Back in March, 2007, I posted to my blog about how upset I was with the results from American Idol the week before. Well, it appears that someone at Newsweek was looking for University faculty members who were into American Idol and who could judge the contestants, much the way the actual judges do on the show.
Yesterday afternoon, I received a call from Newsweek inviting me to be a judge in their "When Eggheads Attack" piece. I participated, along with two music professors who really sounded like they knew what they were talking about. I was their "Ellen", providing my opinions without much expertise. The piece is available here, on the Newsweek site.
Besides the judging comments that appear on Newsweek.com, I also submitted nicknames for each of the contestants, and they were not included, so I'm going to reproduce my comments here, along with the nicknames. Ann helped me out with these, although I get the blame for the corny ones.
Lee DeWyze:
Lee the wise. I liked the jazzy interpretation and the way the song brought out your soulful voice. You sounded a little like Danny Gokey from last season. However, I think your song choice prevented you from showing us what you're really capable of. There is no doubt you're coming back next week, but you should take a bit more of a risk next time and really show us how you can stand out.
Paige Miles:
Turn the Paige. I had high hopes for you this week. You have incredible vocals and a wide range. Against all odds, the song started out weak and went downhill from there. I did not like the arrangement of this song, and I don't think it showcased your voice as well as your choices in previous weeks. Based on previous performances, I really hope you'll be back, and that you'll turn things around next week, but this performance puts you at risk.
Tim Urban:
Urban Warfare. On the plus side, you were definitely "safe" when you slid home. But that's the problem. The song was safe. You took on Queen, one of the hardest bands to simulate, and now, I think you're facing a crazy little thing called elimination.
Aaron Kelly:
Kid Kelly. It was fun watching you drool over Miley Cirus in the pre-performance video clip. You guys make a cute couple. If I close my eyes, your performance makes sense. When I open them, there's a mismatch between your body and that big voice. You are to singing what Doogie Houser was to medicine.
Crystal Bowersox:
Take a Bow-ersock: I expected it to be good. It was better than the original. Janis would be proud. I got goose bumps. You're definitely in the top two - see you at the finale.
Mike Lynche
Big Daddy: I would probably say you did a great job even if you didn't out of pure fear for my life. But luckily, I don't have to lie. You are incredible. You make every song interesting, and I can't wait to hear what you're going to do each week. Loved it!
Andrew Garcia
Straight Up Garcia: I don't understand how someone with such a good voice could make me dislike one of my favorite songs so much. I have to go listen to the original now to get that out of my head.
Katie Stevens
Cool KT: What you did was try to imitate the original, and you fell a bit short. I think you deserve to be in the top ten, but probably not the top nine. Definitely not the top eight. You have a good voice, and you're talented, but you're overmatched in this competition.
Casey James
Casey at the Bat: Best vocal I've heard from you all year. Sounded better than Huey Lewis. There is joy in Mudville. Mighty Casey has hit a home run
Didi Benami
Didi Banimi: You're good, you're good, you're good. Baby, you're good. But not great.
Siobhan Magnus
Driving on the Auto (Sio)bhan: You have been my favorite all year. They saved the best for last. I can't wait to see what you're going to do each week. This is how I felt about David Cook and Adam Lambert. The anticipation for your song is what makes idol exciting this season.
Wednesday, March 24, 2010
Follow up - teaching crypto to children
This is a follow up to my blog post yesterday about teaching cryptography to 5th grades.
It turned out that my class consisted of four students each from grades 5, 6, 7 and 8, not just fifth graders. The makeup of the class, which included older kids than I expected, did not really change anything, and the class size of 16 was perfect for the exercise I had planned. As many people pointed out to me, I had way too much material for one hour. In fact, the lesson I had planned out was better suited to a four hour session.
My typical students at Hopkins are about 15-20 years older than the Schechter students, and I found the class refreshing and entertaining. My initial observation was that some of the older kids did not appear too happy to be there. I saw kids staring at the ceiling or off into space. The younger children on the other hand, the 5th and 6th graders, seemed eager for me to start and made much better eye contact with me than their older classmates. However, once I started the class, I had everyone's attention.
Paul Revere's ride and the issue of signaling a code in the absence of cellphones and radio provided for a lively discussion, and I realized right away that this was a particularly bright and engaging group of students. What a pleasure.
Next, I described Caesar's cipher and substitution ciphers in general, and I asked the class to come up with ideas for how to break a simple substitution cipher. I wrote the list on the board as they made suggestions.
Pairs of letters
Common combinations, such as th, ch, sh
Using letter frequency
Small words, A, I, the, you
Next, I had the students break into teams and come up with a cipher and a plaintext sentence and encrypt the sentence. Unfortunately, this took quite a bit longer than I would have liked, and by the time they finished, there were only about 20 minutes left. So, I gave them 10 minutes to spend cryptanalyzing the messages, and I had to break things off before any group had made any real progress. The students had a lot of fun reading their messages to the class. One interesting thing that happened is during the cryptanalysis phase of the project was that two of the teams decided to trade revealing one letter of their choosing with the other group. I had not specified that such bartering was allowed, but I let them do it, hoping that they would be able to finish in time.
With 10 minutes left, I went back to lecture mode and showed them how to build increasingly complex ciphers from the cipher wheels. I got some oohs and ahhs, and I think that the exercise of trying to break a simple substitution gave them an appreciation for how hard it would be to break a three wheel cipher with keyed rotations. One particularly bright student, one of the younger ones, who asked some great questions (wonder if there's room for him at JHU some day in our Ph.D. program) said that he thought all of the strategies that were on the board were useless once the wheels started rotating, and he did not accept that anyone could actually break such a cipher, even using a computer. I did my best to assure him that computers could try many combinations of rotations of the wheel and look for recognizable plaintext, but I don't think he bought it. Once I stated that in WWII, the real progress in breaking the Enigma happened when an encrypting machine was captured, he seemed satisfied.
