-called Neo-Luddites.  In some
sense, the Luddites had a more principled analysis—they knew where the
machines would lead and on the basis of their analysis they acted.  The
Amish merely wish to be left alone, such as to remove their children from
compulsory education at the close of the eighth grade.  So far as I know,
their case, Wisconsin v. Yoder, is the only such case to ever reach the US
Supreme Court, which found in their favor.  I ask, is there room in our
increasingly wired world for those who choose merely to be left alone, in
this case to choose to not participate in the Internet society?  Do those
who do not participate deserve to not have their transactions of all sorts
be exposed to a critical infrastructure dependent on the reliability of
Internet applications as a class?

Paraphrasing Melissa Hathaway from her 60-day review of US cyber policy for
President Obama, the United States' ability to project power depends on
information technology, and, as such, cyber insecurity is *the* paramount
national security risk.  Putting aside an Internet kill-switch, might it be
wise for the national authorities to forbid, say, Internet Service Providers
from propagating telnet or SSH v1 or other protocols known to be
insecurable?  If not that, should cyber components of the critical
infrastructure be forbidden to accept such connections?  There is certainly
a debate topic in that—if not a natural policy.  As with most things,
there is an historical echo here such as well; in 1932, the foremost
political commentator of the age, Walter Lippmann, told President Roosevelt
"The situation is critical, Franklin.  You may have no alternative but to
assume dictatorial powers."

Again, when 10% of the population sees nothing in the Internet for them,
should we respect and ensure that, as with the Amish, there is a way for
them to opt out without choosing to live in a hovel?  Should we preserve
manual means?

I say "yes" and I say so because the preservation of manual means is a
guarantee of a fall back that does not have a common mode failure with the
rest of the interconnected, mutually vulnerable Internet world.  That this
is not an easy choice is the understatement of the day if not year.  I
cannot claim to have a fully working model here, but neither do our
physicist friends yet have a unified field theory. [...]

  [By the way, in Deborah's RISKS item on Satellite in wrong orbit,
  I think she meant `their own GPS' rather than `their own GSM'.
  (Spotted by Drew Dean.)  PGN]

Please report problems with the web pages to the maintainer

Top