by Jonathan Black, Paul Curzon and Peter W. McOwan, Queen Mary University of London
From the archive
Alan Turing was born in London on 23 June 1912. His parents were both from successful, well-to-do families, which in the early part of the 20th century in England meant that his childhood was pretty stuffy. He didn’t see his parents much, wasn’t encouraged to be creative, and certainly wasn’t encouraged in his interest in science. But even early in his life, science was what he loved to do. He kept up his interest while he was away at boarding school, even though his teachers thought it was beneath well-bred students. When he was 16 he met a boy called Christopher Morcom who was also very interested in science. Christopher became Alan’s best friend, and probably his first big crush. When Christopher died suddenly a couple of years later, Alan partly helped deal with his grief with science, by studying whether the mind was made of matter, and where – if anywhere – the mind went when someone died.
The Turing machine
After he finished school, Alan went to the University of Cambridge to study mathematics, which brought him closer to questions about logic and calculation (and mind). After he graduated he stayed at Cambridge as a fellow, and started working on a problem that had been giving mathematicians headaches: whether it was possible to determine in advance if a particular mathematical proposition was provable. Alan solved it (the answer was no), but it was the way he solved it that helped change the world. He imagined a machine that could move symbols around on a paper tape to calculate answers. It would be like a mind, said Alan, only mechanical. You could give it a set of instructions to follow, the machine would move the symbols around and you would have your answer. This imaginary machine came to be called a Turing machine, and it forms the basis of how modern computers work.
Code-breaking at Bletchley Park
By the time the Second World War came round, Alan was a successful mathematician who’d spent time working with the greatest minds in his field. The British government needed mathematicians to help them crack the German codes so they could read their secret communiqués. Alan had been helping them on and off already, but when war broke out he moved to the British code-breaking headquarters at Bletchley Park to work full-time. Based on work by Polish mathematicians, he helped crack one of the Germans’ most baffling codes, called the Enigma, by designing a machine (based on earlier version by the Poles again!) that could help break Enigma messages as long as you could guess a small bit of the text (see box). With the help of British intelligence that guesswork was possible, so Alan and his team began regularly deciphering messages from ships and U-boats. As the war went on the codes got harder, but Alan and his colleagues at Bletchley designed even more impressive machines. They brought in telephone engineers to help marry Alan’s ideas about logic and statistics with electronic circuitry. That combination was about to produce the modern world.
Building a brain
The problem was that the engineers and code-breakers were still having to make a new machine for every job they wanted it to do. But Alan still had his idea for the Turing machine, which could do any calculation as long as you gave it different instructions. By the end of the war Alan was ready to have a go at building a Turing machine in real life. If it all went to plan, it would be the first modern electronic computer, but Alan thought of it as “building a brain”. Others were interested in building a brain, though, and soon there were teams elsewhere in the UK and the USA in the race too. Eventually a group in Manchester made Alan’s ideas a reality.
Troubled times
Not long after, he went to work at Manchester himself. He started thinking about new and different questions, like whether machines could be intelligent, and how plants and animals get their shape. But before he had much of a chance to explore these interests, Alan was arrested. In the 1950s, gay sex was illegal in the UK, and the police had discovered Alan’s relationship with a man. Alan didn’t hide his sexuality from his friends, and at his trial Alan never denied that he had relationships with men. He simply said that he didn’t see what was wrong with it. He was convicted, and forced to take hormone injections for a year as a form of chemical castration.
Although he had had a very rough period in his life, he kept living as well as possible, becoming closer to his friends, going on holiday and continuing his work in biology and physics. Then, in June 1954, his cleaner found him dead in his bed, with a half-eaten, cyanide-laced apple beside him.
Alan’s suicide was a tragic, unjust end to a life that made so much of the future possible.
We’ve been posting a computing-themed article linked to the picture on the ‘front’ of the advent calendar for the last 17 days and today is no exception. The picture is of a Christmas cracker so today’s theme is going to be computer hacking and cracking – all about Cyber Security.
If you’ve missed any of our previous posts, please scroll to the end of this one where we have a full list.
A cracker, ready to pop
The terms ‘cracker’ and ‘hacker’ are often used interchangeably to refer to people who break into computers though generally the word hacker also has a friendlier meaning – someone who uses their skills to find a workaround or a solution (e.g. ‘a clever hack’) whereas a cracker is probably someone who shouldn’t be in your system and is up to no good. Both people can use very similar skills though – one is using them to benefit others, the other to be benefit themselves.
We have an entire issue of the CS4FN magazine all about Cyber Security – it’s issue 24 and is called ‘Keep Out’ but we’ll let you in to read it. All you have to do is click on this very secret link, then click on the magazine’s front cover to download the PDF. But don’t tell anyone else…
Both the articles below were originally published in the magazine as well as on the CS4FN website.
You arrive in your holiday hotel and ask about Wi-Fi. Time to finish off your online game, connect with friends, listen to music, kick back and do whatever is your online thing. Excellent! The hotel Wi-Fi is free and better still you don’t even need one of those huge long codes to access it. Great news, or is it?
