Hello from Singapore! It’s exactly like everyone said, a modern and somewhat synthetic city that’s Western in its administration and Eastern in its culture. I like it, but it’s odd being in a new city (1819) without a long history. Then again the syncretic culture that’s here now is neat, the mix of Chinese, Malay, Indian, British, all fused into something uniquely Singapore. And so commercially ambitious.

Every Singapore person I asked for tourist advice said “go eat”, particularly at the famous hawker centers. They’re like food carts but with guaranteed hygiene and centralized convenience. There’s three we found nearby: Maxwell Center near Chinatown, Tekka Centre in Little India, and Lau Pa Sat in the center. I definitely enjoyed them but it’s a pretty grimy and simple experience, like going to your favorite taqueria in San Francisco. Buy a beer from one stall, some dumplings from another, maybe a paratha or some spicy noodles from others. Bring your own napkins.

Hawkers are great for tasty food for cheap. Singapore also has an amazing deep restaurant culture reflecting its international position. Various kinds of Chinese and Malay are the main foods you see here, but there’s also lots of Indian and of course Singapore specialities like chili crab. And then a vast international mix, like the warren of French wine bistros on Ann Siang Hill.

The other remarkable thing I’ve seen in Singapore is the Singapore City Gallery near Maxwell Food Center, part of the urban planning department. The permanent display of a scale model of the city is interesting (and free, and air conditioned). But even better was the temporary display of the Draft Master Plan 2013, Singapore’s ambitious plan to develop their island more, building new communities and spaces. Singapore is in a unique position as a wealth city-state and they’re taking their development planning seriously. Interesting to see.

  2013-12-28 03:19 Z

RSA Security (part of EMC) was one of America’s most respected security companies. Thanks to Edward Snowden, we now know the price of their reputation: $10 million. For that tiny sum RSA sold out their customers, deliberately installing a compromised random number generator in their core security library BSafe at NSA’s request. For $10M, a company’s reputation destroyed.

The nature of NSA’s sabotage is worth looking at in detail. We knew back in 2006 that Dual_EC_DRBG, a NIST standard crypto random number generator, was fishy. That algorithm has baked into it an arbitrary constant; two Microsoft researchers figured out that if an adversary had chosen that constant, then the numbers were predictable and any system built on it was insecure. Snowden’s leaks confirmed in Sep 2013 that this backdoor had been placed. And now in Dec 2013 we know the price: $10M. (Interestingly, one old-school cypherpunk knew the price back in September).

It’s worth noting that RSA’s complicity with NSA is not their only enormous security black eye. Back in 2010 their flagship SecurID two factor login system was also widely compromised, it’s assumed by the Chinese government trying to get military and commercial access to US and European interests.

Open source ends up looking good in all this mess. NSA has probably attacked other random number implementations. There was a weird push from Intel to get Linux to completely trust their undocumented hardware generator, something resisted by the Linux team (thankfully). And OpenSSL, the open alternative to RSA’s library, doesn’t use the compromised algorithm (although their code has had its problems).

I remain indignant that NSA is willfully going around deliberately sabotaging the security of core Internet components. Even if you believe it’s good for NSA themselves to be able to break all encryption, it is so dangerous to have back doors like this hiding in systems. NSA is actively undermining everyone’s security.

  2013-12-26 11:25 Z

Hello from Bali! Ken and I have been here most of a week and are having a marvelous time. The combination of tropical beauty, friendly people, and deep culture makes Bali amazing. We’ve been staying in lovely resort hotels which is great but I regret not getting more into the villages and towns and experiencing more regular life. It’s very hot and difficult to get around, so far we’ve been taking private cars from the hotel.

Our first few nights were in Jimbaran Bay, down south near the airport. Beautiful bay, clear and gentle and great sunsets. The Bali Intercontinental was great, particularly the extra amenities with Club access. I’d characterize it as the beach + resort part of Bali, lots of emphasis on swimming and massages and relaxing. We did get out a little, particularly to enjoy the Kecak Dance in Uluwatu and to go down the road for a nearby resort’s excellent Indonesian restaurant.

Now we’re in Ubud, the arts & crafts center. Balinese culture has such depth in music, dance, decorative arts, fine painting, there’s just a huge amount to explore and happily it’s all vibrant and available. Our first day here was spent being taken from shop to shop, large warehouse-style galleries of stone carving, paintings, jewelry, etc. It’s definitely touristy, tourist money helps sustain the economy. But it’s also deep and rich and with an authenticity of hundreds of years that some vulgar visitors can’t disrupt.

Yesterday was more of a high arts experience. Through an American friend we met Dewa Alit, a gamelan composer from a family of musicians. We visited him for a lesson in the very basics of gamelan with me clumsily trying to learn to play a few patterns. He’s an internationally known musician so I feel a bit guilty spending his time on something so rudimentary, but he was generous and patient and I got a huge amount out of it. Alit doesn’t do this kind of thing regularly; some enterprising Balinese could make a fine business teaching gamelan workshops for tourists. We also visited the Agung Rai museum of Balinese painting, with collections mostly from the 1940s to contemporary art. Fantastic stuff and I know nothing at all about this genre and would love to know more.

So much more to see, we didn’t even get into the religious culture and temple festivals. Missed the cockfighting, too. I’m hoping to get out into Ubud today and just walk around the shops at my own pace. but then it’s pouring rain and will be 95° and the Four Seasons Sayan is awfully comfortable. There’s so much to learn about Bali, I could easily spend a month here.

Update: last day was a drive to an art gallery, a horrible traffic jam drive through the forgettable tourist dross on Monkey Forest road in Ubud, and then an amazing visit to the home of artist Ketut Soki. We'd seen his work in shops but it seemed awfully expensive without knowing more; he's a master artist and the quality is visibly better than the cheap souvenir stuff. Our awesome driver Korta offered to take us to the artist's home to buy a painting direct from the artist without the 100% gallery markup. Really great experience and I can't wait to get this beautiful painting on my wall.

  2013-12-25 03:27 Z

AOL, Facebook, Google, LinkedIn, Microsoft, and Yahoo joined today to ask for Global Government Surveillance Reform. While asking nicely isn’t likely to accomplish anything on its own, the public statement does move the discussion forward.

The request is sincere. I personally know people at Google and Twitter who’ve shaped their policies and they have just as much of a liberty / freedom of speech / Internet nerd background as you could hope. And all of these companies have a commercial interest in limiting spying to protect their international businesses. For example, NSA spying on Gmail is a significant threat to Google’s business plans in Europe. They have a self-serving reason to want to stop NSA overreach.

My concern is they don’t have any real hope of succeeding in what they’re asking. This request strikes me as particularly naïve: “governments should limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of Internet communications.”. Bulk data mining is a hugely valuable intelligence asset, there’s no way NSA is just going to stop collecting everything they can just because we ask nicely.

I think the requests for oversight and transparency are more realistic. Since the Snowden documents started coming out I’ve wavered between being appalled by NSA’s contempt for the Constitution and impressed by their technical capabilities. I accept at some level the US government needs an agency that, say, is hoovering up everyone’s cell phone movements as a way to track bad guys. The problem is that it’s illegal for NSA to collect that data against US citizens. And the current workaround for the Fourth Amendment is a ridiculous system with no meaningful judicial or legislative oversight.

The current state of surveillance threatens democracy; it has to change. The good news is some of America’s most powerful corporate interests also want to fix it.

  2013-12-09 17:51 Z