What happens when a country’s entire population is hacked?

Hack the planet

I was reading about how a 20-year-old man was arrested in Sofia, Bulgaria, on Tuesday afternoon and was charged with an unprecedented hack of the country’s tax authority, ending with the theft of sensitive personal records from nearly every adult in Bulgaria.

The question is what happens when a country’s entire adult population is hacked?

The scope of this attack is vast, and the number of unanswered questions remains significant.

The email the hacker sent to journalists with the leaked data came from a Russian email address. No one is quite sure what that means yet, but given the tension between Russia and Europe, especially in cyberspace, it’s a detail that’s attracted immediate attention.

Closer to home, the Bulgarians are looking at their government and wondering what went so badly wrong.

Its quite a thing when someone else (trusted?) loses control of your data like this. But its happening more and more.

More of a reason to be more choosy about who you trust with your personal data but also more of a reason why companies may want to rethink holding the data at all! Zero-knowledge proof, client side processing, etc is all part of this. But asking that question about the value of holding such data and liability of doing so is even more important.

Till we finally get a grip on this, more headlines like this will become more common place.

Not moving to vista

vista

What is going on with Windows Vista? I pledged not to move to Vista a while ago but after hearing about some of the major improvements (specially in the x64 version) I won't lie – I was tempted. I also with my new Dell get a free upgrade to Vista at some point. But lets be honest there's tons of really good reasons not to upgrade to Vista.

I've been reading a few view points recently. This Cost Analysis of Windows Vista Content Protection has been very useful.

Disabling of Functionality

Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in. Currently the most common high-end audio output interface is S/PDIF (Sony/Philips Digital Interface Format). Most newer audio cards, for example, feature TOSlink digital optical output for high-quality sound reproduction, and even the latest crop of motherboards with integrated audio provide at least coax (and often optical) digital output. Since S/PDIF doesn't provide
any content protection, Vista requires that it be disabled when playing protected content. In other words if you've invested a pile of money into a high-end audio setup fed from a digital output, you won't be able to use it with protected content. Similarly, component (YPbPr) video will be disabled by Vista's content protection, so the same applies to a high-end video setup fed from component video.

This is simply insane. Imagine you bought a LCD or Plasma which doesn't support HDCP over component or DVI your stuffed. Worst that this, if you basiclly dont have HDMI your screwed! I also wonder what Prenium content counts as? My camera does true HD 720p, would this count as prenium? Like the Zune would it apply DRM to content it thinks worthy? But it gets worst.

Decreased Playback Quality

Alongside the all-or-nothing approach of disabling output, Vista requires that any interface that provides high-quality output degrade the signal quality that passes through it. This is done through a “constrictor” that downgrades the signal to a much lower-quality one, then up-scales it again back to the original spec, but with a significant loss in quality. So if you're using an expensive new LCD display fed from a high-quality DVI signal on your video card and there's protected content present, the picture
you're going to see will be, as the spec puts it, “slightly fuzzy”, a bit like a 10-year-old CRT monitor that you picked up for $2 at a yard sale. In fact the spec specifically still allows for old VGA analog outputs, but even that's only because disallowing them would upset too many existing owners of analog monitors. In the future even analog VGA output will probably have to be disabled. The only thing that seems to be explicitly allowed is the extremely low-quality TV-out, provided that Macrovision is applied
to it. The same deliberate degrading of playback quality applies to audio, with the audio being downgraded to sound (from the spec) “fuzzy with less detail”.
Amusingly, the Vista content protection docs say that it'll be left to graphics chip manufacturers to differentiate their product based on (deliberately degraded) video quality. This seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.

The HFS rules out Open source and unified drivers which may sound good if your hardware is very straight forward but this is going to be crazy once you start adding much more custom hardware. but don't worry Microsoft have something which is much scary.

Denial-of-Service via Driver Revocation

Once a weakness is found in a particular driver or device, that driver will have its signature revoked by Microsoft, which means that it will cease to function (details on this are a bit vague here, presumably some minimum functionality like generic 640×480 VGA support will still be available in order for the system to boot). This means that a report of a compromise of a particular driver or device will cause all support for that device worldwide to be turned off until a fix can be found. Again, details are sketchy,
but if it's a device problem then presumably the device turns into a paperweight once it's revoked. If it's an older device for which the vendor isn't interested in rewriting their drivers (and in the fast-moving hardware market most devices enter “legacy” status within a year of two of their replacement models becoming available), all devices of that type worldwide become permanently unusable.
The threat of driver revocation is the ultimate nuclear option, the crack of the commissars' pistols reminding the faithful of their duty. The exact details of the hammer that vendors will be hit with is buried in confidential licensing agreements, but I've heard mention of multimillion dollar fines and embargoes on further shipment of devices alongside the driver revocation mentioned above.

And finally a word of warning for people like myself who think moving to Linux or Mac will solve the problem.

The worst thing about all of this is that there's no escape. Hardware manufacturers will have to drink the kool-aid (and the reference to mass suicide here is deliberate) in order to work with Vista: “There is no requirement to sign the [content-protection] license; but without a certificate, no premium content will be passed to the driver”. Of course as a device manufacturer you can choose to opt out, if you don't mind your device only ever being able to display low-quality, fuzzy, blurry video and audio when
premium content is present, while your competitors don't have this (artificially-created) problem.

As a user, there is simply no escape. Whether you use Windows Vista, Windows XP, Windows 95, Linux, FreeBSD, OS X, Solaris (on x86), or almost any other OS, Windows content protection will make your hardware more expensive, less reliable, more difficult to program for, more difficult to support, more vulnerable to hostile code, and with more compatibility problems.

Here's an offer to Microsoft: If we, the consumers, promise to never, ever, ever buy a single HD-DVD or Blu-Ray disc containing any precious premium content, will you in exchange withhold this poison from the computer industry? Please?

The Inquirer also shined a another downside to vista.

When I get back from CES, the first thing I am going to do is sleep, shortly followed by catching up on my life, then dumping Windows from my main work machines, but not by choice. Vista can not work for me. Why? The licensing and the activation/DRM infection.

Microsoft has now decided that it won't gain anymore market share, so the only way to make more money is tp squeeze more out of each customer. You can do that in two ways, by raises prices and reducing piracy. It did raise the price a lot on Vista, and it is trying to squeeze out piracy, but legitimate users like me are the ones who suffer.

Comments [Comments]
Trackbacks [0]