We seem to be relying on an "identity" that is our name, ssn, phone number, credit card number, or all these different little bits of data clumped together. Too messy, too easy to steal, to fake, to easy to sell.
Maybe our identity is more like a bitcoin wallet. It's an encrypted clump of data that we only keep with ourselves, and ourselves alone. It could store money, confirm that we are who we say we are because it can have our picture in it, our names, our "numbers" for various things.
Then, when someone needs ANYTHING from us, be it proof of identity, money, or trivial info, we can send them a piece of useless information salted with something that they then return to us with the same salt to get back a confirmation, or money, or access to "use" our other numbers, but they never GET our other numbers.
If you want my phone number, you send a request to me asking for it. I get the request, confirm it, send back another piece of data to you. This is NOT my phone number, but something you can use to send to me again in the future when you want to call me, and then my number is dialed, but you never see it. At any time, I can wipe you off my safe list, and you don't have my phone number anymore. Same thing can work when paying for something, or proving I am who I say I am when getting a loan, buying beer, whatever.
Maybe this is ridiculous.
https://blog.ethereum.org/2015/04/13/visions-part-1-the-valu...
If you're not paying attention to Ethereum, you're missing out on the biggest story in technology ever. They're building systems that combine cryptographic identities and a global tamper-proof execution environment to bring the costs of interacting with any stranger on the planet to nearly zero. Every large organization on the planet (i.e. companies and governments) formed as a reaction to today's levels of transaction costs. Eliminating those transaction costs will reshape our society in ways that increase liberty and wealth. You can build the software that helps make that happen. My email's in my profile for anyone who wants help getting started or learning more.
Any system based on "so, you have this physical|virtual thing, right..." is going to run into troubles when it meets the general public.
Today's data breach at the very least shows that we shouldn't allow them to push for that. The fingerprint should always stay on our devices in a hardware secure module.
"Free version limited to storing only most recent two fingerprints on our servers! For unlimited storage, upgrade to Middle Finger Pro for only $1.99!"
At least it may give a taste to US nationals of what it feels like to have your country hacked by a foreign power, like most European countries nationals felt after the Snowden leaks.
(See http://map.ipviking.com/ if you want a live demonstration.)
Or so they say -- to make the case for more budget and that they are "victims too" not just agressors. And of course to paint some provincial BS backwaters as "credible threats".
The US of course will reply in kind. It is US defense policy in cyber to retaliate for cyber attacks - specifically this is part of a deterrence strategy.
For a typical example for why this may be okay to exist, we can simply posit (for the sake of argument) someone who 0-days every server in the world and holds everything on any of their hard-drives for the ransom of 1 milliiiion dollars, oh not individually per person but total, from behind tor relays and to be paid in bitcoin, divided out among a few thousand or ten thousand or million or ten million targets. Brazenly. What does the world do - just pay? (collectively, individually, whatever.) That means he now has a budget of 1 milliiiiion dollars for round 2. So in a case like this, I would think that society would want to say, all right, enough is enough of these shenanigans, we are going to peek behind the curtain here (violating your privacy). It's not that there's any disagreement that it's illegal, it's that you need to violate privacy to prevent this very real possibility that actually occurs every day, today. As I mentioned however, I do not have very firm opinions on the subject. This kind of ransomware isn't a theoretical exercise however - it exists, and it's great when we have resources like this: https://noransom.kaspersky.com/ that nullify it. There is also generally a reason that there is a legal system in place and if you didn't have laws, people would do whatever they can physically get away with, which in a technological society that puts multipliers and levers on all of our efforts, is a lot. That the mechanism for getting that data have to be extraordinary is a given, however.
But even though I think a small amount of surveillance may be important, by my current impression I am massively opposed to very large amounts of surveillance, I think it's a tremendous waste of resources. See this thread for my opinions about when companies receive huge windfall payments for it - https://news.ycombinator.com/item?id=9549597 -- I'm simply opposed.
So far my theoretical model (as a personal philosophical exercise, and bearing in mind that I am undecided on a larger scale) extends to within a single country, or group of closely allied countries. It makes sense to encourage companies to innovate, to grow, to create things - creative innovators are the things we as a society are protecting, from people who would, for example, steal their designs and hold them for ransom.
But I'd like to ask people's opinions about countries such as China, which I believe have much to learn before they can be as "good" actors as Western powers - including for their own populations. (i.e. this is a separate question from what is good.)