So, overall, I had a blast. The students were great, and of course, the material made it easy. I just wish I had had a longer session. Okay, now back to my "adult" students.
It turned out that my class consisted of four students each from grades 5, 6, 7 and 8, not just fifth graders. The makeup of the class, which included older kids than I expected, did not really change anything, and the class size of 16 was perfect for the exercise I had planned. As many people pointed out to me, I had way too much material for one hour. In fact, the lesson I had planned out was better suited to a four hour session.
My typical students at Hopkins are about 15-20 years older than the Schechter students, and I found the class refreshing and entertaining. My initial observation was that some of the older kids did not appear too happy to be there. I saw kids staring at the ceiling or off into space. The younger children on the other hand, the 5th and 6th graders, seemed eager for me to start and made much better eye contact with me than their older classmates. However, once I started the class, I had everyone's attention.
Paul Revere's ride and the issue of signaling a code in the absence of cellphones and radio provided for a lively discussion, and I realized right away that this was a particularly bright and engaging group of students. What a pleasure.
Next, I described Caesar's cipher and substitution ciphers in general, and I asked the class to come up with ideas for how to break a simple substitution cipher. I wrote the list on the board as they made suggestions.
Next, I had the students break into teams and come up with a cipher and a plaintext sentence and encrypt the sentence. Unfortunately, this took quite a bit longer than I would have liked, and by the time they finished, there were only about 20 minutes left. So, I gave them 10 minutes to spend cryptanalyzing the messages, and I had to break things off before any group had made any real progress. The students had a lot of fun reading their messages to the class. One interesting thing that happened is during the cryptanalysis phase of the project was that two of the teams decided to trade revealing one letter of their choosing with the other group. I had not specified that such bartering was allowed, but I let them do it, hoping that they would be able to finish in time.
With 10 minutes left, I went back to lecture mode and showed them how to build increasingly complex ciphers from the cipher wheels. I got some oohs and ahhs, and I think that the exercise of trying to break a simple substitution gave them an appreciation for how hard it would be to break a three wheel cipher with keyed rotations. One particularly bright student, one of the younger ones, who asked some great questions (wonder if there's room for him at JHU some day in our Ph.D. program) said that he thought all of the strategies that were on the board were useless once the wheels started rotating, and he did not accept that anyone could actually break such a cipher, even using a computer. I did my best to assure him that computers could try many combinations of rotations of the wheel and look for recognizable plaintext, but I don't think he bought it. Once I stated that in WWII, the real progress in breaking the Enigma happened when an encrypting machine was captured, he seemed satisfied.
So, overall, I had a blast. The students were great, and of course, the material made it easy. I just wish I had had a longer session. Okay, now back to my "adult" students.
Tuesday, March 23, 2010
Teaching Cryptography to 5th Graders
My kids attend the Krieger Schechter Day School. Today, they are having a learning festival where professionals from many different fields are teaching classes in their areas of expertise. The topics include, Drama, Animal Communication, Art, Conflict Resolution, Israeli Dance, Sports Signals, Hieroglyphics, Sign Language, Media, Electric Circuits and Morse Code, Woodshop and many others. I'm teaching a unit called Codes and Ciphers.
Designing the class proved to be more challenging than I initially realized. These are very smart kids, but they are only 11 years old, and so one time pads, modular exponentiation, and Diffie Helman key exchange are off limits. I decided that the best approach is to give them something hands on to do. I teach in a few hours, and I'll post something afterwards about how it went. Here is the lesson plan.
First, I'm going to talk a bit about basic codes. I'll describe "One if by Land, Two if by Sea". Although that code was not designed for confidentiality, it was nonetheless a code. Next, I'll move into Caesar ciphers and general substitution ciphers. Then, I'll divide the class into 4 groups of four students, as I was told there will be 16 students in the class.
Elana (my 5th grade daughter) and I prepared cipher wheels out of paper plates. Each wheel consists of an inner and an outer paper plate. The inner plate was cut so that it is a few inches smaller in diameter than the outer one, and a tack was placed in the middle of the two plates so that they can spin independently of each other. We filled in the inner plates with the letters of the alphabet around the perimeter. The groups in the class will each fill in the outer plates with letters, lined up with the letters on the inner plate, to produce a substitution cipher. At the same time, they will generate a message of several sentences and encode it with the cipher.
Each group will receive an encoded message from the another group, and they will use letter frequency and other clues to try to decipher it and to reveal as much as they can about the cipher from the other group.
In the remaining time, I will show them how they can build an increasingly sophisticated cipher by turning the wheel after each letter is encrypted by a fixed amount and then by a variable amount. I'll show them how decryption would work by running an example with one of the cipher wheels and encrypting/decrypting a simple sentence on the blackboard.
Next, I will show them how to combine three cipher wheels and rotations via a key to obtain a cipher similar to the Enigma Machine, and I will talk about the role of the Enigma in WWII, and how it was ultimately broken, as well as the importance of capturing a device.
Finally, I will explain the intuition behind modern ciphers that use a key, and I hope that I can get them to appreciate Kerckhoff's Principle that the algorithms can be made public, and that all of the security of a cipher system needs to lie in the key.
So, it's an ambitious undertaking, but I hope I can get through all of this and give the students an appreciation for the beauty and complexity of Cryptography while showing them a good time and not overwhelming them.
