Benlog

My amazing fiancee defended her Neurobiology PhD thesis at MIT yesterday. Even though I’d heard her practice her talk a few times, I was still amazed and impressed by the quality of her defense presentation. I thought about what might lead me to such strong feelings about her work (beyond my strong feelings for her, of course). And it occurred to me: there is real beauty in the work of true scientists, and she is the epitome of the true scientist.

A scientist looks at the world with a thirst for knowledge and discovery. A scientist knows not to get excited about a beautiful hypothesis, because a hypothesis is nothing until proven by a well-controlled process of experimentation and empirical observation. A scientist often labor for weeks, months, and sometimes years, only to be left with the conclusion that the original hypothesis was wrong. A scientist must be comfortable with the fact that research is inevitably disappointing 90% of the time. A scientist is out to discover those things that are either true or false. A partially proven hypothesis is not partially true, it is nothing. We live in a world of constant spin and ulterior motives, but scientists know that some things in the world are precisely knowable. Through hard work and many failures, a scientist uncovers that which can be factually determined. A scientist chases these facts with the intellectual and emotional conviction that there is a certain beauty in the world that can be explored and described, not to deconstruct it, but instead to futher expose and admire its beauty.

A scientist is her own toughest critic, because she is not out to prove her pet theory. She is out to discover the true nature of the world. Her hypothesis is not an end in itself, it is a means to expand the world’s body of knowledge.

We, as a society, have much to learn (or re-learn) from true scientists. For scientists are humble enough to understand that they play no role in defining the world. They are the messengers, always striving to deliver a more detailed and faithful picture of the world to the rest of us, so that we may admire its beauty and better define our place and our function within it.

So Marc Fleury is a successful figure in the open-source business world. It’s very clear that he’s succeeded in business, but it’s not so clear that he understands open-source very well, and that may come back to bite him. And since he’s a Frenchman, too, hopefully he’ll take my criticism well, if he ever reads it 🙂

In his Business Week interview, he basically criticizes the “Hari Krisha’s” (his words, not mine) of the open-source world, pitting those who work for free against those who are trying to make a living. He claims that he found a way to make money off open-source: give the software away for free and sell the services. (So, he didn’t exactly invent this idea, but let’s put that aside for now.) What he fails to see is that open-source development and open-source support are distinct.

The beauty of open-source, from a business standpoint, is that the software writer and the software support provider may not be the same. Open-source enables competition. I wrote about this back in 2000: open-source is the ultimate capitalist tool in that it enables a customer to pick a product and then select a support provider for that product independently of who wrote the software. That’s ultimate market competition, and it ultimately benefits the customer.

So insulting the people who might contribute to JBoss for free is neither here nor there. Much open-source software is written by people who don’t get paid (including the early versions of JBoss). The question is: who’s providing the service? Well, JBoss.com is. But so is HP. And so is Novell. In other words, Marc, if you’re insulting the open-source volunteers, you’re missing the point. The volunteers will always be part of the equation when it comes to writing open-source software. When it comes to supporting open-source software, of course people expect to be paid.

And the way you make money in the open-source world is by harnessing the open-source community for development, where new features and bug fixes benefit everyone, to build the most awesome platform you can build. Then, you have to build a brand, a solid brand, and some quality services, to ensure that customers come to you for support instead of switching to your competitor the moment you stop performing. The two steps, building the sotware and supporting it, are very different.

JBoss has certainly understood the concept of building a solid brand. Kudos to the company for succeeding where many (including myself) have failed. However, insulting a segment of your platform builders because you found a way to make money on services when they did their work for free, that’s just stupid. It’s a bit as if RedHat insulted Linus because he started Linux as a volunteer. It’s bad strategy.

I heard about the London bombings first thing yesterday morning. For some reason, it took until this evening to really hit me. I’m quite sad. And angry.

To the right wing and to the left wing: please stop with the cheap commentary on this issue. It’s inhuman to rejoice at the hope that “Europe will now take terrorism seriously.” It’s ridiculous to base your criticism of Bush on this one event, as if another policy would somehow prevent all terrorism. For now, over 50 people have died, and hundreds more are wounded. It’s horrible, terrible, unimaginable, really. Let’s pay our respects before we start bickering, again.

So the right wingers are quick to accuse anyone who opposed the War in Iraq of being weak in the fight against terrorism. This is, in no uncertain terms, a load of crap, and it needs to be made incredibly clear. Someone who truly wants to fight terrorism knows that overthrowing the Taliban and fighting Al Qaeda were and continue to be incredibly important. But the War in Iraq was a ridiculous diversion that set us back in the real issue of fighting terrorism.

Case in point: it turns out that the French, though opposed to military action in Iraq, have been helping the CIA in unprecedented ways in fighting real terrorism, meaning Al Qaeda. I have significant issues with the power of French magistrates and their degree of oversight (i.e. none), but it’s clear from this story that the French are incredibly serious about fighting Al Qaeda. It’s also clear how Donald Rumsfeld is a posturing idiot who will blatantly disregard national security in exchange for a good sound bite about Old Europe.

