Friday Squid Blogging: Squid Bed Sheets

Some nice options.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on October 23, 2015 at 4:29 PM • 272 Comments

Comments

Hello Mr. Brennan I am a Nigerian PrinceOctober 23, 2015 5:06 PM

Awesome social engineering potential here.

https://wikileaks.org/cia-emails/Contacts.txt


Interesting that Susan Rice, ricesusan@aol.com, is still doing what Hillary's getting pnged for, interagency communications on non-government email accounts.

And what's Brennan talking to NJ judge Mark Nelson about? CIA marching orders for our famously independent courts?

Now we know who Brennan goes to when he wants to play the wurlitzer in the key of Washington Post: malloryk@washpost.com

fun with metadata!

rOctober 23, 2015 5:35 PM

Once they have a working POC they can offer it to the Alpha Bet Letter Groups as the next Great Cannon.

Co+Lateral Damage.

ttOctober 23, 2015 5:38 PM

An interesting article by Neal Koblitz and Aflred Menezes, which provides analysis (and speculation) about any possible undisclosed knowledge the NSA has about elliptic curve cryptography (ECC) and cryptography resistant to quantum computing.

Abstract: In August 2015 the U.S. National Security Agency (NSA) released a major policy statement on the need for post-quantum cryptography (PQC). This announcement will be a great stimulus to the development, standardization, and commercialization of new quantum- safe algorithms. However, certain peculiarities in the wording and timing of the statement have puzzled many people and given rise to much speculation concerning the NSA, elliptic curve cryptography (ECC), and quantum-safe cryptography. Our purpose is to attempt to evaluate some of the theories that have been proposed.

Media/blog coverage here and here.

tyrOctober 23, 2015 7:05 PM

" A new filing from the DoJ attacks this second point in a novel and far-reaching way. The Justice Department lawyers argue that because Apple licenses its software -- as opposed to selling it outright -- that it is appropriate for the government to demand that Apple provide assistance in its legal cases.

To my knowledge, this is an entirely novel argument, but as I say, it has far-reaching consequences. Virtually every commercial software vendor licenses its products, rather than selling them. If the DoJ establishes the precedent that a product's continued ownership interest in a product after it is sold obliges the company to act as agents of the state, this could ripple out to cars and pacemakers, voting machines and tea-kettles, thermostats and CCTVs and door locks and every other device with embedded software. "

It's too bad lawyers don't spend more time digging ditches for construction.

name.withheld.for.obvious.reasonsOctober 23, 2015 7:12 PM

Wanted to let everyone know that I just watched a documentary about the southern United States, the title of the documentary is "Deliverance" and it is relatively old...funny thing is it seems to describe some party politicians as well.

There are several protagonist types that are on holiday when some villainous musicians (seems they play the banjo) get into it quite heavily. This documentary is not for younger viewers, be advised.

The documentary appears to be a VERY ACCURATE PORTRAIT of life in the United States, mostly in the southern states, and is quite shocking in its detail and depth. So wipe that smile off you face and see this important documentary as soon as possible (ASAP). I don't know if there was a squeal-quel.

Clive RobinsonOctober 23, 2015 7:12 PM

@ tt,

Matthew Green has made a comment about the paper on his blog. I linked to that on last Fridays Squid Page, where Nick P and I have had a discussion on the implications.

BenniOctober 23, 2015 7:16 PM

BND spied on the pope. The reports are detailed enough to tell when the pope laughed during certain meetings

http://www.spiegel.de/spiegel/vorab/bnd-bespitzelte-papst-a-1059264.html


German prosecutor general starts an investigation against NSA and GCHQ for deploying regin in the German government:

http://www.spiegel.de/spiegel/vorab/neues-ermittlungsverfahren-wegen-us-spaehangriff-a-1059313.html

BND spying on Austria was ordered by the German chancellery:
http://derstandard.at/2000024382756/Pilz-Deutsches-Kanzleramt-genehmigte-Spionage-gegen-Oesterreich

BND lied at the NSA investigation commission: It informed the chancellery about its spying on the United States since 2008, not since 2013
http://www.focus.de/politik/deutschland/bnd-abhoeraeffaere-kanzleramt-taeuschte-das-parlament_id_5030655.html

From now on, Global Hawk surveillance drones will fly regularly over Germany. The German government claims it as received a written statement from the US that the sensors for information collection will be shut down during flights over Germany. However, there is now way Germany could verify that claim, since the drone is piloted from abroad and does not land in Germany.

http://www.spiegel.de/politik/deutschland/us-spionagedrohne-kreist-bald-ueber-deutschland-a-1059307.html

I believe the aim here is to spy on syrian refugees... (remember, BND says CIA agents are no longer allowed to interrogate refugees in Germany and ask for interesting phone numbers... So, apparently, another way was found to get these interesting phone numbers: by monitoring the content of the calls from above. So that is why germany recently has taken so many refugees...)

name.withheld.for.obvious.reasonsOctober 23, 2015 7:42 PM

@ Bruce Schneier

Looking for a compound tag that would be the equivalent of "ICALLBS" and "FUD" in your tag list--could you help out here? Anyone else with any suggestion(s) for me? And, please, be nice about it.

Regards,
(Yeah, right....)

Nick POctober 23, 2015 8:52 PM

@ tt

The discussion Clive is referring to started with my reply here. Interesting to see that NSA's best recommendation (symmetric PSK's) was one of mine from years ago. I stay pre-empting the bastards. :)

@ Grauhut

"@NPrince: In this case the analog stuff is more scary... Rajeev Venkayya"

Huh? What you referring to?

Nick POctober 23, 2015 9:01 PM

@ name.withheld

I believe this is the one you're looking for. One of those (PMC) even listened to my recommendation here and factored it into their snake oil lol. Vadium OTP's are still around, too, but undergoing a hopefully-fictional reorganization. We slammed these two particularly hard. :) My favorite was Demiurge Consulting given that Google put Bruce's Doghouse entry on them right under their site in the search results. It was "trust us," then "in the Doghouse." Lol.

I miss those.

name.withheld.for.obvious.reasonsOctober 23, 2015 9:45 PM

@ Nick P
Tis close, but not quite what I was looking for, I will expand.

More along the lines of "socio-techno" BS and "socio-political" FUD. A few entries, like the Iraqi divining rod for explosives seemed to be most descriptive...

GrauhutOctober 23, 2015 9:59 PM

@Benni: "BND spied on the pope..."


Much more interesting: "German telecoms operator Deutsche Telekom said Friday it is to partner with China's Huawei to offer public cloud computing services in a bid to rival US behemoth Amazon."

Read more at: http://phys.org/news/2015-10-deutsche-telekom-huawei-cloud-link.html


Connect this collaboration with cybar archenemy no. 1, China, with the EU bombing of Save Harbor and you will see: This means less money for US .com's in the EU.

High treason! :)

Clive RobinsonOctober 24, 2015 12:08 AM

@ Grauhut,

Much more interesting: "German telecoms operator Deutsche Telekom said Friday it is to partner with China's Huawei to offer public cloud computing services in a bid to rival US behemoth Amazon."

You forgot to mention two other interesting points,

    1, Huawei is one of two Chinese Telecomms companies on the US state level hackers 541t-list.
    2, Huawei, has a special arrangement with the UK's GCHQ, whereby the spooks that originated the Five Eyes get to play very intimately with their hardware and software. Supposedly looking for nefarious stuff the Chinese Government et al might have slipped in.

So the great game continues, this time with Germany and it's environs not Persia and it's environs, and with China not Russia as the shady adversary.

Oh and with the latest Bond flick (Specter) premiering, many editorials on the biography of the other great British Spook turned Spy novelist John le Carré (David Cornwall), and the Chinese State Visit all in the UK news, sometimes coincidence is stranger than fiction...

rgaffOctober 24, 2015 2:13 AM

@tyr

"It's too bad lawyers don't spend more time digging ditches for construction."

Instead, they just spend time digging graves for the constitution :)

CasualOctober 24, 2015 3:33 AM

Very interesting article on the 'Crypto Apocalypse' (the sudden, unexplained, deprecation of ECC).

http://eprint.iacr.org/2015/1018.pdf

TLDR:

http://arstechnica.co.uk/security/2015/10/nsa-advisory-sparks-concern-of-secret-advance-ushering-in-cryptoapocalypse/

In other news, 4m records lost by telecoms company (names, addresses, dates of birth, telephone numbers, bank details etc.)

http://www.theguardian.com/business/2015/oct/23/talktalk-hacking-crisis-deepens-as-more-details-emerge

Wesley ParishOctober 24, 2015 5:25 AM

An interesting insight into security as understood by the motor vehicle industry:

http://m.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11533005

Queensland University of Technology Computer Science and Information Security senior lecturer Dr Ernest Foo said keyless cars were most vulnerable to theft after they left the factory and before they were in an owner's hands.


"What we are finding is that hackers are trying to access or pick the supply chain because it is easier before a particular system has been connected. Before someone owns it and while it is still in the factory settings - that is the weak point."

Dr Foo said he was not able to comment on the specifics of the Auckland case, but it was likely the thief used a factory key rather than a scanning device that would have to be programmed to the specific code of the system it was hacking.

http://www.stuff.co.nz/motoring/news/73318986/Jaguar-stolen-from-Auckland-car-yard-recovered-undamaged-plates-gone

Proud to be an AmericanOctober 24, 2015 5:29 AM

Both DOD Secretary Ashton Carter and the brave troops under his command are to be congratulated for their heroism both on and off the battlefield.

To Ash Carter for following his conscience and sacrificing his career to do-the-right thing. This is what America used to be about - being the good-guys. Clearly his rare inspired actions did not come from men or policy.

To the American troops for their bravery and successful humanitarian mission. The Master Sargent could not have sacrificed his life for a better cause fighting against the powerful, spiritually evil, ruthless, corrupt thugs called ISIL.

This rescue mission generates immense amount of American goodwill from other members the coalition and the world.
Taking off the blinders one can see that Ash Carter even out-maneuvered Putin!

GrauhutOctober 24, 2015 6:49 AM

@Pride: "To the American troops for their bravery and successful humanitarian mission."

You really buy this story?

"When Kurdish commandos went on a helicopter raid to rescue about 70 hostages... Americans who accompanied them to offer support, not join in the action... 10 to 20 Delta Force operators who were present... Aerial reconnaissance had shown a newly dug mass grave... Mr. Carter said. “That location was planned to be an execution center.”" (NYT)

Deltas on a "humanitarian support mission" because of a freshly dug hole in the earth of a desert somewhere...


“It is hard to describe these guys. They are taciturn, very introspective, but extremely competent. They are Jason Bournes, they really are.”

How much does training of a Delta cost? And this PR stunt honours this soldier?

So much and so believable it "even out-maneuvered Putin!", because every non kurd in this tribal area will love you for it?

How long did you fight there and what did you learn? "More of the same always works!", was that the lesson learned?

Clive RobinsonOctober 24, 2015 7:28 AM

@ Casual, ALL

The 4 Million "Talk Talk" customer records has actually raised a "baby elephant" in the room with regards how non practitioners see encryption.

This is the third time in a very short period Talk Talk has been hit, and the CEO has decided to come out fighting and has been talking to the press in a fairly open an honest manner...

One thing she has said is that the security "experts" are still doing their thing so she is awaiting the results. However she did say that because of this she did not know if the data was encrypted or not... Which some journalists and talking heads have incorrectly picked up on...

From other non company sources quoted the attack appears to have been a simple,

1, DDoS smoke screen.
2, A SQL attack to get the data.

With comments and U-Tube type footage of some security researcher getting their three year old daughter to do a basic SQL attack via a "Script Kiddy Tool". Saying it was "Child's Play" attack and by inference Talk Talk were incompetent... Ignoring the fact that running both a DDoS smokescreen simultaneously with an SQL attack is a little bit more than child's play (unless some bozo has released a combining script recently).

In all this journalistic nonsense an important message is being lost which is the big dig difference between "encrypted data at rest" and the same data which has been unencrypted for use one record / field at a time for the DB to use.

To many people see "encryption" as a "be all and end all" security step, which it's not for "data in use" for very obvious reasons.

The fact "encryption" has become a "check list mantra", and many journalists and others now see it as a "silver bullet" really is not helping security in the slightest, in fact the very opposite.

John SOctober 24, 2015 7:40 AM

@Clive Robinson

Huawei is not on any official list for the USA, just so happens a single committee came out with a much derided report on "possibles" and "maybes". That committee was also charged with overseeing the NSA, maybe they got a little confused on who was doing what...

Secondly UK Government do not get to play with any hardware of software but they do get to oversee others that do.

CuriousOctober 24, 2015 7:40 AM

@999999999 and others (responding to last week's friday thread)

About the claim of Snowden having caused harm to intelligence operations for US military:

There is imo an important distinction to be made, between having an idea of *something* being 'harmful' to something else, and having the idea that doing *something* is equal to "causing harm". One has to keep those two wildly different aspects of life apart to avoid generalizing too much, as if by making a generalization this way, guilt as such was to become the mere associative connection made, from someone, to a particular crime or crime in general.

I'd say that the quip "XYZ has caused harm", is imo more of a rhetorical thing in language, simply having poignancy as such than having the merit of being a meaningful and factual statement, where 'harm' & 'caused harm' would otherwise make good sense with the notions of "harming" and "causing harm" being equally meaningful, like with a description of events describing someone hitting and hurting someone else with a wielded hammer for example.

An complementary explanation is the idea of institutions wittingly and effectively invoking guilt as prejudicie as a form of judgement, as if assigning guilt was a sport, or task rather, but omitting the interpretative part in the formal proceedings, being praxis and business as usual.

In norway, there is a particular word that imo keep being abused in both the courts and in the media, so called "utilregnelig" (literally 'unaccountable'/it practically means "insane"). The meaning of this word is elusive, but somehow it keeps being used. I'd claim that the secret to the true meaning of that word, is probably that understanding that the use of this word is cultural, and applied in the usual praxis of law and the weird crossover to psychiatry as an institution, applying the guilt of being formally insane, that just so happens to affect the treatment of anyone thought to have been "utilregnelig", as if they maybe still are, definitely is, or might be in the future. Society being oblivious to the non-scientific use this insanity-like term. So a lawyer might now try to object to this I write, and tell you that society, or the courts rather, use this word to make use of the law basically infering freedom from guilt and punishment, if well, having committed a crime if being deemed unaccontable. The big problem, is then, that it isn't that the merit of being "unaccountable" is by judgement of a court or a court judge, it is by the *prejudice* of the court, and that is to this day in norway possible by the «madness» of psychiatry as institusion, being pretty much non-scientific the last time I checked. I like to think of psychiatry as priest hood of sorts, so called professionals damaged at work, working for a culture of abuse and self assigned authority.

How does it make sense having accused someone of harming someone's surveillance operation? Presumably, either a perceived harm was thought of as having been inflicted 'directly', or it was thought of as having been inflicted 'indirectly', but ofc in the case(s) of something having harmed something else 'indirectly', it should be obvious that the notion of "harm" no longer imply a meaningful association between the one(s) thought to be doing harm and the one(s) having been harmed, but instead that the rhetorical use of "harm" as the very idea of 'harm', becomes very real but functions as a pejorative term (accusative, but not factual, oddly enough) in the form of the quip "has caused harm". I suspect one can think of such usage as the 'actualization' of possibly a range of ideas (anything really, ultimatively something rather speculative), that partly merit a concern or interest in people, and partly invoke a claim to being something factual (as in being memorable and particularily interesting). Cue german idealism. (No, not the Hegel-loved-the-state bs.)
https://en.wikipedia.org/wiki/German_idealism
(Warning, reading such literature might be follosed by a mix of immediate confusion and aHa moments, confusion will perhaps pass after 10+ years, no joke, assuming you accept there is not really a soul, no afterlife, no gods, no 'ding-an-sich'/'the thing in itself', nor an 'objet petite a', nor 'a big other') :D

Thus the idea of 'harm', when "harm" is not being something obvious as being any kind of inflicted damage, is interpretative at best and at worst an exaggeration.

So, if it is said that Snowden did something that likely made surveillance goals difficult for US military to achieve, a change in difficulty for surveillace as such is not really 'harm' as such, more like understanding change in some ideal way that just so happen to fit rhetorical arguments used for accusing others of having committed a crime, simply because of a perceived undesirable circumstance (like leaking documents).

Heh, I am no expert on German idealism, so I hope I didn't screw this up by making that reference. If I left any «» signs in my text, I forgot to replace them with "'s.

rubber sinkholeOctober 24, 2015 7:43 AM

I'm surprised the TalkTalk attack hasn't received more attention here.

http://www.theguardian.com/business/2015/oct/23/talktalk-cyber-attack-company-has-received-ransom-demand

To those outside the UK, TalkTalk is the country's second largest provider of TV, internet, landline and mobile phone services, so it's a big deal.Millions of customers (current and past) are affected, with personal details, contact info and bank accounts on the brink of being released by doxing.

Customers' reaction has been priceless. In the land where the prime minister has waged a war against encryption, the immediate response to the hack was: "Hey, why wasn't the data encrypted in the first place?!"

http://help2.talktalk.co.uk/oct22incident

You couldn't make it up!

rubber sinkholeOctober 24, 2015 7:48 AM

@Clive Robinson:

'The fact "encryption" has become a "check list mantra", and many journalists and others now see it as a "silver bullet" really is not helping security in the slightest, in fact the very opposite'.

Very true, but we're talking 4 million records stolen. That's a lot of records to be processing simultaneously! My point is that perhaps encryption, although not a silver bullet, would have certainly helped mitigate by at least protecting data at rest.

Michal ValladaresOctober 24, 2015 8:05 AM

Another case of governmental abuse of anti-terror laws in the UK:

Two pro-Tibetan peace protesters have been arrested by British police for waving a flag and displaying pro-democracy banners as Xi Jinping visited London. The most baffling aspect of the story is that the police broke into the protesters' houses and took their laptops and USB drives for forensic analysis.

http://www.theguardian.com/uk-news/2015/oct/23/activists-condemn-arrest-tibetan-pair-waving-flag-xi-jinping-met-police-chinese-president

I'm not sure whether the UK government feels an imperious need to read the content of peace activists' correspondence or whether it's a case of good old fashioned harassment. In any case, it all looks suspiciously related to the UK's recent interest in cozying up to China's lucrative Asian Infrastructure Investment Bank:

http://www.ft.com/cms/s/0/d33fed8a-d3a1-11e4-a9d3-00144feab7de.html

Elton BouOctober 24, 2015 8:17 AM

@Casual,Clive Robinson,rubber sinkhole

The question nobody seems to be asking is: what was that expensive doughnut in Cheltenham (the gchq) doing while 4 million records were being syphoned out of one of the nation's largest telecom providers? How many millions of pounds is the country spending on expensive toys and what are they getting in exchange for it (apart from grief and worldwide complaints about dragnet surveillance)?

obtuse harpOctober 24, 2015 9:03 AM

Twitter censors Cryptome's John Brennan leak. The site has deleted at least two of the relevant links, which now lead to a search page with the message "Sorry, that page does not exist":

-Brennan's contact list
https://twitter.com/Cryptomeorg/status/657512334068420609

-Revelations about CIA malware implants
https://twitter.com/Cryptomeorg/status/657515629596037120

Of course, the contacts list is widely available on the internet: https://wikileaks.org/cia-emails/Contacts.txt

Brass SnailOctober 24, 2015 9:17 AM

@obtuse harp:

Ha, I wonder whether they'll add that one to their "transparency report."

Clive RobinsonOctober 24, 2015 9:19 AM

@ John S,

Have you forgotten to "declare an interest"?

As for the expression "541t-list" it does not imply any "Official" status acknowledged or otherwise, just the perception that one exists. Which your comment tends to confirm.

As for the "spooks get to play" as you should know there are several parts to the issue. There is the centre set up by Huawei to answer questions from the spooks, but there are other aspects from which the questions arise, separated by the equivalent of Chinese Walls. As in a game of poker, there are "official rules of play" but the reality is that is at best the ground rules, and the experienced players are at a much higher level of play where "keeping your cards to your chest" is just the start of it...

At the end of the day both you and I know there are rather more players in the game than can be seen at the table. After all the US committee did not make it's comments just for the fun of it, they were fed information that they responded to. The question thus shifts to the "who, why, when" of the information source. Which as you allude to is hiding behind it's own Chinese wall, not just for political reasons.

In that respect the committee report was a fore runner of Obama and the NK-SPE statement. That is those providing the information when pushed fall back on the old "We don't comment on methods or sources" mantra. Thus there is no evidence provided by them by which you can take a pro or anti stance on the matter. However that does not mean that there is no evidence, in fact just the opposite, you just have to look for it.

The simple fact is information leaks no matter how you try to prevent it, as others have noted many times in the past "information comes of age" and "information desires to be free". Thus the best you can do is not stop the leak but try and limit the flow and it's direction. It's one of the things they tell people in "Crisis Management 101".

