March 1, 2015

avatar

A clear line between offense and defense

The New York Times, in an editorial today entitled “Arms Control for a Cyberage“, writes,

The problem is that unlike conventional weapons, with cyberweapons “there’s no clear line between offense and defense,” as President Obama noted this month in an interview with Re/code, a technology news publication. Defense in cyberwarfare consists of pre-emptively locating the enemy’s weakness, which means getting into its networks.

This is simply wrong.
[Read more...]

avatar

We can de-anonymize programmers from coding style. What are the implications?

In a recent post, I talked about our paper showing how to identify anonymous programmers from their coding styles. We used a combination of lexical features (e.g., variable name choices), layout features (e.g., spacing), and syntactic features (i.e., grammatical structure of source code) to represent programmers’ coding styles. The previous post focused on the overall results and techniques we used. Today I’ll talk about applications and explain how source code authorship attribution can be used in software forensics, plagiarism detection, copyright or copyleft investigations, and other domains.

[Read more...]

avatar

Lenovo Pays For Careless Product Decisions

The discovery last week that Lenovo laptops had been shipping with preinstalled adware that left users wide open to security exploitation triggered a lot of righteous anger in the tech community. David Auerbach at Slate wrote that Lenovo had “betrayed its customers and sold out their security”. Whenever a big company does something so monumentally foolish, it’s worth stepping back and asking how this could have happened.
[Read more...]

avatar

In Partial Defense of the Seahawks’ Play Calling

The conventional wisdom about last night’s Super Bowl is that the Seahawks made a game-losing mistake by running a passing play from the Patriots’ one yard line in the closing seconds. Some are calling it the worst Super Bowl play call ever.

I disagree. I won’t claim it was the right call, but I do think it was reasonable. Let me explain why.

To analyze the decision we have to put ourselves in the shoes of the Seahawks’ coaches at the time. They did not know that an opposing defender would make a spectacular interception. They knew that was possible—and needed to take it into account—but a fair analysis of the decision can’t use the hindsight knowledge we have now.

With that established, let’s make a simple model of the Seahawks’ strategic choices. They needed a touchdown to win. It was second down, so they could run three plays. The clock was running down, so let’s assume that if they run two running plays, the clock will expire before they can get a third play off; but an incomplete pass on the first or second play will stop the clock and give them time to run a third play. There are three play sequences they can use: run-run, pass-run-run, run-pass-run. (Passing more than once is bad strategy.)

Suppose that a run play with Marshawn Lynch scores 85% of the time, and gets stuffed at the line 15% of the time. If you run twice, there is a 2.25% chance you’ll get stuffed twice, so you win the game with 97.75% probability.

Suppose that passing on second down has these results: score: 50%, incomplete: 49%, interception: 1%. So if you call the pass-run-run sequence, the game outcome probabilities are: score: 97.90%, stopped short: 1.10%, interception: 1%. The odds of winning are a tiny bit better than if you just ran twice.

It’s counterintuitive that passing might be the right choice even though a running play is more likely to score. The reason it comes out this way is that you’re not passing instead of running, you’re passing because passing gets you an extra play and you can still try to run twice, absent a spectacular interception play by the opponent.

Now you can quibble with these probability estimates; and you can argue that the Seahawks might have had time to do three run plays. Change these assumptions, and the strategic calculations are different. But the argument so far should establish that the Seahawks weren’t crazy to pass.

The real kicker comes, though, when we consider the remaining option of run-pass-run. If the outcomes of a pass are still 50/49/1 on third down, then run-pass-run is a clear winner. But maybe a pass comes as less of a surprise on third down, so the outcomes of a pass might be worse. Even so, run-pass-run turns out to be the best strategy. For example, if the outcomes of a third-down pass are score: 25%, incomplete: 73%, interception: 2%, the run-pass-run strategy still scores 98.06% of the time, which is better than either of the other options.

