Friday Squid Blogging: Squid Boats Illuminate Bangkok from Space


To attract the phytoplankton, fishermen suspend green lights from their boats to illuminate the sea. When the squid chase after their dinner, they're drawn closer to the surface, making it easier for fishermen to net them. Squid boats often carry up to 100 of these green lamps, which generate hundreds of kilowatts of electricity--making them visible, it appears, even from space.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on August 22, 2014 at 4:49 PM • 145 Comments


BenniAugust 22, 2014 5:25 PM

It seems that soon, one can really begin to use tor:

British and American intelligence agents attempting to hack the "dark web" are being deliberately undermined by colleagues, it has been alleged.

"You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super-subtle bugs or other things that they probably don't get to see in most commercial software.

"And the fact that we take a completely anonymous bug report allows them to report to us safely."

He added that he had been told by William Binney, a former NSA official turned whistleblower, that one reason NSA workers might have leaked such information was because many were "upset that they are spying on Americans".

thomasblairAugust 22, 2014 5:49 PM

"green lamps, which generate hundreds of kilowatts of electricity"

Ahh, journalists.

Snowden MDCCCLXXXVIIAugust 22, 2014 5:56 PM

NSA losing control of their best and brightest.

These are not leaks. This is the dam slowly giving way.

Plenty of foreign agents were on the ground during the dissolution of the USSR and witnessed Soviet nomenklatura delighting in treason. No, really. Key technical experts in positions of trust were shoveling secrets out the door to us, "Here, look, ОВ!" and laughing.

Why? Because the regime had pissed away its legitimacy. No one knew that better than the most senior, best educated insiders. That is what the US government police state has come to. It fails to honor the essential obligations of a state. It's irredeemably corrupt and repressive, and it's ready to be shitcanned.

JacobAugust 22, 2014 6:47 PM

As some of you probably know, there is an open group called who attempts to keep Truecrypt alive and to develop a legally-robust derivative work.

The dev process is fully transparent, and the group members are at the stage where they try to come up with a common dev framework for the collaborative effort.

A few weeks ago the lead dev suspected that his WiFi router's firmware got hacked:

Reading through the mailing list I was dumbfounded how poorly their OpSec was while attempting to develop such critical security software.

In addition, I subscribe to the notion that security software should be developed under wraps to minimize attack surface of code/libraries, dev machines, in-process depositories, mailing lists, and the developers themselves. By all means make the code, when done, public and explain what you did, but not while you developing it.

BenniAugust 22, 2014 8:43 PM

Here is the letter that the german foreign ministry sent to all embassies.

Translated, it says:

The foreign ministry asks all diplomatic embassies in Germany to let us know of all secret service personnel (name, surname, date of birth, name of the service, function in the service, and where he/she is employed). We kindly ask you to reply until 31. August 2014....

This here is the report of the investigation commission of the german parliament on the right wing terror organization NSU.

They found, for example, that the police asked germany's domestic intelligence service "Verfassungsschutz", where the terrorists are. The reply from the spooks was that the group escaped to america, even when the german spies clearly knew where the terrorists stayed in germany, with their smartphones in their contact lists.

The parliamentarians were shocked to find that the leader of the domestic secret service in that german Thueringen said in January 1999: "one should understand when youths are right wing extremists. The third Reich did not only have bad sides"

The parlamentarians write that the behavior of the domestic intelligence service leads to the question whether it has deliberately sabotaged police work in order to protect the right wing terrorists in their killing of innocents.....

That is the time, i guess, when one should consider closing this agency....

BenniAugust 22, 2014 9:24 PM

I noted before here

that finfisher, whose developers are apparently close to the BND Bad Aibling Station, is probably a BND project. Now your link

says that "you have to get live access to our server [in Pakistan] for debugging....

These FinFisher Softwares must be deployed on the ISP. Live Access to an ISP in Pakistan.... That must be a dream for BND.....

As I noted, BND was eager to sell its stolen police software to Europol before. And it sells even backdoored crypto hardware. So selling security tech is a usual business model at BND....

FigureitoutAugust 23, 2014 12:16 AM

Jacob RE: ciphershed OPSEC
--This is going to sound a little more mean or "snippy" than I really 'mean', so don't get defensive (I'm pushing for answers). Instead of sitting on the sidelines pointing and laughing, do you have an "all-inclusive" means of doing the project? How would you do it? In detail if you can (I'll get laughed at if I go on another one of my "paranoid orgasms"). For instance, do you have side channels to contact the talent you need to code certain things and are the people willing to use them? Starting the project, like exchanging keys, is the critical ""please don't hack me" moment"; how do you initiate the communications?

No doubt this is an unacceptable level of OPSEC on their part if they are trying to build on Truecrypt. Pathetic, they need to go back to their holes, collect themselves, recover, and come back stronger than before. Everything that "they said" got hacked should've been slightly hardened using solutions that already exist and are actually pretty easy to implement. There was no mention of external media like memory sticks or cell phones (doubt they had explicit checks on those) that could be storing an infection for their "cleaned machines". Noobs should read this (we've all been there, and just checking boxes like Remote Desktop off on Windows isn't good enough), Ubuntu is the windows of Linux.

I do wonder if it's wise to leave router firmware programming via ethernet on routers...Seems pretty damn retarded to me. Needs to be separated and a different protocol and not be emulated...

In terms of "air gapping", no they have not achieved that besides "pulling the ethernet plug". That is not good enough whatsoever and they should know these kinds of things working on a Truecrypt replacement. I guess I need to make a good tutorial on a "poor man's RF cage" as it can be made w/ a closet or a big cardboard box and heavy duty foil. I'm searching for a better frame to build on (found one that claims to be rated from 14kHz-10GHz) to cover up those lower bands that will worry me; but it's $15,000.

In short: Do not use this yet. This is what I mean by "the crypto gurus don't know what's best anymore", you need basic OPSEC to even stand a chance these days; not the '90's anymore. My quote for Bruce and the rest of the cryptographers to use is: Crypto wins, so long as you beat the attackers to it.. It's short and says all you need to know if you can know what it really means. It means you have a clean, shielded machine for crypto, and interfacing the data doesn't compromise it. There can be chips operating such low power, sh*t, I just messed w/ a product that uses *NO BATTERIES* that can operate indefinitely as long as the tiny generator doesn't break (supposedly rated up to 25612 pushes). It's basic physics being shrunk down into a small component. All it needs is a physical push w/in 300m range and you got a remote signal in (and they're expanding their supported protocols too). This could be placed under your floorboards...OK I won't go down that route.

Nick P RE: response to ciphershed
--It was slightly helpful in terms of getting organized, but not nearly specific enough. Not being specific enough is almost more hurtful than helpful sometimes; most of your suggestions seemed like common sense for "secure programming". Doesn't address any of the critical issues like verifying compiler and OS downloads which is where the real infections come from. Nor does it address "recovery w/o secured backups" which is a security problem that would be very useful to "solve".

BenniAugust 23, 2014 12:19 AM

@What do you mean with seriously?

That BND tried to sell a stolen police software to europol was documented by C't magazine, the agent Stefan Bodenkamp was convicted because of that by a german court:

At that time, there were also reports from Spiegel or focus of this.

That BND still sells backdoored Crypto Hardware via Crypto AG in Switzerland, where BND runs the management and directs the engineers to modify their algorithms was documented by Spiegel here:

And now we have a surveillance Software FinFisher, officially made by GammaGroup in Munich, only 10 suburb train minutes away from Pullach, where BND has its headquaters. Furthermore, GammaGroup developers are signing pgp keys with "". But vervis has, according to wikileaks, bought the FinFisher Software. How can they then develop it on GammaGroup servers? Furthermore, Vervis has this strange homepage and you see here how far you have to travel from vervis to BND listening station in Bad Aibling:,+83022+Rosenheim/Bad+Aibling+Station,+83043+Bad+Aibling/@47.8479792,11.9931756,12z/data=!3m1!4b1!4m13!4m12!1m5!1m1!1s0x47761a3d8a844355:0x6b6960af2ef9338!2m2!1d12.13911!2d47.84848!1m5!1m1!1s0x47761d90f4ce0ea9:0x9005bb27143f3fdf!2m2!1d11.98465!2d47.879387

So we have a german surveillance software, made only 10 kilometers from BND listening stations, and this software is deployed by Pakistani agents. And the Pakistanis complain that "you have to get live access to our server [in Pakistan] for debugging...."

Of course, there is no proof that FinFisher is BND. But given that BND sold police software before, and we have a surveillance software, made 5 kilometres away from Bad Aibling Listening stations, which gives the vendor access to government servers in Pakistan, it is hard do believe that BND has no involvement in this.

The hacker who got the FinFisher Software noted in his tweet, "We have some integrity. We don't sell to Israel."....

And this too fits in the picture.

How did Angela Merkel say: "the security of Israel is part of the reason of state for germany".

Germany sells submarines to Israel that can fire atomic bombs. BND certainly does not sell a deliberately bugged surveillance software to Israel which would give BND a "debugging" listening access on Israeli servers. That would be far too risky, to mess up with Mossad, which is known for its assassinations on european ground. I guess they are working with human agents in this region. According to Spiegel, BND havs a large network of informants in the middle east.

BenniAugust 23, 2014 12:33 AM

One should note that vervis is a spinoff from Siemens:

In exactly the same way, the story with agent Bodenkamp had begun. The software metal which this guy wanted to sell in a larger packet to europol also was partly bought from siemens. Other parts were stolen from a small german company, which then lead to the lawsuit for the agent.

Similarly, Schneier writes: "Turkmenistan paid a Swiss company, Dreamlab Technologies -- somehow related to the cyberweapons arms manufacturer Gamma International "

With front companies in Switzerland, BND has much experience. Since there is the BND company Crypto Ag where I have given informations about in the comment above.

So there are just exactly similar patterns. Like BND following some kind of "standard procedures", where to run its front companies, from which company the initial software has to be bought... and so on.

sena kavoteAugust 23, 2014 12:53 AM

Why do we have so many encryption and hashing algorithms in basic Linux programs?

From what should the choice depend?

Does it matter if I m using ARM/RISC or x86/CISC processors? Are different algorithms best for each?

Is there any symmetric or asymmetric encryption, or hashing algorithms, that are specifically made to be accelerated by "graphic processor"'s openCL (not openGL) ? If not, what kind of acceleration can the most suitable algorithm get from GPU's openCL feature?

hashyAugust 23, 2014 1:36 AM

Why would ciphershed want to resurrect truecrypt?? Many portable libraries exist for NaCl, Blake2 and Skein. These were created by actual cryptographers and qualified crypto engineers, like Bernstein who is one of the world's leading researchers on timing and other side channel leaks. I would rather encrypt files with OpenSSL than ever use anything by ciphershed or other TC forks.

ThothAugust 23, 2014 1:58 AM

The reason why people are still sticking to Truecrypt is that there are very few easy to use cryptographic programs (which include a somewhat easy to use GUI).

Plus, many people had their files encrypted in Truecrypt long time ago and the lack of solid and easy to use cryptographic tools makes Truecrypt close to the few options available where you can download and run it without needing to go into technical details.

JacobAugust 23, 2014 4:55 AM

@ Nick P
I glad to see your valuable input there on the proper way to implement security. However, I think that the input you provided will have the effect of "raising a red flag" on their current ops than actually providing actionable list, and have a bit of chilling effect on them, when realizing that having a proper infrastructure takes more effort than Phase I coding... But I 100% agree that they must go through these security notions.

It seems that they are so far away from understanding what a "secure environment" is, that many of the details you provided will probably sound like a foreign language to them (the lead dev mentioned in a subsequent post that on his internal lan at home, where he does his dev work, "My kids don't exactly use good computer hygiene. It's icky how they
keep clicking on scam links to get a game installer they want. Their Windows machines were bio-hazards").

What they need is a security czar that will hand-hold them, be an active mentor and a facilitator, and will tell them do-this, do-that.


Truecrypt has many advantages over simple file encryption: In a "volume" mode, you just treat it as another disk drive where you run programs that may have hundreds of supportive modules and data files, and you know that when you log out the whole ecosystem there is secured (sans files written to the system drive e.g. /, cache, ProgramData, Registry etc) .
In the "FDE" mode, the whole Windows machine is secured - tens of thousand programs, data, temp files, Registry, cache/swap and hibernation files etc are well protected when you shut down your machine.

ThothAugust 23, 2014 6:22 AM

What the devs need are "security for mere mortals" concepts and implementations.

I think the current mindset of most people and most IT people as well is that as long as you encrypt something with a Serpent-4096 key with 100 rounds (exaggerated), somehow their data would be magically safe. There are some who thinks that they can do some memory cleaning with firewalls or implement their soft firewalls as a second layer and it's all good. Most of our security tools out there are built in that configuration and few have gone to the high assurance computing part of security yet.

The current best course of action is to gradually move the assurance level higher.