Just some of the factors that are important for China although they may not realize it are environmental issues, I mean you can hardly breathe in Beijing, continued very high economic growth and, yes, increased "lawfulness" in several areas where they will be well ahead by, for example, respecting IP and innovation of both foreign companies and their own. Now here specifically, we can use a simple example: if their hackers (people just like the readership here, except reading everything in Chinese but like us also clever computer geeks, except sitting in some hacking center doing 8 hour shifts of hacking, instead of building millions of dollars of real economic value with their same mental cycles) - they are busy hacking the US government, they're not busy creating the next Google, Microsoft, Apple, and so forth. We're also not benefiting from their research either.
So it seems, to me, that they are not ahead from this overseas hacking. Specifically, I think it holds their economy back.
But more broadly - and here is where I am getting into something philosophical and on a topic where I'm very undecided: isn't it fair to say that it would be quite impossible to imagine the FBI actively hacking another Federal government agency? Likewise, if in some sense there were a more international version of a democratic world power, wouldn't this save massive state resources on all sides?
That is to say, although I am trying to reason from first principles and extreme use cases, it seems to me that if there isn't a world order today, there should be. (This is a tentative impression!!) I also think that the readership here - the computer geeks, the entrepreneurs, the scientists, the smartest of the smart, all over the world automatically do form a community. While we might not have many Chinese readers today, I doubt the same would be true in ten years, especially given the fact that English for better or for worse is the de facto international language of communications and technology, (and science/research) in particular.
Basically, what I am asking about is why we wouldn't want to live under a flag of the Earth representing some ecumenical world power. As an advantage, we would save precisely the costs that the FBI saves by not trying to hack the other agencies of America. (Since they're all under one flag, why would they waste resources hacking each other.)
This is quite a separate issue from surveillance, which is sort-of orthogonal to this question. Basically, what if anything would be the cons to an international world order? At a minimum, wouldn't this stop the acts of "your country hacked by a foreign power" as we would expect them to? Wouldn't those resources be automatically put to better use? The guy who can't get work hacking some government while that government hacks his, would instead use his powers more creatively.
I ask this with the distinct goal of attempting to better understand what kind of world we would even want to live in. If this is much too tangential or I elicit very unconstructive responses I can delete this comment.
Basically, on the level of economic growth, productivity, and, yes, freedom - what is wrong with a world order and cooperation? (I assume there's something wrong with it, because the phrase "world order" is a negative one!)
-
EDIT: I want to emphasize that by world order I mean like ths - http://en.wikipedia.org/wiki/New_World_Order_%28conspiracy_t... which is quite a negative spin on countries colluding.
With regard to the FBI hacking another agency - the CIA hacked Congress when they were investigating them for torture. Rounding that down to something a founding father could say: the executive branch spied on the legislative branch while it was investigating the executive branch for breach of law.
With regard to US world order - it's so hard to tell when an empire is doing the world more good than bad - and between various 'opportunity costs' to the good it could do the world under its order.
In this sense, the US does do some very, very dirty deeds. It is not above killing and even torturing and then killing innocent people, committing mass fraud on the world to justify its interests, or involving itself in the rape of children, and trafficking of arms and drugs internationally (illegally) to supply proxy forces. It propagandizes and it censors and it disappears people. It steals resources and engages in protectionist trade while espousing free markets. It rigs elections overseas and it coups genuine leadership. It assassinates key figures to decide geostrategic events. It has a long list of scandals.
To maintain its justified place at the top of the world order it needs to maintain an image of legitimacy. If you ask those who know about its special operations who is on the US's side you will hear precisely what you have mused about: the good that America does in keeping a world order with static boundaries based on trade and other forms of competition is collectively a better world to live in, even if some people - in the eyes of the power elite - need to be subjected to torture for it to continue.
Digesting this statement requires a neigh impossible task: predicting alternate futures where current order never developed and in its place another one does. Quickly this task becomes an imaginative one that falls prey to the leanings and biases of the person imagining it: those who favor the US imagine a more chaotic world and those who favor another nation a more peaceful one.
It's nearly impossible to ask this question, so the real work to be done is through alternate questions. What can we do now? What questionable programs and opinions exist today that can be dismantled? What powers are needed to maintain a peaceful sphere? Should the world have one protector, or is it possible for some Wilsonian (or other) creation to succeed at the task?
