Friday Squid Blogging: How a Squid Changes Color

The California market squid, Doryteuthis opalescens, can manipulate its color in a variety of ways:

Reflectins are aptly-named proteins unique to the light-sensing tissue of cephalopods like squid. Their skin contains specialized cells called iridocytes that produce color by reflecting light in a predictable way. When the neurotransmitter acetylcholine activates reflectin proteins, this triggers the contraction and expansion of deep pleats in the cell membrane of iridocytes. By turning enzymes on and off, this process adjusts (or tunes) the brightness and color of the light that’s reflected.

Interesting details in the article and the paper.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Posted on July 24, 2015 at 4:18 PM176 Comments


Nei Huem July 24, 2015 6:47 PM

Cloud insecurity has reached an impressive magnitude.

For the purpose of this article I will talk about one of the more popular NoSQL products called MongoDB, though much of what is being said also applies to other software (…).

A quick search for MongoDB reveals that there are nearly 30,000 instances on the Internet that don’t have any authorization enabled. (…) There’s a total of 595.2 TB of data exposed on the Internet via publicly accessible MongoDB instances that don’t have any form of authentication.

The vast majority of public MongoDB instances are operating in a cloud: Digital Ocean, Amazon, Linode and OVH round out the most popular destinations for hosting MongoDB without authorization enabled. I’ve actually observed this trend across the board: cloud instances tend to be more vulnerable than the traditional datacenter hosting. My guess is that cloud images don’t get updated as often, which translates into people deploying old and insecure versions of software.


Fecal Roster July 24, 2015 9:23 PM

The US staked its national honor on the International Covenant on Civil and Political Rights. With NSA surveillance the government made it clear that their word is worthless, that they can’t be trusted, and that the US government will go back on their solemn pledges whenever they feel like it. This year the ICCPR treaty body identified this particular breach, one of 23, as a situation of gravity or emergency. It threatens lives targeted for arbitrary drone murder and undermines the covenant along with the peremptory norm of good faith requisite for rule of law.

Designating US surveillance treachery as a matter for immediate attention triggered follow-up on an accelerated review schedule. The special rapporteur reported July 13:

“Given the lack of specific information provided by the State party on measures to ensure that interference with the right to privacy, in line with the established principles, and regardless of the nationality or location of the individual under surveillance, the Committee reiterated its request for information.”

You know what happened. NSA tried to feed its treaty partners some meaningless crap with the word law in it. That always works with congress, which is used to playing humiliating mother-may-I games to beg for scraps of information.

We don’t know yet what the treaty partners did. Closed sessions followed on the afternoon of the 13th, and today the special rapporteur issued its formal grade of US compliance. It hasn’t been posted yet. When it’s out we’ll find out whether the government can get NSA under control, or whether NSA can blow off any US pledge it doesn’t like.

An assessment of unsatisfactory action or no cooperation puts the US in the cellar with Saudi Arabia, Myanmar, South Sudan, and a few basket-case uggabugga statelets. Or maybe a notch below them – the non-signatories at least have the balls to refuse to meet the standards, instead of signing up and trying to weasel out like the USG.

Duh, gee, wonder how it’ll turn out. Here’s a hint: Check out these maps and see who the USG fits in with.

Awww, lookit all those sad downtrodden pagan babies in the red and orange patches. Maybe Bono will have a benefit concert to save the American children, make em hold a bowl and look at the camera real sad.

Bob S. July 24, 2015 10:42 PM

Windows10 is coming, like it or not.

What I’ve noticed is several new services popping up in my W8.1 machines via Windows updates directly related to the Windows 10 introduction.

One in particular that was hard to pinpoint, “Diagnostics Tracking Service” was found to be constantly reporting back to the mother ship, until I disabled it. See if it’s on your machine(s).

Meanwhile check out this link for a list of ip ranges, Ipv4 and IPV6 involving Office 365, which is also popping up in my 8.1 machines:

Office 365 URLs and IP address ranges

Many of these addresses are showing up on my monitors, as well as some odd non-published addresses initially causing concern. But, I can understand MS thinks everyone will love W10, AZURE, and Office365 and is trying to make the transition convenient by sort of self enrolling us and working out bugs as they go along. I must say it does have a bit of beta flavor to it, however.

magnanimous July 24, 2015 10:46 PM

I’m sure this subject exists in literature out there. I statrted thinking about police and FBI sketches and by extension facial recognition a few years back when I first saw the un4b0m63r sketch. So the thought experiment came to mind that a sketch either by pen, or photorealistic with software or by collage will deviate from the actual perpetrator dependent on a number of variables, including witness-artist pairing, elapsed time, and how well a witness observed a subject. The deviation could be significant and would be likely to match more closely some innocent member of the population leading to false positives. Worse perhaps if combined with facial recognition software. Any second opinions or is there any literature out there on this.

The un4b0m63r sketch really stood out for being a generic masculine face covered by mustache, hoodie, and huge aviator sunglasses, sumething like the Forer effect in profiling at play here. It matched a huge number of men and probably created solely to indicate that the authorities were doing something. Anyway this stuff came to mind after reading recent article on FBI hair analysis scandal. I have little faith in their organizational/investigative culture (including their treatment of say John O’Neill)

GeneralError July 25, 2015 6:08 AM

Windows have been long dead for people who value their privacy. The moronic UI that tried to emulate a tablet helped the decision for many.

Now the question is what choices can be made concerning hardware. I doubt the potential of the iCore series for backdoors and chipset malware has gone unnoticed by the powers that be. vPro for the pros, antitheft and identity “protection” for the rest. Just makes you wonder when the next Snowden will reveal how all modern processors are backdoored.

Did you know that modern Intel chipsets can load extra “functions” and most if not all calls and libraries are undocumented?

Clive Robinson July 25, 2015 6:24 AM

@ GeneralError,

Did you know that modern Intel chipsets can load extra”functions” and most if not all calls and libraries are undocumented?

You forgot to mention the “binary blobs”, which currently, can be Reversed Engineered, but as they are signed making equivalent code will not work.

What very rarely gets mentioned is that the binary blobs can be fomated in a way that RE’ing would be difficult at best.

The way this is done is first load a new custom micro code into the CPU IDunit, then using this new assembler code run other custom updates, prior to runing another micrcode update…. to RE this needs intimate knowledge of highly propriatary parts of the CPU core.

Winter July 25, 2015 7:00 AM

@ GeneralError,
“Did you know that modern Intel chipsets can load extra”functions” and most if not all calls and libraries are undocumented?”

Yes, I think most people reading this blog have been aware of this. And stories about suspicious “features” that might please the NSA/TLA in Intel hardware abound here. So, Intel might not be an informed choice if you suspect these TLAs have an interest in you.

“You forgot to mention the “binary blobs”, which currently, can be Reversed Engineered, but as they are signed making equivalent code will not work.”

So, as with software, proprietary solutions cannot be considered secure and should be shunned by all.

For that, we have open hardware:

Your Tax Dollars at Work July 25, 2015 7:44 AM

White man’s welfare: DHS mallcops Keeping You Safe from funk parades and breast cancer walks.

GLOSSARY: Limited stand-up. Government term for flaccid middle-aged bureaucrats staring slack-jawed at funky chicks on screens.

Clive Robinson July 25, 2015 9:08 AM

@ Winter,

For that, we have open hardware

Unfortunatly those CPUs are not the way we should be going, because we already know they are an evolutionary dead end due to “heat death” as we slide down the nanometer scale of chip features.

Put simply we have reached a point where conventional RISC pipelined CPUs can not realy get much smaller without melting.

The problem is the clock, it causes one heck of a lot of logic chips to all “jump” at the same time. Even if the resulting logic state does not change those gates still jump in time to the clock and even though it might be pico or nano amps per cycle in the Ghz range those Coulombs add up to one heck of a lot of energy per cycle and thus more heat than a soldering iron for the same area…

The obvious solution of clock slower is for obvious reasons not popular, so other tricks are tried, but even those are gaining us less and less. Down this road it won’t be long befor only memory devices will be able to take advantage of the decreasing scale of transistors.

The current family of tricks is to split up a chip into multiple RISC cores with either or both CISC microcode stores and cache memory giving high overall transistor count but lower overall current density per unit of measure. Other tricks such as out of order execution actually don’t get you much in return in the general scheam of things.

The way we should be going is to use asynchronous logic, it’s estimated that function for function it gives the same level of performance but power consumption being a tiny fraction of synchronous logic.

If as some have indicated this could be around 0.1% this will alow the transistor scale to slide down to about 1/20th of current densities for the same heat levels…

Unfortunatly for the past quater century researchers have been trying to get the asynch problems resolved with little practical result. Hopefully it’s an issue that will be resolved soon as we are already slowing our approach to the “heat death” line, and disapearing up evolutionary culdersacs in the process, which like a battle charger hourse we might find difficult if not impossible to back out of.

Contrary to what many still think the future of computing is not sequential but parallel, not just due to heat death but amongst other laws of physics, the speed of light and relativity.

That aside parallel systems have other human issues, which carries it’s own problems, one of which is the inability of most code cutters to do non sequential thinking.

Thus one solution could be a halfway house. Have hundreds if not thousands of RISC cores each with sizable cache and custom loadable microcode which with care gets around the synchronus heat problem. These run individual threads of execution at moderate speed which then combine to leverage the power of parallel execution. Part of which is gained by not having “context switching” that is always an expensive operation.

The question then arises as to if humans will be able to migrate their thinking over, or if steadily more complex tools will have to be developed to deal with the problem

It’s as though the computing luminaries of the 1950’s to late 60’s have wished upon us the most terrible of curses to “live in interesting times”.

BoppingAround July 25, 2015 9:22 AM

Bob S.,
Whenever on Windows, there are a lot of things to look at. Namely, various MMC shells like wf.msc, gpedit.msc [A], Scheduler events. Several control panels since Windows 8. Metro applications that can be removed only through the Powershell console. And other things I’ve forgotten about already. Registry too, I guess.

I saw a document called Windows 8 Security Technical Implementation Guide once. It covered various settings to tweak in order to harden the OS a bit. Don’t remember much of it, just that the scrollbar knob was really tiny.

I’ve searched for it and I’ve found it:

Maybe someone here will be able to tell more about it.

[A] Unless you are on Home editions which, AFAIK, do not have these thingies.

תמיר פרדו July 25, 2015 10:56 AM

  • Mighty NORAD couldn’t catch four planes alone in the sky.
  • Blee nor Black at CIA couldn’t find it in his heart to keep terrorist hijacker K al M out of the US.
  • Bowman at FBI didn’t mean to squelch Moussaoui’s FISA warrant, it was a, um, mistake.
  • SOCOM called off ABLE DANGER just a bit too soon, darn it.

And now – are you sitting down? Because nobody ever expected this four thousandth shoe to drop…

NSA forgot to mention that active terrorist K al M was in San Diego.

Terrorist catch and release!

Curious July 25, 2015 11:08 AM

I tried adding a comment a couple of times yesterday, but the blog wouldn’t let me, don’know why. Unfortunately, I didn’t take notice of neither the time of day nor the error message.

rgaff July 25, 2015 11:26 AM

@Clive Robinson

There are a few “event driven” languages out there nowadays, and quite a few people are using them… It is a start at getting people used to some asynchronous thinking, so I don’t think all is lost… it’s just that this industry doesn’t change course on a dime, especially when it comes to hardware, and even moreso when most people don’t see the need.

Ritzy Pendulum July 25, 2015 11:35 AM


“Now the question is what choices can be made concerning hardware.”

If the EU really wants to do something about protecting its citizens against industrial espionage and dragnet surveillance from hostile nations (like the USA, Russia and China), it would be smart of them to invest heavily on home-grown open source hardware (similar to CubieBoard and Novena). When the kit is ready for end users, distribute it across all member state governments, loaded with a decent open source OS. Make it available for the general public to purchase, hyping up the fact that it is 100% open source and has no direct link to any NSA-friendly American corporation. Great for local jobs, great for privacy, great for the community.

winter July 25, 2015 11:52 AM

“Contrary to what many still think the future of computing is not sequential but parallel, not just due to heat death but amongst other laws of physics, the speed of light and relativity.”

Sounds like assynchronous GPUs.

Also neural hardware chips are doing that. The neural chips are not “programmed” but trained.

Witty PVC July 25, 2015 12:17 PM

@Winter, re. ‘HORNET’ onion router:

If it helps solve Tor’s (la-la-la-la) traffic correlation attacks, this could be very exciting. Is there a working proof of concept?

rgaff July 25, 2015 12:19 PM

@Ritzy Pendulum

Yeah, except instead of pouring all money into one system, sponsor dozens of them… everyone being the same presents too juicy of a target. Diversity makes it much more of a hassle to subvert all of them.

Unfortunately, most EU states are rather cozy as USA vassal states, so it’s not gonna happen. I welcome being proven wrong, but I doubt I will. (and if my goading here encourages rebellion and becomes a negative self fulfilling prophecy, then good, more should tease all europeans as being the 51st state if it has that effect, especially the British, kneel before your colonies!)

Tadashi Togo July 25, 2015 12:39 PM


re: hornet onion router

I do not see anything there which indicates they have solved the ‘exit node’/’downstep ssl’ problem. In summary, that problem is that web servers are often able to be downstepped in ssl, though the biggest sites are not with this problem, nor many financial or other highly regulated sites, at this time. But, for custom server owners, they would have to be very studied to properly set up a site to avoid MITM.

Problems in general with these systems are well worth noting: exit notes are often marked as ‘malicious’ by a wide variety of security systems who share their ‘maps’ with many major security vendor customers; that very reason is because many hackers use these systems for attacks, not because they are interested in removing anonymity for legitimate users; using SSL as the base protocol helps hide the traffic, but encrypted traffic can be pinpointed regardless of the carrier protocol with the exception of the use of steganography; connection to entry nodes can pinpoint the services you are using; unusual ssl traffic patterns can be other denoted as using such a network between you and the entry node.; exit and ‘middle man’ node problems can exist if not implemented correctly, so one does not know on the viability nor security of such a system unless one has their own self performed a qualified security view or a very trusted group has done so.;

And, finally, by using such a system you have automatically put your self on a target list.