JacobAugust 23, 2014 7:06 AM


I totally agree. What a dev team or any security conscious individual must do is:

1. Be knowledgeable (or consult with someone who is)
2. Map your threat scenario
3. Compare mitigation schemes vs. complexity and cost
4. Implement the basics and start to build on that as an on-going process

The ciphershed team got a jolt, and now they start to implement some basic security stuff. However, this is a point reaction and I doubt that they are either conscious or knowledgeable enough re possible attack vectors that may compromise the whole dev process, e.g.

1. Spear phishing - by far the most preferred penetration method
2. Rogue programmer that comes on board, boasting skills in encryption programming, establishes good rapport and coding acumen with his/her peers and then subverts critical security code. At such a critical time when the dev team tries to coalesce, that's when a rogue one would want to get in.

No need to go as far as evaluating Faraday cages to protect the machines. First isolate your dev machines from the your gamer kids in the house.

CuriousAugust 23, 2014 7:57 AM

How about having somebody developing a piece of software that by itself doesn't revolve around understand code or programming, which would act like an interactive guide, for the mere sake of explaining various concepts that is related to problems of having operational security, understanding cryptography and how to best make use of various software?

A basic goal would then be to have people getting access to this, without anything in that aquisition process becoming subject to tampering of any sort that would corrupt or influence the way in which the software was programmed and how it would otherwise work in the end.

OtterAugust 23, 2014 7:57 AM

USIS claims "all the markings of a state-sponsored attack".

From red alert to facile excuse in remarkably short time.

sena kavoteAugust 23, 2014 10:22 AM

@Nick P

Many other programs are even more security critical than truecrypt and some of them are not even security software. For example, unetbootin, dd, brasero, xfburn and k3b for making bootable media for operating systems. Linux kernel too, but high numbers of participants (thousands) give security.

Clive RobinsonAugust 23, 2014 12:28 PM

@ Bruce,

This is definitely one for you to add to your list of human ineptitude in high places...

Basicaly it's Dunning-Kruger hits the White House with a soggy splat as though it's the brown stuff rebounding off of the fan,

Short form :- new cyber security --dogs-- body is proud he does not understand what he's going to be incharge of... it's shades of FEMA and the race horse trainer prior to Katrina, the only question is what storm and when and will it go kinetic.

Clive RobinsonAugust 23, 2014 12:41 PM

OFF Topic :

Do your utterings have sufficient gravity?

Well it might be rather more than you suspect, the gyroscops in some mobile smart phones are sensitive enough to pick up your low frequency "speech envelope" that contains a significant amount of the speach inteligence... So with a little help much information can be recovered,

FigureitoutAugust 23, 2014 2:20 PM

Clive Robinson RE: gyro-spying
--I really hope you were planning on posting that and not just to spite me and thumb your nose as it's well below 14kHz. :p Anyone serious about security knows "no phones allowed" and put them in shielded, extra foam boxes. I have an idea I'm chewing on for setting up a decent, pretty cheap defense for RF attacks (involving SDR of course), I'd just need to write some code to do automated scanning (and try to detect spread spectrum and other common freq/phase shifting techniques), hard code, which will take me some time as I won't release anything w/o extensive testing...There will probably but much better solutions elsewhere though, like HackRF. Then preserving the code w/o other injections in transit is forever a challenge.

For just wifi though, could you not have a separate device (little RasPi) simply spewing out de-auths? That's all it does, just knocking anyone and everything off.

Noted that deeper voiced males were more likely to be eavesdropped on, well found something that was surprising relevant (and funny), I'll call it the "Helium Defense":

So now, we all need to carry around a tank of Helium and only talk after taking a joke. But seriously solutions keep looking more and more retarded to security problems as time goes on...

RE: Xobs and Bunnie w/ Novena
--It's great stuff, those guys are absolutely KILLING it and they f*cking delivered. I bet they learned so much...I've learned a lot over the summer, didn't finish what I really wanted to (I attacked the problem like a frenzied "code cutter" and I'm really mad about that; but had too many questions otherwise or not knowing what to do...), but had some good successes.

Personally though, I prefer the traditional laptop form-factor. I just want to be able to get to the boards easier, not some kind of cryptic puzzle just to see what's inside the plastic case. One of my hardware acquisitions (free) was an old controller board for traffic lights, well the front case can be quickly taken off using screws inside of springs. Simple and quick to take the cover off. Actually still had an old wasp nest hanging in it (yikes..), so it still has "bugs" (sorry lol).

But making the laptop one massive opensource demo-board like board is awesome.

tyco bass RE: insecure traffic lights
--Some of the power boxes on the side of the lights are UNLOCKED and you can simply walk up and physically shutdown the intersection. The "lock"...pfft, wouldn't even be a challenge for tiny wire-snippers...I've seen some disturbing things, but it'll take more money to secure those holes. If terrorism was an actual threat, this country would look a lot different.

Clive RobinsonAugust 23, 2014 5:51 PM

@ Figueritout,

The gyro mic in a smart phone was a general post. What is interesting but few are discussing is not the actual sound sensor but the back end processing. In this respect it would be the same as for the use of a web cam and telescope looking at the edges of a crisp packet, as was posted here a couple of weeks ago.

With regards "traffic light control boxes" most of the ones I've seen are are IP64 or equivalent designed for weather proofing and safety, not anti-tamper or anti-theft or to withstand vandalism.

The result is there is often sufficient flexability in the covers that you can pop then open with a couple of screw drivers as well placed levers. In the UK a lot of the locks are cylidrical locks like those in bicycle locks and vending machines where the pins are placed axialy to the lock shaft and use a cylindrical key with notches of various depths cut to depress the pins the correct amount. Supposedly these cylindrical locks are much more difficult to pick by requiring a special tool.

The reality is as a friend of mine has demonstrated, is you can open them with the plastic barrel of a Bic Biro pen, just by "impressioning" the lock pins against the plastic by using a circular gyrating motion as you push down the pen barrel into the lock. I've seen him open an unknown cabinate lock of this type in under thirty seconds, whilst it takes me over five minutes on the few occasions I've tried it. Mind you many of these cylinder locks for electrical cabinates are so poorly made that hitting the central part of the lock with a center punch and four ounce hammer will drive it and it's attached locking toung out of the back of the lock with a single blow.

Nick PAugust 23, 2014 6:42 PM

@ Figureitout

The recommendations I gave them were intentionally not too specific. All we have is an abstract view of their situation and requirements. Need to know more first. So, I instead gave them a very beneficial baseline that would do a lot of good even half assed and illustrate Im knowledgeable. That I posted it in a forum with private messages so their team can discuss it further.

@ Jacob

That is a risk. It's better they know they're walking into a minefield. And have rather straitforward ways of managing the risk. Of course, the more common response to my high security tips are ignoring it or a flame war. Then they go back to doing it the insecure way.

sena kavoteAugust 23, 2014 7:37 PM

Using RAM to speed up encryption

Does any software enable using pre-computed keystream for stream ciphers? Lets say that a 1 GB file has to be moved to an encrypted volume in a USB 3.0 stick, or file has to be moved from one stick to other while also encrypting it, and then the sticks have to get somewhere else fast. Having 1GB of pre-computed keystream in volatile+fast memory would make that faster in most computers, especially if some other computing needs to be done at the same time.

Some tor nodes have symmetric encryption as bottleneck. If they can have 10 or 100 GB of keystream buffer, that would even-out some short term congestion.

Does this have some security pitfall?

Partially separate question is about huge magic constants. Could it be that having a gigabytes size file could somehow be used to make some new encryption format faster for encrypting at least 1000x more data? The file can be generated from a shared secret random seed, or maybe might even be public and part of the standard, like for example some copyright-free movie in fairly well compressed form.

Stones as physical keys

We need extra option in addition to fingerprints, keycards, codes and steel locks. 2cm wide stone picked from ground or beach is really difficult to duplicate so that it would fool a laser scanner with high magnification camera, especially if the stone has even small glittering ie directed reflections+refractions. The reader can be assembled from off-the-shelf parts including raspberry pi. The software is difficult, but no need to deal with deformation like with fingerprints and retina scans. Stone can be glued to a keychain.

Hear yeAugust 23, 2014 8:08 PM

Hear ye, young cyber warriors of the realm: GCHQ wants you

"Spooks have called upon the good people of Blighty to help protect an airline from attack by a vicious group of nerdy cyber-terrorists.

That might sound like the secret services are getting a bit desperate, but don't worry kids: it's only a game.

The bods at GCHQ have announced a new part of the Cyber Security Challenge UK designed to unearth potential digital knights of the realm."

FigureitoutAugust 23, 2014 8:26 PM

Clive Robinson
The gyro mic in a smart phone was a general post.
--Ok good, I know you have a habit of leaving subtle hints. :p

RE: what's interesting
--Doesn't picque my interest to where I need to go searching, but it's just the side-channel aspect of it that's yet again disturbing. And this sensor is so small I bet you couldn't even visually differentiate it from any number of completely different components...Have to run tests just for it, time...

RE: lock picking
--It's neat, the mechanics of it; the visual mechanics are so lacking today, thus people that learn that way will be neglected... Me personally, I would just find a way to get the actual key and generally not worry about lock-picking as it can be pretty frustrating. :p

Nick P
--You make a good point, I would say simply that most people want to cut the crap and prepare for the worst and not worry about the different flavors of script kiddy. You know I just love to "come at you" :p But seriously, I want to see you do better, keep pushing for better; and I want to see you integrate something (it's what is really needed).

I'm honest w/ myself and somewhat self-deprecating, so I know my weaknesses and failures (there are many)...For instance, this past summer, every morning I come into work expecting all my work being completely wiped. I back it up, but the infection has already happened I'm afraid. It's not a good feeling, but I can't address it w/o being a tad "neurotic" I guess. I also can't come in as a young engineer and start bossing people around telling them new protocols to follow, it's not my place; so I begrudginly put up w/ the extreme insecurity. All of which is a distraction to getting the job done.

This kind of thing happens a lot of places, making a point would likely get you fired or worse (like Snowden).

sena kavote RE: stones as keys
--Woah, you may actually be onto something. Surely this has been thought of before? Think about it, how deniable is a stone? Kind of like biometrics. Still problems w/ active attacks (as always) but it's good idea as camera technology is getting ridiculous these days...

ThothAugust 23, 2014 8:36 PM

A Graduated Security Improvement Method

Here's my shot at trying to create an introductory graduated path to increasing security assurance which I hope Nick P and Clive would be able to comment on. The context is in the Ciphershed devs where it's said they are doing ad hoc on insecure network and computers. These steps here are very generic and theoretical which hopefully a more practical use can be created soon.

1.) Partition network into insecure, medium security and high security network. Insecure for kids to do general browsing, medium security have a more relaxed firewall rule and high security to have strict in/out network filtering and control flow. Put them all on different network partitions.

2.) Do a dd wipe on a Linux computer on the high security network and uninstall all unnecessary packages and data as a close to barebones linux which this computer will be used to download a clean copy of secure OS (openBSD and the likes). Disconnect the computer and then do hash checksums and GPG signatures. Burn OS images onto a read-only CD/DVD and wipe out the Linux computer use to download the secure OSes. Reason is this is used as a stepping stone. Wiping the Linux computer is to get rid of any minor TLAs that might have inadvertently followed in. This is not very assuring but it's much better if you are really stuck on resource. If you have the cash, buy a new computer and install the secure OS. If not, just use the wiped computer and install on top of it.

3.) While installing secure OS, remove all unwanted packages and install barebones setup and GNU compilers. This computer will be air-gapped which the network drivers should be uninstalled. Enable Full Disk Encryption if given the choice. If not, download and install them. This will be the highest level secure computer.

4.) On the highest level secure computer, generate your RSA/DSA keypairs onto a read-only CD with encryption on the keypairs. You can use the OpenSSL package to generate keys and also encrypt the keys themselves with a strong password. You can use a HSM if you can afford one to store your keys instead :D . All the code signing and verification for your software codes should only be done on this machine. CD holding the crypto keys should be quickly dismounted once used. If you do not want CD-based TLAs on your keys stored on CDs, do not store the keys in the CD (and refer to step 5 right away).

5.) To prevent troublesome lost of the keys, copy the ascii-armoured or base64 characters of the encrypted key material on a piece of paper. Seal the paper containing the encrypted keys in an envelope and tape all the visible openings of the envelope up and store the envelope in a safe away from the kids. If you want a higher level of security, completely recreate the keys manually transferring the key material from the paper to the text editor to recreate the encrypted keyfiles to prevent CD-based TLAs. Burn the entire envelope if imminent threats occur.

6.) Install another computer with the secure OS with network enabled (install network drivers) and remove all unwanted packages. Setup firewall to only allow SSH. This will be the computer used for communicating and downloading updates from the Git repository via SSH. Remove all other possible network based daemons that is not needed (snmp, samba, ftpd, httpd ...). You may need to allow inward flow of HTTPS to download OS updates though but if you don't have a httpd, you might be better off a little. Your best friend is the wget tool but if you want a higher security option, you might need to make your own non-TLA'ed wget/curl tool. This machine allows signature checks on downloaded software packages since the higher security level computer is not network enabled.

7.) Codes are transferred between the high security and medium security computer via CD/DVDs. If you cannot afford the cost of read-only CD/DVDs, just use a rewriteable one but the level of security would be lower.