As an example, I've pointed out on many occasions on this and other blogs that with EmSec / TEMPEST trying to keep it secret is not possible, the laws of nature define what is possible, and agile minds will "re-invent" the methods often in better ways. The longest lag I'm personally aware of is in active EM Fault Injection, I independently came up with the idea back in the 1980's and refined it, and due to who was paying me at the time demonstrated it to a part of the UK IC. The idea had a big bucket of water dropped on it from on high and in effect I was tarred with a time waster brush even though contrary to what they said I'd demonstrated it as a practical attack (funny we have just seen exactly this behaviour with EVM and the French attacks on Chip-n-Pin). But as I later found out the idea I'd demonstrated was treated very seriously and developed further by a "favoured company" of the IC and had become "weaponised". A third of a century later, a couple of students at Cambridge Labs, publish a paper that recreated my original observations. Sadly though they did not take it further for some reason not explained.

Thus there are always bounds on the possible, that you can use to determine what could be going on effectively "sight unseen" and any analyst worth their salt has a fairly good idea of how to find the boundaries often by using no more than open source intelligence. From there they then work inwards enumerating and illuminating as they go.

At the end of the day the basic requirement of any entity legal or natural is to obtain the resources to ensure it's continued existence. In the case of organisations like companies they generally exist in market places, whereby they can eventually self sustain or profit. Market places are just poker games with higher stakes and rather more players hidden or otherwise, thus meeting the ground rules is just the lowest level of operation, determining motives and thus opportunities of other players a higher level as is the finesse by which you exploit them, whilst not revealing how you came to do so.

Clive RobinsonOctober 24, 2015 10:18 AM

@ rubber sinkhole,

I suspect that in the final analysis, Talk Talk will find that the real cause was not having a sufficiently large ITSec department, that likewise did not call in reinforcements early enough.

My reasoning is based not on what Talk Talk has said but what others have reported so a big pinch of salt "the size of Lott's Wife" should be taken with it ;-)

What has been reported is a DDoS as a smokescreen whilst an SQL attack exfiltrated the records.

I'm guessing based on behaviour by other organisations that the staff got tied up on the smokescreen DDoS and did not see, did not recognise or could not respond to the SQL attack. There are a myriad of explanations for each of these including "pressure from above" and the often self imposed "macho" pressure of showing you are up to a task...

The simple fact is we go about ITSec the wrong way I'm not going to enumerate even a fraction of the reasons but just state what I hope is obvious from the old observation of "No man is an Island". The number of quite serious and determined criminal attackers out there far far exceeds the number of people in even the largest organisations tasked with stopping them. Thus no team is up to the task of repelling ALL possible attackers, just a quite limited subset of them. Thus any ITSec team should know that they are going to fail without reinforcements. What they need to do for their own survival is develop good situational awareness and know how to call down external big guns when required. However there are three problems with this firstly the response time of the big guns, secondly the cost of the big guns and thirdly distinguishing the actual attack feigned attack.

This is a problem the military have been trying to deal with since flags and banners were first carried into war.

The big problem with ITSec is that the cost to an attacker is incredibly small whilst to a defender the costs are suicidally expensive. It's "asymmetric warfare" to the Nth degree. The only reason the defenders have not been wiped of the face of the planet is it is a very very very rich target environment. So much so that "it's a numbers game" where the best strategy is best summed up by the old joke,

    Two men are walking through a jungle when a tiger appears, one starts to run whilst the other stops to retie his shoe lace. The first man stops and shouts to his friend "What are you doing, you can not out run a tiger" to which the man tying his lace replies "I don't have to out run the tiger, I only need to out run you".

That is for random target attackers you just have to be a slightly harder target to attack than the other equivalent reward targets around you.

But as a stratagem it can fail badly, the attacker might not see the other targets, or have chosen you for some reason you don't know. But worse as they attack they gain knowledge which makes you increasingly desirable as a target, thus like a snowball once it starts rolling down the mountain it's got a high probability of becoming an avalanche before it comes to a stop.

The primary reason this state of affairs exists is the state of the infrastructure makes it so. There are three parties involved with this the infrastructure suppliers and the two users of it who are the providers (servers) and consumers (clients) using the infrastructure to "make the market". As others have observed neither of the users want to pay for real security so the "of the peg" COTS infrastructure suppliers don't provide it except at very very high "bespoke" rates which are way beyond what most markets will bear as a cost. History teaches us that the only workable solution to this is various forms of legislation that raise all boats.

Nick POctober 24, 2015 10:29 AM

@ Wulf

Thanks for the link to the MAGIC attack. That's interesting. I'll have to dig it out of the paywall later. Just wish they'd stop naming hardware stuff MAGIC given all the stuff already using that name, including this nice tool.

Clive RobinsonOctober 24, 2015 10:34 AM

@ Elton Bou,

The question nobody seems to be asking is: what was that expensive doughnut in Cheltenham (the gchq) doing...

The simple answer is "What they have been incentivized to do.", be it by money or directions from those who pay them or they have allegiance to.

If we change the incentive then their behaviour will change. The trouble is such processes tend to be chaotic from hidden agendas and tipping points as well as suffer from the law of unintended consequences. Thus we may get what we ask for if we ask hard enough, but get not what we need or want as a result. The current US bill on "information sharing" should be one mother of a huge red flag in this area.

Clive RobinsonOctober 24, 2015 10:58 AM

@ Wulf, Nick P,

Yup pay walls are a pain... However I had a google around to see what I could find out.

The lead author is from what I can tell Iranian and she is currently a visiting prof with 25 published papers to her credit.

From this and a couple of other bits and bobs, I think I can take a stab at what the paper discusses.

If I am correct there is actually not much that is not known about the idea, that is the idea is a transfer of methods from one problem domain (testing) to another (attacking).

Essentially I think the idea is to stress chips until they break as an attack vector.

However stressing the chips is a well known art in testing and is carried out all the time during production for two purposes,

1, weed out "juvinial failures".
2, harden chips into Mil Spec etc.


Thus the idea is expressed and "come of age" in the academic community, leaving the methods by which it can be done and optimized for further research, either in the paper or subsequent papers. I'm guessing that there is enough real work there to qualify for a PhD. Dissertation in it's own right.

When somebody gets a copy of the paper and gives it a read, come back and score my guess work ;-)

WaelOctober 24, 2015 11:30 AM

@Clive Robinson,

When somebody gets a copy of the paper and gives it a read, come back and score my guess work ;-)

Somebody will if they're able to get a hold of the paper.

From this and a couple of other bits and bobs,

What are you thinking? :)

Shadowed By Murder of RavensOctober 24, 2015 11:39 AM

@Skeptical, Fourth Wall

... response to post made here...


You have an extraordinary talent in making the weighty light, and the light weighty. I can not help but continuously see your entire persona as satirical.


Wikileaks has made itself into one aspect of the story by publishing highly personal details that most reputable outlets would avoid. But of course that's in part how Wikileaks raises money. If it doesn't garner public attention, it withers; and to garner public attention, it must either have some truly scandalous material (nothing I've read about in Brennan's AOL account remotely qualifies), or it must act at least somewhat outrageously.

There is no dishonor in being able to manipulate the media from an organization which is partially designed to manipulate the media. They do not hide this fact.

While you appear to be correct on Brennan's material having nothing but personal value, you are examining the gorilla with a microscope and so missing the gorilla. The very newsworthy message in this release is simply another powerful message that US intelligence is so very fallible, like the US Government.

As for whether or not there may be anything newsworthy to the rest of the material yet to be submitted, or even the material submitted, we do not know yet.

There could be. And that information will be hosted by one organization or another, or many. Wikileaks simply points a singular repository to such information.

Further, considering the fact that he is a spy, whose business it is to spy on the private details of others, there is hardly any condemnation here, for himself being caught being spied on. That - apparently - a teenager did this makes it all the more shameful.

But, the better media outlets have certainly focused on the question of what Brennan had on his account, whether it proper, the gravity of the mistake, what it says about the conduct of public officials generally, etc etc etc.

And "better" media outlets could only write their story with proper sourcing because Wikileaks acted as their invaluable source.

Again, there is no shame on Wikileaks here, only on the CIA.

No amount of sophistry would make this otherwise. The message was powerful and implicit.

How well do you know Windows, its weaknesses, and how to protect them (e.g. EMET)? How well do you know Linux? Is physical security of the device achievable against threats against which you wish to prepare?
Which raises an interesting question that others here are far, far better able to answer than I am: how much does that user need to know in order to improve security? Stacks, heaps, overflows, security tokens and security contexts, privilege rings? Or perhaps all the average user needs to know is a small set of practices and concepts highly abstracted from the seemingly endless dimensional extensions of technical turtles, entangled in a quantum sense with God knows what other stacks of species which frequent metaphors and urban myths. Really - who has the time for all those turtles, unless you truly enjoy soup or the view or study these things professionally in some aspect?

There is some due deserved here. This is a correct estimate, and further, I highlight that you point out the problem so often missed: that of physical security of the device. This is especially true when dealing with nation state adversaries. And I do not mean by physical security of the device merely the capacity for them to steal it. But to steal and replace it. To modify the hardware of it. To have access to the room and the building in which it is in. So as to wire it for sound and video, for instance.

Still, none of this is pertinent for this group. I do not think any of them have the strong motive of any nation state against them. Yet, paradoxically, they spend so much time contemplating in full view the construction of systems to hide secrets. What those secrets are, this is never said. But, the importance of those secrets is seemingly implied by the diligence of their efforts.

Does this lead anyone to obvious conclusions? It probably should not. Not all things are as they appear to be.

Some things are very much bigger on the inside, then they appear to be by the view of the outside.

Maybe - it depends in part on what was in those drafts and when he wrote them. More importantly, it's entirely possible to report that aspect of the story without dumping his emails and partially completed SF86 on to your servers for everyone to peruse.

It is possible to report any story without sourcing and references. That does not mean this is the way journalism nor academia should operate. Evidence is paramount.

The obvious and real message here, again, is the atrocious infallibility of the US Government, foremost of their vast intelligence infrastructure. And if their intelligence is bad, their entire system is bad. They are as with a person, dumb.

I say this, of course, partly simply to be challenging. A seasoned crowd like this would take insults demeaning intelligence as a trick by intelligence its' self... or possibly as a ruse to emit emotion, to discern what emotional investments what posters may or may not have on said subject.


I think transparency of policy - and just as vitally, and far more difficult to achieve, understanding of policy - is vital to a functional democracy. And I believe that a free press is essential to that enterprise; and I think that whistleblowers are an important protection against corruption and abuse.

The good thing stated here is that whistleblowers are an important protection against corruption and abuse, and that -- an important protection for a functional democracy.

But, this "transparency of policy" and "understanding of policy" statement is meaningless drivel that contaminates that more noble and clear thought.

But Wikileaks just goes so far beyond any of those things as to make me seriously question whether their values are anything more than a moldy mix of half-baked anarchism, outdated pop-neocolonialist theories of the world, anti-Americanism that receives funding from one of the most authoritarian governments on the planet, and sheer ego.

This is entirely impertinent speculation. Trying to stick on Wikileaks the label of "pop-neocolonist" is preposterous. "Colonialism" is a verifiable primary shame and evil of the past of "the West", and sticking it to anti-colonialists, futurists, such as Wikileaks is entirely unfair.

Just keep throwing shit and see if any sticks, perhaps.

As for being "anti-American", did not Hoover and McCarthy entirely wear out that very label when they promoted it to the status it has today?

Considering Wikileaks is all about confronting "colonialist" like powers with the audacity of powerful evidence and armored with the principles of free speech, well? You can not get more American then that. They honor America, by honoring her noble roots, those roots of her honorable founding papers and principles.

I'm sure for Wikileaks Brennan represents some kind of awful, evil figure. In reality he's an individual in the public service of a legitimate democracy with robust protections for individual rights, who is not corrupt, and who has not broken any laws. There are reasonable arguments against the counterterrorist strategy Brennan backs; but there are also very reasonable arguments for it. And let's be clear: in the real world, i.e. the world of practical possibilities, the alternatives to targeted aerial strikes are bloodier and far more complicated.
Once upon a time I might have said - this small footprint approach is simply political gamesmanship pretending to be effective policy, and the price is counted in billions of dollars of resources and numerous lives injured, wounded, and destroyed, pointlessly, in the service of small wars that merely manage and never resolve the core problems. [NB - I know better today].


These statements comprise a truly amazing statement of yours. In your second paragraph you get clear to the most plausible truth. What, on earth, would have made you back away from this, I wonder?

Is this not just an empty posture of yours?

Regardless, Brennan, drone strikes, the private thoughts and beliefs of the various members of Wikileaks... these things are all irrelevant to the simple message of the hack. The simple message of the hack is that they are very fallible. The only relevancy to imbue there otherwise is downwards from that.

So, it may have relevancy to Brennan, personally, and the drone strike program. But, it also may have relevancy to anything else the CIA or US Government, or US Intelligence does. Or does not do.

If they are so fallible, why on earth are they out there unleashing drones across other people's countries? That is where the relevancy is.

Is there indiscriminate attacks against civilians in these attacks? Do they have any manner of intelligence that justifies any of their targets at all? They are fallible, so very probably not.

There are countless examples of the American government doing wrong things. I do not say this being "anti-American", it is simply the facts, for the country and government is fallible. In fact, this very sentiment is strongly held within the founding documents.

Which means my statement is pro-American. And those who act as if America is infallible in whatever she does regardless of how questionable? They are acting truly as "anti-American", if one must use such a term.

But in a democracy you don't always get your favored policy.

Brennan did not originate this policy. He is merely a figurehead. He does, as you said, back the policy, however.

None of the voters got to vote on this policy. At best, it might happen that politicians would consider the polls. But, at this time, this does not mean grave injustice is not being performed with these drone strikes. The fact is that who is getting hit and the atrocities happening far over there are simply poorly documented. As we saw in the Civil Rights movement. As we saw with those Americans who backed Stalin or Hitler, before everyone had the full facts.

As we have seen with some many American policies and objectives.

Historically and current.

In fact, there is a very grave problem when pundits start to try and act as if the American government is infallible, as the old Roman system was. (And it is no wonder that so many of those neo-con pundits who do exactly this are also hardened Catholics longing for the days of the infallible nation state.)

But for just one of countless examples, take a gander at these articles and see what depravity is being hidden and helped by America in Afghanistan -- these will show you matters you will be entirely unable to unsee:

http://www.nytimes.com/2002/02/21/world/kandahar-journal-shh-it-s-an-open-secret-warlords-and-pedophilia.html

http://mobile.nytimes.com/2015/09/21/world/asia/us-soldiers-told-to-ignore-afghan-allies-abuse-of-boys.html?_r=0

albertOctober 24, 2015 12:02 PM

@Michal Valladares,

Lovely!

"Welcome, General Secretary! Don't worry about those Tibetan protesters. As a departing gift, we'll send you all of their data before you even get back to China."

Actually, I'd like to see the English dogs jump off the lap of their US masters. It'd be good for US and good for them.

. .. . .. _ _ _

Hot Jaclyn Screencaps!!!!October 24, 2015 12:54 PM

@Shadowed By Murder..., very impressed by your ability to keep a straight face with skepticule boo-hoo-hooing over the privacy of the guys who spend billions to find out what you fap at. You are a primo straight man for extracting the laffs from brainwashed government suckups.

GrauhutOctober 24, 2015 1:07 PM

@shadowed The whole Brennan mail and morality question is easy to answer.

"He who fights with monsters should be careful lest he thereby become a monster. And if thou gaze long into an abyss, the abyss will also gaze into thee."
(Nietzsche)

They gazed long enough into the peoples data abyss, now the people love to gaze into theirs.

Remember the end of the Stasi? Its history repeating, will be the same this time...

http://www.the-berlin-wall.com/videos/dissolving-the-stasi-732/

name.withheld.for.obvious.reasonsOctober 24, 2015 1:23 PM

Have been hearing about Telsa's update to their Model S's that have added autonomous control (lane changes seem to be the extent of it). The changes have caught a few owners by surprise....sounds like a Windows 10 update...

Nick POctober 24, 2015 1:59 PM

@ Grauhut

Ahh. I'm going to stay out of that one as I have enough on my plate in terms of government crimes past and present. For present, I'm mainly focused on NSA surveillance, clandestine services risks, and domestic LEO abuse. Conspiracies just take too much time to do that could be spent on my R&D.

@ Wulf

Thanks for the PDF. It's in my collection.

@ Clive Robinson

"When somebody gets a copy of the paper and gives it a read, come back and score my guess work ;-)"

You guessed that a paper about stressing chips to break security stressed chips to break security. You get a 100 I guess. :P

"The lead author is from what I can tell Iranian and she is currently a visiting prof with 25 published papers to her credit."

Now there's some good info. Neat stuff.

" I'm guessing that there is enough real work there to qualify for a PhD. Dissertation in it's own right."

I'll go further and say several PhD's. This is essentially the software DOS problem applied to hardware circuits. Just ensuring reliability of HW circuits, as you said, is a field developed over decades with a lot of work. I mean, a *lot* of work. Any of these tricks might fail when the inputs are intentionally designed to wear them out. So, there's a lot of potential.

Further, my research on ASIC's show that the circuits at deep submicron, esp close to 28nm, run in an inherently broken state. There's just so many forces trying to prevent them from working that something like half the components (esp latches) are there just to counter that. So, they run in a constantly degraded state. This implies that stress attacks get more powerful and numerous as the nodes get more advanced. That most of the work at those nodes is done with synthesis suggests that it will take automated tools to prevent or detect these issues.

The work will have to be a language and HW verification levels. Problematic constructs for various processors should be identified and detected with analysis tools. These might spot the constructs in SW at language level. We already have quite the literature and tooling behind that. The others will likely be interface checks for certain RTL components that restrict how they might be used. Then, other verification methods will ensure that the composition of the components don't lead to a state feeding them input that causes problems. The SW and HW approaches can be combined.

Just how viable it is at this point I don't know.

Nick POctober 24, 2015 2:54 PM

@ Wael, Clive, name.withheld

When I was digging into HW, one thing I thought was that it could be advantageous to use *only* combinational circuits in HW design. The reason is that they're like functional programming for HW with associated advantages in synthesis and verification. I figured it must be *really* difficult to make such a concept useful for the chip as a whole since the HW people don't do that. I mean, nobody is accusing them of being stupid given all the magic in EDA, etc. ;)

Anyway, I just stumbled upon a paper that does exactly what I proposed with many advantages, expected and unexpected. The tech is called Null Convention Logic. The paper describes the logic, how to build stuff with it, and some examples. The research site is here. The company pushing the tech was acquired (probably for patents) by another company I can't reliably track. So, that tech is probably gone. Still have the paper and the R&D company would probably assist EDA tool builders.

Aristotle - A logically determined (clockless) RISC-V RV321

This RISC-V processor was implemented with Null Convention Logic. First time I've seen a processor say "No clock, no state machine, no flip-flops, no glitching, no wasted switching." Logic leads to "No races, No glitches, No spurious transitions." That while already executing QuickSort at 400MIPS. Wow.

Remember that Sandia's and some other methodologies do the intial design in a functional language, have equivalent HDL side-by-side with that, do equivalence tests, and synthesize from there. For true HW engineers, these methods might be a boost in productivity and verification. I think there's more potential to tie this into work by Baranov (high-level synthesis) and Clifford Wolf (YoSys OSS synthesis). Idea being that people treating 350nm-180nm design as a black box with as many tools and few specialists as possible might have an easier time as clockless, stateless methodology knocks out so many issues.

Your thoughts on any of this?

keinerOctober 24, 2015 3:00 PM

@Mr. Brennan

Unbelievable nonsense!

Your link

http://www.paulcraigroberts.org/2014/10/20/us-government-master-criminal-time/

refers to this clinical trial:

https://clinicaltrials.gov/show/NCT02041715

a phase I trial, studying the safety and pharmacokinetics of TKM100802

(no exposure to Ebola virus...)

which is a " lipid nanoparticle ...formulation containing two synthetic small
interfering RNAs"

http://www.ema.europa.eu/docs/en_GB/document_library/Report/2014/12/WC500179062.pdf

Hope you know at least what RNA is, otherwise, Wikipedia will help...

BoppingAroundOctober 24, 2015 4:15 PM

name.withheld...,
There are also rumours or large swathes of data sent by those cars back to the
HQ. I cannot back this up though.

GrauhutOctober 24, 2015 4:21 PM

@Nick: "Conspiracies just take too much time to do"

Conspiracy? Funny word in this case, i think it's secrecy. Doesn't matter if you are active in attack software or wetware, offense or defense, in order to do build a tool chain you need real stuff to test it. Otherwise you will never really know if your stuff or anti-stuff works, right? No need to discuss this deeper. ;)

Alien JerkyOctober 24, 2015 4:50 PM

Seems strange given that Snowden has more than 1.5 million Twitter followers, that he has not made a new post since October 16.

