Something You Know And… Something You Know

The email said:

To better protect your United MileagePlus® account, later this week, we’ll no longer allow the use of PINs and implement two-factor authentication.

This is united.com’s idea of two-factor authentication:

united.com screenshot asking two security questions because my device is unknown

It doesn’t count as proper “Something You Have”, if you can bootstrap any new device into “Something You Have” with some more “Something You Know”.

Auditing the Trump Campaign

When we opened our web form to allow people to make suggestions for open source projects that might benefit from a Secure Open Source audit, some joker submitted an entry as follows:

  • Project Name: Donald J. Trump for President
  • Project Website: https://www.donaldjtrump.com/
  • Project Description: Make America great again
  • What is the maintenance status of the project? Look at the polls, we are winning!
  • Has the project ever been audited before? Its under audit all the time, every year I get audited. Isn’t that unfair? My business friends never get audited.

Ha, ha. But it turns out it might have been a good idea to take the submission more seriously…

If you know of an open source project (as opposed to a presidential campaign) which meets our criteria and might benefit from a security audit, let us know.

On Trial

As many readers of this blog will know, I have cancer. I’ve had many operations over the last fifteen years, but a few years ago we decided that the spread was now wide enough that further surgery was not very pointful; we should instead wait for particular lesions to start causing problems, and only then treat them. (I have metastases in my lungs, liver, remaining kidney, leg, pleura and other places.)

Historically, chemotherapy hasn’t been an option for me. Broad spectrum chemotherapies work by killing anything growing fast; but my rather unusual cancer doesn’t grow fast (which is why I’ve lived as long as I have so far) and so they would kill me as quickly as they would kill it. And there are no targetted drugs for Adenoid Cystic Carcinoma, the rare salivary gland cancer I have.

However, recently my oncologist referred me to The Christie hospital in Manchester, which is doing some interesting research on cancer genetics. With them, I’m trying a few things, but the most immediate is that yesterday I entered a Phase 1 trial called AToM, which is trialling a couple of drugs in combination which may be able to help me.

The two drugs are an existing drug called olaparib, and a new one known only as AZD0156. Each of these drugs inhibits a different one of the seven or so mechanisms cells use to repair DNA after it’s been damaged. (Olaparib inhibits the PARP pathway; AZD0156 the ATM pathway.) Cells which realise they can’t repair themselves commit “cell suicide” (apoptosis). The theory is that these repair mechanisms are shakier in cancer cells than normal cells, and so cancer cells should be disproportionately affected (and so commit suicide more) if the mechanisms are inhibited.

As this is a Phase 1 trial, the goal is more about making sure the drug doesn’t kill people than about whether it works well, although the doses now being used are in the clinical range, and another patient with my cancer has seen some improvement. The trial document listed all sorts of possible side-effects, but the doctors say other patients are tolerating the combination well. Only experience will tell how it affects me. I’ll be on the drugs as long as I am seeing benefit (defined as “my cancer is not growing”). And, of course, hopefully there will be benefit to people in the future when and if this drug is approved for use.

In practical terms, the first three weeks of the trial are quite intensive in terms of the amount of hospital visits required (and I live 2 hours drive from Manchester), and the following six weeks moderately intensive, so I may be less responsive to email than normal. I also won’t be doing any international travel.

Samsung’s L-ish Model Numbers

A slow hand clap for Samsung, who have managed to create versions of the S4 Mini phone with model numbers (among others):

  • GT-i9195
  • GT-i9195L (big-ell)
  • GT-i9195i (small-eye)
  • GT-i9195l (small-ell)

And of course, the small-ell variant, as well as being case-confusable with the big-ell variant and visually confusable with the small-eye variant if it’s written with a capital I as, say, here, is in fact an entirely different phone with a different CPU and doesn’t support the same aftermarket firmware images that all of the other variants do.

See this post for the terrible details.

Project Fear

I’ve been campaigning a bit on the EU Referendum. (If you want to know why I think the UK should leave, here are my thoughts.) Here’s the leaflet my wife and I have been stuffing into letterboxes in our spare moments for the past two weeks:

vote-leave-leaflet

And here’s the leaflet in our area being distributed today by one of the Labour local councillors and the Remain campaign:

remain-leaflet

Says it all.

A Christian Case for Brexit

We had an EU Referendum evening at my church last night; in honour of it, I have written “A Christian Case for Brexit“, which are some of my thoughts on the referendum issue from a Christian point of view. Many of the arguments and points most commonly deployed in the public debate on the referendum are not particularly interesting, and I think some important issues have been somewhat overlooked.

