francescomecca.eu/output/index-16.html
Francesco Mecca 6acba75cd5 wine article
2024-02-28 14:38:55 +01:00

461 lines
37 KiB
HTML

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width">
<title>Caught in the Net (old posts, page 16) | Caught in the Net</title>
<link rel="stylesheet" href="assets/blog/fonts/opensans.css">
<link href="assets/blog/css/normalize.css" rel="stylesheet" type="text/css">
<link href="assets/blog/css/cayman.css" rel="stylesheet" type="text/css">
<meta name="theme-color" content="#5670d4">
<meta name="generator" content="Nikola (getnikola.com)">
<link rel="alternate" type="application/rss+xml" title="RSS" hreflang="en" href="rss.xml">
<link rel="canonical" href="francescomecca.eu/index-16.html">
<link rel="prev" href="index-17.html" type="text/html">
<link rel="next" href="index-15.html" type="text/html">
</head>
<body>
<div id="container">
<section class="page-header"><h1 class="project-name">
Caught in the Net
</h1>
<h2 class="project-tagline">La rete ti cattura ma libera il pensiero</h2>
<a class="btn" href=".">Home</a>
<a class="btn" href="pages/about/">About me</a>
<a class="btn" href="pages/contattami/">Contact me</a>
<a class="btn" href="archiveall.html">Archive</a>
<a class="btn" href="rss.xml">RSS</a>
<a class="btn" href="http://francescomecca.eu/git/pesceWanda">Personal Git</a>
<a class="btn" href="https://github.com/FraMecca">Github</a>
<a class="btn" href="https://lezzo.org/git/public/Curriculum_vitae/raw/master/latex.dir/francesco_mecca_cv_eng.pdf">Curriculum</a>
</section><section class="main-content"><div class="posts">
<article class="post"><header><h1 class="post-title"><a href="blog/2016/11/11/machine-learning-parte2/" class="u-url">Capire il Machine Learning (parte 2)</a></h1>
</header><div>
<span class="post-date">11 November 2016</span>
</div>
<br><div class="e-content entry-content">
<p>Nel precedente <a href="pescewanda/2016/11/10/machine-learning-intro/">post</a> abbiamo preso in considerazione una rete neurale molto basica.
Proviamo ora ad approfondire il concetto aggiungendo una proprietà fondamentale, la memoria.</p>
<h3>Memoria e Stati</h3>
<p>La rete neurale che abbiamo modellato non ha alcun tipo di memoria. con gli stessi dati di input, l'output è (quasi certamente) lo stesso.
Possiamo ampliare il nostro modello introducendo il concetto di <em>stato</em>.</p>
<p>Poniamo il problema della vendita delle auto in questo modo:
immaginiamo di avere un algoritmo di machine learning che valuti le auto e faccia delle offerte di vendita che conseguentemente vengono valutate da delle persone e accettate oppure rifiutate.
Ogni volta che una proposta viene accettata la teniamo in memoria e nell'aggiustare i pesi per la seguente offerta, teniamo in considerazione la validità dei pesi usati in precedenza.
In altre parloe, in ogni operazione di valutazione dell'auto salviamo lo stato dell'offerta precedente (rifiutata o accettata) e la consideriamo quando vogliamo proporre l'offerta successiva.
Abbiamo in questo modo una <em>recurrent neural network</em> (RNN) dove ogni stato precedente viene utilizzato per modificare l'output dell'algoritmo.</p>
<h5>Generazione di testo attraverso le RNN</h5>
<p>Immaginiamo di voler creare un algoritmo che utilizzando una RNN possa generare del testo o prevedere quale sarà il prossimo carattere inserito (come nel caso del T9).</p>
<p>Inizialmente dobbiamo permettere alla RNN di analizzare almeno qualche sample del nostro testo.
La RNN analizza carattere dopo carattere e costruisce un grande grafo dove collega ogni carattere al suo successivo.
