Posts by David Glasgow 186 publicly visible posts • joined 24 Aug 2007
Cunning plan, in a nutshell:
We're in, and we've got what we need
Ok. In a stupid way, say we're going to do something stupidly
Job for a Politician?
Yup
Should we actually do something stupid?
It's always an option.
Misdirection?
Yup. And they'll carry on thinking we're idiots.
Bonus!
Can't be arsed to check if it's already been said, so apologies if it has. In low concentrations it is instantly recognisable by the rotten egg shell. In high concentrations it is almost immediately odourless.
So not much point on relying on employees to smell something badly wrong. Only slightly wrong.
"I thought of calling the secretary of the treasury, Kermit Winkler, a man who had graduated from Harvard two years after me, and saying this to him: “I just tried out two of your dimes on Times Square, and they worked like a dream. It looks like another great day for the coinage!”"
Kurt Vonnegut
"In 2019, we detected an average of 11 threats per Mac endpoint — nearly double the average of 5.8 threats per endpoint on Windows."
This can't be an absolute measure of attacks, the numbers are far too low. Presumably its new threats. So attacks which represent a novel malware exemplar. But if so, what is the "per endpoint" condition for? It doesn't add or explain anything. Average attacks per machine would be interesting, as would the proportion of these representing novel malware. The trouble is that the base rates of malware across platforms is skewed, which is a practical concern, but more importantly in this instance, directly impacts on the number of exploits available to be err... exploited by novel malware.
Kind of looks like smoke and mirrors designed to sell a product, rather than meaningful statistics.
"I just realised you're 'one of those'"
Ah! Quite possibly.
In 25 plus years I have worked on 2 cases of female internet predators. Of course, that is a biased sample, because I only see the cases referred to me, and there are several reasons why women might be under-represented. Still, I have seen a few hundred cases of males. Not mentioning female, child, white or asian offenders in my post does not mean they don't exist, or that their behaviour is excused.
The point is that unless the issues are considered in a balanced way, accommodating child protection AND technical AND forensic issues, the result will only be divisive polarisation. Fashionable at the moment, but not helpful.
Completely agree with all points.
The pressure to do something about this particular problem arises substantially from people who do not consider the issue as part of an equation. On the other hand, why would you expect them to? Their starting point (whether parents or 'authorities') is that they don't want internet predators targeting children via encrypted messaging, because it renders them (said parents or 'authorities') powerless in a way much more complete than more traditional communications.
Also, ElectronicsRUs, (unlike some folks) you did not suggest I am making things up, and I appreciate that. In fact, those who dismiss legitimate researchers and child protection professionals as cranks or dishonest are doing a service to those who would mandate back doors. I assume that isn't what they wanted.
Good point.... it was a near miss, because it was a case I worked, and I know the context. Which of course is everything. Once you have found the attempted switch to encrypted, you can investigate exactly who is talking to whom and why - unless it is encrypted and not stored locally.
I have also investigated similar communications in non-predator messages, and they arise at a surprisingly low rate.
I can't comment on whether the position in the expected report is honest or not, but I have been researching and assessing internet offenders for years. The comments declaring that most children are sexually abused by family and 'friends' are correct, but off the point. The issue is that there is a growing problem of men using various forms of messaging platforms to communicate with and ultimately sexually abuse children.
In my work I found most references to any form of social media or communication channel were associated with an attempt to establish an alternative ‘back-channel’, access to video chat or, most often, switch to a more secure channel. For example:
[13:33] <H> u have torchat?
[13:34] <K> what is that sorry
[13:34] <H> nm all good
[13:37] <K> i have heard of snapchat not torchat
[13:38] <H> oh k... just an encrypted one thats all
So there's a near miss. Favoured encrypted channels evolve over time, and there has been a definite shift to mobile. However, the effect is so strong that it is worth searching all digital evidence for any reference to encrypted communication, because most of them are associated with a grooming process, if one is present.
Whether this real threat justifies a backdoor in all messaging systems is another question, I just didn't want the prevailing tone of dismissal of risk and harm to children in the comments so far to continue unchallenged.
One of the benefits of receiver operating characteristics is that the method generates a curve, not a spot on a chart. Sadly omitted from this article. You use this to choose an optional cut point on the continuous measure depending on the positive and negative utilities of the outcomes. You could easily create an algorithm to do this.
Nothing much to do with AI though. Intermediate statistics.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
