Tag: new york times

The Future of Medicine: The HIV Prevention Pill

https://i0.wp.com/cdn3.vox-cdn.com/uploads/chorus_image/image/35164636/Andrew_Cuomo_2013__2_.0_standard_640.0.jpgEarlier this month, New York State governor Andrew Cuomo did something very meaningful and unexpected. In an effort to drastically cut the rate of new infections in the state, he announced that he was backing the development of Truvada – the controversial HIV prevention pill. The pill was officially endorsed by the CDC in May, but this is the first time that a high-level elected official has recommended its use.

Currently, about 3,000 new HIV infections are reported in New York state each year. Cuomo wants to reduce that to 750 by 2020, and to do so, he has introduced a three-pronged strategy. Parts one and two focus on more HIV tests and getting more people with HIV to see physicians. But the third part, which includes making Truvada readily available, has the potential to cause a stir since some believe that an HIV-prevention pill promotes lower rates of condom use.

truvada_0Luckily, a recent scientific study conducted by the University of California at San Fransisco found no link between use of the drug and condom use. More importantly, the drug has a proven track record when it comes to preventing HIV. Recent reports state that it cuts infection rates by more than 90 percent, and people who take the drug every day are 99 percent protected from the onset of infection.

Furthermore, despite its $13,000-a-year price tag, the drug is covered by most insurers. So, its continued obscurity appears to have more to do with marketing than anything else. In truth, many people who are at risk for HIV still aren’t aware of the drug’s existence. And despite the CDC’s recent backing, its manufacturer, Gilead, has yet to market the drug for HIV prevention, even though it is currently used as part of treatment regimens.

http://cbsnewyork.files.wordpress.com/2014/03/479278263_10.jpg?w=620&h=349&crop=1This is why Cuomo’s announcement, which took place during Pride Weekend, was so important. By backing the drug formally, and encouraging physicians to get the word out, he is helping to promote awareness and curb HIV infection rates. Naturally, there are those who think Cuomo’s announcement is part of a ploy to get votes from members of the LGBTQ community.

Given the recent decline in condom use among teens of all sexual orientations, this is certainly good news. While a drug like this does nothing to prevent the acquisition of other STIs – such as gonorrhea or chlamydia – it is important to remember that these diseases are treatable and non-fatal. Ultimately, having an HIV prevention drug available will ensure that there is a preventive measure in place that people are more likely to use.

HIV-budding-ColorBeside the Truvada endorsement, the state is also set to start enforcing a 2010 law that requires doctors to regularly offer HIV testing to patients between the ages of 13 and 65. And the state recently repealed a law that asked doctors and nurses to obtain written consent from patients before performing HIV tests, because the requirement acted as a barrier to testing.

As a recent article in The New York Times points out, the most notable aspect of the state’s rejuvenated approach to combating HIV is the combined economics of the strategies involved. None of these methods should lead to increased spending because they don’t include new medical breakthroughs. Instead, the state will probably end up saving money since every prevented HIV case saves about $400,000 in medical costs.

https://i0.wp.com/media.sacbee.com/static/weblogs/photos/images/2011/jun11/gay_pride_ny_sm/gay_pride_ny_09.jpgAnd this is just one of many HIV preventions that has been proven safe, effective, and ready to market. Between bee-venom nanoparticle treatments, vaccines, and even topical creams that have been proven to eliminate the virus, the coming decades are likely to see a severe drop in the number of deaths associated with the disease. And by mid century, who knows? The disease that became the plague of the 20th century may finally be history!

Source: theverge.com, nytimes.com

Crypto Wars: The Tech World vs. the NSA

cyber_securitySix years ago, something interesting took place at Microsoft’s Windows annual Crypto conference in Santa Barbara. In the course of the presentations, two members of the company’s security group (Dan Shumow and Niels Ferguson) gave a talk that dealt with internet security and the possibility that major systems could be hacked.

They called their presentation “On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng”. That’s a name few people outside of the techy community would recognize, as it refers to a pseudorandom number generating program that is used extensively in cryptography. And thought the presentation was only nine slides and a few minutes long, they managed to capture the attention of the crowd with some rather stark observations.

cyber_security1Basically, they laid out a case showing that the new encryption standard, given a stamp of approval by the U.S. government, possessed a glaring weakness that made one of the program’s algorithms susceptible to cracking. But the weakness they described wasn’t just an average vulnerability, it had the kind of properties one would want if one were intentionally inserting a backdoor to make the algorithm susceptible to cracking by design.

