Articles, Blog

Privacy, Security, Society – Computer Science for Business Leaders 2016

Privacy, Security, Society – Computer Science for Business Leaders 2016

>>DAVID MALAN: All right. Welcome. Hello, everyone. My name is David Malan. I’m on the computer science
faculty here at Harvard, and teach a few courses–
most of them related to introductory computer
science and higher level concepts that derive from that. The next couple of days are not so much
though about building from the ground up, as we might in a typical
undergraduate course, but looking at computer science as it
relates to business and to decision making– really from
the top down so that we can accommodate a range of
backgrounds, as you’ll soon see, both less technical and more
technical, and also a number of goals that folks have. In fact, we thought we’d start
off by taking a look at some of the demographics we have here. But first, let’s take a
look at where we’re headed.>>So today, we have four
blocks focused for the day. First up, we will focus on
privacy, security, and society. And we’ll do this by way of a
couple of case studies of sorts. Very much in the news of late
has been a certain company called Apple and a certain agency known
as the FBI, as you might have read. And we’ll use this as an
opportunity to discuss exactly what some of
the underlying issues there are, why it’s interesting,
what it means technologically, and use that to
transition more generally to a discussion about security
and making decisions there on.>>Two, looking at encryption specifically. So we’ll look a little more technically
at what it means to actually scramble or encrypt information. And then we’ll take a
look at Dropbox, which is one of these very popular
file sharing tools these days. You might use it, or Box, or SkyDrive,
or the more recent incarnation thereof and so forth. And we’ll take a look at some of
the underlying security and privacy implications there. We’ll have a break, and then we’ll
look at internet technologies in the latter half of
this morning– trying to give you a better sense of how
that thing works that many of you are connected to at the moment–
certainly use most every day– and what the implications are there
for performance, for hardware, for software, and any number of
other attributes, specifically trying to tease apart a whole bunch
of acronyms that you might have seen or might even use, but
don’t necessarily know what’s going on underneath the hood. And we’ll take a look to at the
process of actually getting a company or getting a entity online on the
web, and what that actually means. Then we’ll have a break for lunch. We’ll come back and take a look at cloud
computing, and also designing server architectures more
generally so that you’ll walk out with a better understanding,
hopefully, of this buzzword “cloud computing,” but what it actually means. And if you’re trying to
build a business or you’re trying to expand a business,
exactly what you need to know and what you need to do in order to
handle increasing numbers of users online, and what kind of decisions
you have to make around that.>>And then in the last part of today,
we’ll take a look at web development specifically. We won’t get our hands
too dirty, but I thought it might be enlightening if we actually
do get our hands a little dirty, and take a look at something called
HTML, CSS, and an actual server set up so that you’ll create a little
web page for yourself, even if you’ve done this before. But we’ll talk about what the
interesting ideas are underlying that and what actually is
happening every time you go to Google Apps, or Facebook, or
any number of other web-based tools.>>Tomorrow, meanwhile,
we’ll transition to a look in the morning at
computational thinking– a fancy way of describing
how a computer might think or a human versed in
computing might think– a little more methodical, a little
more algorithmic, as we might say. And we won’t go too deeply
into programming per se, but we’ll focus on some
of the tenets that you see in programming and computer
science– abstraction, algorithms, and how you represent data, and
why that’s actually interesting. We will take somewhat of
a look at reprogramming in the latter half of tomorrow morning. We’ll get your hands a
little dirty with that, but only so that we have some
context for talking about some of the terms of art that an engineer or
a programmer might actually use, things you might hear or see on a whiteboard
when engineers are designing something. In the latter half of
tomorrow, we’ll take a look at what might be called
technology stacks. In other words, most
people today don’t really sit down with an empty
screen in front of them and start building some application
or building some website. You stand on the
shoulders of others using things called frameworks and libraries,
many of them open source these days. So we’ll give you a sense
of what all that’s about and how you go about designing software
and choosing those ingredients.>>And then we’ll conclude with a look
at web programming specifically and some of the
technologies related there, too– things like databases,
open source, or commercial APIs, or application programming
interfaces, and then one such language that you might use with that. So it’ll be a mix of conceptual
introductions, a mix of hands on, and a mix for discussion throughout.>>But before we do that, let me give you
an answer to a couple of the questions that everyone here was asked. How would you describe your
comfort with technology? We have a bit of a range here. So six people said somewhat comfortable,
five said very, and two said not very. So that should lend itself to
some interesting discussions.>>And please, at any point, whether you
are in the not very or very categories, do push back if either
I’m assuming too much or speaking at too high of a level. Do bring me back down. And conversely, if you’d
like to get a little more into the weeds with some topic
technically, by all means push on that. I’m to happy to answer down
to 0s and 1s if need be.>>Do you have any programming
experience in any language? Just to calibrate, almost everyone
has no prior programming experience, which is great. And even for those that do, we won’t
spend too much time actually teaching how to program, but rather
just giving you a taste so that we can then move from there
and talk at a higher level about why some of those concepts are interesting.>>This and more will all
be available online. In fact, if there’s one URL
you want to keep open in a tab throughout today and tomorrow, you
might want to go to this one here. And that’s a copy of the slides. And any changes we make over the
course of today or discussions that we annotate on the slides,
they’ll be there instantly if you just reload your browser. So I’ll give you a
moment to jot that down, and you’ll then be able
to see exactly what I see.>>But before we forge ahead, I
thought it might be helpful, especially since we’re
an intimate group, just to get to know each other a
little bit and perhaps say where you’re from, or what you do, and
what you’re hoping to get out of today and tomorrow, ideally so that
you might find one or more like minded spirits or folks to
talk to during break or lunch. And I’ll jump us around
somewhat randomly. Arwa, you’d like to say hello, first?>>AUDIENCE: Hello. Good morning, everyone. My name is Arwa. [INAUDIBLE]. I work at at my sector like
banking, business [INAUDIBLE]. DAVID MALAN: OK. Wonderful. Welcome. Andrew. AUDIENCE: Yeah. Hi, everyone. I’m Andrew [INAUDIBLE]. So I work for a technology
company, Red Hat, which is a big open source company. I have a business
background so [INAUDIBLE] get more versed into making
solution oriented investments, I just need to know what
people are talking about. So I lead our global partner operations. I’ve been doing that
for about five years. Your overview is fantastic. I’m really looking to pick
up all those [INAUDIBLE]. DAVID MALAN: Wonderful. Glad to have you. Chris.>>AUDIENCE: Good morning. My name is Chris Pratt. I work for a company called [INAUDIBLE]. It’s a family business, so I
do a lot of different projects. And right now, I’m focused on technology
initiatives and managing our IT staff. So I’m here to get a more high
level and broad understanding of the types of things
that [INAUDIBLE] is doing and familiar with so I can help
them make the decisions [INAUDIBLE]. DAVID MALAN: Wonderful. Welcome aboard. Olivier, is it?>>AUDIENCE: Yes. So I’m French living in Switzerland
working for [INAUDIBLE]. It’s a [INAUDIBLE] corporations. So we’re collecting money when
there’s a disaster and everything. And I’m teaching some strategies there.>>So I have to work on [INAUDIBLE]
digital projects, but also quite technological projects. So the idea for me is really to
be able to make better decisions and being better informed of
what I’m really [INAUDIBLE]. DAVID MALAN: Wonderful. Welcome. And Roman or Roman, is it? AUDIENCE: I’m from [INAUDIBLE]. And I’m responsible for the [INAUDIBLE]. And in the team we– we’re
a cross functional team so we work with engineers. And what I’m looking forward to is
being able to communicate better with engineers. [INAUDIBLE] >>DAVID MALAN: Wonderful. And Karina.>>AUDIENCE: I’m Karina from Montreal. I’m on [INAUDIBLE] of
province of Quebec. Sorry, for my English. And I’m here to better understand what
my programmer or supplier explained to me. [INAUDIBLE] DAVID MALAN: Oh. Wonderful. Well, if I ever speak too
quickly, do slow me down. And I’m happy to repeat.>>AUDIENCE: [INAUDIBLE] DAVID MALAN: Sure. No worries. And Nikisa, is it? AUDIENCE: Yes. Thank you. My name is Nikisa, and I’m [INAUDIBLE]. [INAUDIBLE] I am myself [INAUDIBLE]. So I’m always confused with [INAUDIBLE]
whatever you are really [INAUDIBLE]. >>DAVID MALAN: OK. Wonderful. Welcome. Victoria.>>AUDIENCE: I’m Victoria. I live in Czech Republic. I work for [INAUDIBLE] Enterprise. And even though it is
an IT company, it’s possible that in an IT
company [INAUDIBLE]. So I’m focused on business
development, and whenever I go to a customer meeting, I
have to take a technical person with me because my
customer asks questions about technical side of
the story. [INAUDIBLE]. They talk to each other, but
then I have no understanding of what they’re discussing. So I’d like to get a
better understanding because I think it would
help myself [INAUDIBLE] with my relationship with
the customers as well.>>DAVID MALAN: And it’s a good
point for me to chime in. There’s only so much we’ll be
able to do in just two days. But among the goals,
I would hope, is that, after the next couple of
days, at least more words will look familiar as
you’re poking around online. And you’ll have a better
sense of what to Google, or what words actually
mean something and what might be fluffy marketing
speak so that, over time, you can build up that comfort and
hopefully displace the person that has to tag along each time. Ben. AUDIENCE: My name’s Ben [INAUDIBLE]. I’m a technology transaction
attorney. [INAUDIBLE]. And I’m really here to just get
a better understanding of what CTOs and Engineers at [INAUDIBLE] legal
side of structuring things [INAUDIBLE]. DAVID MALAN: Wonderful. AUDIENCE: And Dan. Hi, everybody. My name’s Dan. I live local here. I’m from Andover. I work locally at a software
company, Kronos Incorporated. Been in software over
20 years and [INAUDIBLE] marketing and development type jobs. For the last five years, I’ve managed
a team of technical cloud consultants in presales fashion.>>So I picked up a lot
of concepts on the way. And so I do a lot of
technical discussions. But I can only take it so far. Similar to Victoria,
lots of times I get lost and need to call in a technical person. So I’m just looking to string
a lot of technology jargon together so I get a
better understanding so I can have more informed conversations. DAVID MALAN: Excellent. Well, ultimately, we can
steer the next couple of days in any direction folks would like. We have a straw man for
both today and tomorrow. But by all means, feel free to
steer us either during the session or during breaks or lunch
if there’s something you’d like to get off your chest. And let me emphasize, there
really is no dumb question. And if you feel like
your question is dumb, by all means just ask me more quietly
during breaks, or lunch, or the like. But rest assured, we seem to be in