WaelOctober 24, 2015 5:00 PM

@Nick P,

Your thoughts on any of this?

Sorry to disappoint you. Been a long time since I looked at this area. This is a little out of my area of expertise. I think @Clive Robinson and @name.withheld.for.obvious.reasons, and others are better positioned to give you a more informed opinion.

The book I recommended earlier was for Analog HW -- not Digital, by the way. If you are interested in an entry level text on Digital Design, I have just the right book for you :)

Mister Brennan, blood is coming out nipplesOctober 24, 2015 6:05 PM

@keiner, wow, guess Boyle's whole point went right over your head. Did you at least feel the breeze? Boyle documented how USG uses defensive research as a pretext for illegal offensive research. This is the cure for what CIA illegally developed to test it. You know Boyle, Boyle is the guy who showed Spike Bowman where the USG's illegal anthrax weapon came from, that time Spike Bowman went and destroyed all the evidence, remember?

So anyway, Doctor Science, now that you've explained RNA to us, could you explain how Ebola busted out 800 miles from its endemic area with no outbreaks along the way?

Ireland's High Court Orders an Investigation into Facebook's Transfer of European Union Users' DataOctober 24, 2015 6:39 PM

"Ireland's High Court on Tuesday ordered an investigation into Facebook's transfer of European Union users' data to the United States to make sure personal privacy was properly protected from U.S. government surveillance."
http://www.reuters.com/article/2015/10/20/us-eu-privacy-facebook-idUSKCN0SE14G20151020

"A key element in the US-EU row over privacy has been the fear that US Internet firms are handing over data to the National Security Agency, in light of revelations from former intelligence contractor Edward Snowden"
http://www.afp.com/en/news/tech-spats-spark-us-fears-digital-protectionism

Comment: The USA corporate sponsored trade TPP and 'secretly give us your user data' CISA bills are meeting their match against recent European rulings.
American corporate Big-Data lobbyists can't seem to understand that other nations have first and final say as to how their citizen’s data can be exploited.
By passing these laws, Congress would do nothing but incite The European Union and many other countries by indemnifying America Big-Data corporations from a lawsuits and criminal charges.
Do China or Russia allow their data to be trafficked to American Big Data? Does the USA allow its citizen data (beside Top-Secret Clearances) to be trafficked to any foreign nation? (NSA is the exception)
The European Union has been developing a new "digital single market" simplifying rules for operating within EU borders -- but which could also include new regulations for online "platforms".

One solution offered is naïve: “To address those concerns, US lawmakers have moved to pass a bill allowing non-citizens to enforce their data protection rights in US courts under the Privacy Act.”

Even USA citizens cannot sucessfully sue, as USA courts have repeatedly ruled against almost every privacy lawsuits involving the government. Just say 'national Security' and all claims are dismissed.
Furthermore unlike Europe, USA citizens give up their Constitutional Rights by simply agreeing to a 173 page Big-Data EULA.
The ONLY European solution is to block external corporate data trafficking except through encrypted, automated and verifiable national data exchanges run by Customs officials.
Please understand there is no concept of privacy left in the USA.

Our health records are the next to be violated. Enforcing the HIPPA law is a joke as it falls under the Office of Civil Rights. No corporate officials are ever prosecuted. Corporate Big-data is entering into the health care industry and deceptively asking for unigie Social Security Numbers to track patients, even if it’s against USA laws. Its the corporate Wild West. Wanted citizens are to be tracked-down and inventoried.

Mister Brennan, oops I dropped the beaker October 24, 2015 6:48 PM

No? Well, then, guess you can't explain how it busted out 2,200 miles from the Zaire strain's endemic areas, by a very tragic and unfortunate coincidence, right where the US does BWC-illegal bioweapons research.

ianfOctober 24, 2015 6:55 PM


@ Curious Re: accusations vs. Snowden of harming IC ops […]

Since these ops are by default ZUPERDUPERSRCRET—else what's the point?—they have to be deniable, ergo didn't happen, so what potentiality of what harm would we be talking about?

    ADMINISTRIVIA: Would it cost you too much to employ Capitalization for Names, Places, Norway, etc in your comments. This screen text is pretty monotonous already, there's no reason to flatten it further still (the SHIFT key is right there next to CTRL. Show us you're in CTRL of both ;-)) Thanks.


@ Clive, while the moral of your parable sounds OK, the logic of that “one tiger-meal running away, while the other stays behind to tie its laces, then agreeing that he can not outrun a tiger anyway,” doesn't.


@ AlanS

More on British spooks of decades past: "MI5 and MI6 cover-up of Cambridge spy ring laid bare in archive papers". Current American spooks seem to be about the equal of the Brits in the incompetence dept."

Hey! Unless you've been through the ringer, neither you nor I will ever know what IMPORTANT FRONTLINE DEFENSE OF THE REALM JOBS they could have had fucked up in the past, or could (not) be in the present. Need to know basis, and you don't qualify. Besides, now and then something good comes out of it: e.g. this Personal History The Madness of Spies: A Secret Service secret by (once briefly in M.I.6) John Le Carré. Which reminds me: today, the 25 October 2015 marks the publication of the first authorized biography of this my fave spy-thriller now 86yo author.

tyrOctober 24, 2015 7:15 PM


@Clive, et al

I've been digging into the documentary links again so
your point about the deeper connections makes a lot
of sense. Pilger has made a pretty good case for the
UK, US and UN being complicit in re-activating the
Khmer Rouge.
The implications of that make a mockery of any public
outrage expressed by the politicals. His broad brush
has tarred a lot of the worlds leadership with a nice
layer of brown stuff that stinks pretty badly. At the
bottom you find the usual suspects TLAs and State
department leaders and theorists. That all of this was
done to kiss up to the Red Chinese indicates a much
deeper connection than most are comfortable with. We
know none of this goes away it just gets more convoluted
as you dig into it.

I'd think that Brennan would have been smart enough to
ask for a pentest from within the ranks. After Petraeus,
taking that job and not immmediately asking them to vet
you for weaknesses is fool hardy and irresponsible.

MAGIC reminds me of the way systems were rated in tele-
comms in ancient times. A civilian system had to be up
to 70% capacity of channel usage, the equivalent milspec
had to operate with 100% channel usage. This was design
specification. It is quite likely you'll find this in
chip designs and the tighter the specs the higher the
price. This is because nothing really goes away, it gets
buried in the great leaps forward.

@Nick P.
That looks interesting. I detect a bit of overhype in the
Aristotle front page... : ^ ) Reading may make it all true.

Nick POctober 24, 2015 7:24 PM

@ Wael

Of course Id like to know what you recommend for digital given 90+% of what I post on HW is digital. Including the above links. :P

What's it called and why is it good?

WaelOctober 24, 2015 8:19 PM

@Nick P,

I searched my book shelves and boxes and couldn't find it. Searched Amazon and immediately found the book as I quickly recognized the authors' name. It's good because it gives a solid coverage of the fundamentals and gives a good introduction to Verilog and HDL. Not sure what has changed in the newer editions. It comes with a steep price tag, though. Just to be safe, look for the 4th edition according to a professor's review comment.

I originally found this book in a community college bookstore a while back in the eighties :)

tyrOctober 24, 2015 9:46 PM


Here's a peach.

https://foreignpolicy.com/2015/10/21/russia-winning-the-electronic-war/

I'm beginning to wonder just what they have done with
all that tax money? We have the biggest military budget
the world has ever seen, you'd think it could buy some
decent capabilities. Let me guess, all the money went
to gee whizz and pork barrel for contractors, leaving
the troops naked against a determined adversary with
decent ECM ability. If I was still in I'd be doing some
bayonet drills on my time off in case it became useful.

I love the idea that more warm bodies will fix this.
Last time I looked you needed people who are trained
and serious about their jobs to do EW.

name.withheld.for.obvious.reasonsOctober 24, 2015 10:30 PM

@ Nick P


When I was digging into HW, one thing I thought was that it could be advantageous to use *only* combinational circuits in HW design.

Don't know what Wael or Clive think but to summarize:

Are you talking about combinatorial? That is different and not too far from the position I'd argue for base platforms...of course my preferred implementation would be a combinatorial system based on a dual-synchronous analog-digital processor hardware core that could self-correct, or at a minimum, verify operational integrity. Good thing that wasn't a long sentence!

name.withheld.for.obvious.reasonsOctober 24, 2015 10:38 PM

@ Nick P, Clive, Wael

I mean, nobody is accusing them of being stupid given all the magic in EDA, etc

That's hilarious, spice model magic, net lists, and transmission line calculations are just hidden by all the stupid Java glue to make it GUI'fied. Programming by mouse (I'd say moose) is not excuse--real programmers and hardware geeks work down low.

I was just looking over some of my older ASM system(s) that I'd built in the past and the platforms they worked on--pretty surprises when you profile their execution on new hardware (tens of orders of magnitude in performance real/user times). And you know me, move it down low so you know what is going on so you don't have to guess on the compiler or have to use a disassembler and a debugger (there is a German manufacturer of ICE systems that cannot be beat).

WaelOctober 24, 2015 10:49 PM

@name.withheld.for.obvious.reasons, @Nick P, @Clive Robinson,

real programmers and hardware geeks work down low.

True!

there is a German manufacturer of ICE systems that cannot be beat

Oh, how I wish they upgraded thier 80's style Motif UI (on UNIX and MacOS)

name.withheld.for.obvious.reasonsOctober 24, 2015 10:56 PM

@ Nick P, Wael, Clive
Sounds like too much Kool-Aid (TM) there Nick--are you sure you're feeling okay. The no-clock, no state machine, functional programming killer seems too good to be true. Seems to me it is a "Deterministic" design and merely hides the clock(s) and potentially a bunch of hand waving--if it produces VHD modules that would be worth inspecting...

@ Wael

I originally found this book in a community college bookstore a while back in the eighties

Dude, you are soooo dating yourself--you old timer.

@ Nick P
I have several sources I'd recommend but after a full day at work it might not be till next week that I get back to you with something substantive.

name.withheld.for.obvious.reasonsOctober 24, 2015 11:03 PM

@ BoppingAround

There are also rumours or large swathes of data sent by those cars back to the
HQ. I cannot back this up though.

It is one of the reasons I don't want to take my vehicle to the dealer to download the ODB data that probably includes telemetry/travel data. There needs to be some push back on this crap--I just got done telling my daughter "Just because you can do it, doesn't mean you should." If I have a gun that can kill all Eskimos, its use would probably not be greeted with gratitude...

Imagine auto updates for nuclear weapons systems....

name.withheld.for.obvious.reasonsOctober 24, 2015 11:09 PM

@ Weal
Yeah, but their platform support does provide interfaces to Keil Software...it is a good combination. Lauterbach, as you correctly identified, strength is in both its spice simulations, ICE debugger interface, and breadth of platform support. It is a good, hardware hackers necessity--find it invaluable in design and in debugging other systems.

Good catch, I often like to play the cryptic critic. Not in a mean or arrogant way, I just like to see if others are willing or want to do some work. The information here is free but there should be some effort left to the reader.

name.withheld.for.obvious.reasonsOctober 24, 2015 11:12 PM

OOPS!!!

SORRY Wael--bad attribution on my part--my apologizes (or in my Anglo voice--apologises).

Nick POctober 24, 2015 11:27 PM

@ Wael

Thanks for the link. Digital Design 4th Ed is pretty affordable ($10-20) if Used. The comments on this one are mixed. Some say what you say. Many say the book has several errors per chapter along with no answers to most of the sample problems and some incorrect answers. Two said you needed a professor working with you side-by-side to correct for the errors.

I'll keep it on my list just in case but that sounds like a lot of trouble for unassisted newcomers. Particularly doing sample problems without knowing if they were right. I like what's in the Table of Contents, though.

@ tyr

That might be possible lol. There are maybe two teams I've seen that keep making really good stuff in asynchronous logic. They always deliver on some overhype. ;) Just have to do a lot of things differently and most tools are about synchronous design. So, results might vary considerably.

@ name.withheld

"Are you talking about combinatorial?"

I *think* I'm talking about combinational. Most references I see talk combinational or sequential. The paper (see "Null Convention Logic" link) on pp 20-21 references combinational circuits. So, that's what I'm going on here. The other term is giving me nothing except combinational references. I'm guessing they're two different words for the same thing.

"my preferred implementation would be a combinatorial system based on a dual-synchronous analog-digital processor hardware core that could self-correct, or at a minimum, verify operational integrity"

That sounds like some interesting stuff. This is the part where my limited HW knowledge having ass is foolish enough to ask "Why dual-synchronous?" while hoping I'll understand the answer. ;)

"That's hilarious, spice model magic, net lists, and transmission line calculations are just hidden by all the stupid Java glue to make it GUI'fied. "

Bro, if you can do this by hand in a reasonable timeframe for any real-world project then I give props to you. I call the technology that lets designers do most of that something like "magic" even if it could be better. Even an 8-bit micro on 90nm is quite a bit of work despite using best EDA tools and standard cell model. I'd imagine the paper wouldn't have happened if they were just using hand-drawn ASM's, MAGIC EDA and a SPICE tool. ;)

Most of my HW studies have been about methodology and tooling for advanced nodes. From those details, I respect the hell out of what brains went into EDA (esp deep submicron). No surprise each company's R&D budget is $300+ mil on top of acquisitions. You might laugh at their shitty construction/maintenance/interfaces... we all do haha... but let's be real about their capabilities.

"I was just looking over some of my older ASM system(s) that I'd built in the past and the platforms they worked on--pretty surprises when you profile their execution on new hardware (tens of orders of magnitude in performance real/user times)."

Move it down to PALcode or microcode with a HLL-to-microcode compiler. Maybe the RISC-V Rocket or VAMP DLX processors so you know the internal states too. :)

"Sounds like too much Kool-Aid (TM) there Nick--are you sure you're feeling okay. The no-clock, no state machine, functional programming killer seems too good to be true. Seems to me it is a "Deterministic" design and merely hides the clock(s) and potentially a bunch of hand waving--if it produces VHD modules that would be worth inspecting..."

Could be. Will find out eventually. Just collecting it and getting comments for now.

"I have several sources I'd recommend but after a full day at work it might not be till next week that I get back to you with something substantive."

Look forward to it.

Clive RobinsonOctober 25, 2015 12:03 AM

@ tyr,

Electronic Warfare (EW) has always been a bit of a problem, since electronics got into warfare in the 1800's. It offered faster control and response if and when it worked, but it was far from dependable then --or now-- (a point Gordon Welchman made frequently when working at Rand, which gave rise to the Internet).

The main take away being the distance vulnerability metric of combat peers. In essence it does not matter how you modulate the information on the electrons or how you squirt the result between points, if the enemy is your peer technically then if their distance to either point is less they have a square law distance advantage after a relatively short period of time to recognise new systems. There are various ways to deal with this, but they basically boil down to keeping distances short with relays that can route around the enemy.

If however --as the US has been doing for the last twenty or thirty years-- you are not fighting peers you start to assume a communications advantage, due to little or no opposition on the "One eyed man..." principle. The danger is making the advantage a dependency in your battle plans [1] (which the US and NATO appear to have done).

The use of drones in the middle east but controlled from Las Vegas is a clear indicator that there is something wrong in the battle plan at many many levels. Which is the assumption of all future enemies will be non peer. Which has now gone horribly wrong with the fact the Ukraine is in reality a "super power 'proxy war'", which neither the US or NATO have partaken in since quite a while before the fall of the Berlin wall.

The result is that the very expensive combat radio systems have been dropped in favour of COTS mobile phones, commercial digital two way radios and the like. Fine for asymmetric warfare but not for peer warfare.

One solution for the drone issue is to use a relay point in an EW or AWACS / AEW&C aircraft such as a "rivet joint" or "sentry". However they are based on commercial airframes and as MH17 has shown the Russians already have a solution for that in field.

[1] When people look back at the desert war in WWII you often here people make comment on Montgomery's almost non use of Enigma Intel. Non military thinkers tend to assume it was because of a fear that the German radio security people would be tipped off, which whilst it might have been a contributing factor was not the primary reason. Montgomery was "an old soldier" which meant amongst other things he understood caution in action. He understood that whilst being bold got headlines and medals when it worked it quickly caused resounding defeat when it went wrong. Thus his plans were based not just on the assumed loss of Enigma intelligence but on the expected loss of communications as well.

WaelOctober 25, 2015 12:57 AM

@name.withheld.for.obvious.reasons,

Dude, you are soooo dating yourself--you old timer.

Don't make the assumption I "attended" the college! I could have been 11 or 12 when I visited the bookstore, or maybe older. Either way, age is just a number. I certainly don't feel old, and obviously I'm not acting it either ;)

@Clive Robinson, our "Sherlock Holmes", attempted to calculate my age sometime ago. I'm a few centuries younger than him :)

OOPS

No worries! It's an age thing ;) None other than "truly yours" made the same mistake with his own name on a few occasions!

SORRY [...]--bad attribution on my part--my apologizes (or in my Anglo voice--apologises).

So a professor and his student were on a scientific trip to the North Pole. The student had to take the temperature of a specimen. The thermometer read "-40", but the scale was marked neither Celsius nor Fahrenheit. When the student asked his professor what he should record, she told him it's Celsius :)

PS: At negative forty, Celsius and Fahrenheit are equal. Apologies for being somewhat cryptic too -- the verbs differ, but the nouns are the same. At noun, 'apologize' and 'apologise' are the same ;)

Shadowed By Murder of RavensOctober 25, 2015 1:27 AM

@999999999, Curious, Fourth Wall, et al

... this post 'Snowden is Not a Hero'...

Truly despicable writing, but what does one expect from such a child who wrote it? The sad fact is, and the only reason for a response, this is actually the very same juvenile response other critics of Snowden take who are decades older then him and have experience. Experience in anything.

The core argument? Painfully transparent. Snowden has caused problems for the US because he revealed these shameful actions the US has been doing, therefore Snowden is "bad".

Truly despicable when kids just wet behind the ears are growing up to go into government with that sort of attitude as their passport to work.

@Alan S, Fourth Wall, et al, regarding Brennan Hack

The Salon article you quote is a masterpiece on the subject.

( http://www.salon.com/2015/10/22/the_raging_irony_of_wikileaks_latest_win_inside_the_absurd_hacking_of_cia_chief_john_brennan/
)

This is exactly the message sent out by this recent hack of Brennan's. And, so far, it is the message sent out by the OPM hack.

People should pay attention. There are two ways people communicate, one could say. One way is explicit communication. The other way is implicit communication. Most messages have components of both. These are profound implicit messages and they strike and go in deep to people.

That Salon writer is *listening*. That is good.

... keep your ear placed firmly on the ground... I hear a very gentle sound... we want the world and we want it...

@Grauhut

Yes, indeed. That which is whispered will be shouted from the rooftops. People would be good to mark those words when they deal in this manner of business.

No more secrets.

...


I find in these cases quite a number of interesting points of suspicion. But, I also do not see much on these matters. For instance, why is everyone saying that the hacker is a 13 year old? You see this in all of the reports.

I looked it up.

http://www.dailydot.com/politics/the-guy-who-hacked-brennan-is-still-alive/

They say he is 13 years old because he claims to be 13 years old.

He lives up to that role, by his statements. But it is trivial for someone who is older and more sophisticated to play themselves down. Does this genuinely occur to no one?

Notice that there is further evidence for his youth in that article. Evidence given by the mysterious hacker Jester. Jester is his character reference. Jester is a wanted criminal hacker on the run now for several years. Yet, apparently, he is not so unknown to the US Government, because one source from the government confirmed he did work as a contractor for the government.


http://www.nytimes.com/2010/12/04/world/europe/04domain.html?_r=0

It might be noted, that source is unnamed and not even introduced. There is just a blurb right in the article. Regardless, that one blurb is repeated by numerous future articles.

And, like "cracka", the hacker of this attack, Jester also has a very one dimensional persona. They are enemies, their one dimensional politics makes that very clear, so Jester's confirmation he has known him for years means that there is some reliability to his statement. Why would Jester lie about a clear political enemy and rival hacker?

These are all grade school level tricks for enhancing cover.

Every word from their mouths enhance their cover.

And if "cracka" is 13, then how has Jester known him for "years"? He was hacking with "Team Poison" when he was 10?

People should also consider the other group in that mix, Lulz Sec, and their shady relations and works. Right there, dead in the middle of it all. Anonymous, Lulz Sec, Jester, Team Poison, Cracka... Daily Dot was a primary journalist vehicle for breaking that story. One which still has not made the mainstream news. Much of what Lulz Sec did, and so attributed to "Anonymous"? They did while working for the FBI. Including hacking and doxxing Stratfor. And infragard. And at least one policing agency.

As well as many international embassies.

(And who on earth ever would target international embassies but counterintelligence? Which the FBI has a sizeable department for.)