8.) Highly secured text messasges between developers concerning the projects should be exchanged via the SSH channel by setting up a special sharing folder on each developer's medium security computer and the messages and pulled via SSH into the folders (manual version of emails) since you dont want to trust normal emails and get compromised. All project based critical messages are to be timestamped, signed, decrypted/encrypted in UTF-8 or Ascii based formats or probably base64 if it's a huge message on the highest secure computer and transferred by CD based media to the medium security computer for exchanges. In essence the medium security computer acts as a mail server, code exchange server and OS update medium.

These steps are not the highest assurance levels and are created with the normal developers on tight budget in mind but they act as a stepping stone to more higher levels of assurance when the opportunity arises.

FigureitoutAugust 23, 2014 8:54 PM

--Again, like it. Good post, neat, well formatted. It's assuming you already have a wiping drive and a computer for it. Next step is moving to the routers and modems (disregarding simply splitting traffic at the box right outside your place). I would do some Nmap probing, I found something very peculiar when I did. Keep pushing.

Nick PAugust 23, 2014 10:35 PM

Well, the CipherShed post has over 100 views and no comment. Guess they're ignoring it lol. You'd think their situation would at least merit a comment by a project member given their stated goal:

"Paranoia: Trust no one. Trust nothing. Assume everyone else is a malicious actor and that everyone's machines are compromised by adversaries."

Far as CipherShed, their experiences and response to them shows they [so far] aren't qualified to develop software while targeted by even average black hats. It becomes more grim when you realize they are in the cross-hairs of every organization that wanted TrueCrypt broken or gone. Naturally, one should assume CipherShed's code, binaries, or distribution process might be compromised. Best route is to let them continue developing the software, but audit the code and compile it yourself (eg Truecrypt best practices). The good news is this can be done incrementally over time, esp if you use air gaps and write-once media for hashes of prior verification work.

Anyway, my effort there wasn't a total waste of time. Project member Bill Cox's page has a number of interesting projects. My visit led to his TwoCats paper. I skimmed his attributes and like what I saw. I'll have to read the rest later on.

@ Thoth

Well-presented. I'll try to think on it and discuss it later when I have some mental energy. It's been a *long* 72 hours for me with more of life's troubles to deal with before I can meditate on a new security scheme. What I posted at CipherShed was easy as it was a variation of what I've done before. I'll say right now though that your key to paper and vice versa method I used regularly at once point for a hardened system with no storage. Neat that you thought of it.

@ sena kavote

Stones. They've been used in low-tech security in many ways for longer than INFOSEC has existed. I've never heard of one as a key, though. That's clever thinking. No energy/time to explore it for now but I might later. I'd be interested in Clive's opinion of that. My current concern, though, is the tech to use it might be too complex and therefore easy to hack/subvert. Biometric-style stuff is uniquely troubling to me in that it forces you to trust one or more extra black boxes. So, I try to avoid those in most schemes.

AdjuvantAugust 23, 2014 10:41 PM

@Nick P, Thoth, et al.:

Just today I stumbled upon another attempt at a practical INFOSEC guide aimed at targeted legal professionals that I think is worth a look. It revolves around specially-modified Thinkpad X60 laptops used as thin clients, paired with "a server architecture based on Core OS, resilient data redundancy via TAHOE-LAFS, and a robust network design featuring an “forced on” VPN, and LDAP two-factor network authentication": An Architecture for an Adversarial World. Looks like a great start, but just based on lurking here I think I already see several areas for improvement. The author(s) have put out a request for feedback and would certainly benefit from expert critique.

FWIF, I'm personally working on implementing the following subset of their infrastructure:
Replacing a Thinkpad x60 Bootflash Chip

which in turn builds on work presented by Peter Stuge at 30c3:
Hardening Hardware and Choosing a GoodBIOS.

My soldering experience is practically nil, so this should be interesting(!)
At least I have a bunch of spare salvage to practice on. Wish me luck!

Tamara BensonAugust 24, 2014 12:06 AM

I'm confused by the newish fill in the blank requirement, hope I passed.

This question is about WHEN LOVED ONES DIE--how to get their data from the Internets. Ignore this if you don't care or this isn't your concern...

In my case, my 20 year old daughter jumped from a 21 story building in Arlington, VA last year. Yes, yes, the devastation has just about destroyed me. But she was a poet and a confusing beautiful artist, and I needed to see all of her emails, tumblrs, tweets, facebooks to try to understand what had happened, and why that day.

I know, this is one of those posts that no one wants to touch with a 10 foot pole, but what I ask is this: I didn't care then and I don't care much now about website "policies" in the event of death--I just wanted her data--has anything been written to help other families get the data?

In her case I was lucky, she had a rebellious youthful streak and didn't set a pw on her laptop as I had taught her. From that, it was one slow step after another to reset or access all of the social media I could find for her. I've been able to recover a lot of her writings and poems, and learn more about who my daughter was and how she felt. I am very grateful for that. Other parents in my support group haven't been either as lucky or as tech savvy to get their kids' data.

Honest: even after a year of dealing with this endless loss, I have little interest in the bureaucracy of some big company--I'd rather just get my child's data on my own. I see very little written about that, as if it's some big hidden secret how to access accounts--you and I know it's not a huge mystery.

So, for fellow parents' and loved ones of suicides, I'm writing a howto on accessing their dead loved ones accounts, and of course I'm still a logic-mess personally, but I know HOW it should be done.

Looking for advice, suggestions, caveats, etc. Just do not tell me to go to an internet service for their policy right now--I have no time or energy for that right now.

I know most users are Windows users, but we've been windows at work and mac/linux/unix at home forever. Most of the parents I run into are windows people and so are their children.

Does the Knoppix linux boot still work or is there something newer if all else fails and they want to extract .doc files from a pw protected laptop? I'm not asking you to be evil, but have you ever heard a mother cry when she can't get onto her dead child's laptop? It'll stop you cold in your tracks. I get the ethics problem. My daughter was 20--I even have people sometimes suggesting that I can't get her blood analyzed for toxicology because "she was an adult"--where's the consent? I will win that one--my child was a child. She was my only child.
And in Arlington, VA, they have a very nasty habit of never doing autopsies once the authorities have labeled the event "a jumper". Just putting it out there.

Bottom line: never fight with a mother or father who has just lost their child--you can't possibly ever win. Either way, I'm writing this howto, with all the clean and dirty tricks I know to help the other parents access their dead children's data online. I could use some help and advice.

I could use some help.

AdjuvantAugust 24, 2014 2:13 AM


My sincere condolences for your loss.

It's an interesting conundrum you bring up, and one that is very much in the news with respect to recent law changes in Delaware, based on model legislation likely to be adopted in other states as well:

I'm not the best-qualified person here to address your questions, but dilettante that I am, I'll take a crack at it.

With respect to online accounts on third-party servers: short of resorting to black hat hackers, your options to gain access without the login credentials do seem primarily to be a question of estate law and of the individual privacy policies of the various service providers. I did identify an option to help you wade through those policies, though. A bit of Googling turned up the following list of services:
Most of these seem to be concerned exclusively with pre-planning, with one exception:
"WebCease identifies active online accounts for the deceased and instructs on the different options for retrieval, closure or memorialization in accordance with the policies of each site."
I'd investigate what they have to offer.

I also found a couple of websites dedicated to the issue, one of which is maintained by an estate lawyer:
It might be worthwhile to contact the webmasters for their insights.

The other side of the issue is retrieving data from hardware to which you physically have access. Unless the drive has been encrypted with a strong password or passphrase, you're in a much stronger position here. Knoppix or any Linux Live CD will let you retrieve any unencrypted files, but since what you're doing at this stage is essentially a rudimentary form of digital forensics, you might want to try a Live CD specifically suited to that. DEFT Linux would be a good bet, and hera are a couple of other lists

Although it's not necessary in order to retrieve the files, if you want to actually log in to a password-protected Windows install, the tool of choice would be Ophcrack

A high priority once you have access would be to recover any login credentials. You'd want to focus on any password managers and on the web browser(s). If you can recover the login credentials or make use of valid session cookies that have been preserved, you will be able to avoid the hassle of wrangling with service providers. One of the open-source forensics CDs might be able to help, or you might try downloading a free trial of, e.g., PassMark's OSForensics. and see it that gets you any further.

Having no real expertise here, I'm not sure how much further I can advise you. Time spent on and other relevant sites may well be rewarded.
Ideally, you will want to consult a forensic specialist directly for further guidance on how to glean the most data from any hardware you can lay your hand on.

I wish you all the best of luck, and I'm sure your guide will go a long way towards helping other families.

SpellucciAugust 24, 2014 6:23 AM

@Tamara, sorry for your loss. Really.

@Curious, the Delaware Fiduciary Access to Digital Assets law,, is a recent security story in the news that Bruce has not covered yet. Tamara's reference to it fits with the Friday squid theme. The Washington Post obituary,, made me think hard about how I wanted to respond to a possibly grieving mother's request for help.

JacobAugust 24, 2014 6:34 AM

@ Curious

I would have expected from someone with such a nick to be more open to other people, unless you have a very strong indication that the postings are fake.

For me it strucks as a terrible loss for a family, with technically-inclined mother who wants to share her grievous experience. Since the blog touches also on social aspects of computer security and privacy, this is a proper place for discussion.

Also, if you google for 5 seconds:

JacobAugust 24, 2014 7:05 AM

Since this thread becomes a focal point for methods and ideas for a secure dev environment, I thought to also link the recommendations of the Freedom Of The Press Foundation for their "SecureDrop" implementation.

Originally developed by the late Aaron Swartz and by the ex-blackhat Kevin Poulsen and used by the media outlets trusted with the Snowden Docs,it details how to set up a secure environment for document submission and viewing.

Interestingly enough they use UBUNTU for the server - but with the Grsecurity module (which I was not aware of its existence before)

ThothAugust 24, 2014 8:18 AM

SecureDrop requires some rework especially the USB stick part. Now we know there is BadUSB, we should be even more careful about using USB mediums.

One thing lacking in this design is the lack of knowing if you can trust the journalists and the people who setup the environment for the secure drop.

TLAs for printers, USB devices ... you name it, NSA has it. TAILS won't cut it anymore.

Caution should be taken if HTTPS protocols are to be used because the powers that be can inject certificates.

Looking at the SecureDrop setup, it's rather amazing how much trust people put into stuff like Ubuntu, Google Authenticator, TAILS, USB, printers, certificates...

First of all, Ubuntu is not really a secure OS to go to. I would still stick to openBSD. Next, Google Authenticator ??? ... I won't go anywhere near Google stuff if I want to do highly sensitive high assurance security setups. Air-gaps are meaningless these days. I would just rip out the network card on the high assurance computer besides uninstalling the network driver. Printers should be classified as insecure partition layer. My previous post where I attempted to create a security schema for Ciphershed devs scenario can be used as a blueprint.

One time use CD/DVD or at least use the SSH to transfer text files in ascii-armoured, base64 or utf-8 format to each other would be much better than USB sticks unless you are going to transfer to the high assurance computer then you need CD/DVDs as it's off the network grid.

We know that the NSA have the capability of targetting Tor and de-anonymizing single targets. It wouldn't be hard for the NSA to configure themselves in a way they surround the SecureDrop servers with their own nodes to handle traffic to the SecureDrop servers.

I think the biggest give away that this SecureDrop blueprint is not done to any good assurance level is the Google Authenticator and the USB stick.

In summary, within the news organisation, can this SecureDrop prevent agents within the organisation from ensnaring whistleblowers ? Outside the SecureDrop environment, can the powers that be surround the SecureDrop network with their own nodes and compromise whistleblower and news organisation capability ?

This whole SecureDrop schema requires a complete rework.

JacobAugust 24, 2014 9:00 AM

@ Thoth

Although the current implementation of SecureDrop has some flaws in it, as you've pointed out, I've always wondered what would be the proper mix of paranoia and usability. And the correct answer would probably be: it's up to the individual and his psyche.

Take for example Truecrypt. People use it to protect information that if discovered will cost them dearly, and in some jurisdictions their life, but still run it (even the security-conscious lot) on Windows machines. OTOH, they distrust BitLocker - albeit made by the same OS company.

I, myself, do not think that the SecureDrop system must undergo a complete rework, but certainly, as new subversive methods are discovered in the field (like badUSB), one needs to review his implemention and make the necessary corrections.

BTW, I just searched for any vetting of the SecureDrop implementation, and Bruce himself had a say in that:

ThothAugust 24, 2014 11:30 AM

SecureDrop is a matter of life and death to the whistleblower. For state actors, whistleblowing would not be treated kindly despite of intentions or the controlled and redacted release of information. To most state actors, whistleblowing is as good as treason in their eyes and they would not be very kind. Snowden fled to protect his own life so he could continue his work in releasing the documents and once his work is done, he is somewhat more content. Mannings kept indefinitely behind bars. Some whistleblowers escaped death due to public pressure on the state actors (yes politics work if delivered properly).

