I received a reply (Canned, unfortunately) from Virginia Senator Tim Kaine today. I wrote a reply.
The Honorable Senator Tim Kaine,
Thank you and your staff for your reply. However, since writing to your good offices on this issue for the past couple of years, I have been disappointed in that the replies I have received often fail to address, and often contradict the points of argument I wish to raise in this issue.
I wish to make issue of the following:
- The FISA and PATRIOT Acts, while legally passed, contradict both the spirit of the Constitution, and in some cases, the well-established Right to Privacy enumerated in the Constitution (1). The PATRIOT Act was passed in the immediate aftermath of 9/11, and has since been accused of being overreaching and rushed with Senate and House members accused of “not understanding what they were voting for”
- I argue that the primary function of the intelligence community is not the prevention of terrorism, but the collection of information as it pertains to our geopolitical competitors and discerning their intentions. It is outrageous that while the world goes through some of the most drastic changes in human history as a result of globalization, our focus is not the maintaining our competitiveness along the rise of nations such as China, India, or Brazil, but crock-pot bombers. Fortunately, we do have agencies who’s mission it is to protect and investigate these crimes. The police, and the FBI.
- Gen. Alexander’s claims about thwarting dozens of plots has since been challenged, by members of Congress(2). We know that any terrorist actors don’t use Skype or Facebook, because these are obvious platforms for monitoring. (3)
- The defence of certain members of Congress that these programs are needed fails to convince when the majority do not understand, do not comprehend, and do not participate in the debate over these issues. As this issue was coming to light, the NSA arrived to brief Congress on these programs, only to have the majority of the Senate go home (4).
- It is terrible to state that despite the assurance of the limited nature of these programs, each passing day brings more information on the breadth and reach of these operations that invalidates the previous day’s assertions. What was first pledged as an NSA operation that ceased its monitoring once a U.S. citizen was identified, now targets them if their communications are secured (5) and keeps their communications (6) for up to 5 years if it deems them interesting. These facts have only come to light via leaks, as the court orders and opinions that would weigh on these matters are kept hidden and secret.
Mr. Senator, forgive me if I place little faith and trust in my Government when it says it will not spy on me, or use the information it gets for devious ends. We watched in the 70s how the Nixon administration used FBI wiretapping to pursue his political enemies, and today we have seen how the IRS has singled out groups based on their political ideology for harassment and scrutiny. We famously unearthed a structure rife with abuse and overreach with the Church Committee, and today we are watching that same scenario play out all over again. “Why”, some ask, “do we need privacy when we have done nothing wrong?” SCOTUS Justice Stephen Breyer explains:
The complexity of modern federal criminal law, codified in several thousand sections of the United States Code and the virtually infinite variety of factual circumstances that might trigger an investigation into a possible violation of the law, make it difficult for anyone to know, in advance, just when a particular set of statements might later appear (to a prosecutor) to be relevant to some such investigation.
For instance, did you know that it is a federal crime to be in possession of a lobster under a certain size? It doesn’t matter if you bought it at a grocery store, if someone else gave it to you, if it’s dead or alive, if you found it after it died of natural causes, or even if you killed it while acting in self defense. You can go to jail because of a lobster.
Perhaps it is even more saddening however, that we have had to resort to such incredible intrusiveness over a threat who’s lethal impact pales in comparison to every known way we can inflict harm on ourselves. Worse yet, when the stated aim of these groups is to incite fear, overreaction, and expense, we deliver in spades with cancellations, security sweeps, and ever more embarrassing methods to dehumanize our fellow citizens with the latest in overpriced and ineffective detection equipment.
Is it not terrible that we claim to honor the legacy of Ben Franklin and Patrick Henry, and fool ourselves into thinking that we will gladly trade death for liberty, just as our country’s founders did, only we do anything but.
Senator, no one is suggestion that we not investigate terrorists or other criminals. But there comes a point at which the price of chasing after these few is too high, that it undermines the very mores that set this country apart from all others. If that means the occasional pressure-cooker goes off, then so be it. Better to live free and mourn a handful of Patriots then live in fear of ourselves and each other against an enemy who’s presence we consistantly and vastly overrate.
Terrorism will never be completely crushed so long as inequality and ignorance continue to exist in the world. If we are truely to defeat these individuals, then it will be by the cultural, diplomatic, and economic might of the United States, by its ability to shape the world with a people who’s covenant and dedication towards the rights of humankind have been the inspiration of the globe over. When we see enemies within ourselves, suspect, accuse, and assume that our countrymen are guilty of something, then we undermine that message, and diminish our might and influence.
I expect that my Senators and Representatives will not represent our State as one choked by fear, but one wrapped in Liberty, and show an example towards the rest of the country that these programs only serve to harm us, and that we citizens can take it, and grow mighty in the face of it.
Thank you for your time.
1. See “Right to Privacy” by SCOTUS Justice Louis Brandeis and Samuel Warren: http://www.law.louisville.edu/library/collections/brandeis/node/225
The Senator’s message below:
Dear Mr. Kozlowski:
Thank you for contacting me about recent reports concerning the National Security Administration’s intelligence programs. I appreciate hearing your concerns.
