NSA’s MITM attack on Cryptome

The moment you find out the NSA is performing MITM attacks on your website’s visitors from a leaked slide deck:

But here is the thing — and this is crucial — the address for Cryptome is listed to be the location of a fiber optic cable junction in Sterling, VA (next to an Amusement Machine company)… which is quite some distance away from your location in NYC, and a considerable distance from your ISP who hosts your file, and it is located away from any signal switching systems use in the area, but it is virtually next door to fiber that goes to a large NSA listening post nearby.

The reason it is notable, is that someone at or near the location in Sterling, VA is performing a MITM attack on Cryptome visitors, and this image out of the slidedeck with the two GPS coordinates is the U.S. Government performing a MITM attack against Cryptome and sharing the collected intelligence with the Brits, or the U.S. Government giving the British government backdoor access into the U.S. (illegal) collection systems.

In Vino Veritas … At Least Untill You Have To Pee

Who would have thought the lies we tell are more convincing when we need to pee.

I’m watching out for sentences like this in the news: ?

[…] complained they were subjected to ‘forced urination’ before they were interrogated by the TSA.

The actual paper.

Abstract: The Inhibitory-Spillover-Effect (ISE) on a deception task was investigated. The ISE occurs when performance in one self-control task facilitates performance in another (simultaneously conducted) self-control task. Deceiving requires increased access to inhibitory control. We hypothesized that inducing liars to control urination urgency (physical inhibition) would facilitate control during deceptive interviews (cognitive inhibition). Participants drank small (low-control) or large (high-control) amounts of water. Next, they lied or told the truth to an interviewer. Third-party observers assessed the presence of behavioral cues and made true/lie judgments. In the high-control, but not the low-control condition, liars displayed significantly fewer behavioral cues to deception, more behavioral cues signaling truth, and provided longer and more complex accounts than truth-tellers. Accuracy detecting liars in the high-control condition was significantly impaired; observers revealed bias toward perceiving liars as truth-tellers. The ISE can operate in complex behaviors. Acts of deception can be facilitated by covert manipulations of self-control.

Data is not an asset, it’s a liability

A short blog post that drives home a very important point:

Here’s a hard truth: regardless of the boilerplate in your privacy policy, none of your users have given informed consent to being tracked. Every tracker and beacon script on your web site increases the privacy cost they pay for transacting with you, chipping away at the trust in the relationship.

Because

The all too typical corporate big data strategy boils down to three steps:

  1. Write down all the data
  2. ???
  3. Profit

This never makes sense. You can’t expect the value of data to just appear out of thin air. Data isn’t fissile material. It doesn’t spontaneously reach critical mass and start producing insights.

Which leads to the realization:

Think this way for a while, and you notice a key factor: old data usually isn’t very interesting. You’ll be much more interested in what your users are doing right now than what they were doing a year ago. Sure, spotting trends in historical data might be cool, but in all likelihood it isn’t actionable. Today’s data is.

So

Actionable insight is an asset. Data is a liability. And old data is a non-performing loan.

 

Moral parents, moral babies

Ars again covers interesting research on the psychology toddlers. This time: toddlers with parents with lower tolerance to injustice show stronger differences in EEG-readings when watching prosocial vs. antisocial behavior.

It also has a discussion on how difficult it is to do a “psychological” assessment of toddlers’ behavior and derive concrete explanations or conclusions from them.

The Trick of Hope

I often tell myself and my students: medicine is the most human of all the sciences that is stuck with the least human of all the experiments: and that is the randomized trial.
Randomization doesn’t exist because doctors are malign or medicine is nasty it exists precisely for the utterly opposite reason: because we hope too much.
We’re so hopeful, that we want things to work so badly-especially against cancer-we want things to work so badly that we’ll trick ourselves to believing that they’re working.
And there’s nothing as toxic or as lethal as that trick: the trick of hope.
Dr. Siddhartha Mukherjee in PBS’ Cancer: The Emperor of All Maladies