More Zonkyness

Confessions Of A Spy In The Data Centre

Nov 262016

(actually we don’t usually sit in the data centre; it’s too noisy and usually the wrong temperature for people)

There is a perception amongst people that security “gurus” who work in network security are spying on all your network traffic. Not the hackers (which is a whole other matter), but the people who run enterprise firewalls. We do, but we’re not interested in what you are doing but instead what is being done to you (and the enterprise as a whole).

Frankly nothing strikes me as more boring than spying on someone’s porn browsing – if I really need to, I’ll hunt down my own porn thank you very much! And we’re busy; you could probably double the size of every network security team in every organisation on the planet and still nobody would be sitting around twiddling their thumbs.

On the subject of porn (as an extreme example), it is not a security issue. There is an argument that browsing porn sites is putting yourself at greater risk of picking up some kind of nasty infection, but avoiding porn sites to avoid getting infected with malware is a tactic that results in your computer being infected. So the intended content isn’t a problem as far as security is concerned, but we’re interested in unintended content.

Now there are places that enforce browsing censorship – blocking anything that isn’t work-related. That role is usually dumped on the network security people because they have the tools to do the job.

Does porn browsing on the office matter? Of course it does – some people are upset by the sight of such things, and almost as important, when someone is browsing porn they are not working. But such matters are best dealt with in the office by the line manager – if someone isn’t doing their work it doesn’t matter if they are browsing porn, hitting Facebook, or snoozing under the desk. All should be dealt with appropriately by the line manager.

And centralised censorship is a rather clumsy tool – blocking Facebook is all very well if it is to prevent personal usage of the Internet, but what about the Marketing department using Facebook for publicity? Or the Customer Service department keeping an eye on Facebook for product problems that they need to look into? These can be allowed through on a case-by-case basis, but it highlights that censorship is a clumsy tool.

The word from a nameless vendor who is in this space, is that in many cases this censorship has less to do with preventing people from doing “naughty” things, and more to do with controlling bandwidth usage. And as bandwidth becomes cheaper, there is less interest in censoring Internet activities – certainly from a personal perspective I notice a decrease in the number of people who complain they cannot visit certain sites because of work’s “firewall”.

There is also the subject of TLS inspection where firewalls intercept and inspect TLS or SSL encrypted traffic between you and “out there”. Again there is a suspicion that we are for whatever reason spying on your activities. The answer to this is the same as previously – why should we bother? It is too much like hard work, and frankly most of the information that passes through a firewall is unbelievably boring.

No, TLS interception is used to do the boring task of inspecting traffic for malware, spyware, and other security threats. And with the increasing use of TLS to encrypt traffic it is becoming more and more important to do TLS interception for security reasons.

Yes there are those who would use that sort of technology to spy on your activities, but those organisations are typically nation states … and repressive ones at that. But it is extreme foolishness to blame a useful tool for the abuses that an abusive government perpetrates. Your average enterprise just isn’t that interested in what you’re up to.

And if you still don’t believe this, there is a simple answer: Do anything private on your own private network.

b84v37631-cubist-eye

The Liepaper – The Sun

Media No Responses »

Nov 192016

The Sun claimed Jeremy Corbyn danced (don’t bother clicking; the story was removed for legal reasons) down Whitehall on Remembrance Sunday. What actually happened is that a photographer edited a picture to show Corbyn apparently waving his hand as though he were dancing when he was really walking, talking, and gesturing with a veteran (a Desert Rat).

So what The Sun really did was airbrush out a veteran in order to pursue an ongoing vendetta against Corbyn. Now pursuing a vendetta against Corbyn is fair enough – if you restrict yourself to his policies and politically relevant stories. But making up lies and you lose your status as a newspaper and become a “liepaper”.

There are those who argue that it was the photographer that invented the story, and that The Sun was taken in by the lie. Which is why the first rule of journalism is to make sure you have at least two sources, and check the sources. Again, not following this basic rule disqualifies The Sun as a newspaper and makes it a liepaper.

B84V1827t1-elderley-man-past-gravestones

The Suicide Solution

General No Responses »

Nov 162016

If you are personally interested in suicide as a solution, please contact the Samaritans who can help. This article is not a suicide prevention guide nor is it written by someone qualified in this area.

I have become interested in suicide recently – no, not in that way! In suicide statistics, and the reasons for suicide.

In the UK, in 2014, there were 22 suicides per 100,000 people in the UK (all statistics are taken from the Samaritans suicide report for 2016). It gets rather more interesting when you examine the differences in population groups – for instance, the overall suicide rate for men in the UK is 16.8 suicides per 100,000 men whereas the overall rate for women is 5.2 per 100,000 women. In other words for every woman who commits suicide, there are more than 3 men who commit suicide.

There are regional variations as well of course, but none of those variations are anywhere near as dramatic.

Another significant variation contained within the Samaritans report is the difference in suicide rates at different ages. For instance, the biggest risk group for suicide is between 45-59 where the overall suicide rate is 31 per 100,000 compared with the lowest rate age group of 10-29 years where the overall rate is 13.1. Interesting the comparison between the genders is almost identical here – the rate for women more than doubles, and the rate for men more than doubles.

So if you’re male you are more likely to commit suicide, and if you are middle-aged you are more likely to commit suicide.

One possible explanation for the gender difference is contained within the Samaritans report in that men supposedly choose to opt for more effective suicide methods than women. Perhaps, but this is a rather difficult to test, and there are plenty of other possible reasons why the rate for men is so high. But let’s not dwell on this …

B84V1827t1-elderley-man-past-gravestones

But what else?

