1 00:00:00,000 --> 00:00:00,958 >> DAVID MALAN: All right. 2 00:00:00,958 --> 00:00:01,470 Welcome. 3 00:00:01,470 --> 00:00:02,140 Hello, everyone. 4 00:00:02,140 --> 00:00:03,550 My name is David Malan. 5 00:00:03,550 --> 00:00:05,720 I'm on the computer science faculty here at Harvard, 6 00:00:05,720 --> 00:00:08,130 and teach a few courses-- most of them related 7 00:00:08,130 --> 00:00:10,720 to introductory computer science and higher level 8 00:00:10,720 --> 00:00:12,370 concepts that derive from that. 9 00:00:12,370 --> 00:00:16,660 The next couple of days are not so much though about building from the ground 10 00:00:16,660 --> 00:00:18,920 up, as we might in a typical undergraduate course, 11 00:00:18,920 --> 00:00:22,300 but looking at computer science as it relates to business and to decision 12 00:00:22,300 --> 00:00:24,360 making-- really from the top down so that we 13 00:00:24,360 --> 00:00:27,170 can accommodate a range of backgrounds, as you'll soon see, 14 00:00:27,170 --> 00:00:30,994 both less technical and more technical, and also a number of goals 15 00:00:30,994 --> 00:00:31,660 that folks have. 16 00:00:31,660 --> 00:00:34,680 In fact, we thought we'd start off by taking a look at some 17 00:00:34,680 --> 00:00:37,210 of the demographics we have here. 18 00:00:37,210 --> 00:00:39,390 But first, let's take a look at where we're headed. 19 00:00:39,390 --> 00:00:44,280 >> So today, we have four blocks focused for the day. 20 00:00:44,280 --> 00:00:48,560 First up, we will focus on privacy, security, and society. 21 00:00:48,560 --> 00:00:51,415 And we'll do this by way of a couple of case studies of sorts. 22 00:00:51,415 --> 00:00:54,040 Very much in the news of late has been a certain company called 23 00:00:54,040 --> 00:00:57,580 Apple and a certain agency known as the FBI, as you might have read. 24 00:00:57,580 --> 00:00:59,890 And we'll use this as an opportunity to discuss 25 00:00:59,890 --> 00:01:02,470 exactly what some of the underlying issues 26 00:01:02,470 --> 00:01:06,072 there are, why it's interesting, what it means technologically, 27 00:01:06,072 --> 00:01:07,780 and use that to transition more generally 28 00:01:07,780 --> 00:01:11,290 to a discussion about security and making decisions there on. 29 00:01:11,290 --> 00:01:13,180 >> Two, looking at encryption specifically. 30 00:01:13,180 --> 00:01:16,388 So we'll look a little more technically at what it means to actually scramble 31 00:01:16,388 --> 00:01:17,580 or encrypt information. 32 00:01:17,580 --> 00:01:19,413 And then we'll take a look at Dropbox, which 33 00:01:19,413 --> 00:01:22,060 is one of these very popular file sharing tools these days. 34 00:01:22,060 --> 00:01:26,450 You might use it, or Box, or SkyDrive, or the more recent incarnation 35 00:01:26,450 --> 00:01:27,680 thereof and so forth. 36 00:01:27,680 --> 00:01:29,950 And we'll take a look at some of the underlying security and privacy 37 00:01:29,950 --> 00:01:30,742 implications there. 38 00:01:30,742 --> 00:01:33,408 We'll have a break, and then we'll look at internet technologies 39 00:01:33,408 --> 00:01:35,240 in the latter half of this morning-- trying 40 00:01:35,240 --> 00:01:39,000 to give you a better sense of how that thing works that many of you 41 00:01:39,000 --> 00:01:41,860 are connected to at the moment-- certainly use most every day-- 42 00:01:41,860 --> 00:01:45,560 and what the implications are there for performance, for hardware, 43 00:01:45,560 --> 00:01:49,000 for software, and any number of other attributes, specifically 44 00:01:49,000 --> 00:01:52,000 trying to tease apart a whole bunch of acronyms that you might have seen 45 00:01:52,000 --> 00:01:53,990 or might even use, but don't necessarily know 46 00:01:53,990 --> 00:01:56,040 what's going on underneath the hood. 47 00:01:56,040 --> 00:01:59,500 And we'll take a look to at the process of actually getting a company 48 00:01:59,500 --> 00:02:03,164 or getting a entity online on the web, and what that actually means. 49 00:02:03,164 --> 00:02:04,580 Then we'll have a break for lunch. 50 00:02:04,580 --> 00:02:07,790 We'll come back and take a look at cloud computing, and also designing server 51 00:02:07,790 --> 00:02:09,889 architectures more generally so that you'll 52 00:02:09,889 --> 00:02:13,160 walk out with a better understanding, hopefully, of this buzzword "cloud 53 00:02:13,160 --> 00:02:14,867 computing," but what it actually means. 54 00:02:14,867 --> 00:02:16,950 And if you're trying to build a business or you're 55 00:02:16,950 --> 00:02:19,484 trying to expand a business, exactly what you need to know 56 00:02:19,484 --> 00:02:22,400 and what you need to do in order to handle increasing numbers of users 57 00:02:22,400 --> 00:02:25,190 online, and what kind of decisions you have to make around that. 58 00:02:25,190 --> 00:02:28,380 >> And then in the last part of today, we'll take a look at web development 59 00:02:28,380 --> 00:02:29,330 specifically. 60 00:02:29,330 --> 00:02:31,690 We won't get our hands too dirty, but I thought 61 00:02:31,690 --> 00:02:34,689 it might be enlightening if we actually do get our hands a little dirty, 62 00:02:34,689 --> 00:02:40,052 and take a look at something called HTML, CSS, and an actual server set 63 00:02:40,052 --> 00:02:43,010 up so that you'll create a little web page for yourself, even if you've 64 00:02:43,010 --> 00:02:43,718 done this before. 65 00:02:43,718 --> 00:02:47,010 But we'll talk about what the interesting ideas are underlying that 66 00:02:47,010 --> 00:02:48,920 and what actually is happening every time you 67 00:02:48,920 --> 00:02:54,470 go to Google Apps, or Facebook, or any number of other web-based tools. 68 00:02:54,470 --> 00:02:57,670 >> Tomorrow, meanwhile, we'll transition to a look 69 00:02:57,670 --> 00:02:59,890 in the morning at computational thinking-- 70 00:02:59,890 --> 00:03:03,090 a fancy way of describing how a computer might think 71 00:03:03,090 --> 00:03:05,710 or a human versed in computing might think-- 72 00:03:05,710 --> 00:03:09,330 a little more methodical, a little more algorithmic, as we might say. 73 00:03:09,330 --> 00:03:13,630 And we won't go too deeply into programming per se, 74 00:03:13,630 --> 00:03:15,590 but we'll focus on some of the tenets that you 75 00:03:15,590 --> 00:03:18,800 see in programming and computer science-- abstraction, algorithms, 76 00:03:18,800 --> 00:03:21,751 and how you represent data, and why that's actually interesting. 77 00:03:21,751 --> 00:03:23,750 We will take somewhat of a look at reprogramming 78 00:03:23,750 --> 00:03:25,350 in the latter half of tomorrow morning. 79 00:03:25,350 --> 00:03:27,266 We'll get your hands a little dirty with that, 80 00:03:27,266 --> 00:03:30,150 but only so that we have some context for talking about some 81 00:03:30,150 --> 00:03:34,080 of the terms of art that an engineer or a programmer might actually use, things 82 00:03:34,080 --> 00:03:37,959 you might hear or see on a whiteboard when engineers are designing something. 83 00:03:37,959 --> 00:03:40,000 In the latter half of tomorrow, we'll take a look 84 00:03:40,000 --> 00:03:42,220 at what might be called technology stacks. 85 00:03:42,220 --> 00:03:44,170 In other words, most people today don't really 86 00:03:44,170 --> 00:03:46,230 sit down with an empty screen in front of them 87 00:03:46,230 --> 00:03:48,900 and start building some application or building some website. 88 00:03:48,900 --> 00:03:50,690 You stand on the shoulders of others using 89 00:03:50,690 --> 00:03:54,257 things called frameworks and libraries, many of them open source these days. 90 00:03:54,257 --> 00:03:56,340 So we'll give you a sense of what all that's about 91 00:03:56,340 --> 00:04:01,790 and how you go about designing software and choosing those ingredients. 92 00:04:01,790 --> 00:04:05,189 >> And then we'll conclude with a look at web programming specifically 93 00:04:05,189 --> 00:04:06,980 and some of the technologies related there, 94 00:04:06,980 --> 00:04:11,200 too-- things like databases, open source, or commercial APIs, 95 00:04:11,200 --> 00:04:14,200 or application programming interfaces, and then one such language 96 00:04:14,200 --> 00:04:15,570 that you might use with that. 97 00:04:15,570 --> 00:04:18,800 So it'll be a mix of conceptual introductions, a mix of hands on, 98 00:04:18,800 --> 00:04:21,019 and a mix for discussion throughout. 99 00:04:21,019 --> 00:04:25,500 >> But before we do that, let me give you an answer to a couple of the questions 100 00:04:25,500 --> 00:04:26,834 that everyone here was asked. 101 00:04:26,834 --> 00:04:29,000 How would you describe your comfort with technology? 102 00:04:29,000 --> 00:04:30,250 We have a bit of a range here. 103 00:04:30,250 --> 00:04:34,342 So six people said somewhat comfortable, five said very, and two said not very. 104 00:04:34,342 --> 00:04:36,800 So that should lend itself to some interesting discussions. 105 00:04:36,800 --> 00:04:41,630 >> And please, at any point, whether you are in the not very or very categories, 106 00:04:41,630 --> 00:04:44,430 do push back if either I'm assuming too much 107 00:04:44,430 --> 00:04:46,700 or speaking at too high of a level. 108 00:04:46,700 --> 00:04:47,680 Do bring me back down. 109 00:04:47,680 --> 00:04:50,260 And conversely, if you'd like to get a little more 110 00:04:50,260 --> 00:04:53,580 into the weeds with some topic technically, by all means push on that. 111 00:04:53,580 --> 00:04:57,280 I'm to happy to answer down to 0s and 1s if need be. 112 00:04:57,280 --> 00:04:59,620 >> Do you have any programming experience in any language? 113 00:04:59,620 --> 00:05:04,020 Just to calibrate, almost everyone has no prior programming experience, 114 00:05:04,020 --> 00:05:04,730 which is great. 115 00:05:04,730 --> 00:05:08,672 And even for those that do, we won't spend too much time actually teaching 116 00:05:08,672 --> 00:05:10,880 how to program, but rather just giving you a taste so 117 00:05:10,880 --> 00:05:13,890 that we can then move from there and talk at a higher level about why 118 00:05:13,890 --> 00:05:16,360 some of those concepts are interesting. 119 00:05:16,360 --> 00:05:18,884 >> This and more will all be available online. 120 00:05:18,884 --> 00:05:21,300 In fact, if there's one URL you want to keep open in a tab 121 00:05:21,300 --> 00:05:23,770 throughout today and tomorrow, you might want to go to this one here. 122 00:05:23,770 --> 00:05:25,150 And that's a copy of the slides. 123 00:05:25,150 --> 00:05:27,774 And any changes we make over the course of today or discussions 124 00:05:27,774 --> 00:05:30,200 that we annotate on the slides, they'll be there instantly 125 00:05:30,200 --> 00:05:33,330 if you just reload your browser. 126 00:05:33,330 --> 00:05:36,160 So I'll give you a moment to jot that down, 127 00:05:36,160 --> 00:05:40,150 and you'll then be able to see exactly what I see. 128 00:05:40,150 --> 00:05:44,230 >> But before we forge ahead, I thought it might be helpful, 129 00:05:44,230 --> 00:05:46,390 especially since we're an intimate group, just 130 00:05:46,390 --> 00:05:49,180 to get to know each other a little bit and perhaps say 131 00:05:49,180 --> 00:05:52,437 where you're from, or what you do, and what you're hoping to get out of today 132 00:05:52,437 --> 00:05:54,770 and tomorrow, ideally so that you might find one or more 133 00:05:54,770 --> 00:05:57,840 like minded spirits or folks to talk to during break or lunch. 134 00:05:57,840 --> 00:06:00,060 And I'll jump us around somewhat randomly. 135 00:06:00,060 --> 00:06:01,740 Arwa, you'd like to say hello, first? 136 00:06:01,740 --> 00:06:02,406 >> AUDIENCE: Hello. 137 00:06:02,406 --> 00:06:03,740 Good morning, everyone. 138 00:06:03,740 --> 00:06:07,216 My name is Arwa. [INAUDIBLE]. 139 00:06:07,216 --> 00:06:10,632 I work at at my sector like banking, business [INAUDIBLE]. 140 00:06:10,632 --> 00:06:22,464 141 00:06:22,464 --> 00:06:23,130 DAVID MALAN: OK. 142 00:06:23,130 --> 00:06:23,510 Wonderful. 143 00:06:23,510 --> 00:06:24,009 Welcome. 144 00:06:24,009 --> 00:06:24,715 Andrew. 145 00:06:24,715 --> 00:06:25,340 AUDIENCE: Yeah. 146 00:06:25,340 --> 00:06:26,040 Hi, everyone. 147 00:06:26,040 --> 00:06:27,492 I'm Andrew [INAUDIBLE]. 148 00:06:27,492 --> 00:06:29,670 So I work for a technology company, Red Hat, 149 00:06:29,670 --> 00:06:32,505 which is a big open source company. 150 00:06:32,505 --> 00:06:34,404 I have a business background so [INAUDIBLE] 151 00:06:34,404 --> 00:06:39,008 get more versed into making solution oriented investments, 152 00:06:39,008 --> 00:06:41,640 I just need to know what people are talking about. 153 00:06:41,640 --> 00:06:44,305 So I lead our global partner operations. 154 00:06:44,305 --> 00:06:46,740 I've been doing that for about five years. 155 00:06:46,740 --> 00:06:48,201 Your overview is fantastic. 156 00:06:48,201 --> 00:06:50,368 I'm really looking to pick up all those [INAUDIBLE]. 157 00:06:50,368 --> 00:06:51,325 DAVID MALAN: Wonderful. 158 00:06:51,325 --> 00:06:52,200 Glad to have you. 159 00:06:52,200 --> 00:06:53,197 Chris. 160 00:06:53,197 --> 00:06:54,191 >> AUDIENCE: Good morning. 161 00:06:54,191 --> 00:06:55,185 My name is Chris Pratt. 162 00:06:55,185 --> 00:06:57,173 I work for a company called [INAUDIBLE]. 163 00:06:57,173 --> 00:07:00,155 164 00:07:00,155 --> 00:07:03,137 It's a family business, so I do a lot of different projects. 165 00:07:03,137 --> 00:07:11,089 And right now, I'm focused on technology initiatives and managing our IT staff. 166 00:07:11,089 --> 00:07:15,296 So I'm here to get a more high level and broad understanding 167 00:07:15,296 --> 00:07:20,525 of the types of things that [INAUDIBLE] is 168 00:07:20,525 --> 00:07:25,762 doing and familiar with so I can help them make the decisions [INAUDIBLE]. 169 00:07:25,762 --> 00:07:26,720 DAVID MALAN: Wonderful. 170 00:07:26,720 --> 00:07:27,466 Welcome aboard. 171 00:07:27,466 --> 00:07:29,330 Olivier, is it? 172 00:07:29,330 --> 00:07:29,953 >> AUDIENCE: Yes. 173 00:07:29,953 --> 00:07:34,507 So I'm French living in Switzerland working for [INAUDIBLE]. 174 00:07:34,507 --> 00:07:41,270 It's a [INAUDIBLE] corporations. 175 00:07:41,270 --> 00:07:45,770 So we're collecting money when there's a disaster and everything. 176 00:07:45,770 --> 00:07:47,770 And I'm teaching some strategies there. 177 00:07:47,770 --> 00:07:55,004 >> So I have to work on [INAUDIBLE] digital projects, but also 178 00:07:55,004 --> 00:07:57,439 quite technological projects. 179 00:07:57,439 --> 00:08:01,822 So the idea for me is really to be able to make better decisions 180 00:08:01,822 --> 00:08:04,762 and being better informed of what I'm really [INAUDIBLE]. 181 00:08:04,762 --> 00:08:05,720 DAVID MALAN: Wonderful. 182 00:08:05,720 --> 00:08:06,219 Welcome. 183 00:08:06,219 --> 00:08:09,146 And Roman or Roman, is it? 184 00:08:09,146 --> 00:08:10,437 AUDIENCE: I'm from [INAUDIBLE]. 185 00:08:10,437 --> 00:08:13,888 186 00:08:13,888 --> 00:08:16,353 And I'm responsible for the [INAUDIBLE]. 187 00:08:16,353 --> 00:08:19,311 And in the team we-- we're a cross functional team 188 00:08:19,311 --> 00:08:21,776 so we work with engineers. 189 00:08:21,776 --> 00:08:25,530 And what I'm looking forward to is being able to communicate better 190 00:08:25,530 --> 00:08:27,505 with engineers. 191 00:08:27,505 --> 00:08:28,005 [INAUDIBLE] 192 00:08:28,005 --> 00:08:31,780 193 00:08:31,780 --> 00:08:32,870 >> DAVID MALAN: Wonderful. 194 00:08:32,870 --> 00:08:34,080 And Karina. 195 00:08:34,080 --> 00:08:36,580 >> AUDIENCE: I'm Karina from Montreal. 196 00:08:36,580 --> 00:08:47,630 I'm on [INAUDIBLE] of province of Quebec. 197 00:08:47,630 --> 00:08:49,726 Sorry, for my English. 198 00:08:49,726 --> 00:08:56,520 And I'm here to better understand what my programmer or supplier explained 199 00:08:56,520 --> 00:08:59,246 to me. 200 00:08:59,246 --> 00:08:59,745 [INAUDIBLE] 201 00:08:59,745 --> 00:09:04,334 202 00:09:04,334 --> 00:09:05,000 DAVID MALAN: Oh. 203 00:09:05,000 --> 00:09:05,506 Wonderful. 204 00:09:05,506 --> 00:09:07,630 Well, if I ever speak too quickly, do slow me down. 205 00:09:07,630 --> 00:09:08,720 And I'm happy to repeat. 206 00:09:08,720 --> 00:09:09,595 >> AUDIENCE: [INAUDIBLE] 207 00:09:09,595 --> 00:09:12,130 208 00:09:12,130 --> 00:09:12,880 DAVID MALAN: Sure. 209 00:09:12,880 --> 00:09:13,680 No worries. 210 00:09:13,680 --> 00:09:14,707 And Nikisa, is it? 211 00:09:14,707 --> 00:09:15,290 AUDIENCE: Yes. 212 00:09:15,290 --> 00:09:15,790 Thank you. 213 00:09:15,790 --> 00:09:18,830 My name is Nikisa, and I'm [INAUDIBLE]. 214 00:09:18,830 --> 00:09:19,330 [INAUDIBLE] 215 00:09:19,330 --> 00:09:24,574 216 00:09:24,574 --> 00:09:25,846 I am myself [INAUDIBLE]. 217 00:09:25,846 --> 00:09:30,560 218 00:09:30,560 --> 00:09:42,825 So I'm always confused with [INAUDIBLE] whatever you are really [INAUDIBLE]. 219 00:09:42,825 --> 00:10:01,682 220 00:10:01,682 --> 00:10:02,430 >> DAVID MALAN: OK. 221 00:10:02,430 --> 00:10:03,030 Wonderful. 222 00:10:03,030 --> 00:10:03,842 Welcome. 223 00:10:03,842 --> 00:10:05,060 Victoria. 224 00:10:05,060 --> 00:10:06,030 >> AUDIENCE: I'm Victoria. 225 00:10:06,030 --> 00:10:07,485 I live in Czech Republic. 226 00:10:07,485 --> 00:10:09,414 I work for [INAUDIBLE] Enterprise. 227 00:10:09,414 --> 00:10:11,122 And even though it is an IT company, it's 228 00:10:11,122 --> 00:10:14,074 possible that in an IT company [INAUDIBLE]. 229 00:10:14,074 --> 00:10:16,240 So I'm focused on business development, and whenever 230 00:10:16,240 --> 00:10:18,781 I go to a customer meeting, I have to take a technical person 231 00:10:18,781 --> 00:10:21,017 with me because my customer asks questions 232 00:10:21,017 --> 00:10:24,736 about technical side of the story. [INAUDIBLE]. 233 00:10:24,736 --> 00:10:27,110 They talk to each other, but then I have no understanding 234 00:10:27,110 --> 00:10:28,352 of what they're discussing. 235 00:10:28,352 --> 00:10:30,060 So I'd like to get a better understanding 236 00:10:30,060 --> 00:10:35,800 because I think it would help myself [INAUDIBLE] 237 00:10:35,800 --> 00:10:37,800 with my relationship with the customers as well. 238 00:10:37,800 --> 00:10:39,320 >> DAVID MALAN: And it's a good point for me to chime in. 239 00:10:39,320 --> 00:10:41,350 There's only so much we'll be able to do in just two days. 240 00:10:41,350 --> 00:10:43,450 But among the goals, I would hope, is that, 241 00:10:43,450 --> 00:10:45,800 after the next couple of days, at least more words 242 00:10:45,800 --> 00:10:47,970 will look familiar as you're poking around online. 243 00:10:47,970 --> 00:10:50,980 And you'll have a better sense of what to Google, 244 00:10:50,980 --> 00:10:52,910 or what words actually mean something and what 245 00:10:52,910 --> 00:10:55,620 might be fluffy marketing speak so that, over time, you 246 00:10:55,620 --> 00:10:58,670 can build up that comfort and hopefully displace the person that 247 00:10:58,670 --> 00:11:00,410 has to tag along each time. 248 00:11:00,410 --> 00:11:01,726 Ben. 249 00:11:01,726 --> 00:11:03,225 AUDIENCE: My name's Ben [INAUDIBLE]. 250 00:11:03,225 --> 00:11:06,207 I'm a technology transaction attorney. [INAUDIBLE]. 251 00:11:06,207 --> 00:11:10,310 And I'm really here to just get a better understanding of what 252 00:11:10,310 --> 00:11:18,231 CTOs and Engineers at [INAUDIBLE] legal side of structuring things [INAUDIBLE]. 253 00:11:18,231 --> 00:11:24,072 254 00:11:24,072 --> 00:11:25,030 DAVID MALAN: Wonderful. 255 00:11:25,030 --> 00:11:26,600 AUDIENCE: And Dan. 256 00:11:26,600 --> 00:11:28,220 Hi, everybody. 257 00:11:28,220 --> 00:11:29,220 My name's Dan. 258 00:11:29,220 --> 00:11:30,230 I live local here. 259 00:11:30,230 --> 00:11:32,100 I'm from Andover. 260 00:11:32,100 --> 00:11:36,200 I work locally at a software company, Kronos Incorporated. 261 00:11:36,200 --> 00:11:39,090 Been in software over 20 years and [INAUDIBLE] 262 00:11:39,090 --> 00:11:42,470 marketing and development type jobs. 263 00:11:42,470 --> 00:11:49,176 For the last five years, I've managed a team of technical cloud consultants 264 00:11:49,176 --> 00:11:50,880 in presales fashion. 265 00:11:50,880 --> 00:11:53,880 >> So I picked up a lot of concepts on the way. 266 00:11:53,880 --> 00:11:56,620 And so I do a lot of technical discussions. 267 00:11:56,620 --> 00:11:57,870 But I can only take it so far. 268 00:11:57,870 --> 00:12:01,420 Similar to Victoria, lots of times I get lost 269 00:12:01,420 --> 00:12:03,348 and need to call in a technical person. 270 00:12:03,348 --> 00:12:06,720 So I'm just looking to string a lot of technology jargon 271 00:12:06,720 --> 00:12:09,738 together so I get a better understanding so I 272 00:12:09,738 --> 00:12:11,462 can have more informed conversations. 273 00:12:11,462 --> 00:12:12,420 DAVID MALAN: Excellent. 274 00:12:12,420 --> 00:12:14,410 Well, ultimately, we can steer the next couple of days 275 00:12:14,410 --> 00:12:15,890 in any direction folks would like. 276 00:12:15,890 --> 00:12:18,040 We have a straw man for both today and tomorrow. 277 00:12:18,040 --> 00:12:21,020 But by all means, feel free to steer us either during the session 278 00:12:21,020 --> 00:12:22,965 or during breaks or lunch if there's something 279 00:12:22,965 --> 00:12:24,340 you'd like to get off your chest. 280 00:12:24,340 --> 00:12:26,759 And let me emphasize, there really is no dumb question. 