Alec Muffett

2024-11-23 04:23:22

2024-11-21 02:13:56

Or at least, this is how I am reading “privilege”:

…any company afforded the privilege of access to the UK’s vibrant technology and skills ecosystem must also accept their responsibility to keep people safe on their platforms and foster a safer online world

https://www.gov.uk/government/publications/draft-statement-of-strategic-priorities-for-online-safety/draft-statement-of-strategic-priorities-for-online-safety

2024-11-20 08:43:10

Something new to try!

https://blog.freecad.org/2024/11/19/freecad-version-1-0-released/

2024-11-20 07:24:43

I got ChatGPT to role-play what Michel Foucault would say if tasked to present a threat model for an internet-connected enterprise firewall.

There is a legit reason for this, I swear.

Also: Perhaps I could get a job teaching CS at the LSE?

Slide 1: Title – “Introduction to the Firewall”

Bullet Points:

• “A ‘firewall’—so named for its metaphorical invocation of a barrier—is not merely a technical apparatus but an enactment of boundary-making. It separates the ‘inside’ from the ‘outside,’ privileging one space while marginalizing the other.”
• “While ostensibly ‘protective,’ the firewall is a site of power relations, determining which flows of information are deemed legitimate and which are excluded as ‘threats.'”
• Image: A clip-art firewall with the label “Gatekeeper or Oppressor?”

Speaker Notes:
“The corporate firewall’s role is neither neutral nor passive. It does not merely ‘exist’ to block malware—it actively produces the outside as dangerous and the inside as pure. Who defines this? Whose interests are served?”

Slide 2: Title – “Threat Models as Power/Knowledge”

Bullet Points:

• “The ‘threat model’ ostensibly guides the firewall’s configuration, but this is a regime of truth reflecting the priorities of the system’s architects.”
• “Examples of prioritized threats:
  • External hackers (scapegoating the ‘other’).
  • Malicious code (a discourse of infection).
  • Unauthorized users (a Foucauldian criminalization of curiosity).”
• “But note the exclusions: insider threats, systemic failures, and the user’s own complicity in reproducing insecurity are often discursively erased.“

Speaker Notes:
“The firewall is thus not an objective measure of ‘security’ but a mechanism of epistemological violence, erasing alternative models of what could be considered safe, collaborative, or open.”

Slide 3: Title – “Firewall Policies and Governance”

Bullet Points:

• “Permit/Deny Rules: These binaries exemplify a digital biopolitics, in which flows of data are subjected to constant surveillance and categorization.”
• “Packet Inspection: A form of digital discipline, reminiscent of Bentham’s panopticon, wherein every communication is subject to the watchful gaze of protocols designed to detect deviance.”
• “Default Deny: Not a mere security measure, but an act of pre-emptive exclusion—a declaration of guilt until innocence can be algorithmically proven.”

Speaker Notes:
“Do these governance models serve ‘security,’ or do they function to perpetuate asymmetries of power between the corporation and the data it surveils? By what right does the firewall scrutinize the packet, and at whose expense?”

Slide 4: Title – “The Firewall’s Duality”

Bullet Points:

• “The firewall embodies both the sovereign power of exclusion and the disciplinary power of normalization.“
• “As a sovereign, it decrees what is permissible:
  • No unauthorized logins.
  • No unencrypted traffic.
  • No access from the ‘Global South IP ranges’ (geo-blocking as digital colonialism?).”
• “As a disciplinarian, it inspects and reforms:
  • Rewriting headers (policing identity).
  • Flagging anomalies (the construction of deviance).”

Speaker Notes:
“Here, the firewall is not merely a tool—it is an actor within a neoliberal technocratic order, enforcing compliance with a constructed vision of ‘secure communication’ while erasing alternate possibilities for networked interaction.”

Slide 5: Title – “Conclusion: The Firewall as a Site of Contestation”

Bullet Points:

• “The firewall does not simply block threats; it produces and reproduces the category of ‘threat’ within the corporate discourse of risk management.”
• “It reinforces a regime of visibility—where the act of observing creates the very conditions of danger it purports to neutralize.”
• “In resisting this, we must ask: Who benefits from this architecture of digital exclusion? What alternatives exist to this form of boundary-making?”

Speaker Notes:
“Let us not merely audit the firewall for misconfigurations, but interrogate its very existence. What does the firewall secure? For whom, and against whom? The answers lie not in the system logs, but in the broader structures of control that it embodies.”

Final Slide:
Title: “Questions? Or Are Questions Already Precluded by the System?”
(Contact: [email protected])

2024-11-20 03:52:19

…with the intention of getting the world to rapidly, even panickedly migrate from burned backdoors towards new, largely untested-in-battle algorithms that we’d be in a far better position to game than anyone else.

Meanwhile, elsewhere in news: NIST to deprecate Elliptic Curve by 2035: https://nvlpubs.nist.gov/nistpubs/ir/2024/NIST.IR.8547.ipd.pdf

“Me? Trust NIST? Oh for some things, certainly…”