Friday Squid Blogging: Squid T-Shirt

A T-shirt with a drawing of a squid reading.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on January 31, 2014 at 4:41 PM • 98 Comments

Comments

FigureitoutJanuary 31, 2014 5:25 PM

Been waiting for the fresh squid, gotta get it while it's cold and juicy. :)

Anyone looking for some nice weekend reading or new ideas on a homebrew computer, I came across some nice links reading about some new software for a RasPi, GPU_FFT. We have the radio amateurs over in the UK to thank for pushing Eben Upton for a FFT library for SDR applications (make a new digital mode maybe). A bit advanced, but I'm getting closer in calculus to getting to do some FT's. May be a while to get to one in class but I'll probably try some outside of it.

http://www.raspberrypi.org/archives/5934

From there I decided to check out Andrew Holme's site and homemade GPS, which is really nice, I definitely want to get up to that level documenting my projects.

http://www.aholme.co.uk/GPS/Main.htm

Then I really got intrigued by the Forth CPU in the article. He's made 2 computers, the Mark 1:

http://www.aholme.co.uk/Mk1/Architecture.htm

And the Mark 2:

http://www.aholme.co.uk/Mk2/Architecture.htm

I also saw the J1 Forth CPU on his site, which is interesting b/c it has a TCP/IP stack that I may look at when I get to setting up a more secure internet connection.

http://excamera.com/sphinx/fpga-j1.html

Then I went to Holme's link page, w/ other homebrew computing:

http://www.aholme.co.uk/Links.htm#Homemade

One that immediately caught my eye was the Block I Apollo Guidance Computer, which was the flight computer for the Apollo moon landings. Very cool.

http://klabs.org/history/build_agc/

All in all, a very cool site. There was javascript so sorry to all who block it. Positive reading. If I build a few, I'm going to make step by step tutorials so everyone can build one.

MartimJanuary 31, 2014 6:03 PM

• South Korea fines Google $196K for illegal data gathering
http://www.zdnet.com/south-korea-fines-google-196k-for-illegal-data-gathering-7000025771/

• Oracle's Ellison downplays threat of NSA database snooping
http://www.reuters.com/article/2014/01/30/us-oracle-nsa-idUSBREA0T05U20140130

• Footage released of Guardian editors destroying Snowden hard drives
GCHQ technicians watched as journalists took angle grinders and drills to computers after weeks of tense negotiations
http://www.theguardian.com/uk-news/2014/jan/31/footage-released-guardian-editors-snowden-hard-drives-gchq

RogerJanuary 31, 2014 7:23 PM

@mareek:
Thankyou for finding this, it's really interesting. Athough the final paper won't be published until May, there is already a draft available here on Juel's website.

Similarly to "honeypots" and Juel's earlier "honey words" scheme, "honey encryption" refers to a mechanism where an attacker is decoyed by numerous plausible but false decryptions of a message. The intent is that when a message has been encrypted with weak key (e.g. poorly chosen password), "honey encryption" provides a much stronger security bound than other mechanisms, including password stretching. In fact in the case where it is easy to generate fake messages that are practically indistinguishable from real ones (e.g. credit card numbers), they can show that even after an attacker has tried every probable key and successfully brute forced the real key, his probability of correctly determining the plaintext is no better that his chance of correctly guessing the key on his first attempt. Given that we started by assuming that the key is easily guessed, this is not really a very strong security guarantee; but it is a lot better than what you get in any other way, and always gives at least some increase in strength.

So, how does it work? Naïvely one might try to generate N plausible plaintexts, encrypt each one with a plausible fake key in an authenticated mode, and store all N copies. To decrypt, you would try to decrpyt each message in turn using the correct key, and accept only the one for which the MAC was valid.

A serious disadvantage of such a scheme is that it expands the message storage / transmission requirements by a factor of N, and for the scheme to be worthwhile, N needs to be quite large.

Instead, Juel's and Ristenpart's scheme invents a new form of encryption (which they call DTE, or distribution-transforming encoding) which effectively combines an arithmetic encoding (compression) scheme with encryption, in such a way that not only is the actual encrypted object a high entropy-density string that is practically indistinguishable from randomness, but -- more importantly -- nearly all incorrectly decrypted strings (effectively, random strings) decode (decompress) to plausible fake messages.

Instead of N times message expansion, it only doubles message lengths. And they provide security proofs for all their results (all yet to be peer-reviewed, of course.)

The trick is obtaining the DTE: the authors note that each DTE is domain-specific, and in general it is difficult to construct good DTEs. However they provide three concrete examples that are provably very good DTEs (all three are admittedly easy targets: RSA secret keys, credit card numbers, and PINS.) They also prove that even if your DTE is poorly designed, your security guarantee is no worse than not using a DTE at all.

asdfJanuary 31, 2014 10:26 PM

An insightful look at the propaganda tactics of the US:
http://falkvinge.net/2014/01/30/arrest-of-charlie-shrem-shows-dangerously-repressive-u-s-police-system/

In light of that article, a larger strategy emerges. The use of intimidation to keep Snowden in Russia and Jacob Appelbaum in Germany -- the common denominator is to use location and historical associations to short-circuit the thought processes of middle America. It's a psychological framing play.

Cliche thinking is the result of laziness, but some stereotypes are cultivated for disinformation purposes.

FluffytheObeseCatJanuary 31, 2014 10:47 PM

Has anyone, anywhere attempted to catalog and analyze the UPPERCASENAMEs used by the NSA or GCHQ for identifying their exploits/projects/programs etc.?

They are not as "randomly" assigned as was initially claimed, back in say, July. Are there any patterns, any naming conventions, that anyone can identify?

It might be a fruitful line of inquiry. Why does a given exploit have "MONK" in it's name for instance? Does a word that indicates seclusion and solitariness in plain English indicate something similar about the exploit?

Possibly not. But, none of these items ever seem to be named "FRAGILEMUFFIN" for some reason.

DanielJanuary 31, 2014 10:56 PM

Not impressed by "honey encryption", seems mostly a gimmick. First, as they acknowledge in many cases its pointless because there is no reliable way to know what is being encrypted. But even in the case of passwords all it will do is slow an attack down a little. If one is already using a password cracker it only takes a little bit of effort to automate that process so that all the honeyed data is quickly checked to see if its real. A bump in the road, nothing more.

BuckFebruary 1, 2014 12:43 AM

Who wants competition? Big cable tries outlawing municipal broadband in Kansas (January 31, 2014 - Ars Technica)

Legislation introduced in the Kansas state legislature by a lobby for cable companies would make it almost impossible for cities and towns to offer broadband services to residents and would perhaps even outlaw public-private partnerships like the one that brought Google Fiber to Kansas City.
http://arstechnica.com/tech-policy/2014/01/who-wants-competition-big-cable-tries-outlawing-municipal-broadband-in-kansas/

And why is this far more important than the recent defeat regarding net-neutrality..?

As long as the FCC refuses to get off their arses and call the cables what they are (common carriers), we appear to be loyal subjects in the feudal lordship of ye olde telcoms.