You always have to be very cautious around public Wi-Fi whether in hotels or cafes. One common attack is for the bad guys to set up a fake Wi-Fi with a name very similar to the real one. If you connect to it without realising, then everything you do online passes through their computer, including all those user IDs and passwords you send out to services you connect to. Even if the passwords they see are encrypted, they can crack them offline at their leisure.
Things just got more serious. A group has created a way to take over hotel Wi-Fi. In July 2017, the FireEye security team found a nasty bit of code, malware, linked to an email received by a series of hotels. The malware was called GAMEFISH. But this was no game and it certainly had a bad, in fact dangerous, smell! It was a ‘spear phishing’ attack on the hotel’s employees. This is an attack where fake emails try to get you to go to a malware site (phishing), but where the emails appear to be from someone you know and trust.
Once in the hotel network, so inside the security perimeter, the code searched for the machines running the hotel’s Wi- Fi and took them over. Once there they sat and watched, sniffing out passwords from the Wi-Fi traffic: what’s called a man-in-the-middle attack.
The report linked the malware to a very serious team of Russian hackers, called FancyBear (or APT28), who have been associated with high profile attacks on governments across the world. GAMEFISH used a software tool (an ‘exploit’) called EternalBlue, along with some code that compiled their Python scripts locally, to spread the attack. Would you believe, EternalBlue is thought to have been created by the US Government’s National Security Agency (NSA), but leaked by a hacker group! EternalBlue was used in the WannaCry ransomware too. This may all start to sound rather like a farfetched thriller but it is not. This is real! So think before you click to join an unsecured public Wi-Fi.
Just between the two of us: mentalism and covert channels
Secret information should stay secret. Beware ‘covert channels’ though. They are a form of attack where an illegitimate way of transferring information is set up. Stopping information leaking is a bit like stopping water leaking – even the smallest hole can be exploited. Magicians have been using covert channels for centuries, doing mentalism acts that wow audiences with their ‘telepathic’ powers.
In the 1950’s Australian couple Sydney and Lesley Piddington took the entertainment world by storm. They had the nation perplexed, puzzled and entertained. They were seemingly able to communicate telepathically over great distances. It all started in World War 2 when Sydney was a prisoner of war. To keep up morale, he devised a mentalism act where he ‘read the minds’ of other soldiers. When he later married Lesley they perfected the act and became an overnight sensation, attracting BBC radio audiences of 20 million. They communicated random words and objects selected by the audience, even when Lesley was in a circling aeroplane or Sydney was in a diving bell in a swimming pool. To this day their secret remains unknown, though many have tried to work it out. Perhaps they used a hidden transmitter. After all that was fairly new technology then. Or perhaps they were using their own version of an old mentalism trick: a code to transmit information hidden in plain sight.
Sounds mysterious
Sydney had a severe stutter, and some suggested it was the pauses he made in words rather than the words themselves that conveyed the information. Using timing and silence to code information seems rather odd, but it can be used to great effect.
In the phone trick ‘Call the wizard’, for example, a member of the audience chooses any card from a pack. You then phone your accomplice. When they answer you say “I have a call for the wizard”. Your friend names the card suits: “Clubs … spades … diamonds … hearts”. When they reach the suit of the chosen card you say: “Thanks”.
Your phone friend now knows the suit and starts counting out the values, Ace to King. When they reach the chosen card value you say: “Let me pass you over”. Your accomplice now knows both suit and value so dramatically reveals the card to the person you pass the phone to.
This trick requires a shared understanding of the code words and the silence between them. When combined with the background count, information is passed. The silence is the code.
Timing can similarly be used by a program to communicate covertly out of a secure network. Information might be communicated by the time a message is sent rather than its contents, for example
Codes on the table
Covert channels can be hidden in the existence and placement of things too. Here’s another trick.
The receiving performer leaves the room. A card is chosen from a pack by a volunteer. When the receiver arrives back they are instantly able to tell the audience the name of the card. The secret is in the table. Once the card has been selected, pack and box are replaced on the table. The agreed code might be:
If the box is face up and its flap is closed: Clubs.
If the box is face up and its flap is open: Spades.
If the box is face down and its flap is closed: Diamonds.
If the box is face down and its flap is open: Hearts.
That’s the suits taken care of. Now for the value. The performers agree in advance how to mentally chop up the card table into zones: top, middle and bottom of the table, and far right, right, left and far left. That’s 3 x 4 unique locations. 12 places for 12 values. The pack of cards is placed in the correct pre-agreed position, box face up or not, flap open or closed as needed. What about the 13th possibility? Have the audience member hold their hand out flat and leave the cards on it for them to ‘concentrate’ on.
Again a similar idea can be used as a covert channel to subvert a security system: information might be passed based on whether a particular file exists or not, say.
Making it up as you go along
These are just a couple of examples of the clever ideas mentalists have used to amaze and entertain audiences with feats of seemingly superhuman powers. Our cs4fn mentalism portal has more. Some claim they have the powers for real, but with two dedicated performers and a lot of cunning memory work, it’s often hard to decipher performers’ methods. Covert channels can be similarly hard to spot.