The last point is not because you are doing anything ‘bad’ with it, but because many are doing something bad with it. That list is deeply watered down, but it depends on where you are coming from. Professionals will avoid anything that even appears as suspicious, but non-professionals can do substantial damage. And, in some countries, even basic use of it can indicate one is a ‘dissident’.

The most damaging point is actually not so obvious, but prevents widespread use: the very first bullet point. Because these systems are allowed to be abused by wannabe and real hackers, the exit nodes will continue to be catalogued and that of utmost important to security vendors.

To fix that problem means that a security system designed to prevent such abuse would have to be ingrained into the system, one designed in such a way it also prevents the capacity for nodes to observe otherwise ordinary traffic. Not the most difficult matter, if it is implemented at entry or exit nodes. Patterns of hacking scans can be detected even from encrypted data.

No such system, then, will ever gain the widespread usage possibility until that problem is taken care of.

Without widespread usage, the targeting of users of these systems remains valuable to many countries. Contrast this to “legitimate” SSL. It is everywhere now. Like some other sustained, state based protocols that offer end to end encryption. Problem just is the connection can be seen. There are a wide number of ways to approach that problem. If anyone is ever serious about attempting to create a truly anonymous cloud proxy system that is sustainable, and collects sizeable crowd/cloud users of all walks of life. Making ‘target lists’ truly useless.

Tadashi Togo July 25, 2015 1:45 PM


Ironically, you chose the Unabomber for your point, while including ‘failed investigatory’ programs. As you probably know, his point of madness can be identified to his participation in the MK-ULTRA program. His madness and his bizarre belief system is obviously just a deep reaction to that program. Of course he became so deeply anti-social and anti-technology from such experience. It is amazing more participants did not, though I am sure they did… I am not aware of anyone else reaching such heights of failure.

(I am quite sure that “product” of the program was accidental, despite the irony of having created a super assassin, super terrorist as some might believe such wildly bad intentions may have really been striving for.)

This sort of behavior he exhibited is very symptomatic of utilizing attacks on a person in an experimental program, however, normally the defensive reaction from “such a deep level” is merely temporary.

The real irony here is, they were experimenting in order to figure out how to turn and provide confessions from extremely hostile subjects. (“Subjects”, I should put in quotes, it is a depersonalizing and demeaning term from experimental psychology in the last century.) But, they went about it all in the very wrong way. What is ironic about it is this is exactly the same sort of hostile approach they continue to take to this very day. The opposite approach is one which works: you establish and deepen rapport. Not the other way around. You build them up, not tear them down.

Even the ‘good cop’/’bad cop’ approach is flawed in this way, and probably why they continue to be unable to establish solid results. There will always be suspicion and so lack of rapport on the ‘good cop’, regardless of how different and separate they are made to appear to be.

Unlike the ‘hair analysis’ scandal, this hat has yet to drop. It maybe never will, even though undercover and spies as well as scientists are well aware and use often this friendly approach to get highly valid information everyday.

In regards to personal depictions of suspects portion of your post:

Any substantially financed suspect will evade all witness depictions and all video.

That means any nation state financed suspect, as any truly serious threat would involve – be it from a counter-intelligence angle, or be it from a counter-terrorism angle – disguise sufficient to evade such detection.

The unabomber was very unique. He had no ties to any group. No communication to any group, except singular communication with a very small circle of family members. This was also pre-‘video everywhere’. Had anyone gotten him to talk earlier, had anyone, say FBI BSU encouraged him to ‘have his say’, earlier, he would have been detected by the way he ultimately was detected: by what he had to say.

I would not say he was unique from high functioning ‘lone wolf’ terrorists, but if they are engaging in repeatable crimes what they really want is a chance to have their say. They are not “dumb” enough to show their face, except in conditions where they are aiming to also commit suicide. “Terrorists” should be in quotes there, as this is generally true for any manner of serial killer who is motivated by a political or pseudo-political agenda. There are exceptions, of course. Invariably these sorts are “mad”, but if ‘too mad’ they are not much a threat.

Tadashi Togo July 25, 2015 2:02 PM

@Ritzy Pendulum

There is not sufficient motive for EU nations to do such a thing.

What there is, is sufficient motive for is for EU corporations to find some method of protecting their selves from lax regulations from friendly trading partners. There is an open niche for a corporation to provide security solutions from EU soil. But, even that is yet to be seen on any substantial level.

And that does not mean that EU members should trust each other, or have sufficient motive to trust each other. Though, I am unaware of any true ‘industrial espionage’ going on between them at any substantial level, a number of them do have significant motive to do exactly this. And have shown the lack of moral fiber in their intelligence institutions which has been seen elsewhere.

Where there is not sufficient motive, the action simply will not take place.

Capacity to do it, they have in spades. Capacity to do it without the chance of getting caught, none of them have.

I would be very, very surprised if Merkel and the BND did not well before Snowden know what the US had been doing already. But, for counterintelligence purposes, they need ‘some other source’ to reveal such matters.

That happens in the most hostile of environments, and it would happen in the most friendly of environments. Because the cell phone of a leader is always going to be treated as being a primary target in the most hostile of environment, and so properly inspected and managed.

me July 25, 2015 6:04 PM

@GeneralError @winter

Re: Intel

Take a look at any recent Intel PowerPoint deck documenting vPro, ME, AMT, Secure Key, IPT, Smart Connect, etc. and you’ll think you’re looking at a leaked NSA doc! SMM (System Management Mode, in Intel chips since the ’90s – 386SL) is the real goose egg here (runs above the OS with full access, no meaningful way to verify). Add “modern” easily flashable firmware via the standardized SPI bus and you’re screwed, m8!

Intel Inside (TM).

Paper Dragon July 25, 2015 6:28 PM

Earlier this week, NIST hosted the Lightweight
Cryptography Workshop.

One of the talks was from a programmer from Microsoft.

He looked the part. Disheveled with a nose ring. His
talk began by saying he knows nothing about hardware.
His thesis was that we do not need new cryptography
techniques because the ones we have are sufficient. His
justifications involved describing how programming is
hard, lazy programmers will misuse algorithms, and other
nonsense. You can read his PowerPoint from the link
below. He thinks software has no expense, time or size,
and that a raspberry pi is state of the art.

The workshop dealt with algorithms and issues with
implementing cryptography in very small devices such as
Internet of Things stuff. Seems that all of his
arguments were nullified bu just about every other

Another interesting comment was during a panel
discussion. One of the panelists was from the NSA. He
stated there is no practical reason for encryption to be
more than 96 bits, that more is just wasting bandwidth
and processing power. In other words, the NSA can crack
96 bits. A couple of audience members mentioned that
they disagree with that position. Especially considering
one of the talks was a researcher who showed the math
for a key recovery of a 128 public key algorithm.

Near the end of the workshop, NIST asked for any
comments or recommendations they should consider while
trying to develop a standard for lightweight
cryptography. One of the attendees who is very
experienced in the field of cryptology made the comment
that any algorithm should be a minimum 128 bits, but
should be more.

Skeptical July 25, 2015 7:51 PM

@rgaff: Unfortunately, most EU states are rather cozy as USA vassal states, so it’s not gonna happen. I welcome being proven wrong, but I doubt I will.

“Most EU states” are “USA vassal states”? Please tell me how many EU states in NATO are meeting their defense spending obligations (though thanks to Putin, that may well improve). Please tell me why, as vassal states, much of Europe refused to join the invasion of Iraq, and were able to do so without suffering any repercussions from the United States.

The reality is that most of Europe and the US are strong and natural allies, with common values and interests and with relationships embedded in longstanding institutions. There are no “vassal states” to the US.

Moreover I would expect them to grow closer together as allies, as the world over the next decade quite possibly enters a more unstable and dangerous state of affairs. The fundamental forces that make most of Europe, and the US, close allies are not ebbing; indeed they’re growing.

I view this as a good thing, since closer relationships enables mutual recognition and respect of various laws and individual rights that would otherwise be impossible in the international sphere.

Where Europe leads the US is in the protection of an individual’s personal information from private sector entities. And I do hope that some of the EU’s laws are adopted in similar form in the United States.

Europe actually lags the US, however, in the protection of private information from access by government authorities, and in a willingness to protect the intellectual property of individuals and companies from industrial espionage regardless of who is conducting it.

In other words, I’m not worried about the US Government handing over trade secrets from my foreign company A to some domestic company B. By contrast, I would be more concerned about certain other governments, even friendly governments on most issues of importance, handing over trade secrets to a competitor in certain circumstances.

So from a commercial vantage, considering only governments, I would actually prefer to keep trade secrets and other such data inside the United States.

I would add that my view that the US Government does not conduct commercial espionage is not a minority view. It’s the widely held view of anyone who might bother to assess the risk posed by confidential information being accessed by a particular government.

Now obviously this all becomes much more complicated when we put considerations like trade secrets aside and look at personal information. Although, frankly, outside of certain circumstances – were I a foreign diplomat for example – here too I’d probably prefer the US slightly to the EU, but would find both satisfactory.

rgaff July 25, 2015 8:12 PM

@ Skeptical

Indeed. Strong neutral allies, where the EU guys just do whatever the USA says. This is the special NSA definition of “neutral” nowadays, just like they have special definitions for “collect”….

If the USA says they have a “dangerous criminal” on the loose over there that is merely exposing all kinds of wrongdoing high up in the US government, they’ll just fork him over, no questions asked. They will be complicit in any form of kidnapping, torture, and killings that the USA tells them to by helping with “extraordinary rendition” and “double taps” where medical workers are killed off by drone attack. And most EU states gladly hand over all domestic data on their citizens to the US violating the Universal Declaration of Human Rights, and also commit acts of war against anyone the US tells them to (like Bolivia, with the Bolivian president’s plane). This is the definition of “neutral” allies. They are completely sucking at mamma’s teats and will never grow up into adulthood. LOL

Thoth July 25, 2015 8:18 PM

@My Name is…….
These dictatorship regimes should just ban ALL SMARTPHONES since Android, Apple and Blackberry are capable and offers strong encryption. In the latest version of Android, it has a somewhat easy to access Full Disk Encryption which a user can activate manually and with rather good ease.

Apple is the “worst offender” if compared because it uses very heavy encryption technologies and encrypts the entire phone by default. It includes the Open Source Curve 25519 and Ed25519 besides the standard NIST Suite B. I was recently reading Apple’s iPhone 6 security guide and it details in a very detailed fashion on how cryptography are employed throughout the phone and the decisions of certain designs and I would say I am pretty impressed by the effort and the thoughts put into securing the entire iPhone 6 by Apple.

The Apple Watch itself has it’s interesting security mechanisms too but I need to read more for that.

One of the impressive thing they have is the encryption of the bus line between the fingerprint scanner and the A8 chip (which is actually an ARM TruztZone enabled chip) using the cryptogrpahic co-processor in the fingerprint chipset to encrypt scanned fingerprints and sent to the A8 chip to decrypt and process the data.

In fact, most phones are using ARM architecture with ARM TrustZone whether it is the Qualcomm Snapdragon series, the Exynos by Samsung which is an ARM with ARM TrustZone and the Apple A8 which is also an ARM with ARM TrustZone.

Google’s API at Android 4.4 and above allows you to call the KeyChain API to generate a hardware protected RSA keypair if the Android OS detects that the chip has a security function (which most ARM chips with ARM TrustZone has).

Almost any phone manufacturer these days are using some form of ARM TrustZone backed chip with hardware security and it’s now a widespread norm.

So … what’s all the petty and selfish Govts who want to have such an attitude of spying on their own people and deliberately weakening their own systems gonna do ? They might as well isolate themselves from the outside world like N.Korea and not allow any smart devices.

Note that although the ARM TrustZone are not a very high assurance device and there might be backdoors if you would like to argue, it is really heavily dependent on what you want to define in your protection profile and security criteria. If you have a very high standards to counteract global Warhawk Govt surveillance and espionage, you might be back to the age of paper and pencil or the lifestyle of the Amish or something with low digital footprint.

Thoth July 25, 2015 8:25 PM

@My Name is…….
I forget to mention that BBM messaging might have some form of escrow encryption where the server might be able to decrypt it so I wonder what’s the issue with Govts who want to survey when they could simply request decryption orders or escrow in under a Govt key as well which Blackberry have done in the Middle East many years ago.

Blackberry allows the installation of OTR protocol messaging called ChatSecure ( which is much more secure due to it’s end-to-end encrypted nature which BBM might be leaning more to server encryption (I might be wrong on the BBM crypto protocols since it’s just a guess).

How are they going to prevent secure messaging with ChatSecure, SMSSecure, TextSecure, RedPhone, Signal and all the other end-to-end open source apps that can be side loaded 🙂 .

rgaff July 25, 2015 8:33 PM


You’re not thinking this through correctly. The fact that they’re fine with Android and Apple smartphones, and just against Blackberry phones, means that they have explicit FULL ACCESS to Android and Apple platforms, and ONLY Blackberry is balking at them! Regardless of any hype saying otherwise.

rgaff July 25, 2015 8:48 PM


Sorry, you said “natural” not “neutral”… because it’s NOT neutral and YOU KNOW IT. EU states are under the US thumb.

Thoth July 25, 2015 9:23 PM

@rgaff, My Name is……., Nick P
If you read the article again, it is really about the messaging service that comes tied to the phone.

BBM is part of Blackberry’s suite of default tools that are widely used. Android has a default Hangout messaging which is TLS encrypted and Apple has it’s iMessage which is end-to-end encrypted. Those are just the defaults and you can install more secure apps.

Your meaning of FULL ACCESS is too generic. Due to the nature of Blackberry and Apple, they are obscure and are not even translucent as Android which have it’s own proprietary binaries but half of the OS is still Open Source.

If you don’t like the dafault Android OS, you can always root it and use another Open Source mod whenever you like. If you don’t like the other mods as they are less secure, Genode has a fully Open Source experiment which includes integration into the ARM TrustZone which they managed to build a library for it and host a L4Android/Fiasco.OC setup. The codes are all in the Github and KSyslabs built on the Genode for a secure Samsung Galaxy Nexus phone and it’s all Open Source.

