Friday Squid Blogging: Squid-Shaped Dog Toy

Just the thing.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on January 3, 2014 at 4:09 PM • 136 Comments

Comments

AnuraJanuary 3, 2014 4:23 PM

This has been in the news lately, although I doubt anyone here will be surprised, and I don't think it's a bad thing (except for how the NSA conducts itself today).

NSA is researching quantum computing.
http://arstechnica.com/information-technology/2014/01/nsa-dreams-of-quantum-computer-that-can-break-encryption/

I've been thinking about this for a while now, and there doesn't appear to be any viable patent-free post-quantum key-exchange algorithms. However, NTRU does seem to be the best contender for patented algorithms, and they do provide a GPL implementation and their patent should expire after August 19, 2017.

Is NTRU mature enough to start moving to? After their patent expires, if it is, it's probably a good idea to start migrating to it.

anonymousJanuary 3, 2014 4:23 PM

Question: Does anybody know what happened to Java Security recently? The concept of the Sandbox seemed sound to me and for years it seemed to be all safe. Moreover, compared to natively compiled code, security reviews would probably be easier with Java - just the VM to review and then certainty that Java Programs cannot manipulate pointers etc. and within the Sandbox a clear security policy...

Myself and IJanuary 3, 2014 4:48 PM

Two articles that I came across this week dealing with issues of trust. The first deals with the lack of trust in academia. The final sentence is a killer:

"Universities for a very long time have been based on trust,” Mr. Dean said. “One of the ramifications of this is that now we can no longer operate on trust.”

http://www.nytimes.com/2014/01/01/sports/as-for-athletes-but-charges-of-tar-heel-fraud.html?pagewanted=2&_r=4&rref=sports&hpw&

The second article is more interesting (to me anyway). It is about how one company identified a trust gap, in this case between video game publishers and gamers, and created a profitable business by building trust between the two groups. There are many articles, like the one above, that focus on the lack of trust. I especially enjoyed this one for its focus on how to go about rebuilding relationships to renew trust.

http://www.wired.co.uk/news/archive/2013-12/31/gog-qa

AlanSJanuary 3, 2014 5:09 PM

Foreign Intelligence Surveillance Court Approves Government’s Application to Renew Telephony Metadata Program
http://www.dni.gov/index.php/newsroom/press-releases/198-press-releases-2014/994-foreign-intelligence-surveillance-court-approves-government%E2%80%99s-application-to-renew-telephony-metadata-program

The ODNI also notes that the DOJ is appealing the Leon decision. And makes noises about being open to changes to give the "American people greater confidence". They are reviewing the recommendations in the President's Review Panel report. The latter may not be all the media made it out to be:

Correcting the record on the NSA review
http://www.washingtonpost.com/opinions/michael-morell-correcting-the-record-on-the-nsa-recommendations/2013/12/27/54846538-6e45-11e3-aecc-85cb037b7236_story.html

Whiskers in MenloJanuary 3, 2014 5:18 PM

Re: java... The reality is java security has been flawed in implementation from the get-go. It might be salvaged but not without a lot of work to the virtual machine. Dalvik's subset environment approach ignores most if not all of these troubles. The only new bit is Oracle is not investing in public ways and the bug list grows.... I.e. Visibility of issues has increased and hard bug fixes have slowed.

The litigation has not garnered industry friends with quality programmers. IBM may be an exception.

Minor recent extensions to the JavaVM could help.

MaraselahJanuary 3, 2014 5:19 PM

I've been barking about encryption cracking for about a year so I'm super glad there's now at least talk that someone is trying it, makes me sound less insane. The NSA isn't barking up the wrong tree imo, there's a real potential there to own the world. fyi I'm talking about news that they're developing a computer to specifically crack encryption as posted by Anura.

AnuraJanuary 3, 2014 5:21 PM

@AlanS

And makes noises about being open to changes to give the "American people greater confidence".

Quote from a song called "The Black Fruit" by miRthkon:

The world is changing. It is a time to think, to act, to grow. Now, finally, a company that rises to meet this challange; a company not afraid to tell its customers what its customers tell the company its customers want to hear, a company that can make the promises required by this new age, a company that can give every appearence of following through on those promises. Because we know that you want us show you that we seem to care, we spare no expense to seem to do so.


I have no doubt in my mind that the government wants us to have more confidence in them. I also have no doubt that without the public throwing out the plutocracy, any confidence will only be misplaced.

AnuraJanuary 3, 2014 5:22 PM

Slight correction "a company that can give every appearence of intending to follow through on those promises."

Coyne TibbetsJanuary 3, 2014 5:35 PM

Given: The revelation that the NSA likely paid RSA to make a back-doored cryptography method the default.

Given: The revelations that the NSA has several tools that store themselves into BIOS and activate during boot-up; probably via UEFI, which is an interface to the BIOS firmware.

Given: One of the greatest objections to UEFI design was the risk that it could be used to install software that would not be visible to any review, neither by the operating system nor by other software installed to the BIOS.

What is the likelihood that the NSA promoted, designed and/or funded UEFI components and architecture specifically to allow it to silently install its surveillance software in servers and clients? Can any speculations along that line be verified?

WmJanuary 3, 2014 5:57 PM

I am sure that all four of these Squidos are hanging from Bruce's rear view mirror.

DBJanuary 3, 2014 6:18 PM

A friend of mine has a doggie toy similar to that squido, which they call a "quadropus" since it only has 4 arms not 8.

AlanSJanuary 3, 2014 9:15 PM

@Anura

Agreed. I expect we'll see a few minor changes for the sake of appearance and all the people who are unhappy with the current situation will remain so.

AlobarJanuary 3, 2014 9:36 PM

Not a squid, but an octopus. If you have not yet seen it, I thought it might interest you.

AspieJanuary 4, 2014 4:30 AM

@Whiskers in Menlo
java security has been flawed in implementation from the get-go

I don't dispute what you say, nor wish to nitpick, but want to be clear; are you saying that the design of java security was good but its implementation has problems or is the design itself flawed? If it's the former then it should be relatively straightforward to solve since it's an implementation defect. If it's the latter then it would, as you suggest, require a lot of reworking.

AspieJanuary 4, 2014 4:43 AM

@Anura

If you can induce fear in those you would manage then you have them under control but you will never be able to trust them with your back turned. If you can induce comforting beliefs of your good intentions in those you would manage then you have them under complete control for as long as those beliefs hold.

It seems that the business sector discovered the latter long ago and the IC, apparently, has no way of using it so it resorts to using fear to control the people it allegedly serves. It's a good recipe for a bad outcome.

ChristianOJanuary 4, 2014 5:40 AM

"he only new bit is Oracle is not investing in public ways and the bug list grows.... I.e. Visibility of issues has increased and hard bug fixes have slowed. "

My perceptioon was just the other way around. While Oracle didn't do good public relations work for Java they seem to have put more manpower behind it than Sun had. So there was a lot of work done on Java/JVM.

Mike the goatJanuary 4, 2014 5:49 AM

Coyne: I think UEFI has NSA stamped all over it. Their whole secure boot is a complete sham, and I won't even get into the issues with TPM specific technologies. That said - others may disagree and state the risk is about the same as it was pre-UEFI.

Anura: the quantum computer revelations are unsurprising given their ultimate mission goal(s). I wonder - if this leaves the realms of science fiction and actually becomes something that is implementable and usable, say in ten years or so - will we have a new crypto arms race? Will it be the end of crypto as many have predicted or will we simply adapt. I suspect the latter.

PtolmyJanuary 4, 2014 7:27 AM

@Mike,

"I won't even get into the issues with TPM specific technologies. "

Please educate us!

camurgoJanuary 4, 2014 8:17 AM

People, if a person/group has complete knowledge of how to build every single computer part, could it become possible in the near future for such person/group to 3D-print an entire sufficiently-powerful computer? Even if the resulting machine is ridiculously big, and power consuming?

BryanJanuary 4, 2014 9:31 AM

On a diversity of processor instruction sets in a system: I'm not sure it is needed or is even wise. It makes it much harder for one person or a small group to review the overall system, and it doesn't impact a well funded group's ability to attack it. At best it only provides a small hurdle to cross while providing impediments to assurance, especially by an underfunded volunteer group.

BryanJanuary 4, 2014 9:46 AM

The only impediments to making a 3D printed computer right now are the "inks", and a printer that can handle enough of them at one time. I expect the printer would need to handle many different classes of "inks", but that can be done with different print head types.

Circuits have already been printed onto various 2D substrates. If the time to market guesses were right there should be production LCD displays that have printed circuits in them.

camurgoJanuary 4, 2014 10:29 AM

@Bryan I see your point regarding the obvious problems a small group would have in reviewing an entire computer hardware project, it's embarassing even this didn't cross my mind before posting. An opensource and public hardware project then. But still 3D printed, so to prevent tampering along the chain of production or shipping. That'd be awesome.

sadclown666January 4, 2014 10:55 AM

Boy, oh boy, nothing is so sweet as the thought of Big Brother ransacking my underwear drawer. &:(

I was happily writing crypto software that I now find to be subverted from both ends in an acronym orgyfest.

UEFI is pretty prevalent now, no? Are all my lovely machines telling tales out of school?

It makes me want to trash the lot. Abandon my phone number. Go anarchoprimitivist.

I don't have anything that exciting on my machines. (Although I would prefer my software not to be "implanted") But I grew up in the 60s and 70s, when I learned that the government actions of today are what made communism so bad back then. I learned in school of all the heroes who risked their lives to make us free and keep us that way. Not that they were perfect, but that our country was going in the direction of a better society, freer and freer.

And I guess I had some sense of personal integrity. That my life was my own, my ideas my own and my non-harmful opinions and actions were nobody's business but my own and my friends. I still think that this is the kernel of individuality, that without our private space we empty out into puppets, without a core, everyone pulling our strings.

I feel owned. I feel like I have been placed in an open air prison, sell out traitors laughing at my unmentionables, collecting data on me to further control me. Like the way the NSA was found to be laughing at servicepeople's videochats with loved ones back home.

Well a day...

Back to the practical: What kind of computer setup is most likely to resist intrusion with these new facts in mind? A personal development/encryption machine, not a server. I am thinking Linux on an ARM, airgapped most of the time. I guess I should be compiling my own OS. Any practical suggestions on the best setup that doesn't require me to build my own architecture or my own machine? Or perhaps does involve an easy machine build?

sadclown666January 4, 2014 10:59 AM

P.S.

I can now put in words what I was feeling:

"Implanted" == "Raped"

I bet there are more than a few sickos at the NSA who see it in exactly the same way.

PtolmyJanuary 4, 2014 11:17 AM

@Rocklands

Thanks, I've already seen this, but it is geared towards the "who controls it" facet. From what Mike said, I'd expect something more technical (ie, flaws that allow people with special knowledge/tools to bypass it, assuming the computer user uses it to protect the OS/boot process against intruders, physical and remote, as opposed to the OS vendor using it to protect against the user).

anonymousJanuary 4, 2014 12:18 PM

"I am thinking Linux on an ARM, airgapped most of the time. I guess I should be compiling my own OS. Any practical suggestions on the best setup that doesn't require me to build my own architecture or my own machine? Or perhaps does involve an easy machine build?"

Raspberry Pi, Beaglebone, MarsBoard, MarS Board? (The latter two are not the same!)
I don't think the NSA has subverted all of them yet. Not too many of those around, except the >2million Raspis.

WaelJanuary 4, 2014 12:21 PM

@sadclown666,

Any practical suggestions on the best setup that doesn't require me to build my own architecture or my own machine? Or perhaps does involve an easy machine build?
it depends what you want to do with your machine and what you want to protect. In general you can start with two principles: "Separation of domains" and "Trust no one" -- you can apply other principles as your intended use cases are more specialized, then use the concept of superposition to move to a more general solution. For example, say you suspect your machine is subverted, implanted, etc... Then, in addition, you want to apply the principle of least privilege (or access; POLA); you will deprive your machine from the ability to decrypt data you care about. What this means is realizable in this implementation (for example): build a smaller piece of hardware that has no communications with the outside world except for the interface you define. The transport is not a factor. That piece of hardware is your root of trust (I hesitate to call it that, because that has other connotations not true in this setup). It is a physically separate, self contained, self powered, shielded, immutable unless you physically update it (the software, that is). Connect this device to your machine via a serial/parallel/USB//WiFi/BT, etc... But serial/parallel connections will likely be more confidential. This device will act as your input/output/crypto engine device. Your subverted machine will be the storage device, and other general things you're not concerned about. All interactions between the machine and your device are: encrypted, and the machine has no decryption key. Using this setup, you can confidentially exchange emails, SMS, chats, or VOIP with a friend who has a similar setup. Documents you care about that reside on this machine are also protected, since the machine has no decryption capabilities without the other device. This is not novel by any means, and you see such devices in movies, when a hi class drug dealer (if they have any class) uses an encryption device to start talking with someone else. Nick P, RobertT, and Clive Robinson either directly or indirectly talked about such a setup, I only wanted to put in in a coherent story and tie it to some security principles -- don't know if that helps. Now watch some startup company develop such a device ;) This device can be an older semi-air-gapped computer, but that should reduce your trust level.

Derf ScratchJanuary 4, 2014 12:44 PM

The NSA's Quantum computer is not for cryptanalysis it's probably so they can automate their now gargantuan world spying apparatus to spy on everything at once, choose selectors automatically and infect targets on it's own. Basically SKYNET.

NSA is currently limited to how many analysts they can employ to reply to flagged selectors and then manually target them after 'approval'. Seems to me they want to automate all this so Alexander can sit in his Cpt Picard chair and just shout out orders to a computer
http://www.theguardian.com/commentisfree/2013/sep/15/nsa-mind-keith-alexander-star-trek

FigureitoutJanuary 4, 2014 12:54 PM

camurgo
--There is growing interest for Open Hardware, not to mention lots of tiny yet powerful computers and microcontrollers. Even if you could print your own computer though, would your circuits make sense?

sadclown666
What kind of computer setup is most likely to resist intrusion with these new facts in mind?
--Depends how hard you're willing to work for it. Of all people on the blog (lots of smart people also making their own computers on the side), Nick P seems to be the most serious about building the most hardened pc that isn't some 8-bit 16k RAM breadboard pc. I'm focused on these tiny computers for eliminating a lot of possible subversions and in the event of compromise the enemy has little to no benefit computing power; but it won't run much of anything. He's posted a lot about the designs so stay tuned.

I'm pushing for a trusted base, where as others (w/ more experience) like Clive Robinson made a pc w/ DSP chips; b/c their purpose is analyzing signals so it would make the least sense for them to be backdoored. He operates on the assumption that the hardware is backdoored still and claims (I still don't know how) that he can trust how he routes the data around to ensure that you don't need trusted hardware to have secure operation.

