The Heartbleed bug is one of the more serious computer security vulnerabilities I have seen. It was discovered yesterday and is just starting to hit mainstream media now, so I will summarise my understanding of it.
It affects some web sites that use HTTPS secure connections. The purpose of HTTPS is, among other things, to encrypt data sent between your computer and the web server, so that anyone who sees the data in transit across the internet cannot read it. So it is used whenever you log in to a web site or enter personal information. You know you are using it when your web browser displays a little padlock icon somewhere.
The bug is in a software library that implements HTTPS, called OpenSSL. Not all web sites use this library, but many do. The bug affects certain versions of the library. Importantly, though, the bug has been in the library since December 2011, and has only recently been detected and fixed.
During this time, an attacker who knew about the bug could send a request to a web server, and get back some random information from the server’s memory that should not be public. This information could be almost anything known by the web server software. It is a lucky dip: the attacker can not choose what information he will get. Importantly, though, it can include server certificates, and user names and passwords of the web site’s users.
Having obtained a certificate, an attacker could spy on data transferred from the user to the web site, including passwords and any information entered. This is not trivial, but can be quite easy in certain circumstances. For example, anyone can sit in a coffee shop and intercept WiFi traffic of other customers using WiFi in the shop, but they will only get information about the other coffee shop customers. On the other hand, the NSA can presumably spy on all data sent to any web site. There will be attackers with levels of sophistication between these extremes. Normally a web browser will shout warnings at you if a HTTPS connection has been intercepted. Having a web site’s certificate enables an attacker to silence such warnings.
User names and passwords can also be obtained directly using the Heartbleed bug. This only happens on certain web sites, and the details retrieved are random. It is not possible to quickly obtain all details of all users. Rather, every time the attack is made, one or two users’ details might be revealed. That said, the attack can be repeated, and in two years it can be repeated a lot. So a determined attacker could gather details of many people in this time. This is real. Users on Reddit were claiming to have seen Yahoo Mail passwords as recently as a few hours ago. Right now, Yahoo Mail is fixed.
So what can you do? Realise that you are affected, but don’t panic. There is a very good chance none of your details have leaked. You can not be certain, but you already were not certain. There are likely many more security holes that are not yet common knowledge. However, on services that you have particularly sensitive information, it would be wise to first check that the bug has been fixed, and then change your password.
You can check if the bug currently affects a given service with an online tool. If the service is at all high profile, it is a fairly safe bet that it is already fixed. But you can not tell if your details or a service’s certificate have been leaked in the past. Unless a service takes action, credentials and certificates obtained in the last two years can still be used by attackers to log in or spy on communications. Hopefully web administrators will communicate whether they have been affected and whether they have changed their certificates, so watch for announcements.
When you change your passwords, now is a good time to stop using the same password for every service you use. Start using a password manager such as LastPass, 1Password or Password Safe. All of these are acceptably safe in my opinion, but there is some interesting discussion on this topic. The great thing is that a password manager will generate a different, random, impossible to guess password for each site you use, meaning that if someone does find out your password to one service, the damage is limited to that service.
If a service offers two factor authentication, where you use a smartphone app which generates an ever-changing code, use that, because it means knowing your password alone is useless to an attacker.
If you run a web server that uses HTTPS and handles users’ information, educate yourself, upgrade, and inform your users.
More generally, if you can possibly arrange to live your life under the assumption that everything you have ever done on the internet could become public knowledge tomorrow, you could save yourself a lot of trouble. Keeping secrets is hard.
I am reading Pride and Prejudice, annotated by David M. Stoppard. It’s the part of the novel where Elizabeth is starting to figure out that Darcy might be an all right bloke after all. Mrs Gardiner and Darcy’s housekeeper are discussing him:
“His father was an excellent man,” said Mrs Gardiner.
“Yes Ma’am, that he was indeed; and his son will be just like him — just as affable to the poor.” 