The better of the trio would be Android due to it’s somewhat Open Source nature and a lot of High Assurance mods can be derived from there like the Genode and KSyslabs projects in Open Source Github repos.

I am not sure why you state that Blackberry/RIM is balking at these authoritarian regimes when Blackberry/RIM already have a track record … a very nasty and smelly one … of bowing down to the Middle East Govts to provide escrow access to encrypted BBM messages (yes BBM already has escrow options 🙂 ).

Apple is a difficult beast to quantify since it’s not Open Source but the security documents are very well written and defined with in-device bus line encryption. It is hard to tell if Govts have exceptional access capabilities in the Apple’s iOS and you can’t simply swap another OS onto an iPhone like how you do for Android.

Quite ironically against your perspective, Android is the least offending and the so-called “balking against decryption order” a.k.a Blackberry, is the worst offender if history serves right. Who knows if all the noise Pakistan and India are making already indicates they have a deal on the ground with Blackberry behind it’s closet to provide complete spectrum interception of Blackberry devices.


rgaff July 25, 2015 10:32 PM


My term FULL ACCESS is generic on purpose… because it doesn’t really matter the specifics of how they’re doing it, and we may not be able to tell especially with all the closed source. But if they hate one and love the other, then the one they love they must have access to somehow, and the one they hate they must be having a harder time accessing somehow in comparison. It’s that simple.

I’m aware there are ways of arguing the opposite, but I think there’s more going on than we think there is at this point, due to my above logic. The only way it could be any different is if they’re trying to use reverse psychology on us, but we’ll be able to tell that by if the ban becomes clear it’s fake, all hype, and never really ever goes into effect.

Clive Robinson July 25, 2015 11:51 PM

@ My name is…, Nick P, rgaff, Thoth,

Pakistan is trying to ban blackberry devices because they encrypt.

This is not realy news, it’s been brewing up for years in many Muslim countries with religious law.

The reason at the bottom of it is “illicit / illegal” sexual and social activity. Or more simply to stop unrelated men and women talking to each other in private (as is the normal social custom).

Blackberry are perhaps the oldest encrypted messeging system around, and as has been noted, they have caved in on non corporate phones some years ago, in many parts of the world.

I’ve not looked at it recently but IIRC, whilst caving in on non corporate phones because Blackberry held the keys in their servers. Blackberry were not able to cave in on corporate phones because the keys are kept on the corporate servers not Blackberry’s.

As for other phones I would not read anything either way about the ability to read or not to read their traffic from this proposed ban.

Blackberry have been seen as a problem in Muslim countries for a very long time, but were never in effect “to powerfull to push around”, and their declining status means that “pushing them out the country” is not going to have a real effect on the country. Thus what I suspect is that the religious leaders are having a bit of a hissy fit, and are hoping the ban sends a “don’t mess with us” style message to other phone companies. If that is the case, then they are not going to find it very effective, as a market they are no where near large enough to have any real effect, so the likes of Apple etc will probably just take the market reduction in their newer more secure products. The country however loses out because all they will end up doing with such a policy is banning their way back to 1990’s style mobile phone technology, without mobile Internet connectivity. Which would due to the state of their non mobile phone / Internet provision have a significant effect on their economy…

As they say “It’s their choice of play, grab the popcorn and pull up a chair and we’ll watch how the game plays out”.

Thoth July 26, 2015 12:00 AM

@rgaff, Nick P, Clive Robinson
One reason we need to work on secure TCB android like Genode and KSyslabs efforts to open source their L4 TCB based Android implementations despite it’s infancy.

If you are mentioning hardware backdoors and subversions, you are in fact better off with Android as there are a ton of phone makers and you have to compromise the huge variant. One thing to note is that the more common Android/Blackberry..etc phone chipset is the Qualcomm chip and if you backdoor that one, you might jave a very good chance. There are no substantial evidence to show Qualcomm cooperated with Pakistan, Middle East or India yet but doesnt mean they dont have one yet.

The best we can do to secure commercially available phones now is Open Source TCB using the TrustZone and hardware.

I would agree with @Clive Robinson that we can just sit back and let them walk through the same paces and realize that you cannot actually “ban encryption capable phones”. That would push them back to really old technology.


Tadashi Togo July 26, 2015 1:34 AM


You are correct. A smart foreign nation would correctly surmise that neither the US nor any EU member state would engage against it for the purpose of industrial espionage. Where that would be defined as stealling from their non-defense related company to provide for a domestic company. These nations are caused based. And such a foreign nation would see their domestic privacy issues as irrelevant.

Russia is more difficult to understand on this issue, but besides their legacy, they have a fragile economy. China, on the other hand, has no true separation between corporate and state. But even China, like all these states, have far more pressing information needs then micro-economic desires.

They are concerned about survival.

In this sense nations operate kind of like a macro-model of the individual self, where survival concerns are exactly the impetus for gathering the most critical of information.

Likewise it tends to be irrational in motive and action. That is, just as individuals obsess over irrational fears and other beliefs that have some rationally tenuous connection to their survival, so do nations. Fear is a very powerful communicator. And, perhaps, deception or irrational fears of deception cloud their minds.

Not unusual as many natural threats do employ some manner of deception. Snakes and cats hide. Bears even are often on one before they notice them. Adversarial humans are deceptive in their approach. The safest course is supplied by the chemical response of adrenaline, which is more then just fight or flight. But is overly alert to possible deception, and triggers deceptive responses.

In that, there is no true rationality. So only by this way could the escalation of threat in the 80s cold war be explained, or the invasion of Iraq, or countless other irrational behaviors of nation states. Why would China hack their trade partners, or north Korea hack Sony? It is fear based “thinking”.

Clive Robinson July 26, 2015 5:35 AM

@ Tadashi Togo,

@Skeptical You are correct. A smart foreign nation would correctly surmise that neither the US nor any EU member state would engage against it for the purpose of industrial espionage. Where that would be defined as stealling from their non-defense related company to provide for a domestic company.

How would you describe the known actions of France and Italy in this area?

France has openly admitted to using state level resources for “industrial espionage” pointing out it’s less costly than R&D.

Whilst Italy has not openly admitted it they have been caught doing it as well.

I think most nation states would regard the view that other nation states do not spy on them for economic reasons as some what quaint to put it mildly.

Appart from Russia, China and several other “cold war” countries, Taiwan, Israel and several others have been caught “red-handed” at industrial espionage.

I’ve worked at four companies –three prior to 2000– where we were able to show state level industrial espionage and France, Israel and Italy were the nations concerned. Only the host nation of one company –South Korea– actually took any substantive action against the individuals of the offending nations concerned.

If you look back on this blog you will see I’ve mentioned incidents on both France and Israel prior to Snowden. So having had “first hand” knowledge of this, in the past I’ve regarded those who claim otherwise as being “either under informed, naive or both”, these days however it’s becoming clear that some are most likely authoritarian followers only some of whom can claim “my country right or wrong” without carrying the lable of “mercenary”.

Clive Robinson July 26, 2015 6:01 AM

@ Bruce,

You did not go into “academia” untill late in life, a decision that might be regarded as the “best way”.

I suspect this blog article from the London School of Economics might be of interest in that respect,

The LSE was a one of the few places I considered when looking around in later –than normal– life to do a PhD. One reason was that my potential supervisor did not susbscribe to what he quite chearfuly called “Academic ‘Master’ bation” where by those he regarded as behaving unethically got their PhD students to do their research donkey work unpaid.

Serial Interface July 26, 2015 8:20 AM


The statement about natural allies and how NATO works must be some joke.

Years ago Vodafone in Greece was caught intercepting all communications between Greek government executives. Ties with NSA were found and an unfortunate IT guy working at Vodafone who could shed light on the technical side of things was found conveniently dead under mysterious circumstances. The Greek government pretended everything was ok and this was years before Snowden and the documents about intercepting Merkel’s communications.

The bottom line is USA has corrupted the world order and European governments are just puppets. That is why there is no European initiative for new CPU designs that will be backdoor-free. At the same time Russia has plans for their own CPU so they can get rid of Intel backdoors.

rgaff July 26, 2015 9:52 AM

@Serial Interface

At the same time Russia has plans for their own CPU so they can get rid of Intel backdoors.

Yeah, but they’ll obviously just substitute their own backdoors…. so that doesn’t really help us, does it.

Nick P July 26, 2015 9:57 AM

@ Clive Robinson

Looks like they tried to solve a problem on their side while creating a covert channel for a different problem on another side. Easy mistake to make although hard to call it a mistake given what their goals were. The part that jumped out at me was this:

“MTU on the cellphones differ a lot from phone to phone. If you use one SIM on different cellphones you’ll get different MTU values. I suppose it’s bound to the cellular operator configuration and exact GSM module in your cellphone.”

And, now, you have a way to detect whose swapping phones constantly without being the service provider. Wait till FBI and NSA “innovators” get back on Schneier’s blog to find this gem. 😉

Serial Interface July 26, 2015 10:00 AM


I have no doubt about Russians backdooring their own CPU designs, but I would prefer at least some choice about whose backdoor consumers would prefer.

Nick P July 26, 2015 10:10 AM

@ Thoth, My Name is…

re smartphone ban

They could ban them outright if they wanted to. Instead, they’re wishing they could like FBI did with Skype, etc. Later, we find out they had access to it and the statements were intended to increase its use. The governments have the power to demand encryption keys and backdoors. Regimes such as Pakistan could do covert agreements for this in exchange for right to sell in their country. We’ve seen many of these firms cut some kind of deal with NSA, etc. So, it’s plausible.

Another reason not to ban smartphones is their risk. That we often discuss ways to secure smartphones implies they’re horribly insecure. Horribly insecure phones running crypto can be attacked, the crypto bypassed, and the regime’s opponents crushed. Companies such as Hacking Team specialize in doing exactly that. Harder to do that on phones with barely any functionality. Especially such phones designed to be more secure. So, it’s actually in the interest of all surveillance states to encourage the use of smartphones, mainstream OS’s, complex software, and so on. Gets them more access and the built-in functionality actually reduces what functionality their tools must include.

re Apple

They have done a 180. I still don’t trust them, though. I also criticize them as holding back too much on INFOSEC despite being a vertically integrated platform with processor license and fab deal plus billions. Apple is one of few that could build a legacy-compatible, ultra-secure phone. They could even do it relatively cheap if they used the simpler tech for processors and toolchain mods. Their LLVM investment makes that MUCH easier.

re Samsung

We can’t trust them either if only due to the complexity. They wisely switched to their own processor design to eliminate foreign, subversion risk. SK is big on espionage so who knows what risk Samsung itself has. They did add Green Hills INTEGRITY multivisor for their Knox platform. I’m sure Knox security needs work but at least you can isolate stuff. Probably integrated with TrustZone as I know GH’s stuff usually is. So, Apple is ahead on hardware stuff and Samsung on software stuff.

re BBM escrow

Exactly… Many organizations didn’t adopt Blackberry due to how their communication system was designed. Was just too much risk of compromise. We all favored end-to-end stuff instead. They could benefit by switching to an end-to-end model with some kind of easy key-management and central server handling non-security issues hard to handle at client.

rgaff July 26, 2015 10:12 AM

@Serial Interface

Choosing your poison might make you feel better than everyone drinking the same cool-aid, but the result is still the same: everyone dies (figuratively speaking, not literally in this case). What we need to do is invent and pass out a few poison-free drinks so some live to tell the story. And if we increase the variety 10x or 100x it makes it that much harder for the poisoners to get around to them all.

Nick P July 26, 2015 10:47 AM

@ All

Interesting article on 0-day market with Hacking Team’s emails as the source. This sheds light on recent discussion about mobile phone security. Apple is harder to hit with a higher payoff, they are hitting Apple, and the vulnerabilities sell for $200+k each. So, it’s not secure but it’s outside the reach of most governments unless they have good, 0-day hunters themselves.

mb July 26, 2015 10:48 AM

@Nei Huem

It’s nothing new really. I don’t remember if it was earlier this year or late ’14 when a couple of German CS students figured out exactly the same thing.

What’s amazing about this particular problem really is the level of ignorance and sloppiness with which some folks operate their services.

If the excuse is that you didn’t know MongoDB had no default authorization scheme activated and is instead listening on localhost (or maybe it isn’t) it’s not an excuse I’d ever accept if you’re responsible for that database. The bottom line is:

If you run services that you obviously haven’t even understood to that level you’re neck deep in trouble and you really shouldn’t be responsible in the first place because you obviously are not. Assisting someone with authentication is pointless since he WILL run into a similar problem a couple of months later.

On top of that there are two other ‘issues’. You can operate a service publicly or privately. There are reasons why a MongoDB installations could be accessible publicly. But if that’s the case you obviously need authentication and that means you should have at least wondered about that particular problem. Accounts don’t magically pop up somewhere. If you don’t there’s no reason to not firewall the service. Firewalls are significantly more secure in general than authentication on a much more complex level.

If you just would have considered one of the two things you wouldn’t be in that 30k entry list.

These guys problems aren’t just with MongoDB. They have a major qualification problem in general.

MongoDB got some flak for this and I really don’t know why. This is not consumer grade software where it’s a good idea to assist the user. Specifically with security. This is a database server and a quite special one for that. We are dumbing down consumer software to a level where it becomes painful to use more often than not. This should not even be considered with server grade software.

If you’re ignorant or just don’t give a shit you’re going to get hurt. And imo that’s a perfectly fine solution.

Gerard van Vooren July 26, 2015 10:54 AM

@ Clive Robinson

“The LSE was a one of the few places I considered when looking around in later –than normal– life to do a PhD.”

What age was “later in life”?

DqLltWF3xLNdkpDMXU July 26, 2015 10:58 AM

Time to check your logs for

If you’re running chromium or chrome, I suggest you add the following immediately to your /etc/hosts file:

Recently I had a “profile” blow up on me and the process was very adamant to reach To say alarms went off would be and understatement. Attempted to connect on start, and every 10 minutes thereafter. Both port 5228 and 443. Was not page related. Did not care process was sandboxed with no access to relevant hardware.

