Bruce Schneier's blog commented recently on Teaching Risk Analysis in School. He linked to a London Times article on teaching risk. Actually, the article was more about teaching probability and statistics as a way to understand risk, which isn't exactly the same thing as what we call risk analysis these days. In practice, risk analysis is a qualitative process in which we apply numerical estimates to risk factors. If you look at even the most applied statistics work, you find very little that's truly qualitative, except perhaps in the choice of survey questions, if you're doing a survey.
I've been trying to teach risk analysis to undergraduates. It is a very tricky topic. Some risk elements fit into a formal mathematical model, but others don't. Instead of ejecting the misfitting elements from the model, typical risk analyses incorporate estimates that try to match the structure and behavior of the formal elements. While it's important in some fields (like security) to understand and apply this technique, there's no way to prove the correctness of this type of model. It is, ultimately, an opinion.
I've been trying to get these two to play nicely together for a while, and it looks as if Will Norris may have finally slain this here dragon. Will is the principal author of the Wordpress OpenID plugin.
In an ideal world, people never, ever disclose passwords on unprotected Internet connections. In general this means the server has to provide SSL support. However, you can sort of sidestep the problem by using OpenID. It's not perfect, but it addresses that particular vulnerability. (Revised 1/28)
In a recent Security Fix, Brian Krebs looks at cyber criminal communities that are centered in Eastern Europe. A fundamental feature is that these communities discourage attacks on their own community. For example, a site that trades in stolen credit information refuses to use data from the Commonwealth of Independent States (CIS, the former Soviet empire).
While Krebs' article points out that such attitudes don't really prevent attacks on CIS citizens, it is interesting that the criminal community sees it that way. Krebs suspects it's because local law enforcement is more tolerant. I also suspect local citizens are more tolerant. No doubt it looks clever and respectable to fleece people on the other side of the planet using modern technology.
Marc Ambinder of the Atlantic recently blogged about alternative Blackberries that President Obama may carry. Some people might wonder why this is such a big deal. Ambinder notes that "Government Blackberries" can handle classified information "up to Secret" but that you need a Sectera Edge from General Dynamics to do anything (voice only) at Top Secret.
Words of the President are obviously valuable, whether voice or text. Even if we ignore spies, think about the interest they carry for news reporters, government contractors, political operatives, and other presumed patriots. So, to start with, we have to ensure that the President's words are only released when he decides to do so.
The government has established several strategies for protecting information assets. While we don't necessarily know what they're doing in the White House, we can make some educated guesses. The problems, and solutions, revolve around multilevel security, also called MLS.
I had the misfortune recently to upload an article sold through the British Library ("British Library Direct"), as background for another post. The British library charges 5 pounds for copyright permission and another few pounds for "shipping and handling," which consists of posting a link to a copy protected document, and e-mailing me the link. The document is provided in a copy protected format that is readable using Adobe Digital Editions. Features of the document suggest that we can blame the low quality on Adobe, though it could be the British Library's fault.
The quality of the resulting document is an insult to the history of publishing. I can print razor sharp, high resolution documents on my printers. The displayed - and printed - document from the British Library is on par with 20th century mimeograph technology. The underlying software allows me to make exactly one printed copy, but the copy is almost too blurry to read. And this cost me US $20!
I managed to chase down a copy of Prof Kenneth Newport's paper, 'Charles Wesley, 'Warts and All'" which talks about the "encrypted" portions of Charles Wesley's journal. This is part of my search for pre-computer examples of encrypted documents, which seem rare, as opposed to encrypted messages, which seem relatively common.
From a cryptographic and security standpoint, I'd say that Wesley's journals were obfuscated and not encrypted. Wesley used a form of shorthand that, though personalized to some degree, was taught to students of Oxford and Cambridge. It is also reported that his own brother used the same sort of shorthand. Thus, Wesley's diary entries may have been unreadable by most of the literate public, but readable by the relative handful of university graduates who had learned that writing method.
I've been reviewing histories of cryptography recently and here's an interesting thing about pre-computer encryption: it's almost entirely used for communications security. People encrypted messages, but they rarely encrypted documents.
I've finally found a few real-world cases: encrypted diaries. BBC actually did a short segment on them last summer. But I'm still looking - there must be other cases where someone needed to keep some long-term data secret from prying eyes.