Fortunately, these days, redundant/reliable mesh/mixed topology networks can be realized cheaply with COTS hardware/software. The public benefit of this could be immediately perceived - especially in rural/smaller towns, where a piece or two of copper/fiber can effectively be self maintained and commonly accessible.

Allowing a government enforced monopoly/oligopoly on age-old privately developed communications infrastructure is one thing; but trying to protect an abstract concept like "interconnected communities" as if it were someone's intellectual property or it needed to be withheld from the commoners... Well that's just asinine!

AlanSFebruary 1, 2014 9:02 AM

Not much in the State of the Union on the NSA. This is not Obama's top priority and never was (see Bamford on Obama and the NSA, shorty after Obama was elected to his first term).

Obama: "That's why, working with this Congress, I will reform our surveillance programs because the vital work of our intelligence community depends on public confidence, here and abroad, that privacy of ordinary people is not being violated."

Notes from the Field response, which says it all, "Dude, you need new advisers. That ship sailed, hit an iceberg, and sank. That four-piece ensemble playing the strings while Leonardo DiCaprio froze to death? That was our personal privacy."

FullLoadTodayFebruary 1, 2014 10:09 AM

There is a lot going on out there...

An app that tracks who is tracking you

http://yro.slashdot.org/story/14/01/30/1827231/the-app-that-tracks-whos-tracking-you

(and who is tracking that app? probably the spooks)

MIT startup - your digital afterlife

http://tech.slashdot.org/story/14/01/30/2049258/startup-out-of-mit-promises-digital-afterlife-just-hand-over-your-data

(and who gets that data...why, most likely the spooks of course)

EU plans to put back door in every car

http://tech.slashdot.org/story/14/01/30/2127238/eu-secretly-plans-to-put-a-back-door-in-every-car-by-2020

(and who says Europe has better privacy protection...why, only someone in Europe that is just imitating our spooks)

Federal agency data mining credit card accounts

http://yro.slashdot.org/story/14/01/30/2147211/federal-agency-data-mining-hundreds-of-millions-of-credit-card-accounts

(well, if they can do it, anybody can do it, so who are the criminals here?)

President nominates Vice Admiral Rogers as NSA chief

http://news.slashdot.org/story/14/01/30/2327218/obama-nominates-vice-admiral-michael-rogers-new-nsa-chief

(why of course, we need another Admiral Poindexter of Total Information Awareness fame)

Half of U.S. nuclear missile wing implicated in cheating

http://news.slashdot.org/story/14/01/30/2339258/half-of-us-nuclear-missile-wing-implicated-in-cheating

(and why is that? probably because they don't have 00000000 as the launch password anymore, or because they STILL do?)

Canadian spy agency snooped on travelers in airports

http://news.slashdot.org/story/14/01/31/1527259/canadian-spy-agency-snooped-travelers-with-airport-wi-fi

(ah, our holier than thou north of the border "friends" are showing their moral fiber)


Well, there is probably more but enough for now...


anonymous_cowardFebruary 1, 2014 10:17 AM

I looked at the picture.

The squid took the trouble to visit the guy in person.

name.withheld.for.obvious.reasonsFebruary 1, 2014 10:32 AM

Hilarious, Brenner stated in Wednesdays Senate Intelligence Committee meeting that "Al Qieda counter-intelligence programs are adapting...". Is there a Al Qieda (sp?) war college? Does their Air Force, Navy, and Army have a recruiting program that includes a ROTC type college credit(s). My god, they have affiliates and franchises (like McDonalds I guess), what are the contractual terms of a franchise--do I get branding? Local marketing support?

nobodyspecialFebruary 1, 2014 11:01 AM

@n.w.f.o.r - that's why we must crack down on illegal exports of paperclips. Without sufficient paperclips no military-industrial complex such as AlQueda's can possibly operate for long.


ClockmakerFebruary 1, 2014 12:00 PM

Laws being drafted to require police controlled kill switch on all European cars. That couldn't possibly go wrong could it?

From the BBC:

A device that would enable police to stop vehicles remotely is being considered by an EU-wide official working group, it has emerged.

The feasibility of such technology is being examined by members of the European Network of Law Enforcement Technology Services (Enlets).


http://www.bbc.co.uk/news/world-europe-25961096

name.withheld.for.obvious.reasonsFebruary 1, 2014 1:58 PM

@ kingsnake
"Hamburgler..." I busted a gut--gotta stop chowing down on Big Macs.

And fearless leader, Ronald McDonald, probably attended What's-a-matter-U.

MilouFebruary 1, 2014 3:19 PM

FluffytheObeseCat
It might be a fruitful line of inquiry. Why does a given exploit have "MONK" in it's name for instance? Does a word that indicates seclusion and solitariness in plain English indicate something similar about the exploit?

That, and the other one named ...VICAR caught my attention because of that similarity in their names.

If nothing else, perhaps NSA is interested of tracking religious "leaders" (well anyone who is someone in a religious organization).

I mean since USA has a fixation with muslims (I am not going into whether it is justified to the current degree or not) then what is there to say that they do not have a fixation with other religious types.

I was going to share something I heard (through word-of-mouth) supposedly being told by a guy who used to work for FBI in Florida back circa 1994. But I will leave that for some other time because as word-of-mouth stuff goes...they are not really reliable for much...

AlanSFebruary 1, 2014 4:21 PM

@Bruce

Does this mean you are an "accomplice"?

James Clapper calls for Snowden and 'accomplices' to return NSA documents

"Clapper called on “Snowden and his accomplices” to return the documents the former National Security Agency contractor took....Asked if the journalists who possess leaked surveillance information counted in Clapper's definition of an "accomplice", Clapper spokesman Shawn Turner clarified: "Director Clapper was referring to anyone who is assisting Edward Snowden to further threaten our national security through the unauthorized disclosure of stolen documents related to lawful foreign intelligence collection programs.""


AlanSFebruary 1, 2014 4:33 PM

If there was any doubt about Obama's lack of enthusiasm for surveillance reforms, the WSJ is reporting that members of the President's Review Group pressured the White House to make additional concessions the night before the Jan 17th speech because they felt that an insufficient number of their recommendations were being adopted to prevent a public uproar.

White House Added Last-Minute Curbs on NSA Before Obama Speech (pay-wall)

Doug CoulterFebruary 1, 2014 6:02 PM

Found this interesting link, which describes what's going on inside virtually every flash device, and how it permits various attacks from MITM and up. The vid on this blog is worth your time. I have no idea if NSA is using this one, but...other people have found out how.

http://www.bunniestudios.com/blog/?p=3554

Turns out there's a custom uP involved in every flash, usb stick, mmc, SD card, and so on, and you can hack it.

On the white hat side - for only a couple bucks, you get a micro controller with a few gigs of flash, some ram, and it's field-programmable (the presentation shows why this has to be true)...not many i/o pins, but compare to say, a $20 arduino - this uP is faster and better provisioned otherwise. On the black-hat side, well, I'll leave that to the experts - they mention a few interesting possibilities...