On June 6, 2013 details of two National Security Administration (NSA) programs were published in the media as a result of leaked confidential documents. These articles indicated that since 2007, under provisions within the Foreign Intelligence Surveillance Act and the PATRIOT Act, the NSA has legally monitored private communications in an effort to increase national security.
Many have expressed legitimate concerns about the privacy implications of this policy. I believe there needs to be an open discussion about the limits of surveillance, the need for transparency, and the protection of Americans’ privacy, while maintaining national security.
The primary mission of the U.S. intelligence community is to detect and prevent the very real threat of terrorism on our homeland. According to General Keith Alexander, Director of the NSA, and Robert Mueller, Director of the Federal Bureau of Investigation, the intelligence community has successfully used these programs to identify and thwart dozens of terrorist plots at home and abroad. Additionally, leaders from the House and Senate Intelligence Committees have defended these programs stating that they are transparent, lawful, and have been instrumental in defending our homeland.
It is also important to note that these intelligence programs are limited in scope to viewing phone records and other metadata under strict court-enforced protocols. They do not allow authorities to listen to private conversations or access private e-mails, and court orders are required before any additional information to be obtained. President Obama has urged the intelligence community to review, declassify, and release information regarding these programs to the public to ensure that the programs aren’t jeopardized and more importantly, that Americans are made aware of the intelligence programs currently in place.
Please be assured I will work to ensure that efforts to improve our national security protect constitutional rights in a balanced way.
Thank you once again for contacting me on this important matter.
It was a late night sometime in 1996. I was upstairs, in my parents den, where we kept our Acer PC. 100Mhz of Pentium goodness, it nevertheless had only the games it shipped with: a trial version of Descent and a few other freeware titles.
My dad had taken me to Radio Shack a year earlier, where I’d spotted a copy of LucasArts “Star Wars: X-Wing Collector’s CD-ROM”. He got it for me, but to my dismay when we got home, it would not run without throwing an error before it could be installed. My parents were no computer pros, and I scarsely knew much about PCs myself other than how to play the games I wanted. I was 13 at the time, with a Windows 95 PC that made things pretty intuitive. But as we rummaged through the box, the DOS instructions looked like greek, and I couldn’t understand what they were asking for any more than my dad could.
So the box sat on my shelf, and every few days I stare longingly at it, flipping through the manual, reading the specs of various fighters and the features of the game. A year went by, and arriving on that night in ’96, when in my evening ritual as I thumbed through the box, there was a blue slip of paper. On it were instructions on how to edit “CONFIG.SYS”, the memory manager for DOS, and detailing how X-Wing needed some changes to EMS to run.
I didn’t know memory managers then, but by that time, I knew how to edit a few things, and staring at that piece of paper which had confused us so many times before, it clicked.
I edited the file, and the game ran.
It was 2AM. I ran downstairs where my parents, being the night owls they were at the time, were relaxing watching TV. They couldn’t comprehend the reasons for my sudden enthusiasm, but were happy, and waved as I ran back upstairs.
It was all so wonderful. Finally, after so long! I was flying X-Wings under John Williams’ fantastic score, blasting TIE Fighters, taking out shield generators, and pumping torpedoes into lumbering Star Destroyers.
And looking back at that wonderful night, I point to that moment as being when I’d not only be enjoying more games, but starting a career in IT as well. Because it was then that the PC changed from being a black box that was scary and complicated, sure to explode into fire and brimstone if you tampered with the wrong things. It was something I could make work for me now, a challenge I could overcome and tame. My parents and their friends knew just enough to warn me which files not to mess with fore they would surely break the machine beyond repair. But I’d done it, and my reward was my first LucasArts game.
Every kid and teen has their game companies they grew up with. For my wife Laura it was SquareEnix and the “Final Fantasy” games. For me, growing up as a kid, it was all about LucasArts. Every Star Wars game I played. X-Wing, Dark Forces, TIE Fighter. My friends and I would pour over the manuals at lunch in school, talking about what we’d fly. Scorching afternoons in Virginia were spent indoors with my friend Matt, racing over after swim practice to jump into a TIE Fighter cockpit to stop the enemies of the empire. And while we still ventured outside, if you’d asked us we’d tell you that our bikes were equipped with the SLAM unit that drove the Missile Boat so fast.
In middle school I met my best friend, Chris Cowger, he revealed to me to the whole other side of their catalog: Full Throttle. Monkey Island. The Dig. All I played at his recommendation. When Jedi Knight came out we spent countless hours on the Polycount site, downloading skins and mods for this fantastic FPS while “The Gone Jackals” played in the background.
As I got older I played other games, and LucasArts sorta faded as the stream of space sims and adventure games faded into the background. But I recall fondly, looking up at my shelf of game boxes, a row of 10-12 titles all sporting the “golden man”.
I read the announcements today with a grudging acceptance that all good things must come to an end. I’d hoped their latest title would have captured some of the magic I remembered then. I feel sympathy for all of those suddenly let go in the tumultuous games market.
