January 22, 2025

Posts Comments

New $2B Dutch Transport Card is Insecure

January 21, 2008 by

The new Dutch transit card system, on which $2 billion has been spent, was recently shown by researchers to be insecure. Three attacks have been announced by separate research groups. Let’s look at what went wrong and why.

The system, known as OV-chipkaart, uses contactless smart cards, a technology that allows small digital cards to communicate by radio over short distances (i.e. centimeters or inches) with reader devices. Riders would carry either a disposable paper card or a more permanent plastic card. Riders would “charge up” a card by making a payment, and the card would keep track of the remaining balance. The card would be swiped past the turnstile on entry and exit from the transport system, where a reader device would authenticate the card and cause the card to deduct the proper fare for each ride.

The disposable and plastic cards use different technologies. The disposable card, called Mifare Ultralight, is small, light, and inexpensive. The reusable plastic card, Mifare Classic, uses more sophisticated technologies.

The first attack, published in July 2007, came from Pieter Sieckerman and Maurits van der Schee of the University of Amsterdam, who found vulnerabilities in the Ultralight system. Their main attacks manipulated Ultralight cards, for example by “rewinding” a card to a previous state so it could be re-used. These attacks looked fixable by changing the system’s software, and Sieckerman and van der Schee described the necessary fixes. But it was also evident that a cleverly constructed counterfeit Ultralight card would be able to defeat the system in a manner that would be very difficult to defense.

The fundamental security problem with the disposable Ultralight card is that it doesn’t use cryptography, so the card cannot keep any secrets from an attacker. An attacker who can read a card (e.g., by using standard equipment to emulate a card reader) can know exactly what information is stored on the card, and therefore can make another device that will behave identically to the card. Except, of course, that the attacker’s device can always return itself to the “fully funded” state. Roel Verdult of Raboud University implemented this “cloning” attack and demonstrated it on Dutch television, leading to the recent uproar.

The plastic Mifare Classic card does use cryptography: legitimate cards contain secret keys that they use to authenticate themselves to readers. So attackers cannot straightforwardly clone a card. Mifare Classic was designed to use a secret encryption algorithm.

Karsten Nohl, “Starbug,” and Henryk Plötz announced an attack that involved opening up a Mifare Classic card and capturing a high-resolution image of the circuitry, which they then used to reverse-engineer the cryptographic algorithm. They didn’t publish the algorithm, but their work shows that a real attacker could get the algorithm too.

Unmasking of the algorithm should have been no problem, had the system been engineered well. Kerckhoffs’s Principle, one of the bedrock maxims of cryptography, says that security should never rely on keeping an algorithm secret. It’s okay to have a secret key, if the key is randomly chosen and can be changed when needed, but you should never bank on an algorithm remaining secret.

Unfortunately the designers of Mifare Classic did not follow this principle. Instead, they chose to combine a secret algorithm with a relatively short 48-bit key. This is a problem because once you know the algorithm it’s possible for an attacker to search the entire 48-bit key space, and therefore to forge cards, in a matter or days or weeks. With 48 key bits, there are only about 280 trillion possible keys, which sounds like a lot to the person on the street but isn’t much of a barrier to today’s computers.

Now the Dutch authorities have a mess on their hands. About $2 billion have been invested in this project, but serious fraud seems likely if it is deployed as designed. This kind of disaster would have been less likely had the design process been more open. Secrecy was not only an engineering mistake (violating Kerckhoffs’s Principle) but also a policy mistake, as it allowed the project to get so far along before independent analysts had a chance to critique it. A more open process, like the one the U.S. government used in choosing the Advanced Encryption Standard (AES) would have been safer. Governments seem to have a hard time understanding that openness can make you more secure.

Filed Under: Uncategorized Tagged With:

Could Use-Based Broadband Pricing Help the Net Neutrality Debate?

