Friday Squid Blogging: Nutty Conspiracy Theory Involving Both the NSA and SQUID

It's almost as if they wrote it for me.

These devices, which are known as super conducting quantum interference devices (SQUIDS for short), can be attached to NSA signals intelligence satellites and used to track the electromagnetic fields which surround each of our bodies.

These devices make it possible for agencies like the NSA (National Security Agency) to track any person via signals intelligence satellite 24 hours a day, while using *EEG Heterodyning technology to synchronize these satellites with the unique EMF brainwave print of each American citizen.

Definitely tin-foil-hat territory. I don't recommend reading it all.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

And apologies for this being late. I forgot to schedule the post.

Posted on May 31, 2015 at 4:08 PM • 165 Comments

Comments

ThomasMay 31, 2015 4:20 PM

> And apologies for this being late. I forgot to schedule the post.

Forgetfulness is a common side-effect when synchronising the heterodyning satellite to a subjects brainwaves.

StefanMay 31, 2015 4:52 PM

> I don't recommend reading it all.

We understand. Yet you happen to mention that it was like written for you. And you post a link to the article here.

Sure;-)


PeterMay 31, 2015 4:53 PM

Lockheed Martin is having problems with securing the inflight data stream from the F-35 aircraft down to the ALIS system on the ground.

So even after all these years the F-35 program have been running they still do not have a good (read secure) enough stream encryption system.


https://www.ainonline.com/aviation-news/defense/2015-05-27/f-35-maintenance-support-system-advances-without-downlink

http://breakingdefense.com/2013/08/dont-ask-alis-yet-f-35-wing-drop-issue-fixed/

Markus OttelaMay 31, 2015 5:55 PM

Google I/O presenting E2EE chat tool with Project Vault:

(@ Nick P: Would love to hear your thoughts on this ^)

Nice to see keys and encryption being done on separate environment. This doesn't change the fact anyone compromising the phone can see plaintext as it's being written to input the file. Message logs have also become the norm with chat clients so PFS does little good. Transparency is a good thing, networking the input device that connects to TCB isn't.


Also:

Future of films: Use your mobile device to look into any direction of a film.
or
Future of surveillance: Have Google visually image your entire home while you're watching films.
(Great talk BTW)

tyrMay 31, 2015 6:01 PM


LOL

This means they have solved the teleportation of
liquid nitrogen into orbit problem.

AlanSMay 31, 2015 7:37 PM

Now the Tories have been elected with a majority in the UK (although having only secured something less than 25% support from the electorate) the Snooper's Charter is back on the agenda and beefed up with additional powers to boot: See Wide-ranging snooper's charter to extend powers of security services (has a cool picture of a woman wearing millions of pounds in diamonds delivering a speech on the government's plans to dish up more austerity) and Queen’s Speech: Snooper’s Charter is back, plus extension of GCHQ powers.

However, the Scottish National Party seems set to cause endless trouble for them on all fronts over the next 5 years. They've already said they'd block their plan to scrap the Human Rights Act. And have upset the Tories by securing a seat on the Intelligence and Security Committee, presumably because the SNP, as the primary threat to the established order in the UK, is one of the main targets of the intelligence services. Damn that democracy! And to kick-off the SNP have demanded a debate on the information disclosed by the Trident missile whistle-blower. More fun to come as the UK continues on the path to becoming disunitied.

ThothMay 31, 2015 8:40 PM

@Peter
They should just give the eSTREAM project (especially the Salsa/Chacha ciphers) a try and openly send their best crypto teams at the eSTREAM project since it's an open project sitting out there simply waiting to be used.

Of course the NSA wants their fanciful proprietary crypto protected from public reviews or espionage to add the additional surprise against their contenders and enemies who might try to reveal their algos but it's about time they take a good look at the open crypto community and also learn to thank the open community and not keep stabbing us in the front and back (although that ain't coming anytime soon for a warm harmless hug).

They have their SAVILLE block cipher rated at TOP SECRET which they can put it on CTR mode for streaming just like how AES can be equipped with CTR mode for streaming based AES.

Maybe they want something more sophisticated than a simple CTR mode ? Oh, I forget that sharing their SAVILLE in CTR mode meant they had to share out their TOP SECRET algo SAVILLE which might be less than likely to happen so they are still better off picking an already available eSTREAM cipher especially those ciphers have gone through a ton of cryptanalytic attacks in the open.

Talk about the BreakingDefense website, the name sounds ominous. Hmmm ... :D .

@Markus Ottela, Jacob, Wael, Clive Robinson, Nick P
The better scroll timing for the Youtube video should be 50 minutes into the video so we can get more of the context first :) .

Firstly, microSD based secure elements are rampant. Below are some links of the most common microSD SE.

Links:
- Smartcard HSM (http://www.smartcard-hsm.com)
- Swissbit SE [Not from Switzerland] (http://www.swissbit.com/index.php?option=com_content&view=article&id=290&Itemid=598)
- CredenSE (http://www.credense.com)
- G & D Mobile Security Card (http://www.gi-de.com/en/about_g_d/press/press_releases/G%26D-Unveils-microSD-Card-with-Smart-Card-and-NFC-Contactless-Functions-g8288.jsp)

They are essentially smartcard controllers embedded into the microSD form factor. They also double as microSD storage device for most of them. I personally own a Smartcard HSM (a lower powered HSM in a pocket) to play around with one of these.

The interesting of the Project Vault's microSD is it seems to be using the dummy WRITE and READ files as communication channels where you monitor these two files for messages whereas most microSD SEs uses the smartcard APDU protocol to communicate. I have not viewed the source codes so I am not able to comment exactly how it works though.

The first thing that comes to my mind is whether the fake files would properly flush off it's data if there is a sudden ejection of the microSD card from the slot or will the files cache the data inside and is the file encrypted. If the files are encrypted, what would serve to cipher the files and by what means assuming the microSD card does not support standard APDU communcication channel and only has a single channel of communication which is the READ/WRITE files ?

Another point is the wasting of a microSD card slot on the device (if you have to use an external storage at some point in time) which if the card is captured, it is very dubious looking since you can't essentially operate it in a normal filesystem fashion where your captive might expect it to do I/O whereas the other microSD SEs allows the use of their devices as normal storage devices and may look less dubious since it has a filesystem for normal storage and APDU channel for smartcard mode and can be disguised as a random SD card with holiday pictures and some PDF eBooks unless the captive decides to open an APDU smartcard channel to the SE and it replies back with smartcard responses.

There are also no considerations of trusted paths between the microSD slot, microSD SE, the input keyboard, screen, processor, RAM and so forth in between. Anything can intercept the messages and modify them.

In the previous Squid post, I think I did bring up about the ARM Trusted Path that uses the ARM core's TrustZone TEE environment to encrypt the paths between the screen and input to the ARM's TrustZone. A screen handling event when under the possession of a trusted codebase would be locked by the ARM core and the screen to ensure a third party application like a screen recording or capturing tool could not tap into the screen and take possession (in simple, the temporary ownership of the screen and on-screen keyboard belongs to the trusted app). The encrypted datapath between the screen and TrustZone applet/trustlet/codes prevent tapping of the data channel. Of course a shoulder browsing physically next to the target would be the most obvious attack vectors but it would effectively rule out remote attack vectors like the use of screen captures and screen recordings (ARM TrustZone).

To re-iterate, pathways between peripherals must be secured and trusted and the end peripherals must be secure as well which is why the making of a secure smartphone is so difficult but still do-able as we have seen Thales and General Dynamics making secure smartphones up to the classification level of (COSMIC) TOP SECRET levels for VVIP usage in high risk theaters.

The OS of the phone itself might also be vulnerable if it is not using a high assurance approach and similarly (yet again) the base chip modules and physical channels are high risk attack vectors.

Trust of crypto-chips themselves as root of trust can be very discomforting knowing that the Warhawks themselves are already in the midst of making everyone including their own friends insecure. Even if Google were to publish the blueprints of the circuit layouts for their crypto-chips and open source all their drivers and codes, nothing is going to stop a backdoor in the device's metal layers as @Clive Robinson and @RobertT have spoken many times about.

A hardware/software backdoor on the phone itself would also be more than enough to compromise the design of Project Vault which simply places it's root of trust in the microSD SE and brings about a single point of failure.

Nothing was mentioned about the tamper resistance the microSD SE could handle and how it mitigates side-channel analysis either.

In general, a microSD SE is as good as a defense against LSA attackers with rather low assurance and a microSD SE that does not disguise it's operation like a normal microSD (allowing filesystem usage) looks even more suspicious.

I personally feel that the incapability of producing a secure phone is more of a political issue due to the current political climate. Nothing can be absolutely secure but they can be secure to an intended extend.

Google had the spare cash to spend on the microSD SE but surprisingly not use it for high assurance TFC-like setups (probably they still don't know much about security assurance designs) which the microSD SE would not have much assurance at all.

@Figureitout
Better ways of making security more usable with higher assurance would include porting the high assurance seL4 for ARM (with TrustZone) and to have a PCB board that have minimal peripherals (no audio/video/Wi-Fi/bluetooth) to make a TFC-like setups in smaller and more portable packages. The ARM TrustZone is simply used to store currently used keys in case of low attack vectors for physical tamper (keys can be wrapped and stored) while the crypto codes are executed without using the TrustZone crypto engines in case of backdoors.

A secure bridging of the TxM and RxM to create a single consistent secure display would also benefit users so they wouldn't have to look at a TxM and RxM screens by doing a oneway route of transmitted messages from the TxM into the RxM and then the messages are formatted according to timestamp by a high assurance handler which the seL4 kernel would provide the OS layer of assurance. Hardware layer bugs to disrupt the proper functions of the seL4 kernel and software layers are not considered yet.

This would simply meant you can use a single casing with a separator to house both TxM and RxM and on the RxM side with a simple screen display. Preventing of side-channel manipulation between the TxM and RxM is also not considered yet and is possible to execute (which the current TFC might also suffer from hardware side-channels).

TivoExpatMay 31, 2015 9:08 PM

@Tyr
Liquid Helium too. Medical/Research Grade SQUID tech still uses Helium (jacketed with Liquid Nitrogen).
And even more impressive without the several centimeters of shielding typically required for a room surrounding the subject/patient.
Maybe they are using the Rubidium based tech from NIST?
Tinfoil is the new black, but even this sounds pretty hilarious.

Slug Crawling Across a Razor BladeMay 31, 2015 9:26 PM

@'the Mother Of All Black Operations'

Okay, I am kind of disturbed here that anyone even feels that such an article needs to have a preface, or an apology. Like how we have to add "j/k" after a clearly obvious joke, or explain, exactly, and every instance, where we are using sarcasm.

But, well I guess one does with something like this...

Okay, so this is beautiful:

These psychological operations are often carried out with a demented inside joke in mind that only the agents who perpetrate them and the person who is the target of these psyops is aware of.
As an example of this think of the bogus NSA whistle blower Edward Snowden who is more than likely controlled opposition. And the first part of his last name: Snow as in "Snowjob."
Many Targeted Individuals have described how people they know are murdered for doing something as simple as eating a food that is "not allowed" or wearing a piece of clothing that is the "wrong color."

What does this site reek of? Someone, who, for whatever reason, got sick and tired of all the bullshit conspiracy theories they see out there, and they decided to go 'hog wild' and create this outrageous, satirical site.

It is too organized for the work of a minor psychotic, much less a major one (as the depth and breadth of these theories would imply)... so, it is all fake. And of the sort of satire sometimes people in government fall into, where they just want to go, 'one', no 'many' steps further. And make it all into a joke.


BuckMay 31, 2015 10:22 PM

@AlanS

My outsider perspective (of course, this being my default position on these matters, and I'm clearly speculating here) is that the Trident missle whistle-blower is nothing more than a clever hoax... On the one hand, if The Simpsons have taught me anything, it's that our 'nucular' engineers are extremely lazy and incompetent drunkards. However, this thought creates a cognitive dissonance with what I accept as a truism about The Military being highly disciplined and more than well-aware of the potential consequences from a self-induced ignorance.

JustinMay 31, 2015 10:27 PM

@ Slug Crawling Across a Razor Blade

This conspiracy theory isn't meant for the general public to believe, and it's probably not just a satire, either. It may be meant to convince or intimidate "targeted individuals."

Who knows? Probably there are a few people here and there in practically every part of the world who are "targeted" for one reason or another. And more people who think they are targeted. Wacky conspiracy theories flourish.

Google (or duckduckgo or whatever) the terms "gangstalking," "targeted individuals," "organized stalking," and "electronic harassment." You'll find a whole community out there---a subculture, if you will---organized around this stuff, (and the key words I just mentioned.)

Who might be seeking information on such topics? And who might be putting out (mis)information on these topics? I wouldn't put it past those Russian trolls to encourage this sort of thing, and well, once it gets going, it sort of takes on a life of its own.

tyrMay 31, 2015 11:54 PM


@Nick P

That was a great link (SymbOS). I have to give him credit
for perseverance. I'm beginning to wish I'd bought one
of the Ciarca boards (Z80 w/512K memory support built in.

@all
I'd also like to thank people for the interesting YT links.

Now back to the regular Rus troll channeling dscussions.

FigureitoutMay 31, 2015 11:58 PM

Thoth
RE: "secure smartphones"
--I would stop dreaming about that, if we can't even get secure SoC's and other chips. It's too good to be true.

RE: boards w/ seL4
--Know of any that have successfully ported this kernel to a chip I can buy for sub $10?--Speak of the devil...did quick search and: http://heshamelmatary.blogspot.com/2015/05/porting-sel4-to-risc-v-status-report-no1.html badass...Monitor this. Google summer of code delivers some insanely cool projects; goddamnit google lol.

RE: possible side channel defense monitoring current
--So I constantly monitor current on devices I flash, and I quickly noticed a pattern of a specific current during flash and even still while the chip was "engaged". It is exactly the same, every time. To program a microchip/controller, requires typically some proprietary protocol and specified power levels. Monitoring and causing either alarms to sound or immediate shutdown of the chip, I think could be a fairly simple yet strong countermeasure to remote firmware flashing (barring of course, hacks on the level of 'rowhammer' being so destructive it doesn't matter) being unnoticed. Setting up a monitor on the current, as everyone knows, is as simple as putting a current meter in series w/ the power source of the chip. Now what may be tricky is monitoring additional power pins of a chip and if the other pins aren't protected via either diodes or pull-down/up resistors (or tri-state the pins) and shielded; some kind of attack Clive Robinson mentioned w/ just LED's...getting serial data in the chip (code is the next step...). I'm thinking keep LED's for debugging and if this is considered a legit threat remove those unless opto-isolated.

These kinds of changes take months sometimes to get right. Probably won't be able to test an actual TFC setup (don't have enough PC's I can devote to it) but just loading samples of random voltage levels on a GPIO pin is a big problem I think if not shielded. I got some tests I'm going to run which we can debate if they're bullsh*t or not.

ThothJune 1, 2015 12:16 AM

@Figureitout
The "secure smartphone" would only be secure if you happen to be in one of the hush-hush Warhawks top tier players where you get to control all the supply chains in the World otherwise it is very unlikely to happen that easily.

Good to know they have seL4 on RISC chips. Gonna watch it and once it becomes more mature, might consider dabbling in it too.

If you know the proprietary currents and frequencies for a chip or if those information are openly available, you could equip an electronic detector to protect the chip from unauthorized activities (like remote wiping as you mentioned).

name.withheld.for.obvious.reasonsJune 1, 2015 12:40 AM

Senate Proceeding, Sunday, 31 May 2015; Capital Building, Washington DC.

During the senate proceeding scheduled by the Leader, Mitch McConnell, the senator from Indiana, Burr, entered into debate prior to a introduction of a vote to proceed on bill passed earlier in the house, USA Freedom Act.

The junior senator from Kentucky,Rand Paul, interrupted Burr seeking time in opposition (claiming the remaining five minutes) but before Senator Paul could claim time the Senator from Arizona, McCain, chastised the junior senator and suggested "learn the rules of the senate". Tempers flared as McCain elevated the number of degrees in the chamber, Senator Grassly seated as the presiding President of the Senate also became inflamed...the neo-con chicken-hawks attempted to squelch the junior senator but during a quorum call, Paul asked to "dispense with the quorum call and be granted the remaining 5 minutes of the time in opposition". Grassly reluctently conceded the floor to Paul who used the time to speak at the top of his voice about the illegality and immoral legislation as determined by the Federal Second Circuit Court of Appeals.

The senate has demonstrated its contempt for external pressures applied to the either the leadership or the neo-cons, there is no willingness to debate and positions are fixed...this is not a deliberative body.

JeremyJune 1, 2015 12:47 AM

@ Justin

Good point. His deliberation, to blog about them, alone support your claim that he is either not psychotic enough or acting in pretense. Reading these types of blogs is where ones common sense must prevail or one fell prey to intel pros and Russian trolls aloof.

For these types of googling, duckduckgo is my go-to source for the sake of sanity. Google serves too much optimization and meddling to their results to give the false illusion of correctness.

FigureitoutJune 1, 2015 1:06 AM

Thoth
--I wouldn't necessarily say the "warhawks" control the supply chain, I'd say other countries have stepped up here and elites in the US sold out our country stupidly (good news for people wanting to attack us). All the workers along the way are all threats to that need to be but can't be mitigated...If it's all automated then malware in manufacturing controllers is a concern...Insecure supply chain is the first slap to the face that you can't be assuredly secure...just maybe if you try hard enough.

I haven't used a spectrum analyzer while flashing, which would be a good thing to know if I could find the frequency...I'd have a hard time justifying that in the lab though lol. I'm not stating the currents on these chips for some obscure law too, but it's simply found by putting a current meter in series w/ whatever is your power source (I've never seen them in datasheets). What's tricky then is making sure you're isolating components to get the actual current for what you want (multiple chips throws this off).

It's not just wiping, it's injection of malicious firmware (basically a rootkit of sorts) that needs to stop now; and of course I'm always thinking of the next "lower level" like literal physical malicious logic in the hardware that will force malicious outcomes in software no matter what ugh...Found some nitric acid today that was kind of cheap and I may pull trigger, just need a good microscope now lol for basic hardware forensics.

Clive RobinsonJune 1, 2015 1:29 AM

The EFF have put out the following over the demise of section 215,

https://www.eff.org/deeplinks/2015/05/section-215-expires-now

In their view a tiny step forward, in a long journy, but a start in the right direction is progress nevertheless.

I suspect we have started in on a new "hundred years war", where they will relentlessly (at the tax payers expense) keep trying all the tricks their overpaid legal sophists come up with, whilst the people will have to remain ever vigilante to defend at short notice.

Meanwhile back at base the IC will just carry on as before ignoring the law and playing word games with the oversight and behaving like a pack of "number runners". Almost certainly they will find ways to facilitate via extra jurisdictional tricks through other friendly FiveEyes etc, thus further weakening security not just for the ordinary mortal and their employer but for National Security as well...

Clive RobinsonJune 1, 2015 1:44 AM

@ Bruce,

That article definitely has mind altering properties, I think I lost ten IQ points before I got to the point where the author thinks you can beat the thermal noise floor with hetrodyning (think how a Spread Spectrum system works) whilst not suffering a loss in bandwidth...

65535June 1, 2015 2:42 AM

@ Clive

“…we have started in on a new "hundred years war", where they will relentlessly (at the tax payers expense) keep trying all the tricks their overpaid legal sophists come up with…”

That is a fair statement. The Intelligence Community is becoming a growth sector of the economy. If allowed to continue to grow it will become “too big to fail.”

[EFF]

“The Senate let three provisions of the Patriot Act expire: Section 215, the section the government uses to collect phone and other business records in bulk, the "Lone Wolf provision," and the "roving wiretap" provision. Section 215 now—at least temporarily—reverts to its pre-Patriot Act form, which doesn’t permit any collection of financial or communications records, and requires the Government to provide “specific and articulable facts” supporting a reason to believe that the target is an agent of a foreign power.” –EFF

https://www.eff.org/deeplinks/2015/05/section-215-expires-now

This is currently one of the best options. I would like the Senate to not pass USA FREEDOM Act because it contains about 90% of the Section 215. Stop here and no more spy laws!

Unfortunately, it looks like the USA Freedom [freedom to spy] will pass on Tuesday. That is not much time to change the USA Freedom Act.

I would also guess there is some extension to Section 215 that has been put in place out of the public’s eye. The Hundred Year War on citizen’s rights continues.

