[TODAY'S TOP STORIES] from [The Japan Times]
[COMPUTER TECHNOLOGY NEWS]
Wednesday, Dec. 30, 2009
TECHNOLOGY
Cold War encryption is unrealistic in today's trenches
By BRUCE SCHNEIER
Special to The Japan Times
Sometimes mediocre encryption is better than strong encryption, and sometimes no encryption is better still.
The Wall Street Journal reported last week that Iraqi, and possibly Afghan, militants are using commercial software to eavesdrop on U.S. Predators, other unmanned aerial vehicles (UAVs) and even piloted planes. The systems weren't "hacked" — the insurgents can't control them — but because the downlink is unencrypted, they can watch the same video stream as ground coalition troops.
The naive reaction is to ridicule the military. Encryption is so easy that HDTVs do it — just a software routine and you're done — and the Pentagon has known about this flaw since Bosnia in the 1990s. But encrypting the data is the easiest part; key management is the hard part. Each UAV needs to share a key with the ground station. These keys have to be produced, guarded, transported, used and then destroyed. And the equipment, both the Predators and the ground terminals, needs to be classified and controlled, and all the users need security clearance.
The command and control channel is, and always has been, encrypted — because that's both more important and easier to manage. UAVs are flown by airmen sitting at desks on U.S. military bases, where key management is simpler. But the video feed is different. It needs to be available to all sorts of people, of varying nationalities and security clearances, on a variety of field terminals, in a variety of geographical areas, in all sorts of conditions — with everything constantly changing. Key management in this environment would be a nightmare.
Further, how valuable is this video downlink to the enemy? The main fear seems to be that the militants watch the video, notice their compound being surveilled and flee before the missiles hit. Or they may notice a bunch of Marines in a recognizable area and attack them. This might make a great movie scene, but it's unrealistic. Without context, and just by peeking at random video streams, the risk caused by eavesdropping is low.
Contrast this with the additional risks if you encrypt: A soldier in the field doesn't have access to the real-time video because of a key-management failure; a UAV can't be quickly deployed to a new area because the keys aren't in place; we can't share the video information with our allies because we can't give them the keys; most soldiers can't use this technology because they don't have the right clearances. Given this risk analysis, not encrypting the video is almost certainly the right decision.
There is another option, though. During the Cold War, the National Security Agency's primary adversary was Soviet intelligence, and it developed its crypto solutions accordingly. Even though that level of security made no sense in Bosnia, and doesn't in Iraq and Afghanistan, it is what the NSA had to offer. If you encrypt, they said, you must do it "right."
The problem is, the world has changed. Today's insurgent adversaries don't have KGB-level intelligence-gathering or cryptanalytic capabilities. At the same time, computer and network data gathering has become much cheaper and easier, so they have technical capabilities the Soviets could only dream of. Defending against these sorts of adversaries doesn't require military-grade encryption only where it counts; it requires commercial-grade encryption everywhere possible.
This sort of solution would require the NSA to develop a whole new level of lightweight commercial-grade security systems for military applications — not just office-data "Sensitive but Unclassified" or "For Official Use Only" classifications. It would require the NSA to allow keys to be handed to uncleared UAV operators, and perhaps read over insecure phone lines and stored in people's back pockets. It would require the sort of ad hoc key-management systems you find in Internet protocols, or in DRM systems. It wouldn't be anywhere near perfect, but it would be more commensurate with the actual threats.
And it would help defend against a completely different threat facing the Pentagon: The PR threat. Regardless of whether the people responsible made the right security decision when they rushed the Predator into production, or when they convinced themselves that local adversaries wouldn't know how to exploit it, or when they forgot to update their Bosnia-era threat analysis to account for advances in technology, the story is now being played out in the press. The Pentagon is getting beaten up because it's not protecting against the threat — because it's easy to make a sound bite where the threat sounds really dire. And now it has to defend against the perceived threat to the troops, regardless of whether the defense actually protects the troops or not. Reminds me of the TSA, actually.
So the military is now committed to encrypting the video . . . eventually. The next generation Predators, called Reapers (Who names this stuff? Second-grade boys?) will have the same weakness. Maybe we'll have encrypted video by 2010, or 2014, but I don't think that's even remotely possible unless the NSA relaxes its key-management and classification requirements and embraces a lightweight, less secure encryption solution for these sorts of situations. The real failure here is the failure of the Cold War security model to deal with today's threats.
Bruce Schneier is a security technologist. His latest book is "Schneier on Security." Read about him at www.schneier.com
[COMPUTER TECHNOLOGY NEWS]
Wednesday, Dec. 30, 2009
IGADGET
CJK recruits Android for new Camangi Webstation tablet
By PETER CROOKES
Going tablet: Android is Google's shot at hitting Microsoft where it hurts — mobile devices. Windows might still dominate PC operating systems, but it has never duplicated this overwhelming presence on the small screens of mobile phones, PDAs and the like. So far, Android has shaken things up by becoming the brains of an emerging group of cell phones. But, electronics maker CJK is using the Google creation to power its new Web tablet, the Camangi Webstation. Marketed as a diverse device capable of fulfilling a user's mobile Internet needs, the Webstation sports a 7-inch touch screen with a resolution of 800 x 480 pixels. The screen size is adequate for portability, but not so small you'll need to squint to read.
