Posts Tagged ‘Google’

Shhhh… Do You have Secrets?

January 3, 2014

I have been asked recently, “Brian, how do I dodge the NSA?” Hahahahaha – you can’t – not really… But, I don’t want to distress my good friend or alienate him, either. My reply was, “They can break your security if they want to badly enough. The best you can do is 1) make it just a little challenging to keep honest people honest, and 2) don’t hide everything, or you will attract the NSA’s attention.”

I read /. now and then http://slashdot.com for those who may not know. They have a lot of “chatter” about “techie stuff” that I enjoy reading when I have a few minutes of spare time. I recalled a few articles I read on /. some time ago, when my friend pressed me about the NSA:

The US Government considered closing about 1200 data centers (40% of their centers) in 2012.  Did you know that the US government had more than 3000 data centers? Google for Federal Data Center Consolidation initiative or FDCCI.

What I recalled more vividly is from a 2009 /. article – an announcement that the NSA was building a $1.5B data center in Utah. I can’t find the /. link to this article, but Googling brought this other link up for me:

http://fcw.com/Articles/2009/10/27/Web-NSA-data-center-cybersecurity.aspx

I recall thinking in 2009 that the NSA was going to store enormous numbers of e-mails and phone records for the entire country – perhaps for  much of the world. Why else would the NSA need that much data center floorspace? There was not a word of this on CNN at the time. Today, of course, with the Snowden disclosures, this “kind of thing” is all over the news.

Not too many people are good at critical thinking (you all need to get better!). Most people don’t connect the dots very well (you all need to get better!). And with regard to this particular data center, there is still “silence” in the mass media. At the time, I was wondering how much power the data center would draw from the local electric utility? How many BTU’s to cool the center? How many hard disk drives? How many bytes of storage? How long was the data retention planned for (15 years was my guess)? That is what an engineer wonders when they hear about this kind of place. The article about this data center maintained that only 10% of the floorspace would be dedicated to data storage, though I wager it is far more than that. Also, the article states that the center is 1 million sq ft, but I seem to recall that the center was a bit larger at 1.2 million sq ft. Where did I read that?

How many HDs in the Utah data center?  Well, let’s do some math…  An 11 ft rack typically holds about 100 drives, and it requires about 12 sq ft of floor if you want front and rear access.  Let’s assume that 75% of the 1.2M sq ft of floor are covered with storage racks – that’s 75,000 racks of drives or 7.5 million HDs, each storing two terabytes average – some more and many less…  that’s 15 exabytes (10e18) or so of storage.

How much power consumption? Assume a drive consumes 5 watts.  That’s 37.5 MW of power just for the HDs. Whew – that’s a lot of power… And you need a lot of network equipment to get the data in and out and to perform searches.

How many BTU? About 130 million BTU to compensate for the drives, 40 million BTU to cool the network equipment, and 70 million BTU to cool the volume of air to a cool ambient temperature assuming 16 ft ceilings… That’s a lot of air conditioning – 240 million BTUs! As a point of reference, that’s about 10 times the rule of thumb BTUs per sq ft for a typical home.

Eliminate rear access, stuff the racks, and I bet you could double the number of drives in the center.

Is my math correct? I may be making a few mental calculation errors, so feel free to check my numbers!

Do you recall the hard drive shortage in 2011? The floods in Thailand shut down hard drive production – so we were told. I wonder if that shortage wasn’t really do to a single, very, very large order… Well, I’ll never know, but I have to wonder…

So, back to my friend’s query.

Oh, before I forget, almost ten years ago, I recall a Project Trailblazer with SAIC (and I find now with a Google search, Booze Allen). The mission was to analyze all Internet traffic in the US. As I recall, it failed (though, I bet it succeeded to some degree, after all…). Oh, and before that, the Telecommunications Act of 1996 that required backdoor access for all public telephone networks. And before that, the predecessor act of 1984, too, required access for Government purposes.

My point is that none of this is really secret from a high level point of view. If you can read, you can learn what’s going on around you (you all need to GET READING!). There seems to be a surprising amount of transparency.

OK, now to my friend’s query. I asked, “What are you trying to hide?” “Porn,” he said. I remember laughing long and hard (no pun intended). “OK – just encrypt an external drive with TruCrypt or MacOSX Core Storage encryption services, and put your porn there. Choose a relatively strong encryption method like AES128…” That’s useful enough to keep the data private from a criminal or your partner or parents or children. But I wager that the NSA can readily decrypt that drive if they really want to.

