Category: "Counter-media"

About the Counter-Media category

  By Hagai Bar-El   , 161 words
Categories: Counter-media

One of the objectives of this blog is to put security related facts and events in the correct perspective.  This is primarily needed in cases where the traditional media has its own objective of either blowing news out of proportion, or even just adding its own bias. The security media, often sponsored by advertisers or vendors, has an occasional tendency of disseminating FUD (fear, uncertainty, and doubt) more than absolutely necessary.

Without arguing who is right, many of the posts in this blog bring forward the other side of the argument. They show a different perspective than that shown by other sources. The goal is never controversy in its own right; it is to make the reader truly informed, by showing the angle that is out of the spotlight.

The counter-media category consists of such posts that present perspectives, insights, and opinions, that may differ substantially from those typically presented by the media, and by that provide food for independent thought.

 

Pages: 1 3 4

  2020-04-17

The Fake News problem will not be solved by technology

  By Hagai Bar-El   , 903 words
Categories: Analysis, Security Policies, Counter-media

One reason we struggle with finding a solution to the fake news problem is that we have never defined the problem properly. The term “fake news” started as referring to publications that look like news but are entirely fabricated. It then migrated to consist also of news articles that are just grossly inaccurate, to later expand further into consisting also of news one doesn’t like and tries to dispute.

It is amusing to see how we seek technical mitigation towards a problem which is entirely semantic. Just like a lie detector does not detect untruths but only the artifacts of a lying person, all technologies that are considered for fighting fake news do not detect untruths but mostly willful propaganda. However, just like plain deceiving, publishing propaganda also consists of many shades of grey, implying that whatever solutions we find, we will never be happy with them.

We should recalculate our route.

Read more »

  2020-02-22

What will artists do when AI makes art? ...Same as security architects

  By Hagai Bar-El   , 1024 words
Categories: Analysis, Counter-media

Computers today already know how to draw great paintings using artificial-intelligence (AI) algorithms, after analyzing many real-human paintings. A sales house just sold one machine-generated portrait painting for $540,000, and by now there are startups that produce AI-generated portraits for $40 a piece. On the musical front, there already are algorithms that, after analyzing compositions made by Bach, compose “Bach” symphonies that even avid listeners cannot tell apart from the real thing. This brings up the question of what’s in the future for artists, now that machines create art that is indistinguishable from that produced by humans.

The same question (at a lower scale) has also been asked about security professionals. Now that machine learning algorithms can tell good from bad when looking at any type of event data, what would human security analysts be left to do? Traditionally, machines used to only sort through records using rules that humans wrote for them, but as it seems, machines are constantly getting better at writing those rules for themselves as well.

So should both worry for their jobs? It is my stance that not at all, and for surprisingly similar reasons.

Read more »

  2017-10-13

For and against security checklists, frameworks, and guidelines

  By Hagai Bar-El   , 636 words
Categories: Security Engineering, Security, Cyber Security, Counter-media

We have seen many of those by now. Starting with old ones like FIPS 140, and concluding with more recent additions as the NIST CSF (Cyber Security Framework). The question is: are whose worth my time? What are they good for? Do we need to adhere to them? In a nutshell, I think they have their value, and need to be consulted, but not worshiped.

Read more »

  2016-01-12

Bruce Schneier on Israeli export control

  By Hagai Bar-El   , 650 words
Categories: Security Policies, Counter-media

I usually agree with the opinions expressed by Bruce Schneier. Seldom do I think that he is dead wrong, and yet less often do I think that an essay of his is bluntly unsubstantiated. About a month ago, he published such a post, titled: How Israel Regulates Encryption. He quoted a research that sounds sensible, but ended up interpreting it entirely wrongly, in my opinion.

Read more »

  2014-04-09

OpenSSL "Heartbleed" bug: what's at risk on the server and what is not

  By Hagai Bar-El   , 1223 words
Categories: IT Security, Cyber Security, Counter-media

A few days ago, a critical bug was found in the common OpenSSL library. OpenSSL is the library that implements the common SSL and TLS security protocols. These protocols facilitate the encrypted tunnel feature that secure services – over the web and otherwise – utilize to encrypt the traffic between the client (user) and the server.

The discovery of such a security bug is a big deal. Not only that OpenSSL is very common, but the bug that was found is one that can be readily exploited remotely without any privilege on the attacker’s side. Also, the outcome of the attack that is made possible is devastating. Exploiting the bug allows an attacker to obtain internal information, in the form of memory contents, from the attacked server or client. This memory space that the attacker can obtain a copy of can contain just about everything. Almost.

There are many essays and posts about the “everything” that could be lost, so I will take the optimistic side and dedicate this post to the “almost". As opposed to with other serious attacks, at least the leak is not complete and can be quantified, and the attack is not persistent.

Read more »

  2014-04-03

Bitcoin does not provide anonymity

  By Hagai Bar-El   , 762 words
Categories: Security Engineering, Security Policies, Security, Counter-media

When people discuss Bitcoin, one of its properties that is often considered is its presumable anonymity. In this respect, it is often compared to cash. However, it shall be recognized and understood that Bitcoin is not as anonymous as cash; far from it, actually. Its anonymity relies on the concept of pseudonyms, which delivers some (unjustified) sense of anonymity, but very weak anonymity in practice.

Read more »

  2014-02-01

CyberTech 2014

  By Hagai Bar-El   , 438 words
Categories: IT Security, Cyber Security, Events, Counter-media

I attended CyberTech 2014 on January 27th-28th. CyberTech is a respectable conference for technologies related to cyber-security. The conference consisted of lectures and an exhibition. The lectures were most given by top notch speakers from the security space, both from the public sector and from the private sector; most being highly ranked executives. The exhibition sported companies ranging from the largest conglomerates as IBM and Microsoft, to garage start-ups.

I am easy to disappoint by cyber-security conferences. Simply put, there are more cyber-security conferences than what the security industry really has to say. This implies that for the security architect or practitioner, most cyber-security conferences lack sufficient substance. I take CyberTech 2014 with mixed emotions too. The exhibition showed interesting ideas, especially by start-ups, while the lectures left more to wish for.

Read more »

1 3 4

Search

  XML Feeds

License

All contents licensed under the Creative Commons Attribution license.