Archive for March, 2012

Passwords may now be passe

March 27th, 2012
By



ThinkTech Hawaii

Exactly how many passwords do you have, in the 17 years of the Internet?  How much time a day do you spend trying to remember them?  How many times do you find you can’t remember them, and that you have no good record of them?  How frustrating is that, for you and me and everyone around us?

Passwords are a pain in the apps.

You can lose your password in so many ways:  you don’t write it down and you forget it; you write it down wrong; you write it down but lose it; you write it down but forget the place you wrote it down; you write it down but you later changed it and didn’t write the new one down; you have it all right, but it’s compromised somehow so you have no security even with it.   I could go on.

And how many passwords do they want you to have, and with what special requirements?  Do you have to have both lower and upper case?  Do you have to have numbers as well as letters?  Is there a minimum length?  Do you have lower and upper case and also numbers and letters and a minimum length?   All this makes it that much more difficult to create and remember them.

How bad is it to use the same password for multiple accounts – will someone with access to the first account figure out how to compromise another of your accounts?  How often do you have to change it, and once you change it how long do you have to wait before you can use the old one again.  And if you lose it, how do you remember your secret Q&A?  What if you forget that too?

Who can you trust with your passwords?  Should you tell technical support?  Should you tell the people in your office, how about your personal secretary?  Can you tell your friends, how about your good friends?   Can you tell your wife, your kids?  Just how paranoid do you need to be and with which ones?

Should you put passwords on everything, even the log-in on your laptop or wireless router?  Should you lock your computer or cellphone?  Should you keep a file of your passwords and how do you protect it?  Should you encrypt it?  Where do you keep the password for it?  Suppose you lose that one too?

I really can’t stand it anymore.  I hate passwords.  It’s so time consuming to have to make, secure, remember, record and otherwise deal with them.  If you don’t know what I mean, just forget one critical password and you’ll find out.

Over the years, there have been efforts to bypass passwords, to replace them with parts of the user’s anatomy, like your thumbprint or retinal scans.  None of those are in general use by the public today.  In fact, I don’t know anyone who uses an anatomical substitute these days, outside the movies of course.

Graphic, kinetic images or patterns are easier to retain, even if they’re not so easy to write down.  So we’re starting to see passwords as a series of dots that you’re supposed to connect in a certain way.  That’s easier than remembering words, but the same problems apply to disclosing and changing them.

How about something more subtle, like the way we type, assuming that no two people type exactly the same way, that we each have different keypress timing and patterns for different combinations of keypresses.  This is psychological, but not consciously understood.  And arguably, no two are the same.

The mission is to get unique metrics on these patterns.  If you can figure that out, you could get rich.  DARPA, the Defense Advanced Research Projects Agency, wants to develop a non-password system that just uses the unique user experience of each user, and it’ll pay you for your research in this area.

All the user has to do is type his name, and the software would know him.  The authentication would happen in the background.  They call it the “cognitive fingerprint,” “keystroke dynamics” or “keystroke biometrics,” measured by how long you hold down a key and move to the next in a word, phrase or sentence, things that take milliseconds and would be difficult or impossible to imitate.

Research is already underway, and researchers claim accuracies of up to 99.5 percent.  So there’s no time to waste.  DARPA wants a system to recognize the user in only a few keystrokes, and to detect the irregularities of an intruder.  This assumes that the user’s personal rhythms have already been recorded.

Use of the mouse may also provide behavioral biometrics for user verification.  Everyone uses the mouse differently, and you can therefore also get a person’s signature from his or her special way of using the mouse – the way the person moves the cursor across the screen or between words or objects on the page.

Surely, Hawaii has programmers with the skill and curiosity to figure this out.  It’s just a matter of making a record of exactly what the user is doing and distinguishing that from what other users do, in typing and in use of the mouse.  Yes, it can be done, and will be done, soon.