PeterJune 1, 2015 3:45 AM

@Thoth

Lockheed Martins track record for coding in the F-35 project is not really the best.
The software of the aircraft is about 10 millions lines of code and for the external systems, about twice of that.

And the magical logistical ALIS-system is a mess.

"You don’t mission plan without it, you don’t maintenance debrief without it, you don’t pull your training records without it, you don’t make sure the airplane is ready to go without it — so it’s so crucial to maintaining this airplane. It’s frightening, almost," said Bodgan. "One of the big problems was security. You can imagine that a system that has all that information about an F-35 Joint Strike Fighter in it: what parts need to be fixed, what pilots are qualified, what maintainers are qualified, what mission planning is going on. You’ve got to protect that information…. We did some testing and found some vulnerabilities."

LM seem to aim for over complexity and deliver under performing code, way behind schedule to a cost beyond anything.
And on top of that - US DoD do not even own their own data the aircraft and its system produces - Lockheed Martins owns it all...

ThothJune 1, 2015 3:47 AM

@Figureitout
Hmmm ... you found some cheap nitric acid ? Good luck with decapping some IC chips :) . Would be very interested in what you discover in those black boxes. And yes, you need a pretty good microscope to look at the circuits. Make sure to keep an ample supply of lab rats before destroying them.

@all
Re: IC Becoming Growth Sector
It is more like the entire Military-Intel-Security-Industrial Complex is benefiting from all these. On one hand, they sell defensive products and on the other hand they sell offensive products and are profiting very well from their Government contracts while leaving the civilians in the open to fend for themselves.

ThothJune 1, 2015 3:50 AM

@Peter
That's how powerful the Mil-Intel-Sec-Industrial Complex is these days. They are close to being able to influence the state they supposedly are hired to work for under contracts and are close to being able to influence world events to their favour.

I wonder how many wars that US waged are influenced by these contractors ?

AnuraJune 1, 2015 3:59 AM

I've mentioned before that we need a simple, modular system as a replacement SSL. I decided I'm going to start working on a draft to see if I can get some attention. Essentially, it will be built upon three main crypto interfaces:

1) Handshake
2) Deterministic CSPRNG
3) Non-Deterministic CSPRNG
4) Encrypt+Auth
5) Communication Layer

Each piece can then have a protocol plugged into it. While the high level of handshake basically gets pass/fail validation + key initialization, below it could use a number of protocols. These are the Key Exchange + Authentication protocols allowed:

1) (Anonymous Ephemeral Key Exchange + Key Confirmation)
2) (Key Exchange + Signing + Key Confirmation)
3) (Authenticated Key Exchange + Key Confirmation)

I would provide one interface for each of those, but allow extension later on. During the handshake, the protocol would require that the hash of the previous message along with the hash or auth-tag that was included with it be prepended to the message. (1) does not provide man-in-the-middle protection, so whether or not you enable it depends on your needs (some encryption is still better than no encryption). In (2), each message is signed as soon as a certificate is available; if the client has a cert, it will sign those messages as well. In (3), the key exchange will occur and when that is done a final deterministic message will be sent with Encryption+Authentication from each party to confirm the key exchange was successful; this provides the information needed to verify the key holder; this is for when using you have a static diffie-hellman key, but no signing key.

The handshake protocol is passed both RNGs, the Message Encapsulation protocol, and the Authenticated Encryption Protocol, and it responds with the initialized authenticated encryption algorithm; the deterministic is used to derive authentication and encryption keys from the shared secret, while the non-deterministic is used to generate secrets.

The authenticated encryption algorithm is passed messages and both RNGs so it can generate IVs and rekey as necessary depending on the protocol used. It encrypts entire messages, although how the data is broken up into messages is determined by the communication layer.

The idea is that each piece should be as simple as possible so that they can be coded separately and verified on their own, and then reused with other protocols. So instead of having one mess of a protocol with 100 pages of specifications, you would have a handful of protocols around 10 pages each or less.

ThothJune 1, 2015 4:11 AM

@Anura
It needs to be use-able in embedded devices as well so the certificate should be formatted in a way that embedded devices without access to String and Char types can still work.

CuriousJune 1, 2015 4:15 AM

Did I not just recently see news about how NSA/GCHQ intended to thwart the apps market?

I found this article about a supposedly secure crypto app (Scrambl3) on Phys.org today:
http://phys.org/news/2015-06-privacy-app-page-nsa-technology.html

Bruce is namedropped near the end of the article, with there being a paraphrase and some kind of quote about NSA, and imo it looks like it was jammed in there. It seem unclear if Bruce commented on this app or if they just copy pasted feecback from some other context.

Knowing that faulty or mischievous implementation of crytpo is a terrible thing, quotes like "We believe the NSA cannot break our encryption," (Jon Hanour - USMobile) doesn't seem comforting to me.

AnuraJune 1, 2015 4:22 AM

@Thoth

I figure I'll leave the actual certificate format as X.509 for now.

Bob S.June 1, 2015 5:25 AM

Unique EM field tracked by satellites? Sounds plausible to me. Unless, of course, I am wearing my DOUBLE LAYER QUILTED foil hat, then I am invincible.

In other news, it appears the Patriot Act will be PERMANENTLY replaced by the Freedom Act which is the PA with a few tweaks. For example, meta data will stay with Telcos subject the orders from NSA's LAPDOG: FISA.

I give Rand Paul due credit for fighting. I was all the way with him until he said he would vote for the Freedom Act tweaked so long as a vote on a couple amendments was allowed. Regardless, he tried a lot harder than the majority of Congress.

Once government seizes power from the people they don't want to give it back. That's understandable. What if you could listen to everyone's phone calls, read their email, spy on them through their computer cam?

Would it give you a great sense of power, too?

Marcos El MaloJune 1, 2015 7:58 AM

@Bob S.

Be careful where you source your aluminum foil. Most aluminum foil today is engineered to enhance or amplify brain EMF instead of shielding it, although you'd never know this from following the mainstream media. The only way to be sure is to fabricate the foil yourself.

Bob S.June 1, 2015 9:04 AM

@Marco

In re: "...aluminum foil today is engineered to enhance or amplify brain EMF instead of shielding it..."

Well, there is some debate about that isn't there?

Generally, I refer these matters to the seminal and decisive study done by MIT in 2005:

On the Effectiveness of Aluminium Foil Helmets: An Empirical Study

As can be inferred the actual frequency of the offending rf is deterministic in the measuring the reflective, deflective and thus protective strength of the foil. Also, I see MIT failed to address manufacturing and source variations in the actual foil product. Based on the Snowden Revelations we now know NSA has it's tentacles in virtually everything these days, so it's not hard to imagine they have infiltrated management of the vast Canadian aluminum mines for example. And of course the Chinese have vast reserves which calls into question their involvement.

Luckily, I laid in a supply of Alcoa heavy duty quilted many years ago in anticipation of these things.

I'm OK, but I'm not to sure about you.

Thanx for the tip however.

StefanJune 1, 2015 10:02 AM

@Curious, Surprised

the phys.org article about Scrambl3 says that:


While the system was developed in collaboration with the NSA, it has no "backdoor" access for the intelligence agency, according to USMobile.

I would not be surprised if it is another Whisper, however.

Whisper, those lying bastards.


Bob S.June 1, 2015 10:51 AM

Re: Scrabl3: It's ridiculous to assume anything released to the public by NSA is secure. Their job, as they see it, is to break and sabotage electronic security.

KermitJune 1, 2015 10:55 AM

Hackers Scan All Tor Hidden Services To Find Weaknesses In The 'Dark Web'
http://www.forbes.com/sites/thomasbrewster/2015/06/01/dark-web-vulnerability-scan/


In a matter of hours last week, the entire semi-anonymising Tor network, where activists and criminals alike try to hide from the gaze of their respective authorities, was traversed by PunkSPIDER, an automated scanner that pokes websites to uncover vulnerabilities.

Created by Alejandro Caceres and his girlfriend-cum-business partner Amanda Towler, PunkSPIDER, which provides a simple Google-like search tool for weaknesses in the vast number of indexable websites that exist today, has turned its gaze to Tor-based sites.

MikeAJune 1, 2015 10:58 AM

A (non-Bruce) security researcher commented some years ago that tinfoil was not effective against modern mind-control techniques. He recommended a mu-metal helmet.

Of course, I can't help but notice that mu-metal (and fabrication with it) is quite a bit more expensive than had-made tinfoil hats, so maybe this is just an example of "All the security you can afford".

(As for the notion that the military is disciplined and organized, that view could only be maintained by someone who has never talked to anybody below the rank of Lieutenant)

albertJune 1, 2015 11:14 AM

That the IC has been researching mind control is very old news. That an individuals EM field could be 'read' from a distance (like space) would be a stunning advance in physics, far overshadowing any 'mind-control' applications.
.
So, no, it's BS, but amusing nonetheless.
.
In any case, such 'mind-control' 'research' seems a little outdated. We've got a very effective mind-control system in place, the MSM. You input $$, and you get to determine the ouput: DIGO! Brainwash the Unwashed Masses, marginalize the critics, and you're good to go. Always go with the simple, tried and true, low-tech solutions.
.................
@tyr,
@TivoExpat,
They've been using advanced detector cooling in satellites for decades now. The only major problem is the heating of the instruments by sunlight, otherwise it's really cold up there:)
.
Back in the 60's, we used to joke about vacuum tubes (thermionic valves:) not needing envelopes in space, because the vacuum is better than you can get in an earth-based tube. (Tube tech is still used in some satellites).
.
...

Slug Crawling Across a Razor BladeJune 1, 2015 11:42 AM

@Justin

So, you are saying there are people who spend a lot of time on this kind of thing, in order to fuck with the heads of paranoid schizophrenics and other psychotics. How charming.*

http://atlanta.cbslocal.com/2014/05/17/gang-stalking-and-electronic-mind-control-community-spreads-online/

Although the internet has helped many afflicted with mental health problems, psychiatrists suggest a “dark side of social networking,” where the mentally ill can have delusional theories reinforced.
“The views of these belief systems are like a shark that has to be constantly fed,” Dr. Hoffman told The New York Times. “If you don’t feed the delusion, sooner or later it will die out or diminish on its own accord. The key thing is that it needs to be repetitively reinforced.”
Hoffman added that many of his research subjects have mentioned that they have visited mind-control sites that have confirmed their own paranoid suspicions

(^Sad.)

*Not, of course, that I have not seen this sort of behavior.

Just the other week saw a couple of videos attached to an article about a missing person. On the anniversary of her disappearance, a guy released a couple of videos that were cryptic and taunting. Did not mind showing himself. He was easy to track down. He could not have done it. So, why did he make the videos? Apparently, just to get some publicity, despite how negative it was sure to be, and to feel "power" by imagining the hurt and consternation those videos must have made the parents feel. I would not be surprised if he was not also thinking of causing police officers involved in the case some pains.

Out of work, overweight, bald, upper forties white male. Who, by day, lives on unemployment, imagining the good old days of being a convenience store delivery guy. But, lo and behold, by night, he has "powers".


Slug Crawling Across a Razor BladeJune 1, 2015 12:34 PM

@Thoth

That's how powerful the Mil-Intel-Sec-Industrial Complex is these days. They are close to being able to influence the state they supposedly are hired to work for under contracts and are close to being able to influence world events to their favour.
I wonder how many wars that US waged are influenced by these contractors ?

Defense contractors have long been influencing politics. Think "motive". If you are getting paid six figures every year by a consortium of defense contractors, you probably have motive to skew things in their favor, where and when you can. There are related motives, as well, such as getting any manner of expensive favor from them, or peer praise influencers, such as being given power (albeit, usually token) by being put on a advisory committee... and other such conditions where, basically, the person is treated very well and at least given the appearance of having influence on the company or some manner of capacity to offer their "respected" opinions.

Ego stroking + cold, hard cash.

*That* is "mind control" [sic].

It is subtle (to the parties involved), easily justifiable because it involves so many steps and all parties involved *believe* they are "good people" (to some degree or another) -- and I mean by that word "justifiable", justifiable in their own minds. Probably, the defense contractors just look at it as "being good for business and our business is good for America", while the government officials have a similar viewpoint. Problem is, like the problem with more obvious cases of graft, they crossed a line - one lost in all of the details - and they keep going further and further in the *wrong direction*.

The more eggregious forms of corruption, this is a good article:
http://foreignpolicy.com/2015/05/27/the-data-sleuths-of-san-jose-costa-rica-corruption/


Milo M.June 1, 2015 12:56 PM

@Peter • June 1, 2015 3:45 AM

Quote is from 3 years ago:

file:///C:/Users/pat/Documents/news/F-35%E2%80%99s%20biggest%20problems%20%20software%20and%20bad%20relationships%20_%20Foreign%20Policy.htm

a mere 2 months after Gen Bogdan (not Bodgan) transferred to the program:

http://www.af.mil/AboutUs/Biographies/Display/tabid/225/Article/108398/lieutenant-general-christopher-c-bogdan.aspx

The initial shock may not yet have worn off at that point.

A view from early last year:

http://aviationweek.com/blog/behind-threatened-f-35-delays

"In the long run, however, what will be most important is for the program to fully understand and manage the writing and testing of software for the F-35 platform, because development does not stop with Block 3. If cost overruns, delays and the consequent deferment of new capabilities from one block to the next are not contained, there is little chance that the fighter’s sustainment will be affordable."

вредительствоJune 1, 2015 2:02 PM

Re 10:27, We in the Ubiquitous Legion of Russian Mind-Control Psyops Warriors tried thinking up fiendish conspiracy theories to ineluctably drive low-normal patriot Justin insane, but we discovered that it's much easier just to pull official documents of supranational bodies sourced to the forensic standards of independent apex courts. That invariably drives his ilk batshit because, as the American imperialist proverb goes, It's funny cuz it's true!

https://www.un.org/disarmament/HomePage/ODAPublications/Yearbook/2008/PDF/DY2008-Part%20II-web.pdf

For his particular delectation we submit the parts about US obstruction of Article VI of the Nuclear Non-Proliferation Treaty, its isolated permissive stance toward novel WMD development, and its support for illicit proliferation of conventional and nuclear weapons [which ATF and FBI caught but NSA unaccountably missed. As you say, Woops!]

Happy обосра́ться!

dbmJune 1, 2015 2:16 PM

I ran across a legitimately patented crypto technique this weekend, and wanted to ask a consensus opinion on the methods. Anyone ever heard of EndCryptor, from Finland? I actually studied the patent to understand what he was doing.

US Patent 7,899,184 B2 titled "ENDS - Messaging protocol that recovers and has backward security"

http://www.endcryptor.com

Nick PJune 1, 2015 2:23 PM

@ Jacob, Markus

I've been doing double shifts at work so sorry for late response re vault. Ill review it when time/energy permits. I did make some guesses at Hacker News plus posted a link to the OS details and source in one of the comments. All i can do for now.

Nick PJune 1, 2015 2:52 PM

@ Surprised, Stefan

Bruce's claim is true if the tech in question is a Controlled Cryptogrsphic Item: the good stuff that only they are allowed to use. I've kept reminding him and others that they *do* build highly secure devices while subverting everything else. Look at General Dynamics information assurance and encryption section, esp "NSA certified" or Type 1, to see how they do their own stuff. Looks really different, eh?

Although I don't know the project, the concept it refers to is indeed a defense-originated practice callef Voice over Secure IP (VoSIP). Google that to see both government and commercial offerings. They use a high security link encryptor to protect the transport layer. Then, they run regular voice traffic over it. As I advised Tinfoil Chat, the transmission is done fixed-size and fixed-rate to prevent covert channels.

It's a practice worth copying because (a) it works and (b) the link encryptor can be used for other applications. Solve several problems by solving one.

911reduxJune 1, 2015 3:58 PM

I suppose one can anticipate another 9/11 in order to gain back lost ground. So, let's pick a target (before they do). They have been trying to generate "fake" events for the past 10 years or so.

Oil train crashes...nah, happens all the time.

Refinery fires...nah, those are ignored.

California slips into the Pacific...nah, too real, not terrorist related.

Cops killing citizens...nah, seems to be happening all the time.

Feds invading Texas...whoops, talk about fake.

Texas underwater...nope, can't be engineered by humans.

Rising sea level...they have already spent too much time debunking it, so it wouldn't convince anyone now.

A sane rational honest person being elected President...that's the ticket.

Congress doing the business of the people...now that is just plain insane.

Boy, it is just plain hard picking a target or theme. I mean, we are already destroying several states with pollution from tar sand byproducts and creating intolerable conditions in some areas with fracking. Maybe the Yellowstone super-volcano?

Clive RobinsonJune 1, 2015 4:40 PM

@ 911red
ux,

Maybe the Yellowstone super-volcano?

How about turning it into a Nuclear Waste Repository for weapons grade materials still vpackaged as for frontline servic e?

After all what could possibly go wrong...

AlanSJune 1, 2015 6:02 PM

@Buck

The Trident whistler-blower stuff is just extra grist for the mill. Whatever the case may be, Trident isn't popular in Scotland. It is an expensive indulgence that allows some to carry on the pretense that Britannia still rules the waves.

The SNP are also looking to use the Snoopers Charter as a wedge issue. I guess we'll have to wait and see how successful they are with that.

JustinJune 1, 2015 6:34 PM

@ Slug Crawling Across a Razor Blade

Let's go back to that psychiatrist you quoted:

“If you don’t feed the delusion, sooner or later it will die out or diminish on its own accord. The key thing is that it needs to be repetitively reinforced.”

Somebody certainly is repetitively reinforcing certain belief systems.

@ Russian troll June 1, 2015 2:02 PM

I highly suspect the Russians because there is something about satellites and mind control that seems to tickle the Russian imagination. (The Russians actually have done similar things like beam high-powered microwave radiation into the U.S. embassy in Moscow for years, to who knows what effect.) Also the Russians in general can't help but push their favorite conspiracy theories. My take is that a lot of these belief systems promoted on the internet would "die out or diminish on [their] own accord" if the Russians did not encourage them. A lot of so-called "alternative" media, such as Zero Hedge is simply blatant Russian propaganda, even if it is at times entertaining. The Putin regime can't influence the mainstream as much as they'd like, so they grasp at straws and try to influence the fringe.

@ Jeremy

Regarding DuckDuckGo, as to whether it's any better than Google or not, that depends to what extent it indexes the web independently and to what extent it uses Google or other major search engines (Yahoo or Bing etc.) as a back-end. If something ranks highly in Google, it ought to at least have some rank in DuckDuckGo, or else it would be a glaring omission, but the interesting question is how often it brings up anything of value missed by other major search engines.

BuckJune 1, 2015 7:00 PM

@AlanS

As usual, I mostly agree with your assessment here... It's indeed a complexly interesting situation. Please keep us posted on any further developments!

Slug Crawling Across a Razor BladeJune 1, 2015 7:16 PM

@Justin

Let's go back to that psychiatrist you quoted:
“If you don’t feed the delusion, sooner or later it will die out or diminish on its own accord. The key thing is that it needs to be repetitively reinforced.”
Somebody certainly is repetitively reinforcing certain belief systems.

Sorry?

Strong belief systems which are not psychotic are continuously reinforced by evidence.

As, in context, what they are saying is even a psychotic belief system can be reinforced by evidence. It is odd, because that means that the people reinforcing the belief system are acting psychotic to do so. So, for instance, the poster of that site put on a psychotic mask/uniform to write that blog. (Though someone who do that **clearly** is with some extremely severe psychological problems.)


Strong belief systems which are not continuously reinforced by evidence are typically kept up by social structures where beliefs are repeated back to each other and that operates as evidence. That works fine in a closed society, but it is much more difficult for a culture operating under a diversity of cultures. So, there are a variety of methods used to restrain members from reading or viewing certain material.

A primary trait there is that there is a "us versus them" perspective, where "anyone outside of the circle" is considered "out of the know", and so anything that they say or do is suspect.

That kind of society can be atheist, Christian, Muslim, agnostic, Hindu, Buddhist, whatever.

What can be observed is the more delusional the belief system, the more inclusive and suspicious of outside groups they will be. They operate as cults, basically, and you can pretty well transpose observations on cult behavior over these groups and see alarming similarities at the social operational level.