Nostalga hits us not just because of the greatness of something, but when it occurred. The magic LucasArts created was special in its art and in its time. In the early days of PC gaming, a young boy was transfixed and amazed. The games may have faded into memory, but the effects leave a deep and powerful legacy on many. I’ll always recall fondly the effect they had on me.
Here’s to LucasArts. =)
“No one wants to die. Even people who want to go to heaven don’t want to die to get there. And yet death is the destination we all share. No one has ever escaped it. And that is as it should be, because Death is very likely the single best invention of Life. It is Life’s change agent. It clears out the old to make way for the new. Right now the new is you, but someday not too long from now, you will gradually become the old and be cleared away. Sorry to be so dramatic, but it is quite true.
Your time is limited, so don’t waste it living someone else’s life. Don’t be trapped by dogma — which is living with the results of other people’s thinking. Don’t let the noise of others’ opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition. They somehow already know what you truly want to become. Everything else is secondary.”
- Steve Jobs, Stanford commencement address, June 12, 2005
I’m sure this quote is pasted all over the internet by now (you can read the full address here) , but it bears repeating. Few had the furor and drive that Steve Jobs had. Whether you liked him or not, or even liked Apple or not, few can argue the breadth of his accomplishments or the passion he had for computing.
If you were born in the 80′s, like myself, think of the first computer you ever used. It was an Apple IIe. I won’t even bother to ask if I’m correct. I am. Our exposure to computers in grade school was because of that man and his insistence on placing them there. His passion for making computers accessible, usable, easy, has more or less been driving by that man. I have not always agreed with his choices, his aesthetic, his bombastic nature or outright militancy for control at times, but I believe his contributions have far outweighed any detriments he had.
Make no mistake about it. The world has lost a great innovator, and he will be sorely missed. For myself, who’s calling in life was sparked by these magical devices, I can barely envision a world without him.
Rest in peace Steve.
By now, you have it. It’s amazing how quickly this thing has taken off, be it that new car shine, or that everyone loves to bash on Facebook.
While you could debate the pros and cons of both, I figured I’d stay away from that and explain what exactly Google+ is, and maybe what Google might be trying to do.
Most of you have a @gmail.com address. It was the first thing Google launched, and we all got one. Nice enough. But what that actually got you was a google account.
This is an important realization to make. Google is, in their words, about “organizing the world’s information”, and to do that, they are rolling out services to provide you with that. Google+ is merely the latest, and it builds on a number of previous services.
Google+ is not really a new social network, in that you join it. It’s just there. Forget for a moment that you had to be invited, because soon everyone will be able to just enable it like they do every other service. When activated, Google+ does the following things:
- Creates you a profile: This is built largely off the info already available at https://profiles.google.com.
- Your friends are pulled from your google contacts (http://www.google.com/contacts)
- Building on the above, gmail and gchat are derived from those contacts.
- Posts and other items are pulled from Picasa, Buzz/Google Reader, and Blogger. (all Google systems)
So notice, right off the bat, you already have content. It’s elegant, and brilliant, and even devious. And once it goes open, you’re there. Nothing else required.
Now that being said, Google did learn something with the Buzz fiasco, in that people don’t like all of their stuff being shared spontaneously. So while you may be invited to Google+ or have it activated one day, that doesn’t mean that everything will suddenly become visible (and indeed, some people actually think that’s a detriment to its potential success)
It also means, for those of you using it, you’ll have to do some things to get it to work the way you want. Rather than going through everything step-by-step and reinventing the wheel, I’ll just point you here on what is basically a user-written user manual. Don’t be scared, it’s small and reads well.
There seems to be a lot of misconceptions about what Google+ is as well, partictular people coming off Facebook looking to give it a try. Circles is the big one. This is an important point, so I’m going to state it plainly:
Circles are not Groups.
Let me explain. In Facebook, you could create a group and invite people into it. That doesn’t exist in Google+. Circles are meant so that you can organize your friends into different categories like you could on Facebook. Only, the category functionality on Facebook is somewhat buried now. The circles allow you to sort people so that you can switch feeds with a click, and also control what you share with whom. Anything you post, be they photos or links or whatnot, will have a box with blue icons in which you can type in the name of a person or a circle, or all of your circles. Seems complicated? Probably is, and honestly, I wonder how many people will really use that functionality (even though they’ve been clamoring for it on FB.) but there you have it.
Also. Connected accounts. Use Twitter? A blog? Facebook? Those can be linked in with Google+. One thing I see happening quickly is people not knowing which network to share and post things to; I can’t see anyone wanting to post the same link three different places. The quicker Google+ makes it easier for everyone to do this, the better. For me, this is one area that Google Reader/Buzz really shine, in that I like to share links with people for things I find, and it’s just one mouse click to flag something in my Google Reader RSS feed to share/comment on something with everyone. It’s completely replaced bookmarks for me.
So those are my notes so far. Those of you looking to add me can search for “Chris Kozlowski” easy enough. I’ll add more tips and resources on here as I find them.