This and WebRTC make me want to ditch this POS.

rgaff July 26, 2015 12:33 PM

@Nick P

Geez that article on Hacking Team’s 0days reads like a bunch of thieves all cheating each other and not trusting each other…

Clive Robinson July 26, 2015 12:51 PM

@ Gerard van Vooren,

What age was “later in life”?

About the same age as those who never venture outside of academia hope to get their first full time “prof salary” on a faculty at the time….

For those still trying to work out how old I am, I’ll say what I’ve said before,

“I’m older than Bruce, but don’t have as much badger in my beard”

Though I’ve a wee bit more than last time I said it…

Oh and contrary to another poster’s –B.F.Skinner– suggestion long ago, I do not look like a Klingon, I’m to tall and they are to soft, cuddly and cute 😉

Enough said?

Z.Lozinski July 26, 2015 1:21 PM

@Serial Interface,

Years ago Vodafone in Greece was caught intercepting all communications between Greek government executives.

If I may correct you, that’s not an completely accurate statement of the events in question.

Vodafone’s network in Greece was caught intercepting all communications between members of the Greek Cabinet (and some others). The information in the public domain suggests that someone, as-yet unidentified, uploaded 6500 lines of code to the Ericsson MSCs that enabled the interception to a set of 16 “burner” mobiles.

Kostas Tsalikidis, the gentleman who died, was not an “IT guy”, he was the Network Planning Manager for Vodafone Greece, Many of his colleagues were really, really, upset about his death.

The Greek government pretended everything was ok

No. There was a parliamentary investigation. The chief executives of both Vodafone Greece and Ericsson appeared before the investigation. As a result Vodafone Greece was fined EUR 76 M by the Communications Privacy Protection Authority (Dec 2006) . And “The Hellenic Authority for Information and Communication Security and Privacy (ADAE) decided to fine Ericsson Hellas 7.36 million euros ($10 million) in relation to the wiretap issue” (Sep 2007)

The best public summary is in the IEEE article “The Athens Affair”:‎

Z.Lozinski July 26, 2015 1:41 PM


The LSE was a one of the few places I considered when looking around in later –than normal– life

Thank-you for that. I now have three places to consider when I finally retire and think about the PhD I couldn’t afford in my mis-spent youth …

Gerard van Vooren July 26, 2015 1:49 PM

@ Clive

I was only curious because I did the same thing, at university level 😉

Wishful Thinking July 26, 2015 1:55 PM

Rgaff wrote,

“@Serial Interface

At the same time Russia has plans for their own CPU so they can get rid of Intel backdoors.”

Yeah, but they’ll obviously just substitute their own backdoors…. so that doesn’t really help us, does it.

I think it actually might help, yet. If I’m not a Russian citizen, if I live in a 5-Eyes country, and I am a routine privacy advocate (not a criminal of any sort), and, I consider the philosophy that the enemy of my enemy is my friend, then I would prefer Russian hardware over American Intel, Inc. all else being equal.

But there is a good point to be made about 1000 vendors watering down the “poison”, and of course hardware lacking backdoors altogether would be best (all but impossible, even Pollyanna admits that).

Tangent: Short article on Intel, backdoors, RNG, some suspicion, CEO doesn’t want to talk about it, blah, blah…

rgaff July 26, 2015 2:49 PM

@ Jacob

What the heck… you can’t use A to validate B, when B’s only validation is A…. This is what Update 2 is doing!

rgaff July 26, 2015 3:00 PM

ok, never mind, he’s actually saying he’s received outside confirmation… I’m not very observant am I…

Serial Interface July 26, 2015 6:20 PM


I believe they found evidence that NSA orchestrated the whole thing and even came up with a specific grecoamerican NSA agent, but the Greek government never dared to take any action against the NSA.

So, while they fined Vodafone, they did little to investigate the ‘suicide’ or the NSA involvement. I believe this just shows how European countries are little more than USA protectorates, so any hope they will come up with a new safer CPU design is just futile.

Tadashi Togo July 26, 2015 6:34 PM

@Clive Robison

I’ve worked at four companies –three prior to 2000– where we were able to show state level industrial espionage and France, Israel and Italy were the nations concerned. Only the host nation of one company –South Korea– actually took any substantive action against the individuals of the offending nations concerned.

If you look back on this blog you will see I’ve mentioned incidents on both France and Israel prior to Snowden. So having had “first hand” knowledge of this, in the past I’ve regarded those who claim otherwise as being “either under informed, naive or both”

I believe your story. Your reaction leads credence to that.

The focal point of the post was about how intelligence agencies are fueled by the social substance of fear, and how this tends to create a world of illusion for them.

The industrial espionage issue was merely brought up as a point of agreement, for conversational purposes, towards Mr Skeptical. It could have been anything.

I am interested in your story, if you care to elaborate. I understand you would change the details here and there to preserve anonymity. Even a general idea would be interesting.

In other words, my statement in those regards was not intended to be seen as entirely absolute. Who knows what really goes on.

The evidence available to us everyday people in these regards is poor. I could walk through “why” that is so. But, this is not truly necessary.

There is partial evidence of “something going on”, which raises questions no one had before. After all, one never has questions until a partial answer is given. In that case, it is well said, “more questions are given then answers”, or “this only raises questions and provides no answers”.

That is where the public is today, those without privy knowledge.

So, please elaborate, even if vaguely so. Or, some links or search terms would help. I did actually get so interested to start searching through your posts, but you have a lot, over many years.

For instance, you are saying you worked at a French firm, an Israeli firm, an Italian firm, and a South Korean firm? And they all got hacked or spied on? By who? The same party?

Or, are you saying you saw Israeli, Italy, and France engage in such spying matters? And only the South Korean firm listened to you and “took action”?

Who did it? How? What did they do?

What do you think happened?

MrC July 26, 2015 7:31 PM


OK, that sounds pretty convincing. Some tentacle of the US Gov’t subverted surespot. Now, the big question is “how?” Pushed a poisoned update that leaks keys? Built MitM into the key exchange?

1111111111111111 July 26, 2015 7:37 PM

@ rgaff

“Geez that article on Hacking Team’s 0days reads like a bunch of thieves all cheating each other and not trusting each other…”

I agree.

I’ll say it again; I think we are seeing the government intercourse with criminals. The spy business is a greasy, smelly business – and swings like a gate. It is also produce a growing cottage industry of digital weapons – for better or worse.

This dove tails with Clive’s LSE post about drug dealers living with there parents. There are a lot of parallels with the Hacking Team’s shenanigans.

Clive Robinson July 26, 2015 7:41 PM

I know Google is not as popular as they might be 😉

But the MPAA and Rupert “the bare faced lier” Murdoch are disliked even more, and it would appear to be for good reason, “they are a bunch of crooks” and some of the legal people involved doubly so…

Have a read of,

And if your eye brow does not rise a smidgen, you must be even more cinical than I am….

Thoth July 26, 2015 8:04 PM

@Nick P
Just a little note that Apple is using lots of good Open Source efforts. It’s secure world OS for it’s TrustZone uses a variation of L4 🙂 . That statement was declared inside iPhone 6 Security Guide I posted and distributed by Apple themselves.

What’s the name of the US Attorney who said RIM/Blackberry died (business wise) due to too much encraption (yes … crap encryption a.k.a escrow) ? Blackberry died precisely the opposite. When the news of BB yielding to Middle East, India and now Pakistan’s request and they actually attempted to limit the high grade security (so-called high grade) to corporate users and to coincide with the rise of Android (which is highly customizable) and Apple’s cool shiny phone, they simply lost it at that intersection of their fate (being sealed forever).

@Serial Interface
You said:

“I believe they found evidence that NSA orchestrated the whole thing and even came up with a specific grecoamerican NSA agent, but the Greek government never dared to take any action against the NSA.”

Do you think that the current Greek economic crisis might have been triggered due to such espionage activities ?

Clive Robinson July 26, 2015 8:28 PM

@ Nick P,

And, now, you have a way to detect whose swapping phones constantly without being the service provider. Wait till FBI and NSA “innovators” get back on Schneier’s blog to find this gem. 😉

My thoughts are that maybe this issue with the varied MTU on Smart Phones, might be a quite deliberate attempt by the service providers to catch out those who have unlocked their phone so they could swap SIMs…

Further I know that the UK Home Office got a considerable “bee in their bonnet” some time ago after the Association of Chief Police Officers (ACPO) started a long term tirade on “everything Smart Phone” using any and all of “The Four Horsemen”. This is an ongoing action by ACPO and currently it’s over “ISIS Grooming Jihadi Brides”, but various UK Police forces are getting very bad national press over “grooming of girls” in various forms by “Asian Businessmen” a term often used as a code for “men of the Muslim faith”. The Home Office would have had a chat with the likes of GCHQ and the likes of the different MTU would make Smart Phone traffic on the Internet stand out, without having to “tap up” the mobile phone service providers for “records”, some of which are definately run by businessmen who are muslims (I actually met a couple of them)… The UK market is slightly odd in that the service providers who sell “cheap overseas call” SIMs don’t have infrastructure, they rent it from those that do, and it’s the infrastructure owners that would set the MTU not the SIM providers. I’m sure that all of this is not lost on the likes of GCHQ who would cheerfully use such information to avoid “tapping up Muslim Service Providers”, which the Home Office would likewise very much wish to avoid for quite a few reasons.

sahneh-i ruzgar mahv shaved July 26, 2015 8:36 PM

Annnd, right on cue, here comes Captain America in his fruity tights to tell us Europeans are not vassal states.

Because, wait for it, they don’t meet their ‘defense spending obligations.’ NATO members have no defense spending obligations. Skeptical doesn’t know what’s in the NATO Charter and he doesn’t know what an obligation is.

Also because Europeans met their erga omnes obligations and invoked their rights of non-participation and denunciation to resist US aggression in Iraq

…without suffering any repercussions.

Tell that to Dominique de Villepin, who presumed to balk US aggression in Iraq.

Of course the USG can’t push Europe around like it used to, not since it wrecked its international standing with manifest breaches of the Vienna Conventions, the Geneva Conventions, the Hague Conventions, the Convention Against Torture, The ICCPR, and the UN Charter. The bloc breaks up before the hegemon does. Disintegration spreads inward, as Skeptical would know if he had done anything to help the Eastern bloc break up. Having snoozed through that, though, he can’t see the other shoe dropping in his clapped-out mirror-image bloc.

Nick P July 26, 2015 8:41 PM

@ rgaff

“Geez that article on Hacking Team’s 0days reads like a bunch of thieves all cheating each other and not trusting each other…”

Welcome to the underground. 🙂

@ Clive

Interesting stuff.

Dirk Praet July 26, 2015 8:46 PM

@ Nick P

…So, it’s actually in the interest of all surveillance states to encourage the use of smartphones, mainstream OS’s, complex software, and so on. Gets them more access and the built-in functionality actually reduces what functionality their tools must include.

I agree. Same thing can be said about a number of current initiatives against jihadi fora and social media presence. The net result of such operations is that those engaged in such activities are just moving even deeper underground and that researchers and LE are going dark.

As to Pakistan, I believe they should have contacted their colleagues in New Delhi as India had been requesting golden keys since 2008 until apparently an “appropriate lawful access” solution was reached between the Indian government and RIM somewhere in 2012. This seemed to involve an Israeli company called Verint that can intercept messages and emails exchanged between BlackBerry handsets, and make these encrypted communications available in a readable format to Indian security agencies.

@ Skeptical

Please tell me how many EU states in NATO are meeting their defense spending obligations

Not many. Although some folks are trying their very best to revive the days of the cold war with Russia over Ukraine (which not a single European citizen gives a damn about), we’re not actually at war with anyone. Most EU countries prefer to spend their taxpayers’ money on issues like education, infrastructure, healthcare, social ameneties etc. Contrary to the US, we can also not afford to accumulate a staggering national debt that sooner or later blows up in everyone’s face. Greece is a good reminder of that.

Please tell me why, as vassal states, much of Europe refused to join the invasion of Iraq …

Because it was a horribly stupid idea that very few politicians at the time were able to impose on their electorate without the risk of a formidable political backlash. History proved them right. Today, Tony Blair is a political paria in the UK.

We are not vassal states, but what you need to realise is that the public opinion – especially in Western Europe – is slowly shifting away from the post-WWII perception that the US by definition are the good guys who only have our best interests in mind.

And the US really has itself to blame for that: the unfettered capitalism of corporate America putting money over people, decades of military interventions and disastrous foreign policy that has destabilised entire regions, mass surveillance, secretive trade negociations, the renewed war-mongering over Ukraine, presidential candidates that seem to be coming right out of South Park … The list goes on. Our politicians may still give the US a lot of leeway in order to preserve the transatlantic pact, the interests and values we share, but for a growing number of European citizens the US has completely lost its moral high ground to the point that it is no longer perceived as a “natural ally” but as a nation we have less and less in common with.

Nick P July 26, 2015 8:54 PM

@ Thoth

All I saw online were descriptions of the Secure Enclave. I didn’t see anything suggesting what it was running. You have a link and/or page number to that?

Regarding Blackberry, they mainly just lost competitive edge. Any restrictions were probably a minor effect. There was a nice article detailing the inside perspective of Blackberry’s fall. It was kind of like Windows or Mac vs DOS w/ a window manager. Any further restrictions will certainly make it worse.

@ Dirk Praet

Wouldn’t surprise me. Best to assume that either (a) Blackberry was compelled to assist decryption or (b) someone onsite in their jurisdiction was compelled to help. Plenty of options for a snooping, oppressive regime either way.

uhm July 26, 2015 9:36 PM

“For those still trying to work out how old I am, I’ll say what I’ve said before,”

Age is relative, as all things are, apparently old enough before the eye gives, as we all are. Just not as young, as Bruce, but as for instance skeptical

Thoth July 26, 2015 10:05 PM

@Nick P
The iPhone 6 Security Guide is in the multiple links I posted above. Here’s the link again.


Page 7, Para 1.

