War Stories (Anecdotes)
“War stories” are short anecdotes, illustrations, suggestions, or stories which describe a unique real-world situation in which AMULETs ™ have been, or could be, applied. These are intended to help further understanding of AMULETs ™ and their use.
AMULET™ location capabilities
Many of these anecdotes utilize a AMULET ™’s ability to query and remember its geographic location using hardware present on its host device (cell connectivity, GPS or Wi-Fi, for example) to find out where the host device was last known to be. Proprietary AMULET™ algorithms use a combination of whether GPS is turned on, last known location, pre-configured GPS polygons, present time, and last known direction of travel to determine the location of the host device right now (even if GPS is not currently available, as when inside a building) and whether the current location is allowable when accessing a protected digital asset.
Although GPS or one of its technological variants (I.e., assisted or synthetic GPS) is the most accurate method, AMULETs ™ can employ a number of other technologies to determine where a host device is in real time. These include Wi-Fi (connectivity to a known access point, wireless fingerprinting, RSSI (received signal strength indication), inertial sensors (a compass or magnetometer to determine direction, an accelerometer to report how fast your phone is moving in that direction, and a gyroscope to sense turning motions), barometric sensors (to determine height), RFID, ultrasonic, and NFC proximity detection, Bluetooth beacons, and terrestrial transmitters (see www.locata.com).
For more general location information (good enough for many applications) in the absence of GPS or other alternatives, AMULETs ™ can determine the location of a cell-connected device via the closest cell tower. There are many ways to retrieve the nearest cell tower, and the GPS location of that tower – even the device’s previous cell-tower location history in linear time – which can then be used by AMULETs (see the websites http://www.google.com/locationhistory, www.opensignal.com, and www.cellreception.com/towers for examples of how this is done).
To be very clear, it is the host device’s responsibility to provide any hardware, device drivers, or support software necessary to obtain the raw location data – the point here is simply that once made available by the device, AMULETs ™ can make intelligent use of the information (even the lack of the information’s availability) in combination with other data to determine is access to a protected digital asset should, or should not, be granted
AMULETs™ are dynamic
Another common feature of war stories are their reliance on a AMULET ™’s ability to report status information and accept new criteria settings dynamically. When on-line, AMULET ™ criteria can be modified in real-time by the AMULET ™’s registered author, developer, or owner (and within limits imposed by the owner, by designated sub-owners). AMULET ™s can “phone home” to relay state information and pick up new marching orders from a pre-determined location, and/or they can accept new criteria pushed to them asynchronously.
On to the stories…
(my favorite anecdote)In the 1800’s, your family’s likely mode of transportation (and one of their most valuable possessions) would have been a horse and buggy. Other than possibly running away (something horse is specifically trained not to do), a horse and buggy have no means to defend themselves against attack or theft.
“Security” for the horse and buggy when idle (that is, in storage) was a shed, barn, lean-to, corral, or stable (its storage container). The problem with a barn or stable is that the building (its “attack surface”) is quite sizeable and visible with many points of entry (intended and unintended), and well known to everyone (including malfeasance) to contain many items of great value. In fact, the larger the barn, the more visible it becomes and the more likely that the sum total of its contents would be very attractive to a thief. You could go so far to say that the fancier the locks you place on the doors to the barn and the greater the number of them, the more likely that the barn contains high-quality tools and animals. Those locks must be fitted and appropriate to the design of the barn, with no real consideration of the individual animals inside. The barn is not easily moveable to another location, in part because friends, families, and neighbors who rely on knowing where it is must be informed and must than change appropriately whatever plans they have for using your barn. The barn’s structural design and the implementation of that design are not subject to willy-nilly changes without significant expenditure of resources.
If you want to offer the use of your barn or stable to a friend or extended family member, you must further advertise the location of your barn to him or her, and hope they will not communicate the location of your most valuable digital assets to too many other people, especially to no one that happens to make their living stealing things. Certainly you hope that after their use of your barn, your borrowers won’t remember any padlock combinations or structural weaknesses in your barn.