Designing the class proved to be more challenging than I initially realized. These are very smart kids, but they are only 11 years old, and so one time pads, modular exponentiation, and Diffie Helman key exchange are off limits. I decided that the best approach is to give them something hands on to do. I teach in a few hours, and I'll post something afterwards about how it went. Here is the lesson plan.
First, I'm going to talk a bit about basic codes. I'll describe "One if by Land, Two if by Sea". Although that code was not designed for confidentiality, it was nonetheless a code. Next, I'll move into Caesar ciphers and general substitution ciphers. Then, I'll divide the class into 4 groups of four students, as I was told there will be 16 students in the class.
Elana (my 5th grade daughter) and I prepared cipher wheels out of paper plates. Each wheel consists of an inner and an outer paper plate. The inner plate was cut so that it is a few inches smaller in diameter than the outer one, and a tack was placed in the middle of the two plates so that they can spin independently of each other. We filled in the inner plates with the letters of the alphabet around the perimeter. The groups in the class will each fill in the outer plates with letters, lined up with the letters on the inner plate, to produce a substitution cipher. At the same time, they will generate a message of several sentences and encode it with the cipher.
Each group will receive an encoded message from the another group, and they will use letter frequency and other clues to try to decipher it and to reveal as much as they can about the cipher from the other group.
In the remaining time, I will show them how they can build an increasingly sophisticated cipher by turning the wheel after each letter is encrypted by a fixed amount and then by a variable amount. I'll show them how decryption would work by running an example with one of the cipher wheels and encrypting/decrypting a simple sentence on the blackboard.
Next, I will show them how to combine three cipher wheels and rotations via a key to obtain a cipher similar to the Enigma Machine, and I will talk about the role of the Enigma in WWII, and how it was ultimately broken, as well as the importance of capturing a device.
Finally, I will explain the intuition behind modern ciphers that use a key, and I hope that I can get them to appreciate Kerckhoff's Principle that the algorithms can be made public, and that all of the security of a cipher system needs to lie in the key.
So, it's an ambitious undertaking, but I hope I can get through all of this and give the students an appreciation for the beauty and complexity of Cryptography while showing them a good time and not overwhelming them.
Tuesday, March 16, 2010
24 is GOOD again
I've posted before about the Fox TV show, 24. My DVR records it on Monday nights, and I watch it early in the morning on Tuesday when I work out on my exercise bike. This morning, I watched last night's episode, and for the first time all year, I was completely gripped. I won't spoil it for those who have DVRed it and haven't watched or those who will watch it on Hulu. I will just say that the plot twist at the end was ingenious, and I felt stupid for not picking up on it. Well done. Probably the best episode in 3 or 4 years. The writing was clever - almost perfect. The only negative was the silly sub-plot about Dana's ex-boyfriend. Other than that, this may be a top 3 or 4 all time episode. (Either that, or the recent ones have been so dull and predictable that this one just stands out by comparison.) Anyway, 24 is good again. I'm very excited to see next week's episode on Tuesday morning.
Saturday, March 06, 2010
14 hours in Vegas
After the RSA conference in San Francisco this week, I had 24 hours before I had to be in San Antonio for my nephew's bar mitzvah. So, I rearranged my flights, got a comped room at Harrah's, and ... free trip to Las Vegas!
After checking in and dropping off my luggage in my room, I walked over to the poker room at Harrah's. It was dark, dingy and depressing looking, and there were only 2 tables with players. So, I crossed the street over to the Mirage, and found a beautiful, large poker room that was hopping. I bought into the 1-2 no limit Hold 'em game for $200 and started playing at 6:30 pm. The table was mostly weak with a few aggressive players pushing the action and several tourists who were in way over their head.
I watched a couple of rounds without playing any hands until I picked up K-Q suited in middle position. An active player with a stack about like mine in second position (player A) raises to $6 (the bet amounts in this trip report are the best approximation I can make based on what I remember). I call, and two other players behind me (players B & C) call. The flop came K-T-3 rainbow, giving me top pair with a decent kicker. Player A, the original raiser, bets $12, which was half the pot, and I call. Player B, behind me folds and player C raised to $30. Player A folds, and after giving it some thought (although clearly not enough), I call. The turn card was another ten. That was a scary card given the betting so far, so I check. Player C pushes all in. I didn't see how I could call for all my chips with top pair decent kicker on my very first hand on that board. Furthermore, I had pegged player C as tight and this was her first big move since I sat down. So, after contemplating it a bit, I folded. Player C shows a pair of tens for quad tens, and in addition to the pot, she collects a special jackpot that the casino paid for anyone showing quads or better.
So, I had a bit of a dent in my stack after one hand, but I had averted early disaster. About 4 hands later things weren't going well, I was down to $15, and in less than 15 minutes from when I played my first hand, I bought in for another $100. I had some unlucky breaks and in short order, I was down to $55. At this rate, it was going to be a very short night of poker. I got up and walked around and tried to relax and decided to tighten up and focus, so that my $55 would last a little longer.
About an hour later, I was doing better and up to about $90 playing very tight and occasionally stealing some pots due to the table rep I had established. I wasn't getting any cards. Then I hit a turning point. I was in the big blind wit Q-5 offsuit. It limps around to me with 8 players and I check. The flop comes 5-5-3. After a couple of checks, one player (A) bets $10 into a $16 pot. Another player (B) calls, and I call, so three players see the turn. The turn card is a Q, completing my well-disguised boat. Player A bets $25; player B who had us both covered raises to $50. I push all in. Player A folds, and player B calls. The river card is irrelevant, and player B shows a pair of 3s for a lower full house than mine. I'm back in business, doubling up to $180. I got lucky because player B flopped his boat and I didn't get mine until the turn. Furthermore, had the Q not come, I would have lost a lot of money with my trip fives.