Inizialmente l'output della nostra RNN non ha alcun valore:
in questo esempio, abbiamo l'output di una RNN allenata attraverso Guerra e Pace:</p>
<div class="code"><pre class="code literal-block"><span class="n">tyntd</span><span class="o">-</span><span class="n">iafhatawiaoihrdemot</span><span class="w"> </span><span class="n">lytdws</span><span class="w"> </span><span class="n">e</span><span class="w"> </span><span class="p">,</span><span class="n">tfti</span><span class="p">,</span><span class="w"> </span><span class="n">astai</span><span class="w"> </span><span class="n">f</span><span class="w"> </span><span class="n">ogoh</span><span class="w"> </span><span class="n">eoase</span><span class="w"> </span><span class="n">rrranbyne</span><span class="w"> </span><span class="p">'</span><span class="n">nhthnee</span><span class="w"> </span><span class="n">e</span><span class="w"> </span>
<span class="n">plia</span><span class="w"> </span><span class="n">tklrgd</span><span class="w"> </span><span class="n">t</span><span class="w"> </span><span class="n">o</span><span class="w"> </span><span class="n">idoe</span><span class="w"> </span><span class="n">ns</span><span class="p">,</span><span class="n">smtt</span><span class="w"> </span><span class="n">h</span><span class="w"> </span><span class="n">ne</span><span class="w"> </span><span class="n">etie</span><span class="w"> </span><span class="n">h</span><span class="p">,</span><span class="n">hregtrs</span><span class="w"> </span><span class="n">nigtike</span><span class="p">,</span><span class="n">aoaenns</span><span class="w"> </span><span class="n">lngty</span>
</pre></div>
<p>L'output prodotto dalla RNN, benchè non abbia nessun valore per un umano, viene analizzato dalla RNN per arricchire il grafo costituito inizialmente dai caratteri (e le loro relazioni) di Guerra e Pace.
Questo procedimento continua all'infinito.
Ogni volta che la RNN produce dell'output lo salva e lo riutilizza come input in maniera ricorsiva per generare nuovo output.</p>
<p>Dopo 300 iterazioni abbiamo un output di questo tipo:</p>
<div class="code"><pre class="code literal-block">"Tmont thithey" fomesscerliund
Keushey. Thom here
sheulke, anmerenith ol sivh I lalterthend Bleipile shuwy fil on aseterlome
coaniogennc Phe lism thond hon at. MeiDimorotion in ther thize."
</pre></div>
<p>Dopo quasi mille:</p>
<div class="code"><pre class="code literal-block"><span class="nv">Aftair</span><span class="w"> </span><span class="nv">fall</span><span class="w"> </span><span class="nv">unsuch</span><span class="w"> </span><span class="nv">that</span><span class="w"> </span><span class="nv">the</span><span class="w"> </span><span class="nv">hall</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="nv">Prince</span><span class="w"> </span><span class="nv">Velzonski</span><span class="err">'s that me of</span>
<span class="err">her hearly, and behs to so arwage fiving were to it beloge, pavu say falling misfort </span>
<span class="err">how, and Gogition is so overelical and ofter.</span>
</pre></div>
<p>Duemila:</p>
<div class="code"><pre class="code literal-block"><span class="s2">"Why do what that day,"</span><span class="w"> </span><span class="nv">replied</span><span class="w"> </span><span class="nv">Natasha</span>,<span class="w"> </span><span class="nv">and</span><span class="w"> </span><span class="nv">wishing</span><span class="w"> </span><span class="nv">to</span><span class="w"> </span><span class="nv">himself</span><span class="w"> </span><span class="nv">the</span><span class="w"> </span><span class="nv">fact</span><span class="w"> </span><span class="nv">the</span>
<span class="nv">princess</span>,<span class="w"> </span><span class="nv">Princess</span><span class="w"> </span><span class="nv">Mary</span><span class="w"> </span><span class="nv">was</span><span class="w"> </span><span class="nv">easier</span>,<span class="w"> </span><span class="nv">fed</span><span class="w"> </span><span class="nv">in</span><span class="w"> </span><span class="nv">had</span><span class="w"> </span><span class="nv">oftened</span><span class="w"> </span><span class="nv">him</span>.
<span class="nv">Pierre</span><span class="w"> </span><span class="nv">aking</span><span class="w"> </span><span class="nv">his</span><span class="w"> </span><span class="nv">soul</span><span class="w"> </span><span class="nv">came</span><span class="w"> </span><span class="nv">to</span><span class="w"> </span><span class="nv">the</span><span class="w"> </span><span class="nv">packs</span><span class="w"> </span><span class="nv">and</span><span class="w"> </span><span class="nv">drove</span><span class="w"> </span><span class="nv">up</span><span class="w"> </span><span class="nv">his</span><span class="w"> </span><span class="nv">father</span><span class="o">-</span><span class="nv">in</span><span class="o">-</span><span class="nv">law</span><span class="w"> </span><span class="nv">women</span>.