281 00:12:26,759 --> 00:12:28,550 And if you feel like your question is dumb, 282 00:12:28,550 --> 00:12:32,319 by all means just ask me more quietly during breaks, or lunch, or the like. 283 00:12:32,319 --> 00:12:35,360 But rest assured, we seem to be in very good company-- very mixed company 284 00:12:35,360 --> 00:12:37,630 here, both internationally and technically. 285 00:12:37,630 --> 00:12:41,500 So feel free to share as comfortably as you'd like. 286 00:12:41,500 --> 00:12:44,050 >> So why don't we take a look, again, in this context 287 00:12:44,050 --> 00:12:48,520 of privacy, security, and society at this particular case involving 288 00:12:48,520 --> 00:12:49,990 Apple and the FBI. 289 00:12:49,990 --> 00:12:52,640 And you might be generally familiar with this case. 290 00:12:52,640 --> 00:12:54,550 It's hard to escape mention of it these days. 291 00:12:54,550 --> 00:12:59,150 >> Out of curiosity, how many of you have iPhones? 292 00:12:59,150 --> 00:13:00,760 Almost everyone. 293 00:13:00,760 --> 00:13:02,230 And you have an Android phone? 294 00:13:02,230 --> 00:13:06,460 So fortunately, even though this is a little biased 295 00:13:06,460 --> 00:13:10,280 toward iPhone specifically, the reality is the Android operating system 296 00:13:10,280 --> 00:13:13,610 by Google has so many of the similar features to what Apple is doing. 297 00:13:13,610 --> 00:13:16,290 >> They simply happen to be in the spotlight right now, 298 00:13:16,290 --> 00:13:19,042 and they've been particularly on the cutting edge when 299 00:13:19,042 --> 00:13:21,000 it comes to actually locking down these devices 300 00:13:21,000 --> 00:13:23,250 more and more with each iteration of iOS, 301 00:13:23,250 --> 00:13:26,660 the operating system that actually runs on Apple's devices. 302 00:13:26,660 --> 00:13:29,370 So why don't we take a look here just to set 303 00:13:29,370 --> 00:13:34,430 the stage at what the actual issue is. 304 00:13:34,430 --> 00:13:37,310 So what's going on with Apple and the FBI to the extent 305 00:13:37,310 --> 00:13:40,403 that you're familiar with the issue? 306 00:13:40,403 --> 00:13:43,970 >> AUDIENCE: The FBI wants to get access to the data, which is encrypted by Apple. 307 00:13:43,970 --> 00:13:48,220 >> DAVID MALAN: Exactly, so the FBI wants to get access to data that's encrypted. 308 00:13:48,220 --> 00:13:49,220 So first, step back. 309 00:13:49,220 --> 00:13:52,914 What does it mean for data to be encrypted, just as a quick definition? 310 00:13:52,914 --> 00:13:56,706 >> AUDIENCE: Somehow secure that people won't have such easy access 311 00:13:56,706 --> 00:13:59,831 to it [INAUDIBLE]. 312 00:13:59,831 --> 00:14:00,580 DAVID MALAN: Yeah. 313 00:14:00,580 --> 00:14:04,130 Exactly So it's some way of obscuring information so that no one else can, 314 00:14:04,130 --> 00:14:06,350 in theory, access that information. 315 00:14:06,350 --> 00:14:09,480 And so you can just casually think of it as scrambling. 316 00:14:09,480 --> 00:14:12,549 So if it's an English word or an English paragraph, 317 00:14:12,549 --> 00:14:15,340 you might just jumble the words up so that someone might look at it 318 00:14:15,340 --> 00:14:16,357 and it sees nonsense. 319 00:14:16,357 --> 00:14:18,690 But hopefully, there's a way to rearrange those letters. 320 00:14:18,690 --> 00:14:20,230 >> Now, in reality, it's much more secure than that 321 00:14:20,230 --> 00:14:22,021 because someone who's simply diligent could 322 00:14:22,021 --> 00:14:23,930 unscramble the words with high probability 323 00:14:23,930 --> 00:14:25,490 and figure out what a sentence says. 324 00:14:25,490 --> 00:14:27,573 And in reality, at the end of the day, all of this 325 00:14:27,573 --> 00:14:29,749 is happening at a very low level-- 0s and 1s. 326 00:14:29,749 --> 00:14:32,290 And tomorrow morning, we'll talk about computational thinking 327 00:14:32,290 --> 00:14:35,580 and what it means for data to be implemented or represented 328 00:14:35,580 --> 00:14:37,109 with just 0s and 1s. 329 00:14:37,109 --> 00:14:38,900 But for today's purposes, let's just assume 330 00:14:38,900 --> 00:14:41,275 that you have things like emails, and photos, and videos, 331 00:14:41,275 --> 00:14:43,470 and all of that on a iPhone or an Android device. 332 00:14:43,470 --> 00:14:46,840 And somehow, that data is ideally scrambled. 333 00:14:46,840 --> 00:14:51,620 And so there's a suspect in this particular case, San Bernardino, 334 00:14:51,620 --> 00:14:55,800 where they have the suspect's phone, and they want to get data off of it. 335 00:14:55,800 --> 00:15:00,780 But in this case, Apple has essentially said no to some things and yes 336 00:15:00,780 --> 00:15:01,550 to other things. 337 00:15:01,550 --> 00:15:04,130 So they've said yes to a few things in a manner consistent with what 338 00:15:04,130 --> 00:15:06,588 a lot of US companies would do when subpoenaed or the like. 339 00:15:06,588 --> 00:15:10,290 They've provided, for instance, the authorities with the iCloud backup. 340 00:15:10,290 --> 00:15:12,940 So if I'm familiar, iCloud is this cloud base-- 341 00:15:12,940 --> 00:15:17,260 and we'll come back to cloud computing-- this nebulously defined cloud 342 00:15:17,260 --> 00:15:19,270 based service where it just backs up your data. 343 00:15:19,270 --> 00:15:22,620 And it turns out that you can access data there unencrypted. 344 00:15:22,620 --> 00:15:25,350 So it's unscrambled when it's actually being backed up there. 345 00:15:25,350 --> 00:15:26,770 And so Apple's turned that over. 346 00:15:26,770 --> 00:15:28,520 But unfortunately, the suspect in question 347 00:15:28,520 --> 00:15:32,050 seems to have disabled automatic iCloud backup some weeks 348 00:15:32,050 --> 00:15:35,080 prior to the FBI obtaining this particular iPhone. 349 00:15:35,080 --> 00:15:38,570 So there's a few weeks of potential data that lives on the phone, 350 00:15:38,570 --> 00:15:39,920 but not in iCloud. 351 00:15:39,920 --> 00:15:43,359 And so the FBI wants to actually look at what's on that particular phone. 352 00:15:43,359 --> 00:15:45,400 Unfortunately, the phone, like many of ours here, 353 00:15:45,400 --> 00:15:47,050 is protected with the passcode. 354 00:15:47,050 --> 00:15:50,640 And how long are these passcodes typically-- whether on your phone 355 00:15:50,640 --> 00:15:51,470 or in general? 356 00:15:51,470 --> 00:15:52,420 >> AUDIENCE: Four. 357 00:15:52,420 --> 00:15:52,666 >> DAVID MALAN: Yeah. 358 00:15:52,666 --> 00:15:53,600 So often four digits. 359 00:15:53,600 --> 00:15:55,580 They've started with newer versions of iOS 360 00:15:55,580 --> 00:15:57,292 to make these passcodes a little longer. 361 00:15:57,292 --> 00:15:59,000 And let's just put that into perspective. 362 00:15:59,000 --> 00:16:02,010 So if it's a four digit passcode, that's pretty good. 363 00:16:02,010 --> 00:16:03,760 That's comparable to what many people have 364 00:16:03,760 --> 00:16:06,510 on their ATMs or their debit cards. 365 00:16:06,510 --> 00:16:08,980 What's the implication for security? 366 00:16:08,980 --> 00:16:10,272 >> Well, let's take a step back. 367 00:16:10,272 --> 00:16:11,980 If you have a four digit code-- and let's 368 00:16:11,980 --> 00:16:14,230 let's start to ourselves even before tomorrow morning. 369 00:16:14,230 --> 00:16:15,430 Think computationally. 370 00:16:15,430 --> 00:16:17,060 It's a four digit code. 371 00:16:17,060 --> 00:16:21,390 How would you, as a human off the street, not necessarily a technophile, 372 00:16:21,390 --> 00:16:26,240 characterize just how secure an iPhone is if it's using a four digit 373 00:16:26,240 --> 00:16:28,490 passcode-- 0s through 9s. 374 00:16:28,490 --> 00:16:34,006 How do you begin to quantify the security of an iPhone then? 375 00:16:34,006 --> 00:16:34,630 AUDIENCE: Five? 376 00:16:34,630 --> 00:16:35,379 DAVID MALAN: Five? 377 00:16:35,379 --> 00:16:37,112 And what you mean by five? 378 00:16:37,112 --> 00:16:43,041 >> AUDIENCE: [INAUDIBLE] this technology-- it's easy to access trying from 1001 379 00:16:43,041 --> 00:16:44,790 [INAUDIBLE]. 380 00:16:44,790 --> 00:16:46,238 >> DAVID MALAN: OK. 381 00:16:46,238 --> 00:16:49,112 >> AUDIENCE: Try 111, 000, [INAUDIBLE]. 382 00:16:49,112 --> 00:16:53,244 And if I [INAUDIBLE] my computer so many times [INAUDIBLE]. 383 00:16:53,244 --> 00:16:54,160 DAVID MALAN: Ah, good. 384 00:16:54,160 --> 00:16:58,830 So already, if we've defined the problem scenario as this device is secure 385 00:16:58,830 --> 00:17:02,260 because it has a four digit passcode, an attack on that phone 386 00:17:02,260 --> 00:17:04,980 would simply be to try all possible numbers. 387 00:17:04,980 --> 00:17:07,210 You might just start 0 0 0 0. 388 00:17:07,210 --> 00:17:10,510 And frighteningly, that is the default passcode on a lot of devices 389 00:17:10,510 --> 00:17:11,069 these days. 390 00:17:11,069 --> 00:17:13,109 In fact, as an aside, if you have any device 391 00:17:13,109 --> 00:17:15,579 that supports a wireless technology called Bluetooth, 392 00:17:15,579 --> 00:17:18,869 the default passcode very often is 0 0 0 0. 393 00:17:18,869 --> 00:17:23,899 Or maybe, if it's a more secure device, 0 0 0 0 0-- one additional 0. 394 00:17:23,899 --> 00:17:26,690 So when in doubt, if you need to get into some device, start there. 395 00:17:26,690 --> 00:17:30,350 >> But of course, if the iPhone shakes or whatnot, and says, nope, that's not it, 396 00:17:30,350 --> 00:17:34,030 what number might you try after 0 0 0 0? 397 00:17:34,030 --> 00:17:35,390 1 1 1 1. 398 00:17:35,390 --> 00:17:37,010 2 2 2 2. 399 00:17:37,010 --> 00:17:38,410 7 7 7 7-- that's yours? 400 00:17:38,410 --> 00:17:39,800 OK. 401 00:17:39,800 --> 00:17:42,970 You might just brute force, as a computer scientist 402 00:17:42,970 --> 00:17:44,750 says-- try all possible values. 403 00:17:44,750 --> 00:17:46,740 >> So let's steer back to the original question. 404 00:17:46,740 --> 00:17:48,020 How secure is an iPhone? 405 00:17:48,020 --> 00:17:52,115 Someone off the street might say very secure, or not very secure, or medium 406 00:17:52,115 --> 00:17:53,740 secure, but that's kind of meaningless. 407 00:17:53,740 --> 00:17:56,780 It would be nice if we could ascribe something more quantitative, 408 00:17:56,780 --> 00:17:57,620 even if its numbers. 409 00:17:57,620 --> 00:18:02,184 We don't need fancy math, but just some numerical estimate or qualification 410 00:18:02,184 --> 00:18:02,850 of the security. 411 00:18:02,850 --> 00:18:04,940 >> So if you've got a four digit passcode, can we 412 00:18:04,940 --> 00:18:08,440 begin to ascribe some kind of numeric rating to it? 413 00:18:08,440 --> 00:18:09,630 How secure is it? 414 00:18:09,630 --> 00:18:10,714 >> AUDIENCE: 1 out of 10,000. 415 00:18:10,714 --> 00:18:11,463 DAVID MALAN: Yeah. 416 00:18:11,463 --> 00:18:12,480 So 1 out of 10,000. 417 00:18:12,480 --> 00:18:15,608 Where do you get the 10,000 from? 418 00:18:15,608 --> 00:18:18,036 >> AUDIENCE: All possibilities [INAUDIBLE]. 419 00:18:18,036 --> 00:18:19,160 DAVID MALAN: Yeah, exactly. 420 00:18:19,160 --> 00:18:24,260 If you've got a 4 digit code, you can have 0 0 0 0, or you can have 9 9 9 9, 421 00:18:24,260 --> 00:18:24,760 maximally. 422 00:18:24,760 --> 00:18:27,370 And so that's 10,000 possibilities. 423 00:18:27,370 --> 00:18:28,875 So that seems pretty big. 424 00:18:28,875 --> 00:18:31,000 And it would certainly take a human quite some time 425 00:18:31,000 --> 00:18:32,370 to try all of those codes. 426 00:18:32,370 --> 00:18:34,920 >> And so suppose, I, during lunch swiped one of your iPhones 427 00:18:34,920 --> 00:18:36,370 and you have a four digit code. 428 00:18:36,370 --> 00:18:39,317 If I had enough time, maybe I could type in 0 0 0 0. 429 00:18:39,317 --> 00:18:40,650 And then it shakes and says, no. 430 00:18:40,650 --> 00:18:45,790 0 0 0 1, 0 0 0 2, 0 0 3, and maybe I can do 1 per second. 431 00:18:45,790 --> 00:18:47,640 So that's 10,000 seconds. 432 00:18:47,640 --> 00:18:50,470 So how long would it take me in the end to actually get 433 00:18:50,470 --> 00:18:56,070 to decrypting or hacking into someone's iPhone, given these numbers? 434 00:18:56,070 --> 00:18:57,960 And we'll play with a few perhaps here. 435 00:18:57,960 --> 00:19:00,770 >> Let me go ahead and pull up overkill of a calculator. 436 00:19:00,770 --> 00:19:05,530 So if it's 10,000 seconds, there are 60 seconds in a minute, 437 00:19:05,530 --> 00:19:07,240 and there are 60 minutes in an hour. 438 00:19:07,240 --> 00:19:08,870 So it's like 2.7 hours. 439 00:19:08,870 --> 00:19:12,690 So I have to miss the afternoon sessions, if I started during lunch. 440 00:19:12,690 --> 00:19:16,280 But it would only take me 2.7 hours to try getting into your iPhone. 441 00:19:16,280 --> 00:19:18,470 >> Now, you might be familiar with mechanisms 442 00:19:18,470 --> 00:19:22,470 that Apple and soon probably other companies use to defend against this. 443 00:19:22,470 --> 00:19:25,267 This does not seem or feel very secure anymore. 444 00:19:25,267 --> 00:19:27,850 And we'll come back in just a bit to do one more introduction, 445 00:19:27,850 --> 00:19:31,330 unless we feel omitted. 446 00:19:31,330 --> 00:19:34,120 What can we do to make this more secure? 447 00:19:34,120 --> 00:19:35,510 10,000 feels like a lot. 448 00:19:35,510 --> 00:19:39,484 But 2.7 hours does not really feel like that long. 449 00:19:39,484 --> 00:19:42,650 AUDIENCE: Doesn't it get locked after three attempts or something like that? 450 00:19:42,650 --> 00:19:44,090 DAVID MALAN: Ah, maybe it does. 451 00:19:44,090 --> 00:19:45,840 In fact, hopefully not three, because even 452 00:19:45,840 --> 00:19:48,179 I goof on my passcode three or more times. 453 00:19:48,179 --> 00:19:49,720 So there is typically some threshold. 454 00:19:49,720 --> 00:19:52,320 And I believe in iOS's case, the default is actually 10. 455 00:19:52,320 --> 00:19:53,538 But similarly-- 456 00:19:53,538 --> 00:19:55,130 >> AUDIENCE: [INAUDIBLE] 457 00:19:55,130 --> 00:19:56,630 DAVID MALAN: --similarly reasonable. 458 00:19:56,630 --> 00:19:59,614 So what does that mean-- so what happens after 10 tries 459 00:19:59,614 --> 00:20:00,780 or whatever number of tries? 460 00:20:00,780 --> 00:20:01,660 >> AUDIENCE: It gets locked. 461 00:20:01,660 --> 00:20:01,990 >> DAVID MALAN: Yeah. 462 00:20:01,990 --> 00:20:03,890 So the phone maybe locks itself down. 463 00:20:03,890 --> 00:20:05,040 >> AUDIENCE: Time delay. 464 00:20:05,040 --> 00:20:05,480 >> DAVID MALAN: Time delay. 465 00:20:05,480 --> 00:20:06,600 Would do you mean by time delay? 466 00:20:06,600 --> 00:20:09,600 >> AUDIENCE: It'll lock the phone for five minutes, and after five minutes, 467 00:20:09,600 --> 00:20:10,580 you can try again. 468 00:20:10,580 --> 00:20:10,850 >> DAVID MALAN: All right. 469 00:20:10,850 --> 00:20:13,630 But that doesn't feel like it's solving the problem, right? 470 00:20:13,630 --> 00:20:16,493 Can't I just come back 5 minutes later and continue hacking on it? 471 00:20:16,493 --> 00:20:17,460 >> AUDIENCE: Yes. 472 00:20:17,460 --> 00:20:18,154 >> DAVID MALAN: OK. 473 00:20:18,154 --> 00:20:20,542 >> AUDIENCE: But after you try again, it goes to 10 minutes. 474 00:20:20,542 --> 00:20:21,208 DAVID MALAN: Ah. 475 00:20:21,208 --> 00:20:22,660 AUDIENCE: --keeps expanding. 476 00:20:22,660 --> 00:20:24,325 AUDIENCE: So the thing increases but-- 477 00:20:24,325 --> 00:20:25,450 DAVID MALAN: Yeah, exactly. 478 00:20:25,450 --> 00:20:28,140 So let's suppose it's not one per second, 479 00:20:28,140 --> 00:20:33,260 but it takes me for 10,000 codes, instead of times 1 second for each, 480 00:20:33,260 --> 00:20:35,740 it's actually not even 60 seconds. 481 00:20:35,740 --> 00:20:37,070 It's five minutes. 482 00:20:37,070 --> 00:20:40,950 So now, this is the total number-- this is the total amount of time 483 00:20:40,950 --> 00:20:43,810 I need in order to hack into a phone. 484 00:20:43,810 --> 00:20:46,870 And again, there's 60 seconds in a minute, and 60 minutes in an hour. 485 00:20:46,870 --> 00:20:50,850 >> So now, we're up to 833 hours. 486 00:20:50,850 --> 00:20:54,787 And if we want to see this precisely, now we're talking about 34 days. 487 00:20:54,787 --> 00:20:56,870 So it's going to take an adversary, without sleep, 488 00:20:56,870 --> 00:21:01,250 34 days now to hack into your iPhone, if there is this five minute delay. 489 00:21:01,250 --> 00:21:03,340 But it's not even just five minutes. 490 00:21:03,340 --> 00:21:05,560 As Kareem said, what happens after the next-- 491 00:21:05,560 --> 00:21:06,210 >> AUDIENCE: After you've tried-- 492 00:21:06,210 --> 00:21:06,400 >> DAVID MALAN: --misattempt? 493 00:21:06,400 --> 00:21:09,108 >> AUDIENCE: --five more times, then it gives you a 10-minute delay. 494 00:21:09,108 --> 00:21:10,450 DAVID MALAN: A 10 minute delay. 495 00:21:10,450 --> 00:21:13,200 And I'm not sure what it is after that, but maybe it's 20 minutes. 496 00:21:13,200 --> 00:21:14,230 Maybe it's 40 minutes. 497 00:21:14,230 --> 00:21:17,105 And if it is, that's actually an example of a fairly common technique 498 00:21:17,105 --> 00:21:19,900 in computing known as exponential backoff, where 499 00:21:19,900 --> 00:21:22,980 this exponentiation usually means you double something again and again. 500 00:21:22,980 --> 00:21:25,510 >> So that starts out being not so significant. 501 00:21:25,510 --> 00:21:29,570 But once you start doubling from 2 to 4 to 8 to 16 to 32 to 64, 502 00:21:29,570 --> 00:21:31,650 the gaps really start to widen. 503 00:21:31,650 --> 00:21:35,780 And so it might take a month, or a year, or a lifetime 504 00:21:35,780 --> 00:21:37,800 to actually get into that device. 505 00:21:37,800 --> 00:21:39,300 Now, there's other mechanisms still. 506 00:21:39,300 --> 00:21:41,350 Time is a good thing because, in general, this 507 00:21:41,350 --> 00:21:42,940 is a common security technique. 508 00:21:42,940 --> 00:21:46,650 You can't necessarily stop the bad guys, but you can slow them down. 509 00:21:46,650 --> 00:21:50,480 And because there are finite resources in life, like living, 510 00:21:50,480 --> 00:21:53,750 you can eventually push out the threat so far 511 00:21:53,750 --> 00:21:57,510 that even though, sure, the adversary might get really lucky and try 7 7 7 7 512 00:21:57,510 --> 00:22:01,080 on your phone and get the answer right, the probability of that 513 00:22:01,080 --> 00:22:02,890 is incredibly low. 514 00:22:02,890 --> 00:22:06,800 And so, generally security is a function, not of absolute protection, 515 00:22:06,800 --> 00:22:08,390 but of probabilistic protection. 516 00:22:08,390 --> 00:22:13,940 You're just pretty sure that you're safe from some kind of attack. 517 00:22:13,940 --> 00:22:16,360 >> But that might not be really good enough. 518 00:22:16,360 --> 00:22:17,780 So what more could you do? 519 00:22:17,780 --> 00:22:21,010 And what more does Apple do, if people have enabled this, 520 00:22:21,010 --> 00:22:24,700 if an adversary or bad guy tries to get in more than 10 times, 521 00:22:24,700 --> 00:22:26,070 besides inserting a delay. 522 00:22:26,070 --> 00:22:28,300 What would be a stronger measure of defense that 523 00:22:28,300 --> 00:22:30,185 might make you sleep better at night? 524 00:22:30,185 --> 00:22:31,430 >> AUDIENCE: Erasing the data. 525 00:22:31,430 --> 00:22:32,250 >> DAVID MALAN: Erase the data. 526 00:22:32,250 --> 00:22:32,750 Yeah. 527 00:22:32,750 --> 00:22:34,750 So in fact, that's a very common technique 528 00:22:34,750 --> 00:22:36,860 where, much like the old movies, this message 529 00:22:36,860 --> 00:22:39,360 will self-destruct in 10 seconds. 530 00:22:39,360 --> 00:22:42,050 Very commonly, will devices, iPhones among them, 531 00:22:42,050 --> 00:22:47,500 just wipe themselves, delete themselves after 10 incorrect attempts. 532 00:22:47,500 --> 00:22:49,140 So is this a good thing or a bad thing? 533 00:22:49,140 --> 00:22:52,870 Now, let's put on more of the product manager's hat. 534 00:22:52,870 --> 00:22:55,860 What's good about this? 535 00:22:55,860 --> 00:22:58,540 Why is this a positive feature? 536 00:22:58,540 --> 00:22:59,950 >> [INTERPOSING VOICES] 537 00:22:59,950 --> 00:23:01,350 >> No access to your information. 538 00:23:01,350 --> 00:23:04,710 So now, not only have you slowed the adversary down, 539 00:23:04,710 --> 00:23:07,320 if you do have those artificial time delays, 540 00:23:07,320 --> 00:23:10,480 but you've also ensured that if he or she screws up 10 times, 541 00:23:10,480 --> 00:23:12,730 now the window of opportunity is just gone. 542 00:23:12,730 --> 00:23:14,090 They've only had 10 attempts. 543 00:23:14,090 --> 00:23:18,050 And the probability of getting the answer correct out of 10 attempts 544 00:23:18,050 --> 00:23:21,690 when there's 10,000 possibilities is 1 out of 1,000. 545 00:23:21,690 --> 00:23:24,384 So 10 divided by 10,000-- 1 over 1,000. 546 00:23:24,384 --> 00:23:25,800 But even that's not all that good. 547 00:23:25,800 --> 00:23:28,520 So we'll come back to making me feel better about that probability 548 00:23:28,520 --> 00:23:30,186 because it actually feels somewhat high. 549 00:23:30,186 --> 00:23:31,640 It's 1/10 of a percent. 550 00:23:31,640 --> 00:23:34,734 What's bad about this feature though? 551 00:23:34,734 --> 00:23:36,700 >> AUDIENCE: It's bad because-- 552 00:23:36,700 --> 00:23:37,450 DAVID MALAN: Yeah. 553 00:23:37,450 --> 00:23:38,591 What do you mean in my hands? 