My friend wants to encrypt his e-mail, too (I am wondering what my friend really does after midnight…). “Get a security certificate from PGP or Verisign (now Symantec?) or Thwate and use it for those e-mails.” Some ISP’s provide encrypted e-mail service for a price where your e-mail transits your ISP encrypted just like a browser HTTPS transaction does.

The cellphone – my friend wants to encrypt his calls. Well, you can’t do that very easily. You can purchase an encrypted handset – an encryption feature is part of the GSM technical standard for our cellphone networks. The government is the primary user of encrypted phone services, but ordinary callers do not have ready access to encrypted cellphones as far as I know. I don’t know where you can get an encrypted cellphone, but I bet you can find one if you look hard enough. And to be honest, I don’t know if AT&T would let an encrypted phone operated by an ordinary customer work on their network – I bet not. Forget the cellphone.

You have to work hard to protect your privacy, but you can do it to a small degree. Use Private Browsing features, turn off your cellphone’s GPS until you need it (and then turn it off, again). If you use Google, don’t search while you are logged in to your G-mail account. There are all kinds of precautions to take to limit your exposure on the Internet. There are anonymizing http proxy servers on the Internet, though frankly, you still leave footprints, and the proxy server owners still maintain logs – and how much do you really trust these proxy services? Do you know those people who own and operate them? No?

I wager that the NSA can break ciphers on demand easily enough to defeat most anything you can do. The NSA clearly is capable of network interception, deep packet inspection, packet insertion and masquerading techniques if you believe the Snowden disclosures. My advise to my friend – just don’t attract the attention of the NSA in the first place (or of the CIA or Defense Intelligence Agency or the Russians or the Chinese, etc.). They’ll notice if you are heavily encrypting your net services or taking steps to hide your activities, and then they will wonder what you are up to!

Do you have secrets? I think it is better to assume that they are not secret after all. Because they aren’t, really. And to my friend, I don’t think the NSA is interested that you have porn from the Internet…

Advertisements

Contextual Communications Management – Do Away with I/O Overload!

February 18, 2013

I have been “cooking” this idea since about 2006. There was a day “in the day” when my ability to manage intrusive communications was obviously nil – a day of epiphany. On one miserable day, I was overwhelmed:

  • four meetings occupying more than 6 1/2 hours of the day;
  • more than 40 telephone calls to four phone numbers that I answered;
  • more than 40 voicemail messages on five messaging systems;
  • more than 250 e-mails sent to six addresses;
  • no complete record of calls I missed…

My clients were frustrated. I was frustrated.

I really faced three dilemmas:

  1. No Prioritization – the priority of one call was almost indistinguishable from the next unless I knew something related to the ID of the caller (if I even glanced at the Caller ID – if the ID was even displayed);
  2. No Integration – 15 separate communications portals…
  3. No Local Context – my telephone services interrupted my meetings as though every incoming call was more important than the meeting I was in (and some were).

I need only the sufficiently important communications right away – in only one stream – from any service – directed to any device – anywhere in the world I happen to be – with zero effort – without unnecessary distraction – all prioritized, summarized and logged. I call this concept Contextual Communications Management.

Since about 2008, I have been embarked on a campaign to influence AT&T, Apple and Google with features that will help me wrestle with the overwhelming communications environment I work in. I write letters, make phone calls, write white papers, draw pictures – anything that has a bit of promise to find implementations in AT&T, Apple and Google products and services.

Here is a simple process flow for incoming calls and voicemail messages to begin solving my problem (click for a higher res image):

Incoming Calls and Messages Managed

At first glance, I get two remarks from people – either “Huh?” or “Duh…” Either puzzlement or a brush-off as obvious. For any incoming call, I want to reject it (block it) if it will waste my time. If I don’t reject the call, I want to redirect it (forward it) if another person is a better resource to answer the call. If I don’t redirect the call, I want to ignore it for the time being (let the caller leave a message) if my present activity is more important. I want to answer the call if it is the best use of my time at the moment.

But it’s not obvious how to make the decision that the incoming call is the best use of my time. Let’s “peel the onion” just a bit. If you know the person calling or e-mailing or messaging, there is a basis to prioritize the call. Here is an example of that basis (again, click for higher res):

Who-Basis for PrioritizationIt’s not that complicated – my address book on my Mac has a category for “Priority” that I added long ago of Privileged (AT&T calls White-Listed; Apple calls VIP – their responses to my proposals), High, Medium, Low, Unknown or Denied (black-listed). Recognize the White List and Black List concepts from my Robocaller Blocker? Yup! My “RoboBlaster” focusses on identifying and blocking the lowest priority callers.