JustinJune 1, 2015 7:42 PM

@ Slug Crawling Across a Razor Blade

It is odd, because that means that the people reinforcing the belief system are acting psychotic to do so. So, for instance, the poster of that site put on a psychotic mask/uniform to write that blog. (Though someone who do that **clearly** is with some extremely severe psychological problems.)

Yes! That is going on with the gangstalking / organized stalking / electronic harassment phenomenon.

Slug Crawling Across a Razor BladeJune 1, 2015 7:48 PM

@Justin

'@ Russian troll June 1, 2015 2:02 PM'

That poster is not a "Russian troll"... just FYI. He isn't Russian, for one...

(And, no, 'those denying the conspiracy are part of the conspiracy too', it is not that, either.)

Though, your analysis on likely Russian intelligence projects is maybe sound...

Specifically,

The Putin regime can't influence the mainstream as much as they'd like, so they grasp at straws and try to influence the fringe.


Though, I would be very surprised Russia does not have some very productive programs which influence, perhaps not the mainstream, but niche circles that they find are important for their interests.

For instance, oil & gas, and other energy niche circles.

UFO-ologists and "USG Mind Control" psychotics are not a very lucrative target model for any nation to invest much into, if at all.

There would not be any product, at all. And arguing that you have shown you can influence paranoid schizophrenic social circles is laughable, if that. (My guess would be they would get fired.)


Slug Crawling Across a Razor BladeJune 1, 2015 8:01 PM

@Surprised

If you read the full context of his response, I believe that it was a very fair comment. The NSA does provide security for the DOD, and did used to be very well known for this. In corporate, people would say, "The NSA did a code audit", and that would be 'good to go'. Nobody thought, "Who the hell let them in here".

It degraded a bit with the ATT disclosure in 2006... but Snowden just decimated the opinion.

Fact is, though, they do continue to perform that security function... so the defense guys are getting screwed by the offense guys. (And consider offense is not doing very good to get their goods all over the international front pages.... )

No wonder, however, intel agencies stand and fall on their measurable product. And defense remains a very poorly sold commodity, especially in the software arena. (It is by no means lacking, though, because there are so many hackers and so many spies. It is not hard to explain that any critical vulnerability could have been put there intentionally as a backdoor for a foreign nation. That is a visceral, experiential argument and resonates well with people who dread something happening 'on their watch'.)

tyrJune 1, 2015 8:22 PM


So what's the alternative plan for Jade Helm now
that Texas is underwater ?

Slug Crawling Across a Razor BladeJune 1, 2015 8:31 PM

@Justin

Yes! That is going on with the gangstalking / organized stalking / electronic harassment phenomenon.

No offense, but I did not find the CBS article very persuasive that there is "much" of such a thing. I am sure there are a number of people who believe they are so victimized. It is classic paranoid schizophrenia. Probably a few sites where they feed into those belief systems, but themselves do not actually believe it.

Otherwise, just schizophrenics talking to each other.

The blog author of the site mentioned probably is himself genuinely psychotic. Strongly doubt he is "Russian intelligence". Could be someone that works at a government and is "trying to help". Where really his condition is he doesn't actually do anything, and believes he can prove himself in his off hours. (I am not sure which is more delusional, if he is a partly functional psychotic... or if he believes he is really some kind of counterintelligence officer by creating such posts... or might get some notice or recognition for his "work". The later case, though, I only present for comical purposes. I do not really believe anyone is so lame as to actually do such a thing, lol.)


JustinJune 1, 2015 9:03 PM

@ Slug Crawling Across a Razor Blade

"Probably a few sites where they feed into those belief systems, but themselves do not actually believe it.

"Otherwise, just schizophrenics talking to each other."

I'm not disagreeing with that. Those few sites encourage a cult-like adherence, and from there it takes off on its own.

Nick PJune 1, 2015 9:07 PM

@ Markus Ottela, Jacob, Thoth

Brief, preliminary review of Google Vault

I thought it was going to be a long, detailed presentation. Instead, it was short and light on detail. (sigh) At least a well-known, security professional led the program. Ok, here's what we have:

1. It's a hardware security module with onboard ARM processor, a security-focused RTOS, hardware acceleration for cryptographic primitives, a HWRNG, and several GB of sealed storage.

2. NFC (and a password?) is used for authentication... somehow. What risks are here?

3. The app uses the device via fake files for input and output. The apps in demo opened them, the Vault's automatically handled session negotiations, and then they were talking. About that session negotiation... how does that work, esp determining if other party is trustworthy?

4. The plaintext and apps are still vulnerable to the OS. The attacker can compromise two phones to get the plaintext. The attacker can force it to sign things while Vault is connected. The tamper-resistant logging feature can help here but sophisticated malware can show the user false information generated on the fly with a sabotaged log-checking feature. That certainly raises the bar but we already see banking trojans doing similar things to break 2-factor authentication. The Vault would need to be plugged into a clean machine to check out those logs.

5. Malware sent by one user to another through Vault will have a higher chance of getting opened if the user trusts the Vault to protect them.

6. The device's software might be attacked by software or phone hardware to bypass its protections.

So, we have a lot of risks here along with many unknowns. That they're releasing source might give someone a chance to look through it, understand some of this, and evaluate it. Yet, from what I see, the endpoint is still massively insecure to the point that it defeats much of Vault's alleged security benefit. Alternatives such as Nizza Security Architecture applied to a phone reduce the TCB, protect user input, prevent spoofing, isolate crypto, and more. I think they're stronger in security than Vault, meaning Vault is a *step back*. However, Vault might make a convenient and portable step forward in commodity HSM's depending on its security. It's best to combine the two appoaches to support each other.

Otherwise, the endpoint is just going to be compromised as usual.

Note: Link to description of its OS and security.

Nick PJune 1, 2015 10:18 PM

@ all

re scrambl3

If this is true...

"Due to U.S. National Security concerns, the U.S. Department of Commerce and the NSA restrict the export of Scrambl3 source code/technology to foreign Governments. USMobile is prohibited from selling its technology to foreign governments other than that of the European Union."

...then it might actually be a good app. The review summaries look more like advertisements than peer review, though. We must also expect a company tight with NSA has a way in for them. These two let us know this isn't the app for us.

re NSA subversion's

Government intervention on consumer crypto hardware: A look at the PX-1000 before and after the NSA's involvement

Note: Remember that my proposal on ACH fraud was an appliance to vet and sign the transactions that looked like an old electronic organizers. Pretty neat that this one is similar to my design but has a smaller screen.

peterJune 1, 2015 10:43 PM

@ Justin

"Yes! That is going on with the gangstalking / organized stalking / electronic harassment phenomenon."

For profit or not, its rogue social media management. Funny how perpetual reinforcement of itselves (offense defense) works. Firms watch blogs comments engage in astroturf who not only reinforce each others beliefs but fat wallets. As everything is relative, this goes for search engines too. Specialized search sites may very well make a big comeback. Someday we be proud to say "I duckduckgo'd that!"

ThothJune 1, 2015 10:52 PM

@Nick P
That problem with input and display is universal across all Security Modules that do not possess it's own input and checking screen within it's boundaries while relying on untrusted input and display.

Regardless be it PCI/e card HSMs, USB HSMs, Smartcards, Tokens and so on ... as long as it does not possess an internal display to verify the hashes of the messages and a secure input for credentials for key usage, it is as good as low assurance security.

Regarding small security elements like Smartcards and Token classes, they have very little RAM memory and slow speed and calculating huge message processing to MAC the message and encrypt/decrypt it can be very difficult challenging.

High security rating modules would have it's own input and display elements within it's boundaries.

Something of a suggestion I have would be a casing with keypad and probably a small 1 line display would be used as a phone adapter casing with USB plug similar to the picture below.

Link: http://g02.s.alicdn.com/kf/HTB1VXwkHpXXXXaBXVXXq6xXFXXX4/3G-mobile-phone-credit-card-reader-with.jpg

Besides the smartcard slot on this portable phone adapter smartcard reader with secure PIN entry pad and also a proposed 1 line screen display, the addition of a microSD slot for microSD sized secure elements would be useful. The internal circuit of the PIN pad, smartcard slot, microSD slot and display screen should be protected by a basic protection of temper detecting mesh and a tiny secure element processor unit in the phone smartcard adapter to interface securely with the external secure element and the host phone. Further hardening of the circuitry of the adapter unit with standard sensors used in smartcards with no NVM (non-volatile memory) and using temporary session keys will rely on the phone's supply of battery to stay alive and also to power the temper sensors and internal security / adpater's CPU processor (in fact the adpater can be treated as a man-in-the-middle smartcard). This would place a lot of trust in the integrity of the adapter's security processor unit and temper circuitry which would only rate it for MSA attacks.

AnuraJune 2, 2015 2:57 AM

Random realization:

Galois counter mode should probably be encrypting 128 one-bits as the MAC (GHASH) key instead of encrypting 128 zero-bits. If, somehow, the attacker can get the sender to use all zeros as the IV and send an empty message, then they can recover the key that's used for message authentication and forge future messages. Not sure of a circumstance where the attacker could do that, but I do think it's a very easily avoidable oversight.

AnuraJune 2, 2015 3:14 AM

(and now that I post that I'm also going to take a guess that this isn't actually a new observation, since there are people much smarter than me who have spent a lot more time analyzing GCM than the three hours a year I dedicated to it)

CuriousJune 2, 2015 10:45 AM

Saw this on slashdot today: ("Facebook Now Supports PGP To Send You Encrypted Emails")
http://tech.slashdot.org/story/15/06/02/0231218/facebook-now-supports-pgp-to-send-you-encrypted-emails

http://techcrunch.com/2015/06/01/facebook-now-supports-pgp-to-send-you-encrypted-emails/

Not sure what this entails to be honest, then again im not really into the crypto stuff myself.

"To enhance the privacy of this email content, today we are gradually rolling out an experimental new feature that enables people to add OpenPGP public keys to their profile; these keys can be used to "end-to-end" encrypt notification emails sent from Facebook to your preferred email accounts. People may also choose to share OpenPGP keys from their profile, with or without enabling encrypted notifications." Facebook

"these keys can be used to "end-to-end" encrypt notification emails sent from Facebook "
How can a public key be used to encrypt anything?

Could Facebook in potentially ending up having the largest collection of public PGP keys somehow be a bad thing, or somehow be exploited?

Not knowing any better, I became paranoid about this feature right away. Luckily for you readers, I have omitted what crossed my mind, because presently, the idiotic ideas I sort of got probably doesn't make good sense technically speaking. :|

Basicly, my mind started to ponder the vague idea of how a company like Facebook could either make use of tagging data from the networks of Facebook in a clandestine way, data that users in turn will move around on the internet, or even end up tagging data associated with people that aren't even users of Facebook. Say, if some data was "tagged" as being associative of person#1 being a facebook user, then if person#2 is found having some data with that tag of #1, you would know that person#2 is somehow associated/"linked" to person#1. I imagine that the "tagging" would in this way be more like a journal of what happens as time pass, if there was a way for such a "tag" to incorporate the "jump" of data between several users. Probably inspired by my equally uninformed and idiotic notions regarding 'homomorphic encryption'. :|

Nick PJune 2, 2015 12:08 PM

@ Curious

re Intel/Altera

Intel will also be including FPGA logic on future chips. If they get Altera, that could have cool results in so many ways. As for the article, I found this quote to be the best part:

"A previous version of this story was corrected to say that Nisha Ruhomutally, an Altera public-relations officer, is a woman."

re Facebook supporting PGP

That's too funny to merit much of a comment. I like what one Slashdotter said:

"That's like putting a condom on the car you drive to the whorehouse."

Clive RobinsonJune 2, 2015 1:04 PM

@ Nick P,

Just what you need for "a drive through brothel".

As for Altera, it's odd that they are for sale, though I can understand Intel wanting their patent book.

Of the two Altera has by far the better reputation on security and reliability of parts... Ask yourself which plane you would rather fly in one full of Altera chips or one full of Intel chips?

Remember befor answering that many of Intels CPUs don't start untill you load firmware updates... it's one of the reasons Open BIOS and Open Laptop initiatives tend to stall, wither and die.

Nick PJune 2, 2015 1:33 PM

@ Clive

"Remember befor answering that many of Intels CPUs don't start untill you load firmware updates... "

Astute observation. Lol. Of course, we have to be fair in out critique: the errors largely stem from the complexity driven by market demands. The chips they design better (eg i960) are different or not backward compatible. Market usually ignores those.

And who would fly on an airplane full of chips that can be re-programmed in flight? :P

AnuraJune 2, 2015 1:49 PM

@Curious

How can a public key be used to encrypt anything?

Not sure I understand what you are asking? PGP works by using the recipients public key to exchange a shared secret, and then optionally uses the sender's private key to sign the message. RSA can directly encrypt stuff, but usually that functionality is used for key exchange. The sender generates a random key, uses the public key to encrypt it and then encrypts the message with the randomly generated key. Or, if you are using a Diffie-Hellman (or ECDH) key then you generate an ephemeral keypair, attach your ephemeral public key, use your private key and the sender's public key to generate a shared secret, hash it and use that for the encryption key.

While I agree that you can't trust Facebook, they aren't going to have your private key, and at least you can guarantee that everything you send and receive is encrypted in transmission, except for the when that gets sent to people who don't use PGP. So it's a marginal improvement, at best, but I don't see ulterior motives. Public keys are, after all, public and if you are concerned... Well, nothing stops you from having one public key just for Facebook.

JustinJune 2, 2015 2:11 PM

@ Slug Crawling Across a Razor Blade • June 1, 2015 7:48 PM

That poster is not a "Russian troll"... just FYI. He isn't Russian, for one...
(And, no, 'those denying the conspiracy are part of the conspiracy too', it is not that, either.)

That poster (and perhaps others, perhaps the same one) seems to express views in conformity with the current administration in the Kremlin. Every time "he" (or she or they) responds to me, it is with some personal insult or dig, which is why I call that person a "troll".

It has been well reported in the mainstream news that there is an army of paid Russian trolls:

http://www.nytimes.com/2015/06/07/magazine/the-agency.html

We can make fine distinctions such as "pro-Russian", "pro-Russian, anti-American" poster(s) etc. maybe more than one or a team assigned to this blog, I don't know, but at some point it's like those "little green men" in Ukraine without insignia on their uniforms, whose deaths are now classified as a state secret.

ه انواعید مJune 2, 2015 3:14 PM

We the united henchmen of the Axis of Evil have made common cause against the deadly threat of Justin's enormous influence and thought leadership, which pose an existential threat to our entirely uniform way of life and to our eternal implacable hostility to truth, justice and the American Way.

https://www.oas.org/en/iachr/expression/showarticle.asp?artID=926&lID=1

For this reason we have outlined a roadmap and detailed milestones for liquidating and neutralizing our deadly enemy Justin in VI (1 clause C.ii/e) supra, Moose and Squirrel must DIE

BenniJune 2, 2015 5:32 PM

The united states are completely crazy:

http://bigstory.ap.org/article/4b3f220e33b64123a3909c60845da045/fbi-behind-mysterious-surveillance-aircraft-over-us-cities

The AP traced at least 50 aircraft back to the FBI, and identified more than 100 flights in 11 states over a 30-day period since late April, orbiting both major cities and rural areas. At least 115 planes, including 90 Cessna aircraft, were mentioned in a federal budget document from 2009.

For decades, the planes have provided support to FBI surveillance operations on the ground. But now the aircraft are equipped with high-tech cameras, and in rare circumstances, technology capable of tracking thousands of cellphones, raising questions about how these surveillance flights affect Americans' privacy.

http://www.stern.de/politik/deutschland/operation-monkeyshoulder-bnd-chef-verschwieg-umstrittenes-ausspaehprojekt-vor-kanzleramt-2198108.html

In exchange for Skype-messages, emails and whatsapp messages from german ground, BND got data obtained on british ground from GCHQ. At the beginning the BND president gave orders not to inform the german chancellor. After the chancellor was informed, the project continued. It stopped only after Edward Snowden released documents not on NSA but also on GCHQ.

Thank you Edward.

ThothJune 2, 2015 6:37 PM

@Curious, Anura
Put it simply, asymmetric cryptography or a.k.a Piblic Key Cryptography revolves around the idea of "trapdoor" functions. You can imagine it as a one way in using a key and one way out using the other.

An RSA public key is used to encrypt the message so that the RSA private key is used to decrypt the message whereby the RSA public key encodes the secret message using a trapdoor function which is the RSA modulus exponential.

The private key being the second half and the critical decoding key can use the same arithmetic function to decode the public key encrypted message (trapdoor function).

The trapdoor function is suppose to prevent the encryption key to decrypt the message thus the public key can only encrypt but not decrypt the message. The decryption key however, can decrypt the message thanks to the trapdoor function and thus decipher the public key encrypted message.

The RSA message signing is the reverse of the encryption function where the private key is use to sign a message (announce the authenticity) and where the public key is used to verify a message (proof the authenticity) because of the trapdoor function. Because you dont want anyone without the private key to sign a message, thus only the private key has the signing message function and the public key can only verify but not sign the message.

In a PGP context, the PGP coded message is both encrypted and signed (preference to do both or one).

A symmetric keying cipher is selected (AES, IDEA, CAST ...) and a random symmetric message encryption key is generated and used to encrypt the message body. The public key is then used to wrap (protect) the symmetric key and both the wrapped symmetric key and the symmetric encrypted message are part of the PGP message that are sent off to the owner of the private key which the owner would use his private key to unwrap the protected symmetric key and retrieve the symmetric key to decrypt the rest of the message.

If a signature is involved, the sender would use his own private key to sign the hash of the message and also include the signed hash of the message in the PGP message or separate and then send the signed hash to the receiving party (that is if the receiving party has the sender's public key to verify the signed message).

Linking PGP public keys to Facebook profiles would make PGP adoption rates much easier because Facebook is one of the most popular social media platforms and what better way to introduce and encourage security to the masses than a popular social platform ?

The problem with this scheme is the root of trust (how trustworthy) of the public keys as anyone can dump anyone's public key and anyone can create their own profiles or .. it might be Warhawk Agencies that may simply spawn a bunch of fake emails, accounts and PGP public keys pretending to be some journalists to attract would-be whistleblowers ?

@Nick P, Clive Robinson
I wonder if the question would be, who would fly in a plane full of NSA chips :) . Considering Altera supplying their chips for defense purposes and NSA's invested interest.

It would be interesting to see what happens when Altera mixes with Intel and the more widespread availability of Intel/Altera FPGAs and making them much cheaper (due to Intel).

Nick PJune 2, 2015 8:36 PM

@ Clive, Wael, Thoth

re FGPA's and similar tech

I posted before about the field-programmable analog arrays bringing FPGA-like flexibility to the analog world. Anadigm has since showed up with design wins to prove the concept. I figured we'd eventually see something like that for RF given all the SDR investments and similar lack of RF engineering talent. Turns out, one already exists: the Field Programmable Radio Frequency chip by Lime Microsystems. Covers all kinds of spectrum. That Altera recently acquired an equity stake in them means we might see them get mixed with FPGA's. This segment is about to get more interesting because Analog Devices Inc. just started competing.

Far as FPGA vendors, Achronix Semiconductor is still my favorite for using ultra-high-speed, asynchronous logic. Of course, eASIC for keeping S-ASIC's going. Tabula has a ton of funding right now, too, with interesting tech. The other two, Abound Logic and (forgot), are gone. They'll all go away because the hard part is making the EDA tools that utilize hardware effeciently. Both that and process node are capital intensive activities that Xilinx and Altera are better suited for. Excellent article on that.

The one exception is MathWorks: they're kicking more ass all the time. And that EAL7 methodology I posted used their tools, too.

Slug Crawling Across a Razor BladeJune 2, 2015 8:39 PM

@Justin

That poster (and perhaps others, perhaps the same one) seems to express views in conformity with the current administration in the Kremlin.

I think the key word there is "seems". He seems to. I mean, he is, and he does. But, he also does not. It is just an act. That is not him.

You make some attribution statements like you seem to have spent a lot of time in attempting to attribute unknown entities and unknown causes. For instance, you made some analysis on some websites. You were paying attention. You looked at the details. You thought about it. You wrote it up in a nice, clean paragraph, very coherent. And then you summarized the "why", like one would do with a sales pitch.

That seems to imply you have had some professional experience doing something "like that". So, you have confidence in your capacity to do it. And, you actually do it. For instance, if a person knows how to fix a car, then you have no problem doing it when the car breaks down. But, if they have no experience fixing a car, they won't bother even trying. They may not do a great job at it. Maybe they have only fix some problems, and not others. But they have the confidence to try. Even if it is in front of a number of other people. And some of those people are mechanics. That is how high their confidence level is that they can try and fix that car.

