Friday, December 29, 2006

Canadian Ice Shelf Breaks Loose

A CNN story from AP reports that a 41-square-mile ice shelf broke free from Ellesmere Island in the course of an hour on August 13, 2005. Nobody was there to notice, but it was detected from satellite photos, and later found in seismographic records.

Warwick Vincent of Laval University, who studies Arctic conditions, traveled to the newly formed ice island and could not believe what he saw.

"This is a dramatic and disturbing event. It shows that we are losing remarkable features of the Canadian North that have been in place for many thousands of years. We are crossing climate thresholds, and these may signal the onset of accelerated change ahead," Vincent said Thursday.

In 10 years of working in the region he has never seen such a dramatic loss of sea ice, he said...

Scientists say it is the largest event of its kind in Canada in 30 years and point their fingers at climate change as a major contributing factor.

"It is consistent with climate change," Vincent said, adding that the remaining ice shelves are 90 percent smaller than when they were first discovered in 1906...

"What surprised us was how quickly it happened," Copland said. "It's pretty alarming.

"Even 10 years ago scientists assumed that when global warming changes occur that it would happen gradually so that perhaps we expected these ice shelves just to melt away quite slowly, but the big surprise is that for one they are going, but secondly that when they do go, they just go suddenly, it's all at once, in a span of an hour." ...

"Over the next few years this ice island could drift into populated shipping routes," Weir said. "There's significant oil and gas development in this region as well, so we'll have to keep monitoring its location over the next few years."



Wednesday, December 27, 2006

Accu Terror Forecast

Bruce Schneier calls it "security theater." Here's a projection of where we're heading. Worth watching.

Labels: , ,


Thursday, December 14, 2006

How to report a problem to Google?

I'm getting peculiar behavior on my Google homepage:
Where I expect the text for the radio buttons to be
"Search the Web" and
"Search English, German, and Norwegian pages"
I get instead
"Clear with periodic rain later" and
"Search English Rain, snow in the evening German Rain, snow in the evening Norwegian pages."

I naively thought that Google might be interested in this behavior. But a fairly extensive exploration of their Help and Contact Us subsites yields a great deal of material directed to the Google user, but no means at all of contacting them, via either email or a Web form.

So I post here, in the hope that some reader either knows how to communicate to Google, or knows someone in the relevant part of Google.

Edited 12/1/06 to add: I just noticed that the problem was fixed sometime in the last few hours. I'll probably never know whether some Googler noticed the problem on their home page, or whether someone got a bug report in to Google somehow.



More on the Denver election problems

An article by Todd Weiss in Computerworld discusses the problems with Denver's "e-poll book," implemented by the same company that developed their voting machines.

Poor software design, serious IT management inefficiencies and an untested deployment of a critical application were all major factors in last month's Election Day problems in Denver, according to a scathing report from an IT consultant. The problems led to hours-long delays for voters looking to cast ballots and raised questions about the overall efficacy of e-voting...

[I]t led to massive problems on Election Day due to "decidedly subprofessional architecture and construction," according to the report from consultants Fred Hessler and Matt Smith at Fujitsu Consulting in Greenwood Village, Colo. Fujitsu was hired by Denver shortly after the election to find out what went wrong and help to fix the problems. "The ePollBook is a poorly designed and fundamentally flawed application that demonstrates little familiarity with basic tenets of Web development," the report stated...

"Moreover, it appears that this application was never stress-tested by the DEC or Sequoia," other than using it in the spring primary as a test election, the report said. "It is at best naive to deploy enterprise software in an untested state. It is remarkably poor practice to deliberately choose a critical production event (the primary election) to serve as a test cycle." ...

The voting center delays -- with waits in some places of up to three hours -- forced an estimated 20,000 voters to abandon their efforts to vote on Election Day, according to the report.

You don't have to miscount the votes if they aren't even cast!

Labels: ,


A guide to grading exams

Daniel Solove has it down to a science.

If only we could decide elections with equal precision!

Labels: , ,


Wednesday, December 13, 2006

Third strike for Boeing privacy

A Wall Street Journal story reveals yet another privacy breach at Boeing. Apparently they still haven't learned that unencrypted information on laptops is vulnerable.
A Boeing Co. laptop containing the names and Social Security numbers of 382,000 workers and retirees has been stolen, putting the employees at risk for identity theft and credit-card fraud. The theft was the third such offense in the past 13 months.

"It's very disturbing to us when things like this happen, and there are certain steps you can take right away ... but we realize we need to go above and beyond those," said Tim Neale, a spokesman for Chicago-based Boeing.

The laptop was stolen earlier this month when an employee left it unattended, Mr. Neale said. He wouldn't reveal where the theft happened, but said no proprietary, customer or supplier data was on the computer. Files on the computer also contained home addresses, phone numbers and birth dates. Some of the files listed salary information.

The employees affected by the theft, who are mostly retirees, haven't yet been notified. Mr. Neale said the company is waiting until it has an infrastructure in place to handle the onslaught of questions it will likely receive.

A Boeing laptop containing information on roughly 160,000 current and former employees was stolen in November 2005. Then, in April, a laptop containing information on 3,600 employees and retirees was stolen...

