Coffee Break // Cyber News 012

I’m comforting myself with a hot cup of a medium roast Dunkin’ brand coffee this evening. I’m reading an excellent Op-Ed in the Hill by Ron Yokubaitis, a name in the ISP and data game, on the matter of surveillance.

“This is not a partisan issue. It’s a constitutional issue. The Fourth Amendment doesn’t say “except when it’s digital.” It doesn’t say “unless you’re using Google.” It says the government must get a warrant — period.”
—Ron Yokubaitis

I recommend the whole article to all interested parties. I heartily concur with Yokubaitis’ take. To give a fair airing to the other side of the argument, however, it should be noted that some would view Internet traffic and data more akin to conversations in public spaces. The argument goes something like this: “You have no expectation of privacy in a public forum such as at the mall or a restaurant, why would you have that expectation in the virtual forum of the internet?”

I would argue here, that certain forums on the internet absolutely fall into the category of a public forum, but we should not conflate reasonable expectations with constitutional rights here. At this point in time, I think it’s reasonable to assume everything you see, say, and do online is fully recorded and documented in some form, even if it is a form that will not be successfully decrypted before quantum computing comes to the fore. However, even without an expectation that your digital footprint is private, you still (largely speaking) have the right to defend it as such. Just because someone may come along and compromise the security of your communications does not mean that anyone else would have a right to view them as well.
If a lunatic took my door off it’s hinges, would that give my neighbor the right to walk inside and go through my things?

How do you treat your online communications? Does the potential for a omniscient Singularity in the near-future influence your choices?

//

In the news.

Keyboard Transport Layer Security offers a potential defense against Keyloggers on computers with Intel TPMs or perhaps some equivalent in the future.
A keylogger is a piece of hardware or software that sits in-between a Human Input Devide (HID) like a keyboard and the computer it’s sending that input to, and recording those inputs before they get to the computer. This way, attackers can catch important keystrokes (such as usernames and passwords) without the having to deal with encryption or hashes of any kind.
The KTLS described in the link above provides a means of encrypting those keystrokes so that even if a hacker is able to get their hands on the input data being passed through, it will not be readable or usable.

Back-ups, back-ups, back-ups. A story that went under the radar for many of us last week, was the a devastating data center fire in South Korea last week. The fire destroyed 858 TB of data and, crucially, also destroyed the back-ups which were being stored at the same location.
While geographic dispersion may not be critical for your home network and family photos, for a data center that stores a government agencies records, having back-ups at geographically separated sites is not merely recommended, it’s critical.
While luckily no-one died in the fire itself, a number of individuals have been arrested by officials on suspicion of criminal involvement and a government worker overseeing the network restoration has apparently taken his own life.
While this fire could very well be an unfortunate accident, one can easily see a target like this as being of interest to a foreign power. I don’t see any evidence of nation-state actors at this time, but the arrests indicate that there may well be something go on here that the South Korean government is not telling the public.