At the time, no one thought much of it. But today, that’s all changed, thanks to Edward Snowden. Apparently, cryptographers and journalists are seeing a connection between the talk given by Shumow and Ferguson and the classified NSA documents Snowden leaked. Apparently, some of that information confirms that the weakness in the Dual_EC_DRBG algorithm might be indeed a backdoor.

nsa_aerialEarlier this month, an article appeared in the New York Times that implied that the backdoor was intentionally put there by the NSA as part of a $250-million, decade-long covert operation by the agency to weaken and undermine the integrity of a number of encryption systems used by millions of people around the world.

Naturally, these allegations not only stoked the fires over the NSA’s long history of spying on databases, both domestic and foreign, it has also raised questions over the integrity of the rather byzantine process that produces security standards in the first place. The National Institute of Standards and Technology (NIST) approved Dual_EC_DRBG and the standard, is now facing criticism alongside the NSA.

nist_aerialbigAnd while NIST has since been forced to re-open the program to examination and public discussion, security and crypto firms around the world are scrambling to unravel just how deeply the suspect algorithm infiltrated their code, if at all. Some even went so far as to publicly denounce it, such as corporate giant RSA Security.

But of course, a number of crypto experts have noted that the Times hasn’t released the memos that purport to prove the existence of a backdoor. What’s more, the paper’s direct quotes from the classified documents don’t mention a backdoor or efforts by the NSA to weaken it or the standard, only the efforts of the agency to push the standard through NIST’s committees for approval.

nsasecurity_primary-100041064-largeOne such person is Jon Callas, the CTO of Silent Circle – a company that offers encrypted phone communication. Having attended the Crypto conference in 2007 and heard the presentation by Shumow, he believes that the real problem may lie in the fact that the algorithm was poorly made:

If [the NSA] spent $250 million weakening the standard and this is the best that they could do, then we have nothing to fear from them. Because this was really ham-fisted. When you put on your conspiratorial hat about what the NSA would be doing, you would expect something more devious, Machiavellian … and this thing is just laughably bad. This is Boris and Natasha sort of stuff.

Sources at Microsoft agree. In addition to the presenters – who never mention the NSA in their presentation and went out of their way to avoid accusing NIST of any wrongdoing – a manager who spoke with WIRED on condition of anonymity believes the reporters at the Times saw the classified documents dealing with the program, read about the 2007 talk, and assumed their was a connection.

cryptographyBut Paul Kocher, president and chief scientist of Cryptography Research, says that regardless of the lack of evidence in the Times story, he discounts the “bad cryptography” explanation for the weakness, in favor of the backdoor one:

Bad cryptography happens through laziness and ignorance. But in this case, a great deal of effort went into creating this and choosing a structure that happens to be amenable to attack.

Personally, I find it interesting that the NSA would be so committed to making sure a program passed inspection. Especially one that had a fatal flaw that, when exploited properly, could be used to give someone who knew about it access to encrypted information. But of course, it’s not like the NSA has been known to invade people’s privacy, right? RIGHT?

Clearly, all there is at this point is speculation. One thing is certain though. In the coming weeks and months, the NSA is going to be the recipient of even more flak over its monitoring and cryptographic activities. Whether this effects any change in policy remains to be seen, but I doubt anyone will be holding their breaths.

Sources: wired.com, nytimes.com

Drone Wars: New Promises, Same Problems

(U.S. Air Force photo/Staff Sgt. Brian Ferguson)(Released)The practice of using UAV’s as part of a targeted strategy in Pakistan, Afghanistan, Somalia and Yemen has become so frequent that its come to characterize the Obama administration’s handling of the “War on Terror”. Reaction to this policy has been increasingly critical, due in no small part to unanswered questions surrounding civilian death tolls and the rapid escalation of deployment. In response, the Obama administration announced this past week that the surge is at an end.

