RSA Badge Challenge

Funny thing happened as I was waiting in the lobby and contemplating my badge, I ran into Bruce Schneier.

He’s a very energetic and upbeat guy in person. We discussed the return fees and a couple ideas for how to debate/blog about the badge policy. I’m getting more and more pissed about the whole situation, while he seemed playful and curious.

I started to dismantle my badge to find the chip, but realized I might actually end up paying full registration fees for a little bit of useless knowledge. Perhaps that’s the difference between a real security identity, who is paid to attend and doesn’t even need an ID, and just some nobody conference attendee who had to pay money to get access, like me. I need to be careful.

The odd thing, as Bruce put it, is that RSA is able to transfer the liability entirely to the end user. I added how unfortunate it is that we just accept it as part of the deal, and that RSA doesn’t take the opporuntity to innovate/experiment with identity cards.

Well, more on this topic later.

I also mentioned I was surprised Monterey Bay restaurants were not in his guide to eating since they have the best fresh squid, to which he replied “Japan has the best squid”. Somehow I could actually see him start to defend that position (oh yeah, well let’s just hop in our jet and pop over to Japan for dinner to decide this right now, shall we?) so I dropped the subject.

RSA Registration

I had suggested earlier that the RSA conference badge could be some kind of token with an associated revocation and replacement fee (as opposed to being forced to pay a full conference rate for a lost/stolen badge). I just realized as I navigated the swarms of vendors that the badges do, in fact, have to be linked to the vendor acquisition systems. They seem to use a proximity-reader. So a reader with revocation capabilities not only would be a trivial addition to the entrance-way, but the expo floor is covered in the things. What gives? Imagine if a company tried to manage it’s authentication/authorization system by asking users who lose their badges to repay the entire value of assets they are meant to protect…

Anybody else here?

Lame Duck

“He was as lame as a duck. Not the metaphorical lame duck, either, but a real duck that was actually lame. Maybe from stepping on a land mine or something.”

“The little boat gently drifted across the pond exactly the way a bowling ball wouldn’t.”

— from Metaphors in High School Essays

China backs down on aid-for-oil in Sudan?

The Economist reports that as the crisis in western Sudan continues to worsen, the UN finally might actually be asked to engage.

SINCE the tragedy in Darfur, Sudan’s western region, began three years ago, at least 200,000 people — some say more than 300,000 — have died; another 2m, in a population of 6m, have been displaced, many of them fleeing across the border into Chad; […] Now, belatedly, the UN is likely, as a last resort, to send blue helmets to Darfur. The United States, which two years ago accused the Sudanese government of genocide, is driving the plan, and opposition to it is fading. The Sudanese government in Khartoum, which has armed and encouraged the mounted Arab militias, or janjaweed, responsible for most of the killing, has stopped denouncing the UN intervention idea out of hand. The AU, whose peacekeepers have proved sadly unable to stop the janjaweed’s campaign of rape, murder and pillage, has acknowledged that it needs the UN’s help. And even China, which had opposed any UN intervention for fear of annoying Sudan’s murderous government, from which it buys vast dollops of oil, is now unlikely to object.

Most of the oil companies have withdrawn from the Sudan already, while China has taken the opportunity to expand control of the oil companies and establish itself as the Sudan’s largest trading partner. And yet, as the article points out, the UN presence might actually be a NATO mission in conjunction with the African Union.

It’s not clear if this supports the Whitehouse strategy or is happening in spite of it, since Bush quietly lobbied to neuter the Darfur Peace and Accountability Act in Congress (apparently as the Sudanese government was seen as an ally in the war on terror).

China had claimed to be innocently perfoming aid-for-oil through “non-interference in domestic affairs”, but in reality they armed the Islamic government in Khartoum, undoubtedly leading directly to the genocide in Darfur through air/ground superiority. On the other hand they also provided a fair number of soldiers to the UN for other conflict areas in Africa. In any case, it is clear that the US again may be perceived to be weakening in influence as China’s participation was needed in order for the UN to be an effective force in the region.

One could almost argue that China took a page out of the Cold War playbook and knowingly destabilized the region in order to facilitate investment and then only just approved the use of NATO forces to secure access to resources in northern Africa, under the guise of humanitarian assistance…