Comments
stuke • April 19, 2013 5:31 PM
Beyond cool!
This will surely keep bicycles from being stolen. They’ll take the rack instead!
Nobody • April 19, 2013 6:27 PM
CISPA… WTH is it, what is wrong with it.
Is there anything good with it? If not, how did it get passed?
S. Quidity • April 19, 2013 7:12 PM
I was reading about squid having lower genetic diversity than a lot of other species.
Does that mean they are a potential vulnerability if DNA is utilised as a crypto function?
A la some kind of genetic quantum signature?
Nooone • April 19, 2013 9:00 PM
@Chris: The police turned the bombing into a DoS attack against the city.
B McMahon • April 19, 2013 10:32 PM
In the White House media appearance this evening, POTUS used the phrase “refuse to be terrorized” for at least the second time this week. I think Bruce has himself a convert.
Hmm • April 19, 2013 11:18 PM
Link to the text of President Obama’s statement after the capture of 2nd suspect:
http://m.whitehouse.gov/the-press-office/2013/04/19/statement-president
Petréa Mitchell • April 19, 2013 11:30 PM
Petréa Mitchell • April 19, 2013 11:35 PM
On a more serious note, you may have heard something about a ricin scare in DC, which leads to a nice column at CNN trying to explain why not to be scared of it being detected in letters.
Waywiser Tundish • April 20, 2013 12:10 AM
UK scientist jailed for faking data:
http://retractionwatch.wordpress.com/2013/04/17/uk-researcher-who-faked-data-gets-three-months-in-jail/#more-13748
Erik Becker • April 20, 2013 1:44 AM
I am looking for information about a cold-war cryptographic device that I was unable to find.
I hope, you can give me a hint.
It is a device to generate keys for use in a one-time-pad-like scheme. Technically, it consists of a container filled with dice (being labelled with letters instead of numbers) that is shaken to permutate them. Afterwards, the dice are pured into an attached tube to line them up.
The device is flat, maybe one inch (or a little more) high and transparent on the surface. Three or four of those containers and tubes are included in one device, giving it a look similar to this key http://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/Standard-lock-key.jpg/640px-Standard-lock-key.jpg where the containers would be in the rounded parts of the handle.
If I remember correctly, such a device was called “violin” (or “geige” in german).
I am especially interested in the dice:
Does one dice bear only one or different characters?
In case of one character per dice, are there 26 dice for each character?
In case of several character per dice, is there a list?
Thanks in advance for any help!
Nick P • April 21, 2013 12:10 AM
New UAV camera system with around 20 sq miles of resolution and plenty tracking ability
http://www.youtube.com/watch?v=13BahrdkMU8
I do recall a past article (years ago) about the government wanting to use blimps for long-lasting, high altitude surveillance and communications relays. So, combine this surveillance system with the blimp idea and you get one heck of an addition to the surveillance state’s toolbox.
People wanting privacy or dodging LEO’s using such technique will have to apply counter traffic analysis techniques to vehicles and such. I think I said before on this blog many old tradecraft methods are the best. Technology following this path will almost force the use of such tradecraft, plus improved techniques, to maintain privacy or pseudo anonymity.
Nick P • April 21, 2013 11:08 AM
The Eternal Mainframe is an interesting article. It was a great read because Clive and I have been saying the same thing for over a year. Quite a few more people if you add the “reinventing the wheel” thing in there.
I recall Bruce predicting that computers become a utility and security a utility function. Turns out McCarthy predicted the same thing about computers.
The funny thing is I’ve spent the last week or two looking up mainframes and minicomputers. I’ve looked at their history, the current mainframe makers, the hardware, the OS’s, the software ecosystem. I think the current mainframes are often way better at the utilization, reliability and consolidation goals than their “evolved” counterparts. The reason is that mainframes have been evolving too, adding features customers wanted. They’ve also been doing things like virtualization and RAS for decades longer.
So, it’s hardly evolution: just two similar things competing. I also take issue with the author’s conclusion about what going back to the mainframe means. I think we just need to change the goals:
Goal 1: Really inexpensive mainframe-like platform.
Goal 2: Diverse array of companies providing and managing computing resources
Goal 3: Separate (rather that integrate) sensitive stuff, generic stuff, software, storage, etc.
Goal 4: More tech that allows trustworthy use of untrusted components. (eg seemless encrypted data to/from cloud)
These could help us out. The first would let many more organizations have their own easy-to-manage, high uptime, computing service. That defeats many security, privacy and legal worries. The second supports that goal by putting the sea of data into many different hands who have competing interests or goals. That should reduce the risk of collusion or at least the risk of a single large company from exerting undue influence.
Three is already standard in cloud. Examples of three are services for specific functions: compute, storage, crypto, visualization. Decoupling our platforms and applications can allow even more of this in that the components can be deployed in different ways (or locales).
Four is in progress. The best examples of four are TPM- and cryptoprocessor-based designs that protect group A’s information on group B’s servers. If we keep getting more research done in that area, we can bring the capabilities up and the cost down. This makes it easier to use in these new cloud and mainframe deployments. This boosts our ability to maintain our freedoms in spite of the centralization trend.
So, there’s still plenty we can do even though we’re reinventing the mainframe. Whether we will remains to be seen.
DaveK • April 21, 2013 8:16 PM
Ciphercloud, their DMCA request against stackexchange and the snake-oily smell of their product all deserve a blog post.
http://crypto.stackexchange.com/questions/3645/how-is-ciphercloud-doing-homomorphic-encryption
Clive Robinson • April 24, 2013 11:00 AM
OFF Topic :
Japanes FED go from bad to worse…
As some might remember the Japanese equivalent of the FBI got a load of egg all over their faces including extracting false confessions over bomb threats sent by malware on four otherwise innocent people.
The malware responsable was controled via TOR so the Jap-FEDs had a little think and have decided the best solution is for ISP’s to block TOR.
http://www.theregister.co.uk/2013/04/22/tor_japan_police_ban/
Never mind that it won’t work, it further portrays their compleat lack of understanding of how the Internet can be made to work.
However the harm such blocking measures can do can be easily seen. One reason other than lacking technical savy the Jap-FEDs might have decided this blocking was a good idea might possibly stem from the embarisment it’s caused them. Apparently an insider used TOR to blow the whistle on certain reprahensable activities the Jap-FEDs had been upto.
Subscribe to comments on this entry
Leave a comment
Sidebar photo of Bruce Schneier by Joe MacInnis.
Chris • April 19, 2013 2:25 PM
Bruce, it would be interesting to hear your thoughts on the Boston-wide lockdown — whether you think it was a good idea and whether it continues to be one.