</pre></div>
<p>Possiamo notare come l'output migliori visibilmente.</p>
<p>Nel prossimo post tratterò una variante di rete neurale utilizzata per classificare e riconoscere immagini.</p>
</div>
</article><br><hr>
<br><article class="post"><header><h1 class="post-title"><a href="blog/2016/11/10/machine-learning-intro/" class="u-url">Capire il Machine Learning (parte 1)</a></h1>
</header><div>
<span class="post-date">10 November 2016</span>
</div>
<br><div class="e-content entry-content">
<p>Questo è il primo di una serie di post che hanno l'obbiettivo di fornire una breve e generale introduzione al mondo del machine learning e delle intelligenze artificiali più in generale.
Mi auguro che questa breve introduzione al mondo dell'apprendimento automatico sia una sorta di vaccino contro il sensazionalismo mediatico e la disinformazione che negli ultimi anni fanno da contorno al progresso in questo settore.</p>
<h3>Non c'è risultato senza algoritmo</h3>
<p>Nelle scienze informatiche un algoritmo è un insieme di istruzioni che partendo da uno stato iniziale (input) permette di arrivare ad uno stato finale (output) attraverso una serie di step logici.
Ogni algoritmo utilizza una logica propria e specifica per il problema di cui si occupa.
Nel caso del machine learning l'algoritmo non viene progettato in base al tipo di problema bensì vengono utilizzati algoritmi generici adattabili attraverso dei parametri.
L'algoritmo di machine learning analizza i vari parametri e i dati che riceve "in pasto" al fine di raggiungere lo stato di output ottimale.
L'output ottimale è la migliore approssimazione di un risultato teorico che si raggiunge nella fase di "training".</p>
<h3>La macchina impara</h3>
<p>Nella fase di allenamento o di apprendimento, il "training", si possono adottare due tecniche differenti: apprendimento con supervisione ( <strong>supervised learning</strong> ) e apprendimento senza supervisione ( <strong>unsupervised learning</strong> ).</p>
<h5>Supervised Learning</h5>
<p>Immaginiamo di dover valutare il prezzo di un'automobile usata senza essere esperti in materia.
Noi abbiamo questi dati:</p>
<table>
<thead><tr>
<th>PREZZO ORIGINALE</th>
<th style="text-align: center;">Km percorsi</th>
<th style="text-align: center;">stato di usura</th>
<th style="text-align: right;">PREZZO FINALE</th>
</tr></thead>
<tbody>
<tr>
<td>50 000</td>
<td style="text-align: center;">120 000</td>
<td style="text-align: center;">lieve</td>
<td style="text-align: right;">40 000</td>
</tr>
<tr>
<td>30 000</td>
<td style="text-align: center;">150 000</td>
<td style="text-align: center;">notevole</td>
<td style="text-align: right;">8 000</td>
</tr>
<tr>
<td>20 000</td>
<td style="text-align: center;">80 000</td>
<td style="text-align: center;">lieve</td>
<td style="text-align: right;">15 000</td>
</tr>
<tr>
<td>20 000</td>
<td style="text-align: center;">120 000</td>
<td style="text-align: center;">notevole</td>
<td style="text-align: right;">...</td>
</tr>
</tbody>
</table>
<p>Dalla tabella possiamo dedurre la caratteristica fondamentale del <strong>supervised learning</strong>: abbiamo due vettori (serie di dati) di input (prezzo originale) e di output (prezzo finale) che hanno una correlazione certa e valida.</p>
<p>Possiamo dedurre intuitivamente quale sarà il prezzo dell'ultima auto se analizziamo i dati precedenti.
Questo è quello che succede nel caso del <strong>supervised learning</strong>.
Un algoritmo di machine learning che utilizza il <strong>supervised learning</strong> estrapolerà la relazione fra i vari dati e in questo modo potrà ottenere un determinato output partendo dai dati di input.