I decided to shift gears and loosen up a bit. The more aggressive players at the table had left and were replaced by tight, passive players. I was able to chase out limpers pretty often. There was one guy at the table, Don Quixote (pronounced 'Donkey Chote'), in particular who like to limp and then raise on the flop and then fold on the turn to a big bet. I noticed this pattern with regularity, so I started exploiting it very successfully. His tactic, however, had been working for him surprisingly well (due in large part to luck), and he had a decent stack, well over $400.
I had built myself up to about $300 (breaking even for the night at that point) when I was dealt suited connectors. I don't remember which cards exactly, but I ended up in an all in showdown with Don Q., and my flush beat his two pair, and so I doubled up again, to twice my total buy-in.
My worst beat of the night also came against Don, who at that point, not surprisingly, was down to about $100. Under the gun, I bet $8 with pocket aces, and only Don calls. Heads up. The flop comes 8-J-Q with two spades. I bet $25, hoping to shut out any draws he might have and take the pot right there. Don raises me all in. I had to think a little bit. The hands I can think of where I'm not a favorite are 9-T, two pair, and the three sets. Don was always raising preflop with pairs, even low ones, so I had to figure he had flopped two pair or a straight. He was also very capable of a bluff, and I also figured he might make that play with hands like A-Q or (more likely since I had 2 aces) K-Q. The way Don played, I also thought he could push with any two spades as some kind of misguided semi-bluff. I had no idea which of these I was up against, although I suspected it was not a set, and I didn't see much choice with a third of my stack already in the pot and a decent hand, so I called, and he turns over 9-T of spades and ends up getting his flush on the river, although he already had me beat with the straight.
The characters at the table changed over time, and I stayed until 3:00 a.m. - my longest poker session ever. At one point my stack got as high as around $700, and I ended cashing out $518. When I got back to my room, I got ready for bed and called Ann to say hi. She was just getting up at 6:20 a.m. EST in Baltimore. I set a wake-up call for 4 hours later and got a little bit of sleep. I'm on the plane now heading to San Antonio. Tired as hell, but I had a total blast. Can't wait to play poker again, and incredulous that I came out ahead on my first trip to play poker in Las Vegas. I'm sure I'll be redistributing my winnings to the folks at my regular house game before long.
After checking in and dropping off my luggage in my room, I walked over to the poker room at Harrah's. It was dark, dingy and depressing looking, and there were only 2 tables with players. So, I crossed the street over to the Mirage, and found a beautiful, large poker room that was hopping. I bought into the 1-2 no limit Hold 'em game for $200 and started playing at 6:30 pm. The table was mostly weak with a few aggressive players pushing the action and several tourists who were in way over their head.
I watched a couple of rounds without playing any hands until I picked up K-Q suited in middle position. An active player with a stack about like mine in second position (player A) raises to $6 (the bet amounts in this trip report are the best approximation I can make based on what I remember). I call, and two other players behind me (players B & C) call. The flop came K-T-3 rainbow, giving me top pair with a decent kicker. Player A, the original raiser, bets $12, which was half the pot, and I call. Player B, behind me folds and player C raised to $30. Player A folds, and after giving it some thought (although clearly not enough), I call. The turn card was another ten. That was a scary card given the betting so far, so I check. Player C pushes all in. I didn't see how I could call for all my chips with top pair decent kicker on my very first hand on that board. Furthermore, I had pegged player C as tight and this was her first big move since I sat down. So, after contemplating it a bit, I folded. Player C shows a pair of tens for quad tens, and in addition to the pot, she collects a special jackpot that the casino paid for anyone showing quads or better.
So, I had a bit of a dent in my stack after one hand, but I had averted early disaster. About 4 hands later things weren't going well, I was down to $15, and in less than 15 minutes from when I played my first hand, I bought in for another $100. I had some unlucky breaks and in short order, I was down to $55. At this rate, it was going to be a very short night of poker. I got up and walked around and tried to relax and decided to tighten up and focus, so that my $55 would last a little longer.
About an hour later, I was doing better and up to about $90 playing very tight and occasionally stealing some pots due to the table rep I had established. I wasn't getting any cards. Then I hit a turning point. I was in the big blind wit Q-5 offsuit. It limps around to me with 8 players and I check. The flop comes 5-5-3. After a couple of checks, one player (A) bets $10 into a $16 pot. Another player (B) calls, and I call, so three players see the turn. The turn card is a Q, completing my well-disguised boat. Player A bets $25; player B who had us both covered raises to $50. I push all in. Player A folds, and player B calls. The river card is irrelevant, and player B shows a pair of 3s for a lower full house than mine. I'm back in business, doubling up to $180. I got lucky because player B flopped his boat and I didn't get mine until the turn. Furthermore, had the Q not come, I would have lost a lot of money with my trip fives.
I decided to shift gears and loosen up a bit. The more aggressive players at the table had left and were replaced by tight, passive players. I was able to chase out limpers pretty often. There was one guy at the table, Don Quixote (pronounced 'Donkey Chote'), in particular who like to limp and then raise on the flop and then fold on the turn to a big bet. I noticed this pattern with regularity, so I started exploiting it very successfully. His tactic, however, had been working for him surprisingly well (due in large part to luck), and he had a decent stack, well over $400.
I had built myself up to about $300 (breaking even for the night at that point) when I was dealt suited connectors. I don't remember which cards exactly, but I ended up in an all in showdown with Don Q., and my flush beat his two pair, and so I doubled up again, to twice my total buy-in.
