I imagine that quite a few people were upset by the title for this post, so let me explain what I mean, and please hear me out before you sharpen your pitchforks. The arguments used by all three of these groups, and indeed by science deniers more generally, are all fundamentally the same. In other words, the underlying logical structure is identical for the arguments used in support of all three of these positions. Thus, it is logically inconsistent to criticize one of these positions while embracing another.
You see, what I have observed over the past few years of blogging is that very few people like to think of themselves as “anti-science” or as a “science denier.” Those people certainly exist, and I do encounter them, but most of the people who visit my blog/page claim to love science…at least until it disagrees with their ideology. This puts them…
As the New York Times reports, the toll at last night’s post-Ariana-Grande-concert suicide bombing has risen to 22 dead and 59 injured, many critically. I weep for the families of these people; it was an act motivated by pure hatred, unconcerned that the targets were young people (indeed, that may have been why they were targeted). As for who was behind it, this is the report:
The British government did not make any immediate comment on the claim by the Islamic State, which said on the social messaging app Telegram that, “One of the soldiers of the Caliphate was able to place an explosive device within a gathering of the Crusaders in the city of Manchester.” The SITE Intelligence Group, which monitors militants’ communications, also provided a translation of the claim. The Islamic State statement did not identify the bomber.
Matthew Cobb, who lives in Manchester, thanks readers for…
When The Spouse and I visited Russia in 2012 (well before anti-Russian sentiment reached its current peak) we were surprised to see that statues of Lenin were still intact and still in place. And by coincidence, as I was drafting this review, the Twitterfeed of the often hilarious @SovietVisuals offered an example that shows that young people still hold Lenin in regard. Since it goes some way towards explaining this persisting affection for the leader of the Soviet Revolution, this new biography, Lenin the Dictator by Victor Sebestyen is timely, and not just because of the 100th anniversary of the revolution. As I said when reviewing Tony Kevin’s Return to Moscow, IMO in our messy interconnected world, it’s now more important than ever to understand countries like Russia.
Lenin the Dictator is also very good reading. From the first chapters about Lenin’s childhood to the story of the revolution itself…
As we wait for the U.S. to go down the tubes after Trump takes office, and for the rest of the world to fall apart from war, terrorism, and hatred, it’s nice to know that our university professors are busy concentrating on the really important stuff, like the implications of yogurt “culture” for feminism and white privilege.
No longer, for Perin Gurel, an assistant professor of American Studies at the University of Notre Dame, has published an incisive postmodern analysis of yogurt in America in the journal Gastronomica. The title is below (click on the screenshot to to go the paper; reference and additional link at bottom).
Her observations are simple enough, and I can state the facts given…
We have always been been intrigued by keeping secrets and uncovering the secrets of others, whether that’s childhood secret messages, or secrets and codebreaking of national importance.
With a film, The Imitation Game, reprising the life of Alan Turing and his role in breaking the Nazi’s Enigma cipher of World War II, how does one codebreak, then and now?
It’s all in the cipher
Imagine that Bob and Alice wish to secretly communicate, and Eve, who wishes to listen in. Here “plain text” refers to the original message, and “cipher text” as the coded message.
There are two ways of creating the cipher text:
Having an algorithm (a cipher) that only Bob and Alice know, so that one applies the cipher to encode the text and the other applies the cipher in reverse to decode.
Using a well-defined algorithm, but adding something that changes the way it operates which is easy for Bob and Alice to convert, but difficult for Eve to find.
In the first case, to read their messages Eve will have to crack the cipher – to work out what method it uses to change plain text to cipher text. For example, the famous Julius Caesar cipher is a form of substitution cipher that shifts letters in the alphabet a number of places, for example a shift of 13 means A becomes N, B becomes O, C becomes P and so on. This is an easy code to crack, as there are only 25 unique shifts.
Far harder would be a scrambled alphabet, in which any letter can be mapped to any other letter without the same substitution shift applying to all, as with the Caesar cypher. This leads to a colossal number of permutations – 403 million billion billion – that, even with a supercomputer with which to try a billion mappings per second, would still take an average 6.3 billion years to crack.
However, these ciphers’ fundamental weakness is the occurrence of the letters: in English, the letter with the most occurrences is likely to represent an E, the most common in the language. Performing a frequency analysis with this in mind makes much shorter work of it – about five minutes.
In the early days it was the ciphers’ text scrambling method that was kept secret. But if Eve manages to crack the cipher, neither Bob nor Alice will know – just as the Nazis didn’t know the Allies had cracked Enigma. So modern cryptography uses a different approach: a public method to create the cipher, but a private key to use the cipher that Eve will find difficult to find. This is public key encryption.
In the days before computers, ciphers were mechanically generated – the Enigma cipher rotor machine is a good example. It used a polyalphabetic substitution cipher – with three rotors to generate three alphabetic substitution shifts – and a secret key. The challenge was to determine both the algorithm used and the key.
Enigma’s weakness was that the machine prevented a plain text letter from being ciphered as itself (that is, from A ending up after three substitutions as A). This made the challenge easier as the codebreakers could dismiss any code that mapped to the same letter, but this still left many alternatives – too many for a human to crack.
The mathematical prowess of the Polish Cypher Bureau had secretly first broken Enigma codes in 1932, with the aid of French intelligence. At the eve of the war they handed their work to the Allies, who were amazed. But by now the German military were using more advanced versions of the Enigma machine, with extra rotors and other features adding complexity to the cipher. Dilly Knox, the British chief codebreaker, had some success but better equipment was required.
Developing the work of the Polish Cypher Bureau, Turing and Gordon Welchman designed the electro-mechanical Bombe, a device designed to imitate Enigma machines wired back-to-back, which given certain information could narrow down the possible permutations of the Enigma machines’ settings from 150 million million to a more manageable number.
