Friday Squid Blogging: Giant Squid Bike Rack

It's the first on this page. Apparently this is the finished version of the design I blogged about last year.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on April 19, 2013 at 1:35 PM • 15 Comments

Comments

ChrisApril 19, 2013 2:25 PM

Bruce, it would be interesting to hear your thoughts on the Boston-wide lockdown -- whether you think it was a good idea and whether it continues to be one.

stukeApril 19, 2013 5:31 PM

Beyond cool!

This will surely keep bicycles from being stolen. They'll take the rack instead!

NobodyApril 19, 2013 6:27 PM

CISPA... WTH is it, what is wrong with it.

Is there anything good with it? If not, how did it get passed?

S. QuidityApril 19, 2013 7:12 PM

I was reading about squid having lower genetic diversity than a lot of other species.
Does that mean they are a potential vulnerability if DNA is utilised as a crypto function?
A la some kind of genetic quantum signature?

B McMahonApril 19, 2013 10:32 PM

In the White House media appearance this evening, POTUS used the phrase "refuse to be terrorized" for at least the second time this week. I think Bruce has himself a convert.

Erik BeckerApril 20, 2013 1:44 AM

I am looking for information about a cold-war cryptographic device that I was unable to find.
I hope, you can give me a hint.

It is a device to generate keys for use in a one-time-pad-like scheme. Technically, it consists of a container filled with dice (being labelled with letters instead of numbers) that is shaken to permutate them. Afterwards, the dice are pured into an attached tube to line them up.
The device is flat, maybe one inch (or a little more) high and transparent on the surface. Three or four of those containers and tubes are included in one device, giving it a look similar to this key http://upload.wikimedia.org/wikipedia/commons/... where the containers would be in the rounded parts of the handle.
If I remember correctly, such a device was called "violin" (or "geige" in german).

I am especially interested in the dice:
Does one dice bear only one or different characters?
In case of one character per dice, are there 26 dice for each character?
In case of several character per dice, is there a list?

Thanks in advance for any help!

Nick PApril 21, 2013 12:10 AM

New UAV camera system with around 20 sq miles of resolution and plenty tracking ability

http://www.youtube.com/watch?v=13BahrdkMU8

I do recall a past article (years ago) about the government wanting to use blimps for long-lasting, high altitude surveillance and communications relays. So, combine this surveillance system with the blimp idea and you get one heck of an addition to the surveillance state's toolbox.

People wanting privacy or dodging LEO's using such technique will have to apply counter traffic analysis techniques to vehicles and such. I think I said before on this blog many old tradecraft methods are the best. Technology following this path will almost force the use of such tradecraft, plus improved techniques, to maintain privacy or pseudo anonymity.

Nick PApril 21, 2013 11:08 AM

The Eternal Mainframe is an interesting article. It was a great read because Clive and I have been saying the same thing for over a year. Quite a few more people if you add the "reinventing the wheel" thing in there.

http://throwww.com/a/7bn

I recall Bruce predicting that computers become a utility and security a utility function. Turns out McCarthy predicted the same thing about computers.

The funny thing is I've spent the last week or two looking up mainframes and minicomputers. I've looked at their history, the current mainframe makers, the hardware, the OS's, the software ecosystem. I think the current mainframes are often way better at the utilization, reliability and consolidation goals than their "evolved" counterparts. The reason is that mainframes have been evolving too, adding features customers wanted. They've also been doing things like virtualization and RAS for decades longer.

So, it's hardly evolution: just two similar things competing. I also take issue with the author's conclusion about what going back to the mainframe means. I think we just need to change the goals:

Goal 1: Really inexpensive mainframe-like platform.

Goal 2: Diverse array of companies providing and managing computing resources

Goal 3: Separate (rather that integrate) sensitive stuff, generic stuff, software, storage, etc.

Goal 4: More tech that allows trustworthy use of untrusted components. (eg seemless encrypted data to/from cloud)

These could help us out. The first would let many more organizations have their own easy-to-manage, high uptime, computing service. That defeats many security, privacy and legal worries. The second supports that goal by putting the sea of data into many different hands who have competing interests or goals. That should reduce the risk of collusion or at least the risk of a single large company from exerting undue influence.

Three is already standard in cloud. Examples of three are services for specific functions: compute, storage, crypto, visualization. Decoupling our platforms and applications can allow even more of this in that the components can be deployed in different ways (or locales).

Four is in progress. The best examples of four are TPM- and cryptoprocessor-based designs that protect group A's information on group B's servers. If we keep getting more research done in that area, we can bring the capabilities up and the cost down. This makes it easier to use in these new cloud and mainframe deployments. This boosts our ability to maintain our freedoms in spite of the centralization trend.

So, there's still plenty we can do even though we're reinventing the mainframe. Whether we will remains to be seen.

Clive RobinsonApril 24, 2013 11:00 AM

OFF Topic :

Japanes FED go from bad to worse...

As some might remember the Japanese equivalent of the FBI got a load of egg all over their faces including extracting false confessions over bomb threats sent by malware on four otherwise innocent people.

The malware responsable was controled via TOR so the Jap-FEDs had a little think and have decided the best solution is for ISP's to block TOR.

http://www.theregister.co.uk/2013/04/22/...

Never mind that it won't work, it further portrays their compleat lack of understanding of how the Internet can be made to work.

However the harm such blocking measures can do can be easily seen. One reason other than lacking technical savy the Jap-FEDs might have decided this blocking was a good idea might possibly stem from the embarisment it's caused them. Apparently an insider used TOR to blow the whistle on certain reprahensable activities the Jap-FEDs had been upto.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..