“Its microkernel is based on the L4 family, with modifications by Apple.
Communication between the Secure Enclave and the application processor is isolated to an interrupt-driven mailbox and shared memory data buffers.”

uhm July 26, 2015 10:09 PM

“And if your eye brow does not rise a smidgen, you must be even more cinical than I am….”

The new and old media had always been in all sorts of cahoots with each other. The old had never liked digital, they longed for analog days where piracy ran unchecked. We traded cassette tapes, floppies, vinyls, and were happy newspaper delivery boys came summer breaks. There were no freemiums, as everything is a freebie by default. Those were the good ole days, then along came a Google -.-

fooc July 26, 2015 10:26 PM

As to Pakistan, I believe they should have contacted their colleagues in New Delhi as India had been requesting golden keys since 2008

By colleagues, I presume you mean targets of 50+ years of Pakistani Islamic terror, with Jihadis slipping across the border endlessly and massacring civilians endlessly ? In more recent times, the Taliban was only created by the Pakistani ISI to use for this eventual purpose (when the Pakistanis weren’t supporting/sheltering Osama of course, that is).

Serial Interface July 26, 2015 10:49 PM


I don’t think these activities triggered the crisis, but I wouldn’t be surprised if they were used as a vital tool to bring Greece to this point. I am sure Wikileaks will be full of interesting facts about Greece as the current crisis was prepared.

Take for example Saudi Arabia and similar countries, they have oil resources and USA provides them protection for their regime and their frontiers and even turns the other side when IS wahabists commit their attrocities.

On the other hand take the example of some African countries that also have rich oil resources. They are poor beyond belief, but corrupted politicians stay in position thanks to USA support.

Since Greece and Cyprus were found to have significant oil resources, it was one way or another. How convenient both countries went bankrupt, their governments were spied upon and now are ready to sign whatever agreement is imposed upon them, even threating the euro currency.

At the same time, most European countries face similar debt problems and even USA is under debt pressure. So much for European independency.

Sceptical’s thought about Europeans being bad allies is almost funny. Maybe Europeans were bad allies when they didn’t send troops to fight in Vietnam or Granada, but they were stupid enough to get into Iraq and Yugoslavia wars.

Now that every European government uses extented computer networks for financial management, I bet NSA has set foot into their computers and predicts everything before anyone else.

Bob S. July 27, 2015 2:44 AM

NYT reports : Facebook Loses Appeal on New York Search Warrants

Seems the state was looking for employees who committed disability fraud, so they got a bulk warrant for FB material on 362 people. Subsequently, 62 (17%) were charged with a crime. The state was allowed to rummage through the materials of all the suspects which was affirmed by the court.

One conclusion is mass surveillance and bulk search warrants are an effective law enforcement tool. Also, persons who haven’t committed crimes do not have recourse to legally resist “bulk collection” in NY formerly known as a liberal bastion.

If FB can rummage around electronic data for it’s purposes, why not the state?

Seems there is little left to distinguish citizens, marketing targets and criminal suspects. All the same thing anymore.

Curious July 27, 2015 3:46 AM

Was CVE-2015-3152 (“Backronym”) vulnerability announced late April ever fixed?
(SSL/TLS stripping, MySQL)

“A vulnerability has been reported concerning the impossibility for MySQL users (with any major stable version) to enforce an effective SSL/TLS connection that would be immune from man-in-the-middle (MITM) attacks performing a malicious downgrade.”

Presumably, this might be a big deal (I have no clue, not my field of interest). If nothing else, I guess one wouldn’t want to use an affected version of MySQL.

Dirk Praet July 27, 2015 5:55 AM

@ fooc

By colleagues, I presume you mean targets of 50+ years of Pakistani Islamic terror…

I think most people are aware of the historical tensions between India and Pakistan. That doesn’t mean they are not talking to each other.

Jacob July 27, 2015 7:11 AM

@ Curious

This JS-based Rowhammer attack is pretty clever and dangerous. I thought it would be inconceivable for JavaScript to manipulate the system’s DRAM, but they apparently did it.
The issue here is not a flaw or a bug in the JS engine or in the browser, but taking advatage of a crack in the common hardware design of systems.

It appears that the only short term fix for the demonstrated attack is to have the HW vendors issueing a BIOS fix or the browser vendors to implement some changes to the JS engine code (with an unwanted performance hit).

JSON July 27, 2015 8:22 AM

Greek government planned to hack own finance ministry, taxpayer accounts

A team put together by Greece’s left-wing government were prepared to hack into the country’s own finance ministry and access taxpayer information in order to create a parallel payment system if the country had been expelled from the Eurozone, according to published reports.

If it had gone ahead, the plans would have allowed public sector salaries and pensions to be paid and possibly laid the groundwork for a return to the drachma.

The Daily Telegraph reported that former finance minister Yanis Varoufakis laid out the planned activities of his five-man team to a group of investors in London late July 16. The paper reports that Varoufakis recruited a technology expert from New York City’s Columbia University to access the software systems of the country’s tax office and obtain reserve accounts and file numbers of every Greek taxpayer.

“We decided to hack into my ministry’s own software program,” Varoufakis told the investors.

Varoufakis, who had resigned as Greece’s finance minister 11 days earlier in the wake of a referendum that rejected E.U. bailout terms, added that passwords used by citizens to access their online tax accounts would have been copied secretly and used to issue new PINs for every taxpayer to be used in transactions with the state. The payments themselves would actually have been “IOUs” based on the model used by California after the collapse of Lehman Brothers in 2008.

Winter July 27, 2015 8:35 AM

“A team put together by Greece’s left-wing government were prepared to hack into the country’s own finance ministry and access taxpayer information in order to create a parallel payment system if the country had been expelled from the Eurozone, according to published reports. ”

I do not see the point of this news report.

I was under the impression that it was the task of the government to collect taxes. In this role, they should have access to the accounts of tax payers at the tax authority. Why they have to resort to hiring foreigner to “hack” the accounts at the ministry of finance to handle payments is a little mysterious to me.

Also, if Greece were to leave the Euro, they would have to transfer all payment systems to the new currency. Again, I cannot see why they would have to “hack” anything.

I know “hacking” does not necessarily mean illegal “cracking”, but I doubt whether Fox news will report on these nuances.

I am especially surprised at the overall impression in the news report that it is somehow illegal for governments to access the tax accounts of tax payers at the ministry of Finance. Or to transfer their systems to a new currency when they leave the Euro.

Jacob July 27, 2015 8:43 AM

@ Winter

You should have read the original story in The Daily Telegraph.
Varoufakis said that the Greek tax Office was controlled by The Troika, so they had to get to the citizens’ account by going “under the radar”.

Johann July 27, 2015 10:07 AM

yea the original story at:

…says that they hacked into the software in order to obtain the reserve accounts and file numbers of every taxpayer.

The goal of the computer hacking was to enable the finance ministry to make digital transfers at “the touch of a button”. Their intention was that they could extend it to some custom-built apps on smartphones and it could become a functioning parallel system.

This parallel system could easily be switched from euro to drachma.

Based on the information in the article, their plan was to introduce a “digital currency” (IOUs similar to those used in California during 2008) that could reach any tax payers through smart phone apps. This type of “currency” can be relatively easily switched from one denomination to another.

Part of the reason for this plan was because, according to Varoufakis, German finance minister Wolfgang Schauble is intent on pushing Greece out of Euro.

According to Varoufakis, Wolfgang Schauble has said that Grexit will “equip him with sufficient terrorising power in order to impose upon the French that which Paris has been resisting: a degree of transfer of budget-making powers from Paris to Brussels.”

Curious July 27, 2015 10:31 AM

As a mere consumer, I have the impression that android phones are a cruel joke as far as security is concerned. So many annoying things these days. I’ve learned recently that there aren’t any Win 10 drivers for my three year old motherboard, and there might not ever be ones. Thanks Asus.

Curious July 27, 2015 1:40 PM

Off topic: (Swedes finally spots a submarine in their waters)
A newspaper in Sweden (Expressen) reported an hour ago, that a mini submersible, 20m long by 3m wide, literally has been found allegedly ca 2,75km off the coast some time last week. They seem to describe it as an intact undamaged wreck of sorts, believed to be Russian because of a claim of having seen Cyrillic characters on it.

If true, I am guessing this might perhaps be some kind of drug trafficking vessel, similar the ones I’ve read about in South America. Though, I wouldn’t think such submarines would be ocean going.

Curious July 27, 2015 1:45 PM

To add to what I wrote just over:
I guess one could simply tow a submersible underwater after a boat, and the thing would sort of become ocean going.

rgaff July 27, 2015 1:58 PM

Why would ocean going be such an issue? Do waves get bigger or currents get swifter the farther down you go?

rgaff July 27, 2015 2:00 PM

I am thinking coastal ocean… obviously there is a distance issue out in the middle…

Curious July 27, 2015 2:26 PM

I thought perhaps it was an odd day to put up such populistic news in Sweden, but maybe I am just paranoid.

Tadashi Togo July 27, 2015 3:01 PM


I thought perhaps it was an odd day to put up such populistic news in Sweden, but maybe I am just paranoid.

Sweden was neutral during the Cold War, but very wary of Russia invading, and that by sea.

So, probably a story which is resonant to Swedes from that time period who considered that possibility as real.

Russian military gear, even a small submarine, has been often for sale, and in one case some drug smugglers used one of their smaller submersibles for drug trafficking. More likely a cold war era wreck, unless they have confirmed otherwise.

Z.Lozinski July 27, 2015 3:27 PM


Off topic: (Swedes finally spots a submarine in their waters)

I thought perhaps it was an odd day to put up such populistic news in Sweden, but maybe I am just paranoid.

I am not Swedish, but there is some sensitivity to this in Sweden.

There was an incident in 1981 during the Cold War when a Soviet submarine (NATO: Whiskey Class) ran aground in Swedish waters. The incident is usually referred to as “Whiskey on the Rocks”.

There have been an on-going series of incidents, the most recent in 2014, when Swedish anti-submarine forces detected underwater contacts without identifying them. There are various theories on who was responsible. Insert conspiracy theory to taste.

name.withheld.for.obvious.reasons July 27, 2015 3:44 PM

On a voice vote in the house, congress passed HR 2750 (I believe that is the current bill number) in order to manage issues with employees of the TSA. Though most TSA personnel lack clearances, the intent is to turn the IC monitoring tool (Continuous Evaluation) that was enabled by DoD in a pilot program with OPM. Seems the TOOL is creeping outside the perimeter of the IC and like a large HeNe Laser mounted on a circular rotating base, power will be delivered to the laser directed at a mirror orthogonal to the plane of the beam…

BoppingAround July 27, 2015 4:18 PM

Don’t sweat it yet. There are no Windows 7 drivers for the mainboard of one my computers either, but it works just fine. I guess Windows has a driver bundled.

J on the river Lethe July 27, 2015 7:12 PM

I thought this was interesting, but I can think of some dangers with security leak from a ram based server. ASIC chips would be more efficient than fpgas.

@nickp. I hope things are going better for you?

@nickp, Thoth, et.
The confirmation that the players in such actions as hacking team can’t trust people just breaks my heart. However, when the craft of paranoia is a lifestyle……Sometimes I think the worst players rise to the top.

kernel July 27, 2015 11:06 PM

DefCon Hackers Tell How They Cracked Brink’s CompuSafe Galileo Digital Safe in 60 Seconds

“One of the main vulnerabilities we are focusing on comes by way of a USB port that is on the exterior of the safe,” Salazar told eWEEK. “We have created a little tool that we can just plug into the safe, wait 60 seconds for the tool to do its work, and then the safe doors will open and you can take all the cash out.”

It might raise eyebrows that the operating system that powers CompuSafe Galileo is Windows XP, which Microsoft no longer supports. Salazar emphasized, however, that it’s not Windows XP that is the root cause of the CompuSafe vulnerabilities.

“Even if the CompuSafe were running Windows 10, it wouldn’t have changed the exploit that we will be demonstrating,” Salazar said.

Lucifer, The Angel of Hell July 28, 2015 2:07 AM

Hrmph, grmph, uggh. Changing my name. It does not help against nlp analysis, but it helps against some other adversaries against privacy. For some reason, I do not think either “Lucifer” nor the “hell’s angels” will feel equal to pursue me on such seeming “slander” for their name.

… that aside…

@’industrial espionage’

I am skeptical against the accusation of true ‘industrial espionage’ against Democratic nations. The primary advocates of this of late has been the US Government. There was an “accidentally” or intentionally released NIE. There was FMR Robert Gates and his interview, where he stated ‘everyone but the US engages in industrial espionage’. And, ‘China is the least of our worries’. And, ‘America is the only nation which does not engage in this’. There is also the testimony of the accidentally released US Embassy official complaining about how some EU state so does this.

Problem is, for a democratic nation, this would mean their government working for a domestic company, instead of for their government. And, almost invariably, this would mean that they are working for one domestic company, while effectively working against all other domestic rivals. Much less international. So, you have strong domestic suits, strong international suits, and major criminal charges, both domestically and internationally.

Would that not be great “tv” to see such evidence presented on the “big screen”?

I am not against that coming out. In fact, why would I be? It would be quite a theater to watch. Who could not rejoice at finding such powerful people culpable of such great crime? Inaccuracy.

Oddly, I watch or read about the old methods of punishment, such as the guillotine, or the rack… none of this interests me. It disgusts me. But, seeing powerful people caught in really bad crimes? That is highly amusing.

The reasons “why” Democratic nations would evade doing this are many.

Few corporations could they help which do not have equal or even greater rivals, even just domestically.

These corporations employ people and pay politicians money.

They have lawyers. Armies of lawyers.

There are monopoly laws. There are conspiracy laws. There are bribery laws. There are international trade agreements and strong international trade laws. There are patent laws.

Now, so, to capture a corporate executive and control them to do something that is approved even by secret courts, that is one thing. But, to engage them in an incredibly secret, deeply illegal, deeply anti-democratic, anti-capitalistic, anti-moral – by any standard – project? Different matter.

I know, I know. There are a lot of conspiracy theories along these ways. Some truth to them. There are defense corporation connections with intel, military, and political leaders. There are obviously strong connections between private money and public… politicians.