MobilityHorses and buggies are by definition mobile devices, so at various times you will want to go somewhere using them. From a security perspective, there are three issues that then present themselves – keeping your horse and buggy safe during the trip, storing your horse and buggy at the destination, and making sure you do not bring back during your return any diseases of the horse, broken parts in the buggy, or unwanted critters hitching a ride.
Protection during transportTransport security between the horse-and-buggy owner’s barn and a destination would have been a roll-your-own affair, with the most bang-for-the-buck (sorry, couldn’t resist) form of protection being a shotgun or handgun (think “encryption”). The effectiveness of that protection would be dependent upon the quality and maintenance of the weapon, the owner’s aim, and the armament and capabilities of the attackers (think number of bits of encryption). Of course, once the shotgun is taken (that is, encryption is broken), not only is the owner’s ability to protect his horse and buggy during that trip gone, but so is his ability to protect replacement horses-and-buggies on subsequent trips until he acquires a new and stronger mode of protection (he must also battle the problem that the town gossip will advertise to everyone that he no longer has his shotgun).
The illogic of storage container-based securityIn addition to those problems alluded to in the paragraphs above, the horse and buggy owner has a number of other issues that go along with storage-container-based security. First and foremost, when his barn burns down, is broken into, or the door is accidentally left open, all of his animals are killed or escape and all of his other valuable property (tools, equipment) is destroyed or stolen. The bigger the barn, the greater the loss.
And, the likelihood is that when he built the barn, the owner of the horse-and-buggy used the same basic design and plans as other farmers in the area, purchased his padlocks at the same hardware store, and relied on the same hired hands with the same level of knowledge about security to watch over the barn. In other words, his “attack surface” is well-known and published, such that when one barn in the area is compromised, they all become vulnerable (think CA, Symantec, McAfee – see the link at https://www.wired.com/2016/06/symantecs-woes-expose-antivirus-software-security-gaps/).
So, the horse-and-buggy owner forms a coop with other farmers in the area to build a common barn, stronger and bigger, one they can all use to store their equipment. Of course, the new barn is now equally inconvenient to everyone since it is not on any one farmer’s property, meaning the distance to detection of a problem is greater to all, and each farmer’s individual tolerance level for problems is surrendered to the level of tolerance of the least-competent security guard. And every farmer must now alter what were unique patterns of engagement with his own barn and adopt uniform new behaviors equally unfamiliar to everyone to engage the new barn (enter the social hacker).
Of course the new barn is stronger and more secure. It is also more visible, contains far more items of value, has far more pathways of engagement with its users, is far less intimate with the security requirements of individual horses-and-buggies, has far more standardized methods of ingress and egress, and is far more convenient to the hacker (who now has just one barn to worry about) – all of which translates to much greater motivation and return on investment to a thief, resulting in attracting a more sophisticated, accomplished, and educated malfeasant. The barn is likely to be broken into less often; but when it is, every farmer in the area will be wiped out.
Into the twenty-first century
That we recognize the sheer stupidity of such an approach at some level is clearly shown in how we approach security in one of our most valuable individual mobile digital assets, the modern automobile. Can you imagine depending on the random security features of the storage container – your garage or parking lot – to secure your $30,000 automobile? Or carrying a loaded shotgun with you everywhere you go when driving as your only means of defense of your vehicle? Of course not. You instead rely on the automobile’s ability to protect itself at multiple levels – ignition keys, rolling-code key fobs, trunk and door locks, computer analysis, OnStar communications, LoJack devices, intruder detection, and alarm systems.
Yet several Sony executives, each paid millions of dollars a year, with an average of eight years of education and another ten years of work experience, for decades regularly parked full digital versions of movies into which Sony had invested from $50 million to $150 million dollars into a… get ready for it … barn. They called it a server, true enough, but for all practical purposes, it perfectly fit the description of a barn in our analogy above. Certainly the hackers, whoever they may have been, though of it as a barn and were successful approaching it that way.
