A Chinese Hacking Group Is Stealing Airline Passenger Details – Slashdot

xxx

A suspected Chinese hacking group has been attacking the airline industry for the past few years with the goal of obtaining passenger data in order to track the movement of persons of interest.

From A Chinese Hacking Group Is Stealing Airline Passenger Details – Slashdot:

xxx

Quaint quantum quant query

xxx

One common worry is that whoever makes a breakthrough first may choose to reap the rewards in obscurity, rather than broadcast the fact to the world. After all, says Mr Biercuk, “that is how high-frequency trading got started”. ■

From Quantum for quants – Wall Street’s latest shiny new thing: quantum computing | Finance & economics | The Economist:

In secret agent school, one of the first lessons you learn is the famous tale of the Zimmerman Telegram. You may recall that in 1917, Britain and Germany were at war. Britain wanted the U.S. to join the effort against the Axis of Edwardian Evil. The Kaiser’s ministers came up with an interesting plan to persuade Mexico to enter the war on the German side, thus dividing the potential U.S. war effort and eventually conquering it.

(At this point I thoroughly recommend historian Barbara Tuchman’s 1966 account of the affair, “The Zimmermann Telegram”.) 

To execute this dastardly plot, the German Foreign Secretary, Arthur Zimmermann, sent a telegram to the German ambassador in Mexico, Heinrich von Eckardt. The telegram instructed the ambassador to approach the Mexican government with a proposal to form a military alliance against the United States. It promised Mexico the land acquired and paid for by the United States after the U.S.-Mexican War if they were to help Germany win the war. The German ambassador relayed the message but the Mexican president declined the offer.

Naturally, so sensitive a topic demanded an encrypted epistle and it was duly dispatched encoded using the German top secret “0075″ code. And here it is…

The Zimmermann Telegram

As it happens, “0075” was a code that the British had already cracked. Thus, the telegram was intercepted and decrypted enough to get the gist of it to the British Naval Intelligence unit, Room 40. In next to no time, the decoded dynamite was on the desk of the Foreign Secretary Arthur Balfour, the teutonic perfidy laid bare.

Now the British were faced with the same dilemma that faces the owner of the first quantum computer. How can you use decrypted data, recovered Bitcoin or falsified digital signatures for gain without revealing that asymmetric cryptography has been compromised and that you have exploited it? Consider the options:

  • If the British had complained to the Germans, then the Germans would know that the British had the key to their code and they would switch to another code that the British might not be able to break for months, missing much vital military intelligence along the way. What’s more, the Americans would know that the British were tapping diplomatic traffic into the U.S.

  • If they did not reveal the contents, they might miss a the chance to bring the U.S. into the war.

The codebreaker’s clever solution was to leak the information in such a way as to make it look as if the leak had come from the Mexican telegraph company: since the German relay from Washington to Mexico used a different code, that the Americans already knew to be broken, this was entirely plausible. On March 29th, Zimmermann gave a speech confirming the text of the telegram. On April 2nd, President Wilson asked Congress to declare war on Germany, and on April 6th they complied.

The point of this story is that stupid hackers would reveal their hand, but clever hackers would not. Which brings me full circle back to the question posed in The Economist: what if a billionaire’s hedge fund, a state-sponsored military research laboratory or an evil genius cryptocurrency whale is working on a quantum computer now! If they have any sense, they will keep it a secret, so how would we know?

Cryptography can bring novel solutions – Consult Hyperion

xxx

Bob Hettinga reminded me about Peter Wayner’s “translucent databases”, that build on the Eric’s concepts.

Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols… and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it’s safer — and cheaper — to do that way.

[From 
Book Review: Peter Wayner’s “Translucent Databases”
]
There are other kinds of corporate data that it may at first seem need to be secret, but on reflection could be translucent (I’ll switch to Peter’s word here because it’s a much better description of practical implementations).

From Cryptography can bring novel solutions – Consult Hyperion:

xxx

REVIEW: Swiss smartwatch glass taps into a post-pandemic contactless world

xxx

The last two times I paid in MacDonalds I paid with a phone and a watch. I think using contactless cards is old-fashioned…

From Contactless and fries – Consult Hyperion:

xxx

xxx

Winwatch explained how it is the first company to seal a payment chip (EMV) and antenna within a glass watch face, the kind of technology jump users may expect from a Q-made James Bond watch.

From REVIEW: Swiss smartwatch glass taps into a post-pandemic contactless world:

xxx

Not sure if this is the first EMV watch. Here I am using one in 2012…

 

xxx

As my life is so dull, when I travel to interesting places I like to waste my time and the time of everyone around me by trying out any new payment schemes, terminals and form factors to hand. Thus, I went to San Francisco not with flowers in my hair but with an array of cards, phones and my splendid new PayPass watch.

From Bore reporter – Consult Hyperion:

xxx

Credentials – SMART Health Cards Framework

xxx

Any time we want to present healthcare data in the form of a VC, we must first make some use-case-specific decisions:

Define a set of required and optional FHIR content resources (e.g., Immunization or Observation) that must be packaged and presented together
Decide how to bind these FHIR content resources to a person’s external identity, via FHIR identity resources (e.g., Patient)

From Credentials – SMART Health Cards Framework:

xxx

How digital identity can improve lives in a post-COVID-19 world | World Economic Forum

xxx

The cost of not pursuing digital identities is high. Being able to digitally prove claims is vital to enable paperless, contactless, streamlined processes across public and private sectors. Sadly, COVID-19 has shown many cases of fraud applications for grants from bogus organisations, selling non-genuine tests to citizens, setting up fake companies or enlisting fake directors to harvest data. In the UK alone, Policy Exchange estimates that fraud and error could cost the government between £1.3bn-£7.9bn ($1.8bn-$10.8bn) in 2020.

From How digital identity can improve lives in a post-COVID-19 world | World Economic Forum:

xxx

Central Bank Digital Currency and the future Visa publishes new research | Visa

xxx

Today Visa published a technical paper that outlines a novel approach for offline point-to-point payments between two devices. The protocol allows digital money to be directly downloaded onto a personal device, such as a smartphone or tablet. The money is stored on a secure hardware embedded in that device and managed by a wallet provider (e.g. a bank).

From Central Bank Digital Currency and the future Visa publishes new research | Visa:

xxx

Design a site like this with WordPress.com
Get started