The conclusion that run-pass-run is the best sequence is fairly robust against changes in the probability assumptions. If it’s wrong, it’s probably because of the assumption that run-run-run isn’t an option.

The Seahawks’ decision to pass on second down wasn’t crazy, but a better choice would have been to pass on third down. Announcers who said “just run twice” were giving bad advice. The Seahawks didn’t make a terrible play call; they made a reasonable choice but were defeated by a great defensive play.

avatar

Nine awesome Bitcoin projects at Princeton

As promised, here are the final project presentations from the Bitcoin and cryptocurrency technologies class I taught at Princeton. I encouraged students to build something real, rather than toy class projects, and they delivered. I hope you’ll find these presentations interesting and educational, and that you build on the work presented here (I’ve linked to the projects on GitHub if the code is available).

If you haven’t already, you should sign up for the online version of this class we’re teaching starting in a couple of weeks. The class will prepare you to do projects just like these.

[Read more...]

avatar

Android WebView security and the mobile advertising marketplace

Freedom to Tinker readers are probably aware of the current controversy over Google’s handling of ongoing security vulnerabilities in its Android WebView component. What sounds at first like a routine security problem turns out to have some deep challenges.  Let’s start by filling in some background and build up to the big problem they’re not talking about: Android advertising.
[Read more...]

avatar

Sign up now for the Bitcoin and cryptocurrency technologies online course

At Princeton I taught a course on Bitcoin and cryptocurrency technologies during the semester that just ended. Joe Bonneau unofficially co-taught it with me. Based on student feedback and what we accomplished in the course, it was extremely successful. Next week I’ll post videos of all the final project presentations.

The course was based on a series of video lectures. We’re now offering these lectures free to the public, online, together with homeworks, programming assignments, and a textbook. We’ve heard from computer science students at various institutions as well as the Bitcoin community about the need for structured educational materials, and we’re excited to fill this need.

We’re using Piazza as our platform. Here’s the course page. To sign up, please fill out this (very short) form.

The first several book chapters are already available. The course starts February 16, and we’ll start making the videos available closer to that date (you’ll need to sign up to watch the videos). Each week there will be a Google hangout with that week’s lecturer. We’ll also answer questions on Piazza.

[Read more...]

avatar

Anonymous programmers can be identified by analyzing coding style

Every programmer learns to code in a unique way which results in distinguishing “fingerprints” in coding style. These fingerprints can be used to compare the source code of known programmers with an anonymous piece of source code to find out which one of the known programmers authored the anonymous code. This method can aid in finding malware programmers or detecting cases of plagiarism. In a recent paper, we studied this question, which we call source-code authorship attribution. We introduced a principled method with a robust feature set and achieved a breakthrough in accuracy.

[Read more...]

avatar

Shaping Wi-Fi’s future: the wireless-mobile convergence

According to recent news, Comcast is being sued because it is taking advantage of users’ resources to build up its own nationwide Wi-Fi network. Since mid-2013 the company has been updating consumers’ routers by installing new firmware that makes the router partially devoted to the “home-user” network and partially devoted to the “mobile-user” network (a Comcast service named Xfinity WiFi). In fact, the same network infrastructure offers two different kinds of connection: the first one covers a comparatively restricted (local) area and stays under the relative control of the private end-user; the second kind of connection is “shared” between Comcast customers and covers a wider area, compatible with the range of national mobile carriers. In other words: the last mile of data transmission is being made mostly by a group of home based routers (or access points) that offers two different Internet connection services, the local “private” network and the metropolitan “shared” network.

[Read more...]

avatar

Verizon’s tracking header: Can they do better?

Verizon’s practice of injecting a unique ID into the HTTP headers of traffic originating on their wireless network has alarmed privacy advocates and researchers. Jonathan Mayer detailed how this header is already being used by third-parties to create zombie cookies. In this post, I summarize just how much information Verizon collects and shares under their marketing programs. I’ll show how the implementation of the header makes previous tracking methods trivial and explore the possibility of a more secure design.

[Read more...]