Thursday, February 18, 2010

In the news: Joe Stack

Hard to tell if things are what they appear to be or if someone is tastelessly doing stuff relating to a certainly real plane crash in Austin today. Right now, it appears as if the FBI has ordered the ISP [edited: host] to take down the original page (see www.embeddedart.com). There are probably thousands of copies out there already, but here's another one just in case. Consider it my vote against censorship. The below text was simply copied from http://embeddedart.com/, where the title of the document (what's shown in the browser tab / caption bar) was "Well Mr. Big Brother IRS man... take my pound of flesh and sleep well.

Note that I do not in any way endorse any of the message content, I merely protest the censoring attempt from the FBI if this really is what it looks like it is.




If you’re reading this, you’re no doubt asking yourself, “Why did this have to happen?”  The simple truth is that it is complicated and has been coming for a long time.  The writing process, started many months ago, was intended to be therapy in the face of the looming realization that there isn’t enough therapy in the world that can fix what is really broken.  Needless to say, this rant could fill volumes with example after example if I would let it.  I find the process of writing it frustrating, tedious, and probably pointless… especially given my gross inability to gracefully articulate my thoughts in light of the storm raging in my head.  Exactly what is therapeutic about that I’m not sure, but desperate times call for desperate measures.
We are all taught as children that without laws there would be no society, only anarchy.  Sadly, starting at early ages we in this country have been brainwashed to believe that, in return for our dedication and service, our government stands for justice for all.  We are further brainwashed to believe that there is freedom in this place, and that we should be ready to lay our lives down for the noble principals represented by its founding fathers.  Remember? One of these was “no taxation without representation”.  I have spent the total years of my adulthood unlearning that crap from only a few years of my childhood.  These days anyone who really stands up for that principal is promptly labeled a “crackpot”, traitor and worse.
While very few working people would say they haven’t had their fair share of taxes (as can I), in my lifetime I can say with a great degree of certainty that there has never been a politician cast a vote on any matter with the likes of me or my interests in mind.  Nor, for that matter, are they the least bit interested in me or anything I have to say.
Why is it that a handful of thugs and plunderers can commit unthinkable atrocities (and in the case of the GM executives, for scores of years) and when it’s time for their gravy train to crash under the weight of their gluttony and overwhelming stupidity, the force of the full federal government has no difficulty coming to their aid within days if not hours?  Yet at the same time, the joke we call the American medical system, including the drug and insurance companies, are murdering tens of thousands of people a year and stealing from the corpses and victims they cripple, and this country’s leaders don’t see this as important as bailing out a few of their vile, rich cronies.  Yet, the political “representatives” (thieves, liars, and self-serving scumbags is far more accurate) have endless time to sit around for year after year and debate the state of the “terrible health care problem”.  It’s clear they see no crisis as long as the dead people don’t get in the way of their corporate profits rolling in.
And justice? You’ve got to be kidding!
How can any rational individual explain that white elephant conundrum in the middle of our tax system and, indeed, our entire legal system?  Here we have a system that is, by far, too complicated for the brightest of the master scholars to understand.  Yet, it mercilessly “holds accountable” its victims, claiming that they’re responsible for fully complying with laws not even the experts understand.  The law “requires” a signature on the bottom of a tax filing; yet no one can say truthfully that they understand what they are signing; if that’s not “duress” than what is.  If this is not the measure of a totalitarian regime, nothing is.
How did I get here? 
My introduction to the real American nightmare starts back in the early ‘80s.  Unfortunately after more than 16 years of school, somewhere along the line I picked up the absurd, pompous notion that I could read and understand plain English.  Some friends introduced me to a group of people who were having ‘tax code’ readings and discussions.  In particular, zeroed in on a section relating to the wonderful “exemptions” that make institutions like the vulgar, corrupt Catholic Church so incredibly wealthy.  We carefully studied the law (with the help of some of the “best”, high-paid, experienced tax lawyers in the business), and then began to do exactly what the “big boys” were doing (except that we weren’t steeling from our congregation or lying to the government about our massive profits in the name of God).  We took a great deal of care to make it all visible, following all of the rules, exactly the way the law said it was to be done.