In a speech made to the National Defense University in Washington on Thursday, Obama emphasized that from now on, the use of UAV’s would be in the hand of the military instead of clandestine intelligence organizations such as the CIA. He also indicated that the rules for launching the strikes would be stricter. For instance, there must be a “near certainty” that no civilians will be killed, and the strikes are to become less frequent.

predator_profileWhile Obama would not declare an end to the war on terrorism, he did offer to work with Congress to constrain some of his own authorities for waging it, which may include the creation of a court modeled on the secretive one used by the NSA to oversea the surveillance of suspected foreign agents. He also expressed a preference to constrain “and ultimately repeal” the broad latitude of warmaking powers granted in the Authorization to Use Military Force (AUMF), an act that was created in 2001 by the Bush administration which is considered the wellspring of the “War on Terror”.

And above all, issues of legality are to take a backseat to the moral and ethical implications raised by ongoing use. Or as he put it: “To say a military tactic is legal, or even effective is not to say it is wise or moral in every instance.”

Naturally, a great many questions remain. In addition to how drones will be used in the years to come to combat terrorism and militants, there’s also questions surrounding their use thus far. Despite pledges made by Obama that changes will be made, the history of the program is still shrouded in mystery. Fittingly, Bloomberg Businessweek created a map to serve as a reminder of the scope of that program, calling it the first ever “comprehensive compilation of all known lethal U.S. drone attacks.”

drone_map

It should be noted though that the numbers represent an estimate which were compiled with the help of the nonprofit Bureau of Investigative Journalism. Sources in Washington apparently offer a wide range of numbers, and the State Department remains hush hush on the issue of casualties. However, the estimates presented in this infographic still present a stark and sobering picture:

  • Yemen: at least 552 killed between 2002 and 2013. The site of the first ever drone strike in 2002.
  • Pakistan: at least 2,561 killed between 2004 and 2013.
  • Somalia: at least 23 killed between 2011 and 2012.

drone_map1Naturally, it is hoped that Obama’s promise to curb the use of drones represents a renewed commitment to comply with international law, treaties and human rights. However, what was apparently missing from the speech was an indication about how easy it will be to get information about strikes that are made in the future. According to the New York Times’ Mark Mazzetti, who provided live analysis of the speech, Obama’s speech didn’t address the issue:

One of the big outstanding questions is just how transparent the Obama administration will be about drone strikes in the future. Will administration officials begin to publicly confirm strikes after they happen?

There was no mention of this in the speech, and it is telling that the president did not mention the C.I.A. at all. It seems quite certain that past operations in Pakistan, Yemen and elsewhere are not going to be declassified anytime soon.

Also, moving operations from the C.I.A. to the Pentagon does not automatically mean that the strikes will be publicly discussed. The Pentagon is carrying out a secret drone program in Yemen right now, and it is very difficult to get information about those operations.

So… promises to curb the use of drones have been made, as well as promises to create some kind of oversight for future operations. And this does seem consistent with many of the criticisms made about the ongoing war on terrorism, specifically the Bush administrations handling of it and how his reliance on special executive powers were unlawful and unconstitutional.

But until such time as information on how these strikes occur and who is being killed, the issue will remain a contentious and divisive one. So long as governments can wage war with automated or remote machinery and kill people without transparency and in secrecy, will this not constitute a form of illegal – or at the very least, a very opaque – warfare?

Sources: wired.com, fastcoexist.com, businessweek.com

The Hacking Continues…

hackers-1Cyberwarfare has been making it into the news quite a bit of late. From the international cyber-spying virus known as “Red October”, to China’s hacking of the New York Times and Bloomberg L.P., to intrusions into major software companies and social utilities, it seems no one is immune or unassailable in the digital age. What’s more, there are indications that it is nation states that may be leading the charge.

The latest victim in the ongoing war was Microsoft, which recently admitted that it too has been targeted by hackers. The announcement came in the midst of such tech giants as Apple, Facebook, and Twitter reporting security breaches linked to a software developer’s website, which would apparently infect programmers’ computers after they visited the site.

hacker_@In a statement posted by general manager Matt Thomlinson, Microsoft experienced intrusions of a similar nature. Though they did not specify who these hackers were, Mike Isaac at AllThingsD recently identified the website in question as iPhoneDevSDK, a site popular with mobile-app developers. In response, iPhoneDevSDK recently told users that it discovered that an administrative account on its site had been hacked, which allowed hackers to inject infectious code into its Web pages.