very good company– very mixed company here, both internationally
and technically. So feel free to share as
comfortably as you’d like.>>So why don’t we take a
look, again, in this context of privacy, security, and society
at this particular case involving Apple and the FBI. And you might be generally
familiar with this case. It’s hard to escape
mention of it these days.>>Out of curiosity, how
many of you have iPhones? Almost everyone. And you have an Android phone? So fortunately, even though
this is a little biased toward iPhone specifically, the
reality is the Android operating system by Google has so many of the similar
features to what Apple is doing.>>They simply happen to be
in the spotlight right now, and they’ve been particularly
on the cutting edge when it comes to actually
locking down these devices more and more with
each iteration of iOS, the operating system that
actually runs on Apple’s devices. So why don’t we take a
look here just to set the stage at what the actual issue is. So what’s going on with Apple
and the FBI to the extent that you’re familiar with the issue?>>AUDIENCE: The FBI wants to get access to
the data, which is encrypted by Apple.>>DAVID MALAN: Exactly, so the FBI wants
to get access to data that’s encrypted. So first, step back. What does it mean for data to be
encrypted, just as a quick definition?>>AUDIENCE: Somehow secure that
people won’t have such easy access to it [INAUDIBLE]. DAVID MALAN: Yeah. Exactly So it’s some way of obscuring
information so that no one else can, in theory, access that information. And so you can just casually
think of it as scrambling. So if it’s an English word
or an English paragraph, you might just jumble the words up
so that someone might look at it and it sees nonsense. But hopefully, there’s a way
to rearrange those letters.>>Now, in reality, it’s
much more secure than that because someone who’s
simply diligent could unscramble the words
with high probability and figure out what a sentence says. And in reality, at the end
of the day, all of this is happening at a very
low level– 0s and 1s. And tomorrow morning, we’ll talk
about computational thinking and what it means for data to
be implemented or represented with just 0s and 1s. But for today’s purposes,
let’s just assume that you have things like
emails, and photos, and videos, and all of that on a iPhone
or an Android device. And somehow, that data
is ideally scrambled. And so there’s a suspect in this
particular case, San Bernardino, where they have the suspect’s phone,
and they want to get data off of it. But in this case, Apple has essentially
said no to some things and yes to other things. So they’ve said yes to a few things
in a manner consistent with what a lot of US companies would do
when subpoenaed or the like. They’ve provided, for instance, the
authorities with the iCloud backup. So if I’m familiar, iCloud
is this cloud base– and we’ll come back to cloud computing–
this nebulously defined cloud based service where it
just backs up your data. And it turns out that you can
access data there unencrypted. So it’s unscrambled when it’s
actually being backed up there. And so Apple’s turned that over. But unfortunately, the
suspect in question seems to have disabled automatic
iCloud backup some weeks prior to the FBI obtaining
this particular iPhone. So there’s a few weeks of potential
data that lives on the phone, but not in iCloud. And so the FBI wants to actually look
at what’s on that particular phone. Unfortunately, the phone,
like many of ours here, is protected with the passcode. And how long are these passcodes
typically– whether on your phone or in general?>>AUDIENCE: Four.>>DAVID MALAN: Yeah. So often four digits. They’ve started with
newer versions of iOS to make these passcodes a little longer. And let’s just put
that into perspective. So if it’s a four digit
passcode, that’s pretty good. That’s comparable to
what many people have on their ATMs or their debit cards. What’s the implication for security?>>Well, let’s take a step back. If you have a four
digit code– and let’s let’s start to ourselves
even before tomorrow morning. Think computationally. It’s a four digit code. How would you, as a human off the
street, not necessarily a technophile, characterize just how secure an
iPhone is if it’s using a four digit passcode– 0s through 9s. How do you begin to quantify
the security of an iPhone then? AUDIENCE: Five? DAVID MALAN: Five? And what you mean by five?>>AUDIENCE: [INAUDIBLE] this technology–
it’s easy to access trying from 1001 [INAUDIBLE].>>DAVID MALAN: OK.>>AUDIENCE: Try 111, 000, [INAUDIBLE]. And if I [INAUDIBLE] my computer
so many times [INAUDIBLE]. DAVID MALAN: Ah, good. So already, if we’ve defined the problem
scenario as this device is secure because it has a four digit
passcode, an attack on that phone would simply be to try
all possible numbers. You might just start 0 0 0 0. And frighteningly, that is the
default passcode on a lot of devices these days. In fact, as an aside,
if you have any device that supports a wireless
technology called Bluetooth, the default passcode
very often is 0 0 0 0. Or maybe, if it’s a more secure
device, 0 0 0 0 0– one additional 0. So when in doubt, if you need to
get into some device, start there.>>But of course, if the iPhone shakes or
whatnot, and says, nope, that’s not it, what number might you try after 0 0 0 0? 1 1 1 1. 2 2 2 2. 7 7 7 7– that’s yours? OK. You might just brute force,
as a computer scientist says– try all possible values.>>So let’s steer back to
the original question. How secure is an iPhone? Someone off the street might say very
secure, or not very secure, or medium secure, but that’s kind of meaningless. It would be nice if we could
ascribe something more quantitative, even if its numbers. We don’t need fancy math, but just some
numerical estimate or qualification of the security.>>So if you’ve got a four
digit passcode, can we begin to ascribe some kind
of numeric rating to it? How secure is it?>>AUDIENCE: 1 out of 10,000. DAVID MALAN: Yeah. So 1 out of 10,000. Where do you get the 10,000 from?>>AUDIENCE: All possibilities [INAUDIBLE]. DAVID MALAN: Yeah, exactly. If you’ve got a 4 digit code, you can
have 0 0 0 0, or you can have 9 9 9 9, maximally. And so that’s 10,000 possibilities. So that seems pretty big. And it would certainly take
a human quite some time to try all of those codes.>>And so suppose, I, during lunch
swiped one of your iPhones and you have a four digit code. If I had enough time, maybe
I could type in 0 0 0 0. And then it shakes and says, no. 0 0 0 1, 0 0 0 2, 0 0 3, and
maybe I can do 1 per second. So that’s 10,000 seconds. So how long would it take me
in the end to actually get to decrypting or hacking into
someone’s iPhone, given these numbers? And we’ll play with a few perhaps here.>>Let me go ahead and pull up
overkill of a calculator. So if it’s 10,000 seconds, there
are 60 seconds in a minute, and there are 60 minutes in an hour. So it’s like 2.7 hours. So I have to miss the afternoon
sessions, if I started during lunch. But it would only take me 2.7 hours
to try getting into your iPhone.>>Now, you might be
familiar with mechanisms that Apple and soon probably other
companies use to defend against this. This does not seem or
feel very secure anymore. And we’ll come back in just a
bit to do one more introduction, unless we feel omitted. What can we do to make this more secure? 10,000 feels like a lot. But 2.7 hours does not
really feel like that long. AUDIENCE: Doesn’t it get locked after
three attempts or something like that? DAVID MALAN: Ah, maybe it does. In fact, hopefully not
three, because even I goof on my passcode
three or more times. So there is typically some threshold. And I believe in iOS’s case,
the default is actually 10. But similarly–>>AUDIENCE: [INAUDIBLE] DAVID MALAN: –similarly reasonable. So what does that mean– so
what happens after 10 tries or whatever number of tries?>>AUDIENCE: It gets locked.>>DAVID MALAN: Yeah. So the phone maybe locks itself down.>>AUDIENCE: Time delay.>>DAVID MALAN: Time delay. Would do you mean by time delay?>>AUDIENCE: It’ll lock the phone for
five minutes, and after five minutes, you can try again.>>DAVID MALAN: All right. But that doesn’t feel like it’s
solving the problem, right? Can’t I just come back 5 minutes
later and continue hacking on it?>>AUDIENCE: Yes.>>DAVID MALAN: OK.>>AUDIENCE: But after you try
again, it goes to 10 minutes. DAVID MALAN: Ah. AUDIENCE: –keeps expanding. AUDIENCE: So the thing increases but– DAVID MALAN: Yeah, exactly. So let’s suppose it’s
not one per second, but it takes me for 10,000 codes,
instead of times 1 second for each, it’s actually not even 60 seconds. It’s five minutes. So now, this is the total number–
this is the total amount of time I need in order to hack into a phone. And again, there’s 60 seconds in a
minute, and 60 minutes in an hour.>>So now, we’re up to 833 hours. And if we want to see this precisely,
now we’re talking about 34 days. So it’s going to take an
adversary, without sleep, 34 days now to hack into your iPhone,
if there is this five minute delay. But it’s not even just five minutes. As Kareem said, what
happens after the next–>>AUDIENCE: After you’ve tried–>>DAVID MALAN: –misattempt?>>AUDIENCE: –five more times, then
it gives you a 10-minute delay. DAVID MALAN: A 10 minute delay. And I’m not sure what it is after
that, but maybe it’s 20 minutes. Maybe it’s 40 minutes. And if it is, that’s actually an
example of a fairly common technique in computing known as
exponential backoff, where this exponentiation usually means
you double something again and again.>>So that starts out being
not so significant. But once you start doubling from
2 to 4 to 8 to 16 to 32 to 64, the gaps really start to widen. And so it might take a month,
or a year, or a lifetime to actually get into that device. Now, there’s other mechanisms still. Time is a good thing
because, in general, this is a common security technique. You can’t necessarily stop the bad
guys, but you can slow them down. And because there are finite
resources in life, like living, you can eventually push
out the threat so far that even though, sure, the adversary
might get really lucky and try 7 7 7 7 on your phone and get the answer
right, the probability of that is incredibly low. And so, generally security is a
function, not of absolute protection, but of probabilistic protection. You’re just pretty sure that you’re
safe from some kind of attack.>>But that might not be
really good enough. So what more could you do? And what more does Apple do,
if people have enabled this, if an adversary or bad guy tries
to get in more than 10 times, besides inserting a delay. What would be a stronger
measure of defense that might make you sleep better at night?>>AUDIENCE: Erasing the data.>>DAVID MALAN: Erase the data. Yeah. So in fact, that’s a
very common technique where, much like the
old movies, this message will self-destruct in 10 seconds. Very commonly, will
devices, iPhones among them, just wipe themselves, delete
themselves after 10 incorrect attempts. So is this a good thing or a bad thing? Now, let’s put on more of
the product manager’s hat. What’s good about this? Why is this a positive feature?>>[INTERPOSING VOICES]>>No access to your information. So now, not only have you
slowed the adversary down, if you do have those
artificial time delays, but you’ve also ensured that if
he or she screws up 10 times, now the window of
opportunity is just gone. They’ve only had 10 attempts. And the probability of getting the
answer correct out of 10 attempts when there’s 10,000
possibilities is 1 out of 1,000. So 10 divided by 10,000– 1 over 1,000. But even that’s not all that good. So we’ll come back to making me
feel better about that probability because it actually feels somewhat high. It’s 1/10 of a percent. What’s bad about this feature though?>>AUDIENCE: It’s bad because– DAVID MALAN: Yeah. What do you mean in my hands?>>AUDIENCE: If you didn’t
lose it, and you’re just trying to get into your phone.>>DAVID MALAN: Yeah. So what if there has been no compromise,
your just kind of distracted, you’re an idiot, you
forget your password. And so it’s not that
unreasonable, especially if you don’t log in to
your phone that often or you’re distracted while
doing it, maybe you yourself mistype your code 11 times. And now, dammit, you’ve