You seem to take people at face value. You seem to react emotionally to statements that are anti-US or pro-'US rival'.

I flatly stated "he is not Russian", and you seemed to bypass any manner of processing of that statement. Even though, I see above, now he is "Iranian". He is not Iranian, either.

You did not even ask, "how do you know that". Which would seem to mean, you might be someone who would not ask such a direct question, expecting probably a lie could come back. Which says you do not interview potentially suspicious people very much. Because, while they can lie, it is often valuable to get them to lie. And very often, they will just tell the truth. So direct questions mixed with indirect questions often is the best result.

You were careful, however, to put the word "seems" there. Even though, technically, he either did post pro-Russian propaganda or he did not. But the "seems" implies then, something else. Only thing that I can think of is the "seems" is there because you are cognizant he is at least "may not" be Russian.

This seems to give a foggy picture of you.

I have only read a few posts of yours. I could search the site for posts of yours, and paint a better picture, I am sure. That does not interest me.

What interests me is you seem interested in attribution problems, and I have some experience there, and was simply offering some help. I am curious at how others approach attribution problems, as well.

At the surgical level, that is, with minimal information. One thing to know how to fix a radiator, something else to know how to fix a broken engine block. This is about fixing a radiator.

Slug Crawling Across a Razor BladeJune 2, 2015 8:50 PM

@Justin

And, on this.

It has been well reported in the mainstream news that there is an army of paid Russian trolls:
We can make fine distinctions such as "pro-Russian", "pro-Russian, anti-American" poster(s) etc. maybe more than one or a team assigned to this blog, I don't know, but at some point it's like those "little green men" in Ukraine without insignia on their uniforms, whose deaths are now classified as a state secret.

You are really following the news. I am aware of all of those stories. Journalists follow the news very closely. They are always looking for the next big story. They have to keep up on the competition. They have to know what their competitors are reporting. They have to know what the latest stories are. It is important to them, because it may effect their professional life.

Wesley ParishJune 3, 2015 12:27 AM

Is it me? Am I the only one who wonders why the FBI has targeted FIFA over its corruption, and not the US Congress?

to wit:

Say no more, right? I mean, it’s obvious that no one pays such sums for words (of all things!), not without ulterior motives. No deal has to have been made. No direct or even indirect exchange of promises is necessary. On the face of it, there is a word for such fees, as for Rubio’s relationship with Braman, as for the investor primaries of the new election season, as for so much else that involves “dark money” and goes to the heart of the present political process. It’s just not a word normally used about our politicians or our system, not by polite pundits and journalists. If we were in Kabul or Baghdad, not Washington or Los Angeles, we would know just what that word was and we wouldn’t hesitate to use it: corruption.

It would be fair at this point, to ask one @S[k]eptical what he for one, is doing about such widespread corruption. It is all very well to point the finger at the corruption in Russian politics: but that's primarily the Russians' responsibility, and they're more than happy to fight it themselves, with moral support, NOT lawyers, guns and money from the equally corrupt West, thank you so very, very muchly!

WaelJune 3, 2015 12:38 AM

@Nick P,

I posted before about the field-programmable analog arrays bringing FPGA-like flexibility to the analog world

Yes! I remember that vividly. I also think FPGAs have a use in ideas I thought of such as this with a brief elaboration here. Problem is the FPGA needs to be configured in real time. Perhaps next generation FPGAs will support this capability ;)

AnuraJune 3, 2015 2:05 AM

So I've been playing around with my protocol idea, and I end up with some odd (as-in not divisible by two) header lengths:

3 bytes for buffered data - first two bytes for message length, one for the message type (for use over TCP-like protocols)
9 bytes for segmented data - eight bytes for the sequence identifier and one for message type (for use over UDP-like protocols)

I notice the TLS header aligns its headers to 4-bytes; is there any particular reason for this? I'd hate to waste bandwidth just for the sake of aligning, unless there is a really good reason for it. I've programmed stuff in raw TCP connections before, and I never cared about things like alignment, but they weren't super-performance-critical; I also don't have experience with embedded systems or hardware implementations to know if that's really an issue there. I mean, I could easily increase the length portion of the buffered data header to three bytes and reduce the sequence identifier for segmented data sections to seven bytes, but I have no clue whether that would really accomplish anything.

Clive RobinsonJune 3, 2015 3:48 AM

@ Anura,

I notice the TLS header aligns its headers to 4-bytes; is there any particular reason for this?

There are historic reasons with "endian" and "network order" and the old max size of CPUs at 32bits.

Basicaly, firstly making things 32bit aligned makes the reordering simpler for 32bit and lesser bit systems, especialy with some older high spec processors having built in hardware for reordering.

Secondly it makes pointer arithmetic easier for 32bit systems, especially with languages that are on the rungs (all be it the low ones) of high level languages. As a consequence code portability becomes easier.

Don't under estimate the poor performance of high level languages and hardware when faced with crossing "natural" alignment of the CPU memory interface. Whilst "hand tuned" code can take advantage of intermet knowledge of the function and structure, most compilers have to be more generic and thus can not optimize nearly as effectivly.

Most developers of "Embedded Systems" have war stories about issues with pointers and unaligned data and will go a long way where they can to make hardware CPU word aligned and avoid data structures etc that other programers would regard as normal.

AnuraJune 3, 2015 4:09 AM

So, unless I'm missing something, having a 24-bit length and 8-bit message type wouldn't make a difference, and if I really wanted to see the gain I would have to have a 32-bit length and 32-bit message type (even if specified certain bytes must be zero) for it to really make a difference.

CuriousJune 3, 2015 4:24 AM

@Toth (& all)

Thanks for trying to clear that up for me Thoth.

Uhm, let me try to get this straight: :| (I guess I might get some of this wrong)

1) So first the encryption of a plaintext message would usually be based on using symmetric encryption. (Only one key for both encrypting and decrypting for best key strength?)
2) Then the private key in a new, or an old private & public key pair, is used for encrypting this "symmetric" key i pt.1
3) As this encrypted message is a written one, made for storage or for static display, a receiver/reader will have to aquire somehow the public key to decipher the symmetric key to reveal the plaintext of the message.
4) The key used for the initial symmetric encyrption is ideally random and only used once?
5) Because the producer of the now encypted message used his private key to encrypt the symmetric key used for initially encrypting the plaintext message, the use of the private-public key pair ideally ensure both the secrecy of a plaintext message, but also ensure that the private-public key pair is used for authentication, which would be important when an encrypted message is presented to any receiving party, that must learn if that encrypted/decrypted message is from a source that is trusted to be either the author, or the original owner of the plaintext message.
6) If the sender does not want everyone to read the message, then the public key will be kept secret, and ideally only being available to a receiving party.
7) To provide the means to authenticate that the encrypted message has not been tampered with, and to authenticate that the encrypted text is originally from a trusted source, the arbitrarily sized encrypted message is enclosed with a standard sized hash number value, produced with a hashing algorithm (a one way function).
8) It is uclear to me just what data is being hashed, is it the plaintext message or the symmetrically encrypted message? Or an encrypted message together with a public key?
9) A cryptographic hash function is supposed to be easy to compute, 'infeasable' for recreating a message, 'infeasable' for modifying a message (also free of errors), and 'infeasable' for creating the same hash value for different messages (forgery).
10) The receiving party, having used an aquired public key in desciphering an encrypted message, can know that the encrypted 'message' is 100% original/authentic, assuming they can actually trust the public key and if they in turn can match the encrypted message with the provided hash.

So, if you don't trust Facebook, but still rely on Facebook for aquiring someones public key, you can't really know who really authored and sent you a message, and you can't trust the content. (Did I get that part right?)

11) I don't get the following, if someone sends you a message pretending to be someone else, having "faked" the public key, what good does the hash do then other than showing that the integrity of a encrypted message is fully intact?

12) If someone simply wants to show something in plaintext to the public, is a public key then shown in the plaintext message and used to create a hash value, to basicly guarantee the authenticity of both the source and the content of the message?

I have never gotten to send an encrypted message with PGP at point in time, so it is a little unclear to me just how an encrypted message looks like in entirety. I have probably seen such a message on the internet, but I don't clearly remember it.

AnuraJune 3, 2015 5:41 AM

@Curious

1) Yes, symmetric encryption is used to encrypt the actual message

2) The recipient has a static public key. If that is RSA, then that public key is used to encrypt a randomly generated key. If it is diffie-hellman, then the sender cannot encrypt directly and needs to generate their own keypair, which is only used for that message (i.e. an ephemeral keypair) - that allows them to create a shared secret that can only be known if you hold one of the private keys (i.e. the sender and recipient)

3) The recipient must have the private key in order to decrypt the message; that private key corresponds to a public key, which is given to the sender before-hand. Without the recipient's public key, the sender cannot encrypt the message so that only the intended recipient can decrypt it.

4) the symmetric key is, for all intents and purposes random, but the important part is not that it's only used once, it's that no one but the sender and the intended recipient knows that symmetric key

5) If RSA is used, the sender doesn't even need their own private key; the recipient's public key is used to encrypt a randomly generated shared secret, and then only the recipient's private key can decrypt it (public means that everyone in the world can know it, private means only a single entity should know it). If Diffie-Hellman is used, the sender needs a keypair so they can agree upon a shared secret - if the sender has the recipient's public key, r, and their own private key s', then they can compute a function F(r, s') - the recipient can then perform w similar operation using their private key, r' and the sender's public key which will be sent to them, s'. It turns out F(r, s') = F(s, r') and the result of that function can be known only by the sender and recipient - thst value is usually hashed which results in the symmetric key.

6) the public key can be known by everyone, only the private key needs to be kept secret. Anything encrypted using the recipient's public key can only be decrypted by the recipient.

7/8) The entire message is hashed, including headers, and the sender typically signs the message using their static (and known to the recipient, and possibly others) key which anyone with their public key can veriy that their private key is used to sign, but only the private key holder can do the actual signing

9) this is correct

10) The receiving party needs their private key to decrypt the message, and the sender's public key to verify the identity of the sender and authenticity of the message

11) The public key of the sender needs to be distributed to you via a trusted channel, and unless the sender's private key is compromised then no one can send a message pretending to be them

12) If you are signing, whether or not encrypting, then the sender's private key is used to sign the hash of the message. Anyone with access to the public key (which can be everyone in the world) can verify that the corresponding private key was used to sign it. The recipient needs to both know and trust the sender's public key beforehand in order to verify the authenticity of the message.

AnuraJune 3, 2015 5:48 AM

7/8 is badly worded, pretend it says:

7/8) The entire message is hashed, including headers, and the sender typically signs the message using their static private key. Anyone with their public key (which the recipient and possibly others, know beforehand) can then veriy that their private key was used to sign the message, but only the private key holder can do the actual signing.

ThothJune 3, 2015 6:55 AM

@Curious, Anura
Public Key as it name suggests is for the general public to use. The general public can only use it to encrypt a message and verify a message.

Private key as it's name suggests is for the individual's use which is to decrypt a message and to sign a message.

The rationale behind the Public / Private key is made in a way that the general public with the public key can only encrypt a message and NOT decrypt a message because decrypting a message is a privilege function reserved for the owner of the private key.

Wouldn't it be disastrous if the general public could decrypt the message ? This means the public key should be widely distributed so that anyone can encrypt (NOT decrypt) a message to the owner of the Private key.

The public can also use the Public key to verify the authenticity of a message because you want the public to be able to verify the message you send. The Private key is only used for signing function because signing a message (some sort of sealing your initials on the message of sorts) is reserved for the owner of the Private key to be able to do. You can't simply let the general public be able to replicate your signature so the Private key (as it's name suggest) has the power to sign a message while the Public key verifies it.

@Anura have answered the rest very well :) .

CuriousJune 3, 2015 7:26 AM

Hrm, I think I have misunderstood the meaning of "public-key" in "public-key-cryptography" all along. I think my mind have been sort of focusing on how a single set o private-public key pair is used for generating and verifying a signature, having missed out the meanings of how the message is encrypted and decrypted using public key cryptography. :|


"The keys are related mathematically, but the parameters are chosen so that calculating the private key from the public key is unfeasible." (Wikipedia)

Does this mean that ones 'private key' is significantly larger than ones 'public key', with regard to the one set of keys one has as an individual?

CuriousJune 3, 2015 7:43 AM

Ugh, the whole use-private-key-to-decrypt-message seem so counter intuitive to me, because how does it make sense that a recipient even has the private key of a sender? Why is this so confusing to me?

Am I missing the 'shared secret' part here somehow?

As I understand it, the 'shared secret' might be the mix of a sender's 'public' and recipient's 'private key'. But then, strictly speaking, it would not make sense to say that a message is *decrypted* using a 'private key'. Hrm, I guess nobody said this, just me coming to that conclusion all by myself, as if it were true that ones 'private' key has to be used to decrypt, merely because the sender used his 'public key' to encrypt, as if all it took was the use of a key-pair.

Ok, I think I understand the use-public-key-to-encrypt now. :|

But, does public key crypto also work offline? Assuming that someone knows your public key, is the solution for offline decryption of a message, that one then simply mix someones public key with your own private key, to decrypt this encrypted message?

Please forgive my lack of knowledge here, this is my best attempt so far at trying to get a grasp on learning how all the different factors mix.

AnuraJune 3, 2015 7:45 AM

@Curious

The relative size of the private and public keys isn't important, that comes down to the math. In RSA, for example, the public and private keys are the same length. I really like Wikipedia's article on Diffie-Hellman; it is easier for the layman to understand than their article on RSA:

https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

There's also a pretty good article on Ars Technica about ECC, which also covers RSA to an extent:

http://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/

CuriousJune 3, 2015 7:58 AM

Ugh, I think that leave message signing to be explored for me.

I guess Wikipedia's explanation make a lot of sense for me now:

A digital signature scheme typically consists of three algorithms;
A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
A signing algorithm that, given a message and a private key, produces a signature.
A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.

Ah, so this part, for verifying the authenticity of a message, it is enough to use a standard signature verifying algoritm with the senders public key, to authenticate the message as both being from the author and also being the true original message.

Isn't encrypted messages and signatures shown in public prone to being sabotaged, as to make such unreadable or untrustworthy?
What if someone change a character on a webpage displaying an encrypted message or a signature?

AnuraJune 3, 2015 8:09 AM

@Curious

Ugh, the whole use-private-key-to-decrypt-message seem so counter intuitive to me, because how does it make sense that a recipient even has the private key of a sender? Why is this so confusing to me?

Only the recipient has the recipients private key, and only the sender has the sender's private key.

As I understand it, the 'shared secret' might be the mix of a sender's 'public' and recipient's 'private key'

The shared secret depends on what the algorithm is. For RSA if you generate a random number n, and then encrypt that random number using the recipient's public key r, then you get a value m = E(n,r). The recipient using their private key, r', can then decrypt m to get n, like so: n = D(m,r'). In this case, n is the shared secret, but is randomly chosen by the sender. This is exactly the definition of encryption and decryption.

If you are using Diffie-Hellman, then you don't choose a shared secret, instead the sender and receiver both have their own key pairs (r,r') and (s,s'). In this case, only the sender knows s' and only the recipient knows r' (the private keys), but anyone can know s and r (the public keys). The sender computes n = DH(r,s') and the recipient computes n = DH(s,r'); the shared secret is a combination of these two numbers. Now, if you are a third party trying to eavesdrop, you only know the public keys, but not the private keys, which is not enough information to compute the shared secret. In this case, you are not actually encrypting a shared secret, but computing it.

But, does public key crypto also work offline?

Yes; PGP is designed for offline communications; with RSA all you need to provide is the secret encrypted with the recipient's public key, and with Diffie-Hellman all you need to provide is your public key, neither of which require two-way communication.

Isn't encrypted messages and signatures shown in public prone to being sabotaged, as to make such unreadable or untrustworthy?

Nope, the whole point is that you cannot generate a valid signature unless you have the private key. Any attempt to modify the message or signature results in an invalid signature, and the entire message then gets rejected as not authentic.

ThothJune 3, 2015 8:11 AM

@Curious
RSA and ECC based Public Key Cryptography can take place offline and online. Always know that Private key is a "privilege" key only for it's owner to use. Once someone gets hold of the Private key, it is "Game Over" in a sense as the Private key in a PKC scenario is similar to a Secret key.

The word Private key can be used inter-changeably with the word Secret key as the Private key is in fact a type of Secret key but it is used in an asymmetric key context.

Public key is used for the general public to contact you via encrypted means and also to verify your messages so Public keys are "non-privilege" of sorts.

In an email scenario, you don't work in real-time like chat messaging and the RSA PKC is used offline (you can disconnect your PC from a network and encrypt/decrypt messages).

RSA PKC can also be used online in chat messaging protocols or HTTPS, SFTP, SSH and in many other secure connection scenarios.

You don't simply somehow mix someone's Public key with your Private key to get some weird effect.

In the email context (PGP), you assume someone uses your Public key to encrypt a symmetric key that was used to encrypt the rest of the actual message content.

That sender decides to also sign the message with his own Private key to prevent message forgery because encryption itself does not mean a message cannot be forged. The sender posts his Public key online on his website to attest his identity.

You as the receiver receives the message, goes to the sender's website and download his Public key and uses his Public key to first ensure the message is sent by the actual sender. During the process of verification, if the message is a fake, you can discard the message.

After verifying the message's authenticity, you decide to decrypt the content of the message sent to you by using your private key to decrypt the message header to retrieve the symmetric key embedded in the header. You take the symmetric key that was embedded to do a symmetry decryption of the rest of the message content.

This is the basic form of almost all PKC techniques (not just PGP).

name.withheld.for.obvious.reasonsJune 3, 2015 8:25 AM

The Inspector General for the National Security Agency must be tasked to perform a performance audit. Did, or was, the NSA responsive to legislative authorities and law when the authorities for any activities or programs justified under the sections of the Patriot Act expired? The collection of business records, as defined in section 215, must have ceased? Did NSA, FBI. and other LEA's terminate roving wire taps? Were the programs and activities conducting under the authority of the "lone wolf" provision halted?

THESE QUESTIONS MUST BE ANSWERED...IT GOES TO THE LEGITIMACY OF THE AGENCIES THAT ARE GRANTED THESE AUTHORITIES.

ThothJune 3, 2015 8:41 AM

@name.withheld.for.obvious.reasons
Problem is these agencies that have been brought before US Congress to testify lies blatantly under oath to the US Congress, the President and the US citizens they are working for and supposedly to protect.

There are effectively no way to keep them in check as they are way too powerful beyond the reaches of law, the people and the President.

The one most effective way to keep them in check is to invest the people with power (knowledge, resource and opportunities) to make themselves empowered.

name.withheld.for.obvious.reasonsJune 3, 2015 8:42 AM

@ Nick P, Wael, Thoth, et al,

Microsemi, formerly Actel, includes a family of FPGA's (Pro ASIC and Fusion II) that include what could be considered a run-time CPLD space that affords for programmatic (LUT based) control and management. An example could be a single slice multi-family GPU design, running as Harvard and then Von Neumann architecture in series or parallel, that demonstrates the flexibility of the architecture.

Of course any architecture, including the Xilinx 7S have issues when the tool chain, often OEM'd to the platform, can easily be subverted by a determined adversary.

AnuraJune 3, 2015 9:09 AM

@Thoth

I think you give Congress, the President, and the public too much credit; they know what's going on, but they are complacent. There are ways to fix the NSA, there is just no will to do it.

name.withheld.for.obvious.reasonsJune 3, 2015 10:30 AM

@ Thoth, Anura

If the NSA IG cannot answer these questions, their authorities AND funding must be eliminated. It's simple, are these agencies responsive to even the legislative (authorizing and appropriating) authorities...if not...why extend authorities to these (authorized and budgeted) agencies?

The only other answer is; the United States of America is an technocratic autocracy.

WaelJune 3, 2015 10:30 AM

@Thoth,

I don't have requirements, oh Safkhet's counterpart. It was just an idea that will likely go nowhere... I saw the paper you linked, by the way. Thanks!