554 00:23:38,591 --> 00:23:40,591 >> AUDIENCE: If you didn't lose it, and you're just 555 00:23:40,591 --> 00:23:41,850 trying to get into your phone. 556 00:23:41,850 --> 00:23:42,600 >> DAVID MALAN: Yeah. 557 00:23:42,600 --> 00:23:45,600 So what if there has been no compromise, your just kind of distracted, 558 00:23:45,600 --> 00:23:47,440 you're an idiot, you forget your password. 559 00:23:47,440 --> 00:23:50,087 And so it's not that unreasonable, especially 560 00:23:50,087 --> 00:23:51,920 if you don't log in to your phone that often 561 00:23:51,920 --> 00:23:55,220 or you're distracted while doing it, maybe you yourself 562 00:23:55,220 --> 00:23:57,870 mistype your code 11 times. 563 00:23:57,870 --> 00:24:01,110 And now, dammit, you've just wiped your own device. 564 00:24:01,110 --> 00:24:03,950 So this too is kind of a theme in computing and computer 565 00:24:03,950 --> 00:24:04,990 science of trade-offs. 566 00:24:04,990 --> 00:24:07,380 There really is rarely a right answer. 567 00:24:07,380 --> 00:24:10,947 There's simply a more preferable or a less costly answer. 568 00:24:10,947 --> 00:24:12,530 And in this case, there's a trade-off. 569 00:24:12,530 --> 00:24:14,390 One, our data is a little more secure, if it 570 00:24:14,390 --> 00:24:16,100 gets into the hands of some adversary. 571 00:24:16,100 --> 00:24:18,890 But I can shoot myself in the foot by wiping, accidentally, 572 00:24:18,890 --> 00:24:22,940 my own data if I don't actually get that passcode right within the first 10 573 00:24:22,940 --> 00:24:23,699 times. 574 00:24:23,699 --> 00:24:24,490 So what's the push? 575 00:24:24,490 --> 00:24:25,810 How do we fix that? 576 00:24:25,810 --> 00:24:28,500 Do we throw the feature out altogether, if we're Apple, and say, 577 00:24:28,500 --> 00:24:32,520 this feels bad because we're going to have-- if we have one irate customer, 578 00:24:32,520 --> 00:24:34,649 this is not a situation we want to invite. 579 00:24:34,649 --> 00:24:37,190 AUDIENCE: We encrypted and then we recovered the code somehow 580 00:24:37,190 --> 00:24:41,435 by Apple or whatever [INAUDIBLE]. 581 00:24:41,435 --> 00:24:42,726 DAVID MALAN: Can you elaborate? 582 00:24:42,726 --> 00:24:43,601 AUDIENCE: [INAUDIBLE] 583 00:24:43,601 --> 00:24:46,564 584 00:24:46,564 --> 00:24:47,230 DAVID MALAN: OK. 585 00:24:47,230 --> 00:24:52,190 So maybe we don't do this wiping thing, which feels a little overly dramatic. 586 00:24:52,190 --> 00:24:54,620 Why don't we just keep the data encrypted? 587 00:24:54,620 --> 00:24:58,120 Well, so in this case, Apple already does keep the data encrypted. 588 00:24:58,120 --> 00:25:00,920 And what's keeping the adversary from seeing your encrypted data 589 00:25:00,920 --> 00:25:02,990 is unfortunately that passcode. 590 00:25:02,990 --> 00:25:06,445 >> So the passcode effectively unlocks the data so that while it's scrambled, 591 00:25:06,445 --> 00:25:09,570 if you're just holding the phone, as soon as you log in with that passcode, 592 00:25:09,570 --> 00:25:11,650 it's unscrambled and the user can see it. 593 00:25:11,650 --> 00:25:13,450 So it is already encrypted. 594 00:25:13,450 --> 00:25:17,330 But if we want to avoid wiping the data, but we somehow 595 00:25:17,330 --> 00:25:20,290 want to have a good answer on the customer support line 596 00:25:20,290 --> 00:25:25,390 if the absent minded or forgetful user has accidentally 597 00:25:25,390 --> 00:25:28,390 wiped his or her phone because they mistyped the password 11 times, what 598 00:25:28,390 --> 00:25:30,050 solution could we offer? 599 00:25:30,050 --> 00:25:33,950 How else could we solve that problem now? 600 00:25:33,950 --> 00:25:34,450 Yeah. 601 00:25:34,450 --> 00:25:36,074 >> AUDIENCE: Customer service [INAUDIBLE]. 602 00:25:36,074 --> 00:25:43,244 603 00:25:43,244 --> 00:25:43,910 DAVID MALAN: OK. 604 00:25:43,910 --> 00:25:45,680 So that's good. 605 00:25:45,680 --> 00:25:49,360 So maybe without using resorting to wiping, 606 00:25:49,360 --> 00:25:52,850 we could have some out-of-band mechanism for solving this problem. 607 00:25:52,850 --> 00:25:55,600 And by out-of-band, I mean you don't interact just with the phone, 608 00:25:55,600 --> 00:25:59,960 maybe you grab someone else's phone or email and you talk to customer service. 609 00:25:59,960 --> 00:26:02,410 And maybe they ask you the usual questions of, well, 610 00:26:02,410 --> 00:26:04,290 what's your name, what's your birthdate, what 611 00:26:04,290 --> 00:26:09,870 are the last four digits of your social security number or country ID. 612 00:26:09,870 --> 00:26:11,320 >> And what's good about that? 613 00:26:11,320 --> 00:26:13,430 Well, of course, with high probability, it 614 00:26:13,430 --> 00:26:15,920 lets you and only you into your phone because maybe they 615 00:26:15,920 --> 00:26:17,099 send a temporary passcode. 616 00:26:17,099 --> 00:26:19,390 And this does not exist in Apple's case, but maybe they 617 00:26:19,390 --> 00:26:20,820 do send you a temporary passcode. 618 00:26:20,820 --> 00:26:23,040 You get in, and you're back on your way. 619 00:26:23,040 --> 00:26:25,245 But what's the downside of this solution? 620 00:26:25,245 --> 00:26:27,065 >> AUDIENCE: If someone steals your identity, 621 00:26:27,065 --> 00:26:29,050 they might have access to all this information. 622 00:26:29,050 --> 00:26:29,800 DAVID MALAN: Yeah. 623 00:26:29,800 --> 00:26:32,110 If someone steals your identity-- and frankly, 624 00:26:32,110 --> 00:26:34,550 it's not all that hard, especially when so many companies 625 00:26:34,550 --> 00:26:35,859 ask the same questions. 626 00:26:35,859 --> 00:26:37,650 What's your name, what's your address, what 627 00:26:37,650 --> 00:26:40,191 are the last four digits of your social security number, what 628 00:26:40,191 --> 00:26:43,680 was your favorite pet, what was your favorite parent 629 00:26:43,680 --> 00:26:45,281 or whatever the questions might be. 630 00:26:45,281 --> 00:26:48,280 And in fact, as an aside, I've noticed, having just the other day filled 631 00:26:48,280 --> 00:26:52,170 out questions like these, the questions in a reasonable effort 632 00:26:52,170 --> 00:26:57,204 to become a little less well-known are getting increasingly personal. 633 00:26:57,204 --> 00:27:00,370 And as soon as you start giving this tidbit of information that might indeed 634 00:27:00,370 --> 00:27:03,392 be a secret to this company, and to this company, and to this company, 635 00:27:03,392 --> 00:27:06,600 and to this company, it's not going to be long before some company aggregates 636 00:27:06,600 --> 00:27:07,900 this kind of information. 637 00:27:07,900 --> 00:27:09,860 And so you've told little simple secrets, 638 00:27:09,860 --> 00:27:13,330 like your best friend growing up, to all of these individual companies. 639 00:27:13,330 --> 00:27:16,900 And soon enough, you have an attack known as social engineering, whereby 640 00:27:16,900 --> 00:27:20,237 someone just masquerades as you on the phone or spoofs your email address 641 00:27:20,237 --> 00:27:21,570 and somehow gets into the phone. 642 00:27:21,570 --> 00:27:22,790 >> So I'm not liking that. 643 00:27:22,790 --> 00:27:26,240 It's a possible solution, but let's suppose I'm not liking that. 644 00:27:26,240 --> 00:27:29,730 Let's go back to the issue at hand where phone is encrypted 645 00:27:29,730 --> 00:27:34,440 and we've not enabled some kind of self-destruct mechanism. 646 00:27:34,440 --> 00:27:39,900 But I do-- rather, I have enabled some self-destruct mechanism, 647 00:27:39,900 --> 00:27:42,510 but I nonetheless want to appease a customer who 648 00:27:42,510 --> 00:27:44,970 accidentally wipes his or her phone. 649 00:27:44,970 --> 00:27:46,920 How else could we solve that problem? 650 00:27:46,920 --> 00:27:48,160 >> AUDIENCE: Make a backup. 651 00:27:48,160 --> 00:27:48,920 >> DAVID MALAN: Make a backup. 652 00:27:48,920 --> 00:27:50,990 And indeed, this is how Apple happens to do this. 653 00:27:50,990 --> 00:27:53,964 One of the motivations of iCloud is exactly this-- not only convenience 654 00:27:53,964 --> 00:27:56,380 and resting assured that all of your photos and everything 655 00:27:56,380 --> 00:27:59,710 are backed up, but in this case-- because if your individual device, 656 00:27:59,710 --> 00:28:04,610 whether it's an iPod, or iPhone, or iPad is lost, or stolen, or accidentally 657 00:28:04,610 --> 00:28:07,820 or deliberately wiped, at least all of your data is somewhere else. 658 00:28:07,820 --> 00:28:10,130 And you can just go buy or borrow another iPhone. 659 00:28:10,130 --> 00:28:13,180 You can restore from backup, so to speak, from iCloud, 660 00:28:13,180 --> 00:28:14,640 and you're back up and running. 661 00:28:14,640 --> 00:28:16,260 >> Now, there's a trade-off there. 662 00:28:16,260 --> 00:28:19,660 Potentially, Apple now has access to all of that same data. 663 00:28:19,660 --> 00:28:21,320 And we can come back to that some time. 664 00:28:21,320 --> 00:28:24,780 But at least now, we've solved the problem in a different way. 665 00:28:24,780 --> 00:28:27,880 >> And if you visualize this story line in your mind's eye, 666 00:28:27,880 --> 00:28:30,900 you can perhaps see that every time we solve a problem-- 667 00:28:30,900 --> 00:28:36,130 kind of covering up a leak in hose, some other problem springs up elsewhere. 668 00:28:36,130 --> 00:28:38,530 We're really just pushing the problem somewhere else. 669 00:28:38,530 --> 00:28:41,150 And in the case of the adversary with the time delays, 670 00:28:41,150 --> 00:28:43,880 really what we're doing is we're not keeping adversary out, 671 00:28:43,880 --> 00:28:47,190 we're just raising the bar over which he or she has to jump in order 672 00:28:47,190 --> 00:28:49,310 to actually get access to our data. 673 00:28:49,310 --> 00:28:53,160 >> So any time, henceforth, you go to a website, or you read some white paper, 674 00:28:53,160 --> 00:28:58,780 or some CTO or CSO tells you, oh, our systems are secure-- it's baloney. 675 00:28:58,780 --> 00:29:02,480 There's nothing to be meant by "our systems are secure" 676 00:29:02,480 --> 00:29:06,150 other than we take industry standard probabilistic measures 677 00:29:06,150 --> 00:29:10,810 to keep people away from your servers or away from your data. 678 00:29:10,810 --> 00:29:14,480 >> Now, the Apple situation has gotten kind of interesting 679 00:29:14,480 --> 00:29:16,650 because they've been asked to do something 680 00:29:16,650 --> 00:29:20,730 that's not quite as simple as turn over the adversary's data. 681 00:29:20,730 --> 00:29:22,450 They've already done that from iCloud. 682 00:29:22,450 --> 00:29:25,320 But now, the FBI wants to get into this phone. 683 00:29:25,320 --> 00:29:29,650 And the belief that it does in fact have this self-destruct mechanism built 684 00:29:29,650 --> 00:29:33,030 in after 10 attempts-- and I believe that's because they 685 00:29:33,030 --> 00:29:36,680 looked at the backups and realized this feature seems to be enabled, 686 00:29:36,680 --> 00:29:38,700 and I assume they don't want to necessarily 687 00:29:38,700 --> 00:29:41,720 try and waste one out of their 10 attempts 688 00:29:41,720 --> 00:29:44,170 to confirm or deny this feature. 689 00:29:44,170 --> 00:29:49,510 >> And they also, unfortunately-- and this is sort of the irony of it 690 00:29:49,510 --> 00:29:54,380 all, the county where this fellow worked actually 691 00:29:54,380 --> 00:29:58,430 owned and was paying for special software-- device management software-- 692 00:29:58,430 --> 00:30:01,550 that had it been installed on their employees' phones-- 693 00:30:01,550 --> 00:30:04,820 so the phone in question is actually state property or county property that 694 00:30:04,820 --> 00:30:06,240 was being used by an employee. 695 00:30:06,240 --> 00:30:10,580 Had they installed in advance this device management software, 696 00:30:10,580 --> 00:30:13,660 they could have with a simple click on a PC or Mac 697 00:30:13,660 --> 00:30:15,865 unlocked this phone trivially. 698 00:30:15,865 --> 00:30:18,740 But unfortunately, they didn't have that software actually installed. 699 00:30:18,740 --> 00:30:21,510 >> So there are yet other ways to address this kind of issue. 700 00:30:21,510 --> 00:30:24,590 It doesn't have to be a black box in your employee's pocket. 701 00:30:24,590 --> 00:30:25,460 But they didn't. 702 00:30:25,460 --> 00:30:27,210 And so now we're stuck with the situation 703 00:30:27,210 --> 00:30:31,290 with an encrypted iPhone that will literally self-- will figuratively 704 00:30:31,290 --> 00:30:34,340 self-destruct after 10 incorrect attempts. 705 00:30:34,340 --> 00:30:37,240 And the FBI wants to get data off of that phone. 706 00:30:37,240 --> 00:30:42,627 >> So let's take a look at what Tim Cook has announced to the world 707 00:30:42,627 --> 00:30:43,710 and taken this bold stand. 708 00:30:43,710 --> 00:30:46,080 If you've not read it, let me go ahead and do this. 709 00:30:46,080 --> 00:30:51,690 If you'd like either on your computer to go to this you URL here, 710 00:30:51,690 --> 00:30:55,750 or I can grab for you some paper copies. 711 00:30:55,750 --> 00:30:59,090 Why don't we just take two minutes, if you would, 712 00:30:59,090 --> 00:31:04,800 and read the actual letter that Tim Cook wrote to Apple's customers. 713 00:31:04,800 --> 00:31:08,062 And we'll see if we can't then tease apart what it actually means. 714 00:31:08,062 --> 00:31:09,770 And so I've circled a few things in this. 715 00:31:09,770 --> 00:31:12,750 But let's see if we can't distill what's actually being said here 716 00:31:12,750 --> 00:31:15,660 and where the real interesting stuff is hidden. 717 00:31:15,660 --> 00:31:22,120 So I for instance, on the paragraph starting-- under the San Bernardino 718 00:31:22,120 --> 00:31:26,747 case, the paragraph starting "we have great respect for," 719 00:31:26,747 --> 00:31:28,830 Tim Cook's last sentence is this. "They have asked 720 00:31:28,830 --> 00:31:31,110 us to build a backdoor to the iPhone." 721 00:31:31,110 --> 00:31:33,510 This is a commonly used phrase, "backdoor" to something. 722 00:31:33,510 --> 00:31:36,010 What does this actually mean, as best you can tell, 723 00:31:36,010 --> 00:31:37,691 from what you've read here or elsewhere? 724 00:31:37,691 --> 00:31:38,440 AUDIENCE: Hack it. 725 00:31:38,440 --> 00:31:40,820 DAVID MALAN: They want to be able to hack it, and what does that mean? 726 00:31:40,820 --> 00:31:42,110 What is a backdoor? 727 00:31:42,110 --> 00:31:43,710 >> AUDIENCE: An alternate entry point? 728 00:31:43,710 --> 00:31:44,460 DAVID MALAN: Yeah. 729 00:31:44,460 --> 00:31:45,800 So it's an alternate entry point. 730 00:31:45,800 --> 00:31:47,680 Much like an actual house where you have a front door, 731 00:31:47,680 --> 00:31:50,721 and sometimes a back door where you're supposed to come in the front door 732 00:31:50,721 --> 00:31:53,990 and maybe not so much the back door, unless you belong there, 733 00:31:53,990 --> 00:31:57,510 the FBI is asking for a figurative back door-- another way 734 00:31:57,510 --> 00:32:01,880 of getting into the phone that isn't simply a human finger touching the code 735 00:32:01,880 --> 00:32:03,370 and getting in in the usual way. 736 00:32:03,370 --> 00:32:07,070 They want to somehow slurp the data off, maybe with a cable, maybe wirelessly, 737 00:32:07,070 --> 00:32:10,830 or they want to somehow be able to input the code, perhaps, to the phone 738 00:32:10,830 --> 00:32:13,330 without just using a raw human finger. 739 00:32:13,330 --> 00:32:16,285 >> So they allude to, in the next paragraph, 740 00:32:16,285 --> 00:32:18,910 "the FBI wants us to make a new version of the iPhone operating 741 00:32:18,910 --> 00:32:23,250 system, circumventing several important security features." 742 00:32:23,250 --> 00:32:27,870 So why is the FBI asking Apple to make a new operating system? 743 00:32:27,870 --> 00:32:30,410 That seems to be kind of besides the point? 744 00:32:30,410 --> 00:32:31,130 No? 745 00:32:31,130 --> 00:32:33,476 Why do you think they might be saying that? 746 00:32:33,476 --> 00:32:36,300 747 00:32:36,300 --> 00:32:37,960 How is the solution to the problem? 748 00:32:37,960 --> 00:32:40,430 >> AUDIENCE: [INAUDIBLE] 749 00:32:40,430 --> 00:32:41,180 DAVID MALAN: Yeah. 750 00:32:41,180 --> 00:32:42,715 AUDIENCE: [INAUDIBLE] 751 00:32:42,715 --> 00:32:43,590 DAVID MALAN: Exactly. 752 00:32:43,590 --> 00:32:46,881 The version of iOS, the operating system that's running on the phone currently, 753 00:32:46,881 --> 00:32:50,020 has all of the security measures that we were discussing earlier, 754 00:32:50,020 --> 00:32:52,610 for instance, the time delay, potentially 755 00:32:52,610 --> 00:32:55,940 the self-destruct mechanism, all of which are particularly bad. 756 00:32:55,940 --> 00:33:00,900 And so the data is on there encrypted, and as best we can tell, 757 00:33:00,900 --> 00:33:05,610 Apple somehow stores data separate from the underlying operation of the phone-- 758 00:33:05,610 --> 00:33:07,030 the operating system. 759 00:33:07,030 --> 00:33:11,020 And so it would seem to be possible to install a new operating 760 00:33:11,020 --> 00:33:14,660 system on the phone without touching the user's data. 761 00:33:14,660 --> 00:33:18,090 >> In fact, if any of you have ever updated Mac OS or Windows, 762 00:33:18,090 --> 00:33:20,340 it would be-- hopefully, it's supposed to go this way. 763 00:33:20,340 --> 00:33:23,020 Hopefully, you've been able to update your operating system from an older 764 00:33:23,020 --> 00:33:25,180 version to a newer version without starting over, 765 00:33:25,180 --> 00:33:26,870 without deleting all of your files. 766 00:33:26,870 --> 00:33:28,410 Now, some of you have probably had the experience where 767 00:33:28,410 --> 00:33:29,868 that does not go according to plan. 768 00:33:29,868 --> 00:33:32,920 But in theory, this should be possible-- update the operating system, 769 00:33:32,920 --> 00:33:35,440 but do not delete or touch the actual data. 770 00:33:35,440 --> 00:33:38,970 >> So the FBI is proposing that Apple create an operating system that 771 00:33:38,970 --> 00:33:42,770 doesn't have these kinds of defense mechanisms, installed onto the phone 772 00:33:42,770 --> 00:33:45,330 so that they can get access to the data. 773 00:33:45,330 --> 00:33:46,740 Now, how is that possible? 774 00:33:46,740 --> 00:33:49,510 Wouldn't the suspect himself, who is now deceased, 775 00:33:49,510 --> 00:33:52,540 have to install that software for the FBI? 776 00:33:52,540 --> 00:33:55,932 What is the FBI counting on here? 777 00:33:55,932 --> 00:33:57,828 >> AUDIENCE: Push it down somehow? 778 00:33:57,828 --> 00:33:59,250 That was my question. 779 00:33:59,250 --> 00:34:01,720 How do you install it if you can't log in to it? 780 00:34:01,720 --> 00:34:02,470 DAVID MALAN: Yeah. 781 00:34:02,470 --> 00:34:02,970 Exactly. 782 00:34:02,970 --> 00:34:05,540 So you would seem to have a chicken and the egg problem here, 783 00:34:05,540 --> 00:34:08,989 whereby, you would think, to update the software, 784 00:34:08,989 --> 00:34:10,400 you need to log into the phone. 785 00:34:10,400 --> 00:34:13,380 But to log into the phone, you need to update the software so as 786 00:34:13,380 --> 00:34:15,909 to avoid these defense mechanisms. 787 00:34:15,909 --> 00:34:17,330 >> So lets just reason backwards. 788 00:34:17,330 --> 00:34:22,010 So not necessarily being the programmer at Apple, what must be the case? 789 00:34:22,010 --> 00:34:26,848 If the FBI thinks it can do this, what must be the case logically? 790 00:34:26,848 --> 00:34:28,347 What is the answer to that question? 791 00:34:28,347 --> 00:34:31,420 792 00:34:31,420 --> 00:34:35,159 >> It must be possible to do, presumably, somehow. 793 00:34:35,159 --> 00:34:37,600 So how might you do it? 794 00:34:37,600 --> 00:34:42,620 All you are is a user with an iPhone, maybe a Mac or a PC, 795 00:34:42,620 --> 00:34:45,860 maybe a cable, maybe a network connection. 796 00:34:45,860 --> 00:34:49,679 How might the FBI be assuming Apple can do this? 797 00:34:49,679 --> 00:34:51,710 >> AUDIENCE: Maybe through automatic updates? 798 00:34:51,710 --> 00:34:52,460 >> DAVID MALAN: Yeah. 799 00:34:52,460 --> 00:34:54,679 So very much in vogue these days is automatic updates 800 00:34:54,679 --> 00:34:56,770 where an Android phone, and iPhone, Windows Phone, 801 00:34:56,770 --> 00:34:59,400 whatnot will just automatically download updates. 802 00:34:59,400 --> 00:35:02,750 So maybe Apple could just update the operating system, 803 00:35:02,750 --> 00:35:05,280 as the FBI has requested, put a copy of the new operating 804 00:35:05,280 --> 00:35:09,100 system in the cloud on their servers, and just wait 805 00:35:09,100 --> 00:35:12,940 for the suspect's phone to connect automatically, as it probably 806 00:35:12,940 --> 00:35:15,420 does nightly or every five minutes or something, 807 00:35:15,420 --> 00:35:17,500 to pull down the new operating system. 808 00:35:17,500 --> 00:35:19,420 >> Now, let's pause for just a moment. 809 00:35:19,420 --> 00:35:22,262 You probably don't want to do that for everyone in the world, 810 00:35:22,262 --> 00:35:23,970 otherwise we have an even bigger problem. 811 00:35:23,970 --> 00:35:26,270 Well, maybe the FBI might like to do that to everyone in the world, 812 00:35:26,270 --> 00:35:28,000 but probably won't go over so well. 813 00:35:28,000 --> 00:35:31,620 So just thinking logically here, is that possible? 