Grinding Grains, Then and Now

In many science and heritage museums, especially when there is a focus on archaeology or how our ancestors lived, there is the possibility to grind your own grain. You have two stones, throw some grains in it, and grind away by moving one of the stones back and forth. A lot of people, especially kids, tire of it quickly, and go on to the next exhibit.

But I wanted to try this a bit more in depth. So this weekend I looked around for some stones, threw in some grains and started grinding away. The kids soon joined. Our conclusion was that it takes really a long time to get flour. Even considering that we were inexperienced and spilled some flour during the process, it took us still about half an hour to get the amount shown on the picture below. My daughter was especially keen on this archaeology experiment (she did most of the work).

/ read more…


Don’t Worry, You Can Still Give Your Rat that New Phone for its Birthday

Don't do this to your phone!

Don’t do this to your phone!

By now, most people have read something from one or both sides of the story regarding new preliminary data published about cell phones and cancer, which Mother Jones referred to as “game changing.” As I would expect, David Gorski wrote a great summary at Science-Based Medicine. He includes links to several stories, and runs through some of the science. I’m going to highlight and concur with a couple of his points, and take issues with one or two others.

What is being reported is that the electromagnetic radiation (which I will abbreviate going forward as EMF or RF) from cell phones can increase the incidence of cancer. This initial reporting comes from the preliminary publication of a large study being done with rats and various doses of frequencies associated with the two frequency bands most commonly used in cellular signals. It is important to note this is preliminary data, that has had some internal review, but no peer review as it has not been formally submitted for publication in a journal. It is not out of the ordinary to do this, but it is important not to draw firm conclusions without having all of the details. But many media outlets ran with the fear anyway.

/ read more…

Turmeric: What is it Good For?

The supplement industry historically is a conga-line of promoters selling unproven or disproven health products. Supplement claims are crank whack-a-mole for the most part—knock one down and another comes up. It is an industry that markets with a constant drone of miracle cures that fail to deliver the miracle. Turmeric is a newly popular herbal supplement. I see patients using it in ever-increasing numbers. Most of my patients are taking turmeric as an osteoarthritis remedy, but that is just the tip of the iceberg. Historically there have been rare exceptions to the failure of herbal supplements; let’s take a look at turmeric and see if it’s good for something other than a tasty dinner.

/ read more…


Clinton’s Campaign Promise and Carter’s Barium Cloud

Barium cloud from launch (via NASA)

Barium cloud from launch (via NASA)

So apparently Hillary Clinton is something of a UFO buff. In recent interviews, the Democratic hopeful has been vowing to publicly release secret government files on Area 51 and other UFO phenomenon, so long as there was anything substantive to release and that releasing the information wouldn’t threaten national security. She made the promise most recently on Jimmy Kimmel Live!

While I’m sure such claims send at least a little flutter of hope through the hearts of UFO believers everywhere, it’s worth noting that even if she’s sincere, she isn’t the first president to make such a promise. Way back in 1976, then-candidate Jimmy Carter made a similar promise: to “make every piece of information this country has about UFO sightings available to the public and the scientists.” Nothing much came of Carter’s campaign promise concerning UFOs, though whether this was because there was nothing to release or because the Syndicate successfully suppressed his efforts to do so remains an unanswered question. / read more…


Better to Call Saul a Skeptic

From left: Better Call Saul creators Vince Gilligan and Peter Gould, and actors Bob Odenkirk and Michael McKean at The Paley Centre For Media's 33rd Annual Paleyfest in Los Angeles. Photograph by AFP.

From left: Better Call Saul creators Vince Gilligan and Peter Gould, and actors Bob Odenkirk and Michael McKean at The Paley Centre For Media’s 33rd Annual Paleyfest in Los Angeles. Photograph by AFP.

As a kind of echo to Brian Dunning’s recent episode about skepticism and commercial entertainment on the Skeptoid Podcast, I offer this as an example of an interesting use of skepticism on a popular TV show. (Just FYI: I’m going to try not to spoil anything, but I’m not going to make any promises.) I’m not a diehard fan of Vince Gilligan and his shows. I watched all of his beloved series Breaking Bad, and I enjoyed it. I never thought, though, that it was as good a show as many other people seemed to. Nonetheless, seeing a science-minded (anti-)hero onscreen was great. I haven’t checked the actual scientific accuracy of that show, but I’m sure someone has and found it wanting. (Falk Harnisch and Tunga Salthammer at the chemistry education hub seem to have done this work, and their critique appears pretty predictable, if less cinematic than the flaws.)

I’m now watching Gilligan’s spin-off/prequel, Better Call Saul, which stars Bob Odenkirk (who I am a big fan of), and which was co-created by Peter Gould. Gould and Gilligan give pretty good credit to skepticism and scientific thinking, if only in a secondary, though important, plot. Jimmy McGill (the series protagonist, played by Odenkirk), has a brother, Chuck (Michael McKean), who claims to suffer from electromagnetic sensitivity. Light and electronic devices seem to cause him enormous distress. His family members, neighbors, and coworkers make taxing accommodations for him, though they are evidently doubtful of his purported condition. They care about him and are sensitive to his suffering.