I'm currently studying Forth and 4tH, assembly for the TI-83+ and the TI-84+, as well as building my own Z80-based computer. I could spam some more links, but there's plenty of info out there to get started reading. Even though I'm not planning on making my own components, I still find it valuable to read old books/resources when they were first invented (and could be seen/touched) so you can better understand them. Also neat hacks to keep in mind, like making a battery w/ zinc/copper electrodes & bleach; or a capacitor w/ layers of nearly touching foil (hence the schematic symbol that looks like a stack of papers).

So turn that frown upside down. Better to be angry at agencies (and the random evil individuals who attack for no purpose really) forcing you to do all this work to have trust in a tool that should be under yours and only your control. But hey...psychopaths...what can you do?

jimmy75January 4, 2014 1:38 PM

Wow. I'm new to security. It's gotten a lot more complicated in the 12 months I've been into it. I have to build my own hardware to be safe? There won't be any time left to do anything with it.

No network level response? Can't we map these exploits? Map these servers? Set up honeypots to capture the exploits and then reverse them and publish them? Who knows who else is using the holes that the NSA left? Who knows who else is poking these holes? Can anybody blame us for try to track them and fight them?

Do we need to be on the backbone to do this effectively? Can we create a peer-peer setup that might gives the power to do overwatch on the net?

camurgoJanuary 4, 2014 1:50 PM

@Figureitout, I have a little experience in designing circuits, but nothing nearly as complex as a motherboard, not to mention the internals of parts such as the different types of memories which I understand only superficially and in theory. So, I'd have to study lots, but I imagine even top notch computer designers can't do it all on their own; It takes a team plus lots of additional eyeballs to help review and suggest improvements.

FigureitoutJanuary 4, 2014 3:20 PM

camurgo
--Of course. Same here, I'm still a student so I can't even call myself an engineer...Start digging in or trust someone who could have a false name, false history, and malicious intentions. Lots of the older engineers seem to have lost hope...others are waiting on the market to get funding. I think a market is coming (and there's going to be even greater incentive to find errors in products claiming to be secure, which is great).

sadclown666January 4, 2014 3:36 PM

@ anonymous

Thanks, you sound like you know about ARM. Which board do you think would give me the most umph running Linux?

@ Wael

Thanks, It had occurred to me to use a another machine as an secure appendix to my main machine. Or maybe a secure gateway running a router distro that only lets whitelisted IP addresses pass. I wonder if FOXACID can appear to be sending packets from the real IP address of the site it is spoofing. I guess they can if if they don't need the response. Any significant sized payload should run into the real response. (And be discarded since the sequence numbers would be off.) I think somebody suggested snort rules to check for that.

Is SNORT the gold standard for open source IDS's? Are there open source rules? It appears you have to pay for the current rules at the snort site. I doubt I'd rely on external rules anyhow, but they would be good for trapping attempts on my machine... Maybe.

sadclown666January 4, 2014 3:51 PM

(correction) I don't see how FOXACID can do a tcp handshake if it spoofs the ip address in the header. Udp could work I guess.

BenniJanuary 4, 2014 3:53 PM

@sadclown666: What kind of computer setup is most likely to resist intrusion with these new facts in mind?


Well that answer is easy. None. The hardware bugs of NSA use the design of Theremin's bug:

http://en.wikipedia.org/wiki/Thing_(listening_device)

Theremin was a russian experimental physics genius, who would have liked it more to work on atoms, or things like the first electronic music instrument, or the video interlace techique, all invented by him. But Stalin had the idea to put him in a soviet prism, let him there create a bug, that does not need complex electronics, appart from a microphone and cavity and a simple antenna. It also does not need external current supply from batteries, is very small, and can be mass produced cheaply.

The NSA just adds a bit electronics to this concept. But that is not needed for the original version of this bug.

In a totalitarian government system, even if you would have no computers, you could just put one of these devices into each wooden door of your house. at the time the doors get manufractured. Then you can record every conversation in a house, without being detected, as nobody dissasembles his wooden doors...

So even when all our computers would be save, They could still hear what we say via such bugs.

Jacob Appelbaum's says that somebody would have broken into his home: http://rt.com/news/appelbaum-snowden-berlin-raid-618/

I think he should better look for a new flat, the faster he finds one, the better it is for him.


Bauke Jan DoumaJanuary 4, 2014 4:40 PM

Legality and Justice: a disjoint
Foucault, Chomsky - Human Nature

Happy Birthday everyone!

And here I'd like to bring to your attention this little discussion, highly interesting and, in the end, when focus turns to 'legality' and 'justice', highly to the point of actuality, between Michel Foucault and Noam Chomsky.

Note how the thinking power of our brightest, most humanistic and influentual, cannot hold a candle to the indifferent brutality of technological monsters whose limitless means spoiled them to the point of zero tolerance for even the most basic democratic oversight.

Foucault, Chomsky
https://www.youtube.com/watch?v=7TUD4gfvtDY

WaelJanuary 4, 2014 4:45 PM

@Benni,

Well that answer is easy. None. The hardware bugs of NSA use the design of Theremin's bug: ...
It's important to correctly characterize the bug, it's intention and capabilities. This one was for audio eavesdropping, and was briefly mentioned here. It certainly wouldn’t be of any use against the setup I proposed. To explain further, in the setup I proposed to @sadclown666, the "Separation of Roles" principle was also applied. The effect is that the subverted machine becomes an untrusted extension to the "internet". If you, for example, establish an SSL connection between this setup and another machine with a similar setup, the SSL connection will terminate at the hardware device mentioned, not at the subverted computer. I don't see the "Great Seal bug" doing any harm there. Also, this setup doesn't care how the subversion is accomplished -- you dont trust the subverted machine anyways -- It's treated as part of the "cloud", so to speak.

Clive RobinsonJanuary 4, 2014 5:02 PM

@ Bryan,

    On a diversity of processor instruction sets in a system: I'm not sure it is needed or is even wise. It makes it much harder for one person or a small group to review the overall system, and it doesn't impact a well funded group's ability to attack it. At best it only provides a small hurdle to cross while providing impediments to assurance, especially by an underfunded volunteer group

Whilst I can see and understand how you arive at this it is an over generalisation which hides some distinct advantages.

For instance if I have three entirely seperate CPUs say MIPS ARM and another equivalent core, then it is extreamly unlikely that even a state level attacker has subverted them all. And even if they have then it is even less likely that they would be subverted in the same way for obvious reasons (one of which if it's discovered on one it's discovered on all).

Now if you put these three CPU's in a "voting circuit" where they receive the same data and perform the same overall function any subvertion reveals it's self by differing behaviour at the outputs which the voting circuit will detect. Thus you know that either a CPU has developed a fault or it's been subverted.

Thus you can detect subversion at layers below (ie on chip) which you can see in any other way.

Now if you implement a P / H / F code "byte code" interpreter on each CPU you get your common language environment you identify from that point up the computing stack.

Now the state level attacker could try to subvert at the byte code level or above, but because you have control at a level under them the tables are turned and you can protect yourself from them because you can detect their changes.

Thus as Sun Tzu advised several millenium ago you get to "Know your enemy", and with this you are both "In a battle ground of your chosing" and "Fight from a defendable position of strength". Effectivly you are in a high position with the sun behind you looking down unseen on your enemy which from a security perspective is an advantage to valuable not to use.

Compromises all the way downJanuary 4, 2014 5:29 PM

Couldn't the attacker theoretically subvert every machine differently, but only cause different behavior (from the good state) in the interpreter ? Any non interpreter task would yield agreement between the voters, even though each compromise is different. The low level compromise would be here only to hide the interpreter compromise. Assumes a pretty good attacker, but that's what you're trying to defend against after all.

BennoJanuary 4, 2014 6:09 PM

Wael wrote:
"This device will act as your input/output/crypto engine device."

Then, the NSA breaks into your room, exchanges the the keyboard that is connected to this crypto engine device with a keyboard that contains a radar bug. They do that regularly as spiegel documents show. Then they get the password of your encryption, and then they can move on to your "storage device". So If they want you, they can get you.

A method for preventing these radar devices would perhaps be a faraday cage, a box of metal in which the entire systems containing sensible information are. Then, these radar bugs are worthless.

Then, one can try to encrypt all filesystems one has, using open source programs where one has read over the code by oneself.

The most secure information must be on a computer that is without network or internet access. File transmissions to this device must be made via encrypted sticks and the computers must be better ordered in a store where one can take them home personally by oneself (preventing NSA interdiction) and then one may dissasemble them at home first, before putting them into use.

The computers having access to networks must not have windows, but must run on linux, As Microsoft might have given the NSA its ssl master key (how else could the nsa impersonate google pages via ssl?), security certificates signed by Microsoft or any other company may not be installed. But one can use use ssl in an own private network, with certificates generated entirely by oneself. Certainly all network traffic in this private network should use ssl encryption.

That way, one can, at last run a secure private network, provided that all these computers are in a faraday cage and all cables between them are bought by oneself, where one has opened some sample cables for testing on implants.

Computers accessing the internet should be completely disconnected from the other computers that contain sensible information. The browsers of these computers must perhaps be completely written by oneself. Perhaps browsers like the command line browser lynx are less susceptible than some firefox browsers. Also, the use of tor is appropriate.

That way, one should be relatively safe, I think. The only problem is just, that this is just too involved. But a company, protecting its inventions from NSA's industrial espionage may have to use such paranoid like tactics..

WaelJanuary 4, 2014 6:40 PM

@Benno,

Yup! I guess that Faraday cage will stop them cold. And

So If they want you, they can get you.
surely wouldn't apply then ;) how about this:
The NSA breaks into your house, and pokes a small hole in your Faraday cage, then replace your keyboard? That hole can act as a slot antenna, too... Protection against physical presence manipulation at your setup's location was not part of the problem. Unless you are envisioning the following conversation when two spooks break into someone's house:
Agent 1: Quick, hand me the radar keyboard
Agent 2: What the &$@$? What's that? A gag or something?
Agent 1: No! looks like a Faraday cage
Agent 2: a Faraday what?
Agent 1: let's get out of here, ain't nothin we can do about it :)

Clive RobinsonJanuary 4, 2014 6:51 PM

@ Sadclown666,

    Back to the practical: What kind of computer setup is most likely to resist intrusion with these new facts in mind? A personal development/encryption machine, not a server. I am thinking Linux on an ARM, airgapped most of the time. I guess I should be compiling my own OS. Any practical suggestions on the best setup that doesn't require me to build my own architecture or my own machine? Or perhaps does involve an easy machine build?

Hmm firstly you need a different view point to the industry norm.

Industry battle cry is "Integrate Integrate" mainly for perceived "efficiency" reasons. Security battle cry is "segregate segregate" mainly for behaviour "mandation". Going back a long way on this and other blogs you will find me making the comment about "Efficiency-v-Security" in the same way people used to go on about "Usability-v-Security". That is they tend to be regarded as mutualy exlusive in that you can have either "efficiency" or you can have "security" but not both. Whilst this is not true it is very very difficult to have both and it needs exacting reqirments beyond the abilities of most mortals.

The question is how to get the benifts of modern computing in terms of usability and efficiency whilst still maintaining security.

@ Wael has indicated one way which is to segregate out one critical security function into a seperate device, but whilst this is a good start it is not sufficient due to various problems. One of which is that if the attacker controls the keyboard and screen they can do a security end run around the critical security function in the seperate device.

The way to resolve this is to do a little more segregation, that is the screen and keyboard go through a mediation device which then goes through the security device through another mediation device and then to the computing device that only does one task at a time.

With further thought you end up with a fully segregated aproach which is basicaly each device communicates through a mediation interface that talks to a switching bus which links all the mediated devices together. The mediation interfaces and switch are controled by a security hypervisor that enforces policy.

In aproach it is like going back in time to the "big iron" systems aproach on which the likes of realy secure OS's etc were developed back in the 1960's & 70's before all this "desktop nonsence" started ;-)

However you take it a stage further in that you don't have one CPU running many tasks, you have multiple segregated CPU's running single tasks...

Now you don't have to go as far as C-v-P to get quite a lot of security over and above that is possible with COTS systems and relativly cheaply.

Many years ago I had access to PC104 industrial control cards that had 386 or 486 processors on them running a striped down version of Linux that I was using to develop a "cluster solution" for a secure communications project I was involved in. These PC104 cards basicaly had the old 16bit ISA interface and you could get various commercial back planes for them with between two and twenty ISA conectors. To cut a long story short I ended up developing a mediated network card and used a 24 port managed ethernet switch. Managment of the ethernet switch and mediated network cards was done "out of band" from another PC104 card with multiple serial interfaces.

It did the job required for the project prototype very well however I started thinking on how it could be improved... Which started down the path which ended up with C-v-P.

Now what many on this site don't realise is you can by embedded microcontroler chips for a couple of dollars these days that contain CPUs and memory that far exceeds high end mini-computers of the 1980's and most have multiple peripheral devices on them including high speed serial interfaces that can talk to Digital Memory cards, USB ToGo and ethernet. Some manufactures provide nice easy to use "prototype" development cards fairly cheaply in one offs and will with a little arm twisting sell them at quite low prices in bulk.

However as noted above by others there is the Raspberry Pi, this has both USB and Ethernet devices and they are ridiculosly cheap for what they provide. So potentialy you have the ability to build a cluster in the same way I did with the PC104 cards.

But one thing I've done with some sub two dollar microcontrolers is make a PCB which provides a memory card slot, a USB interface and the other I/O Pins going out to an IDC connector (as seen on pre SATA HDs) that can be pluged into other hardware, hung of the end of a ribbon cable or pluged into a custom backplane bus. It's these I've been using to prototype C-v-P (as well as many other projects).

In C-v-P I use them to run individual very small tasks kind of the equivalent of *nix command line utilities used for shell scripting. As in a *nix shell script I pipe the results from task to task, however unlike *nix where the pipes are IPC memory such as semiphors I pipe through the backplane switch. Rather than have seperate mediation devices I currently use the micro kernel on each CPU card for prototyping, however I have one or two prototypes of cards where the mediation devices are another micro controler that also acts as a MMU to access common memory securely and to do execution signiture checking. I'm also currently developing a very small device independent bytecode interpreter such that I can use any microcontroler that will run the interpreter, the kernel will be written in byte code as will the tasks such that I can implement a voting protocol extension.

Thus you can for a small capital out lay and a lot of hard software time build your own "malware and hardware subversion" secure computer system...

As for what passes as "usability" these days the best way to go would be a "thin client" display system with a "middle ware" system to turn command line processing into fancy graphics. It's not an area that currently concerns me Google for all there other sins have produced via their various Chrome endevors have produced an effective graphical thin client likewise various small linux distributions. I don't know if they are secure or not and don't particularly care, as with a bit of thought any problems with them can be mittigated as has been discussed on this site quite a few times recently (see BadBIOS discussions). Likewise any middleware server.

