Learning by Proxy | Indecent Exposure

Our entire lives are online. There seems to be no online service that cannot be hacked. Let alone the concern for our privacy, this can be a disaster for their business.

When Mary, the Queen of Scots has a hard life. She ascended to the throne when she was 6 days old. After an unhappy marriage in France, a widow, she returned to take her throne and claimed that of Queen Elizabeth I of England as well. She was imprisoned for more than a decade by Queen Elizabeth.

You see, the English unleashed their hospitality on their own before bringing it to India!

Finally, death came to Mary because one of her letters was decrypted and proved that she was plotting to kill Queen Elizabeth.

Mary, Queen of Scots paid with her life for a leak!

Indecent Exposure

The simplest form of encryption is called the replacement cypher. In this one letter is substituted for the other. It is also quite easy to crack such a cypher because every language suffers from statistical distribution. 

A is the most used alphabet in the English language and so on. If you have enough encrypted content, you will break the cypher quickly enough.

During World War 2, the Enigma Machine was the pinnacle of encryption. It used a replacement cypher whose key would change after each letter, controlled by a secondary key. The only way to decrypt was to have the secondary key as well as the Enigma machine. Despite having an Enigma machine at their disposal the British could not crack the code. Alan Turing was busy developing the bombes at the time but was nowhere close to breaking the cypher.

All it took was a listener in Britain who was responsible for intercepting every message from a particular post. She noticed that every message that was sent from the post ended with two letters. Assuming that there could not be a word formed with two letters, she surmised that it might be the initials of a person. Perhaps the sender's girlfriend. This turned out to be true and it resulted in the Enigma being broken. That is the story of how the Second World War was lost by the Germans.

No matter how intelligent the system - As long as it is a human using it, you can anticipate some stupidity.

Facebook has almost infinite resources. And still

People can now enter their phone numbers into a website to see if they appeared in a recent Facebook data breach.

Details of more than 530 million people were leaked in a database online, largely consisting of mobile numbers.

People can use the Have I Been Pwned online tool to check if their numbers or emails were compromised.

Facebook says the data is from an “old” breach in 2019 but privacy watchdogs are now investigating.

Source: BBC

One of the tools that Facebook had created for itself was used against it to snag the data of more than 500 Million users from the site.

Then LinkedIn had a hold my beer moment.

You might still be reeling from the news that personal information from 533 million Facebook accounts has been made freely available online. But now there’s another huge batch of people’s data floating around the web — including data from LinkedIn, the Microsoft-owned social network confirmed. And the potential scope of the leak is huge: an individual selling the data on a hacker forum claims it was scraped from 500 million LinkedIn profiles, according to CyberNews.

In a purported sample of two million of the profiles for sale, LinkedIn members’ full names, email addresses, phone numbers, genders, and more were visible, CyberNews found. LinkedIn, however, says the data includes information from many places and wasn’t all scraped from the professional-focused social network.

Source: The Verge

These are two of the largest Social Network and their only real play is data. More than user privacy they need to guard their data for the sake of monetisation of their platforms. If they are getting paraded on the streets with their pants down, pretty much all data protection is a joke.

Not to be left behind...

Online discount broking platform Upstox suffered a massive data breach affecting the personal data of 2.5 Mn of its customers, according to several media reports on Sunday (April 11, 2021). Thereafter, the company admitted that earlier claims about the data breach were right and it has since enhanced its cybersecurity systems.

Source: Inc42

and

Network18-owned financial portal Moneycontrol, which has reported extensively about data breaches affecting companies such as Upstox and Mobikwik, seems to have suffered the same fate, as personal data of over 7 lakh users have allegedly been leaked on the dark web, where it’s available for sale for $350.

Source: Inc42

And when it comes to IoT devices, you should NOT use one. Period. Last month, someone was found streaming videos from the CCTV in the Tesla factory.

Over the last few years, researchers have found a shocking number of vulnerabilities in seemingly basic code that underpins how devices communicate with the internet. Now a new set of nine such vulnerabilities are exposing an estimated 100 million devices worldwide, including an array of internet of things products and IT management servers. The larger question researchers are scrambling to answer, though, is how to spur substantive changes—and implement effective defences—as more and more of these types of vulnerabilities pile up.

Source: Wired

Two businesses that have mandated data protection laws are Payments and Healthcare. The PCI-DSS standard has kept financial data protected across the globe. In the case of Healthcare, HIPAA compliances keep health data protected.

Should we not consider similar standards for all kinds of data?

To protect data, Google runs a program called Project Zero. Its objective is to find Zero-Day Vulnerabilities, gaps in code (on iOS, Android and Microsoft) that can be exploited that even the companies themselves do not know. Project Zero reports it to them. They were left with an ethical conundrum!

And those two teams caught an unexpectedly big fish recently: an “expert” hacking group exploiting 11 powerful vulnerabilities to compromise devices running iOS, Android, and Windows.

But MIT Technology Review has learned that the hackers in question were actually Western government operatives actively conducting a counterterrorism operation. The company’s decision to stop and publicize the attack caused internal division at Google and raised questions inside the intelligence communities of the United States and its allies.

Source: MIT Technology Review

They shut down a covert US government operation to hack North Korea, China and Russia.

Share

HIV Vaccine

Deoxyribonucleic Acid (DNA) is the instruction set of life. It is the thing that tells whether an egg will turn into a human or a cat. Think of it as an instruction set for protein synthesis. Ribonucleic Acid carries genetic code from the nucleus to the ribosomes to make proteins. Where DNA tells what cells and organic materials need to be created; RNA just carries the instruction for specific proteins to be created.

