{"id":487,"date":"2012-06-05T21:59:43","date_gmt":"2012-06-05T13:59:43","guid":{"rendered":"http:\/\/blog.a-cubed.info\/?p=487"},"modified":"2012-06-06T00:20:23","modified_gmt":"2012-06-05T16:20:23","slug":"security-and-human-behaviour-session-5-foundations","status":"publish","type":"post","link":"http:\/\/blog.a-cubed.info\/?p=487","title":{"rendered":"Security and Human Behaviour – Session 5 Foundations"},"content":{"rendered":"

David Livingstone-Smith, New England
\nIdeology<\/strong><\/p>\n

The camera obscura description of ideology as an accidental inversion of reality. The Conspiracy Model of ideology as a purposive distortion of reality in pursuit of some goal.<\/p>\n

There is a perfectly good model of non-intentional purposiveness available: the notion of biological purpose, e.g. the orhid that simulates a wasp for the “purpose” of seducing male wasps to use them as a pollenation vector.<\/p>\n

Millikan’s theory of proper function provides analysis of non-intentional purposes. The thing that caused a reproduction of an item is the proper function of the item.<\/p>\n

Ideologies are collective misrepresentations of the social world that:<\/p>\n

perpetuate the power of dominant groups, creating the circumstances allowing their reproduction and the reproduction of that power.<\/p>\n

 <\/p>\n

Rachel Greenstadt, Drexel<\/strong>
\nAnonymouth: How to make machine learning for security usable<\/strong><\/p>\n

<\/strong>Long term anonymity is challenging, as shown in the case of “A Gay Girl in Damascus”. It’s particularly difficult to re-write an existing document in a new style.<\/p>\n

Anonymouth provides a suggestion set of ideas for how to make your documents less recognisable as your own.<\/p>\n

Luke Church, Cambridge<\/strong>
\n“tracking” for societal benefit<\/strong><\/p>\n

Users don’t understand derived sales models.<\/p>\n

Asking programmers to allow the researchers to record and analyse their every keystroke and mouse click leads to refusal because they are afraid of the usage of that data.<\/p>\n

Please can we slow down the process of restricting scientists access to data.<\/p>\n

Bruce Schneier, BT<\/strong>
\nProfiling and Airports<\/strong><\/p>\n

Why profiling makes no sense in security, even if you have a differential threat. Arguing against intuition, “common sense” and “obviousness” with clear (security) engineering principles is hard.<\/p>\n

Public policy has important characteristics which divorce it from individual common sense about security.<\/p>\n

Political rhetoric focusses on folk belief, common sense and intuition, rather than solid engineering principles. Non-security issues are driving security decisions (including corporate interest, law enforcement interests, military interests).<\/p>\n

The four horsemen of the cyber apocalypse used for two decades to justify intrusion.<\/p>\n

Persuasion and security questions. How to teach people not to have their security fear buttons pushed.<\/p>\n

Matt Blaze, University of Pennsylvania<\/strong>
\nFolklore<\/strong><\/p>\n

Why (Special Agent) Johnny (Still) Can’t Encrypt (redux)<\/p>\n

APCO Project 25 (P25) cryptographic system for first responders.<\/p>\n

Serious vulnerabilities in multiple ways, in theory. How often do they cause problems in practice?<\/p>\n

Rule #1 of cryptanalysis – look for cleartext.<\/p>\n

Ridiculous amount and high security content of cleartext. About 30 minutes of cleartext per day per city.<\/p>\n

The problem exists because radio encryption is harder than we think.<\/p>\n

After discussions with various agencies there was often a short term drop in cleartext but then a reversion and even an increase.<\/p>\n

The act of paying attention to problems like this can lead to a reduction of security because of misunderstanding.<\/p>\n

Institutional memory of the previous generation of analogue radios (encryption reduces quality) is still maintained even though it is completely incorrect for the current systems.<\/p>\n","protected":false},"excerpt":{"rendered":"

David Livingstone-Smith, New England Ideology The camera obscura description of ideology as an accidental inversion of reality. The Conspiracy Model of ideology as a purposive distortion of reality in pursuit of some goal. There is a perfectly good model of non-intentional purposiveness available: the notion of biological purpose, e.g. the orhid that simulates a wasp […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29,43,5],"tags":[],"class_list":["post-487","post","type-post","status-publish","format-standard","hentry","category-academia","category-security","category-legal-and-ethical"],"_links":{"self":[{"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=\/wp\/v2\/posts\/487","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=487"}],"version-history":[{"count":4,"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=\/wp\/v2\/posts\/487\/revisions"}],"predecessor-version":[{"id":489,"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=\/wp\/v2\/posts\/487\/revisions\/489"}],"wp:attachment":[{"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=487"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=487"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.a-cubed.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=487"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}