I wonder if Instapundit and the other French bashers will ever pick up this story and scale back their absurd rhetoric.

UPDATE: Heh, nope the wingnuts like Instapundit didn’t pick up the story. But they did happily enjoy the fact that Paris lost its Olympic bid to London. At least Instapundit is honest enough to call it petty. If only he noticed that many of his other comments are just as petty.

Senator Rick Santorum, a “rising star” of the Republican Party, in his book:

Many women have told me, and surveys have shown, that they find it easier, more “professionally” gratifying, and certainly more socially affirming, to work outside the home than to give up their careers to take care of their children. Think about that for a moment…Here, we can thank the influence of radical feminism, one of the core philosophies of the village elders.

Now, there is no problem whatsoever with choosing to stay at home to raise your children. Whether you’re a man or a woman, in fact. It’s a beautiful, fantastic, commendable choice. But as always, the problem with these social conservatives (and with the Republican Party as a whole, these days), is that they don’t want you to choose. They want to tell you how to live and how to raise your children. They know better than you how to live your life.

What will Republican Women say? Is this the policy of the Republican Party?

So, it’s time I begin describing the work my research team (Susan Hohenberger, Ronald L. Rivest, and myself) has been doing to fight phishing attacks (and maybe even spam). Over the next few posts, I’ll describe the building blocks, and eventually piece them together into a solution. Feel free to ask questions in comments or by email.

First, let’s talk about the overall problem and high-level approach.

Email isn’t trustworthy. When you receive email, you have no way to verify the authenticity of the sender’s address. That leads to a number of forms of anonymous spam (the kind you can’t complain about or unsubscribe from), and, most importantly, to phishing attacks, where the sender address is spoofed so as to mislead you into revealing confidential information (like your password). One obvious solution is to find some mechanism to authenticate this sender address. The not-so-obvious part is: how? Though we’ve known how to do digital signatures for more than 20 years, we still don’t have an easy mechanism that is truly deployable on a large scale. Most approaches require establishing a public-key infrastructure, where each user is responsible for generating a personal key and getting it certified. That generally requires significant user education and effort – and in the realm of security, where the payoff is only clear once the damage has been done, that education never happens in time.

A number of people will tell you that, even if you can authenticate an email sender, that’s not enough, because someone could send you email from “b1gbank.com” instead of “bigbank.com” (notice the “1” instead of an “i?”), and though the email will be authentic, you’ll still be fooled. That’s true. Email authentication is not enough to stop phishing and spam. But it is necessary. Not sufficient, but necessary. Email authentication can provide the basic platform of trust for email, much like SSL provides a platform of trust for the web. Once this platform is established, a number of reputation-management systems can be deployed to help users make that final trust decision. But without the platform, there can be no such reputation management. We need a platform of trust to provide basic accountability for email.

So our goal is to provide this platform of trust. We’re not trying to be 100% secure. We’re trying to be “just secure enough” to prevent email-based phishing attacks. Our solution isn’t appropriate for authorizing nuclear missile launches, but of course, most users’ email hardly ever needs to be.

In the end, our solution is very simple: we make it such that, if you want to successfully authenticate your emails as coming from “alice@wonderland.com,” you must be able to receive emails sent to “alice@wonderland.com.” Sound familiar? It should. It’s the same mechanism that numerous web sites use to authenticate you the first time you register for an account or when you lose your password: they just send you an email. Conceptually, our solution is quite similar. At a lower level, it’s much more powerful. We use cryptography to (1) capture Alice’s ability to receive email at a given address and (2) prove to another user, Bob, that she has this ability. And we do it without any extension to SMTP, the mail protocol. Deployment can happen at the client level (upgrade Outlook), OR at the server level (upgrade qmail, sendmail, exchange), which means it’s compatible both with web-based email providers and with mobile users accessing their mail from a heavily-firewalled place like China.

So, to summarize:

• we need to authenticate emails to provide a basic platform of trust.
• we’re going to provide this by tying email authentication for an address with the ability to receive emails at that address.
• our solution requires no significant change, and is deployable today at the client or server level.

In my next post, I’ll describe Identity-Based Signatures, a super-cool crypto concept that is the key (no pun intended) to our solution.

I’m a sucker for a good action flick. Actually, I’m a sucker for any action flick, really, provided it offers a better-than-horrendous plotline. So I’ve been somewhat excited about War of the Worlds, the Steven Spielberg movie starring Tom Cruise. Except now I think I should boycott the movie because of Tom Cruise.

Let me be clear. I don’t care one little bit whom Tom Cruise dates or gets married to. That is his business. I don’t even really care if people think he’s been brainwashing the woman he’s dating. There’s no way for me to truly assess the veracity of these allegations, and, frankly, it’s not like celebrities lead otherwise normal lives. There is an online petition that unfortunately ventures into these questionable areas of criticism, so I won’t be signing it.

