Tuesday, December 22, 2015

The Fallacy and Idiocy of the so-called "Golden Key" to Break Encryption

The recent terrorist attacks in Paris (France) and San Bernardino (California) have invigorated the demands of clueless politicians for the creation of a so-called "Golden Key" that would allow law enforcement to decrypt encrypted communications.  In a recent Washington Post Article: After terrorist attacks, the debate over encryption gets new life; the Post notes that: "On Wednesday, Sen. Dianne Feinstein (D-Calif.) became the latest senior lawmaker to call for such legislation. “If there is a conspiracy going on” among terrorist suspects using encrypted devices, “that encryption ought to be able to be pierced,” said Feinstein, vice chairman of the Senate Intelligence Committee."  In regards to another clueless politician, the Post wrote: Kasich doesn’t understand how the tech that keeps you safe online works.

The problem is that should a "Golden Key" actually be developed and implemented as demanded by the clueless politicians, the "bad" guys, such as the terrorists, will also be able to use the "Golden Key" to break the encryption of the "good" guys, thus making the communications of the "good" guys insecure. Fortunately, the Washington Post also ran the article: A key under the doormat isn’t safe. Neither is an encryption backdoor, which counters the assertion by Sen. Feinstein that "piercing" encryption would be helpful.

The mere existence of a "Golden Key" means that it can somehow be stolen or otherwise acquired by anyone. An unwritten law is that secrets leak. Once acquired by the "bad" guys, they will be able to break the encryption of the "good" guys. That means the "good" guys such as the banks may find themselves susceptible to hacking. Furthermore, as for the "bad" guys, why they will simply go to their Plan "B", the development of their own proprietary encryption. Thus the development and imposition of a "Golden Key" is a fools errand. To protect the "good" guys, unbreakable encryption is required.

The necessity for unbreakable encryption, even if it unfortunately means that the terrorists benefit, is a complex topic. For more details and greater insight, I will refer you to the TechDirt theme concerning encryption. Please read the posts of the people commenting on the various articles.  They will provide much more insight than I have provided.

A link to a variety of articles published in the Washington Post on the topic of encryption. As with the TechDirt article, it is also important to read the comments provided.

A link to an old, but still relevant, 1997 article from the Electronic Frontier Foundation: Decoding the Encryption Debate.

A post by Troy Hunt:  Security Sense: Encryption is a necessity that cannot feasibly be compromised.

Phil Muncaster writes: IT Body: 'Let’s Not Weaken Encryption in Wake of Terror Attacks'Mr. Muncaster quotes ITIC president and CEO Dean Garfield as saying:Weakening security with the aim of advancing security simply does not make sense.

Monday, August 3, 2015

The Multi-Year Science Fiction Magazine Database Extravaganza Endlessly Continues

I now have a rudimentary version of a Science Fiction Magazine Database that works through your (internet) browser. The benefit of this approach is that it works on your home computer and/or LAN, does not require specialized database software such as Base or MS Access, and (at some future point) will be internet ready. However, it does require that you have MySQL and Apache (LAMP/WAMP) operating on a computer. There is still much work to be done.

Opening Screen
The image above is the opening (main) screen.  From the opening screen one can do an author or story search. Additionally, one can display all magazine issues or filter by magazine.

Eventually, subsequent screens (as you can see below) will need to be redesigned to remove the Galaxy cover as it tends to be distracting in subsequent screens.

Note: The "Author" field contains a hyper-link. Clicking on it will display all stories written by that author.

Listing of Each Magazine Issue in the Database

My apologies to those reading other magazines. I have just been tracking Analog. The image below displays some of the F&SF magazines that have already been entered. Please be assured that this database can handle all magazines.

Note: The "Magazine Name" field contains a hyper-link. Clicking on it will display all stories for that particular issue.

Filtered Issue List

Selection of an Author

Display of all Stories Written by the Author Selected

Selection of a Magazine Issue

Display the Contents of the Selected Issue

Listing of All Stories Having "Pluto" in Their Title
Note: In the screen above there are hyper-links for both the author and magazine issue. Consequently, one can lookup either the author stories or the contents of the magazine issue.

This project still needs a lot of work. For example, I have not yet gotten around to developing editing screens. Turns out editing is much more complicated than simple data retrieval. Editing, when it is done, has been done through phpMyAdmin which works directly with MySQL.

Additionally, it seems that I will need to learn JavaScript for certain actions. Drat, yet another programming language to learn!!!

This project is essentially for my self edification. A more extensive and complete source of information is located at the Internet Speculative Fiction Database (ISFDB).

I anticipate that this browser based approach will be the final rendition in the development of this database. But then one should never say never. Eventually, I intend to complete it. But don't hold your breath.

Should you have any comments, please leave them.

Saturday, February 28, 2015

Backing-up MS Window Files to Linux on a Dual Boot Computer

Backing up files is one of those onerous tasks that has to be done if you want to preserve your data. Currently, I am running a computer using Linux (Ubuntu) with the capability to boot into MS Window 7.
I assume that many people will have a similar configuration and a need to preserve their MS Windows files. This narrative will review one approach for automatically accomplishing that task.