Until then, enjoy. =)
EVE Online has been through 8 (or more) successful years. It has endured well through a changing market due in no small part to its gameplay and dedicated subscribers and developers. It is under threat.
EVE’s appeal relies on more or less one aspect of its gameplay: It’s cutthroat PvP sandbox, which we refer to as null and low sec. It’s at the forefront of every story, article, marketing campaign, etc. It’s what EVE is known for, even legendary for.
EVE’s problem is that this gameplay only appeals to a relative few. Throughout the years, you have tried hard to open these areas to more of the game’s playerbase, yet the distribution of players remains more or less the same. The vast majority still reside in high sec, while a relative few engage in the high profile battles of 0.0. Yet it’s these engagements and the circumstances surrounding them that are expected to provide the basis of EVE’s engaging content, at least if the commercials are to be believed.
There’s a number of reasons for why these are either inaccessible or undesirable to most. EVE is a game of risk management and cost vs. reward. Players are surprisingly good assessors of these. As a former 0.0 player myself, I know well the time commitment, costs, rewards, and not to mention overall feeling that EVE’s endgame requires. Simply put, while the PvP sandbox is exciting and without parallel, it is also steep in its toll, and therefor only enjoyed by few. The rest, as we know, reside elsewhere.
It’s here that despite the cries of pandering to “carebears” and the lamentations of the “hardcore”, that EVE’s health and wellbeing resides. It goes without saying that if the majority of its players reside in high-sec, then the majority of its subscriptions come from there as well. And yet this is the most stale, unappealing, and one might say neglected area of the game.
It is true that these areas have been the focus of many features over the past few years: exploration, epic arcs, expeditions, incursions, planetary interaction, etc. There have been a slew of fantastic tools created to paint the world. And yet most of these go untouched, lost, forgotten, or in some cases, even broken. (COSMOS)
A new player coming into EVE and fresh out of their tutorial has no reason or motivation to become immersed in the world because there simply isn’t one. His interaction with the universe beyond that of his fellow pilots will be a simple agent offering the same 2-3 missions, over, and over, and over again.
The tools exist, the demand exists, but not much is done. CCP has boxed themselves into a corner with the 6 month release cycle, and there’s little time for polish. Features that cannot be completed in time are scaled back and then forgotten as a new gimmick or feature needs to be pushed for the next expansion. The previous tool sits unbroken, unused, and the flurry of new subscriptions it prompted fade away as its unfinished state is realized.
CCP needs to break this cycle. If EVE is to compete for a larger subscriber base and have broader appeal, then it needs to take lessons from other games not just in what doesn’t work, but also in what does. The game needs content. Stories, missions, campaigns, All of the challenges and engagements that provide fulfillment and a sense of immersion for all pilots, and not just ones in an established alliance. And far from the cries of “WoW is over there!”, this can be done using the existing tools and framework. The core game mechanics need not change. EVE can have both, if the attention is given.
The recent expansions and “Features” have disillusioned me and many others regarding EVE’s seemly lack of direction. Development seems to want to go in every direction at once, appeal to as many people at once, and yet, it has never been communicated as to what that long term strategy is. The recient introduction of micro transactions I feel did not detract from the game, but rather created more questions as to what the purpose of it all is. Incarna was, again, a half-finished expansion, scaled back in its scope and size.
I recognize that CCP is a business, first and foremost. They exist to make a profit and keep their staff employed. I see no problem with this. For that to continue to occur, EVE needs not just to continue to be successful, but also to grow. To do this, I believe the following needs to occur:
- Develop and then communicate a long term plan for the development path of EVE. This should be firmly grounded on features and structures that will augment the enjoyment of the game to the majority of its players and potential ones.
- Abandon the 6 month release schedule in favor of a longer term expansion schedule. Completion should be decided based on the finishing of the intended feature or content. This will ensure those who were anticipating the release will be lured in to stay.
- Re-focus on adding to and refreshing the game’s core content. Missions, arcs, expeditions, etc. Be they multiple linear paths or branching ones, these should fill dozens of hours of gametime. Rewards can be based on the receipt of vanity items (Incarna, badges/awards, hanger items and loot, unlocked aesthetic options, etc.) in-game loot or weapons, and last but not least, unlocking and reveal of plot points, information, and addition to the overall world build and progressing story.
This last point I believe is absolutely key to expanding EVE’s appeal beyond its current player base. Far from being another mission-grinding MMO, EVE’s tools allow for missions and story to be presented in a much more dynamic and interactive sense, all while taking place within the current sandbox. Instead of EVE’s missions being compared to other MMO’s, other MMO mission progression and immersion should compare unfavorably to EVE’s.
I hope you’ll take the time to read and consider the points I have raised. Over 6 years I have watched EVE grow and expand. There is no doubt something special here. But it’s time both the developers and the players started thinking beyond what we’ve been coasting on and start really addressing the long neglected but traditional-MMO area of gameplay and it’s Achilles heel. I think only then will we see the huge influx of subscribers we’ve been waiting for, the grand universe we’ve been hoping for. Then we’ll truly be the envy of the rest of the gaming world.