People are being played. It looks like some rogue government agency has just hacked Brennan.

I would not be surprised if they were not a division of the CIA its' self.

Wasn't like Patreus wasn't taken down under such shady reasons. Brennan must have crossed a line, and this is an attempt to get him out of the seat.

I would not be surprised at all if Brennan is not gone within a few months.

But, let us see. OPM may be tied to all of this. I am not so sure China did that, and half expect to see it doxxed. Like Sony.

Kind of shady that you see the SF86 form in the result of this hack. Like there might be a connection there with OPM.

But, who knows.

... something is going down... and they are taking their time while doing it...

Shadowed By Murder of RavensOctober 25, 2015 1:29 AM

@Hot Jaclyn Screencaps!!!!

@Shadowed By Murder..., very impressed by your ability to keep a straight face with skepticule boo-hoo-hooing over the privacy of the guys who spend billions to find out what you fap at. You are a primo straight man for extracting the laffs from brainwashed government suckups.

*Tired smile*.

Keeping a straight face. Large part of the job.

If only people knew.

;-)

Clive RobinsonOctober 25, 2015 1:46 AM

@ Nick P,

I started trying to read the PDF but there is something about the way it's written that makes my head nod, crash and snore by page two. So I gave up and went to bed early, which was a bad bad mistake... The UK clocks went back last night which means my body has a double whamy and thus my guts are making strange "feed me" noises well before they should do (a hell you've yet to experience this year). As you might have guessed I'm no fan of the twice a year clock fiddling, the only up side I can see is that due to how UK legislation works, we end up with a "Time Lord" that has to appear in the House of Commons with a variation so that the UK's "Spring forward / Fall back" aligns with "the Continentals" not other parts of the world...

@ Wael,

I've now seen four of the six permutations of the non initial letters of your name... I'm unfortunately cursed with both a personal and family name the initial letters of which can not be pronounced by something like 1/6th of the world's population and pronounced incorrectly by another 3/5ths so you have my sympathies, when it comes to name mangling.

With regards the book recommendation, there are a couple of digital logic books that come out in separate VHDL and Verilog versions. Unfortunately they often fall into the "Uni Library" pricing scam but cheaper "student" versions do appear around 1/3 the price often a year or so later.

Put simply book publishers have come up with a little wheeze to squeeze loads of cash out of Uni Libraries. In essence they offer book deals to Profs and the like to write a book, which then gets printed in a very limited quantity and sold in the 150-300USD price bracket. The very high price was in the distant past justified, due to manual type setting etc, now it's just "profit in the bank" with no quality control on content and rife with academic "log rolling". A single book marketing person can pull in 1-2million in profit each year with this scam.

Whilst many such books published this way are in essence "vanity books" some are really quite good, unfortunately the publishers often contractually tie up the author so getting a more reasonably priced version of the book can be at best slow or often non existent.

One publisher notorious for starting this trend is Artech books pushing out even reprints in the 100-200USD price range, knowing that neither Uni or Corporate libraries will complain. But it rules out the likes of individual engineers etc.

To give you an idea of how bad it can be, until fairly recently I was spending the equivalent of 4000USD/year at current value for over a quarter of a century to fill my dead tree cave, which in real terms would have purchased me a nice two bed apartment or three bed house in London over the same period which would now be kicking back ~2000USD/month rent...

So going for the books was a really poor investment choice and thus a cautionary note for those thinking of starting their own dead tree cave... Think of it not as I did originally which was as "an investment in my future through knowledge", but a vanity / hobby project, such as shoes / handbags / memorabilia / old cars / computers / etc etc that people "collect for the sake of collecting".

WaelOctober 25, 2015 2:13 AM

@Clive Robinson,

As you might have guessed I'm no fan of the twice a year clock fiddling

It's to save electricity! I say do away with daytime savings, and give us an additional day off. That will save more power!

London over the same period which would now be kicking back ~2000USD/month rent...

I have a friend who sold Apple stock and bought Nokia instead. He lost over $600K in three years :) And I cost him an additional $50K with a bad advice, even though I know nothing about stocks.

CuriousOctober 25, 2015 2:21 AM

@ ianf

I never really planned to elaborate, but since you inquired about my lack of capital letter N in certain cases, I always write norway with lower case N. It is for me a way to show how much I dislike it. As for you maybe being annoyed by other people's lack of proper text formatting on the internet, you have my sympathies. :)

Clive RobinsonOctober 25, 2015 2:33 AM

@ Shadowed by Murder,

For instance, why is everyone saying that the hacker is a 13 year old? You see this in all of the reports.

I suspect for the same reason an IT security guy U-Tubed his three year old daughter being a "script kiddy" with an SQL tool, over the UK "Talk Talk" hack.

It makes the victims look very much more stupid / fallible / liable to have been got by "child's play".

However as any one with eyes, ears and a brain should notice, it was actually the IT sec bod moving the mouse and clicking on the options, so his daughter was just exploited "stage dressing".

As for the "13 year old" I assumed from the first time I heard it, it was probably not true. The hacker culture is mainly divided in to two classes these days, "criminals" and "ego boasters". Both classes would see benefit in "laying a false trail", to avoid prosecution etc.

Some of the press have joked about the fact the attacker "is still alive", that is it's "cheap mileage" off of the back of the CIA, so it tells you the level of editorial checking at the rags concerned.

WaelOctober 25, 2015 2:34 AM

@Clive Robinson,

So going for the books was a really poor investment choice and thus a cautionary note for those thinking of starting their own dead tree cave

I stopped going for paper books and opted for electronic media, knowing very well the amount of "metadata" they leak without my permission. It's easier to carry the books around in an iBook or Kindle format, easier to search, cut and paste, highlight and bookmark, etc... But what can one do? We are forced into this one way "bargin"! I put my device in airplane mode when I read, but I'm sure that's not sufficient.

Also search histories are saved for an unknown period of time, so if you ever have an idea, never go search for it. If you came up with a "flying toaster" idea, and go search if it exists, you risk someone stealing the idea from you!

GrauhutOctober 25, 2015 6:13 AM

@Shadowed: "No more secrets."

No secrets anymore is too much. But the "label anything as secret and become untouchable", "use your peoples taxes to spy on them" and "become too big for jail" misbehavior must end.

Or in short: We want the rule of law and democracy back. We don't accept simulations of them.

"You have no rights because of secret" is not a valid position in a democracy.

"As already discussed, although plaintiffs have alleged facts that plausibly establish that the NSA uses Upstream surveillance at some number of chokepoints, they have not alleged facts that plausibly establish that the NSA is using Upstream surveillance to copy all or substantially all communications passing through those chokepoints." (Wikimedia ./. NSA)


This kind of "dual state" (Fraenkel) system is well known and it needs to be stopped. We are living in a continuous state of exeption (Carl Schmitt) since 2001. This has to end before it goes full scale totalitarian messianic democracy (Talmon). The longer they run the state in exeption mode, the more they get used to be able to do what they want and kill whom they want.

European Privacy Protections Impossible to Negotiate or LegislateOctober 25, 2015 6:28 AM

Several months ago the CIA inspector general sent the Justice Department a "crimes report" about allegations that the CIA had intruded into a computer network that was exclusively reserved for Senate investigators. The CIA attempted to learn how the congressional investigators got access to documents that the agency deemed to be covered by ‘legal privilege’.

The CIA general counsel sent a second "crimes report" to the Justice Department asking it to look into whether Senate investigators somehow obtained inappropriate access, via CIA networks, to the same documents.

The point here is the CIA and NSA will back-stab even its Constitutional Congressional Oversight to cover up their misdeeds. In this case the CIA inadvertently provided the Senate with access to “too much truth”. Notably the spy agency attacked first, even against the hand that feeds it. (Its likely someone inside the CIA wanted the simple truth to get out)

http://www.reuters.com/article/2014/03/18/us-usa-senate-cia-idUSBREA2H25W20140318

The CIA finally revealed after 55 years that its then director Allen Dulles was complicit in removing President JFK. He was deemed a threat to National Security.
http://www.thedailybeast.com/articles/2015/10/13/did-allen-dulles-order-the-hit-on-jfk.html

These examples should demonstrate that no one inside or outside the USA government is authorized or can directly or indirectly acknowledge the classified American global mass surveillance system. To do otherwise would risk career, life or limb. Essentially these agencies are free to interpret nominal laws any way they choose with virtually no oversight.

Therefore foreign nationals are naive to think they can negotiate or legislate privacy with their friends in Congress or trade officials. National Security always comes first and can never be discussed. Besides there are too many jobs at stake. I’m sorry it has to be this way. Please accept reality!

melodic dartOctober 25, 2015 6:45 AM

@Markus Ottela:

That's excellent, thanks for the scan results and the links to the tool.

Nick POctober 25, 2015 8:12 AM

@ Clive

"I started trying to read the PDF but there is something about the way it's written that makes my head nod, crash and snore by page two. "

I skimmed it then focused on the specific examples. So, I can't testify to it except a lot of papers on formal logic are boring. ;) You done with it or going to do another round when you get sleep?

"The UK clocks went back last night which means my body has a double whamy and thus my guts are making strange "feed me" noises well before they should do (a hell you've yet to experience this year). "

I feel your pain: we have to deal with the same crap. All so someone could save candles or boost alleged productivity back in the day. Thing someone at work said we're about to change our time over here. So, I'm bracing for it. Hope you get better quicker than usual.

"I've now seen four of the six permutations of the non initial letters of your name..."

Want to know the rest of the name, his employer, and social security number? No? That's good cuz I don't share that info about my pals in spite of their "OPSEC." ;)

Alien JerkyOctober 25, 2015 8:48 AM

From Ars Technica

http://arstechnica.com/business/2015/10/this-11-year-old-is-selling-cryptographically-secure-passwords-for-2-each/

A New York City sixth grader is making money selling strong passwords. Earlier this month, Mira Modi, 11, began a small business at dicewarepasswords.com, where she generates six-word Diceware passphrases by hand.

It involves rolling actual six-sided dice as a way to generate truly random numbers that are matched to a long list of English words.

John SOctober 25, 2015 9:50 AM

@ Clive Robinson, didn't think declaration of interests were required on the site, but happy to if that is the requirement.... Not sure everyone would want to do that, or be in a position to, given some of the "roles" our commentators perform, anyhow you know who I work for because I have declared it before.

Blimey a detailed response which my post did not warrant, but thank you for your thoughts.

I think we can over complicate some of the issues. The reality is country A does not like country B, for a whole host of reasons, some of them public some of them not. Security is sometimes a smokescreen sometimes it is not. Government is never one thing, just because politician A believes something does not mean it is Government policy, or law or even executed if it is a law. So security has to be seen in the political, legal, vendor end user mix and what we read in the press is a small gnat bite of the reality of the world we live in.

Most vendors do not design or build their systems for a classified world because their customers do not operate in a classified world and even if they did, much of the issue, as ably demonstrated by recent hack announcements, show often as not it does not matter how "secure" the equipment is if the user of the equipment does not do the basics of security hygiene. In many instances it is an open goal for Governments and hackers.

We can talk about "secure" HW and SW until hell freezes over but I have to say with the technological changes coming down stream faster than people realise, the concept of "secure" is going to have to be rethought - and that means many of the threads on this blog will also need to be rethought to cater for an attack surface where you cannot see the edge, where you have little knowledge of the devices, have little or no knowledge of the provenance of those devices, have little or no knowledge of the supply chain .... and the list goes on.

65535October 25, 2015 10:41 AM

@ Elton Bou and Clive R

“@Casual,Clive Robinson,rubber sinkhole”

“The question nobody seems to be asking is: what was that expensive doughnut in Cheltenham (the gchq) doing while 4 million records were being syphoned out of one of the nation's largest telecom providers? How many millions of pounds is the country spending on expensive toys and what are they getting in exchange for it (apart from grief and worldwide complaints about dragnet surveillance)?” -Elton Bou

That is a good question.

If the NSA and GCHQ are intensely interested in keeping so called “National Security” secure then why don’t they do something about the theft of 4 million personal records which could conceivably include MI5 or MI6 persons or their relatives?

One would think that both the NSA and the GCHQ would be concerned about individual’s stolen records which could be linked to their employees or their relatives. This would include tangential records of relatives of Susan Rice and Mr. Brennan.

One might think that those stolen records have no bearing on “detailed operational security” of the NSA or GCHQ but that may not be the case [as in the Brennan theft].

What is defined as “National Security” and when does the family member of said “National Security” members count towards the compromise of national security.

This includes the OPM data theft:

“In June 2015, the United States Office of Personnel Management (OPM) announced that it had been the target of a data breach targeting the records of as many as four million people. Later, FBI Director James Comey put the number at 18 million. The data breach, which had started in March 2014, and may have started earlier, was noticed by the OPM in April 2015. It has been described by federal officials as among the largest breaches of government data in the history of the United States. Information targeted in the breach included personally identifiable information such as Social Security numbers, as well as names, dates and places of birth, and addresses. The hack went deeper than initially believed and likely involved theft of detailed security-clearance-related background information. One victim wrote that the OPM is the agency that asks your neighbors what they know about you that could be used to blackmail you.”

“On July 9, 2015, the estimate of the number of stolen records had increased to 21.5 million. This included records of people who had undergone background checks, but who were not necessarily current or former government employees. Soon after, Katherine Archuleta, the director of OPM, and former National Political Director for Barack Obama's 2012 reelection campaign, resigned.” -Wikipedia

https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach

Sure, “Sources and methods” must be kept secret but from the average Joe’s stand point it looks like both the GCHQ and the NSA are not thoroughly executing their mandated duties.

I could be missing something, but those in IC community should state that they have helped in keeping both American persons records safe and UK [GCHQ] person’s security records safe with actual examples.

Otherwise the average Joe and his Congressmen and their UK counterparts may conclude that the NSA and GCHQ budgets don’t justify the huge expenditure on said spy programs – which is exactly what is perceived by those on the outside.

I welcome any comments on the quality of service by the GCHQ and the NSA for actual “National Security” of actual people’s safety?

AlanSOctober 25, 2015 10:45 AM

Hey! Unless you've been through the ringer, neither you nor I will ever know what IMPORTANT FRONTLINE DEFENSE OF THE REALM JOBS they could have had fucked up in the past, or could (not) be in the present. Need to know basis, and you don't qualify....

Funny, I agree, Philby and friends were doing very important frontline defense jobs, just for the other side! I haven't posted here much for a while. I thought that has got to be Skeptical response but it's "ianf". Have the Skeps multipled in my absence?

Speaking off fuck-ups, intelligence and otherwise, the former British prime minister has started what the current Scottish first minister rightly characterizes as a spin operation ahead of Chilcot. Presumbly what may be in Chilcot is a whole lot more damning.

Tony Blair makes qualified apology for Iraq war ahead of Chilcot report

“I apologise for the fact that the intelligence we received was wrong."....“I also apologise for some of the mistakes in planning and, certainly, our mistake in our understanding of what would happen once you removed the regime.”....The former prime minister indicated that he saw merit in the argument that the Iraq war was to blame for the rise of Islamic State (Isis). “I think there are elements of truth in that,” he said when asked whether the Iraq invasion had been the “principal cause” of the rise of Isis. He added: “Of course you can’t say those of us who removed Saddam in 2003 bear no responsibility for the situation in 2015.”

He's part of the elite British public school and Oxbridge crowd, the masters of fuck-ups and protecting their own (see link to MI5/MI6 story above), so I'm sure he doesn't have much to worry about except his reputation.

Shadowed By Murder of RavensOctober 25, 2015 10:48 AM

@Clive Robinson

As for the "13 year old" I assumed from the first time I heard it, it was probably not true. The hacker culture is mainly divided in to two classes these days, "criminals" and "ego boasters". Both classes would see benefit in "laying a false trail", to avoid prosecution etc.
Some of the press have joked about the fact the attacker "is still alive", that is it's "cheap mileage" off of the back of the CIA, so it tells you the level of editorial checking at the rags concerned.

Yes, exactly, and thank you for that post. It is always refreshing to hear when people take a cynical and careful eye to sourcing.

Likewise, while I will admit, I laid out a bit of a conspiracy theory in my post, I do take a very cynical eye to that. It is just one posited theory among countless possibilities, with occam's razor surely being what you suggested.

That is, just a group of rag tag amateurs who are lucky and not complete idiots.

And, I do know better, because I am a security researcher. None of those individuals and groups are very good. That is, they are very good at... social engineering (kind of), anonymity (kind of), marketing and a sort of psy ops (kind of), and, I suppose, if they are throwing people off their trails with their one dimensional political viewpoints, they are quite good at that. But, then, human beings are natively very good at deception. Self-deception foremost, and deception of others from that. 'The heart of man is deceptive above all else'.

After all, most of what Anonymous did was just script kiddy level stuff, such as running very simplistic DDoS tools. LulzSec had better attacks, but that was just basic social engineering and web pen tester level findings -- web pen testers are the lowest of level of security bug finders. They basically run burp and find bugs. That's it.

Jester showed some very basic coding skills. His most impressive work has been stringing so much divergent activity together and keeping his mouth shut long enough to not get caught. But, he probably is known to authorities and tolerated. Likely he has long been being a very compliant confidential informant and helping authorities navigate the corridors of hackers.

None of them have shown the ability to find really devastating security vulnerabilities, nor the capacity to code fearsome rootkits from scratch -- nor anything like that. Nor are any of them regarded with awe among security researchers. Those regarded with awe among security researchers, the general public usually do not even recognize.

(Even if their security vulnerabilities make the front pages here or there, or they headline at security conferences.)

It would be horrific if one of the more serious security researchers went in one of those ways. Essentially rogue hacktivist. But, I believe the reason none do that is simply because finding severe security vulnerabilities is enormous work. It can take weeks and months. And they tend to not have that desire to get their ego inflated. That seems to be a desire of those who have some manner of personal deficiency, perhaps.

Nevermind they get well paid for their work, and any strong bug is worth considerable money. They can create a headlining conference talk over it, or sell it to a government or contracting firm, or they can use it for their own quiet fun.

I can not think of any offhand I have known who have political beliefs like either Team Poison or the Jester have. Both have these simplistic like belief systems. Very left or very right wing. Naive, gullible. Political action matters, they think. This is not how cynics view the world.

But, another major factor is probably none of them view themselves as being hard to find. I have met none who have not worked for a government. They are the main buyers of high level zero day. They also keep a close eye on cutting edge offensive and defensive research. There are only so many such sec researchers... the Barnaby Jacks, Charlie Millers, Josh Drakes of the world.

But there are many web pen testers.


65535October 25, 2015 10:51 AM

To simplify my above post, I will say the GHCQ/NSA were looking at too many “hay stacks” while the fox raided the hen house and ate the victims.

WaelOctober 25, 2015 10:52 AM

@John S, @Clive Robinson, @Nick P, all,

and that means many of the threads on this blog will also need to be rethought to cater for an attack surface where you cannot see the edge, where you have little knowledge of the devices, have little or no knowledge of the provenance of those devices, have little or no knowledge of the supply chain .... and the list goes on.

Right! That's exactly what we've been doing in the C-v-P extended discussion. And we started by rethinking what "security" means. Naturally, "security" will have to be rethought from different perspectives; consumer, designer, SW/HW, etc... and that has been discussed to a certain extent as well! You are welcome to put your thoughts there....

THOMAS SELBY ELLIS III, AKC, NOCOctober 25, 2015 11:06 AM

Hey, guess who ate the shit for the cyberStasi to get them out of Wikimedia v. NSA? What kind of abject dotard would humiliate himself to parrot hack legal gibberish in blithe contradiction to the facts? Who else but CIA's pet judge, senile preppy THOMAS SELBY ELLIS III! Selby's the lapdog who got Khalid El-Masri's red-handed torture cowards off the hook with, wait for it, national security. That's Tim - if you're a criminal spook, Tim's up your ass like Khalid El-Masri's suppository. Just feed his ego and he's your bitch.

Good boy, Timmie, good boy!

ianfOctober 25, 2015 11:29 AM


@ Curious […] “always write norway with lower case N. It is for me a way to show how much I dislike it

Oh? what has that afterthought of a nation done to enrage you so? (I'd have called it no[rrrrrr]way ;-)) However, your textual obduracy in the face of a Voice of Reason forces my hand to launch an ergonomic ground offensive in this forum ("War on Typographical Terror").

For now, just a shot across the bow of this S/S Schneier juggernaut: read the last 7 para from 2 squids ago, then CHEW UP YOUR NAILS WATCHING THIS SPACE.


@ Wael, Wæl, Weal or Veal

[…] what can one do? We are forced into this [credit-card-derived identity linked to ebook purchase] way "bargain"!