just wiped your own device. So this too is kind of a theme
in computing and computer science of trade-offs. There really is rarely a right answer. There’s simply a more preferable
or a less costly answer. And in this case, there’s a trade-off. One, our data is a
little more secure, if it gets into the hands of some adversary. But I can shoot myself in the
foot by wiping, accidentally, my own data if I don’t actually get
that passcode right within the first 10 times. So what’s the push? How do we fix that? Do we throw the feature out
altogether, if we’re Apple, and say, this feels bad because we’re going to
have– if we have one irate customer, this is not a situation
we want to invite. AUDIENCE: We encrypted and then
we recovered the code somehow by Apple or whatever [INAUDIBLE]. DAVID MALAN: Can you elaborate? AUDIENCE: [INAUDIBLE] DAVID MALAN: OK. So maybe we don’t do this wiping thing,
which feels a little overly dramatic. Why don’t we just keep
the data encrypted? Well, so in this case, Apple already
does keep the data encrypted. And what’s keeping the adversary
from seeing your encrypted data is unfortunately that passcode.>>So the passcode effectively unlocks
the data so that while it’s scrambled, if you’re just holding the phone, as
soon as you log in with that passcode, it’s unscrambled and
the user can see it. So it is already encrypted. But if we want to avoid wiping
the data, but we somehow want to have a good answer
on the customer support line if the absent minded or
forgetful user has accidentally wiped his or her phone because they
mistyped the password 11 times, what solution could we offer? How else could we
solve that problem now? Yeah.>>AUDIENCE: Customer service [INAUDIBLE]. DAVID MALAN: OK. So that’s good. So maybe without using
resorting to wiping, we could have some out-of-band
mechanism for solving this problem. And by out-of-band, I mean you
don’t interact just with the phone, maybe you grab someone else’s phone or
email and you talk to customer service. And maybe they ask you the
usual questions of, well, what’s your name, what’s
your birthdate, what are the last four digits of your
social security number or country ID.>>And what’s good about that? Well, of course, with
high probability, it lets you and only you into
your phone because maybe they send a temporary passcode. And this does not exist in
Apple’s case, but maybe they do send you a temporary passcode. You get in, and you’re back on your way. But what’s the downside
of this solution?>>AUDIENCE: If someone
steals your identity, they might have access
to all this information. DAVID MALAN: Yeah. If someone steals your
identity– and frankly, it’s not all that hard,
especially when so many companies ask the same questions. What’s your name, what’s
your address, what are the last four digits of your
social security number, what was your favorite pet, what
was your favorite parent or whatever the questions might be. And in fact, as an aside, I’ve noticed,
having just the other day filled out questions like these, the
questions in a reasonable effort to become a little less well-known
are getting increasingly personal. And as soon as you start giving this
tidbit of information that might indeed be a secret to this company, and to
this company, and to this company, and to this company, it’s not going to
be long before some company aggregates this kind of information. And so you’ve told
little simple secrets, like your best friend growing up, to
all of these individual companies. And soon enough, you have an attack
known as social engineering, whereby someone just masquerades as you on
the phone or spoofs your email address and somehow gets into the phone.>>So I’m not liking that. It’s a possible solution, but
let’s suppose I’m not liking that. Let’s go back to the issue at
hand where phone is encrypted and we’ve not enabled some kind
of self-destruct mechanism. But I do– rather, I have enabled
some self-destruct mechanism, but I nonetheless want
to appease a customer who accidentally wipes his or her phone. How else could we solve that problem?>>AUDIENCE: Make a backup.>>DAVID MALAN: Make a backup. And indeed, this is how
Apple happens to do this. One of the motivations of iCloud is
exactly this– not only convenience and resting assured that all
of your photos and everything are backed up, but in this case–
because if your individual device, whether it’s an iPod, or iPhone, or
iPad is lost, or stolen, or accidentally or deliberately wiped, at least
all of your data is somewhere else. And you can just go buy
or borrow another iPhone. You can restore from backup,
so to speak, from iCloud, and you’re back up and running.>>Now, there’s a trade-off there. Potentially, Apple now has
access to all of that same data. And we can come back to that some time. But at least now, we’ve solved
the problem in a different way.>>And if you visualize this
story line in your mind’s eye, you can perhaps see that every
time we solve a problem– kind of covering up a leak in hose,
some other problem springs up elsewhere. We’re really just pushing
the problem somewhere else. And in the case of the
adversary with the time delays, really what we’re doing is
we’re not keeping adversary out, we’re just raising the bar over
which he or she has to jump in order to actually get access to our data.>>So any time, henceforth, you go to a
website, or you read some white paper, or some CTO or CSO tells you, oh, our
systems are secure– it’s baloney. There’s nothing to be meant
by “our systems are secure” other than we take industry
standard probabilistic measures to keep people away from your
servers or away from your data.>>Now, the Apple situation has
gotten kind of interesting because they’ve been
asked to do something that’s not quite as simple as
turn over the adversary’s data. They’ve already done that from iCloud. But now, the FBI wants
to get into this phone. And the belief that it does in fact
have this self-destruct mechanism built in after 10 attempts– and I
believe that’s because they looked at the backups and realized
this feature seems to be enabled, and I assume they don’t
want to necessarily try and waste one out
of their 10 attempts to confirm or deny this feature.>>And they also, unfortunately– and
this is sort of the irony of it all, the county where this
fellow worked actually owned and was paying for special
software– device management software– that had it been installed
on their employees’ phones– so the phone in question is actually
state property or county property that was being used by an employee. Had they installed in advance
this device management software, they could have with a
simple click on a PC or Mac unlocked this phone trivially. But unfortunately, they didn’t have
that software actually installed.>>So there are yet other ways
to address this kind of issue. It doesn’t have to be a black
box in your employee’s pocket. But they didn’t. And so now we’re stuck
with the situation with an encrypted iPhone that will
literally self– will figuratively self-destruct after
10 incorrect attempts. And the FBI wants to get
data off of that phone.>>So let’s take a look at what Tim
Cook has announced to the world and taken this bold stand. If you’ve not read it, let
me go ahead and do this. If you’d like either on your
computer to go to this you URL here, or I can grab for you some paper copies. Why don’t we just take
two minutes, if you would, and read the actual letter that Tim
Cook wrote to Apple’s customers. And we’ll see if we can’t then
tease apart what it actually means. And so I’ve circled
a few things in this. But let’s see if we can’t distill
what’s actually being said here and where the real
interesting stuff is hidden. So I for instance, on the paragraph
starting– under the San Bernardino case, the paragraph starting
“we have great respect for,” Tim Cook’s last sentence
is this. “They have asked us to build a backdoor to the iPhone.” This is a commonly used phrase,
“backdoor” to something. What does this actually
mean, as best you can tell, from what you’ve read here or elsewhere? AUDIENCE: Hack it. DAVID MALAN: They want to be able
to hack it, and what does that mean? What is a backdoor?>>AUDIENCE: An alternate entry point? DAVID MALAN: Yeah. So it’s an alternate entry point. Much like an actual house
where you have a front door, and sometimes a back door where you’re
supposed to come in the front door and maybe not so much the back
door, unless you belong there, the FBI is asking for a
figurative back door– another way of getting into the phone that isn’t
simply a human finger touching the code and getting in in the usual way. They want to somehow slurp the data off,
maybe with a cable, maybe wirelessly, or they want to somehow be able to
input the code, perhaps, to the phone without just using a raw human finger.>>So they allude to, in
the next paragraph, “the FBI wants us to make a new
version of the iPhone operating system, circumventing several
important security features.” So why is the FBI asking Apple
to make a new operating system? That seems to be kind
of besides the point? No? Why do you think they
might be saying that? How is the solution to the problem?>>AUDIENCE: [INAUDIBLE] DAVID MALAN: Yeah. AUDIENCE: [INAUDIBLE] DAVID MALAN: Exactly. The version of iOS, the operating system
that’s running on the phone currently, has all of the security measures
that we were discussing earlier, for instance, the time
delay, potentially the self-destruct mechanism, all
of which are particularly bad. And so the data is on there
encrypted, and as best we can tell, Apple somehow stores data separate from
the underlying operation of the phone– the operating system. And so it would seem to be
possible to install a new operating system on the phone without
touching the user’s data.>>In fact, if any of you have
ever updated Mac OS or Windows, it would be– hopefully,
it’s supposed to go this way. Hopefully, you’ve been able to update
your operating system from an older version to a newer version
without starting over, without deleting all of your files. Now, some of you have probably
had the experience where that does not go according to plan. But in theory, this should be
possible– update the operating system, but do not delete or
touch the actual data.>>So the FBI is proposing that Apple
create an operating system that doesn’t have these kinds of defense
mechanisms, installed onto the phone so that they can get access to the data. Now, how is that possible? Wouldn’t the suspect
himself, who is now deceased, have to install that
software for the FBI? What is the FBI counting on here?>>AUDIENCE: Push it down somehow? That was my question. How do you install it if
you can’t log in to it? DAVID MALAN: Yeah. Exactly. So you would seem to have a
chicken and the egg problem here, whereby, you would think,
to update the software, you need to log into the phone. But to log into the phone, you
need to update the software so as to avoid these defense mechanisms.>>So lets just reason backwards. So not necessarily being the programmer
at Apple, what must be the case? If the FBI thinks it can do this,
what must be the case logically? What is the answer to that question? >>It must be possible to
do, presumably, somehow. So how might you do it? All you are is a user with an
iPhone, maybe a Mac or a PC, maybe a cable, maybe
a network connection. How might the FBI be
assuming Apple can do this?>>AUDIENCE: Maybe through
automatic updates?>>DAVID MALAN: Yeah. So very much in vogue these
days is automatic updates where an Android phone,
and iPhone, Windows Phone, whatnot will just
automatically download updates. So maybe Apple could just
update the operating system, as the FBI has requested, put
a copy of the new operating system in the cloud on
their servers, and just wait for the suspect’s phone to connect
automatically, as it probably does nightly or every
five minutes or something, to pull down the new operating system.>>Now, let’s pause for just a moment. You probably don’t want to do
that for everyone in the world, otherwise we have an
even bigger problem. Well, maybe the FBI might like to
do that to everyone in the world, but probably won’t go over so well. So just thinking logically
here, is that possible? Is that a deal breaker? Can you roll out software to
just one user in that scenario? How, would you think?>>AUDIENCE: You make it available