January 17, 2008 by

Yesterday, thanks to a leaked memo, it came to light that Time Warner Cable intends to try out use-based broadband pricing on a few of its customers. It looks like the plan is for several tiers of use, with the heaviest users possibly paying overage charges on a per-byte basis. In confirming its plans to Reuters, Time Warner pointed out that its heaviest-using five percent of customers generate the majority of data traffic on the network, but still pay as though they were typical users. Under the new proposal, pricing would be based on the total amount of data transferred, rather than the peak throughput on a connection.

If the current, flattened pricing is based on what the connection is worth to a typical customer, who makes only limited use of the connection, then the heaviest five percent of users (let’s call them super-users as shorthand) are reaping a surplus. Bandwidth use might be highly elastic with respect to price, but I think it is also true that the super users do reap a great deal more benefit from their broadband connections than other users do – think of those who pioneer video consumption online, for example.

What happens when network operators fail to see this surplus? They have marginally less incentive to build out the network and drive down the unit cost of data transfer. If the pricing model changed so that network providers’ revenue remained the same in total but was based directly on how much the network is used, then the price would go down for the lightest users and up for the heaviest. If a tiered structure left prices the same for most users and raised them on the heaviest, operators’ total revenue would go up. In either case, networks would have an incentive to encourage innovative, high-bandwidth uses of their networks – regardless of what kind of use that is.

Gigi Sohn of Public Knowledge has come out in favor of Time Warner’s move on these and other grounds. It’s important to acknowledge that network operators still have familiar, monopolistic reasons to intervene against traffic that competes with phone service or cable. But under the current pricing structure, they’ve had a relatively strong argument to discriminate in favor of the traffic they can monetize, and against the traffic they can’t. By allowing them to monetize all traffic, a shift to use based pricing would weaken one of the most persuasive reasons network operators have to oppose net neutrality.

Filed Under: Broadband Tagged With: , , ,

Clinton's Digital Policy

January 14, 2008 by

This is the second in our promised series summing up where the 2008 presidential candidates stand on digital technology issues. (See our first post, about Obama). This time,we’ll take a look at Hillary Clinton

Hillary has a platform plank on innovation. Much of it will be welcome news to the research community: She wants to up funding for basic research, and increase the number and size of NSF fellowships for graduate students in the sciences. Beyond urging more spending (which is, arguably, all too easy at this point in the process) she indicates her priorities by urging two shifts in how science funds are allocated. First, relative to their current slice of the federal research funding pie, she wants a disproportionate amount of the increase in funding to go the physical sciences and engineering. Second, she wants to “require that federal research agencies set aside at least 8% of their research budgets for discretionary funding of high-risk research.” Where the 8% figure comes from, and which research would count as “high risk,” I don’t know. Readers, can you help?

As far as specifically digital policy questions, she highlights just one: broadband. She supports “tax incentives to encourage broadband deployment in underserved areas,” as well as providing “financial support” for state, local, and municipal broadband initiatives. Government mandates designed to help the communications infrastructure of rural America keep pace with the rest of the country are an old theme, familiar in the telephone context as universal service requirements. That program taxes the telecommunications industry’s commercial activity, and uses the proceeds to fund deployment in areas where profit-seeking actors haven’t seen fit to expand. It’s politically popular in part because it serves the interests of less-populous states, which enjoy disproportionate importance in presidential politics.

On the larger question of subsidizing broadband deployment everywhere, the Clinton position outlined above strikes me, at its admittedly high level of vagueness, as being roughly on target. I’m politically rooted in the laissez-faire, free-market right, which tends to place a heavy burden of justification on government interventions in markets. In its strongest and most brittle form, the free-market creed can verge on naturalistic fallacy: For any proposed government program, the objection can be raised, “if that were really such a good idea, a private enterprise would be doing it already, and turning a profit.” It’s an argument that applies against government interventions as such, and that has often been used to oppose broadband subsidies. Broadband is attractive and valuable, and people like to buy it, the reasoning goes–so there’s no need to bother with tax-and-spend supports.

