Category Archives: Cyber Security

70th Anniversary of Nineteen Eighty-Four and it’s Still a Cautionary Tale for Our Own Future

George Orwell’s novel Nineteen Eighty-Four was published 70 years ago, on 8 June 1949. Together with his political allegory Animal Farm published in 1945, Nineteen Eighty-Four brought Orwell worldwide fame. As I hope you know, Nineteen Eighty-Four describes a dystopian future occurring in 1984 (now 35 years in our past) in which a totalitarian government imposes repressive regimentation on all persons and behaviors through prescriptive laws, propaganda, manipulation of history, and omnipresent surveillance.  Fortunately for us, the real year 1984 fared much better.  However, Orwell’s vision of the future, as expressed in this novel, still may be a timely and cautionary tale of a future yet to come.

First edition cover.
Source: Wikipedia
George Orwell.  Source: BBC

You’ll find an interesting collection of quotations attributed to George Orwell on the AZ Quotes website here:

https://www.azquotes.com/author/11147-George_Orwell

You can read Nineteen Eighty-Four chapter-by-chapter online on The Complete Works of George Orwell website at the following link, which also contains other Orwell novels.

https://www.george-orwell.org/1984

You also can read Nineteen Eighty-Four as one file on the Project Gutenberg Australia website at the following link:

http://gutenberg.net.au/ebooks01/0100021.txt

Here, it’s easy to search the whole novel for key words and phrases, like “Though Police,” “Big Brother,” “Ministry of Truth,” “thoughtcrime,” “crimethink,” and “face crime,” and see how they are used in context.

Orwell was right about the concept that an entire population can be kept under constant surveillance.  However, he probably didn’t appreciate the commercial value of such surveillance and that people voluntarily would surrender so much information into an insecure (online) environment, thereby making it easy for agents to legally or illicitly collect and process the information they want. Today, it’s hard to know if Big Brother is the government or anonymous aggregations of commercial firms seeking to derive value from your data and influence your behavior.

With the increasing polarization in our society today, it seems to me that we are entering more precarious times, where our own poorly defined terms, such as “politically correct” and “hate speech,” are becoming tools to stifle alternative views and legitimate dissent.

I remember in the late 1970s when I first read the words “politically correct” in Jim Holman’s local San Diego newspaper, Reader. My first reaction to this poorly defined term was that it will lead to no good.  Since then, use of  “politically correct” has grown dramatically, as shown in the following Google Ngram.  While I agree that political correctness has its place in a polite society, the muddled jargon of political correctness easily can becomes a means to obfuscate a subject under discussion.

Ngram 1800 – 2008.  Source: Google

In the past two decades, use of the term “hate speech” has become commonplace, as shown in the following Google Ngram. While laws have been written to define and combat actual “hate speech,” this term is easily misused to stifle dissent, even legitimate dissent, by forcefully mischaracterizing one side of a discussion that never was intended to be hateful.  Our ability to hold opposing views without being mischaracterized as a “hater” is being eroded in our increasingly polarized society, where self-appointed (and often anonymous) Thought Police are using social media (What an oxymoron!) to punish the perceived offenders. Such “policing” is not centralized, as in Orwell’s novel, but its effects can be very damaging to its victims.

Ngram 1800 – 2008.  Source: Google

Of course, the word “dissent” has been in common usage for a very long time and is a fundamental right of American citizens.

Ngram 1800 – 2008.  Source: Google

Seventy years after first being published, Orwell’s novel Nineteen Eighty-Four still stands as a relevant cautionary tale for our own future.  I encourage you to read it again, keep an open mind, and piss off the self-declared Thought Police from time to time.

Source: Libertymaniacs.com, 2011

Doomsday Clock Reset

This year is the 70th anniversary of the Doomsday Clock, which the Bulletin of the Atomic Scientists describes as follows:

“The Doomsday Clock is a design that warns the public about how close we are to destroying our world with dangerous technologies of our own making. It is a metaphor, a reminder of the perils we must address if we are to survive on the planet.”

You’ll find an overview on the Doomsday Clock here:

http://thebulletin.org/overview

The Clock was last changed in 2015 from five to three minutes to midnight. In January 2016, the Doomsday Clock’s minute hand did not change.

On 26 January 2017, the Bulletin of the Atomic Scientists Science and Security Board, in consultation with its Board of Sponsors, which includes 15 Nobel Laureates, decided to reset the Doomsday Clock to 2-1/2 minutes to midnight. This is the closest it has been to midnight in 64 years, since the early days of above ground nuclear device testing.

Two and a half minutes to midnight

The Science and Security Board warned:

“In 2017, we find the danger to be even greater (than in 2015 and 2016), the need for action more urgent. It is two and a half minutes to midnight, the Clock is ticking, global danger looms. Wise public officials should act immediately, guiding humanity away from the brink. If they do not, wise citizens must step forward and lead the way.”