The intent of this exercise and our efforts was to bring about a much-needed re-evaluation of the laws that allow the monsters of organized religion to make such a mockery of people who earn an honest living.  However, this is where I learned that there are two “interpretations” for every law; one for the very rich, and one for the rest of us… Oh, and the monsters are the very ones making and enforcing the laws; the inquisition is still alive and well today in this country.
That little lesson in patriotism cost me $40,000+, 10 years of my life, and set my retirement plans back to 0.  It made me realize for the first time that I live in a country with an ideology that is based on a total and complete lie.  It also made me realize, not only how naive I had been, but also the incredible stupidity of the American public; that they buy, hook, line, and sinker, the crap about their “freedom”… and that they continue to do so with eyes closed in the face of overwhelming evidence and all that keeps happening in front of them.
Before even having to make a shaky recovery from the sting of the first lesson on what justice really means in this country (around 1984 after making my way through engineering school and still another five years of “paying my dues”), I felt I finally had to take a chance of launching my dream of becoming an independent engineer.
On the subjects of engineers and dreams of independence, I should digress somewhat to say that I’m sure that I inherited the fascination for creative problem solving from my father.  I realized this at a very young age.
The significance of independence, however, came much later during my early years of college; at the age of 18 or 19 when I was living on my own as student in an apartment in Harrisburg, Pennsylvania.  My neighbor was an elderly retired woman (80+ seemed ancient to me at that age) who was the widowed wife of a retired steel worker.  Her husband had worked all his life in the steel mills of central Pennsylvania with promises from big business and the union that, for his 30 years of service, he would have a pension and medical care to look forward to in his retirement.  Instead he was one of the thousands who got nothing because the incompetent mill management and corrupt union (not to mention the government) raided their pension funds and stole their retirement.  All she had was social security to live on.
In retrospect, the situation was laughable because here I was living on peanut butter and bread (or Ritz crackers when I could afford to splurge) for months at a time.  When I got to know this poor figure and heard her story I felt worse for her plight than for my own (I, after all, I thought I had everything to in front of me).  I was genuinely appalled at one point, as we exchanged stories and commiserated with each other over our situations, when she in her grandmotherly fashion tried to convince me that I would be “healthier” eating cat food (like her) rather than trying to get all my substance from peanut butter and bread.  I couldn’t quite go there, but the impression was made.  I decided that I didn’t trust big business to take care of me, and that I would take responsibility for my own future and myself.
Return to the early ‘80s, and here I was off to a terrifying start as a ‘wet-behind-the-ears’ contract software engineer... and two years later, thanks to the fine backroom, midnight effort by the sleazy executives of Arthur Andersen (the very same folks who later brought us Enron and other such calamities) and an equally sleazy New York Senator (Patrick Moynihan), we saw the passage of 1986 tax reform act with its section 1706.
For you who are unfamiliar, here is the core text of the IRS Section 1706, defining the treatment of workers (such as contract engineers) for tax purposes. Visit this link for a conference committee report(http://www.synergistech.com/1706.shtml#ConferenceCommitteeReport) regarding the intended interpretation of Section 1706 and the relevant parts of Section 530, as amended. For information on how these laws affect technical services workers and their clients, read our discussion here (http://www.synergistech.com/ic-taxlaw.shtml).
SEC. 1706. TREATMENT OF CERTAIN TECHNICAL PERSONNEL.
(a) IN GENERAL - Section 530 of the Revenue Act of 1978 is amended by adding at the end thereof the following new subsection:
(d) EXCEPTION. - This section shall not apply in the case of an individual who pursuant to an arrangement between the taxpayer and another person, provides services for such other person as an engineer, designer, drafter, computer programmer, systems analyst, or other similarly skilled worker engaged in a similar line of work.
(b) EFFECTIVE DATE. - The amendment made by this section shall apply to remuneration paid and services rendered after December 31, 1986.
Note:
·      "another person" is the client in the traditional job-shop relationship.
·      "taxpayer" is the recruiter, broker, agency, or job shop.
·      "individual", "employee", or "worker" is you.