There are all sorts of factors that contribute to an increased risk of suicide, including but not limited to :-

Certain professions such as doctors, etc.
Many diseases or health conditions (excluding mental illness) cause an increased risk of suicide – such as psoriasis, or more fatal conditions such as cancer.
Bullying, prejudice (esp. against young LGBT people), racism, etc. Basically anything where one person can be made miserable by nasty people.
Mental illness of course.
Stress.

And there are probably many more reasons.

But the real rant here is about those who say that suicide is no solution; it shouldn’t be a viable solution because nobody should be reduced to the point where they see it as a solution. But to simply say “suicide is no solution” distracts from the real problems – that other factors cause some people to feel it is a solution.

And it is those problems that need solving.

1916

History No Responses »

Nov 122016

Trump? Am I Having A Fever Dream?

Politics No Responses »

Nov 112016

So Trump has been elected as the next president of the USA.

Now setting aside my disbelief for a moment (really? He actually won?), let’s look at some of the reasons why he may have won, and why the poll takers got it wrong.

First of all, the polls were not that far out – whilst they got the winner wrong, they did predict that it would be close. And it was close – Clinton got 47.7% of the popular vote whereas Trump got 47.3%. Yes, Clinton actually won the popular vote, but the US electoral system does not work quite so well when the result is so close. But not bad for a 200-year old system, but perhaps it is time for a long and careful review of the process in the light of modern communications.

In addition, there is also the embarrassment factor – if you had decided to vote for Trump, would you really admit it publicly? On a more serious note, when elections are particularly acrimonious, there is a good chance that a significant amount of the electorate will lie (or just keep quiet) about their choice when asked by pollsters.

Enough about pollsters though, how did he win? Of course everyone wants one simple answer to that question, and there isn’t one. There are many factors as to why he won, and each contributes a little.

The first thing to remember is that there are many stupid people in any population. Nothing wrong with being stupid; some of my best friends are stupid (that didn’t come out quite right!). Really! And it is a fact of life that there are many stupid people – it’s how intelligence tests work. You measure everyone’s intelligence, and those who are below average are stupid, and those who are above average are bright.

Besides, Trump won didn’t he? QED.

And stupid people are easily conned by anyone who tells them what they want to hear no matter how fantastical it might be. And Trump has been telling them what they want to hear – abortion is wrong, he can restore manufacturing jobs (presumably by overturning the laws of economics), making America great again (that one always goes down well, even if America is already great), that climate change is not man-made, etc.

Every time that he pushed one of those buttons, and pandered to every wing-nut grouping out there, he gained more supporters. He either didn’t care or didn’t know that he came across as a cretinous fool, as long as he got some votes.

The second big factor was that although Trump was nominated by the Republican party, he was the closest thing to an anti-establishment candidate of the two major parties (I’ll come to the other parties shortly). Of course he isn’t really not part of the establishment being a billionaire property developer, but he hasn’t previously held public office. And anti-establishment is very popular right now. Given that Clinton was very definitely old political establishment, this could very well be the most significant reason.

And of course there is the economy. Like the rest of the world, the US has just been through a huge recession where many lost their jobs or even their homes. And any ruling party suffers in the wake of a recession. Whether or not the Democrats were to blame, they were going to get blamed by the voters – or at least enough of them to make a bit of a difference.

Next there is of course the poor old sane Republican who has always voted for their party. This time around, they had a buffoon to vote for and although some couldn’t face voting for Trump, a good number couldn’t see any other options.

The reason that some people are blaming are the “other” candidates. Despite the media coverage implying that there are only two candidates, there were in fact nearly 30. If all those who voted for one of the others, had voted for Clinton instead, it might have made a difference, but it seems a touch unlikely that they would have all voted for her. Best guess? They would have divided more or less evenly just like everyone else did.

Having said that, it would be nice if the US had a transferable vote system whereby you could vote for (say) the Green Party, but have your vote go towards another if the Green party didn’t win.

I’m not going to bother mentioning those who couldn’t be bothered to vote. They didn’t vote so they don’t count.

So how about the reaction to Trump’s victory?

It’s almost as bizarre as the lead up to the election: When you’re in a room the morning the results came out, and the two embarrassed Americans both apologise for the US having voted in Trump, you know there’s something odd going on. The reaction has been extreme – not just the usual moaning about having an idiot in charge for four years, but protests, riots, and even a group in California that wants to declare independence. It is sort of understandable (after all, it’s Trump!), but the division in the US today may be almost as damaging as the idiocies that Trump will enact.

On the subject of which, Trump himself probably can’t remember all the rubbish he has promised all over the campaign trail. Of course there are those who will remind him of things he has promised, and probably a lot more besides. But how much damage will he actually do?

The worst case scenario (and there’s more than one) is that he brings about some sort of theocratic form of government (he certainly has supporters who would like to see this), and launches nuclear weapons (Trump with his hand on the launch button? Shudder!).

This is not that likely – there are too many obstacles in the way, including the constitution. And there is just the slightest hint that Trump might not be quite that bad.

His first reaction to the protests was typical paranoia – blaming them on paid activists. But his second reaction was quite sympathetic saying he was pleased that the protesters loved their country so much. Trump probably likes being popular, and there’s one obvious thing to do with a president like that – when he proposes some idiocy, protest. Don’t protest about Trump (however tempting it is); protest about his bad policies.

Of course I might be overly optimistic.

stack-of-coins-p1

Older Entries Newer Entries