CyberSpark Archives - Sky's Blog

In the long run they’ll get you “in the code”

11 September, 2013 by sky Leave a Comment

Bruce Schneier says “Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted.” (read original)

What this means is that the theory behind something — in this case encryption using “hard” mathematics — may be very good, but the implementation can be full of “gotchas” — errors, omissions, faults — and that‘s what will get you in the long term. He was specifically commenting on Edward Snowden’s revelations about the US National Security Agency and whether they can read all encrypted messages, but it can apply to many other software endeavors.

If you’re thinking of writing some software whose function is critical, and especially if lives depend on it, you have to be extremely careful with your implementation. And Open Source is a big plus because other eyes can look at your code and spot mistakes that you, as author, are likely to overlook.

So whatever you’re working on, be very, very careful with the implementation.

Private armies in cyberspace? A kill switch on the Internet?

14 July, 2010 by sky Leave a Comment

The government of the USA was constituted “to provide for the common defense” among other things.^[1] Unfortunately the line between public responsibility and private responsibility for defense in cyberspace could be rather blurry.

Clearly when there is warfare in the physical world the combatants are also likely to utilize cyber tactics of some sort, even if only for informational or propaganda purposes, but more likely as powerful tactics to take down their target’s ability to respond quickly or in a focused manner. Because governments aren’t really equipped to handle these types of attacks, which would include attacks against private infrastructure, not just government systems, they’d have to rely on private companies, individuals and groups — essentially private armies — to deflect or thwart any attack. [Read more…]

Why “Shadows in the Cloud” should open your eyes

9 July, 2010 by sky Leave a Comment

The public release of the document Shadows in the Cloud is important because this document contains some very important messages—stated very clearly—that haven’t really been said publicly before.

If you’re not a cyberspace expert and don’t care for geek talk, you may think it’s just another report on cyber espionage. But the messages are important for everyone. And my point is that they are very clearly explained!

Ron Diebert and Rafal Rohozinski, in their Foreward, point out that crime and espionage go together. Or that wherever one goes, the other is soon to follow.

They don’t say this directly—these are my words: Crime, espionage (and warfare) seep into the interstitial spaces of society and occupy any vacuum they find. And from there they can grow to occupy the whole of the space, like a mold, fungus, or rot.

What we are seeing in online attacks against free speech sites these days, particularly drive-by attacks^[1], is that they do not seem to be politically or idealistically motivated, instead they are opportunistic and (presumably) economically motivated because they’re focused on injecting spambots and trojans, not on altering the message of the nonprofit web site.

[1] See CyberSpark.net and click “drive-by” on that page