Posted on

Steve Missham and the BBC – stranger than fiction

Whilst I smelled a rat in the Steve Missham affair and subsequent events have proved me justified, I’m not feeling that smug because I can’t actually claim I saw the latest developments coming. They’re just too incredible.

What Missham has done is announce to the world that his alleged abuser didn’t look like, and therefore wasn’t, the politician he’s been accusing to all and sundry for days. The news media appears to accept this, and has gone on a frenzy of blame culminating in the “resignation” of George Entwistle this evening. The one person not apparently in the firing line is Missham, who’s fantastic story is the cause of it. The idea that he didn’t know what the person he was accusing looked like before his recent publicity spree stretches credibility beyond my limit.

Okay, the BBC clearly didn’t check its facts either but then again this is hardly uncommon. As I said last week, they’re always on the lookout for anything negative they an say about the Conservative Party, and I’d assume they’re even less likely to check facts in such a case.

This morning I heard George Entwistle being savaged by John Humpharies on Today. After several minutes I couldn’t take it, but they were still on when the snooze button had timed out. Entwistle was protesting that no one had told him anything. Sadly, I have to say I believe him. This evening he “resigned”, but received a year’s inflated salary as a pay-off. That’s a neat trick. Who else can choose to resign and have their employer’s pay him a year’s salary? Some mistake, surely.

Apart from the peer who’s been accused of the most horrendous crimes for no reason whatsoever, the other victims in this affair are children who have been abused, and those who will be in the future. We’re always hearing the mantra that children don’t lie about such things and should always believed. This was Missham’s main theme too. It goes along with the notion that no women would falsely claim to be raped. Privately, people who work with children and alleged rape victims will contradict this – some people will claim all sorts of things if they think it will get them what they want. Having such a high-profile abuse victim who was clearly not telling the truth is not going to encourage genuine victims of such crimes to come forward.

As to the crisis at the BBC, it’s long been the case that some of their journalists have exhibited bias and inaccuracy in reporting, especially at the local and national level. They’re now engaged in reporting, 24/7 on their favourite subject (themselves). When Entwistle resigned it was blamed on “shoddy journalism”, but what of the shoddy journalists? They’re still there.

I’ve just been watching speculation as to who’s going to take over as Director General of the BBC. The journalists are complaining that Tim Davie, the caretaker DG, has no editorial experience, and is also an outsider. Other candidates have been criticised for being non-editorial and non-BBC types. Entwistle was from a 23-year BBC Editorial background (as previous DGs) but has failed spectacularly, cut and run (or was he really pushed?)

Of course the BBC hacks want one of their own, but that’s the last thing the BBC needs.

 

Posted on

Is Quantum Cryptography About to be Hacked (again)?

I saw a curious note on the BBC teletext service saying physicists in Canada had just proved that the Heisenberg Uncertainty Principle wasn’t quite right and that therefore Quantum Cryptography was probably not as secure as we’d hoped.

The Heisenberg principle basically states that at quantum level (very small things) it’s impossible to measure the precise position and speed of anything (or measure any other two attributes). The more accurate a position reading, the less accurate the speed measurement, or if you measure the speed accurately the position will become uncertain.

However, quantum cryptography relies on is something much less weird to work practically – namely the Observer Effect, or Heisenberg’s Measurement-Disturbance Relationship. This is what the Canadian team were actually on about. You can find the paper causing all the fuss here:

Lee A. Rozema, Ardavan Darabi, Dylan H. Mahler, Alex Hayat, Yasaman Soudagar, and Aephraim M. Steinberg, Centre for Quantum Information & Quantum Control and Institute for Optical Sciences, Department of Physics, 60 St. George Street, University of Toronto, Toronto, Ontario, Canada M5S 1A7

The Observer Effect is much easier to understand. It says that when you measure some things you necessarily change them by the act of measuring. There are plenty of examples to choose from, like a volt meter in an electrical circuit connecting two hitherto unconnected points and allowing a current to flow that wasn’t there before the meter was introduced. If electronics isn’t your bag, consider measuring the tyre pressure on a car. When you apply the gauge a small amount of air escapes, so the pressure is obviously less than it was before you measured it.

As to whether it’s going to make a jot of difference to the safety of your credit card details, I highly doubt it. Quantum Cryptography is not widely used, although I believe laboratory experiments continue (notably British Telecom’s research lab in Ipswitch and latterly Raytheon BBN Technologies). And even then, it’s not at all clear whether this will make any difference to it.

So what is Quantum Cryptography in practice?

Unless you slept through ‘O’ Level (now GCSE) Physics at school, you’ll think you know what a polaroid is:  a filter that allows light waves through if the waves are oriented correctly and blocks them if they’re not; a bit like grating for light waves. Except, of course, they don’t behave like that in the real world, do they?

Please generate and paste your ad code here. If left empty, the ad location will be highlighted on your blog pages with a reminder to enter your code. Mid-Post

There’s the classic experiment where you take two polaroids and place them one in front of the other. If you have two polaroid sunglasses, try it now. If you have only one pair you could snap them in half to get two lenses, or just take my word for what follows.