I'm sure that @ Wael, Nick P and several others will want to pass comment, and I hope they do because free and open debate on these issues usually pushes things forwards faster than trying to think them out on your own (I know from past experiance I'm neither infalable or all seeing and likewise have limited resources such as time to do things).

Bill W.January 4, 2014 7:01 PM

@Brian: Unless you plan on 3D printing vacuum tubes, making transistors using 3D printer technology is a bit more difficult than merely printing conductive circuit board traces on a substrate.

For one, modern, solid-state computers use semiconductors. Meaning a material like silicon with certain dopants (boron, phosphorus or arsenic) added into the matrix of the silicon itself using a furnace at about 2000c.

And there are many extremely fine films, made of certain specific compounds that act as dielectrics or conductors, that must be applied with nanometer precision, in order to make a transistor gate function properly.

And you need to print, oh, several hundred million transistors to get a circuit whose performance would be considered anything equivalent to the last 15 years of computing.

At the scale of current technology, no 3D printer mechanism is accurate enough to do nanometer-scale geometries, nor can they dispense these exotic films, whose physical properties make them difficult to handle, and under conditions of near absolute cleanliness, since microscopic particles embedded onto the surface at any step of the manufacturing process can render the circuit dead (and the finer the critical dimensions the more the particle problem becomes, at a geometrically increasing rate).

There are reasons why chips factories are so expensive to build and operate, and the state-of-the-art so difficult to improve upon.

I agree with the notion that integrated circuit design needs a process to ensure openness and security, the problem being that the field is so complex, and economically competitive, that the details are held as trade secrets worth literally billions in revenue, an atmosphere not easily penetrated by the altruistic notions of openness.

BenniJanuary 4, 2014 7:05 PM

No, Even if they drill a small hole into the faraday cage, the bug does not produce a signal strong enough that much radiation should get out of this.

After all, the entire lightwaves must then scatter through that small hole. The small antenna of the bug does not have enough energy that sufficient radar waves can get out of the cage. Note that it is triggered by incoming waves, and even they get immensely reduced, since they must get through the hole into the cage.

A faraday cage should also forbid transmission of ordinary wireless communication.

So the agents would have to insert cables into the walls of the cage, and that can not be done so easily.

There is this story from spiegel: http://www.spiegel.de/netzwelt/netzpolitik/telefon-ueberwachung-metadaten-verraten-illegale-cia-operation-a-914470.html about agents putting their phones into chips bags. They believed this would prevent handy signals, but then they were caught. the agents should have taken their phones instead into cookie boxes made from solid metal, which indeed can prevent, as a Faraday cage, handy signals to be sent.


.


Nick PJanuary 4, 2014 7:28 PM

@ Benni

If I were them, I might...

1. Interdict the cage or material you order to change its properties.

2. Mess with the cage in a way to defeat its function causing a gap, leak, or actual amplification.

3. Come in through the ground with a silent drill to slide in a tiny antenna which is connected to a cell or wifi on the outside.

4. Make the bug use ultrasound.

5. Tap into your power line as you havent indicated you would be connected directly to a generator

6. Use a two stage tap where the bug inside uses infrared to hit a point on cage, which has a device collecting and broadcasting the data.

And these are the ones that dont involve agent covertly or overtly going into your place. (Except 6.)

Course, im all for the shielding anyway. It just has to be done right and checked regularly.

WaelJanuary 4, 2014 7:29 PM

@Benni,

So the agents would have to insert cables into the walls of the cage, and that can not be done so easily a small hole with the right characteristics can work. If it doesn't, other techniques can work, including adding a repeater. We're going off topic here...

WaelJanuary 4, 2014 7:46 PM

@ Benni,
I guess I missed a slash somewhere, and messed up my last post. Consider this possibility: http://www.antenna-theory.com/antennas/aperture/slot2.php
I was a Microwave engineer many moons ago... And worked in shielded rooms for a few years, very recently, so I know a thing or two about E&M...

@ Nick P,

4. Make the bug use ultrasound.
you'd be surprised to know that rf shielded rooms (for cell phone bands) are good shields for the audio spectrum and above as well, I think I mentioned that earlier... Will have to dig up that context.

@Clive Robinson,
C-v-P is a subject dear and near to my heart. ;)
Where did we leave off?

Clive RobinsonJanuary 4, 2014 7:53 PM

@ Compromises all the way down,

    Couldn't the attacker theoretically subvert every machine differently, but only cause different behavior (from the good state) in the interpreter ?

Depending on how you implement the voting it will pick up differences at any level.

Look at it from the data flow perspective, you provide the three CPUs with identical input data, you then compare the output data. If all three CPUs produce identical output data you are happy.

Now for an external attacker to change the interpreters they can only change one interpreter at a time, they cann't change all three simultaniously. During this time the votes won't agree thus it should (if you are doing things correctly) cause the attackers activities to be discovered.

It is possible for an insider with direct access to stop the system and change each interpreter prior to restarting the system, in which case there is no "disparity time window" for the voting circuit to detect. However there are other external to the system physical security measures that can be implemented to either prevent or catch such activity.

If however an attacker can get physical access to the system to make the changes then they can in all likely hood get access to other things much more easily and be able to "end run" around security, such as by puting in a method of reading key strokes (ie by vision and or audio bugging) in the area of the users keyboard (ie under table surface for audio or in ceiling tiles for video). Placing an audio bug under a table top can be done by slieght of hand in seconds whilst the user is there, so would realy be a lot lot less of an effort or risk for the attacker than trying to compramise the integrety of the system.

And "end run" attacks are realy the best way for insiders and most external attackers doing "black bag jobs", they actualy carry minimum risk both of being "caught in the act" or the real attack target being identified subsiquently. Look at it this way if an audio bug is found the majority of people are going to assume it was for picking up conversations not keystrokes. But unlike conventional audio bugging it only needs to be deployed for a very short time thus with a little "human engineering" the audio bug could be retreived after just a few minutes or a day at the most.

It's also easy for run of the mill IT Sec bods to not even think about end run attacks because they fall in that not often talked about "external covert channel" class which is generaly considered by most to fall into Physical Security --ie locks and bolts-- not IT Sec. Likewise the majority of Physical Security bods would not see it as an IT Sec issue. Thus you have a massive crack in security that a savy attacker will play in very happily and profitably.

What is worse as a major software engineering department in a major company found, sometimes the Physical Security bods actually end run around the IT Sec. Basically to stop thefts of equipment a covert high definition remotely controlable IP CCTV device was fitted. This CCTV could clearly see keystrokes being entered, and the unencrypted IP video stream across the internal network was visable to who ever could be bothered to look at it... Ops.

Clive RobinsonJanuary 4, 2014 8:44 PM

@ Wael,

You beat me to mentioning "slot radiators" so I'll "raise you" by mentioning "Gamma matching" stubs to structural metal work and "directional couplers" ;-)

Mind you it's not the first time slot radiators have come up on this blog, I've mentioned them before and they came up in discussing EM Fault Injection when academia caught up, when two students over at the UK's Cambridge Labs fired a 3cm unmodulated carrier through the ventilation slots on a hardware TRNG and brought it down from 32bits to around 7bits of entropy.

As for C-v-P not sure why it should be close to your heart, or for that matter why we stopped talking about it. I guess the real problem is that again the academic community are behind the curve on the idea, thus there was not much to discuse, also it's one of my projects that keeps getting stuck on the back burner due to other more pressing issues.

Mind you as Nick P has pointed out the industry has a huge vested interest in Castles, but academia is moving in the Prison direction. I guess it boils down to has anybody got the money to raise it's profile.

I did think of knocking on the NSA door to see if they've got any spare cash ;-) but recent events sujest that as with CESG/GCHQ/MI6 the price to pay with working with them would be way to high and I only just escaped the last time.

WaelJanuary 4, 2014 9:30 PM

@Clive Robinson

I'll "raise you" by mentioning "Gamma matching" stubs to structural metal work and "directional couplers" ;-)
Hmmm I have a "direcrional Coupler of Diamonds" but I dont know what a "Gamma matching..." is. Your cards are probably better, I fold.
Mind you it's not the first time slot radiators have come up on this blog, I've mentioned them before and they came up in discussing EM
I did too :)
As for C-v-P not sure why it should be close to your heart, or for that matter why we stopped talking about it.
Because I like simplicity, order, and methodology. Don't know why we stopped talking about it. Maybe no one else participated, and we thought others are getting bored and fedup? We can always find the opportunity to fit it in upcoming discussions.
I guess it boils down to has anybody got the money to raise it's profile
But of course, someone has the money. Thing is, they'll take the idea and go to town with it, and you'll not see a red peny out of it (or the equivalent British pence, or bitcoin)
the price to pay with working with them would be way to high
Getting out is more difficult than getting in... Reminds me of this famous song...

Last thing I remember, I was
Running for the door
I had to find the passage back
To the place I was before
"Relax, " said the night man,
"We are programmed to receive.
You can check-out any time you like,
But you can never leave!

65535January 4, 2014 10:05 PM

@ Clive and Nick P

Your “black bag jobs” and interdiction scenarios are disturbing!

It would seem that all computer security could be defeated by interdiction (tampering a RaspberryPi board or any other device in transit with one of many bugs). If and when a bug is found and removed it could be replaced by another interdiction/black bag job.

On a higher level it appears that the NSA has “war gamed” most "mitigation" scenarios.

The NSA has ensured the laws are favorable and secret via secret courts.

The major communications providers are in bed with the NSA. Further, the major hardware and software players - including security/cryptographic providers, have been on the pad with the NSA (for a number of years). It's also possible anti-virus venders have been turning a blind-eye to NSA developed hardware level root kits.

When the NSA runs into a problem not solved by the above combination - the black bag jobs are set in motion by the NSA and other "agencies".

For individuals and small business that are on a budget it is extremely difficult to junk expensive servers, sever contracts with NSA pawned cloud providers and write-off sunk costs associated with software written with secure providers - who are now known to be insecure!

Money doesn’t grow on trees. Something has to change to level the playing field. If not we will be owned, screwed and bankrupted.

BenniJanuary 4, 2014 10:32 PM

@Wael, Yes, these slot antennas would work. I remember them from an experimental physics class. With their volume, they are certainly not so easy to install like a simple microwave bug, but server rooms often have a floor of removable plates, under which the cables for the servers are located. There one could easily place a slot antenna. So once they get access to the computer room they are in.

One can only hope that NSA does not have an own fab for wavers and processors, where they can fake entire motherboards or processors that they could ship per "interdiction" to their targets. Currently, at least Isolated computers running on linux in rf shielded rooms where nobody can break in, can be considered to be safe.

But everything on the internet barely is. Especially, if one logged into wlan via smartphone. As NSA sits between the dark fiebers of google, one can hope that NSA could not decrypt the data on wlan passwords.

The documents say that NSA is working on Quantum computing. They mention a researchgroup in Austria, that would be better than them.

Perhaps they mean the group of Rainer Blatt which is at 14 Qbits: http://prl.aps.org/abstract/PRL/v106/i13/e130506,
I think Blatt's group now needs more money to ensure that they remain better. A secret NSA computer running shor's algorithm would be horrible.


brickJanuary 4, 2014 11:19 PM

'Anti-Propaganda' Ban Repealed, Freeing State Dept. To Direct Its Broadcasting Arm At American Citizens

https://www.techdirt.com/articles/20130715/11210223804/anti-propaganda-ban-repealed-freeing-state-dept-to-direct-its-broadcasting-arm-american-citizens.shtml

For decades, a so-called anti-propaganda law prevented the U.S. government's mammoth broadcasting arm from delivering programming to American audiences. But on July 2, that came silently to an end with the implementation of a new reform passed in January. The result: an unleashing of thousands of hours per week of government-funded radio and TV programs for domestic U.S. consumption in a reform initially criticized as a green light for U.S. domestic propaganda efforts.

Nick PJanuary 4, 2014 11:43 PM

@ Wael, Clive

I think we dropped the castle v prison thread because it was dominating the entire squid thread. Two or three at the same time, actually. Of course, Bruce is now soliciting ideas on such threads seeing how dire the situation is. I haven't restarted the discussion because much of it was software/OS threats. The new discussion must encompass CPU, peripherals, firmware and software with a touch of EMSEC & subversion issues. The correct by construction model can be (and has been) stretched to hardware/firmware. A secure system built that way will still be work on individual layers/components + whole system assurance activities. My recent focus on unusual processor architectures, delegated IO, and control flow integrity are my attempts to shortcut certain issues present in the larger scheme of things. My recent [unpublished] work involves a mix of the old stuff and every idea I can think of for building assurance in ground up in a way mutually distrusting parties can accept.

{Honestly, I've already gotten beyond the stage of what will work and still trying to figure out how it will be *adopted*? It's the more important point. I just don't think most, even classified govt ops, are willing to give up their modern computing experience, speed, and convenience to get the security benefit. Not to mention maintaining the international, high assurance base would be a constant maintenance pain as each change goes through such rigourous checks & slow build process.}

The old discussion was fun but would seem pointless now. The threat model has evolved since then. My ideas are trying to evolve accordingly without hundreds of engineers and an equal number (x 1 million) of budget. If any discussion is to happen, it should be with the realization that it's no longer Level 3 attacker secure because they've raised the bar so high that it's ridiculous to "outdesign" them. At best, you're defending against everyone (incl TLA's) below them. The only thing that might do at their level is a many chip, fault-tolerant, intrusion-tolerant, correct-by-construction design. I'm in the alpha stages of what that will look like (eg my MPP/NOC + tagged hardware + typesafe software proposal). I can beat them at design level if EMSEC, physical security and supplier security can be maintained. It's just a tall order for any organization. ;)

So, that's why the topic has temporarily disappeared. Of course, there's an alternative hypothesis: Clive admitted my model was best at the time in that it's been field proven and could be used near term until his was developed. With that endorsement, what's there to discuss? :P

name.withheld.for.obvious.reasonsJanuary 5, 2014 12:22 AM

@ Clive, Nick P, Wael

A couple of thoughts:

1.) Architectural simplicity is probably a good way to go; OS variants such as OSF's MKAD (CMU Mach Kernel, Advanced Development), OS 9/9000, and QNX are instructive but not necessarily useful. As a community, I suggest that someone take the initiatative to solicit the group here form some kind of referendum. It seems these issues keep getting rehashed and repeated without much effect. Not that I believe the info is not useful, but efforts to address the gorillia would be great.

I'm not sure that there is any chance of making something happening without partnering with organizations that are outside the corporate/government sphere of influence. As Bruce finds himself with more time, he represents the ideal candidate to possible spearhead a group of like-minded individuals that want to make a contribution. There are challenges, but nothing will change if it isn't taken up. The scope of this small network may not be enough to bootstrap such an effort.