Note 34 reads:
Helping the poor was an important function for one in Darcy’s position. The large numbers of people in this society with meager incomes, and the fairly limited means of public support available, meant that the need for such assistance was often great, especially in years of poor harvests.
Shortly after, and related:
“He is the best landlord, and the best master,” said she, “that ever lived. Not like the wild young men now-a-days, who think of nothing but themselves. There is not one of his tenants or servants but what will give him a good name. 
Note 37 reads:
The tenants would be those renting land on the estate and farming it; they could have frequent reason to deal with the owner, especially since owners could help fund improvements to the land that would raise productivity and benefit both owner and tenant.
So it turns out that it is not the case that the state is the only thing standing in the way of the rich laughing as the poor starve. And poor harvests? Thanks to globalisation, the “poor” have it easy now-a-days.
I found this comment from a business owner (correction, “Chief Architect of BitcoinStore“) poignant. The context is that it is a response to people moaning about Reddit moderators removing links to a hacked database file, but it is widely applicable. Now I am middle class with children I find myself going along with a lot of things that I would really prefer to fight against.
I haven’t been able to look through the leak fully myself (still setting up the VM) but the fact still remains that this is stolen property containing other peoples’ data. If you fear what the people in fancy costumes with guns will do to you, you comply with their demands. That’s not censorship, that’s self-preservation. [ ...] Sadly it doesn’t change the fact that there are people with guns who will take your money, lock you in a cage or just plain beat/kill you for not complying with their version of the rules.
For example, at BitcoinStore we state true value on exports and that results in citizens of some countries being charged absurdly high import tariffs (VAT). Our customers don’t like this and neither do we. We’re repeatedly asked to state false value, but we never do. We don’t do this because we agree with the concept of VAT or the idea of being forced to reveal the value or contents of a shipment, but because the people with guns can and will take away our money, freedom and lives.
Does the threat of having our awesome stuff taken away reduce the amount of awesome stuff we could have? Yep. Is it horrible terrible bullshit? Yep. Will they still put us in a cage no matter how much we are against them having the power to do so? Yep.
As a group of freedom-loving people it is indeed our responsibility to change all of these things, remake the world in a more favorable image, but we also must recognize that we are NOT the side that has all the guns, tanks and political power. We’re the side throwing rocks at the people with M16s and we need to behave accordingly. It doesn’t mean we shouldn’t fight, it means we need to be smart about it.
This is guerilla warfare, we fight only the battles we know we can win and we take all the weapons we can off our fallen enemies we can carry. A series of small wins makes us stronger and we can go after bigger wins with time. Charging headlong into the enemy is suicide.
Smart tactics, not loud voices will win this fight. Choose your battles.
I attended Dominic Frisby’s talk at Brian’s, and Brian asked me to write about what I learned.
The talk did not get far into the technicalities of Bitcoin, which was good for me as I already think I know most of it. Until recently I knew some of it, and two articles by Ken Shirriff completed that picture.
But Dominic is not the quiet, contemplative, theoretical person that I am. When he wants to find something out, he goes out and talks to people. This means he has lots of stories. And so I learnt of his experiences attending a Bitcoin auction under a marquee in a London back-street (the most culturally diverse gathering he has ever attended), talking to wealthy Bitcoin owners who live in squats and are part of the Occupy movement, and exploring the myriad Darknet marketplaces that have sprung up after the demise of Silk Road. He compared Bitcoin now to Rock and Roll in the 50s. People are doing it for fun, with irreverence, but also a sense that it is something big and uncontrollable, and with the same pattern of reaction from authorities: horror gradually giving way to acceptance.
This irreverence is particularly on display with the alternative crypto-currency (or altcoin) Dogecoin, which I think should be pronounced doggy-coin because there is a picture of a dog on its logo, but everyone else pronounced it with the o from go and a soft j. Dogecoin was spun off from Bitcoin as a joke, but is finding uses in micropayments because you can pay tiny amounts with big, psychologically pleasing numbers. I actually mined some Dogecoin the evening before the talk, because I wanted to try out mining and it turns out you can’t mine Bitcoins without specialised hardware, but you can mine altcoins. I currently have 600 Dogecoins worth 40p.