The AMULET ™ approachAMULETs ™ provide an efficient, fast, reliable, and secure means for the digital asset to protect itself. AMULETs ™ assure the owner of a digital asset that even if a thief gains physical access to, or even possession of, that digital asset (or a copy of it), the thief can make no use whatsoever of the digital asset. This is the same approach used in the modern-day automobile. Taking off the table the consideration that a car can be taken to a chop shop and parted out even if it is otherwise useless to a thief (because AMULETs ™ don’t suffer that defect), otherwise when a thief steals a modern car it is of no value to him or her for its intended original purpose (getting from point A to point B) if he doesn’t have the ignition fob and door keys or code.
So it is with an AMULET ™-protected digital asset. An AMULET ™-protected digital asset is of no use whatsoever without its associated AMULETs ™, and since the AMULETs ™ can determine for themselves if they are being used by the proper person in the proper context, even having possession of the AMULET ™ does the thief no good.
In our conversation, I learned a lot about the appliance rental industry, and especially about this gentleman’s frustration with intelligent devices that didn’t support his needs as a businessman. In the process, it became clear that this was a perfect example of a problem AMULETs ™ could solve.
Samsung’s new appliances are smart devices that utilize a primitive form of Internet of Things (IoT), embedded with small but fully-capable Linux-based mini-computer (similar to the Raspberry PI device). The onboard computer could easily support AMULETs ™, and AMULETs ™ could easily support his needs.
It turns out the appliance rental business is a lot more complex than I thought it might be, and refrigerators exemplify some of the issues. They are big, heavy, easily subject to damage from being moved, and capable of hurting someone badly during a move (a tip-over, for example, could cause either or both problems). Moving one typically requires two men and a truck, gas, and hours of labor (counting travel). In addition, they act as containers for someone else’s stuff, stuff which could have value or at minimum significant replacement cost.
Moving an empty refrigerator into a renter’s home in anticipation of new rental profits is one thing, falling under the heading of the cost of doing business and factored into the rental price. Repossessing a refrigerator full of somebody’s food you must empty in a situation where you’ve already lost rental income due to a slow-paying customer is quite another – to return the refrigerator a few days later when the customer has finally come up with the late payment is a complete waste of time and resources, at very high risk.
And even if you wanted to and could remotely, you can’t go around just turning off a late-paying renter’s refrigerator – what if they have $500 worth of meat in it, certain medicines, or baby formula? Forgetting for a moment the liability incurred, do you really want to anger an already unhappy renter during the period between the time you shut off his refrigerator and the time you can collect it? Have you considered what the refrigerator you would ultimately collect might look like? Or where it might end up if the renter has the capacity to move it?
However, AMULETs ™ could detect and react when a refrigerator was being moved, modified, or subjected to unusual conditions (via any of the technologies described in the “War stories” introduction, or simply through an accelerometer or level reporting when the refrigerator was tipped onto a dolly for transport), when a payment was missed (via “phone-home” queries), or when an instruction was sent asynchronously by the rental company. In the case of unauthorized movement, AMULETs ™ on battery backup could report location information. In the case of missed payments, AMULETs ™ could react intelligently, by locking the freezer compartment (but leaving cooling functions on), turning the refrigerated section temperature up to the minimum cooling level, turning off “through-the-door” ice and water services, locking casters, shutting off all other intelligent features, and turning on periodic random visual and auditory alarms.
These are capabilities that can be tuned to ensure the highest possible late-payment-catchup rate, reduce unnecessary physical trips to the rental unit placement site, and reduce the occurrence of late-payment conditions in the first place, all of which lower risk and costs for the rental service yard
These are capabilities that can be tuned to ensure the highest possible late-payment-catchup rate, reduce unnecessary physical trips to the rental unit placement site, and reduce the occurrence of late-payment conditions in the first place, all of which lower risk and costs for the rental service yard.