Nick PJune 3, 2015 11:38 AM

@ Wael

"I also think FPGAs have a use in ideas I thought of such as this with a brief elaboration here. Problem is the FPGA needs to be configured in real time. "

I told you before that your scheme was done before in various forms: it's called a coarse-grained, reconfigurable processor. They've been in academia and briefly on the market for some time. FPGA's kill them every time. The one exception that succeeded a while was Transmeta instruction-set-morphing processors. Its earnings dropped and it got bought out for patents. Yours is closer to the academic ones with with more parallelism, heterogenity, and security extensions apparently. The first is handled with good NOC's. The second part is very tricky to do right as people are now finding out with the shift to ASIP's. The third I think you had at the concept stage and can't be evaluated without device's specifics. The name was great. :)

Note: Most work goes under the banner of Massively Parallel Processor Array (MPPA). They focus on streaming and parallel processing but your scheme could be done with tool support.

So, it's a neat idea, it keeps popping up in new forms since 90's, and even got tried commercially with some success. It's probably good that you didn't build it. Despite being a neat idea, the FPGA vendors have reconfigurable market on lockdown with a combination of versatility, constantly climbing performance, easy architecture to port to new processes, and tens to hundreds of millions invested in EDA tools to squeeze out every drop of performance. Every startup that tried coarse-grained reconfigurability went belly up. Even Ambric with their 336 core, 1 TeraOp, 12W monster. I loved that one...

Btw, there were patents placed on coarse-grained reconfigurable chips from 2011-2013, including by Samsung. Whoever builds the emuvisor gets sued and bought. Like many other things. (sighs)

"I don't have requirements, oh Safkhet's counterpart."

Lol. I learn something new every day.

@ name.withheld

Yeah, they're good FPGA's. They were the one the backdoor was found in, though. So, I guess it's good so long as there's no physical access. Far as design, I say we go old-school mainframe with modern interfaces and tools. A Gaisler LEON4 processor modified with Burroughs-style pointer & code protection bits. Almost no performance or memory hit with four cores. Another FPGA is the I/O processor with onboard units to accelerate things common to that and includes my seemless tag management scheme for DMA unit. Optionally dedicated chips or other devices to monitor for anomalous behavior. A working, fixed design can be put into anti-fuse FPGA's and/or S-ASIC's later.

KermitJune 3, 2015 12:28 PM

and in other news...

Google Photos now offers unlimited free storage for all your photos!

Not to mention that it comes with automatic face recognition! Which is probably more useful for the governments (to determine who you are hanging with) than to the person uploading the photos.


Google Photos Is Too Creepy
http://www.pcmag.com/article2/0,2817,2485244,00.asp


At Google I/O, people were abuzz over the new Google Photos app, which lets you store an unlimited number of 16-megapixel photos as well as 1080p videos—for free!

This seemed awfully fishy to me. I'm not buying into any "all you can eat for free" cloud storage scams. Why does Google want all my photos?

OpinionsNew laws being proposed in the United Kingdom would require companies like Google to turn over this cache of photos to the government by simple request. And according to Edward Snowden, the U.S. government and its data collection programs are already in bed with companies like Google. So turning over my entire photo collection to Google amounts to letting two governments fish through my media.

I'm not paranoid, but who needs this aggravation? It amounts to inviting people over to scrounge through your underwear drawer.

StefanJune 3, 2015 1:02 PM

Here's an article from EFF that should be highlighted more often.

Ex-Mozilla Engineer Calls for Firefox to Protect Users Against Tracking (Meanwhile, You Can Install Privacy Badger)
https://www.eff.org/deeplinks/2015/06/ex-mozilla-engineer-calls-for-tracking-protection


Oddly enough it looks like the "Tell sites that I do not want to be tracked" option under about:preferences#privacy in Firefox does not enable tracking protection.

According to the paper by Monica Chew, tracking protection can be enabled by opening about:config and setting


privacy.trackingprotection.enabled

to true.

Ticking the checkbox "Tell sites that I do not want to be tracked" does not set the "privacy.trackingprotection.enabled" to true.

Inglorious BasterdJune 3, 2015 1:09 PM

@Wesley Parish

It is all very well to point the finger at the corruption in Russian politics: but that's primarily the Russians' responsibility, and they're more than happy to fight it themselves, with moral support, NOT lawyers, guns and money from the equally corrupt West, thank you so very, very muchly!

@name.withheld.for.obvious.reasons, Thoth, Anura

'legitimacy of US intel and leo agencies, various problems noted'

@z,@benni, etc

'fbi domestic airplane problem

-------------------------------------------------------

I would like to suggest something else entirely. Wipe the slate clean of theories, and instead of looking at trails of money... look at the sheer illogic of it all. I won't spell anything out, but a likely ending.


There is no apparent logic to many of the meta moves by the US when it involves many of their large scale domestic and foreign operations. This is over the past good fifteen years. By appearance, there is no one at the helm.

- 911 was fishy, but the US response was predictable. Consider the predictability of it. Of course, they would attack Afghanistan. And, considering Bush's predisposition, he was wanting to attack Iraq, because of something people would consider highly in a murder investigation but not so much in terms of a nation state motive: Saddam tried to kill his dad. If a gang member tried to kill your dad, and you get into power, he is 'still out there' and no punishment has made you are going to be living with the stress of 'maybe they will come back and try again'.

So the invasion of Iraq was predictable. Of course, you also had various Bush admins with strong ties to organizations that would have been put on the job, and were, like Halliburton.

- The entire intelligence and military establishment stood behind the invasion claims, by the clearly faulty evidence for WMD and terrorist ties. Many Americans and others who went in were wounded or killed. My point on that aspect of it is, 'why are people not more angry that the governments did this to their own people'.

- Osama Bin Laden was apparently been kept hidden by Pakistani Intelligence afterwards. Even aside from the various source reports, it was in a heavy ISI area, and the compound was professional designed and maintained. They also had a lot of motive to do this.

- A massive domestic surveillance program was setup. This is blatantly anti-constitutional. It delivered no results. And it was deemed illegal. There was a thin sheer of legitimacy before that court judgment. A secret court had said "okay". In a secret decision. If you read the section this was blatantly dishonest and corrupt. But why.

Even worse, there are many in politics wanting to put that catastrophe back in place. Many more in intel and law enforcement. The rhetoric coming from them is painfully illogical and appeals to baser human levels of comprehension, like blind fear.

John Stewart recently pointed out that the same people arguing to put this system back online, "to save American lives", are against all Americans having health care. So, like anyone had to point this out, they do not care about American lives. (And if anyone did, what about all the soldiers who died over Iraq?)

- Libya, Egypt were destabilized by America. There are various pseudo-legitimate reasons for that. Only, why was America there in the first place? It is more tv logic then meaningful logic. Look at the end result.

- The whole Middle East, effectively, was severely destabalized by the Iraq invasion. We all now know this. But the reconstruction efforts were about as dismal as the reasons to go in there in the first place. That ranges from how they tried to keep the country together, to how they had defense contractors feast on it, didn't enable Iraqis to get a job, put inflammatory figures in charge, on and on and on.

- Russia. Okay, so there is some moral commitment to Ukraine. I don't want Ukraine to be just overcome by Russia. But the US is going beyond this. And, again, they have no interests there. Now, if the US was willing to so badly screw up the Middle East and North Africa, do you seriously believe they would not be willing to screw up that region?

- South China sea showdown with China. Similar to all these other situations. Other countries have been building there. Why get so upset with China? Why does it matter that the US have a military base in Okinawa, and why does it matter that they continue to control the seas of that area? One idea in place there is military presence helps commerce, but that is, of course, absurd. Put another way: yes, it is very possible that just as the US screwed up North Africa and the Middle East, they could screw up Asia.

- Mexico, logically, is well understood to be key to America's future. Yet, in the past fifteen years it has gone from very bad to incredibly worse. And that violence has deeply spilled over into America. It is guaranteed to continue to do so. The corruption is difficult to believe. Cartels run sizeable portions of the police and military.

- Mexico reminds me of the pot issue. So, we have known since the 60s pot is not a thing, yet the propaganda keeps up. What kind of genius does it take to simply make it legal? It could curb alcohol related violence problems, including drunk driving, and would take a large chunk out of America's obsession with unnecessary medicine. Which, OTC, tends to be very more harmful, and well known harmful.

- Oversight of intelligence agencies. There is little. They are motivated to look for moles who can make them look like asses. They are motivated to look for potential whistleblowers. But, they can not be very motivated to look for anything else. Because, if found, it would create Snowden level PR problems and lesser for them, if found. So, of course, they won't.

- The vast intel/leo/mil/corp system is incredibly bloated. But, like a husband hiding from his wife that his "financial advisement business" is actually a ponzi scheme, the mountain of waste and uselessness is secret. It won't be audited. It will grow. It provides little product and mountainranges of paper that is nonsense. Duplications. Useless summaries. Complete waste of time and money. And of course it can produce "really bad" things. Meaningless conclusions severely dangerous to the country and the world. Nobody can sort through that monstrosity of data -- the vast majority of it they create themselves!

- stuff like mass domestic fbi helicopters, again, of course, a merely easily visible tip of that vast mountain of waste and nonsense

- the financial disasters... like everything else, little back tracking was done, the nation (and so the world) is still prime for another disaster of this sort...


So, you have massive illogic. And then you have more minor illogic. And the ship continues on its' course. It is almost like the leaders think their job is "as it is seen on television". As these sorts of jobs genuinely involve new decisions and new efforts - often by new people in political leadership - it is not like it is 'something we do everyday successfully'. Or even every day. Each new situation they have had to improvise on using, at best, extremely biased analysis.

And for that biased analysis (of which Iraq war entry reasons was the absolute worse, entirely fraudulent), there is an echo chamber and a yes man factory not just at the political leadership's advisory level... but also into the MSM and political party opinions. Not always. There is criticism. But it is surprising how gullible people are in trusting authority figures. Higher the authority, more they trust them.

And, besides, *the veterans*. Think about the veterans. (Just do not think about how the vast majority should never have been veterans in the first place.)


In short, everything is very, very ripe for a continued stream of more severe mistakes. And the more there are, the more likely there will be a truly severe catastrophe that destabilizes the entire globe. The chance of the American government creating an "unintentional global catastrophe" of a previously unprecedented scale at this time, and in the next ten years to come is: Extremely High.

The chance they have already done this, but the final fall of the last domino just has yet to take place (from their previous catastrophically bad actions): Extremely High.

You should be mad. You should recoil from the giant mess of the disordered web of it all. The illogic across these scenarios and so many more is awe staggering. But, ultimately, there is nothing anyone can do about it. So getting mad, ultimately is not worthwhile.

I do think there is a pattern of manipulation in all of this, but I would argue it is more along the lines of "nature", then this or that mastermind. In fact, I can assure you none of the figureheads in any of the plausible theories I have seen people posit are anything remotely close to a mastermind. Clowns is a better term. Or children behind really super big machinery that really should not be.

And it is funny, because people will even say they are "morons" so often, then spin around and paint them as masterminds. Both can not be true.

Corrupt, yes. Prone to biased directions, yes. Keeping (obvious) secrets that would show their criminality up, yes. But criminality hidden by secrets and clear stupidity does not a mastermind make.

JohnnyJune 3, 2015 1:57 PM

@Stefan

dude, "Tell sites that I do not want to be tracked" is not the same thing as "privacy.trackingprotection.enabled".

they are two separate things. the first one sends the website a request to not to track you. the second one blocks some parts of the website from tracking you.

Inglorious BasterdJune 3, 2015 4:16 PM

@'Russian Trolls' Topic

This appears to be okay investigative journalism, but the editing on the article is horrible. The guy talks up two major incidents of nation state level disinformation programs leveled against the US where both incidents were 'fire in theater' level of disinformation. Both disinformation campaigns were false cries of terrorism where terrorism did not happen.

One story claimed an Ebola outbreak where there was none. Another claimed that a chemical factory had been exploded by ISIS.

Very different from just being annoying hyper pro Russian pundits. So some skepticism is required.

The Columbian Chemicals hoax was not some simple prank by a bored sadist. It was a highly coordinated disinformation campaign, involving dozens of fake accounts that posted hundreds of tweets for hours, targeting a list of figures precisely chosen to generate maximum attention. The perpetrators didn’t just doctor screenshots from CNN; they also created fully functional clones of the websites of Louisiana TV stations and newspapers. The YouTube video of the man watching TV had been tailor-made for the project. A Wikipedia page was even created for the Columbian Chemicals disaster, which cited the fake YouTube video. As the virtual assault unfolded, it was complemented by text messages to actual residents in St. Mary Parish. It must have taken a team of programmers and content producers to pull off.

But, he does not even begin to get at evidence connecting Russia with these disinformation programs until about 2000 words in:

The source field on Twitter showed that the tweets Zoe Foreman — and the majority of other trolls — sent about #ColumbianChemicals were posted using a tool called Masss Post, which is associated with a nonworking page on the domain Add1.ru. According to online records, Add1​.ru was originally registered in January 2009 by Mikhail Burchik, whose email address remained connected to the domain until 2012. Documents leaked by Anonymous International listed a Mikhail Burchik as the executive director of the Internet Research Agency.

The writer further noted that "Internet Research Agency" appears to be the hub of the Russian trolls phenomenon.

It would be interesting if Russia was funding a disinformation program as disorganized and potentially dangerous as this one. Their disinformation programs in the past, back in the KGB days, did have some resounding successes.

One program did successful plant the fringe conspiracy theory in Africa and in the fringe in other countries that the CIA created AIDs. (That disinformation was kind of a success, in that it targeted large pools of potential CIA informants/agents, globally, and soured opinion of CIA across Africa, and some other countries. But, note, as for US fringe value, it was minimal because enhancing beliefs of some already radical cults.)

But, these two stories had nothing to do with undermining the credibility of an intelligence agency that requires credibility for its' work. (The CIA its' self has done the worst damage to its' self on that front in recent years.)

In fact, they showed little effect except potentially causing a panic.

So, kind of strange. Like some of these apparent GCHQ troll bot campaigns, seems like maybe some sort of test run, perhaps. At best. More likely just an overpowered sub agencies powers at play, with poor consultation with any mother agency like SVR or FSB.

Most importantly, if you do an operation, you have an end goal in mind. The only seeming "successful" end goal of these two programs would have been to incite mass panic. As they left obvious tell tale clues (twitter header shows .ru site owned the application), the success scenario would have been far, far worse for Russia then the fail scenario which happened.

While Russia likely did it, again, this shows how a nation can be set up for massive damage against another nation, where tell tale rules (but no conclusive proof) can point to that nation's guilt. So, individuals, rogue teams, and competing nation states can relatively trivially derail another country by these means.

As this means has been relied on strongly in the past for engaging nations in even global wars, it likely is to be used in a similar level of trick to engage nation(s) in a future war.


BoppingAroundJune 3, 2015 5:01 PM

Kermit,
> Which is probably more useful for the governments
To Google themselves too. Google is an advertising company, after all.

The NSA were (are?) stealing up to 55,000 'facial recognition quality' photos per day to train their FR software. Google have come with a better strategy, for now they don't have to 'steal' photos — people will give them in willingly.

Stefan,
'Tell sites that I do not want to be tracked' is responsible for the Do Not Track header value only, as far as I know. It doesn't do much, being something similar to saying 'please don't rob me' to armed bandits at a dark alley. Firefox's Tracking Protection is something different. I'll have to enquire into that further.

Inglorious BasterdJune 3, 2015 5:36 PM


USA Freedom Act: the good, the bad, and what's next

http://boingboing.net/2015/06/03/usa-freedom-act-the-good-the.html


The writer well summarizes remaining major problems:
- FISA sunsets in 2017 (but Congress can renew)
- 'Executive Order 12333, which the President can eliminate at the stroke of a pen,' (Comment: "Hope" & "Change" Obama did not do this)
- overclassification, which will need new legislation to combat.

Note: Apologies to the primarily international crowd here for a bit of pro-US-constitution statements. But, you probably also agree, the US "founding fathers" did do right with that document. Despite their various to grave personal moral failings. By no means is the US anywhere near the leading 'free' nation, in fact, clearly, of all the 'free' nations today, America is dead last.

So, one win for fans of the constitution. And one lose for the enemies of the ideology of the US (the constitution).

(While "strong" language, it is demonstrably true, and only "strong" because that is just how 'mind controlled' so many are. To keep with that theme. Hard to ascertain, which is more ludicrous, that the NSA has the capacities of the poster of the 'mind control' blog, or that mass warrantless domestic surveillance is anything but as anti-constitutional as one can get. How else could they have violated the vast majority of Americans constitutional rights but by such an action?)

(I am sure some readers here, in fact, are so 'mind controlled', they will think this statement must be from a foreign counterintelligence spy. These wannabe spy hunters look everyone for enemy spies..... but in the mirror.)

Truth, lies... I am sure their subconscious really makes mincemeat of their minds at night. And I do not envy their future because future generations will regard them with this very same simple clarity of vision.


name.withheld.for.obvious.reasonsJune 3, 2015 5:46 PM

Congressional session in the house today, votes held for Justice, Commerce, and Science appropriations included an amendment submitted by the Kentucky congressman Masse, an associate of Rand Paul, that eliminates funding for NIST cryptographic standards and practices that include subversion or back-doors. The amendment passed with 187 nay votes and some 220+ yeas, so another step forward. Masse and company are engaged in an active campaign, think of it as a legislative battle for the live blood of the U.S. Constitution and our democratic republic. Seems there is something afoot--hold on to your hat. An example of one of the first battles is summarized below.

Seems Rand Paul, Masse, and another republican congress person put on a active "kill the bill (one of my favorite old X11 games)" strategy. The two congress persons, in shifts, held the floor in the house in the case a vote might be held (voice votes can pass a bill if there is no objection or call for an electronic vote) on the house floor. Their presence would insure a quorum call, requiring a count of present members; the lack of a quorum will stall any vote on a bill before the chair. At the same time Rand Paul was holding the senate off by using both senatorial prerogative and using all the debate time...long enough to dash any hope of moving anything on Sunday and forcing a delay into Monday effectively killing the re-authorization.

Seems that they have formed a Constitution Action Network Deliberation Organization (CANDO)...my made up acronym.

@ Nick P
I knew there were problems, their primary supplier moved to China in '11 and later purchase by Microsemi spelled trouble. My FGPA toolchest includes Altera, Actel, Atmel, MicroChip, Xilinx, and other RAM type CPLD's, synthesis tools vary as well...have been wanting to look at one of Fedora's spins that might be useful--it's just that an audit would be necessary (source level) along with a clean build.

As I mentioned before (FPGA power-on fabric and persistence) the "online library" and fragility of the tool chain(s) leaves one with more than doubts??? Of course I don't use libraries (only the standard IEEE 1164 architecture and components) from vendors unless completely necessary.

FigureitoutJune 3, 2015 8:41 PM

Thoth
Good luck with decapping some IC chips :)
--Yep, I'll need it lol. It's just coming on my radar so it may be a bit, touch up on my chemistry, etc. But it's been done so many times I think it's safe so long as you aren't completely retarded. For me to use some good school microscopes I need a project of some sort ready, when I really just want to look lol...May need to stop in the chemistry dept. at my school to double check my order as I don't know how to verify nitric acid (there's some easily found info ( http://www.researchgate.net/post/What_is_the_best_way_to_test_the_presence_of_Nitric_acid_HNO3_in_solution2 ) ( http://www.instructables.com/id/Make-Nitric-acid-The-Complete-Guide/ ) but I kinda just want the acid in a clean bottle lol). You'll already know I'll blabber-mouth the most relevant/practical info here lol. Want to start out w/ *simple* chips (op-amps, regulators, etc.) and try to trace the circuit of those and I want to try flipping some fuses and spotting those too in small PICs, which is cool to think physically setting a fuse in software. Should be fun.

Goals for Building a More Assured HSM
--Slides from cryptech.is; they've already got some commercial funding (keep your independence from some questionable names...) and some deliverables. There is a paper on attacking ring oscillator-based HWRNG's w/ injection locking but it's one attack and I think basically any clock you can do a similar effect...bleh; but they mush and gush the numbers up so they may still be pretty good. Still many unsolved problems and always places to improve. If you're pissed but don't feel like building all by yourself and just want to consult somewhere for free or reduced price, here you go. Exciting, so many projects taking off; hardly keep track.

*PDF warning* https://ripe69.ripe.net/presentations/136-141106.ripe-cryptech.pdf

ThothJune 3, 2015 10:15 PM

@Figureitout
Most HSMs are built with a "Just Strong Enough" scenario in mind with loose ideas of protection. They are simply relying on a bunch of security chips and some access control with portable tokens and that's about it.