only for that device’s address. DAVID MALAN: Yeah. Just for that device’s address. And maybe that addresses
is some numeric address. Maybe it’s the device’s phone number. Maybe it’s the device’s
Apple ID, if you’re familiar, like the email address
that the human uses to log in to that– for automatic
updates to the App Store. So there’s probably a way to do that.>>So you have the operating system
for everyone in the world, except for this one person who has
his own version of the operating system getting pulled down. Now, maybe it’s not on the network. Maybe that’s a little
easier said than done. So what’s another mechanism? Well, it wasn’t all that long ago that
most of us here, Android or iPhone, were updating our phones via cable–
some kind of USB cable connected to your Mac or PC. And that might very well be possible.>>And in fact, this is arguably a security
flaw in the current version of iOS, and iPhones more generally,
that that is in fact possible. You can update the software on the
phone without unlocking the phone, it would seem. Now, why is that a security flaw? Because they have opened themselves
to exactly this kind of request.>>So as an aside, the outcome that seems
inevitable from this whole process is there is no way that’s going to
be possible with the next version, you would think, of iOS. Right? They could have deliberately
tied their hands– Apple– so that this isn’t even possible.>>Now, they’ve probably been assuming
that because only they own the source code to iOS that this
isn’t really a threat because no one’s going to sit down
and build a whole operating system and figure out how to
install it on an iPhone. But it’s certainly possible now to
just require a passcode moving forward to install this operating system.>>So that’s the gist of
what they’re asking. And the bigger picture that we can
defer to perhaps a lunchtime style chat or dinner table style
chat– the government suggests that this tool could
be used only once on one phone. And that’s where privacy
defendants really bring some strength to bear that
just seems very unreasonable. As soon as the software actually exists,
surely additional legal requests will come in, surely there’s a risk of some
bad guy getting access to that kind of software, installing it
him or herself on phones, and so you’re just opening, it
would seem , a can of worms.>>Now, even Obama recently,
if you’ve read or listened to one of his recent
speeches, commented, I think, that folks seemed to be
fetishizing their phones, so to speak, whereby we have accepted over 300 years
the fact that the police with a warrant hopefully can come into
your home or can search through the contents of
your drawers or whatnot, and yet, we seem to be putting
a phone on this pedestal whereby it should be immune to all prying eyes. But I would argue, frankly, from a
computer scientist’s perspective, that is actually progress– the fact that
we now have the mathematical means to actually keep data truly secure by
way of this thing called encryption, and we’ll come back to
in just a little bit.>>So any questions about
any of that just yet? Well, let me show you just
how there is, in fact, one way to brute force your way into a phone. And in fact, this is
not out of the question. This is just a short YouTube video
of essentially a little robot someone built that does this with a little pad.>>And I forget what it is. This is using an Android phone because
an Android phone, in this case, is vulnerable to this attack. It will not timeout. It does not increase the
delay between attempts. And so you can just do this– I
think for like three days, I think, was the caption in this video. After three days, this
funny looking device will hack into an Android
phone that has a four– maybe it was a six digit passcode. So beware something like this–
you see this on the table near you.>>This though is one mechanism. So what is Apple actually asking for? This article’s a little longer. And it’s the only other article
we’ll read today on paper or online. But let me invite you to take
probably four or so minutes to take a look at the following. This is a longer URL here. But if you have the
slides open in a tab, you can probably just copy and paste
this from the slides themselves. And I have a printout here, if you
would prefer actually looking on paper.>>This is a more technical article
that’ll offer us an opportunity to actually tease apart
more technical jargon, and see what the authors actually mean. So if you need to keep finishing up–
but let me toss the question out there, based on what you’ve read, are there
any buzzwords, sentences, claims, that we should first
translate or distill that would make everything
more straightforward? Anything at all? So if I started to pop quiz us
on what certain sentences mean, we should be OK? Oh, there we go. OK. AUDIENCE: [INAUDIBLE]
building some code into RAM. DAVID MALAN: Oh, RAM. OK. Yeah. RAM– let me define it first and
we’ll come back to that point.>>AUDIENCE: [INAUDIBLE] DAVID MALAN: What
they’re asking for there. OK. So as a definition, RAM
is Random Access Memory. This is the type of memory
that all of our computers have. It is distinct from a hard
disk or a solid state disk. And a solid state disk or hard disk is
where your data is stored long term. So when you unplug the cord,
even when your battery dies, any data or programs that you have on
your hard drive or solid state drive remain there.>>RAM, meanwhile is the type of memory
that, when you double click an icon, or open some file, or
run some program, it’s copied from the hard drive or
the solid state drive into RAM. RAM tends to be faster,
albeit more expensive. And that’s where files and programs
live while they’re being used.>>So we’ll come back to the
implications of that in just a moment. But for those unfamiliar,
that’s what that’s all about. And phones have it as well. Any other definitions or
clarifications we can make? All right. So the pop quiz is what
are the three, at least, things that the FBI is specifically
asking Apple for technically? One of them does indeed relate to RAM. So that’s the spoiler there. And we’ll come back to what that means. But what does the government want? Yeah, Chris, you want
to give us one other?>>AUDIENCE: I think the ability to
electronically brute force a password, DAVID MALAN: Yeah, electronically
brute force the passwords. Again, brute force– quick recap,
what does brute forcing mean?>>AUDIENCE: Try the
number of combinations. DAVID MALAN: Again. Exactly. Just try it again, and again,
and again, via brute force, not via intellect, not via cleverness. Just try every darn possibility. So the government wants a way
to avoid brute force– they want a way to be able to
brute force it electronically, and electronically as opposed to what?>>AUDIENCE: Manually.>>DAVID MALAN: Manually. So as opposed to an FBI agent
physically typing things in, and as opposed to silly looking
devices like the one we just saw, automatically punching them, they
presumably want to do this wirelessly. And in fact, if you read the
government’s request– the court document– via Bluetooth,
Wi-Fi, whatever is possible– or maybe
via lightning cable that plugs into the
phone itself that would be connected via USB to some
hacking device that they have.>>So they want the ability to brute
force the phone electronically so that they can just do it faster
than a human or a robot could do it. They want somehow RAM–
let me read that sentence. “It wants Apple to design this
crippled software, the new operating system, to be loaded into memory,
AKA RAM, instead of on disk so that the data on the phone
remains forensically sound and won’t be altered.”>>So it’s not clear to us, the readers,
exactly where the data is stored and where the operating
system is stored. But presumably, as a
matter of principle in law, the government doesn’t
want to risk mutating any of the bits– any of the 0s
and 1s, or the data on the drive– by putting a new operating
system onto the hard disk itself, lest that open them up
to a claim that wait a minute that file wasn’t previously
there when the suspect owned the phone.>>Rather they want to put the
operating system in RAM, Random Access Memory, which is this
faster speed place that is distinct, physically, from the actual hard disk. Of course, the operating system doesn’t
typically go there in its entirety, so that’s a non-trivial request. So we’ve got this RAM request,
we’ve got this brute force request, and one other at least. What else is the government asking for? Ben? AUDIENCE: Remove the timing delay. DAVID MALAN: Yeah. Remove that timing
delay, which in this case is how many seconds, or
milliseconds, or– 80 milliseconds? Which sounds pretty fast. I mean most humans can only notice
delays of 100 200 milliseconds before something actually feels slow. But 80 milliseconds is
roughly 100 milliseconds. And 1,000 milliseconds is a second. So that’s like– you can do 10
attempts per second, give or take.>>So that feels pretty fast,
but not nearly fast enough if you’ve got a six digit code. And in fact, the article
makes mention of that too. So if you’ve got a four digit
code, as we discussed before, you might have one, two, three, four.>>And each of these numbers can
be the number 0 through 9. So that’s 10 possibilities times 10
possibilities times 10 possibilities times 10. And this is where we
got that 10,000 from. If you have a 6 digit
code, you of course just add this here, which is
another 10, and another 10, which means we can just add another 0. And now, we’re up to a
million possibilities.>>So as an engineer, if 6 is too
few, a million– that still feels relatively low, especially
if you can do 10 per second. It gets a little boring, but
you can do it via brute force. What might be better
than a 6 digit passcode? What’s better?>>AUDIENCE: [INAUDIBLE] digits or letters
and different combinations [INAUDIBLE].>>DAVID MALAN: Yeah. So let’s take both of those in turn. So slightly better than a six
digit passcode might be, of course, a seven digit passcode, which gives
us 10 million possibilities, and just an additional digit. Better than that though would be an 8
digit passcode, 9 digit passcode, 10 digit passcode.>>But push back, now. Now, you’re not the engineer
or the security person. Now you’re the product manager
or the marketing person. Why is a seven digit passcode not
better than a six digit passcode for some definition of “better”? AUDIENCE: It takes longer for the user. DAVID MALAN: Yeah. It takes longer for the user. It takes an additional click. And slightly more compellingly
too, I would say, is what? AUDIENCE: [INAUDIBLE] DAVID MALAN: Yeah. It’s slightly harder to remember
the longer and longer it gets. We humans, at least in the
US, have kind of maxed out at 10 digits for phone numbers. And even that, I know like three
people’s phone numbers these days. So that’s kind of a wash.>>So there’s a point where it’s just not
a good user experience– or UX would be the trendy way of saying that. So what’s better than just using digits? Well, instead of 10
possibilities, why don’t we just get more clever– and instead
of using 10 digits, 0 through 9.>>How else could we make
a 6 digit passcode– a 6 symbol passcode more secure? What did you propose? Letters. So instead of maybe digits, why don’t we
just do letters, like 26 times 26 times 26– and wow, this is actually
getting pretty big fast.>>So if I go here– this
is my little calculator. And if I do 10 times 10 times
10 times 10 times 10 times 10. That’s where we got the
million possibilities from for a 6 digit passcode. But if instead we’re doing 26
times 26 times 26 times another 26, 26, 26– this is now giving
us 308 million possibilities.>>And is that reasonable to
switch from numbers to letters and still have it 6 digits? This means you need a 6 letter word. Most of us could probably remember a
six digit English or some other language word. That’s pretty reasonable.>>But we don’t need to restrict
ourselves to just letters. Why don’t I get a little more ambitious? What might be slightly
better than letters here? Be the engineer proposing
an even better solution.>>AUDIENCE: [INAUDIBLE] DAVID MALAN: A combination– characters. So not just 26 letters, but if I add
back those numbers from before– well, everything’s going wrong– that’s 36. That’s still 26. That’s 36 times 36 times– and so forth. So that’s getting bigger.>>How much bigger can we get this