Taken a formal, rational, scientific approach to create simple, secure, open, and auditable systems has always had value--it's doing it in the context of where we find ourselves today. Not good!

Wesley ParishJanuary 5, 2014 1:27 AM

Mentioning 3D printing got me thinking - always a dangerous thing. To wit, @ Bill W., spot on. We can't print anything too hot or too fine. Silicon transistors are right out.

We can however, print circuitry on a large scale, and we can print out circuit boards in any shape we so desire. We do have published circuits of entire transistor computers, however "obsolete" and "out of date" they are - I think Bitsaver's got some pdfs of DEC's books on the PDP series, though I haven't been there lately.

So we can print circuit boards with embedded resistors and capacitors up to several layers thick, if we build a 3d printer that does printing plastic substrate and circuitry at alternative moments. Then establish links between the layers then solder the transistors on the top layer, and you've got a PDPs-R-US computer.

Of course, if someone knows about a semiconducting plastic, let us know. It would make things so much easier.

Mike the goatJanuary 5, 2014 5:03 AM

Ptolemy: regarding TPM, the problems with the technology are pervasive and numerous with various security researchers and even the German government expressing concerns about the implementation and use within Windows 8. It is interesting because initially a lot of us were very excited about Intel's product announcement given that we figured it would be used as an elegant way to solve the cold boot attack problem by providing a non-RAM place for key storage. Unfortunately it hasn't solved anything and arguably has weakened the integrity of the platform in a way. It is the same deal with UEFI secure boot. I shudder every time the collective IT establishment comes out with a new "feature" that is billed to somehow enhance security. In the case of secure boot I suspect it had more to do with Intel's buddy Microsoft wanting an innovative way to make third party OS's more difficult to run. Sure, after public backlash they watered this down and enabled OEMs to push out machines with the ability for the user to disable secure boot (shocking! a user actually having control of their PC) and offered to sign a chain loader for Linux and other FOSS OS's.

Really we could have achieved the same functionality as secure boot by simply taking a hash of the UEFI boot partition. If it changes then the user is provided with a warning and the boot is not commenced without positive approval. Sorta similar to what the BIOS manufacturers did in the 90s to prevent boot sector viruses, which were all the rage back then.

Going back to TPM which is increasingly being integrated into the motherboards rather than appended as a small plug in module board it is the same old story. It is worth more to the software industry for their futile attempts at DRM than it was ever meant to provide utility for key storage for uses such as whole disk encryption.

Iain MoffatJanuary 5, 2014 6:35 AM

@Wesley: 1960s thick film hybrid microcircuits are probably the staring point for "additive printing" of circuits. You would still need to physically add transistors and mix materials so not that easy a think to 3D print ? In the 60s they were 2D silkscreen printed as layers of metal and resistive material. Marconi did some work on vacuum triode arrays (based on similar technology to vacuum flourescent displays) in the 1970s or early 80s which might be a better target for current 3d print technology as an intermediate level of miniaturisation. See http://www.google.co.uk/patents/US5228877 and cited earlier works.

Architecturally the DEC 12 and 18 bit PDP machines are probably not a good starting place for a secure machine as they generally had flat (if paged) address spaces with little or no protection. IBM S/360, ICL 1900 (which had a base and limit register per process and is well archived) or the US Navy Univacs from the early 1960s are better places to start research I think.

More generally, what I find surprising in the self-build CPU threads is a lack of discussion of field-programmable devices rather than starting from bare silicon - is it simply that no one trusts the tool chain and silicon to be free of "implants" and they were written off as an option before I found these discussions ? As far as I can see a 3D printer also has a software chain needed to prepare and print anything complex so is equally open to subversion and a lot more work to get something functional ! See http://www-inst.eecs.berkeley.edu/~cs150/fa05/Lectures/03-ProgLogicx2.pdf for an overview.

I could understand why people regard the modern Xilinx and its counterparts with as much suspicion as a major brand CPU but there are older and simpler devices (PLDs and EPLDs) that are about as complex as an EPROM and allow an order of magnitude more integration than TTL logic.

When I started work as an electronic engineer in the 1980s it was quite possible for a team of 10 or 12 engineers to build a custom machine of power comparable to a Pentium CPU (assessed on the basis that that's what replaced it, badly) in a year using 4 layer PTH PCB technology and EPLDs programmed using a simple in house developed hardware description language. A starting point would be the Altera EP series http://www.altera.com/literature/ds/archives/classic.pdf which dont seem to be readily available any more or the classic fuse-link PAL (see http://www.ti.com/lit/ds/srps016/srps016.pdf, http://uk.rs-online.com/web/p/products/659-422/?origin=PSF_431002|QVTN-LL , http://docs-europe.electrocomponents.com/webdocs/0024/0900766b80024877.pdf).
As a simple registered AND-OR-INVERT array these devices are amenable to complete functional testing before use (so malicious functions have nowhere to hide) and the old metal fuse link devices were truly one time programmable as well so non-implantable in the field as a bonus. In use they proved faster by a factor of 2 or 3 than TTL (Pentium-beating speed is obtained by pipelining and hardwired control in a single application).

Iain

name.withheld.for.obvious.reasonsJanuary 5, 2014 7:27 AM

@ Iain Moffit

The ability to fully test an RTL synthesized design has a few dependencies that would not guarantee a fully exercised DUT/functional/unit/system test. One issue is the signal/clock convergence and any parametric verilog or VHDL implementations. I know Xilinx, Synaptics, ModelSIM, and the Cadence tool chains make claims about full LUT/CPLD analysis but I'm certain a determined or enterprising engineer can make hay with the modeling phase of the design (almost all these underlying tool chains rely on JVM as the application level functionality). So, could just changing the default class paths be used to change the resulting behavior?

I just sayin'; I'm just providing the devil's lawyer in this case. My perception is that if all if the "concerned" can make a robust and simple process as well as product. I suggest a scalar module based system with a clear architectural objective that emphasizes tracibility and verification of operational components and system. I'd think it might take a while to cold boot (aka OS/400).

MikeJanuary 5, 2014 7:47 AM

Howdy. I've been reading the blog for a while now. This is my first comment – it maybe comes across as a bit trollie, but that's not my intention – I am trying to think about a different angle here.

How about this for a conspiracy theory:

1. Let's say my job is to attempt, covertly, to monitor the data and communications of everyone in the world.

2. However, to my annoyance, there are a number of fairly straightforward things both individuals and society at large could do to protect themselves from my prying dragnet.

3. To my further dismay everyone suddenly becomes aware of my existence and what I am trying to do.

4. I mount a campaign of disinformation to create the impression that any attempt to protect data or communications is essentially futile on account of various highly-technical-and-scientifical techniques that can be employed by clever-clever-expert type people such as myself via the harnessing of mysterious imperceptible emanations and undetectable soft/medium/hard-ware mubo-jumbos.

5. The world at large throws up its hands in despair, shrugs it shoulders, and says to itself 'oh well, I may as well not bother to even try to protect myself'.

6. To assist me in this I induce susceptible well-respected independent experts to endorse this misinformation by means of my extensive knowledge of their 'romantic interests'. This has the additional benefit of provoking considerable dispute between the corrupted and non-corrupted experts and thus reinforces the sense of hopelessness and uncertainty among the general population.

7. Additional Wizard-Of-Oz style Batesian mimicry such as ostentatiously constructing an un-necessarily large data-centre and launching satellites emblazoned with scary world-embracing-cephalopod logos can only help. I might even consider staging leaks of seemingly extraordinarily advanced capabilities that I do not in fact possess, declare my intent to construct a quantum computer, and then employ my coterie of tame experts to endorse the plausibility of my omniscience.

How does that sound?

I am inclined to agree with Clive – that the capabilities of these organisations are actually likely years *behind* the field, not years ahead. They are government funded and they are, by design, almost impossible to audit – so which is more likely: that they are exemplary power houses of efficiency, innovation and competence, or that they are turgid back-waters of lethargy and failure clogged to the gunnels with incompetent incumbent careerist psychopaths? It seems to me, given the lack of oversight, that the only existential threat these organisations have any clear motivation to put effort into addressing is the possibility that their funding might be cut. I am a big fan of evolutionary biology – I see no selective pressure encouraging them to be successful at doing what they're supposed to be doing because we are never allowed to see what they're up to or to measure their effectiveness. The recent revelations suggest we may actually be getting *something* for our money – maybe all the more reason to worry that these revelations may in fact be a covert PR campaign!

Adam Curtis (in his BBC blog) has a fantastic quote from Le Carre about his own experience (though granted this is going back many decades now); he had worked for the service and freely admitted that it did not at all resemble the made-up world in his novels:

"For a while you wondered whether the fools were pretending to be fools as some kind of deception, or whether there was a real efficient service somewhere else. Later in my fiction, I invented one. But alas the reality was the mediocrity. Ex-colonial policemen mingling with failed academics, failed lawyers, failed missionaries and failed debutantes gave our canteen the amorphous quality of an Old School outing on the Orient express. Everyone seemed to smell of failure."

I am no expert, and all I do is read this blog – though I have been doing so for a while now. What perplexes me a little is that given that these people appear to have had a lovely mail-order smorgasbord of fantastical surveillance/intrusion/spooky-dooky doodahs for so many years, why is it that no one is piping up saying "oh yeah – we found an example of that one a few years ago" or "yeah – look – here's a photo of what we found inside the 'ferrite' on one of our cables"? Maybe these techniques are just so advanced that no one outside can detect them – though they don't sound like that to me from their descriptions – or, maybe, people *have* been finding them but are being sinisterly silenced... or, just maybe, the reason no one is finding them is because, mostly, they don't actually exist! Perhaps STUXNET was just a very rare success (aided by being (co?)developed by some people from a country motivated by a rather more pressing existential threat) and maybe it was one of the few things they've ever done that actually worked, and that's *why* it was found, because, actually, such things aren't really that difficult to find once they've been deployed to the field?

Clive RobinsonJanuary 5, 2014 7:49 AM

@ Ian Moffit,

    Another source of inspiration for which much documentation survives is Seymour Cray's...

His work --the last time I looked-- still lives on in production machines (Sun Starfire systems).

Both Sun and IBM realised that the bottle neck in mainframe systems was not CPU speed but interconnection speed for communications with storage and other systems/users. Seymour Cray realised this as well (his background was the Intel community) and he designed an effective bus switching system which Sun purchased the rights to.

IBM likewise developed such switching that is seen in their Z range machines.

Multiple CPU systems with shared access to a switched back plane shared with memory and IO is the way to go. With the real limitation on what's possible being the switch.

One method is to drop the old conventional "parellel bus" designs due to many issues and replace them with high speed serial buses, such buses can quite easily function at 6-20Gbit/sec these days so the bottle neck is the switch design.

I must admit for a high performance at low cost I'd seriously consider Gigabit ethernet managed switches with four or more connections from each computing block using iSCSI or simpler equivalent for all shared memory, storage and IO. Yes there are faster ways and yes there are cheaper ways but it kind of howers in a well supported sweet spot.

jonesJanuary 5, 2014 8:18 AM

@ Mike

That's not a nutty thing to think. A defining characteristic of disinformation is a mix of truth and falsehood. The idea is that uncertainty neutralizes the value of whatever useful information seeps out.

While that notion elides nicely with your suspicion that the government is years behind the curve, I think there are a few things to keep in mind. They are likely behind in some areas, and ahead in others. Since World War II and increasingly since the 1960's, the government has funded a lot of research at Universities, essentially guaranteeing access to a lot of the most current research. The CIA even runs a venture capital firm called In-Q-Tel (which it frequently operates at a loss) to ensure access to the latest ideas.

But your notion of accountability raises an important point: efficiency and accountability don't go together. Accountability is not efficient because it means you have to justify your actions at every step. The NSA is not accountable, so you might as well suspect they're highly efficient. I suspect efficiency isn't an issue for them because their funding is practically unlimited.

But I suspect they're largely ineffective as an intelligence agency because they've picked for themselves a task that is by and large intractable. That said, I think they're only nominally an intelligence agency, and probably spend more of their time engaged in industrial espionage, tracking dissent, interfering with foreign governments, and serving to further the objectives of the President's policy advisers in other overt ways.

http://cryptome.org/echelon-ep-fin.htm#10

Take away the assumption that NSA is an intelligence agency, and they start to look different.

After all, what evidence is there that they are an intelligence agency? They missed 9-11 and the Boston Bomber, and pretty much every other high profile terror case has been a case of entrapment using paid FBI informants.

https://www.google.com/search?q=fbi+paid+informant+terrorism&ie=utf-8&oe=utf-8

Some high profile convictions have even been overturned due to proprietorial misconduct:

http://en.wikipedia.org/wiki/Detroit_Sleeper_Cell#Post-trial

Finally, I don't think it's worth doubting that the NSA has massive intercept capabilities and massive data storage capabilities. What is worth questioning is what they do with these capabilities.

What concerns me is the legal practice of "parallel construction"

https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-laundering

combined with data shared with "intelligence fusion centers" around the country

http://en.wikipedia.org/wiki/Fusion_center

and disturbing trends with respect to how provisions of the PATRIOT ACT have been used in practice:

http://boingboing.net/2011/09/07/patriot-act-search-warrants-overwhelmingly-used-for-drugs.html

LocumJanuary 5, 2014 8:29 AM

There is a 2010 patent issued to Apple Inc. ("Cryptographic system using chaotic dynamics" ) for a cryptographic system. http://www.freepatentsonline.com/y2010/0014678.html

Among its claims is that it has a backdoor: "The degree of difficulty involved in deriving the private key is dependent on the adjustable back door. That is, the value of the back door can be adjusted to vary the difficulty involved in deriving the private key."

If Apple is using this technology in their current products, could their recent denial of non-cooperation with the NSA be understood differently?

MikeJanuary 5, 2014 8:52 AM

@jones

Many thanks for the considered reply and all the links – interesting stuff indeed.

My accountability/efficiency angle was more in reference to the question, which you address, of whether they are even doing (as in being 'efficient' at) what they're actually *supposed* to be doing – rather than something else – which as you suggest may well be the case. I am always a bit wary of anything being subsidised/run-at-a-loss – though for sure sometimes this is necessary in order to get something special – though I fear the lack of selective/funding pressure on an entity that's paying others to do its research for it is likely to leak into the standards/requirements applied to that research. My emphasis I think is on 'selection pressure' because in the absence of oversight I guess I'm wondering what it is that *is* actually 'governing' what they decide to do and what they don't decide to do. I was thinking that ensuring their own funding and/or whatever is necessary to continue their own existence would be an obvious priority – and unfortunately I agree with you that this could provide quite strong motivation to use whatever capabilities they do have, and their special societally endorsed invisibility/gagging cloaks, to languidly pursue all manner of rather unsavoury and potentially anti-social avenues. As far as their actual intercept capabilities go – I imagine you have a far better idea on that than I do – I think I was questioning more how easily/trivially defeated such capabilities might actually be rather than their ubiquity – and for sure I guess they probably do need to store a lot of data nowadays (to say the least!) - it just seemed to me that building such a high-profile and obviously very 'large and shiny' above ground monstrosity seemed unnecessarily ostentatious and maybe hints at middle-aged-man-buys-flash-sport-car-definitely-not-compensating-for-anything syndrome!

