Chad's News

Security through obscurity, while helpful, is not sufficient to reliably safeguard your secrets from a determined attacker. That may be changing, however, as the linked article describes a new type of computer code obfuscation that can’t be reverse engineered. This would allow encryption programs and keys to be obfuscated, producing a new type of reliable encryption that (I’m assuming) can’t be broken by quantum computers.

This all goes back to a fundamental problem with protecting your proprietary computer code: the computer that it’s running on has to be able to understand it. In the early ’80s when personal computers were still fairly new, there were a bunch of anti-copying schemes for commercial software that tried to make it impossible to copy the floppy disks. Most of them were easily circumvented by skilled hackers. I remember a peripheral device for hackers that, when you pushed a button, would create a copy of whatever was in memory. So even if you couldn’t duplicate the disk, you could make a copy of the program from memory and save that to a non-protected disk. It was a losing battle, and most companies eventually abandoned these types of copy protection schemes.

But that’s all changed. The new method described in the linked article uses “indistinguishability obfuscation” to create computer code that’s too complex to be reverse-engineered, yet when run on a computer will produce the proper results. This is accomplished by including elements that appear random and add complexity but are carefully chosen to cancel themselves out.

As with the popular public key encryption, this method of obfuscation is tied to a difficult math problem. From the article: “This obfuscation scheme is unbreakable, the team showed, provided that a certain newfangled problem about lattices is as hard to solve as the team thinks it is.”

Obfuscation is not yet completely proven, but it shows great promise. And if it stands up after further research then we’ll probably see it go mainstream for at least cryptography and perhaps more.

Link: https://www.simonsfoundation.org/…
(via Kim Komando)

From the linked article: “The researchers found that people who habitually surf the Internet for long periods at a time suffer higher incidence of ‘negative moods’ after they stopped surfing, leading to addiction-like urge to return to the Web to alleviate or lift the negative mental states. The researchers warned that surfing the Internet for long stretches of time can result in withdrawal symptoms similar to those that drug abusers experience.”

Link: http://www.digitaljournal.com/…

Using custom software and a computer cluster of 25 graphics cards, password-cracking expert Jeremi Gosney has created a system capable of guessing 350 billion Windows passwords per second. From the article, it takes 5½ hours to “brute force every possible eight-character [Windows] password containing upper- and lower-case letters, digits, and symbols.” This development reinforces the message of this xkcd comic, that long passwords are much harder to crack than shorter but more complicated ones. Note also that an easy way to create long but memorable passwords is to use a passphrase.

Link: http://arstechnica.com/…

I guess the best way to describe cliodynamics is to say that it applies statistical methods to human society and history, in an effort to find patterns that can be generalized to predict future trends and events. The difficult part is determining which factors should be considered, as human societal behavior doesn’t lend itself to straightforward analysis.

One very interesting result is two cycles of political unrest that have occurred throughout human history and can even explain the timing of the recent Egyptian uprising. The first cycle repeats about every 200-300 years and is the result of labor supply outstripping demand due to population growth. This forms a class of elites who end up fighting for power. The second cycle occurs about every 50 years, or approximately two generations. Here in the United States, we’re due for the next one sometime around 2020.

In his Foundation series, Isaac Asimov wrote about psychohistory, the science of predicting the behavior of human societies. Cliodynamics is a step in that direction.

Link: http://www.nature.com/…
(via Neatorama)

Researchers in California have developed sheets of piezoelectric viruses that, when pressure is applied, generate an electrical current. In one experiment, the viruses power a small LCD.

Link: http://arstechnica.com/…

Professor Kosuke Heki of Hokkaido University in Japan may have found a way to predict earthquakes. The upper atmosphere is disrupted by the long-wave sounds associated with an earthquake, and this disruption can be measured by changes in GPS signals. Professor Heki noticed, however, that the disruption begins about an hour before many earthquakes, thus providing the ability to predict them.

Link: http://www.bbc.co.uk/…
(via Kim Komando)

After a certain battle during the American Civil War, some soldiers discovered that their wounds were glowing in the dark. And these men were more likely to recover from their injuries. Modern researchers have concluded that the culprit was a bioluminescent bacteria named Photorhabdus luminescens. And one of the things that P. luminescens does is release a toxin that kills other, competing bacteria—thus acting as a primitive antibacterial.

Link: http://www.mentalfloss.com/…

So you’ve got something on your computer that you don’t want anyone else to see. To this effect, you’ve encrypted the hard drive. But then you’re put into a situation where an official requires that you unlock the computer so they can inspect the contents (this could happen at a border crossing, for example). That’s where Plausible Deniability comes into play. It’s a feature of TrueCrypt, where you have two hidden encrypted volumes on the same disk partition, and the password you enter determines which one you actually see. So you enter the decoy password, and it unlocks the decoy partition which contains no sensitive files. The other hidden partition appears to be empty space containing nothing but random data. Note that this probably won’t prevent a computer forensics expert from realizing that you have a hidden partition, but the casual observer will probably be fooled.

Link: http://www.truecrypt.org/…
(via TechRepublic)

Global warming has moved from the realm of science into that of politics. There appear to be two main issues of contention. First, is global warming actually happening? Second, if temperatures are rising, is humanity the cause (is it anthropogenic)? The first question seems to be debated less and less and was covered in a recent Chad’s News post. The second question has transformed into a matter of opinion, becoming dogmatic and removing itself somewhat from hard science. The linked article discusses a recent study that comes down on the side of anthropogenic global warming. One interesting note in the study’s simulation is that the release of aerosols has lessened the impact of global warming.

Here at Chad’s News we think that global warming is real and is probably anthropogenic, but we shrug our shoulders and say, “So what. Climate change happens and the world adapts.”

Link: http://arstechnica.com/…

This one’s got me stumped. If any Chad’s News reader knows the answer, please post it in the comments. Here’s the question:

Thanks to Josh for this topic.

Link: http://i.imgur.com/…

We’ve all seen it in The Matrix, where Neo is able to download fighting skills. Well now researchers have found that this is actually possible, in a limited sense. They were able to transfer a skill by using neurofeedback on an unskilled brain so that the brain activity matched that of the skilled person.

Thanks to O.Roy for this link.

Link #1: http://www.fellowgeek.com/…

Link #2: http://www.popsci.com/…

I’m amazed at the lengths that cryptography experts will go to in order to uncover weaknesses in a particular encryption scheme. (Chad’s News readers may recall this post where the hacker used acid and an electron microscope to reveal the circuitry of an encrypted microchip.) This time a vulnerability was found in OpenSSL, which is used by just about everyone. The researchers modified the power supply in such a way that it caused a one-bit error, and from that error they were able to obtain four bits of the 1024-bit secret key. They continued to produce the errors until they had enough data to piece together the entire key.

Taking note of the date of the linked article (March 2010), I’m guessing they’ve fixed this problem in OpenSSL. And while the method might work on other implementations, as well as on older hardware that still uses an unpatched version of OpenSSL, I don’t really see this as being an issue for the normal Chad’s News reader.

Thanks to Josh for this topic.

Link: http://www.theregister.co.uk/…
(via Engadget)