814 00:35:31,620 --> 00:35:32,660 Is that a deal breaker? 815 00:35:32,660 --> 00:35:37,370 Can you roll out software to just one user in that scenario? 816 00:35:37,370 --> 00:35:38,896 How, would you think? 817 00:35:38,896 --> 00:35:41,830 >> AUDIENCE: You make it available only for that device's address. 818 00:35:41,830 --> 00:35:42,580 DAVID MALAN: Yeah. 819 00:35:42,580 --> 00:35:44,110 Just for that device's address. 820 00:35:44,110 --> 00:35:46,180 And maybe that addresses is some numeric address. 821 00:35:46,180 --> 00:35:47,730 Maybe it's the device's phone number. 822 00:35:47,730 --> 00:35:50,730 Maybe it's the device's Apple ID, if you're familiar, 823 00:35:50,730 --> 00:35:52,560 like the email address that the human uses 824 00:35:52,560 --> 00:35:56,210 to log in to that-- for automatic updates to the App Store. 825 00:35:56,210 --> 00:35:58,210 So there's probably a way to do that. 826 00:35:58,210 --> 00:36:01,370 >> So you have the operating system for everyone in the world, 827 00:36:01,370 --> 00:36:04,330 except for this one person who has his own version of the operating 828 00:36:04,330 --> 00:36:05,520 system getting pulled down. 829 00:36:05,520 --> 00:36:07,250 Now, maybe it's not on the network. 830 00:36:07,250 --> 00:36:09,844 Maybe that's a little easier said than done. 831 00:36:09,844 --> 00:36:11,010 So what's another mechanism? 832 00:36:11,010 --> 00:36:14,093 Well, it wasn't all that long ago that most of us here, Android or iPhone, 833 00:36:14,093 --> 00:36:17,600 were updating our phones via cable-- some kind of USB cable connected 834 00:36:17,600 --> 00:36:18,479 to your Mac or PC. 835 00:36:18,479 --> 00:36:20,020 And that might very well be possible. 836 00:36:20,020 --> 00:36:25,070 >> And in fact, this is arguably a security flaw in the current version of iOS, 837 00:36:25,070 --> 00:36:28,080 and iPhones more generally, that that is in fact possible. 838 00:36:28,080 --> 00:36:32,480 You can update the software on the phone without unlocking the phone, 839 00:36:32,480 --> 00:36:33,460 it would seem. 840 00:36:33,460 --> 00:36:35,310 Now, why is that a security flaw? 841 00:36:35,310 --> 00:36:39,660 Because they have opened themselves to exactly this kind of request. 842 00:36:39,660 --> 00:36:44,786 >> So as an aside, the outcome that seems inevitable from this whole process 843 00:36:44,786 --> 00:36:47,660 is there is no way that's going to be possible with the next version, 844 00:36:47,660 --> 00:36:48,710 you would think, of iOS. 845 00:36:48,710 --> 00:36:49,210 Right? 846 00:36:49,210 --> 00:36:51,980 They could have deliberately tied their hands-- Apple-- so 847 00:36:51,980 --> 00:36:53,470 that this isn't even possible. 848 00:36:53,470 --> 00:36:57,050 >> Now, they've probably been assuming that because only they own the source 849 00:36:57,050 --> 00:37:00,420 code to iOS that this isn't really a threat 850 00:37:00,420 --> 00:37:03,990 because no one's going to sit down and build a whole operating system 851 00:37:03,990 --> 00:37:06,040 and figure out how to install it on an iPhone. 852 00:37:06,040 --> 00:37:09,666 But it's certainly possible now to just require a passcode moving forward 853 00:37:09,666 --> 00:37:11,040 to install this operating system. 854 00:37:11,040 --> 00:37:12,789 >> So that's the gist of what they're asking. 855 00:37:12,789 --> 00:37:17,860 And the bigger picture that we can defer to perhaps a lunchtime style 856 00:37:17,860 --> 00:37:20,200 chat or dinner table style chat-- the government 857 00:37:20,200 --> 00:37:23,800 suggests that this tool could be used only once on one phone. 858 00:37:23,800 --> 00:37:27,590 And that's where privacy defendants really 859 00:37:27,590 --> 00:37:31,860 bring some strength to bear that just seems very unreasonable. 860 00:37:31,860 --> 00:37:36,030 As soon as the software actually exists, surely additional legal requests will 861 00:37:36,030 --> 00:37:39,870 come in, surely there's a risk of some bad guy getting access to that kind 862 00:37:39,870 --> 00:37:42,560 of software, installing it him or herself on phones, 863 00:37:42,560 --> 00:37:46,000 and so you're just opening, it would seem , a can of worms. 864 00:37:46,000 --> 00:37:48,690 >> Now, even Obama recently, if you've read or listened 865 00:37:48,690 --> 00:37:50,640 to one of his recent speeches, commented, 866 00:37:50,640 --> 00:37:53,830 I think, that folks seemed to be fetishizing their phones, so to speak, 867 00:37:53,830 --> 00:37:58,222 whereby we have accepted over 300 years the fact that the police with a warrant 868 00:37:58,222 --> 00:38:00,180 hopefully can come into your home or can search 869 00:38:00,180 --> 00:38:02,720 through the contents of your drawers or whatnot, 870 00:38:02,720 --> 00:38:06,590 and yet, we seem to be putting a phone on this pedestal whereby 871 00:38:06,590 --> 00:38:08,829 it should be immune to all prying eyes. 872 00:38:08,829 --> 00:38:11,870 But I would argue, frankly, from a computer scientist's perspective, that 873 00:38:11,870 --> 00:38:15,370 is actually progress-- the fact that we now have the mathematical means 874 00:38:15,370 --> 00:38:19,770 to actually keep data truly secure by way of this thing called encryption, 875 00:38:19,770 --> 00:38:22,490 and we'll come back to in just a little bit. 876 00:38:22,490 --> 00:38:27,510 >> So any questions about any of that just yet? 877 00:38:27,510 --> 00:38:31,870 Well, let me show you just how there is, in fact, one way 878 00:38:31,870 --> 00:38:34,200 to brute force your way into a phone. 879 00:38:34,200 --> 00:38:36,240 And in fact, this is not out of the question. 880 00:38:36,240 --> 00:38:40,000 This is just a short YouTube video of essentially a little robot someone 881 00:38:40,000 --> 00:38:45,570 built that does this with a little pad. 882 00:38:45,570 --> 00:38:46,830 >> And I forget what it is. 883 00:38:46,830 --> 00:38:49,830 This is using an Android phone because an Android phone, in this case, 884 00:38:49,830 --> 00:38:51,210 is vulnerable to this attack. 885 00:38:51,210 --> 00:38:52,440 It will not timeout. 886 00:38:52,440 --> 00:38:55,530 It does not increase the delay between attempts. 887 00:38:55,530 --> 00:38:59,490 And so you can just do this-- I think for like three days, I think, 888 00:38:59,490 --> 00:39:01,390 was the caption in this video. 889 00:39:01,390 --> 00:39:03,730 After three days, this funny looking device 890 00:39:03,730 --> 00:39:06,390 will hack into an Android phone that has a four-- maybe 891 00:39:06,390 --> 00:39:07,900 it was a six digit passcode. 892 00:39:07,900 --> 00:39:12,530 So beware something like this-- you see this on the table near you. 893 00:39:12,530 --> 00:39:14,059 >> This though is one mechanism. 894 00:39:14,059 --> 00:39:15,600 So what is Apple actually asking for? 895 00:39:15,600 --> 00:39:16,710 This article's a little longer. 896 00:39:16,710 --> 00:39:19,550 And it's the only other article we'll read today on paper or online. 897 00:39:19,550 --> 00:39:22,860 But let me invite you to take probably four or so minutes 898 00:39:22,860 --> 00:39:25,770 to take a look at the following. 899 00:39:25,770 --> 00:39:28,160 This is a longer URL here. 900 00:39:28,160 --> 00:39:29,950 But if you have the slides open in a tab, 901 00:39:29,950 --> 00:39:33,140 you can probably just copy and paste this from the slides themselves. 902 00:39:33,140 --> 00:39:37,130 And I have a printout here, if you would prefer actually looking on paper. 903 00:39:37,130 --> 00:39:40,470 >> This is a more technical article that'll offer us an opportunity 904 00:39:40,470 --> 00:39:43,580 to actually tease apart more technical jargon, 905 00:39:43,580 --> 00:39:47,575 and see what the authors actually mean. 906 00:39:47,575 --> 00:39:51,090 So if you need to keep finishing up-- but let me toss the question out there, 907 00:39:51,090 --> 00:39:54,680 based on what you've read, are there any buzzwords, sentences, claims, 908 00:39:54,680 --> 00:39:57,350 that we should first translate or distill 909 00:39:57,350 --> 00:40:00,252 that would make everything more straightforward? 910 00:40:00,252 --> 00:40:03,090 911 00:40:03,090 --> 00:40:05,070 Anything at all? 912 00:40:05,070 --> 00:40:08,400 So if I started to pop quiz us on what certain sentences mean, 913 00:40:08,400 --> 00:40:09,610 we should be OK? 914 00:40:09,610 --> 00:40:10,310 Oh, there we go. 915 00:40:10,310 --> 00:40:10,810 OK. 916 00:40:10,810 --> 00:40:13,165 AUDIENCE: [INAUDIBLE] building some code into RAM. 917 00:40:13,165 --> 00:40:14,040 DAVID MALAN: Oh, RAM. 918 00:40:14,040 --> 00:40:14,540 OK. 919 00:40:14,540 --> 00:40:16,060 Yeah. 920 00:40:16,060 --> 00:40:19,124 RAM-- let me define it first and we'll come back to that point. 921 00:40:19,124 --> 00:40:20,399 >> AUDIENCE: [INAUDIBLE] 922 00:40:20,399 --> 00:40:22,190 DAVID MALAN: What they're asking for there. 923 00:40:22,190 --> 00:40:22,690 OK. 924 00:40:22,690 --> 00:40:25,164 So as a definition, RAM is Random Access Memory. 925 00:40:25,164 --> 00:40:27,580 This is the type of memory that all of our computers have. 926 00:40:27,580 --> 00:40:31,060 It is distinct from a hard disk or a solid state disk. 927 00:40:31,060 --> 00:40:34,480 And a solid state disk or hard disk is where your data is stored long term. 928 00:40:34,480 --> 00:40:37,490 So when you unplug the cord, even when your battery dies, 929 00:40:37,490 --> 00:40:41,240 any data or programs that you have on your hard drive or solid state drive 930 00:40:41,240 --> 00:40:42,240 remain there. 931 00:40:42,240 --> 00:40:45,380 >> RAM, meanwhile is the type of memory that, when you double click an icon, 932 00:40:45,380 --> 00:40:47,530 or open some file, or run some program, it's 933 00:40:47,530 --> 00:40:51,390 copied from the hard drive or the solid state drive into RAM. 934 00:40:51,390 --> 00:40:54,440 RAM tends to be faster, albeit more expensive. 935 00:40:54,440 --> 00:40:57,210 And that's where files and programs live while they're being used. 936 00:40:57,210 --> 00:40:59,510 >> So we'll come back to the implications of that in just a moment. 937 00:40:59,510 --> 00:41:01,840 But for those unfamiliar, that's what that's all about. 938 00:41:01,840 --> 00:41:04,420 And phones have it as well. 939 00:41:04,420 --> 00:41:09,250 Any other definitions or clarifications we can make? 940 00:41:09,250 --> 00:41:09,750 All right. 941 00:41:09,750 --> 00:41:13,710 So the pop quiz is what are the three, at least, 942 00:41:13,710 --> 00:41:17,890 things that the FBI is specifically asking Apple for technically? 943 00:41:17,890 --> 00:41:24,360 944 00:41:24,360 --> 00:41:26,064 One of them does indeed relate to RAM. 945 00:41:26,064 --> 00:41:27,230 So that's the spoiler there. 946 00:41:27,230 --> 00:41:28,925 And we'll come back to what that means. 947 00:41:28,925 --> 00:41:32,580 948 00:41:32,580 --> 00:41:35,679 But what does the government want? 949 00:41:35,679 --> 00:41:37,470 Yeah, Chris, you want to give us one other? 950 00:41:37,470 --> 00:41:42,140 >> AUDIENCE: I think the ability to electronically brute force a password, 951 00:41:42,140 --> 00:41:44,640 DAVID MALAN: Yeah, electronically brute force the passwords. 952 00:41:44,640 --> 00:41:47,866 Again, brute force-- quick recap, what does brute forcing mean? 953 00:41:47,866 --> 00:41:49,575 >> AUDIENCE: Try the number of combinations. 954 00:41:49,575 --> 00:41:50,365 DAVID MALAN: Again. 955 00:41:50,365 --> 00:41:51,000 Exactly. 956 00:41:51,000 --> 00:41:53,730 Just try it again, and again, and again, via brute force, 957 00:41:53,730 --> 00:41:55,550 not via intellect, not via cleverness. 958 00:41:55,550 --> 00:41:57,500 Just try every darn possibility. 959 00:41:57,500 --> 00:42:00,470 So the government wants a way to avoid brute force-- they 960 00:42:00,470 --> 00:42:03,500 want a way to be able to brute force it electronically, 961 00:42:03,500 --> 00:42:06,134 and electronically as opposed to what? 962 00:42:06,134 --> 00:42:07,030 >> AUDIENCE: Manually. 963 00:42:07,030 --> 00:42:07,946 >> DAVID MALAN: Manually. 964 00:42:07,946 --> 00:42:10,370 So as opposed to an FBI agent physically typing things in, 965 00:42:10,370 --> 00:42:12,870 and as opposed to silly looking devices like the one we just 966 00:42:12,870 --> 00:42:16,759 saw, automatically punching them, they presumably want to do this wirelessly. 967 00:42:16,759 --> 00:42:19,300 And in fact, if you read the government's request-- the court 968 00:42:19,300 --> 00:42:21,680 document-- via Bluetooth, Wi-Fi, whatever 969 00:42:21,680 --> 00:42:23,910 is possible-- or maybe via lightning cable 970 00:42:23,910 --> 00:42:25,820 that plugs into the phone itself that would 971 00:42:25,820 --> 00:42:28,760 be connected via USB to some hacking device that they have. 972 00:42:28,760 --> 00:42:32,510 >> So they want the ability to brute force the phone electronically 973 00:42:32,510 --> 00:42:36,960 so that they can just do it faster than a human or a robot could do it. 974 00:42:36,960 --> 00:42:40,100 They want somehow RAM-- let me read that sentence. 975 00:42:40,100 --> 00:42:43,360 "It wants Apple to design this crippled software, the new operating 976 00:42:43,360 --> 00:42:48,280 system, to be loaded into memory, AKA RAM, instead of on disk 977 00:42:48,280 --> 00:42:51,140 so that the data on the phone remains forensically sound 978 00:42:51,140 --> 00:42:52,380 and won't be altered." 979 00:42:52,380 --> 00:42:57,920 >> So it's not clear to us, the readers, exactly where the data is stored 980 00:42:57,920 --> 00:43:00,200 and where the operating system is stored. 981 00:43:00,200 --> 00:43:02,800 But presumably, as a matter of principle in law, 982 00:43:02,800 --> 00:43:06,020 the government doesn't want to risk mutating 983 00:43:06,020 --> 00:43:10,180 any of the bits-- any of the 0s and 1s, or the data on the drive-- 984 00:43:10,180 --> 00:43:13,380 by putting a new operating system onto the hard disk itself, 985 00:43:13,380 --> 00:43:16,024 lest that open them up to a claim that wait 986 00:43:16,024 --> 00:43:19,190 a minute that file wasn't previously there when the suspect owned the phone. 987 00:43:19,190 --> 00:43:21,600 >> Rather they want to put the operating system in RAM, 988 00:43:21,600 --> 00:43:26,270 Random Access Memory, which is this faster speed place that is distinct, 989 00:43:26,270 --> 00:43:28,720 physically, from the actual hard disk. 990 00:43:28,720 --> 00:43:32,320 Of course, the operating system doesn't typically go there in its entirety, 991 00:43:32,320 --> 00:43:35,250 so that's a non-trivial request. 992 00:43:35,250 --> 00:43:39,280 So we've got this RAM request, we've got this brute force request, 993 00:43:39,280 --> 00:43:42,425 and one other at least. 994 00:43:42,425 --> 00:43:44,050 What else is the government asking for? 995 00:43:44,050 --> 00:43:44,549 Ben? 996 00:43:44,549 --> 00:43:46,410 AUDIENCE: Remove the timing delay. 997 00:43:46,410 --> 00:43:47,160 DAVID MALAN: Yeah. 998 00:43:47,160 --> 00:43:49,040 Remove that timing delay, which in this case 999 00:43:49,040 --> 00:43:55,470 is how many seconds, or milliseconds, or-- 80 milliseconds? 1000 00:43:55,470 --> 00:43:57,310 Which sounds pretty fast. 1001 00:43:57,310 --> 00:44:02,870 I mean most humans can only notice delays of 100 200 milliseconds 1002 00:44:02,870 --> 00:44:04,770 before something actually feels slow. 1003 00:44:04,770 --> 00:44:07,330 But 80 milliseconds is roughly 100 milliseconds. 1004 00:44:07,330 --> 00:44:11,900 And 1,000 milliseconds is a second. 1005 00:44:11,900 --> 00:44:16,890 So that's like-- you can do 10 attempts per second, give or take. 1006 00:44:16,890 --> 00:44:20,230 >> So that feels pretty fast, but not nearly fast enough 1007 00:44:20,230 --> 00:44:21,930 if you've got a six digit code. 1008 00:44:21,930 --> 00:44:24,330 And in fact, the article makes mention of that too. 1009 00:44:24,330 --> 00:44:27,550 So if you've got a four digit code, as we discussed before, 1010 00:44:27,550 --> 00:44:30,200 you might have one, two, three, four. 1011 00:44:30,200 --> 00:44:34,880 >> And each of these numbers can be the number 0 through 9. 1012 00:44:34,880 --> 00:44:38,710 So that's 10 possibilities times 10 possibilities times 10 possibilities 1013 00:44:38,710 --> 00:44:39,630 times 10. 1014 00:44:39,630 --> 00:44:43,170 And this is where we got that 10,000 from. 1015 00:44:43,170 --> 00:44:45,140 If you have a 6 digit code, you of course 1016 00:44:45,140 --> 00:44:49,840 just add this here, which is another 10, and another 10, which 1017 00:44:49,840 --> 00:44:52,360 means we can just add another 0. 1018 00:44:52,360 --> 00:44:55,600 And now, we're up to a million possibilities. 1019 00:44:55,600 --> 00:45:01,520 >> So as an engineer, if 6 is too few, a million-- that still 1020 00:45:01,520 --> 00:45:04,450 feels relatively low, especially if you can do 10 per second. 1021 00:45:04,450 --> 00:45:07,600 It gets a little boring, but you can do it via brute force. 1022 00:45:07,600 --> 00:45:12,717 What might be better than a 6 digit passcode? 1023 00:45:12,717 --> 00:45:13,300 What's better? 1024 00:45:13,300 --> 00:45:15,900 >> AUDIENCE: [INAUDIBLE] digits or letters and different combinations [INAUDIBLE]. 1025 00:45:15,900 --> 00:45:16,330 >> DAVID MALAN: Yeah. 1026 00:45:16,330 --> 00:45:17,830 So let's take both of those in turn. 1027 00:45:17,830 --> 00:45:21,970 So slightly better than a six digit passcode might be, of course, 1028 00:45:21,970 --> 00:45:25,710 a seven digit passcode, which gives us 10 million possibilities, and just 1029 00:45:25,710 --> 00:45:26,707 an additional digit. 1030 00:45:26,707 --> 00:45:29,790 Better than that though would be an 8 digit passcode, 9 digit passcode, 10 1031 00:45:29,790 --> 00:45:30,630 digit passcode. 1032 00:45:30,630 --> 00:45:31,630 >> But push back, now. 1033 00:45:31,630 --> 00:45:34,460 Now, you're not the engineer or the security person. 1034 00:45:34,460 --> 00:45:37,220 Now you're the product manager or the marketing person. 1035 00:45:37,220 --> 00:45:42,270 Why is a seven digit passcode not better than a six digit passcode 1036 00:45:42,270 --> 00:45:46,001 for some definition of "better"? 1037 00:45:46,001 --> 00:45:47,626 AUDIENCE: It takes longer for the user. 1038 00:45:47,626 --> 00:45:48,130 DAVID MALAN: Yeah. 1039 00:45:48,130 --> 00:45:49,560 It takes longer for the user. 1040 00:45:49,560 --> 00:45:51,690 It takes an additional click. 1041 00:45:51,690 --> 00:45:55,237 And slightly more compellingly too, I would say, is what? 1042 00:45:55,237 --> 00:45:56,112 AUDIENCE: [INAUDIBLE] 1043 00:45:56,112 --> 00:45:56,862 DAVID MALAN: Yeah. 1044 00:45:56,862 --> 00:45:59,712 It's slightly harder to remember the longer and longer it gets. 1045 00:45:59,712 --> 00:46:01,920 We humans, at least in the US, have kind of maxed out 1046 00:46:01,920 --> 00:46:03,239 at 10 digits for phone numbers. 1047 00:46:03,239 --> 00:46:06,030 And even that, I know like three people's phone numbers these days. 1048 00:46:06,030 --> 00:46:07,740 So that's kind of a wash. 1049 00:46:07,740 --> 00:46:11,870 >> So there's a point where it's just not a good user experience-- or UX would 1050 00:46:11,870 --> 00:46:13,600 be the trendy way of saying that. 1051 00:46:13,600 --> 00:46:15,620 So what's better than just using digits? 1052 00:46:15,620 --> 00:46:18,320 Well, instead of 10 possibilities, why don't we just 1053 00:46:18,320 --> 00:46:23,830 get more clever-- and instead of using 10 digits, 0 through 9. 1054 00:46:23,830 --> 00:46:27,340 >> How else could we make a 6 digit passcode-- 1055 00:46:27,340 --> 00:46:30,470 a 6 symbol passcode more secure? 1056 00:46:30,470 --> 00:46:31,680 What did you propose? 1057 00:46:31,680 --> 00:46:32,380 Letters. 1058 00:46:32,380 --> 00:46:37,890 So instead of maybe digits, why don't we just do letters, like 26 times 26 times 1059 00:46:37,890 --> 00:46:41,130 26-- and wow, this is actually getting pretty big fast. 1060 00:46:41,130 --> 00:46:43,760 >> So if I go here-- this is my little calculator. 1061 00:46:43,760 --> 00:46:48,690 And if I do 10 times 10 times 10 times 10 times 10 times 10. 1062 00:46:48,690 --> 00:46:50,850 That's where we got the million possibilities 1063 00:46:50,850 --> 00:46:52,450 from for a 6 digit passcode. 1064 00:46:52,450 --> 00:46:58,280 But if instead we're doing 26 times 26 times 26 times another 26, 1065 00:46:58,280 --> 00:47:05,980 26, 26-- this is now giving us 308 million possibilities. 1066 00:47:05,980 --> 00:47:10,116 >> And is that reasonable to switch from numbers to letters 1067 00:47:10,116 --> 00:47:11,240 and still have it 6 digits? 1068 00:47:11,240 --> 00:47:14,030 This means you need a 6 letter word. 1069 00:47:14,030 --> 00:47:17,241 Most of us could probably remember a six digit English or some other language 1070 00:47:17,241 --> 00:47:17,740 word. 1071 00:47:17,740 --> 00:47:19,010 That's pretty reasonable. 1072 00:47:19,010 --> 00:47:22,220 >> But we don't need to restrict ourselves to just letters. 1073 00:47:22,220 --> 00:47:23,930 Why don't I get a little more ambitious? 1074 00:47:23,930 --> 00:47:29,080 What might be slightly better than letters here? 1075 00:47:29,080 --> 00:47:31,667 Be the engineer proposing an even better solution. 