November 2010 Archives
November 29, 2010
November 28, 2010
So, first it's important to realize that unlike basically every other casino game, with poker the house has no interest in whether you win or lose. Typically they take a fixed rake on every pot though sometimes it's a percentage of the pot up to a small cap. In either case, the casino doesn't care much whether you win or lose. To the extent to which they care at all about how the game proceeds (and poker isn't that big a money maker) it's mostly about play velocity.
Now, Lie To Me does get this sort of right: according to Mrs. G. the objection was that Roth was pissing off the casino's best customers by winning too much. This sounds plausible but it doesn't really make sense either. First, the house primarily cares about having poker players be happy to the extent to which they don't leave the casino. If they just stop playing poker and play some other game, that's actually gravy. Second, for many poker players—especially many of the big money players that are most profitable—it's actually desirable to play against the best players, even if you're likely to lose (think Andy Beal). It doesn't speak to me, but apparently there's excitement in playing against the best. And of course there's nothing stopping any player from just changing tables.
Acknowledgement: Thanks to Terence Spies for his help with this post.
November 25, 2010
- My submission to the IAB/W3C/ISOC privacy workshop. Not a very optimistic take.
- My submission to the IETF Real-Time Web workshop, a survey of design options.
- Slides from the P2PSIP working group meeting, IETF 79 in Beijing; RELOAD status and open issues.
Other links of potential interest:
- Jimmy Wales every web site.
- Chicken chicken chicken.
November 20, 2010
Once a site is declared bad, the following blocks can be put in place:
- The registrar/registry is required to suspends and lock the domain name.
- ISPs are required to attempt to block resolution of the domain name.
- Advertising networks are forbidden to serve ads on the site.
When I read stuff like this—or almost anything, for that matter—my thoughts immediately turn to how to attack it, or in this case how to circumvent the blocking. We need to consider two threat models from the blocker's perspective:
- Static users, who won't adapt their behavior at all.
- Adaptive users, who will attempt to actively circumvent blocking.
The history of file sharing suggests that many users in fact fall into the second category, as they have shifted from Napster to Limewire to BitTorrent, etc., but we should still consider both cases.
Static Users
Even if we only consider static users, a site can gain a fair amount of traction
by moving as much of its dependencies outside the US as possible. In particular,
they can register a domain name with a registrar/registry which is located
outside the US. This is harder than it sounds since many of the allegedly
foreign registries are actually run by US companies, but as far as I
know it's not impossible. That solves the first type of blocking, leaving
us with blocking by ISPs and ad networks. Obviously, if you don't serve
ads you don't care about ad networks, so this may or may not be an
issue and I don't know to what extent there are ad networks without
substantial US operations you can use.
Getting around ISP blocking is more tricky. Many if not most people use their ISP's DNS server (they get it via DHCP) so if your customers are in the US then it's going to be trivial for the ISP to block requests to resolve your site. Basically, if your users aren't willing to do anything then you've pretty much lost your US audience.
Adaptive Users
If your users are willing to be a little adaptive then there are a bunch
of progressively more aggressive measures they can take to evade this
kind of DNS blocking. The easiest is that they can reconfigure their machines
to use an external un-filtered DNS service. This doesn't help if ISPs are required to
actively filter all DNS queries using some sort of deep packet inspection
technology. It's not difficult to build a box which will capture DNS queries
and rewrite them in flight, or alternately, to block DNS queries to any
resolvers other than their own resolvers (note, many ISPs already
block TCP port 25 for spam blocking, so it's not like this is particularly
hard.) It's unclear to me that
this particular bill would require ISPs to do this kind of filtering,
since there is a specific safe harbor for the ISP to show that
they do not "have the technical means to comply with this section",
but obviously this is something that the government could require.
One natural response is to use Tor, which has the advantage of being available right now. The disadvantage is that Tor wants to tunnel all your traffic which means that performance isn't that great, and it's kind of antisocial (as well as slow) to be using Tor to transfer gigabytes of movies from place to place when all you want to do is get unfiltered name resolution.
What's really needed is a name resolution mechanism that resists filtering. One option would be to have an encrypted connection to your DNS resolver (Dan Bernstein, call your office) or some non-DNS service that acts as a DNS proxy, e.g., DNS over TLS. This requires pretty substantial work by users and client authors to deploy and the load on those resolvers would be significant. Note that you don't need to modify the operating system to do this; there are plenty of user-land DNS resolution libraries available that could be embedded into your client. Still, the amount of work here isn't totally insignificant.