This is a challenge to all able-minded programmers in Hawaii.  Think of the aggravation you’ll save saving us all from all those passwords. When I think of all the time and effort I spend chasing passwords every day, it can’t come soon enough.  Indeed, the world is waiting for passwords to become passé.

Posted in 1 | 1 Comment »

Kakaako Arising! on March 22nd

March 17th, 2012
By



Kakaako Arising! is coming this Thursday.  Here's a video on the program.


It will feature opening remarks by Governor Abercrombie then two blue-ribbon panels. One panel will be about landowners and developers.  The other will be about designers and innovators.

We'll have HCDA and various landowners as well a number of creative startups and entrepreneurs. The program will cover the projects under way and many other  remarkable things happening in Kakaako.

This is a turning point in Kakaako - will it be Downtown East or Condo Canyon?  We will know pretty soon. Come down and find out about Kakaako.  The Plaza Club at 11:30 a.m. this Thursday, March 22nd.  Register at hvca.org.

See you then!

Posted in 1 | Comments Off

These rains are more than mother nature

March 11th, 2012
By



ThinkTech Hawaii

We’ve had some bad weather this week. So has the mainland. In fact, it seems that there is a lot of bad weather these days, all over.

Like the frog getting slowly boiled, climate change is having its effect. The strange thing is that no one talks about it. It’s as if this bad weather, apparently increasing little by little all the time, is just a regular thing. But you can’t help thinking that yes it is climate change and that no one makes the reference, something like the elephant in the room and the emperor’s new clothes.

Oh, I could be wrong and maybe this is all just a streak of bad weather getting bad press. But it seems to me that this kind of pop up storm has been getting worse, streak after worsening streak, and it’s just too easy to dismiss it as ordinary. It’s not ordinary and it seems to bite a little deeper all the time.

I hope FEMA and Civil Defense and other such agencies are thinking about this, since it will be on them to deal with really bad storms as they arise. I hope someone is making the connection between climate change and the increasing severity of the weather. Maybe they don’t say anything because they don’t want to incite a panic on the issue.

Over time, and assuming the metrics of these storms show an unrelenting increase, the public will have to get it, with or without panic. Maybe they’ll become a little more activated on the issue and will do all the things that the scientists have suggested to hold or roll back the process, like getting off oil and the like. On the other hand, Hawaii by itself can’t stop global warming. It takes the whole world to stop global warming, and organizing global action isn’t easy. Maybe it’s simply too late.

I’d like to think there’s time to roll it back, however, and I hope we can get together on group action in the near term. The trick is staying sensitive to the issue, and I suppose that means watching the storms and examining the linkage, and then getting public support for affirmative steps, and taking them, whatever the costs.

So this week Hawaii has had some bad rain, and although many people were seriously inconvenienced, or just took the opportunity to stay home, in the larger picture so far it’s not that threatening. But we have to take it as a warning, with the possibility, or likelihood, of much greater severity coming soon.

The reality is that climate change and weather surprises are to stay. So get used to it. We live in a remote island state with limited supplies thousands of miles and several days from any disaster relief. We really need to think ahead and develop self-reliance. We don’t have that now. Think renewables. Think local agriculture. Think transportation. Think redundancy. Think disaster planning in general.

“Semper Paratus” (the Coast Guard slogan) – always prepared – seems more than a little appropriate. The dreadful days of Iwa and Iniki could return any time, and next time storms like that could visit the whole state, not just the neighbor islands, including state-wide mission critical infrastructure in Oahu. I don’t have to tell you what would happen to the tourism industry, but actually it goes far beyond that.

The rise in sea level won’t happen for a while, but unprecedented weather could be just around the corner. Just as our economy is mono-dimensional, so is our infrastructure. If it fails without a safety net, without the ability for prompt repair or replacement, we won’t have anywhere short of evacuation the mainland to fall back on. Because we’re an island state, we have to be that much more organized and responsive in addressing risks like this.

There’s no room for complacency in the middle of the ocean. So don’t be misled by the rain this week. It’s more than mother nature. It’s a message.

Posted in 1 | Comments Off