FIPS 140-2 Level 3 only requires a HSM to be tamper resistant, be capable of handling common intrusion techniques like breaking open module cases and interrupting power supply lines and sort of. The more "resilient" ones are rated at Level 4 mandating some form of basic environmental protection including temperature changes to abuse the electronics, EMSEC to a certain degree, input manipulation and sorts (Ultra AEP Keyper rated at Level 4).

Link: http://www.ultra-aep.com/hardware-security-module

You can see that the keyboard, smartcard slot, screen are all recess into the HSM's so-called "FIPS Validated" zone which is the secure boundary declared to FIPS/CC evaluation that are the sensitive and protected regions.

The requirements of the current FIPS are going to be revised to include some form of EMSEC and Level 4 protection into Level 2 and 3 for version 3 of FIPS 140 standard but it's still not in stone yet so we do not know what they have in mind.

I would say it is about time that higher assurance HSMs are to appear in the market as the security market are already way behind in terms of technology. We are mostly relying on old methods known in the 80s and 90s to build modern HSMs.

Thales recent audited their nCipher HSM and noticed a physical access USB bug (only usable for USB keyboards) which somehow allows USB devices to connect into the HSM and with higher sophistication (internal knowledge from Thales), you could use the USB port on the HSM to disrupt the integrity of the keys. That is less than assuring to know of a famous HSM brand and they got about releasing the patches a little later but still better than nothing. The UK Export Control made life difficult for the patch to be sent out of the UK as it is classified as Crypto thus it is Munitions.

Talk about assurance.... We do really need more assurance going into these stuff instead of "Just Enough Assurance".

Mind you, HSMs are rated at EAL 4+ and so are Linux, Windows, Mac OS X, Solaris and so forth. Sounds rather assuring to have such a rating for something protecting your banking secrets ???

To get a high assurance HSM, they need to have in mind a highly formatted formal specification as their first step and then start to go through formal methodologies.

Some attack surfaces they need to consider:
- Integrity of hardware modules (Castle + Prison + Dataflow concept)
- Abusive users (a lot of HSM assumes users are trusted and simply careless)
- Red/Black separation
- Separation of user duty
- Interface controls (input and output in terms of network, password entry, smartcard entry ...etc...)
- EMSEC !!!
- Secure Feedback (Reporting, User Interaction ...etc...)

Those are a loose list which I may supplement later once I sit down to read the slides in details.

WaelJune 3, 2015 10:21 PM

@Figureitout, @Thoth,

May need to stop in the chemistry dept. at my school to double check my order as I don't know how to verify nitric acid

Mix Nitric acid with hydrochloric acid in a 1:3 ratio to make a more potent concoction: Royal water :)

WaelJune 3, 2015 10:32 PM

@Thoth,

They are simply relying on a bunch of security chips and some access control with portable tokens and that's about it.

You missed physical access controls, cameras, key custodians (under separate departments) among other OPSEC procedures. It's not an easy task to get physically close to one of these bad boys!

Integrity of hardware modules (Castle + Prison + Dataflow concept)

Oh, no! In this case, OPSEC is the physical Castle with tight access controls.

WaelJune 3, 2015 10:45 PM

@Nick P,

I told you before that your scheme was done before in various forms: it's called a coarse-grained, reconfigurable processor

Chalk and cheese... One is reconfigurable processor(s) and the other is a set of runtime adaptive platforms or a set of predefined hardware emulation quasi-virtual machines.

Lol. I learn something new every day.

And I unlearn something old every day ;)

ThothJune 3, 2015 11:08 PM

@Wael, Figureitout, Nick P
OPSEC is simply a myth. I had a client or a couple of them that I cannot name, whom gobbled their entire quorum of tokens and simply left them in their unlocked drawers. There were cases where due to a single person holding the entire HSM token quorum and simply lost the smartcard tokens (all of them in a bundle at once). Talk about a single point of failure due to poor OPSEC.

WaelJune 3, 2015 11:42 PM

@Thoth,

OPSEC is simply a myth.

OPSEC is part and parcel of a secure system. If OPSEC is a myth, then Security is a pipe dream.

Clive RobinsonJune 4, 2015 12:13 AM

@ Wael,

OPSEC is part and parcel of a secure system. If OPSEC is a myth, then Security is a pipe dream.

For many it is, and always will be, because they either lack the skills and won't develope them or can't develope them for some reason.

As an analagy OpSec is like juggling whilst tightrope walking. Most of us can learn to juggle --sort of-- with practice, likwise tightrope walking. However very very very few can do the two together.

As if that is not hard enough, you then have to contend with a hostile audience who are not constrained to just shouting and laser pointers, they are alowed also to throw rocks and bottles as well as shake the rope. Some --such as government level-- are alowed to use bullets as well whilst you try to cross the Niagra Falls. Such is the nature of the OpSec game.

The way to win at OpSec is to tilt the table in your favour, something that untill recently only governments had the power to do. The TAO catalogue was an example of just one tilt in our field of endevor, NSLs, FISA and all sorts of other tilts the US Government use fall into other fields of endevor. Oh and don't forget the orange jumpsuit holiday camps either, especialy the "Special Administrative Measures" black holes. To win you have to be able to counteract all of those tilts in all those fields of endevor, and then find your own tilt in your favour.

Can it be done, well suprisingly yes, and the maths says so, and we have discussed some of the "hows" in the past. Thus the real question is can you translate the theory into practice, without making a single mistake, now or in the future?

Nick PJune 4, 2015 12:35 AM

@ Wael

"One is reconfigurable processor(s) and the other is a set of runtime adaptive platforms or a set of predefined hardware emulation quasi-virtual machines."

Long story short, processing elements that reconfigure themselves via a user-supplied configuration script determining their ISA or general functionality. The differences between that and prior work might be more clear if you showed us that diagram or brief you mentioned. Feel free. Just be sure to censor your full name, email address, critical patent details, and so on. Basic OPSEC.

@ Wael, Clive

"OPSEC is simply a myth." (Thoth)

The context of his post makes it clear that he's saying OPSEC is a myth in terms of how HSM's he knows about are often used. He doesn't mean that OPSEC is a myth in general.

JustinJune 4, 2015 12:53 AM

@ Slug Crawling Across a Razor Blade • June 2, 2015 8:39 PM

Quite an interesting psychological profile for a few blog comments...

That seems to imply you have had some professional experience doing something "like that".
I think you're vastly overestimating my professional experience.

I flatly stated "he is not Russian", and you seemed to bypass any manner of processing of that statement.
If I wanted to I could compare and contrast that with Skeptical's comment in last week's squid thread:
... And our bizarre friend - who for various reasons I suspect to be writing from a former British colony (a tenuous hypothesis in which I place very little confidence) - seems quite taken with the proud respect for human rights and law shown by Russia, which marks him as either mentally ill or a paid shill.
But never mind that for the moment. You seem to be asking for my take on it. The assumption of "he" or "him" is curious to me, like "the male" in another recent thread. (According to the news articles, a lot of the "Russian trolls" are in fact female.) The comment by Rosa Klebb seems to use a deliberately feminine metaphor "knock [the U.S.] over with a feather." I suppose a female may not "sound" so deliberately so.


So, assuming "male", you also make the statement that either he posted pro-Russian propaganda or he did not. That is somewhat of a value judgment, and depends on whether it's just some guy with his own opinion or somebody with some connection, however indirect, to the Kremlin. If he's posting this stuff because it's his own opinion --- which you deny ("That is not him.") --- or because he's just having fun on a public forum, then it's not propaganda. If, on the other hand, he is being paid to make pro-Putin-administration posts, or is doing it out of ideological devotion to the current administration in the Kremlin, (and what ideology do they have after the fall of communism?) then I would call it propaganda.

None of this requires that poster to be ethnically Russian, have Russian citizenship, or even reside in Russia.

We can split hairs all we want, but meanwhile a lot of slanted pro-Putin-administration comments are appearing on a lot of forums and comment sections across the Internet.

ThothJune 4, 2015 1:20 AM

@Wael, Figureitout
Security can be achieved if OPSEC can also be accompanied. Any security device or services comes with it's set of OPSEC to operate the device to reach the level of security. Passwords and PINs are a logical security device of sorts but how many people have shared their PINs and passwords around ?

Regarding HSM "Pipe Dream" Operations Security. Quorum-base tokens are used so that the risk is shared by a group but there are always people who violate them. Sharing token PINs and passwords are another headache and besides the tokens are shared out as well.

Is Security a Pipe Dream ?

Who knows :D .

Now, onto more important stuff...

One thing that surprises me consistently for a "secure device" is that the PIN entry is done on insecure interfaces (client's laptops, external USB keyboards plugged into HSM front panels ... etc ...).

One more additional criteria for the PIN entry is to enter them from a secure HSM management console or directly into the HSM's keyboard itself. This is to prevent keyloggers from capturing the PIN of the security token during operational activities.

Here is a sample use case in terms of the Thales HSM. Whenever an application like a Web Server were to request the HSM via PKCS11/MSCAPI/nCipher's Library for cryptographic operations, the Operator Card quorums must be loaded into the HSM by slotting the OCS smartcards into the HSM front panel card reader. The PIN would be requested from the user to enable the use of the smartcards and the PIN would be entered into the Web Server (probably a HTML page that will interface with the PKCS11/MSCAPI/nCipher Library).

Imagine if this is an Enterprise scenario and the HSM and Web Server is running 24x7x7 and the keylogger/malware is in the Web Server, an advance attacker could effectively snoop and interact with the HSM from the already authorized Web Server without the user's notice.

This must be addressed in an assured HSM design somehow. Although the risk is at the side of the Web Server being insecure, the HSM needs to be able to mitigate this risk. Setting a timeout is a bad idea since the 24x7x7 services would always require the HSM (SSL/TLS services ?). Any ideas ?

name.withheld.for.obvious.reasonsJune 4, 2015 1:26 AM

@ Clive Robinson

Thus the real question is can you translate the theory into practice, without making a single mistake, now or in the future?

That's not very reassuring--but I guess we're not here for a hug.

There seems to be some inertia here in the states--individuals are pushing back hard. The issue is we still have people like the deputy director of the FBI counter-terrorism group talking about "dark places" on the internet. The deputy (dog) director spent time in committee complaining vociferously about encryption, social medial, and jihadist recruiting...a bunch of FUD. These idiots don't get that the "jihadists are born from some grievance, religious and/or social injustice, and any number of political and cultural experiences and/or perceptions. The idiots should focus on the birthing of the "terrorist" as opposed to the hanging of one.

There appears to be no conspiracy surrounding government activities--incompetence seems to be the order of the day. Until the stranglehold that has modern society bent over for the benefit of "stupid", we will not escape the morass of the huge circular firing squad we have created. For some reason academics, scholars, intelligent persons, and those that know better seem to be unable to crack the ceiling generated by moronic ideas, actions, and policies.

Sorry to lay it on you Clive, just had to vent...

Nick PJune 4, 2015 1:45 AM

@ name.withheld

"There appears to be no conspiracy surrounding government activities--incompetence seems to be the order of the day."

There's quite an order to the chaos that traces back decades. It's nothing new to those that study their methods. They've become more nuanced and sophisticated in some ways. Yet, it's SSDD. The way they stay effective is by concealing their relationships while relying on major media's ability to distract and disrupt focus for money. These got the schemers further than any world conquest might have achieved.

These methods are so effective that I don't even publish my personal list of who's who and what's what. It would be a waste. I've seen what this country's people do with good inside information. They won't win the war against elites if they doubt the war exists or are so easily distracted. It's sad but true. So, I keep prodding them and watching what they do from a distance. After all, only they can make the country better with their decisions.

Wesley ParishJune 4, 2015 3:09 AM

@Justin

Our good friend @S[k]eptical is quite amusing. In confusing some of my comments with pro-Russian trolls he has provided me with (potentially) inexhaustible amusement. We must be thankful for small mercies.

And all because, in the wake of the NZ govt of 2000 canceling the RNZAF's F-16 procurement I had a look at what the RNZAF might actually need for its own strike force rather than one that would effectively operate as a USAF Territorial Air Force and concluded that a long-range heavy-weight maritime strike fighter would be suitable, rather than a short-range light-weight strike fighter, and the Sukhoi Su-32/34 (based on the Sulhoi Su-27) was probably the best option - it does have three manufacturing sources, after all: Russia, India and China, so it would not face the worry of having its maintenance bill skyrocket out of mere (Congressional) whim ...

I mentioned this on some previous blog comment, and @S[k]eptical took it as proof that I was a (rather bizaare) pro-Russian troll. As I say, our good friend @S[k]eptical has provided me with much amusement, so he?/it?/they? deserves some respect at the very least. Honest Vaudeville is so hard to come by these days ...

WaelJune 4, 2015 4:06 AM

@Nick P, @Clive Robinson, @Thoth, @name.withheld.for.obvious.reasons,

The context of his post makes it clear that he's saying OPSEC is a myth in terms of how HSM's he knows about are often used. He doesn't mean that OPSEC is a myth in general.

The thing is HSMs are meant to be physically isolated and under tight control. A couple of special cases where clients misused HSMs shouldn't be generalized. Yes, the context was clear to me as well.

@Clive Robinson,

I like your analogy!

Thus the real question is can you translate the theory into practice, without making a single mistake, now or in the future?

Yes it can be done now without a single mistake. In the future the mistake(s) will be known, corrections will be made and the cycle will continue.

@name.withheld.for.obvious.reasons,

No one's interested in fixing the root cause. Fixing the symptom is more attractive.

@Thoth,

Is Security a Pipe Dream ?

If basic Security tenets aren't adhered to, then most definitely Security isn't only a pipe dream. It's a fairytale, witchcraft and sorcery ;)

ThothJune 4, 2015 4:32 AM

@Wael, Nick P, Clive Robinson, Figureitout
Maybe it's just what I have seen from people I have worked with in regards to HSM security and security in general.

I don't think it is a special case of clients misusing these machines but it is more of a rampant scenario I am seeing around myself when I go onsite to do my job deploying these stuff.

Not surprisingly, a good amount of them bought these HSMs not knowing what it is (because audit says they need them) and don't understand them ... let alone even understanding basic cryptography (just like how I tried hard to explain PKC to @Curious) other than a kind of magic dust that somehow scrambles data :) .

If these HSMs were under tight control, I wouldn't be seeing a handful of cases of reports of entire quorums of HSM tokens missing and other tragic cases which are rated as critical levels requiring management investigations but somehow everything gets swept under the rug at the end of the day. Of course my job is to deploy and give advise so I just do my job and if a HSM has entered a state beyond recovery (losing of all the token quorums) and a reset of the entire HSM's security profile (including master key) is needed, I would tell them the steps to take and what to avoid and the rest is up to the client to do what they feel like doing.

There are exceptions as Wael have pointed out. People who know exactly what they want and know what they are doing which is very comforting to know. These people take security at the highest level and that's where OPSEC would bring out the security of the tightly controlled environment Wael mentioned.

You can put it this way that HSM is just a tool and is pretty "neutral" in nature. If a person knows what he is doing handles it, it would have it's potentials realized but if given to someone who is clueless, the tool's potentials would not be realized. This is same for almost everything in the world itself. It really depends on who is the end user and the awareness level and knowledge of the end user (thus a highly subjective subject) :) .

ThothJune 4, 2015 4:33 AM

@Nick P
Do you have more information of the Nizza security architecture and relevant deployments and codes that are ready for deployment ?

name.withheld.for.obvious.reasonsJune 4, 2015 8:21 AM

Okay, I'll stop reading the DoJ's Office of the Inspector General Report...

Two more issues are exposed by the report; requests under 215 made by the FBI included content, and secondly selectors that are used by the FBI seem to come from the FBI, to the NSA, back to the FBI in order to make domestic, foreign, and then domestic/foreign. So it is simpler than suspected....

FBI goes fishing, catches something and takes the fish off the line and removes the fish and puts it on the NSA's hook (thus NSA has not "discovered" domestic data). NSA now has a fish, sees that it is relevant (NSA determines it is domestic), and passes it to the FBI for dinner.

John CJune 4, 2015 10:16 AM

Ladies & Gentlemen,

This story is interesting for an unusual reason.

http://boston.cbslocal.com/2015/06/04/cbs-news-rahim-allegedly-plotted-to-kill-anti-islam-activist-pamela-geller/

It seems the FBI had him under "24/7" surveillance "for years". That is a twist. He clearly did not detect it, at all. No entrapment schemes. Nothing. Just under surveillance. It also appears, they were correct to do so.

I wonder how many others they keep under such sweeping surveillance without detection, who genuinely are a threat?

SSG, eat your heart out. The FBI has moved on to bigger and better methodologies.

@Z

That story, I noticed. I had to scratch my head. Why are they relying on aircraft, they are easy to point out. They could just plant bugs on cars and bugs in malls. Rely on burst transmission to pick up the data. Sounds more "Hollywood" then real world. The only reason even to begin to try and follow someone these days is to expose the fact that they are being followed.


@Wesley Parish

Ah hah! A crafty Russian spy in our midst! No doubt here to sneakly take useful Sci-Tech data from the users! Oh noes. I am sorry, but I can not believe your denial, because that is exactly what a spy would say!


@Justin

I think the poster was probably just pointing out that posters may not "seem" to be what they are. Males tend to use a lot of "I" statements, while females tend to be more descriptive and use a lot of adjectives.

I, also, tend to form images in my mind of people online, but I set those aside, as those images often are wrong.

Why? Because when I was younger I worked for an intelligence agency for a bit, and came to discover that sometimes, people were not as they seemed. Spies seem to be considerably better at that then even everyday people online.

This was very shocking for me, because I have always been a big believer in being exactly as I seemed. Why confuse things?

Sam WatersJune 4, 2015 11:36 AM

Profiling the Poster

He does not have a sex life, so he substitutes posting propaganda online for that, it is not a hobby.If you notice, you can see how 'worked up' about it he gets.He, at one time, had extensive computer training. He was kicked out of college. Now, he is a professional taxidermist.He has a few hobbies. He likes to hang out in sex shops. His mother was a professional clown, which he sees as a refined art. Though he makes plenty of money as a taxidermist, he really lives for his weekend job as a professional clown at parties, malls, and, for practice, he performs his "art" at large parks where lovers often frequent.His favorite hobby, however, is "to watch". He prefers porn involving lower twenty-something females who all live in the same house, and never even go nude. This way he can watch them doing everyday stuff.He also has a prized collection of human fingernails, which he buys from eBay.Women have, to his own bewilderment, shied away from him. Except for his mother, whom he dotes on. And she dotes on him.When he was in high school, his dream in life was to become an entomologist, due to his passion at the time for winged insects.He has a large, hairy mole on his right cheek.He is very self-conscious about it and has had problems lashing out with spontaneous aggression when he notices eyes wander to it.He has a 'comb over' hairstyle, partly inspired by Donald Trump.And he has a mustache which he enjoys fingering. Some might say "twirling" the edge of it. At times, he chews on it, this prevents him from having to ever actually use a razor. An unfortunate result of this is a digestion problem. At times, has to lay down on the floor due to the extreme pain of it.He likes to touch people he meets, and does not understand "personal space". His breath is spicy and foul. This is due to his strong belief in obscure "health food" that includes fermented exotics. His mother collects life like dolls.

anonymous script doctorJune 4, 2015 1:11 PM

I think there is a murder of words going on here, just a bit, and I would like to subject my theories to your esteemed considerations. To shed some light on a very mysterious matter.

http://karpathy.github.io/2015/05/21/rnn-effectiveness/

Before this Russian troll debacle, which clues were accidentally hacked out by Anonymous, there was the American troll debacle. You may recall that Anonymous, there, as well, supplied that leak, as led by the Master Troll of Weev and Sabu. They hacked HBGary Federal, and discovered a treasure trove of highly senstive data, including their plot to provide a system of multiple identities to the US Government. Here, we might ask ourselves, "Who, then, is Anonymous".

But, that is not an important question. What is a much more important question is to look again at the myths of strange online phenomena such as the behavior of certain online crowds and posters. You might notice that, years ago, a certain nation state well perfected the art of taking in input files such as a large collection of postings and outputting seemingly real posters on a frequent or infrequent basis. These systems operate off of hacked systems and the only material they steal is the owner's name and other name's found in the owner's system. It is a manner of distributed network. A sort of round robin sequence is used, and the system is designed to be undetectable. It does not spam from any particular address, but just posts very, very, very infrequently.