Possiamo capire già da ora che nel caso ci fossero dati che "inquinano" il nostro data set, come ad esempio il colore dell'auto, l'algoritmo non sarà capace di fare un'analisi corretta.</p>
<p>La precisione della soluzione dipende dalla quantità di dati e dall'influenza che questi hanno nella situazione reale.</p>
<h2>Unsupervised Learning</h2>
<p>Nel caso di unsupervised learning ci troviamo di fronte agli stessi dati ma senza la possibilità di conoscere il prezzo finale.</p>
<table>
<thead><tr>
<th>PREZZO ORIGINALE</th>
<th style="text-align: center;">Km percorsi</th>
<th style="text-align: right;">stato di usura</th>
</tr></thead>
<tbody>
<tr>
<td>50 000</td>
<td style="text-align: center;">120 000</td>
<td style="text-align: right;">lieve</td>
</tr>
<tr>
<td>30 000</td>
<td style="text-align: center;">150 000</td>
<td style="text-align: right;">notevole</td>
</tr>
<tr>
<td>20 000</td>
<td style="text-align: center;">80 000</td>
<td style="text-align: right;">lieve</td>
</tr>
<tr>
<td>20 000</td>
<td style="text-align: center;">120 000</td>
<td style="text-align: right;">notevole</td>
</tr>
</tbody>
</table>
<p>Non siamo capaci di stabilire il prezzo finale attraverso l'unsupervised learning, ma possiamo stabilire dei pattern fra i vari dati.
Non c'è nessun tipo di feedback (il prezzo finale) che possa aiutarci a capire se il risultato sia giusto ma possiamo analizzare le notevoli relazioni fra i dati.</p>
<h2>Machine Learning e intelligenza</h2>
<p>Concentriamoci sul <strong>supervised learning</strong>.
Nel caso della vendita dell'automobile, abbiamo un semplice problema con una soluzione lineare di questo tipo:
<em>prezzo finale</em> = <em>prezzo originale</em> + <em>km percorsi</em> + stato di usura</p>
<p>Ovviamente ogni incognita nella nostra equazione influisce diversamente sul prezzo finale e quindi possiamo riscriverla come:
<em>prezzo finale</em> = A <em><em>prezzo originale</em> + B </em><em>km percorsi</em> + C * stato di usura</p>
<p>Se pensiamo ad un algoritmo possiamo ragionare in questo modo:</p>
<div class="code"><pre class="code literal-block"><span class="n">funzione</span><span class="o">:</span><span class="w"> </span><span class="n">calcola_prezzo_auto</span><span class="o">:</span>
<span class="w"> </span><span class="n">parametri</span><span class="o">:</span><span class="w"> </span><span class="n">prezzo_originale</span><span class="o">,</span><span class="w"> </span><span class="n">km_percorsi</span><span class="o">,</span><span class="w"> </span><span class="n">stato_usura</span>
<span class="w"> </span><span class="n">variabili</span><span class="o">:</span><span class="w"> </span><span class="n">prezzo_finale</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span>
<span class="w"> </span><span class="n">prezzo</span><span class="w"> </span><span class="n">finale</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">prezzo_originale</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mf">0.804246</span>
<span class="w"> </span><span class="n">prezzo</span><span class="w"> </span><span class="n">finale</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">prezzo_finale</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">km_percorsi</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="o">-</span><span class="mf">0.000125</span>
<span class="w"> </span><span class="n">prezzo</span><span class="w"> </span><span class="n">finale</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">prezzo_finale</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">stato_usura</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="o">-</span><span class="mi">2500</span>
</pre></div>
<p>I valori di quelle costanti, stabilite casualmente nell'esempio, sono chiamate <em>pesi</em> e servono a stimare il prezzo finale.
Una volta stabiliti i pesi, il nostro algoritmo di supervised learning applica questi pesi ai dati originali e ne valuta l'errore:</p>
<table>
<thead><tr>
<th>PREZZO ORIGINALE</th>
<th style="text-align: center;">Km percorsi</th>
<th style="text-align: center;">stato di usura</th>
<th style="text-align: center;">PREZZO FINALE</th>
<th style="text-align: right;">PREZZO STIMATO</th>
</tr></thead>
<tbody>
<tr>
<td>50 000</td>
<td style="text-align: center;">120 000</td>
<td style="text-align: center;">lieve</td>
<td style="text-align: center;">40 000</td>
<td style="text-align: right;">374888</td>
</tr>
<tr>
<td>30 000</td>
<td style="text-align: center;">150 000</td>
<td style="text-align: center;">notevole</td>
<td style="text-align: center;">8 000</td>
<td style="text-align: right;">16000</td>
</tr>
<tr>
<td>20 000</td>
<td style="text-align: center;">80 000</td>
<td style="text-align: center;">lieve</td>
<td style="text-align: center;">15 000</td>
<td style="text-align: right;">13492</td>
</tr>
<tr>
<td>20 000</td>
<td style="text-align: center;">120 000</td>
<td style="text-align: center;">notevole</td>
<td style="text-align: center;">...</td>
<td style="text-align: right;">10988</td>
</tr>
</tbody>
</table>
<p>Una volta valutato l'errore e la distanza dal prezzo finale, l'algoritmo di machine learning modifica i pesi di conseguenza e ripete la procedura fino ad arrivare al risultato che più si avvicina ai dati iniziali.