Per our earlier discussion on setting up a "unattributable tablet,” it MAY be possible to purchase ebooks "anonymously" using (bought for cash over the counter) iTunes Gift voucher, rather than a bank-connected credit card. Provided an Apple ID can be set up using the same to begin with (which I believe to be possible). Of course, a record of a MAC address buying item FOO from iBooks at a given geo-decodable ICBM IP & a specific time has been created by , so, if FOO later becomes of interest to the TLA BAR, said MAC# is "cooked." You're with me on the acronyms, or do I s.p.e.l.l.t.h.e.m.o.u.t?


I put my device in airplane mode when I read, but I'm sure that's not sufficient.

Which brings me back to this YET TO BE AUTHORITATIVELY ANSWERED QUESTION; repeated here:

    Does an iPad in Airplane mode & no BT, used for reading offline PDFs and ebooks, still leak (or saves up for shedding later) some device/ session information?

AlanSOctober 25, 2015 11:40 AM

@Shadowed By Murder of Ravens

The Salon article was written by Marci Wheeler, who has her own blog at Empty Wheel. There' a follow-up post to the Salon piece here: Hacking John Brennan, Hacking OPM

I would add, however, that there’s one more level of responsibility here. As I noted in my piece, Brennan’s not the only one who got his security clearance application stolen recently. He is joined in that by 21 million other people, most of whom don’t have a key role in cybersecurity and counterintelligence. Most of those 21 million people haven’t even got official notice their very sensitive data got hacked by one of this country’s adversaries — not even those people who might be particularly targeted by China. Like Brennan, the families of those people have all been put at risk. Unlike Brennan, they didn’t get to choose to leave that data sitting on a server. In fact, John Brennan and his colleagues have not yet put in place a counterintelligence plan to protect those 21 million people.

Shadowed By Murder of RavensOctober 25, 2015 11:57 AM

@Grauhut

No secrets anymore is too much. But the "label anything as secret and become untouchable", "use your peoples taxes to spy on them" and "become too big for jail" misbehavior must end.
Or in short: We want the rule of law and democracy back. We don't accept simulations of them.
"You have no rights because of secret" is not a valid position in a democracy.

Yes, of course, and very well said. I was just being dramatic for conversational purposes, to spur onward conversation on a really very important matter.

I look more, however, at the *economics* of information. What are the trends? What is the economy of information, really? What is the likely *natural* progression or evolution? And so on.

I try and observe, and I try and observe well.

Good observations is a very serious matter, by my book. We should all weigh matters scrupulously and honestly at all times. The reward is visibility. It may often seem like very little - for consider those who walk the very wide and popular road live by delusions and seem happy enough - but it is the only path to true and lasting reward there really is.

How often is it we human beings make the mistake of "missing the forest for the trees"? And observing forests have some simplicity to it: very large systems tend to change very slowly and have usually very predictable movements. Like seasons, it is not Winter in one day, but there is such a slow, gradual change, until we can say "It is Winter". Yet, as we can also observe, as human beings we have a tendency to be very bad at missing "the forest for the trees". I would hazard a guess it is because we are individuals, and do not normally have a wider perspective.

Your observation is that we have seen these large ecosystems of governmental intrusion rise in the past, and they have failed. I would have to certainly agree with that. There is also a justice message inherent in such observations -- it is endemic hypocrisy. They condemn what they themselves are doing, and strongly do they condemn it. So, we see by their own standards do they find themselves convicted.

I do believe that corruption can be measured by hypocrisy. That is, when we see hypocrisy on the rise, we also see corruption on the rise. Very often, outside observers - typically the victims or potential victims - see this corruption, this hypocrisy first. It is galling to them. But they themselves are blind to it... until the season, as it were, shifts. And they find themselves as the victim or potential victim.

That is, they do not apply the standard of the "golden rule" to the actions that they are taking.

And you, like the rest of us, are right to be concerned. Because we have seen, historically, hypocrisy in government get to ever increasing appalling levels. The last century, perhaps, even more shockingly then ever in the past. There is a danger, a true danger, which, perhaps, can be centered around a question: shall the hypocrisy, the criminality, of the last century be repeated and exceeded in this century?

We see there is the means. We see there is the motive. So, we can dutifully expect the crime.

And for those who are paying attention? This concerns us. We are also aware... not many have bothered to truly study much in those atrocities. So many have been diverted to this or that fanciful delusion, and only paid the most shallow of attention. They have become biased and deluded for their own willful delusions.

But, your opinion, as is the opinion of many who are so concerned - though often painfully cast by these hypocrites as those whom we are not - has a strong underlaying of hope to it. Which, I believe is very good.

It very well could be... the past won't, any longer be repeated. We can change. We can have a better world.

Look at slavery and the civil rights movement. Look at democracy and the rise of the concepts of freedoms, liberties, human rights... look at the progression of technology... and so on.

"As already discussed, although plaintiffs have alleged facts that plausibly establish that the NSA uses Upstream surveillance at some number of chokepoints, they have not alleged facts that plausibly establish that the NSA is using Upstream surveillance to copy all or substantially all communications passing through those chokepoints." (Wikimedia ./. NSA)


Yes, and I keep, oddly, forgetting that case, though it is so pertinent. This is probably the biggest comp sec news story this week, much more important then the hack of the CIA leader by a 13 year old.

If anything, does this not put some coffin nails into the coffin? I think this is a strong sign for despair. For me, what I keep coming across and perceiving is... just how profound their motive is. And just how powerful their means are. So, it does seem inevitable.

It is worse, because despite Hoover, despite whatever failings here and there, small and massive, of "free" nations: we can surely argue -- real progress has been and is being made. Yet, is this the future? That where this real, forward, rational progress has been made is exactly where the world's worst totalitarianism ever seen will rise?

How ironic!

The nations which helped take down Nazism, fascism of other kinds, Communism, authoritarianism - really, all crypto-nazis, perhaps, one could say... these very nations where civil rights were born, where liberties for all were born, where slavery and colonialism and theocracies fell by the wayside... and so much other great evils of history...

Are these very nations where the greatest totalitarianistic systems ever seen are to arise?

And truly? Is there nothing which can be done to stop them?

Are our systems of free belief, free speech, some manner of voting and democratic powers - even if just by politicians playing by polls... and so on not enough to stop this tsunami merging apon us?

This kind of "dual state" (Fraenkel) system is well known and it needs to be stopped. We are living in a continuous state of exeption (Carl Schmitt) since 2001. This has to end before it goes full scale totalitarian messianic democracy (Talmon). The longer they run the state in exeption mode, the more they get used to be able to do what they want and kill whom they want.


Yes, exactly. I put it in different words, but it is surely the same manner of thing we are discussing.

I do date these matters differently, is one thing I would say.

And, I would be a little different on terminology as to "what the new systems would be", ie, "messianic democracy".

I am more vague and less specific.

Unfortunately, elaboration can be done, and extensively so, on both the motive and the means. Much of this certainly is exactly within the realm of computers and privacy.

- they very much have the motive and the means to create substantial systems 'off the books' by attacking governmental financing, the information technology revolution makes this only more easy for them and there are so many countless ways
- they have the motive and the means to get and consolidate as much information as possible with little regard for legalities -- ethically, they will justify this by all sorts of absurd lies, ie, 'hunting for terrorists', hunting for enemies of the state', 'hunting for counter-revolutionaries', 'hunting for anti-americans', 'hunting for spies', and so on and so on. All crypto-nazi.
- they have the motive and the means to build up armies of covert operatives who are seasoned at using secret surveillance for control of VIPs via extortion, threat, bribery, assassinations -- historically, very few operatives of such agencies ever turn because they themselves are in thrall both of the power and fearsome ruthlessness of such groups and their own culpability required to even belong to such groups

We all know full and well how fragile democracies are, to some degree. We know that powerful interest groups have field days, despite the openness and adversarial, two party systems that encourage investigations be it judicial or media. In fact, we see exactly how these very systems use such investigations for furthering their own lies and selfish political agendas.

We have seen, for instance, how the change candidate, Obama, has continued and expanded on most of the policies Bush brought in. And, who is next? Trump? Hillary?

We know that politicians are extremely susceptible to even minor instances of improper behavior. They are extremely prone to secret surveillance. Unlike ordinary citizens, their entire career can be ruined by very trivial mistakes. And the same is true of judges. Elected and unelected officials alike? They are as trivial for governmental secret policing and intelligence authorities to surveil secretly as unimportant officials. And so trivial to force to go their way.

We see these court cases get failed, like the NSA versus Wikimedia case. We see that there are and have been secret courts at play in these atrocities against democracy. But, what are we not seeing even beyond these matters?

Surely, whatever even the most careful observer of these affairs see of secret America only see the tip of the iceberg.

No answers here. Only observations.

CarpetCatOctober 25, 2015 12:16 PM

@Grauhut

"The longer they run the state in exeption mode, the more they get used to be able to do what they want and kill whom they want."


The Blue Screen Of Democracy, I like it.

We're sorry, U.S.A. has thrown a B.S.O.D. Please reboot your country now and report the error to your inalienable rights creator.

65535October 25, 2015 12:26 PM


“Which brings me back to this YET TO BE AUTHORITATIVELY ANSWERED QUESTION; repeated here: Does an iPad in Airplane mode & no BT, used for reading offline PDFs and ebooks, still leak (or saves up for shedding later) some device/ session information?” –ianf

‘Due to National Security we don’t comment on ongoing operations’

Seriously, I don’t know. Clive and Nick P have said to take the battery out of your device or put it in a RF proof container … with an iPad that is difficult to impossible. It is a "known unknown."

I would guess one would have to construct the interior of a number modern airliners with the exact type of wifi and code and test an iPad. This could be very difficult. But, the NSA has vast resources and their capabilities has been underestimated in the past.

See:
http://www.wired.co.uk/news/archive/2015-04/20/flight-wifi-hack-tweet

I am sure if it can be done it probably has been done on American commercial aircraft. I would ask Clive or Nick P.


ianfOctober 25, 2015 1:10 PM


@ AlanS, listen, if you're gonna make wild accusations, at least have the decency to decode my (your) Queen's English correctly, and not respond to some misunderestimated straw men of your own imagination.

Kim Philby NEVER FUCKED UP, so there.

Also bear in mind that part of growing up is developing an ability to distinguish true ("essential") blowhardedness from one simulated for rhetorical purposes. Else you can go join that Miguel fella, who also has a problem with the basics of casuistry, and start a mutual admiration society.


@ 65535, thanks. Observe however that that wasn't what I asked about. I know that if a TLA wants to pwown me, they will. I wanted to know if an Airline-mode'd iPad used offline perhaps saved some rudimentary action history for subsequent reporting to the Mothership, not whether NSA could unleash any of their "smurfs" on nominally off lined/ perhaps even powered down/ device – I know they can, most probably both, as long as there's juice in the battery (on the other hand, a device with depleted battery isn't of much use).

WaelOctober 25, 2015 1:25 PM

@ianf, ( i nose) [1]

Does an iPad in Airplane mode & no BT, used for reading offline PDFs and ebooks, still leak (or saves up for shedding later) some device/ session information?

You'll need to do some work on your own. I suggest the following:

One: Get wireshark installed on a monitoring computer and make sure your iPad is the only device connected to the access point to reduce the amount of traffic captured. Put your iPad in airplane mode but keep it connect to WiFi. Keep using your iPad the way you do for some unit time of your choice (the sample space) and observe all the ingress/egress traffic. You need to capture traffic when you start applications/close them, power on/off, surf, read, etc... What you are doing here is sort of a manual combination of IDS and DLP.

Two: Get a femtocell, disable WiFi on your iPad and use 3G/LTE for monitoring this time (if you have a SIM) in your iPad. Repeat steps in "One". What you are doing here is observing how the connectivity transport affects behavior. [2]

Three: Dump the iPad OS/ ROM and reverse engineer it, and look for "suspicious" code. Clearly this is a daunting task and requires a team effort and a lot of time. I'm not sure if any group has started this endeavor.

Four: Find a disgruntled software insider, and... :)

Still, without step three, there is no guarantee you'll be able to detect all leakage vectors. You'll need step "Three" to be sure.

As for your acronyms, yes I'm on board with one exception: What's "BAR" in TLA BAR? Do you mean something like Foo Bar, where Michael Swain worked?


@65535,

Clive and Nick P have said to take the battery out of your device or put it in a RF proof container

@ianf isn't asking how to stop information leakage, he's asking : what's leaking, at least that's how I understood his question.

[1] That's what you get for "messing" with my name. "anf" means nose, in Arabic ;)

[2] Search YouTube for "hacked femtocells" and you'll get some interesting videos related to your question. But since you care more about theory than practice, I can tell you I observed behavior I didn't like on my iPad (wireshark traffic-wise)


Shadowed By Murder of RavensOctober 25, 2015 1:35 PM

@Alan S

http://www.salon.com/2015/10/22/the_raging_irony_of_wikileaks_latest_win_inside_the_absurd_hacking_of_cia_chief_john_brennan/
https://www.emptywheel.net/2015/10/22/hacking-john-brennan-hacking-opm/

I would add, however, that there’s one more level of responsibility here. As I noted in my piece, Brennan’s not the only one who got his security clearance application stolen recently. He is joined in that by 21 million other people, most of whom don’t have a key role in cybersecurity and counterintelligence. Most of those 21 million people haven’t even got official notice their very sensitive data got hacked by one of this country’s adversaries — not even those people who might be particularly targeted by China. Like Brennan, the families of those people have all been put at risk. Unlike Brennan, they didn’t get to choose to leave that data sitting on a server. In fact, John Brennan and his colleagues have not yet put in place a counterintelligence plan to protect those 21 million people.

My, that is impressive. She has a powerful eye and kung fu. But, why did she hide this away on her blog? She should update the Salon piece with this observation.

I was noticing this phrase on some of these threads "emptywheel", thank you for pointing me to her blog.


My attention on inspecting the blog was immediately drawn to this post:

https://www.emptywheel.net/2015/10/23/is-cisa-the-upstream-cyber-certificate-nsa-wanted-but-didnt-really-get/


While I think that article is too heavily weighed down by the legalese, and I would comment that I believe the possibility CISA provides a legal "out" for corporations is diverting... the central thesis, I do believe is very correct: there is no mistaking that the Obama Administration stood down from their very painful, consistent, loud demands for universal backdoors at the very same time the CISA bill came to the forefront.

Put another way: the CISA bill is the universal backdoor the Five Eyes Intelligence Community had been clamoring for.

Or, as her title states: CISA is the upstream cyber certificate the NSA wanted but did not get.

However, my viewpoint is more simple, and from a technical background of having worked in these capacities: this gives corporations one hundred percent justification to surveil all traffic, store it, and give it all over to the government.

She is searching needlessly for a reason why corporations would like this. They would like it, as she does point out, they do want to please government. ATT, Verizon, and really every major software and hardware vendor has government as a very major customer.

But, there is a selfish reason, and not that they want an "out" for being negligent in protecting their networks. That reason is this gives them a justifiable, one hundred percent iron clad reason to surveil all customer traffic. They can say they are doing it "for security" and "for government". But, they also get now to do it for their own selves. That data is invaluable to them, just as it is invaluable to the government.

This over rides every other regulation designed to protect private customer data. Be it the European privacy rules, be it potential lawsuits, be it industry or customer enforced regulations such as PCI-DSS -- now, with the passage of CISA, there is absolute justification for all corporations to track, keep all customer data that goes through their hardware and software. Be they google or be they verizon. Be they facebook or be they cisco. Be they large or be they small.

I would note here: everyone should take all which is seen with a grain of salt. I see, often in her article there, for instance, how she discusses the supposed power of various rulings against domestic, dragnet surveillance. Such as pointing out "such and such archive of information was destroyed" or "such and such private dragnet information was not collected". There are absurd conclusions. Such information would never be destroyed. A copy of the information would be destroyed. A copy would be secreted away.

There is zero means for any regulatory or other authorized body be they corporate or government to have assurance on such demands being met. You can never guarantee data is destroyed. Because it is too easy to make duplicates.

I believe this manner of thinking is a hold over from the "paper trail" thinking generations.

Consider this anecdote for understanding: have you ever seen in a show where someone extorts someone else for money by showing a video of the victim in a compromised position? And is it not true that you understood that even if the victim paid the extortion demand, and was given a copy, there is never going to be a guarantee the extorter did not also keep a copy?

It is too trivial for an individual to do that with a small data that is video these days. And, while one can consider the data set of "all ATT and Verizon telecom traffic over years" is so much bigger then a small video tape... is it really not relative? Can not a large organization with large funding and resources find it trivial to make a copy?

WaelOctober 25, 2015 2:02 PM

@Clive Robinson,

I'm getting warmer :) One of these days, one of these days I'll find out :)

wanabies and us soldiers... guess which group got dicked to do the belly crawling and such like, yup us squadies...

And:

I'm unfortunately cursed with both a personal and family name the initial letters of which can not be pronounced by something like 1/6th of the world's population and pronounced incorrectly by another 3/5ths so you have my sympathies, when it comes to name mangling.

I need to find the right intersection. 1/6th of the population... Chinese? 3/5ths? That's still ambiguous! Perhaps you have a Gaelic-origin name. That would be funny! Gaelic, Wael :)

Off to some stargazing. I need to relax... far away from so called civilization.

tyrOctober 25, 2015 2:24 PM


Here's one for the cynical observers.

https://archive.org/details/LeeShlainAcidDreamsTheCompleteSocialHistoryOfLSDGrove1985

NCL:
That turns out to be quite interesting, I haven't dug
deep enough to decide if it is 'the one true way' yet.

I recall a technique called tri-stating that helped to
unload a databuss that they referred to as trinary logic.
This could be similar. Too bad Lewis Carrol isn't still
able to expound on this.

@Clive

I see cousin Cameron is snuggling up to the Chinee quite
cosily today. Blair is trying to throw the IC under the
bus.

dead tree caves:
I would be horrified if I got the purchase price back for
all of my wall linings. I hope they work as thermal mass.
The e publishing just made the collecting problem worse.
When it occurred I couldn't say I had read everything I
had any more. People keep asking me if I have read the
books, quite bemusing, why would you waste money on a
book you won't read. Ebooks are great for stuff like
Gibbon and Carlyle unless you have a much bigger place.


WaelOctober 25, 2015 2:31 PM

@tyr,

Acid Dreams? It's "Acid Trips" and "Pipe Dreams". Seems Lee, Shlain is having a trip! Cynical enough? :)

SkepticalOctober 25, 2015 6:26 PM


@Ravens: While you appear to be correct on Brennan's material having nothing but personal value, you are examining the gorilla with a microscope and so missing the gorilla. The very newsworthy message in this release is simply another powerful message that US intelligence is so very fallible, like the US Government.

Yes, all human beings are fallible, regardless of what organization they work for. This is news to you?

Would it also be news that your repeated emphasis of the fallibility of the US Government is somewhat at odds with your later, nearly hysterical warnings of a secret dual state, propelled by "armies of covert operatives" that will arise within the US and become a totalitarian system?

And "better" media outlets could only write their story with proper sourcing because Wikileaks acted as their invaluable source.

Wikileaks did not need to publish the entirety of what it did to establish that a draft SF86 was saved in his AOL account. Instead it chose to pointlessly publish private information.

Sancho_POctober 25, 2015 7:18 PM

@ianf

I’m afraid your iPad question can’t be answered for a somehow philosophical reason, but your question is broad (diffuse?) enough to find a diffuse + authoritative answer.
We can easily prove what is there (known), but it’s hard, probably impossible, to prove what is not there.
But “The absence of knowledge is not proof of absence.”

Your question is twofold.
While it is possible to prove that in “airline mode” the device doesn’t emit anything (um, …) unrequested, we don’t know if it wouldn’t react after being “correctly” approached (knock knock).

On the other hand, “airline mode” by no means is intended to stop internal logging of “some” user activity for statistical / security purpose.
I guess whatever was logged can be requested at any time, of course also after airline mode.

@Wael
Would you trust your disgruntled software insider? Why?
Only if you are told “The answer is yes.”? ;-)

Sancho_POctober 25, 2015 7:21 PM

@Skeptical

Still punching your nose for the bad smell?
Shooting the messenger?
What if you neighbor shows up to tell you “Skep, look, your garage is on fire!”?

It is the content, not the packaging or the delivery service of the message.

Mr. Brennan chose to use his private account for gov (= public interest) use, so the account lost the privilege of privacy.

But it’s not only a personal mistake of Mr. Brennan.
And the content (e.g. the SF86) by far is not the important part.

What’s important (if true!) is the directory of a “private” account, it points at data flow from sensitive organizations to an AOL address.
It is a failure of their IT security.

Again, you should try to parse the message first, then probably reject it.

AlanSOctober 25, 2015 7:39 PM

@Shadowed By Murder of Ravens

"My, that is impressive. She has a powerful eye and kung fu."