But, to catch a government agency working for domestic company A stealing from foreign company B to the benefit of domestic company A?


Is it happening? Probably.

How do we already know it happens?

Well, we know that, for instance, there is economic and sci-tech espionage. So, a country might spy on some cutting edge pharmaceutical company. They might capture data from them before it is filed for patents. They might share that information with government sponsored programs… which are also corporate sponsored.

We also know people doing bad things while in authority get paid good, big money, by defense contractors. No laws against this.

We know it is legal and justifiable to spy on foreign defense contractors.

So, if you find information from such defense companies, do you share with all defense companies, or just a few?

Maybe just one?

How would Lockheed Martin feel if Raytheon alone got special technology stolen from France which enabled them to better big on a multi-billion dollar project?

Well, defense related. They maybe could not argue about it.

But, if it was Pepsi, for instance? Coca-Cola might be very upset.

Very risky project. It probably would make the organization involved not feel very good. You go from working for a national government, for patriotic reasons, to working for a corporation. Icky. Even defense contractors like to think of themselves as “working for the government”. But, to really be working against their own government, and for a mere corporation? Icky.

But… people figure out ways to justify all sorts of things to themselves. Even if it does not mean they feel so great about it. They feel better then they would if they were dealing with the cold, hard, objective truth.

Biggest reason why this is normally avoided? Merely because it is so damned risky. Corporate executives are not very trustworthy. In the movies, it may play fine to plot out just killing all loose wheels. But, in the real world, you trust untrustworthy people as part of your professional plan? You are a bad planner. You are introducing and maintaining very unnecessary risk.

More people involved in a secret project, more chance for that secret to get out. More risky they are, more chance they add to that risk. You plan and operate on an everyday basis, day in, day out, for all of your life. Managing risk and planning for it becomes a foremost concern.

Point being: if it is happening, it is just a matter of time before it collapses and becomes exposed. The reason why we have seen such extravagances as ‘what Hoover did’, ‘cointelpro’, ‘mkultra’? They did not engage these factors.

Reason why no one from Prism came clean, but, really, Yahoo, and that, only after exposure? The government had the law on their side.

It could happen. It probably is. But, if so, sooner or later, that dam will break.

Will this be the next big ‘television show’ for the global public?

I am, personally, hoping for something even more interesting then this. But, who knows…

Curious July 28, 2015 2:20 AM

Off topic: In Sweden today, it seems as if the submersible that they spotted underwater a week ago might be an over hundred year old Russian submarine named Catfish (‘Com’).

Curious July 28, 2015 2:57 AM

Apparently, from what I can see when doing a search for android related news, none of the four biggest newspapers in norway has even mentioned the latest smart phone vulnerability (Stagefright).

tyr July 28, 2015 2:04 PM

For the TL:FR crowd

An interesting confluence of security national
and copyright law traps when projected into a

One thing that struck me is the assumption that
the only way into an unknown future is to peer
into the rearview mirror and use that for guidance
when using technology. The other thing is that
exemptions suffer from mission creep, they are
applied in wider and wider circles until they
pre-empt everything else.

sidd July 28, 2015 5:54 PM

what SSL key fingerprints are people seeing for this site ?

Perpectives is seeing 3 different ones over 7 notaries.

6 notaries (perspectives1,2,3,4 at,, saw a change on the 24th from




but heimdal.herokuapp is seeing


that last one has been seen by others earlier


me July 28, 2015 5:59 PM


Serial Number 3F:94:78:D3:34:F5:9C:A7:8E:20:A4:3C:B1:C3:38:60
Common Name (CN) COMODO RSA Domain Validation Secure Server CA
Organization (O) COMODO CA Limited
Issued On Sunday, July 19, 2015 at 8:00:00 PM
Expires On Wednesday, July 20, 2016 at 7:59:59 PM

SHA-256 Fingerprint 3D 25 52 E7 A8 C3 E9 CE B3 0A E7 3B 5D E1 FE DD
11 98 67 FE D7 A2 E4 9D 33 C9 DC 56 89 A2 34 3B
SHA-1 Fingerprint EE 6C 74 CA C3 CF 6B 69 B9 8B 72 09 1D D5 1F D6
53 C3 8B 4E

Thoth July 28, 2015 10:44 PM

Bruce’s webpage
S/No : 3F:94:78:D3:34:F5:9C:A7:8E:20:A4:3C:B1:C3:38:60
Sha-256 Fingerprint: 3D:25:52:E7:A8:C3:E9:CE:B3:0A:E7:3B:5D:E1:FE:DD:11:98:67:FE:D7:A2:E4:9D:33:C9:DC:56:89:A2:34:3B
Sha-1 Fingerprint: EE:6C:74:CA:C3:CF:6B:69:B9:8B:72:09:1D:D5:1F:D6:53:C3:8B:4E

Cert Hierarch:
– COMODO RSA Certificate Authority
—– COMODO RSA Domain Validation Secure Server CA

Gerard van Vooren July 29, 2015 12:59 AM

@ Thoth,

As others have pointed out, a secure micro kernel isn’t enough. It’s a good foundation, but the frequency of serious bugs and the amount of hacking that is taking place, shows that there are architectural problems that goes way beyond the micro kernel alone.

To demonstrate why a micro kernel alone is not enough when it comes to security “in practice” I have a simple challenge:

Connect at home two computers with different operating systems together and let these two communicate in a secure way. Just an encrypted shared drive and a remote shell access. Then send a secure e-mail message from one computer to the other and one e-mail back, which means setting up an e-mail host server, GPG and a reader.

How long do you think this simple challenge will take? I bet that it will take a “regular user” a couple of days, maybe even a week, with lots of downloads, installs and frustration. And verification is also hard.

That is what’s wrong with todays computing. There are too many protocols, lots these are very old, and lots of these have the design by committee smell. Besides that, there is also fragmentation, thanks to competition and vendor lock-in. Of course there are lots of other issues, such as programming languages, firmware blobs etc.

Security has to be easy to use, simple and fast.

It’s not a theoretical ivory tower. It’s about architecture. User space programs shouldn’t have to deal with security at all. Thanks to UNIX, its derivatives, and Windows we don’t live in a world where this kind of architecture is mainstream. Great work by “the industry” btw.

end rant

Thoth July 29, 2015 3:39 AM

@Gerard van Vooren
Have you tried to design something easy to use, simple and fast ?

What was the result ?

gordo July 29, 2015 9:04 AM

@ tyr,

Musical quotation ain’t what it used to be… 🙁

Zuboff’s surveillance capitalism comes to mind, too, e.g., the surrenders/takings of personal thoughts/rights/expressions; the modifications/erasures of “undesirable” production/consumption habits, e.g., empathy; and the right to be forgotten gets new meaning.

Though not quite in the rearview mirror, the cartoon below…

…the same old, same old, human behavior, w/some powerful-new, technological power-to-behold, while there in the middle of it all, our ardent yet erstwhile disaster recovery specialist is tellin’ like it is; just tellin’ it like it is; is just tellin’ it like it is ;)…

Richard Scarry’s Busy Town in the 21st Century
Ruben Bolling, Nov 26, 2014

Nick P July 29, 2015 10:54 AM

@ Clive Robinson

That’s hilarious. I mocked the name change myself. Some of these software companies get goofy with the version numbers. Windows has a history of it. Usually, the actual version number is in the system somewhere with the marketing version displayed prominently. But I swear I’ve seen the version number in one of the system dialogs.

Nick P July 29, 2015 11:03 AM

@ Gerard

I already see dozens of answers to Thoth’s question in original phrasing. I think he meant, “Have you ever designed something easy to use, simple, fast, affordable, and secure against talented hackers?” Given that this is essentially the matter at hand. Anyone can build easily breached systems that are very usable, fast, and especially cheap. Windows 98, anyone? 😉

Securing stuff compatible with COTS hardware or software is hard to do while meeting those other requirements. I can’t remember anything that did without a bypass available via weak TCB. I mean, there’s been plug-and-play appliances but even those took some configuration.

Curious July 29, 2015 1:02 PM

I am reading on twitter, that ‘The Washington Post’ is supposedly pulled the original “Chertoff’s pro encryption op-ed”. Not sure what kind of article this is.

LvB July 29, 2015 3:41 PM

Looks like both Microsoft and Google are into harvesting WiFi passwords.

I wonder why?

Anyway…to keep Windows 10 from sending your password to a Microsoft server, you need to add the string “_optout” to the SSID. According to below article, to keep Google from harvesting the password, the SSID has to have the string “_nomap”.

Windows 10 automatically grants home wi-fi network access to your Outlook and Skype contacts

Security expert Brian Krebs, who called the automatic password-sharing “a disaster waiting to happen,” noted that, although Wi-Fi Sense has been a feature on Windows Phone for quite awhile, that was “less of a concern” because Windows Phone has only a tiny share of the mobile device market, which is largely dominated by Android and Apple iOS. However, “embedding this feature in an upgrade version of Windows makes it a serious concern for much of the planet.”

If you intend an upgrade to Windows 10 but have not yet done so, make sure you change the name of your Wi-Fi network to include _optout before you make the upgrade. Krebs also recommends that “While you’re at it, consider keeping Google off your Wi-Fi network as well. It’s unclear whether the Wi-Fi Sense opt-out kludge will also let users opt-out of having their wireless network name indexed by Google, which requires the inclusion of the phrase “_nomap” in the Wi-Fi network name.”

^@ July 29, 2015 3:51 PM

An article about Microsoft’s new Win 10 EULA:

Thanks for the article!

If Microsoft gives themselves rights to collect anything I say or do on a system that runs their OS (as below snippet from the article indicates), I think it is better to start using Linux or BSD.

one can say that Microsoft basically grants itself very broad rights to collect everything you do, say and write with and on your devices in order to sell more targeted advertising or to sell your data to third parties. The company appears to be granting itself the right to share your data either with your consent “or as necessary”.

Benni July 29, 2015 4:38 PM

Seems you were faster. I had tried to post this earlier but there were problems with saying “invalid request” when I hid the submit button.

Basically the new agreement turns windows into a keylogger.

For example, the privacy statement reads:

“Microsoft collects and uses data about your typing, inking (handwriting) and speech on Windows devices”


“The BitLocker recovery key for your device is automatically backed up online in your Microsoft OneDrive account.”

All these items are hidden behind a “learn more” link. So they believe that they can fool users by putting up a long document and then hide the relevant information before some links nobody clicks onto at the bottom….”

a summary would be this:

Windows syncs some of your data with Microsoft servers, e.g. “web browser history, favorites, and websites you have open” as well as “saved app, website, mobile hotspot, and Wi-Fi network names and passwords”. When device encryption is on, Windows automatically encrypts the drive Windows is installed on. The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account. Users who chose to enable Microsoft’s personal assistant software “Cortana” have to live with the following invasion to their privacy: “To enable Cortana to provide personalized experiences and relevant suggestions, Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device. Cortana also learns about you by collecting data about how you use your device and other Microsoft services, such as your music, alarm settings, whether the lock screen is on, what you view and purchase, your browse and Bing search history, and more.” But this is not all, as this piece of software also analyses undefined “speech data”: “we collect your voice input, as well your name and nickname, your recent calendar events and the names of the people in your appointments, and information about your contacts including names and nicknames.” and then it gets even worse: “We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary”

Daniel July 29, 2015 5:06 PM

“Also, when device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account.”

Wow wow wow.

Realize that in the USA under the “third party doctrine” this means that you have ZERO expectation of privacy in your encryption key.

Bitlocker is now officially dead.

rgaff July 29, 2015 5:46 PM

@ Daniel

Bitlocker isn’t dead. Just they’ve discovered that nobody seems to care if they’re spied upon, so they’ve come out of the closet and decided to do it openly. It will only be dead if we all decide that we care again, and we make it dead. Until then, it’s very much alive and well.

Benni July 29, 2015 6:19 PM

hasn’t Bruce mentioned recently that he used Bitlocker?

Perhaps this is an attempt of NSA to get some of the original Snowden files.

Everyone having secret files should switch to linux now, and use windows only for those rare exceptions when there is really no application available on linux for the job…

rgaff July 29, 2015 6:21 PM

@ Benni

I think Bruce and Greenwald both mentioned that they’ve only used an airgapped machine for Snowden files…

Benni July 29, 2015 6:39 PM

For me, this new service agreement says that on my dual boot machine, I will keep with windows 7 probably for a very long time.

Once windows 7 stops to become supported, I will use it in airgapped mode only for those cases when my linux box cant do the job.

On windows 7, microsoft tried to distribute “updates” that were actually windows 10 downloaders.

I had to deactivate them manually.

Now I will have to search for information in every software and update from microsoft about what it phones home….

The sad thing is that for some software, linux still has no real equivalent.

For example, adobe creative suite. The algorithms of photoshop are much better than those of open source products (is this a coincidence? It could almost be that adobe, with its ridiculously bugged flash player and the non-availability of photoshop for linux acts as an nsa trojan).

My telescope also can not really be connected with linux, as the windows driver is much more powerful and my image stacking application for this is a windows program. My chess analysis program does not run on linux, and my games also run on windows.

Without that, I really would love to delete the windows part of my otherwise gentoo linux box.

Governments really should sponsor software companies that they develop a linux version. If they can apply for government money for that, we would perhaps have more usable linux software soon…

Clive Robinson July 29, 2015 7:19 PM

@ Benni, rgaff,

It’s not jus apps you need to be carefull about, it’s “storage formats” as well.

In the UK several Members of Parliment have had “threataning” phone calls from senior Microsoft staff over the UK Gov’s moves towards open standard file formats.

Put simply the threat is “stop going open or we will pull out our UK centers and make everyone redundant and will notify your voters of that”.

Closed or proprietary file formats can hide all sorts of hidden “metadata” especialy in non human readable formats.

I’ve alwaysed advised along with my “Paper Paper never Data” mantra not to use non readable by human file formats, and not those that embedd “magic numbers” either. Thus plain ASCII text, CSV and some RTF file formats and Postscript “print to file”, not just because they generaly lack any “identifing metadata” but are considerably more “future proof” than closed proprietary file formats in unreadable form.