<img alt="rete1" src="wp-content/uploads/2016/reteneurale1.jpg">
Ci sono varie funzioni che stimano l'errore e permettono di correggere i pesi o metodi che restringono lo spazio di ricerca fino a convergere alla soluzione, ovvero i pesi cercati.</p>
<h3>Reti Neurali</h3>
<p>Ora, come possiamo immaginare, il prezzo di un'auto ha molti fattori che si aggiungono a quelli elencati nell'esempio.
Non solo, ma molti problemi non hanno una soluzione lineare, ovvero una soluzione che si può semplicemente esprimere attraverso una funzione che aggiunge e moltiplica i valori una sola volta.</p>
<p>Possiamo arricchire l'esempio dell'automobile immaginando di avere più set di pesi e di ripetere il procedimento più volte:</p>
<div class="code"><pre class="code literal-block"><span class="c">|</span><span class="nb">---------------------------------------------------</span><span class="c">|</span>
<span class="c">| PREZZO_ORIG * peso A1 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| KM_PERCORSI * peso B1 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| STATO_USURA * peso C1 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| PREZZO FINALE STIMATO 1|</span>
<span class="c">|</span><span class="nb">---------------------------------------------------</span><span class="c">|</span>
<span class="c">| </span><span class="nb">--------------------------------------------------</span><span class="c">|</span>
<span class="c">| PREZZO_ORIG * peso A2 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| KM_PERCORSI * peso B2 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| STATO_USURA * peso C2 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| PREZZO FINALE STIMATO 2|</span>
<span class="c">|</span><span class="nb">---------------------------------------------------</span><span class="c">|</span>
<span class="c">| </span><span class="nb">--------------------------------------------------</span><span class="c">|</span>
<span class="c">| PREZZO_ORIG * peso A3 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| KM_PERCORSI * peso B3 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| STATO_USURA * peso C3 </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| PREZZO FINALE STIMATO 3|</span>
<span class="c">|</span><span class="nb">---------------------------------------------------</span><span class="c">|</span>
</pre></div>
<p>E ora immaginiamo di combinare ogni PREZZO FINALE STIMATO in un'ultimo risultato:</p>
<div class="code"><pre class="code literal-block"><span class="c">| </span><span class="nb">--------------------------------------------------</span><span class="c">|</span>
<span class="c">| PREZZO_1 * peso X </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| PREZZO_2 * peso Y </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| PREZZO_3 * peso Z </span><span class="nb">-----</span><span class="nv">&gt;</span><span class="c"> |</span>
<span class="c">| PREZZO FINALE DEF |</span>
<span class="c">|</span><span class="nb">---------------------------------------------------</span><span class="c">|</span>
</pre></div>
<p>Questa é, seppur molto basica, una rete neurale.