Another option comes to mind, however. There's nothing wrong
with the ordinary ISP-provided DNS for most resolutions.
There aren't
going to be that many domains on this block list and the government
helpfully publishes a list of them. Someone could easily gather
a list of the blocked domains and the IPs they had when blocked,
or even maintain an emergency parallel update system to let
the blocked domains update their records. All that's required is
a way to retrieve that data, which could be easily fit into a single
file. Moreover, the resulting file could be formatted as a /etc/hosts
file which people could just install on their machines, at which
point the standard operating system mechanisms will cause it
to bypass DNS resolution. The result would be that you got ordinary
DNS resolution most of the time but for blocked hosts you
got the result from /etc/hosts
. All that's required
is some way to periodically update the bypass list, but that could
be done manually or with a tiny program.
Of course, there are still plenty of blocking mechanisms available to the government: they could require IP-level blocking or attempt to block distribution of the bypass list, though that's probably small enough to make that impractical. However, I think this makes clear that just blocking DNS is not likely to be as effective as one would like if users are willing to put in a modest amount of effort.
Acknowledgement: This post benefited from substantial discussions with Cullen Jennings.
November 18, 2010
My question about this is why. Not why there's a co-pay, I understand about moral hazard, incentive alignment, etc. My question is why I'm getting two pieces of paper and why my doctor is getting two checks. It seems like it would be a lot easier if AetnaCrossShield just paid all the bills in full, then consolidated all the co-pays or whatever in the month, and sent me a single bill. That would be a lot more convenient for me, and certainly would be for the providers. That's doubly true if your employer does the high deductible plan/HSA thing, since you end up doing a lot of your payments out of the HSA. It would be a lot more convenient (again, for me) for the insurance company to just bill the HSA directly (perhaps billing me for any overage) than for me to have to dig out my HSA credit card every time I want anything.
The best answer I have is that the insurance company wants me to directly experience some annoyance every time I go for service as part of their general co-pay service deterrence strategy. It's not really working in my case, though, since I pay out for prescriptions with my credit card, which is easy, and pay my other co-pays weeks to months later, so it doesn't really affect my behavior.
November 13, 2010
At BWI, I told the officer who directed me to the back-scatter that I preferred a pat-down. I did this in order to see how effective the manual search would be. When I made this request, a number of TSA officers, to my surprise, began laughing. I asked why. One of them -- the one who would eventually conduct my pat-down -- said that the rules were changing shortly, and that I would soon understand why the back-scatter was preferable to the manual search. I asked him if the new guidelines included a cavity search. "No way. You think Congress would allow that?"I answered, "If you're a terrorist, you're going to hide your weapons n your anus or your vagina." He blushed when I said "vagina."
"Yes, but starting tomorrow, we're going to start searching your crotchal area" -- this is the word he used, "crotchal" -- and you're not going to like it."
"What am I not going to like?" I asked.
"We have to search up your thighs and between your legs until we meet resistance," he explained.
"Resistance?" I asked.
"Your testicles," he explained.
'That's funny," I said, "because 'The Resistance' is the actual name I've given to my testicles."
One gets the impression from his report that it's being made less fun than strictly necessary. After all, once you've paid a zillion dollars for a bunch of gee whiz technology you want to use it.
I was planning to opt for the patdown next time I went through security anyway, but then I read this letter from UCSF (þ SF Citizen). You should read the whole thing, but this is the really scary part:
Unlike other scanners, these new devices operate at relatively low beam energies (28keV). The majority of their energy is delivered to the skin and the underlying tissue. Thus, while the dose would be safe if it were distributed throughout the volume of the entire body, the dose to the skin may be dangerously high.The X-ray dose from these devices has often been compared in the media to the cosmic ray exposure inherent to airplane travel or that of a chest X-ray. However, this comparison is very misleading: both the air travel cosmic ray exposure and chest X- rays have much higher X-ray energies and the health consequences are appropriately understood in terms of the whole body volume dose. In contrast, these new airport scanners are largely depositing their energy into the skin and immediately adjacent tissue, and since this is such a small fraction of body weight/vol, possibly by one to two orders of magnitude, the real dose to the skin is now high.