Once again, there are many who suspect that these attacks are linked to sources in China. In recent years, the Chinese government has been indicted in several attacks on American media chains as well major companies, as part of a wider campaign to steal trade secrets and monitor and manipulate how China is portrayed in the news.

As it stands, it is not yet clear whether this represents a part of that campaign, or if private hackers are simply using extra-covert means to conduct a little anti-corporate mischief on the side. Personally, I hope it’s the latter, as the idea of nations inciting cyberwarfare against each other is not exactly the most comforting notion! But then again, knowing that they are spying on each other kind of gives those of us who are afraid of “Big Brother” a bit of a reprieve doesn’t it?

Source: businessinsider.com

Cyberwarfare: Not Just for Anarchists Anymore!

Hack the Planet by von Shin Kurohoshi
Hack the Planet by von Shin Kurohoshi

For those deeply concerned about internet security and privacy, the year of 2013 certainly opened with a bang. First, there was the news that a cyberspy ring – apparently operating out of Russia – had been spying on embassies, governments and research institutions around the world for the past five years using a virus dubbed “Red October”. This was back in January, when the Moscow-based antivirus firm known as Kaspersky Lab announced the discovery of the international intrigue.

Then, on Jan. 30th, the New York Times announced that they too have been the target of hackers, this time from China. In a statement released by the newspaper, the company claimed that Chinese hackers have been persistently attacking their publication for the last four months, infiltrating its computer systems and getting passwords for its reporters and other employees.

Jin_jiaboaThe timing of the attacks coincided with a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings. The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them.

With the help of  Mandiant, the internet security company hired by The Times, they were able track the intruders, study their movements and help erect better defenses to block them. In the end, The Times reported that they had successfully expelled the attackers and kept them from breaking back in. However, the fact these hackers were able to infiltrate the network of a private news organization in the first place was much cause for worry.

Cyber-WarFor one, this is not the first time that hackers, originating in China, have used these sort of subterfuge tactics to hack US databases. According to experts at Mandiant, their company has tracked many such intrusions back to the Chinese mainland, all of which used the same approach of cloaking their efforts using US servers. In addition, this incident, which smacked of state-involvement, did not occurr in a vacuum.

Back in 2008, internet security experts indicated that Chinese hackers had begun targeting Western journalists as part of a wider campaign to identify and intimidate their sources and contacts, and to anticipate stories that might damage the reputations of Chinese leaders. The purpose behind this far-reaching and growing spy campaign aimed at corporations, government agencies, activist groups and media organizations inside the US seemed to be for the purpose of controlling China’s public image, domestically and abroad, as well as stealing trade secrets.

cyber-war-1024x843But of course, China is hardly alone in these sorts of covert cyber-warfare. As already mentioned, Russia has already shown signs of developing cyber weapons to assist in spying abroad, and there’s mounting evidence that Israel, Iran and the US are on board too. Starting in 2008, Iran’s main nuclear enrichment plant was hit by a sophisticated computer worm that caused damage to it, thus putting a crink in their efforts to become a nuclear power.

While no one took responsibility for this incident, the evidence seemed to indicate that the worm originated from sources within Israel and the US. Attacks which took place later on American banks and oil companies within the US were believed to have been caused by Iran, in retaliation for the worm that hurt their main source of enriched uranium and a key component in their nuclear program.

anonymous_flagFor some time now, hacking federal databases has become something of a sport for various groups and causes who are seeking to reveal government secrets and expose their inner workings to public scrutiny. The “Hacktivist” group known as Anonymous is a perfect example, a group closely linked to Assange (of Wikileaks) who’s most recent infiltration of the Federal Reserve Bank made the news earlier this month as well.

But as I’m sure all will agree, it’s one thing when private citizen attack domestic and foreign databases, and quite another when nations attack each others. While cyber criminals may constitute a vague and slippery enemy, one which is much harder to identify and prosecute, nation-states constitute a far more frightening one. Not only are their resources far more vast, the consequences of battling them are far greater.

Knowing who your enemy is, and that they have nuclear capabilities and the ability to strike at you physically… Yes, I think that’s a much scarier prospect! While the old ways of plausible deniability and covert action may apply, no one likes the idea of subtle attacks which could escalate into a full-scale conflict. Even if it is waged entirely by computer, the effects are still likely to be felt!

Source: NYTimes.com, money.cnn.com