Iain MoffatJanuary 5, 2014 10:02 AM

@Name Witheld: I was only ever suggesting that the functionality of the individual programmed PLD can be verified by exercising the entire truth table (16 inputs 8 outputs is feasible to test at low / medium speed with a simple TTL and ROM based tester that is programmed to stop on first error) - as long as the comparison ROM is prepared using an independent tool chain. Provided that you buy the PLD before doing the design you can be sure it is free of any hidden functionality tailored to attack your solution, of course.

We used to develop PLD and PROM logic designs using locally developed tools in IBM BASIC on an IBM PC-AT in the lab a decade before any of the tool chains you mentioned, so it is possible to build non trivial hardware without resort to anything very advanced. In simple terms the tools did a "brute force" evaluation of an algorithm or formula for all input bit patterns - the input could be divided into bit fields to represent different variables - and generated the resulting fuse pattern in a form that could be programmed.

PLDs are good for registers, multiplexers, decoders and their control logic; fast PROMs do ALU-like functions and look up tables (essentially both have an AND-OR array behind each output bit and the difference is in the fuse locations - in a PLD they are in the both the "AND" and "OR" arrays but a PROM has a fixed AND-array as the address decoder and only has one fuse per output bit). The PROM version of a RTL to bit pattern generator can be written in a day - the logic version is a little tougher if significant optimisation is wanted. Each PLD or PROM represents a register and its associated logic. The RTL design was mostly done on paper in those days (at least where I worked), and really only PCB layout was in CAD. But I'm sure we knew to the last bit and volt how it worked !

Iain

jonesJanuary 5, 2014 10:05 AM

@ Mike

> I was thinking that ensuring their own funding and/or whatever is necessary to continue their own existence would be an obvious priority

I think you're quite right to suspect this is their top priority.

For comparison, when WikiLeaks was first launched, they brought on a number of Chinese dissidents, and marketed themselves as working to end censorship in China

http://www.theage.com.au/news/Technology/Chinese-cyberdissidents-launch-WikiLeaks-a-site-forwhistleblowers/2007/01/11/1168105082315.html

"Our primary interests are oppressive regimes in Asia, the former Soviet bloc, sub-Saharan Africa and the Middle East, but we also expect to be of assistance to those in the West who wish to reveal unethical behaviour in their own governments and corporations," says the site WikiLeaks (www.wikileaks.org).

An official for WikiLeaks in Washington, identifying himself as Julian Assange, told AFP on Wednesday that the group hoped to go online from March but had been "discovered" before its launch and was not fully prepared for the publicity it was now receiving.

WikiLeaks is "an international collaboration, primarily of mathematicians... of various backgrounds, some Chinese," said Assange, who said he was a cryptographer and member of the advisory board.

The Chinese were not people living in China but expatriates, he added"

(January 11, 2007)


This turned out to be a likely ploy to defraud CIA, which throws money at dissident groups in China and elsewhere somewhat indiscriminately, the idea being to spend whatever they have so they never have to ask Congress for less the following funding cycle. I.e., they avoid accountability to keep he money flowing, rather than to operate more efficiently.

To be a little more specific: because WikiLeaks had a .org URL, they needed a real person to register the domain, and approached John Young, who runs Cryptome.

Eventually, Mr. Young became disillusioned with the organization and published a series of internal development emails

http://cryptome.org/0003/wikileaks-lash.htm

Date: Sun, 07 Jan 2007 07:21:34 -0800 To: From: John Young

[This is a restricted internal development mailinglist for w-i-k-i-l-e-a-k-s-.-o-r-g.
Please do not mention that word directly in these discussions; refer instead to 'WL'.
This list is housed at riseup.net, an activist collective in Seattle with an established lawyer
and plenty of backbone.]


Addendum:

The CIA would be the most likely $5M funder. Soros is suspected of being a conduit for black money to dissident groups racketeering for such payola.

Now it may be that that is the intention of WL because its behavior so far fits the pattern.

If fleecing the CIA is the purpose, I urge setting a much higher funding goal, in the $100M range and up. The US intel agencies are awash in funds they cannot spend fast enough to keep the Congressional spigot wide open. Academics, dissidents, companies, spy contractors, other nation's spy agencies, whole countries, are falling over themselves to tap into this bountiful flood. But competition
is fierce, and accusations of deception are raging even as the fleecers work in concert.

Chinese dissidents -- a brand name among many -- are already reaping huge benefits from covert funding from the US and from the PRC, along with others in the former Soviets, in Africa and South America, inside the US, UK and Europe, in the Middle East and the Koreas, who know how to double-cross ditzy-rich Dads and Moms.

WaelJanuary 5, 2014 11:15 AM

@ Binno,

There one could easily place a slot antenna. So once they get access to the computer room they are in.
If they have that level of access, installing a "slot antenna", whatever that means, would not be their first choice. A rogue piece of equipment (hot spot, router, printer,...) would be the way to go. Better yet, a rogue employee or a contractor in IT would be way more productive. An antenna in a server room is really not that efficient, generally speaking. I suggest for future bug discussions, the following be specified and or discussed: purpose, efficiency, ease of installation, detection, and mitigation. Try to map the "bug" to a purpose, a target environment, and a "use case", then we talk about details.

wumpusJanuary 5, 2014 11:24 AM

As far as building your own "unattacked" cryptosystem from "the ground up", I have two suggestions:

Solitaire While this is slow, it does not require any setup, and the system can't be attacked this way (unless Alice or Bob is lazy and uses a computer). The big problem is convincing people to use solitaire, especially without computer assistance. And then there is the issue that each message needs a separate password (presumably a simple sequence encrypted with another solitaire password, but I haven't looked deep enough to tell).

Forth. Forth has a long history of being used to create everything from the compiler to a primitive OS as a bootstrap loader (for a long time, this is how Sun machines booted Unix. For all I know, they still do). You could go whole hog and build your system around an FPGA (preferably from a rasberry pi or similar that includes a large FPGA, but I would assume that any attacking ROM routines would be simply incompatible with your FORTH machine (I'm assuming taking snapshots of memory and sending it off to Fort Meade would show up when trying to stay under Comcast "bandwidth" limits. If you are a Snowden-level target, I would assume that your Solitaire playing cards are bugged, let alone any hardware you could kludge together).

But don't expect to get your Forth machine up and running faster than it would take to encrypt all needed (pure text) communications. If you need to transmit huge binary files, solitaire isn't going to work. What little work I've seen on it claims it appears "weaker than RC4", so there is a good chance that the NSA has broken it already.

MikeJanuary 5, 2014 11:30 AM

@jones: Fantastic – for me this adds a further would-be-funny-if-it-wasn't-quite-so-depressing layer of irony to a situation already creaking dangerously under the weight of various other depressing ironies. I particularly like his use of brand-name in this context.

kashmarekJanuary 5, 2014 11:58 AM

Just wondering, is this web log a good source of information to aid them is setting directions for what to work on next? Any FUD here?

By the way...

Police could use radio waves to bring card to a halt:

http://www.newscientist.com/article/mg22029475.200-police-could-use-radio-waves-to-bring-cars-to-a-halt.html#.UslJVPbeSUc

From the "what could go wrong department", if police can get these devices, so can ANYBODY. Police cars will be targets of the perps.

Accelerating the war...generally leads to more war.

SkepticalJanuary 5, 2014 12:53 PM

Some of the technical discussion is very interesting, though way above my head.

However, there's an obvious implication to draw from the recently leaked materials:

The across the board, at the fabrication level, compromises that some were worried about don't seem to exist presently.

Consider:

Hypothesis: the NSA has executed a compromise of certain hardware at the manufacturing level. This compromise enables capabilities in a set we'll simply call Z.

Consequence: for such systems, elaborate interdictions and sophisticated bespoke mechanisms are no longer necessary to achieve capabilities in the set Z.

Example: a widely used random number generator is compromised at the manufacturing level, enabling the NSA to decrypt, feasibly, encrypted messages sent using that generator. So long as a target is using that generator, and one wants to read encrypted messages sent by that target, no additional measures are necessary.

Example: a widely used processor is compromised at the manufacturing level, enabling the NSA to send and receive signals from the machine in which it is installed, and enabling the NSA to direct the processor to execute instructions. In such a case, there is no need to bother with interdictions, or being crafty with speedy servers or surreptitious sockets.

Empirical observation: interdiction and bespoke approaches are widely used by the NSA.

Conclusion: the behavior of the NSA contradicts that which we would expect if the NSA possessed built-in compromises for widely used systems enabling monitoring, control, or decryption capabilities. This conclusion is subject to a qualification, discussed below.

Put differently:

We see from recent leaks that the NSA is actually quite focused on means of collection that would be unnecessary if a compromise built-in at the manufacturing level existed. This implies that no such built-in compromises exist, even if they are theoretically possible.

This analysis of courses rests on the assumption that if the NSA had such a built-in compromise, they would make wide use of it. It's also possible though that such a compromise would be considered so highly valued, and so perishable, that its use would be extremely narrow and restricted, and that most of the government would need to carry on as though such a capability did not exist.

However, that kind of restraint would, if anything, exceed that shown during WW2 with respect to ULTRA and MAGIC material, and there would be strong incentives on the part of internal actors to erode that restraint.

So now let me derive a further conclusion:

The systems mentioned in the catalog as requiring interdiction are precisely those systems not compromised at the manufacturer level.

There are additional reasons to strongly doubt the existence of such compromises, not least of which is the fact that the NSA does not control the design and manufacturing process.

And lastly about interdiction and bespoke installations:

That's expensive! Getting a court order, intercepting a shipment, falsifying tracking information, opening the shipment and installing your solution, testing the solution, sealing the shipment just right, and then putting it back into the shipping chain so that it will arrive as expected is something that requires a lot of people, a lot of personnel hours, a lot of expertise, and so therefore a lot of money.

Contrary to musings about the NSA's unlimited budget, leaked documents show that the budget is very far (infinitely far, to misuse a concept) from unlimited (comparison: NSA budget - 10.6 billion : Google operating expenses for 2012 - 37.4 billion). It doesn't take a genius to look at the budgetary breakdown and see that these interdictions and installations are not being conducted on a mass scale.

One of the weak points about the leaked documents is that they seem to be largely presentations by vendors, who have an interest in hyping their products. When a vendor trains a client's personnel on the use of a given tool, after all, the vendor isn't simply training; it's also advertising. So the data will be skewed in a way that magnifies the power of a product. Think about how a pharmaceutical rep would try to "inform" a doctor about a medication. That seems to be the level of many of these presentations.

Nonetheless, taken in aggregate, there are sufficient data points to put together quite a lot of information about the NSA's actual capabilities, and no doubt foreign governments are well into the process of doing just that.

Final point - mosaic theory: a single instance of a type of information may seem innocuous, and able to be disclosed without harming national security; however that same instance of information, when multiplied many times over, and combined with instances of other types of information, may contribute to the exposure of much more. This macro-consideration of the effect of information disclosure is done when types of information are classified, but is not done when journalists decide what is "truly harmful" and what is not.

Nick PJanuary 5, 2014 12:59 PM

@ Iain

"Another source of inspiration for which much documentation survives is Seymour Cray's CDC6600"

I didn't know it used separate chips for that. That is interesting. Clive beat me to it I was going to mention that mainframes do dedicated IO and an IO hypervisor. IBM has been on top of such things for a long time. I'm sure I'll enjoy seeing the Cray strategy, though.

re PLD and hd design stuff

Thanks for the good info.

@ Clive

"His work --the last time I looked-- still lives on in production machines (Sun Starfire systems)."

Cray's work also lives on in Cray systems. :P If there was a successor though, I'd ignore the Oracle hardware and give credit to SGI instead. Their NUMA systems have always been excellent. Even in bankruptcy with little to no development, they still have the best one in some respects.

Nick PJanuary 5, 2014 1:49 PM

@ Skeptical

You raise good points about subversion. Such thoughts did give me a little bit of comfort. The problem is it might not tell us as much as it seems. So, I'll write a few things that make me concerned.

Using your logic: FBI has access to some NSA tools and their own extremely high end attacks. Yet, they typically use regular warrants and low tech digital attacks against criminals. FBI fails to track or prosecute some due to this. Wouldn't this mean that superior tools with superior results didn't exist? We know they do, so apparently not.

Compartmentalization/OPSEC: Not all tools are available for all uses or agencies. There are usually tiers of them. The higher up you get in classification and importance of mission the better stuff you might get. Certain tools they didn't even like to use as they didn't want people to know they had them. In FBI's case, pinpoint cellphone tracking without GPS wasn't admitted until 2004. Up to that point, many crooks thought their cheap (and old) burner phones were "untraceable." Oops... In DEA, we find that they were using high end tools and creating false chains of evidence to disguise it. NSA pretended certain standards were hard to break, even "improving" them, to convince us to use them. And yet groups within NSA could hack them.

Subversion Stealth: NSA subverts processor to be excellent enabler of their rootkits (eg memory cloaking, full privileges). The subversion must never be discovered in the field. The best way to do that is to put a trigger in that only they can access. It might be activated with one of their attack tools or an interdiction. A more manual activation ensures accidents are unlikely. It still might be much better than others: putting subversion in the PCI controller to look for a specific random 1,024-4,096bit sequence from *any* PCI device. In this case, they'd just need the PC long enough to plug something into one port and send that sequence.

Time passed: Much of the tech in the leaks is old. They had some kind of backdoor in Intel and such *then*. They have more opportunities today. So, what did they hit?

Opportunity: They have human spies, surveillance, military units, global partners, and over a hundred million dollars for these types of programs. RobertT indicated that certain aspects of the overall process would be easy to hit if you had talented people and access. I'll add even easier if the companies were in US and forced to comply, allowing NSA to work on higher level specs. Shouldn't it be assumed that they've done this or are working on it now? If not, why not?

Complexity: Just having a specific subversion in the chip, like RNG, doesn't guarantee compromise itself. The way the system is used adds complexity (and might defeat the sploit). The Linux and BSD OS's, for instance, aren't relying much on the hardware RNG's. Many tools also get human-generated entropy on top of system rng. BIOS's, hardware, and OS's might be configured differently in a way that stops a lower quality (but simple/stealth) subversion. Just like with regular black hats, having a rootkit doesn't guarantee success. (Except on iOS, it turns out haha.)