1076 00:47:31,667 --> 00:47:32,574 >> AUDIENCE: [INAUDIBLE] 1077 00:47:32,574 --> 00:47:34,240 DAVID MALAN: A combination-- characters. 1078 00:47:34,240 --> 00:47:39,920 So not just 26 letters, but if I add back those numbers from before-- well, 1079 00:47:39,920 --> 00:47:42,760 everything's going wrong-- that's 36. 1080 00:47:42,760 --> 00:47:43,990 That's still 26. 1081 00:47:43,990 --> 00:47:47,900 That's 36 times 36 times-- and so forth. 1082 00:47:47,900 --> 00:47:49,360 So that's getting bigger. 1083 00:47:49,360 --> 00:47:54,980 >> How much bigger can we get this address space, as someone might say? 1084 00:47:54,980 --> 00:47:57,300 What else could you add in besides letters and numbers? 1085 00:47:57,300 --> 00:47:58,065 I'm up to 36. 1086 00:47:58,065 --> 00:48:00,196 I'm 26, a through z. 1087 00:48:00,196 --> 00:48:01,120 >> AUDIENCE: [INAUDIBLE] 1088 00:48:01,120 --> 00:48:01,870 DAVID MALAN: Yeah. 1089 00:48:01,870 --> 00:48:03,510 So we can really go crazy with the keyboard. 1090 00:48:03,510 --> 00:48:05,270 Or even more simply, we can keep it simpler. 1091 00:48:05,270 --> 00:48:05,660 >> AUDIENCE: [INAUDIBLE] 1092 00:48:05,660 --> 00:48:06,430 >> DAVID MALAN: Yeah. 1093 00:48:06,430 --> 00:48:10,070 If we go uppercase and lowercase, now I have 26 plus 26. 1094 00:48:10,070 --> 00:48:13,300 So that's 52 already-- plus another 10. 1095 00:48:13,300 --> 00:48:15,080 That's 62. 1096 00:48:15,080 --> 00:48:17,200 And just to see the implications of this, 1097 00:48:17,200 --> 00:48:18,970 now, let's just do another bit of math. 1098 00:48:18,970 --> 00:48:24,640 So 62 times 62 times 62 times 62 times 62 times 62. 1099 00:48:24,640 --> 00:48:30,850 That now is giving me 56 billion possibilities. 1100 00:48:30,850 --> 00:48:32,960 >> And it's still kind of reasonable. 1101 00:48:32,960 --> 00:48:36,230 Could a human remember a 6 symbol-- where 1102 00:48:36,230 --> 00:48:39,380 a symbol is just a letter or a number character password? 1103 00:48:39,380 --> 00:48:39,880 Probably. 1104 00:48:39,880 --> 00:48:42,600 That doesn't feel all that unreasonable. 1105 00:48:42,600 --> 00:48:44,010 So what more can we add in? 1106 00:48:44,010 --> 00:48:48,600 And as an aside, has anyone here, ever heard the phrase base 64? 1107 00:48:48,600 --> 00:48:49,470 Base 64? 1108 00:48:49,470 --> 00:48:52,386 >> So we'll come back to this tomorrow when we talk about representation. 1109 00:48:52,386 --> 00:48:54,910 Long story short, all of us humans in the room most likely 1110 00:48:54,910 --> 00:48:57,560 understand base 10, the so-called decimal system. 1111 00:48:57,560 --> 00:49:00,509 And all of us in this room count using 0s through 9s. 1112 00:49:00,509 --> 00:49:03,300 We're going to see tomorrow, in more detail, that a computer counts 1113 00:49:03,300 --> 00:49:06,410 using only 0s and 1s, the so-called binary system. 1114 00:49:06,410 --> 00:49:08,410 So dec-- decimal-- is 10. 1115 00:49:08,410 --> 00:49:09,980 Bi-- binary-- is 2. 1116 00:49:09,980 --> 00:49:13,250 >> Turns out there's also base 64 for which there isn't, to my knowledge, 1117 00:49:13,250 --> 00:49:14,340 a really fancy word. 1118 00:49:14,340 --> 00:49:19,030 But that means that you have not 0 through 1 or 0 through 9, 1119 00:49:19,030 --> 00:49:22,090 you essentially have 0 through 64. 1120 00:49:22,090 --> 00:49:24,450 But you use letters in that mix. 1121 00:49:24,450 --> 00:49:28,750 And so we'll actually see that the means by which computers, for instance, 1122 00:49:28,750 --> 00:49:32,620 attach files in an email these days-- an email, of course, 1123 00:49:32,620 --> 00:49:37,130 might have an image on it-- maybe even a sound or a movie file. 1124 00:49:37,130 --> 00:49:38,630 But email is just text. 1125 00:49:38,630 --> 00:49:43,360 >> It turns out that you can represent things like music, and videos, 1126 00:49:43,360 --> 00:49:46,210 and pictures and the like as text using something 1127 00:49:46,210 --> 00:49:49,940 called base 64 where you use not only lowercase letters, and upper case 1128 00:49:49,940 --> 00:49:55,770 letters, and numbers, but also the underscore character 1129 00:49:55,770 --> 00:49:58,030 and the slash on a keyboard. 1130 00:49:58,030 --> 00:49:59,322 So more on that to come. 1131 00:49:59,322 --> 00:50:00,780 So this is just getting really big. 1132 00:50:00,780 --> 00:50:02,970 And now, as the security researcher, how could you 1133 00:50:02,970 --> 00:50:06,327 make a pass code even more secure? 1134 00:50:06,327 --> 00:50:09,160 We're now using lower case letters, upper case letters, and numbers. 1135 00:50:09,160 --> 00:50:11,118 And you proposed, Victoria, just a moment ago-- 1136 00:50:11,118 --> 00:50:12,890 AUDIENCE: [INAUDIBLE] 1137 00:50:12,890 --> 00:50:14,140 DAVID MALAN: Dots are symbols. 1138 00:50:14,140 --> 00:50:15,750 And now, we're really just kind of getting crazy. 1139 00:50:15,750 --> 00:50:17,900 We're using all of the keys on the keyboard. 1140 00:50:17,900 --> 00:50:21,080 And let me estimate that there are 128, give 1141 00:50:21,080 --> 00:50:23,990 or take, possibilities on a typical keyboard, 1142 00:50:23,990 --> 00:50:25,490 depending on your language and such. 1143 00:50:25,490 --> 00:50:27,140 And there might even be more than that. 1144 00:50:27,140 --> 00:50:31,090 >> So now, let's still assume that we're only using a 6 digit passcode 1145 00:50:31,090 --> 00:50:33,900 and that's why I have 6 of those 128. 1146 00:50:33,900 --> 00:50:36,261 Let's see if I can pronounce this now. 1147 00:50:36,261 --> 00:50:36,760 All right. 1148 00:50:36,760 --> 00:50:42,370 So that's millions, billions-- four quadrillion possibilities, 1149 00:50:42,370 --> 00:50:44,840 if I counted this correctly-- four quadrillion. 1150 00:50:44,840 --> 00:50:47,850 Let me just double check, lest I be exaggerating our security. 1151 00:50:47,850 --> 00:50:51,151 >> So that's hundreds of thousands, millions-- sorry, trillions. 1152 00:50:51,151 --> 00:50:52,900 I overestimated by a factor of a thousand. 1153 00:50:52,900 --> 00:50:54,350 My apologies. 1154 00:50:54,350 --> 00:50:56,480 4 trillion possibilities. 1155 00:50:56,480 --> 00:50:57,760 So that's more secure, right? 1156 00:50:57,760 --> 00:51:02,530 Especially when we began this discussion with 1 out of 10,000 possible codes. 1157 00:51:02,530 --> 00:51:04,200 Now, we're up to 4 trillion. 1158 00:51:04,200 --> 00:51:08,080 >> Now, does this mean a phone is "secure" if it 1159 00:51:08,080 --> 00:51:12,640 is using a passcode that is 6 characters long, each of which 1160 00:51:12,640 --> 00:51:15,980 can be a number, or a letter, or some funky symbol on the keyboard? 1161 00:51:15,980 --> 00:51:22,070 Is a phone secure now if this is in fact what the suspect was using? 1162 00:51:22,070 --> 00:51:23,030 >> AUDIENCE: [INAUDIBLE] 1163 00:51:23,030 --> 00:51:23,780 DAVID MALAN: Yeah. 1164 00:51:23,780 --> 00:51:24,946 And that's a perfect answer. 1165 00:51:24,946 --> 00:51:28,210 You conditionally explained that by reasonable standards-- 1166 00:51:28,210 --> 00:51:33,090 probabilistically, you're not going to get into this phone anytime soon. 1167 00:51:33,090 --> 00:51:37,240 However there is a chance, if small chance-- one out of 4 trillion-- 1168 00:51:37,240 --> 00:51:40,450 that you might actually get the answer right on the first time. 1169 00:51:40,450 --> 00:51:43,680 >> And the reality is, too, that if this suspect is like most humans-- 1170 00:51:43,680 --> 00:51:45,930 probably many of us in his room-- he probably 1171 00:51:45,930 --> 00:51:50,620 did not choose some crazy password with funky symbols on the key because why? 1172 00:51:50,620 --> 00:51:53,940 Most of us wouldn't remember something that's so funky as that. 1173 00:51:53,940 --> 00:51:58,590 And so it probably is maybe someone's birthday, or some word, or some phrase, 1174 00:51:58,590 --> 00:52:00,550 or something more memorable. 1175 00:52:00,550 --> 00:52:05,270 >> So it's probably not even as "secure" as it might be mathematically. 1176 00:52:05,270 --> 00:52:07,130 So where does this leave things? 1177 00:52:07,130 --> 00:52:11,490 It remains to be seen what Apple is going to agree to here. 1178 00:52:11,490 --> 00:52:15,480 But it certainly has implications more broadly for society. 1179 00:52:15,480 --> 00:52:18,380 But the takeaways for today are not so much the legalities, 1180 00:52:18,380 --> 00:52:22,360 not so much the ethics, or any of that, but really the understanding of what's 1181 00:52:22,360 --> 00:52:23,340 actually going on. 1182 00:52:23,340 --> 00:52:25,880 >> And when you read something like this to think to yourself, 1183 00:52:25,880 --> 00:52:28,520 is this an author just using buzzwords, is there actually 1184 00:52:28,520 --> 00:52:32,797 technical meat to this comment, and what might I go and Google in this case? 1185 00:52:32,797 --> 00:52:35,380 And in fact, probably one of the more technical things in here 1186 00:52:35,380 --> 00:52:39,850 was this mention of RAM or memory, and that was simply for, presumably, 1187 00:52:39,850 --> 00:52:43,450 the legal issue to which they allude. 1188 00:52:43,450 --> 00:52:45,500 >> A secure enclave is, I think, Kareem, you 1189 00:52:45,500 --> 00:52:48,310 mentioned earlier this idea of exponential backoff, so to speak-- 1190 00:52:48,310 --> 00:52:49,768 or I put those words in your mouth. 1191 00:52:49,768 --> 00:52:51,410 And that's a feature not in this phone. 1192 00:52:51,410 --> 00:52:54,600 It apparently just has the 80 millisecond delay 1193 00:52:54,600 --> 00:52:59,190 so it doesn't get worse, and worse, and worse, over time. 1194 00:52:59,190 --> 00:52:59,760 All right. 1195 00:52:59,760 --> 00:53:01,828 Any questions? 1196 00:53:01,828 --> 00:53:02,950 Yeah, Dan. 1197 00:53:02,950 --> 00:53:07,877 >> AUDIENCE: If you don't mind me asking, where do you stand on the issue? 1198 00:53:07,877 --> 00:53:09,960 DAVID MALAN: I would side, absolutely, with Apple. 1199 00:53:09,960 --> 00:53:12,990 I think math is not something that you should poke holes in. 1200 00:53:12,990 --> 00:53:17,700 And I think the reality is, as even this article cites, 1201 00:53:17,700 --> 00:53:20,620 you can poke holes in the iPhone, you can poke holes in the Android, 1202 00:53:20,620 --> 00:53:22,770 but there will always be some alternative 1203 00:53:22,770 --> 00:53:25,320 that a particularly smart adversary can use. 1204 00:53:25,320 --> 00:53:27,960 >> So these kinds of measures really just protect us 1205 00:53:27,960 --> 00:53:32,340 against the dummies-- the lesser adversaries, which has value, 1206 00:53:32,340 --> 00:53:34,150 but the reality is a determined adversary 1207 00:53:34,150 --> 00:53:38,250 will absolutely keep encrypting his or her data by some other mechanism, 1208 00:53:38,250 --> 00:53:40,887 whether it's via a mobile application, a desktop application. 1209 00:53:40,887 --> 00:53:42,720 I think this is inevitable, and I also think 1210 00:53:42,720 --> 00:53:44,937 this is a good thing as a matter of principle. 1211 00:53:44,937 --> 00:53:49,807 >> AUDIENCE: My question is, at the end of the day, [INAUDIBLE] 1212 00:53:49,807 --> 00:53:52,250 there is the one guy who can access everything. 1213 00:53:52,250 --> 00:53:53,360 >> DAVID MALAN: Yeah. 1214 00:53:53,360 --> 00:53:55,624 >> AUDIENCE: So is it easy for FBI [INAUDIBLE] 1215 00:53:55,624 --> 00:54:01,340 or somebody else instead of other companies [INAUDIBLE]? 1216 00:54:01,340 --> 00:54:02,260 >> DAVID MALAN: Yeah. 1217 00:54:02,260 --> 00:54:04,770 And I think, especially in this country, at least where 1218 00:54:04,770 --> 00:54:08,840 there were the recent revelations as to just how far the NSA has 1219 00:54:08,840 --> 00:54:12,910 been going that I, especially nowadays, don't buy the argument that we'll just 1220 00:54:12,910 --> 00:54:15,284 use it in this particular case. 1221 00:54:15,284 --> 00:54:16,700 I think that sets a bad precedent. 1222 00:54:16,700 --> 00:54:22,150 >> And already, there is a fundamental paranoia we should have. 1223 00:54:22,150 --> 00:54:25,900 All of us, like chumps, if you will, are walking around 1224 00:54:25,900 --> 00:54:32,370 with cameras, and microphones, and GPS responders in our pockets, willingly, 1225 00:54:32,370 --> 00:54:36,830 telling someone potentially, even if it's just Apple or just Google, 1226 00:54:36,830 --> 00:54:38,560 where we are at all times. 1227 00:54:38,560 --> 00:54:41,900 And there really is nothing stopping Apple or some malicious engineer 1228 00:54:41,900 --> 00:54:46,420 at Apple from somehow embedding in iOS a feature that 1229 00:54:46,420 --> 00:54:52,030 only turns on David Malan's microphone 24/7, and sends that data up to Apple. 1230 00:54:52,030 --> 00:54:54,800 >> And in fact, an interesting side note here this 1231 00:54:54,800 --> 00:54:57,270 is kind of sort of already happening as a "feature." 1232 00:54:57,270 --> 00:55:02,670 If you read the news about a year ago, Samsung started, rightfully so, 1233 00:55:02,670 --> 00:55:06,142 to take some flak in the press because they have these "smart TVs," where 1234 00:55:06,142 --> 00:55:08,100 as best I can tell "smart TV" really just means 1235 00:55:08,100 --> 00:55:09,680 "TV with bad user interface." 1236 00:55:09,680 --> 00:55:12,910 But a "smart TV," as a function of hardware, typically 1237 00:55:12,910 --> 00:55:15,850 has a microphone and a camera these days. 1238 00:55:15,850 --> 00:55:16,360 And why? 1239 00:55:16,360 --> 00:55:19,434 Why does a TV need a microphone or a camera? 1240 00:55:19,434 --> 00:55:20,360 >> AUDIENCE: Skype. 1241 00:55:20,360 --> 00:55:22,302 >> DAVID MALAN: Skype, which is reasonable if you 1242 00:55:22,302 --> 00:55:25,260 want to use it in a conference room or at home for video conferencing-- 1243 00:55:25,260 --> 00:55:26,610 pretty reasonable, pretty compelling. 1244 00:55:26,610 --> 00:55:27,770 >> AUDIENCE: Voice commands. 1245 00:55:27,770 --> 00:55:28,760 >> DAVID MALAN: Voice commands-- if you want 1246 00:55:28,760 --> 00:55:31,780 to say change channel, lower volume, raise volume, turn off. 1247 00:55:31,780 --> 00:55:35,390 That's not unreasonable, a la Siri, and Google Now, and such. 1248 00:55:35,390 --> 00:55:36,280 Why else? 1249 00:55:36,280 --> 00:55:38,281 >> AUDIENCE: To spy on you. 1250 00:55:38,281 --> 00:55:39,030 DAVID MALAN: Yeah. 1251 00:55:39,030 --> 00:55:42,080 So that's what the paranoid in us might say. 1252 00:55:42,080 --> 00:55:45,990 And the reality is, whether by a bug or deliberate intent, 1253 00:55:45,990 --> 00:55:47,380 this is absolutely possible. 1254 00:55:47,380 --> 00:55:48,600 Let's give them some credit. 1255 00:55:48,600 --> 00:55:51,610 1256 00:55:51,610 --> 00:55:54,260 Why might you, as a user, actually want a camera in your TV-- 1257 00:55:54,260 --> 00:55:55,940 or what's the proposed feature there? 1258 00:55:55,940 --> 00:55:59,480 1259 00:55:59,480 --> 00:56:01,990 Why is there a camera in your living room 1260 00:56:01,990 --> 00:56:04,480 or in your bedroom staring down at you all-- 1261 00:56:04,480 --> 00:56:06,084 >> AUDIENCE: Security [INAUDIBLE]. 1262 00:56:06,084 --> 00:56:06,750 DAVID MALAN: OK. 1263 00:56:06,750 --> 00:56:08,570 Security. 1264 00:56:08,570 --> 00:56:09,620 You could argue that. 1265 00:56:09,620 --> 00:56:12,180 In this case, it's not so much the consumer TVs 1266 00:56:12,180 --> 00:56:13,800 that are in the business of security. 1267 00:56:13,800 --> 00:56:17,550 In this case it's, because of a [INAUDIBLE] feature. 1268 00:56:17,550 --> 00:56:20,267 Why is there a camera in a TV? 1269 00:56:20,267 --> 00:56:22,100 AUDIENCE: Video games detecting [INAUDIBLE]. 1270 00:56:22,100 --> 00:56:23,080 DAVID MALAN: OK. 1271 00:56:23,080 --> 00:56:23,710 Yeah. 1272 00:56:23,710 --> 00:56:24,330 Closer. 1273 00:56:24,330 --> 00:56:27,120 And some TVs probably do that-- have built in games. 1274 00:56:27,120 --> 00:56:29,884 This-- and I frankly think is a little stupid-- gesture control. 1275 00:56:29,884 --> 00:56:31,800 I think stupid insofar as I don't really think 1276 00:56:31,800 --> 00:56:34,940 we're there yet where we're living in the Jetsons where it just works. 1277 00:56:34,940 --> 00:56:38,160 Now, I think you probably look like an idiot to your TV when it doesn't work. 1278 00:56:38,160 --> 00:56:41,110 >> But gesture control, whereby the world is getting better, 1279 00:56:41,110 --> 00:56:44,650 incrementing a la Xbox Kinect, if you're familiar with the video game system, 1280 00:56:44,650 --> 00:56:45,860 being able to detect motion. 1281 00:56:45,860 --> 00:56:48,610 So maybe this means lower the volume, this means raise the volume, 1282 00:56:48,610 --> 00:56:51,140 maybe this means swipe left to change channel, swipe right 1283 00:56:51,140 --> 00:56:52,180 to change channels. 1284 00:56:52,180 --> 00:56:55,000 >> This is one of the reasons-- this is the purported reason that they 1285 00:56:55,000 --> 00:56:56,000 have the thing in there. 1286 00:56:56,000 --> 00:56:58,572 But what Samsung took some flak for just a few months ago 1287 00:56:58,572 --> 00:57:01,280 was that if you read their privacy policy, which no one of course 1288 00:57:01,280 --> 00:57:05,000 is going to do, they encourage you in their privacy policy 1289 00:57:05,000 --> 00:57:08,410 not to have private conversations in the vicinity of your TV. 1290 00:57:08,410 --> 00:57:09,980 >> [LAUGHTER] 1291 00:57:09,980 --> 00:57:12,500 >> And we laugh, but like it's actually there. 1292 00:57:12,500 --> 00:57:15,440 And that is because in order to implement this feature, 1293 00:57:15,440 --> 00:57:17,320 the TV is always listening. 1294 00:57:17,320 --> 00:57:19,810 It has to be-- or it's always watching. 1295 00:57:19,810 --> 00:57:22,900 And even if you have some defense mechanism in place-- 1296 00:57:22,900 --> 00:57:26,360 kind of like Siri where you have to say, hey, Siri, or OK, Google, 1297 00:57:26,360 --> 00:57:31,050 or whatever-- the TV still has to be listening 24/7 for you 1298 00:57:31,050 --> 00:57:33,920 to say, hey, Siri, or OK, Google. 1299 00:57:33,920 --> 00:57:36,350 So hopefully, that's all staying local. 1300 00:57:36,350 --> 00:57:39,570 And there's no technical reason why it couldn't stay local, software 1301 00:57:39,570 --> 00:57:40,580 updates aside. 1302 00:57:40,580 --> 00:57:42,790 >> But in reality, very often, Siri and Google 1303 00:57:42,790 --> 00:57:45,849 alike are sending these data to the cloud, 1304 00:57:45,849 --> 00:57:48,140 so to speak, where they get processed there by smarter, 1305 00:57:48,140 --> 00:57:52,280 faster, constantly updated computers, and then send the responses back down 1306 00:57:52,280 --> 00:57:54,600 to the TV. 1307 00:57:54,600 --> 00:57:59,730 Oh and the fun thing here-- we took a look at this for another class I teach. 1308 00:57:59,730 --> 00:58:01,760 We'll see this a little later today. 1309 00:58:01,760 --> 00:58:05,420 >> There's something in the world called security and encryption, which 1310 00:58:05,420 --> 00:58:06,670 we're getting to right now. 1311 00:58:06,670 --> 00:58:11,710 And in theory, there's something called HTTP and HTTPS, the latter of which 1312 00:58:11,710 --> 00:58:12,310 is secure. 1313 00:58:12,310 --> 00:58:13,790 The S is for Security, and we'll come back to that. 1314 00:58:13,790 --> 00:58:15,498 And then they operate on something called 1315 00:58:15,498 --> 00:58:19,510 different ports, different numeric values inside of a computer signifies 1316 00:58:19,510 --> 00:58:21,520 if this is secure or not secure typically. 1317 00:58:21,520 --> 00:58:26,890 >> Samsung, I believe, in this case, was using the "secure port," so to speak. 1318 00:58:26,890 --> 00:58:29,170 They were using the secure address, but they 1319 00:58:29,170 --> 00:58:31,420 were using it to send encrypted data. 1320 00:58:31,420 --> 00:58:35,000 So some security researchers essentially connected a device to their TV 1321 00:58:35,000 --> 00:58:37,800 and realized when they spoke commands to their TV, 1322 00:58:37,800 --> 00:58:41,740 it was being uploaded to the cloud through the correct channel, 1323 00:58:41,740 --> 00:58:44,500 so to speak, but completely unencrypted, which 1324 00:58:44,500 --> 00:58:48,250 meant anyone in the vicinity or anyone on the internet between points A and B 1325 00:58:48,250 --> 00:58:50,830 could be seeing and listening to your voice commands 1326 00:58:50,830 --> 00:58:53,110 from your living room or your bedroom. 1327 00:58:53,110 --> 00:58:56,710 >> So there too, not only are we vulnerable potentially to maliciousness, also 1328 00:58:56,710 --> 00:58:59,680 just stupidity and bugs, in this case. 1329 00:58:59,680 --> 00:59:01,840 So these are the kinds of things to be ware. 1330 00:59:01,840 --> 00:59:03,925 And again, the goals for today and tomorrow 1331 00:59:03,925 --> 00:59:06,300 are to understand not necessarily how you would implement 1332 00:59:06,300 --> 00:59:08,860 that underneath the hood, but just reason backwards, 1333 00:59:08,860 --> 00:59:12,400 if my TV is responding to gesture control and my words, 1334 00:59:12,400 --> 00:59:15,220 I'm guessing my TV is not so sophisticated 1335 00:59:15,220 --> 00:59:17,630 as to have the entire English or the entire Spanish 1336 00:59:17,630 --> 00:59:21,540 or whatever language I speak dictionary built into it constantly updated. 1337 00:59:21,540 --> 00:59:23,830 It's probably easier just to send those commands up 1338 00:59:23,830 --> 00:59:26,870 to some server-- Google, or Apple, or Samsung, or the like. 1339 00:59:26,870 --> 00:59:28,810 And indeed, that's what's typically happening. 