The PS3′s security is in the news again, this time with the PlayStation Network. Those of you who spend time on it have no doubt heard by now that the network was compromised, and was shut down as a result.
There’s been a lot floating around on the rumor mill, both as a result of speculation and the deafening silence coming out of Sony. I’ll try and explain why this is probably the case.
In the beginning of any incident, the amount of knowledge known is little. Something, somewhere, alerted Sony to the fact that a breach had taken place. And by breach, we mean any successful penetration of the security perimeter (the line demarcating where Sony’s control over their network infrastructure ends.) It is not:
- An nmap scan against their firewall. That sorta thing happens all of the time, and is outside their perimeter.
- Buying things off of PSN with a stolen credit card. (That’s another problem entirely.)
A breach means that someone was able to gain access to a device or devices in a way that they shouldn’t have had permission to do. That’s it. At that point, Sony is in incident response procedures.
It’s important to make that note because once it’s been determine that an illegal entry has taken place, (and it is illegal.) then it’s absolutely essential that they do things by the book. At the point that they know they’ve been compromised, care must not only be given to finding out exactly what happened, but preserving that information in such a way as it can be used in a criminal investigation later. There are also legal obligations of reporting and notification that are required if say, personal or financial information is comprimised, and only with detailed informaton on hand can those be fully met.
Sony’s take down of the system was a wise move in that regard, because it enabled them to freeze the state of their system so that they could conduct their investigation without worry of the system being further modified by either the attacker or through normal operation. Much like preserving the scene of a crime, proper incident response requires the system owner to freeze the system state so they can be confidant that the system has been unchanged since the time the breach was discovered.
Once that is done, there’s tons of questions to be answered. Keep in mind, at this point, all the system owner knows is that the system was in some way compromised. There’s questions to be answered:
- What information was accessed? What wasn’t?
- How was it accessed?
- Who did it?
Note my numbering here. “who” is placed last. While this is no doubt important, the primary concern will be to determine if sensitive information was compromised and how. Maybe the attacker was able to log into an authentication server, but was unable to access the database containing personal information? Maybe he was able to access that as well? These questions are important in determining the actual risk incurred, the amount of work needed to be done to clean up or mitigate the breach, as well as identifying later what worked and what didn’t.
To figure out what the attacker accessed means tracing back from the point of entry every action the attacker did. Much like a detective will try to determine the events of a crime, the computer forensics team will need to determine what was accessed, when, and how. To do so means combing through tons of logs, ACLs, and any errors or alerts that fired. This could be made easier or harder depending on the level of logging they had configured and any systems they had in place to aid in this process. Maybe logging was configured on all devices, or only some? What events were being logged, and were any not being logged that would be essential later? Is there any sort of log aggregation device that is being used (syslog) or do they have to be collected individually? Are there any parsing tools being used that will help in sifting through the data, or does it all have to be combed through by hand? Did the attacker access the logs, and in that case, can they be trusted? All of these things will determine the speed and accuracy by which Sony will be able to determine what happened and how.
At this point, Sony has determined that personal information was compromised (see their FAQ) and is in the process of trying to find out conclusively if financial information was gained as well. Depending on the answers to the questions above, they may or may not be able to say so with certainty. In this case, assume “worse case”, that the attacker obtained it.
Unfortunately, we won’t know any more unless Sony releases their “After-action” or “Lesson’s learned” reports after the fact. This, while no doubt helpful to the security community and other organizations seeking to avoid a repeat, will most likely paint Sony in an unflattering light. It’s for that reason that we rarely see those kinds of disclosures, the lessons are never shared, and why this sort of event gets repeated so many times for so many businesses. Any guesses as to how the attacker purported the attack will likely remain unknown for a long time, unless authorities actually succeed in bringing him to justice.
There’s little point in speculating as to how the breach occurred. While most of rumors have pointed towards an entry through the PlayStation itself or some other method through the PSN authentication servers, it’s by no means limited to that. Nor is it necessarily the work of even an external attacker (though Sony alludes to this.) Nevertheless, I will engage on a bit of speculation on my own and suggest that someone did get through “the front door” as it were, given the poor security of the console and the hacking community’s repeated abilities to authenticate to PSN with hacked and comprimised consoles. We’ve seen other instances of poor key management and lax authentication from the PS3 design, and it’s not hard to speculate that some of this carried over into the PSN’s design.
If this were the case, (and do make note of the “if”, as this is entirely speculation here) then it calls into question what sort of protections exist between the public-facing PSN servers, and the back-end payment processing and database servers that house customer information. It’s been my experience in the past at least that it’s all common for many system owners to throw a firewall and SSL on the front end, and call it done. Defense-in-depth is key. And even in places where a DMZ does exist (firewalls in both front and behind your public facing servers), they’re not always configured correctly. And your databases still need to be hardened and configured for least-privilege. There’s a tendency for things to be lax on the back end, with the argument that “no one should be back here anyways”. That may be true, but that doesn’t mean that someone won’t be eventually, and those successive lines will be the difference between reporting a breach of your DMZ and calling it a day, and reporting the leak of 70 million plus records. =P
The other talk has been of “why”, and why has Sony made themselves such a target. Why not Microsoft or some other?