The problem with Tom Cruise is far more serious. Our country is becoming increasingly unscientific. Our administration repeatedly downplays scientific reports regarding the gravity of global warming, the need to provide comprehensive sex ed to our children, environmental reports on everything ranging from mercury emissions to public land grazing, and the list goes on. In each case, someone with an agenda and without scientific training spreads misinformation. In each case, propaganda and FUD (Fear, Uncertainty, and Doubt) are used to deform scientific debates and promote a mostly-discredited line of reasoning.

And Tom Cruise is doing just that with regards to psychology and psychiatry. He’s making absurd and irrelevant claims that psychiatry is a nazi science (so is rocket science, literally, as a coworker recently reminded me), and generally insulting people he barely knows for taking psychiatric drugs. The scary thing is that Tom Cruise’s words probably carry significant weight among a certain segment of the population. And his training in the matter amounts to the teachings of the Church of Scientology, teachings which are secret by design, thus not peer-reviewed and not even close to scientifically sound.

We need to revive a pro-science movement in this country, a movement based on logic, empirical evidence, and a general pursuit of fact and truth. Not everything can be whittled down to fact, but a lot of things can. On those matters which can be scientifically decided, we should respect the real experts, the ones who publish in peer-reviewed journals and can provide consistent evidence for their claims. We should seriously question people who come to the table with religious or cultish reasoning. Enough is enough. Religion should be a private matter, not a set of goggles through which to view scientific fact. A religion-backed argument should simply be irrelevant when contradicted by scientific fact.

So I won’t be seeing War of the Worlds. And I hope a number of science-minded people follow suit. Tom Cruise can choose to believe whatever he wants to believe, can date whomever he wants to date, can screw up his life as much as he desires. None of these things would likely affect my movie viewing patterns. But if he wants to use his position to spread bad science, I won’t spend any more money providing him with that soapbox.

I attended Creative Commons’s iCommons summit today (photographic proof). As I watched the presentations, looked around at the more than 80 representatives from the 70 countries that are now taking part in Creative Commons, I realized a simple fact that has snuck up on me: Creative Commons is kicking some serious butt.

There are now 15,000,000 documents distributed under a CC license, which is almost 0.2% of the Google index. The number of CC-licensed documents is currently growing at an 80% quarterly rate. As Neeru said when she showed the pie graph: the amazing thing is that you can see the Creative Commons share on a web-wide pie graph.

What’s most amazing to me is the rapid success of CC’s international expansion. While the US effort had the novelty of the movement and the blog early-adopter phenomenon to jumpstart it, a lot of these international efforts are making significant headway with far fewer resources, far less press, far more complicated copyright issues (moral rights anyone?), and far less low-hanging fruit.

This is now a real, world-wide movement, the likes of which I have never experienced. A movement of people who believe that there should be some kind of middle-ground between extreme DRM control and total public domain. A movement of people who want to create a new ecosystem of sharing, because they know deep in their hearts that sharing (some) culture and science freely is the most important trend we have to reassert as a generation.

I could not be more proud of the fact that I play a tiny role in this huge effort.

Microsoft is sick of spam, and Bill Gates has declared that spam must end by 2006, so they’ve decided to unilaterally implement their Sender ID approach at Hotmail. What that means is that, if your domain hasn’t adopted Sender ID, Hotmail users will never receive email you send them.

Sender ID is a simple and simplistic solution to the spam problem: email from someone@yahoo.com should originate from mail servers that are approved senders of email for the yahoo.com domain. Yahoo is then responsible for declaring, in an SPF (Sender Policy Framework) record, exactly which servers are thus approved to send emails on behalf of Yahoo users. Sounds easy and great, right?

Not so much. This solution breaks the end-to-end nature of email. SMTP, the protocol that manages email, was designed not to care about how an email travels from Alice to Bob. A number of critical email features rely on this path-agnostic design. In fact, that’s how almost every successful Internet protocol functions: the network provides as little functionality as possible, while the ends provide the smarts. If you stuff too much functionality in the network, you inherently limit the way it can be used.

So what happens if one decides that emails must take a well-declared path? People who use one email client to manage multiple email addresses will hit significant trouble: they will likely send out emails via the “wrong” mail server, and never realize it until they find out their email was thrown away by a spam filter. Mail forwarding, like the kind provided by your university’s alumni services, just doesn’t work. Mailing lists become far more complicated, if not altogether impossible.

The point is, designing scalable, reliable, Internet protocols is tricky. Sender ID is wrong in many ways. The right solution needs to adopt an end-to-end design approach. Cryptography is exactly the right tool for this kind of end-to-end approach. Of course, I’m biased: my research team and I have designed a crypto-based solution to phishing and spam. I’ll describe it over the next few weeks, and hopefully convince you that it’s better in many ways than the currently-proposed solutions.

Republicans are trying to overrule the courts once again, but this time in the most disgusting way possible: by taking away their funding. You heard that right. They don’t like the decision, so they are actively taking away the courts’ enforcement money.

There is a way for Congress to override the courts. It’s called a Constitutional Amendment. What Congress is doing now is called a travesty.