1340 00:59:28,810 --> 00:59:34,580 So mind what you say in front of your TVs starting tonight perhaps. 1341 00:59:34,580 --> 00:59:35,290 >> All right. 1342 00:59:35,290 --> 00:59:38,900 So that leads us then to encryption with a more technical look. 1343 00:59:38,900 --> 00:59:42,300 And we won't go too deep a dive into this, but this article we looked at 1344 00:59:42,300 --> 00:59:45,770 did mention something called AES-- Advanced Encryption 1345 00:59:45,770 --> 00:59:47,640 Standard, is what it stands for. 1346 00:59:47,640 --> 00:59:53,361 And it made mention of something juicy, a 256-bit AES key-- secret key. 1347 00:59:53,361 --> 00:59:55,985 And I'll just pull it up if you're curious to see where it was. 1348 00:59:55,985 --> 01:00:01,500 It was in the-- How Would They Do That. 1349 01:00:01,500 --> 01:00:05,670 So somewhere inside of an iPhone and an Android phone, 1350 01:00:05,670 --> 01:00:09,010 presumably, is some kind of secret key. 1351 01:00:09,010 --> 01:00:12,630 And it's this secret key that keeps data secure. 1352 01:00:12,630 --> 01:00:15,780 >> And in fact, have any of you and your iPhones ever gone 1353 01:00:15,780 --> 01:00:22,180 to Settings-- I think, Settings, maybe General, and then Erase iPhone? 1354 01:00:22,180 --> 01:00:23,430 It's somewhere under Settings. 1355 01:00:23,430 --> 01:00:25,950 You can erase your iPhone, and it tells you 1356 01:00:25,950 --> 01:00:27,910 that you're going to erase it securely. 1357 01:00:27,910 --> 01:00:32,465 And what does it mean, typically, to erase a phone or a computer securely? 1358 01:00:32,465 --> 01:00:34,779 1359 01:00:34,779 --> 01:00:37,570 And actually, let me see if I can give you just a quick screenshot. 1360 01:00:37,570 --> 01:00:38,653 We can probably find this. 1361 01:00:38,653 --> 01:00:42,700 So, iphone erase securely setting screenshot. 1362 01:00:42,700 --> 01:00:45,285 Let's see if we can just find a quick photo. 1363 01:00:45,285 --> 01:00:48,070 1364 01:00:48,070 --> 01:00:50,500 Erase data-- that's not-- here it is. 1365 01:00:50,500 --> 01:00:53,042 >> So this is the screen I was thinking of. 1366 01:00:53,042 --> 01:00:54,750 You can generally, on an iPhone, navigate 1367 01:00:54,750 --> 01:00:56,680 to a screen that looks like this. 1368 01:00:56,680 --> 01:00:59,730 And Erase All Content and Settings-- if you click that, it tells you it's 1369 01:00:59,730 --> 01:01:00,730 going to do it securely. 1370 01:01:00,730 --> 01:01:04,881 What does securely mean in a phone or a computer? 1371 01:01:04,881 --> 01:01:05,380 Ben? 1372 01:01:05,380 --> 01:01:08,890 >> AUDIENCE: In a way that's difficult to then go back and actually find it. 1373 01:01:08,890 --> 01:01:09,640 DAVID MALAN: Good. 1374 01:01:09,640 --> 01:01:12,780 So in a way that's difficult to go back and find what you've erased. 1375 01:01:12,780 --> 01:01:15,430 So erasing it truly means erasing it. 1376 01:01:15,430 --> 01:01:18,330 And the industry does not have a good history with this. 1377 01:01:18,330 --> 01:01:21,400 >> Back in the day, most of us probably had PCs in some form. 1378 01:01:21,400 --> 01:01:22,640 Some of you still might. 1379 01:01:22,640 --> 01:01:27,230 Back in the day, when we still had floppy disks and certain other media, 1380 01:01:27,230 --> 01:01:31,730 it was very common to run a format command, or an erase command, 1381 01:01:31,730 --> 01:01:35,010 or a partition command, which are all generally related to getting 1382 01:01:35,010 --> 01:01:37,750 a drive-- a disk ready for use. 1383 01:01:37,750 --> 01:01:42,520 >> And back in the day, I can even visualize it now, 1384 01:01:42,520 --> 01:01:46,100 the DOS-- if you're familiar, the command-- the black and white prompt 1385 01:01:46,100 --> 01:01:49,560 in Windows-- or even before Windows-- would yell at you in all capital 1386 01:01:49,560 --> 01:01:54,780 letters, ALL DATA WILL BE DESTROYED or ALL DATA WILL BE ERASED-- complete lie. 1387 01:01:54,780 --> 01:01:58,370 It was a complete technical and actual lie because, typically, 1388 01:01:58,370 --> 01:02:01,260 what a computer does-- even to this day in most contexts is 1389 01:02:01,260 --> 01:02:04,300 that when you drag a file to your Recycle bin or to your trash 1390 01:02:04,300 --> 01:02:08,500 can on Mac OS, or Windows, or what not-- we all probably know that it hasn't 1391 01:02:08,500 --> 01:02:09,950 actually been deleted yet, right? 1392 01:02:09,950 --> 01:02:13,807 You have to actually do what to actually delete a file? 1393 01:02:13,807 --> 01:02:14,890 AUDIENCE: Empty the trash. 1394 01:02:14,890 --> 01:02:17,050 DAVID MALAN: You have to empty the trash can or empty the Recycle bin. 1395 01:02:17,050 --> 01:02:19,437 We've all been taught that, and that's the mental model 1396 01:02:19,437 --> 01:02:20,520 we have in the real world. 1397 01:02:20,520 --> 01:02:21,880 That is also a lie. 1398 01:02:21,880 --> 01:02:25,140 Almost always, by default these days, when you empty your trash 1399 01:02:25,140 --> 01:02:27,890 or empty your Recycle bin, even by going to the right menu option, 1400 01:02:27,890 --> 01:02:31,550 or right clicking, or Control clicking and following good human intuition, 1401 01:02:31,550 --> 01:02:32,500 it's a lie. 1402 01:02:32,500 --> 01:02:36,730 >> All the computer is doing is "forgetting" your file. 1403 01:02:36,730 --> 01:02:38,830 In other words, somewhere inside of your computer, 1404 01:02:38,830 --> 01:02:41,000 you can think of there as being a big cheat sheet, 1405 01:02:41,000 --> 01:02:44,780 a big Excel file, a big table with rows and columns 1406 01:02:44,780 --> 01:02:49,580 that says a file called resume.doc is at this location on my hard drive, 1407 01:02:49,580 --> 01:02:53,040 and a file called friends.text is in this location, 1408 01:02:53,040 --> 01:02:56,780 and profilephoto.jpeg is at this location in my hard drive. 1409 01:02:56,780 --> 01:02:59,890 >> So whole bunch of file names-- whole bunch of physical locations 1410 01:02:59,890 --> 01:03:01,160 inside of your computer. 1411 01:03:01,160 --> 01:03:04,900 And when a computer "erases" a file, typically all it does 1412 01:03:04,900 --> 01:03:07,510 is it deletes that row or crosses that out. 1413 01:03:07,510 --> 01:03:09,540 It leaves the file on the disk. 1414 01:03:09,540 --> 01:03:10,857 It just forgets where it is. 1415 01:03:10,857 --> 01:03:13,190 And that's useful because if it's forgotten where it is, 1416 01:03:13,190 --> 01:03:15,730 it can reuse that space later on. 1417 01:03:15,730 --> 01:03:17,480 It can just put another file on top of it. 1418 01:03:17,480 --> 01:03:19,479 And tomorrow again, we'll talk about 0s and 1s-- 1419 01:03:19,479 --> 01:03:21,900 that just means changing some 0s to 1s, some 1s to 0s, 1420 01:03:21,900 --> 01:03:26,840 leaving some alone-- but generally, reconstituting a file out of bits, 0s 1421 01:03:26,840 --> 01:03:28,010 and 1s. 1422 01:03:28,010 --> 01:03:30,390 >> So what is this actually doing? 1423 01:03:30,390 --> 01:03:34,410 Thankfully, in iOS's case, since Apple actually is quite good at security, 1424 01:03:34,410 --> 01:03:38,340 even on Mac OS, erasing your files does in fact do it securely. 1425 01:03:38,340 --> 01:03:39,010 But how? 1426 01:03:39,010 --> 01:03:42,520 Well in Mac OS and Windows, if you have the right software, 1427 01:03:42,520 --> 01:03:45,750 what it will-- to erase something securely 1428 01:03:45,750 --> 01:03:47,532 does have some technical meaning. 1429 01:03:47,532 --> 01:03:49,990 And again, we'll come back to this in more detail tomorrow. 1430 01:03:49,990 --> 01:03:53,000 >> But to erase a file securely does mean doing something to it 1431 01:03:53,000 --> 01:03:54,121 so it can't be recovered. 1432 01:03:54,121 --> 01:03:55,120 But what does that mean? 1433 01:03:55,120 --> 01:03:58,440 Well, if a file, for today's purposes, is represented with 0s and 1s 1434 01:03:58,440 --> 01:04:00,680 somehow-- I have no idea how, more on that tomorrow. 1435 01:04:00,680 --> 01:04:04,270 But 0s and 1s-- the way you erase a file securely 1436 01:04:04,270 --> 01:04:08,350 is you maybe change all of those 0s and 1s to just all 0s 1437 01:04:08,350 --> 01:04:13,060 or just all the 1s-- just scramble them up completely randomly 1438 01:04:13,060 --> 01:04:16,170 so that if someone thereafter looks at those 0s and 1s, it's meaningless. 1439 01:04:16,170 --> 01:04:18,378 And it's not recoverable because you did it randomly, 1440 01:04:18,378 --> 01:04:20,730 or you made them all 0's or all 1's. 1441 01:04:20,730 --> 01:04:22,540 >> That's not actually what Apple does. 1442 01:04:22,540 --> 01:04:24,940 Because it turns out when you erased your iPhone, 1443 01:04:24,940 --> 01:04:26,980 it doesn't take all that long. 1444 01:04:26,980 --> 01:04:31,560 No, in fact, if you erase a computer hard drive, it might take an hour, 1445 01:04:31,560 --> 01:04:35,990 it might take three days to literally change every 0 and 1 1446 01:04:35,990 --> 01:04:36,889 to some other value. 1447 01:04:36,889 --> 01:04:38,930 There's just a lot of bits these days, especially 1448 01:04:38,930 --> 01:04:40,580 if you have a hard drive that's one terabyte, 1449 01:04:40,580 --> 01:04:43,121 so to speak-- four terrabytes-- will take a really long time. 1450 01:04:43,121 --> 01:04:46,050 But Apple does it within a few seconds-- maybe a couple minutes, 1451 01:04:46,050 --> 01:04:48,610 but reasonably quickly. 1452 01:04:48,610 --> 01:04:49,530 >> Now, why is that? 1453 01:04:49,530 --> 01:04:51,220 It all relates to the same discussion. 1454 01:04:51,220 --> 01:04:55,230 Apple, by default, keeps all of the data on your phone encrypted-- 1455 01:04:55,230 --> 01:04:57,480 scrambled in some way. 1456 01:04:57,480 --> 01:05:00,550 And so to erase a phone, you don't necessarily 1457 01:05:00,550 --> 01:05:03,850 have to change the data-- because the general principle 1458 01:05:03,850 --> 01:05:05,970 of encryption-- the art of scrambling information 1459 01:05:05,970 --> 01:05:08,540 or cryptography as the science itself is called, 1460 01:05:08,540 --> 01:05:13,570 is that to an adversary looking at encrypted data, 1461 01:05:13,570 --> 01:05:18,210 it should look random-- he or she should not be able to glean any insights. 1462 01:05:18,210 --> 01:05:21,660 They should not be able to realize-- this person seems to use the word "the" 1463 01:05:21,660 --> 01:05:22,160 a lot. 1464 01:05:22,160 --> 01:05:24,860 Just because I see some pattern emerging again and again-- 1465 01:05:24,860 --> 01:05:29,100 it should look completely random statistically to an adversary. 1466 01:05:29,100 --> 01:05:33,560 >> So by that logic, when Apple allows you to erase all content in settings, 1467 01:05:33,560 --> 01:05:37,310 the data already looks random to any person on the streets who 1468 01:05:37,310 --> 01:05:39,290 might look at your phone's data. 1469 01:05:39,290 --> 01:05:41,480 So they don't have to change your data. 1470 01:05:41,480 --> 01:05:45,577 All they have to do to erase your phone is do what do you think? 1471 01:05:45,577 --> 01:05:47,410 AUDIENCE: [INAUDIBLE] your code incorrectly. 1472 01:05:47,410 --> 01:05:47,630 DAVID MALAN: Yeah. 1473 01:05:47,630 --> 01:05:48,870 Well, you could do-- yes. 1474 01:05:48,870 --> 01:05:54,210 Physically, they could just type your code in, 7 7 7 7, 10 times incorrectly. 1475 01:05:54,210 --> 01:05:57,980 But rather, you can just forget the secret key. 1476 01:05:57,980 --> 01:06:02,620 So encryption is all about having, generally, some secrets. 1477 01:06:02,620 --> 01:06:05,457 >> So much like you can't get into a bank vault without a combination, 1478 01:06:05,457 --> 01:06:08,290 much like you can't get into your front door without a physical key, 1479 01:06:08,290 --> 01:06:10,206 you can't get into your hotel room without one 1480 01:06:10,206 --> 01:06:14,390 of those magnetic cards or such, in theory, 1481 01:06:14,390 --> 01:06:17,810 there is something special something that only you know or have that 1482 01:06:17,810 --> 01:06:19,564 allows you access to some secure resource. 1483 01:06:19,564 --> 01:06:21,730 In the case of your phone, it's the four digit code. 1484 01:06:21,730 --> 01:06:23,620 In the case of your hotel, it's the little card key. 1485 01:06:23,620 --> 01:06:25,680 In the case of your home, it's the physical key. 1486 01:06:25,680 --> 01:06:27,650 Any number of things can be a key. 1487 01:06:27,650 --> 01:06:30,520 >> But in computing, it's almost always a number, where 1488 01:06:30,520 --> 01:06:32,260 a number is just a sequence of bits. 1489 01:06:32,260 --> 01:06:35,460 And again, a bit is just a 0 or 1, but more on that tomorrow. 1490 01:06:35,460 --> 01:06:42,840 So when Apple claims to be using 256-bit AES secret key. 1491 01:06:42,840 --> 01:06:47,120 That just means that the secret key inside of your computer 1492 01:06:47,120 --> 01:06:50,260 is something like 1011001100000. 1493 01:06:50,260 --> 01:06:53,480 >> I'm just making this up as we go, and I won't bother 1494 01:06:53,480 --> 01:06:57,680 writing out 256 possible 0s and 1s. 1495 01:06:57,680 --> 01:07:01,660 And we'll see tomorrow how this maps to an actual number. 1496 01:07:01,660 --> 01:07:04,620 But for now, just know it's a really long pattern of 0s and 1s. 1497 01:07:04,620 --> 01:07:08,780 And that secret-- that's like a really big magnetic card key for your hotel 1498 01:07:08,780 --> 01:07:12,790 room that only you have, or it's like a really special metal key with lots 1499 01:07:12,790 --> 01:07:15,530 of little teeth that only you have. 1500 01:07:15,530 --> 01:07:18,040 >> How is this useful? 1501 01:07:18,040 --> 01:07:20,910 How was it useful to use a key? 1502 01:07:20,910 --> 01:07:22,050 Well, let's do this. 1503 01:07:22,050 --> 01:07:24,910 Let's start with truly a clean slate. 1504 01:07:24,910 --> 01:07:30,070 And let me propose, just as in a little experiment here for say, 1505 01:07:30,070 --> 01:07:37,170 a moment-- how about we take the word "hello." 1506 01:07:37,170 --> 01:07:39,560 >> And suppose that you're back in middle school 1507 01:07:39,560 --> 01:07:42,080 and you want to send the boy or girl across the aisle 1508 01:07:42,080 --> 01:07:45,090 that you have a crush on a secret message, "hello," 1509 01:07:45,090 --> 01:07:47,820 but you don't want to be embarrassed if the teacher picks up 1510 01:07:47,820 --> 01:07:52,500 the scrap of paper that intercepts the note that you're passing to him or her. 1511 01:07:52,500 --> 01:07:54,170 >> You want to encrypt this information. 1512 01:07:54,170 --> 01:07:57,360 You want to scramble it so it just looks like you're writing nonsense. 1513 01:07:57,360 --> 01:07:59,490 And probably, it's something juicier than "hello," 1514 01:07:59,490 --> 01:08:01,650 but we'll just take the word "hello." 1515 01:08:01,650 --> 01:08:07,470 >> How could we go about encrypting this message between the two little kids 1516 01:08:07,470 --> 01:08:09,010 on a piece of paper? 1517 01:08:09,010 --> 01:08:12,060 What should he or she write instead of "hello"? 1518 01:08:12,060 --> 01:08:13,080 >> AUDIENCE: [INAUDIBLE] 1519 01:08:13,080 --> 01:08:13,717 >> DAVID MALAN: What's that? 1520 01:08:13,717 --> 01:08:14,970 >> AUDIENCE: Number of letter in the alphabet. 1521 01:08:14,970 --> 01:08:17,053 >> DAVID MALAN: The number of letter in the alphabet. 1522 01:08:17,053 --> 01:08:22,340 OK, so if it's a b c d e f g h, I could maybe do something like 8 for that. 1523 01:08:22,340 --> 01:08:26,270 And a b c d e-- and I can do the 5 for that. 1524 01:08:26,270 --> 01:08:30,970 And similarly, I can just come up with a numeric mapping that would presumably 1525 01:08:30,970 --> 01:08:32,290 just confuse the teacher. 1526 01:08:32,290 --> 01:08:34,490 And he or she probably doesn't have enough-- 1527 01:08:34,490 --> 01:08:37,060 doesn't care enough to actually figure out what it is. 1528 01:08:37,060 --> 01:08:40,569 So let's consider though, is it secure? 1529 01:08:40,569 --> 01:08:41,406 Why not? 1530 01:08:41,406 --> 01:08:43,310 >> AUDIENCE: Because it's easy to guess it. 1531 01:08:43,310 --> 01:08:45,220 If in case someone is really interested. 1532 01:08:45,220 --> 01:08:45,460 >> DAVID MALAN: Yeah. 1533 01:08:45,460 --> 01:08:47,918 If they are really interested and if they have more numbers 1534 01:08:47,918 --> 01:08:51,060 to go with than just five-- if there's like a whole paragraph-- 1535 01:08:51,060 --> 01:08:54,779 and it just so happens that all of the numbers are between 1 and 26, 1536 01:08:54,779 --> 01:08:56,350 that's kind of an interesting clue. 1537 01:08:56,350 --> 01:08:58,240 And you could brute force that. 1538 01:08:58,240 --> 01:09:01,062 Let's see if a is 1, and b is 2, and c is 3. 1539 01:09:01,062 --> 01:09:03,020 And if not, maybe let's try some other pairing. 1540 01:09:03,020 --> 01:09:05,310 But a determined teacher-- an adversarial teacher-- 1541 01:09:05,310 --> 01:09:07,369 could certainly figure this out. 1542 01:09:07,369 --> 01:09:08,410 So what else could we do? 1543 01:09:08,410 --> 01:09:12,200 A simple encoding-- and this truly is called a code-- 1544 01:09:12,200 --> 01:09:16,020 not to be confused with programming code or programming languages-- a code. 1545 01:09:16,020 --> 01:09:19,620 And in fact, if you recall stories from yesteryear, especially 1546 01:09:19,620 --> 01:09:22,750 in the military, a code book-- a code book might literally 1547 01:09:22,750 --> 01:09:26,000 be a physical book that's got two columns, one is a letter, 1548 01:09:26,000 --> 01:09:29,430 one is a number-- or some other such symbol-- that just maps to the other. 1549 01:09:29,430 --> 01:09:32,140 And a code is a mapping from one thing to another. 1550 01:09:32,140 --> 01:09:33,430 >> So that would be a code. 1551 01:09:33,430 --> 01:09:38,890 Encryption though-- or a cipher as you might say-- is more of an algorithm. 1552 01:09:38,890 --> 01:09:39,960 It's a process. 1553 01:09:39,960 --> 01:09:41,529 It's not just something you look up. 1554 01:09:41,529 --> 01:09:46,899 You have to apply some logic to apply encryption, or a cipher in this case. 1555 01:09:46,899 --> 01:09:50,010 So what's slightly more sophisticated, do you think, than that? 1556 01:09:50,010 --> 01:09:53,560 1557 01:09:53,560 --> 01:09:57,786 What else could we do to send the word "hello" semisecretly? 1558 01:09:57,786 --> 01:10:00,224 >> AUDIENCE: [INAUDIBLE] 1559 01:10:00,224 --> 01:10:00,890 DAVID MALAN: OK. 1560 01:10:00,890 --> 01:10:02,181 So we could write it backwards. 1561 01:10:02,181 --> 01:10:06,890 So we could do something like o-l-l-e-h or such, 1562 01:10:06,890 --> 01:10:08,890 and it starts to look a little more complicated. 1563 01:10:08,890 --> 01:10:10,302 So it's kind of scrambled. 1564 01:10:10,302 --> 01:10:12,260 And you have to know the secret, and the secret 1565 01:10:12,260 --> 01:10:16,050 is "backwords" or "reverse" or some sort of mechanism there. 1566 01:10:16,050 --> 01:10:17,300 >> But that is an algorithm. 1567 01:10:17,300 --> 01:10:20,450 That is a process where you have to move this letter over here, 1568 01:10:20,450 --> 01:10:22,360 this letter over here, this letter over here, 1569 01:10:22,360 --> 01:10:24,110 and you have to repeat it again and again. 1570 01:10:24,110 --> 01:10:26,800 And we'll see tomorrow that this repetition is something called 1571 01:10:26,800 --> 01:10:28,600 a loop, which is fairly intuitive, but it's 1572 01:10:28,600 --> 01:10:30,570 very common in computer programming. 1573 01:10:30,570 --> 01:10:34,260 What else might we do? 1574 01:10:34,260 --> 01:10:37,592 >> AUDIENCE: You could increase the first letter by 1, second letter by 2, 1575 01:10:37,592 --> 01:10:39,422 third letter by 3 [INAUDIBLE]. 1576 01:10:39,422 --> 01:10:40,380 DAVID MALAN: Very nice. 1577 01:10:40,380 --> 01:10:42,720 So we could do something like-- and increase them-- 1578 01:10:42,720 --> 01:10:44,570 you mean like h becomes i. 1579 01:10:44,570 --> 01:10:46,480 And let me keep it simple for the moment. 1580 01:10:46,480 --> 01:10:48,190 Maybe e becomes f. 1581 01:10:48,190 --> 01:10:52,150 And this becomes m m, and this is p. 1582 01:10:52,150 --> 01:10:55,850 >> Now, I'm kind of liking this because now it doesn't jump out 1583 01:10:55,850 --> 01:10:57,070 at you what has happened. 1584 01:10:57,070 --> 01:10:58,920 And it looks like nonsense. 1585 01:10:58,920 --> 01:11:03,280 But in terms of the security of this cipher, and the cipher 1586 01:11:03,280 --> 01:11:06,470 here is kind of like a plus 1 algorithm of just adding 1587 01:11:06,470 --> 01:11:08,500 1 letter to each of my own letters. 1588 01:11:08,500 --> 01:11:13,530 And just as a corner case, what should I do if I hit z? 1589 01:11:13,530 --> 01:11:14,030 >> AUDIENCE: A. 1590 01:11:14,030 --> 01:11:14,270 >> DAVID MALAN: Yeah. 1591 01:11:14,270 --> 01:11:15,840 Probably just go back to a. 1592 01:11:15,840 --> 01:11:17,550 But what if I want an exclamation point? 1593 01:11:17,550 --> 01:11:19,340 Well, we'll have to come back to that sometime. 1594 01:11:19,340 --> 01:11:21,131 So there's some corner cases, so to speak-- 1595 01:11:21,131 --> 01:11:24,100 things you need to anticipate if you want to support those features. 1596 01:11:24,100 --> 01:11:28,996 But what is attackable about this? 1597 01:11:28,996 --> 01:11:31,620 It's obviously not that secure because we sort of thought of it 1598 01:11:31,620 --> 01:11:33,010 and wrote it down super fast. 1599 01:11:33,010 --> 01:11:35,750 So presumably, a smart adversary could do the opposite. 