A developer of a Dogecoin smartphone app was in attendance, and he told the story of a Dogecoin fundraiser that managed to send the Jamaican bobsleigh team and Luger Shiva Keshavan from India (who became known as the Underdoge) to the Winter Olympics. We all discussed the usefulness of microtransactions for tipping the authors of interesting blog posts. They might need this when all the newspapers run out of money. Here is my Dogecoin address, by the way, hint hint, I have no shame:
Before the talk I was confused about altcoins, wondering why anyone would make yet another crypto-currency, but now I understand. There was discussion about how Bitcoin might fall, be replaced by something else, and eventually there will be a winner. But the other view in the room, and the one I favour, is of all these currencies co-existing. Partly they will compete, and partly they will serve different functions. For example, there will only ever be 21 million Bitcoins but there will be 5 million new Dogecoins every year forever. It is possible that Bitcoin will be used as a store of value and other currencies will be used for daily spending. Whatever inconvenience this causes can be solved with good software: whoever solves it first will be the new Paypal.
There are lots of problems impeding the mainstream acceptance of Bitcoin, and a sense that people are working on solving all of them. The demise of the exchange Mt.Gox will lead to better security practices such as distributed signatures, ways of auditing banks, and peer to peer exchanges. People who want more safety will get deposit insurance and wallets pegged to fiat currencies. And there is no shortage of convenient payment methods. There is even a Bitcoin vending machine in London.
The other cool thing I did that evening was buy a signed copy of Dominic Frisby’s book Life After The State for 0.03 BTC (he would have accepted less, but the novelty of the transaction made me generous). I’ll be sure to read his Bitcoin book, too.
It looks as if a large Bitcoin exchange, Mt.Gox, has disappeared, along with large numbers of customers’ Bitcoins. The sequence of events is described in one Reddit post, and the media reaction is predicted in another, along with some advice:
…the lesson is not that we ought to seek out “regulation” to save us from the evils and incompetence of man. For the regulators are men too, and wield the very same evil and incompetence, only enshrined in an authority from which it can wreck amplified and far more insidious destruction. Let us not retreat from our rising platform only to cower back underneath the deranged machinations of Leviathan.
In general, Reddit seems to be the best source of information.
There are people predicting that this is the end of Bitcoin, and others pointing out that Mt.Gox is just an exchange, and not a very well run one at that, so good riddance because Mt.Gox has been blamed for price fluctuations in the past. Of course, there will be no state bailout. We might be about to learn what happens to a free market currency in a big crisis.
I keep saying that if you care about poor people, you should be a libertarian.
The Institute for Fiscal Studies is pointing out that while poorer people are paying more for food and fuel, richer people are enjoying low interest rates. So government spending and borrowing and the artificially low interest rates that go along with that are harmful to poor people, as are taxes on fuel, and income tax on minimum wage earners, and countless other instances of state meddling.
Real money and a small state lead to high growth which makes everyone richer.
Doing the rounds on Facebook is a story about a cancer patient told by the Department of Work and Pensions that she contributed to her illness and therefore does not qualify for some amount of welfare payment. One commenter points out that she probably broke some rule, such as drinking too much or not going to some medical appointment or other. Debate ensues about whether such rules are fair.
There are more such stories on a blog called Benefit Tales, such as the the man who died in a freezing flat after the DWP stopped payments to him because he did not attend an assessment, because they sent the letter demanding that he attend the assessment to the wrong address.
The problem is centralisation. A government department can not know exactly how ill a certain individual feels today, and it will not visit you to find out why you did not attend an appointment. It certainly can not just pay money to anyone who asks for help because there are too many of those, so it must make rules, write letters and feed forms into computers. Letters go missing and no rigid set of rules will make sense for every single complicated human. But by demanding that the state looks after everyone, such centralisation is just what welfare state supporters are asking for.