You have seen this sort of mass distributed system at work on places where Anonymous has frequented. A key element to that manner of operation does involve a level of persistent identities. This is why it has been very difficult for authorities to actually investigate these manner of groups.

Another element of this system is its' capacity to provide meaningful garbage to other automated NLP analysis systems.

There is, however, a significant flaw in that mechanism, I have discovered: namely, you can perform NLP analysis on that murder of posters identities and pinpoint likely real suspects for whom the distributed network is actually working for.

I was alerted to this scenario by a colleague of mine, who alarmed me by pointing out the supposed "GCHQ Twitter Dreadbot" was actually not GCHQ but a sophisticated FSB neural network system designed to attack likely GCHQ targets and spew out GCHQ seeming garbage. That very same colleague pointed me to a post at computer security forum detailing doubts about the analysis performed by Kaspersky Anti-Virus. It was pointed out that Kaspersky himself went straight from the FSB to founding that company.

A case of where the spider catches the fly, so that the spider can intentionally miss catching some flies, and the low level necessary access of the AV system, can, its' self be subverted easily by a seemingly normal AV signature file update, and then be quickly reverted back by another seemingly normal AV signature file update. This, of course, on an individual level, and not a matter of mass injection programming and change back. Which would be highly noisy and easily detectable.

My colleague pointed out the sudden reaction of a very real Russian FSB officer posting this exact manner of drivel. He further went on and painted the Kaspersky "Equation Group" study as "complete fiction". In order to enhance and maintain his cover among the unsuspecting students.

At times, this poster cleverly assumes the identities of previous posters, even mimicking their capacity for speech. He may appear as a female. He may appear as an American. But he is no more American then his grandfather was not riding a tank into Berlin after the war.

(My own fascination with these clever Russian spies operating in foreign nations started when I "accidentally" obtained a job working on the movie project "Salt". That same person who got me that job gave unusual information to me about real Russian spies and indicated that there might be more to the "Salt" job [a meager 'script doctor' job] then he was letting on. He said something about "timing of the release" and "evidence. So, when Salt was released at nearly the same time as the big hooplah over the discovery and ejection of a bunch of deep cover Russian spies, I was shocked. He knew about it, yet, I could not pin him on it. He made it clear, yet, I could not prove it to anyone else. But, my own self.)

As for my own self, I made it clear that I was told there was a Russian agent in their midst. But, clearly, no one listened to me.

Nick PJune 4, 2015 1:20 PM

@ Wael

"The thing is HSMs are meant to be physically isolated and under tight control. A couple of special cases where clients misused HSMs shouldn't be generalized. Yes, the context was clear to me as well."

I agree. Yet, do you have evidence that most organizations purchasing HSM's follow all their best practices? Thoth deals with lots of HSM users with not many positive things to say about them. So, the general case for whatever type he works with is security on paper rather than real thing. Doing it right is a special case. Does this really surprise you?

It might be different here in the States or in certain European countries. The norm might be better. I just haven't heard much in empirical evidence to back or reject that. How banks have handled phantom ATM withdrawals, Chip/PIN issues, ACH, and so on suggests a similar attitude for security here.

"No one's interested in fixing the root cause. Fixing the symptom is more attractive."

And lucrative at the RSA conferences!

@ Thoth

It's been split into several camps: academics doing experiments with some binaries or source; government funded demonstrators with some binaries or source; commercial use that certainly won't get released. Let's see if I can trace some of it, though.

Main Nizza paper is here with main site being here. An application to VPN's here. Also led to more mature Genode. Australian efforts are here and here (original one). Commercially group, OK Labs, now exists in General Dynamics here. Another European variant, Perseus, led to this software applied here (maybe) and here. The originator in commercial space, INTEGRITY, at least gave us a good page of markets and implementations to target (see solutions list). Another commercial product with good detail on architecture.

BuckJune 4, 2015 4:55 PM

@Wael et al.

Oh, no! In this case, OPSEC is the physical Castle with tight access controls.
I've heard this myth before... I think it goes something like this:
As more treasures are brought inside the Castle for safekeeping, the castle walls must be fortified to keep out the plundering hoards.
As the walls are built taller, a larger number of servants are required for their continued construction and maintenance.
As the defenses become more complex, so rises the need for increased specialization.
As the specialties go deeper, more private, and shrouded in secrecy, a language barrier begins to impede the flow of information between different groups of specialists.
They don't really know how the whole castle works, but they kind of like living in it.
Meanwhile, those outside the castle's walls are starting to wonder why they continue to toil away, building this ridiculously massive structure that reaches towards the sky...
I just hope that they will eventually decide to dismantle it and use the scraps to construct more sensible cities. Otherwise the tower is likely to be abandoned, attacked, fall into disrepair, and inevitably come crumbling down to the Earth...

Visuals from the 1927 German film, Metropolis, combined with the vocals of Queen's 1984 single, Radio Ga Ga, seem to set the scene fairly well...

All we hear is Radio ga ga
Radio goo goo
Radio ga ga
All we hear is Radio ga ga
Radio blah blah

K13June 4, 2015 5:18 PM

Is it a human right, to have access to a crook-free channel for communicating one's financial, medical, legal, etc. business, and if so, whose responsibility is it, to provide such a channel?

Nick PJune 4, 2015 7:41 PM

@ tyr

You didn't have to read the Jan 5 UK newsfeed: the story broke a day before on U.S. news and Wall St Journal. That's as mainstream as it gets over here. Far as getting worse, this stuff happens all the time due to pervasively, bad security. I doubt it will be worse than any other data breach.

Coyne TibbetsJune 4, 2015 8:47 PM

As many as 51 labs in 17 states, 3 countries, received live anthrax samples

Summary:

Dugway Proving Ground in Utah sent live anthrax virus--via Fed-Ex--to 51 different commercial labs, academic institutions, and federal labs located in 17 states, D.C and 3 countries (Canada, Australia, and South Korea).


(But they expect to find more shipments to more labs.)

Investigators have spent 10 days learning size and scope (which they obviously still don't know in full) and now plan to start figuring out how it happened.

According to officials, there have been no infections among the [undoubtedly hundreds] who handled the packages--and there's no risk to civilians--but they've sort of undercut that argument by treating 31 military and civilian lab workers for possible exposure.

They are terribly embarrassed and are working with urgency.

Laxity, disregard, willful endangerment.

But, trust them, they can protect encryption back doors, no problem.

ThothJune 4, 2015 9:07 PM

@Nick P
The clients include The USA, ANZ region, Asia and many more. Those who are security critical are the exceptions that I have met and the only few who I respect their security policies are actually the CA whom I have implemented HSMs for so these CA naturally knows to a degree crypto otherwise why bother being a CA :) ? There was a local bank who had above average security knowledge too but the point is it's not demographics.

FigureitoutJune 4, 2015 9:28 PM

Thoth
built w/ a "Just Strong Enough"
--You deal w/ customers right? There's reasons for that eh? They don't listen to you and do precisely the worst case scenario of what you say. How many people want the *ultimate* basically impossible to crack w/o being caught security? What happens when you go to sleep and leave a secure place, do you trust who or what's watching it while you sleep to not get swayed w/ cash and prosecution? Simple attacks defeat lots of physical security, uprooting every weak assumption and basically all "security experts" throw their hands up, "game over". Only saving grace is it's like that for everyone lol, so attackers likely launching attacks w/ infected machines/connections and under surveillance and so on from angles they can't see until it's too late lol.

So an HSM cannot be developed w/o a physically safe place that you can let your guard down and think. Such a place doesn't exist, so what I've been training my mind to do, when attackers try to taunt is to *not care* and ignore. After enough years of my life, it's not worth my life to engage in worthless games of worthlessness and anger leading to bitterness and...nothingness b/c there's ways to attack you while you study, screw it. We only have so long here, why waste it on worthless inwardly-focused individuals that can only spy and steal people's work? Just decide on minimalist devices that you will protect and the other internet connected very useful goners are just that...Infected machines still serve many useful purposes.

RE: opsec
--It's a personal thing, you decide how far you want to go and if you go way too far it's a major waste of time (and extremely cumbersome/boring...). It has to be unique to you to spot attacks that can't adjust or simply put up impassable barriers (it used to be just disconnecting your PC from internet, but not anymore...not at all). It *can* be bullsh*t when you start to unravel it...I don't recommend doing that unless you can't help yourself (what PC do you start w/? what memory sticks and chips you start w/? what software you start w/? where did it all come from and could it be infected from start?).

RE: 24/7 webservers
--No I can't imagine securing those, I hate hate hate having to rely on internet for development and much prefer at least a simple disconnect. Some day, the internet's going to be a big f*cking bot net.

Wael RE: royal water
--Lol, no thank you.

tyrJune 4, 2015 10:02 PM


@Nick P.

No wonder I missed it !!

I used to get my newspaper in the form of
Brittanica Book of the Year, but have become
somewhat disconnected since then.

I remember McKenna telling someone he didn't
like to read non-fiction. : ^ )

Nick PJune 4, 2015 10:24 PM

@ Clive

I've had a guy hitting every thread and comment I made on Hacker News. Much of it is here over the Bitlocker piece on The Intercept. My handle is "nickpsecurity." He seemed to be using troll tactics like claiming proprietary software isn't a "black box" or that's immaterial during reviews because things like IDA exist. (Wth lol...) Turns out, the name was familiar: Thomas Ptacek, founder of Matasano Security. I forgot him but remember them distinctly.

My memory is more poor than yours these days. Do you recall him being a shill for companies or government to any degree? I think Bruce debated him once on a key issue. Trying to determine if he's worth responding to in the future given the usual balance between saving time and ensuring readers get good info.

WaelJune 5, 2015 12:07 AM

@Buck,

What a strange response! And I thought I was weird!!!

As more treasures are brought inside the Castle for safekeeping [...] I just hope that they will eventually decide to dismantle it and utse the scraps to construct more sensible cities. ...

Fasinating allegory! Government, LEA, secrecy, complexity, end of the world, the rebirth of another ...

All we hear is Radio ga ga

If I understood your allegory, then this song from the same era fits as well

Clive RobinsonJune 5, 2015 3:10 AM

@ Nick P,

I have to be carefull what I say...

It appears the company was taken over and as it is with such things people left including some founding members. I can not say if it was a friendly parting or not.

Any way it appears that he was "building a personality" as a security guru which appears to have taken a dip since the parting. His interview style was often abrasive in nature, sort of "I'm a rough tough sheriff and I'm comming to your town" and whilst good for sound bites for journalists is not what the people holding the purse strings want.

I would have a scan around and have a look at what he is now doing in Chicago.

But take care a cursory look around shows things are sufficiently odd that there may be more than one persona involved, which may mean it's not the same meat space person, then again...

I would ignore the personal and stick to the technical, and keep any replies as short as possible, and closed so as not to be seen as questions and thus engagement.

As I've noted recently on this blog there appears to be a rise in trolling on security blogs ranging from the subtle to the loony. As I indicated then, what I can not make my mind up about, is if it's due to the decreasing number of blogs or a more "directed" attack by state related intrests be they agencies like the NSA, GCHQ, etc or semi-NGO for plausible deniability or the likes of the discredited HBGary etc or just people with "Walter Mitty" issues.

Like it or not the likes of the Aus / UK / US political leaders have declared war on privacy quite publicaly, and are bringing in legislation, to in effect make secure comms for citizens illegal. Thus anybody who is vocaly pro "keep the state access out" is likely to be targeted by trolling behaviour of all forms.

Whilst anoying, it's best to ride it out, most people on the side lines will quite quickly see trolling for what it is, and if it remains one sided it quickly loses any entertainment value for them. Further people start to see even subtle trolling as somebody "out to shoot the messenger", thus the message becomes more visable and does get through.

Another GuyJune 5, 2015 5:09 AM

@ anonymous script doctor

"A key element to that manner of operation does involve a level of persistent identities."

While some "the poster", great movie title, appear dribble with words, most speak sane and articulate within context. The internet is just random people doing random things.

As all things are relative, trolling by persona can be seen as noise level. As discussed revelations on comment crew showed personas can be used to decouple, not community, communication via some type of handshake or just chit chat.

Sorry for feeding the troll.

Nick PJune 5, 2015 12:30 PM

@ Clive

Appreciate your reply. Yes, I've noticed these patterns too. Fortunately, these new trolling behaviors aren't showing up all over the place with equal effect. That whoever is doing it focuses on a relative few online resources indicates they're short on time or staff. This will keep them from having as pervasive an effect. Yet, it might be time for bloggers to change their moderation policies to get rid of this crap. Not just aggressive trolling but the pages of pointless discussions that really say nothing at all. We've gotten a lot of those over here with the apparent purpose of drowning out the comments with useful security advice.

I'll do as you suggested. I'll just give an intellectual backhand on these types and move on.

anonymous script doctorJune 5, 2015 12:32 PM

@"Another Guy"

Sorry for feeding the troll.

*burp* and, on reflection, *sigh*.

I will go ahead and explain "what was said there and why", as opposed to leaving matters up to speculation by non-targets. The majority crowd here is a non-target. They are unlikely to respond to such posts, and unlikely to be bothered by them. Because the posts are not designed to hit at them.

A real troll is quite the opposite. They hit at a group with a very inflammatory message designed to cause chaos. They will forego reasoning and be unable to argue anything reasonably. Either reason entirely evades them, they do not really believe what they are saying and are merely trolling, they have some more sophisticated agenda (which is obvious, like trying to get people's "real" opinions though that is a horrible tactic to use for that because it encourages false opinions back merely mirroring their behavior), or, of course, they really just do not have any solid reasoning behind their beliefs. They have never really thought about their beliefs, independently, and are lacking in their capacity for reasoning, in general.

"Do not feed the troll" is a very basic slogan used all across the internet, on forums very far less intelligent then this one. It has value. And it has value here. I have seen it engage, and it has some effect. But, it does not rid the trolls. More then one tactic needs to be employed, and should be expected from a more intelligent crowd focused on highly esoteric security matters. For instance, one poster trails trolls with a certain tone of voice and approach. I do not disagree with their tactic. It has value, especially coupled with the shunning approach also usually employed.

There is another reason why that tactic is not entirely successful here. That is the shunning tactic. That is because while these comments do not have a very wide range audience (the diversity belies this fact or lack thereof), there is some chance it may attract some trolls of an alternate agenda. In some cases, that alternate agenda can be dangerous, so alternative tactics are required for some posters.

Sloganeering security has its' use. It helps validate social values and tactics. However, it typically is not always the best course of action when it comes to communications security. This is because people are diverse in their perspectives. Therefore, repeating the same tactic often brings no change in result, one should change their tactic. This is the major reason people do not do things asked of them. It is also, by Einstein's good definition, the definition of "insanity".

1. the airplane observation - just my basic conclusion, it is useless, and a bad, money wasting tactic to use. I also dislike it from the angle that it is representational of a lean towards domestic totalitarianism. I am not opposed to good policing. Bad policing is when a government's basis of authority is starting to decay.

2. The 24/7 surveillance of the knife wielding Islamist which had gone on for years without detection. Frankly, I am not for always providing only examples of bad policing, if there is good policing, that is worth comment on. Contrasting that: right subject, difficult to disagree with that, right tactics, not employing significant hassling or old "cointelpro" "techniques", and it was appropriately stealthed. People who only throw out the negative can get into "crying wolf". Decay does not happen like that. This applause is a bit controversial to the crowd, but I do not really think so. It is also desensitizing: are the regular posters extreme Islamists? No. Very far from it. Contrary to the espoused or obviously secret view of some of the real trolls. And, by contrast, this also condemns such highly bad moves in regards to domestic surveillance, especially of the abhorrent dragnet 'target innocent civilians' variety. This hits at the core of their belief: that their system has any validity even for sheer effectiveness, at all. It surely does not.

The "SSG" comment accompanying that further highlighted that fact, for anyone who might know what SSG is. Partly sarcastic, SSG was likely involved. But that would tell that manner of audience to "pay attention".

3. A blow off response given to a suspected troll poster was given. They are not as they are presenting themselves. So, multiple tactics have been used with them. That could be a good "not as they present themselves", or a "bad". I suspect a "bad". That is, instead of putting the cards on the table, inching them just a little closer to the chest.

4. The "creepy" poster post was made with the ambiguous name "Sam Waters". The name of the female FBI profiler in "The Profiler". That was intended to cue peripheral observation. The depiction was entirely absurd and made partly in jest. The list of criteria of the "profile" was taken from a recent study performed on the "components of creepiness". It had multiple purposes: to put in an image difficult to "unsee" thereby clouding other gestalt imagery people often rely on; to make the objective of attribution a mockery, a joke so it can be seen as what it is and downplay the absurd, slanderous opinions of some trolls; to be amusing to some audience members; and, if anything escalates, to send out someone matching this description in person to the necessary individual. Such an effect would unsettle them, confuse them, and alarm them (they would be unlikely to process it until the meeting expired), but the ultimate objective would be to introduce to their skeptical minds both the reality and unreality of their situation.

5. If there were a Russian troll, they would wish to engage on multiple matters of the next post. If they were unsophisticated, they would wish to respond directly to some of the challenges. If they were sophisticated, they would want to engage more directly after deep consultation. And that more direct engagement would be towards myself. Not the forum. Because the forum would not have answers there.

Conclusion: there is no unsophisticated Russian troll.

So as to not entirely waste the wider audience's time, nor raise their cost, I also made sure there was dual purpose across these posts. Some potentially thoughtworthy ideas and observations were raised through out. While maybe the format prevented direction realization, post realization is as valuable too.

6. If you may have paid attention, some nation state rivals and adversaries really do take seriously such technology as "HAARP", and the possibility that "Hollywood" is tied at least somehow, and significantly, to the USG. To some degree, it is: many Americans are supportive of USG efforts in various even controversial areas. And "Hollywood" likes to feed what people 'buy into'. For crime and intelligence matter, often consultants are hired on who are fmr/ex/current. At times, like with "Burn Notice" or "The Americans", fmr/ex/current might actually be primaries in script creation.

Overall, though, one can point out "Hollywood" usually is critical, rather then supportive of just everything and anything. Very often profoundly so. This partly reflects general Hollywood viewpoints which are decidedly liberal leaning. Some come off as bad propaganda, forced injection... but others raise and deeply impress on people, key "unthought of" or "poorly accepted" alternate considerations. Of a critical nature.

Does not matter in this: Russia was sure to have noticed the seeming coincidence of the timing of the expulsion of the spies, and the release of "Salt", a movie specifically about exactly that nature of spies. Pre-"The Americans", the existence of Directorate S and reality of deep cover Russian agents was obscure knowledge.

Russia is also a very heavy literary focused nation. They have some of the greats. And they continue to have a flourishing literary production. This also means they are less likely to be confused (as, for instance, Iran would be) on the nature of relationships.

Good example, of late, the "Daywatch"/"Nightwatch" books and resulting films.

However, they also know there were consultants on that film, and the timing was very suspicious. Further, they are extremely interested on any further knowledge the americans might have on their other deep cover spies. Illegals. So, this manner of observation would be kicked up without immediate response.

I do not attract that sort, but deal with them when they are already a problem.

This 'in tandem' sort of situation is also a matter worthy of those who wish to understand "how things work". "They" do it with news stories. And for some movies they will also do it for. For instance, when there are real consultants at work there and so real information inside an otherwise absurd plot. ("Script doctors" can be many, and are rarely credited.)

7. As far as I know, the following scenario is poorly understood, and has a number of severe "alert" points for the general audience: an application which operates on a low level of the operating system, such as av generally does and kav most certainly does, could have functionality not present in ordinary reverse engineering security procedures. That functionality could be added via an otherwise ordinary update. Security systems with frequent and sometimes complex operations where rules are frequently updated and information is frequently sent back and forth, for that, especially makes this a stealthy attack.

The system receives not just instructions for the attack part of the code, but like missing pieces of a deep jigsaw puzzle where the jigsaw puzzle already paints a coherent, if difficult to understand, function... the new jigsaw pieces fit in nicely and add temporary functionality. That temporary functionality is easily later removed. And all of this can be performed in a very stealthy manner.

Not a new tactic, this manner of tactic is one of the more obscure, but relied upon tactics over the centuries by spy organizations (and other stealth organizations, such as resistance in WWII behind enemy lines). By observation, even very close one, the object is harmless and meaningless. But with the addition of another observably harmless and meaningless object, the two (or more) are combined to create 'something else entirely'.