Certainly, XBox live could have been the target of something like this, and it’s entirely speculative as to whether or not their service is better hardened against this sort of thing. I’m inclined to think that perhaps it is, given their tendency to deploy their own solutions in-house before helping their customers do the same.
But more importantly, Sony has made themselves a target. The PS3, when released, was billed as a “do everything” console, and in addition to being an entertainment console, it was built to resemble a hacker’s dream: It used an exotic, but open and well supported foundation in the form of the Cell processor for which there were plenty of APIs and compilers available, and it readily supported the installation of other operation systems and applications.
The problem here for Sony though was that selling an open console did not fit with their strategy of being an exclusive provider of the buyer’s media and applications. Piracy no doubt played a role in this as well, but in the process of stamping that out, they also shut the door on thousands of people who bought the platform for it’s homebrew and hacking applications. This is combined with the fact that it’s hard to justify paying for Sony applications and services when it’s entirely possible to throw your own operating system on the machine and gain those abilities through an independent channel. Sony does not make money on selling you just the console, and so this is a losing proposition for them.
So Sony has been in a losing position due to trying to sell and support a console that is built for a purpose other than their business strategy. The 360 suffers from none of these issues, because it was never an open platform to begin with. Microsoft’s console strategy is no different than Sony’s, but becuase it was never a viable platform for homebrew to begin with, it never raised people’s hopes enough to begin with.
It’s worth mentioning that the Kinect is an entirely different scenario, but Microsoft no doubt makes money on the sale of each of these devices, and so it is entirely fine with providing them to anyone who wants to do something with it. Consoles on the other hand, make their money through the sale of games and services, not from the console themselves, and so anything that breaks the model of ensuring that consumers buy from only the services provided by the console vendor makes selling them a losing proposition.
This model is contradictory to the model by which most people are used to buying things, in which the item becomes yours and yours to do with as you please once you’ve purchased it. This has been the expectation of those who bought the PS3 console in particular. Sony’s model however, is built on the idea that you’ve instead paid to license the console from them, and they dictate what you can and can not do with it. This is no different than Microsoft or Nintendo’s model, but by raising the ire of the community by going out of their way to promise and deliver an open platform, only to take it away a couple of years later, has made them the target of the community’s ire, with attacks such as this one.
There’s a PDF going around today that’s been getting a lot of attention in claiming that Sony is transmitting user information in the clear:
Unfortunately, the paper is loaded with irrelevant information, dubious claims, and poor understanding of internet transactions. But there is a little nugget of good information in here, which I’ve tried to pick out.
The section on “sensitive information” seems to contain a lot of filler, and doesn’t make too much sense. He claims that Sony uses HTTPS/SSL, but that this “isn’t good enough”. He then goes off topic about how Sony is a large network and that the IP addresses of this large network are all publicly accessible. This is all true, but does not contribute to his argument that the information is not secure. But he does seem to insinuate that there’s a way to phish user data, partictuarly in his mention of SSL, custom certificates, and third-party DNS servers.
Let’s look at the HTTPS/SSL issue.
When an SSL session is negotiated by your PS3 with Sony’s servers, you fetch a certificate from the PS3 server that is authenticated against a CA, verifying that the server claims to be who it says it is. In that certificate is the server’s public key, which is used by the client to encrypt information to send to it. Information cannot be decrypted by the public key, only by the server’s private key, which only it possesses.
So the information being sent to Sony is encrypted, and it’s using SSL, the accepted standard for banks, remote terminal sessions, your gmail, and generally anything else of importance. There are no current flaws in this protocol when implemented correctly.
The ability to forge a client certificate on the PS3 weakens this somewhat, but not directly, and the paper fails to describe this. But I think I can identify what he’s trying to get at.
The PS3 needs to have a trusted root certificate from a Certifying Authority (CA) stored in the console in order to verify that when contacted by a system claiming to be a Sony PSN server, it can verify that is really is a PSN server. (This is the same mechanism that identifies your bank to be who they claim to be.) The ability to create custom firmware (CFW) means that a hacker could distribute a CFW that possesses an altered, additional, or different trusted root CA.
Recall whenever your web browser gave you an alert upon finding an expired certificate, or probably more appropriately, a self-signed certificate. If you’re using HTTPS on a home router, you probably have one of these. Since there is no pre-loaded root CA on your system, you need to decide if you can trust it yourself.
By having a CFW loaded, you’re never prompted for this, and unless you audit the code yourself, you won’t know if there’s other root certificates loaded. Any that are loaded are assumed trusted.
Here’s where we get to the “third-party DNS” that he mentions. Assuming you’re not running your own DNS server (to say nothing of if it’s secured) it is possible that the DNS server you connect to could be spoofed to identify a Sony PSN server’s host name as a different IP. At that point, assuming you’re running a CFW that has a crafted root CA loaded, the PS3 will recieve the spoofed address, the altered certificate will identify the server as legitimate, and a connection will be established. Voila, your information is being sent.
