
Mr. Fart’s Favorite Colors - philfreo
https://medium.com/@blakeross/mr-fart-s-favorite-colors-3177a406c775#.4b6z856uh
======
Negitivefrags
I've run into the programmer vs normal person difference in thinking quite
often with regard to customer support calls.

Occasionally I will be called by someone from some company or government
department because they want to notify of something. Lets say for example, I
forgot to pay my insurance bill.

At some point in the call they will ask me "I just need to verify your
identity with some security questions." and ask me for something like my date
of birth or my home address.

The only correct answer to this is "I can't give you that information. You
called me. I have no idea who you are."

I'm always met with complete incredulity at this concept. About 50% of callers
don't understand at all what I'm trying to get at. Most of the rest just don't
have any idea how to continue.

What I tell them at this point is that the correct way to handle this is that
they need to give me an extension number for them personally and I will find
the external number of their company/dept myself on their website and then
call them back.

Unfortunately a lot of these callers either can't (due to not having a
personal extension number) or wont (it's off protocol I guess?).

The problem is, I feel like an asshole for taking a stand on things like this
("Why is this guy trying to make my job difficult"), but more people need to
understand that it's all too easy to be socially engineered!

~~~
DanBC
> At some point in the call they will ask me "I just need to verify your
> identity with some security questions." and ask me for something like my
> date of birth or my home address.

> The only correct answer to this is "I can't give you that information. You
> called me. I have no idea who you are."

This ties in with a scam in the UK that exploits a feature / bug of the POTS.

The scammer calls, and claims to be from your bank, and that you've been the
victim of crime, and that they need to sort it out.

Some people express doubt about the validity of the caller.

The scammer says something like "Have a look on the Internet at your bank's
phone number, and give them a call, and ask for Mr Jones in the Fraud Response
Unit on extension 537. I'll hang up while you look. But it's really important
that you do this quickly, to prevent more of your money being stolen".

The person being called hangs up the phone, but the scammer does not. Since
the scammer initiated the phone call they're keeping that line open.

When the victim picks up their phone to make a call the scammer plays a fake
dial tone while the victim "dials a number". An assistant of the scammer then
pretends to be a bank phone answerer and connects the victim back to the
scammer.

This little bit of social engineering appears to be very strong. There are
stories of people who were initially suspicious, but who then lost all
suspicion because of this trick, and who lost tens of thousands of pounds.

And since the victim handed out the money the banks tend to refuse to give the
money back. The victims really lose real money. It's very sad.

~~~
moultano
That's terrifying. How do you protect yourself from that? I'm not familiar
enough with my bank's phone tree to distinguish the real one.

~~~
kh_hk
You use a mobile phone, another line, or walk to the bank. Other than that one
must ask himself, what type of crime? Why does my bank's website show none of
it? Is it related to any of my cards missing? Why is the bank contacting me
and not the card issuer (VISA, etc)?

I must guess this kind of primitive social engineering can work around 1 out
of 100 cases and still be practical. As far as I've seen though the real treat
is phishing. Really easy to set up and for most people it works.

Just the other day I was playing around an unprotected server of a phisher
that had just sent me an email and there was plenty of people that had fallen
for their trick. It could be seen on a text file were they were lousily saving
all these details. Scary stuff.

Two factor authentication and even one-time cards (some banks issue this) can
protect from this; but as always people that worry about security are already
secure. It's the unaware that will fall for the trick.

------
ivraatiems
I think this is a fantastic article - and I thought it was genuinely funny,
but my sense of humor is about 80% butt jokes so I think that's just an
unusual alignment of my taste with the author's ;).

Now, allow me to take this article about irreduceable complexity and reduce
its complexity: the question is not even about which shade of security gray to
go with. It's an ongoing psychological battle between security and security
theater, which is an unrelated set of activities that is almost, but not
entirely, exactly unlike actual security.

Security theater operates on the level of what feels right, instead of what is
logically right. That makes it powerful. It offers an appearance and feeling
of safety, and there's value in that. Of course, if you ask someone "do you
want a phone that feels safe or is actually safe," they'll pick the latter,
but actually, they want and need both.

That's the problem with this issue. The general public doesn't feel the
difference between these two domains clearly enough to know how dangerous the
governments plan for the iPhone is - they don't understand that it shifts the
balance wholly from security to security theater, when what you actually want
is a blend of both. You need The Great Tagliatelle and the locked cockpit
door. You need laminated paper and you need to have pilots with secret codes.
Without security, an iPhone will still FEEL safe - it just won't be.

The problem is, feeling safe is good enough for most. That's why we mostly
have metal locks and not giant flaming Doberman-lauching turrets on our lawns.
Until the public gets the need for a balance, this debate will go nowhere
fast, and the government - who is very used to getting its way - will
skillfully play on our desire to feel safe in order to get what it needs.

------
rzimmerman
It is really surprising the amount of paranoia and thought that goes into
software security compared to pretty much everything else. A driver's license
is mostly a laminated piece of paper with some holograms. Social security
numbers are 9 digit passwords you share over and over again that can't really
be changed.

I was recently asked to sign a receipt at a store when I'd used Apple Pay. My
phone uses a fingerprint reader to authorize a one-time-use token for payment
that's transmitted in a cryptographically secure way. But that signature -
that's the real unfakeable proof.