In addition, it appears that real independent safety data do not exist. A search, ultimately finding top FDA radiation physics staff, suggests that the relevant radiation quantity, the Flux [photons per unit area and time (because this is a scanning device)] has not been characterized. Instead an indirect test (Air Kerma) was made that emphasized the whole body exposure value, and thus it appears that the danger is low when compared to cosmic rays during airplane travel and a chest X-ray dose.
In summary, if the key data (flux-integrated photons per unit values) were available, it would be straightforward to accurately model the dose being deposited in the skin and adjacent tissues using available computer codes, which would resolve the potential concerns over radiation damage.
That's sure encouraging. And of course that's just assuming that the machines are functioning as designed. The authors of the letter go on:
Moreover, there are a number of 'red flags' related to the hardware itself. Because this device can scan a human in a few seconds, the X-ray beam is very intense. Any glitch in power at any point in the hardware (or more importantly in software) that stops the device could cause an intense radiation dose to a single spot on the skin. Who will oversee problems with overall dose after repair or software problems?
Surely that could never happen.
November 5, 2010
This coming Monday, the 8th of November, the Transportation Security Administration (TSA) expects to announce that it will prohibit airline passengers from flying with printer ink and toner cartridges, sized at 16oz by volume or larger. This will be Security Directive (SD) 1554-10-05.As of this evening, the TSA appears to be working on the exact wording of prohibiting these items, however prohibiting printer cartridges poses a few challenges ... mainly that generally printer cartridges do not have their ink or toner volume readily listed on the cartridge its self.
This feels like classic fighting the last war. As far as I can tell there's not much special about printer cartridges. Here's FWF's source:
Now that the global security community is aware of printer cartridges as a potential way to conceal explosives anyone seeking to stay out of the line of sight of security forces will move onto a new item to conceal their weapons. If I was on the front line of aviation security I would suggest seriously looking at desktop hard drives, portable DVD players or home video game consoles. These are all items with enough internal space to pack an explosive in addition to providing the ability to camouflage the trigger wiring harness. Under normal circumstances these items may not catch a second glance, but you have to wonder what kind of person checks a desktop hard drive, portable DVD player or home video game console given the likelihood of damage or theft.
Moreover, if you're going to carry the bomb in carry-on, there's no requirement that the explosive and the triggering mechanism even be in the same package, since you can assemble them in place. All you need is the ability to pack the explosives into something that will pass the x-ray machine (or alternately you can probably walk them through the magnetometer; ever see a "wine rack"?) and then some other place to conceal the triggering mechanism. It seems like it shouldn't be too hard to make it look like some other piece of consumer electronics. Note that since you can separate the trigger mechanism from the explosive, you can have two different people bring them through security, thus arousing even less suspicion (and potentially bearing more scrutiny if you get secondary screening).
It's possible, of course, that for some reason printer toner is really hard to distinguish from explosives using the kind of detection apparatus we have available. In that case, it might possibly make sense to restrict toner (whether in cartridge form or not). However, printer toner is a carbon/plastic compound, so it seems like it would probably show up a lot like any other kind of plastic under X-ray, nitrogen scanning, etc. Even if toner is hard to distinguish from explosives, it doesn't make much sense to restrict it unless it's somehow uniquely hard to distinguish.
Assuming this report is correct, it will be interesting to see what rationale TSA provides.
November 4, 2010
- How do I know how to vote without a Granick Slate Card
-
For some reason, Santa Clara County keeps moving my polling place around
and I somehow lost my voter pamphlet telling me where to go, so I cruised
over to the polling place on Middlefield to look at their map.
It wasn't my polling place, but I still could have gotten
vaccinated:
- Provisional ballot handling seemed a little clunky at this polling place. The way you vote a central count optical scan provisional ballot in Santa Clara is to fill out the ballot and then stuff it in an envelope with your information. You seal the envelope and then if election central determines that you're entitled to vote, they open the envelope and scan the ballot. (Santa Clara doesn't know use a double envelope system). But you are supposed to seal the envelope, not let the poll workers do it, since otherwise they see how you're going to vote. Anyway, when I saw a provisional voter vote, they tried to pass the whole mess to the pollworker, who looked about to put it all in the envelope but eventually let the voter do it.
- Santa Clara does have Sequoia DREs, but after the TTBR California restricted these to one per polling place, and so there was one lonely Sequoia AVC Edge, but the poll workers by default give you a paper ballot. When I showed up around 11 AM the poll workers told me that nobody had used it yet. It's kind of a pain to shut the machine down, so the poll workers generally prefer to have everyone vote opscan.