Doug CoulterFebruary 1, 2014 9:01 PM

Well, while "honey" encryption might not solve everything - certainly wouldn't fool most inquisitive humans if you are a "person of interest" - it might just fool whatever automated algo into thinking it'd cracked your stuff, and found something innocuous. Since they have finite computer cycles (large, but finite) - it might just stop right there, leaving your real info private.

Done right - tons of innocuous but grammatically correct plaintext, jpgs, and so forth...it'd be darned hard to write an algo that knew when to quit for certain.

paranoia destroys yaFebruary 1, 2014 9:24 PM

Several comments made on Bruce's site about 6 months after a story originally ran have spam links. They have nothing to do with the article. One was on the Wells Fargo security theater.
THem avoiding posting to current articles on a website may be done to avoid the moderator from detecting them.

Nick PFebruary 1, 2014 9:57 PM

Ethos operating system project at University of Illinois experiments with OS & API designs to support the goal of letting developers easily make apps secure by default. There are quite a few good ideas in the papers linked below.

https://www.ethos-os.org/~solworth/securityPapers.html

Particularly interesting is the paper "The lazy kernel hacker and the application programmer." They go into the ups and downs of decisions they made to prevent their project from getting bogged down in OS implementation issues early on. I like that they also mention OSkit which was used by other teams for same purpose. There's some nice wisdom in that paper that can apply to others in low budget OS projects.

kashmarekFebruary 1, 2014 10:52 PM

A true movie plot threat taken to the extreme, an attempt at full implementation (legalization) of something that shows up on TV:

British PM says fictional crime proves why snoopers charter is necessary

http://news.slashdot.org/story/14/02/01/1839233/david-cameron-says-fictional-crime-proves-why-snoopers-charter-is-necessary

(good grief, it's fictional crime, the kind of stuff that is solved before the story is written for TV; where the story that is written is adapted to using availble & imaginary techniques for solving an imaginery crime, NOT solving a real crime and then using the techniques later in a story)

Nick PFebruary 1, 2014 10:56 PM

@ kashmarek

Yeah it was a funny link. Mine was the first comment on the page ("catalog of them") where I linked to the NSA catalog. So I thought, anyway. For some reason that comment is now a reply to someone else's comment. One of the many reasons I rarely try to be informative in Slashdot comments. (sighs)

Clive RobinsonFebruary 2, 2014 12:46 AM

@ kashmarek, Nick P,

    British PM says fictional crime proves why snoopers charter is necessary

Cory Doctorow put up a page on this over at BoingBoing, I posted it in last weeks Friday Squid.

Personaly I thing the British PM David Camaron has taken leave of his senses if he beleives it enough to say it, if nothing else he has lost contact with reality...

I beleive Adolf Hittler had a similar loss of contact with reality as evidenced by giving orders to his General staff about moving fighting forces that did not exist.

Wesley ParishFebruary 2, 2014 3:49 AM

@kashmarek

I noticed that too. I do have cause to worry: I did write a piece of flash fiction once, A Public Touch Up where that line of "reasoning" was mentioned and espoused with great vigour by the airport security theatre ... I live in overwhelming terror. What if David Cameron reads my little story Hayseed And I. Will sheep safely graze in the UK afterwards?

LFebruary 2, 2014 8:48 AM

@Nick P
EthOS is an interesting project but I don't like its base - minimaLT - that much.

It's a good protocol, but there is no flexibility: only one cipher/key exchange is supported and you can't ever change it -- it's hardcoded and there is no protocol negotiation.

Also, minimaLT is a 0-RTT protocol, which sounds nice in theory, but I fear amplification and DoS attacks might get easier. I can't demonstrate it now, but on a first analysis I couldn't find any protection on the amplification, and I'm not convinced by their DoS protection...

Is there other information on minimaLT, excluding the only paper and the code (don't have time...)?

AlanSFebruary 2, 2014 1:16 PM

@Clive

The PM is watching the wrong shows. He should watch Enemy of the State. The movie was supposed to have upset Michael Hayden. True, it's Hollywood fantasy but if you were one the people involved in whistle-blowing to the NSA's OIG about the Trailblazer program, the experience of the Will Smith character might not be a million miles from reality.

The New Yorker's account of what happens to whistle-blowers who go through official channels and obey the law: The Secret Sharer: Is Thomas Drake an enemy of the state?


Nick PFebruary 2, 2014 1:41 PM

@ L

"Is there other information on minimaLT, excluding the only paper and the code (don't have time...)?"

It's the only resource I've seen on the protocol. I haven't had much time to review it either.

Clive RobinsonFebruary 2, 2014 2:39 PM

@ .be,

You are a little late on the Belgian Cryptographer getting hacked by the NSA I've mentioned it already, https://www.schneier.com/blog/archives/2014/01/friday_squid_bl_410.html#c4128022

It's an interesting story given that the Crypographer designed financial transaction network security and was involved with Phillips Electronics before and after it became NXP (for those that don't know Phillips was one of Europes largest electronics companies and thei "staff football club" gained professional status and international recorgnition as PSV Eindhoven)..

Clive RobinsonFebruary 2, 2014 2:55 PM

@ AlanS,

    The PM is watching the wrong shows. He should watch Enemy of the State The movie was supposed to have upset Michael Hayden.

Yeah well from what I've heard Mr Hayden and his colleagues are very easily upset and through the toys out of the pram at the slightest sign of people not sucubming to their "cult of self" and the expected fawning by US newspapers.

I don't know if you have seen this Sats Guardian magazinearticle on Ed Snowden and the reactions of the US and UK security services?

If you can get a hold of it and the photograhs of the bits of computers GCHQ's Tweedle Dee & Tweedle Dum got the Guardian to destroy it tells a rather intresting story about NV memory in various peripherals etc.

Whilst myself, @Nick P and @RobertT have been going on about it on this blog for the past couple of years few people beleived us.

In one afternoon the GCHQ boys let the cat well and truely out of the back, some while befor the TAO catalogue and methods became released and in all probability before either GCHQ or the NSA new which docs Ed Snowden had taken.

So it was GCHQ leaking "state secrets" for those with the eyes to see... Which kind of makes Tweedle Dee and Tweedal Dums bossess the Dumer and Dumer of their own JackAss show...

NobodySpecialFebruary 2, 2014 3:00 PM

@Clive Robinson but it does rather beg the question, why?

1, The NSA/GCHQ already have total control/intrusion into the the Chinese/Russian/German/etc governments and military and are now just spending their time mopping up the 4th tier players.

2, The NSA/GCHQ already totally failed to make any headway against serious opposition and so are concentrating on Belgian academics as the only available targets

3, The NSA/GCHQ are so totally out of the picture when it comes to world events (having missed the collapse of the USSR etc) that they believe Belgium to be the cornerstone of the faltering alliance between world powers that could lead to war in europe if the Austro-Hungarian empire is threatened by Serbia.

4, The NSA/GCHQ are aware of secret Belgian plans for world domination - possibly involving Waffles of Mass Destruction.

BenniFebruary 2, 2014 3:17 PM

That hack on the belgish cryptographer professor is ugly.
I guess, Bruce Schneier also should check whether there is something in the files on him.