~~~
DanBC
The signature is used to help convict criminals.

It's a small part of a package of evidence that proves intent to deceive. If I
use someone else's credit card I can lie and say it was an accident. I use
someone else's credit card and sign their name, not my name, on the slip it's
harder for me to make the same lie.

~~~
c22
I always sign my real name, or sometimes a smiley face drawing when I am using
other people's credit cards (with their permission!) No cashier has called me
on it yet.

~~~
pbhjpbhj
Almost certainly the person who owns the credit card is contractually bound
such that they can't legally give you permission to use it, you don't have
permission because the bank owns it and is the only entity able to give you
such permission.

~~~
c22
Legally speaking, perhaps. I still like to ask permission before using other
people's funds though.

------
hueving
The anecdote about the airline industry in the US is half-correct. It's true
that cockpit protocol didn't change after the German crash, but that's because
the airlines in the US already have a better version than the German one. When
a pilot leaves the cockpit to drop a grenade, a flight attendant must enter
the cockpit to sit with the remaining pilot until the bomber returns.

While this doesn't protect against a completely insane pilot (he/she could
kill the flight attendant), it does eliminate scenarios where the cockpit only
has one person present.

~~~
blakeross
Yeah, I'm aware of this. But I don't think this prevents the germanwings
outcome (which was, indeed, orchestrated by the "completely insane pilot" you
mention).

The person plotting to commandeer the cockpit always has the upper hand,
because they'll be the first to act. It's hard to defend against a sucker
punch or a knife from first-class.

You could even argue that the two-in-the-cockpit rule is less secure, because
it introduces one additional person who could pull off a germanwings scenario
into the impenetrable control room. This is the same concern raised by the
pilot quoted in this article
([http://www.smh.com.au/business/aviation/germanwings-
australi...](http://www.smh.com.au/business/aviation/germanwings-australian-
pilots-wary-of-the-new-rule-of-two-for-cockpit-20150330-1mbjy0)):

"It exposes the cockpit to more security risks than the isolated case of a
homicidal pilot," he said. "I think flight crew are a better judge of fellow
pilots' mental state. Now I have to judge the cabin crew member's mental state
too before leaving them in the cockpit with access to things like the crash
axe."

Originally I had a long aside in the article to deal with this point, but I
axed it because I don't think it changes the core argument. Unfortunately
Medium seems to have removed footnoting capabilities. But it's still a valid
note. Thanks.

~~~
hueving
I'm not sure this guy was insane so much as severely depressed. He did kill a
plane full of people but it was a much more passive act than having to swing
an ax at someone else in close quarters. Why do you think he waited for the
other pilot to go to the crapper?

Also, the argument about now having to judge other cabin crew members mental
state falls a little flat since the pilot that left the cockpit clearly wasn't
even able to judge the guy he was with. It's sort of like arguing that now you
have to read two minds instead of one.

~~~
blakeross
He was seeing a number of psychiatrists, and 41 doctors total, in part because
he thought he was going blind and that the blindness would destroy his career.
But doctors thought that problem was psychosomatic
([http://www.bloomberg.com/news/articles/2015-03-27/germanwing...](http://www.bloomberg.com/news/articles/2015-03-27/germanwings-
co-pilot-was-unfit-to-work-on-day-of-crash)).

I'm not a psychologist though, so not qualified to weigh in on questions of
sanity. For the same reason, I also agree with your point about crew judging
each other's mental states. The part that resonated with me was more that
there's now one more person in the cockpit who could potentially pull this
off.

The fact that he waited for the pilot to leave doesn't prove that he wasn't
prepared to pull off the same attack if the pilot didn't leave. He'd still
choose to do it this way given the option. We'll never know, but regardless,
it remains a possible vector in the future, yet the cockpit security remains
in place (for good reason).

------
dclowd9901
I have nothing to say other than, author, if you're reading this, this opinion
was... There's no other word for it: utterly fantastic.

~~~
blakeross
I appreciate that. I've been working in tech since I was a kid and have been
transitioning over to writing recently. It's been an interesting shift because
it doesn't offer the same kind of motivating fuel (up-and-to-the-right graphs,
etc). So comments like this are more encouraging than you know. Thank you.

~~~
archagon
After finishing this, but before reading the byline, I thought to myself,
"Yeah, this dude definitely has some writing chops... hmm... maybe that
Firefox guy who wrote the screenplay?" Turns out it was indeed you! Definitely
looking forward to reading more of your articles/whatever.