Church Member Flummoxed By Non-Standard Sermon Application

I’ve been enjoying The Babylon Bee recently. Here’s a submission which apparently did not make the grade over there:

DAYTON, OH—The household of George Arnason, a faithful church member at the Seventh Street Bible Church in Dayton, Ohio, has been reportedly thrown into confusion after a visiting preacher gave a sermon where the application did not involve any exhortations to read the Bible more, pray more or evangelise more.

Sermons at Seventh Street are normally given by Rev. Jeremiah Scholes, who has been the minister for the last 43 years, and has presided over a period of unparalleled stability in the membership and teaching. The trouble arose when Mr Steven Prendeghast, who was asked to speak because he is a candidate for the pastorship when Mr Scholes retires, preached on Matthew 22:36-40, with the controversial application being to “love your neighbour”.

“A passage like that, I’d expect to be a ‘read the Bible more’ passage”, said Mr Arnason. “After all, it does say to love the Lord with all your mind, and it mentions the Law and the Prophets. Those are two parts of the Bible, you know”, he explained helpfully.

Rev. Scholes was unavailable for interview but issued a written statement to the Bee. “At Seventh Street, we are clear on the fundamentals of the faith. All passages of scripture instruct us to either read our Bibles more, pray more, or evangelise more – or even two or three of those things at once, for the really practical passages in Paul’s letters. That’s what our church has been faithfully teaching since 1878 and, God willing, will still be teaching it long after I’ve gone. The elders will be reviewing the cassette of this guest sermon to find out what went wrong.”

Mr Arnason proudly showed off his sermon application calendar. “I bought a three-pack of markers, ” he explained, “and I use this to keep track of what we’re learning. ‘Read the Bible More’ Sundays get coloured in red, ‘Pray More’ Sundays in green, and ‘Evangelise More’ Sundays in blue. Those are the three primary colours, so if the preacher makes more than one application on a given Sunday, I can cope with it by blending.” But the recent sermon has thrown the viability of this scheme into doubt. “Love your neighbour? I don’t have a colour for that,” he said worriedly.

Mr Arnason was last seen getting into his car, reportedly on his way to Staples.

Thank You For Trying, Switzerland

Various bits of the TiSA (Trade in Services Agreement, yet another multilateral trade treaty) were leaked recently. On the very first page of General Provisions:

[CH propose; AU/CA/CL/TW/CO/EU/IL/JP/MX/NZ/PE oppose; MU/PK considering:
Without prejudice to the policy objectives and legislation of the Parties in areas such as the protection of intellectual property, the protection of privacy and of the confidentiality of personal and commercial data, the protection of consumers and the protection and promotion of the diversity of cultural expressions (including through public funding and assistance) and fiscal measures.]

So the Swiss said “Hey, wouldn’t it be good if we had a thing at the start that said that this treaty doesn’t stop governments protecting privacy, the confidentiality of data, consumer rights, cultural diversity or other important things like that? Wouldn’t that be neat?”

And Australia, Canada, Chile, Taiwan, Colombia, the EU, Israel, Japan, Mexico, New Zealand and Peru all said “Er, no. We want this agreement to be capable of preventing us from protecting those things, thanks. Where it speaks, it should be more important than the domestic law enacted by your elected representatives.”

Seems like that tells you a lot of what you need to know about the way such treaties are assembled. At least Mauritius and Pakistan are still thinking about it… Sheesh.

Eurovision Bingo (again)

Some people say that all Eurovision songs are the same. (And some say all blog posts on this topic are the same…) That’s probably not quite true, but there is perhaps a hint of truth in the suggestion that some themes tend to recur from year to year. Hence, I thought, Eurovision Bingo.

I wrote some code to analyse a directory full of lyrics, normally those from the previous year of the competition, and work out the frequency of occurrence of each word. It will then generate Bingo cards, with sets of words of different levels of commonness. You can then use them to play Bingo while watching this year’s competition (which is on Saturday).

There’s a Github repo, or if you want to go straight to pre-generated cards for this year, they are here.

Here’s a sample card from the 2014 lyrics:

fell cause rising gonna rain
world believe dancing hold once
every mean LOVE something chance
hey show or passed say
because light hard home heart

Have fun :-)

DNSSEC on gerv.net

My ISP, the excellent Mythic Beasts, has started offering a managed DNSSEC service for domains they control – just click one button, and you’ve got DNSSEC on your domain. I’ve just enabled it on gerv.net (which, incidentally, as of a couple of weeks ago, is also available over a secure channel thanks to MB and Let’s Encrypt).

