[Important Note: Some links (especially Ars Technica) are NSFW for US government employees as they contain slides that are marked "Top Secret". Exercise discretion/caution in this story's comments, too. -Ed.]
Yes, it is cloud-based, yes, it does decide about the fate of hundreds of humans, and yes, ultimately it does direct robots to kill innocent humans.
SKYNET is a system created by the NSA that applies machine learning algorithms to supposedly determine the likelihood of someone turning into a terrorist based on mobile phone metadata. According to slides published at Ars Technica, evil acts like switching off your mobile phone (= evading surveillance), switching SIM cards (= trying unsuccessfully to evade surveillance, thanks to IMEI, etc.), swapping phones with others (= trying unsuccessfully to evade surveillance, thanks to other surveillance data) will be taken together as indicators of your evil intentions.
Patrick Ball—a data scientist and the executive director at the Human Rights Data Analysis Group—who has previously given expert testimony before war crimes tribunals, described the NSA's methods as "ridiculously optimistic" and "completely bullshit." A flaw in how the NSA trains SKYNET's machine learning algorithm to analyse cellular metadata, Ball told Ars, makes the results scientifically unsound.
(Score: 1, Interesting) by Anonymous Coward on Wednesday February 17 2016, @05:04AM
One day I was looking at SHA-512.
I looked at its constants. Now, most hashing functions start off with some initialization vector data and have some chaotic looking hex numerals. Cryptographers don't trust it if you carefully select those numbers from thin air -- they could be designed to reveal something, adding a back door, etc. So, we insist that the constants used in crypto primitives, like SHA-512, have to be some series of digits out there for all to see. Perhaps the Fibonacci sequence in binary beginning at iteration number 1984, or the mantissa of the digits of Pi beginning at bit #29Ah (666th bit), etc. You know, nothing that we could have just made up on the spot.
Then I realized something. These hashing constants are basically arbitrarily selected from a high entropy source. They don't have to be the one given, I could use the names of my family members in packed 7bit ASCII codes.
Just change one single bit and suddenly I've got a completely new hashing function -- no rainbow tables on the planet exist for it, and just paying some lackey at NSA to code up an implementation of this hashing function for their super cluster computing system is enough incentive to do so for my products.
Turns out there are lots of constants like that. Problem is, you actually can pick bad constants sometimes -- low entropy, or ones that don't develop enough bit interdependency with the others (not having a large enough hamming value, etc). But as long as you know just a tiny bit about crypto and know how to use a hex editor you can make it vastly exponentially more difficult to fuck with the ciphers you use.
P.S. If you're worried about interoperability, then you're already compromised.
(Score: 0) by Anonymous Coward on Wednesday February 17 2016, @06:42AM
P.S. If you're worried about interoperability, then you're already compromised.
Yeah if your money is in a bank then you're already compromised.
And if you try to connect to someone else's server securely using stuff like TLS you're already compromised.
BTW what's the internet service like from your private island?
(Score: 2) by HiThere on Wednesday February 17 2016, @09:55PM
Internet communication isn't the only possible use for encryption.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.