address space, as someone might say? What else could you add in
besides letters and numbers? I’m up to 36. I’m 26, a through z.>>AUDIENCE: [INAUDIBLE] DAVID MALAN: Yeah. So we can really go
crazy with the keyboard. Or even more simply,
we can keep it simpler.>>AUDIENCE: [INAUDIBLE]>>DAVID MALAN: Yeah. If we go uppercase and
lowercase, now I have 26 plus 26. So that’s 52 already– plus another 10. That’s 62. And just to see the
implications of this, now, let’s just do another bit of math. So 62 times 62 times 62
times 62 times 62 times 62. That now is giving me 56
billion possibilities.>>And it’s still kind of reasonable. Could a human remember
a 6 symbol– where a symbol is just a letter or
a number character password? Probably. That doesn’t feel all that unreasonable. So what more can we add in? And as an aside, has anyone here,
ever heard the phrase base 64? Base 64?>>So we’ll come back to this tomorrow
when we talk about representation. Long story short, all of us
humans in the room most likely understand base 10, the
so-called decimal system. And all of us in this room
count using 0s through 9s. We’re going to see tomorrow, in
more detail, that a computer counts using only 0s and 1s, the
so-called binary system. So dec– decimal– is 10. Bi– binary– is 2.>>Turns out there’s also base 64 for
which there isn’t, to my knowledge, a really fancy word. But that means that you have
not 0 through 1 or 0 through 9, you essentially have 0 through 64. But you use letters in that mix. And so we’ll actually see that the
means by which computers, for instance, attach files in an email these
days– an email, of course, might have an image on it– maybe
even a sound or a movie file. But email is just text.>>It turns out that you can represent
things like music, and videos, and pictures and the like
as text using something called base 64 where you use not only
lowercase letters, and upper case letters, and numbers, but
also the underscore character and the slash on a keyboard. So more on that to come. So this is just getting really big. And now, as the security
researcher, how could you make a pass code even more secure? We’re now using lower case letters,
upper case letters, and numbers. And you proposed, Victoria,
just a moment ago– AUDIENCE: [INAUDIBLE] DAVID MALAN: Dots are symbols. And now, we’re really just
kind of getting crazy. We’re using all of the
keys on the keyboard. And let me estimate
that there are 128, give or take, possibilities
on a typical keyboard, depending on your language and such. And there might even be more than that.>>So now, let’s still assume that
we’re only using a 6 digit passcode and that’s why I have 6 of those 128. Let’s see if I can pronounce this now. All right. So that’s millions, billions–
four quadrillion possibilities, if I counted this
correctly– four quadrillion. Let me just double check, lest
I be exaggerating our security.>>So that’s hundreds of thousands,
millions– sorry, trillions. I overestimated by a
factor of a thousand. My apologies. 4 trillion possibilities. So that’s more secure, right? Especially when we began this discussion
with 1 out of 10,000 possible codes. Now, we’re up to 4 trillion.>>Now, does this mean a
phone is “secure” if it is using a passcode that is 6
characters long, each of which can be a number, or a letter, or
some funky symbol on the keyboard? Is a phone secure now if this is
in fact what the suspect was using?>>AUDIENCE: [INAUDIBLE] DAVID MALAN: Yeah. And that’s a perfect answer. You conditionally explained
that by reasonable standards– probabilistically, you’re not going
to get into this phone anytime soon. However there is a chance, if small
chance– one out of 4 trillion– that you might actually get the
answer right on the first time.>>And the reality is, too, that if
this suspect is like most humans– probably many of us in
his room– he probably did not choose some crazy password with
funky symbols on the key because why? Most of us wouldn’t remember
something that’s so funky as that. And so it probably is maybe someone’s
birthday, or some word, or some phrase, or something more memorable.>>So it’s probably not even as “secure”
as it might be mathematically. So where does this leave things? It remains to be seen what
Apple is going to agree to here. But it certainly has implications
more broadly for society. But the takeaways for today
are not so much the legalities, not so much the ethics, or any of that,
but really the understanding of what’s actually going on.>>And when you read something
like this to think to yourself, is this an author just using
buzzwords, is there actually technical meat to this comment, and
what might I go and Google in this case? And in fact, probably one of the
more technical things in here was this mention of RAM or memory,
and that was simply for, presumably, the legal issue to which they allude.>>A secure enclave is,
I think, Kareem, you mentioned earlier this idea of
exponential backoff, so to speak– or I put those words in your mouth. And that’s a feature not in this phone. It apparently just has
the 80 millisecond delay so it doesn’t get worse, and
worse, and worse, over time. All right. Any questions? Yeah, Dan.>>AUDIENCE: If you don’t mind me asking,
where do you stand on the issue? DAVID MALAN: I would side,
absolutely, with Apple. I think math is not something
that you should poke holes in. And I think the reality is,
as even this article cites, you can poke holes in the iPhone,
you can poke holes in the Android, but there will always
be some alternative that a particularly
smart adversary can use.>>So these kinds of measures
really just protect us against the dummies– the lesser
adversaries, which has value, but the reality is a
determined adversary will absolutely keep encrypting his
or her data by some other mechanism, whether it’s via a mobile
application, a desktop application. I think this is inevitable,
and I also think this is a good thing as
a matter of principle.>>AUDIENCE: My question is, at
the end of the day, [INAUDIBLE] there is the one guy who
can access everything.>>DAVID MALAN: Yeah.>>AUDIENCE: So is it easy
for FBI [INAUDIBLE] or somebody else instead of
other companies [INAUDIBLE]?>>DAVID MALAN: Yeah. And I think, especially in
this country, at least where there were the recent revelations
as to just how far the NSA has been going that I, especially nowadays,
don’t buy the argument that we’ll just use it in this particular case. I think that sets a bad precedent.>>And already, there is a fundamental
paranoia we should have. All of us, like chumps, if
you will, are walking around with cameras, and microphones, and GPS
responders in our pockets, willingly, telling someone potentially, even
if it’s just Apple or just Google, where we are at all times. And there really is nothing stopping
Apple or some malicious engineer at Apple from somehow
embedding in iOS a feature that only turns on David Malan’s microphone
24/7, and sends that data up to Apple.>>And in fact, an interesting
side note here this is kind of sort of already
happening as a “feature.” If you read the news about a year
ago, Samsung started, rightfully so, to take some flak in the press because
they have these “smart TVs,” where as best I can tell “smart
TV” really just means “TV with bad user interface.” But a “smart TV,” as a
function of hardware, typically has a microphone and
a camera these days. And why? Why does a TV need a
microphone or a camera?>>AUDIENCE: Skype.>>DAVID MALAN: Skype, which
is reasonable if you want to use it in a conference room
or at home for video conferencing– pretty reasonable, pretty compelling.>>AUDIENCE: Voice commands.>>DAVID MALAN: Voice
commands– if you want to say change channel, lower
volume, raise volume, turn off. That’s not unreasonable, a la
Siri, and Google Now, and such. Why else?>>AUDIENCE: To spy on you. DAVID MALAN: Yeah. So that’s what the
paranoid in us might say. And the reality is, whether
by a bug or deliberate intent, this is absolutely possible. Let’s give them some credit. Why might you, as a user, actually
want a camera in your TV– or what’s the proposed feature there? Why is there a camera
in your living room or in your bedroom
staring down at you all–>>AUDIENCE: Security [INAUDIBLE]. DAVID MALAN: OK. Security. You could argue that. In this case, it’s not
so much the consumer TVs that are in the business of security. In this case it’s, because
of a [INAUDIBLE] feature. Why is there a camera in a TV? AUDIENCE: Video games
detecting [INAUDIBLE]. DAVID MALAN: OK. Yeah. Closer. And some TVs probably do
that– have built in games. This– and I frankly think is a
little stupid– gesture control. I think stupid insofar
as I don’t really think we’re there yet where we’re living
in the Jetsons where it just works. Now, I think you probably look like an
idiot to your TV when it doesn’t work.>>But gesture control, whereby
the world is getting better, incrementing a la Xbox Kinect, if you’re
familiar with the video game system, being able to detect motion. So maybe this means lower the
volume, this means raise the volume, maybe this means swipe left
to change channel, swipe right to change channels.>>This is one of the reasons– this
is the purported reason that they have the thing in there. But what Samsung took some
flak for just a few months ago was that if you read their privacy
policy, which no one of course is going to do, they encourage
you in their privacy policy not to have private conversations
in the vicinity of your TV.>>[LAUGHTER]>>And we laugh, but like
it’s actually there. And that is because in order
to implement this feature, the TV is always listening. It has to be– or it’s always watching. And even if you have some
defense mechanism in place– kind of like Siri where you have
to say, hey, Siri, or OK, Google, or whatever– the TV still has
to be listening 24/7 for you to say, hey, Siri, or OK, Google. So hopefully, that’s all staying local. And there’s no technical reason why
it couldn’t stay local, software updates aside.>>But in reality, very
often, Siri and Google alike are sending these
data to the cloud, so to speak, where they get
processed there by smarter, faster, constantly updated computers,
and then send the responses back down to the TV. Oh and the fun thing here– we took a
look at this for another class I teach. We’ll see this a little later today.>>There’s something in the world
called security and encryption, which we’re getting to right now. And in theory, there’s something called
HTTP and HTTPS, the latter of which is secure. The S is for Security, and
we’ll come back to that. And then they operate
on something called different ports, different numeric
values inside of a computer signifies if this is secure or
not secure typically.>>Samsung, I believe, in this case, was
using the “secure port,” so to speak. They were using the
secure address, but they were using it to send encrypted data. So some security researchers essentially
connected a device to their TV and realized when they
spoke commands to their TV, it was being uploaded to the
cloud through the correct channel, so to speak, but completely
unencrypted, which meant anyone in the vicinity or anyone
on the internet between points A and B could be seeing and listening
to your voice commands from your living room or your bedroom.>>So there too, not only are we vulnerable
potentially to maliciousness, also just stupidity and bugs, in this case. So these are the kinds
of things to be ware. And again, the goals
for today and tomorrow are to understand not necessarily
how you would implement that underneath the hood,
but just reason backwards, if my TV is responding to
gesture control and my words, I’m guessing my TV is
not so sophisticated as to have the entire
English or the entire Spanish or whatever language I speak dictionary
built into it constantly updated. It’s probably easier just
to send those commands up to some server– Google, or
Apple, or Samsung, or the like. And indeed, that’s what’s
typically happening. So mind what you say in front of
your TVs starting tonight perhaps.>>All right. So that leads us then to encryption
with a more technical look. And we won’t go too deep a dive into
this, but this article we looked at did mention something called
AES– Advanced Encryption Standard, is what it stands for. And it made mention of something
juicy, a 256-bit AES key– secret key. And I’ll just pull it up if you’re