If you have any problems accessing any resources on gerv.net, please let me know by email – gerv at mozilla dot org should be unaffected by any problems.

Mozilla’s Root Store Housekeeping Program Bears Fruit

Just over a year ago, in bug 1145270, we removed the root certificate of e-Guven (Elektronik Bilgi Guvenligi A.S.), a Turkish CA, because their audits were out of date. This is part of a larger program we have to make sure all the roots in our program have current audits and are in other ways properly included.

Now, we find that e-Guven has contrived to issue an X509 v1 certificate to one of their customers.

The latest version of the certificate standard X509 is v3, which has been in use since at least the last millennium. So this is ancient magic and requires spelunking in old, crufty RFCs that don’t use current terminology but as far as I can understand it, whether a certificate is a CA certificate or an end-entity certificate in X509v1 is down to client convention – there’s no way of saying so in the certificate. In other words, they’ve accidentally issued a CA certificate to one of their customers, much like TurkTrust did. This certificate could itself issue certificates, and they would be trusted in some subset of clients.

But not Firefox, fortunately, thanks to the hard work of Kathleen Wilson, the CA Certificates module owner. Neither current Firefox nor the current or previous ESR trust this root any more. If they had, we would have had to go into full misissuance mode. (This is less stressful than it used to be due to the existence of OneCRL, our system for pushing revocations out, but it’s still good to avoid.)

Now, we aren’t going to prevent all misissuance problems by removing old CAs, but there’s still a nice warm feeling when you avoid a problem due to forward-looking preventative action. So well done Kathleen.

Prophetic…

Almost 20 years ago, two Christians from the Jubilee Centre pondered the possible consequences of the Euro:

Unfortunately, EMU [European Monetary Union] may well foster conflicts and increase nationalism among EU countries. If the system works well and an active fiscal policy compensates for the lack of an independent monetary policy, some countries will need to raise taxes in order to cool their economy even though the government is in strong surplus. Quite correctly, electorates will blame the system. However, if EMU fails, endemic unemployment will result in some countries due to an overvalued exchange rate for their needs and excessively high interest rates. Wage cuts in, or labour movements from, the countries thus affected seem unlikely, and the current treaty does not provide for fiscal transfers from a prospering country to a depressed one as a result of EMU. Hence, some countries will feel neglected in the interest rate setting process, and will demand restitution from the centre. To make matters worse, they could be having to cut spending and raise taxes in a recession to avoid being fined for an ‘excessive’ deficit, while having to bail out a collapsing banking system due to inappropriate interest rate levels.

If a country faces an unsustainable fiscal situation, it may be forced to threaten default on its debt or request help from other members. If a transfer or debt guarantee is granted, those populations in solvent countries may resent their taxes being used to bail out irresponsible governments elsewhere. If these payments have no democratic mandate, resentment of neighbouring countries within EMU may result.

— Paul Mills and Michael Schluter, Should Christians Support the Euro?, December 1998

The only thing they missed is that the bailed-out would also resent those who did the bailing…

Type 1 vs Type 2 Decisions

Some decisions are consequential and irreversible or nearly irreversible – one-way doors – and these decisions must be made methodically, carefully, slowly, with great deliberation and consultation. If you walk through and don’t like what you see on the other side, you can’t get back to where you were before. We can call these Type 1 decisions. But most decisions aren’t like that – they are changeable, reversible – they’re two-way doors. If you’ve made a suboptimal Type 2 decision, you don’t have to live with the consequences for that long. You can reopen the door and go back through. Type 2 decisions can and should be made quickly by high judgment individuals or small groups.

As organizations get larger, there seems to be a tendency to use the heavy-weight Type 1 decision-making process on most decisions, including many Type 2 decisions. The end result of this is slowness, unthoughtful risk aversion, failure to experiment sufficiently, and consequently diminished invention. We’ll have to figure out how to fight that tendency.

Jeff Bezos

Facebook Switches Off Email Forwarding

You remember that email address @facebook.com that Facebook set up for you in 2010, and then told everyone viewing your Facebook profile to use in 2012 (without asking)?

Well, they are now breaking it:

Hello Gervase,

You received this email because your gerv.markham@facebook.com account is set up to forward messages to [personal email address]. After 1 May 2016, you will no longer be able to receive email sent to gerv.markham@facebook.com.

Please update your email address for any services that currently send email to gerv.markham@facebook.com.

Thank You,
Email Team at Facebook

Good work all round, there, Facebook.