The second discussion of the day was on the topic “Ethics of Security Disclosure”. The focus was on a particular DNS attack known as cache poisoning. DNS, which stands for Domain Name Services, is a service which translates IP addresses into names (like google.com) and vice versa. A Seattle local researcher, named Dan Kaminsky discovered that queries for websites can easily be redirected to malicious sites instead of their true destination. This means that a user, while attempting to connect to Bank of America’s website, could secretly be redirected to a clone of the website, belonging to a malicious hacker. Clearly, the effects of such an attack would be devastating. However, even upon the discovery of such an attack, it is not clear who should be responsible for fixing the issue as well as how those parties should be addressed. There is not one particular entity that ‘owns’ DNS. Furthermore, if this issue becomes publically known, the news would do very little to protect actual users and worse off, it would inform anyone with the proper internet knowledge and malicious intent exactly how to stage such an attack. Dan Kaminsky’s solution was to approach representatives from all of the major players in the internet, including the people responsible for maintaining DNS as well as major corporations such as Microsoft and Cisco in total secrecy to work out a patch (solution), build this patch such that it is not obvious exactly what was fixed by merely inspecting the patch and deploy it to hundreds of thousands of computers worldwide before news of this can get out. This scheme was carried out exactly to plan and before the public had any knowledge of the attack all of the major companies (and their customers) as well as many other computers on the web were safe.
In class we discussed the pros and cons of such a solution. On the topic of releasing it to the public, the general consensus seemed to be that bluntly releasing it to the public would be a bad course of action because of what can happen if the information falls into the wrong hands. When discussing what one could do in such situations, it was brought up that reporting such a problem silently could be more difficult than expected. It is not easy to summon representatives from major corporations and even then, certain corporations may not care to listen. Perhaps releasing information to the public will hold companies more accountable and give them further motivation to address whatever the problem at hand.
Monday, December 8, 2008
Friday, December 5, 2008
Integrating Embedded Systems with the Human Body
This week, the topic of discussion revolved around the integration of technological systems with the human body. The core of this topic relates to the ability of such systems to augment human functioning, providing the user of the embedded system "additional senses" that are not biologically innate.
One possible application of this augmentation could be to reintegrate originally lost senses back into patients who have lost some form of original sense. As discussed, such an application would clearly have a dramatic effect on the patient's ability to get back to living a normal life.
However, when this process of sensory augmentation (though the integration of embedded systems with the human body) is performed in a manner to "upgrade" / enhance the sensory input of the body, the results are much more dramatic. For instance, a belt with locational vibrating inputs was discussed that gave the wearer incredibly acute directional ability.
According to the article and discussion, the brain eventually adapted to the sensory input and made the system "part of its own". Because of this, the removal of the device was shown to cause fairly acute side effects in some users. Some were unable to go back to normal functioning, and one subject even had to obsessively carry around a GPS unit in order to function normally.
Clearly, this would not be optimal if the integration of increasingly advanced embedded systems results in increasingly acute side effects should they be removed. Apparently the brain is able to rapidly adapt to their presence and integrate the new sensory inputs, but the converse is not true when the device is removed. It seems that -- at least in some cases -- the brain is unable to "unadapt" and revert to its original ability to function.
Such research definitely carries important implications for the possibility of integrating futuristic sensory systems to the human body.
One possible application of this augmentation could be to reintegrate originally lost senses back into patients who have lost some form of original sense. As discussed, such an application would clearly have a dramatic effect on the patient's ability to get back to living a normal life.
However, when this process of sensory augmentation (though the integration of embedded systems with the human body) is performed in a manner to "upgrade" / enhance the sensory input of the body, the results are much more dramatic. For instance, a belt with locational vibrating inputs was discussed that gave the wearer incredibly acute directional ability.
According to the article and discussion, the brain eventually adapted to the sensory input and made the system "part of its own". Because of this, the removal of the device was shown to cause fairly acute side effects in some users. Some were unable to go back to normal functioning, and one subject even had to obsessively carry around a GPS unit in order to function normally.
Clearly, this would not be optimal if the integration of increasingly advanced embedded systems results in increasingly acute side effects should they be removed. Apparently the brain is able to rapidly adapt to their presence and integrate the new sensory inputs, but the converse is not true when the device is removed. It seems that -- at least in some cases -- the brain is unable to "unadapt" and revert to its original ability to function.
Such research definitely carries important implications for the possibility of integrating futuristic sensory systems to the human body.
Subscribe to:
Posts (Atom)