Labels: ,


Tuesday, December 12, 2006

Phishing: It's getting worse

There hasn't been much news about phishing lately, but that's not because the problem is going away. Financial losses are in the billions of dollars annually and growing rapidly.

Phishing is doubling about every four months. The latest report from the Anti-Phishing Working Group indicates that in October 2006 there were 37,444 unique phishing URLs, a 757 percent increase over the 4,367 reported by the APWG in October 2005.

Phishers in the month of October also broke the previous record for the number of brands attacked in a single month with 176 being subjected to spoofing.

Again: Never, never, click on a link in email unless you are already expecting it from a source that you trust.

Labels: ,


Erosion of the Secret Ballot

Ed Felten has a thought-provoking blog post on the benefits, costs, and difficulties of ensuring "strong secrecy" of ballots while meeting other requirements, such as transparency, auditability, and ease of use.

Voting technology has changed greatly in recent years, leading to problems with accuracy and auditability. These are important, but another trend has gotten less attention: the gradual erosion of the secret ballot.

It’s useful to distinguish two separate conceptions of the secret ballot. Let’s define weak secrecy to mean that the voter has the option of keeping his ballot secret, and strong secrecy to mean that the voter is forced to keep his ballot secret. To put it another way, weak secrecy means the ballot is secret if the voter cooperates in maintaining its secrecy; strong secrecy means the ballot is secret even if the voter wants to reveal it.

The difference is important. No system can stop a voter from telling somebody how he voted. But strong secrecy prevents the voter from proving how he voted, whereas weak secrecy does not rule out such a proof. Strong secrecy therefore deters vote buying and coercion, by stopping a vote buyer from confirming that he is getting what he wants — a voter can take the payment, or pretend to knuckle under to the coercion, while still voting however he likes. With weak secrecy, the buyer or coercer can demand proof.

In theory, our electoral system is supposed to provide strong secrecy, as a corrective to an unfortunate history of vote buying and coercion. But in practice, our system provides only weak secrecy...

Read the whole thing.

Labels: ,


An answer to global warming?

An article by Keay Davidson in the San Francisco Chronicle suggests that man-made global warming isn't the only climate effect we need to worry about:
A regional nuclear war between Third World nations could trigger planetwide cooling that would likely ravage agriculture and kill millions of people, scientists reported Monday.

For many years, Western military scientists and strategists have assumed that the damage from small-scale regional nuclear wars would be limited to continents on which they occurred. Now, in a revamping of the "nuclear winter" debate of the 1980s, new and far more sophisticated computer models show that even these little nuclear wars could create global devastation.



Thursday, December 07, 2006

Iran to host conference on whether the world is round.

Iranian President Mahmud Ahmadinejad is hosting another conference, this one "to examine the scientific evidence supporting the Zionist hypothesis that the world is round."

Ahmadinejad already had called the voyages of Magellen and Drake myths and said that world maps should show the world as flat, "as revealed in the Holy Quran."

"There will be a conference that will research the topic of the shape of the world and all its dimensions in the future," according to a statement on the state-run Islamic Republic News Agency (IRNA).

The statement did not say when the meeting would take place or who would be involved but said it would be sponsored by Iran's Foreign Ministry and the Organization of the Islamic Conference "and in consultation with other countries to pursue this issue."



Tuesday, December 05, 2006

Better news: TGDC decides SI is good, after all

cnet post.
One day after a federal advisory committee rejected a proposal designed to usher in more stringent requirements for electronic voting machines, the same panel has changed course.

On the final day of a public meeting at the National Institute of Standards and Technology outside Washington D.C., the Technical Guidelines Development Committee, which advises the U.S. government on electronic voting machine standards, voted unanimously to begin drafting regulations that would require the "next generation" of voting systems to be "software independent."

Voting machines are considered to be "dependent" on software if an undetected bug or modification in their code can lead to an undetectable change in the election's outcome. Paperless touch-screen voting machines, also known as direct-record electronic machines, typically fall into that category.

Both the original and revised proposals were offered by Massachusetts Institute of Technology computer science and electrical engineering professor Ron Rivest, who serves as chairman of a subcommittee focused on voting machine security and transparency.

USACM. Other sources.

Labels: ,


Monday, December 04, 2006

NIST recommends paper ballots
But TGDC chooses to disregard it.

Friday's post was hopeful. The National Institute of Standards and Technology produced a clear, cogent, and technically well-grounded set of recommendations on voting technology.

But the news today is disheartening. The Technical Guidelines Development Committee that advises the U.S. Elections Assistance Commission has chosen not to accept this advice.

Other committee members said the proposal created new problems, including new requirements for local governments that have already spent their funding from the U.S. government to update election equipment.
Of course, they got into the situation of spending their funding on untrustworthy systems by ignoring the overwhelming preponderance of advice from technical experts for the last several years.

Funding (or could it be vested interests?) trumps accurate vote counting. :-(

See also these USACM posts: USACM Urges Feds ... and TGDC Meeting, Day One.

And a cnet story.

Labels: ,


A challenge for algorithm designers

This post inspired by one on Freedom to Tinker.