While most of my work is in Linux, I still have occasional need to boot into MS Windows and modify files that need to be saved. Yes, MS Windows has a backup program that can save your work. The problem, I have never gotten that backup program to function reliably. Next, my duration on MS Windows tends to be very short which circumvents the automatic scheduling of backups. Finally, the stored data is in a proprietary format and is not portable. Consequently I sought out an open source solution from the Linux environment that would accomplish and automatic backup.

As a quick aside, the back-up media that I am using is a Western Digital 2T USB hard drive that is attached to a USB port on my router. This configuration was chosen based on the premise that one should not use the same drive to backup your data. You would lose both your data and the backup should the drive fail.

When operating in Linux, there are a variety of back-up programs. Currently I am using sbackup. I have liked sbackup, but it has proven to be finicky. In this case, it appeared that sbackup was backing-up the MS Windows files. But that turned out not to be the case. The apparent "simple" solution failed. Time for Plan "B".

Plan "B" involved creating a "windows_backup" directory in my Linux home directory, using the Linux copy command, and employing anacron to schedule the backup.

The \etc\anacrontab entry to implement the backup script (program) is below.  
 1      20      window_backup    nice  bash /home/steve/ShellScripts/windows_backup.sh
Essentially the syntax above says to run the script (program) found in the file  "windows_backup.sh" once per-day 20 minutes after the computer boots into Linux (Ubuntu). Anacron manual page. The script below copies the MS Windows files into my Linux home directory and places them in the "windows_backup" directory. Sbackup successfully stores the files onto the Western Digital USB hard drive. No manual intervention required. Yea.
# Executed from /etc/anacrontab

cp -f -R -L "/media/windows/Users/Stephen/My Documents/Access" /home/steve/windows_backup/
cp -f -R -L "/media/windows/Users/Stephen/My Documents/My Garmin" /home/steve/windows_backup/
cp -f -R -L "/media/windows/Users/Stephen/My Documents/POI_Data_Files" /home/steve/windows_backup/

chown -f -R steve:backup /home/steve/windows_backup

As a conclusionary note, sbackup is only one of many Linux based programs to backup files. I am not that familiar with the other backup programs. Please do not consider my use of sbackup as an indication that it is the backup program that is to be used. You may wish to do your own search. Other Linux based backup programs may be able to successfully copy files from an MS Windows partition without the Plan "B" option noted above.

Tuesday, January 27, 2015

Intuit - A Despicable Company

Once again Intuit has demonstrated that is a despicable company out to screw its customer base. Prior Intuit Despicable posts here.

In this case, it was recently revealed that some of the standard features included with TurboTax Deluxe have been disappeared. As in removed without informing the customer that these features where no longer available. I had just bought TurboTax Deluxe. Neither the box nor the installation process disclosed that Intuit had downgraded TurboTax Deluxe. Today, I received the following notice.

The prostration by Mr. Goodarzi that: "Intuit has a long history of doing right by our customers, ..." is utter bunk.  I also note that others have seen this misleading slight of hand. Intuit gets greedy, nearly doubles price of TurboTax. Intuit Strips TurboTax Deluxe of Support for Key Tax Forms.

Even more incredulous is the duplicitous gobbledygook statement that: "Here's why we made the change. Over the years, we have worked hard to make it easy for you to choose the TurboTax product that is right for you and your unique tax situation. We want that choice to be clear and confidence inspiring. However, as new online and mobile technologies emerged, our products, and the tax scope and features they included, began to differ, leading to customer confusion. These differences also impeded our ability to introduce new innovations across our entire product line." Mr. Goodarzi seems to believe that Intuit customers are both confused and stupid.

Mr. Goodarzi goes on to state: "But good intent must be matched with great execution, and that is where we let you down. We have heard from many of you that you were surprised when you discovered the change. No one likes this kind of a surprise, so we are taking immediate action to make things right and help you through this transition year." Obviously the "surprise" was trying to pull a fast one on the customer. Well, there are two simple actions that Intuit could have done that would be customer friendly assuming that Intuit was actually ethical.

  1. Restore the features that were secretly removed though an on-line update.
  2. Allow the customer to upgrade to the Premier version for free.

Instead of a simple pro-customer solution Mr. Goodarzi proposes a "bait and switch" style solution where the customer must now pay an additional fee to upgrade to then get $25 back. Intuit apparently has difficulty with the concept of ethical behaviour. Getting your $25 refund. Also review this web-page: More information about the $25 cash back offer. Technologically, both Quicken and TurboTax are excellent products. The problem is that the marketing arm of Intuit is despicable.

Update:  I actually ended up getting a $35 dollar refund after complaining that the on-line upgrade cost more than the offered $25 refund. So Intuit gets  a +1 positive point. Hopefully, next year there will not be a repeat of this year's snafu.