Bruce have vetted the SecureDrop but that does not mean it is the most secure versions. The fact that Google Authenticator was part of the workflow is rather unnerving.

If any state actors manage to break SecureDrop, it's probably another blow to the cause the vetters and creators of SecureDrop had in mind and lesser people would dare to come out and do their things.

What I am referring to is a high security assurance SecureDrop where human lives are at stake so if parties using SecureDrop insist on insecure setups (Windows OS, Google Authenticator, USB devices... etc...) then they have to pay the price if it breaks.

One thing they can do is partition into high assurance, medium assurance and insecure network as I mentioned earlier. They can use Windows for the insecure part but for the high assurance, they need to be very sure they know what they are up against. Most people use Windows because it's an out of box lazy solution for the insecure part which is fine as long as no high security stuff is done on it. For the Ubuntu servers, I wouldn't even bet on it as medium security at all. Ubuntu tried to introduce concepts like running Javascript on Desktop and HTTP Ubuntu Lens which are insecure and degrades privacy out of the box (although these may not be included in the server versions) but it shows they are willing to degrade privacy for their Desktop nice goodies but later they made it optional due to pressure if my memory is correct.

Iain MoffatAugust 24, 2014 2:22 PM

@Jacob and Tamara

At a slight tangent to the topic started by Tamara my own recent loss of my father (who being born in the 1920s was not a computer or internet user) has led me to think about both what I want my family to get and what I don't when my turn comes. My father had a few things in his papers that I think he would rather no one had seen (and I have made sure by physical means that no one else ever will) so I think preparing one's digital legacy involves both making sure that there is a secure, physical, offline master key to the part of one's digital world that one wants to survive and also careful partioning of what is supposed to survive and what is not.

I use separate e-mail accounts for personal and business and public forums, originally to avoid SPAM in my personal account, but I have realised also that this will allow my heirs to get to what they need for administration of my estate without having to worry about them judging my personal messages by the standards of future decades and my correspondents worrying about the privacy of what they send me!.

The best I have yet thought of is a paper record of a password archive master key to be split between geographically separate custodians unaware of each other but aware of the lawyer who holds my will.

My sympathies to Tamara in her loss


FigureitoutAugust 24, 2014 3:16 PM

Nick P
Well, the CipherShed post has over 100 views and no comment. Guess they're ignoring it lol.
--Who cares, just let it go. They're the ones that got hacked. And RE: their stated goal, lol well maybe they think you're offering "corrupted advice". Wouldn't be the first time (kidding lol).

--Neat little project, looks fun, "good luck". Let us know how it goes. May have to do some motherboard soldering myself on this older desktop that has bleeding caps but "it still works" lol...not very re-assuring, I know. Definitely practice as much as you can on your scrap, be able to solder in a wire to pins w/ a nice looking joint (volcano-like and shiny). Surface mount de/soldering is difficult and make sure to get decent tools/materials (not really cheap crap). Tin your wires (add solder to them) and the tip of the iron. Use self-cleaning flux for the iron when your done too (if you want it to last longer). Also, my problem w/ soldering sometimes is "not going for it" and being too slow or not applying enough pressure. Resulted in some god-ugly joints, somehow still worked. Also, seek out a "solder-sucker", I have this one:

Tamara Benson
--Yikes, have had to deal w/ suicide issues; thankfully we spotted it and had to essentially spy on and lock down items all over house (still ways around it of course) and I *think* it's over now. Terrible stuff, at least you're doing something *POSITIVE* and just keep living. Never know what to say in these situations, besides that someone may need more info (yikes...) and have a go at the machine and know the name and start looking for accounts. If she employed some obfuscation that would complicate things.

I'm thinking one of the reasons they aren't giving you data is also social engineering concerns, which is sad.

Most people use Windows because it's an out of box lazy solution for the insecure part which is fine as long as no high security stuff is done on it.
--Well that and also that there is no alternative in some cases for specific chips/applications. Oh the joys of embedded programming, where your tools change every year, code breaks, and you have to jump thru a new obstacle course to get a frickin' clean compile. In-house writing an IDE on the order of something like a CodeWarrior is just not possible for a group of 2-3 coders who've got other projects. That's for Freescale. Atmel has some Linux tools but their in-house one is Atmel Studio, which shouldn't take too long to see it's just like Windows Visual Studio.

Maybe I haven't used it enough yet for it to "grow on me", but I don't really like using Eclipse, which companies use to make a spin of an IDE.

You could also do a VM, but when an error strikes (and it will), that'll be fun to diagnose if it's a VM problem, compiler problem, or your code problem. For instance, over the summer, on two identical machines, same OS (very different users though), an I2C variable that was explicitly defined in another header file like "IIC1A" would compile on another machine where it was being used as "IICA" in .c file, yet wouldn't compile on the other where you needed that definition. What the hell..? That's messed up...

Finding a simple pin definition for a chip should be simple right..? No, it wasn't. Tucked away in some god-forsaken mess of files w/in the IDE. As was stated before, "It's a miracle it all somehow works..."

JacobAugust 24, 2014 3:30 PM

@Iain Moffat

You may want to consider splitting the master key among custodians according to the Shamir's Secret Sharing protocol. You distribute to each of m people a secret, and the Lawyer need n people out of m to unlock your digital safe. You define (n,m).

That way you don't deprive Custodian A from opening the safe if Custodian B refuses or can't cooperate.

See for example

(caveat - I haven't downloaded the code. Note that on the test page you need to copy/paste the split entries into the Combine box)

Iain MoffatAugust 24, 2014 6:21 PM

@Jacob: Thank you for that - loss of parts of the secret simply due to the passage of time between when it is created and when it is needed is a real risk in this application. I think however that I will have to resort to a much simpler pencil and paper method rather than use Shamir's in view of the people involved (not to mention the change in technology over anything up to 40 years rendering a program that works now impossible to run) and accept the need to substitute cryptographic security with redundant data, opsec and obscurity.

Tamara BensonAugust 24, 2014 7:29 PM


Thank you so much for all the links and advice!

Thank you for your kindness--I hadn't considered that so many would find her obit.

Thank you for helping me with the link and advice!

Please consider this: after my daughter died I found a LOT of her "Uglies" online, in addition to a LOT of her "Beauties". All of it made me love her and understand her more. The things that may 'embarrass' you now may be the things that help a loved one or historian later understand how wonderful you are.
Just putting it out there as Victoria used to say.

Good for you! Remember that the only one you control is yourself, and honestly we all wonder whether we really control even that part of our lives. Communication is good, love is boundary-less and forgiving.
I wish you well! If it's a young woman in your life, see Allie Brosh's Hyperole and Half and Jenny Lawsons 'Let's Pretend This Never Happened'---they have helped me to understand, and made me laugh out loud at how silly life is.
If it makes you feel any better, my first book for my daughter will be called:
"What Is This Sticky Shit On the Counter???--and why I love you always".

hmmm, you kinda trolled me there, I had the most sincere desire to prove to you that my daughter Victoria lived and then died--one of a parent's fears is that their child will be forgotten.
So, I won't react emotionally. But I will give you this, which I only found because I was able to access some of her online account info: one of her songs

And Vic playing guitar at Bean Good here in Rosslyn:

Thanks to all of you for so much help. I don't want our lost ones to ever be truly lost. Some people are close to the only reason we exist.

Nick PAugust 24, 2014 8:06 PM

@ Thoth

Yeah, the second I heard the words Ubuntu and Python I knew that box was toast. It's gotta be the worst combo for a system likely to be attacked by TLA's with skill and 0-days. They might as well give the Five Eye's countries SSH access so at least their exfiltration doesn't leak the data to other TLA's trying to MITM the box. Lol.

@ Figureitout

"Who cares, just let it go."

I don't and did. The post was just a report basically.

"And RE: their stated goal, lol well maybe they think you're offering "corrupted advice"."

That did cross my mind. As I always say, though, the cool thing about security is you can vet the words/work instead of the person. Then the irony is that most people too paranoid to consider my designs or equipment are operating equipment thats *far* less trustworthy. An irony that always brings a devilish smile to my face.

"Wouldn't be the first time (kidding lol)."

First time here maybe. Not the first time in general. I try for a lulz a day. ;)

Douglas McClendonAugust 25, 2014 4:47 AM

Money + Your Phone# buys anyone in the world your location FULL STOP

Today's story from the Washington Post
At The Post’s request, telecommunications security researcher Tobias Engel used the techniques described by the marketing documents to determine the location of a Post employee who used an AT&T phone and consented to the tracking. Based only on her phone number, Engel found the Post employee’s location, in downtown Washington, to within a city block — a typical level of precision when such systems are used in urban areas.

“You’re obviously trackable from all over the planet if you have a cellphone with you, as long as it’s turned on,” said Engel, who is based in Berlin. “It’s possible for almost anyone to track you as long as they are willing to spend some money on it.”

AT&T declined to comment for this story.

Read the full article which does a good job of adding that two to this other two-

The FCC recently created an internal task force to study misuse of IMSI catchers by criminal gangs and foreign intelligence agencies, which reportedly have used the systems to spy on American citizens, businesses and diplomats.

WinterAugust 25, 2014 4:50 AM

"On the highest level secure computer, generate your RSA/DSA keypairs onto a read-only CD with encryption on the keypairs."

I was wondering how you ensured high entropy when generating these keys. On a fresh install, airgapped computer, there are not that many sources of entropy.

But I really have no idea.

JacobAugust 25, 2014 5:54 AM

High entropy is required to protect your selected random value from an adversary, interfering with his ability to guess what you had selected or the next value that you will select.

Although Thoth mentioned "strict network filtering" for the highest level secure computer, from his full comment body I presume he meant air-gapped. If this is the case, and the computer is not shared with possible malicious actors, then high level entropy requirement is moot - any fair quality PRNG will do.

ThothAugust 25, 2014 6:10 AM

There isn't a lot of sources for random seeds as it's an air-gapped computer. One way is to switch on and run a good PRNG giving it time to seed (probably give it 20 minutes to do it's stuff) before using the PRNG for random numbers.

Otherwise you can build your own TRNG like what Tinfoil Chat did and plug it to your air-gapped computer if you are confident of your abilities.

Most problems with RNGs are due to the immediate use of the RNG before it has time to properly seed itself which is counter-productive.

CzernoAugust 25, 2014 8:45 AM

From the PIII era on, many X86-PC chipsets
have had embedded HRNG, and newer X64 CPUs have one on core, making the generation of sufficient entropy at high speed on such airgapped machines a no-brainer (like, a couple CPU instructions) even where the overall statistical quality of such HRNGs might be in doubt.

Nick PAugust 25, 2014 8:57 AM

@ Czerno

You have to trust it not to be subverted. There's concerns there. I always advocated cryptographically mixing from a number of sources like the Linux version does. The Intel chips can be one of many.

@ Thoth

You overlooked a very simple option: generate the entropy by hand with low tech methods, enter the results into the computer, and use CRNG from there. I've used this method plenty. Got a shitload of dice and cards haha. Takes just a few minutes to set up the first system, then it can set up the rest. You can even delete the seeds off it and reseed it with data from all the rest combined if you want. That way it's not going to be hit with attacks that consider it a hierarchy.

Matter of fact, posting this gave me an idea for a decentralized re-seeding algorithm. Each system on the network can periodically send a random number to another. The random number comes from a CRNG. It gets added to the mixing pool. The process can be contained well due to simplicity and low privileges. The result is increased entropy of all systems in the network in the case that whatever source they're using fails. Attackers doing injections will have to control a substantial number of systems (plus beat a hash) to affect the output. Might also limit the amount of random numbers coming in from any given system in a period of time to limit the systems effect. Maybe even one every 1-12 hours depending on how much CRNG is used.

Nick PAugust 25, 2014 9:02 AM

EDIT TO ADD: The hardware TRNG's can be really useful for non-security related work requiring much randomness. This might be Monte Carlo, GA's, Fox News stories, etc.

JacobAugust 25, 2014 9:14 AM

New novel side-channel attack:

Researchers at Tel Aviv University extracted 4096-bit RSA keys from gnuPG just by touching a laptop for a few seconds.

1. Laptop is doing PGP decryption at the time (they discovered that there are mail programs that auto-decrypt any incoming mail - even unattended).
2. Hacker touches an exposed metal on the laptop - could be the USB port, graphics connector or the ethernet port. They can also touch the far end of the ethernet cable going e.g. to a switch box (!).
3. By touching, hacker body collects ground currents that have a direct relationship to the CPU decryption ops.
4. Under his cloths, hacker carries a measuremnt device with the proper analysis algorithm.
5. Key is acquired in a few seconds.

Beware of groping friends!

Scott "SFITCS" FergusonAugust 25, 2014 9:56 AM


Nice find.

1. Laptop is doing PGP decryption at the time (they discovered that there are mail programs that auto-decrypt any incoming mail - even unattended).

Sounds like a fair reward for the criminal stupidity of enabling automatic decryption without requiring a passprase (with a five minute time out). Perhaps it should be mandatory?

Several times I've had people send me their public keys only to have gpg inform me they had no passphrase! Autodecrypt is worse as the recipient of any encrypted data has no way of knowing that they are a party to a moronic exchange. Doing either rends encryption moot and is a serious risk to the other parties if used for shared data.