My worst beat of the night also came against Don, who at that point, not surprisingly, was down to about $100. Under the gun, I bet $8 with pocket aces, and only Don calls. Heads up. The flop comes 8-J-Q with two spades. I bet $25, hoping to shut out any draws he might have and take the pot right there. Don raises me all in. I had to think a little bit. The hands I can think of where I'm not a favorite are 9-T, two pair, and the three sets. Don was always raising preflop with pairs, even low ones, so I had to figure he had flopped two pair or a straight. He was also very capable of a bluff, and I also figured he might make that play with hands like A-Q or (more likely since I had 2 aces) K-Q. The way Don played, I also thought he could push with any two spades as some kind of misguided semi-bluff. I had no idea which of these I was up against, although I suspected it was not a set, and I didn't see much choice with a third of my stack already in the pot and a decent hand, so I called, and he turns over 9-T of spades and ends up getting his flush on the river, although he already had me beat with the straight.
The characters at the table changed over time, and I stayed until 3:00 a.m. - my longest poker session ever. At one point my stack got as high as around $700, and I ended cashing out $518. When I got back to my room, I got ready for bed and called Ann to say hi. She was just getting up at 6:20 a.m. EST in Baltimore. I set a wake-up call for 4 hours later and got a little bit of sleep. I'm on the plane now heading to San Antonio. Tired as hell, but I had a total blast. Can't wait to play poker again, and incredulous that I came out ahead on my first trip to play poker in Las Vegas. I'm sure I'll be redistributing my winnings to the folks at my regular house game before long.
Monday, February 15, 2010
HealthSec '10 - August 10, 2010, Washington DC
I'd like to tell the readers of my blog about a USENIX workshop that I am organizing with Kevin Fu and Yoshi Kohno on Health Security and Privacy. This is going to be a real WORKshop (emphasis on "work"). Unlike many workshops that are run like conferences, with paper submissions and presentations, we are organizing a day of discussions on key issues in the security and privacy of healthcare information.
The submissions are only two pages long. We want position papers not research results. The program committee (an all star cast of security researchers, healthcare specialists, doctors, and regulators) will review the submissions to determine which ones will foster the greatest discussions. At the workshop, we will break out into groups, and program committee members will chair discussions, led by the authors of accepted papers. Later, the results of these discussions will be presented to the entire workshop. The primary goals are to build collaborations, to discover new research ideas and directions, and to grow this nascent research community. From the CFP:
I encourage anyone who is working in this area to submit, and I encourage anybody who is interested in this topic to attend. The submissions are due on April 9.
The submissions are only two pages long. We want position papers not research results. The program committee (an all star cast of security researchers, healthcare specialists, doctors, and regulators) will review the submissions to determine which ones will foster the greatest discussions. At the workshop, we will break out into groups, and program committee members will chair discussions, led by the authors of accepted papers. Later, the results of these discussions will be presented to the entire workshop. The primary goals are to build collaborations, to discover new research ideas and directions, and to grow this nascent research community. From the CFP:
HealthSec is intended as a forum for lively discussion of aggressively innovative and potentially disruptive ideas on all aspects of medical and health security and privacy. A fundamental goal of the workshop is to promote cross-disciplinary interactions between fields, including, but not limited to, technology, medicine, and policy. Surprising results and thought-provoking ideas will be strongly favored; complete papers with polished results in well-explored research areas are comparatively discouraged. Position papers will be selected for their potential to stimulate or catalyze further research and explorations of new directions, as well as for their potential to spark productive discussions at the workshop.
I encourage anyone who is working in this area to submit, and I encourage anybody who is interested in this topic to attend. The submissions are due on April 9.
Sunday, July 19, 2009
Don't Trust the House
Following up on my last post about online poker, I'd like to begin a series of posts on why online poker is risky business.
This post will focus on the house, and why you shouldn't trust that the house will not cheat. My poker friends usually respond to my warnings by stating that the house only takes a rake, a small percentage of every pot, so their incentive is for fair play, and a lot of it. However, remember that the "house" is really a set of computer servers that are programmed by people. There is nothing stopping those people from entering the casino as well. These people can play in poker rooms with you, and they have access to all of the cards in the deck before they are dealt. That's a pretty big advantage.
If you think this example is far fetched, then see this
article about a 60 Minutes investigation that led to the discovery that a former World Series of Poker champion was behind exactly this kind of scam at the site Absolute Poker, stealing over $20 million. Due to the fact that online poker's legal status is ambiguous in the US, and that the poker companies were managed in Costa Rica and run on an autonomous Indian reservation in Canada, the players who lost tens and even hundreds of thousands of dollars have had very little recourse.
The cheaters in the 60 Minutes story were discovered because they were greedy and were not trying very hard to hide. As the article describes, whenever a player was bluffing, the cheaters would go all in. When another player had a good hand, they would fold. The cheaters' winning percentage was a whopping 15 standard deviations away from the mean. They were almost asking to be caught.
I believe that wherever and whenever there is an opportunity to cheat for big money, there are people who will do so. It would be naive to think that the Absolute Poker scam is the last of its kind. But, next time, the cheaters will be smarter and more careful. It would not be too difficult to program a bot, armed with knowledge of all the cards, to play at some small percentage of the poker tables, and to win just a little above average. The bot could be programmed to lose some and to only win within the expected norms of a good player. Over time, the author of the bots will win millions.
The next time you sit down at a poker table with real money, ask yourself how confident you are that the other "people" at the table are human, and that none of them is in cahoots with the house. Remember, that in the case of Absolute Poker, the company running the servers was not an accomplice. There was just a malicious insider.