So the short of this:
Your information is not being sent in the clear, but is being sent via industry standard HTTPS/SSL.
For an attack to succeed:
- An attacker must persuade you to load a CFW that has a self-signed root certificate loaded on it
- The attacker must successfully poison the DNS cache of a DNS server that YOU use
- The attacker must then wait/hope/pray that you connect to the server he spoofed so that you can authenticate to him.
That, ladies and gentlemen, is a pretty tall order, though it’s by no means implausible. But it is the sort of issue that gets a lot of attention these days (and is a large part of the reason why certificate validation has become so visible in web browsers as of late.)
Of course, it could certainly be a lot simpler than that. If we can convince someone to load our custom firmware, why not have it contact our servers directly? We could dispense with SSL all together, install our own application data, and pull all of the information we want directly. A CFW allows the writer of it to exercise control of the system if he/she wanted to, just like the writer of a trojan or rootkit gives an attacker control over a PC.
So if you’re not using a CFW, then you’re pretty safe. If you are, then you need to ensure that no other forged or crafted root CAs exist, and that you are using a relativity secure DNS server. In my opinion, any DNS server by a major ISP should be more than sufficient.
If Sony has a good argument for persuading people not to use a CFW, then it’s this one here. Remember the tenant of security: “If a bad guy can persuade you to run his code on your computer, then it’s not your computer anymore”. PS3 hackers are suddenly discovering this. With root access, you can see a lot that you couldn’t previously. Would they be just as surprised to know that this very same information is sent to your bank, or Paypal, or WoW account, every time you use your PC?
I am just as excited as most at the possibilities of running custom code on the PS3 hardware. But with such power comes responsibility, as well as danger. Always ask yourself if you trust the source of your software, and what mitigation are in place. For CFW, those mitigation’s could be few indeed. Keep your personal information off a cracked PS3, and if feasible, off the internet entirely. I have no doubt that Sony will find ways to keep cracked PS3s off PlayStation Network for good, so there’s little to lose here. The important thing is to recognize the risks that follow a CFW, and act accordingly.
(Parts of this post were originally posted here, comments, page 3)
As promised, the text of the email I wrote to the Honorable Jim Webb, Mark Warner, and Gerry Connolly, Senators and Representative, respectivally:
I am writing to you to share some of my concerns regarding recent decisions with regards to airline security and the general security approach of the United States in general.
Starting sometime after the discovery of bombs hidden in printers aboard cargo planes, the Department of Homeland Security through the TSA decided to implement full-body scanners and pat-down searches at all airports. Whatever the misconceptions and notions surrounding these techniques, I fail to comprehend the cause and effect between the attempted delivery method and the countermeasures used.
More importantly however, I am increasingly disturbed by the increasing willingness to infringe on privacy, courtesy, and respect, in the attempt to make us “safer”. It is my opinion that these measures are not only ineffective, but insulting to a society that supposedly prides itself on it’s freedom and liberty.
Throughout our history, we have trumpeted our ability to stand up to hostile action and adversity, and resist intimidation, fear, and danger in order to preserve the fact that our nation was created around common virtues, and not some racial or geopolitical basis. Our founders espoused mottoes such as “Give me freedom or give me death!” and “Live free or die.” to illustrate the fact that they believed that it was better to risk one’s life as a free man than to guarantee safety under oppression.
It is not an easy thing to be able to stand tall and say “I accept the risk” when such horrific implements can be used against us. But that’s just what we as Americans have done in the past, and has given us a reputation of bravery towards our ideals.
Our intelligence and police agencies continue to do their best to sniff out plots, worth together, and investigate wrongdoing. In every reported instance, we have either thwarted or quickly responded to every attempted act of terrorism, often through good old-fashioned detective work. This has shown to be a proven and effective method of dealing with the threats we face while maintaining a free and civil city, and we should continue to support these people where we can.
There will always be a residual risk however, one will, invariably, get through. It is in these times in which our fellow citizens, not our soldiers or police, will be tested. And just as those citizens in history decided it was better to risk their lives in war than live under oppression, so do we need to accept a degree of risk, however minute, in order to live according to the freedoms and liberties we all desire and espouse, that so many gave their lives for centuries ago.
Our world is in many ways, safer than it has ever been. Our time-tested and honed methods keep the likely-hood of being affected by such an attack to a tiny amount. It is up to us ordinary citizens to carry the rest, to resist the urge to investigate our neighbors, to spy on their conversations, to search them in public without probable cause. I ask you to help set this example and do your best to repeal these practices, and remind the rest of the world what it truly means to live in a free society.
Thank you for your time.
I read this today.
The EFF and Apache are filing amicus briefs supporting Microsoft in their desire to overturn patents relating to the ability to edit XML, a key feature of Office 2008. Earlier this year a small company sued Microsoft over those patents, threatening an injunction against Microsoft and their ability to sell Office. Microsoft is trying to get the case examined by the Supreme Court as an example of how broken the patent system is.