Admittedly, you need to read the treatment to understand what it is saying but it’s not very complicated.  The bottom line is that they may as well have put my name right in the text of section (d).  Moreover, they could only have been more blunt if they would have came out and directly declared me a criminal and non-citizen slave.  Twenty years later, I still can’t believe my eyes.
During 1987, I spent close to $5000 of my ‘pocket change’, and at least 1000 hours of my time writing, printing, and mailing to any senator, congressman, governor, or slug that might listen; none did, and they universally treated me as if I was wasting their time.  I spent countless hours on the L.A. freeways driving to meetings and any and all of the disorganized professional groups who were attempting to mount a campaign against this atrocity.  This, only to discover that our efforts were being easily derailed by a few moles from the brokers who were just beginning to enjoy the windfall from the new declaration of their “freedom”.  Oh, and don’t forget, for all of the time I was spending on this, I was loosing income that I couldn’t bill clients.
After months of struggling it had clearly gotten to be a futile exercise.  The best we could get for all of our trouble is a pronouncement from an IRS mouthpiece that they weren’t going to enforce that provision (read harass engineers and scientists).  This immediately proved to be a lie, and the mere existence of the regulation began to have its impact on my bottom line; this, of course, was the intended effect.
Again, rewind my retirement plans back to 0 and shift them into idle.  If I had any sense, I clearly should have left abandoned engineering and never looked back.
Instead I got busy working 100-hour workweeks.  Then came the L.A. depression of the early 1990s.  Our leaders decided that they didn’t need the all of those extra Air Force bases they had in Southern California, so they were closed; just like that.  The result was economic devastation in the region that rivaled the widely publicized Texas S&L fiasco.  However, because the government caused it, no one gave a shit about all of the young families who lost their homes or street after street of boarded up houses abandoned to the wealthy loan companies who received government funds to “shore up” their windfall.  Again, I lost my retirement.
Years later, after weathering a divorce and the constant struggle trying to build some momentum with my business, I find myself once again beginning to finally pick up some speed.  Then came the .COM bust and the 911 nightmare.  Our leaders decided that all aircraft were grounded for what seemed like an eternity; and long after that, ‘special’ facilities like San Francisco were on security alert for months.  This made access to my customers prohibitively expensive.  Ironically, after what they had done the Government came to the aid of the airlines with billions of our tax dollars … as usual they left me to rot and die while they bailed out their rich, incompetent cronies WITH MY MONEY!  After these events, there went my business but not quite yet all of my retirement and savings.
By this time, I’m thinking that it might be good for a change.  Bye to California, I’ll try Austin for a while.  So I moved, only to find out that this is a place with a highly inflated sense of self-importance and where damn little real engineering work is done.  I’ve never experienced such a hard time finding work.  The rates are 1/3 of what I was earning before the crash, because pay rates here are fixed by the three or four large companies in the area who are in collusion to drive down prices and wages… and this happens because the justice department is all on the take and doesn’t give a fuck about serving anyone or anything but themselves and their rich buddies.
To survive, I was forced to cannibalize my savings and retirement, the last of which was a small IRA.  This came in a year with mammoth expenses and not a single dollar of income.  I filed no return that year thinking that because I didn’t have any income there was no need. The sleazy government decided that they disagreed.  But they didn’t notify me in time for me to launch a legal objection so when I attempted to get a protest filed with the court I was told I was no longer entitled to due process because the time to file ran out.  Bend over for another $10,000 helping of justice.