Proviamo a visualizzarla in un'immagine dove i box arancioni sono i nodi di input e i rossi sono i nodi "nascosti" e temporanei.</p>
<p><img alt="rete2" src="wp-content/uploads/2016/reteneurale2.jpg"></p>
<p>In una rete neurale (<em>neural networks</em>) abbiamo:</p>
<ul>
<li>
<p>i neuroni: la funzione di stima e i set di pesi;</p>
</li>
<li>
<p>le catene: i collegamenti fra neuroni che permettono di valutare il prezzo più volte.</p>
</li>
</ul>
<p>Nel prossimo <a href="pescewanda/2016/11/11/machine-learning-PARTE2">post</a> cercherò di approfondire il concetto di rete neurale con degli esempi di applicazioni concrete.</p>
</div>
</article><br><hr>
<br><article class="post"><header><h1 class="post-title"><a href="blog/2016/7/7/pres-berk/" class="u-url">A short talk about cryptography at the Berkman Klein Center</a></h1>
</header><div>
<span class="post-date">07 July 2016</span>
</div>
<br><div class="e-content entry-content">
<p>The 7th of July me and <a href="http://studentprivacy.ca">Aaron</a>, as interns at the <a href="http://cyber.law.harvard.edu">Berkman Klein for Internet and Society</a>, gave a presentation on the basics of cryptography and a quick overview on the essential tools.</p>
<p>What follows is a short summary of that presentation. The slides are available <a href="wp-content/uploads/2016/fwneas.pptx">here</a></p>
<h4>Whose Security?</h4>
<p>Let's define what security is. Security is the possibility to being set free from structural costraints, and as that we can distinguish various levels of security depending on who we are.</p>
<p>Also, if we want to investigate security we should also define our threats: security, as being set free, from intelligence surveillance can be our target. Our concerns as different if we consider instead security from censorship or corporation data mining.</p>
<p><img alt="uber god view" src="wp-content/uploads/2016/godmode.png"><img alt="facebook law enforcement form" src="wp-content/uploads/2016/fb.png"></p>
<p>What is shown above is the <a href="http://www.theverge.com/2016/1/6/10726004/uber-god-mode-settlement-fine">Uber God View</a>, a tool Uber used to track a Buzzfeed's journalist locations, and the Facebook standard form that is given to law enforcement when requested.</p>
<h4>Security is a state of mind</h4>
<p>Security is hard. It is really rare to reach a state of complete security and even in that case, it depends on our target.</p>
<p>What is important is to train ourselves to security. Security is a state of mind and there are no tools that automatically protect us without our active partecipation.</p>
<p>Let's explore that in details.</p>
<h4>The layers of security</h4>
<p>We can distinguish four layers of security:</p>
<ul>
<li>Device Security</li>
<li>Network Security</li>
<li>Message Security</li>
<li>Human Security</li>
</ul>
<h6>Device Security, where everything happens</h6>
<p>Device security is related to the "physical host".</p>
<p>If the computer we use is tampered, at the hardware level, or the phone is bugged, there is no way to escape using higher level tools.</p>
<p>In other words, it doesn't matter if we use a super secure password if our computer is registering all our keystrokes and send them to a third party.</p>
<p>Also, device security is useful if we consider that our device can fall into the hands of attackers that may be able to traceback all the activities.</p>
<p>Some precautions for this purpose:</p>
<ul>
<li>full disk encryption</li>
<li>minimal set of application installed</li>
<li>open source operating systems</li>
</ul>
<h6>Network Security</h6>
<p>The network is the infrastructures that our device is attached to. In most of the case, when we consider our computer is the internet (and the GSM network in case of mobile phones).</p>
<p>Network security is essential to evade censorship, behavioural tracking and identity theft.</p>
<p>Some tools that may help in this case:</p>
<ul>
<li>vpn</li>
<li>tor</li>
<li>p2p networks</li>
<li>mesh networks</li>
</ul>
<p>And for the web:</p>
<ul>
<li>opensource web browsers (such as firefox)</li>
<li>no google apps on android phones</li>
<li>https</li>
</ul>
<h6>Message Security</h6>
<p>Message security is the level of protection regarding the content that you want to send or receive.</p>
<p>Message security is essential if you want to avoid any third party snooping and the confidentiality of your messages.</p>
<p>The tools we can use in this context:</p>
<ul>
<li>OTR</li>
<li>opensource messaging protocols (XMPP, matrix)</li>
<li>Signal</li>
<li>PGP</li>
</ul>
<p>Also, always remember that encrypting the content of the message doesn't guarantee that your identity and the metadata are hidden.</p>
<h6>Human Security, the weakest link</h6>
<p>Everything comes down to the human level at a certain point.</p>
<p>This is way it is important to train ourselves in security.</p>
<p>If we consider <a href="https://en.wikipedia.org/wiki/Kevin_Mitnick">Kevin Mitnick's history</a>, or the recent <a href="http://thehackernews.com/2015/11/fbi-cia-director-hack.html">FBI deputy director hack</a> we see that social engineering plays a big role when we want to undermine the security of an individual of interest.</p>
<p>But security matters even if we are not target of interest.</p>
<p>For example let's consider our password. If we use the same password on every site and one cracker manages to gain access to just one of them, our whole activities online can be exposed and our identity stolen. <a href="http://www.nydailynews.com/news/national/mark-zuckerberg-twitter-account-hacked-password-dadada-article-1.2662351">This is relevant</a>. Myspace had its database breached and the password of Zuckerberg (even a simple one) was exposed. Given that he used the same password on twitter and other sites, his multiple accounts were compromised.</p>
