Killswitch ineffective against speaker-as-microphone, again

Just to be clear: I don’t think anybody in this thread argued for another kill switch.

1 Like

We’re well off the original issue here which, no harm repeating, we’ve established is not a real problem. So we’re not debating that, but loose grand generalities. Still, that’s fun and evidently you triggered me :wink: so:

Important security fixes come on a timescale of ~ a day, which means unpatched is not an unusual case (I even had to restart my browser because of an update while I was writing this!). The details you mention here don’t change that. You say that often you need two problems - whether bugs or alleged user misbehaviour - but since the problems are so frequent, that still results in frequent opportunity. We mostly rely on the threat of punishment and the fact that not many people want to harm others in the first place to prevent this actually happening more often.

The conventional wisdom is that the scale of the current red-queen bug-patching race is inevitable, but the truth is better than that! Security failures are inevitable, but our systems don’t need to be anywhere near as fragile to them as they are.

I guess that machine learning may make this situation more pressing. It will also change defences: Some sort of arms race is inevitable, but the scale of it is not. For that reason, neither is embedding authoritarian solutions to these problems in our society inevitable. I imagine “we have to run Google AI software on all your devices, else you’ll be vulnerable to AI attacks” is coming not so far in the future unless we take steps to prevent it.

I imagine you must intend this as advice for an individual who expects to be the subject of a targeted attack from somebody with large resources AND believes they can only solve their problems all at once – fair enough (though even from an individual point of view I don’t think that’s the only relevant situation). Looking at it from another direction though, the idea “Many things need fixing to fully fix this problem, therefore we should not fix the problem” is also a general-purpose means of making security (or anything else) incrementally worse. We should make it incrementally better instead. That works! We shouldn’t expect it to work immediately, fully, and just for us as individuals.

You might say you don’t adopt the “progress is impossible” attitude to security I describe above: fine, but that has in fact broadly been the attitude of the IT industry, which has caused us not to make any. That attitude is often defended in terms similar to what you write above (or the broader view of the problem is systematically neglected).

All those things you list can and should be fixed. At the moment, fixing this kind of very basic security issue (not this one in particular!) often requires inordinate, punishing effort and is prone to failure. There’s no fundamental reason for that, and it creates dangerous instability in our society, risk to individuals, and lost opportunities for co-operation, so it should be our goal to change that. It’s possible (and hard) to make real incremental progress in security, without trying to do so by making changes that only address individual bugs. The way to do that is to make the effect of bugs less severe, using the principle of least authority – this issue we were talking about is an example of that (again, my position from the start is that “can turn speaker into mic given root” isn’t the most important such issue right now!).

Incidentally: I’m not going to comment much about my own personal security :slight_smile: but I do expect that people here are much more like than average to actually take action on all the things you list, and I don’t think success at reducing risk on the individual level is all-or-nothing either (not even if we’re talking about the state, which effectively does have limited resources in many cases, for now at least).

This is very much standard “IT professional” fare again :slight_smile: but I think there’s a lot missing from that, in our different context here:

  • Use of hand-planted bugs is quite defensible, because they’re expensive and come with social / political / legal norms that restrict their use, mass surveillance by local or foreign governments, activist groups, etc. less so (even companies, who haven’t been entirely innocent of going to those lengths, and are more “your data is our data” every day)
  • “unless your physical security is as good as your ITC security” – but these two categories of risk aren’t simply comparable in this way. Again, local physical security isn’t fragile in the same way to, for example, a large-scale attack using machine learning-derived exploits
  • As above, it neglects progress (or decline) and the context outside of individual people, companies, etc. Optimizing for one company, or one person, etc. is what an IT person does, but people whose motivations have a larger context (like us, I’d like to say) do need an eye on making larger scale progress. Contrary to popular opinion, I think that usually involves people working on things that are not local optimisations (again, I mean that the standard “oh, it’s naive to want to improve that, because this other thing is just as bad” hinders progress).

Really? In what sense? I thought Linux is the most secure, especially PureOs. iOS has a great vulnerability which cannot be fixed and it is called “Apple”.

1 Like

Yes, I suggested that most likely the “criminal” is your own government, for this scenario - so both targeted and large resources. There is of course no certainty in that.

Random criminals are mostly looking at identity theft and/or ransomware and/or financial theft. Random criminals targeting real microphones or repurposed speakers would I think be a niche activity against the average home user. Maybe you can imagine a scenario involving extortion (blackmail) but how many houses would a criminal have to compromise a microphone in and how many hours of recording before finding something that will yield a payoff?

Not exactly. I was just pointing out all the real microphones that might be in your house already. I consider it more important to address all those real microphones, which don’t require fancy repurposing of speakers that may or may not even be possible.

Sure, that’s a judgement call as to which is higher priority.

I guess I’ve already commented at painful length about this, so I won’t repeat it! :slight_smile:

For an individual’s own particular security, yes, I think so – but the inability to immediately solve a large problem in one piece doesn’t mean we – especially as a group – should rate the value of solving parts of it at zero. As I said, whatever your particular view about that, what you said about it is commonly used in defence of (unwarranted) pessimistic positions about security that claim (wrongly) that the sophisticated position is that we should continue to make it worse.