The processing power is not so promising, running on a 624MHz Marvell CPU. However, while it only has 128 megabytes of standard DDR onboard memory it augments this with 256 megabytes of flash memory, which is dedicated to the operating system. Running the operating system off flash memory may make up for the lack of processing power, which in itself falls well short of the modest abilities of marginally larger netbooks. The very tiny onboard memory can be boosted by using MicroSD cards, and the company does have the decency to throw an 8-gigabyte card into the package.
In keeping with its Internet aspirations it comes with built-in browser and e-mail setup and connects via Wi-Fi, both b and g varieties. It can also tap into 3G networks by using a dongle, not included. The device would have been better set up if it came with built-in 3G ability, although it does have a GPS module.
The all-important battery life is a respectable four to five hours with Internet and media usage. Its media abilities are good. The audio playback formats are 3GP, MP3, MP4, OGG, MID and WAV; a more limited 3GP and MP4 for videos; JPG, GIF, PNG and BMP formats usable for photo viewing and the e-book viewer can handle EPUB and straight text. The EPUB format is becoming something of a standard among the eBabel of e-books so its inclusion is a major plus for readers. The size is compact, measuring 200 × 120 × 14.5 mm and a weight of 390 grams. The rounded edges help to lend it a pleasant style. Although it is initially only available in pearl white, but jet black and light pink options are planned.
The Webstation is an intriguing prospect, filling the void between a mobile phone and a netbook and addressing the deficiencies of the former's cramped screen and the latter's limited portability. The lack of a physical screen is probably not such a burden to the mobile-phone texting generation. The price tag is also reasonable at \39,800 and the company is planning a market for applications, a la Apple's booming iPhone setup. It never is solely good news though, and the Camangi tablet suffers from one chronic drawback. While it is available this month for advanced orders, only consumers in the continental United States can get in line for the made-in-Japan product. It is not clear just when local buyers can get their hands on the gadget, so patience and keeping a keen eye on the company's Web site, the only place to order it as yet, are definitely necessary. www.camangi-webstation.com/jp/index.html
[COMPUTER TECHNOLOGY NEWS]
Wednesday, Dec. 30, 2009
TECHNOLOGY
Cold War encryption is unrealistic in today's trenches
By BRUCE SCHNEIER
Special to The Japan Times
Sometimes mediocre encryption is better than strong encryption, and sometimes no encryption is better still.
The Wall Street Journal reported last week that Iraqi, and possibly Afghan, militants are using commercial software to eavesdrop on U.S. Predators, other unmanned aerial vehicles (UAVs) and even piloted planes. The systems weren't "hacked" — the insurgents can't control them — but because the downlink is unencrypted, they can watch the same video stream as ground coalition troops.
The naive reaction is to ridicule the military. Encryption is so easy that HDTVs do it — just a software routine and you're done — and the Pentagon has known about this flaw since Bosnia in the 1990s. But encrypting the data is the easiest part; key management is the hard part. Each UAV needs to share a key with the ground station. These keys have to be produced, guarded, transported, used and then destroyed. And the equipment, both the Predators and the ground terminals, needs to be classified and controlled, and all the users need security clearance.
The command and control channel is, and always has been, encrypted — because that's both more important and easier to manage. UAVs are flown by airmen sitting at desks on U.S. military bases, where key management is simpler. But the video feed is different. It needs to be available to all sorts of people, of varying nationalities and security clearances, on a variety of field terminals, in a variety of geographical areas, in all sorts of conditions — with everything constantly changing. Key management in this environment would be a nightmare.
Further, how valuable is this video downlink to the enemy? The main fear seems to be that the militants watch the video, notice their compound being surveilled and flee before the missiles hit. Or they may notice a bunch of Marines in a recognizable area and attack them. This might make a great movie scene, but it's unrealistic. Without context, and just by peeking at random video streams, the risk caused by eavesdropping is low.
Contrast this with the additional risks if you encrypt: A soldier in the field doesn't have access to the real-time video because of a key-management failure; a UAV can't be quickly deployed to a new area because the keys aren't in place; we can't share the video information with our allies because we can't give them the keys; most soldiers can't use this technology because they don't have the right clearances. Given this risk analysis, not encrypting the video is almost certainly the right decision.
There is another option, though. During the Cold War, the National Security Agency's primary adversary was Soviet intelligence, and it developed its crypto solutions accordingly. Even though that level of security made no sense in Bosnia, and doesn't in Iraq and Afghanistan, it is what the NSA had to offer. If you encrypt, they said, you must do it "right."