This post will focus on the house, and why you shouldn't trust that the house will not cheat. My poker friends usually respond to my warnings by stating that the house only takes a rake, a small percentage of every pot, so their incentive is for fair play, and a lot of it. However, remember that the "house" is really a set of computer servers that are programmed by people. There is nothing stopping those people from entering the casino as well. These people can play in poker rooms with you, and they have access to all of the cards in the deck before they are dealt. That's a pretty big advantage.
If you think this example is far fetched, then see this
article about a 60 Minutes investigation that led to the discovery that a former World Series of Poker champion was behind exactly this kind of scam at the site Absolute Poker, stealing over $20 million. Due to the fact that online poker's legal status is ambiguous in the US, and that the poker companies were managed in Costa Rica and run on an autonomous Indian reservation in Canada, the players who lost tens and even hundreds of thousands of dollars have had very little recourse.
The cheaters in the 60 Minutes story were discovered because they were greedy and were not trying very hard to hide. As the article describes, whenever a player was bluffing, the cheaters would go all in. When another player had a good hand, they would fold. The cheaters' winning percentage was a whopping 15 standard deviations away from the mean. They were almost asking to be caught.
I believe that wherever and whenever there is an opportunity to cheat for big money, there are people who will do so. It would be naive to think that the Absolute Poker scam is the last of its kind. But, next time, the cheaters will be smarter and more careful. It would not be too difficult to program a bot, armed with knowledge of all the cards, to play at some small percentage of the poker tables, and to win just a little above average. The bot could be programmed to lose some and to only win within the expected norms of a good player. Over time, the author of the bots will win millions.
The next time you sit down at a poker table with real money, ask yourself how confident you are that the other "people" at the table are human, and that none of them is in cahoots with the house. Remember, that in the case of Absolute Poker, the company running the servers was not an accomplice. There was just a malicious insider.
Thursday, July 16, 2009
Know when to Hold 'em
I sometimes play online poker, Texas Hold 'em, on my iPhone. The application is by Zynga, and it's not real money - just for fun. Still, it's highly interactive and extremely fun. People from anywhere in the world join tables with other iPhone users along with other users on their computers. You get several thousand play dollars, and you're off and running.
Although I really enjoy playing Texas Hold 'em, I've never played for real money online. As a security researcher, there are too many reasons why I don't trust the system to be fair. For starters, collusion among other players could put me at a huge disadvantage. They could share their cards and their money, and in any situation, they would be able to calculate the odds of making or not making certain hands much better than me. Over time, they would be expected to destroy me. I can't think of any way to prevent collusion. Furthermore, how do I know that the house isn't cheating? How do I know the cards are random? How do I know nobody can see my cards? What about malware on my phone or desktop that could read my cards from memory? I have many other worries.
Many of my friends play Texas Hold 'em online for money, despite my warnings. Well, this week, I had an interesting experience playing on my iPhone. I was dealt the King of spades and the King of clubs. A pretty good hand. I bet it aggressively, and I made a bunch of "money" on the hand. The next hand, I was dealt ... the King of spades and the King of clubs. That seemed like a pretty unlikely coincidence. But, it was still possible. I bet it the same way and was paid off again in a showdown (meaning that everyone saw my cards at the end). The very next hand, I was once again dealt the two black kings. This time I bet it even more aggressively, correctly thinking that the others wouldn't believe I had three good hands in a row and would put me on a bluff. I got a lot of callers and really cleaned up. (The next hand after that I had a more typical hand for me, something like two-seven off suit.)
Unfortunately, I was not actually in the room with the other players, so I couldn't see their reactions, but I have to believe that they were incredulous. What are the odds of being dealt the same exact two high cards three hands in a row? I don't have my calculator on me, but my intuition tells me that it shouldn't happen that often. I had never seen it before. So, what caused this? I believe the most likely answer is coincidence. But, perhaps it was an error in the way memory is cleaned up in the poker software? Maybe it was due to a bug in the random number generator? It would have to be an error on the server, as I imagine that the client just displays what it's told, and considering that the other players saw my cards, I don't think it was a client-side error. I'll never know for sure, but I can say that every time an extremely unlikely event happens in online poker - and they are guaranteed to happen sometimes - doubt will creep in about the security and honesty of the system. It's one reason I won't play online for real money.
Although I really enjoy playing Texas Hold 'em, I've never played for real money online. As a security researcher, there are too many reasons why I don't trust the system to be fair. For starters, collusion among other players could put me at a huge disadvantage. They could share their cards and their money, and in any situation, they would be able to calculate the odds of making or not making certain hands much better than me. Over time, they would be expected to destroy me. I can't think of any way to prevent collusion. Furthermore, how do I know that the house isn't cheating? How do I know the cards are random? How do I know nobody can see my cards? What about malware on my phone or desktop that could read my cards from memory? I have many other worries.
Many of my friends play Texas Hold 'em online for money, despite my warnings. Well, this week, I had an interesting experience playing on my iPhone. I was dealt the King of spades and the King of clubs. A pretty good hand. I bet it aggressively, and I made a bunch of "money" on the hand. The next hand, I was dealt ... the King of spades and the King of clubs. That seemed like a pretty unlikely coincidence. But, it was still possible. I bet it the same way and was paid off again in a showdown (meaning that everyone saw my cards at the end). The very next hand, I was once again dealt the two black kings. This time I bet it even more aggressively, correctly thinking that the others wouldn't believe I had three good hands in a row and would put me on a bluff. I got a lot of callers and really cleaned up. (The next hand after that I had a more typical hand for me, something like two-seven off suit.)