Microsoft’s new End User Licence Agreement with the required “ET phone home” and their proprietary file formats with unknown and encrypted metadata is in effect a very nasty snoopers charter, way way beyond the fantasies of Stalin and other despots and tyrants.

Dirk Praet July 29, 2015 7:25 PM

@ Clive

I especialy liked the “Polish the turd” comments, they are just so apt 😉

For a brief moment I had read that as a comparison to a Polish turd.

rgaff July 29, 2015 7:51 PM

@Clive Robinson

I agree about more future proof raw/human readable (or at least fully open forever) formats… it does take you to a somewhat “lowest common denominator” regarding features, but frankly that’s looking less and less bad in comparison as time goes on…

@ Benni

Yeah, stay with Win 7 until you can get rid of it completely… And how dare you mention a linux distro by name on here, now they’ll be targeting it… 😉

Dirk Praet July 29, 2015 7:57 PM

@ Daniel, @ Benni, @ Clive

The BitLocker recovery key for your device is automatically backed up online in your Microsoft OneDrive account.

So perhaps Bitlocker wasn’t backdoored after all and this is the solution they came up with to provide “lawful access”.

Clive Robinson July 29, 2015 8:02 PM

@ Dirk Praet,

For a brief moment…

Yes I’d forgotten what I was once told that, “Polish / polish is the one word in the English language where capitalisation of the intial letter changes the meaning, thus you should not use ‘polish’ at the start of a sentance to avoid contextless ambiguity”.

Maybe the should have said “accidental insult” instead of “contextless ambiguity”, because it’s only now you’ve drawn my attention to it the penny has dropped nearly fifty years later… arhh well you live and learn.

Clive Robinson July 29, 2015 8:23 PM

@ Dirk Praet,

So perhaps Bitlocker wasn’t backdoored after all and this is the solution they came up with to provide “lawful access”.

Err probably not…

Bittlocker has always had issues with time based side channels, thus potentially it was backdoored for the ICs by accident or design for “targeted surveillance”.

However this new automatic divulging the key to “a business record” is a potential backdoor for “general warrants” or “bulk surveillance” as well as a nod to law enforcment. Because if –and only if– you know what you are doing you can –supposadly– disable the “ET phone home” features of Win 10 prior to enabling Bitlocker, thus it will not be sent to your online OneDrive account (however nothing is known about Win 10 sending / leaking the key in other hidden ways). I’ll bet a pound to a pinch of salt that this sending / leaking of the Bitlocker key to the online OneDrive account does not happen in some Win 10 releases, otherwise the large corporate and government markets would be closed to them.

Clive Robinson July 29, 2015 8:46 PM

@ rgaff,

… it does take you to a somewhat “lowest common denominator” regarding features, but frankly that’s looking less and less bad in comparison as time goes on…

Actually from a business point of view that might be a good thing.

The reason is the issue with “productivity”, the most productive time for business correspondence letter / document production was 1973, and it’s gone down hill ever since.

Back then middle managers had Dictaphones and the tapes were sent down to the “typing pool” where they were typed up atleast as fast as you could speak if not faster with later variable rate playback. Managers got into the habbit of “composing their thoughts” before doing a “one take” recording to the Dictophone, to avoid the long time lag of corrections.

With the advent of typewriters with “stores” managers and others did not have to compose their thoughts as well and the “correcting rot” set in.

Later with Word Processing layout changes could be made, and much time has been wasted since on “beautifying correspondence” it’s why we have “corporate style guides” and the corresponding templates. The truth is it’s way to much “style over substance” and that is just not productive, but “marketing rules”.

So ditching all those little features, and encoraging people out of sloppy writing and into composing their thoughts would have a fairly noticeable positive effect on productivity.

tyr July 29, 2015 10:34 PM

One good thump needs another.

Microsoft has been the enemy and rightly so
for years. I never liked Billy Gates versions
of computing or his future ideas. But they do
make for good comedy.

Curious July 29, 2015 11:53 PM

(“Obama’s New Executive Order Says the US Must Build an Exascale Supercomputer”)

“1. The United States must deploy and apply new HPC technologies broadly for economic competitiveness and scientific discovery.” (from the press release)

What could it mean that “The United States must deploy and apply new HPC technologies broadly”?

Gerard van Vooren July 29, 2015 11:57 PM

@ Thoth,

“Have you tried to design something easy to use, simple and fast ?”

No. It takes teams and quite a lot of FTE to design.

There are examples btw. Plan-9 for instance.

@ Benni,

From that same Microsoft privacy statement under the chapter: “Reasons We Share Personal Data”

“We share your personal data with your consent or as necessary to complete any transaction or provide any service you have requested or authorized. We also share data with Microsoft-controlled affiliates and subsidiaries; with vendors working on our behalf; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our services; and to protect the rights or property of Microsoft.”

So they do it to “protect lives”! That is good! /s

They didn’t say in plain English the main reason to do it is to make money.

Nick P July 30, 2015 12:33 AM

@ Clive Robinson

Nice. The last update I read on was around 1GB so that’s accurate lol. Reminds me of this (NSFW naturally).

@ All
(esp Clive)

Decided to take another run on the general-purpose, analog computing angle. I figured something will come out of it eventually given its advantages for certain things. Found some interesting stuff.

A VLSI Analog Computer / Math Co-processor (2005)

Use it for differential equations, which is what they’re good at. A PC programs its 416 analog blocks. The result is it performs up to 400x faster than a workstation of the time while using 2%-20% of the power of DSP’s custom-design for this sort of thing. Pretty cool.

Leigh Hedger on Analog Computation

Then I found this which talked about making machines out of silicon without transistors and the “Lukasiewicz Logic Arrays” that came before that. I’m thinking, “What? Is this guy for real or full of shit?” The claims here are pretty cool but I couldn’t find much on him on the site at least. Skip straight to looking up the arrays but almost no information past a patent and a few papers. Clive’s thoughts on this or next papers might be useful.

Extended analog computers – a unifying paradigm for VLSI, plastic, and colloidal computing systems

Find some paydirt anyway. Modified Shannon’s General Purpose Analog Computers. These are structured as partial DFE solvers and “continuous-valued logic units.” Reconfigured digitally and cheap. Interesting stuff.

Kirchhoff-Lukasiewicz Machines by Mills

Mills seems to be all over this stuff. He elaborates on the LLA’s and KLM’s as they’re called. Shows them visually. Neat that one ran for around 10 years with just some physical cleaning.

“Empty space” computes: the evolution of an unconventional supercomputer

The finale is implementing Rubel’s theoretical machine on VLSI circuits without transistors and conductive plastic. Empty part solves PDE’s. Rest does “fuzzy logic elements, configuration memory, and I/O channels.” And more.

The first paper was immediately believable and syncs with what analog engineers say about why they prefer analog chips for things like that. The others are wild enough that they might be getting into fringe rather than unconventional territory. I’ll leave it to Clive or someone that groks analog to assess whether it’s the cool thing it appears to be.

Curious July 30, 2015 12:39 AM

@Dirk Praet

I am thinking ‘plausible deniability’, with regard to you thinking that BitLocker maybe wouldn’t have a backdoor, now that the BitLocker keys presumably is shared with strangers.

name.withheld.for.obvious.reasons July 30, 2015 12:44 AM

The mis-alignment of U.S. law regarding civil and individual rights can best be understood as the result of the FUD surrounding political rhetoric/discourse and a “tough on crime” mentality. My belief is that a more thorough campaign must be embarked upon–No On Ignorant and Stupid Elucidation, or by acronym–NOISE. But I digress, campaigns are more for electoral politics or marketing and fall well short of being useful in the context of social policy or law. It is one thing to consider the need to use civil authorities to address unlawful and criminal activity, it is completely different to take a “vengful” stance to said criminal behavior. Revenge and certitude does not make for an effective social management philosophy let alone a social or justice system.

Late last year I started a campaign, “Just say no to the Square root of 12!” The purpose was two fold, demonstration of the capriciousness and folly of SLOGAN based movements or socio-political doctrine. The second was to highlight the inane nature and just how arbitrary such campaigns can be…

Coming to this issue I can state that much can be attributed to the fact that many (may be greater than 50%) U.S. Senators are former state/federal prosecutors. The senate is replete with lawyers with prosecutor experience but there are few, if any, social justice advocates. This goes a long way in explaining how it is that legislative bias in the Senate is unavoidable and definitively tilts in one direction.

Nick P July 30, 2015 1:09 AM

@ name.withheld

Further looking into chip design tools I found this gem: the open-source Qflow tools. This goes from behavioral synthesis to detail routing. Combined with cheap, 180nm-350nm masks with MPW’s we might see hardware-for-the-masses as getting closer.

Thoth July 30, 2015 1:16 AM

@Gerard van Vooren

“design something easy to use, simple and fast ?”

If designing, building and deploying a security solution in a fast, easy and simple manner with high security and assurance does exist, we wouldn’t be stuck in this self-destructive cycle for so long.

An example is the existance of TCB but how many consumer friendly products ever use them ? The PrivatOS for BlackPhone cam now be ruled out as “secure and assuring” suitable for sensitive usage.

Me, @Clive Robinson and @Nick P can go on and on about how insecure things are but it doesn’t even matter as we know that most of the more secure options are out of reach for mere mortals and let alone the idealistic thoughts of having security much simpler and easier.

Try deploying a web IIS or Apache server with tie to a HSM and tell me whats up and if its easy. Hahahahaha…

Too lazy to do or no HSM ? Its not fun 🙂 . I am trying to get one up as I am typing.

Its all just a bad dream.

Clive Robinson July 30, 2015 4:24 AM

@ Nick P,

I’ve not used GP analogue computers in anger since I was back in education some cough cough years ago, as a project we used Mechano to build a diff analyser engine similar to the one developed at UMIST either side of WWII by Porter and Hartree,

The Enigma cracking “bomba” was technically a specialised analogue computer due to the way the parallel path testing worked, and on that score it would still beat most digital computers as a single test result delay time was due to the length of time it took a pulse to travel down the equivalent of a transmission line (what made it slow was switching from test to test via mechanical switches which is why the average PC would beat it hands down these days).

Whilst analogue computers can be incredably fast for a limited set of functions you only get about a one in a thousand (10bit) resolution at best, and you have to recalibrate them continuously.

Moving them directly onto silicon would improve on things but with CMMR and PSU rejection you’ld still be looking at a ~80dB dynamic range so about 13-14bit resolution. With a lot of care and slowing things down a lot you might get 26bit but the fundemental noise floor for a 1Hz bandwidth is -174dB which is 29bit, well shy of what pocket calculators achive.

I know of tricks using the equivalent of DFTs where you could squeeze a bit more speed or bits out of an analogue circuit but you are simply “faking it” by trading considerable complexity for a very small increase in the number of bits (around two).

I’ve not seen the links you’ve given yet so I can not say there are not other interesting tricks to try but at the end of the day conventional analog circuits are constrained by the laws of nature in our tangible “physical world”. The reason we get apparently much better results in digital computation is we swap bits for speed and then use massively parallel techniques. That is each transistor switch in a logic gate is a simple analogue computer of 1bit resolution, you use four or six transistors to make a single logic or memory cell and you keep putting more and more of them in parallel as independent asynchronus elements, and then make them synchronus via clocked memory elements in a piplined architecture. However “the piper has to be paid” if you want to maintain control and the price rises as a power law.

So you have a choice, very fast low power limited accuracy of asynchronous serial analogue computers, or slow in comparison power hungry synchronous parallel digital computers that you can increase the accuracy of by just adding more bits in parallel…

The great hope of quantum computers is that you get three binnary bits in parallel for each Qbit without some of the problems thus four Qbits in parallel would give you effectivly 12 binary bits. However geting just three Qbits to work that way appears “to challenging” the last time I dug into it.

I’m sure there are other blog readers that are more closely affiliated with the QC field of endeavour who can give you a more uptodate and accurate view of the current state of QC and how it relates to analogue computing and it’s limitations.

Dirk Praet July 30, 2015 9:09 AM

@ Clive, @ Curious

However this new automatic divulging the key to “a business record” is a potential backdoor for “general warrants” or “bulk surveillance” as well as a nod to law enforcement.

You’re probably right. There’s many ways to skin a cat.

Curious July 30, 2015 10:44 AM

If, say, a government agency were to be intentionally using a plausibly deniable backdoor, like soliciting a corporation (say Microsoft) for the data on one or more of its product’s users (like myself), is there a word in legalese for that? How about ‘conspiracy’?

Curious July 30, 2015 2:21 PM

Hm, I think I understand that the “Cybersecurity Information Sharing Act/CISA” is not yet in effect.

Bystander July 30, 2015 3:00 PM

As an update to this post, here is an Asynchronous DSP Architecture which performs pretty well.

On Win10 – I will stay away from it. I am pretty happy using Linux for some time now and I am not looking back…

The situation concering has changed, more here. This is a shame (not for them).

@ Benni
Not having a telescope and having stopped gaming in the mid 90s I had less pain switching. Adobe, albeit being good, it never had for me enough edge to sustain the other issues it has. On the photography side of software, there is darktable, quite powerful, rawtherapee and many other solutions for simpler tasks. YMMV

Nick P July 30, 2015 5:12 PM

@ Bystander

Nice. I didn’t know about it. How about we take it up a notch and make our FPGA’s asynchronous?

Cornell Asynchronous FPGA page

Performance data on 180nm (read: affordable for new chips) smashes similar Xilinx

Caltech presentation on asynchronous design flow, their chips, and detailed comparisons to synchronous ones

Caltech’s papers on the subject

Thing I like about asynch is how most of them work on first batch, even when mistakes are in them. Every ASIC article I read on prevailing synchronous circuits talks about how you’ll usually need 2-3 respins and sometimes up to 7 on tricky ones. At expensive nodes, I think that’s an argument for asynch by itself if not a complex SOC where there’s still R&D to do. Note that they have papers on SoC’s in there, too, but I haven’t read them yet.