Compliance: Another thought just entered my mind that I actually want your opinion on. I imagine any engineers being forced to subvert a chip or leave a spot open for "enhancements" wouldn't be too happy about it. Esp post-Snowden, I figure many have enough brains to know what it's intended for. If the subversion was limited & required manual activation, do you think engineers would be more likely to go along with it? The mental picture I have is their boss tells them they aren't enabling "push button control of every system out there" but instead increasing access/control of "a small number of specific systems."

re budget

"It doesn't take a genius to look at the budgetary breakdown and see that these interdictions and installations are not being conducted on a mass scale."

There's just a few major shipping firms and mainstream computer vendors. Paying off all one-time for setting up a painless (to them) interdiction process might cost tens of millions to a hundred million. Legally ordering their leaders to follow orders, take a small "compensation," and maintain silence to maintain their freedom costs essentially nothing. The diversion process itself would just be a step in the manufacturing or shipping facility that might be explained to crew as "for security or regulatory inspection." In other words, it would be free per attack after initial setup. Each main hub or facility might need one salaried individual with the implants. Assuming they get $100k a year and 100 locations, the interdiction process would cost $10mil a year to maintain.

Definitely not out of their budget. If anything, it's "a mission enabling cost saver" compared to black bag jobs.

re your overall claim

"The systems mentioned in the catalog as requiring interdiction are precisely those systems not compromised at the manufacturer level. "

It's a good claim. I just think that, with options available other than trusting them, we should take such options just in case the issues I brought up are real issues. Buying foreign designed and fabbed hardware is an easy route that should reduce risk [against NSA]. I don't see the name of a single foreign chip on that list. Following your logic, using my approach means that black bags or interdiction are *the only* ways they could subvert such systems. And if the equipment never enters US, then the odds get even better. :)

BenniJanuary 5, 2014 3:50 PM

These interdiction methods seem just to work in USA. How could they, for example, make an "interdiction" at the german amazon.de that ships per german's dhl?

@Wael: You wrote: "rogue piece of equipment (hot spot, router, printer,...) would be the way to go. "

And yes, In case of european embassy, NSA they did exactly that:

http://www.theguardian.com/world/2013/jun/30/nsa-leaks-us-bugging-european-allies

"One of the bugging methods mentioned is codenamed Dropmire, which, according to a 2007 document, is "implanted on the Cryptofax at the EU embassy, DC" – an apparent reference to a bug placed in a commercially available encrypted fax machine used at the mission. The NSA documents note the machine is used to send cables back to foreign affairs ministries in European capitals."

PtolmyJanuary 5, 2014 4:25 PM

@Mike the goat,

I was thinking along the lines of whether TPM is "fit for the purpose" of decrypting an encrypted blob with a key derived from the hash of various things (BIOS, bootloader, kernel, etc). Of course it misses things like the SMM, so it's not perfect (though I'm unsure if what's in the SMM can be persistent, or would have to be loaded by the BIOS).
See http://git.qubes-os.org/?p=joanna/antievilmaid.git;a=blob_plain;f=README;hb=HEAD for the idea. Basically the computer proves it is running what it was running when the blob was sealed in the TPM, before you enter any passphrase.
It is with that context that I was wondering about flaws in the TPM. Of course, we can't know of any backdoor in the chip, but I'd be interested to know of any "known" issues that would break the above scheme.

BryanJanuary 5, 2014 4:48 PM

As a stopgap machine, I've been investigating the Raspberry PI. The latest board design has JTAG headers, ARM cpu and ethernet controller, that allow access to the onboard firmware for debugging and update. Other than for verification there likely isn't much need to read them. Apparently the GPU on the broadcom chip is responsible for loading the initial OS from the SD card. Lots of really good information here for barebones rpi stuff: https://github.com/dwelch67/raspberrypi I still need to dig into it more, but I've heard elsewhere mention of separate jtag for the ARM CPU and the GPU. I need to investigate that more.


@Bill W.
Who said anything about doing it at nanometer scales. The transistor printing for LCDs is at a much larger scale. At this point a suitable “ink” for the substrate would need to be developed, then transistors, resistors, and capacitors could be printed on it. Traces would come from conductive inks.

A survey of the technologies used by the various groups that have done circuit printing needs to be done. I personally think working with thin sheets of whatever substrate is used in the LCDs and doing 2D printing is a faster route at this point. Multiple sheets could be combined for a CPU core/device.

Iain MoffatJanuary 5, 2014 7:32 PM

@Bryan: I like the RPi and use it where I need a dedicated small computer now. I havent played with all the OS ports yet - Raspbian and Pidora are a bit full featured and would need hardening for any very secure use I think. Some people have already made firewalls of them - e.g. Robert Graham's isowall: https://github.com/robertdavidgraham/isowall/blob/master/isowall.8.md

I havent mentioned the Pi in these threads because it doesnt address the issue of building trust from a root that can be made by the person or organisation who needs to know they aren't building on sand - it is simply too highly integrated and in particular one has to take the Broadcom chip on trust. For my purposes I haven't the need to be that careful so I use them quite happily.

As far as I know when I last read any papers on LCD thin film transistors their performance (due to being relatively large) was two or three orders of magnitude worse than traditional silicon (but fine for LCD screen refresh rates) - I think the 1960s approach of layered 2D screen prints and soldered on transistors or small scale logic ICs is probably able to get more performance in the same space when applied to computer circuits. Modern discrete transistors can be really quite small e.g. 2x2mm so the density is going to be much better than was achieved in the 1960s.

Iain

name.withheld.for.obvious.reasonsJanuary 5, 2014 7:39 PM

@ Iain Moffat

Cool, I use custom embedded uProc systems to ring components out components or sub-systems. For me it's more reliable for signal/patch/jitter simulation on a target FPGA. FPGA's are great for prototyping and design verification before going to Fab. I always check to see if I've done something stupid with a netlist and architecture buses and any external I/O. The PLD's, went out of vogue in the late 80's about the time of second generation SMD. Great to know there are still applications. The recent loss of the 486 (not a big fan) is kind of sad. But, losing a 4051 would be a tragedy I'd find hard to deal with. A satellite system I worked on three years ago needed an old school guy to make it work again--the original scientist/engineer could not be coaxed out of retirement. Designed in the mid-80's, launched in 05 and operational in 07, finding "qualified" parts was not fun. I say this to relate with you the fact that there is a tendency to forget history and the lessons that are "unteachable". One day you wake up and say "How'd that happen?!?!", and then it might be too late.

Nick PJanuary 5, 2014 8:39 PM

Re LISP machines and OS's for anti-subversion

I found the source code to an OS in LISP. This was a LISP machine. Might be instructional reading along with these links. A ground up LISP OS has potential for security as it eliminates many native risks, while allowing for both confinement (Scheme security kernel) and safer concurrency (Clojure).

Plus, I still haven't seen a platform that can claim all the benefits of Genera LISP OS/IDE. That kind of thing makes me jealous. One of those implementing Linux API with Python support would be pretty nice. :)

re mainframes

I was trying to find a way to run OS/360 or certain secure platforms (eg KeyKOS) that ran on mainframe architectures. I found this excellent emulator that supports most of three IBM architectures & runs many of their OS's. Excellent way to dip one's toes into mainframe computing.

Here's a detailed description of zArchitecture for those interested in how IBM mainframes work on inside. You also can see how it evolved over time to increase capabilities, while keeping programs future proof. I think it's still the most future proof platform ever designed, both a benefit and a detriment. The security/integrity features, resource management and IO offloading are worth considering for future designs. Availability benefits optional as we're less interested in them and they add difficulty to an already difficult problem.

Not everyone liked it, though: "I characterized the Russian decision to build a bit-compatible copy of the IBM 360 as the greatest American victory in the Cold War." (Edsger Dijkstra)

re papers papers papers

Just ran through most good resources on ACM and IEEE to see what's happened in 2013 (and 2014 preprints). Downloaded over a hundred papers that I have to review. There's a few I know I'm sharing here. I even have one or two for crypto geeks. I'll probably post them in next squid thread.

PetrobrasJanuary 6, 2014 3:22 AM

@Iain Moffat: "layered 2D screen prints and soldered on transistors [...] (can be really quite small e.g. 2x2mm)."

Could the soldering be automated by 3D printers with conductive inks ?

If the surface of transistors pins have been corroded by an acid, then the resulting printed 3D circuit would be sturdier.

@Bill W. "And you need to print, oh, several hundred million transistors to get a circuit whose performance would be considered anything equivalent to the last 15 years of computing."

Restricting to "the last 15 years of computing" is then a bad decision. Just print Inmos T414 with 300,000 transistors (http://bitsavers.informatik.uni-stuttgart.de/pdf/inmos/transputer/72-TRN-205-00_Transputer_Applications_Notebook_Systems_and_Performance_Jun89.pdf http://www.fpgacpu.org/usenet/transputer.html are two interesting links about them). Or the Motorola 68000 with 68,000 transistors, limited to 1Mo of RAM.

@Figureitout: "most hardened pc that isn't some 8-bit 16k RAM breadboard pc."
1MB of RAM is enough to run the "tiny" Web server http://cs230.wikispaces.com/Tiny+Web+Server and the "TCC" C compiler http://bellard.org/tcc/tccboot.html (executable of 138kB). Given the deep penetration of NSA in all ours tools, secure computing should only involve tools with small source codes. "tiny" and "TCC" are such tools.

If you don't mind restricting to 6kB of "RAM", look at http://en.wikipedia.org/wiki/Transistor_count#Transistorized_computers which for example lists Autonetics http://en.wikipedia.org/wiki/D-17B at 345.6 kHz consuming 250 watts, with 1,521 transistors, 6,282 diodes, 1,116 capacitors, and 504 resistors, with a mean time between failures (MTBF) over 5.5 years, and a weight of 28 kg.

Clive RobinsonJanuary 6, 2014 4:31 AM

@ Ian Moffit, Nick P,

You both/might find this site interesting,

http://www.cray-cyber.org/general/start.php

They have quite a bit of documentation up on line which is worth looking through but... that's not why I found the site originaly,

If you look in their current hardware projects they are also building a Thermionic Valve computer from scratch and part of their reasoning for doing so boils down to "research" to find out why things were done a certain way,

http://static.cray-cyber.org/Hardware/PaperMUNIAC.pdf

@ Ian,

With regards the Raspberry Pi and your comment about foundations of sand, yes it's a potential problem as is all modern hardware, and the lack of full chip documentation has been a reoccuring theam in that vein.

However as I've indicated a few times my belief is NO modern hardware can be regarded as trustworthy, thus you have to find ways to monitor or better mitigate in real time (it was one of the reasons I started down the C-v-P path).

If you think about "monitoring" even untrusted harware can be used as a "litimus test" to detect the unwanted attentions of attackers with zero day or worse attacks.

Put simply if you use untrusted hardware as your "garden gate" not your "front door" then you get an opportuity to see your attackers in your "front garden" not your "front room". Whilst in the front garden they can do only annoying --not harmfull-- damage, but importantly their intent is clearly identified as hostile, and this gives you time to respond before they can do harmfull damage.

Once upon a time we used to do this with "bastion hosts" and "De-Militerised Zones" watched over by guardian systems that could not be enumerated from the DMZ. It's a stratagy that has much to offer that later "Firewall Apliances" just cann't do.

So using one Raspberry Pi as a Bastion Host immediatly behind the already owned ISP router gives you your DMZ "front garden" in which you have another "instrument" host [1] that can see the DMZ but not be seen from the DMZ. The instrument host could be a second Raspberry Pi or other system running appropriate OpenSource software and controling a "hard gate" [2] behind which a non Raspberry Pi firewall sits that gives access to your "front room" internal network (or further DMZ / protected / sacrificial / honeypot zone).

[1] Instrument hosts have many names basicaly they are a striped down and hardend host running packet analysis software like any conventional IDS. However the difference is they only have one way cables connecting then to the DMZ network. Basically you cut the instrument hosts TX lines. My home brew way to do this is not to do it in a network cable --it always ends up causing problems-- but to make an "Instrument head" which is basicaly a comercial off the shelf network surge suppression device and cut the TX tracks on the PCB.

[2] A Hard Gate is a device to "cut the connection" and effectivly air-gap the down stream network under the control of a simple signal. It's quite simply made and basicaly consists of four reed relays in the TX and RX network paths. The reeds are "Normaly Open" and need to be energised to close which gives a "Fail Safe" element to the design. The energising signal comes from the Instrument Host, which at the first sign of problems drops the signal and the network is the equivalent of Air-Gapped from that point onwards untill the signal is re-asserted.

Mike the goatJanuary 6, 2014 10:37 AM

Ptolemy: I don't have any super classified information that is fingering TPM but I do have a series of architectural and construction questions and I guess some of the key design "features" when looked at with our post Snowden tin foil hat. Anywhere in a system that keys are stored, and stored with the promise that retrieval without the key is impossible - well, it makes me nervous. I like Joanna's work at using the debug registers to retain the key..very clever and you effectively mitigate the cold boot RAM attack (but a few attacks remain available)

AnuraJanuary 6, 2014 11:43 AM

The problem with using anything to verify the BIOS is that you have to trust that whatever is reading the contents of the ROM is reading it accurately and is not subverted itself. Theoretically, to protect against malware infections down the road (as opposed to receiving a subverted BIOS in the first place), you could use a smart card with hardware that verifies a message authentication code (possibly combined with a password), and only ouputs the MAC when the user physically enables it to (i.e. when you are flashing a new BIOS). You just have to trust that that hardware itself isn't subverted to always return true.

FigureitoutJanuary 6, 2014 12:17 PM

Petrobras
Given the deep penetration of NSA in all ours tools, secure computing should only involve tools with small source codes.
--You will find no arguments from me there (preferably elegant coding and decent functionality); I like the tiny computers, each w/ different purposes; but if everyone has an iphone the comms are compromised. Plus, how do most everyone connect to here? Probably either smartphone (a walking wifi/bluetooth sniffer w/ complexity and no control) or modern pc connected to compromised router...I've got a Rasp Pi and a Beaglebone, thinking of what to do w/ it (may try to interface w/ my calculator); but even those have quite a punch and untrusted chips.

RE: TCCBOOT
TCCBOOT is only 138 KB big
--Like it but A full 4tH compiler (including VM, RPN calculator, editor, C-source generators) has a typical footprint between 35K and 65K (depending on compiler, optimizations and OS). -- (http://thebeez.home.xs4all.nl/4tH/)
Only problem is learning RPN & Forth if you're used to C (but it's based on a C function). And further at the bottom of the page, Create a CD from it and boot it to see TCCBOOT in action (PC with at least 64 MB of RAM required)--Where do I insert my CD on my breadboard w/ 16kB RAM? Not being a dick, but maybe we can make it even smaller...

RE: D-17B
--I like to see computer systems that are rugged and reliable (would have qualms using a computer meant to kill, but it's the mind that pushes the launch button); these are the kinds of problems we 'should' be working on to prevent failing tech. in space. But no...we're still stuck on juvenile things like having control of our own computers...