Unfortunately, I was not actually in the room with the other players, so I couldn't see their reactions, but I have to believe that they were incredulous. What are the odds of being dealt the same exact two high cards three hands in a row? I don't have my calculator on me, but my intuition tells me that it shouldn't happen that often. I had never seen it before. So, what caused this? I believe the most likely answer is coincidence. But, perhaps it was an error in the way memory is cleaned up in the poker software? Maybe it was due to a bug in the random number generator? It would have to be an error on the server, as I imagine that the client just displays what it's told, and considering that the other players saw my cards, I don't think it was a client-side error. I'll never know for sure, but I can say that every time an extremely unlikely event happens in online poker - and they are guaranteed to happen sometimes - doubt will creep in about the security and honesty of the system. It's one reason I won't play online for real money.
Tuesday, May 12, 2009
A vote in favor of electronic medical records (with caution)
Efforts to move medical records out of their antiquated paper files and into sleek new computer systems have gained great momentum in recent months. The Obama administration has pledged $17.2 billion in economic stimulus funds toward this goal. Supporters have hailed the benefits of speedier access to critical medical data and easier transfer of medical histories when a patient sees a new physician.
But amid this rush toward new technology, some doctors and several organizations such as Patient Privacy Rights have raised a yellow flag of caution. In this age of Internet hackers and lost laptops, just how secure, they ask, will these computerized medical records be? After all, it’s a lot easier for someone to waltz out of a hospital with a USB stick in their pocket containing 5,000 patient records, than with many boxes containing the equivalent paper records. Moving electronic records online can make them particularly vulnerable.
To some extent, these fears are justified. I have been studying the security of electronic medical files for about a year now, and it’s not the first time I’ve confronted the pros and cons of paper versus electronic records. Since 2003, my primary research has focused on the security of electronic voting systems. As a result of that work, I have concluded that the best way to ensure proper elections is to move from electronic to paper ballots.
Yet what is true for voting systems is not necessarily true for electronic medical records. The adversarial model in these two applications is completely different. In a voting system, all parties should be viewed as adversarial. Everyone has a stake in the outcome, and there is no reason to believe every software developer, election official, poll worker or voter will refrain from tampering with the process. That doesn’t mean these people are malicious. It just means that we need voting systems that can be trusted, even when the people associated with the process are corrupt.
Contrast that with the medical records scenario. Computerized system designers and builders have every reason to want their technology to be secure, and little or no incentive to undercut this. Vendors will sell more systems if their technology is highly secure. Hospital administrators will seek the safest systems to protect patient privacy and keep their institutions off the front pages and out of the courtroom. For patients, the benefits are obvious.
Protecting identifiable electronic medical records is easier than protecting anonymous votes in an election. And it is a manageable problem. That’s not to say that there will never be incidents where medical records are compromised. But with good design, proper care, appropriate procedures and of course sufficient funding, electronic medical records can be protected as well or even better than the paper versions.
Still, we need to be careful. There are many wrong ways to make this transition. If history is any indicator, unless a concerted effort is made to require proper protection, the new medical systems will be no better than the insecure voting machines that many states have purchased. When money flows from Washington, vendors tend to spring up out of nowhere. The ones who gain traction are the ones with the best sales teams, the glossiest brochures and the best connections, but not necessarily the most secure systems. This has happened over and over again in every industry.
We need to make sure that security standards, including evaluation and testing procedures, are established before the billions are spent. Computer security experts in academia, government and industry should all be engaged to establish criteria and evaluation methodologies. We need support from all of the relevant stakeholders, including privacy advocates, the medical establishment, vendors and the technical security community.
We are facing a golden opportunity to improve the lives of millions of Americans by providing computerized storage and access for medical records. We can reduce or eliminate redundancy, waste, unnecessary exams and procedures, and medical errors. And, we can do it without inordinate risks to individual privacy. Nevertheless, while electronic records appear to be our destiny, the privacy of those records will only be preserved if we are careful and do this right. There will be no second chances.
But amid this rush toward new technology, some doctors and several organizations such as Patient Privacy Rights have raised a yellow flag of caution. In this age of Internet hackers and lost laptops, just how secure, they ask, will these computerized medical records be? After all, it’s a lot easier for someone to waltz out of a hospital with a USB stick in their pocket containing 5,000 patient records, than with many boxes containing the equivalent paper records. Moving electronic records online can make them particularly vulnerable.
To some extent, these fears are justified. I have been studying the security of electronic medical files for about a year now, and it’s not the first time I’ve confronted the pros and cons of paper versus electronic records. Since 2003, my primary research has focused on the security of electronic voting systems. As a result of that work, I have concluded that the best way to ensure proper elections is to move from electronic to paper ballots.
Yet what is true for voting systems is not necessarily true for electronic medical records. The adversarial model in these two applications is completely different. In a voting system, all parties should be viewed as adversarial. Everyone has a stake in the outcome, and there is no reason to believe every software developer, election official, poll worker or voter will refrain from tampering with the process. That doesn’t mean these people are malicious. It just means that we need voting systems that can be trusted, even when the people associated with the process are corrupt.
Contrast that with the medical records scenario. Computerized system designers and builders have every reason to want their technology to be secure, and little or no incentive to undercut this. Vendors will sell more systems if their technology is highly secure. Hospital administrators will seek the safest systems to protect patient privacy and keep their institutions off the front pages and out of the courtroom. For patients, the benefits are obvious.
Protecting identifiable electronic medical records is easier than protecting anonymous votes in an election. And it is a manageable problem. That’s not to say that there will never be incidents where medical records are compromised. But with good design, proper care, appropriate procedures and of course sufficient funding, electronic medical records can be protected as well or even better than the paper versions.
Still, we need to be careful. There are many wrong ways to make this transition. If history is any indicator, unless a concerted effort is made to require proper protection, the new medical systems will be no better than the insecure voting machines that many states have purchased. When money flows from Washington, vendors tend to spring up out of nowhere. The ones who gain traction are the ones with the best sales teams, the glossiest brochures and the best connections, but not necessarily the most secure systems. This has happened over and over again in every industry.