Source: ThoughtCo

Different species have different lengths of DNA and within a species itself, the DNA of every individual is unique. The pairs illustrated above are called Base pairs and the human genome has about 3 billion base pairs whereas the CoronaVirus has about 30,000 base pairs.

James Watson and Francis Crick proposed the double helix structure of the genome in 1955. The human genome project was started in 1990, a publicly funded project. It took 13 years to decode the human genome. It cost USD 3 Billion to sequence one human gene.

Machines used to sequence have progressed so much since then. It is possible to order your DNA sequence on mapmygenome.com for Rs. 15000. In the US 23andme will get it done for USD 99.

It was this ability to sequence DNA quickly that made it possible for us to arrive at a vaccine in such a short period. Using the DNA sequence an RNA was synthesised that made the body produce proteins that would attack the virus. This method has become a platform.

The immense value of a platform innovation is related to how it can be adapted for a range of uses that are unforeseen at its inception. It can be like a toolbox, waiting at the back of a closet. What happened with sequencing during the pandemic serves as a good example. Another is Sanjana’s work on new Crispr technologies, which he uses to modify or repair strings of DNA to better understand the genetic basis of human disease. Twenty years ago, when officials at the N.I.H. talked about investing in the future of sequencing, altering the human, plant or animal genome on a regular basis was not something they could have predicted. But Crispr requires Sanjana to constantly evaluate his editing by using sequencers — usually a desktop Illumina model, in his case — to check the results. “It would be impossible to do these experiments otherwise,” he says.

Source: New York Times

There is another virus that has been giving humankind a hard time - HIV. This platform has been put to use against HIV.

The vaccine was able to target the desired immune cells and could become the first stage of a multi-step vaccine strategy to combat HIV and various other viral diseases.

A novel vaccine approach for the prevention of HIV has shown promise in Phase I trials, reported IAVI and Scripps Research. According to the organisations, the vaccine successfully stimulated the production of the rare immune cells needed to generate antibodies against HIV in 97 percent of participants.

Source: European Pharmaceutical Review

Share

Digital Currency

I had written about digital currency and the death of physical currency in January. China has been running experiments with their digital currency for months now. They have decided to launch it. The first thing that happens with digital currency is disintermediation. Private banks will no longer be needed. The central bank is the issuer of the currency and all those who wish to use it will have to hold an account with the central bank.

Unlike cryptocurrencies like Bitcoin, the currency is centrally controlled and therefore the central bank will have a treasure trove of data on how the currency is being used and where it is being used.

China’s version of a digital currency is controlled by its central bank, which will issue the new electronic money. It is expected to give China’s government vast new tools to monitor both its economy and its people. By design, the digital yuan will negate one of bitcoin’s major draws: anonymity for the user.

Source: WSJ

The more interesting aspects of the currency that are now becoming apparent involve not just tracking and flagging criminal activity but also the change it can bring to matters of macro and microeconomic policy. The tools that the policymakers will have at their disposal would multiply many folds.

Imagine - the government needs the consumption to rise and therefore decides to put an expiry date on the digital currency. Providing stimulus cash to people with an expiry date! That money is not going to get saved, it will be spent.

The money itself is programmable. Beijing has tested expiration dates to encourage users to spend it quickly, for times when the economy needs a jump start.

[...]

That means it won’t make sense for investors and traders to speculate in the digital yuan as some do with cryptocurrencies. Anti-counterfeiting measures will be designed to make it impossible for anyone besides the People’s Bank of China to create new digital yuan.

[...]

While China hasn’t published final legislation for the program, the central bank says it may initially impose limits on how much digital yuan individuals can keep on their person, as a way to control how it circulates and provide users a dose of security and privacy.

Source: WSJ

Most importantly, US sanctions can go take a hike.

The digital yuan could give those the U.S. seeks to penalize a way to exchange money without U.S. knowledge. Exchanges wouldn’t need to use SWIFT, the messaging network that is used in money transfers between commercial banks and that can be monitored by the U.S. government.

The chance to weaken the power of American sanctions is central to Beijing’s marketing of the digital yuan and to its efforts to internationalize the yuan more generally. Speaking at a forum last month, China’s Mr. Mu, the central bank official, repeatedly said the digital yuan is aimed at protecting China’s “monetary sovereignty,” including by offsetting global use of the dollar.

Source: WSJ

For China to be able to conduct trade, provide aid and support regimes that the US is not friendly to can open up the possibility of moving China to a much stronger position across the globe. This is going to make it even more difficult for the rest of the world to economically punish China.

Share

Also

But the biggest fear for a vast section of India’s population is not the virus at all. For working-class Indians, particularly daily-wage earners, informal workers, and the urban poor, the scariest part of this second wave is the possibility of another lockdown.

Among them is Nawaj Sharif, 19, from West Bengal’s Malda town, who used to work as a tailor in the textile hub of Tirupur in Tamil Nadu. When the Union government announced a sudden lockdown in March last year, Sharif was among lakhs of migrant workers forced to leave cities and return to their villages.

Source: Quartz

Watch lobbying take root real-time!

And then - Indians carefully navigating COVID-19


Would love to hear what you think about it, do leave comments below.

Leave a comment

Share if you like it.

Also, follow me on Twitter @viveksrn to know when the newsletter drops.

What we think, we become ~ Buddha

You can follow my podcasts at https://viveksrinivasan.com/podcast

Loading more posts…