Whilst I can totally understand that NSA wants a real time copy on articles from Quisquater, like http://francescosica.org/Francesco_Sica/Publications_files/AAA_csq_published_links.pdf before publication, as they are learning beautiful things about elliptic curves that every one on the planet should study (at least most mathematicians would agree that is the case), I wonder how many other universities they target now.

BenniFebruary 2, 2014 3:55 PM

Apparently, there are now some details on the attack on the cryptographer:
http://money.cnn.com/news/newsfeeds/gigaom/articles/2014_02_01_nsa_and_gchq_hacked_belgian_cryptographer_report.html

It seems that we have first details on the exploits of the NSA:

from CNN:
" Correction (2 February): This story originally and erroneously said Quisquater had fallen victim to a quantum insert attack. This was based on the original report stating that he was targeted using the same technique or a similar one to that used on Belgacom, which also used LinkedIn as a vector. However, that was reportedly a quantum insert attack, and Quisquater’s quotes describe a type of phishing attack. That said, NSA/GCHQ still seem to be involved, as this spun out of the existing investigation."

"Quisquater’s targeting became apparent during the investigation into the hacking of telecoms firm Belgacom, shown by Edward Snowden’s leaks to be the work of GCHQ.
The Université catholique de Louvain professor fell victim to an emailed LinkedIn “request” from a non-existent European Patent Office employee. Quisquater, who holds 17 patents and is particularly noted for his work on payment security, told me the attack was “related to a variant” of MiniDuke, an exploit that quietly puts backdoors into the target’s system.


“The Belgian federal police (FCCU) sent me a warning about this attack and did the analysis,” Quisquater told me by email. As for the purpose of the hack: “We don’t know. There are many hypotheses (about 12 or 15) but it is certainly an industrial espionage plus a surveillance of people working about civilian cryptography.”"

And here is a description of that Miniduke that GCHQ apparently had used:

https://www.securelist.com/en/blog/208194129The_MiniDuke_Mystery_PDF_0_day_Government_Spy_Assembler_Micro_Backdoor

It seems that it has already been spotted in the wild.

AlanSFebruary 2, 2014 4:22 PM

@Clive

I don't have access to Guardian Magazine unless it is online. But I have read some of the earlier memory posts.

Hayden and co. genuinely don't seem to understand why anyone would be upset with them. Hayden is on video somewhere stating that "probable cause" doesn't appear in the 4th Amendment. That's what happens when you live in top-secret echo chamber.

PhilFebruary 2, 2014 5:02 PM

Through a Face Scanner Darkly:

"NameTag, an app built for Google Glass by a company called FacialNetwork.com, offers a face scanner for encounters with strangers. You see somebody on the sidewalk and, slipping on your high-tech spectacles, select the app. Snap a photo of a passerby, then wait a minute as the image is sent up to the company’s database and a match is hunted down. The results load in front of your left eye, a selection of personal details that might include someone’s name, occupation, Facebook and/or Twitter profile, and, conveniently, whether there’s a corresponding entry in the national sex-offender registry."

http://www.newyorker.com/online/blogs/elements/2014/02/through-a-face-scanner-darkly.html

SkepticalFebruary 2, 2014 7:30 PM

What struck me in Clapper's remarks wasn't the word "accomplice," (which I think was more emotive than anything, and certainly not applicable to Schneier in any legal sense) but this section:

What Snowden has stolen and exposed has gone way, way beyond his professed concerns with socalled domestic surveillance programs. As a result, we’ve lost critical foreign intelligence collection sources, including some shared with us by valued partners.

Terrorists and other adversaries of this country are going to school on U.S. intelligence sources methods and trade craft and the insights that they are gaining are making our job much, much harder.

And this includes putting the lives of members or assets of the intelligence community at risk, as well as our armed forces, diplomats, and our citizens. We’re beginning to see changes in the communications behavior of adversaries, which you alluded to, particularly terrorists, a disturbing trend which I anticipate will continue.

I keep trying to fit Snowden's taking of so many documents having nothing to do with unethical or domestic surveillance and allowing them to be so widely distributed, with his claim to be a patriot. Increasingly, these days, I suspect that they simply don't fit. I don't understand why someone who claims to be so well versed in information security and counterintelligence would distribute so much material. I am concerned about what all of this says about Snowden's motives, and about the extent to which non-state actors such as Wikileaks, and others, may have been involved - as well as any states associated with Wikileaks.

Snowden's continued silence, his apparent refusal to aid the US in minimizing harm, and other factors are strengthening some unflattering hypotheses about Snowden's susceptibility to influence by individuals within, and close to, Wikileaks, among others.

These are only hypotheses of course, and always subject to falsification. But, if they are true, then one day Snowden will realize how some who are using him actually think of him; he will realize that, to a certain extent, he's betrayed himself. Whether that realization comes soon enough... I don't know.

Hopefully he distinguishes himself by maintaining independence of mind from those currently best positioned to influence and use him, and acts on that independence.

AlanSFebruary 2, 2014 9:30 PM

Not sure this got mentioned earlier, but the All Party Parliamentary Group on Drones in the UK commissioned a report from Jemima Stratford, QC. It looked at data collection and data sharing activities with the NSA. It was published this week and found many of the activities lacked a legal basis or likely to be illegal. See Jemima Stratford QC’s Advice.

Guardian's coverage here:
Huge swath of GCHQ mass surveillance is illegal, says top lawyer. Legal advice given to MPs warns that British spy agency is 'using gaps in regulation to commit serious crime with impunity'


Clive RobinsonFebruary 3, 2014 12:20 AM

@ Benni,

With regard "MiniDuke", I have to laugh over the following part of the description,

    There are multiple layers of C&C communications in the malware. First, the malware uses Google search to receive information from its master. Then, it uses the Twitter messaging service looking for the twits of a specific Twitter user. Commands received via this channel trigger the download of stage 2 and stage 3...

If you look far enough back on this blog (and the lightbluetouchpaper blog) you will find a more detailed explainaion of how to do this. Basicaly I thought up the idea of how to remove the problem of having a hard coded IP address in "Bot-code" for the C&C server and described a method using Google that did it in exactly this way. You will also find a couple of comments about using "odd numbers and strings" in posts on this blog where I suggested to @ Bruce this blog might be being used for this...

What is perhaps more interesting is that I also worked out a more reliable way of exfiltration of data also in a "headless way" but I chose not to post that on any blog. I've yet to see anyone use my method of exfiltration...

Whilst not proof positive I think it's fairly safe to say that someone in the NSA or GCHQ or their sister agencies read this blog and "steal ideas" without appropriate attribution (A serious crime in academic circles, but apparently not in spy circles ;-)

So I don't know if I should be flattered or annoyed, either way for some strange reason it makes me laugh/chuckle when I think about it. But they have not payed my asking price for the ideas I post which is a "pint of beer" to me or a couple of pints to Bruce (so he can pass one on ;-)

Mind you I'm well aware of both the NSA and MI5 having been caught "red handed" stealing other peoples ideas and using them without paying for the illicit use of IP a number of times in the past. It's kind of funny because these people claim "moral authority" and "the moral high ground" yet when it comes down to the nitty gritty of things, they have considerably less morals than many of those they snoop on.