It is much better to look not to the state for help, but to one’s friends and neighbours. They are the ones who know just how ill you are and can knock on your door and make sure you are all right. And if they were allowed to hold on to a little more of their money, they might be able to club together and pay your heating bill and bring you groceries. Similarly, private charities, because they can choose who they help, are better placed to more efficiently allocate their resources to the most deserving.
As usual, public debate misses alternatives to the state. A television programme about people on benefits recently aired, and the mainstream media helpfully divides people into those who think welfare recipients are undeserving and those who think they need more help. The result is that the state is asked to do more to help people, and do more to stop cheats, frauds and the undeserving. Few think to ask the state to do less.
But, as Perry’s quote of yesterday says, it makes no sense to ask the state to look after people. If you want to look after the poor and the chronically ill, be a libertarian: take the money and the power away from the heartless state and leave it in the hands of people who care.
President of the Adam Smith Institute Madsen Pirie is recruiting them even younger than Brian suggests in his previous post — in a way. He has written children’s books. I recently read Children of the Night.
My older son is only three, but I am keen to fill the house with books that he might like to discover when he feels like it. Whenever I read novels I worry about how the author’s worldview infects the fictitious world he has created. With Madsen Pirie I can relax, confident that his fictional universe will have sensible laws of economics and will not subconsciously implant socialism into my children’s heads.
Not only that, it is a very good adventure story. In genre it is a kind of steampunk — it has an outward appearance of fantasy but is really science fiction, which is the best kind of fantasy because it leads to an internally consistent and believable world. This leads to consistent and believable politics, which are never spelled out in exposition but form the backdrop to the action. And it is nearly all action, as makes sense for a children’s book, but there are many lessons.
On the origins of political power:
Shocking though the violence was, he was used to it. That was the way the world seemed to work. Those on high bullied and terrorised those below them.
On class and ambition:
“I do know this,” Quicksilver thought back, “that a wagoner’s son is destined to become a wagoner, and a nobleman’s son is destined to become a nobleman. But those with special talents can break free of this destiny and achieve things their parents could not dream of. Extraordinary things.”
In fact the protagonists are a poor orphan, a nobleman’s daughter who would rather be a pilot than a nobleman’s daughter, and an engineer dwarf, who all end up friends because of their differences.
On the intersection of economics and politics:
“It’s partly the cost,” Calvin replied. “There aren’t many places where people need to go up a mountain, and it would cost too much to lay miles of track and cable across open country.” He shrugged before adding, “And of course the Church limits the number of dwarf machines allowed into the Realm. They don’t want anything to upset the social order. That’s fine by us. We make the machines, not the decisions.”
“This stuff isn’t for sale anyway. It’s the share we have to pay to their high mightiness.” There was a real bitterness to his voice as he said it. “Who’s that?” inquired Mark, puzzled. “A far-off fat bishop who never set foot out of his abbey, and a far-off lazy lord who never did a day’s work in his life.” “You mean tithes,” said Mark, “a tenth for the church.” “A tenth?” Anderson laughed bitterly. “Round here it’s a sixth. And another sixth in taxes for using the land and sea which some noble calls his own.” Gene uttered a low whistle. “That’s a third gone before you start! Do they take a third of everything?” “Everything.” The word was spat out in bitterness.
On changing the meta-context:
We spread stories and provoke people to see the injustice of their rule, and to resent it.
There is also a problem with a fuel source that is mined by slaves. Many an author might have his characters fight against the slavery, and Madsen does, but he also has them realise the importance of the fuel, the suffering that its increase in cost would cause, and the possibility of a technological solution. This is a world in which technology offers hope and improvement despite its problems, rather than simply causing problems.
And there are murder mysteries, exotic flying machines, chase scenes, narrow escapes and double-crossings aplenty. It is all good, wholesome fun.