curious to see where it was. It was in the– How Would They Do That. So somewhere inside of an
iPhone and an Android phone, presumably, is some kind of secret key. And it’s this secret key
that keeps data secure.>>And in fact, have any of you
and your iPhones ever gone to Settings– I think, Settings,
maybe General, and then Erase iPhone? It’s somewhere under Settings. You can erase your
iPhone, and it tells you that you’re going to erase it securely. And what does it mean, typically, to
erase a phone or a computer securely? And actually, let me see if I can
give you just a quick screenshot. We can probably find this. So, iphone erase securely
setting screenshot. Let’s see if we can
just find a quick photo. Erase data– that’s not– here it is.>>So this is the screen I was thinking of. You can generally, on
an iPhone, navigate to a screen that looks like this. And Erase All Content and Settings–
if you click that, it tells you it’s going to do it securely. What does securely mean
in a phone or a computer? Ben?>>AUDIENCE: In a way that’s difficult
to then go back and actually find it. DAVID MALAN: Good. So in a way that’s difficult to go
back and find what you’ve erased. So erasing it truly means erasing it. And the industry does not
have a good history with this.>>Back in the day, most of us
probably had PCs in some form. Some of you still might. Back in the day, when we still had
floppy disks and certain other media, it was very common to run a format
command, or an erase command, or a partition command, which are
all generally related to getting a drive– a disk ready for use.>>And back in the day, I
can even visualize it now, the DOS– if you’re familiar, the
command– the black and white prompt in Windows– or even before Windows–
would yell at you in all capital letters, ALL DATA WILL BE DESTROYED or
ALL DATA WILL BE ERASED– complete lie. It was a complete technical and
actual lie because, typically, what a computer does– even to
this day in most contexts is that when you drag a file to
your Recycle bin or to your trash can on Mac OS, or Windows, or what not–
we all probably know that it hasn’t actually been deleted yet, right? You have to actually do what
to actually delete a file? AUDIENCE: Empty the trash. DAVID MALAN: You have to empty the
trash can or empty the Recycle bin. We’ve all been taught that,
and that’s the mental model we have in the real world. That is also a lie. Almost always, by default these
days, when you empty your trash or empty your Recycle bin, even
by going to the right menu option, or right clicking, or Control clicking
and following good human intuition, it’s a lie.>>All the computer is doing
is “forgetting” your file. In other words, somewhere
inside of your computer, you can think of there as
being a big cheat sheet, a big Excel file, a big
table with rows and columns that says a file called resume.doc
is at this location on my hard drive, and a file called friends.text
is in this location, and profilephoto.jpeg is at
this location in my hard drive.>>So whole bunch of file names–
whole bunch of physical locations inside of your computer. And when a computer “erases”
a file, typically all it does is it deletes that row
or crosses that out. It leaves the file on the disk. It just forgets where it is. And that’s useful because if
it’s forgotten where it is, it can reuse that space later on. It can just put another
file on top of it. And tomorrow again, we’ll
talk about 0s and 1s– that just means changing
some 0s to 1s, some 1s to 0s, leaving some alone– but generally,
reconstituting a file out of bits, 0s and 1s.>>So what is this actually doing? Thankfully, in iOS’s case, since Apple
actually is quite good at security, even on Mac OS, erasing your
files does in fact do it securely. But how? Well in Mac OS and Windows, if
you have the right software, what it will– to erase
something securely does have some technical meaning. And again, we’ll come back to
this in more detail tomorrow.>>But to erase a file securely
does mean doing something to it so it can’t be recovered. But what does that mean? Well, if a file, for today’s purposes,
is represented with 0s and 1s somehow– I have no idea
how, more on that tomorrow. But 0s and 1s– the way
you erase a file securely is you maybe change all of
those 0s and 1s to just all 0s or just all the 1s– just scramble
them up completely randomly so that if someone thereafter looks
at those 0s and 1s, it’s meaningless. And it’s not recoverable
because you did it randomly, or you made them all 0’s or all 1’s.>>That’s not actually what Apple does. Because it turns out when
you erased your iPhone, it doesn’t take all that long. No, in fact, if you erase a computer
hard drive, it might take an hour, it might take three days to
literally change every 0 and 1 to some other value. There’s just a lot of bits
these days, especially if you have a hard drive
that’s one terabyte, so to speak– four terrabytes–
will take a really long time. But Apple does it within a few
seconds– maybe a couple minutes, but reasonably quickly.>>Now, why is that? It all relates to the same discussion. Apple, by default, keeps all of
the data on your phone encrypted– scrambled in some way. And so to erase a phone,
you don’t necessarily have to change the data–
because the general principle of encryption– the art
of scrambling information or cryptography as the
science itself is called, is that to an adversary
looking at encrypted data, it should look random– he or she should
not be able to glean any insights. They should not be able to realize–
this person seems to use the word “the” a lot. Just because I see some pattern
emerging again and again– it should look completely random
statistically to an adversary.>>So by that logic, when Apple allows
you to erase all content in settings, the data already looks random
to any person on the streets who might look at your phone’s data. So they don’t have to change your data. All they have to do to erase your
phone is do what do you think? AUDIENCE: [INAUDIBLE]
your code incorrectly. DAVID MALAN: Yeah. Well, you could do– yes. Physically, they could just type your
code in, 7 7 7 7, 10 times incorrectly. But rather, you can just
forget the secret key. So encryption is all about
having, generally, some secrets.>>So much like you can’t get into a
bank vault without a combination, much like you can’t get into your
front door without a physical key, you can’t get into your
hotel room without one of those magnetic cards
or such, in theory, there is something special something
that only you know or have that allows you access to
some secure resource. In the case of your phone,
it’s the four digit code. In the case of your hotel,
it’s the little card key. In the case of your home,
it’s the physical key. Any number of things can be a key.>>But in computing, it’s
almost always a number, where a number is just a sequence of bits. And again, a bit is just a 0 or
1, but more on that tomorrow. So when Apple claims to be
using 256-bit AES secret key. That just means that the secret
key inside of your computer is something like 1011001100000.>>I’m just making this up as
we go, and I won’t bother writing out 256 possible 0s and 1s. And we’ll see tomorrow how
this maps to an actual number. But for now, just know it’s a
really long pattern of 0s and 1s. And that secret– that’s like a really
big magnetic card key for your hotel room that only you have, or it’s like
a really special metal key with lots of little teeth that only you have.>>How is this useful? How was it useful to use a key? Well, let’s do this. Let’s start with truly a clean slate. And let me propose, just as in a
little experiment here for say, a moment– how about we
take the word “hello.”>>And suppose that you’re
back in middle school and you want to send the
boy or girl across the aisle that you have a crush on
a secret message, “hello,” but you don’t want to be
embarrassed if the teacher picks up the scrap of paper that intercepts the
note that you’re passing to him or her.>>You want to encrypt this information. You want to scramble it so it just
looks like you’re writing nonsense. And probably, it’s something
juicier than “hello,” but we’ll just take the word “hello.”>>How could we go about encrypting this
message between the two little kids on a piece of paper? What should he or she
write instead of “hello”?>>AUDIENCE: [INAUDIBLE]>>DAVID MALAN: What’s that?>>AUDIENCE: Number of
letter in the alphabet.>>DAVID MALAN: The number
of letter in the alphabet. OK, so if it’s a b c d e f g h, I could
maybe do something like 8 for that. And a b c d e– and I
can do the 5 for that. And similarly, I can just come up with
a numeric mapping that would presumably just confuse the teacher. And he or she probably
doesn’t have enough– doesn’t care enough to
actually figure out what it is. So let’s consider though, is it secure? Why not?>>AUDIENCE: Because it’s easy to guess it. If in case someone is really interested.>>DAVID MALAN: Yeah. If they are really interested
and if they have more numbers to go with than just five– if
there’s like a whole paragraph– and it just so happens that all of
the numbers are between 1 and 26, that’s kind of an interesting clue. And you could brute force that. Let’s see if a is 1,
and b is 2, and c is 3. And if not, maybe let’s
try some other pairing. But a determined teacher–
an adversarial teacher– could certainly figure this out. So what else could we do? A simple encoding– and this
truly is called a code– not to be confused with programming
code or programming languages– a code. And in fact, if you recall stories
from yesteryear, especially in the military, a code book–
a code book might literally be a physical book that’s got
two columns, one is a letter, one is a number– or some other such
symbol– that just maps to the other. And a code is a mapping
from one thing to another.>>So that would be a code. Encryption though– or a cipher as you
might say– is more of an algorithm. It’s a process. It’s not just something you look up. You have to apply some logic to apply
encryption, or a cipher in this case. So what’s slightly more sophisticated,
do you think, than that? What else could we do to send
the word “hello” semisecretly?>>AUDIENCE: [INAUDIBLE] DAVID MALAN: OK. So we could write it backwards. So we could do something
like o-l-l-e-h or such, and it starts to look a
little more complicated. So it’s kind of scrambled. And you have to know the
secret, and the secret is “backwords” or “reverse” or
some sort of mechanism there.>>But that is an algorithm. That is a process where you have
to move this letter over here, this letter over here,
this letter over here, and you have to repeat
it again and again. And we’ll see tomorrow that this
repetition is something called a loop, which is fairly
intuitive, but it’s very common in computer programming. What else might we do?>>AUDIENCE: You could increase the
first letter by 1, second letter by 2, third letter by 3 [INAUDIBLE]. DAVID MALAN: Very nice. So we could do something
like– and increase them– you mean like h becomes i. And let me keep it
simple for the moment. Maybe e becomes f. And this becomes m m, and this is p.>>Now, I’m kind of liking this
because now it doesn’t jump out at you what has happened. And it looks like nonsense. But in terms of the security
of this cipher, and the cipher here is kind of like a plus
1 algorithm of just adding 1 letter to each of my own letters. And just as a corner case,
what should I do if I hit z?>>AUDIENCE: A.>>DAVID MALAN: Yeah. Probably just go back to a. But what if I want an exclamation point? Well, we’ll have to come
back to that sometime. So there’s some corner
cases, so to speak– things you need to anticipate if
you want to support those features. But what is attackable about this? It’s obviously not that secure
because we sort of thought of it and wrote it down super fast. So presumably, a smart
adversary could do the opposite. But what information is leaked
in this particular ciphertext? Computer scientists
would call this cleartext and this ciphertext– ciphertext
meaning just scrambled or encrypted. We’re leaking information, so
to speak, with this ciphertext. I know something about the
original word, right now.>>AUDIENCE: Same number of letter. DAVID MALAN: Same number of letters. So that’s leaking information. I have sent my crush a five