1600 01:11:35,750 --> 01:11:40,630 But what information is leaked in this particular ciphertext? 1601 01:11:40,630 --> 01:11:43,010 Computer scientists would call this cleartext 1602 01:11:43,010 --> 01:11:49,510 and this ciphertext-- ciphertext meaning just scrambled or encrypted. 1603 01:11:49,510 --> 01:11:53,570 We're leaking information, so to speak, with this ciphertext. 1604 01:11:53,570 --> 01:11:58,978 I know something about the original word, right now. 1605 01:11:58,978 --> 01:12:00,370 >> AUDIENCE: Same number of letter. 1606 01:12:00,370 --> 01:12:01,870 DAVID MALAN: Same number of letters. 1607 01:12:01,870 --> 01:12:03,510 So that's leaking information. 1608 01:12:03,510 --> 01:12:07,170 I have sent my crush a five letter word, it would seem. 1609 01:12:07,170 --> 01:12:08,080 And what else? 1610 01:12:08,080 --> 01:12:09,000 >> AUDIENCE: Yeah. 1611 01:12:09,000 --> 01:12:09,870 There are letters. 1612 01:12:09,870 --> 01:12:11,676 >> DAVID MALAN: They're still letters. 1613 01:12:11,676 --> 01:12:14,049 >> AUDIENCE: Third and fourth characters repeat. 1614 01:12:14,049 --> 01:12:16,340 DAVID MALAN: Yeah, the third and fourth letters repeat. 1615 01:12:16,340 --> 01:12:20,010 And this is very common-- this realization 1616 01:12:20,010 --> 01:12:22,770 for what's called a frequency analysis. 1617 01:12:22,770 --> 01:12:25,860 And I used the word "the," anticipating this earlier. 1618 01:12:25,860 --> 01:12:27,802 "The" is a very common English word. 1619 01:12:27,802 --> 01:12:30,260 And so if we actually had a paragraph or a whole essay that 1620 01:12:30,260 --> 01:12:34,160 was somehow encrypted, and I kept seeing the same patterns of three letters, not 1621 01:12:34,160 --> 01:12:38,720 t-h-e, but like x-y-z or something like that, I might just guess, on a hunch, 1622 01:12:38,720 --> 01:12:41,410 based on the popularity of "the" in English 1623 01:12:41,410 --> 01:12:47,030 that maybe I should start replacing every x-y-z with t-h-e, respectively-- 1624 01:12:47,030 --> 01:12:48,750 and you chip away at the problem. 1625 01:12:48,750 --> 01:12:51,830 >> And in fact, if you've ever seen a movie about cryptographers, 1626 01:12:51,830 --> 01:12:54,420 especially during military times, cracking codes-- a lot of it 1627 01:12:54,420 --> 01:12:59,070 is this trial and error, and leveraging assumptions, and taking guesses, 1628 01:12:59,070 --> 01:13:00,150 and seeing where it goes. 1629 01:13:00,150 --> 01:13:04,430 And in fact, m-m-- we sometimes see m-m in the English word, 1630 01:13:04,430 --> 01:13:06,320 so maybe this is unchanged. 1631 01:13:06,320 --> 01:13:14,830 We see e-e, we see o-o, we see l-l, we don't really see y-x. 1632 01:13:14,830 --> 01:13:18,230 And there's bunches of others I could probably contrive that we never see. 1633 01:13:18,230 --> 01:13:20,757 So we've narrowed our search space, so to speak. 1634 01:13:20,757 --> 01:13:23,090 In other words, if the problem initially feels this big, 1635 01:13:23,090 --> 01:13:25,420 as soon as you start ruling out possibilities or ruling 1636 01:13:25,420 --> 01:13:29,840 in possibilities, starts to get a little more tenable, a little more solvable. 1637 01:13:29,840 --> 01:13:33,170 And in fact, this is an example actually of something 1638 01:13:33,170 --> 01:13:38,530 called a Caesar cipher, where a Caesar cipher is a rotational cipher where 1639 01:13:38,530 --> 01:13:40,450 one letter becomes another and you just add 1640 01:13:40,450 --> 01:13:44,670 uniformly the same number of changes to each letter. 1641 01:13:44,670 --> 01:13:48,330 And Dan actually hinted at something slightly more sophisticated earlier, 1642 01:13:48,330 --> 01:13:52,700 which we might add, for instance, 1 letter to the first letter. 1643 01:13:52,700 --> 01:13:55,390 e-f-- Maybe this becomes g, two away. 1644 01:13:55,390 --> 01:14:00,320 Maybe this becomes m-n-o-- this time it becomes p. 1645 01:14:00,320 --> 01:14:01,500 And then so forth. 1646 01:14:01,500 --> 01:14:05,840 >> We add incrementing values to each of the letters, which 1647 01:14:05,840 --> 01:14:09,880 is harder because, now notice, l-l does not look like m-m, anymore. 1648 01:14:09,880 --> 01:14:11,860 We now need to be a little fancier. 1649 01:14:11,860 --> 01:14:16,750 And this is what's called, after a French guy, a Vigenere cipher, 1650 01:14:16,750 --> 01:14:19,550 where you're using disparate keys, different values. 1651 01:14:19,550 --> 01:14:21,300 And in fact, let's tie that back together. 1652 01:14:21,300 --> 01:14:24,040 >> We used the word "key" before, both in the physical sense, 1653 01:14:24,040 --> 01:14:25,490 for hotels and homes. 1654 01:14:25,490 --> 01:14:30,290 But in the electronic sense, a key is just a secret value, typically. 1655 01:14:30,290 --> 01:14:36,540 And a secret value in this earlier case, i-f-m-m-p-- 1656 01:14:36,540 --> 01:14:43,862 what is the secret key I'm using for this cipher that Dan proposed earlier? 1657 01:14:43,862 --> 01:14:45,070 AUDIENCE: Plus 1 [INAUDIBLE]. 1658 01:14:45,070 --> 01:14:45,820 DAVID MALAN: Yeah. 1659 01:14:45,820 --> 01:14:49,930 The key is just the number 1-- not the most secure, but it's simple. 1660 01:14:49,930 --> 01:14:53,560 But all of these security mechanisms require what-- that not only I 1661 01:14:53,560 --> 01:14:57,660 know the secret is 1, but also what? 1662 01:14:57,660 --> 01:14:58,860 Who else has to know it? 1663 01:14:58,860 --> 01:15:00,360 AUDIENCE: The recipient [INAUDIBLE]. 1664 01:15:00,360 --> 01:15:02,110 DAVID MALAN: The recipient has to know it. 1665 01:15:02,110 --> 01:15:04,384 And just for clarity, who must not know it? 1666 01:15:04,384 --> 01:15:05,300 AUDIENCE: The teacher. 1667 01:15:05,300 --> 01:15:06,675 DAVID MALAN: The teacher-- right? 1668 01:15:06,675 --> 01:15:10,360 Unless he or she has the time and energy to brute force it or figure it out. 1669 01:15:10,360 --> 01:15:13,930 So super simple idea, but it maps to what you're reading about 1670 01:15:13,930 --> 01:15:16,060 and hearing about every day in the news. 1671 01:15:16,060 --> 01:15:19,240 But the 256-- this is essentially 1 bit. 1672 01:15:19,240 --> 01:15:21,330 256 bits is much bigger. 1673 01:15:21,330 --> 01:15:26,080 And again, we'll get a quantitative sense of that tomorrow. 1674 01:15:26,080 --> 01:15:32,390 Any questions then on Apple, security, encryption, in these building blocks? 1675 01:15:32,390 --> 01:15:34,390 Yeah, Roman. 1676 01:15:34,390 --> 01:15:35,849 >> AUDIENCE: [INAUDIBLE]. 1677 01:15:35,849 --> 01:15:37,390 Do you have any insights [INAUDIBLE]? 1678 01:15:37,390 --> 01:15:40,050 1679 01:15:40,050 --> 01:15:41,550 DAVID MALAN: Oh, it's good question. 1680 01:15:41,550 --> 01:15:44,750 I don't know internally-- and Apple, of all companies 1681 01:15:44,750 --> 01:15:49,340 is particularly quiet when it comes to those kinds of implementation details. 1682 01:15:49,340 --> 01:15:53,410 But I can say more generally, a fundamental tenet of security, 1683 01:15:53,410 --> 01:15:55,910 at least in the academic community, is that you should never 1684 01:15:55,910 --> 01:15:58,420 have what's called security through obscurity. 1685 01:15:58,420 --> 01:16:03,510 You should never do something to protect data, or users, or information, 1686 01:16:03,510 --> 01:16:07,490 whose security and privacy is all grounded 1687 01:16:07,490 --> 01:16:11,520 on no one knowing how it works. 1688 01:16:11,520 --> 01:16:13,590 >> In other words, what the article alludes to, 1689 01:16:13,590 --> 01:16:17,864 AES, Advanced Encryption Standard-- that is actually a global, public, standard 1690 01:16:17,864 --> 01:16:20,530 that you can open up a math book or go on Wikipedia and actually 1691 01:16:20,530 --> 01:16:22,300 read what the algorithm is. 1692 01:16:22,300 --> 01:16:25,570 And much like the algorithm here is the super simple plus 1, 1693 01:16:25,570 --> 01:16:29,010 this is more complicated mathematics, but it's public knowledge. 1694 01:16:29,010 --> 01:16:30,510 And this has a number of upsides. 1695 01:16:30,510 --> 01:16:33,020 One, it means anyone can use it and implement it. 1696 01:16:33,020 --> 01:16:35,320 But two, it also means that millions of smart people 1697 01:16:35,320 --> 01:16:40,460 can review it and make sure to speak up if it's flawed in some way. 1698 01:16:40,460 --> 01:16:44,190 >> And so in fact, one of the best defenses against governmental back doors, 1699 01:16:44,190 --> 01:16:47,750 whether in this country or any other, is to just publicly discuss 1700 01:16:47,750 --> 01:16:50,700 these kinds of algorithms because it's very unlikely 1701 01:16:50,700 --> 01:16:53,380 that the entire world of academic researchers 1702 01:16:53,380 --> 01:16:58,120 is going to collude and actually tolerate hidden back doors 1703 01:16:58,120 --> 01:16:59,840 in algorithms like that. 1704 01:16:59,840 --> 01:17:01,940 >> However, you do need to keep something secret. 1705 01:17:01,940 --> 01:17:06,270 And so just to be clear, when you're using a cipher, like AES, 1706 01:17:06,270 --> 01:17:10,040 or something like Caesar, or Vigenere that we alluded to there, what does 1707 01:17:10,040 --> 01:17:11,038 have to be kept secret? 1708 01:17:11,038 --> 01:17:15,030 1709 01:17:15,030 --> 01:17:16,969 Not the algorithm, not the process. 1710 01:17:16,969 --> 01:17:17,760 AUDIENCE: The code. 1711 01:17:17,760 --> 01:17:20,890 DAVID MALAN: The code, right-- and the key, to be clear. 1712 01:17:20,890 --> 01:17:27,190 And so to be super clear, even though this is a trivial example, the cipher, 1713 01:17:27,190 --> 01:17:30,130 or algorithm, that we've generally been using in this discussion 1714 01:17:30,130 --> 01:17:31,630 is this thing here, the plus. 1715 01:17:31,630 --> 01:17:37,190 So addition is our super simple cipher or algorithm. 1716 01:17:37,190 --> 01:17:41,367 AES would be a much more complex equivalent of the plus. 1717 01:17:41,367 --> 01:17:43,950 You do a lot more math, a lot more additions, multiplications, 1718 01:17:43,950 --> 01:17:45,530 and so forth. 1719 01:17:45,530 --> 01:17:48,620 >> But the key is not the same as the cipher. 1720 01:17:48,620 --> 01:17:51,400 In this case, it's also super simple-- just the number 1. 1721 01:17:51,400 --> 01:17:58,490 In Apple's case, it's some 256-bit pattern of 0s and 1s. 1722 01:17:58,490 --> 01:18:01,460 So I'm not really answering your own question because I can't really 1723 01:18:01,460 --> 01:18:06,690 speak to what Apple knows, but the Apple engineers 1724 01:18:06,690 --> 01:18:10,000 have disclosed that they implement this algorithm to some extent. 1725 01:18:10,000 --> 01:18:11,836 We have to trust that they're being true, 1726 01:18:11,836 --> 01:18:14,210 and we have to trust that they didn't, nonetheless, build 1727 01:18:14,210 --> 01:18:16,830 in some secret backdoor for the NSA. 1728 01:18:16,830 --> 01:18:18,330 And that's fundamentally hard to do. 1729 01:18:18,330 --> 01:18:21,040 >> In fact, the frightening thought I can leave you 1730 01:18:21,040 --> 01:18:24,615 with on this particular subject is, much as we might all talk about this 1731 01:18:24,615 --> 01:18:27,490 and much as Tim Cook might assure us that these phones do not already 1732 01:18:27,490 --> 01:18:33,030 do what the FBI wants them to do, it's nearly impossible to verify or audit 1733 01:18:33,030 --> 01:18:34,320 as much. 1734 01:18:34,320 --> 01:18:37,140 Do we even know that my camera's not on right now? 1735 01:18:37,140 --> 01:18:40,580 Do you know that your own Macbook's camera's not on right now? 1736 01:18:40,580 --> 01:18:43,460 Well, most of you might know intuitively or from experience, 1737 01:18:43,460 --> 01:18:46,634 well, if the green light's off, what does that mean? 1738 01:18:46,634 --> 01:18:47,550 AUDIENCE: It's not on. 1739 01:18:47,550 --> 01:18:48,020 DAVID MALAN: It's not on. 1740 01:18:48,020 --> 01:18:48,520 OK. 1741 01:18:48,520 --> 01:18:51,650 You've been taught that, but why couldn't you 1742 01:18:51,650 --> 01:18:56,236 write software that turns off the light but turns on the camera? 1743 01:18:56,236 --> 01:18:59,810 1744 01:18:59,810 --> 01:19:03,100 There's really no fundamental defense against something like that. 1745 01:19:03,100 --> 01:19:05,510 >> So even we humans can be socially engineered 1746 01:19:05,510 --> 01:19:09,530 by our computers to trust one truth-- one reality, 1747 01:19:09,530 --> 01:19:11,340 when really we can then be taken advantage 1748 01:19:11,340 --> 01:19:14,904 of because of that exact same assumption that a green light means 1749 01:19:14,904 --> 01:19:15,570 the camera's on. 1750 01:19:15,570 --> 01:19:16,980 That's not necessarily true. 1751 01:19:16,980 --> 01:19:17,340 >> AUDIENCE: [INAUDIBLE] 1752 01:19:17,340 --> 01:19:18,090 >> DAVID MALAN: Yeah. 1753 01:19:18,090 --> 01:19:20,600 So actually, I always kind of smile, but I appreciate it 1754 01:19:20,600 --> 01:19:24,490 when you see real diehards around campus-- you have tape on yours. 1755 01:19:24,490 --> 01:19:25,980 OK. 1756 01:19:25,980 --> 01:19:28,622 So putting tape on it is a more surefire thing. 1757 01:19:28,622 --> 01:19:31,080 Of course, there's still a microphone that you can't really 1758 01:19:31,080 --> 01:19:32,707 tape over as effectively. 1759 01:19:32,707 --> 01:19:34,290 But these are the kinds of trade-offs. 1760 01:19:34,290 --> 01:19:36,400 >> And in fact, one take away hopefully for today 1761 01:19:36,400 --> 01:19:39,306 should be absolute terror when it comes to these kinds of things 1762 01:19:39,306 --> 01:19:41,680 because, at the end of the day, we have to trust someone. 1763 01:19:41,680 --> 01:19:44,417 And that too is a fundamental tenet of security. 1764 01:19:44,417 --> 01:19:46,000 Ultimately, you have to trust someone. 1765 01:19:46,000 --> 01:19:48,208 You have to trust that the person you have a crush on 1766 01:19:48,208 --> 01:19:51,280 is not going to tell his or her best friend what that secret code is, 1767 01:19:51,280 --> 01:19:54,820 and then disclose that same information that you're trying to keep secret. 1768 01:19:54,820 --> 01:19:55,320 All right. 1769 01:19:55,320 --> 01:19:58,640 Let's take a look-- yeah, Dan. 1770 01:19:58,640 --> 01:20:03,101 >> AUDIENCE: What does the acronym CBC stand for under the latest AES? 1771 01:20:03,101 --> 01:20:10,422 >> DAVID MALAN: Oh, CBC is block-- what's it stand for-- block [INAUDIBLE] CBC. 1772 01:20:10,422 --> 01:20:15,090 1773 01:20:15,090 --> 01:20:16,340 Cypher Block Chaining. 1774 01:20:16,340 --> 01:20:20,230 So Cypher Block Chaining is an acronym that refers to, 1775 01:20:20,230 --> 01:20:23,120 I believe, the process of what goes on inside 1776 01:20:23,120 --> 01:20:26,980 of an algorithm for cryptography, in this case, whereby it's iterative. 1777 01:20:26,980 --> 01:20:29,240 You do something again, and again, and again. 1778 01:20:29,240 --> 01:20:31,740 And you take a previous output, and feed it 1779 01:20:31,740 --> 01:20:34,660 into your process as a subsequent input. 1780 01:20:34,660 --> 01:20:38,410 So you keep feeding the results back into themselves. 1781 01:20:38,410 --> 01:20:44,850 >> And an analog here might be-- I should be able to come up with a good metaphor 1782 01:20:44,850 --> 01:20:45,410 here. 1783 01:20:45,410 --> 01:20:48,060 Let me try to think of a better example here. 1784 01:20:48,060 --> 01:20:51,484 Let's see if we can come up with a quick picture. 1785 01:20:51,484 --> 01:20:53,400 Let's see if Wikipedia gives us a picture that 1786 01:20:53,400 --> 01:20:55,370 would explain-- no, that's good. 1787 01:20:55,370 --> 01:20:58,610 1788 01:20:58,610 --> 01:21:02,840 This is a more pictorial complexity than we really want. 1789 01:21:02,840 --> 01:21:08,770 But the idea here is that if you are enciphering something, it gets fed in, 1790 01:21:08,770 --> 01:21:12,070 then the output gets fed in again, then it gets fed in again, 1791 01:21:12,070 --> 01:21:15,870 so that your iteratively scrambling information using 1792 01:21:15,870 --> 01:21:20,047 previous output as a subsequent input. 1793 01:21:20,047 --> 01:21:22,130 Let me see if I come up with a better explanation. 1794 01:21:22,130 --> 01:21:25,600 Give me lunch time to noodle on that one. 1795 01:21:25,600 --> 01:21:26,380 >> All right. 1796 01:21:26,380 --> 01:21:28,640 Let's come back here. 1797 01:21:28,640 --> 01:21:32,537 I want to encourage you-- your only homework for tonight, if you'd like, 1798 01:21:32,537 --> 01:21:35,120 and you haven't seen it, is to watch a 20 minute video, if you 1799 01:21:35,120 --> 01:21:36,850 have internet access and go on YouTube. 1800 01:21:36,850 --> 01:21:40,840 Last Week Tonight is a brilliant show by John Oliver from The Daily Show. 1801 01:21:40,840 --> 01:21:45,010 >> And at this URL here, you can actually look at his look-- his humorous, 1802 01:21:45,010 --> 01:21:48,020 but simultaneously serious look at the same issue. 1803 01:21:48,020 --> 01:21:51,629 And hopefully, even more of that video will make sense. 1804 01:21:51,629 --> 01:21:52,920 And this is in the slides, too. 1805 01:21:52,920 --> 01:21:56,070 So if you have the URL up with the slides, this is here, too. 1806 01:21:56,070 --> 01:21:59,620 And we'll get you online during the break as well. 1807 01:21:59,620 --> 01:22:02,420 >> So in our concluding minutes, let's take a quick look 1808 01:22:02,420 --> 01:22:06,530 at one other example of a technology that's ever present these days, 1809 01:22:06,530 --> 01:22:13,700 file sharing, both in consumer and in corporate contexts. 1810 01:22:13,700 --> 01:22:22,370 And that is by way of, for our purposes, something called Dropbox. 1811 01:22:22,370 --> 01:22:26,000 So for those unfamiliar, in a sentence or two, what problem 1812 01:22:26,000 --> 01:22:28,388 does Dropbox solve? 1813 01:22:28,388 --> 01:22:32,390 >> AUDIENCE: [INAUDIBLE] and then get it on your iPhone or iPad anywhere. 1814 01:22:32,390 --> 01:22:33,290 >> DAVID MALAN: Yeah. 1815 01:22:33,290 --> 01:22:33,790 Exactly. 1816 01:22:33,790 --> 01:22:36,290 It allows you to share files often with yourself 1817 01:22:36,290 --> 01:22:39,290 so that if you do have an iPhone, an Android phone, a Mac, a PC, 1818 01:22:39,290 --> 01:22:42,220 multiple Macs, multiple PCs, home computers, work computers, 1819 01:22:42,220 --> 01:22:46,480 you can have a folder that in turn has its own sub folders that automatically 1820 01:22:46,480 --> 01:22:48,324 get synchronized across all your devices. 1821 01:22:48,324 --> 01:22:49,490 And it's wonderfully useful. 1822 01:22:49,490 --> 01:22:52,350 >> For instance, in the morning, if I'm preparing for class, 1823 01:22:52,350 --> 01:22:54,560 I might get my slides, or videos, or pictures ready, 1824 01:22:54,560 --> 01:22:57,760 drop them in a folder on a home computer, then walk to school, 1825 01:22:57,760 --> 01:23:01,187 and open up a work computer here, and voila, it's magically there-- 1826 01:23:01,187 --> 01:23:03,270 unless I screwed up, which has happened sometimes, 1827 01:23:03,270 --> 01:23:05,830 and there's nothing more stressful than having done all that work hours prior 1828 01:23:05,830 --> 01:23:08,610 and you have nothing to show for it when it comes time for class. 1829 01:23:08,610 --> 01:23:10,640 So it fails sometimes, or the human fails, 1830 01:23:10,640 --> 01:23:13,210 but in theory that's exactly what it's supposed to do. 1831 01:23:13,210 --> 01:23:16,780 >> More compellingly, for other users, is that I can very often 1832 01:23:16,780 --> 01:23:19,400 then Control click or right click a folder 1833 01:23:19,400 --> 01:23:22,080 or file that I'm using with this service, 1834 01:23:22,080 --> 01:23:26,080 and I can send a URL that results from that click to a friend, 1835 01:23:26,080 --> 01:23:28,270 and he or she can then download a copy of that file. 1836 01:23:28,270 --> 01:23:31,630 Or better yet, we can share folders so that if I make a change, 1837 01:23:31,630 --> 01:23:35,080 then Victoria can see my changes in her folder, and Kareem later in the day 1838 01:23:35,080 --> 01:23:39,120 can edit it and see that same file and folder as well. 1839 01:23:39,120 --> 01:23:40,741 So there's a lot of implications here. 1840 01:23:40,741 --> 01:23:42,740 And we'll just scratch the surface, and try here 1841 01:23:42,740 --> 01:23:46,610 to spook you a bit into not taking for granted how all of this works 1842 01:23:46,610 --> 01:23:50,210 and what the actual implications are for things that you're using. 1843 01:23:50,210 --> 01:23:55,300 >> In particular, let's consider how Dropbox must surely work. 1844 01:23:55,300 --> 01:24:00,510 So if I'm over here-- let's draw a quick picture of me. 1845 01:24:00,510 --> 01:24:10,760 If this is little old me-- this is little old me on my laptop here. 1846 01:24:10,760 --> 01:24:19,330 And let's say this is Victoria with her tape on her camera. 1847 01:24:19,330 --> 01:24:24,080 And here we have Kareem, with his laptop here. 1848 01:24:24,080 --> 01:24:27,660 And then somewhere is this thing called the cloud, more on that this afternoon 1849 01:24:27,660 --> 01:24:28,660 as well. 1850 01:24:28,660 --> 01:24:30,880 >> So how does Dropbox work? 1851 01:24:30,880 --> 01:24:32,629 Suppose I create a folder on my computer, 1852 01:24:32,629 --> 01:24:34,420 and I install this software called Dropbox. 