But the true father of code cracking is Colossus, the world’s first programmable electronic digital computer, which was created by engineer Tommy Flowers in order to crack the Lorenz cipher, the more sophisticated successor to Enigma.
Cracking crypto today
Computers are so much more powerful now than in Turing’s day that their raw power can crack passwords or uncover encryption methods simply by crunching through all the different possible permutations.
Most passwords are stored in a hash – a fixed-length string of characters generated by a mathematical function from text of any length. This is a one-way process, so the hash cannot be reversed to gain the original text.
However today it’s possible to compile look-up tables of pre-hashed values, essentially a dictionary of hashes to compare to the plain text passwords they represent.
As an illustration: a seven character password in lower case letters could be one of over 8 billion possible permutations. The graphics processor on a typical computer graphics card (which are excellent for this task) can check over 150m words per second, meaning the maximum time to crack any password is a mere 53 seconds.
Adding upper case letters gives one thousand billion combinations, and a maximum time to crack of 114 minutes. Even when adding 20 more numeric characters and common punctuation marks to create more than ten thousand billion permutations, the maximum time is only 18 hours. Eight character passwords are a bit more difficult with 722 thousand billion permutations, but even so these can be cracked at an acceptably quick time of 1,337 hours or 55 days.
The worry is that the distributed computing power of the cloud is making this process significantly easier. One of the most common hashing functions, MD5, has been shown to be too weak to cope with the computing power that can now be thrown at it.
Each MD5 hash is 128 bits long, so to store every possible seven character password hash would require 160 terabytes of storage space. While that seems like a lot, you can buy a 4TB drive for about £100, Microsoft advertises no limits to its storage, and Dropbox offers several terabytes for little cost. Similarly, using cloud processing power such as the Amazon Cloud it would be possible to rent processing time on 1,000 of these graphics cards for just pennies, spread the task between them, and crack an eight-character password in an hour and a half.
Add salt to taste
The true way to increase the strength of a password is to add a salt, a random string of text used to add complexity to a hashed password.
For example, the seven-character salt “eFUqsfi” is added to the password “password” to create the string “eFUqsfipassword”. This produces a hash that is sufficiently random that it won’t appear in a hash look-up table and, being 15 characters instead of eight, massively increases the complexity of trying to crack the password using brute force attacks, from 722 billion billion permutations to over 742 million billion billion permutations.
Thus we have gone from the millions of dollars of investment to build and maintain Colossus, to a time where crackers have managed to create the same hash signature for a different image, and where it took just 10 hours and cost only 65 cents plus tax on a GPU instance on the Amazon Cloud.
So some of the pure intellect of Turing’s day has gone, and now it’s down to who has the fastest computer. The cloud itself is a supercomputer that is expanding by the day, and with websites dedicated to analysing and storing as many hashed passwords as possible, the whole foundations of our password cryptography are starting to crumble, with profound implications for the security of the internet.
“At a time when superstitions, obscurantism and nationalist and religious fanaticism are spreading in many parts of the world – including the ‘developed’ West – it is irresponsible, to say the least, to treat with such casualness what has historically been the principal defense against these follies, namely a rational vision of the world… [F]or all those of us who identify with the political left, postmodernism has specific negative consequences. First of all, the extreme focus on language and the elitism linked to the use of a pretentious jargon contribute to enclosing intellectuals in sterile debates and to isolating them from social movements taking place outside their ivory tower… Second, the persistence of confused ideas and obscure discourses in some parts of the left tends to discredit the entire left; and the right does not pass up the opportunity to exploit this connection demagogically.”
‘American democracy underwent a great transformation when Andrew Jackson became President. Until his time presidents had been cultivated gentlemen, mostly with a settled position as landowners. Andrew Jackson represented a rebellion against these men on the part of the pioneers and immigrants. He did not like culture and was suspicious of educated men since they understood things that puzzled him. This element of hostility to culture has persisted in American democracy ever since, and has made it difficult for America to make the best use of its experts.’
Russell, Bertrand (1961) ‘What is Democracy’ in Fact and Fiction. George Allen & Unwin. London.
When envisioning the future priorities for women’s studies—ones that take advantage of women’s studies as a dangerous, infectious, potentially radical force of change—we posit two new directions for the field to embrace. First, training both female and male students as viruses could prove especially useful in articulating the mission and goals of the field. There are clearly different stakes in the feminist pedagogical work directed toward female students versus male students. While female students must work to understand their own experiences as women and to deconstruct, critically analyze, and understand the ways that their identities as women map onto other privileges and…
The “Sokal Affair” inspired a lot of debate, as well as accusations that Sokal himself was unethical in submitting the paper, but I thought it made its point superbly: much of the social sciences and “culture studies” in academia is intellectually vacuous—a repository for dumb ideas couched in bad prose.
Now we have another hoax: a piece on the “conceptual penis” published in the journal Cogent Social Sciences, self described as “a multidisciplinary open access journal…
The BBC has a newish “privacy and cookies policy” that has some undesirable features. If you go to pp. 15-16 on the linked document, you’ll see the following diktat:
This is reprehensible. Now of course if the Beeb has reasonable evidence that you’ve really broken the law, then, yes, they should report crimes to the police. And they certainly have the right to remove any comment you make that they don’t like
But “defamatory” stuff? What does that mean? Does that mean when insult somebody? Does the reporting-to-the-boss function include anything the Beeb deems “offensive, inappropriate, or objectionable content”?
And what is this stuff about informing your employer or school? It’s not enough, it seems, to report you to the cops, even if the cops determine that your behavior is legal. Nope, the BBC will take it upon themselves to try to ruin your life by also ratting…