A terrier after rats.

ianfOctober 25, 2015 8:33 PM


@ angaelic Wael, 65535

… observing how the connectivity transport affects behavior. [2] I can tell you I observed behavior I didn't like on my iPad (wireshark traffic-wise)

What I wanted to have confirmed, just as I suspected. Since the iPad has now been around for—what?—5 years, I hoped that some hardware-minded tech site has crept under the hood & performed such packet tracking/ analysis, not merely how many flip-flops it delivered. As I'm not a frequent browser of benchmarking etc. sites, I could well have missed it. There are all kinds of iPad tests online, but the most important one, what does the iOS do with our usage data, is nowhere to be found.


a daunting task requiring a team effort and a lot of time. I'm not sure if any group has started this endeavor.

I dare say not, else we'd have heard about it by now. Opening up an iPad involves heating it up evenly over its entire back to a precise temperature to liquify the glue (hence resealing it later without a blemish is not for the squeamish! sez the poet). Besides, I'm a one man band, typing's me bag.


[1] That's what you get for "messing" with my name. "anf" means nose, in Arabic ;)

Wasn't messing with your name… if anything applied the Full Anal Retentive Treatment to it in order not to accidentally misspell it (mission accomplished). iNose iSn't very creative… I should've gone for a more complex moniker, like "the artist formerly known as The Artist" or something, but it'd involve too much typing, Mr. Fellow 4-Letter Handle.


improving on her Majesty's English with G.W. Bush's English

I don't think Her Majesty would see it this way but, yes, credit where there's credit to be had. I think the man should be recognized for this his one lasting creative contribution to Mankind, if not else than as a consolation prize for the rest of his, that we're now trying to rewind.


@ Sancho_P […] guesses whatever was logged [on the iPad] can be requested at any time, of course also after airline mode (the absence of evidence is not evidence of absence).

Nor vice-versa ;-)) Your guess is as good as mine; I was trying to ascertain IF that might be the case. On Mac OSX Apple formally asks if crash reports are to be submitted upstreams, so in theory some variant of that might've been "baked into" the TL;DR iOS EULA. I suppose I don't mind much the device sandbox integrity, status checks that the iOS is surely conducting, to periodically be sent back to the server. I would however mind if it got greedy and collated my offline usage patterns, what I read, for how long, and where etc.

A couple of years ago I read about some stripped-down Indian Android tablet, meant primarily as a reading & annotation medium for university textbooks, intended to be dirt cheap (US$35), thus devoid of any but USB connectivity.

    I remember thinking then, that, were its color OLED screen really good, it would make for a perfect on-the-road reading companion, one outside the $AMZN Kindle's walled garden and el-int snoopers. Set up an account on any desktop, store ebooks etc there, transfer collections of it to the device when needed.

But then of course WiFi chips became so ubiquitous, it was cheaper to include it rather than the micro-USB connector. So I lost the interest in it esp. as it was impossible to get hold off outside India (and, besides, may not have been of that good quality anyway [says someone with drawers full of electronic gizmos that each once looked like just the ticket]).

Clutch your pearl necklaceOctober 25, 2015 9:12 PM

So what'd Brennan want with that guckert fella with the nonexistent building company? Guckert, hmm, that kind of rings a bell. Oh, yeah, homosexuole playboy who one day up and got press credentials for the white house. Passed a polygraph that he wasn't a white house operative. You bet he did. House Judiciary Committee never got to see his vetting docs. Passes on a little party oppo, then goes straight for Joe Wilson, citing classified. Blamed him on Rove, nyuk nyuk. That Brennan, he's a card, get everybody looking for the honey trap.

Yee-hah, metadata's fun!

Bob S.October 25, 2015 9:25 PM

TalkTalk CEO Dido Harding said she is sorry she lost the personal data of up to four million customers, including:

Names and addresses
Dates of birth
Email addresses
Telephone numbers
TalkTalk account information
Credit card and bank details

CEOs are always sorry when that happens. But, maybe if some of them were thrown in jail for twenty years, and the corporation fined $/£ 10k PER RECORD their fellow pampered BSers might pay more attention to real security and real privacy.

Ain't gonna happen though is it?

Meanwhile, we should all start memorizing details of our fake cyber identities and feigning ignorance of, for example, our tx numbers so as to feed the beast garbage, thus fulfilling the principle of garbage in to the the Masters, garbage out to the Crooks.

Folks: Lie to them like they lie to you. Only double it. If you get caught, just say you are sorry.


Shadowed By Murder of RavensOctober 25, 2015 9:39 PM

@Skeptical

Yes, all human beings are fallible, regardless of what organization they work for. This is news to you?

How fallible they are is newsworthy, this is why the story has gone far and wide. The head of the CIA being hacked by a 13 year old. This not long after OPM got hacked. And, the two stories were tied together by a number of media outlets, because the primary product suspected of being taken in the OPM hack was SF86 forms.

Trust, confidence is a gauge, whether you wish to admit knowledge of this or not.

When the CIA says they have information, such as that Iraq has WMD, for instance, that confidence gauge in the hearts of every decision maker is accessed. Do they trust their information.

Would it also be news that your repeated emphasis of the fallibility of the US Government is somewhat at odds with your later, nearly hysterical warnings of a secret dual state, propelled by "armies of covert operatives" that will arise within the US and become a totalitarian system?

My other statements on entirely unrelated matters are irrelevant to the post, except for the sophistry of an attempt at character assassination. Is that the best manner of rhetoric you come up with, in lieu of the complete lack of weighty evidence?

I will simply state on that you have grossly mischaracterized what I was stating in that other post. You might as well have argued "how can I say that the hacker was 13 years old when, in another post, you say he was not 13 years old". Equally invalid. I did not ever state the hacker was not 13 years old. I pointed out merely he might not be who he claims to be, including his age of 13.

In every instance I merely raised possibilities.

I merely pointed out there could be more which meets the eye to these stories. We would have no way of knowing. And this is true. And it is not something I see brought up.

Like the possibility that the hacker of Brennan was using a fake persona which the media was gulping up, so too often do I see the media gulping up the fact that there could be more then meets the eye going on about domestic spying.

This certainly has happened in this country before, during almost the entire tenure of Hoover. So it is as hardly as far fetched as you would like to make it sound.

I will also state that I am not saying I believe totalitarian states are the product of competent systems. They are invariably the product of incompetent systems. And, they remain and perpetuate that incompetence they inherited from their previous system.

So, the incompetence of the CIA, FBI, NSA, and other government agencies is a concerning factor in these regards. If they are thoroughly incompetent, they can also have very poor internal checks and balances. Much argument could be made that they do, in fact, have very poor internal checks and balances.

Wikileaks did not need to publish the entirety of what it did to establish that a draft SF86 was saved in his AOL account. Instead it chose to pointlessly publish private information.


Considering the relevancy of 21 plus million people who lost their SF86 records in the OPM hack this is hardly a problem I am bothered by in this instance. It is a significantly petty concern. Of all the data pertinent to be posted, that was the most newsworthy data. Because it does tie into the significant OPM hack and does remind of that hack.

If the government can not be trusted with the classified applications of Americans seeking clearance, how can they be trusted with Americans domestic data or universal backdoors? How can they be trusted to be using their drone program to kill valid targets and not just be rampaging only against civilians? How can they be trusted to be running black sites, torture sites? Or engaging in foreign wars where America has no vested interest to begin with?

Why are we spending trillions of dollars on intelligence programs when the product is destructive to the country and there are significant crime and economic problems domestically?

Were you even in the least concerned at the negligence shown with the OPM hack? Did you shed a tear and express concerns then and over that? Or is it just that the CIA head had his one form exposed that has got you worked up?

How do you even measure that as noteworthy in comparison?

So, yes, it is significantly petty issue not even worth mentioning.

You sound like the sort that goes to funerals of people you do not even know and work at forging sadness. Do you have a fake smile plastered across your face all day? I do not find it in the least compelling that this privacy invasion has caused anyone the slightest pang of concern.

Not even Mr Brennan. He would have had to change all that information anyway, and he already well knew that the Chinese - or whomever did the OPM hack - has that information already anyway.

He also would have taken that as a painful lesson in security, I would hope. And not shed a tear blaming someone else for his own lack of due dilligence.

Especially not while this whole Hillary Clinton debacle has been running non-stop.


Gosch noOctober 25, 2015 9:44 PM

No no, Mr. Clutch, Sir, that's his adoptive funny uncle, he's a roller, 2nd epistle to the Fipadippians and so on. Set the young man on the straight and narrow after his difficult childhood as a, ah, foundling.

Shadowed By Murder of RavensOctober 25, 2015 9:58 PM

@Alan S, et al

Tony Blair on Iraq:

“I apologise for the fact that the intelligence we received was wrong."

I missed that part of his response. He apologies that the intelligence he received was wrong. The poor thing, well, it was all just a mistake then, wasn't it? The real culprit there was the ones who gave you the intelligence.

Fact is they did give the world the very same intelligence. And people could see it was bunk. This was called out. Bad sourcing, bad evidence -- but they went ahead with it anyway.

He should man up and take responsibility for believing clear lies and evangelizing those clear lies.

But, when at bat, sadly, he does not do this.

That is shameful that he does not do this. It is shameful that after years of time to introspect on the matter, this excuse is what he has to give -- something not worthy to come from the mouth of a teenager.

@ianf

Kim Philby NEVER FUCKED UP, so there.


Philby was an interesting character, but I do not think it is fair to say he never fucked up in what he was doing. Early on, at the very least, he grabbed the suspicion of Angleton.

And he cavorted with his fellow spies, which, when the venona transcripts started to be parsed put a big bullseye right on his forehead.

Furthermore, he made the severe mistake of allowing himself to be recruited by Moscow in such a manner that gave them full control. He would have done better to not allow them to run him, and not allowed Moscow to know his identity.

His major mistake, above all, however was, of course, one common to many during those years. Believing the foolish line that the Soviet Union was some manner of Utopia and that Communism was a realistic political philosophy.

Like Blair, he believed an error which he did not properly vet. Unlike Blair, he suffered terribly for doing so.

Either of them would have done much better to take more seriously the concern of weighing information honestly and rightly with scrupulous care.


name.withheld.for.obvious.reasonsOctober 25, 2015 10:36 PM

@ Clive, Clive, Clive Robinson

So going for the books was a really poor investment choice and thus a cautionary note for those thinking of starting their own dead tree cave... Think of it not as I did originally which was as "an investment in my future through knowledge"

Don't be foolish, the e-book craze and the lack of "digital fidelity" cannot be overstated. We are head long into the abyss with respect to retaining the history, data, information, and knowledge of the past. As you know, people confuse information with wisdom or knowledge and we know that to be far from true.

I could go on but some other time I will cover my tome on "information/digital fidelity". To my thinking this is orthogonal to data security and retention only with far more implications.

Apologise for poisoning the name tag reference (for all three of you)...;^)

name.withheld.for.obvious.reasonsOctober 25, 2015 10:51 PM

@ Wael

Don't make the assumption I "attended" the college! I could have been 11 or 12 when I visited the bookstore, or maybe older. Either way, age is just a number. I certainly don't feel old, and obviously I'm not acting it either ;)

Chill dude, just yanking your chain. My sarcastic tenor often misses the mark. By the way, I was doing post-graduate work (semi-conductor physics, mechanical engineering) at 12 years old...back in 1972-73.

I share your sentiment as to age is a number thing--should have dated that lass from London back in '11. She's brilliant, intelligent, well accomplished, and twenty years my junior. I pushed her away saying that I was saving her from a mistake, it took my college age daughter telling me "You didn't let her decide." One of the biggest errors in my adult life. She no longer talks to me or even responds to e-mail, I really hurt her and didn't understand how vested she was emotionally--my bad. What an ass I am!!! Funny thing is I didn't realize I had fallen in love with her--almost like a school kid.

Personally I am a robot (figuratively), so serious, and very determined. By the time I was in my late 20's I'd peaked, a research scientist at IBM and on top of the world; my naivete was only exceed by my ignorance as a young gun. There, that's a confusion I've made public.

Nick POctober 25, 2015 11:08 PM

@ name.withheld

"I share your sentiment... There, that's a confusion I've made public."

Damn. Sorry to hear it. The error just came from not spotting those kinds of patterns. The kind of thing that takes practice and determination to understand such things. ;)

Hope you have more fortune in the future.

AnonOctober 25, 2015 11:55 PM

A few things:

* As everyone here surely appreciates, encrypting data should be part of the overall security posture, not the only thing

* If the data was stolen by SQL attack, why was this possible, and why was it not detected (man-power issues aside)

* I have been unable to check, but I'm sure I have observed an iDevice say an OTAU is available WHILST IN AIRPLANE MODE. This needs more investigation.

WaelOctober 26, 2015 12:36 AM

@name.withheld.for.obvious.reasons,

Chill dude, just yanking your chain.

I know :)

Sad story you tell. Makes you a hero! I can't make such confessions because my name isn't withheld ;)

But I can complain about the moon blocking the stars. I'll have to wait until it sets.

WaelOctober 26, 2015 12:51 AM

@ianf, @Sancho_P,

The first two steps I listed will answer your questions.I think there are more details but now I'm trying to find a "black sky" in a place that claims to be one of ten certified dark skies in the world (Latitude:33.100492; Longitude:-116.3013267.) So far, I'm disappointed, but to be fair, it's a little cloudy and the moon is almost full. I have seen much darker skies elsewhere. A story for another day....

Would you trust your disgruntled software insider? Why? Only if you are told “The answer is yes.”? ;-)

Depends what question or request you ask! I had in mind a code snippet or a source tree code. Wasn't expecting a yes/no answer. We think we know what the answer is, after all ;)

WaelOctober 26, 2015 1:00 AM

@ianf,

Jailbreak it and add your instrumentation or logging code. Or find what's available on cydia...

Clive RobinsonOctober 26, 2015 1:21 AM

@ Bob S,

Meanwhile, we should all start memorizing details of our fake cyber identities...

The question is how many to avoid the correlation?

Think of it in crypto terms, in effect you are "substituting" one ID for another ID as a "Simple Substitution Cipher" and as Shakespeare asked posed through a besotted young teens musings "What is in a name?".

The Victorian logician Charles Dodgson composed for young Alice Liddle a fantasy tale on a chess match, in which the "White Night" gives discourse on the naming of things.

Thus if the authorities are monitoring the nature of the beast, it does not matter what name or number it is given or assumes. Because the details are the devil, and your job is to reverse this and put the devil in the details of the beast.

Thus like an actor you need to become a beast true to it's name. For each character played the nature and name must match and not cross over. To do this you must not play the part but live the part, which few in good mental health can do, for any time. It is why OpSec is so very hard to do.

Few can lie convincingly for any time "maintaining a legend" becomes increasingly difficult, because you can not expect to put two paints in the same pot and not expect them to mix with time and use. But with "collect it all" it becomes near impossible to do, because it gives them a time machine to find where the legend first appears, or find where holes in the various personae coincide...

Clive RobinsonOctober 26, 2015 2:57 AM

@ ianf,

Airplane mode is a quinternary issue that only becomes of real issue under certain circumstances.

The first issue, is of course "is data being logged", it's a fairly safe assumption that in the custom E-Book it is.

The second issue is what data is being logged, from a custom E-Book application developer perspective, the ability to log everything will please marketing. But make the code much larger and less reliable, testing more involved etc which will not please other areas of management. But the more you log the bigger the files and more costly the transport of the data, so there are trade offs.

Thirdly, is the manner of logging, that is what memory it is kept in, as this effects not only how you find the logging, but the longevity of the device (writing to all memory causes product life shortening damage, with NAND Flash being one of the shortest lived). But it also adds unwanted complexity, in that what happens when resources get low. The simplest and generally most reliable is to model it on a fixed size circular buffer, where older data gets overwritten by new data. If this model is used then it has advantages for the security conscious user.

Forthly, is the ET issue of "phoning home" so the mothership can collect the data this has three "what, how and when" mode issues of interest. The first is the what mode to transmit, with regards to compression and encryption. Since the Sony malware and CarrierIQ debacles, few developers can not be aware of how bad news the transmission of large cleartext files can be. Thus recognising the transmission may be difficult even if seen, and could be easily confused with say the logging activities of the OS or other background application (Win10 / CarrierIQ etc). Secondly is the how mode, is it GSM mobile, WiFi, USB file or some combination. That is just how determined are they to get the data, the current Win10 debacle suggests almost the same as the likes of the NSA is becoming the norm. Thirdly and most importantly is the when mode, mobile devices have unreliable communications as an accepted feature. Unlike Google's Chrome, you would not expect an E-Book to lose functionality simply because it has no connectivity. Thus it's safe to assume some kind of "store and forward" method as standard, which again raises the level of how covertly the developers will do this, with Win10 setting the commercial standards on this currently.

Finally we get onto the question of how airplane mode might effect this. People appear unclear as to what air regulations require, basically it's "no emissions" which is not possible with active logic, so fairly stringent "masks" like those of EMC are used, along with "turning off all oscillators in radio circuits". Unfortunately some manufacturers don't disable the oscillators as they are needed for baseband activities...

On the assumption that airplane mode is effective --as it should be-- then only baseband (USB File) communications would be available. But reliance on this is not a good idea, especially as the air line industry is pushing for modifications to the regulations for "business use" reasons.

The problem for a security conscious individual is any covert baseband or store and forward transmission when adding or removing the book files. Made worse if changing the book files can only be done via wireless connectivity. Whilst you could set up a fully isolated --energy gapped-- system to do this, the chances are the supplier of book files for DRM reasons will require it to be done connected to the Internet...

Thus I can see users having to rip of the DRM etc and convert files to a currently open standard such as PDF / RichText / Text before baseband copying to the device. And unfortunately losing some of the e-Reader functionality...

65535October 26, 2015 5:00 AM

@ ianf, Wael, Sancho_P, Anon, Clive Robinson

“…Does an iPad in Airplane mode & no BT, used for reading offline PDFs and ebooks, still leak (or saves up for shedding later) some device/ session information?” –ianf


After reading:

“I have been unable to check, but I'm sure I have observed an iDevice say an OTAU is available WHILST IN AIRPLANE MODE. This needs more investigation.” -Anon

“Jailbreak it and add your instrumentation or logging code. Or find what's available on cydia...”- Weal

“The first issue, is of course "is data being logged", it's a fairly safe assumption that in the custom E-Book it is.”- Clive R

I believe Clive is correct. If you are using an ebook reader or Adobe product then there probably is some Digital Rights Management recording and data transfer [dates back to the Macromedia DRM days].

The two main items are DRM and ebook auto-updaters. Here is some old data on DRM schemes:

“The Big 4 eBook DRM Schemes

“Adobe DRM – This is the most common form of DRM. It is used on ePub and PDF files, including library ebooks. Most dedicated ebook readers support this DRM, with the exception of the Kindle. There are numerous software applications that can read this DRM format and dozens of websites that sell ebooks in this format.
“Amazon DRM – Amazon uses their own proprietary DRM for Kindle Books. Most are in AZW format but there are a few TPZ. This DRM restricts the use of these ebooks to a Kindle or a device using Kindle software (PC, Mac, iPad, iPhone, iPod, Android devices, Blackberry).

“Apple DRM – Apple uses their own form of DRM on ebooks purchased from the iBookstore. These books can only be viewed on an iPad, iPhone, and iPod—no software or other devices are supported.

“Barnes and Noble DRM – This is where it gets confusing. B&N uses Adobe ePub, but use their own form of DRM on top of it that makes ebooks purchased from Barnes and Noble incompatible on other devices and software compatible with Adobe DRM. B&N ebooks will work on the Nook and Nook software (iPad, iPhone, Android, PC, Mac, Blackberry), Pandigital Novel, and the now extinct iRex DR-800, along with a few other devices that specifically mention B&N DRM support.

“Other eBook DRM Schemes

“eReader DRM – Once a popular format for palm devices, this DRM format, PDB, is limited to a few ebooks stores such as eReader.com and Fictionwise—both are owned by B&N. Barnes and Noble used to use this DRM, and still does in a few instances. This DRM format requires the use of eReader software for a number of smartphones, PC, Mac, and Linux computers, and will also work on a Nook.

“Mobipocket DRM – Mobipocket DRM has been around for a long time, but is now starting to fade away. Very few dedicated ebook readers offer support for this DRM scheme, and if they do then they aren’t allowed to support Adobe DRM at the same time—so it is one or the other, and since Adobe is far more widely used, support for Mobi DRM is dwindling. It requires the use of Mobipocket software for PC computers and some smartphones. A few libraries have ebooks with this DRM format. This company is owned by Amazon.

“Microsoft DRM – A seldom used ebook format is Microsoft’s LIT format. Ebooks with DRM that are in LIT format will only work on a computer, tablet, or mobile device with the Microsoft Reader software installed. No dedicated ebook readers support this DRM format.

