34C3 - TUWAT - Talks - Part 4

Post date: Feb 11, 2018 9:20:49 AM

  • Social Cooling - big data’s unintended side effect - Very interesting topic. Let's see if they got great points to consider. First they presented concept of click fear. I guess that's very real. Everyone I know got it on some level. Key concepts: 1. Reputation Economy 2. Behavior Change. Finally 3. how to deal with this. Data Stratification. How Social Credit System it used in China. Social credit affects your changes to get a job, loan, visa, or even a date. Social Cooling, Social pressure. Big data leads to social cooling. It's negative effect. Deemly score. Known public score derivation, versus secret non-verifiable score formation algorithms and methods. Other factors analyzed: "IQ, Psychological Profile, Gullibility, Religion, Estimated lifespan, Rape victim, Political Vies, Potential inheritor, Planning to have a baby, Had abortion, Sexual orientation, Economic stability, Extroversion, Has 'diabetic focus', Easily addict-able, Physical frailty, Education level". Nice. Machine learning algorithms find patters in society we don't expect. Cambridge Analytica. Social profiling, Risk Management, Customized advertising. Data users: "Banks, Insurers, Employers, Governments". Personal comment, I guess that's probably illegal, GDPR. Yet it doesn't matter as long as you don't get caught.- Democratization of the background check. Chilling effects. Social cooling = Social pressure + Self censorship. People are afraid long term congruences: Individual cultural censorship. You do have freedoms, but you choose to leave it unused. Societal value of privacy. Culture of risk avoidance. Wrong scoring methods bring perverse incentives. Trickle down risk aversion. Politicians and balance for power. Two systems: "Institutional = Free, Crime, Police, Judge, Prison" vs "Social = Suboptimal behavior, Measure & judge, Subtle influence". Key differences: "Institutional = Free until, Punishment, Accountable" vs "Social = All the time, Fear of exclusion, Invisible". Yet "I have nothing to hide" often means "from the institutional old system". Major problem: "Data may damage your job prospects". Stop saying we have nothing to hide. Privacy is the right to be imperfect. Data is a trade-off. More data = Less Autonomy. Social cooling alarm about panopticon, social cooling is about hope. Leads to a world where we are all better behaved, but less human. "Privacy is the right to be human". Link: socialcooling.com - Btw. This was a very nice talk, yet it didn't bring up anything new of course. - Personal comment, this is stuff of all bad sci-fi TV-series coming true.
  • The Internet in Cuba: A Story of Community Resilience - "Get a unique tour of some of the world’s most unusual networks, led by a Cuban hacker". Internet usage is expensive in Cuba. The SNET. El Paquete de Cuba. Not linking directly to the site on purpose. Lot of HTTP login pages without HTTPS, shared connections lead to stealing of credentials. Red Universitaria network (Institutional Internet) using IPv4 private addressing, national network / inter connected networks / WAN. Their version of inter-net, without being connected to the Internet. SNET / La red de la calle. SNET got over 100k users in Havanna alone. Regional Pillars connect Local nodes with directional WiFi as well as Pillars peer with other Pillars. SNET got it's own rules, which you've gotta to follow. One of the rules is that you must not bridge to the Internet. True mesh networking.
  • Address Space Layout Randomization (ASLR) on the line - Practical cache attacks on the MMU. JavaScript based side-channel cache timing attack. TBL. Cache Line. Attacks work on Intel, AMD and ARM. Also from inside of Chrome and Firefox JavaScript sandbox.