Perhaps the Piddingtons secret was actually a whole range of different methods. Just before she died Lesley Piddington is said to have told her son, “Even if I wanted to tell you how it was done, I don’t think I would be able”. How ever it was done, they were using some form of covert channel to cement their place in magic history. As Sydney said at the end of each show “You be the judge”.
Governments pass laws to protect their citizens’ privacy. They outlaw reading email, listening in to phone calls and accessing data without permission or a court order. If you really care about privacy though, you need to protect your ‘metadata’ too: data about data. The police and security services can learn a lot from metadata when they put their minds to it. Anyone else with access can too. You need to take care of yours (and that of your cat).
Imagine you are on the run, hoping not to be found. You would make sure no one took a photograph of you that showed where you were, but you might think you were safe enough if you weren’t standing next to a distinctive landmark. Think again. John McAfee (who was on the run from the Police at the time), was located by a photograph, but not because of anything visible in the picture. It was because of the hidden metadata attached to it.
Metadata is all the indexing information that goes with data. So a film on DVD is actual data but the name of the film, the director, information about the actors, and so on – that’s its metadata. Similarly, the words you say in a phone call are the data, but who is calling who and from where is metadata.
With photos (the data), the metadata includes where the photo was taken and the camera it was taken with. Smartphones track very precise location information, and, unless you switch this setting off, this metadata of where it was taken is saved with the picture. If the photo is uploaded to a website, the metadata is uploaded too, and that’s what happened to John McAfee. A journalist interviewed him and took a photo, intending not to give away his whereabouts. However, he uploaded the photo which gave away the precise location in the metadata. This would have made it easier for law enforcement to catch up with him … had he not found out about the location-leak first and made his escape in the nick of time.
Location based services on smartphones are really useful. If you want to find out where you are, how far away something is, or use the inbuilt map apps on the phone to plan how to get somewhere, then you need to let the phone know where it is. But you might not want a photograph you take inside your home to share the information of where that house is to anyone who cares to know, stalkers and trolls included.
The website “I know where your cat lives” aims to make more people aware of the information they give away unintentionally. Plenty of people share photographs of their gorgeous pets on the Internet. Most also unwittingly give away the precise latitude and longitude of where they live. The site collects publicly available cat photos with their metadata and plots them on an aerial photo map, showing where each cat’s photo has been taken, and so likely where the owner lives
German Green party MP, Malte Spitz, went a step further and published 6 months of records kept (at the time by law) by his phone company about him. To emphasise how scary it was privacy-wise he published it in the form of a minute by minute interactive map, so anyone could follow his exact location (just like the phone company) as though in real time from the location metadata his phone was giving away all the time. The metadata was combined with his freely available social networking data, allowing anyone to see not just where he was but often what he was doing. Germany no longer requires phone companies to keep this metadata, but other countries have antiterrorist laws that require similar information to be kept for everyone. You can explore Malte’s movements at (archived link: www.zeit.de/datenschutz/malte-spitz-data-retention) to get an idea of how your life is being tracked by metadata.
Don’t just look after your cat, look after your cat’s metadata too (not to mention your own)!
When pop star Madonna took to the stage at Brixton Academy in 2001 for a rare appearance she made Internet history and caused more that a little Internet misery. Her concert performance was webcast; that is it was broadcast real time over the Internet. A record-breaking audience of 9 million tuned in, and that’s where the trouble started…
The Internet’s early career
The Internet started its career as a way of sending text messages between military bases. What was important was that the message got through, even if parts of the network were damaged say, during times of war. The vision was to build a communications system that could not fail; even if individual computers did, the Internet would never crash. The text messages were split up into tiny packets of information and each of these was sent with an address and their position in the message over the wire. Going via a series of computer links it reached its destination a bit like someone sending a car home bit by bit through the post and then rebuilding it. Because it’s split up the different bits can go by different routes.
Express yourself (but be polite please)
To send all these bits of information a set of protocols (ways of communicating between the computers making up the Internet) were devised. When passing on a packet of information the sending machine first asks the receiving machine if it is both there and ready. If it replies yes then the packet is sent. Then, being a polite protocol, the sender asks the receiver if the packets all arrived safely. This way, with the right address, the packets can find the best way to go from A to B. If on the way some of the links in the chain are damaged and don’t reply, the messages can be sent by a different route. Similarly if some of the packets gets lost in transit between links and need to be resent, or packets are delayed in being sent because they have to go by a round about route, the protocol can work round it. It’s just a matter of time before all the packets arrive at the final destination and can be put back in order. With text the time taken to get there doesn’t really matter that much.
The Internet gets into the groove
The problem with live pop videos, like a Madonna concert, is that it’s no use if the last part of the song arrives first, or you have to wait half an hour for the middle chorus to turn up, or the last word in a sentence vanishes. It needs to all arrive in real time. After all, that is how it’s being sung. So to make web casting work there needs to be something different, a new way of sending the packets. It needs to be fast and it needs to deal with lots more packets as video images carry a gigantic amount of data. The solution is to add something new to the Internet, called an overlay network. This sits on top of the normal wiring but behaves very differently.