I can't give you those answers. I don't have them myself.
As an aside - one I hope is interesting - the United States relies very heavily on its reputation as a just and kind force to maintain its legitimacy. Were qualms with the US to bubble into a loss of legitimacy the world order would quickly dissipate.
This is what the US fears the most. It has to keep the optics at a higher bar than it can keep its practices. It hopes, it wishes and it needs to find solutions that allow for international stability - where it remains the top dog - and where it can keep its reputation.
We get to see how our leadership and representatives navigate this space and we get to be the primary sources for the historians to annotate it for the future.
""Privacy, above all other things, including safety and freedom from terrorism, is not where we want to go..."" FBI Associate director Michael Steinbach
The FBI means that consumers and foreign markets should not have encryption or backdoor-free software. I understand that this is a double standard, but we need to be clear that the double standard doesn't have to do with this most recent breach.
Also, with the FBI promoting an anti-encryption culture and the NSA promoting an anti-security culture in terms of what laws politicians should pass, it's only a matter of time before that culture spills into the government's own agencies, too.
For instance, politicians can be brainwashed so much by the NSA/FBI that encryption is some "dark sorcery that only terrorists and child pornographers use" to the point where they'll start voting against bills that aim to secure government's websites and so on.
Use of the word "cyber" adds virtually no insight or context to this article.
But who uses the term "database" to refer to anything but a store of data on a computer system?
I realize the BBC has some old-fashioned style guide it's using here, but "cyber databases" betrays a bit of a need to revisit that guide.
Edit: I've made a couple of recommended edits for the BBC as seen here: http://i.imgur.com/cewmams.png
> Using a new security system known as Einstein, the OPM detected a network intrusion in April 2015. The FBI said it is investigating the breach.
> Ken Ammon, chief strategy officer of Xceedium - a information security firm - warned that the hacked data could be used to impersonate or blackmail federal employees with access to sensitive information.
> Congressman Adam Schiff has called for database software to be upgraded in light of the most recent attack.
> Americans "expect that federal computer networks are maintained with state of the art defenses", Mr Schiff said.
> "The threat from hackers, criminals, terrorists and state actors is one of the greatest challenges we face on a daily basis, and it's clear that a substantial improvement in our databases and defenses is perilously overdue."
edit: bhauer, your edits are hilarious.
Technically, a "database" is just an organized collection of data. While nowadays it's increasingly rare to encounter a non-electronic database, these were once upon very commonplace. One specific example that I recall rather fondly is the list of Dewey Decimal cards that libraries would keep in narrow file cabinets so that users could search through them and find the books they wanted. While my school library's catalog was already digitized, I still used these cards sometimes, finding books that had been omitted from the digital system for whatever reason (though these were eventually cleaned up when the digital system itself started to include the creation of spine labels, thus causing non-cataloged books to become more obvious).
I speak not only as a programmer and database guy from way back, but as one of the millions of Anthem subscribers whose personal data was stolen a few months ago in a massive breach.
I know that "data breach" might well mean the keys were stolen which decrypted an otherwise secure file, but the terminology suggests that the breach was simple access into the system rather than acquisition of the precious keys themselves.
Someone with superior knowledge of these things, kindly explain.
* A breach to internal database level would, in the majority of systems mean the attacker already has all the keys to use the database system
* A database cannot perform a lot of its functionality (e.g. JOINs) without access to the data & if the encryption keys were usable at the database level to perform such functionality it would make the encryption redundant.
A working 'encrypted database' system would likely need to use Hardware Security Modules (HSMs) to prevent key exfiltration, you would distribute these to people who need to use the database, who would need to decrypt it in mostly its entirety to use it.
It's possible by reworking entirely how modern databases work (fully homomorphic encryption is probably useful here) you could create a system where the database doesn't have to already be fully decrypted for you to use it, but as far as I know it doesn't exist (startup idea?).
There is a type of encryption called "homomorphic" which could allow you to perform operations on encrypted information. I haven't ever tried to implement it and consider it one of those seductive ideas that probably can't get implemented correctly in practice. But if there was a way to deliver an entire encrypted database and still make it useful, homomorphic encryption is the only way I am aware of that would make it work.
Of course many DBs need to search by name, but maybe it can be set up to search by a hash of name? Hashes seem a bit simpler than homomorphic search.