The latest addition to my family takes up more room in the car than expected, and the old car is dying more quickly than expected, so I want to buy a new car sooner than expected. To do this I took out a small loan, and shopping around for loans I found Zopa. The feature of their loans that attracted me was the ability to repay early without penalty.
But there is more to it than that. They are a peer to peer lender. Savers can save money with Zopa, and the money is divided into £10 chunks and spread between a large number of borrowers. I can visit a web page that shows a list of the people who have lent me money. For instance, I owe £20 to John Owen in Brighton. I get a cheaper loan, and they get higher returns on their savings than could be had from a conventional savings account.
Of course, though the credit reference checks are quite stringent, there are risks. The web site Money Saving Expert points out:
With normal UK savings, the Government-backed Financial Services Compensation Scheme promises it’d pay the first £85,000 per person, per financial institution if the institution goes kaput. Peer-to-peer lenders don’t have this.
Well, good! Peer to peer lending is about as Samizdata as it gets. Individuals are voluntarily lending their money to each other for mutual benefit, bearing the costs of their own risks. There is not even any fractional reserve banking to worry those who worry about such things. The interest rates are properly Austrian, being set by a market and not by the government. And the company called Zopa is making a profit doing the very valuable middleman job of dividing the labour by taking care of the paperwork and matching borrowers to lenders.
Zopa is a founder member of the Peer-to-Peer Financial Association, “a UK trade body set up primarily to ensure this innovative and fast growing sector maintains high minimum standards of protection for consumers and business customers”. A worthy idea: a voluntary membership organisation that enforces high standards among members thereby helping consumers decide who to trust.
On 24th October the Peer-to-Peer Financial Association issued a press release.
Christine Farnish, Chair of the Peer-to-Peer Financial Association (P2PFA) said:
“We welcome today’s consultation by the FCA on the new regulatory regime for peer to peer lending and crowd funding.”
“Peer-to-peer lenders have been pressing for regulation for some time and believe it is important that all firms entering this important new market behave responsibly, treat their customers fairly and manage their risks.”
So now they want to take all this beautiful voluntary activity and introduce state backed violence. And they think this is a good idea. I give up.
Two days after my post about Eliezer Yudkowsky’s posts about voting, another Less Wrong user, Chris Hallquist, posted some counterarguments. He discusses median voter theorem and Duverger’s law. I found it difficult to follow at times, but a commenter helped:
There’s the classic economic textbook example of two hot-dog vendors on a beach that need to choose their location – assuming an even distribution of customers, and that customers always choose the closest vendor; the equilibrium location is them standing right next to each other in the middle; while the “optimal” (from customer view, minimizing distance) locations would be at 25% and 75% marks.
This matches the median voter principle – the optimal behavior of candidates is to be as close as possible to the median but on the “right side” to capture “their half” of the voters; even if most voters in a specific party would prefer their candidate to cater for, say, the median Republican/Democrat instead, it’s against the candidates interests to do so.
This explains why politicians all look the same without putting them in a class and calling it class warfare. I am not sure whether to be worried that there is at least one voter as far from David Cameron as I am but in the opposite direction, or relieved that David Cameron is Prime Minister and not that person.
In any case, one solution is to move the median, which I suppose is what Samizdata is all about.
Eliezer Yudkowsky wants us all to think more rationally, and is involved with various attempts to train people to do so, including the fascinating web site Less Wrong. A pet hypothesis of mine is that rational thinking leads inevitably to a desire for a smaller state. Evidence so far includes the Micklethwaitian observation that if you look around the world you find that people are better off when they are more free: an honest rationalist cannot fail to notice this. Additional evidence is Eliezer Yudkowsky, a man who spends his life trying to be as rational as possible and who apparently wants a smaller state.
Suppose that you happen to be socially liberal, fiscally conservative. Who would you vote for?
Or simplify it further: Suppose that you’re a voter who prefers a smaller, less expensive government – should you vote Republican or Democratic?