“Blio DRM – This is a new ebook platform that uses Microsoft’s XPS format for ebooks. Blio uses its own DRM scheme that is exclusive to Blio software. Their ebooks will not open with any other XPS viewer or program.” –The ebook reader

See:
http://blog.the-ebook-reader.com/2010/10/09/the-ebook-drm-guide/

I don’t know exactly how the newer DRM modules work. But, I would guess they would regardless of Airplane mode.

http://blog.the-ebook-reader.com/2013/02/07/how-to-remove-adobe-drm-from-epub-and-pdf-ebooks/

Next is the auto-update or "syncing" of updates to said ebook readers - such as updates of Adobe reader and the like.

This site claim to know how to disable DRM [dated material].

[Megaleecher(dot)net]:

“It's amazing what you find when you read their policies:

"The Software may automatically download and install updates from Adobe from time to time. These updates are designed to improve, enhance and further develop the Services and may take the form of bug fixes, enhanced functions, new Software modules and completely new versions. You agree to receive such updates (and permit Adobe to deliver these to you with or without your knowledge) as part of your use of the Services."
That last sentence is very disturbing...” –poster on megaleecher[dot]net

[and]

“This Updater is the most annoying piece of sh*t I ever saw. Running it on one PC is the *only* application we ever saw to clog our entire corporate's internet acces. And I can neither deinstall nor deactivate it in a standard manner. How impertinent!” –poster on megaleecher[dot]net

[and]

‘Many thanks for all ...although its already eat 100 MB of my internet bandwidth in the background before i know it (_ _) kind regard’ –poster on megaleecher

[and]

“To get rid of Acrobat 8 or 9 updater calling home, add
“127.0.0.1 armmf.adobe.com
“127.0.0.1 ereg.adobe.com
“to your hosts file which is located in c:\windows\system32\drivers\etc folder, "hope this helps”-poster on megaleecher

http://www.megaleecher.net/Disable_Adobe_Auto_Updater

You can look through the thread or start an internet search to disable DRM and ebook auto-updaters on your own. Your mileage may vary.

Wesley ParishOctober 26, 2015 5:19 AM

@Bruce

One reason why people still find it difficult to see why Sony NEEDED North Korea to crack its network when they could so easily provide the incentive to anyone to do it without really trying ...

http://petapixel.com/2015/10/25/sony-filed-a-copyright-claim-against-the-stock-video-i-licensed-to-them/

At this point, the information I had was that I issued a license agreement to Epic records allowing them to use my content; Epic Records/Sony Music violated the terms of use by claiming copyright to my footage on YouTube; when disputed, Epic/Sony denied my dispute and maintained that they were the copyright owners of my content; and none of my e-mails got a response.

At this point in time one wishes for some Sony competitor to release an assassination comedy, with the assassins coming from within Sony of course, and the assassination targets being Sony's top executives ... I can see that such a film would be very very popular ... if Peter Jackson is reading this, please signify. This could be the greatest blockbuster of all time!!!

Sancho_POctober 26, 2015 8:27 AM

@Wael

Surprise!
By my poor English knowledge I thought the answer to @ianf’s question must be either Yes or No, could never be tri-state (let alone dribbling around in code / gibberish like @Skeptical).

Now commenters here understand “iPad” as e-book reader / Kindle.
- That’s a confusing world for naive Sancho_P!
;-)

ianfOctober 26, 2015 9:01 AM


@ Shadowed By Murder of Ravens

Kim Philby NEVER FUCKED UP, so there.
    Philby was an interesting character, but I do not think it is fair to say he never fucked up in what he was doing. Early on, at the very least, he grabbed the suspicion of Angleton.

My “Philby NEVER” was issued in response to AlanS's not exercising due diligence when faced with an obviously hyperbolic blowhard comment of mine, but arguing with its surface layer (I presume he didn't like reading that he doesn't qualify—which IS true—for the innermost intel ;-))

But OK, I have a few things to say about ol' Kim. From the POV of his paymasters, he did not fuck up—not that it earned him their trust (they, too, were flabbergasted by his His Master's Choice, and, innately aware of inferiority-driven Russian imperial delusions of grandeur, would not be convinced of his, if misplaced, anarcho-idealism[*]. So after his defection they plied him with booze while keeping at an arm's length in Moscow). Any of his earlier "hiccups" along the road with Angleton didn't really matter, as they were consistent with the image of a well-bred (of course!), slightly eccentric (ditto!) British Secret Civil Servant. And Angleton being a cupcake wasn't so much Philby's fault as the dividend… birds of a feather.


he made the severe mistake of allowing himself to be recruited by Moscow in such a manner that gave them full control. He would have done better to not allow them to run him, and not allowed Moscow to know his identity.

What's your poison… Absinthe, isn't it? Only that can explain you thinking the Russkies would accept anything short of a full monty prostrate recruitment. (“not allowed Moscow to know his identity” just ?who? do you think NKVD was, safe heaven for Anonymous?)


His major mistake… believing the foolish line that the Soviet Union was some manner of Utopia and that Communism was a realistic political philosophy.

Now you are being naive, mansplaining ideological divides of the Thirties from the perch of second-rate hindsight. Whereas the closest that I confess to an insight in that regard is that, at around the 1900, the Europeans lost their battle with fast-pacing Modernity, and reverted to traditional Barbarism of past times. A process that took 2 world wars, the fall of 5 empires, and some 100?MM sacrificial bodies to run its course. Too bad you weren't around at the inception of it, could have made all the difference.


Like Blair, he believed an error which he did not properly vet. Unlike Blair, he suffered terribly for doing so.

Bollocks. Philby knew what he was doing, even if he could not foresee the consequences, personal as well as historical. So did Blair—he can't have swallowed Bush's invite to war hook line and sinker without prior reflection on the clay-feet rigidity of the justifications. Most probably, he felt he had no choice in that matter; not if that meant keeping the Special Relationship alive, and Britain's continuing above-the-French place in the World order. As for the personal cost to him, he's cursing being remembered solely for being a stooge for G.W. Bush, but as I said, what was he to do, talk sense into that doing-one-better-than-daddy-issues Yank?

[^*] This really is Off-Off-Topic, but, in for a penny: on one level, Philby coming from a privileged background, and with carrer-on-rails staked out in advance in that class-cesspit that was then Britain, his Oxford-time allegiance is an enigma to me. On another, it sounds like a rebellion against stuffiness and the very confines of that Imperial coffin-society… treason that begun in small and then accumulated until there was no coming back. John Le Carré, whose M.I.6 identity was blown by Philby, has patterned his Bill Haydon character in “Tinker, Tailor, Soldier, Spy” on KP. It contains fictional depictions of both his first steps towards recruitment and (in the final debriefing by George Smiley scene) "Haydon's" motives—and that's probably the closest we'll ever get to what made Philby tick. In later years various culturati visiting Moscow were not unheard of meeting the quintessential "Englishmen Abroad" Burgess and MacLean—another pair of sad-sacks if you'll ask me—but, with exception for his publisher, and preface-ist Graham Greene, I can not recall reports of such tête-à-têtes with Philby. When Le Carré went there in mid 80s, KP sent a note expressing an interest. Meeting him might have enlightened the author's views of him, but JLC did not bother to reply.

ianfOctober 26, 2015 9:59 AM


@ Anon […] “* If the data was stolen by SQL attack, why was this possible, and why was it not detected (man-power issues aside)

Wasn't it Clive Robinson who speculated that the SQL requests might've been "weaved into" the fabric of the smoke-screen DDoS attack? Sounded plausible to me. Inject seemingly unconnected packet sequences into a stream directed at named ports, and they disappear in the noise as apparent kosher requests.


* I have been unable to check, but I'm sure I have observed an iDevice say an OTAU is available WHILST IN AIRPLANE MODE. This needs more investigation.

For an iOS update to become known, it needs to be triggered first, which would have necessitated a parallel Airline-mode-overriding notification mechanism, hence #fuggedaboutit. In all probability, the red update badge was there before Airline-mode switch-on, as happens to be the case with my yet to be updated iOS7 iPad Mini while in flight.


@ Wael […] “The first two steps I listed will answer your questions.

No, they will not; all they would accomplish is raise new questions & the need to quit this quest, take up gardening instead. I need to piggyback on the accomplishments of others, not to become a free ride myself. Call it Turtle Mentality (turtles have been around for much longer than us, and, unlike the Hominid order, are still evolving).


[…] “Jailbreak it and add your instrumentation or logging code

Nope, no mickeymousing around with the soul of devices… that way madness lies (beckons as I write it). Part of my ongoing life project is to see how the other half lives, how not-quite-haves cope in comparison to my have-way-too-much. Ultimately, that means biting one's teeth and thinking of England… the things I demean myself doing for science!


@ Clive Robinson, 65535, regarding ebooks & DRM - I'll come back to it, brevity takes time.


@ Sancho_P

My (specifically) iPad inquiry was twofold, I should have spelled it out better from the start:

(1) how much/ how frequently does an iPad shed accumulated usage data back to  iOS (neither iBooks nor Adobe) Mothership?

    Answer: nobody knows, device field striptease and el-vivisection needed to find that out

(2) whether iOS continues to "shore up" such data during Airline mode for uploading of that after connectivity has been restored.

    Answer: in all likelihood YES, though probably not to the ebook DRM provider directly, but to the iBooks vendor

It follows that, once Airline-d, the iPad can mainly be used for reading/ browsing of explicitly in advance saved Reading List (web) pages, PDFs and ebooks. Hence the equation=mark between iPad as a dedicated reading tablet and a Kindle.

Sancho_P CONFUSED NO MO!

keinerOctober 26, 2015 11:00 AM

@Mister Brennan

Was it the same lab tha invented AIDS? :-D

You believe in this nonsense?

Ever heard of bush meat? Ever heard of Ebola virus sustaining in certain body compartments (central nervous system, testes) for unknow time?

Is this bullshit hitparade going on here?

Shadowed By Murder of RavensOctober 26, 2015 1:42 PM

@ianf

he made the severe mistake of allowing himself to be recruited by Moscow in such a manner that gave them full control. He would have done better to not allow them to run him, and not allowed Moscow to know his identity.
What's your poison… Absinthe, isn't it? Only that can explain you thinking the Russkies would accept anything short of a full monty prostrate recruitment. (“not allowed Moscow to know his identity” just ?who? do you think NKVD was, safe heaven for Anonymous?)


You can spy for an intelligence agency anonymously, especially if you are not expecting money or honor in return. Simply give them the information. If you wish to establish a relationship with the agency, you can create a persona for them to work through.

There is no reason to allow yourself to be subjected to a case officer or other manner of handler.

Basic rule of compartmentalization.

This is true for moles, it is also true for other forms of spies. With moles, there is a good saying, which has much validity, 'only a mole can catch a mole'. And that is exactly how most moles are caught. There only sure way to avoid that is to not allow the agency you are working for know who you are.


His major mistake… believing the foolish line that the Soviet Union was some manner of Utopia and that Communism was a realistic political philosophy.” Now you are being naive, mansplaining ideological divides of the Thirties from the perch of second-rate hindsight. Whereas the closest that I confess to an insight in that regard is that, at around the 1900, the Europeans lost their battle with fast-pacing Modernity, and reverted to traditional Barbarism of past times. A process that took 2 world wars, the fall of 5 empires, and some 100?MM sacrificial bodies to run its course. Too bad you weren't around at the inception of it, could have made all the difference.

Evidence continually streamed out of the Soviet Union as to the lie of the philosophy. Philby could have turned around from the 30s well to the 60s. And, in fact, he did realize how deeply he was in error when he arrived in Russia, though he did not write of this honestly in his KGB produced autobiography it was related by his handlers after the fall of the Iron Curtain.

There was no excuse to believe in Communism then, just as there is none now.

Such people are as anyone who joins a cult, and really not unlike anyone who decides that they can use a drug they know is deathly addictive. They do not turn aside and they go full force towards it. They certainly do not consider alternatives nor approach their fate with a reasoning mind that considers all angles.

Communism is one of the more subtle and well worked cultic philosophies, but it is a cultic philosophy, regardless.

Like any cultic belief system be it truly religious or be it political, it is shameful for the believer to buy into and certainly not admirable. It is bunk and a scam appealing to human beings basest motives and conceits. Despite it claims otherwise -- which they all have.

They are all rancidly pretentious in promising moral and intellectual superiority while producing the exact opposite.


“Like Blair, he believed an error which he did not properly vet. Unlike Blair, he suffered terribly for doing so.”Bollocks. Philby knew what he was doing, even if he could not foresee the consequences, personal as well as historical. So did Blair—he can't have swallowed Bush's invite to war hook line and sinker without prior reflection on the clay-feet rigidity of the justifications. Most probably, he felt he had no choice in that matter; not if that meant keeping the Special Relationship alive, and Britain's continuing above-the-French place in the World order. As for the personal cost to him, he's cursing being remembered solely for being a stooge for G.W. Bush, but as I said, what was he to do, talk sense into that doing-one-better-than-daddy-issues Yank?

I was not intending to compare Blair and Philby as whole creatures, but merely pointed out that both of them set forth on a course they could not well return from.

Neither of them made their choice well. Hindsight, is one argument here, but one can also argue that any such matter. Why do people make irrational choices. Where is true condemnation. Where is true self will.

Instead, let us stick to the simple: it was dishonorable for Blair to make his decision he made. It remains dishonorable for him to explain away the responsibility of his decision as he did just recently. In doing so, however, he also reveals -- he really did not have conscious control over his judgment. He really did not know what he was doing.

I disagree he could have made no choice. However important America is to Britain, they certainly would not have ruined that importance by disagreeing to follow along with the Bush Administration.

But I do agree he had no choice on another level. A more fundamental level.

For whatever reason, he was ill equipped as a person to discern that the intelligence was weak. I was able to discern that at the time, and that entirely apart from any manner of political bias. (As plenty only were against doing this because of bias, not because they understood the evidence or lack thereof.)

He was not responsible nor capable enough to make such a decision, even though, the evidence or lack thereof was very clear and simple.

This shows he is not very conscious, not very rational, not very awake of a human being.

I do not view him as a truly malignant creature. I might view Cameron that way. I view Blair as more simple then that.

Philby, I do not view as a truly malignant creature, either.

I do view Philby as far less conscious then even a Blair, however. Philby we do have substantial documentation on. He was a very miserable character. He was a severe alcoholic for most of his life.

I do find him interesting, as I do find all such beings who have dual identities, but there are plenty of superior spies and undercover agents in the past hundred plus years superior to him and with far more skill and daring. Plenty with far more honorable words and achievements.


This really is Off-Off-Topic, but, in for a penny: on one level, Philby coming from a privileged background, and with carrer-on-rails staked out in advance in that class-cesspit that was then Britain, his Oxford-time allegiance is an enigma to me. On another, it sounds like a rebellion against stuffiness and the very confines of that Imperial coffin-society… treason that begun in small and then accumulated until there was no coming back. John Le Carré, whose M.I.6 identity was blown by Philby, has patterned his Bill Haydon character in “Tinker, Tailor, Soldier, Spy” on KP.

I believe these discussions are not entirely off topic. Intelligence is very important in regards to privacy and computer security. I wish more in computer security would study intelligence. The fields are practically merged. Both are, quite frankly, "information technology". While academia, journalism, and some research fields are also very related - distant cousins - intelligence has the security element to it these fields do not.

I do agree that Philby certainly had an admirable trait in that way, he saw the hypocrisy, self-righteousness of his class and he knew it was wrong. In a sense, he was as one from the future, as the hippies would later be. But, like so many hippies, I do not see much to admire in Philby. I do see him, just as the peers he condemned, a creature of automatic impulse.

I do not see him as a black box, either, however. We know very much about him. One of the later books, I forget which one, is of his later day handler, who helps complete the picture. This depiction, especially, is appalling, because it shows how he came to Moscow and finally "woke up" to realize everything he was fighting for was such a lie.

And he did not truly wake up, of course. He simply became an even more miserable person, his alcoholism even more significantly advanced. He sobered up with substantial help during his later years, but we do not know the truth from him. He lied in his KGB produced autobiography. He promoted the very terrible lie he himself bought into and since well learned was a lie.

The only reason we know the truth today is because after the wall fell his handlers came forward with the grim truth.

Truth be told, he operated with enormous leeway during his time. He did not live and operate in the sort of extremely confined and dangerous environments as many of his peer moles and agents through the past hundred plus years. He had it substantially easy in comparison.

But, there were turns of interest in his story. I do believe, however, in his behavior, one can see the behavior one finds in any criminal desperate to avoid detection.

And, do note, I am talking here professionally, apart from moral judgments, entirely. Even with my criticism of his belief system, I am not making the same sort of blind moral judgments his peers would have. I am making technical judgments. It was a foolish belief system. He was foolish to buy into it. It did deeply tie into his professional behavior and decisions.

Conversely, I disagree with the belief systems of plenty of other undercover agents and deep cover spies, but rarely can I say that their wrong beliefs truly made them bad at what they were doing. With Philby, I certainly believe it did.


Shadowed By Murder of RavensOctober 26, 2015 2:07 PM

@Anon

* If the data was stolen by SQL attack, why was this possible, and why was it not detected (man-power issues aside)

I have not studied this TalkTalk attack much, but the main chokepoint to avoid SQL injection attack is at the code level. Secondarily to that, at the attack signature level. And finally, only after that is firing on the data leaving the actual database server and ending up at an outside user's hands.

Those are in order, roughly, in terms of ease of preventing.

On that first level, there are complex and subtle SQL vulnerabilities, and then there are very trivial SQL vulnerabilities. I see someone has claimed this may be a very trivial SQL vulnerability. If so, there was no reason except poor dilligence for not finding and fixing that error.

Generally, catching SQL attacks on the wire tends to be trivial, as there are only so many commands and it is not so difficult to detect normally. So, one and two are very close together.

Three, more complex. Because SQL data is going to look like legitimate data. This also has levels. Did they dump full databases, or did they take bits and pieces at a time. And so on.

As for encryption, not sure if they are talking about if the data was stored in such a way that it would be difficult for the attackers to decrypt. That is kind of complex. Some sensitive data such as passwords should be stored in a manner which is not decryptable, other sensitive data can not be stored in that manner.

There are many ways to implement decryption poorly, though it depends on the data as to how 'at fault' they are. It depends on the regulations they were under.

At times encryption can hurt protection systems, because they need to be able to inspect that data to fire their rules off it. Generally, this won't come into play with web site hacks as SSL will be relied on and the systems will be able to see the data past the SSL. But, it can come into play and mean that the data could not even be inspected for rules. Further, many rules that center around data inspection such as CC numbers, social security numbers, and the like can be turned off because they are easy to false positive on.


ianfOctober 26, 2015 3:24 PM


Thank you, AlanS. Any particular line of mine that you found funny, or were you just venting in lieu of nought to exhaust?

I am asking because I'm not the kind of fully accomplished professional as apparently is the Shadowed By Murder of Ravens nick here (btw. "murder of ravens" is a plural enumeration, not a declaration of intent… akin to the more known "parliament of owls," or "murmuration of starlings" - but you knew that already, I can tell that from your parsimonious—that's a compliment!—commentary method).

Mister Brennan, my liver just dissolvedOctober 26, 2015 4:05 PM

@keiner. Bush meat. Indeed. Ever had bushmeat? Ever seen bushmeat? So Monsieur Keiner, these Africans who eat bushmeat, in the remotest and least developed parts of the Zaire strain endemic region... some of them are, what, jet-setting bushmeat eaters who are jetting off 2,200 miles? To places where the host government has failed to ratify the BWC and where official documents show US government filovirus research? And these jet-setting African Paris Hilton socialites get off the plane and pat their stomachs and burp their bushmeat carpaccio from 1st class and infect everybody there... But not anywhere else along the way...

Yeah, right.

Anyway, bushmeat does not figure in the official explanation of the outbreak, so how come you know better? Monsier Keiner, nonsense and bullshit do not get your beloved CIA off the hook, if all you can come up with in rebuttal is some half-baked catchphrase that hints at a long chain of implausible contingencies. And you'd better tell the Sierra Leonian government nonsense and bullshit, because the first thing they did in response was shut down the US mad scientists at Kenema. Unless of course you know more about their MOU than they do. You know who knows a lot about their MOU? Russia, from Iran, through Hezbollah, through the sizable Lebanese community in Salone. They still know how to do HUMINT, unlike your CIA. So good luck pooh-poohing this big Charlie Foxtrot away.

Shadowed By Murder of RavensOctober 26, 2015 6:30 PM

@Clive Robinson, Bob S., et al, Fourth Wall

regarding:
- "collect it all" by governments makes true anonymity online near impossible if you socialize online much -- this is also true just with the nature of many sites where information is archived for long periods of time and easily searchable to all
- it is extremely difficult to truly maintain multiple personas in significant online social engagements; it is in fact, potentially detrimental to one's mental health & requires extensive method acting capacities
- it can become like a cipher substitution problem, and we know this is a weak means of security
- it is ethical to "lie" for anonymity purposes

Commentary via specifications for an anonymizing system.