I hope Jean-Jacques Quisquater can see a funny side to it and treat it as sort of a "Badge of Honour" and be able to "Dine out on it".

Clive RobinsonFebruary 3, 2014 12:37 AM

@ AlanS,

    I don't have access to Guardian Magazine unless it is online. But I have read some of the earlier memory posts

The article is online [1], but the photo of the PCBs where the Guardian Staff "dremmeled off "various "memory parts" appears to be of insufficient quality in the online article.

I don't know if @Bruce still has good contacts within the Guardian or not, if he does maybe he could drop the hint that people would like high resolution copies of those pictures for use in "training and education". It's an academicaly valuable source of information on real world "Methods and sources" and I can think of atleat two academics who would use them in their courde material if alowed.

[1] http://www.theguardian.com/world/2014/feb/01/edward-snowden-gchq-visit-guardian-destroy-computers

Clive RobinsonFebruary 3, 2014 1:32 AM

@ Ky Waegel,

    This article on obfuscation is an interesting read, but I'm not sure how much to trust it

I've only read the article you've linked to.

But if I understand the writter correctly and they in turn understood what they were being told it boils down to,

    They are using the hard lattice problem to act as a key stream generator with certain desirable properties. The key stream is then used in a multiple level One Time Pad like scheme, where the program function replaces the OTP XOR function.

If that is correct I can see how a proof could be constructed for the security of the system. However like much to do with stream encryption or other OTP like systems --and I've designed one or two myself-- it shifts the security problem from the equivalent of the encryption function to the key generation function.

Which raises two questions,

1, Is the "problem shift" method actualy OTP level secure?
2, Is the hard lattice based key generator secure?

The first of which if not true condems the system, the second however if not true does not condem the system just this implementation provided the hard lattice generator can be replaced with another generator.

It looks like I'm going to have to free up some time in my calender to read the papers.

Clive RobinsonFebruary 3, 2014 2:02 AM

@ AlanS,

I don't know it you've heard but it appears that there are consiquences happening to senior people in the Intel waters?

In the UK the Director of GCHQ Sir Iain Lobban is taking "early retirment"... Which is news to most people.

Sir Iain made a major gaff when he employed the haystack metaphor in denying that GCHQ invaded the privacy of innocent citizens. He said "GCHQ was looking for needles and left the rest of the haystack untouched", but negglected to mention he was also "commiting criminal damage" whilst ripping through the haystack and thus seriously compounding his tresspass in the farmers field in the first place.

When you can not find an analagy to excuse your criminal activity to make you look innocent, and instead end up using one that actualy makes it clear in peoples minds you are without doubt a crook, then I guess it realy is time to go and "prune the roses".

Clive RobinsonFebruary 3, 2014 2:12 AM

@ Skeptical,

With regards the very much deluded Clapper. When he says,

    What Snowden has stolen and exposed has gone way, way beyond his professed concerns with socalled domestic surveillance programs. As a result, we’ve lost critical foreign intelligence collection sources, including some shared with us by valued partners.

He neglegts to mention it's the US Political class that has "burnt" more "methods and sources" for the sake of a bit of chit chat with journalists than the Ed Snowden revelations have.

Also for future refrence when making comment about things other people have posted will you not deliberatly conflate them to make a false impression it's a very poor tactic to use when trying to justify an improbable or otherwise indefensible position.

Clive RobinsonFebruary 3, 2014 2:29 AM

@ Phil,

With respect to the Glasshole app you mention whilst the blurb you post say's,

    The results load in front of your left eye, a selection of personal details that might include someone’s name, occupation, Facebook and/or Twitter profile and, conveniently, whether there’s a corresponding entry in the nationa sex-offender registry.

It's left out the most important "credit score", after all what's a "gold digger" to do to find their next mark...

Joking asside this is actualy quite a real personal security threat which will enable various types of preditor to track people down for the purpose of commiting criminal acts.

yesmeFebruary 3, 2014 2:46 AM

@Skeptical,

"... Snowden's continued silence ..."

Snowden was being interviewd last week by the German broadcaster ARD. I saw the interview live. Is that interview already broadcasted in the US? And if not, why not... That's the question.

AnuraFebruary 3, 2014 2:58 PM

http://www.wired.com/autopia/2014/02/feds-v2v/

The future of automotive safety isn’t about more airbags or stronger steel. It’s about building smarter automobiles that talk to each other, so your car knows that other car is about to run a red light and applies the brakes to save your bacon. The feds think such technology, called vehicle-to-vehicle communication, is a great idea and want to make sure every new car has it.
The U.S. Department of Transportation and the National Highway Traffic Safety Administration have approved V2V communication systems that regulators say will increase safety, reduce accidents and pave the way for connected cars. Transportation Secretary Anthony Foxx said V2V technology could do for motorists in the coming years what seatbelts did in the 1960s and airbags did a generation ago.

This makes me nervous. It's either going to be completely anonymous and ridiculously open to hacking or it will have data signed with a certificate which will allow your car to be tracked everywhere it goes.

MadLogicianFebruary 3, 2014 4:57 PM

Clockmaker:

> Laws being drafted to require police controlled kill switch on all European cars. That couldn't possibly go wrong could it?

> From the BBC:

A device that would enable police to stop vehicles remotely is being considered by an EU-wide official working group, it has emerged.

The feasibility of such technology is being examined by members of the European Network of Law Enforcement Technology Services (Enlets).

This is a very old idea. I know that a British reasearch unit was being asked to explore the same feasibility 25 years ago.

Now that cars all contain onboard computer networks it's a little less science-fictional, but even if you could do it there would be a substantial risk of killing the person you're trying to stop - rarely a desired outcome.

A much more appropriate technology is in current use - you drop a spiked pad in fornt of the target vehicle which causes a slow puncture.


SkepticalFebruary 3, 2014 5:42 PM

Clive He neglegts to mention it's the US Political class that has "burnt" more "methods and sources" for the sake of a bit of chit chat with journalists than the Ed Snowden revelations have.

I don't think that's remotely close to true; and even if it were, it doesn't undercut Clapper's point.

Also for future refrence when making comment about things other people have posted will you not deliberatly conflate them to make a false impression it's a very poor tactic to use when trying to justify an improbable or otherwise indefensible position.

No idea what you're referring to here.

yesme Snowden was being interviewd last week by the German broadcaster ARD. I saw the interview live. Is that interview already broadcasted in the US? And if not, why not... That's the question.

I was unclear. By "Snowden's continued silence", I meant Snowden's continued silence on how many documents he took, why he took documents that don't reveal illegal or unethical activity, and why he won't assist the US in minimizing harm. Ideology - at least so far as Snowden has explained his - doesn't explain those things. Ego, however, does. And for multiple reasons, that's concerning.

AlanSFebruary 3, 2014 8:06 PM

@Skeptical

Regarding Clive's reference to the "US Political class" above See the New Yorker article I referenced earlier: The Secret Sharer: Is Thomas Drake an enemy of the state?

I suspect if they hadn't treated earlier NSA whistleblowers so badly, whistleblowers who followed the rules for reporting problems up through the chain of command, things might not have happened the way they did. What goes around, comes around, as they say.