1853 01:24:34,420 --> 01:24:37,500 But we could also be talking about OneDrive from Microsoft, 1854 01:24:37,500 --> 01:24:41,160 or we could talk about the Google Drive, or any number of other products. 1855 01:24:41,160 --> 01:24:43,270 It's all fundamentally the same. 1856 01:24:43,270 --> 01:24:45,780 >> If I've got a folder called Dropbox on this computer, 1857 01:24:45,780 --> 01:24:48,790 and I've just created a PowerPoint presentation, or an Excel file, 1858 01:24:48,790 --> 01:24:52,220 or an essay, and I drag it into that folder, what 1859 01:24:52,220 --> 01:24:56,630 must happen in order to get it to Victoria's computer or Kareem's 1860 01:24:56,630 --> 01:24:57,210 computer? 1861 01:24:57,210 --> 01:24:58,085 >> AUDIENCE: [INAUDIBLE] 1862 01:24:58,085 --> 01:25:00,430 1863 01:25:00,430 --> 01:25:01,180 DAVID MALAN: Yeah. 1864 01:25:01,180 --> 01:25:05,100 So somewhere in here, there's a company. 1865 01:25:05,100 --> 01:25:08,140 And we'll call this Dropbox. 1866 01:25:08,140 --> 01:25:09,530 And this is David. 1867 01:25:09,530 --> 01:25:10,710 This is Victoria. 1868 01:25:10,710 --> 01:25:12,350 And this is Kareem here. 1869 01:25:12,350 --> 01:25:17,220 >> So somehow, I must have an internet connection that leads to the internet-- 1870 01:25:17,220 --> 01:25:19,680 more on that after our break-- that gets stored 1871 01:25:19,680 --> 01:25:23,590 on servers in Dropbox's headquarters, or data center, wherever it is. 1872 01:25:23,590 --> 01:25:27,890 And then Victoria's computer and Kareem's computer get that data how? 1873 01:25:27,890 --> 01:25:29,639 >> AUDIENCE: [INAUDIBLE] 1874 01:25:29,639 --> 01:25:30,930 DAVID MALAN: Have to say again? 1875 01:25:30,930 --> 01:25:31,650 AUDIENCE: [INAUDIBLE] 1876 01:25:31,650 --> 01:25:31,890 DAVID MALAN: Yeah. 1877 01:25:31,890 --> 01:25:33,098 I have to share it with them. 1878 01:25:33,098 --> 01:25:35,310 So I have to have sent Kareem to Victoria a URL, 1879 01:25:35,310 --> 01:25:38,210 or I have to click some menu option and type in their e-mail address 1880 01:25:38,210 --> 01:25:39,560 so it automatically gets shared. 1881 01:25:39,560 --> 01:25:40,768 Let's suppose I've done that. 1882 01:25:40,768 --> 01:25:43,247 What then happens in terms of this picture? 1883 01:25:43,247 --> 01:25:47,570 >> AUDIENCE: You need a user account and a way to authenticate-- 1884 01:25:47,570 --> 01:25:48,320 DAVID MALAN: Yeah. 1885 01:25:48,320 --> 01:25:50,720 We're going to need a priori some kind of user account. 1886 01:25:50,720 --> 01:25:52,220 So I've got to register for Dropbox. 1887 01:25:52,220 --> 01:25:55,910 Each of you probably has to register for Dropbox, at least in this scenario. 1888 01:25:55,910 --> 01:26:00,790 But then ultimately, that file gets transmitted down in this direction, 1889 01:26:00,790 --> 01:26:03,250 just as it went up from my direction there. 1890 01:26:03,250 --> 01:26:05,800 >> Similarly, if we've used a certain feature of Dropbox, 1891 01:26:05,800 --> 01:26:08,930 you can either make copies of files or actually share the originals. 1892 01:26:08,930 --> 01:26:11,090 If you guys start to make copies, then in theory 1893 01:26:11,090 --> 01:26:13,450 those should propagate back to me. 1894 01:26:13,450 --> 01:26:17,660 >> So if you're a particularly paranoid user, 1895 01:26:17,660 --> 01:26:21,600 or you're the CTO or chief security officer at a company, 1896 01:26:21,600 --> 01:26:25,020 what kinds of questions should you be asking here about this whole process? 1897 01:26:25,020 --> 01:26:26,280 >> AUDIENCE: [INAUDIBLE] 1898 01:26:26,280 --> 01:26:26,620 >> DAVID MALAN: Yeah. 1899 01:26:26,620 --> 01:26:27,120 OK. 1900 01:26:27,120 --> 01:26:29,520 So I am now the head of Dropbox. 1901 01:26:29,520 --> 01:26:30,060 Yes. 1902 01:26:30,060 --> 01:26:34,960 We use industry standard encryption to secure your data. 1903 01:26:34,960 --> 01:26:36,381 Satisfied? 1904 01:26:36,381 --> 01:26:36,880 Why not? 1905 01:26:36,880 --> 01:26:40,457 1906 01:26:40,457 --> 01:26:41,540 OK, I'll be more specific. 1907 01:26:41,540 --> 01:26:46,940 I use 256-bit AES encryption just like our friends at Apple do. 1908 01:26:46,940 --> 01:26:49,940 >> AUDIENCE: But all that data exists on all those machines, 1909 01:26:49,940 --> 01:26:52,654 and all those machines are a vulnerability. 1910 01:26:52,654 --> 01:26:53,320 DAVID MALAN: OK. 1911 01:26:53,320 --> 01:26:53,819 True. 1912 01:26:53,819 --> 01:26:56,920 So suppose there's a whole bunch of servers in Dropbox's headquarters, 1913 01:26:56,920 --> 01:27:02,760 or data center, or all of their data centers, and it's the data-- 1914 01:27:02,760 --> 01:27:06,200 and this is a feature-- is replicated-- copied-- across multiple servers 1915 01:27:06,200 --> 01:27:09,160 because, God forbid, one computer, one hard drive dies. 1916 01:27:09,160 --> 01:27:11,830 These days very common is to replicate data 1917 01:27:11,830 --> 01:27:14,530 across at least two computers or two hard drives-- 1918 01:27:14,530 --> 01:27:17,350 sometimes as many as five or more so that, 1919 01:27:17,350 --> 01:27:20,140 statistically, even though, yes, lightning 1920 01:27:20,140 --> 01:27:23,660 might strike all of Dropbox's data centers simultaneously, 1921 01:27:23,660 --> 01:27:27,020 or they might get physically attacked, or compromised all at the same time, 1922 01:27:27,020 --> 01:27:30,660 the probability of that happening is very, very, very low. 1923 01:27:30,660 --> 01:27:34,730 So for all intents and purposes, my data is backed up safely. 1924 01:27:34,730 --> 01:27:35,970 >> But it's encrypted. 1925 01:27:35,970 --> 01:27:36,480 So what? 1926 01:27:36,480 --> 01:27:39,390 Doesn't matter if every copy gets stolen, doesn't matter if the data 1927 01:27:39,390 --> 01:27:42,760 center gets infiltrated, my data is still encrypted 1928 01:27:42,760 --> 01:27:46,140 so no one can see what it is. 1929 01:27:46,140 --> 01:27:47,956 What questions should you continue asking? 1930 01:27:47,956 --> 01:27:51,169 1931 01:27:51,169 --> 01:27:53,752 AUDIENCE: Is it all encrypted the same way across [INAUDIBLE]? 1932 01:27:53,752 --> 01:27:56,650 1933 01:27:56,650 --> 01:27:58,750 >> DAVID MALAN: Embarrassingly, yes. 1934 01:27:58,750 --> 01:28:01,962 We use the same key to encrypt all of our customer's data. 1935 01:28:01,962 --> 01:28:04,920 AUDIENCE: But then it's very easy to unencrypt and decrypt [INAUDIBLE]. 1936 01:28:04,920 --> 01:28:05,400 DAVID MALAN: It is. 1937 01:28:05,400 --> 01:28:06,274 And that's a feature. 1938 01:28:06,274 --> 01:28:09,800 We can do this super fast for you, which is why the file syncs so quickly. 1939 01:28:09,800 --> 01:28:12,550 We use the same encryption-- the same key for everyone. 1940 01:28:12,550 --> 01:28:14,060 It's a feature. 1941 01:28:14,060 --> 01:28:16,320 >> And I said it sheepishly-- and this actually, 1942 01:28:16,320 --> 01:28:18,430 I believe, is still actually technically true. 1943 01:28:18,430 --> 01:28:22,900 They do use the same secret key, whether it's 256 bits or more, 1944 01:28:22,900 --> 01:28:24,530 for all customer's data. 1945 01:28:24,530 --> 01:28:26,820 And this is partly for technical reasons. 1946 01:28:26,820 --> 01:28:31,989 One, if I am sharing a file with Victoria and Kareem, 1947 01:28:31,989 --> 01:28:33,780 and they want to be able to access it, I've 1948 01:28:33,780 --> 01:28:35,840 got to somehow decrypt it for them. 1949 01:28:35,840 --> 01:28:41,110 But I don't really have a mechanism to give Victoria and Karim a secret key. 1950 01:28:41,110 --> 01:28:45,610 >> If I email it to them, I'm compromising it because anyone on the internet 1951 01:28:45,610 --> 01:28:46,960 could intercept my email. 1952 01:28:46,960 --> 01:28:50,480 I certainly am not going to call them with a sequence of 256 0s 1953 01:28:50,480 --> 01:28:53,150 and 1s or more, and tell them to type it in. 1954 01:28:53,150 --> 01:28:55,964 >> It could just be a password, but I'd still have to call them. 1955 01:28:55,964 --> 01:28:58,130 And in business, this isn't going to work very well. 1956 01:28:58,130 --> 01:28:59,570 If you want to share a file with 30 people, 1957 01:28:59,570 --> 01:29:01,030 I'm not going to make 30 darn phone calls. 1958 01:29:01,030 --> 01:29:03,100 And I can't send out an email because that's insecure. 1959 01:29:03,100 --> 01:29:05,475 >> So there's really this fundamental problem of sharing it. 1960 01:29:05,475 --> 01:29:09,440 So you know what, it's just easier if Dropbox does the encryption for us. 1961 01:29:09,440 --> 01:29:12,510 But if they do it for us, only they know the key. 1962 01:29:12,510 --> 01:29:17,550 And if they reuse the key, that means that all of the data 1963 01:29:17,550 --> 01:29:21,596 could be compromised if that key itself is compromised. 1964 01:29:21,596 --> 01:29:24,220 Now, having asked at least one buddy at Dropbox, they do have-- 1965 01:29:24,220 --> 01:29:26,178 and I think they have white papers that testify 1966 01:29:26,178 --> 01:29:30,180 to this fact-- they do have very, very few people who have access to that key. 1967 01:29:30,180 --> 01:29:32,560 The computers have to have it in memory, and it's 1968 01:29:32,560 --> 01:29:34,960 got to be locked up in some vault somewhere so 1969 01:29:34,960 --> 01:29:38,090 that, God forbid, the computers crash or need to be rebooted, 1970 01:29:38,090 --> 01:29:40,990 someone does have to type in that key at some point. 1971 01:29:40,990 --> 01:29:43,820 >> So that is really the secret sauce if there were any. 1972 01:29:43,820 --> 01:29:47,670 But this definitely has implications for my data. 1973 01:29:47,670 --> 01:29:52,020 It's disclosable, if someone compromises that key or that data center. 1974 01:29:52,020 --> 01:29:55,150 >> But it also allows Dropbox another feature. 1975 01:29:55,150 --> 01:29:57,620 It turns out-- and this is kind of a business cost-- 1976 01:29:57,620 --> 01:30:01,140 if you used a different key for every customer, 1977 01:30:01,140 --> 01:30:04,980 or even more so for every file, mathematically, 1978 01:30:04,980 --> 01:30:09,270 every file, when encrypted, would look different from every other file. 1979 01:30:09,270 --> 01:30:12,450 >> So even if I had two copies of the same PowerPoint presentation 1980 01:30:12,450 --> 01:30:16,280 on Kareem's computer and on my computer, if those files were encrypted 1981 01:30:16,280 --> 01:30:20,030 with different keys, the ciphertext-- the scrambled thing-- 1982 01:30:20,030 --> 01:30:21,610 would look different. 1983 01:30:21,610 --> 01:30:24,100 This is not a good thing because it doesn't 1984 01:30:24,100 --> 01:30:27,510 let Dropbox realize that those files are the same, as we've 1985 01:30:27,510 --> 01:30:28,920 kind of discussed earlier. 1986 01:30:28,920 --> 01:30:33,940 Why might Dropbox want to know when two users or more are 1987 01:30:33,940 --> 01:30:35,640 sharing the exact same file? 1988 01:30:35,640 --> 01:30:39,140 Why is that useful information for Dropbox from a business perspective? 1989 01:30:39,140 --> 01:30:39,860 >> AUDIENCE: Space. 1990 01:30:39,860 --> 01:30:40,651 >> DAVID MALAN: Space. 1991 01:30:40,651 --> 01:30:42,400 A PowerPoint presentation's not that big, 1992 01:30:42,400 --> 01:30:45,760 but people commonly share big movie files, video files-- 1993 01:30:45,760 --> 01:30:48,120 maybe really big PowerPoint presentations. 1994 01:30:48,120 --> 01:30:51,410 And if you have two users with the same file, or 10 users, 1995 01:30:51,410 --> 01:30:53,970 or maybe a million users with the same popular 1996 01:30:53,970 --> 01:30:56,340 illegally downloaded movie file, it's kind of 1997 01:30:56,340 --> 01:31:01,820 wasteful to store a million copies of the same gigabytes of information, 1998 01:31:01,820 --> 01:31:05,160 the same gigabyte sized video, and so Dropbox, like a lot of companies, 1999 01:31:05,160 --> 01:31:08,940 have a feature called "deduplication-- deduplication, which is just 2000 01:31:08,940 --> 01:31:14,040 a fancy way of saying store one copy of the same file, not multiple, 2001 01:31:14,040 --> 01:31:17,290 and just keep track of the fact that a million people, or whatever, 2002 01:31:17,290 --> 01:31:18,890 have that same file. 2003 01:31:18,890 --> 01:31:22,710 >> So just point all million people or so to that same file. 2004 01:31:22,710 --> 01:31:24,330 And you still back it up a few times. 2005 01:31:24,330 --> 01:31:26,690 So this is separate from the issue of redundancy 2006 01:31:26,690 --> 01:31:28,980 in case you have hardware failures or the like. 2007 01:31:28,980 --> 01:31:33,920 But deduplication requires that you not encrypt files individually 2008 01:31:33,920 --> 01:31:36,260 if you want to be able to determine after the fact 2009 01:31:36,260 --> 01:31:38,320 if they're still in fact the same. 2010 01:31:38,320 --> 01:31:39,970 >> So there's some trade-offs here. 2011 01:31:39,970 --> 01:31:43,370 And it's not necessarily clear what the right call is. 2012 01:31:43,370 --> 01:31:46,500 Personally with Dropbox, I'll use it for anything related to work, 2013 01:31:46,500 --> 01:31:49,500 certainly anything related to class, certainly for any files that I know 2014 01:31:49,500 --> 01:31:51,984 are going to end up on the internet anyway by choice. 2015 01:31:51,984 --> 01:31:53,900 But I don't really use it for financial stuff, 2016 01:31:53,900 --> 01:31:56,500 nothing particularly private or family related because, 2017 01:31:56,500 --> 01:31:59,710 as a matter of principle, not super comfortable with the fact 2018 01:31:59,710 --> 01:32:02,170 that it might be encrypted on my own Mac, 2019 01:32:02,170 --> 01:32:05,590 but as soon as it goes out of the cloud, it's on little old Dropbox's Servers. 2020 01:32:05,590 --> 01:32:08,740 And I'm pretty sure no one at Dropbox has it out for me 2021 01:32:08,740 --> 01:32:10,490 and is going to go poking around my files, 2022 01:32:10,490 --> 01:32:15,450 but they absolutely could in theory, no matter what policies or defense 2023 01:32:15,450 --> 01:32:16,710 mechanisms they put in place. 2024 01:32:16,710 --> 01:32:19,980 It just must be technologically possible. 2025 01:32:19,980 --> 01:32:23,120 >> And God forbid they are compromised, I'd rather my file not 2026 01:32:23,120 --> 01:32:27,360 end up in some big zip that some hacker puts online for the whole world to see. 2027 01:32:27,360 --> 01:32:28,640 So let's push back on that. 2028 01:32:28,640 --> 01:32:29,700 What's a solution then? 2029 01:32:29,700 --> 01:32:33,850 Could you continue using a service like Dropbox comfortably 2030 01:32:33,850 --> 01:32:35,580 and assuage my kinds of concerns? 2031 01:32:35,580 --> 01:32:36,580 >> AUDIENCE: Private cloud. 2032 01:32:36,580 --> 01:32:37,704 DAVID MALAN: Private cloud. 2033 01:32:37,704 --> 01:32:38,816 What does that mean? 2034 01:32:38,816 --> 01:32:41,524 >> AUDIENCE: Well, you secure it somehow so that it's available only 2035 01:32:41,524 --> 01:32:42,680 for a particular group. 2036 01:32:42,680 --> 01:32:43,430 >> DAVID MALAN: Yeah. 2037 01:32:43,430 --> 01:32:47,080 So you need to partition the cloud into something a little more narrowly 2038 01:32:47,080 --> 01:32:47,580 defined. 2039 01:32:47,580 --> 01:32:48,496 And we'll talk about-- 2040 01:32:48,496 --> 01:32:49,400 AUDIENCE: Internet. 2041 01:32:49,400 --> 01:32:50,441 >> DAVID MALAN: An internet. 2042 01:32:50,441 --> 01:32:55,330 So I could just backup locally to my own home, backup server, or cloud server, 2043 01:32:55,330 --> 01:32:56,007 so to speak. 2044 01:32:56,007 --> 01:32:58,090 Unfortunately, that means that Victoria and Kareem 2045 01:32:58,090 --> 01:33:00,960 need to visit more often if I want to share files with them but. 2046 01:33:00,960 --> 01:33:02,070 That might be one way. 2047 01:33:02,070 --> 01:33:04,150 >> There are also third party software that I 2048 01:33:04,150 --> 01:33:09,040 could use on my Mac or my PC that encrypts the contents of a folder, 2049 01:33:09,040 --> 01:33:12,520 but then I do have to call Victoria or Karim, or email them, 2050 01:33:12,520 --> 01:33:15,070 or something to tell them that secret. 2051 01:33:15,070 --> 01:33:20,200 And that's a bit of a white lie because there are types of cryptography that 2052 01:33:20,200 --> 01:33:22,470 do allow me and Kareem, and me and Victoria, 2053 01:33:22,470 --> 01:33:26,180 to exchange secret messages without having to, in advance, share 2054 01:33:26,180 --> 01:33:28,090 a private key-- a secret key with each other. 2055 01:33:28,090 --> 01:33:30,450 It's actually something called public key cryptography. 2056 01:33:30,450 --> 01:33:33,630 >> And we won't go into technical detail, but whereas we today 2057 01:33:33,630 --> 01:33:36,090 have been talking about secret key cryptography, 2058 01:33:36,090 --> 01:33:39,000 where both sender and recipient have to know the same secret, 2059 01:33:39,000 --> 01:33:41,470 there's something called public key cryptography, which 2060 01:33:41,470 --> 01:33:44,500 has a public key and a private key, which long story short have 2061 01:33:44,500 --> 01:33:48,245 a fancy mathematical relationship whereby if I want to send Victoria 2062 01:33:48,245 --> 01:33:52,310 a secret message, I ask her for her public key, which by definition she 2063 01:33:52,310 --> 01:33:53,300 can email me. 2064 01:33:53,300 --> 01:33:54,680 She can post it on her website. 2065 01:33:54,680 --> 01:33:56,950 >> It is meant mathematically to be public. 2066 01:33:56,950 --> 01:34:00,580 But it has a relationship with another really big number called 2067 01:34:00,580 --> 01:34:05,070 the private key such that when I encrypt my message to her, "hello," 2068 01:34:05,070 --> 01:34:07,104 with her public key, you can perhaps guess 2069 01:34:07,104 --> 01:34:09,270 what's the only key mathematically in the world that 2070 01:34:09,270 --> 01:34:16,500 can decrypt my message-- her private key or corresponding private key. 2071 01:34:16,500 --> 01:34:19,040 >> It's fancier math than we've been to talking about here. 2072 01:34:19,040 --> 01:34:21,710 It's not just addition certainly, but that too exists. 2073 01:34:21,710 --> 01:34:25,240 And in fact, and we'll come back to this when we talk about the web, 2074 01:34:25,240 --> 01:34:27,897 odds are you've never called someone at amazon.com 2075 01:34:27,897 --> 01:34:30,980 when you want to check out with your shopping cart and type in your credit 2076 01:34:30,980 --> 01:34:34,260 card number, and yet somehow or other that padlock symbol is telling you 2077 01:34:34,260 --> 01:34:35,560 your connection is secure. 2078 01:34:35,560 --> 01:34:37,730 Somehow or other your little old Mac or PC 2079 01:34:37,730 --> 01:34:39,900 does have an encrypted connection to Amazon 2080 01:34:39,900 --> 01:34:43,010 even though you've never arranged with them for a secret. 2081 01:34:43,010 --> 01:34:47,020 And that's because the web is using public key cryptography. 2082 01:34:47,020 --> 01:34:50,327 Why don't we pause here, take our 15 minute break after Olivier's question. 2083 01:34:50,327 --> 01:34:51,910 AUDIENCE: I just have a dumb question. 2084 01:34:51,910 --> 01:34:53,076 DAVID MALAN: No, not at all. 2085 01:34:53,076 --> 01:34:57,320 AUDIENCE: If you have the original file, and the key's the same for Dropbox, 2086 01:34:57,320 --> 01:34:59,244 for everyone, and you have the encrypted file. 2087 01:34:59,244 --> 01:35:02,317 Can you [INAUDIBLE] the key? 2088 01:35:02,317 --> 01:35:03,650 DAVID MALAN: Say that once more. 2089 01:35:03,650 --> 01:35:06,970 AUDIENCE: If you have the original file and the encrypted file, 2090 01:35:06,970 --> 01:35:11,274 and you have both of them, can't you just [INAUDIBLE]? 2091 01:35:11,274 --> 01:35:11,940 DAVID MALAN: Oh. 2092 01:35:11,940 --> 01:35:13,850 A good question. 2093 01:35:13,850 --> 01:35:16,850 If you have the plaintext and the ciphertext, 2094 01:35:16,850 --> 01:35:19,950 can you infer the secret key? 2095 01:35:19,950 --> 01:35:21,640 Depends on the cipher. 2096 01:35:21,640 --> 01:35:23,110 Sometimes yes, sometimes no. 2097 01:35:23,110 --> 01:35:28,840 It depends on how complex the actual algorithm is. 2098 01:35:28,840 --> 01:35:30,820 >> But that does not help your situation. 2099 01:35:30,820 --> 01:35:33,220 It is a fundamental tenet to, if you have 2100 01:35:33,220 --> 01:35:35,750 access to the original file and the resulting file, 2101 01:35:35,750 --> 01:35:38,440 you should no longer use that key because now you 2102 01:35:38,440 --> 01:35:39,700 have leaked information. 2103 01:35:39,700 --> 01:35:41,700 And an adversary could use that and exploit 2104 01:35:41,700 --> 01:35:46,590 that to do what you're alluding to, and reverse engineer what that key is. 2105 01:35:46,590 --> 01:35:50,260 >> But in this case, presumably when you're sending something to the recipient, 2106 01:35:50,260 --> 01:35:52,590 you already have a trust relationship with them. 2107 01:35:52,590 --> 01:35:56,420 And so by definition, they should have or know that key already. 2108 01:35:56,420 --> 01:35:59,430 It's when someone in the middle gets in the way. 2109 01:35:59,430 --> 01:36:00,480 Good question. 2110 01:36:00,480 --> 01:36:02,020 >> All right, Why don't we pause, take a 15 minute break. 2111 01:36:02,020 --> 01:36:03,000 Rest rooms are that way. 2112 01:36:03,000 --> 01:36:05,375 I think there's probably some drinks and snacks that way. 2113 01:36:05,375 --> 01:36:07,900 And we'll resume at 5 after 11, how about? 2114 01:36:07,900 --> 01:36:09,450 11:05. 2115 01:36:09,450 --> 01:36:11,736