Stating that would have likely have compelled an unsophisticated russian troll to immediately react defensively, as they would have missed the underlining meaning of the other statements. Including this one. But they would have responded, and likely also 'sent something up' (if they have a 'up', which is doubtful), but with great dubiousness allowing them to open fire immediately already at the same time.

8. There is an entirely differ angle to that argument, especially in combined with the following. I will explain that angle, momentarily.

9. Kaspersky does have a very direct tie to Russian intelligence, having been one. I would never run Kaspersky for that very reason, nor would anyone else who considers Russians maybe being even accidentally interested in them.

That is a severe tie, far more of the sort then what persuades even very intelligent and observant people skilled in security about companies and their government relations. It is a powerful, but base accusation to leverage. It would especially provoke a bad troll working for Russia to respond. Multiple points of such arguments were made, because in that scenario, multiple points increase the chance they will lose control. Such individuals do not have much control in the first place, being very low level.

10. Similar approach with the skepticism approach on the Equation Group findings.

11. All three points have an implication. Not such an obvious one. If KAV was doing this manner of work, and the systems were discovered by KAV being present on thos systems, then that raises another possibility for the reason of the 'Equation Group' work. Misdirection for attribution to the American state. I do not believe that is the case, but I do believe such theories are useful to consider, if only as an intellectual practice of considering all possible angles of a mysterious problem. Nevertheless, this implication would be made on a deeper level even by lower rung trolls. That would raise a possible alert, even if they were not consciously aware of that.

12. There are systems and processes designed to throw off NLP analysis. That is my general surmising of the flood of strange, cryptic posts this forum has experienced. I realize this may be contrary to popular views. There can be some manual intervention in some systems to help them appear more realistic. However, if one examines the posted link and looks at the equation paper which was real, versus the equation people the system devised, it is, frankly, stunning in potential authenticity for a reader who was unfamiliar with the very technical subject matter. And see what I did there.

There is also these sorts of systems apparent in many places, including 4chan, Anonymous' breeding grounds. 'War is deception; make few appear as many'. That exhausts resources. It is also a vaguely interesting system for security enthusiasts.

13. The GCHQ twitter troll monster probably is simply GCHQ. No attempts at persuasion were made there otherwise, in fact, the matter was presented as what would be taken as ludicrous by most readers. Not so ludicrous to possible others.

14. The "American system" really was discovered by Anonymous, just as Anonymous really did hack Russia and provide necessary links for discovery and attribution of the Russian systems and companies. That is a worthwhile point to make, maybe dismissed by some, but depends on their interest level.

15. Attribution analysis was further mocked, just a bit, but also challenged. I do this for my own self, and also for others (as all of this is multi-use, and far beyond just "dual use". The challenge is to attempt to people to think more rigorously. There are highly interesting events going on which people do not properly 'make a constellation out of random stars'... whereas they so often do make a constellation out of random stars.

But enhanced thinking in this area expands the individual's over all capacities as a person. Because people do have a strong tendency to themselves getting locked into self-destructive and socially destructive roles and identities and states and moods and emotions which 'is not them'. They become inflexible as adults, when they were far more healthy and dynamic as children. It is a form of rot.

The general can not think as the liberal critic, indeed, the liberal critic can not think as the conservative critic. The national can not think as the international. Or even as 'that national' or 'this national'. And so on and so on, ad infinitum.

16. The very last part of that described a very real method of communication really used in the deepest, darkest corners of the jungle. That was also not a lonely island all by its' lonesome, but was included with at least two other side comments that appeared to be simply flavor. One was the getting of a job where that job's purpose was designed to spell a message to the person who got the job. The other was where a colleague (or peer or stranger) might alert someone else to a matter somewhere, and where that matter might have multiple purposes of a message, as well as an interesting direction for that person.

Life its' self often does this, and often without notice. Notice it now. And if thinking "local government" might alarm the senses in Danger, Danger Will Robinson, then all the better. Because kicking in those analytical processes is necessary for many levels of good human progress.


I won't lie a few matters, either important or not, are skipped over here. You either notice that or know it or suspect it or not. I am not saying it is beyond your understanding to notice, I am just saying, not everything needs to be disclosed.

I will, however, dispel potential itching considerations of 'this is USG', USG would never reveal methodology. Quite simply. I only do this here, in this rare case, in order to explain what usually goes without comment and affording possible confusion or skepticism or even fear. This also dispels similar paranoid considerations. Fear usually is a horrible method of communication, and while some adrenaline shot can be useful for thinking... ultimately it should be directly noted: it is not real.

Further, as for verbiage such as "target" and "non-target", that also does not mean anything. Beyond basic concepts such as "Accuracy" versus "Missing the Shot" or "Missing the Bullseye", which can and should be applied to just about anything we do.

Curious minds do very curious things. And cats have nine lives. If not just a little bit more...

anonymous script doctorJune 5, 2015 12:45 PM

@ troll hunting an additional note

As an added antidote anecdote:

Yesterday I went outside to my normal smoking area and was informed by my wife ants had overswamped it. Danger to the kids, danger to the pets. Potential danger further to everyone as they appeared in mass transit into a hole in the house. No actual ants were seen inside, however, despite usual left out food.

We could not find our usual ant solution, so I raced to the store to get some, not bothering with the further away hardware store due to time and trouble. I went, instead, to the closer pharmacy.

I obtained what is not normally used for this problem in these conditions: ant traps where it is promised the whole queen and colony is killed. And ant bait. I mean the rush was terrific, reminds me of army ants en march in the Costa Rican jungles. (All is a true story, and very pertinent.)

Only costing ten bucks, I went ahead and dropped down both. A little ant bait (not promising to kill the whole colony) and the whole set of traps. It takes 24 hours to work, so still waiting and seeing. Neither version gets all types of ants. So that means this tactic might not work. We have to discern that from the results.

What did happen is instead of swarming into the house, however, they merely changed course, at the very least, and moved their base of operations. The old colony now appears defunct. Have to wait and see if the new colony soon is a ghost town.

Who did it? Probably one of the kids, maybe the wife, maybe both. All have been instructed to adjust their behavior for the future, if they can.

SkepticalJune 5, 2015 5:12 PM


@Wesley: Our good friend @S[k]eptical is quite amusing. In confusing some of my comments with pro-Russian trolls he has provided me with (potentially) inexhaustible amusement. We must be thankful for small mercies. ... And all because, in the wake of the NZ govt of 2000 canceling the RNZAF's F-16 procurement I had a look at what the RNZAF...

Wesley, I never confused any of your comments with those of a certain other individual. I'm not sure why you think I have.

As to what planes New Zealand wishes to buy, past, present, or in the future, I have no opinion. That part of the world is certainly becoming more interesting though.

@Inglorious: You commit the common mistake of ascribing nearly every significant political event on the planet to the United States. The US is a powerful country, but the world is a big place.

Libya, Egypt were destabilized by America. There are various pseudo-legitimate reasons for that. Only, why was America there in the first place? It is more tv logic then meaningful logic. Look at the end result.

The US had little to do with either case. A civil war in Libya raged long before NATO became involved. And in Egypt it was the decision of the Egyptian military not to engage the crowds that sealed Mubarak's fate.

In both cases the US was mostly a bystander to events driven largely by variables internal to Libya and Egypt respectively.

The whole Middle East, effectively, was severely destabalized by the Iraq invasion.

The Middle East wasn't a terribly stable place before the 2003 Iraq invasion. And the forces that make it unstable would be there regardless of whether the US invaded in 2003.

Russia. Okay, so there is some moral commitment to Ukraine. I don't want Ukraine to be just overcome by Russia. But the US is going beyond this. And, again, they have no interests there. Now, if the US was willing to so badly screw up the Middle East and North Africa, do you seriously believe they would not be willing to screw up that region?

The US is interested in Eastern European countries developing into independent, stable democracies. This fosters peace, and rule of law.

Russia's actions have resulted in enormous damage to Ukraine. The US has done little but - along with the rest of the world - enact sanctions against Russia for its actions, and provide a small amount of training and equipment to Ukraine.

South China sea showdown with China. Similar to all these other situations. Other countries have been building there. Why get so upset with China? Why does it matter that the US have a military base in Okinawa, and why does it matter that they continue to control the seas of that area?

The US doesn't claim sovereignty over the South China Sea. Instead the US view is that the South China Sea is largely international, and that disputes between nations in that region as to certain areas should be resolved diplomatically, peacefully, and multilaterally.

Nor is China the only nation to which the US has objected to the practice of building artificial islands in the South China Sea. However the pace of China's construction, and its military expansion, has obviously increased the concern of many as to what China may do in the future.

One hopes that China will choose a track of peaceful engagement, integrating into the world as a responsible stakeholder. However, its military expansion and actions in the South China Sea are indications that it may wish to alter the order in the region by force of arms.

So, the nations with concerns in East Asia are acting to encourage and welcome China as a partner, while simultaneously acting to deter any future use of military force.

FigureitoutJune 5, 2015 7:44 PM

Thoth RE: HSM's
--Let me clarify my discombobulated thought (most of which everyone knows, just saying why we can't give vendors *too* much sh*t when it comes to delivering a product that can be used and keeping the entire supply chain and operations of development secure--it's very hard and essentially impossible). What would you do as a company or organization, follow and stick to the weak standards to survive or take some financial risk and *maybe*, not guaranteed, deliver a stellar HSM that then makes your organization and everyone in it a target for copying and subversion...

To do any of that, you need a physical place, no one really wants to be there at 2am watching for burglars and other more sinister shenanigans (I'm surprised even in my field some things I hear...) b/c if it's just local backups they can be erased and putting all surveillance footage on 'net may give the internet views of your internal operations. All the OPSEC that entails, but not to much that employees need to walk around in chains all day. Blah, the point's made.

So hold vendor's feet to the fire as there'll be plenty of bullsh*t to go around but to actually deliver a working product that customers can't destroy or use, is hard; and if it's so easy why don't other people do it....?

BuckJune 5, 2015 9:57 PM

@Wael

99 Luftballons, eh? Hmmm, let's see... Child's play is mistaken for an existential threat (the end is a bit depressing despite the upbeat tune - I much prefer the ending in the real world analogue). That would be unfortunate, but not at all surprising! I'd suspect that sort of thing happens quite often in the inter-generational struggles. I see plenty of parallels between today's hacker counterculture and the Rock & Roll movement of old. Just imagine how those Baby Boomers' parents must have felt about all that wild noise...

Fear of the American Teenager | Rock and Roll: An American Story
It was clear that some believed music and movies marketed towards teenagers were a direct threat to the moral fiber of society, challenging the strength of the family unit. As one staff writer for the Vancouver Sun wrote in 1957 when Elvis was slated to perform in his town, 'If any daughter of mine broke out of the woodshed tonight to see Elvis Presley … I'd kick her teeth in." This was the tense backdrop that colored the reception of early Rock and Roll.
Who was responsible for this rise in lawlessness and how could the "wild" teenagers be tamed? There was a consensus that something had to be done. In 1954, the Senate created a special subcommittee on juvenile delinquency. The subcommittee held hearings to investigate the effects of "crime and horror" comic books on the psychology and misbehavior of youth. In addition to comic books, it was the subcommittee's intention to study the influence of music, movies, and other media upon teenagers as well.
Some were a bit more extreme...
David Noebel speaks on "The Marxist Minstrels"
It took TWO YEARS to write this book that proves beyond any shadow of doubt: (1) the communist use of RHYTHMIC-HYPNOTIC music; (2) the communist use of BEAT music; (3) the communist use of FOLK music; and (4) the communist use of ROCK 'N' FOLK music.
This book proves that the riots in Berkely... the insurrection at Watts... were in part inspired by the jungle beat Communist planned music, and personally directed by the "generals" of this ungodly "communist music" crowd.
Today's youth possess the power to destroy the United States of America and well they may..... unless the truths of this book can reach them in time!
Of course, there were also those on the other side that reached nearly opposite conclusions.
Beatles 'brought down Communism'
One Flew Over The Cuckoo's Nest director Milos Forman says in the programme: "It sounds ridiculous but it's not. I'm convinced the Beatles are partly responsible for the fall of Communism."
Canadian-based academic Dr Yury Pelyoshonok, who grew up in the USSR in the 1960s, backs up his claim.
"The Beatles had this tremendous impact on Soviet kids. The Soviet authorities thought of The Beatles as a secret Cold War weapon," he says.
"The kids lost their interest in all Soviet unshakeable dogmas and ideals, and stopped thinking of an English-speaking person as an enemy.
"That's when the Communists lost two generations of young people. That was an incredible impact."
In the end, Rock & Roll won the war. Well, until it was effectively co-opted by 'The Man', but by that time, the kids had already moved on to other forms of free expression...

Inglorious BasterdJune 5, 2015 10:52 PM

@Skeptical

You commit the common mistake of ascribing nearly every significant political event on the planet to the United States. The US is a powerful country, but the world is a big place.Inglorious Basterd wrote:Libya, Egypt were destabilized by America. There are various pseudo-legitimate reasons for that. Only, why was America there in the first place? It is more tv logic then meaningful logic. Look at the end result.

*uggh*. I am not sure who is more disappointing.

I am not saying America is "the cause of every problem on the planet". And I know you are simply not that dumb to truly believe I do.

Worse, really much worse? I am behind all of these actions. That is right. North Korea, Vietnam, Desert Storm, the North African invasions. So why do I argue against them?

I am not even being disingenuous.

My point there is that, 'No, there is no one operating the bus, but the bus driver is nature'. We make constellations out of the random, dizzying stars. We see faces where there are none. We personalize what we see around us. Oh, nature is very, very intelligent. And driving the bus better then anyone else can.

Either view is stupid: there is no conspiracy behind all of these events, just as the reasons that motivated most people into these events were not motivated by necessarily reasonable reasons.

Bush was concerned about Saddam and willing to believe anything. Cheney wanted to keep strong rapport with Bush, and with Halliburton. So on, and so on.

There were radical Islamist elements in these countries held back by vile, vicious strongmen. The more they had to deal with the vile, vicious radical Islamist elements, the more vile and vicious they became.

So, they were removed. And the vile, vicious far more chaotic elements of radicalized Islamists took over.

Now, I stated, "these events were not motivated by necessarily reasonable reasons". But, context there is important. I mean from the people behind it. I do not mean from nature. The ultimate controlling force.

But why. Besides some hippy sounding "trust in nature"? No one is asking, so I will not say. And you probably do not want to know anyway. There are some things one simply can not unhear.


The Middle East wasn't a terribly stable place before the 2003 Iraq invasion. And the forces that make it unstable would be there regardless of whether the US invaded in 2003.

Now it is incredibly unstable. Which is actually how I want it.

Would you like some slow roasted cat, rat, or dog? Meaning, I normally do not offer these opinions here, but then, no one is asking.

They would be repelled, and that without actually knowing how good it is. They have never tried it. How would they know.

*cheshire cat big grin*

Ukraine -- I am just pointing out the US does not have interests there. Europe really does. Does the US have interests in stable Democracies being maintained? Yes, they do.

Would I be upset or shed a tear if the US ravaged Russia? Frankly? I would probably be in glee.

Again, not disingenuous, not even arguing "the Devils Advocate" view. Simply looking at the problem in layers.

One hopes that China will choose a track of peaceful engagement, integrating into the world as a responsible stakeholder. However, its military expansion and actions in the South China Sea are indications that it may wish to alter the order in the region by force of arms

China, is not so pressing. But their working with North Korea in military hacking objectives very well may cook their duck.

That slates them up right to the first stage.

But, hey, because of the Sony hack, at least now everyone is really sure 'the CIA doesn't control Hollywood'.

I wonder how aware controlling forces in China are of the very gloomy potential horizon they are on the road to? I mean, besides the highly ill advised action of getting US in a "ready" posture in the South China sea. I am talking about arming North Korea with hacking skills and resources.

Little fish from a very little pond...do not far well in the big ocean. They are not big fish there. But China is a very big sea with very big fish to teach them, to arm them.

I mean, even if they do not make moves which are normally unlike China, historically, they have encroaching big problems. One is the rapid advancement of 3D printing technology. But, they do have a lot of arable land, and strong access to oceans. And nations are largely sympathetic to their stealing of industrial secrets. (Any industry which goes there is studied and duplicated by them.)

Beyond their vast hacking and physical industrial over the past some odd twenty years.

North Korea is radicalized, severely so -- they are still oblivious to the Khrushchev Speech. They are living in Stalin time. They are extremely dangerous. They should not be given big weapons. They can not differentiate between them and toys.

Korea its' self is a deeply militarized culture going back millenia. It is in their blood. Like Vietnam.

Only Korean Tae Kwon Do is scary shit.

But, hey, what do I have to do with Korea or China? I live in the States. Right.

I would suggest China keep their hands on their wheel and eyes focused with optimism and hope. I, for one, would prefer that they not suffer economic problems. There is a massive population there already in extremely bad straits. But their government is driving that train right over a fallen out bridge. And I do not think they will stop from that insane course.

*sigh*

I feel like the scientist in Wargames, reluctant to help. But, there is no help I can give nor offer in this situation. And nothing either one of us can do about what some far flung Chinese program might unleash onto global affairs.


Jim CulpepperJune 6, 2015 12:22 AM

@Buck, @Wael

Oh my, you youngins and your loud, banging "music".

Was "Cult of the Dead Cow", what you call "rooock" music?

You go to Defcon, or Blackhat, and that is all you see. A stage show.


Stanislav Petrov did not stop the Cold War. Neither did Rock Music. Mr Jim Morrison and his admiral dad smack dab in the middle of the Gulf of Tonkin situation. Leading it. Robby Krieger and his dad, deep in the dark innards of the Rand Corporation. Did you know the Doors went and solicited Jim's dad's "friends" for financing help? They refused. Then, Elektra stumbled along. Very not happily. Hard to sell the oedipus complex "The End" when hippies and daisies are popping up all around.

The Beatles and the Rolling Stones were boy bands.

Modern Rock is much better, Filter "Nice Shot"
https://www.youtube.com/watch?v=I3yvFmi_q1M

Okay, okay, hard to beat 99 red balloons.

A bit more modern, Fitz and the Tantrums, Walker:
https://www.youtube.com/watch?v=nGBLlFMn9Xc

80s Cold War delirium, like 99 Red Balloons, all too remaining pertinant today, Peter Gabriel "Games without Frontiers":

https://www.youtube.com/watch?v=3xZmlUV8muY


So, where is the Apocalyptic - err, grr, sorry, I mean, MAD scenario - music of today:

MIA Paper Planes

https://www.youtube.com/watch?v=ewRjZoRtu0Y


Secret OneRepublic

https://www.youtube.com/watch?v=qHm9MG9xw1o


Atlas Hands

https://www.youtube.com/watch?v=Pyue2N1XZ0M

And, perhaps, my most favorite of all... Radioactive Imagine Dragons

https://www.youtube.com/watch?v=ktvTqknDobU


But, so many, many more. About time to shift that radio into high gear and get a new outpouring.

MF

Muahahah, [apologies "off topic" Natzhees.]

Younger then you, and older. :P ^_^

Jim

AnuraJune 6, 2015 12:36 AM

@Jim Culpepper

I particularly recommend:

Diablo Swing Orchestra - Guerrilla Laments
https://www.youtube.com/watch?v=WcRtdrsRQ5o

Sleepytime Gorilla Museum - The Creature:
https://www.youtube.com/watch?v=6mJLr-Ai1mM

Tom Waits - Hell Broke Luce
https://www.youtube.com/watch?v=0Fju9o8BVJ8

Pin-Up Went Down - Get Ready To Sweep
https://www.youtube.com/watch?v=pD-jWD5cYQE

Primus - Too Many Puppies
https://www.youtube.com/watch?v=wTOOX3eYnLM

And, since this is squid blogging, and although this is not political:

Giant Squid - Throwing a Donner Party at Sea
https://www.youtube.com/watch?v=zrI_bYlXM8g

WaelJune 6, 2015 12:45 AM

@Jim Culpepper, @Buck, @Anura,

What? Am I going to spend the night listening to YouTube? Well, maybe I'll fall asleep faster :)

PaulAugust 3, 2015 6:28 PM

The level of shit-posting is growing, I'll take that as a sign of desperation and expect others to do the same.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.