From the New Yorker: "Jack Goldsmith, a Harvard law professor who served in the Bush Justice Department, laments the lack of consistency in leak prosecutions.... Gabriel Schoenfeld, of the Hudson Institute, says, “The selectivity of the prosecutions here is nightmarish. It’s a broken system.”"

SkepticalFebruary 3, 2014 11:54 PM

AlanS - I have not read the article closely, but I've read about the Drake case, including the federal judge's frankly stirring words at sentencing, and his scathing criticism of the DOJ's conduct in that case.

However, many of the investigations and prosecutions of leaks have had nothing to do with whistle-blowers. Gen. Cartwright is apparently the target of an investigation into the leaking of Olympic Games. Donald Sachtleben, the FBI agent who pled guilty to leaking top secret information about an operation to disrupt an AQAP bomb plot and locate a key bombmaker, wasn't whistle-blowing. Neither was an analyst who leaked information about North Korea's nuclear program. And there are many other examples.

And then there are the kinds of self-glorifying/semi-sanctioned leaks that led Robert Gates, supposedly, to walk into National Security Adviser's Tom Donilon's office and tell him, "I have a new strategic communications approach to recommend." "What's that?" Donilon asked. "Shut the fuck up," Gates replied.

So I don't mean to diminish the seriousness of leaks other than Snowden's, or the extent to which that is an ongoing problem.

BUT. Did Snowden seek the advice of counsel as he considered whistle-blowing? Did he attempt to limit his disclosure of classified information to that necessary to accomplish what he believes to be whistle-blowing? As far as I know, the answers to both questions are no. And his actions to date are lending increasing credence to less flattering explanations of his behavior, and to higher estimations of the potential danger posed by the extent of what he may have taken.

While whistle-blower protections are far from perfect, I don't see any evidence of a good-faith effort by Snowden to explore the possibility; I don't see any evidence of an effort to limit his disclosures to acts he thinks/thought to be illegal; and I don't see any evidence of current efforts to aid the US in minimizing the harm caused by his actions.

Instead I see what are often well crafted statements issued in carefully controlled interviews by journalists all too eager to maintain him as a source. For example, in one of Snowden's first Q&A's, managed by The Guardian, his opening statement was that the US had deprived him of any chance of a fair trial. It's a statement that sounds like it was suggested to him by a lawyer. His evasive answers as to whether he would ever consider trading information for asylum were equally crafted.

So, sure, I think the US can do a better job at managing whistle-blowing, but Snowden isn't a good case of those protections failing. If he wants to be a whistle-blower, then he needs to start acting seriously to minimize harm, and he needs to aid in limiting disclosures to acts he can still genuinely believe are unlawful.

Scott "SFITCS" FergusonFebruary 4, 2014 1:16 AM

@Skeptical

Did Snowden seek the advice of counsel as he considered whistle-blowing?

Strawman? As demonstrated by the calls by officials to kill Snowden that sounds like a dangerously naive expectation. Especially from some with your psuedonym don't you think?

Did he attempt to limit his disclosure of classified information to that necessary to accomplish what he believes to be whistle-blowing? As far as I know, the answers to both questions are no.

What efforts have you made to "know" that? I haven't heard any "concerns" voiced by Bruce, and unless there's something important you've neglected to mention, he's the only person taking part in this discussion in a position to form an informed opinion.

And his actions to date are lending increasing credence to less flattering explanations of his behavior

That's certainly the opinion repeatedly voiced by you, and couched in the same "concerned" (continually rephrasing "concerns" and speculating only negatively) language used by other defenders of the NSA "right" to break the law. And if your sole objective is only to sling mud, then it's the approach I'd expect. Mud sticks to the thrower too.


and to higher estimations of the potential danger posed by the extent of what he may have taken.

I don't see any evidence of a good-faith effort by Snowden to explore the possibility; I don't see any evidence of an effort to limit his disclosures to acts he thinks/thought to be illegal; and I don't see any evidence of current efforts to aid the US in minimizing the harm caused by his actions.

You do keep saying that. Repeatedly overstating your "concerns" reads more like the advancing of an official agenda than attempts to discern the truth.

While whistle-blower protections are far from perfect,

Like a rock in your shoe is far from an effective birth control measure...

I don't see any evidence of a good-faith effort

Out of curiosity... what process did you use to determine that? Could you show us the logic schema you used to arrive at that belief (emphatically declared opinion) as a result of gathering that "evidence" with which you seek to hang Mr Snowden?

TIA

Kind regards

NOTE: I'm not going to comment on the rest of your "speculation" as that's all it is, though it does read like spin.

yesmeFebruary 4, 2014 1:44 AM

@Skeptical. I respect your opinion.

However, I think you are wrong on a lot of points.

For instance, is the interview broadcasted in the US yet? It's news, isn't it? So why isn't it broadcasted yet?

And I don't think it's an ego thing from Snowden. If that was it, we would have seen him way more often. But he himself has been quiet for 6 months, which is an eternity.

About the whistleblowing. Even Obama himself couldn't explain how Snowden could have come out other than the way he did it. When the chiefs in command are lying and being protected about the lying (see the recent article about Clapper in The Guardian), how can you let the people know that these guys are lying? I just don't know how Snowden could have done it differently.

In fact, Greenwald (who is probably still alive only because he plays it the right way) has only told us what they are doing. There are no technical details mentioned. I mean, a completely worked out plan for attacking the EU in Brussles for instance. And I think they certainly have a couple of such documents.

I still believe that the only goal of Snowden is to inform the people about what's going on.

yesmeFebruary 4, 2014 1:49 AM

@Skeptical, after reading the post from @Scott "SFITCS" Ferguson, I changed my mind. I agree with him, your posts smells like spin.

Clive RobinsonFebruary 4, 2014 5:35 AM

OFF Topic :

Steal from your Employees cartel of Google,Apple,Intel and Co

It appears that certain HiTec Silicon Valley Corps have formed a cartel to suppress employee renumeration and other work related benifits by distorting the labour Free Market...

So as many have suspected for quite some time these Corps are very far from being the Free Market libitarians they claim to be, and are much more akin to the Robber Barrons of old (that in many respects were responsible for the formation of Workers Unions).

http://www.theguardian.com/commentisfree/2014/feb/03/google-apple-silicon-valley-free-market-joke

AlanSFebruary 4, 2014 8:11 AM

@Clive
As someone once said "People of the same trade seldom meet together, even for merriment and diversion, but the conversation ends in a conspiracy against the public, or in some contrivance to raise prices".

I'm not familiar with the case but it should probably be noted that CA is one of the few states that considers non-compete agreements between an employer and an employee illegal. It's a contentious issue everywhere and results in lots of litigation.

BuckFebruary 4, 2014 12:36 PM

Bases on the limited guidelines and constitutional justification that remain unredacted, it appears that the first method is something along the lines of "parallel arrest"... I.E.: LEA agent gets an address, license plate, name, etc. from a concerned IC member; then the officer(s) would follow said suspect around until witnessing a crime and jump in to make the big bust.

