Hidden Certificate Authorities

The security of encrypted Web traffic depends upon a set of Certificate Authorities (CAs). Browsers and operating systems are configured with a list of CAs that they trust. The system is brittle, in the sense that if any of the multitude of CAs that your browser trusts is incompetent or malign, the security of all your traffic is imperiled. I've written several times on the topic of misbehaving CAs; there is a list of links at the end of the post.

In Web trust dies in darkness: Hidden Certificate Authorities undermine public crypto infrastructure, Thomas Claiburn reports on an important paper, Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem by Yiming Zhang et al. This paper looks at what happens when, by fair means or foul, unofficial entries are added to or replace the CAs in the official list that your browser trusts. Below the fold I discuss their findings.

The $65B Prize

Senator Everett Dirksen is famously alleged to have remarked "a billion here, a billion there, pretty soon you're talking real money". There are a set of Bitcoin wallets containing about a million Bitcoins that are believed to have been mined by Satoshi Nakamoto at the very start of the blockchain in 2008. They haven't moved since and, if you believe the bogus Bitcoin "price", are currently "worth" $65B. Even if you're skeptical of the "price", that is "real money". Below the fold, I explain how to grab these million Bitcoin and more for yourself.

I Confess To Right-Clicker-Mentality

"Worth $532M"

Both Cory Doctorow and Matthew Gault and Jordan Pearson have fun with the latest meme about NFTs, "Right-Clicker-Mentality". (Tip of the hat to Barry Ritholtz)

Gault and Pearson explain the meme:

what is the “right-clicker mentality”? Quite literally, it is referring to one’s ability to right-click on any image they see online to bring up a menu and select the “save” option in order to save a copy of the image to their device. In this term we have a microcosm of the entire philosophical debate surrounding NFTs.

I join in below the fold.

Making Sure "Number Go Up"

Source

Fake it till you make it is the way Silicon Valley works these days, as exemplified by Theranos, Uber, WeWork and many other role models. It is certainly the case with cryptocurrencies. Would you believe that an NFT of this image was worth $532M? How about nearly $1.1B? Most numbers that are quoted about cryptocurrencies are fake, in the sense that they are manipulated in order to fool the press, and thereby buy time until they become "too big to fail".

The credulous press reports make it look like the cryptocurrency market is much bigger and much more successful that it really is, further inflating the bubble. Below the fold, I provide a set of examples of the techniques that are used to fuel the mania.

We Are So Screwed

Last month I wrote The Looming Fossil Fuel Crash to refine my thoughts for a discussion with my financial advisers. The TL;DR was that the short-term focus and slow, corrupted decision-making process of large companies and institutions means that their response to the need to transition to low-carbon energy will be too slow and too late. The result will be a sudden crash in the value of fossil fuel and related stocks, enough to tank the whole market.

In case you think I'm panicing, the New York Times catches up with me in U.S. Warns Climate Poses ‘Emerging Threat’ to Financial System by Alan Rappeport and Christopher Flavelle:

Climate change is an “emerging threat” to the stability of the U.S. financial system, top federal regulators warned in a report on Thursday, setting the stage for the Biden administration to take more aggressive regulatory action to prevent climate change from upending global markets and the economy.
...
Higher temperatures are leading to more natural disasters, such as hurricanes, wildfires and floods. These, in turn, are resulting in damaged property, lost income and disruptions to business activity that threaten to alter how assets, such as real estate, are valued.

At the same time, the move away from fossil fuels could cause a sudden drop in the price of stocks and other assets tied to oil, gas, coal and other energy companies, or sectors that rely on them such as carmakers and heavy manufacturing. Such a shift could hurt the stock market, retirement savings and other parts of the financial sector.

Below the fold, an even more depressing update.

A Quarter-Century Of Preservation

The Internet Archive turned 25 yesterday! Congratulations to Brewster and the hordes of miniature people who have built this amazing institution.

For the Archive's home-town newspaper, Chase DiFeliciantoni provided a nice appreciation in He founded the Internet Archive with a utopian vision. That hasn't changed, but the internet has:

Kahle’s quest to build what he calls “A Library of Alexandria for the internet” started in the 1990s when he began sending out programs called crawlers to take digital snapshots of every page on the web, hundreds of billions of which are available to anyone through the archive’s Wayback Machine.

That vision of free and open access to information is deeply entwined with the early ideals of Silicon Valley and the origins of the internet itself.

“The reason for the internet and specifically the World Wide Web was to make it so that everyone’s a publisher and everybody can go and have a voice,” Kahle said. To him, the need for a new type of library for that new publishing system, the internet, was obvious.

We (virtually) attended the celebration — you can watch the archived stream here., and please donate to help with the $3M match they announced.

A Writer I Admire

Wouldn't it be great to write like Maciej Cegłowski? I've riffed off many of his riveting talks, including What Happens Next Will Amaze You, Haunted By Data, The Website Obesity Crisis and Anatomy of a Moral Panic. Now, in a must-read tweetstorm, Cegłowski takes on "Web3", the emerging name for the mania surrounding blockchains and cryptocurrencies. He starts from this tweet:

We’re starting a new crypto team at @Stripe. I’m hiring engineers and designers to build the future of Web3 payments: https://t.co/A40QPCw3XG. pic.twitter.com/ygYTrA125T

— Guillaume Poncin (@gponcin) October 12, 2021

The replies it garnered are hilarious. Below the fold, some extracts from Cegłowski to persuade you to read his whole thread (Unroll here).