Every year the national collegiate football championship is a matter of much discussion and bitter dispute. The Bowl Championship Series invariably produces a title game that many vocal partisans object to, saying that it fails to match the top two teams in the country. And every year the formula for selecting the top two teams is modified in response to complaints about the results of the previous year's formula. (Talk about generals always preparing to fight the last war!)

Even if we assume that there is a single "best" college football team each year, determining objectively which team that is presents major problems. Especially in games between nearly equal teams, there is always a factor of chance, i.e., the best team does not always win ("but that's the way to bet"). So what is available is a limited number of not-guaranteed-accurate comparisons between teams ("the regular season") plus the opportunity to stage an even more limited number of chosen, but also not-guaranteed-accurate comparisons (the bowl games).

The challenge is to
  1. Define what it would mean to generate an optimal bowl schedule and an optimal post-bowl ranking of the top teams.
  2. Supply an algorithm that is either provably optimal, or provably within some small epsilon of optimum, to generate a schedule and a ranking.

Labels: ,


Friday, December 01, 2006

NIST recommends paper ballots

An article by Cameron W. Barr in the Washington Post reports on a draft report on the security of electronic voting from the National Institute of Standards and Technology. A key point is that the correctness of the count should not depend on the correctness of the software.
Paperless electronic voting machines used throughout the Washington region and much of the country "cannot be made secure," according to draft recommendations issued this week by a federal agency that advises the U.S. Election Assistance Commission.

The assessment by the National Institute of Standards and Technology, one of the government's premier research centers, is the most sweeping condemnation of such voting systems by a federal agency.

In a report hailed by critics of electronic voting, NIST said that voting systems should allow election officials to recount ballots independently from a voting machine's software. The recommendations endorse "optical-scan" systems in which voters mark paper ballots that are read by a computer and electronic systems that print a paper summary of each ballot, which voters review and elections officials save for recounts...

NIST says in its report that the lack of a paper trail for each vote "is one of the main reasons behind continued questions about voting system security and diminished public confidence in elections." The report repeats the contention of the computer security community that "a single programmer could 'rig' a major election." ...

NIST says that voting systems should not rely on a machine's software to provide a record of the votes cast.
From the draft report itself:

A voting system is software-independent if a previously undetected change or error in its software cannot cause an undetectable change or error in an election outcome. In other words, it can be positively determined whether the voting system’s (typically, electronic) CVRs are accurate as cast by the voter or in error. In SI voting systems that are readily available today, the determination can be made via the use of independent audits of the electronic counts or CVRs, and independent voter-verified paper records used as the audit trail...

A voting system is software-dependent if the correctness of the election results is dependent on the correctness of the software and on whatever assurances can be obtained that the software on the voting machine is in fact the software that is supposed to be there. It is, to a much greater extent, more vulnerable to undetected programming errors or malicious code.

The most obvious example of a software-dependent voting system is the DRE, which does not produce an independent voter-verified audit trail. Therefore, audits of its electronic records cannot be against any independent evidence of the voter’s intentions as cast and as a consequence, its electronic records cannot be audited independently. The accuracy of the electronic records has to be ascertained in some other way, which in this case would be by trusting that its software is correct and has remained error-free. Verifying that this is the case is so complex as to be infeasible; current testing methods could not guarantee this...

In its research for writing requirements for electronic voting systems, NIST has investigated a broad range of issues in electronic voting. NIST has held numerous teleconferences with the TGDC and with vendors and election officials. It has visited and inspected voting system testing laboratories. NIST has worked with experts in areas such as voting system security, auditing, reliability, testing, usability, and accessibility, and has looked to other areas of IT computing for input and ideas that would be useful in a voting context (one area, gaming and state lottery systems, has many interesting overlaps with voting system issues). Because NIST is primarily an engineering-based institution, it has taken pains to learn about the realities of elections. NIST voting-team staff have volunteered as poll workers and election judges, and have observed other elections and official canvassing and counting activities.

NIST has researched many issues and irregularities in elections and, as opposed to relying solely on the press and published articles, has gone directly to those election officials
involved. One conclusion drawn by NIST is that the lack of an independent audit capability in DRE voting systems is one of the main reasons behind continued questions about voting system security and diminished public confidence in elections. NIST does not know how to write testable requirements to make DREs secure, and NIST’s recommendation to the STS is that the DRE in practical terms cannot be made secure. Consequently, NIST and the STS recommend that VVSG 2007 should require voting systems to be of the SI “class,” whose readily available (albeit not always optimal) examples include op scan and DRE-VVPAT...

First, this paper repeats the definition of software-independence: A voting system is software-independent if an undetected change or error in its software cannot cause an undetectable change or error in an election outcome. Conversely, voting systems that are software-dependent have no recourse but to rely on the correctness and integrity of their software in ways that software-independent systems do not. As noted previously, determining whether complex software programs are correct is extremely difficult and in a practical sense infeasible.

It should be noted that in SI, “software” is really means complex technology, which can be software implemented on hardware, e.g., burned into PROMs or built into ASICs. “Software independence” should be interpreted to really mean complex technology independence.

[Other sources]

Labels: ,