letter word, it would seem. And what else?>>AUDIENCE: Yeah. There are letters.>>DAVID MALAN: They’re still letters.>>AUDIENCE: Third and
fourth characters repeat. DAVID MALAN: Yeah, the third
and fourth letters repeat. And this is very
common– this realization for what’s called a frequency analysis. And I used the word “the,”
anticipating this earlier. “The” is a very common English word. And so if we actually had a
paragraph or a whole essay that was somehow encrypted, and I kept seeing
the same patterns of three letters, not t-h-e, but like x-y-z or something like
that, I might just guess, on a hunch, based on the popularity
of “the” in English that maybe I should start replacing
every x-y-z with t-h-e, respectively– and you chip away at the problem.>>And in fact, if you’ve ever seen
a movie about cryptographers, especially during military times,
cracking codes– a lot of it is this trial and error, and leveraging
assumptions, and taking guesses, and seeing where it goes. And in fact, m-m– we sometimes
see m-m in the English word, so maybe this is unchanged. We see e-e, we see o-o, we see
l-l, we don’t really see y-x. And there’s bunches of others I could
probably contrive that we never see. So we’ve narrowed our
search space, so to speak. In other words, if the problem
initially feels this big, as soon as you start ruling
out possibilities or ruling in possibilities, starts to get a little
more tenable, a little more solvable. And in fact, this is an
example actually of something called a Caesar cipher, where a Caesar
cipher is a rotational cipher where one letter becomes
another and you just add uniformly the same number
of changes to each letter. And Dan actually hinted at something
slightly more sophisticated earlier, which we might add, for instance,
1 letter to the first letter. e-f– Maybe this becomes g, two away. Maybe this becomes m-n-o–
this time it becomes p. And then so forth.>>We add incrementing values
to each of the letters, which is harder because, now notice, l-l
does not look like m-m, anymore. We now need to be a little fancier. And this is what’s called, after
a French guy, a Vigenere cipher, where you’re using disparate
keys, different values. And in fact, let’s tie
that back together.>>We used the word “key” before,
both in the physical sense, for hotels and homes. But in the electronic sense, a key
is just a secret value, typically. And a secret value in this
earlier case, i-f-m-m-p– what is the secret key I’m using for
this cipher that Dan proposed earlier? AUDIENCE: Plus 1 [INAUDIBLE]. DAVID MALAN: Yeah. The key is just the number 1– not
the most secure, but it’s simple. But all of these security mechanisms
require what– that not only I know the secret is 1, but also what? Who else has to know it? AUDIENCE: The recipient [INAUDIBLE]. DAVID MALAN: The
recipient has to know it. And just for clarity,
who must not know it? AUDIENCE: The teacher. DAVID MALAN: The teacher– right? Unless he or she has the time and energy
to brute force it or figure it out. So super simple idea, but it
maps to what you’re reading about and hearing about every day in the news. But the 256– this is essentially 1 bit. 256 bits is much bigger. And again, we’ll get a quantitative
sense of that tomorrow. Any questions then on Apple, security,
encryption, in these building blocks? Yeah, Roman.>>AUDIENCE: [INAUDIBLE]. Do you have any insights [INAUDIBLE]? DAVID MALAN: Oh, it’s good question. I don’t know internally–
and Apple, of all companies is particularly quiet when it comes to
those kinds of implementation details. But I can say more generally, a
fundamental tenet of security, at least in the academic
community, is that you should never have what’s called
security through obscurity. You should never do something to
protect data, or users, or information, whose security and
privacy is all grounded on no one knowing how it works.>>In other words, what
the article alludes to, AES, Advanced Encryption Standard– that
is actually a global, public, standard that you can open up a math book
or go on Wikipedia and actually read what the algorithm is. And much like the algorithm
here is the super simple plus 1, this is more complicated mathematics,
but it’s public knowledge. And this has a number of upsides. One, it means anyone can
use it and implement it. But two, it also means that
millions of smart people can review it and make sure to
speak up if it’s flawed in some way.>>And so in fact, one of the best defenses
against governmental back doors, whether in this country or any
other, is to just publicly discuss these kinds of algorithms
because it’s very unlikely that the entire world
of academic researchers is going to collude and actually
tolerate hidden back doors in algorithms like that.>>However, you do need to
keep something secret. And so just to be clear, when
you’re using a cipher, like AES, or something like Caesar, or Vigenere
that we alluded to there, what does have to be kept secret? Not the algorithm, not the process. AUDIENCE: The code. DAVID MALAN: The code, right–
and the key, to be clear. And so to be super clear, even though
this is a trivial example, the cipher, or algorithm, that we’ve generally
been using in this discussion is this thing here, the plus. So addition is our super
simple cipher or algorithm. AES would be a much more
complex equivalent of the plus. You do a lot more math, a lot
more additions, multiplications, and so forth.>>But the key is not the
same as the cipher. In this case, it’s also super
simple– just the number 1. In Apple’s case, it’s some
256-bit pattern of 0s and 1s. So I’m not really answering your
own question because I can’t really speak to what Apple knows,
but the Apple engineers have disclosed that they implement
this algorithm to some extent. We have to trust that
they’re being true, and we have to trust that they
didn’t, nonetheless, build in some secret backdoor for the NSA. And that’s fundamentally hard to do.>>In fact, the frightening
thought I can leave you with on this particular subject is,
much as we might all talk about this and much as Tim Cook might assure
us that these phones do not already do what the FBI wants them to do, it’s
nearly impossible to verify or audit as much. Do we even know that my
camera’s not on right now? Do you know that your own Macbook’s
camera’s not on right now? Well, most of you might know
intuitively or from experience, well, if the green light’s
off, what does that mean? AUDIENCE: It’s not on. DAVID MALAN: It’s not on. OK. You’ve been taught that,
but why couldn’t you write software that turns off the
light but turns on the camera? There’s really no fundamental
defense against something like that.>>So even we humans can
be socially engineered by our computers to trust
one truth– one reality, when really we can
then be taken advantage of because of that exact same
assumption that a green light means the camera’s on. That’s not necessarily true.>>AUDIENCE: [INAUDIBLE]>>DAVID MALAN: Yeah. So actually, I always kind
of smile, but I appreciate it when you see real diehards around
campus– you have tape on yours. OK. So putting tape on it is
a more surefire thing. Of course, there’s still a
microphone that you can’t really tape over as effectively. But these are the kinds of trade-offs.>>And in fact, one take
away hopefully for today should be absolute terror when
it comes to these kinds of things because, at the end of the
day, we have to trust someone. And that too is a fundamental
tenet of security. Ultimately, you have to trust someone. You have to trust that the
person you have a crush on is not going to tell his or her best
friend what that secret code is, and then disclose that same information
that you’re trying to keep secret. All right. Let’s take a look– yeah, Dan.>>AUDIENCE: What does the acronym
CBC stand for under the latest AES?>>DAVID MALAN: Oh, CBC is block– what’s
it stand for– block [INAUDIBLE] CBC. Cypher Block Chaining. So Cypher Block Chaining is
an acronym that refers to, I believe, the process
of what goes on inside of an algorithm for cryptography, in
this case, whereby it’s iterative. You do something again,
and again, and again. And you take a previous
output, and feed it into your process as a subsequent input. So you keep feeding the
results back into themselves.>>And an analog here might be– I should
be able to come up with a good metaphor here. Let me try to think of
a better example here. Let’s see if we can come
up with a quick picture. Let’s see if Wikipedia
gives us a picture that would explain– no, that’s good. This is a more pictorial
complexity than we really want. But the idea here is that if you are
enciphering something, it gets fed in, then the output gets fed in
again, then it gets fed in again, so that your iteratively
scrambling information using previous output as a subsequent input. Let me see if I come up
with a better explanation. Give me lunch time to
noodle on that one.>>All right. Let’s come back here. I want to encourage you– your only
homework for tonight, if you’d like, and you haven’t seen it, is to
watch a 20 minute video, if you have internet access and go on YouTube. Last Week Tonight is a brilliant show
by John Oliver from The Daily Show.>>And at this URL here, you can actually
look at his look– his humorous, but simultaneously serious
look at the same issue. And hopefully, even more of
that video will make sense. And this is in the slides, too. So if you have the URL up with
the slides, this is here, too. And we’ll get you online
during the break as well.>>So in our concluding minutes,
let’s take a quick look at one other example of a technology
that’s ever present these days, file sharing, both in consumer
and in corporate contexts. And that is by way of, for our
purposes, something called Dropbox. So for those unfamiliar, in a
sentence or two, what problem does Dropbox solve?>>AUDIENCE: [INAUDIBLE] and then get
it on your iPhone or iPad anywhere.>>DAVID MALAN: Yeah. Exactly. It allows you to share
files often with yourself so that if you do have an iPhone,
an Android phone, a Mac, a PC, multiple Macs, multiple PCs,
home computers, work computers, you can have a folder that in turn has
its own sub folders that automatically get synchronized across
all your devices. And it’s wonderfully useful.>>For instance, in the morning,
if I’m preparing for class, I might get my slides, or
videos, or pictures ready, drop them in a folder on a home
computer, then walk to school, and open up a work computer here,
and voila, it’s magically there– unless I screwed up, which
has happened sometimes, and there’s nothing more stressful than
having done all that work hours prior and you have nothing to show for
it when it comes time for class. So it fails sometimes,
or the human fails, but in theory that’s exactly
what it’s supposed to do.>>More compellingly, for other
users, is that I can very often then Control click or
right click a folder or file that I’m using
with this service, and I can send a URL that results
from that click to a friend, and he or she can then
download a copy of that file. Or better yet, we can share
folders so that if I make a change, then Victoria can see my changes in
her folder, and Kareem later in the day can edit it and see that
same file and folder as well. So there’s a lot of implications here. And we’ll just scratch
the surface, and try here to spook you a bit into not taking
for granted how all of this works and what the actual implications
are for things that you’re using.>>In particular, let’s consider
how Dropbox must surely work. So if I’m over here– let’s
draw a quick picture of me. If this is little old me– this is
little old me on my laptop here. And let’s say this is Victoria
with her tape on her camera. And here we have Kareem,
with his laptop here. And then somewhere is this thing called
the cloud, more on that this afternoon as well.>>So how does Dropbox work? Suppose I create a
folder on my computer, and I install this
software called Dropbox. But we could also be talking
about OneDrive from Microsoft, or we could talk about the Google
Drive, or any number of other products. It’s all fundamentally the same.>>If I’ve got a folder called
Dropbox on this computer, and I’ve just created a PowerPoint
presentation, or an Excel file, or an essay, and I drag
it into that folder, what must happen in order to get it to