The Internet turns rock and roll rebel
So the new real time transmission protocol gets a bit rock and roll, and stops being quite so polite. It takes the packets and throws them quickly onto the Internet. If the receiver catches them, fine. If it doesn’t, then so what? The sender is too busy to check like in the old days. It has to keep up with the music! If the packets are kept small, an odd one lost won’t be missed. This overlay network called the Mbone, lets people tune into the transmissions like a TV station. All these packages are being thrown around and if you want to you can join in and pick them up.
Crazy for you
Like dozens of cars
all racing to get through
a tunnel there were traffic jams.
It was Internet gridlock.
The Madonna webcast was one of the first real tests of this new type of approach. She had millions of eager fans, but it was early days for the technology. Most people watching had slow dial-up modems rather than broadband. Also the number of computers making up the links in the Internet were small and of limited power. As more and more people tuned in to watch, more and more packets needed to be sent and more and more of the links started to clog up. Like dozens of cars all racing to get through a tunnel there were traffic jams. Packets that couldn’t get through tried to find other routes to their destination … which also ended up blocked. If they did finally arrive they couldn’t get through onto the viewers PC as the connection was slow, and if they did, very many were too late to be of any use. It was Internet gridlock.
Who’s that girl?
Viewers suffered as the pictures and sound cut in and out. Pictures froze then jumped. Packets arrived well after their use by date, meaning earlier images had been shown missing bits and looking fuzzy. You couldn’t even recognise Madonna on stage. Some researchers found that packets had, for example, passed over seven different networks to reach a PC in a hotel just four miles away. The packets had taken the scenic route round the world, and arrived too late for the party. It wasn’t only the Madonna fans who suffered. The broadcast made use of the underlying wiring of the Internet and it had filled up with millions of frantic Madonna packets. Anyone else trying to use the Internet at the time discovered that it had virtually ground to a halt and was useless. Madonna’s fans had effectively crashed the Internet!
Webcasts in Vogue
Today’s webcasts have moved on tremendously using the lessons learned from the early days of the Madonna Internet crash. Today video is very much a part of the Internet’s day-to-day duties: the speed of the computer links of the Internet and their processing power has increased massively; more homes have broadband so the packets can get to your PC faster; satellite uplinks now allow the network to identify where the traffic jams are and route the data up and over them; extra links are put into the Internet to switch on at busy times; there are now techniques to unnoticeably compress videos down to small numbers of packets, and intelligent algorithms have been developed to reroute data effectively round blocks. We can also now combine the information flowing to the viewers with information coming back from them so allowing interactive webcasts. With the advent of digital television this service is now in our homes and not just on our PC’s.
Living in a material world
It’s because of thousands of scientists working on new and improved technology and software that we can now watch as the housemate’s antics stream live from the Big Brother house, vote from our armchair for our favourite talent show contestant or ‘press red’ and listen to the director’s commentary as we watch our favourite TV show. Like water and electricity the Internet is now an accepted part of our lives. However, as we come up with even more popular TV shows and concerts, strive to improve the quality of sound and pictures, more people upgrade to broadband and more and more video information floods the Internet … will the Internet Die another Day?
Peter W. McOwanandPaul Curzon, Queen Mary University of London, 2006
The great Tudor and Stuart philosopher Sir Francis Bacon was a scientist, a statesman and an author. He was also a pretty decent computer scientist. He published* a new form of cipher, now called Bacon’s Cipher, invented when he was a teenager. Its core idea is the foundation for the way all messages are stored in computers today.
From Pixabay
The Tudor and Stuart eras were a time of plot and intrigue. Perhaps the most famous is the 1605 Gunpowder plot where Guy Fawkes tried to assassinate King James I by blowing up the Houses of Parliament. Secrets mattered! In his youth Bacon had worked as a secret agent for Elizabeth I’s spy chief, Walsingham, so knew all about ciphers. Not content with using those that existed he invented his own. The one he is best remembered for was actually both a cipher and a form of steganography. While a cipher aims to make a message unreadable, steganography is the science of secret writing: disguising messages so no one but the recipient knows there is a message there at all.
A Cipher …
Bacon’s method came in two parts. The first was a substitution cipher, where different symbols are substituted for each letter of the alphabet in the message. This idea dates back to Roman times. Julius Caesar used a version, substituting each letter for a letter from a fixed number of places down the alphabet (so A becomes E, B becomes F, and so on). Bacon’s key idea was to replace each letter of the alphabet with, not a number or letter, but it’s own series of a’s and b’s (see the cipher table). The Elizabethan alphabet actually had only 24 letters so I and J have the same code as do U and V as they were interchangeable (J was the capital letter version of i and similarly for U and v).
In Bacon’s cipher everything is encoded in two symbols, so it is a binary encoding. The letters a and b are arbitrary. Today we would use 0 and 1. This is the first use of binary as a way to encode letters (in the West at least). Today all text stored in computers is represented in this way – though the codes are different – it is all Unicode is. It allocates each character in the alphabet with a binary pattern used to represent it in the computer. When the characters are to be displayed, the computer program just looks up which graphic pattern (the actual symbol as drawn) is linked to that binary pattern in the code being used. Unicode gives a binary pattern for every symbol in every human language (and some alien ones like Klingon).