The only MUA I've seen that sort of setup is with the Enigmail plugin for Outlook (which is the software equivalent of a lucky rabbits foot defence against Ebola).

Kind regards

Gerard van VoorenAugust 25, 2014 10:43 AM

@ Nick P

Talking about the "Why we fight" documentary, something stroke me. I figured out later on what it was. The documentary is from 2005. At roughly 44:00 Senator McCain is talking about Cheney. And right then he gets a phone call from the Vice President (Cheney). It wouldn't surprise me at all that he was being wiretapped and someone noticed Cheyney.

It is speculation, but if true very scary.

Nick PAugust 25, 2014 11:55 AM

@ Gerard van Vooren

I specifically remember that and showed it to friends in the past. We rewatched it together looking very closely at McCain's body language. Here's how the scene goes down for readers that didn't see it:

1. McCain is being interviewed about Cheney's potential corruption and says something along the lines of "it looks pretty bad."

2. Someone in background interrupts interview, with McCain confirming "oh Dick Cheney's on the phone."

3. McCain suddenly looks very anxious.

McCain's a professional bullshiter, is vicious to opponents despite crowds' howls, and survived all kinds of life threatening situations. That a mere phone call from Dick Cheney evokes immediate fear in him signifies something about Cheney. That the scary call came in right as he was talking about Cheney's corruption either means you're right or that even politicians have freaky coincidences.

Why We Fight
(free on youtube)

Can't remember if I posted the link. Has a great opening, too. Anyone who watches it can give their opinion of Gerard and I's analysis of McCain. I'd like to hear other opinions to reduce subjectivity a bit at least with diverse thinking.

WaelAugust 25, 2014 12:43 PM

@Nick P,

Anyone who watches it can give their opinion of Gerard and I's analysis of McCain
For a while... I thought you were cured!

BenniAugust 25, 2014 1:31 PM

Accessing geolocation data from a mobile phone carrier is usually only possible for government agencies who were given the permission by a judge for a domestic mobile carrier.

But how can NSA get the location data of 5 billion foreign mobiles per day, as WashingtonPost mentioned before ?

Well, It now seems that even private companies sell the technology which enables the customers who bought it to geolocate every mobile phone in the world. The geolocation is done by exploiting flaws in the old SS7 network which is used by carriers to share localization data among each other. "Any tin-pot dictator with enough money to buy the system could spy on people anywhere in the world,” said Eric King, deputy director of Privacy International, "It is a strategic solution that infiltrates and is undetected and unknown by the network, carrier, or the target"

AdjuvantAugust 25, 2014 2:08 PM

@Gerard, Nick P:

With regard to Cheney, you may find this lecture of interest. Prof. Peter Dale Scott (emeritus, UC Berkeley) presents a condensed version of the two chapters of his (then-forthcoming) book The Road to 9/11 (U. of California Press, 2008) which deal directly with the events of that day. I've mentioned the book several times here, including a translated excerpt from a review by retired French 5-star general Bernard Norlain in Revue Defense National, but this talk constitutes a valuable summary.

Peter Dale Scott - Richard Cheney, Continuity of Government, and 9/11

I'll provide a partial transcript of the introduction:

The Road to 9/11... [is] a history of America since WWII.... It's phrased rather cautiously because it's being published by the University of California Press. I believe that this will be the first university press volume that calls for the questioning under oath and possible impeachment of Vice President Dick Cheney.

9/11 is a controversial and unfashionable topic like the JFK assasination, and for the same reason. To ask questions about 9/11 risks raising questions about the legitimacy of our government. Above all, it raises questions about the radical restrictions of basic freedoms that have been introduced since September 11, 2001.

The more status someone has in this society, the harder it is for them to listen to suggestions that there is something illegitimate about the power structure in which they have that status. Thus the paradox that ordinary people are more likely to disbelieve the offical theories of 9/11 or of JFK than are people with higher education and greater access to information. My book ... is addressed to this problem of the ignorance of the highly educated....

Since January 2004, I have been calling for "impeach Cheney first." But what I have written is not really a case for impeachment, because I think that at this stage impeachment would be premature, would probably fail. What we needis to build the case that Cheney is a suspect who must for the first time be required to testify under oath.

The 9/11 Report is an example of concerted coverup, partially by omissions, and just as importantly by its cherry-picking of evidence and contrived misrepresentations of facts. And there is a pattern to the misrepresentations....

The 9/11 Report is carefully written, carefully footnoted, and it only really lies in certain places. There is a consistant pattern to the isrepresentations, and the pattern that I'm looking at is the consistent downplaying, trivialization of the role played by Cheney on that day...

A fine use of an hour.

AdjuvantAugust 25, 2014 2:14 PM

CORRECTION: my link above was to Gen. (Ret.) Norlain's review of a subsequent work of Scott's. An excerpt of his review of The Road to 9/11 may be found here

Troy J. FarrellAugust 25, 2014 4:59 PM


If Google Authenticator is bad because it has Google in the name, write your own implementation of OATH-TOTP. It's an open standard and it's easy to do. (I've done it.)

Xer0xerAugust 25, 2014 7:32 PM

How about taking a 'random' chosen encrypted file for a good random source for seeding a PRNG. Maybe take a few randomly selected pieces from an encrypted file and do some xor'ing on them. Maybe you can do this even with a random binary file from your system?

You can even write a small shell script to partly automate this process.

Anybody who thinks this is a good/ bad/ugly idea?

ThothAugust 25, 2014 7:47 PM

@Troy J. Farrell
Google Authenticator in itself is a bad design. Half of it is because of Google's name and the other half is because it's a software-based OTP. High assurance security environment do not allow software based OTP as they are insecure.

Hardware based OTP would usually be a better choice or OTP done in a clean slate with proper high assurance mechanisms. Your OTP software sitting on your phone shares the same workspace with your android games, android apps (not just confined to android) or whatever is in your phone and the chances of having it corrupted is very high.

Some might argue the closed nature of commercial Hardware based OTP so the next solution would be to build your own OTP on a clean slate. One way is to use an isolated computer with the proper assurance I have mentioned in this thread to setup a 'clean slate device' (not very clean actually but better than none) and one of them is the OTP machine and the other is the OTP Server. One good example is open source hardware like Raspberry Pi. The hardware design is open for you to inspect and you can flash your own codes on it if you don't trust it. Mount a small screen on the Pi and run your OTP program on it. It does not have WiFi capability (no hardware on board) so you should be much safer.

Soft-OTP is no OTP.

Nick PAugust 25, 2014 9:18 PM

@ Thoth

I disagree. OTP can be done in a high assurance setting. I've done it in Medium-High with HOTP variant. You need to design it with a high assurance process, then run it on high assurance endpoints. The scheme is so simple that it makes verification techniques easier to apply. As usual, the lack of endpoint security in Google Authenticator means opponents can end run around it.

Look up Perfect Paper Passwords by Gibson for a more interesting one.

FigureitoutAugust 25, 2014 11:26 PM

Tamara Benson
--Aww, so sweet...

Remember that the only one you control is yourself
--Yes I know, so from a security standpoint, there's little stopping someone from just stabbing you in the face out of nowhere on the street (or doing it to themselves), so even as we tried to lock down the environment, I saw way too many holes that made me nervous. I didn't get to stumble on the suicide attempts, my parents did. I did get to read the crap posted online, and see some of the pure scum that exist out there that revel in this dark culture of death and self-multilation; just wrong. Not to mention the creeps that gave out their personal addresses so I know exactly where to find them when the time comes...And I've probably said too much, but if she's reading, she knows her big bro will protect her as much as he can, even if it's against herself...

We caught it early, like any other disease it increases your odds of life. I beat my depression, well I fight it. It's not your fault, she was technically an adult and there's nothing you could've done unless you want to cart her around in chains.

I'm sure she was a pretty girl...

Nick P
the cool thing about security is you can vet the words/work instead of the person
--Yes, but the "words" of a person is their brain talking, which is the person; whether typed or spoken. And attacking someone while they're working may make their contributions less valuable, and their tools, and their psyche.

The thing w/ your "designs", is you haven't really described them such that someone else can really build them off what your say to actually test your claims. That's what science is about. This is what I mean by being specific; then you'll just say "oh if only you "do it right" ". It doesn't help anyone lol, I doubt anyone's "doing it right", it's just a phrase lol. If you want to charge me a consulting fee, then say it (just put it on my tab :p ). OR, if it's a personal security matter, then you shouldn't be saying it in the first place!

RE: a lulz a day
--Oh just one?! Jeez...I get a good 5-10 GOOD lulz a day. At least. Had one the other day being followed by "the same people".

Anywho...back to a SI4432 module, turns out I can do way more than I initially thought w/ it...YES! And I have 2...maybe I could send one your way for a little encrypted RF comms..? :p Sorry no type-safety and traffic won't flow thru a guard, that may be a deal breaker, eh? :p Has a battery pack too for remote operation, only problem is tested range (small, 2-3 km). Just wonder to what extent one can do w/ this thing...just a demo-kit...

Nick PAugust 26, 2014 1:07 AM

@ Wael

"For a while... I thought you were cured!"

Oh you're funny. The doc said he only cured the root cause. All the symptoms will remain indefinitely. I thought his priorities were reasonable... and didn't. :P

@ Figureitout

"Yes, but the "words" of a person is their brain talking, which is the person; whether typed or spoken. And attacking someone while they're working may make their contributions less valuable, and their tools, and their psyche."

Code can be evaluated. System design details can be evaluated. Strategies to mitigate certain issues can be evaluated. And so on. I post plenty that can be evaluated. Sometimes, I post a specific set of features that could combine into a very secure machine. I've also posted how to assure a machine at each level. One can be used to build the other. But in many cases...

"OR, if it's a personal security matter, then you shouldn't be saying it in the first place!"

...that's closer to the reason. What I do here is like walking a tight rope, esp being in Five Eye's territory. Besides, the work it takes to go from certain designs and development processes I give to a product with low risk isn't that hard. It just takes time and a bit of brains. My real security comes from the fact that most won't trade away what they have for what they need. Convenience, apathy, feature obsession, and so on. The impact of my creation would be so minimal, while taking so much work/money, that the lack of sales or FOSS support would kill the project before NSA tried to. And if they felt threatened, they'd have so many options it's not funny. Is the tiny success of a high assurance product for a short period worth the developers freedom or life? Nah...

I'll tell them the what and how, though, as one day someone might do something. I know our discussions contributed ideas to Tinfoil to some degree. It's the strongest secure chat concept I've seen, with the guy actually building it. There's other projects in U.S., U.K., Germany, Australia, Netherlands, and more building other stuff that I compliment more than critique. So, I know it can work if people pay attention and *try*. Most don't, even INFOSEC "professionals." (sigh)

re lulz

At *least* one. Some days I'm genuinely nice. Some times I'll burn someone half a dozen times in one conversation, then finish with funny shit about something else. Smooths it over, keeps them asking for more. ;)

re SI4432

I'll pass on that for now. I'll devise a solution when I'm ready for all that. Keep playing with it and exploring, though. Squeeze everything out of what you got. If nothing else, it will make you smarter and more resourceful than others. And it's fun, too. :)

name,withheld.for.obvious.reasonsAugust 26, 2014 6:26 AM

Definition of "ENEMY AND ADVERSARY IN CYBERSPACE" in Army Field Manual 34 states the following:

3-46. A cyberspace threat can be characterized based on intent, sponsorship, training, education, skills, motivation, and tools. Two examples include advanced cyberspace threats and hackers. Advanced cyberspace threats are generally supported by nation-states and have advanced education, training, skills, and tools that allow these threats to remain undetected for extended periods of time on improperly defended networks. Hackers have a broad range of skills, motives, and capabilities and must be assessed independently. The level of the cyberspace threat is the combination of the actor’s ability (skills and resources), opportunity (access to target), intent (attack, surveillance, exploit), and motive (national policypersonal reasons, and others). Cyberspace provides adversaries an effective and inexpensive means for recruitment, propaganda, training, and command and control. Nations and nonstate actors may use cyberspace, supporting an information campaign in combination with lethal attacks, to forward their interests.

The concerning issue is denoting motive that could include constitutional speech--this is the demonetization of the citizen.

CallMeLateForSupperAugust 26, 2014 11:48 AM

Oh great.... The mandatory cellphone kill-switch is now law in Cali-pornia. Phones mfg after 15 July 2015 and sold w/i CA must have the remote kill-switch.

Hmmm... Suppose I acquire a phone from one of the other 49 states? Some CA phone seller loses a sale; CA loses sales tax but gains a phone that has no kill switch. Everyone still happy?

How long will it take for script-kiddie types to figure out how to brick phones? Even more scary: what's to prevent cops from bricking phones? And if there's "a glitch" and it's *your* phone that gets bricked instead of Bad Guy's phone, you'd never know that fact and could not seek redress.

SkepticalAugust 26, 2014 1:15 PM

@Gerard: At roughly 44:00 Senator McCain is talking about Cheney. And right then he gets a phone call from the Vice President (Cheney). It wouldn't surprise me at all that he was being wiretapped and someone noticed Cheyney.

