The Abstract Factory

It's Crypto-Gram day again. It's a good issue this month, IMO worth reading in full, but my favorite highlights follow.

Item number one: airport security officers planted a bomb in an air passenger's luggage as a system security test, then failed to find it:

Dateline: Canada—A routine test of airport security turned into a Marx Brothers routine after security officers mistakenly sent a passenger home with a suitcase full of TNT. The TNT was supposed to be planted in the bags of a Montreal security agent. Instead, it somehow ended up stuffed into the luggage of an unsuspecting overseas passenger who arrived at Pierre Elliot Trudeau International Airport last Friday. The unnamed passenger went to a friend's house where he found the explosives concealed in a jam jar and placed inside his suitcase. The man immediately called Quebec provincial police. The TNT, which officials say had no detonator attached, was meant as part of a weekly test for bomb-sniffing dogs at the airport. Ironically, the dogs failed to detect the explosives. The passenger and his baggage were able to pass though airport security unchecked. “Our investigation is going to reveal exactly what happened,” airport security spokesman Pierre Goupil told TV network TVA.

Item number two: Schneier points to a Wired News article about Coca-Cola and the NSA:

Coca-Cola has a new contest.  Hidden inside 100 cans of Coke there's a SIM card, GPS transmitter, and a microphone.  The winners activate the Coke can by pressing a button, which will call a central monitoring facility.  Then Coke tracks the winners down using the GPS transmitter and surprises them with their prize.

NSA engineers drink Coke.  Lots and lots of Coke.  The possibility that an active microphone in a Coke can could be in one of the NSA's highly secure facilities is worth considering.  A reasonable threat analysis might look like this: "You know, the chances that one of these 100 cans out of hundreds of millions of cans ends up in our building is extremely small -- somewhere around 1 in 100,000 -- so it's not worth worrying about."

But the NSA's Information Staff Security Office) decreed differently:  "It is important that ALL cans of Coca-Cola within our spaces be inspected.  This includes cans already in our buildings and those being delivered on a daily basis.  If you discover one of these cans, DO NOT activate it.  Instead, you should alert your ISSO immediately and report the incident."

Schneier has more... (scroll down to "Security Notes from All Over")

Lastly, on a serious note, Schneier discusses security implications of torture, in light of a couple of recent Salon articles on Abu Ghraib and the French experience with torture in Algiers. Schneier writes:

Torture has been in the news since 9/11, most recently regarding the U.S. military's practices at the Abu Ghraib prison in Iraq.  Politics isn't my area of expertise, and I don't want to debate the politics of the scandal.  I don't even want to debate the moral issues: Is it moral to torture a bomber to find a hidden ticking bomb, is it moral to torture an innocent to get someone to defuse a ticking bomb, is it moral to torture N-1 people to save N lives?  What interests me more are the security implications of torture: How well does it work as a security countermeasure, and what are the trade-offs?  This is an excellent pair of essays about how ineffective torture really is.  Given that torture doesn't actually produce useful intelligence, why in the world are we spending so much good will on the world stage to do it?

Which puts me in mind of some truly nausea-inducing claims that Sy Hersh has been talking about recently. We must, we must win America back from the criminals running this country, for the sake of our consciences and for the sake of the world.

posted by Cog @ 12:05 PM    permalink
Blogger Comments (0)  |  Post a Comment   

D. S. Isenberg notes that R. Cringely is smoking crack when he says that we should try to squeeze high-fidelity video down the wire at 64kbps. But Isenberg doesn't go far enough: the fact is, both the circuit-switched telephone network and the packet-switched Internet are pretty inefficient ways to deliver high-fidelity video to the world.

Demand for video content, like demand for nearly all human content, follows something like a power law ("Zipf's Law") distribution. To a first approximation, this means that, at any given time, (1) the vast majority of people want to watch the same small number of shows, and (2) there is a small minority of people who all want to watch different movies from each other. So you want to send the 100 most popular movies to everyone, and the 1,000,000 least popular movies to one person each. Call these two groups the "head" and the "tail" of the demand distribution respectively.

The telecom network and the Internet are both "point-to-point" networks: for anything to get sent anywhere, the endpoints of the communication have to agree to open up a dedicated connection. This means that the load on the content provider scales roughly in proportion to the number of clients. (OK, well, there's ongoing research on cooperative proxy caching, but these systems are not fully deployed, and even when they were fully deployed it's not clear the proxy caching overlay can overcome the inherent per-client costs associated with the Internet's underlying architecture.)

For the head of the video demand distribution, point-to-point networks are fantastically inefficient, because the server can't send out the content that everyone wants at once --- it must send out the content to each client individually. And the tail of the video demand distribution is so long that it's basically futile to try to cram all those unique bytes of video down existing pipes. Even if you got a fiber optic line leading all the way from the ISP to your wall socket, the Internet's center would not hold --- there is not enough backbone bandwidth to carry all the video content people would want. We can upgrade the Internet, but it would be costly.

So what should we do? Well, as it happens, our department had a reading seminar last year on this very problem, and some bright people in the systems group have been devising solutions...

For the head, use TiVo on steroids: digitally broadcast all the most popular video over the air; put a big hard drive in everyone's house; cache all the video on the hard drive until the user wants to watch it. We have terabytes of data raining down on our houses every day, and nearly all of it goes completely unused.

For the tail of the distribution, use Netflix/Greencine on steroids: "sneakernet", a.k.a. physical media distribution. Physical media has high latency, but also high throughput and low cost. In a few years, an iPod-sized hard disk-based device will be able to hold dozens of DVD movies. You could mail one of these to your customers. Barring that (maybe hard drives remain too expensive to mail), optical disks improve more slowly, but the next generation of DVD will have higher capacity, and better video codecs will reduce the size of DVD-quality movies considerably. It should be possible to mail a dozen movies or more per disc by the end of the decade. Or, you could require that customers bring their iPods to the video store; the store, in turn, could use terascale sneakernet [note: 200K MS Word file] (Google HTML translation) to get each week's videos from central distribution.

Together, broadcast + caching + sneakernet are much more efficient than point-to-point networks. With the combination of these systems, you do give up the ability to get any video, in high quality, on demand at any time without leaving your living room --- but that wasn't going to scale at reasonable cost anyway.

p.s. Astute observers may ask: Well, web page demand follows a power law distribution too, so why shouldn't we use broadcast + caching + sneakernet for the web? The answer is that unlike movies, web pages (1) are relatively small, (2) change over time, (3) number in the billions, not the thousands; these three facts change the arithmetic, and make the point-to-point Internet more attractive. Nevertheless, these are mere engineering concerns; at the rate that hard drives are growing, it may soon be feasible to broadcast and cache a nontrivial fraction of the web in individual households.

Labels: computer-science, telecommunication

posted by Cog @ 1:16 AM    permalink
Blogger Comments (0)  |  Post a Comment