Steganography
The second part of Bacon’s cipher system was Steganography. Steganography dates back to at least the Greeks, who supposedly tattooed messages on the shaved heads of slaves, then let their hair grow back before sending them as both messenger and message. The binary encoding of Bacon’s cipher was vital to make his steganography algorithm possible. However, the message was not actually written as a’s and b’s. Bacon realised that two symbols could stand for any two things. If you could make the difference hard to spot, you could hide the messages. Bacon invented two ways of handwriting each letter of the alphabet – two fonts. An ‘a’ in the encoded message meant use one font and a ‘b’ meant use the other. The secret message could then be hidden inside an innocent one. The letters written were no longer the message, the message was in the font used. As Bacon noted, once you have the message in binary you could think of other ways to hide it. One way used was with capital and lower-case letters, though only using the first letter of words to make it less obvious.
Suppose you wanted to hide the message “no” in the innocuous message ‘hello world’. The message ‘no’ becomes ‘abbaa abbab’. So far this is just a substitution cipher. Next we hide it in, ‘hello world’. Two different kinds of fonts are those with curls on the tails of letters known as serif fonts and like this one and those without curls known as sans serif fonts and like this one. We can use a sans serif font to represent an ‘a’ in the coded message, and a serif font to represent ‘b’. We just alternate the fonts following the pattern of the a’s and b’s: ‘abbaa abbab’. The message becomes
sans serif, serif, serif, sans serif, sans serif, sans serif, serif, serif, sans serif, serif.
Using those fonts for our message we get the final mixed font message to send:
Bacon the polymath
Bacon is perhaps best known as one of the principal advocates for rigorous science as a way of building up knowledge. He argued that scientists needed to do more than just come up with theories of how the world worked, and also guard against just seeing the results that matched their theories. He argued knowledge should be based on careful, repeated observation. This approach is the basis of the Scientific Method and one of the foundation stones of modern science.
Bacon was also a famous writer of the time, and one of many authors who has since been suggested as the person who wrote William Shakespeare’s plays. In his case it is because they claim to have found secret messages hidden in the plays in Bacon’s code. The idea that someone else wrote Shakespeare’s plays actually started just because some upper class folk with a lack of imagination couldn’t believe a person from a humble background could turn themselves into a genius. How wrong they were!
– Paul Curzon, Queen Mary University of London, Autumn 2017
*Thanks to Pete Langman, whose PhD was on Francis Bacon, for pointing out a mistake in the original version of this blog where I suggested the cipher was published in, 1605, the year of the Gun Powder plot. It was actually first published in 1623 in De augmentis which was a translation/enlargement of his 1605 Advancement of Learning.
He also pointed out that Bacon conceived the idea while working with Elizabethan spymaster, Walsingham’s cipher expert at the time of the Babington plot to assasinate Elizabeth I, Thomas Phileppes, and Mary, Queen of Scots’ jailer, Amias paulet. Bacon also claimed the cipher was never broken!
Contactless payments seem magical. But don’t get caught out by someone magically scanning your card without you knowing. Almost £7 million was stolen by contactless card fraud in 2016 alone…
Victorian Hi-Tech
Contactless cards talk to the scanner by electromagnetic induction, discovered by Michael Faraday back in 1831. Changes in the current in a coil of wire, which for a contactless card is just an antenna in the form of a loop, creates a changing magnetic field. If a loop antenna on another device is placed inside that magnetic field, then a voltage is created in its circuit. As the current in the first circuit changes, that in the other circuit copies it, and information is passed from one to the other. This works up to about 10cm away.
Contactless cards don’t require authentication like a PIN, to prove who is using them, for small amounts. Anyone with the card and a reader can charge small amounts to it. Worse, if someone gets a reader within 10cm of the bag holding your card, they could even take money from it without your knowledge. That might seem unlikely but then traditional pickpockets are easily capable of taking your wallet without you noticing, so just getting close isn’t hard by comparison! For that kind of fraud the crook has to have a legitimate reader to charge money. Even without doing that they can read the number and expiry date from the card and use them to make online purchases though.
A man in the middle
Security researchers have also shown that ‘relay’ attacks are possible, where a fake device passes messages between the shop and a card that is somewhere else. An attacker places a relay device near to someone’s actual card. It communicates with a fake card an accomplice is using in the shop. The shop’s reader queries the fake card which talks to its paired device. The paired device talks to the real card as though it were the one in the shop. It passes the answers from the real card back to the fake card which relays it on to the shop. Real reader and card get exactly the messages they would if the card was in the shop, just via the fake devices in between. Both shop and card think they are talking to each other even though they are a long way apart, and the owner of the real card knows nothing about it.
Block the field
How do you guard against contactless attacks? Never hand over your card, always ask for a receipt and check your statements. You can also keep your card in a blocking sleeve: a metal case that protects the card from electromagnetic fields (even using a homemade sleeve from tin foil should work). Then at least you force the pickpockets back to the Victorian, Artful Dodger style, method of actually stealing your wallet.
Of course Faraday was a Victorian, so a contactless attack is actually a Victorian way of stealing too!