The more nuanced truth, acknowledged by thoughtful participants all across the debate, is that subsidies can be justified if but only if the market is failing in some way. In this case, the failure would be a positive externality: adding one more customer to the broadband Internet conveys benefits to so many different parties that network operators can’t possibly hope to collect payment from all of them.

The act of plugging someone in creates a new customer for online merchants, a present and future candidate for employment by a wide range of far-flung employers, a better-informed and more critical citizen, and a happier, better-entertained individual. To the extent that each of these benefits is enjoyed by the customer, they will come across as willingness to pay a higher price for broadband service. But to the extent that other parties derive these benefits, the added value that would be created by the broadband sale will not express itself as a heightened willingness to pay, on the part of the customer. If there were no friction at all, and perfect foreknowledge of consumer behavior, it’s a good bet that Amazon, for example, would be willing to chip in on individual broadband subscriptions of those who might not otherwise get connected but who, if they do connect, will become profitable Amazon customers. As things are, the cost of figuring out which third parties will benefit from which additional broadband connection is prohibitive; it may not even be possible to find this information ahead of time at any price because human behavior is too hard to predict.

That means there’s some amount of added benefit from broadband that is not captured on the private market – the price charged to broadband customers is higher than would be economically optimal. Policymakers, by intervening to put downward pressure on the price of broadband, could lead us into a world where the myriad potential benefits of digital technology come at us stronger and sooner than they otherwise might. Of course, they might also make a mess of things in any of a number of ways. But at least in principle, a broadband subsidy could and should be done well.

One other note on Hillary: Appearing on Meet the Press yesterday (transcript here), she weighed in on Internet-enabled transparency. It came up tangentially, when Tim Russert asked her to promise she wouldn’t repeat her husband’s surprise decision to pardon political allies over the objection of the Justice Department. The pardon process, Hillary maintained, should be made more transparent–and, she went on to say:

I want to have a much more transparent government, and I think we now have the tools to make that happen. You know, I said the other night at an event in New Hampshire, I want to have as much information about the way our government operates on the Internet so the people who pay for it, the taxpayers of America, can see that. I want to be sure that, you know, we actually have like agency blogs. I want people in all the government agencies to be communicating with people, you know, because for me, we’re now in an era–which didn’t exist before–where you can have instant access to information, and I want to see my government be more transparent.

This seems strongly redolent of the transparency thrust in Obama’s platform. If nothing else, it suggests that his focus on the issue may be helping pull the field into more explicit, more concrete support for the Internet as a tool of government transparency. Assuming that either Obama or Clinton becomes the nominee, November will offer at least one major-party presidential candidate who is on record supporting specific new uses of the Internet as a transparency tool.

Filed Under: Uncategorized Tagged With: , ,

Second Life Welcomes Bank Regulators

January 11, 2008 by

Linden Lab, the company that runs the popular virtual world Second Life, announced Tuesday that all in-world “banks” must now be registered with real-world banking regulators:

As of January 22, 2008, it will be prohibited to offer interest or any direct return on an investment (whether in L$ or other currency) from any object, such as an ATM, located in Second Life, without proof of an applicable government registration statement or financial institution charter. We’re implementing this policy after reviewing Resident complaints, banking activities, and the law, and we’re doing it to protect our Residents and the integrity of our economy.

This is a significant step. Thus far Second Life, like other virtual worlds, has tried to avoid entanglement with heavyweight real-world regulatory agencies. Now they are welcoming banking regulation. The reason is simple: unregulated “banks” were out of control.

Since the collapse of Ginko Financial in August 2007, Linden Lab has received complaints about several in-world “banks” defaulting on their promises. These banks often promise unusually high rates of L$ return, reaching 20, 40, or even 60 percent annualized.

Usually, we don’t step in the middle of Resident-to-Resident conduct – letting Residents decide how to act, live, or play in Second Life.