/ read more…

Never Throw Anything Away: The Wealth of Science Archives

Our sciences are advancing at a rapid pace. New technologies emerge that help scientists dig deeper into the fundamental particles or peer farther away into our Universe. So I was quite happy when the following news item appeared. It combines two of my passions: history and astronomy, and it shows that there are some things you should never throw out. (Please tell my wife!)

/ read more…

The Laboratory Fallacy

Medical treatment is based on data. Clinical data, statistical data and laboratory data are the main points of interest, though laboratory data is a kind of scientific anomaly in medicine. Although controlled laboratory conditions are the most rigorous kind of scientific data, they’re the least useful type of data for clinical practice—the obvious reason being that there are strict ethical restrictions for human experimentation in the lab. Nonetheless, petri dishes are poor substitutes for clinical data. Laboratory data can be very convincing to the lay public when evaluating a medical treatment or woo-filled nutrition claims. Looking at most nutritional and “complementary and alternative medicine” (CAM) research one finds predominantly laboratory data and poor-quality correlational studies, meaning that claims for CAM and nutrition science are typically overly dependent on the weakest possible medical evidence.

Mel Hopgood working with apparatus for metabolic rate reactions. CSIRO Division of Animal Nutrition. (no date) Via Wikimedia

/ read more…

How “May” and “Could” Improve Science Reporting

When reviewing a couple of my past articles, I noticed a trend: in several cases I have lambasted media that reports wrongly or without nuance on science. My recent post about “poop pills” covers a story that’s probably a magnet for less-accurate reporting, given the subject. And when websites need to sell an archaeological discovery of a buried mule, they probably need some exaggeration to attract attention. The most flagrant was the one about the “discovery” of the so-called ninth planet. It was actually only a calculation of a possible planet (a good calculation presumably), but no planet was actually observed.

It is my opinion that such shoddy reporting, even though it may attract attention, is in the end detrimental to science: people risk getting disillusioned when they finally realize nothing was discovered or that the actual discovery was interesting but overblown. This disillusion might lead to disinterest or distrust of science – even though it probably isn’t even the fault of the scientist, but of the reporter! / read more…


Are you frustrated that TAM & the JREF are no more, and the skeptical community has disintegrated?

40 years of podcasts.

40 years of podcasts.

Are you bummed and disappointed that our favorite annual reunion The Amaz!ng Meeting is no more? That James Randi’s JREF has ceased operations? That the community of like-minded enthusiasts of skeptical thinking — once called “organized skepticism” — seems to have exploded into feuding factions of atheists, social justice warriors, and rage bloggers?

You’re not alone. I hear it a lot. I hear it in casual emails from listeners, and I hear it from my long-time friends and colleagues with whom I spent many happy hours in the Del Mar lounge at the South Point. While I don’t deny that TAM will be sorely missed, these changes have all happened for the right reasons, and in that sense, constitute something that we all still share. / read more…


Apple v. FBI: A Risk-based Discussion

Any opinion here, which I have tried to minimize, is just my own and not that of the National Center for Supercomputing Applications or the University of Illinois where I work. I am merely trying to bring the perspective of a security professional and CISO who thinks in terms of risks and not absolutes to the discussion, which has to date been filled with superlatives. While some components of the debate are truly binary, the debate as a whole is not.

This is NOT about:
  • Privacy or mass surveillance. We give up a lot more privacy just by virtue of having a smart phone. And this case, at least in the short term, is about targeted interventions that would require Apple’s assistance on a case-by-case basis.
  • Backdoors. A general backdoor capability is not being requested by the FBI. You can tie a software update to a device ID and by digitally signing the software, you make it something the FBI and others cannot tamper with before loading. Apple is not being asked to give up their private signing key, at least yet.
  • Going dark. This is not about “going dark” as the intelligence and law enforcement agencies have been saying. Police didn’t even have this treasure trove of data a decade ago to “lose”. And as many have pointed out, we are in a golden age of surveillance.
  • Terrorists and pedophiles running amok. People have always taken secrets to the grave. People have always been able to destroy evidence, burn records, etc. This is not new, and this is not a binary question of having or not having evidence anymore.
  • Unhackable black boxes. Information security has never been harder. There are always vulnerabilities, especially to targeted attacks. If the target is still alive, you can trick them into downloading malware, monitor their keystrokes with tempest technologies, or even tamper with the device while it is out of their control. Even in this specific case it seems there are likely other approaches to attack the hardware.
  • Full device encryption. Full disk encryption has been available for two decades, and it has been built into major operating systems for at least a decade. If I am dead and my laptop is off, good luck getting that data. Even backup solutions support strong encryption now.
What’s Changed?