The problem is, the world has changed. Today's insurgent adversaries don't have KGB-level intelligence-gathering or cryptanalytic capabilities. At the same time, computer and network data gathering has become much cheaper and easier, so they have technical capabilities the Soviets could only dream of. Defending against these sorts of adversaries doesn't require military-grade encryption only where it counts; it requires commercial-grade encryption everywhere possible.
This sort of solution would require the NSA to develop a whole new level of lightweight commercial-grade security systems for military applications — not just office-data "Sensitive but Unclassified" or "For Official Use Only" classifications. It would require the NSA to allow keys to be handed to uncleared UAV operators, and perhaps read over insecure phone lines and stored in people's back pockets. It would require the sort of ad hoc key-management systems you find in Internet protocols, or in DRM systems. It wouldn't be anywhere near perfect, but it would be more commensurate with the actual threats.
And it would help defend against a completely different threat facing the Pentagon: The PR threat. Regardless of whether the people responsible made the right security decision when they rushed the Predator into production, or when they convinced themselves that local adversaries wouldn't know how to exploit it, or when they forgot to update their Bosnia-era threat analysis to account for advances in technology, the story is now being played out in the press. The Pentagon is getting beaten up because it's not protecting against the threat — because it's easy to make a sound bite where the threat sounds really dire. And now it has to defend against the perceived threat to the troops, regardless of whether the defense actually protects the troops or not. Reminds me of the TSA, actually.
So the military is now committed to encrypting the video . . . eventually. The next generation Predators, called Reapers (Who names this stuff? Second-grade boys?) will have the same weakness. Maybe we'll have encrypted video by 2010, or 2014, but I don't think that's even remotely possible unless the NSA relaxes its key-management and classification requirements and embraces a lightweight, less secure encryption solution for these sorts of situations. The real failure here is the failure of the Cold War security model to deal with today's threats.
Bruce Schneier is a security technologist. His latest book is "Schneier on Security." Read about him at www.schneier.com
[COMPUTER TECHNOLOGY NEWS]
Wednesday, Dec. 30, 2009
IGADGET
CJK recruits Android for new Camangi Webstation tablet
By PETER CROOKES
Going tablet: Android is Google's shot at hitting Microsoft where it hurts — mobile devices. Windows might still dominate PC operating systems, but it has never duplicated this overwhelming presence on the small screens of mobile phones, PDAs and the like. So far, Android has shaken things up by becoming the brains of an emerging group of cell phones. But, electronics maker CJK is using the Google creation to power its new Web tablet, the Camangi Webstation. Marketed as a diverse device capable of fulfilling a user's mobile Internet needs, the Webstation sports a 7-inch touch screen with a resolution of 800 x 480 pixels. The screen size is adequate for portability, but not so small you'll need to squint to read.
The processing power is not so promising, running on a 624MHz Marvell CPU. However, while it only has 128 megabytes of standard DDR onboard memory it augments this with 256 megabytes of flash memory, which is dedicated to the operating system. Running the operating system off flash memory may make up for the lack of processing power, which in itself falls well short of the modest abilities of marginally larger netbooks. The very tiny onboard memory can be boosted by using MicroSD cards, and the company does have the decency to throw an 8-gigabyte card into the package.
In keeping with its Internet aspirations it comes with built-in browser and e-mail setup and connects via Wi-Fi, both b and g varieties. It can also tap into 3G networks by using a dongle, not included. The device would have been better set up if it came with built-in 3G ability, although it does have a GPS module.
The all-important battery life is a respectable four to five hours with Internet and media usage. Its media abilities are good. The audio playback formats are 3GP, MP3, MP4, OGG, MID and WAV; a more limited 3GP and MP4 for videos; JPG, GIF, PNG and BMP formats usable for photo viewing and the e-book viewer can handle EPUB and straight text. The EPUB format is becoming something of a standard among the eBabel of e-books so its inclusion is a major plus for readers. The size is compact, measuring 200 × 120 × 14.5 mm and a weight of 390 grams. The rounded edges help to lend it a pleasant style. Although it is initially only available in pearl white, but jet black and light pink options are planned.
The Webstation is an intriguing prospect, filling the void between a mobile phone and a netbook and addressing the deficiencies of the former's cramped screen and the latter's limited portability. The lack of a physical screen is probably not such a burden to the mobile-phone texting generation. The price tag is also reasonable at \39,800 and the company is planning a market for applications, a la Apple's booming iPhone setup. It never is solely good news though, and the Camangi tablet suffers from one chronic drawback. While it is available this month for advanced orders, only consumers in the continental United States can get in line for the made-in-Japan product. It is not clear just when local buyers can get their hands on the gadget, so patience and keeping a keen eye on the company's Web site, the only place to order it as yet, are definitely necessary. www.camangi-webstation.com/jp/index.html
※コメント投稿者のブログIDはブログ作成者のみに通知されます