I suspect the name they call this dirty little method might even be more unpalatable to the people than the actions themselves...

SkepticalFebruary 4, 2014 1:19 PM

Scott Strawman? As demonstrated by the calls by officials to kill Snowden that sounds like a dangerously naive expectation. Especially from some with your psuedonym don't you think?

Because of all the other whistleblowers and journalists that the US has targeted for assassination? Come on.

I'm asking what steps Snowden took to determine how to minimize the harm of what he views as an ethically required disclosure of classified information. Consulting with an attorney should be high on the "to do" list, and Snowden had allies with connections to excellent attorneys who specialize in these kinds of issues.

What efforts have you made to "know" that? I haven't heard any "concerns" voiced by Bruce, and unless there's something important you've neglected to mention, he's the only person taking part in this discussion in a position to form an informed opinion.

Indications that Snowden did not minimize disclosure to "whistleblower material":

1 - Most obviously, there is the reporting of information that clearly does not demonstrate illegal or unethical conduct, such as the TAO catalog. This alone suffices to raise concern about Snowden's minimization of unnecessary disclosures of classified information.

2 - There are Greenwald's claims to be able to release information that would do more damage to the US military in one second than has ever before been inflicted upon it. Even accounting for Greenwald getting a little carried away, that's a clear indicator that the material Snowden disclosed isn't limited to whistleblower material.

3 - The news organizations themselves clearly believe that a great deal of the information Snowden disclosed to them should be withheld for national security reasons, as these news organizations have (sometimes responsibly, sometimes not) redacted or withheld much of the material they have reported on.

4 - There is apparently a DIA report (about which we know little) that Snowden took 1.7 million documents, most having nothing to do with NSA surveillance. I regard this as a minor item of evidence, as very few details of the report have been released, but it's obviously very concerning.

5 - Various news organizations, and those who have consulted with them, have expressed concern as to the security of the documents, which certainly implies that there is much in them that should not be released.

That's off the top of my head. That should suffice.

That's certainly the opinion repeatedly voiced by you, and couched in the same "concerned" (continually rephrasing "concerns" and speculating only negatively) language used by other defenders of the NSA "right" to break the law. And if your sole objective is only to sling mud, then it's the approach I'd expect. Mud sticks to the thrower too.

I'm seeking to understand, not to sling mud.

Out of curiosity... what process did you use to determine that? Could you show us the logic schema you used to arrive at that belief (emphatically declared opinion) as a result of gathering that "evidence" with which you seek to hang Mr Snowden?

Like most people, in an informal way, I generated different hypotheses concerning Snowden's intentions and thoughts, and then viewed available information regarding his words and actions to see whether certain hypotheses were more strengthened, or more weakened, than others.

So, for example:

Hypothesis: Snowden acted conscientiously and with best efforts to limit the disclosure of classified information to that which reveals wrongdoing by the American government.

Evidence: A very large amount of information not revealing of any wrongdoing has been disclosed by Snowden.

Evidence: Snowden has, apparently, made no attempt to alert the US as to what information he may have taken, or what legitimate operations, assets, and personnel might now be compromised or at greatly increased risk of compromise.

Both of these items severely weaken the hypothesis.

We can generate additional, more reasonable hypotheses, that allow for Snowden's understandable self-interest in his welfare and in maintaining leverage. However, even someone with a reasonable amount of such self-interest should be able to do a better job minimizing the disclosure of legitimately classified information, and should be able to do a better job of minimizing the harm from such disclosures.

These are all hypotheses, and all speculative, and all subject to revision in light of additional evidence. And I certainly wouldn't impose any sanction on anyone, much less hang someone, on the basis of this.

It's possible that Snowden erred along the way, and certainly the misattribution of strategic intent to every action/inaction is a common mistake we all make in interpreting the behavior of others. But then I would expect to see actions from him to correct those mistakes, and thus far those actions are lacking. And there are innocent explanations for this, such as difficulty perceiving those mistakes in his present circumstances or being constrained from acting by his present circumstances.

So, it's still a puzzle, but the probabilities begin to tilt.

BuckFebruary 4, 2014 10:22 PM

Congressionally enforced communication with customers?
http://healthitsecurity.com/2014/02/04/hhs-amends-clia-regulations-to-allow-direct-patient-access/
Health Insurance Portability and Accountability Act (HIPAA)

BuckFebruary 4, 2014 10:33 PM

Seems awfully off-key for current trends in governmental use of private data... Perhaps there are still agencies out there working for the public good..? On the other hand, I have to wonder about the implications of SHIPPA (the Secret Health Insurance Portability and Accountability Act)...

Sorry bout the double post there... Slip of the finger? Don't know what happened to that href though..?

Clive RobinsonFebruary 5, 2014 2:34 AM

OFF Topic :

The recent "Angry Birds" and other mobile app personal info leaks which the NSA and GCHQ listened into are down to two things,

1, Big data demands for ever more data,
2, Developers of apps and Big Data services not using encryption.

The second problem is discusssed in the following article,

http://www.technologyreview.com/news/523971/how-app-developers-leave-the-door-open-to-nsa-surveillance/

However solving the mobile to service encryption problem won't stop the first problem, or the issue of the NSA, GCHQ et al getting their hands on the data.

I think it's reasonably safe to say that as Big Data is --currently-- considered the "life blood" of the Marketing Industry which is --supposedly-- the largest industry in the world, stoping the data collection would be --effectivly-- an impossible task [1].

Thus the issue becomes one of stoping the spy agencies getting their hands on the data. If all we do is encrypt the equivalent of the "last mile" the spy agencies will do one of the following,

1, Exploit weaknesses in the encryption.
2, Use a court order for the keymat.
3, Exploit weaknesses in the Big Data systems.
4, Exploit weaknesses in the systems of those who buy Big Data.
5, Exploit weaknesses in the mobile device.
6, Legislate for the data they want, making you pay to give it to them.

We are never going to stop all of these, nor is it felt desirable by some that we should do (ie the argument for targeted survielance of criminals). Thus we have to decide what the best is we can hope for.

Of all the options 5 is perhaps the one we want to force the spy agencies towards as it puts the most burden onto them.

[1] The problem is lobbying. The industry will always find a country where they will buy the legislation they want. Having done that they will use it to either scare or bribe politicians in other juresdictions to get similar legislation. And should that fail the juresdiction that has the required legislation will become the "data collection capital of the world". In essence they will become as attractive as a good "tax haven"
to corporates.

Clive RobinsonFebruary 5, 2014 2:41 AM

ON Topic :-)

@ Bruce,

    A T-shirt with a drawing of a squid reading.

I don't think the squid is reading, it looks more like it's wrapped it's tenticals around the head of a person to stop them reading...