@Nick: 1. McCain is being interviewed about Cheney's potential corruption and says something along the lines of "it looks pretty bad."

Eugene Jarecki, who made the film, describes the scene not as McCain responding to a question about Cheney, but rather: ...responding to a question about the controversial awarding of no-bid contracts to Halliburton, McCain concedes, "It looks bad. It looks bad. And apparently, Halliburton more than once has overcharged the federal government. That's wrong." When pressed on how he would tackle this problem, McCain boldly declares, "I would have a public investigation of what they've done."

Of course, the clip preceding McCain's appearance features Perle dismissing the idea that Cheney had any influence over Halliburton being awarded contracts. This leads, naturally, to the assumption that McCain is responding to a question about Cheney and Halliburton.

But apparently McCain was actually responding to just a question about Halliburton (and giving a fairly innocuous answer to boot - gee, it looks bad that they received a no-bid contract, and, you know, overcharging the US Government is just wrong - we should look into that!).

As to McCain's reaction in the video, I don't perceive any fear about the call, but I do see a conflict about how to handle the interruption with the interview. Perhaps he resisted the temptation to make a joke about Cheney calling during a question about Halliburton; perhaps he thought it would simply look bad on camera and is cognizant of the optics; perhaps his impulse was to simply tell the interviewer (rudely, bluntly) to get lost, he had more important things to do, but instead forced himself to smile and be gracious. It's the last possibility that seems most likely to me.

I'd add that a theory that Cheney was somehow monitoring an interview being given by McCain, and called McCain in mid-answer to interrupt him on camera, is wildly implausible, even were one to accept the darkest theories about Cheney.

JacobAugust 26, 2014 2:36 PM

@ Nick P

There is a response to your comment at ciphershed by one of the developers.

Gerard van VoorenAugust 26, 2014 3:06 PM

@ Skeptical

You are probably completely right. The coincidence however is striking and if I was a conspiracy theorist I would say that this is evidence. But it is only speculating.

Nick PAugust 26, 2014 5:47 PM

@ Skeptical

re Halliburton vs Cheney

It's a good point. It seems like the editing could be doing it on the surface. Yet, Dick Cheney's reputation and career will be at risk if the nobid contracts his former employer got were investigated. McCain's position on Halliburton has implications for a negative position on Cheney. And could be politically uncomfortable for Cheney. The article you linked to also says this:

"Some see McCain's sudden departure as perfectly normal. He's a high-ranking Senator, and the Vice-President is calling. Others see McCain's departure as evidence of a too-close relationship with Cheney. They note a certain embarrassment in McCain's body language. To yet a smaller, third group, McCain's reaction underscores Dick Cheney's omnipotence in Washington. Given the Administration's penchant for wiretapping, one viewer laughingly told me he thought perhaps "Cheney had decided the interview had gone on long enough."

You're apparently in the first group. But, getting a call from another government official during an interview should'nt have an effect on him at all. It's undoubtably happened many times. I'm closer to the second, as previous cases indicated Cheney's strong influence on many levels of government during that time period. McCain is saying something critical about events Cheney likely had something to do with, hears Cheney is on the phone, and gets uncomfortable for some reason. Gerard and I looked at the third group as a "what if" thing. It's a possibility (esp for Cheney), but it's improbable and not supported by evidence.

@ Jacob

Thanks for telling me. I'll go check it out.

sena kavoteAugust 26, 2014 9:28 PM

Closest thing to a writeblock switch in USB storage

Some things are possible to do with software that come close to having a physical write-only switch in USB stick or external usb hard drive. Some ways these methods have advantages in addition to downsides compared to write blocking switch.

1.Let's start with easiest to implement, but most cumbersome:

Have 2 sticks. Stick A is used to boot up OS that automatically checks usable OS in other stick B, and also contains backup data that can be used to revert altered blocks in B. Stick A has cryptographical hashes of every block in stick B. The hash format may be sha256, sha512, or if it speeds up booting, something that relies on secret keys. Block size should be larger than device block, and it is more important to align with files than with hardware blocks.

After the checking OS in stick A is booted, the whole OS and hashes can be loaded to RAM and stick A removed. This way only one USB port is needed. But it is also possible that directly comparing data instead of computing hashes is faster. It may depend on computer and the type of USB sticks. Different usb 3.0 stick models have differences in performance. To compare data directly, 2 usb ports have to be reserved, or the reliable data has to be loaded to RAM before check. The checking OS could also do a speed test to decide if to compute hashes or to compare data. It can first compute hashes 2 seconds, then do data transfers and comparing 2 seconds, and then use the faster method to check the rest.

Stick B can have any .iso file written to it by dd(if dd works for that OS), or live OS installed by unetbootin, or almost any normal OS in non-live form, possibly even including Windows or macOS, installed to it by normal OS-installer.

2.More difficult to implement but easier to use system:

OS in stick A boots up, core of OS and hashes of every block in stick B is loaded to RAM, stick A is removed, stick B inserted, OS checks hash of every block in stick B before loading that data normally and allowing execution. Once desktop like LXDE, KDE or Gnome is loaded, clicking some software icon will prioritize the checking of block hashes related to that software so that the chosen software can be loaded and executed next. It is best to do only off-line tasks and tasks with safe file formats until all hashes are checked. If there is infection to be found, and OS gets new infection before the old infection is found, it can tie user's identity to that previous infection and reduce anonymity, and also can prevent the user from knowing about that previous infection.

After every hash is checked, the hash checking program with it's hash data, vanishes completely from RAM, leaving only a basic vanilla Linux OS like Debian or openSUSE visible to attackers. Here is the possible advantage compared to write-block switch. There is a honey-pot quality to it, that can reveal to users who are not malware researchers, what kind of malware is attacking them, and then possibly send the altered blocks to further study by malware researchers. The data transfer method in this case may better be postal letter with microSD card or miniDVD, or public wifi with metal can directed antenna.

AdjuvantAugust 26, 2014 9:59 PM

@Nick P, Gerard, Skeptical: Speaking of coincidences, I went to review the footage for myself, and the relevant portion of the film appears to have gone missing in the version that Nick P linked to (uploaded by "bladerunner"). Not sure whether it was present when Nick P first directed us to that version or not, but here's another link to the relevant portion of the film as uploaded by another user:

As for what we are witnessing in this episode, I would say it's plausibly consistent with the notion that someone was listening in and keen to end the interview at a key moment, but I'd qualify that assessment as follows: first of all, there's a cut just prior to the moment in the footage where it's announced that Cheney is on the phone, with no indication as to how much time has elapsed: the uncut footage would be relatively more useful. Also I don't see fear in McCain's reaction so much as uneasiness or embarrassment, and perhaps a flash of incredulity or anger when McCain squints (at 2:31 in the link above). But ultimately, it's only one data point consistent with many plausible interpretations.

@ Gerard
If I was a conspiracy theorist...
There's been some interesting work done recently in tracing the history of that term ;-)

I hesitate to share this blog link since it overstates its thesis just a bit. The links to the interview with Prof. Mark Crispin Miller (NYU) and particularly to the primary source, the CIA's encyclical Countering Criticism of the Warren Report, are more valuable. The word "Conspiracy Theory" was invented by CIA

Also, a more recent scholarly treatment: Conspiracy Theory in America (U. of Texas Press, 2013) by Prof. Lance DeHaven-Smith (Florida State U.).

AdjuvantAugust 26, 2014 10:20 PM

Appended for good measure: an incisive critique from Peter Dale Scott of DeHaven-Smith's novel but problematic proposal to replace the notion of "conspiracy theory" with the concept of "State Crimes Against Democracy (SCADs)."
(Link is to WikiSpooks only because of their handy HTML anchor; original is here

Nick PAugust 26, 2014 10:54 PM

@ Adjuvant

I didn't watch the link. I picked the oldest and most viewed of my search results (usually works). I figured it was the first in a series of vids that collectively made up the movie. Thanks for posting a better link.

re conspiracy theory critiques

I was aware of (and annoyed by) the common use of the term whose users act almost like its a religion to them. Not much different from the more intense "conspiracy theorists." Just opposite spectrum. Thing is, though, I figure conspiracy is a normal part of human behavior and looking into potential conspiracies (long as evidence/probability is followed) is far from misguided. So I posted the essay below as the best I could do at the time at an empirical approach to the situation.

JacobAugust 27, 2014 3:38 AM

@ Nick P

I've read you post over at Ciphershed. Very detailed and educational. I am sure that, even if only partially implemented, will benefit them quite a bit.
That post also gave me a new perspective on how to properly secure a developemnt process.

CzernoAugust 27, 2014 7:28 AM

Subj : truecrypt audit, ever ?

The page istruecryptauditedyet apparently was last touched on April 14th.

Not insinuating that Dr Matt Green is just pocketting the 30,000 some $ raised for the audit but... it's a bit annoying there are no news, no interim progress reports or such, nothing, zilch !

Whaddya think ? I'm feeling like we won't ever see the truecrypt audit completed, ever. But ICBW

CabbageControlAugust 27, 2014 7:31 AM

Nick P mentioned some time ago that IBM i is a tagged memory system.
In my tests I only found the missing page protection that any MMU provides, not surprising since OS/400 now runs on the same hardware as AIX. I tried this on three types of teraspace/non-teraspace options.
A weird thing is that copying a 128-bit pointer byte by byte creates a pointer that looks identical to the source pointer but compares equal to NULL and is completely useless. This does not apply to 64 bit pointers, and breaks some branch-free security bignum code.
Sorry for bringing up the dreaded Scottish operating system.

and the beat goes onAugust 27, 2014 8:21 AM

I heard someone messing with the ceiling right below me, about a meter, vertically, from where I use my laptop. Hopefully they're just hanging plants. Are there other possibilities I should be concerned about, involving wifi or other security issues?

JacobAugust 27, 2014 8:26 AM


I happened to think about that a few days ago.
Being optimistic, I speculate that they try to set up their foundation as a tax-exempt organization before spending the money.

Regardless, I would expect some official word on this - even to the tune of "we still need to go through some admin issues - expecting to start Phase II in x months".

A good place to try to get a handle on things is @matthew_d_green or @Kennwhite on Twitter.

Nick PAugust 27, 2014 10:42 AM

@ CabbageControl

Interesting. Explanation is probably because it's *not* a hardware-enforced, tagged system in iSeries. Well, not like before. I previously posted that System/38, the original, was a capability-style architecture whose hardware enforced certain properties. It later became AS/400 on different hardware (i.e. POWER). They kept the overall software architecture, including security features, but enforcement was no longer by hardware. Their descriptions are vague so I'm guessing that they do the checks at compile time and some checks might be in microcode/firmware. IBM i-series was next line that integrated things like PowerVM. I'm certain it has no better assurance here than AS/400 and might have less due to increased attack surface.

Below is the online reference about System/38 and other capability architectures. I suggest you take it one chapter at a time to see the underlying theory & how the architectures evolve. Personally, I think the System/38 architecture was brilliant as it's tradeoffs ensured most of it survive to this day in a very reliable, largely self-managing, business machine. I'd just rebuild the System/38 as FOSS for my secure design (plus a few features) but IBM's legal team would be the death of my operation. Oh well...

Capability-based Computer Systems (Free eBook)

Note: Intel i432, Burroughs B5000, and the RISE FLEX Machine are worth looking up for hardware-backed security & reliability. Modern one's are, Cambrige's CHERI processor, SecureCore, and Microsemi's CODESEAL product.

Nick PAugust 27, 2014 11:08 AM

@ Czerno

Truecrypt got shut down by its developers, who encouraged migration away from the code since it will be unmaintained. Green reported on this himself. So, auditing it has no practical value anymore. Ideally, he'd take that money and retarget his efforts on another good OSS disk encryption system. Maybe even Ciphershed because they're starting with the Truecrypt code and he's already familiar with it.

sena kavoteAugust 27, 2014 12:21 PM

Re: Auditing Truecrypt

@Nick P

"So, auditing it has no practical value anymore. "

Yes it has. Lot of truecrypt installations probably will stay as they are now, for 10 years. This will greatly depend on the results of this truecrypt audit. If the audit result is bad for truecrypt, lot of people will change to something else. If result is good, people will do new installations with existing version of truecrypt, or transfer raw media data bit by bit to similar media, if physical durability of hardware is a concern.

I would recommend LUKS or encrypting files with gpg by symmetric keys+RAM disk for handling unencrypted data+no swap partition.

JacobAugust 27, 2014 12:26 PM

@Nick P

Kenn White, who co-chairs the auditing process with Matt Green, specificly proclaimed, since early June (a few days after the site's shutdown) that the crypto Auditing will take place regardless.

Also from DEF CON 22 (two weeks ago):
"Kenn and Matt decided to move forward with Phase II of the TrueCrypt audit. Thomas Ptacek of Chicago's Matasano Security and Nate Lawson of Oakland's Root Labs will look at the actual cryptography in TrueCrypt."