– Jane Waite and Paul Curzon, Queen Mary University of London
The 1983 hit song by the Police “Every breath you take” is up there in the top 100 pop songs ever. It seems a charming love song, and some couples even treat it as “their” song, playing it for the first dance at their wedding. Some of the lyrics “Every single day…I’ll be watching you”, if in a loving relationship, might be a good and positive thing. As the Police’s Sting has said though, the lyrics are about exactly the opposite.
It is being sung by a man obsessed with his former girlfriend. He is singing a threat. It is about sinister stalking and surveillance, about nasty use of power by a deranged man over a woman who once loved him.
Reclaim the Internet
Back in 1983 the web barely existed, but what the song describes is now happening every day, with online stalking, trolling and other abuse a big problem. What starts in the virtual world, we now see, spills over into the real world, too. This is one reason why we need to Reclaim the Internet and why online privacy is important. We must all call out online abuse. Prosecuters need to treat it seriously. Social media companies need to find ways to prevent abusive content being posted and remove it quickly. They need easier ways for us to protect our privacy and to know it is protected. They need to be up for the challenge.
Reclaim your privacy
The lyrics fit our lives in another way too, about another kind of relationship. When we click those unreadable consent forms for using a new app, we give permission for the technology companies that we love so much to watch over us. They follow the song as a matter of course (in a loving way they say). They are “watching you” as you keep your gadgets on you “every single day”; “every night you stay” online you are recorded along with anyone you are with online; they watch “every move you make” (physically with location aware devices and virtually, noting every click, every site visited, everything you are interested in they know from your searches); “every step you take” (recorded by your fitness tracker); and “every breath you take” (by your healthcare app); “every bond you break” is logged (as you unlike friends and as you leave websites never to go back); “every game you play” (of course), “every word you say” (everything you type is noted, but the likes of Alexa also record every sound too, shipping your words off to be processed by distant company servers). They really are watching you.
Let’s hope the companies really are loving and don’t turn out to have an ugly underside, changing personality and becoming abusive once they have us snared. Remember their actual aim is to make money for shareholders. They don’t actually love us back. We may fall out of love with them, but by then they will already know everything about us, and will still be watching every move we make. Perhaps you should not be giving up your privacy so freely.
You belong to me?
We probably can’t break our love affair, anyway. We’ve already sold them our souls (for nothing much at all). As the lyrics say: “You belong to me.”
To catch criminals, whether old-fashioned ones or cybercriminals, you need to understand the criminal mind. You need to understand how they think and how they work. Jeremiah Onaolapo, as a PhD student at UCL, has been creating cyber-honeypots and finding out how cybercriminals really operate.
Hackers share user ids and passwords they have stolen on both open and hidden websites. But what do the criminals who then access those accounts do once inside? If your webmail account has been compromised what will happen. Will you even know you’ve been hacked?
Looking after passwords is important. If someone hacks your account there is probably lots of information you wouldn’t want criminals to find: information they could use whether other passwords, bank or shopping site details, personal images, information, links to cloud sites with yet more information about you … By making use of the information they discover, they could cause havoc to your life. But what are cybercriminals most interested in? Do they use hacked accounts just to send spam of phish for more details? Do they search for bank details, launch attacks elsewhere, … or something completely different we aren’t aware of? How do you even start to study the behaviour of criminals without becoming one? Jeremiah knew how hard it is for researchers to study issues like this, so he created some tools to help that others can use too.
His system is based on the honeypot. Police and spies have used various forms of honeytraps, stings and baits successfully for a long time, and the idea is used in computing security too. The idea is that you set up a situation so attractive to people that they can’t resist falling in to your trap. Jeremiah’s involved a set of webmail accounts. His accounts aren’t just normal accounts though. They are all fake, and have software built in that secretly records the activities of anyone accessing the account. They save any emails drafted or sent, details of the messages read, the locations the hackers come in from, and so on. The accounts look real, however. They are full of real messages, sent and received, but with all personal details, such as names and passwords or bank account details, fictionalised. New emails sent from them aren’t actually delivered but just go in to a sinkhole server – where they are stored for further study. This means that no successful criminal activity can happen from the accounts. A lot can be learnt about any cybercriminals though!
Experiments
In an early experiment Jeremiah created 100 such accounts and then leaked their passwords and user ids in different ways: on hacker forums and web pages. Over 7 months hundreds of hackers fell into the trap, accessing the accounts from 29 countries. What emerged were four main kinds of behaviours, not necessarily distinct: the curious, the spammers the gold diggers and the hijackers. The curious seemed to just be intrigued to be in someone else’s account, but didn’t obviously do anything bad once there. Spammers just used the account to send vast amounts of spam email. Gold diggers went looking for more information like bank accounts or other account details. They were after personal information they could make money from, and also tried to use each account as a stepping stone to others. Finally hijackers took over accounts, changing the passwords so the owner couldn’t get in themselves.
The accounts were used for all sorts of purposes including attempts to use them to buy credit card details and in one extreme case to attempt to blackmail someone else.
