Categories
technology

The Vault

While reading this article on the reg, I had the strange sense that we’d all been here before. In my opinion the real issue is storing documents in unencrypted binary or textual form. Especially, with the popularity of XML-based document formats this is a bit of a nightmare.
If you analyse a system like FreeNet it works by anonymising and encrypting the information contained within the network. Therefore, if I encrypt information on my network such that reliable estimates suggest it will take hundreds of years to crack the encryption (e.g. 2KB asymmetric keys), even allowing for Moore’s law then surely the holding party can’t really claim to be in “possession” of the information. The are in possession of bits and bytes which have the “potential” to become the information. They have an intermediate form and are therefore less in possession of it than a telephone wire is in possession of a document you send via facsimile.
So one solution is the secure “vault” concept which Gaisan did some work on the distant past. The vault is a remote data store where you and only you can read your information. There are no back-doors or concerns that competitors, authorities or anyone else can read your information. There’s no “forgot my password” admin function. Access to the vault is via a dedicated “black-box” which is tamper-proof, EM shielded. Your keys are stored on smart cards and retrieval/decryption of vault information is based on presenting the correct smart card.. Different keys are used at different times and the “box” contains an algorithm to enable information to be retrieved from the “vault”. Vault space was “leased” for an appropriate period of time, which could be no more than a few seconds in an “information sharing” scenario. We had a few other ideas which I’d rather not discuss in this freewheeling blog but the overall goal as to enforce storage of anonymous bits with no idea of where they originated from and what they may be.
I’m more convinced than ever that clear-text storage of corporate information on external servers is a big legal problem and should be avoided at all costs.

Categories
philosophy

Thought for the day

Today I’ve a quote from one of my favorite public figures of the late 20th Century and the greatest president that the US almost had. Robert F Kennedy. I hugely admire him for his contribution to civil rights, his considered approach to political decisions and how he overcame a background of immense priviledge to become, at the time of his death, the most popular political figure in America and a true champion of the poor and disenfranchised. He wasn’t perfect but he radiated decency and hope. The qualities we look for in our leaders and would hope to find in ourselves…

“Laws can embody standards; governments can enforce laws–but the final task is not a task for government. It is a task for each and every one of us. Every time we turn our heads the other way when we see the law flouted–when we tolerate what we know to be wrong–when we close our eyes and ears to the corrupt because we are too busy, or too frightened–when we fail to speak up and speak out–we strike a blow against freedom and decency and justice.” – Robert F Kennedy

Here’s another one on Bobby’s favourite theme, moral courage.

“Fear not the path of truth for the lack of people walking on it.” From his last speech after winning the California state primary on June 6th 1968.

Categories
politics

More helpful comments from Mr. Putin

Just read the following article on MSN. It was referenced on their news channel this morning. It’s amazing how communism under Gorbachev seemed so much friendlier than democracy under Putin. There are many starving in his own country and he’s issuing threats of retaliation for acts not yet taken and not directly threatening his own country. We should remember very closely where this man came from, what his background is and how recently the former USSR had plans to invade Europe.

Categories
science

Boiling Point

I’ll leave the politics out of this one. I’m quite concerned about the “Boil Notices” that the Galway county council have being issuing in relation to the recent contamination of the water supply with cryptosporidium. There are 2 issues at play here and the guidelines provided by the British Columbia Ministry of Health are worth noting. The first is that there appears to be some dispute about whether quick boiling is enough to kill cryptosporidium. I could be wrong here but I’m basing my comments on the US EPA’s statement advising people in affected areas to “bring their drinking water to a full boil for one minute”. From research and querying friends in the US this is often taken to imply stove boiling where the steam, which is hotter than 100 deg celsius boiling water, is effective in killing Cryptosporidium.
So the EPA clearly request a full boil for a one minute period. The problem is that the kettles we use in Europe tend not to boil for a one minute period. They’re efficiently designed to do a 15-20 second boil. Watch your kettle the next time your boiling water for tea and see when you can observe steam and for how long it lasts. This efficiency is a great energy saver but lessens the effectiveness in killing the pathogen.
If in doubt then a possible solution is to boil the water in a pressure cooker where the higher-temperature steam has a better chance of killing the bacteria. The second is a combination of boiling and (one micron) filters to remove cryptosporidium oocysts. (A human hair is around 50 microns thick for reference).
One of the problems with this pathogen is its resistance to chlorine-based disinfectants. In many cases the amount of bleach required to kill the pathogen would render the water poisonous to drink. Success has been had with Ultra Violet light but this is relatively recent research and isn’t recommended by any government that I’m aware of.