Clive Robinson
--I have one more question (sorry) about if you were able to port Forth onto a TI calculator from here: https://www.schneier.com/blog/archives/2009/09/texas_instrumen.html#c393715

I have a general idea how I'd do it; but still got a lot of learning...No need for a bunch of explaining too (I'm never asking you about FFT again! :). If not, a simple "No" would suffice.

FigureitoutJanuary 6, 2014 12:36 PM

Clive Robinson
--Ah forget to mention my logic for using a graphing calculator for potential INFOSEC. First the calculators are typically powered via battery, so some powerline attacks are mitigated (TEMPEST still big issue). Next, due to their use in schools, and TI and the schools want to be sure the calculators can't be used for cheating (even though most math classes won't let you use any tech), I believe they would less likely to have RF, no Bluetooth; interdiction still issue. TI tried to protect it from getting a custom OS too but that eventually failed.

Running an algo like TDES takes like 5 minutes to encrypt/decrypt; and it'll run through lots of batteries...Always a downside in security.

Clive RobinsonJanuary 6, 2014 12:42 PM

@ Figureitout,

Simple answer is no.

Not for technical reasons, basicaly 09/10 was not a good time for me and I had more pressing things to attend to.

Also the calculator like a "faithfull dog" has now been "loaned and re-homed" by a family member supposadly to help with their education...

I guess your father would say you've been loaned things like tools / equipment that you've now re-homed. It happens in lot's of familes and gives rise to the old joke,

"It's had two new heads and four handles, but it's still Grand Dad's hammer".

FigureitoutJanuary 6, 2014 12:50 PM

Clive Robinson
--Alright thanks. I think it's definitely doable as some other neat programs are out there. And oh yeah sure, my dad just brought home a homemade butter churner made by his dad...I'm like "Dad, why..?"; he's getting a little carried away w/ homemade everything and now is getting into beekeeping and honey...

PetrobrasJanuary 6, 2014 4:50 PM

@Figureitout: "(PC with at least 64 MB of RAM required)"

The 64MB is to host the source code of linux, and the CD is a way to let TCC read the source code (already preprocessed) before booting any OS.

You can naturally use the TCC executable from your favorite shell (/bin/sh, ...) as usual, and the memory requirement will depend on what you are compiling.

@Figureitout: "Plus, how do most everyone connect to here?"

If Inmos accepted to put one of its transistors layouts to the public domain (after eventual crowdfunding of the price involved for that), then most everyone will connect with its native serial lines (Firewire ?).

@Figureitout: "no...we're still stuck on juvenile things like having control on our own computers"

Yeah. I just wanted to warn readers of this page soldering transistors on 3D printed circuits, to take care of mean time between failures in their design.

@Figureitout: "and it'll run through lots of batteries...Always"

You may add a car battery, then.

WaelJanuary 6, 2014 7:30 PM

@Mike the goat,

effectively mitigate the cold boot RAM attack
As far as I know, the cold reboot attack has been mitigated a few years ago (more than 7 years), by having the BIOS scrub memory when the OS is not cleanly shutdown. There is a dirty bit in the BIOS to keep track of this condition. This is implemented in some commercial desktop and laptops. The BIOS will not hand control to the boot loader until all memory is scrubbed.

Nick PJanuary 6, 2014 8:09 PM

re innovative, open hardware topic

Petrobas and figureitout might like this board: Parallella Computer. The onboard Zynq processor combines ARM and FPGA logic. Versions of it are used in factories, imaging, wireless, and routing according to web site. The Parallella adds a Multicore Accelerator, various IO, and Ubuntu support. The idea is a "$99 Linux supercomputer" although I think it might be a nice prototyping board for security projects due to low cost, common processor (ARM), and FPGA for hardware extensions. A version of my MPP-type designs might be doable on such a board & way cheaper than full prototype boards.

We also discussed DSP's as an implementation possibility. I found a RTOS designed for them. Makes that concept a bit more believable.

re my research into historical robust OS's

Clive, name.withheld and Mike the Goat seem to like older OS's. You guys might like this one that hardly anyone seems to have heard of: CTOS.

Archived article: Unisys best kept secret is an operating system built for distributed business applications
https://web.archive.org/web/20000422235306/http://www.byte.com/art/9412/sec13/art2.htm

It reminds me of Plan 9 or Inferno in that it's a distributed construction. Core is a 4KB microkernel. Overall system was apparently of high reliability for mainframe vendor to have acquired it. Used by big organizations in likely mission critical work. And yet it *wasn't marketed!* Needless to say, it was eventually killed off much as OpenVMS under Compaq/HP went unmarketed and got killed off.

Interesting system, though. Might have design elements worth copying.

I also learned that a S/360-compatible alternative system called CP/CMS was likely the original "Just enough OS" product due to certain design choices. What I found most interesting is that the source code was shared. On topic of OSS, I also learned that Burroughs MCP system accepted feature suggestions (with code) and bug fixes from its community that it sometimes included into next version. So, it was also one of earliest users of an open source style development in a commercial product.

End with funny tidbit I found: MCP security process was called J_EDGAR_HOOVER. (Might be a hoax but if it ain't it's pretty funny.)

name.withheld.for.obvious.reasonsJanuary 6, 2014 11:04 PM

@ Nick P

You guys might like this one that hardly anyone seems to have heard of: CTOS.

Is that the Green Hill version? I believe they provide a series of robust RTOS distros, and didn't the acquire VxWorx?

I'm about ready to see if there is an IP stack for M/PM. I know it's old school but that's the way I like it. Seems today's systems are a collection of errors introduced by not knowing the past. Keep up the good work Nick.

PetrobrasJanuary 7, 2014 3:15 AM

@Nick P: "Petrobas and figureitout might like this board"

No, I want a fully auditable processor. I already have a raspberryPI and a quad-core ARM running linux, but I want now to trade computing power for auditability.

@Nick P: "an operating system built for distributed business applications".

Unfortunately according to http://en.wikipedia.org/wiki/Convergent_Technologies_Operating_System CTOS is no longer marketed to new customers.

There is enough available free and open-source microkernel OS: no need to create yet another one, no need to breach other's rights.

PetrobrasJanuary 7, 2014 3:29 AM

"enough available free and open-source microkernel OS"
Here is a list of open-source microkernel OS:
okl4.org dev.b-labs.com www.capros.org

Mike the goatJanuary 7, 2014 8:01 AM

Wael: a guy I know very well showed me a bit of kit he uses for evidence collection in these kinds of situations. I will email him and ask him what the device is called if anyone is interested. It came in a very serious looking attache cache with moulded bits for the parts to sit. Inside was a fire extinguisher sized bottle, tubing like the stuff you see doctors use for IV bags, and a collection of nozzles - about four of them. The device itself is about the size of a decent book and had DIMM sockets galore. Four DDR3, four DDR2 and two DDR1, two SODIMM sized DDR2 and DDR3 sockets to boot. The unit itself runs off a lithium ion battery pack and has two little wells designed into the body of the unit where earthing cable (two of them) come out on an auto retracting mechanism. This particular unit is in active service in a state crime lab. I won't divulge location as I don't want to get my buddy in trouble. The unit also has a small LCD screen, I guess about the size of a small smartphone say an iPhone 4.

Anyway I have a system that uses FDE one Windows with True crypt and another Windows "ultimate" (7) box using MS bitlocker solution. Both were just test boxes as I don't trust windows nor windows FDE. We took the case off both of the boxes and started on the one running truecrypt first.

When you turn the unit on it goes through a boot up and eventually gives you a screen. We pressed "acquire" and it pretty much prompted us all the way through (a feature that can be disabled for experts). Its first demand was to pull on the spool of cable and attach the alligator clip to the case or a grounding point close to the motherboard or power supply. Okay, makes sense.

The next prompt explained how to use the mysterious cylinder we saw and explained the gun like unit that was also in the kit. It asked us about RAM type and we answered DDR2 (older box). It didn't ask us for speed or anything too technical. We took the cylinder out and it instructed us to place it perfectly upright on a flat surface. It suggests you ensure you have enough to complete the operation and explains a method of checking the level by briefly immersing or pouring hot water on the bottle and checking the line where no condensation appears as the line at which the level is at. Anyway we had a full rig and didn't bother. We used the default nozzle it suggested. It then said to carefully begin spraying while the unit is still powered on. We followed the instructions abd soon we were shooting a fine mist liquid freon (it's not freon but a substitute refridgerant, can't remember its name. It is still a greenhouse gas though) onto the RAM. Yeah I figured there may be a chance to short the board but apparently the fluid is non conductive. After a minute of spraying we picked up the gun and checked the temperatures. When the threshold was finally reached the instruction was to immediately shut down by pulling the motherboard power connector (not the wall or PSU switch), which we duly followed. It reminded us that time was of the essence and beeped expectantly. I quickly took the two sticks of DDR2 out and jammed it into the waiting unit. Soon an LED next to each socket went on and the machine told us that it was waiting for the RAM (to acclimatize, to have a party I don't know). It then burned a copy of the "evidence" onto the two SD cards it insisted we insert. It appears to write in duplicate presumably for forensic and evientiary purposes.

Once it was done it asked if it wanted us to keep the RAM powered up for "later analysis" (I guess on a different machine back at spook HQ. Or if you don't trust their image who knows?) We answered no and removed the RAM as instructed.

He opened up his laptop, inserted one of the SD cards and found the file (it is a dump wrapped in the encase ewf format) and ran a few tools on it and came up with a couple (and I mean a couple) of suspected AES keys found in the dump. One of them is likely to be our truecrypt password after PBKDF stretching et al.

I unscrewed the HDD from the test box and gave him the disk which he put in a USB caddy. He used a "department modified" implementation of truecrypt as a FUSE component. Obviously thisgives them greater control although obviously slower being in userspace.

He fed in the list of keys into what looked like a perl script (only got a brief look over his shoulder as he was showing off the "elegant solutions") that took whatever from stdin and then passed the AES key itself directly to this fuse truecrypt implementation. It would then look for some "magic" on the disk using a modified photorec (Chris Grenier would love to know a state is ripping up his software without credit etc) - obviously it doesn't look over the whole disk as it was too fast for that (about 10 mins per attempt), and if nothing is found at all then it gives up and tries mounting using the next code pulled from stdin. If it succeeds it outputs the winning number and leaves it mounted ro for further "investigation". (Of course his fancy USB caddy machine had an integrated write blocker so its more a formality). It got mine on third try and took almost thirty minutes to do so.

This isn't much different to what is out in the open at the moment, but the complete toolkit would definitely benefit people who do a lot of this privacy invading stuff. This unit was cool as you essentially froze, confirmed with the gun it was cool enough all over and then put them into the unit which then did the acquisition automatically. See forensics people are lazy.

Now for the second box - DDR3 - it was much of the same. Freeze the RAM, kill the power, transplant the ram into the unit and it puts a dump onto an SD card. At this point my buddy starts looking anxious. "Ready to show me your bitlocker solution?" I asked him as I unscrewed the HDD. He clearly looked like he was under orders not to discuss this specific technology and how they bypass it. All he said was this - "uh, usually we don't need to cold boot to own bitlocker. Bitlocker is owned right out of the box, ya just have to ask" and wouldn't comment further. He did nonetheless acknowledge that "in some unusual situations where bitlocker configuration has been significantly altered from default or where a PKCS token is involved this may be our route to acquiring such evidence". So he took the HDD of the second system and all his fancy gear and left. I got a package in the mail only about three weeks ago with my HDD inside and three pieces of paper. One was a directory listing of the my music directory which i had populated with a few MP3s. I also put a word document in my documents saying something like "if you can read this I have been hacked" and he had that printed out too. The funniest bit of the gag came a few days later when I put the machine back together and powered it up (I just wanted to see if it booted and worked OK as I was going to format, install Ubuntu and give to a poor kid up the road who needs something for his college. I had a 4G dongle prepaid with a few GB still on it that ingot while travelling so I set it up for him too.. Oh and no I don't use Ubuntu its just easiest thing to give to people who are new to *nix.) and he had changed my desktop to a lolcat. I opened the word document and he had written some prose about security. So much for him going on about religious use of write blockers I see!

Anyway I hope this gave people some insight into how cold boot attacks have been commercialized.

Nick PJanuary 7, 2014 9:56 AM

@ name.withheld

Not GHS and way before them. Read the CTOS article I dug up. It was made in 1979 with people from Xerox PARC and Intel to make a desktop with graphics, virtual memory, networking, modularity, distributed computing, etc. Modularity was using a 4KB message passing microkernel for everything. Networking did more than connect machines to a server: it made a grid out of the devices on the network where every resource was available to every other (can you say VMS clustering + 1?). Only gripe I had with the design was it used cooperative multitasking so care must be taken. That could have been swapped out though.

Unisys eventually bought Convergent CTOS. Then, Unisys didn't market it, let it stagnate, and killed it. A pattern that kept repeating in history. (Still is if you count Intel's Wind River & RIM's QNX.) I think they just wanted the engineers and I.P. for their own use. Another pattern that will keep repeating.

@ Petrobas

Then put an ARM v2 on a board. If I recall, they were just 30,000 transistors. The newer ones aren't much bigger. Or just clone the Magic 1 homebrew CPU effort with necessary modifications. Or an open core. Point is you need to use a FPGA or emulator to get something working *now* to get an idea of how you'll productively use such a minimal system.

I still think someone like you will benefit from Forth, LISP, or Active Oberon running between software and hardware. With plenty of older or simple hardware as that layer. Simple route: Retarget [older] Oberon system to a chip you can inspect or even a custom (safer) chip. That gives you plenty functionality to start with made by well-intentioned academics with source and some documentation. Efficient, type safe, modular & garbage collected is a plus.

Then you can pull a Niklaus Wirth and make a M-code machine designed specifically for Modula/Oberon style. That a two man crew did it in two years with 80's tech means you can probably pull it off. Maybe with tagging or memory protection for security benefit.

I'll be trying out latest incarnation, A2 Bluebottle OS, soon. Their download links are 28Kbps or something so it took a week to get all the files. I doubt it's secure if attackers have ability to hit it but there's no reason to think the Wirth work was subverted. Would be a nice start for an air gapped development or document PC.

WaelJanuary 7, 2014 10:54 AM

@ Mike the Goat,

Thanks for the verbose description. This is a different attack than the one I had in mind (cold boot vs. cold reboot) The attack I said was mitigated is called "reset attack". This one, I am familiar with as well, but was not aware that "kits" existed for it :) I'll say more about that and TPM's in general when I get a chance.

Mike the goatJanuary 7, 2014 11:41 AM

Wael: as will I. I am preparing a nice little primer on newly fangled UEFI systems and all of the security problems they introduce where the chance to redesign something as conceptually important as the BIOS of the world of x86 could have made something brilliant.