Nick PAugust 27, 2014 1:52 PM

@ sena

Good point. That people will continue to use unsupported software is a legacy issue. It means it has practical value *to them*. It will have practical value to me until the OS the last version runs on is unsupported by software updates or if the machine is 100% air gapped. So, there's certainly some value there. All I'm saying is that it's in the process of dying, with other efforts (including Truecrypt-based) that are growing and receiving bugfixes. Better to audit them so the audit's results keep producing value for everyone.

@ Jacob

Thanks for the news. Good they're at least doing what they promised. As I said above, the audit has some benefit. I'd contact projects like Ciphershed to see what Truecrypt code they're keeping, then focus on that code the most. That would both audit the inactive Truecrypt, while somewhat auditing the active projects. Win, win.

Nick PAugust 27, 2014 4:45 PM

Good article on Closed Internet vs Open Web on The Guardian:

Of course, it's not so black and white. We can invest in companies that make money, but don't do as much silo-building or lock-in. We can improve (and are improving) web standards to fix it up. We can build Internet services that do replace the web, but keep at its utilitarian goals. And so on. Many possibilities.

I myself am known for being a Web opponent. It really just simplifies retrieval and sharing of a specific kind of data using inefficient, insecure methods. There were alternative platforms even when the web was created that could've been given the same property with a little work*. They were typically used in client-server native apps. Standardizing on an easy distribution method and cross-platform runtime would've solved the problems the web had while giving drastically more capabilities. We've mainly seen platforms like .NET and Java do this, but they're way more heavyweight that what I envisioned.

* Actually, Tanenbaum et al's Globe toolkit was mapped to Web with advantages of both Globe and Web. Too bad technical superiority is rarely the winning criteria.

Gerard van VoorenAugust 27, 2014 6:02 PM

@ Nick P

"We can invest in companies that make money, but don't do as much silo-building or lock-in. We can improve (and are improving) web standards to fix it up. We can build Internet services that do replace the web, but keep at its utilitarian goals. And so on. Many possibilities."

Yes We Can.

I think these 3 words say a lot. The web isn't driven by technically things that engineers want. It is driven by "handy" and "fun" and "just works". These 3 arguments make things very complex and requires massive code. If it was up to me a website of 1995 would be good enough. No pup-ups or ads, no tracking. But today we want to see highly polished sites and the people behind these sites want revenue, users that log in and that kind of stuff. They want vendor lock-in with apps and an app store. And other players want an insecure web where you need special tools to have to protect yourself. All highly complicated. And it leaks like a colander (thanks to C and SQL).

We can't predict the future, but I don't think things will get simpler. For end users it will become easier and maybe safer, now that we are aware of all the leaks, but simpler and better, no.

9P showed simplicity and security a long time ago. With that there is no need for WebDAV, NFS, even (S)FTP(S) and whatever. But for mixed OS home networks the recommended approach is to use Samba, which is ridiculous complex, has a gigantic code base and is hard to setup right. With 9P it would be easy as pie. The same with Apache, BIND, sendmail and others. Heck, even Linux is way too complex.

So, Yes We Can.

ThothAugust 27, 2014 10:17 PM

In the light of this event:

Some basic OPSEC stuff that most people always forget or ignore:
- Delink all your usernames and passwords to make them illogical to casual eyes.
- Untraceable use of usernames across network.
- Unpredictable habits.
- Unpredictable sources of information and access points to network.

Refutations of commonly deliberate reasons to ignore:
- Anonymity is gone forever. The TLAs can get you. But at least it makes life more difficult for them as they have to wade through a list of usernames and addresses.
- Too troublesome to remember username and passwords. Use a password manager.

Clive RobinsonAugust 28, 2014 2:01 AM

@ Thoth,

The first rule of OpSec is "Not to do, or appear to do anything that attracks attention to you or others".

From what has been said this person appears to have broken that rule (It's also always best to remember "no honour among criminals").

The second rule is "Don't do the activities requiring OpSec predictably"

This he also appears to have broken nearly all the time, which is generaly also breaking the first rule.

The third rule is "always ensure you cover your tracks".

Likewise he also appears from what has been said to have broken this rule consistantly as well. As most criminals who have been caught know, part of this is you "don't leave evidence linking you to your crimes lying around" to be found by others, as that or even the act of trying to keep such evidence hidden breaks the first two rules as well.

There is also those rules of "Don't talk of your crimes", "Do not return to the scenes of your crimes" and "Always change your MO" that make investigation by authorities so much harder...

I could go on but the point is OpSec is hard very hard especialy when you don't have enough accountable distance between you and your legand (back story etc).

Most investigative journalists with years of experiance can not get OpSec right, and deep cover activities has caused quite a few to be executed... Also don't make the mistake of thinking it's something you can put on and take off like a coat, unless you have official backing it stays with you to the grave, one way or another, and that requires a very specialized mind set right from the begining.

Iain MoffatAugust 28, 2014 5:09 AM

@Nick and Gerard: I am with Gerard in thinking that that the Web took two wrong turns in the 1990s.

The first was when the flow of money changed. In the early days people (or their company or university) paid for connections and most content providers used their own computers and had surplus outbound bandwidth that they needed for internet access in the other direction. Because of this there was not much pressure on website owners to monetise their content and many of the annoyances we have today would have been seen as such and had no market. Once access is free (or cheap and all you can eat) and hosting is in paid facilities or paid clouds the temptation (need?) for content owners to monetise everything takes root and leads to all the ads, cross site linking, cookies, tracking and other evils we see today. I think others here have described it as the end user becoming the product rather than the customer.

The second was the development of interpreted client side code as a way to extend the limited client server model of the early web (as apart from using client side helper apps or extending core browser and webserver functionality) which fundamentally changed the security model from one in which I download data to be processed by software I own and install to one in which I download software (knowingly or not) to process data that I own or input. The latter model obviously has a much larger attack surface than the former since the former lends itself to a download-validate-process model with a limited domain of expected and valid data and some ability to control the code running on an end user's computer (Netscape and Office came in boxes from shops back then!).

Probably both could have been avoided if the original HTTP/HTML system had been a bit richer (especially about secure authentication, input validation and uploading large data) - I do see HTML 5 as a favourable development in that respect. But as long as the end user is more the product than the customer most of the other issues such as adverts, cross site links and tracking will be left.


Gerard van VoorenAugust 28, 2014 6:53 AM

@ Iain, Nick P

From the company POV I think a major problem is selfishness, which means cleaning your own alley. Cooperation is what makes everyone better. Does Windows reads ext2 drives by now? Or does Notepad reads UNIX formatted files by now? Why did MS go for OOXML when at that time ODF was already standardized? Utter selfishness. But for the rest of us it makes it all a lot harder. MS actively worked against Samba in the early years. Later on they cooperated, only after being forced. The same with Sun and their ZFS which had a license clause that it prohibited being used in Linux. Selfishness and unwillingness to cooperate in US Big Corp is a major issue, I would rather say an impossible to solve issue. And again, who pays the bills? We are.

We have 4 remote controls for 4 devices, each phone has a different connector and it takes hours, days to get a home network right. The same with backups and the security of the systems. The Synology hack is a perfect example. We have a shitload of complexity and even Dan Geer admits he can't stay up to date with it all.

The same is happening with HTTP/2, which is in fact Google's SPEEDY with added complexity, combined with backwards compatible HTTP/1.1. This is a massive push from Google. Does it solve the existing issues of HTTP? No of course not. It does makes it a lot faster (because it is binary instead of text) and harder to implement in libraries (because of the header quirks). The NSA loves it.

Is HTML/5 all that better? Maybe. It does kill Flash, Silverlight and probably JSP, that is good.

However, I think Sir Tim Berners-Lee is right. In the near future we will end up with a Google only, Facebook only, Apple only or MS only phone, internet, apps, self driving car and who knows what else. And even then we won't notice because it is handy and fun.

What should happen is cooperation, but I am not holding my breath on that one.

Clive RobinsonAugust 28, 2014 10:32 AM

OFF Topic :

Yesterday I went to the London O2 center, via the Emerates Cable Car system. Whilst waiting one of their interactive display screens flashed up a WinVNC connection request from an IP address... A glance at the device showed WiFi antennas connected.... Oh and pressing the screen alowed you to cancel the the inbound connection request... I wonder what the chances are you could hack this system, like the one at Waterloo East...

ScaredAugust 28, 2014 11:41 AM

Interesting, but not surprising:
"Google’s mobile Maps apps for Android and the iPhone track everywhere you go. Every single day. All of the time.
It can be jarring when you first realize how much data Google Maps is collecting, and how precise it is, of course. Even when the app is closed, your every move is tracked and stored on Google’s servers. Every day, every week, every year."

Now here's the really interesting part: The article suggests you go here:
...when I did that on my PC, a Google screen came up and suggested I logged in to Google using my Yahoo account, and guess what: it had already entered my yahoo email address AND my password (I presume, because it was the right length). I didn't want to log into Google, I never had. How would Google know my yahoo password if they don't do key logging?
I never use autofill for passwords.

SkepticalAugust 28, 2014 11:57 AM

@Nick, Gerard, and Adjuvant re McCain/Cheney - gracious and insightful comments all.

@Clive re OPSEC - of course there's a broader operational rule to which OPSEC considerations are subordinate. That is, when the costs of OPSEC exceed the benefits of the operation, or when an operation requires a level of OPSEC that is unlikely to be achieved in a given set of circumstances and the costs of operational failure are sufficiently high, then the operation ought be abandoned for an alternative (unless matters are such that the alternatives are all even worse).

Leaving aside the morally disgusting and outrageous nature of the official's actions, the prudential lesson is that one should consider carefully whether a given operation is worth the candle. If someone tells me that it's safe to fly an aircraft so long as absolutely everything functions perfectly, then I don't fly in it unless there's something much worse waiting if I stay on the ground.

In other words, excluding ethical considerations entirely, there are actions for which the most appropriate OPSEC is to simply decline to undertake the action in the first place.

BJPAugust 28, 2014 12:53 PM


Do you use Google Docs? Or Calendar? Or Reader? Did you know that as an OpenID provider people can sign up for those services using a Yahoo account, and not solely with a Google account?

If you ever signed in to any Google property using your Yahoo account and you don't clear cookies or use incognito/private browsing mode, that's the most likely explanation of this. I presume you've used Google Maps on a mobile device else you wouldn't have bothered to check Google's location history. Did you ever login to those applications?

Was the site that appeared pre-populated hosted at or at

ScaredAugust 28, 2014 1:23 PM

I have never used any of those Google features and I have never used my Yahoo account for anything but logging into my email. I use Google maps a lot to print out directions, but I have never used it on a mobile device. I just clicked on the link anyway, wondering if it had logged my PC use of Google maps. Maybe I shouldn't use Chrome as my browser....?

BJPAugust 28, 2014 1:44 PM

I bet if you tried a different browser that you don't typically use, nothing would be prepopulated, and I would guess that Google redirected you to the Yahoo/Google affiliated sign-in page hosted at, which would have access to any stored Yahoo cookies you might have active in your browser from your last email session.

Or, your browser is saving usernames and passwords whether you want it to or not. In Chrome, go to the Settings page, then "Show advanced settings" and make sure all the options under "Passwords and forms" are unchecked.

(I'm not so scared here because, well, if Google knew your Yahoo password and had malicious plans for it, they wouldn't need to show you a login page, they'd just use it as they wished, anytime, preferably when you aren't watching.)

Clive RobinsonAugust 28, 2014 10:05 PM

@ Bruce,

You might want to add this,

To your "Security Theater by Lock Makers", list. A couple of researchers have developed software that takes a photograph of a lock key entry face and then produce a plastic "Bump Key" in plastic using a 3D printer.

Unlike earlier "3D Key" prints there is no need to see the original key, to make this work.

What is not said is just how good the photo needs to be. Whilst I doubt the current Google "Street view" will be even remotely close, it raises the question of "when" not "if" such online photos on the likes of real estate sales sites are going to be of sufficient quality...

Clive RobinsonAugust 28, 2014 10:42 PM

OFF Topic :

FEDs "confidentialy" warn LEOs etc about Google Dorking,

I'm told from other sources that some of the ObamaCare website security issues showed up on Google Dork searches, the attack vectors were that old and well known...

Thus "avoiding embarrassment" may be the primary reason for the "confidentiality" of the warning, apparently many LEOs sites are vulnerable to well known attacks that Google Robots have already squirreled away in it's database.

I guess it needs to be said, the advantage of Google Dorking is not just the ease of finding vulnerabilities, but importantly a potential target site gets no warning in IDS logs etc --other than googles robot-- that the site is being enumerated. The downside for the attacker or the simply curious is that Google stores all searches and makes them available to LEOs upon request (or payment...), so if care is not excercised then any dorking request can be back traced to the IP address that connected to google to do the search, plus potentially a whole load of other system fingerprinting / identifing information. Whilst Google Dorking is not yet a crime in many jurisdictions the evidence of such searches can be used in most courts as corroborating evidence, in just the same way records of your mobile phone location, or CCTV footage etc.