Later today, I read this.
Microsoft is suing Motorola for using it’s patents on things like “Generating meeting requests and group scheduling from a mobile device” on Android smartphones.
With a company as big as Microsoft, I can understand instances where the left hand doesn’t know what the right hand is doing. But when these instances are followed by long winded blog posts about “protecting innovation” or “reforming the system to prevent abuse by patent trolls”, I really feel like it’s all a bunch of BS. They’re playing both sides depending on who’s holding what and what they can sue/prevent from the other.
If there was ever a clear need for patent (and tort!) reform, this is it.
“Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.”
I often wrestled with the above statement, re-quoted so many times by so many people in the face of any security argument. In the urge to “connect the dots” after 9/11, I often wondered what Ben Franklin would have thought of his now famous statement. Would he still agree? Is it too much to ask to purchase a little safety?
The world we live in today is much different from that 234 years ago to the day. We live in a time of magic and awe. Six billion people inhabit this planet, many of them able to share their thoughts and ideas with millions of others instantly regardless of distance or location. We are able to send anyone or anything anywhere on the globe within 24 hours. A butterfly flapping it’s wings in Africa may be able to eventually spawn a hurricane in the north Atlantic, but that’s nothing compared to the speed of an email or Twitter wave.
Never before has the world been so open and interconnected, and every day the lives of thousands everywhere gets incrementally better as the walls that held back human progress in the remote locations of the world come crumbling down. Yet the same mechanisms that whisk thoughts and goods and people from place to place also send threats and malcontent over the same channels. Some are terrified at the rapid changes in people’s lives, and are driven to violence. Others believe that the rest of the world should stay as it is, that we should build the walls again, and leave the rest to it’s machinations.
To the latter group, it is a fool’s wish. The world will never close up again. And it is here we find ourselves today.
I wondered what Ben Franklin would have said. If we were not to give up liberty for security, then were we to give up security? Would it be inevitable that people would be bossed and shoved around? Terrorized? Harmed? Killed? Who would advocate this? No, I thought, people were being too thin-skinned. It doesn’t matter if the FBI or so is reading your email, they’re not out to get you anyways. An extra security line here or there to check for bombs is fine. The nation got it’s fill of seeing people jump out of skyscrapers to their deaths to avoid being burned alive, and we would all toughen up to avoid having to go through that ordeal again.
I thought this for a while, until I passed a New Hampshire license plate.
It’s been said so much from such an early time that the words became meaningless to me, and yet one day, driving down the interstate, it clicked. There was a time, when people didn’t have a say in how their affairs were run. They were forced to pledge loyalty to some guy an ocean away, who didn’t give a shit about them unless the taxes we note being paid. People were tried and convicted in mock courts, under laws that were suspended at will, and where death by hanging could be the penalty for a trivial offense.
The people who endured this chose not to fall in line, but rather, they declared war.
The statements “Live Free or Die”, “Give Me Liberty, or Give Me Death!” are quotes that are referred to often. They were spoken by ordinary men who were fully willing to embrace the threat of harm to ensure the right to live as they pleased. A terrible conflict ensued, and thousands perished.
We honor this day and others during the year and speak to those days when those citizens before us decided enough was enough and they would be terrorized no longer. We celebrate, rightfully, what was a monumental occasion.
It has been over two centuries since that conflict. But these days I feel that sentiment, the lessons from that struggle, are more relevant than ever. Our world holds untold promise and prosperity, but also new threats and dangers. We face risks and read about horrors that the founding fathers never would have imagined.
Many in this country think we should do everything we can to protect our citizens from every conceivable threat and attack. This is a laudable, if unrealistic, aim. Nevertheless, we try. But in doing so we often erode those liberties the founding fathers spoke of. We read email, install full body scanners, take off our shoes at airports. You can no longer photograph some buildings or officials, for fear of undertaking reconnaissance. Some declare that the constitution should no longer apply to those accused of terrorism, U.S. citizen or not.
Those in the security business would tell you that these measures work to a marginal extent. A determined attacker will get through eventually. However, many would argue that any measurable increase in security is worth the price.
The founding fathers would disagree.
No one would argue the need for practical measures, for vigilance, for a strong military and law enforcement. But the day will arrive, occasionally, where harm is done or lives are lost. And it is we, the ordinary U.S. citizen, who must remember that it is the price we pay for enjoying such little interference in our affairs, for the right to do as we please while upholding the rights of others, for the right to choose, to speak out, to condone and complain.
We are not defenseless. Bravery, ingenuity, cleverness, and tenacity continue to protect this nation of 300 million every day. We are not on the verge of being annihilated, and we were wise to structure our government in such a way in that we rely on no one man or family for continuity. Our military, our intelligence agencies, federal and local police, all of our lines of defense filter and stop so much. But there is a threshold at which point security begins to trump liberty, and it is there where we must accept that residual risk and bear the burden ourselves, as the revolutionaries once promised to do, and did.
Have a happy 4th of July everyone. =)