How to Spy on, err umm, Monitor a Remote Host

Andre Broido, a UCSD mathemetician, is giving a talk today at UCI on what looks to be a fascinating idea: remote device fingerprinting. Think of cookies on steroids where the cookie (fingerprint) lives on the fingerprinter's machine instead of on the fingerprintee's machine. I'm guessing this is the corresponding paper so there are two co-authors, Tadayoshi Kohno and kc claffy. Here is the abstract for the talk:

We introduce the area of remote device fingerprinting, or fingerprinting a host (physical device and OS) as opposed to an operating system or class of devices, remotely, and without the fingerprinted device's known cooperation.  We accomplish this goal by exploiting small, microscopic deviations in device clock frequency (clock skews).  Our techniques do not require any modification to the fingerprinted devices.  Our techniques report consistent measurements when the measurer is thousands of miles, multiple hops, and tens of milliseconds away from the fingerprinted device, and when the fingerprinted device is connected to the Internet from different locations and via different access technologies.  Further, one can apply our passive and semi-passive techniques when the fingerprinted device is behind a NAT or firewall, and also when the device's system time is maintained via NTP or SNTP.  One can use our techniques to obtain information about whether two devices on the Internet, possibly shifted in time or IP addresses, are actually the same physical device. Example applications include: computer forensics; tracking, with some probability, a physical device as it connects to the Internet from
different public access points; counting the number of devices behind a NAT even when the devices use constant or random IP IDs; remotely probing a block of addresses to determine if the addresses correspond to virtual hosts, e.g., as part of a virtual honeynet; and unanonymizing anonymized network traces.

The authors, in the paper, show how one can create a unique fingerprint of a remote host's physical device, e.g. ethernet adapter, by analyzing the device's TCP/IP packet stream and measuring the device's unique perception of time. They exploit the fact that virtually all modern OS'es implement the timestamps option of the TCP protocol as defined in RFC 1323. They are thus able to cull from the TCP timestamp meta-data in the TCP headers that is included in every TCP/IP packet, what they call, the device's clock skew. It is formally defined as the first derivative, with respect to time, of the difference between the time, measured in seconds since some initial time, reported by the device's clock and the wall clock time. The reason one can use the clock skew as a fingerprint is that it appears to be relatively constant over time and independent of where the device is located on any given network and what protocol it is using to communicate. On the other hand, a number of assumptions have to hold for one to use remotely fingerprint a given device, in practice. The major one is that the OS managing the remote device needs to implement the TCP timestamps option. (Actually they have a way of doing remote fingeprinting using ICMP timestamps as well but that kind of data stream is not as easy to come by.) 

The authors mention several applications for this idea including determining whether a remote host was involved in a recorded event, counting the number of hosts on a remote network, and unanonymizing anonymous data. I'm skeptical that this kind of technique could ever be used to stop hackers or spammers in their tracks since once they find out about the method, they will easily be able to prevent it, by, for example, turning off the TCP timestamps option. What is more likely to happen is that intelligence battles being waged on the Net, whether it's between hackers and government authorities, or say companies and anti-corporate hackers, will only escalate, each side getting more powerful weapons to mount against the other.

ITConversations

Until a high quality podcast search engine becomes available, ITConversations is one of the better repositories I frequently go to for online podcasts of talks and interviews. I've probably listened to several dozen podcasts on this site while walking my dogs or driving to and from work. Several friends have asked me to point them to some of the podcasts I liked on the site so here are just a few of the ones I've enjoyed the most (in no particular order):

1. David Bornstein on social entrepreneurship
   
2. Steve Wozniak riffing on hacking and the creation of Apple
3. Ben Saunders on trekking to the North Pole
   
4. John Smart's insightful, often over the top, extrapolations on the Future
   
5. Oded Shankar on the rise of all things China

A Cool Application of Reinforcement Learning

Reinforcement learning is one of those sub-disciplines of artificial intelligence that I never really learned much about. Part of the reason, I think, has to do with the fact that I never saw any cool applications of its use (not that I was looking very hard) that triggered that that "aha" feeling where I was able to clearly see how reinforcement learning methods could solve important, real-world problems. Call me short-sighted. Well my eyes were opened recently, when I read this paper in which Andrew Ng, a machine learning professor at Stanford and his colleagues, described a new reinforcement learning algorithm which they were able to succesfully embed into an autonomous helicopter controller thereby setting a new world record: they developed the first autonomous helicopter capable of sustained, inverted flight.  Here is a photo of this feat:

Now, granted, figuring how to get helicopters to fly upside down may not seem like a real-world problem to get excited about, but what is important to understand is that it is a very hard problem because you're dealing with a highly stochastic, nonlinear system with complex dynamics,  and if you can solve this hard problem, it means you can solve all of the easier ones, such as how to get helicopters to fly right side up under possibly turbulent conditions, not to mention controlling other physical systems with similar dynamics.  And what's also cool is a lot of the underlying mathematics and modeling techniques are quite similar to other areas of machine learning, which means, I for one, don't necessarily need to spend an inordinate amount of time developing the necessary background skills to follow this area of research.