But these “banks” have brought unique and substantial risks to Second Life, and we feel it’s our duty to step in. Offering unsustainably high interest rates, they are in most cases doomed to collapse – leaving upset “depositors” with nothing to show for their investments. As these activities grow, they become more likely to lead to destabilization of the virtual economy. At least as important, the legal and regulatory framework of these non-chartered, unregistered banks is unclear, i.e., what their duties are when they offer “interest” or “investments.”

This was inevitable, given the ever-growing connections between the virtual economy of Second Life and the real-world economy. In-world Linden Dollars are exchangeable for real-world dollars, so financial crime in Second Life can make you rich in the real world. Linden doesn’t have the processes in place to license “banks” or investigate problems. Nor does it have the enforcement muscle to put bad guys in jail.

Expect this trend to continue. As virtual world “games” are played for higher and higher stakes, the regulatory power of national governments will look more and more necessary.

Filed Under: Uncategorized Tagged With: , ,

Scoble/Facebook Incident: It's Not About Data Ownership

January 8, 2008 by

Last week Facebook canceled, and then reinstated, Robert Scoble’s account because he was using an automated script to export information about his Facebook friends to another service. The incident triggered a vigorous debate about who was in the right. Should Scoble be allowed to export this data from Facebook in the way he did? Should Facebook be allowed to control how the data is presented and used? What about the interests of Scoble’s friends?

An interesting meme kept popping up in this debate: the idea that somebody owns the data. Kara Swisher says the data belong to Scoble:

Thus, [Facebook] has zero interest in allowing people to escape easily if they want to, even though THE INFORMATION ON FACEBOOK IS THEIRS AND NOT FACEBOOK’S.

Sorry for the caps, but I wanted to be as clear as I could: All that information on Facebook is Robert Scoble’s. So, he should–even if he agreed to give away his rights to move it to use the service in the first place (he had no other choice if he wanted to join)–be allowed to move it wherever he wants.

Nick Carr disagrees, saying the data belong to Scoble’s friends:

Now, if you happen to be one of those “friends,” would you think of your name, email address, and birthday as being “Scoble’s data” or as being “my data.” If you’re smart, you’ll think of it as being “my data,” and you’ll be very nervous about the ability of someone to easily suck it out of Facebook’s database and move it into another database without your knowledge or permission. After all, if someone has your name, email address, and birthday, they pretty much have your identity – not just your online identity, but your real-world identity.

Scott Karp asks whether “Facebook actually own your data because you agreed to that ownership in the Terms of Service.” And Louis Gray titles his post “The Data Ownership Wars Are Heating Up”.

Where did we get this idea that facts about the world must be owned by somebody? Stop and consider that question for a minute, and you’ll see that ownership is a lousy way to think about this issue. In fact, much of the confusion we see stems from the unexamined assumption that the facts in question are owned.

It’s worth noting, too, that even today’s expansive intellectual property regimes don’t apply to the data at issue here. Facts aren’t copyrightable; there’s no trade secret here; and this information is outside the subject matter of patents and trademarks.

Once we give up the idea that the fact of Robert Scoble’s friendship with (say) Lee Aase, or the fact that that friendship has been memorialized on Facebook, has to be somebody’s exclusive property, we can see things more clearly. Scoble and Aase both have an interest in the facts of their Facebook-friendship and their real friendship (if any). Facebook has an interest in how its computer systems are used, but Scoble and Aase also have an interest in being able to access Facebook’s systems. Even you and I have an interest here, though probably not so strong as the others, in knowing whether Scoble and Aase are Facebook-friends.

How can all of these interests best be balanced in principle? What rights do Scoble, Aase, and Facebook have under existing law? What should public policy says about data access? All of these are difficult questions whose answers we should debate. Declaring these facts to be property doesn’t resolve the debate – all it does is rule out solutions that might turn out to be the best.

Filed Under: Uncategorized Tagged With: , , , ,