We need to make sure that security standards, including evaluation and testing procedures, are established before the billions are spent. Computer security experts in academia, government and industry should all be engaged to establish criteria and evaluation methodologies. We need support from all of the relevant stakeholders, including privacy advocates, the medical establishment, vendors and the technical security community.
We are facing a golden opportunity to improve the lives of millions of Americans by providing computerized storage and access for medical records. We can reduce or eliminate redundancy, waste, unnecessary exams and procedures, and medical errors. And, we can do it without inordinate risks to individual privacy. Nevertheless, while electronic records appear to be our destiny, the privacy of those records will only be preserved if we are careful and do this right. There will be no second chances.
Tuesday, March 31, 2009
ISE press release: New CEO hired April 1
FOR IMMEDIATE RELEASE
Date: April 1, 2009
Independent Security Evaluators Hires CEO
Independent Security Evaluators LLC (“ISE”), a Baltimore-based computer security consulting firm, has hired Richard “Rick” Wagoner as the Chief Executive Officer. Dr. Avi Rubin, president and founding partner of ISE, stated that the company’s rapid growth led to the need to bring in a CEO. “We have been very fortunate to have experienced significant growth since we started ISE four and a half years ago,” said Dr. Rubin. “Our client base and reputation continue to grow, and in order to continue delivering the highest level of technical consulting expertise, we felt it was time to recruit a business leader with a proven track record to manage operations and provide strategic direction for ISE. We are grateful to President Barack Obama for making Mr. Wagoner available for this job.”
Dr. Rubin and the partners of ISE believe Mr. Wagoner has the right skill set and experience to move ISE forward. “Rick offers the unique blend of drive and creativity, combined with executive management experience that we are confident will take ISE to the next level,” said Dr. Rubin.
Mr. Wagoner has held high level corporate management positions. Most recently, Mr. Wagoner was chairman and chief executive of General Motors Corporation. Although GM experienced a loss of $80 billion under his watch, Mr. Wagoner is confident that things he will be better at ISE. “The tremendous loss of market share that we experienced at General Motors in the last eight years is simply not possible at ISE. This makes my new challenge all the more exciting,” said Wagoner. He received a bachelor’s degree in economics from Duke University in 1975 and a master’s in business administration from Harvard University in 1977.
“I am thrilled to be working with such a talented group of people in the expanding field of information security,” said Mr. Wagoner. “Avi and the partners have created a very solid base from which to grow the business. I am excited to work for a company that is not unionized and to escape the cold winters of Michigan. Being in Baltimore has other advantages. If we need to go to Washington for a bailout, it’s only an hour’s drive away – no need for a corporate jet.” ISE plans to invest the savings from not needing a corporate jet back into the local community.
---
About ISE: ISE was founded by Dr. Rubin, a computer science professor and the Technical Director of the Information Security Institute at the Johns Hopkins University. A custom technology consulting group, ISE was established to address the need for increased information security at every level of an organization. ISE leverages academic theory and real world experience to design and build new, innovative solutions and to evaluate existing security infrastructure. In the near future, ISE expects to produce energy efficient, low cost, and highly secure automobiles.
Date: April 1, 2009
Independent Security Evaluators Hires CEO
Independent Security Evaluators LLC (“ISE”), a Baltimore-based computer security consulting firm, has hired Richard “Rick” Wagoner as the Chief Executive Officer. Dr. Avi Rubin, president and founding partner of ISE, stated that the company’s rapid growth led to the need to bring in a CEO. “We have been very fortunate to have experienced significant growth since we started ISE four and a half years ago,” said Dr. Rubin. “Our client base and reputation continue to grow, and in order to continue delivering the highest level of technical consulting expertise, we felt it was time to recruit a business leader with a proven track record to manage operations and provide strategic direction for ISE. We are grateful to President Barack Obama for making Mr. Wagoner available for this job.”
Dr. Rubin and the partners of ISE believe Mr. Wagoner has the right skill set and experience to move ISE forward. “Rick offers the unique blend of drive and creativity, combined with executive management experience that we are confident will take ISE to the next level,” said Dr. Rubin.
Mr. Wagoner has held high level corporate management positions. Most recently, Mr. Wagoner was chairman and chief executive of General Motors Corporation. Although GM experienced a loss of $80 billion under his watch, Mr. Wagoner is confident that things he will be better at ISE. “The tremendous loss of market share that we experienced at General Motors in the last eight years is simply not possible at ISE. This makes my new challenge all the more exciting,” said Wagoner. He received a bachelor’s degree in economics from Duke University in 1975 and a master’s in business administration from Harvard University in 1977.
“I am thrilled to be working with such a talented group of people in the expanding field of information security,” said Mr. Wagoner. “Avi and the partners have created a very solid base from which to grow the business. I am excited to work for a company that is not unionized and to escape the cold winters of Michigan. Being in Baltimore has other advantages. If we need to go to Washington for a bailout, it’s only an hour’s drive away – no need for a corporate jet.” ISE plans to invest the savings from not needing a corporate jet back into the local community.
---
About ISE: ISE was founded by Dr. Rubin, a computer science professor and the Technical Director of the Information Security Institute at the Johns Hopkins University. A custom technology consulting group, ISE was established to address the need for increased information security at every level of an organization. ISE leverages academic theory and real world experience to design and build new, innovative solutions and to evaluate existing security infrastructure. In the near future, ISE expects to produce energy efficient, low cost, and highly secure automobiles.
Subscribe to:
Posts (Atom)