That is from his essay The Two-Party Swindle. It starts by noticing how, for probably evolutionary reasons, people like to divide themselves into us and them, which leads to sports team fandom. It goes on to point out that the fans of either team have far more in common with each other than with the players.
Why are professional football players better paid than truck drivers? Because the truck driver divides the world into Favorite-Team and Rival-Team. That’s what motivates him to buy the tickets and wear the T-Shirts. The whole money-making system would fall apart if people started seeing the world in terms of Professional Football Players versus Spectators.
And I’m not even objecting to professional football. Group identification is pretty much the service provided by football players, and since that service can be provided to many people simultaneously, salaries are naturally competitive. Fans pay for tickets voluntarily, and everyone knows the score.
It would be a very different matter if your beloved professional football players held over you the power of taxation and war, prison and death.
Indeed, I LOLed too. Politicians want you to support your favourite team in order that you see the other team, rather than the politicians, as the enemy. In the next essay, The American System and Misleading Labels, Yudkowsky strips away the abstraction of the American political system to identify where the power is, and show that it is very much not with the voters.
When I blur my eyes and look at the American system of democracy, I see that the three branches of government are the executive, the legislative, the judicial, the bureaucracy, the party structure, and the media. In the next tier down are second-ranked powers, such as “the rich” so often demonized by the foolish – the upper-upper class can exert influence, but they have little in the way of direct political control. Similarly with NGOs (non-governmental organizations) such as the Electronic Frontier Foundation, think tanks, traditional special interest groups, “big corporations”, lobbyists, the voters, foreign powers with a carrot or stick to offer the US, and so on.
Since voters have such a small share of the influence pie, Yudkowsky argues that the main benefit of living in a democracy is that in theory, if you got them angry enough, the voters could vote for a third party. It is fear of this hypothetical situation that keeps the politicians “too scared to act like historical kings and slaughter you on a whim”. I do think, though, that those in real power have worked around this somewhat by making changes in unpleasant directions small enough that the voters do not notice, or at least do not get angry enough.
All this is brought together in Stop Voting For Nicompoops, which argues (quoting Douglas Adams on voting for lizards along the way) that you should forget about the rhetoric of wasted votes and just vote for who you like.
Remember that this is not the ancestral environment, and that you won’t die if you aren’t on the winning side. Remember that the threat that voters as a class hold against politicians as a class is more important to democracy than your fights with other voters. Forget all the “game theory” that doesn’t take future incentives into account; real game theory is further-sighted, and besides, if you’re going to look at it that way, you might as well stay home. When you try to be clever, you usually end up playing the Politicians’ game.
Clear your mind of distractions…
And stop voting for nincompoops.
Read the whole thing. And then read everything about politics. And then read everything about everything.
Update: There is a follow-up to this post.
The child benefit reforms have taken effect. Tomorrow, hundreds of thousands of people must register for tax self-assessment for the first time.
To summarise, if any member of a household earns more than a certain amount, then some amount (possibly all) of the child benefit received by the mother in the household must be paid back by the high earner in the household. The more you think about this, the more absurdities you will notice.
Some will point out that child benefit should not exist. They are right. My wife receives child benefit and I view it as a small reduction in the vast amount of tax I pay. So these changes mean I will be paying more tax.
But the real problem is that I will also have to fill in forms. I do not like filling in forms. My approach to the state is to bumble along following the path of least resistance, because there are too many other interesting things to do. Until now they have had the good courtesy to quietly steal my money without interrupting the quiet enjoyment of my evenings. I think most middle class families do the same: they get on with it and they do not think about it.
Anyone like me following this path is about to get rudely awakened because they will have been receiving child benefit since April without realising that they need to pay it all back, and to pay it all back they need to register for self-assessment.
Importantly, then: if I am to avoid jail, for the first time in my life I have to actively interact with HMRC. Ignoring them is no longer an option. The same is true for a large section of the population who would rather spend time playing with their children.
Now might be a good time to publicise the idea of a flat tax.