AdjuvantAugust 28, 2014 10:49 PM

@RevealedAtLast Has anybody else come across twelve-triple-three?
Yes, I was sure it rang a bell. Here we go: a mention via the uneven but indispensible Washington's Blog:
Agencies Have Gone Rogue … With No Oversight
Tracing back their source, it seems Sen. Feinstein's office cited it last year, as quoted by the WaPo.
Unsurprisingly, it's also been addressed long previously on multiple occasions in Peter Dale Scott's work.

ThothAugust 28, 2014 11:05 PM

Interesting how some ITSec companies prefers to ignore besides just feds warning about Google dorks. Almost the same case I guess.

The problem these people do not get it is that ignoring problems would not get them anywhere. The problem is how people respond to their own weaknesses especially when they are very aware of their own downfalls.

Proper Apache configurations, firewall rules and application rules would have been quite enough to prevent snooping around to find vulnerabilities. Most of the vulnerabilities out there are default passwords, misconfigured / no config / default config settings... the bane of all ITSec.

Rewrite exploit codes without relying on Google or Nmap with the same functions as Google dorkings or Nmap scannings in a brand new software would still point out the vulnerabilities because the vulnerabilities are still sitting there untouched.

Clive RobinsonAugust 28, 2014 11:34 PM

@ Buck,

Many years ago --long befor digital SLRs-- I showed it was possible to "key cut" on a photograph of a key taken from surveillance footage. I found that the high security lock industry were not the slightest bit interested in warning customers.

However I subsiquently found --whilst working in the "electronic lock" business-- that the likes of Mosad and other IC entities were very interested in such things for the likes of black bag jobs.

For those with an interest in "lock picking" "bumping a lock" is usually quicker and easier to learn than traditional "raking the pins" with torque and pick tool methods or even the "pick gun".

The downside to bumping is it's not very discrete and is sufficiently "odd" behaviour to catch the eye of a passer by. It's also --like using a pick gun-- quite noisy and is easily heard and recognised by a person on the other side of the door for quite some distance. Hence the interest in photo based key cutting.

And for those wanting to slow down those who lock pick one simple way is with door "draft strip" if your door lock has been correctly fitted then the addition of rubber draft strip pushes it out of alignment with the door frame which adds mechanical bind to the pulling back of the strike/latch. Although the lock can be picked it's usually a "two handed job" the bind makes actually turning the lock difficult, because you need a "third hand" to pull the door hard against the draft strip such that the lock is in alignment with the frame and the required "juggling" can cause the pick to be lost thus causing the picker to start again. However for a person with a key it turns a single handed operation to become two handed.

There are other simple tricks that make lock picking much harder such as adding additional springs to apply torque to the lock barrel and even adding shim plates to make pre-made lock bump keys misalign and thus fail.

AdjuvantAugust 29, 2014 12:02 AM

@Buck, Clive, et al.
With respect to physical security, my idle Internet wanderings have informed me of the existence of various next-generation locks that have been specifically re-engineered to resist known attacks. (The immediately apparent downside: $$$$)
Mechanically, the designs I've seen seem to make a lot of sense, though it would take an investigator of Clive's caliber to vet them properly.

The best ambassadors (and salesmen) I've found for these offerings run a site aptly named Security Snobs.

Nick PAugust 29, 2014 12:06 AM

@ Clive

Thanks for the great link! I'm sure this could be combined with the old trick that creates an attack based on a picture of a key. The combo of these techniques might be powerful. I expect they'll be re-targeted on a product by product basis, though. Figure out what the target uses, then hit a picture with a specific piece of software and analysis.

ThothAugust 29, 2014 2:26 AM

Seems like End-to-End 's Key Distribution model is toast. Too much assumptions. Looking at the comments, not a whole lot of good comments out there either.

Unless really likely it should model yet pretty good privacy key encryption yet...

RevealedAtLastAugust 29, 2014 4:15 AM

Executive Order 12333

So, something that many politicians complain about was rooted in the work of a Republican president of more than 30 years ago. Yet, most blame the present Democratic administration for the abuse. This is not a new thing attributed to a single political faction, but a persistently growing and worsening thing.

Gerard van VoorenAugust 29, 2014 4:38 AM

@ RevealedAtLast

Executive Order 12333

So, something that many politicians complain about was rooted in the work of a Republican president of more than 30 years ago. Yet, most blame the present Democratic administration for the abuse. This is not a new thing attributed to a single political faction, but a persistently growing and worsening thing.

Can the current Democratic administration revoke EO 12333? Yes They Can.

Until that hasn't happened I consider them to be as abusive as the Reagan administration and the G.W.Bush administration.

DBAugust 29, 2014 4:39 AM


If the current administration would stop abusing it instead of tremendously increasing it, there'd be no complaints here. They are getting less complaints than they deserve though, where's yours? You like the abuse?

AlanSAugust 29, 2014 11:48 AM

@Nick P

I went back and read your original post on conspiracy theories. I agree that people hold what one might call conspiracy theories all the time but I wonder about the value of calling something a conspiracy theory versus a theory. I am sympathetic to your annoyance with the use of the term. I think a more interesting question is how and why such so called theories come into being and how some ideas/claims get labelled as such versus another ideas. 'Truth' is in many ways less interesting than the political economy of ideas.

Add to the above the observation that ignorance is in some ways at least as significant as knowledge in the exercise of power. There is a field of study devoted to the creation of ignorance or  agnotology. The modern capitalist/surveillance state is highly versed in the practice of creating and exploiting ignorance. One could view many ideas that are labelled conspiracy theories by one group or another as the results of agnotology.

Conspiracy theories always have a subject but an anti-humanist analytic or Foucaultian approach is probably a better means to gain a perspective that allows for the possibility of resistance.  From this perspective the more interesting level is at the level of practices and ways of thinking about the world that  structure social relations and subjective experience.  For Foucault, modern power was closely tied to neoliberal governmentality.

You could take the claim that  "almost everyone engages in conspiratorial-like behavior" and argue that that's the nature of modern subjectivity: the rational, self-interested actor competing against everyone else. The BBC did a series of three documentaries on this a  few years ago, called The Trap: What Happened to Our Dream of Freedom. The documentaries take in Hayek, Cold War nuclear confrontation, game theory, Rand Corp, Chicago School economists, Thatcherism, New Democatrats/Labor, R.D. Lang and more. The interviews with John Nash are a must view. The point being, I think, that we live in a world  shaped by ideas that once made sense to a paranoid schizophrenic. Nash, now on his meds, recants. Don't expect any of the other players to recant any time soon if for no other reason than it's hard to think outside the box of our own subjectivities. 

Nick PAugust 29, 2014 2:49 PM

"I went back and read your original post on conspiracy theories. I agree that people hold what one might call conspiracy theories all the time but I wonder about the value of calling something a conspiracy theory versus a theory."

It has some value in the sense of categorizing what kind of theory it is. Yet, many have claimed the CIA invented it as a way to discredit investigations into real criminal activity. And media and most articles use it to discredit claims almost 100% of the time. So, the phrases identity means it shouldn't be used for legitimate investigations. You're probably right in that we need to eliminate the term altogether by using better phrasing. The phrases "investigative journalism" or "criminal investigation" come to mind. ;)

"There is a field of study devoted to the creation of ignorance or agnotology. The modern capitalist/surveillance state is highly versed in the practice of creating and exploiting ignorance. "

I didn't know there was a field studying ignorance haha. Thanks for the tip. Yeah, any commercial activity involving persuasion would use such techniques or leverage such research.

"the rational, self-interested actor competing against everyone else"

Well-put. That's essentially the foundation of my argument. I mix in some group theory, too.

re BBC documentaries

Had never heard of them. They sound like an interesting mix of stuff. Thanks.

re Nash

"The point being, I think, that we live in a world shaped by ideas that once made sense to a paranoid schizophrenic. Nash, now on his meds, recants. Don't expect any of the other players to recant any time soon if for no other reason than it's hard to think outside the box of our own subjectivities. "

Wow. Reading that was funny and painful realization at the same time. Well worded.

AdjuvantAugust 29, 2014 5:01 PM

@Nick P The phrases "investigative journalism" or "criminal investigation" come to mind. ;)

Both good. I'd also suggest "deep politics" and the study thereof.
Tangentially, here's a fine lunch club. I'd love to have been a fly on the wall!

"Recently, a number of influential authors and researchers into the nature of democracy and the security state gathered for lunch at the home of Peter Dale Scott, who’s credited with coining the phrase “deep politics." Present were "Scott, WhoWhatWhy Editor-in-Chief Russ Baker; Salon founder and media entrepreneur David Talbot; celebrated Pentagon Papers whistleblower Daniel Ellsberg; and former Washington Post editor and reporter Jefferson Morley."
A good group to watch.

BuckAugust 29, 2014 6:06 PM

@AlanS et al.

The point being, I think, that we live in a world shaped by ideas that once made sense to a paranoid schizophrenic. Nash, now on his meds, recants. Don't expect any of the other players to recant any time soon if for no other reason than it's hard to think outside the box of our own subjectivities.
In the context of 'conspiracy theories' - it may also be interesting to consider the origin of 'paranoid' schizophrenic 'diagnoses'... Now, I can't claim to know what John Nash was going through at the time, but there's no question that he could have been a target for a variety of organizations. If taking his meds (and recanting) resulted in the cessation of his delusions, then case closed! Right..?

Nick PAugust 30, 2014 12:31 AM

@ Buck

It's possible but I think it's more likely he was paranoid schizophrenic. Now, the MKULTRA program might interest you if you're looking into such stuff. They did all kinds of stuff to try to influence minds. Some people involved were important psychiatrists in big name schools and one in World Psychiatric Association. Many top psychiatrists torturing minds for the government. Yet, many diagnostic criteria label as textbook schizophrenic anyone claiming to be experimented on by the government, such as mind control or implants. That top psychiatrists were involved in that and made it criteria for mental illness, including lobotomies, is quite a thing to wonder about.

Gotta wonder how many people suffered a cruel fate because they just told the truth about a government psychiatrist to their personal psychiatrist. And that psychiatrist consulted a manual influenced by the government psychiatrist. A clever insurance policy by Richard Helms and Company. (capitalization intentional)

AdjuvantAugust 30, 2014 4:34 AM

@Nick P
Since you mentioned it, here's best single introduction I've ever seen on MKULTRA and associated programs, from a psychiatrist responsible for FOIA-ing much of the documentation we have on them. The speaker, Dr. Colin Ross, is controversial and has (for unknown reasons) publically embarrassed himself at various times, but this is a fine talk. The first 27 minutes or so are the speaker's personal experiences with coming into contact with the subject via his patients. Start at 27:30 if you want to dive straight into the meat.

Nick PAugust 31, 2014 11:07 AM

@ Adjuvant

Great talk! I appreciate it. I remembered a lot of these names and results. One new disturbing find is Carl Rogers being CIA-connected. That's mind blowing seeing he was my favorite one back in school. I'll have to double check that one before I repeat it.

Nick PAugust 31, 2014 12:20 PM

How NSA spies on international bank transactions

I just re-read this story from 2013. It was an interesting story and worth a re-read to keep it in memory. Yet, what jumped out at me was one of the last statements:

"According to one document, the agency had access to data from Western Union, a company that manages money transfers in over 200 countries, for quite some time. But in 2008 Western Union began to protect its data with high-grade encryption. This made access virtually impossible, as NSA staff members complain in one paper."

So, high grade and apparently pervasive encryption made the NSA's job nearly impossible. Knowing other attack vectors, I doubt it really made the job impossible for NSA: probably just the groups that do bulk collection and analysis. Yet, it reinforces that encryption done right makes their job harder and can even force them to use TAO for targeted ops. Pervasive use of crypto, good security practices, and equipment sourced from many places might cause their collection to go to a trickle. The secure hardware, software, protocol, and service developments will just further choke them out.

AlanSAugust 31, 2014 6:13 PM

@Nick P

I also hadn't heard of the Adam Curtis documentaries until a few weeks ago (FYI: ThoughtMaybe, the site I linked to, also has a large catalog of documentaries on surveillance.) I'm not sure I buy his whole story. I think he could have left all the R.D Laing and drug stuff out. And some of the visuals are a bit OTT. The documentaries are fun to watch but there are books that cover this ground in much more detail and sophistication.

Here's a paper that deals with the creation of and creative uses of ignorance. It is a free download at the moment and is part of a special Economy and Society issue, Strategic unknowns: towards a sociology of ignorance. (Donald Rumsfeld's famous 2002 "there are known knowns; there are things that we know that we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know" speech is not unconnected, apparently the speech was given after a presentation to the DoD by Nassim Nicholas Taleb.)

William Davies & Linsey McGoey. Rationalities of ignorance: on financial crisis and the ambivalence of neo-liberal epistemology. Economy and Society, Volume 41, Issue 1, 2012.

Philip Mirowski (who also appears in The Trap as a commentator) also discusses the uses of ignorance throughout Never Let a Serious Crisis Go to Waste.

Agnotology gives a whole no twist to risk management.

AlanSAugust 31, 2014 9:42 PM

Last sentence above should have read:

Agnotology gives a whole new twist to risk management.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.