This just scratches the surface of Contextual Computing – utilizing the context of Who, What, When and Where to make automated decisions about communications, tasks, activities, collaboration and the presentation of information in the user environment.  A clever app will stop my phone from ringing in a meeting unless the caller has a higher priority than the meeting does. Get it? It’s not complicated, but that clever app will be! How to integrate all devices and services? That’s another problem I am writing about right now.

Look for my book on Contextual Computing at Amazon.com soon.  I’ll be sure to let you know how to order it when it is available.

Where Next for My PC

August 25, 2010

I have been pondering this for quite some time:

Where is the PC going, and what substantial changes are likely for the operating system and for productivity software?

Keywords here for all of us: cloud, mobility and context.

Lately, Apple and Mac media has been asking, “What is Apple doing for Mac OSX 10.7? …for IOS 5?  Lately, Windows 7 has received some deservedly good press, and I wonder what is in store for Windows 8… Lately, there has been a lot of talk in the tech media about “thin clients” and “cloud apps” in lieu of locally executed productivity applications running on a “screamer” desktop PC. Hmmm… So, where is all this going? Well, I’ll tell you!

Minimal Local Storage – no petabytes, and probably not even terabytes. Here, the thin client pundits probably are on to something, but I don’t think they see the forrest for the trees just yet. What storage resources you have locally may really need to be quite small if you can utilize many devices and servers. The real evolution I expect to see will be with the file system…

Distributed File System – a combination of NAS and SAN functions with a substantial layer of security. I may have a folder of documents stored physically anywhere – on an Apple server, a Microsoft server, an AT&T server, a Google server, a Yahoo server, on my desktop hard drive, in flash in my iPhone – anywhere, and I don’t want to need to know where.

  • I need to be able to have instant access to my document files anywhere and anytime.
  • I need to be sure that I have exclusive access to my files.
  • I need to be sure that all my files are strongly encrypted to keep the server owner honest and to defeat the likely hacker.
  • I need to be able to share any file with anyone I designate.
  • I need to be able to define the organization of my documents and folders of documents without regard to the physical location of a file.
  • I need to have the same file organization presented to me regardless of which physical computing device I am using.
  • I need to be able to access certain files even when a local device is turned off or is not at hand (multiple device aware).
  • I need to be able to access certain files even in the event of a local computer failure (locally fault-tolerant).
  • I need to be able to access certain files even in the event of a remote server failure (remote fault-tolerant).
  • I need to be able to access certain files even in the event a network failure (network fault-tolerant).

Gesture-Based User Input System – gestures, but not necessarily touch or mouse. Here, I think that Apple is right on track. Mouse behavior has been exquisitely refined, touch interfaces are being diligently defined, cameras are being built into every display device. The next step is to extend type, point, click, touch and swipe to arbitrary surfaces and new hand gestures in the air. Any time, now… I’m waiting…

Agile Display System – my display “desktop” moves with me to the best display system that I have access to at any moment.  As I move from room to room, building to building or city to city, I want my work and my display desktop to follow me and be visible to me on the best display device I have access to wherever I am seamlessly and instantly at my command – with a gesture of some sort to cue and command the device and use it.

Contextual Environment Anticipates My Needs – community-aware, activity-aware, time-of-day-aware and location-aware. Who am I with with right now and who I am meeting with later in the day, what I was just doing and what is scheduled next on my calendar and what is queued on my To-Do List, what the time of day is and what do I usually do at this time of day and what is scheduled next, where am I now and where am I going next – all this has a direct bearing on what I want to do with my computer right now! I want my computer to anticipate my every move. This is a BIG effort to complete.

Unobtrusive Automatic Refinement – settings to accommodate the “cloud”, mobility and context should change automatically based upon limitations and failures encountered, additions to my community, appearances of new devices and services, and new collaborations.

Identification – this is key to secure sharing and hacker warfare. If your credentials are unknown, you don’t get in. How to assemble a set of trusted credentials? How to verify them unobtrusively? How to manage and maintain them? How to revoke them? How to detect spoofing and challenge the credential? Well, that requires some finesse, new standards and some user education.

If you ask me, this sounds like another decade of significant opportunity in this industry’s products and services – and a tremendous life cycle extension for the PC and its OS and applications.