December 29, 2024

Archives for 2003

NRC Report on Authentication Technology and Privacy

The authoritative National Research Council has issued an important new report entitled “Who Goes There?: Authentication Through the Lens of Privacy.” Like all NRC reports, this is an in-depth document reflecting the consensus of an impressive panel of experts.

Often people think of authorization (that is, ensuring that only authorized people get access to a resource) is antithetical to privacy, but this need not be true. One of the report’s findings is this:

Authorization does not always require individual authentication or identification, but mosts existing authorization systems perform one of these functions anyway. Similarly, a requirement for authentication does not always imply that accountability is needed, but many authentication systems generate and store information as though it were.

There are many ways to use authentication in designing systems, and a careful design can reduce the privacy cost that must be paid to achieve a given level of security. There is not a single “knob” that we can turn to trade off security against privacy, but a complex landscape in which we can hope to get more of both, if we choose wisely.

More on ARDG and the Press

I wrote yesterday about the ARDG’s policy, banning the press from the otherwise open ARDG meetings. Apparently the official rationale for this is that some companies refuse to allow the people who represent them at ARDG meetings to speak to the press.

I have to admit that I find these companies’ policies hard to understand. A company trusts somebody to speak on its behalf in a public forum, where many of the company’s competitors and customers are present, and where everybody is welcome to take notes. And yet somehow it is too dangerous to let that employee say the same things if a reporter is also present.

In my experience, companies that allow their best engineers to speak in public get more respect than ones that don’t. I can understand the desire to manage a company’s image, but reporters and the public have gotten pretty good at separating vacuous marketing-speak from substantive discussion, and at ignoring the former. You’re not doing yourself any favors by blocking access to the people who can best articulate your technical vision.

Microsoft’s approach to the Berkeley DRM conference is a great example of the benefits of letting your engineers speak. This was a large conference with many reporters present. Microsoft sent several senior engineers, who gave substantive presentations and engaged in real debate. What they said was not spin-free, of course, but whether you agreed or disagreed with their arguments, you had to respect them for participating in the debate.

James Grimmelmann’s definitive account of the Berkeley DRM conference has this to say:

… the [Microsoft] people at the conference are among the straightest shooters …. Compared with the other industry flacks

Leaks From CERT's "Good Guys" List

Brian McWilliams at Wired News reports on the leakage of unreleased security alerts from the government-funded CERT coordination center. Three secret alerts sent to members of CERT’s “good guys” club (known as the Information Security Alliance, or ISA) were reposted onto the open “Full Disclosure” mailing list.

The person who did this may have violated a contractual agreement to keep the information secret. If so, the release can be condemned on that basis.

In any case, this incident teaches us some valuable lessons. First, the idea of releasing vulnerability information only to a large set of “good guys” doesn’t work in practice. What’s to stop a malicious person from joining the club? And remember, a serious bad guy wouldn’t release the information to the public but would exploit it himself, or release it only to his malicious friends.

Ironically, one of the secret alerts that was leaked was little more than an abstract of a paper published recently by Stanford University researchers. Given CERT’s non-profit, public-good mission, it’s hard to see why CERT did not release this report to the public, given that the information on which it was based had already been released (and even discussed on Slashdot).

It’s worth noting that, having set up a system where it is paid to deliver security secrets to the ISA membership, CERT has an economic incentive to manufacture secrets or to increase their perceived value to ISA members by withholding the secrets from the public for longer than necessary. I have no reason to accuse CERT of doing this systematically, but its handling of the Stanford paper does raise questions.

ARDG Bans the Press

Several groups, including the EFF, Consumers Union, DigitalConsumer, and PublicKnowledge, have sent a letter objecting to the Analog Reconversion Discussion Group (ARDG), objecting to ARDG’s policy of refusing journalists access to its “open” meetings.

Despite its confusing name, ARDG is an important process, reflecting the efforts of some to promote, and perhaps eventually to mandate, the use of technical restrictions to close the “analog hole” (i.e., to make it impossible to capture and copy non-digital media). ARDG’s no-press policy is not just theoretical – Drew Clark of the National Journal’s Tech Daily was actually ejected from an ARDG meeting.

ARDG allows note-taking, discussions with the press afterwards, and even web-posting of accounts of their meetings. They claim their process is open. And yet they insist on the no-press policy.

The policy is particularly hard to understand in today’s media world. Am I a member of the press? I publish commentary and/or news content to the public on most days, with a readership of a few thousand. By traditional standards I am a member of the press. If I tried to attend an ARDG meeting, would they kick me out too?

We're Back

We’re back on the air after roughly thirty-six hours of downtime. Apparently the server that brings you Freedom to Tinker (along with many unrelated sites hosted by the same web hosting provider) has had its hard drives impounded by the authorities as part of a cyberterrorism investigation. The last week or so of backup tapes were impounded too, so everything I had written since March 14 was apparently lost.

But thanks to the efforts of several readers (including Chris Smith, Joe Barillari, Eszter Hargittai, and Dave Provine), I have now recreated the missing postings, and everything should be back to normal.

UPDATE (March 24): On a related note, you may have noticed a glitch or two over the past few days as we moved to a new hosting provider. (You’re reading this on the new provider.)