Well, case in point: an example of a radiation-hardened, microcontroller at 40nm low-power and doing 20+MIPS on 360 micro-watts. Custom, too. Hell yeah!

Thoth July 30, 2015 10:12 PM

@Clive Robinson, Nick P, all
I have said a couple of times that Whitebox crypto designs are just not enough and all the NDAs that crypto chip makers dishes out just to put the lips tight on their Whitebox crypto design to thwart power analysis attacks are simply insufficient as that is simply security by obscurity.

Finally … after along time … someone decided (or some group) to take a stab at the “Whitebox crypto” is secure myth.


I have discussed with @Clive Robinson and mentioned about using unwieldy and slow random operations, dummy key operations, random mixing and other slow operations to simply confuse the attackers just like @Clive Robinson’s Ouroboros design (snake eating it’s own tail tactic) to create as much confusion as possible.

This paper below attempts to shortcut all the unwieldy operations to a set of operations that are just enough to confuse the attackers which is specifically to make use of the independence among operations in cryptographic algorithms and randomizing their execution order which I personally feel is still insufficient.


I would still prefer to have a higher powered security chip (32/64 bit RISC) with specially designed ALUs to facilitate the randomizing of operatins. Maybe a security built FPGA would be nice to implement my heavy and close to normally unwieldy logic mixing and dummy spamming design ?

Thoth July 30, 2015 10:16 PM

@Clive Robinson, Nick P, all
Let’s not forget the authors (3 of them) were from one of the largest security chip makers … NXP Semiconductors.

Hopefully they will start to peel away those useless NDAs on their chips bit by bit and become more transparent in their businesses although it is just a bad dream again but there is always hope right ?

Figureitout July 30, 2015 10:17 PM

Nick P RE: rad-hard uC
the accumulation of charges in the dielectric may change the device threshold voltage or create a conducting path between the source and drain of a transistor.
–I thought this was supposed to be almost impossible, that’s nasty.

Many applications require both robustness to radiation and low power. But these two requirements conflict: robustness benefits from large devices and a high Vdd
–This reality is the cold truth and biting me now. Probably one will have 3-5 core requirements that will all push outwards from each other. Either choose some you value most or get this weird compromise “that works”. In this instance, having ultra low power (ULP) in a rad-hard design; well if not “hard” enough it may be possible to power up a ULP circuit via external radiation which has severe security consequences, even though it’s good it’s signals won’t be radiated far.

Other than that, people should focus first on learning C (since you can branch off to most other languages the best, if you want), get a bit of theory on basically the “tree” structure of file systems, then using nice toolchains that do “magic” reading the registers and displaying it nice and pretty for you (be mindful of getting spoiled though), work and study w/ each of the big components in a SoC (ie: basically all the components in a computer) before getting too excited jumping in studying custom ASIC’s and FPGA’s. Learning things in the right order is so important to me as I do it wrong basically every time as I find out later (ie: reading AC2 before I knew how to code or even remotely how computers really worked), it’ll be a big waste of time besides getting familiar w/ terms to make connections later.

Figureitout July 30, 2015 10:31 PM

Nick P RE: robustness
–And having a “ground” too lol, like from AC. No ground no way to direct attacking signals to ground, simply get absorbed; but these FPGA’s will likely be using an AC power supply.

|that is simply security by obscurity.
|I have discussed with @Clive Robinson and mentioned about using unwieldy and slow random
|operations, dummy key operations, random mixing and other slow operations to simply confuse
|the attackers

–Uhhh…is that what you’re doing? Admit it, it works. Of course, reading some of the insanely awesome puzzle solvers (they worked in groups making it more fun and used prior knowledge of the puzzle-maker, but still) may find pleasure but that pleasure can be quickly turned to pain when you find out someone’s RE’ing your sh*t you don’t want to.

Nick P July 30, 2015 11:52 PM

@ Thoth

Damnit, Thoth, how can drop a goldmine of great papers on me as I’m trying to go to sleep. I copied over a dozen after moving through dozens more and wasn’t halfway down the page. Had to force myself to close it for now. I’ll post my thoughts on some of the stuff later.

Meanwhile, the whitebox crypto paper is expected. The other one shouldn’t be trusted for now. This game of side channels goes back and forth. Use any countermeasure with an expectation that it merely delays the inevitable and might be broken by the next clever work. And I surely noticed NXP on the paper. 🙂

@ Figureitout

“Many applications require both robustness to radiation and low power. But these two requirements conflict: robustness benefits from large devices and a high Vdd
–This reality is the cold truth and biting me now. ”

It’s true. Remember that my scheme for getting the chips cheap was one embedded, one for clean-slate with high performance, and one for legacy. My research on the chips shows how hard they work to do as little as possible in ULP. Further, my research in high-end chips showed how much extra stuff they do to counter all the reliability issues. Clearly they contradict. I mean, there’s chips such as Rockwell’s AAMP7G with voters built in and the lock-step designs. Yet, sacrifices will be made compared to what people are used to with microcontrollers, etc.

“Other than that, people should focus first on learning C”

I totally disagree. The first thing every comment on learning FPGA’s and hardware said was to unlearn everything you learned about software programming (especially C!). The reason is that it focuses on a sequential, stack or register based model where hardware is logical operations all acting in parallel and in synch. The functional languages are actually closer, which is why SHard was easy to translate. Best to learn hardware fresh from resources such as linked to Or that stuff Wael gave you.

From there, they can build hardware that uses whatever paradigm they want. It might be a Forth machine, LISP machine, Haskell runtime, Oberon machine, or even one that runs C while reimplementing its toolchain (fun stuff). Hardware examples with documentation exist for most of these (esp LISP machines). So, one language or ISA isn’t necessary. They learn hardware, take advantage of synthesis tools + FPGA’s, and pick the stack best for their needs.

“reading AC2 before I knew how to code or even remotely how computers really worked”

Did you mean AC2 (your pal) or ACL2 (language)? If ACL2, I agree it’s best to do both and hand-in-hand. All the lesson’s learned papers said that.

“but these FPGA’s will likely be using an AC power supply.”

They’re not built for EMSEC. That’s done afterwards with custom modifications by TEMPEST vendors and only if you’re a defense contractor willing to pay several times extra. 😉

Curious July 31, 2015 4:52 AM

(“BIOS implementations fail to properly set UEFI write protections after waking from sleep mode”)

“Multiple BIOS implementations fail to properly set write protections after waking from sleep, leading to the possibility of an arbitrary BIOS image reflash.”

I am guessing that vulnerabilities with UEFI might not be much of being news, but I thought I’d add that link anyway, as this is obviously a specific vulnerability.

As a simple consumer, I myself tend to have little faith in the security of BIOS/UEFI, or anything on my computer at all.

Clive Robinson July 31, 2015 5:46 AM

@ Figureitout,

Other than that, people should focus first on learning C (since you can branch off to most other languages the best, if you want)

Err that only works “up the stack” not “down the stack” each level you go up abstracts and thus hides a lot of the power of the levels below. Thus you lose knowledge by which you will be attacked at a lower level.

Thus if your lowest reasonable level of work in the stack is the CPU level you need to know atleast two layers beneth that. Otherwise the likes of DMA and error injection attacks on comms will bite you badly as will assembler code that rewrites the microcode or RTL.

You realy need to start at the gate level and work your way up to being a C programer if you want to work at that level.

Whilst you can be attacked at the gate level or lower there is little or nothing you can do from the software and above levels of the stack. It’s only with the likes of FPGA’s etc where you have a small chance of dealing with gate level attacks.

One thing that’s always made me scratch my head, is logic synthersis from C code… it might reduce engineering costs by reducing time to market, but it’s just asking for a whole world of hurt from the security side due to the number of attack vectors it will put in unseen by an unwary programer.

Curious July 31, 2015 5:46 AM

As a mere consumer, I can’t help but wondering about these things:

I wonder if maybe Microsoft’s wifi sense somehow can be used for unconventional stuff, like covert location tracking of a computer. For that to even make sense, I guess it would be required that wifi sense today, or in the future, works in such a way, that a user indirectly is revealed among other wifi clients when moving around, as some kind of passive monitoring of Windows users.

I also wonder if there could be a connection between how wifi sense work and MS’ use of ‘advertising ID’ for every user (is Ad ID like some kind of system wide super cookie in a sense?).

So what I find interesting about wifi sense, is not so much the act of connecting to a wifi network, but as a means for propagation (read spontanious) of data/metadata by proximity. Then again, maybe wifi sense just doesn’t work the way I sort of imagine it could.

Curious July 31, 2015 7:25 AM

I mentioned earlier here that The Washington Post changed their text in an article by “Mike McConnell, Michael Chertoff and William Lynn”. The article was titled: “Why the fear over ubiquitous data encryption is overblown”.

A diff of the old text I found a reference to on the internet compared to one of today, showed some minor changes:
• The addition of credentials about each of the authors.
• The removal of any reference to Clinton, Bush, or Obama administration.
• The removal of a reference to “the security firm RSA”, replaced with “a major information security firm”.

Curious July 31, 2015 7:42 AM

As mentioned vaguely by Bystander above, German is said to be investigated for treason charges by Germany’s government authorities.

At this point in time, I am not able to load the webpage for No idea what that might mean.

(“German government accuses news website of treason over leaks”)

Germany has opened a treason investigation into a news website a broadcaster said had reported on plans to increase state surveillance of online communications.”

The federal prosecutor has started an investigation on suspicion of treason into the articles … published on the internet blog,” a spokeswoman for the prosecutor’s office said.

The public broadcaster ARD reported had published an article on how the BfV was seeking extra funding to increase its online surveillance, and another about plans to set up a special unit to monitor social media, both based on leaked confidential documents. (The Guardian)

The Guardian write something like, that the German authorities were particularly interested in articles shown 25 February and 15 April on netzpolitik’s website.

Winter July 31, 2015 9:46 AM

“German is said to be investigated for treason charges by Germany’s government authorities.”

Expect a general uprising when they try that. And a very nice rap on the nuckles from the high court.

Btw, I can access:

Figureitout July 31, 2015 10:53 PM

Nick P
I totally disagree.
–I know, probably always will; had to make sure to get the blood flowing and keep you up a little later at night haha. Fact of the matter is, right now, still biggest bang for your buck (if you want employment, which can buy time to learn other things) is learn C if you can’t understand below it first. Then most other human-readable languages would be doable w/in a few months.

Personal opinion anyway, looking out for people’s best interests (ie: their lives; and of course they’ll learn things best in a different order/way, so not same). Probably still running those toolchains on OS’s written in C or a dialect…

it focuses on a sequential, stack or register based model
–Sounds like a regular computer, things can be made parallel but it’s ultimately not how humans think or build things (look how many people crash and die trying to just text and drive). Just makes parallel systems easier perhaps AFTER you learn how to set it all up lol, from the looks of it…yeesh lol.

Think it’s best to learn basic electronics pretty well before you go off trying to do system design on ASIC/FPGA after doing some arduino stuff or just skipping ahead reading advanced stuff. Otherwise you’ll just be copying designs mostly probably, and be at the mercy of the designer for support…fck that. Going to have a lot of crappy designs flooding everywhere w/ bad habits learned. Then if say we start using it for something and that crap design becomes *my problem from bugs bubbling up to me, screw that.

Did you mean AC2
–Yeah, Applied Cryptography II. Not “my pal” either (I’m not your pal, friend lol).

Clive Robinson
–I know, I jump back and forth; mostly like to read asm from compiler now from equivalent C code, that’s my fave. I haven’t gone beneath asm much at all yet besides small things, mostly just above it (some design now but you won’t see my name). Frickin’ takes forever. Not a lot of fun either but what gets me is how little does so much lower down, and more control is good.

Nick P August 1, 2015 12:17 AM

@ Figureitout

“had to make sure to get the blood flowing and keep you up a little later at night haha.”

Nice try lol. Worked in the past for sure but not that time. More like a quick eye roll and same exact response as…

“Fact of the matter is, right now, still biggest bang for your buck (if you want employment, which can buy time to learn other things) is learn C if you can’t understand below it first. ”

Response: we were talking about hardware circuits with an asynchronous focus. I guarantee you that your employment options will suck if you start on hardware by picking up the C model.

“-Sounds like a regular computer”

Sounds like the illusion a regular computer presents to users with much inefficiency and issues. Real computers are boolean devices running with massive concurrency. Much more potential than the frame and stack model of C. Or even dumb RISC machines that will run anything in any context they encounter.

“Think it’s best to learn basic electronics pretty well before you go off trying to do system design on ASIC/FPGA after doing some arduino stuff or just skipping ahead reading advanced stuff.”

The building blocks of FPGA and ASIC seem to be simpler than electronics in general. I even found one book that relied on synthesis to teach just enough Verilog to build all kinds of useful stuff without understanding why it worked. I mean custom rather than example problems. Just made it a HLL. So, you might be right and might not. I’d have to have more experience than I have to answer that.

“Did you mean AC2
–Yeah, Applied Cryptography II. Not “my pal” either (I’m not your pal, friend lol).”

Ahh. Makes more sense. Parenthesis are confusing, though, given AC2 the person was either your buddy or sockpuppet. No chance it was me.

Figureitout August 2, 2015 8:54 PM

Nick P
we were talking about hardware circuits with an asynchronous focus
–Yeah well, there’s no C in the toolchain at all?–Damn. Something worrying about async circuits is that there won’t be bottlenecks like waiting on the system clock, so monitoring will be more difficult. Not to mention it’s new design territory so there will be plenty of bugs to come (race conditions look like a big risk). No clock signal so how do you make delays then?

your employment options will suck
–Well that’s what’s being taught first now, you’re going to learn high-level first, and you’re going to interact w/ and be able to program and use larger components before even considering design.

build all kinds of useful stuff without understanding why it worked
–Yeah ok. You’re not going to be able to do that very long w/o issues. Have you been able to set up and program an FPGA yet?

No chance it was me.
–Huh, you’re saying you’ve never impersonated anyone?–Ok. Don’t even know what you’re talking about me knowing an AC2, and the pal/friend thing was a joke that went whoosh, reddit thing.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.