IMHO you either grow up and fix the problems even if it means breaking legacy stuff or you admit defeat. Unfortunately the UEFI did it the cowardly way and tried to please everyone by making something that was supposed to be a whole new paradigm well, at best a mild improvement on the way the world boots - at worst, a monster that further complicates something they were trying to simplify.

FigureitoutJanuary 7, 2014 1:36 PM

Nick P
Petrobas and figureitout might like this board
--Looks like a fun toy, but as Petrobras said, looks like a lot of hidden places for goodies. I say a good benchmark on what kind of board I want is I should be able to hand de/solder all components. Yes, still could have hidden but the company/org. should sell itself on not having intentionally added malicious circuits and interdiction or getting the board in my hands securely will be the main problem. Then Tempest and all the fun w/ active attacks that I know what to look for.

FigureitoutJanuary 7, 2014 1:37 PM

Mike the goat
Anyway I hope this gave people some insight into how cold boot attacks have been commercialized.
--Yes, yes it did. Thanks.

name.withheld.for.obvious.reasonsJanuary 7, 2014 2:26 PM

@ Nick P

Thanks for the update, I was going from my fading long term storage/memory. At my age with over 35 years in the business (starting with the 4004) you'll have to forgive the erroneous attribution. At least I had the good sense to ask.

Looks like CTOS is a combination of a few of my favorites (QNX, Plan 9, MK/AD, and OS/9). The RTOS space is too divergent (and expensive) to have a favorite though I don't discount the value of DO178B or EAL6/7 platforms I cannot justify the expense for general purpose platforms for rendering cat videos.

And as always, thanks for keeping us informed. Now if the rest of the asses that don't understand what harm the NSA hath wrought, I suggest you read both the Declaration of Independence and Paine's "Common Sense" and change the context to modern day. Get back to me with what your interpretation of these documents. Jefferson, Madison, and Franklin ROCK!!! The original social hackers.

PetrobrasJanuary 7, 2014 4:04 PM

@Iain Moffat: "3D printer also has a software chain needed to prepare and print anything complex so is equally open to subversion and a lot more work to get something functional"

Here is a solution to make secure processors with owned printers:
- target a CPU with so few processor that you will be able to skip the "software chain", and program yourself the printer.
- only make CPU whose property rights you (or the public domain) own, so that others will benefit from your work.
- assemble all transistors upside down on a sticky flat surface.
- take precise photographies of their legs.
- design connection between these to make your CPU.
- design two printers that can print on the same object. You will randomly share the set of connections between the printers. Even owned, these printers won't be able to cooperate to inject a stealthy feature in your processor, short of precise knowledge about their relative spatial position.

@Iain Moffat: "Seymour Cray's CDC6600"

http://ed-thelen.org/comp-hist/vs-cdc-6600.html is a nice description of this computer; 600 000 transistors in the CPU, and these transistors were optimized to reach 2000 CPU-hour of mean operating time. The main problem is who currently owns the rights to CDC6600. But there are interesting knowledge about which transistor to use.

This is why I would prefer processors made by bellied-up companies (Inmos ?) that can be payed to release their property rights to public domain.

@Clive Robinson: "One method is to drop the old conventional "parellel bus" designs due to many issues and replace them with high speed serial buses"

I prefer the native serial links between processors: takes less transistors.

Here is a raw proposition of how to connect auditable processors and hostile computers to be able to work on confidential matters (intellectual property of your company, ...) that are forbidden (by your company, or for privacy reasons) on computers publicly (since Snowden's leak) known to be likely owned by NSA, facebook or the likes.

[hostile computer with modern storage, internet, and RAM amounts, but with wireless and sound circuit disabled]
|
|
[auditable processor encrypting and shuffling memory and storage accesses]
|
|
[auditable processor harbouring a microkernel, a compiler, an editor for possibly confidential files]------[auditable processor with photodiodes locating your fingers (think projection keyboards) and headphones]
|
|
[auditable processor shuffling screen image for a motorized mirror grid]-------[auditable motors of the motorized mirror grid]
|
|
[hostile computer with a videoprojector projecting on your mirror grid]


For additionnal security or if you need additionnal computational power, you can consider that this graph is only listing allowed connections (| or -) between your numerous computers and specialized auditable processors.

BryanJanuary 7, 2014 6:26 PM

There are conductive glues that could be used for attaching chips to circuit boards. Some of them might be printable. I do know at least one can be screen printed. I've applied one with a fine #30 needle on a syringe.

If you are watching the garden, wouldn't it be prudent to also put a camera outside the garden gate? May take a bit more hardware hacking, but it can be done. It's easy if your router has an EWAN interface for the internet link.

Motorola 68000 could address 16MBytes memory but had 32 bit registers, and ALU except the multiplier was 16 bit. There was a version, 68012 I think, that had more address lines brought out of the chip. It was a stopgap before the 68020 came out. A group at a university made a dynamically timed version that positively screamed. It was over 10 times faster using the same logic gate size.

@Jeff Woods • January 7, 2014 12:06 AM
“”Potential squid fodder:
http://masonscreations.com/other-glass-art/octopus-chandelier/””

I like. I may have to make my own...

@Mike the goat
“”Soon an LED next to each socket went on and the machine told us that it was waiting for the RAM (to acclimatize, to have a party I don't know).””

Electrons going from room temperature conductors to super cooled ones may reflect back at the hot to cold junction. It can limit data rates as the wire isn't a proper transmission line like the standards would expect for the inputs and outputs of the memory reading circuit. That's why they have to wait for it to warm back up.

That machine tells me you must solder your RAM in place, and use BGA packages. A case intrusion detection system that triggers a memory wipe is also a must. Between the two, encrypting all of RAM may not be needed. Just route all the memory data traces in the inner layers of the PCB.

Mike the goatJanuary 8, 2014 2:54 AM

Bryan: or encase your RAM in a nice big chunk of epoxy. See how they can conveniently remove the modules then? Though I would likely be the one a few months down the track wanting to swap out a bad module.

RampingRobotJanuary 8, 2014 5:58 AM

@Mike the goat: "encase your RAM in a nice big chunk of epoxy."
@Bryan: "solder your RAM in place"
They may fall back to firewire or other undocumented backdoors. Or just saw the RAM support out of the mainboard.

@Bryan: "A case intrusion detection system"
They may insert a small ramping robot through a hole of the case, pulling a tube to connect to their freon spray; or just fill the box with freon. Then, they will send a specialized small robot to ground all pins of the ram before sawing the box then the RAM support.

If you really care, you should encrypt your RAM.

They may also torture you or use Zersetzung, if they have cared enough to come to your house/company.

Clive RobinsonJanuary 8, 2014 9:03 AM

@ Mike The Goat, Bryan, et al,

    ... or encase your RAM in a nice big chunk of epoxy. See how they can conveniently remove the modules then?

We discussed this many moon's ago on this blog, and there are a few problems you need to overcome.

Firstly and most importantly is the "heat problem", modern memory runs HOT Hot hot, and if you don't get rid of it then your MTBF could drop to less than the time it takes the epoxy to cure... One solution that is readily available now but was not back then is phase change piping in the form of "heat pipe" but before encapsulating check carefully about thermal expansion of both the epoxy and the heat pipe you, might need to "bath sealant" a layer or two around the heat pipe, or use similar compressable material.

The older way was to use a couple of heat sinks, one attached to the RAM strip the other interlaced with a gap into it and a right angle block to provide an external heatsink mount.

In either case you need to also use a thermaly conductive epoxy, one of which is "quartz loaded" which has other advantages in that it's not easy to drill, cut or grind. You can make it worse by adding carbide or carborundum powder which supposadly is the next touchest substance on earth after diamond.

This leaves "disolving" which can be reandered pointless in a couple of ways. Without saying what (because you are making something that is a pyro which is baned in some juresdictions these days) there are various chemicals that have a strongly exothermic reaction with the likely solvents etc that are likely to be used. Less reliable but less dangerous is to get old fashioned enamledd 36 to 44/guage copper wire (the thiner you can "reliably use" the better) and twist a pair together that forms a longish length you use this as part of an anti tamper circuit. Basicaly the enamle disolves considerably more easily than the epoxy and ends up shorting together or breaking, you can make it more certain by adding "bright metal" aluminium or brass dust to the out side by a quick squirt of Scotch Mount or equivalent and then dip in the powder let it dry and give anoth squirt. You can add other soft metal dust to the epoxy to assist this as well as providing other anti-tamper because it binds up drilling, cutting and grinding. But this needs a good three layers of "tropical" or other coating on the active components prior to applying the epoxy to prevent shorts.

The important aspect to consider is "access to the buses"... It's pointless epoxying the memory strips if they can get at the busses further along the motherboard, They just get "one mother" of a canister of CO2, freeon, liquid nitrogen etc and freeze down the whole motherboard and pull the CPU etc and read the memory out.

For various reasons it's not practical to epoxy the CPU etc on most motherboards unless your security requirements are high in which case use small "all in one" boards and assume they are throw away items if they go wrong. I'd look at "industrial control" systems such as PC-104, whilst more expensive than "set top box" motherboards they are generaly made to a much higher standard and the price difference is easily quantifiable against the much greater MTBF which if you make&test a couple of spares makes your MTTR much lower thus the availability comensuratly greater. Also consider mounting the whole system in a small size safe many come quite handily "Pre-drilled" for wall mounting which can also be used for egress of power and communications cables. It's also fairly easy to add anti-TEMPEST components such as copper fingers / gasgits around the door edges and likewise "copper plate / box" the inside and add some real heavy duty anti-tamper devices after "fire brick" etc lining to stop molten iron running out befor it's done it's job.

That said you need to embed anti-tamper for mechanical and thermal attcks as a minimum --remember over temp as well as under temp-- as well as movment sensors for both the computer and people aproaching it. These should all be fail safe in the way they work. Another type of anti-tamper can be "preasure", you can get "dry nitrogen purge" or "intrinsicaly safe Ex D" etc cases for industrial controlers you can generaly run these at upto 2bar over external preasure internaly which is generaly more than sufficient for anti-tamper detection. Other sensors to consider are for EM radiation you can get off the shelf X-Ray, UV, light, IR and broadband microwave sensors. What you chose to install is upto you, again make them "fail safe" just incase they decide to use "high energy disruption" (ie bomb disposal) techniques. One advantage of using a safe is it helps kick the legs out from the current FBI etc argument that "data in computers is on public display".

Whilst thinking about and building such systems is "fun" they are by no means sufficient.

All semi-conductor memory when holding "static data" suffers from the equivelent of "burn in" whilst this might not be an issue for most people because run of the mill forensic examiners don't have the equipent to read the burn in it's possible that "state level" adversaries have the ability.

To stop this you have to make "The Snake Eat it's Tail" via the use of an array etc that gets stired around by the high speed timer interupt. The simplest is a circular buffer that is a byte or two longer than the "key" length thus the key rotates slowly around the buffer. If people hunt back on the blog far enough they will discover conversations about varios better ways to achive both lack of burn in but improved security that may well be sufficient to beat current LEO level forensic examination without having to provide encapsulation or anti-tamper circuitry.

    Though I would likely be the one a few months down the track wanting to swap out a bad module.

You have two options "throw away" or not encapsulate irevocably by using safe or preasure contain, with suitable anti tamper and anti-burnin.

FigureitoutJanuary 8, 2014 1:09 PM

Crypto Currencies in the News
"Coinye", Due to legal pressure, we will be launching....Today.--Lol

http://arstechnica.com/business/2014/01/kanye-wests-lawyer-orders-coinye-to-cease-and-desist-just-before-launch/

http://coinyeco.in/

Algorithm: Scrypt
Max Coins: 133,333,333,333
Block time: 90 Seconds
Difficulty Re-Target Time: 12 hours
Block Rewards: 666,666 COYE

Even funnier...Norris Coin.
Chuck Norris doesn’t give a fuck about the 10 KnC ASIC miners you stockpile in your parent’s basement. He’s gonna roundhouse kick you in the face the next time you go buy your XXL Grilled Stuft Burritos from Taco Bell

http://norriscoin.org/


Algorithm: Scrypt
Max Coins: 180,000,000
Block Time: 60 seconds
Block Rewards : 450 NORRIS COINS
Block halving rate : Every 200,000 Blocks
Difficulty Re-Target Time : 4 hours
Mining song : Do it know by Mos Def ft. Busta Rhymes

Your move, Schneier?

FigureitoutJanuary 8, 2014 1:46 PM

//Shout out to Petrobras and all seeking Open-Source Hardware
--I remember watching the MicroSD card 30C3 presentation and noticed a really cool-looking laptop. Didn't look into it, but apparently it's an Open Source project. I'm definitely going to look more into it now since they obviously have a working prototype, the desire, and the abilities.

http://makezine.com/magazine/building-an-open-source-laptop/

Also check out of course:

http://www.kosagi.com/w/index.php?title=Novena_Main_Page

Iain MoffatJanuary 8, 2014 2:29 PM

@Petrobras: INMOS was bought by SGS-Thomson (now STMicroelectronics) so they probably still own the IPR.

PetrobrasJanuary 8, 2014 2:35 PM

@Figureitout: "Novela with Freescale iMX6 CPU processor".

Very interesting, thank you. Still, their processor is not auditable. But they got working the other half of what I want as a computer.

FigureitoutJanuary 8, 2014 9:43 PM

Petrobras
--Yeah I know...such a hard problem. Plus, while it's cool Freescale has open source, still a US company subject to..you know. It wouldn't surprise me if he's a reader of the blog as he mentioned the UMass paper on hardware trojans, and just did nice work on uncovering sketchy SD cards. So perhaps he has a bit of the "security mindset". Also like that he's pushing for quality. Might be worth contacting him and getting some comments on the blog.

Incremental steps though, while I would personally remove some components (all known wifi chips, speakers, mics; hopefully no bluetooth); it's a step up in assurance and trust and another platform to develop the next secure step.

There's still plenty of breadboard pc designs out there, while not verifiable, still very simple and limit the malware that can run. Plus while I've only connected 1 TI graphing calc to a PC to get a program from the internet, I assume it to be airgapped w/o the modules for jumping it (bad assumption, I know). People will look at me funny though if I try to transmit highly encrypted messages from it to them or store my OTP's there. Even weirder, why would TI have an OS that doesn't give the user access to all memory? :(

PetrobrasJanuary 9, 2014 3:54 AM

To Moderator: Previous comment is a spam.

@Iain Moffat: "INMOS was bought by SGS-Thomson (now STMicroelectronics) so they probably still own the IPR."

:-( Thanks for your information.

Do you happen to be aware of some company with IPR on a chip that have bellied-up without ending bought ?

BryanJanuary 10, 2014 4:00 PM

Been reading the reflections in eyes for decades. ;) They can help tell how the scene was lit. At least the part in front of the face.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..