------
DrScump
<This is the moment you realize that some people just want to watch the world
burn.>

Or, maybe the user is "kicking the tires" to see how robustly it was coded,
concerned that poor data verification practices reflect weaknesses elsewhere
in the code as well.

EDIT: s/inadequacies/weaknesses for clarity

------
gboudrias
Good article, very click-baity title.

The article is about software security and how it compares (or doesn't
compare) to real-world security, and what this means for the Apple case.

What drew me in is mostly that the beginning is written in a very light-
hearted style, so it's a pretty easy read at first.

~~~
blakeross
Thanks. And, I agree:
[https://twitter.com/blakeross/status/706191059185872896](https://twitter.com/blakeross/status/706191059185872896)

Usually I go in the other direction and redefine bland, e.g.
[https://medium.com/@blakeross/don-t-outsource-your-
thinking-...](https://medium.com/@blakeross/don-t-outsource-your-thinking-
ad825a9b4653). Had a little Friday fun with this one.

~~~
neotek
For what it's worth, you're a fantastic writer and this is one of the most
enjoyable articles I think I've ever read. You've captured the essence of the
subject perfectly, and your writing style is thoroughly enjoyable.

~~~
soylentcola
Seconding this. Maybe it's my love of anecdotes and analogies to illustrate
points that may be hard for people to understand. Possibly it's my
appreciation for well placed juvenile humor.

Either way, I identified with some of the points being made and easily picked
up on the things I'd not considered from this angle thanks to the funny
examples.

~~~
karmelapple
Everything above echoed, with the important addition that I feel I can share
this article with all of my non-techy friends and family and feel they will
step away with a much better understanding of the Apple discussions.

I still see unease with some of my friends and family about the topic, and
although perhaps some of them have realized the ultimate question of should
the cockpit or the cabin control things, I don't think they have a good
understanding of why that is, or how this phone security compares to other
things that are called "security," whether a door lock or the airport security
line.

Very vivid writing that explains this for everyone. And I dig this type of
humor.

------
jacobolus
In “thinking like a technologist”, this post is missing the context/subtext in
the airline security game.

The metal detector makes the airplane neither more nor less safe than the
security theater porno scanner machine, and the precheck also doesn’t
accomplish anything. The only reason most of the people need to be diverted
through the porno scanner machine is that the federal government spent a few
billion on them in a handout to some senator’s friends, and to scrap them now
would make the tremendous waste of money obvious to everyone.

But at the same time, business travelers don’t want to go through the new
machines, so we let them pay a nominal fee (easily amortized down to trivial
if you fly a few dozen times per year) to go through the old metal detectors
instead. Bonus: they now get to take a shortcut in the security line that they
didn’t used to get. If someone without a real precheck manages to sneak
through the metal detector line by counterfeiting some paper token, it isn’t a
real security risk.

~~~
blakeross
Well, I did say at the end: "For as much money and time as we’ve wasted on
printer-powered air security, only one innovation has prevented another 9/11:
Locked, reinforced cockpit doors."

I agree that it's generally theater all the way down.

~~~
danieltillett
While locking the door is important, the real innovation is in the attitude of
the passengers. It just isn't possible to hijack a plane anymore because the
passengers will not allow it.

------
wangii
I was astonished by how un-safe the road/traffic system really is 8 years ago
when I started to learn driving. Just think about it, driving on road is
extremely vulnerable: any other driver on the road could make a small mistake
to get you both killed, accidentally or intentionally. Yet the road system is
far more secure than its cyberspace counter part. Why?

* Potential damage is roughly symmetric. A bad/evil driver might kill others but very likely also kill himself.

* Threat is local. There is no way a bad/evil driver to kill all the drivers.

* The road system as a whole does not have the single point of failure.

I think the claim in the article is dangerously wrong. We should never be
given a binary choice in such big issue.

~~~
jacobolus
The road system has killed tens if not hundreds of millions of people. How
many have been killed in cyberspace?

------
kyberias
I really liked the style of writing in this piece. The author certainly should
consider writing a book. Reminds me of Malcolm Gladwell.

------
dstroot
Best read in months. Thanks for posting this.

------
jessaustin
"Mr. Fart" is the best nickname for them yet, much better than that "Female
Body Inspectors" one sees on t-shirts.

------
cponeill
Best article I have read in a while. Thanks for writing it.

------
purpled_haze
The best security: be honest and place complete trust in those you employ.
Hire people you trust. If there is nothing that is blocking you, then morale
is higher, and people get more focused on what is important. If there is
nothing to break into, there is less temptation. Your employees won't be
perfect, but if they are trusted, if you let things be, there's a good chance
everything will be fine- at least as fine as it would have otherwise.

~~~
purpled_haze
I'd like the people that -1'd me to explain why I'm wrong.

No matter how much defense you put up, if you are accessible, you are at risk
for unauthorized use of data.

Employing only people you trust and showing them you trust them is a great
alternative to security restrictions.