The Rapture Theory

There's an interesting argument being made by journalists like Bill Moyers, Jon Caroll (at the San Francisco Chronicle), and George Monbiot (at the Guardian) about how George Bush's policies are set or at least influenced by the religious right.  The argument is, essentially, as follows: a large and growing majority of the religous right believes in the rapture, drawn from the Book of Revelations in the Bible, which Caroll summarizes as :

an instant in time when all the truly holy people are taken directly to heaven, leaving their clothes in small neat piles behind them. The rest of the ungodly losers are left to deal with natural disasters and wars and the armies of the Antichrist, after which they die in various colorful ways while the ranks of the saved watch with compassion tempered with an understandable sense of satisfaction.

Although earlier Republican presidents like Ronald Reagan interpreted much of the Bible literally, were devoutly religious and had the support of the religious right, it is only with the ascendancy of George Bush to the White House, that the evangelical Christians have gained a real foothold in the seat of American power, often getting the White House to clear policy initiatives with them first before moving forward.  And here comes the thesis: it is no coincidence that the policies of this administration line up nicely with the checklist that believers in the rapture have about what has to happen before the rapture will comes to pass, which include establishing the state of Isreal, occupation by Isreal of the rest of the biblical lands, a great war with the evil-doers, and the destruction of the environment.  The reason? The Bush administration, whether knowingly or not, is carrying out the will of the religous right by inducing a state where it is inevitable the rapture will come to pass.  Here's what Moyers has to say:

I'm not making this up. Like Monbiot, I've read the literature. I've reported on these people, following some of them from Texas to the West Bank. They are sincere, serious, and polite as they tell you they feel called to help bring the rapture on as fulfillment of biblical prophecy. That's why they have declared solidarity with Israel and the Jewish settlements and backed up their support with money and volunteers. It's why the invasion of Iraq for them was a warm-up act, predicted in the Book of Revelation where four angels 'which are bound in the great river Euphrates will be released to slay the third part of man.' A war with Islam in the Middle East is not something to be feared but welcomed - an essential conflagration on the road to redemption. The last time I Googled it, the rapture index stood at 144-just one point below the critical threshold when the whole thing will blow, the son of God will return, the righteous will enter heaven, and sinners will be condemned to eternal hellfire.

The rapture index he is referring to, which can be found here, is described by the maintainer as:

a Dow Jones Industrial Average of end time activity, but I think it would be better if you viewed it as prophetic speedometer. The higher the number, the faster we're moving towards the occurrence of pre-tribulation rapture.

Rapture Index of 85 and Below:     Slow prophetic activity
Rapture Index of 85 to 110:        Moderate prophetic activity 
Rapture Index of 110 to 145:       Heavy prophetic activity 
Rapture Index above 145:           Fasten your seat belts 

So whose gone mad here?  Well clearly, anyone who takes the rapture index seriously which is both hilarious and frightening at the same time. But what about the  left?  Have they borrowed a page from Dan Brown and concocted the ultimate political consipiracy theory? Has Moyers, a respectable journalist, been suckered into it? Many believe, there's something there. But I would need to see so much more evidence to ever be convinced that our country's foreign and domestic policy is designed, at least in part, with the explicit intent to bring about the rapture.

Buffet and Munger Wax Philsophic

Warren Buffett and Charles Munger apparently spent a whopping 5 hours addressing a wide range of questions put to them by their shareholders at the annual meeting. Although these guys pay lip service to the bright future of this country, it's pretty clear they're deeply cynical about the direction this country is heading economically. Paul Allen took some notes of the meeting. CNN has highlights. My favorite quote is by Munger:

If you jump out the window at the 42nd floor and you're still doing fine as you pass the 27th floor, that doesn't mean you don't have a serious problem.

While he happens to be talking about the inevitable corrections GM and Ford will have to face due to their exhorbitantly high pension funding costs in this context, this quote could have been inserted just about anywhere else in the discussion and it would have fit right in.

Buffet's analysis of the current real estate bubble hits the nail right on the head:

I recently sold a house in Laguna for $3.5 million. It was on about 2,000 square feet of land, maybe a twentieth of an acre, and the house might cost about $500,000 if you wanted to replace it. So the land sold for something like $60 million an acre.

Unlike Berkshire Hathaway's shareholders, I don't think these two gentlemen walk on water, but  their grasp of economic matters is up there with the very best. So while it's all too easy to dismiss them for one reason or another, one would be mistaken, I think, to do so. One should, at least, listen.