If this had been a land incursion, and the public Army had been the responding department, there'd be no question, and we'd have pictures of tanks and AK-47s on the front page of every newspaper. Congress would be discussing nothing else.
However, it's the spies, and FBI wannabe-spies that are probably handling this. The proof is not as obvious as a tank in North Dakota, but I suspect that there's is enough evidence and forensics to prove to the NSA and their ilk who did it and how.
But a spy's natural instinct is to hide the fact that they know something. It's a card up the sleeve, and their concern is more about being able to continue to spy than to stop a currently ongoing crime.
But the US does have cyberwarfare policies. As part of a deterrence strategy the US strikes back when it can attribute attacks to a specific party. You may also remember the recent Executive Order from the Obama Administration whereby a series of policies were joined so that the US is organized to levy sanctions against governments, actors and corporations overseas that are involved in sponsoring intrusions into US networks.
The backdooring and lack of encryption in software is because the US is still a primary exporter of technology and we want to be able to continue to hack, surveil, message and control those who get US technology. US FedRAMP and other compliance minimums insist on the use of properly configured encryption in private industry to protect government information and cyber sharing programs enable both the sharing of data between private and public sectors for surveillance and for the detection and analysis of foreign cyber attacks. The US government has state of the art encryption (for the most part) and some of the most heavily monitored perimeters.
None of this is enough to stop cyberattacks, which have all of the advantages in their favor.
So while I'm inclined to agree with you that the US should stop mandating backdoors and weak encryption I don't think its a fair characterization to suggest this anything to do with why the US was breached.
China and the US are battling each other in several arenas of influence, as are Russia and the US. In this case the US is trying to stop Russia and China's global and regional power projection and these countries do not accept the US world order and their current place in it.
Conflict is inevitable. It will be interesting to read the history books to see what gets written about the role of the information warfare space and what role it plays in whatever outcome we get.
Booh.
Reading the wiki page on "Cyberwarfare" there are sections on each country, like "Cyberwarfare in Germany", "Cyberwarfare in India" etc.
Both the "Cyberwarfare in USA" and Cyberwarfare in China" are about Chinese attacks on the US...
Bruce Schneier's latest book 'Data and Goliath' examines the implications of mass surveillance in a calm, levelheaded manner. He also outlines detailed, and realistic, solutions that recognize the benefits of data- mining and covert surveillance while reining in the excessively secret bulk data collection practices of state intelligence agencies and the bulk data-mining practiced by corporations like Google and Facebook.
It would be nice if there was some place where we could see the scoreboard to know how effective and how often we hack the Chinese back. Right now it looks like our tax dollars are being spent getting hacked, but the US government has doubled down many times on offensive cyberwar capabilities and now have professional cybersoldier career tracks in the DoD.
What's the assessment?
There's also a language and media bubble that filters out information and criticisms of the United States. These bi- and multi-lateral criticisms happen all the time but rarely are subject of US media reporting.
http://www.washingtonpost.com/world/national-security/us-spy...
I'd imagine it gets higher each year.
http://mashable.com/2015/06/04/data-breach-hack/
http://www.washingtonpost.com/world/national-security/chines...
However with appropriate signals intelligence, sources of attacks can be determined.
We don't know that China was really behind these attacks, but the US has a pretty good track record at attestation so far.
I am shocked. Shocked, I tell you.
"Hey I just found a usb pen on the floor. I wonder what it's inside it..."
"breach could potentially affect every federal agency, officials said"
I love HN's ability to filter news that matters to dev/tech-professionals, but when stuff like this pops up it should be top 10, for at _least_ a few hours. This is some serious shit. Who here does business with government agencies? Most of you have IRS Tax/Employer IDs... with the rate that this is "expanding" what is to say that it wasn't just HR records, but more. Your e-filed IRS return could be sitting with folks outside of the IRS...
No intention to fear monger but think of the statement "breach could potentially affect every federal agency" - every business in the US does something, with sensitive data, with an agency :/
If anything China just did the OPM a favour to help them keep their freedom.
https://www.whitehouse.gov/sites/default/files/omb/assets/eg...
No, that breach[1] was a couple of years ago.
1: http://www.nextgov.com/cybersecurity/2014/12/opm-alerts-feds...
I didn't realize it was Thursday again already.