So now we come to the present.  After my experience with the CPA world, following the business crash I swore that I’d never enter another accountant’s office again.  But here I am with a new marriage and a boatload of undocumented income, not to mention an expensive new business asset, a piano, which I had no idea how to handle.  After considerable thought I decided that it would be irresponsible NOT to get professional help; a very big mistake.
When we received the forms back I was very optimistic that they were in order.  I had taken all of the years information to Bill Ross, and he came back with results very similar to what I was expecting.  Except that he had neglected to include the contents of Sheryl’s unreported income; $12,700 worth of it. To make matters worse, Ross knew all along this was missing and I didn’t have a clue until he pointed it out in the middle of the audit.  By that time it had become brutally evident that he was representing himself and not me.
This left me stuck in the middle of this disaster trying to defend transactions that have no relationship to anything tax-related (at least the tax-related transactions were poorly documented).  Things I never knew anything about and things my wife had no clue would ever matter to anyone.  The end result is… well, just look around.
I remember reading about the stock market crash before the “great” depression and how there were wealthy bankers and businessmen jumping out of windows when they realized they screwed up and lost everything.  Isn’t it ironic how far we’ve come in 60 years in this country that they now know how to fix that little economic problem; they just steal from the middle class (who doesn’t have any say in it, elections are a joke) to cover their asses and it’s “business-as-usual”.  Now when the wealthy fuck up, the poor get to die for the mistakes… isn’t that a clever, tidy solution.
As government agencies go, the FAA is often justifiably referred to as a tombstone agency, though they are hardly alone.  The recent presidential puppet GW Bush and his cronies in their eight years certainly reinforced for all of us that this criticism rings equally true for all of the government.  Nothing changes unless there is a body count (unless it is in the interest of the wealthy sows at the government trough).  In a government full of hypocrites from top to bottom, life is as cheap as their lies and their self-serving laws.
I know I’m hardly the first one to decide I have had all I can stand.  It has always been a myth that people have stopped dying for their freedom in this country, and it isn’t limited to the blacks, and poor immigrants.  I know there have been countless before me and there are sure to be as many after.  But I also know that by not adding my body to the count, I insure nothing will change.  I choose to not keep looking over my shoulder at “big brother” while he strips my carcass, I choose not to ignore what is going on all around me, I choose not to pretend that business as usual won’t continue; I have just had enough.
I can only hope that the numbers quickly get too big to be white washed and ignored that the American zombies wake up and revolt; it will take nothing less.  I would only hope that by striking a nerve that stimulates the inevitable double standard, knee-jerk government reaction that results in more stupid draconian restrictions people wake up and begin to see the pompous political thugs and their mindless minions for what they are.  Sadly, though I spent my entire life trying to believe it wasn’t so, but violence not only is the answer, it is theonly answer.  The cruel joke is that the really big chunks of shit at the top have known this all along and have been laughing, at and using this awareness against, fools like me all along.
I saw it written once that the definition of insanity is repeating the same process over and over and expecting the outcome to suddenly be different.  I am finally ready to stop this insanity.  Well, Mr. Big Brother IRS man, let’s try something different; take my pound of flesh and sleep well.