You can read the Science and Security Board’s complete statement at the following link:

http://thebulletin.org/sites/default/files/Final%202017%20Clock%20Statement.pdf

Their rationale for resetting the clock is not based on a single issue, but rather, the aggregate effects of the following issues, as described in their statement:

A dangerous nuclear situation on multiple fronts

  • Stockpile modernization by current nuclear powers, particularly the U.S. and Russia, has the potential to grow rather than reduce worldwide nuclear arsenals
  • Stagnation in nuclear arms control
  • Continuing tensions between nuclear-armed India and Pakistan
  • North Korea’s continuing nuclear development
  • The Iran nuclear deal has been successful in accomplishing its goals in its first year, but its future is in doubt under the new U.S. administration
  • Careless rhetoric about nuclear weapons is destabilizing; for example, the U.S. administration’s suggestion that South Korea and Japan acquire their own nuclear weapons to counter North Korea

The clear need for climate action

  • The Paris Agreement went into effect in 2016
  • Continued warming of the world was measured in 2016
  • S. administration needs to make a clear, unequivocal statement that it accepts climate change, caused by human activity, as a scientific reality

Nuclear power: An option worth careful consideration

  • Nuclear power a tempting part of the solution to the climate change problem
  • The scale of new nuclear power plant construction does not match the need for clean energy
  • In the short to medium term, governments should discourage the premature closure of existing reactors that are safe and economically viable
  • In the longer term, deploy new types of reactors that can be built quickly and are at least as safe as the commercial nuclear plants now operating
  • Deal responsibly with safety issues and with the commercial nuclear waste problem

Potential threats from emerging technologies

  • Technology continues to outpace humanity’s capacity to control it
  • Cyber attacks can undermining belief in representative government and thereby endangering humanity as a whole
  • Autonomous machine systems open up a new set of risks that require thoughtful management
  • Advances in synthetic biology, including the Crispr gene-editing tool, have great positive potential, but also can be misused to create bioweapons and other dangerous manipulations of genetic material
  • Potentially existential threats posed by a host of rapidly emerging technologies need to be monitored, and to the extent possible anticipated and managed.

Reducing risk: Expert advice

  • The Board is extremely concerned about the willingness of governments around the world— including the incoming U.S. administration—to ignore or discount sound science and considered expertise during their decision-making processes

Prior to the formal decision on the 2017 setting of the Doomsday Clock, the Bulletin took a poll to determine public sentiment on what the setting should be. Here are the results of this public pole.

Results of The Bulletin Public Poll

How would you have voted?

DARPA Cyber Grand Challenge (CGC)

DARPA launched the Cyber Grand Challenge (CGC) in 2014. This is a competition in which each competitor team attempts to create an automatic IT network defense system that can analyze its own performance during attacks by an intelligent adversaries, identify security flaws, formulate patches, and deploy the patches in real-time on the network being protected. This DARPA competition will “give these groundbreaking prototypes a league of their own, allowing them to compete head-to-head to defend a network of bespoke software.”

The longer-term DARPA goal is to promote technology that leads to operational, automatic, scalable, adaptive, network defense systems operating at machine speed to protect IT networks against intelligent adversaries.

The CGC Challenge Competitor Portal is at the following link:

https://cgc.darpa.mil

The Master Schedule for CGC is shown in the following chart:

CGC Master ScheduleSource: DARPA

A slide presentation reporting the lessons learned from the first year of the CGC is available at the following link:

https://www.usenix.org/sites/default/files/conference/protected-files/sec15_slides_walker.pdf

This is a complex slide presentation that benefits greatly from seeing it along with a video of the actual presentation made by Mike Walker at the 12 – 14 August 2015 24th USENIX Security Symposium. You will find this rather long (1 hour 17 min) video at the following link:

https://www.usenix.org/node/190798

In the 2015 Challenge Qualification Event, seven finalists were qualified. The finals will be held from 54 August 2016 at the Paris Hotel & Convention Center in Las Vegas, Nevada. The Award Ceremony will be held at the beginning of DEF CON 24 on Friday, 5 August 2016.

CGCEventFirstAutomatedNetDefense  Source: DARPA

This is exciting stuff! The results are certain to be very interesting.

8 August 2016 Update: Carnegie Mellon’s Mayhem computer system won DARPA’s CGC

Seven invited teams competed for $4 million in prizes at the DARPA CGC. The $2 million grand prize winner was the Mayhem computer system designed by Carnegie Mellon’s team ForAllSecure. The $1 million second place prize was awarded to the Xandra computer system designed by team TECHx of Ithaca, NY, and Charlottesville, VV. Third place and a $750K prize was awarded to the Mechanical Phish computer system developed by the Shellphish team of Santa Barbara, CA.

You can read details on the DARPA website at the following link:

http://www.darpa.mil/news-events/2016-08-05a

Also see the following article on the TechCrunch website for more details on the CGC Finals competition.

https://techcrunch.com/2016/08/05/carnegie-mellons-mayhem-ai-takes-home-2-million-from-darpas-cyber-grand-challenge/