<h4>What is TOR and how it works</h4>
<p>When you visit a website with your mobile phone or a browser on your computer lots of things go on under the hoods.</p>
<p>Your computer, as a client, makes what is called an <a href="https://en.wikipedia.org/wiki/Transmission_Control_Protocol#Connection_establishment">handshake</a> with the server.</p>
<p>After telling the server that the client is interested in its content, a series of packets containing data is exchanged.</p>
<p>That is the content of a connection. Inside this packets there are a multitude of information of two kinds:</p>
<ul>
<li>the web page or the content we are trying to visualize</li>
<li>information on the status of both the server and the client</li>
</ul>
<p>The informations contained in every packet can be analized to understand the "identity" of the client that is requesting the content on the server, first of all the IP that is a sort of web address that every computer on the net has.</p>
<p>Not only, during the transmission of this packets, various entity on the communication channel can analize the content and mine our data.</p>
<p><img alt="Cute infographic" src="wp-content/uploads/2016/tor-https-0.png"></p>
<p>TOR still uses this kind of routine to gather the content of a web page, but instead of connecting directly to the destination server it goes through a series of other servers called relay: instead of going directly from A to B, it goes from A to C to D to E to F to B.</p>
<p>If the web was a kindergarden Alice instead of telling directly her phrase to Bob, she would tell the word to a friend that in turn would tell the word to a friend and so on, until Bob heards the word, without knowing that Alice said that at the beginning.</p>
<p>At this point you should ask yourself: are the data more protected if it goes through a network of relays? It actually is given that every time you send a packet through the TOR network, it gets encrypted so that no one knows it's content.</p>
<p>To tell the truth, actually the relay (called exit node) that will send the packet to the destination server, knows the content of the packet but does not know the origin.</p>
<p>Ultimately a website can be entirely hosted on the TOR network, called the onion network, so that the packets never exit from the relays and the relay don't know the phisycal location of the server, so every entity on the network reach a perfect level of anonimacy.</p>
<h4>Who owns the relays?</h4>
<p>Actually every one can host and own a relay if they are willing to do so.
I personally host one right now and there are many others that share a little fraction of their network connection.</p>
<p><img alt="My little raspi is moving some packets right now" src="wp-content/uploads/2016/screenraspy.png"></p>
<p>Running a relay node is very easy and everybody should do so. Running an exit node instead is more troublesome and I don't suggest it if you are not a big entity that can handle some sorts of occasional trouble.</p>
<h4>Don't play the fool on the TOR network</h4>
<p>Of course TOR doesn't guarantee you perfect anonimacy. At the end it all comes to the human layer.</p>
<p>It's no use to surf the web through TOR if we then log in to our personal blog or our personal facebook page.</p>
<p>But there are other subtle factors that can be exploited by web companies to gather info and track their users.A</p>
<p>Such factors are:</p>
<ul>
<li>the size of the screen and the colors supported by it</li>
<li>the timezone</li>
<li>canvas and images that the server asks your computer to generate</li>
<li>information about your OS that are sent through packets</li>
<li>the fonts available on your system</li>
<li>touch support</li>
<li>cookies</li>
<li>ads and cross site requests</li>
</ul>
<p>In particular, most of these are exploitable using a web programming language, javascript, that lots of web pages uses to render content. TOR users should avoid the use of javascript.</p>
<h4>Public Private Key Encryption</h4>
<p>While TOR is recent technology, public key encryption is a concept way older.</p>
<p>What happens when we use public / private key encryption tools is conceptually similar to what happens with our physical correspondence.</p>
<p>A public key is similar to our mailbox.</p>
<p>Everyone that knows the location of a person's mailbox can write a message and put it inside but only the owner of that mailbox, using is own key can open the mailbox and read the various messages.</p>
<p>When we use PGP or GPG (an implementation of the public key encription concept) we generate a pair of key.</p>
<p>A public one that we should broadcast or at least share with our social circle, and a private key that must remain secret at any cost.</p>
<p>Everyone can encrypt every kind of digital content using our public key (that is just a really long string) and only the owner of the private key can proceed to decryption of the content.</p>
<p>This also means that we know who is gonna read the message if encrypted using this kind of technologies.</p>
<p>One easy tool for GPG encryption is <a href="https://www.gnupg.org/%28en%29/related_software/gpa/index.html">GPA</a></p>
<h4>Metadata</h4>
<p>What would you do if you were asked to put under surveillance one person?</p>
<p>For sure placing a bug with microphone and recording capabilities would be the best option.</p>
<p>But what if, instead of recording every thing the subject does, we just take a note of all his actions, without taking care of the content. For example, if the subject speaks to someone, we record the time, the place, the duration of the conversation and all the info of the person he is talking with.