FigureitoutFebruary 5, 2014 11:26 AM

OT
More police extremeness, now swat teams are used for credit card fraud and they can't even get good intel and end up leaving the house w/o finding anything related to the warrant they had. I feel so protected getting the small time drug dealer and probation offender. They also covered up and in one case ripped out (uh, property damage) cameras to document their actions. Sad reading, but Radley Balko does an excellent job of journalism on a foreboding topic, the future police state w/ ex-military w/ PTSD:

http://www.washingtonpost.com/news/opinions/wp/2014/02/04/scenes-from-a-militarized-america-iowa-family-terrorized//?print=1

AnuraFebruary 5, 2014 12:41 PM

Not surprising, but Sochi Olympics is open season for hackers:

http://www.engadget.com/2014/02/05/sochi-olympics-hackers/

NBC's Richard Engel came to Russia with brand-new gear littered with fake accounts, testing the waters while limiting exposure to his legitimate data and contacts. The "honeypot" was a success, with Engel's Galaxy S 4, Mac and Windows laptop all compromised within a day of arrival.

FigureitoutFebruary 7, 2014 10:07 AM

Anura RE: Russian hackers
--What's funny is the state dept. warning Americans to "no right of privacy" in Russia. I don't get how some people can say that w/ a straight face. And check out a blog post by Robert Graham, first it wasn't in Sochi but Moscow, and he initiated the malicious download on the smart phone.

Two funny takeaways: 1) Don't let Richard Engel use your smartphone. And 2) OMG BOX BOX can you open a box?! lol

http://blog.erratasec.com/2014/02/that-nbc-story-100-fraudulent.html#.UvUAGD-2y9s

name.withheld.for.obvious.reasonsFebruary 7, 2014 12:32 PM

Just had to go with this one early....

----- CAUTION READ ONLY IF YOU WANT TO KNOW WHAT I AM CHASING -----

I have been asked to give a talk about computer security at a local university, since they've asked there are three more major topical areas that didn't even exist before...Data and Systems Integrity after the
releases from Snowden. There is also the "Trust Nothing on the Internet", or, "What will it take to recover any sense of TRUST on networks, public or private?"

What does this all mean--for me it is the 800 pound gorilla is now in control while we (small business) are struggling not to be crushed. No one calls, other organization's problems are so large as to make any regular business opportunities impossible to engage. Lost two opportunities for business/development (one from Canada for $100,000 and another open project--didn't have a price tag but most interesting, great market opportunity).
The top people in my field have lost their jobs...companies are voluntarily shutting down. People
are canceling attending technology conferences. The amount of turmoil and betrayal is more than anything I've seen in technology, or any professional field. It is more problematic than I'd had guessed--and a friend of mine from the CIA calls me paranoid--he doesn't call me that any more. In fact he is glad he's so far along in years--doesn't like the situation. It is so demoralizing keeping a keel in the water when all waters are turbulent. Not trying to be a bummer--believe me I'd include all kinds of info but there hardly seems to be a point. Technical pros are grappling with what to do--how can systems, networks, communications, and devices be trusted? People are talking about starting over, new hardware and software...or just unplugging it all. This makes any business decisions really difficult--especially for a technology start-up company.

------- It kinda goes like this -------

Let me make an analogy that could help explain what I am talking about; the nuclear warfare scenarios of the last 50 years form the basis for an allegory. In this instance though, where a missile or missile silo is mentioned just substitute it with network computer technology (PC, laptop, tablet, cell phone, in vehicle systems, wifi, etc.). And nuclear warfare will substitute for cyber warfare.

Before I start though let me explain a little about Cyber warfare tactics; the United States officially, yet classified and not publicly, supports a policy which is essentially a "winner-take-all" strategy and implies that there are no boundaries, allegiances, nationalities, sovereigns, civilians, or objectors. The U.S can be the beneficiary of the spoils of war instead of just using war as a political construct--there's an economic twist. Where someone should have taken a principled stand, say like Dwight Eisenhower, the theories and applications were allowed to go MAD.

Now to the allegory...

Remember the nuclear warfare scares of the 50's and 60's--people built bunkers, we "ducked and covered". Basically there is a "Civil Defense Plan" that your local school, fire station, and public safety official knows about. But no, that wasn't good enough--we have to strike before anyone else can--the new theory is "First to go MAD". Since our new nuclear warfare policy is a "winner-take-all" strategy we have scrapped the Civil Defense Board and now have First Strike Teams. If for example we even think the Russians are considering a nuclear engagement with the United States or our interests, we will launch the most direct and effective nuclear "first strike" making sure the Russians know we mean business.

Today everyone is being asked, not to build a bunker or shelter, but a missile silo. The United States government would like everyone to build a ICBM capable silo on their property and host at least one Atlas, MinuteMan, or Trident long range ballistic missile[1].

You or your neighbors nuclear silo can be dynamically targeted; targets could be right next door, down the street, across town or the world.

The missile could be for a foreign enemy or it could be for a friend or relative...there's really no knowing--but plans have been made for such contingencies and the software has been written to make it so...I think I hear the low hum of a drone...be back in a minute.

For the United States this new posture on nuclear war will provide us the strategic advantage and the necessary "proximity" to thwart any attempted nuclear first strike--by anyone. That includes terrorists, arsonists, bank robbers, welfare queens, political dissidents--or the dixie chicks.

In the near future your government may call on you to carry a APT/BM system with you. The APT/BM is the Active Personal and Targeted Ballistic Missile system that will accompany you at all times, a personal nuke missile capable of being launched from say your pocket or purse makes the possibility of someone like a "lone wolf" launching a first strike nuclear attack unthinkable[2].

The new motto (no chicken in a pot or a car in a driveway), it is "a Nuke in every crevice, nook, and kindle!". We're not going soft on nuclear security, no--and it is not unconstitutional to have everyone armed with a nuke. The United States will protect your right to carry a pocket nuke--just don't tell your neighbor--they could be your designated target.

[1] Homebrew, Jail-broken, or; Scuds, Dong II, and other foreign missile silos will not be allowed.


[2] The biggest/baddest tech gorilla wins.

SkepticalFebruary 7, 2014 3:17 PM


@Figureitout:

I found Engel's portrayal somewhat melodramatic as well, although then there is this recently, as reported in The Wall St. Journal:

Dmitry Kozak, the deputy prime minister responsible for the Olympic preparations, seemed to reflect the view held among many Russian officials that some Western visitors are deliberately trying to sabotage Sochi's big debut out of bias against Russia. "We have surveillance video from the hotels that shows people turn on the shower, direct the nozzle at the wall and then leave the room for the whole day," he said. An aide then pulled a reporter away before Mr. Kozak could be questioned further on surveillance in hotel rooms. "We're doing a tour of the media center," the aide said.

As to expectations of privacy in Russia, the US State Dept. is on the mark.

FigureitoutFebruary 8, 2014 7:26 AM

Skeptical
--Did you see the sign on some business in Russian that said straight up, "We don't serve FBI/CIA agents". I lol'd, must be some tension there...

But yeah you didn't catch the drift of my comment, why won't they advise American's in our own country. Also in public court opinions (not the secret ones operating w/ secret laws) say we have no right to privacy.

BuckFebruary 10, 2014 6:41 PM

@moz

Quite intriguing... Especially (in my mind at least), this part:

During the course of Kaspersky Lab’s investigations, the command-and-control (C&C) servers were shut down.
Also may be interesting to note that Spanish is probably the most commonly spoken alternative language for native American English speakers...

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..