Similar behaviours were seen in a second experiment where the account details were only released on hidden websites used by hackers to share account details. In only a month this set of accounts were accessed over a thousand times from more than 50 countries. As might be expected these people were more sophisticated in what they did. More were careful to ensure they cleared up any evidence they had been there (not realising everything was separately being recorded). They wanted to be able to keep using the accounts for as long as possible, so tried to make sure noone knew the account was compromised. They also seemed to be better at covering the tracks of where they actually were.
The Good Samaritan
Not everyone seemed to be there to do bad things though. One person stood out. They seemed to be entering the accounts to warn people – sending messages from inside the account to everyone in the contact list telling them that the account had been hacked. That would presumably also mean those contacted people would alert the real account owner. There are still good samaritans!
Take care
One thing this shows is how important it is to look after your account details: ensure no one knows or can guess them. Don’t enter details in a web page unless you are really sure you are in a secure place both physically and virtually and never tell them to anyone else. Also change your passwords regularly so if they are compromised without you realising, they quickly become useless.
Of course, if you are a cybercriminal, you had better beware as that tempting account might just be a honeypot and you might just be the rat in the maze.
On the South Bank of the Thames in the centre of London lies the HMSBelfast. Now a museum ship, it once took part in one of the most significant sea battles of the Second World War. It fought the Scharnhorst in the last great sea battle based on the power of great guns. The Belfast needed more than just brilliant naval tactics to stand a chance. It needed help from computer science and electronic engineering too. In fact, without some brilliant computer science the battle would never have been fought in the first place. It came about because of the work of the code crackers at Bletchley Park.
Getting supplies across the Atlantic and then round to Russia was critical to both the British and Russian’s survival. By 1943 the threat of submarines had been countered. The battleship Tirpitz had also been disabled. However, the formidable battle cruiser Scharnhorst was left and it was the scourge of the Allied convoys. It sank 11 supply ships in one operation early in 1941. In another, it destroyed a weather station on Spitzbergen island that the Allies used to decide when convoys should set off.
By Christmas 1943 something had to be done about the Scharnhorst, but how to catch it, never mind stop it? A trap was needed. A pair of convoys going to and from Russia were a potential bait. The Nazis knew the target was there for the taking: the Scharnhorst was in a nearby port. Would they take that bait though, and how could the British battle ships be in the right place at the right time to not only stop it, but destroy it?
The Allies had an ace up their sleeve. Computer Science. By this point in the war a top secret team at Bletchley Park had worked out how to crack the Enigma encryption machine that was used to send coded messages by the German Navy. It was always easy to listen in to radio broadcasts, you just needed receivers in the right places, but if the messages were in code that didn’t help. You had to crack the day’s code to know what they were saying. Based on an improved approach, originally worked out by Polish mathematicians, the Brits could do it using special machines that were precursors to the first electronic computers. They intercepted messages that told them that Scharnhorst was preparing to leave. It was taking the bait.
The British had two groups of ships. The Belfast, the Norfolk and the Sheffield were coming from Russia protecting the returning convoy. The HMS Duke of York was tracking the new convoy heading to Russia. Both were keeping their distance so the convoys looked unprotected. They needed to know when and where the Scharnhorst would attack. Bletchley Park were listening in to everything though, and doing it so well they were reading the messages almost as soon as the Germans. At 2am on Boxing Day morning the Belfast got the message from Admiralty Head quarters that SCHARNHORST PROBABLY SAILED AT 1800 25 DECEMBER. A further radio signal from the Scharnhorst asking for a weather report allowed the spies to work out exactly where the ship was by picking up the signal from different listening stations and triangulating: drawing a line on a map from each station in the direction the radio signal came from. The point they meet is the ship’s location. This is an example of meta-data (information about a message rather than the message itself) giving vital information away. The spies had done their job. It was enough to tell Vice Admiral Burnett on the Belfast where the Scharnhorst was aiming to attack the convoys. They could lie in wait. At this point, electronic engineering mattered. The Belfast had better radar than the Scharnhorst. They detected its approach without the Scharnhorst having any idea they were there. The first the Captain of the Scharnhorst knew was when they were hit by shells from the Norfolk. The Belfast ended up out of position at the critical point though and couldn’t join in. The faster Scharnhorst turned tail and ran. The Brits had had their chance and blown it!
Burnett now needed luck and intuition. He guessed the Scharnhorst would try another attack on the convoy. They took up a new waiting position rather than actively trying to find the Scharnhorst as others wanted them to do. By midday the radar picked it up again. The trap was reset, though this time the initial surprise was lost. An all out battle began, with radar helping once again, this time as a way to aim shells even when the enemy wasn’t in sight. Having failed to reach the convoy undetected a second time the Scharnhorst retreated as the battle continued. What they didn’t know was that they were retreating deeper into the trap: heading directly towards the waiting Duke of York. The chasing Belfast stopped firing and dropped back, making the Scharnhorst crew think they were safe. In fact, they were still being followed and tracked by radar once more, though only by the Belfast as the other ships had actually been partially disabled. Had the Scharnhorst known, they could have just stopped and taken out the Belfast. After several hours of silent shadowing, the Belfast picked up the Duke of York on the radar, and were able to communicate with them. The Scharnhorst’s radar had been crippled in the battle and thought it was alone.