The communist creed: From each according to his ability, to each according to his need.
The capitalist creed: From each according to his gullibility, to each according to his greed.

Joe Stack (1956-2010)
02/18/2010


Is the time ripe for electronic cash?

So-called EMV cards, known to many as "chip and pin" cards, were marketed to consumers, merchants and regulators alike as a big step forward in security. In some ways, they have now come to look instead like a clever way for banks to shift liability away from themselves - leaving merchants and consumers with the short stick.

A draft version of a whitepaper named Chip and PIN is Broken is out there for those of you who are interested in the technical details. (Much of the paper is in fact quite understandable even if you have little technical knowledge but understand general security concepts like authentication [establishing identity], authorization [establishing whether or not something is allowed by some party], and so on - or if you're reasonably smart and not unwilling to make some effort.)

I invite readers to take in the paper in full, and it will not be my main focus in this post, but as a service to the less technically inclined or just plain too-busy reader (or the lazy ones - there, I said it), I've made a short list of bullet points to summarize the bits I consider particularly informative. If you are familiar with the paper, you may want to skip the next paragraph.

Pertinent points from "Chip and PIN is Broken":

  • EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation.
  • The flaw allows a stolen "chip card" to be used with any pin code, even in online transactions. What is worse, the merchants records will indicate that the correct pin was entered. The bank records may include information that can reveal this attack was used, but the data intended to show whether PIN was used will indicate that the correct PIN was entered. Therefore, victims of this type of fraud may have difficulty getting their losses covered and may be accused of lying or neglicence. There is at least one case (in the UK in 2009) in which both the bank and the adjudicator relied explicitly on the flawed data to incorrectly asserts that the correct PIN had been entered in refusing to refund the customer.
  • The attack, while difficult to discover, is quite easy to carry out and does not require expert-level engineering skills to perpetrate. 
  • Technical stuff: The protocol has a serious flaw which means that the "verify PIN" operation is not authenticated. A merchant terminal cannot establish "who is answering" when the terminal (having asked the user for the PIN) asks the card if "0000" is really the correct PIN. This opens the door for a "middleman" attack where the "verify PIN" request is never sent to the real card, and a fake card simply responds "yes" (0x9000 if you must know) no matter what PIN code it is asked for. There is a subsequent - and authenticated - step in the protocol where the card gives final authorization, but it will do so despite never having been asked for a PIN code as what the card has seen is the same it normally sees in a transaction that is authorized by a pen-and-paper signature.
There are lots more interesting points raised in the paper, in particular with regard to the history of the protocol and how the banking industry has chosen to do precisely the opposite of what every leading security expert on the planet has been loudly advicing for at least a couple of decades. Rather than openly discuss the protocol and subject it to scrutiny from any security expert (or wannabe) who'd like the challenge, the industry has tried to keep things as secret as possible. I actually laughed out loud at the authors' dry remark "nothing implemented by 20,000 banks could have been kept secret", but perhaps I should have been crying. To be fair: This was not quite a case of "security by obscurity" - the protocol was supposed to withstand any murky intentions of anyone who knew all it's details, but it is still startling to see that the industry is so arrogant as to ignore advice that is almost universally accepted as "best practice" by security experts.


Yeah yeah, but get to the point. What does this have to do with electronic cash?

In a way, nothing at all. But then again, maybe a lot. As I tried to ask myself what sort of changes one ought to make in order to make electronic transactions more secure it occured to me that one limitation very likely stems from the capabilities of the chip itself. More specifically, from it's computing power. I am not an expert on encryption algorithms, but I do have a reasonable understanding of the principles upon which a few of them work. Especially relevant to this discussion is public-key encryption, such as RSA, and how it is used in certificates, authentication, and establishing a secure communication channel that cannot be tampered with.

I speculate that an important reason why EMV cards do not use industry-standard protocols like TLS at least as a wrapper providing a secure channel for their own protocol(s) is that the limited computing power of the chip would either make transactions slow or force the use of short keys that might more easily be compromised. Another possible reason is that with the EMV protocol (or more precisely "protocol framework", but it's an unwanted digression here, so if you must know just read the whitepaper) there are situations where the message is known, which is helpful to an attacker attempting to crack the encryption.

Whatever the correctness of my speculation, it ought to be obvious that having vastly more computing power available would enable solutions that simply aren't possible with cheap chip cards. So what could replace a card and provide this computing power? It must be cheap, so it probably needs to be something that needs the computing power for other purposes anyway. And it must be something you can always carry with you - or at least as often as you'd carry your credit card (or wallet, if you're as old-fashioned as I am). If you can't think of anything that fits, go read someone else - I have standards, too: It's the PC of course! You should now be ripping your hair out and screaming "what a blatant idiot this guy is!" since it is obviously the mobile phone. It just so happens that I think the mobile phone just became the PC - there's something a bit silly about calling the device we're talking about a "phone" when the phone is but an application among thousands on it, nevermind GPS receivers and accellerometers. (Of course not everyone has a phone that fits this description today, but everyone will soon and that's what matters since it is the future I'm talking about here.)

Here's a rough outline of what I imagine would be a far superior solution to the current credit card system: Add a slot to accomodate a chip much like the one on those "chip cards" to the PC, uh... I mean phone. Just like you can pop in a SIM card from a network provider this allows you to pop in a credit card from your "electronic payment solutions provider". This card will store the certificate issued by your bank, and software on the phone, itself digitally signed and equipped with a certificate, is the only client it will speak to beyond "hello, who are you? Please authenticate yourself." and a polite "sorry, I don't seem to know you" if anyone but this software should be asking. 