What if, when the person walks into a mall, we record the time, the location, the shops he entered, the money he spent, the number of things bought, but not the things he bought, in detail.</p>
<p>You can see that you can have a fairly precise idea of the habits of the person under your surveillance.</p>
<p>Actually from metadata is easy to grab all kinds of personal information. Also, if a tiny portions of the information we have on the subject are more detailed (for example social network photos) we have a picture as clear as never.</p>
<p>This is not just one of the biggest concern that should pop into your mind when you are talking about nation wide mass surveillance, it is also the core of the business of corporations like Facebook and Google.</p>
<p>Whatsapp does not read the content of your messages but it stores every single bit of metadata that comes with it.</p>
<p>Metadatas are enought to build a complete profile of the users and they are even more dangerous in the hands of an evil state agency.</p>
<h4>Nothing to hide</h4>
<p>Even if we have nothing to hide, we have much to fear.</p>
<p>The "nothing to hide" argument is something that everyone of us in this room has heard, at least one time.</p>
<p>We should fear this sentence because it is the ultimate ammision of a big misunderstanding on the whole debate.</p>
<p>Privacy, first of all, is <strong>control</strong> over our data, not only the right to secrecy.</p>
<h6>Transparency should be for everyone</h6>
<p>There is a big incoherence when asking to your citizens to handle over their data. </p>
<p>Transparency should be a two way thing, while at the current state big three letter agencies, but high level people as well, cover their tracks and are not transparent on their reports. </p>
<p>This enhance a situation of big inequality between the people and the State.</p>
<p>Even worse, it is not the citizen by himself that can choose if he has something to hide, but the autority.</p>
<p>This may seem a little naive to say, but with Bruce words:</p>
<blockquote>
<p>If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.</p>
</blockquote>
<p>This is true even without considering social discrimination and mass media manipolation.</p>
<h6>The fundamental of society</h6>
<p>Every action can be seen as either legal or illegal. When we take a decision this is one of the first, implicit concern.</p>
<p>This is not true in a surveillance system: when you are doing something your concern is all about the possibility of raising suspicion.</p>
<p>An idea not an action is what is needed in such a dystopic condition to prove a citizen guilty.</p>
<h6>Sometimes two wrongs make a right</h6>
<p>In America we are now discussing weed legalization.</p>
<p>Do you think that such debate would have been possible if no one could had the possibility, even if against the law, to try that substance and show other citizen the real implications of their actions?</p>
<p>The same goes for gay marriages, that we are discussing in Italy. Challenging the law, breaking it if needed, is a way to improve the current system.</p>
<p>Inside the panopticon every <strong>potential</strong> criminal would be persecuted and this kind of advancement would not be possible.</p>
<h4>To hide is to care</h4>
<p>A simple truth is that we don't close the windows to cover up our crimes. </p>
<p>Our innermost experiences become in our intimacy, which is the most sacred place.</p>
</div>
</article><br><hr>
<br>
</div>
<div class="pagination">
<a href="index-17.html" rel="prev"></a>
<a class="pagination-item newer" href="index-17.html">Newer
</a><a class="pagination-item older" href="index-15.html">Older</a>
</div>
<footer class="site-footer" id="footer"><span> CC BY-SA 4.0 International.<br></span>
<span class="site-footer-credits"><a href="https://getnikola.com">Nikola</a>, <a href="https://github.com/jasonlong/cayman-theme">Cayman theme</a>.</span>
</footer></section>
</div>
</body>
</html>