Victoria’s computer or Kareem’s computer?>>AUDIENCE: [INAUDIBLE] DAVID MALAN: Yeah. So somewhere in here, there’s a company. And we’ll call this Dropbox. And this is David. This is Victoria. And this is Kareem here.>>So somehow, I must have an internet
connection that leads to the internet– more on that after our
break– that gets stored on servers in Dropbox’s headquarters,
or data center, wherever it is. And then Victoria’s computer and
Kareem’s computer get that data how?>>AUDIENCE: [INAUDIBLE] DAVID MALAN: Have to say again? AUDIENCE: [INAUDIBLE] DAVID MALAN: Yeah. I have to share it with them. So I have to have sent
Kareem to Victoria a URL, or I have to click some menu option
and type in their e-mail address so it automatically gets shared. Let’s suppose I’ve done that. What then happens in
terms of this picture?>>AUDIENCE: You need a user account
and a way to authenticate– DAVID MALAN: Yeah. We’re going to need a priori
some kind of user account. So I’ve got to register for Dropbox. Each of you probably has to register
for Dropbox, at least in this scenario. But then ultimately, that file gets
transmitted down in this direction, just as it went up from
my direction there.>>Similarly, if we’ve used a
certain feature of Dropbox, you can either make copies of files
or actually share the originals. If you guys start to make
copies, then in theory those should propagate back to me.>>So if you’re a
particularly paranoid user, or you’re the CTO or chief
security officer at a company, what kinds of questions should you be
asking here about this whole process?>>AUDIENCE: [INAUDIBLE]>>DAVID MALAN: Yeah. OK. So I am now the head of Dropbox. Yes. We use industry standard
encryption to secure your data. Satisfied? Why not? OK, I’ll be more specific. I use 256-bit AES encryption just
like our friends at Apple do.>>AUDIENCE: But all that data
exists on all those machines, and all those machines
are a vulnerability. DAVID MALAN: OK. True. So suppose there’s a whole bunch of
servers in Dropbox’s headquarters, or data center, or all of their
data centers, and it’s the data– and this is a feature– is replicated–
copied– across multiple servers because, God forbid, one
computer, one hard drive dies. These days very common
is to replicate data across at least two computers
or two hard drives– sometimes as many as
five or more so that, statistically, even
though, yes, lightning might strike all of Dropbox’s
data centers simultaneously, or they might get physically attacked,
or compromised all at the same time, the probability of that happening
is very, very, very low. So for all intents and purposes,
my data is backed up safely.>>But it’s encrypted. So what? Doesn’t matter if every copy gets
stolen, doesn’t matter if the data center gets infiltrated,
my data is still encrypted so no one can see what it is. What questions should
you continue asking? AUDIENCE: Is it all encrypted
the same way across [INAUDIBLE]? >>DAVID MALAN: Embarrassingly, yes. We use the same key to encrypt
all of our customer’s data. AUDIENCE: But then it’s very easy to
unencrypt and decrypt [INAUDIBLE]. DAVID MALAN: It is. And that’s a feature. We can do this super fast for you,
which is why the file syncs so quickly. We use the same encryption–
the same key for everyone. It’s a feature.>>And I said it sheepishly–
and this actually, I believe, is still
actually technically true. They do use the same secret key,
whether it’s 256 bits or more, for all customer’s data. And this is partly
for technical reasons. One, if I am sharing a file
with Victoria and Kareem, and they want to be
able to access it, I’ve got to somehow decrypt it for them. But I don’t really have a mechanism to
give Victoria and Karim a secret key.>>If I email it to them, I’m compromising
it because anyone on the internet could intercept my email. I certainly am not going to call
them with a sequence of 256 0s and 1s or more, and
tell them to type it in.>>It could just be a password,
but I’d still have to call them. And in business, this isn’t
going to work very well. If you want to share
a file with 30 people, I’m not going to make
30 darn phone calls. And I can’t send out an email
because that’s insecure.>>So there’s really this
fundamental problem of sharing it. So you know what, it’s just easier if
Dropbox does the encryption for us. But if they do it for us,
only they know the key. And if they reuse the key,
that means that all of the data could be compromised if that
key itself is compromised. Now, having asked at least one
buddy at Dropbox, they do have– and I think they have
white papers that testify to this fact– they do have very, very
few people who have access to that key. The computers have to have
it in memory, and it’s got to be locked up in
some vault somewhere so that, God forbid, the computers
crash or need to be rebooted, someone does have to type
in that key at some point.>>So that is really the secret
sauce if there were any. But this definitely has
implications for my data. It’s disclosable, if someone compromises
that key or that data center.>>But it also allows
Dropbox another feature. It turns out– and this is
kind of a business cost– if you used a different
key for every customer, or even more so for every
file, mathematically, every file, when encrypted, would
look different from every other file.>>So even if I had two copies of
the same PowerPoint presentation on Kareem’s computer and on my
computer, if those files were encrypted with different keys, the
ciphertext– the scrambled thing– would look different. This is not a good
thing because it doesn’t let Dropbox realize that those
files are the same, as we’ve kind of discussed earlier. Why might Dropbox want to know
when two users or more are sharing the exact same file? Why is that useful information for
Dropbox from a business perspective?>>AUDIENCE: Space.>>DAVID MALAN: Space. A PowerPoint presentation’s
not that big, but people commonly share big
movie files, video files– maybe really big
PowerPoint presentations. And if you have two users with
the same file, or 10 users, or maybe a million users
with the same popular illegally downloaded
movie file, it’s kind of wasteful to store a million copies
of the same gigabytes of information, the same gigabyte sized video, and
so Dropbox, like a lot of companies, have a feature called “deduplication–
deduplication, which is just a fancy way of saying store one
copy of the same file, not multiple, and just keep track of the fact
that a million people, or whatever, have that same file.>>So just point all million
people or so to that same file. And you still back it up a few times. So this is separate from
the issue of redundancy in case you have hardware
failures or the like. But deduplication requires that
you not encrypt files individually if you want to be able to
determine after the fact if they’re still in fact the same.>>So there’s some trade-offs here. And it’s not necessarily
clear what the right call is. Personally with Dropbox, I’ll use
it for anything related to work, certainly anything related to class,
certainly for any files that I know are going to end up on the
internet anyway by choice. But I don’t really use
it for financial stuff, nothing particularly private
or family related because, as a matter of principle, not
super comfortable with the fact that it might be
encrypted on my own Mac, but as soon as it goes out of the cloud,
it’s on little old Dropbox’s Servers. And I’m pretty sure no one
at Dropbox has it out for me and is going to go
poking around my files, but they absolutely could in theory,
no matter what policies or defense mechanisms they put in place. It just must be
technologically possible.>>And God forbid they are
compromised, I’d rather my file not end up in some big zip that some hacker
puts online for the whole world to see. So let’s push back on that. What’s a solution then? Could you continue using a
service like Dropbox comfortably and assuage my kinds of concerns?>>AUDIENCE: Private cloud. DAVID MALAN: Private cloud. What does that mean?>>AUDIENCE: Well, you secure it
somehow so that it’s available only for a particular group.>>DAVID MALAN: Yeah. So you need to partition the cloud
into something a little more narrowly defined. And we’ll talk about– AUDIENCE: Internet.>>DAVID MALAN: An internet. So I could just backup locally to my own
home, backup server, or cloud server, so to speak. Unfortunately, that means
that Victoria and Kareem need to visit more often if I
want to share files with them but. That might be one way.>>There are also third
party software that I could use on my Mac or my PC that
encrypts the contents of a folder, but then I do have to call
Victoria or Karim, or email them, or something to tell them that secret. And that’s a bit of a white lie because
there are types of cryptography that do allow me and Kareem,
and me and Victoria, to exchange secret messages without
having to, in advance, share a private key– a secret
key with each other. It’s actually something called
public key cryptography.>>And we won’t go into technical
detail, but whereas we today have been talking about
secret key cryptography, where both sender and recipient
have to know the same secret, there’s something called
public key cryptography, which has a public key and a private
key, which long story short have a fancy mathematical relationship
whereby if I want to send Victoria a secret message, I ask her for her
public key, which by definition she can email me. She can post it on her website.>>It is meant mathematically to be public. But it has a relationship with
another really big number called the private key such that when I
encrypt my message to her, “hello,” with her public key,
you can perhaps guess what’s the only key
mathematically in the world that can decrypt my message– her private
key or corresponding private key.>>It’s fancier math than we’ve
been to talking about here. It’s not just addition
certainly, but that too exists. And in fact, and we’ll come back
to this when we talk about the web, odds are you’ve never
called someone at when you want to check out with your
shopping cart and type in your credit card number, and yet somehow or other
that padlock symbol is telling you your connection is secure. Somehow or other your
little old Mac or PC does have an encrypted
connection to Amazon even though you’ve never
arranged with them for a secret. And that’s because the web is
using public key cryptography. Why don’t we pause here, take our 15
minute break after Olivier’s question. AUDIENCE: I just have a dumb question. DAVID MALAN: No, not at all. AUDIENCE: If you have the original file,
and the key’s the same for Dropbox, for everyone, and you
have the encrypted file. Can you [INAUDIBLE] the key? DAVID MALAN: Say that once more. AUDIENCE: If you have the original
file and the encrypted file, and you have both of them,
can’t you just [INAUDIBLE]? DAVID MALAN: Oh. A good question. If you have the plaintext
and the ciphertext, can you infer the secret key? Depends on the cipher. Sometimes yes, sometimes no. It depends on how complex
the actual algorithm is.>>But that does not help your situation. It is a fundamental
tenet to, if you have access to the original file
and the resulting file, you should no longer use
that key because now you have leaked information. And an adversary could
use that and exploit that to do what you’re alluding to,
and reverse engineer what that key is.>>But in this case, presumably when you’re
sending something to the recipient, you already have a trust
relationship with them. And so by definition, they should
have or know that key already. It’s when someone in the
middle gets in the way. Good question.>>All right, Why don’t we
pause, take a 15 minute break. Rest rooms are that way. I think there’s probably some
drinks and snacks that way. And we’ll resume at 5
after 11, how about? 11:05.


it is the most helpful course for professions of other fields. specially for businessmen or biology scientist.

IT를 전혀 모르지만 IT비즈니스나 관련 프로젝트를 하는 사람에게 굉장히 유용한 강의입니다. 다만, 8개 강의중에 왜 이 강의가 1번인지 모르겠네요. (애플과 FBI사이에 있던 보안에 관한 얘기가 대부분이라 원하는 정보랑은 좀 거리가 있습니다)..차라리 2번부터 듣고 1번은 마지막에 듣는게 더 도움될것 같습니다.

Professor David J. Malan, I really love the way you taught us :))
Thanks for guiding us 'till now!!!

Показываю, каким образом можно делать каждый день до 85 долларов на свою банковскую карту. Посмотрите вuдео на моём канале

Leave a Comment

Your email address will not be published. Required fields are marked *