GPS Spoofing in Shanghai

MIT Technology Review has an interesting article on a new type of GPS spoofing going on in Shanghai which has the experts puzzled.

Nobody knows who is behind this spoofing, or what its ultimate purpose might be. These ships could be unwilling test subjects for a sophisticated electronic warfare system, or collateral damage in a conflict between environmental criminals and the Chinese state that has already claimed dozens of ships and lives. But one thing is for certain: there is an invisible electronic war over the future of navigation in Shanghai, and GPS is losing.

Strava data makes an appearance as a way of figuring out whether only shipping is affected.

Perhaps bugs or malware in the ships’ AIS or GPS systems were causing the effect? To rule that out, they sought data from another form of transportation completely: cycling.

China has about as many bicycles as the rest of the world combined, with nearly 10 million in Shanghai alone. Some of the city’s cyclists use smartphone fitness apps to track their rides. One in particular, Strava, shares a global heat map of anonymized activities from the previous two years.

Rethinking Encryption

A really interesting article on the encryption debate from Jim Baker, who was the FBI’s general counsel when it tried to get Apple to decrypt the iPhone of one of the San Bernardino shooters in 2016.

Baker argues that despite law enforcement facing the prospect of losing access to plain text messages from various sources, and the extra difficulties involved investigating certain cases, widespread encryption should be encouraged by all public officials to counter the much graver threat posed to national security from insecure networks and communications.

Today, digital technology is pervasive and society relies on a range of devices, networks and services to conduct its most important affairs. The political, economic and military power of the United States, as well as the health, safety and welfare of Americans, depend heavily on the secure and reliable operation of a complex digital ecosystem. We have connected our most vital international, national, regional and local systems to an inherently vulnerable network of networks. Glenn Gerstell, the general counsel of the National Security Agency, recently wrote a compelling piece about the complexities of the global digital network and the many challenges it presents to the United States.

It is, therefore, essential that we safeguard the confidentiality, integrity and availability of data on those networks. But we have not done so. The failures are systemic and involve poor design, poor implementation and poor risk management. The cybersecurity problems of the United States and its allies are profound.

With China, in particular, aggressively hacking everything from universities, to companies and Governments, Baker points out that the ongoing threat from that activity far outweighs the loss of access to some criminals’ messages.

Refreshing to see this argument put forward when we’re so often only presented with the simplistic “do this or criminals/terrorists/paedophiles will escape justice.” The fact is that our entire society now relies on strong encryption and weakening it will have far-reaching unintended consequences.

Encryption Wars

Governments all over the world are terrified of losing access to what the public is talking about, warning that all sorts of doomsday scenarios will happen if they can’t snoop on our every word. This despite the fact that they have never had access to this information until arguably the widespread adoption of email from the mid-90s, and particularly since the advent of social media in the mid-00s.

Prior to that they could get a warrant and tap your phone, or perhaps try to steam open your letters, but they, with the possible exception of the NSA, couldn’t do it to all people, all the time.

The internet has provided the biggest boon to the surveillance community, with Snowden revealing the NSA’s now-relistic goal to record all the information, store it and have it searchable forever.

Stanford’s Center for Internet and Society have a good article looking at the latest attempts to get the tech platforms to minimise their use of end-to-end encryption, or to provide some other way for Governments to snoop on message contents.

But we do not live in a world where that system always stays tightly confined to CSAM [child sexual abuse material], or malware scanning, and doesn’t end up enabling censorship of individuals’ private personal conversations with other people over content that is not illegal or harmful. That already happens in China (which is increasingly an object of envy by U.S. law enforcement). China uses its online censorship capabilities to keep its citizens from using WeChat to talk about Winnie the Pooh or “Tiananmen Square”. An end-to-end encrypted messaging system that would do client-side scanning of content against a blacklist before it’s encrypted and report the positive hits? China would rush to fund that work, and likely already has.

The whole article is worth a read, but it’s important to recognise the end-goal.

The rationale may change — national security and terrorism one day, and if that doesn’t work, child abuse the next — but the goal is the same: for governments to have the ability to eavesdrop on your every conversation, the legal power to require that all your conversations be recorded, and the authority to make private-sector providers do their bidding in the process. To have total control. And, if they really succeed, they will reach the ultimate goal: to not even need to exert that control to restrict what you say and do and hear and think — because you’ll do that yourself. You will save them, and Facebook, a lot of time.

Electric Spider Flight

An article that’s been sitting in my unread tabs for a while now, but is pretty cool. We’ve known for ages that spiders can fly, but we’ve only just figured out how they do it.

Ballooning spiders operate within this planetary electric field. When their silk leaves their bodies, it typically picks up a negative charge. This repels the similar negative charges on the surfaces on which the spiders sit, creating enough force to lift them into the air. And spiders can increase those forces by climbing onto twigs, leaves, or blades of grass. Plants, being earthed, have the same negative charge as the ground that they grow upon, but they protrude into the positively charged air. This creates substantial electric fields between the air around them and the tips of their leaves and branches—and the spiders ballooning from those tips.

File under ‘Nature Is Cool.’

October Training Update

Well I’ve been back ‘training’ for two months now and some progress is being made. September was more about getting a routine going again and was a bit hit and miss. The weekly plan was for a long ride on Monday, weights Tuesday & Thursday, intervals on Wednesday and another long ride on Saturday. I was pretty good at getting both weights sessions in and Monday rides were also fairly consistent, but Saturday’s weren’t great, nor were the mid-week intervals.

Still, overall, I did start training consistently with 4-6 sessions per week, even if they weren’t always exactly what I had planned. I had also aimed to get my weight down under 90kg which turned out to be too ambitious, particularly as I skipped too many long rides.

September and October PMC

October’s training has gone a bit better. Monday rides got longer, up to my target of 3.5-4hrs. I got my weekly intervals session in most weeks on the indoor trainer and I’ve been better at getting a long ride in on Saturdays as well. I even entered a local C-Grade crit which didn’t go well 😀

I’ve had to dial the weights work back over the last two weeks though as I found I was just completely shattered the next day. I expect some muscle soreness, so that wasn’t an issue. But my fatigue levels were off the charts the day after a weights session which made it tough to get out and do a bike session. The plan now is to switch weights to maintenance mode for the moment - I’ll do one session a week with 20 reps of each exercise at slightly lighter weights. That should be enough to give the small stabiliser muscles a workout without smashing the larger muscles and leaving me wrecked the next day.

The only problem I had in October was getting a little too enthusiastic int he final week and doing too much work - almost 13hrs in total - digging myself into too much of a hole (the yellow bars) and destroying my motivation for the first half of the following week. Need to keep a lid on that. Slow, steady progress will win out in the end rather than overdoing it and being forced to back off.

Weight still isn’t under 90, though it’s heading in the right direction. At 91.1, it’s down almost 3kg from peak laziness.

This weekend I’m off to Kangaroo Valley for a tw-day training camp with my SUVelo clubmates. I’ll probably get my arse kicked but it should be fun.