Now it would be disingenuous to say nothing has changed at all for either tech companies or law enforcement (LE). The first change is that LE’s free ride may be over. Phones are becoming more like laptops with high-grade security for data at rest. When smart phones first came out there was a period of having all the data sources of a typical PC, without any way to really protect it like a computer. No doubt it would be frustrating to lose that.

Second, high-grade security is on by default. This still isn’t true of your laptop, even though it is trivial to turn on. Recent changes by Apple have made this so on their mobile platforms, and this is very good for the many people who lose their devices each year. However, it is sure to be a frustration to LE as much as it is to criminals.

Third, in a post-Snowden era US tech companies are less trusted internationally and the citizens of the U.S. trust their own government less. This threatens our tech companies’ business and a key sector of the U.S. economy, and so they are responding to this threat. Devices that manufacturers cannot attack themselves make them more attractive, especially in international markets.

The Real Trade-offs

There are lots of angles to discuss in this whole saga: legal implications, motives, politics, economics, etc. I would like to focus on what the real risks are and actual trade-offs. We can’t make informed decisions without understanding these, and understanding these trade-offs may offer a compromise that mitigates some of the risks.

Evidence is lost. There is no doubt that strong encryption will have an impact on investigations, particularly for the deceased. We have seen this happen with laptops and computers used by criminals for at least two decades. However, we should be reassured that this doesn’t seem to be a dead end too often. A good reason why is that we are also in the golden age of surveillance. We have more devices, more accounts, more network traffic than ever to analyze for relationships. Our digital footprint is nearly impossible to stomp-out, even for the security professional, and it isn’t getting easier. We need to get away from the worst case scenario of the terrorist or pedophile that might go free. That just pushes this conversation into hyperbole.

We create poor, reactionary legislation. President Obama is quite correct to cast this as a risk to the tech industry. Pushing back as Apple has could force legislative answers, and these could easily make things worse and not better. The history is not good here.

A backfire effect. By pushing Apple so hard in this case, the FBI is incentivizing them to create even more secure phones. It would not be hard to make their security enclave wipe its keys before allowing a firmware update. And if Apple does this, it is likely that competitors will do likewise to compete on security features. This could instigate a stronger ecosystem of phone security, much to the chagrin of LE. It could be argued that we got to this point as a reaction to the actions of the U.S. intelligence agencies and LE. Now Congress could potentially address this in legislation, but even then they cannot control international manufacturers.

All writs slippery slope. We don’t really know where this ends if tech companies can be compelled to trojan their own software or devices. Will they have to do it in secret? How pervasive would that be? Would they be forced to do such updates over-the-air and remotely? Citizens have a reason to be concerned in a post-patriot Act, post-Snowden era with national security letters and extended executive powers. It’s conceivable that legislation could address some of these concerns, but again that path may not turn out well for either side of this debate.

Human rights violations abroad. If tech companies have to do this for the US government, what other governments will they have to do this for? It becomes much harder for them not to provide such a service to a repressive regime when our own government demands such a service. The only viable solution may be to have devices that the manufacturer cannot crack themselves. It is hard to imagine turning over such requests to an international tribunal to decide when Apple must help unlock a phone.

Attacks get more expensive for law enforcement. If tech companies do not have to support these sorts of requests or move to a more secure solution that prevents their help, this makes low-level attacks on the baseband or hardware the only viable method to recover data. These aren’t full-proof, and they are much more time consuming. So even if we don’t end up losing access to evidence, it certainly becomes more expensive to get at.

Economic damage. We are a digital economy, and much of our innovation is in our tech companies. If we force them to weaken their security while at the same time the U.S. intelligence agencies and LE are widely mistrusted, we incentivize people to use products of companies from other nations. We can’t stop the development of devices abroad, and it is unlikely that we can stop the sale of them here. Even if we can stop sales, we can’t stop software and mathematics. It would be harder for criminals and terrorists to secure their phones, but the algorithms are all out there and a black market is likely to fill the need for the expertise. Just look at how the black market of cybercrime has commoditized almost ever part of the pipeline. We would have better luck taking guns away from “bad guys” than crypto.

The Road Ahead

Is there any compromise here? Security certainly isn’t binary, and we aren’t talking about losing all access to evidence. In fact, we are talking about losing it in only a subset of circumstances. We are most likely talking about making evidence more expensive to get at. The question remains whether we can avoid some loss of evidence without hurting our own economy and human rights abroad. It’s unclear whether that is the case, and it is quite possible that we could make the situation worse for all parties involved. There may be legislative solutions that can protect our companies from having to handle such requests for repressive regimes that is also transparent enough that people can trust the U.S. not to go down a slippery slope. But trust has to be built over time. So I am skeptical of a quick solution here. At the heart though, this is not a technical problem, but a social one. If the US government can compel manufacturers to attack their own products, regardless of the technology involved, where does that authority stop? That’s the decision before us, and there are risks associated with every answer.