As you look through the two lenses and rotate one they’ll either be transparent, black or at various states of fading in between. When the polaroids are aligned the theory says that all the light gets through, when they’re 90° apart then all the light will be blocked. But what about when they’re 45°apart? How come you can still see through? ‘O’ Level physics doesn’t want to bother you with quantum mechanics but as I understand it, this is caused by those pesky photons randomly changing direction all the time, and side-stepping the grill. There’s a random chance of photons still getting through, and it’s proportional to how far around the polaroid is out of alignment. Slightly out of line means most still get through, 45° means half get through and 90° means none get through.

Now suppose we’re sending information by polarising light and shoving it down an optical fibre; we send it through a polaroid. To measure the result we stick it through another polaroid at the other end, aligned at random. The sender’s polarisation pattern is secret at this time. If the receiving polaroid it a bit off, we’ll still get a signal but it will vary randomly. The thing is that there is no way of knowing whether we’re looking at a randomly corrupted signal, or whether all photons are getting through. However, we can record the results and if we’re later told what the polarisation settings were, we can discard the measurements we made with our receiving polaroid was set wrong and use simple error-correction techniques to make use of the remaining “good” data. The polarisation settings can be transmitted insecurely after the event, because they’re of no use to an attacker by then. This is subtle…

If someone decides to bung a polaroid in the middle of the line to try and examine our photons, unless they get lucky and have exactly the right polarisation every time then they’re going to filter off some of our the signal. This is going to show up as corrupted data by the recipient, and we’ll know we have an eavesdropper. When the correct settings are published, even if the eavesdropper gets to hear about them it will be too late – they will have corrupted the signal and given their presence away.

The current state-of-the-art in Quantum Cryptography relies on sending and detecting single or pairs of photons. Good luck with that one! It’s also not an easy thing to send and receive  a single polarised photon, so the research is looking towards simply swapping encryption keys for protecting the actual payload later. This is known as QKD – Quantum Key Distribution.

Suffice to say that this technique makes it impossible to eavesdrop on a line as to do so will corrupt whatever is being intercepted  and, with an appropriate protocol, it’ll be almost impossible to try this without being detected before any real data is exposed.

So why does the Heisenberg’s Measurement-Disturbance Relationship matter to all of this? Well, supposing someone was able to make a polarisation detector that could measure polarisation at any angle. With this they could read the polarisation of whatever was passing, and even if they destroyed it in doing so, they could re-transmit a new photon polarised the same way. Quantum mechanics currently says you can only test for polarisation in one plane (basis) at a time, so the eavesdropper couldn’t possibly do this. If quantum theory was actually wrong, someone would still have to find a practical way measure all-ways polarisation. Quantum Cryptography itself has practicality issues, this isn’t a reason to lose any sleep in the real world. A few companies offer QKD networking equipment, and demonstration networks come and go, but unless anyone can enlighten me, I’m not aware of any real-world users of the technology. Given the number of successful attack vectors found in all known experimental systems, it’s not surprising.

Please note – I am not a theoretical physicist; I’m looking at this from an application perspective. I’d love to hear from anyone with a full understanding of quantum mechanics able to shed further light on this, as long as they can keep it simple.

Posted on

Apps to force Web into decline?

Who’s going to win the format war – iOS (Apple iPad) or Android? “What format war?” you may ask. Come on, it’s obvious. Some are saying that the web is either dying (dramatic) or at the least being impacted by the modern fashion of Apps, and these run on iOS or Android (mostly). Actually, by sales Apple is winning hands-down.

This IS a format war, because developers need to support one or other platform – or both – and users need to choose the platform that has the content they need, and there is some sense in it when databases contents are queried and displayed in Apps rather than on web pages.
Apple has the early advantage, and the cool factor. But it’s the most expensive and the most hassle to develop for, as Apps can only be sold through Apple. Android is a free-for-all. Apps can be sold through Google, or anyone else making them available for download in the future. It’s an open standard. The security implications of this are profoundly worrying, but this is another story.

So, running iOS is expensive, Android is insecure and neither are very compatible. That’s before you consider Blackberry and any requirement to run an App on your Windows or Linux PC.

But, I don’t think this is a conventional format war. It’s mostly software based, and open standards software might just win out here (and I don’t mean Android). People like paying for and downloading Apps. Web browsers can (technically) support Apps, using Java and the upcoming HTML5 in particular. Why target a specific operating environment when you can target a standard web browser and run on anything?

As an aside, HTML5 is sometimes hailed as something new and different when in fact it’s just evolution and tidying up. The fact is that HTML is cross-platform and will deliver the same functionallity as Apps. HTML5 simply standardises and simplifies things, making cross-platform more open-standard, so every browser will be able to view page content without proprietary plug-ins, including better support for mobile devices which lost out in the late 1990’s onwards when graphic designers decided HTML was a WYSIWYG language.

Some modern-day pundits will proclaim that data will be accessed more through Apps in the future, and the web has had its decade. Apparently a third of the UK is now using smart-phones. Whether this statistic is correct or not, they’re certainly popular and I’ll concede that Apps are here to stay. But in my vision of the future they won’t be running on iOS, Android or Blackberry – they’ll be written using HTML5 and run on anything. It’s platform independence that launched HTML and the web twenty years ago, and it’s what will see off the competition for the next twenty years.