The devil is in the details and I'm not the one to hammer them out anyway. So let's pretend this can be done securely and examine what then happens. I'm sure (if anyone reads this!) comments will point out the flaws in my described solution, but I also believe that although I may not have gotten the details quite right, something like it is viable - i.e. something that would enable the software on the phone to take over the responsibility for talking to a terminal, while letting the bank issue your certficate only after whatever authentication scheme they would like (such as checking your passport and birth attest and public address registers and whatever it is banks do to establish the identity of their accountholders).

And that is where it becomes interesting. The technology for electronic cash has already been built. Having your e-wallet in your phone only makes sense, and having actual cash (that is, anonymous money that can be transferred between two parties without any third-party involvement, at least not in real time) offers great advantages to anyone (such as me) who worry that the trail of personally identifiable data our financial transactions create today carries huge potential for abuse of many kinds, whether from governments or corporations. There are forms of digital cash that are recoverable too, so that losing your e-wallet doesn't mean losing your e-cash. And e-cash makes it possible to protect cash payments too with a PIN code or some other authentication mechanism, but with the important difference that it is anonymous. In other words, the authentication here only establishes identity in the sense that it makes the assertion "the payment is authorized by the legitimate owner of the cash". 

What else could we do if we moved our credit cards into our phones? Well, a million things of course, but again it gets most interesting with cash. Since cash is transferrable between two parties without involving the bank or anyone else, it's suitable for offline use. I think it's time we add an RFID interface to the phone.

This would enable scenarios like these:
  • You walk up to the cashier with your groceries. To pay, you briefly place your phone on (or just over) a sort of pad (the terminal), and the phone displays the transaction details and some UI to let you provide the evidence used to authenticate you - whether that's a PIN code, a passphrase, some multi-touch gesture you've been practicing, or voice recognizion + retina scan (with a cellphone camera? That makes me laugh!) for those who watch too much Star Trek. Obviously for PIN it'd be nice to be able to lift the phone off the pad and enter the PIN holding the device whatever way we want to conceal entry from probing eyes nearby, but this shouldn't cause any trouble.
  • You're entering the bus on one of your many trips to Paris. You place your phone on the RFID reader that subscribers to the bus service already use with their Navigo (bus pass, another card to make your wallet unweildy), and the reader makes the OK noise and shows the green light so the driver knows you've validated. 
But wait, I hear you saying. It would be clumsy at best to use the phone and have to go through the PIN (or whatever) process when getting on the bus. If you've used the bus in Paris you'll know this is true - you'd be holding up the always-present (at every stop) line of people trying to get on board. But if the "card application" in the payment process runs on a powerful device like the phone, it can easily be made configurable. We can therefore set policies as to how we want to handle transactions, giving us fine-grained control over how we want to trade off risk versus convenience. For example, I could allow "my card" to pay RATP (the bus company) without authorization for amounts not exceeding €2. I could limit this to no more than twice per day. I could let this permission expire monthly. This should limit my worst-case financial loss if my phone was stolen to €60, and that is if we assume the phone's stolen just after I authorized this for a month and I don't notice I've lost my phone during the next 30 days. With such control possible and even the ability of e-cash to be rendered invalid and replaced by newly issued and valid cash, the possibilities are interesting to say the least.

Another immediately clear advantage is that although my bank would no longer have a detailed record of how I spend my money, I could easily collect that same information myself to feed into my personal finance software (if I used any). All the transaction details must necessarily be presented to me if I am to say whether or not to go ahead and pay, so clearly the phone could keep that data for me to crunch whatever way I want later on. 

Obviously, Visa and the bank and the merchants who now collect a ton of data about us aren't going to be very keen on going back to cash, no matter how secure or otherwise handy it would be for us consumers. But surely if companies like Microsoft and PayPal cooperated and managed to sell the idea to us consumers some merchants could be swayed. And my bank can't do much to stop me transferring some funds to PayPal now and then. 

Now I know this is a bit unstructured and a mishmash of ideas, all of which may be flawed. But I would love to get some feedback. What do you think? Is it high time for electronic payment - cash or debit - to migrate to our cellphones? Or are there good reasons to stick with bits of plastic and a cheap chip in our pockets?

Please comment, and a good day to all.

The Polymorphist