The Belfast fired shells that lit up the sky behind the Scharnhorst as seen from the Duke of York, then largely watched the battle. Luck was on their side: the Scharnhorst was crippled and then sunk by torpedoes. Over a thousand German sailors sadly died. The crew of the Belfast were well aware that it could just as easily have been them, sealed in to a giant metal coffin, as it sank, and so held a memorial for the dead Germans afterwards.
The Belfast didn’t fire the torpedoes that finally sank the Scharnhorst and was not the key player in the final battle. However, it was the one that was in the right place to save the convoy, thanks to the Enigma decrypts combined with the Vice Admiral’s intuition. It was also the one that pushed the Scharnhorst into the deadly trap, with its superior radar then giving it the advantage.
It is easy to under-estimate the importance of the Bletchley Park team to the war, but they repeatedly made the difference, as with the Scharnhorst, making Allied commanders look amazing. It is much easier to be amazing when you know everything the other side says! The Scharnhorst is just one example of how Computer Science and Electronic Engineering help win wars, and here, in the long run at least, save lives. Today having secure systems matters to everyone not just to those waging war. We rely on them for our bank system, our elections, as well as for our everyday privacy, whether from hacking newspapers or keeping our health records secret from ruthless companies wanting to exploit us. Cyber security matters.
If you are so power hungry you can’t stand the idea of any opposition; if you want to make a grab for total power, so decide to crush everyone in your way, then you might want to think about the security of your power supply first. Luckily, all would-be dictators who crush everyone who gets in their way as they march towards total domination of the galaxy, tend to be very naive about cyber-security.
Take Ronan the Accuser in the original Guardian of the Galaxy film. He’s a villain with a religious streak, whose belief that strength is virtue and weakness is sin leads to his totally corrupted morality. To cut to the guts of the story he manages to get the “Infinity Stone” that gives unimaginable power to its owner. With it he can destroy anyone who gets in his way so sets out to do so.
Luckily for the Galaxy, good-guy Peter Quill, or Star-Lord as he wants to be known, and his fellow Guardians have a plan. More to the point they have Gamora. She is an assassin originally sent to kill Quill, but who changes sides early on. She is an insider who knows how Ronan’s security system works, and it has a flaw: its big, heavy security doors into his control room.
Security Lesson 1. It should still be secure even when the other side know everything about how it works. If your security relies on no one knowing, its almost certainly bad security!
Once inside his ship, to get to Ronan the Guardians will need to get through those big heavy security doors. Now once upon a time big, heavy doors were locked and barred with big, heavy bolts. Even in Roman times you needed a battering ram to get in to a besieged city if they had shut the doors before you got there. Nowadays, how ever big and heavy the door, you may just need some cyber skills to get in if the person designing it didn’t think it through.
Electromagnetic locks are used all over the place and they give some big advantages, such as the fact that they mean you can program who is and isn’t allowed entry. Want to keep someone out – you can just cancel their keycard in the system. They are held locked by electromagnets: magnets that are switched on and off using an electric current. That means computers can control them. As the designer of an electromagnetic lock you have a choice, though. You can make them either “fail safe” or “fail secure”. With a fail safe lock, when the power goes, the doors automatically unlock. With fail secure, instead they lock. Its just a matter of whether the magnet is holding the door open or closed. Which you choose when designing the lock depends on your priorities.
Fail safe is a good idea, for example, if you want people to be able to escape in an emergency. If a fire cuts the electricity you want everyone to still be able to get out, not be locked in with no chance of escape. Fail secure on the other hand is good if you don’t want thieves to be able to get in just by cutting the power. The magnets hold the bolts open, so when the power goes, the spring shut.
Security Lesson 2. If you want the important things to stay secure, you need a fail secure system.
This is Ronan’s problem. Zamora knows that if you cut the power supply then the doors preventing attackers getting to him just open! He needed a fail secure door, but instead had a fail safe one installed. On such small things are galaxies won and lost! All Zamora has to do is cut the power and they can get to him. This of course leads to the next flaw in his security system. It wouldn’t have mattered if the power supply was on the secure side of that door, but it wasn’t. Ronan locks himself in and Zamora can cut the power from the outside … Dhurr!
There is one last thing that could have saved Ronan. It needed an uninterruptible power supply.
Security Lesson 3. If your system is reliant on the power supply, whether a door, your data, your control system or your life-support system, then it should keep going even if the power is switched off.
After all, what if the space ships cleaners (you never see them but they must be there somewhere!) unplug the door lock by mistake just because they need somewhere to plug in the hoover.
The solution is simple: use an “uninterruptible power supply”. They are just very fast electricity storage systems that immediately and automatically take over if the main power cuts out. The biggest on Earth keeps the power going for a whole city in Alaska (you do not want to lose the power running your heating mid-winter if you live in Alaska!). Had Ronan’s doors had a similar system, the doors wouldn’t have just opened as the power would not have been cut off.It’s always the small details that matter in cyber security (and in successfully destroying your enemies and so ruling the universe). As with all computational thinking, you have to think about everything in advance. If you don’t look after your power supply, then you may well lose all your power over the galaxy too (and your life)!
cs4fn 