Specifications for Your Own Online Anonymity Persona Engine

*pre-Jazzy naming, how about calling it "JackSparrow" or PurplePeopleCreator

States

- the system has two primary "states"
- one is tuning and preliminary operation
- two is active operation state
- these states can be easily switched between
- the two primary states should have their own UI look
- the two states have their own set of substates
- strong UI is critical for the operation of this system because it requires careful user interaction


Tuning & Setup State

System Creates Database of Real People from Sites

- the system should have significant NLP (natural language processing) capacities
- spidering system that can be pointed at social media sites, forums,mailing lists, usenet groups,search engines and take in wide variety of data seperating users in a database on the home system and parsing and organizing each user by writing and personal details otherwise exposed
- writing is deeply analyzed and significant, many statistics are derived into metadata for that "real person" in terms of both how they write and what they write about
- significant attempts are attempted to collect metadata on the person their self, for instance, statements like "I like pepperoni pizza", "where I grew we all wore pizza hats", "In Tucson they never allowed us to jaywalk", etc
- all metadata filters have an UI for human correction and tuning for accuracy
- an substantial UI presented to the user neatly classifies and categorizes all specific information about the user in terms of "what they say" (as opposed to "how they say it", which is more "under the hood" only type of metadata); this is to be presented as an UI sidebar in the "live posting" UI
- images are taken and sorted for 'under the hood' and UI interface for the user to tune;
- search criteria is another product for this system -- statements which are found to be highly unique are brought to the surface for search criteria against search engines and the persona database; if a match is found in the persona database, the engine runs a scan against that persona and adds it with user interaction to the new persona metadata; image search capacity is used as well, and the capacity for search by image in online search engines

The System Analyzes Entire Sites

- primary purpose for site analysis is for posting at site
- what are commonalities across all posters for the site you want to engage a persona at?
- metadata for a whole site and swaths of sites is also created and maintained
- where "site" is scraped forum, usenet, mailing list, etc
- statistics such as frequency of misspelling, top ten, top hundred, top thousand phrases, nouns, names, cities, food, and further criteria is broken down and presented in UI format for human tuning
- criteria such as likely city, state, country, region, and so on are utilized; regional writings styles; etc; foods, preferences, places, nouns, hobbies, etc

Active Operation State

Persona Selection Engine

- this engine allows you to search on criteria of a persona
- profession, site, gender, granular preferences, writing styles, etc
- top criteria engine, adjustable to varying levels of detail
- contextual search engine capacity
- social engineering targeting capacity
- optional search by persona feature -- select a target persona, trim metadata selection criteria, and search for similar personas at a granular scoping level: from same political party, to penchant for using various words, same religion, same site, preferences down to if they like feta cheese on their pizza
- multiple results allow a rolodex like filter which accordions out and presents to the user highlights of the persona, graphics, and optional granular filtering down level
- option to create fictional persona from real persona
- manual adjustment of all metadata details allowed
- fictional persona save feature in separate area
- historical usage filter
- easy filter of metadata tied to previously used personas

Online Posting Engine

- UI detects browser and fits on top of browser
- system is separate from browser for security & UI purposes
- system can perform security checks on browser
- system displays warning that should be used only in vm or temp os
- system displays internet connection details
- system hooks into browser and parses domain of visited site
- historical minimap of previously used personas displayed per site
- historical map may be drilled into
- user selects and right clicks text entry box
- flip top edit box is utilized
- edit box duplicates view of site edit box
- option for raw text and copy and paste easily available
- system provides suggestions while user writes
- suggestions correspond to the persona selected
- about to state what is your favorite food? Where you grew up? Etc, etc.
- above top edit box provides ongoing suggestions for alteration of writing style
-after every line entry a modified, in red option is shown of the same line as the original persona would write it; user can optionally click on the red highlighted suggestion and the original line will change
- easily visible warning side panel will track and highlight changes in style and substance of writing
- every post made by user is archived; optionally sorted by site
- whether real or fake persona is used; new persona is created and archived as third type of persona "used persona"
- this especially is useful because real people may themselves not be forthcoming with their own preferences and details; in social engineering scenarios someone uncovering such dual level deception may impress them on the reality of the persona behind the flimsy "false" details they discovered

Shadowed By Murder of RavensOctober 26, 2015 7:01 PM

@ianf

I am asking because I'm not the kind of fully accomplished professional as apparently is the Shadowed By Murder of Ravens nick here (btw. "murder of ravens" is a plural enumeration, not a declaration of intent… akin to the more known "parliament of owls," or "murmuration of starlings" - but you knew that already, I can tell that from your parsimonious—that's a compliment!—commentary method).

The nick has multiple meanings and purposes on several layers.

As for "professional", if you mean in terms of "sec ops", or whatever the phrase is, you are considerably professional. Your manner, nick, and writing is very unique and yet ambiguous. You have an ingratiating manner about yourself which is consistent across your posts, as is your personality. Your writing style and statements are decidedly unique and despite often coining odd phrases and making odd statements, I would be surprised if one could find a duplicate of yourself anywhere else online.

Yet it is also not a manner of speaking you would use anywhere else. You certainly have a normal speaking method. So this means that you would not be tied to your normal self -- your normal self or deeper self is extensively occluded by this persona.

As for ingratiating manner - despite your sometimes barbs - this garners rapport despite your odd speech and it encourages people to speak up matters which you help direct.

So I would have to say that is very "professional" sec ops, though I doubt you are working on a time clock here.

My sec ops is relatively sloppy. I keep up some, largely however, just to evade limiting conversations where bias is created as my statements rarely define me and typically are flexible in definition beyond what a persona would imply.

Not very concerned about governments or criminals is why.

I post here actually because it helps me shift modes and is entirely different from my job. This helps me gestate on larger problems I am working on in my job. ie, initiating and maintaining unconscious thought processes ( http://www.apa.org/science/about/psa/2009/10/sci-brief.aspx )

ianfOctober 26, 2015 7:14 PM


Oh, AlanS, you daring coquette, you… but I'm already spoken for. Also hetero.

Most readers dislike vacuous verbosity.

Speak for yourself rather than hiding behind generalized "most readers" - from whom you don't have a mandate, nor any proof they exist outside the realm of rhetorical eloquence.

PS. if you absolutely must express an opinion, please direct that sharp edge of your intellect at the truly-meandering streams of consciousness (6-10kB) lately appearing here.

Sancho_POctober 26, 2015 7:17 PM

@ianf (”Sancho_P CONFUSED NO MO!”)

At the moment I’m still in tri-state, will try to decide after purging the day ;-)

Your (2) contributes to even more confusion here.
When thinking of an iPad as a dedicated reading tablet it may be worth to strictly distinct between the OS (here iOS) and the used reader app (there are plenty). Each side has their own possibilities, needs, duties and “skill”, which may differ from version to version (even iOS).
iOS will not store but simply refuse requests of the app to call home in airplane mode, the app has to store statistics until mom is listening.
Things may be different with a "real" reader, though.

But hey, it may not be important, you couldn’t change it, it’s a known unknown.
-> I prefer real books.

WaelOctober 26, 2015 7:55 PM

@keiner,

Was it the same lab tha invented AIDS? :)

Are you sure you needed a "smiley" at the end? AIDS? Watch some of the links I'm sharing below and try to see how much dynamics are in common with "Security".

Listen to Dr. David Rasnick, the author of "Germ of Lies"! An outstanding speaker and thinker. He talks about AIDS being the first and only retro virus (out of three to four thousand retro viruses) to cause a disease!

It's all about "money"! Listen to Dr. Peter Duesberg, look at the price he paid and how much his career suffered because he challenged the "status quo" and said what "others" didn't want to hear!

Then there is Dr. Kary Mullis, who was awarded the Nobel prize for developing PCR. He tells a logical story as well.

And about the HIV test itself: One can test positive for HIV in one country and test negative in another. It's how they define the "numbers" :) In a relevant thread, @Schneier made the comparison between a biological virus and a computer virus. Perhaps Bruce should look at other aspects of the common dynamics :)

The above videos come from people with extremely impressive credentials in the domain! Question is, who will you believe?

The truth is out there, trust no one :)

WaelOctober 26, 2015 8:47 PM

@ianf,

I need to piggyback on the accomplishments of others, not to become a free ride myself.

You want everything handed to you on a silver platter? Fine... My kind of guy :)

At least the kindle application saves or checks the latest updates to books when it comes out of 'airplane' mode. Here is the test:

  1. Close all applications on two iDevices that have Kindle installed

  2. Put the iPad in airplane mode, disconnect from WiFi

  3. Open a kindle book of your choice on the iPad

  4. Highlight a sentence on a given page on the open book on the iPad

  5. Close the kindle application (double click home, swipe kindle up)

  6. Check the same page on your iPhone and observe there is no highlight

  7. Take your iPad out of airplane mode

  8. Observe no changes happen on the iPhone book

  9. Start kindle on iPad, and notice that you are in the library, not the book you highlighter

  10. Restart kindle on iPhone, and observe that the books are now "synced" and share the same test highlight sentence

Does that partially answer your question? Repeat for iBooks :)

Nick POctober 26, 2015 9:09 PM

@ Wael

(Looks like I just missed you. Darn.)

Just got my Electronic Principles book by Malvino. You're right: it's very well-written and comprehensive. I think that, despite not getting all underlying terms, I now have a basic understanding of pops I hear in speakers messing with cords, how crystal oscillators work, certain types of noise down to the atoms (avalanche noise basically = uranium chain reaction), somewhat how to protect digital circuits from voltage spikes, and so on. Lots of concepts that I bet would've been less clear in another text that drowned me in formula and jargon without anything helping. The guidelines and stuff to remember parts are also helpful as they encapsulate the wisdom (esp heuristics) that people would have to learn with trial-and-error. There are other parts where it seems author just kind of runs through stuff where I'm going to have to do extra Googling and thinking, but overall good.

Thanks for the reference.

Now, relative to a prior discussion here about TRNG's.

1. Warning: don't exceed 50V on rectifier diodes. Oh, I think we will and then measure the avalanche that comes out of it.

2-1. Warning: careful around 4V as the Zener effect can kick in with both Zener and Avalanches possible at 4V-6V. Oh, I think we'll definitely add a circuit in that range and watch the weird stuff it does.

2-2. Might even feed output of one varying circuit into another that swings the voltage randomly between 4V-6V. Should make it weirder.

3. MOSFETS have low noise properties. We're not using them lol. Well, they're excellent for digital and so we'll use them for the I/O logic that reads the noisy analog.

4. Electric and magnetic fields cause noise that requires shielding. We shield everything but one part that's an input. It's only shaped just enough to keep it from screwing up the circuits while maintaining its irregular properties.

5. Power supply ripple: use regulated power supply or shielding. We're using the cheap shit instead. However, if possible, filter *outgoing* stuff to look boring and have no relation to internal state.

6. Microphonic noise. Going to need some inductors, capacitor plates, or whatever. A whole array of them with interlocking rubber-bands suspended in mid-air in front of a fan. That way, we introduce odd motion (and noise) via the fan while optionally pimp-slapping the board. Inject more randomness by putting a laser pointer on it with a cat in view.

7. Thermal noise: "we can eliminate the effects of (insert above) but there is 'little we can do about thermal noise.' " Music to my ears. So, we're going to put a bunch of different voltages across a bunch of different resistors, ensure high bandwidth, throw in plenty resistance, amplify any resulting voltage differences (size and shape), filter out everything but the differences, and do this in an oven. Cat should move faster in there, too, increasing vibrations from it bouncing off the board and rack. Ethical concerns mean might need to put the board in front of a heater instead with the cat just hitting something attached to it but not so hot. Will leave it undefined in the formal spec so the implementer can decide on what's right for them.

So, we combine all those on some boards or an ASIC with ADC's sampling them as often as possible. They might end up XOR'd together unless there is an analog equivalent of XOR. I'm guessing it would vary based on the technique used, though, as what's randomized in the signal is different among techniques. The sampled data is further trimmed with statistical outlier detection and removal to keep only the most random parts. Then it's whitened. Result should be a thorough TRNG with decent bandwidth whose overall effectiveness is minimally impacted by environmental change as there's always at least one circuit the change can't effect. If anything, its effective entropy can only be reduced. So, the CRNG should just assume that minimum production and collect multiples of it until at the desired, minimum amount for seed.

So, how close am I to what might actually be done by an analog engineer for this or how far away from a solution has my electronically-clueless ass gotten me?

Note: He actually defines what the word "analogy" means in the glossary. I feel for the reader who needed help with that but expects to get through the rest of the book. ;)

Note 2: The dedication:

"My brilliant and beautiful wife without whom I would be nothing. She always comforts and consoles, never complains or interferes, asks nothing and endures all, and writes my dedications."

My emphasis added. For a second, might have thought he was unusually good at marrying the right woman or just brown-nosing one. Then, a specific phrase jumps out at me. I think his wife had mastered in books the whole "My gf is perfect. I love her forever... you've been hacked by gf!" Facebook scheme long before Facebook had been invented. Now I wonder how many other dedications like that were written by the wives lol...

FigureitoutOctober 26, 2015 9:21 PM

name.withheld.for.obvious.reasons
--So mentioned working at IBM, have any interesting patents you may have been a part of? Just curious.

ianf
--Not sure what's the point of trying to shield tablets or any product w/ word "smart" in it. These electronics are getting way too packed to be able to get in and at least apply a shield from a hobbyist perspective which is absolutely necessary for any sense of personal verifiable security.

However I have the priviledge from a school project to make little "fixer-upper" guides for electronics, and our group got one of those atrocious android tablets. Pretty crummy engineering, but the guts are hackable by hobbyists (easily) and back cover easily removed so can shield. For instance, why do you need a speaker on a reading tablet, can snip that easy; maybe apply some ferrite beads to absorb RF and locate chip and snip the chip pins too. Wifi antenna?--It's labled. Snip that too, make the range terrible at least. Camera?--Goodbye, easily removed. Mic port?--Bye.

But the capacitive touch screen (the touch controller is the chip w/ the smaller ribbon cable leading out to the screen. That *is* vulnerable to RF attacks, not quite sure what attacks would like like on mutual cap screens, but they can be attacked w/ simple amateur radios or sh*tty leaky power supplies right by chip...

This is the chip in some of the android tablets: http://www.newhavendisplay.com/app_notes/FT5x06.pdf

I was surprised to see the feature of "Immune to RF interference"--I call bullsh*t but I have to default to datasheet until I can confirm on this chip. Since there's an MCU packed in it w/ memory it's a suspect for malware to hide real nicely too...I do like the low voltage operation and the watchdog timer though but that's pretty normal engineering.

WaelOctober 26, 2015 9:43 PM

@Nick P,

Thanks for the reference.

Glad to hear that! Now I'm happy.

avalanche noise basically = uranium chain reaction

Please preserve my mood and tell me this is a nasty typo! You meant "germanium", right? Uranium will fu#k up all your electronics!

and writes my dedications

So you read introductions too? So do I. Thanks for giving me this reference! I've been searching all my books for it, but couldn't remember for the life of me which book it came from! Sometime in the future I'll share with you another related introduction from another book (that I remember.) it's a digital signal processing text, this time .)

I'll get back to your other comments later. Still upset I went stargazing with a full moon! Was a spontaneous thing, though :(

name.withheld.for.obvious.reasonsOctober 26, 2015 10:02 PM

@ Nick P
Just a quick follow-up, Jim Williams also has a series (or volumes) of design books. I have a few e-book (not e-boot) versions and one of them that would seem to be a good start for you is:

The Circuit Designer's Companion (published by National Semiconductor)

As you may be aware, Jim had quite a reputation and is sorely missed.

FigureitoutOctober 26, 2015 10:15 PM

Nick P RE: "t"rng's
--Looks pretty good, you've outlined a system, now the fun part, putting humpty dumpty together in a real implementation that people can evaluate and start calling you names for tiny errors lol. I would say that's very doable w/ open source board layout software and whoever can decide on surface mount (yet still solderable by a human...) for the components.

Couple suggestions/ideas, what about a nice hefty ground plane on both sides of the board and the little shields you see on PCI wifi cards, but have 2 w/ corner slits at 90 degree angles b/c they have slits in the corners? Taking it even further, have it gold plated to the ground plane where you place it and solder it completely around edges. Probably add some copper tape around the edges of the PCB too. Then on the final revision remove most all via's.

So it's got a solid ground plane exterior, then shield most important parts (at the least the power supply), then shield entire thing in another enclosure, then use in a shielded room optionally. That's a lot of metal to penetrate.

Also, if you can keep power consumption down, I know of a manufacturer of good 3.6V batteries that can be substituted for AC power, if you have some power calculations I can give you lifetime estimates (upwards of 15 years if very low...) and you just have to resolder in a battery if it dies. That would basically nullify powerline attacks; combined w/ heavy shielding and security-focused design, that'd be good, perhaps rivaling some military products.

One other thing is to just have a button connected to a 16+bit timer as either an additional seed source to mix in w/ other sources.

EMSEC countermeasure
--Hackaday had an article on TEMPEST, http://hackaday.com/2015/10/19/tempest-a-tin-foil-hat-for-your-electronics-and-their-secrets/ and referenced a nice thesis from Cambridge that had a pretty sweet countermeasure that I'm still not quite sure how it works.

It's a very heavy paper which I haven't read all the way and has a very strong mathematical foundation to it.

The countermeasure that was quite interesting was "filter fonts" starting on pg. 60. I feel like there's still a fatal flaw in it but can't evaluate it nor know how to implement.

http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-577.pdf

name.withheld.for.obvious.reasonsOctober 26, 2015 10:18 PM

@ Nick P
OOPS, wrong attribution again. I have to stop relying on my memory. Anyway, the publisher is Nermes...

A good resource for a follow such as yourself--as you are the link master--can be found at www.wisewarthog.com and is a good jumping off point for anyone looking for decent analog electronics books. I do recommend the second edition of the Circuit Designer's Companion; it is clear, concise, and fairly thorough in the treatment of analog systems. PLEASE, PLEASE, PLEASE, everyone read the introduction(S) of either the first or second edition of this book.

Nick POctober 26, 2015 10:22 PM

@ Wael

"Please preserve my mood and tell me this is a nasty typo! You meant "germanium", right? Uranium will fu#k up all your electronics!"

In a Uranium chain reaction, a neutron hits the atoms to convert it into other atoms plus neutrons. Those neutrons hit more atoms which do the same. It multiplies. This is usually drawn with circular atoms & nuclei branching off in a V shape.

The book explains the chemical/physical processes of how electronics work. A lot of those were the circumstances under which electrons move between materials. An example was the minority-carrier current in reverse-biased diodes. Now, increasing the voltage to breakdown causes the minority carriers to smash atoms of crystals hard enough to send electrons flying out of them. Those hit other atoms with 1 free electron releasing 1 valence to get 2 electrons. It multiples. Book shows it in a V shape that gets wider.

Looks a lot like the semi-conductor and electron equivalent of a nuclear chain reaction. And that avalanche effect will also "fu#k up all your electronics" if they don't counter its noise during operation. ;)

"I've been searching all my books for it, but couldn't remember for the life of me which book it came from! "

It's one of my favorites. I don't think I've seen that line in another book. Clever.

" Sometime in the future I'll share with you another related introduction from another book (that I remember.) it's a digital signal processing text, this time .)"

Sure thing.

"I'll get back to your other comments later. Still upset I went stargazing with a full moon! Was a spontaneous thing, though :("

That sucks. One good aspect of being in the Mid-South is that we have lots of rural areas with minimal light pollution. Not sure how dark it is objectively compared to other areas. It's like a whole different sky than our cities, though. :)

@ name.withheld

Thanks for the reference to the book. The reviews already tell me it's a must have and covers other topics that involve black magic (eg heuristics from experience). Too expensive even at $36 on my current budget but will get it later. I think the amount of money it would save PCB designers over time far exceeds the purchase price, though, much like with Wael's analog book.

"As you may be aware, Jim had quite a reputation and is sorely missed."

I wasn't aware of Tim's reputation but the reviews indicate plenty wisdom. Amazon only lists three books with two being on Electromagnetic Compatibility: another thing I'll need to add to the collection probably. What was he known for in general or other good books?

Quick Edit before post: will check out WiseWarthog.com

@ Wael, name.withheld

Wael supposedly has a good RF book that he's holding out on. I'm probably way the hell away from learning that even if I start on hardware. Nonetheless, I'm mainly collecting and reviewing these to get others (esp in college) on a good start. Anyway, one reviewer of Wilson's book recommended these for RF:

"For those wanting more design level info on RF electronics see Chris Bowick's "RF Circuit Design". If you need more basic, but more diverse info see Jon Hagen's "Radio Frequency Electronics", and if you are in need of some testing guidance you won't be dissapointed in Joseph Carr's book "Practical Radio Frequency Test & Measurement""

Any thoughts on those or other RF texts? What I hear of the field indicates it needs better books than most due to the nature of the material.

name.withheld.for.obvious.reasonsOctober 26, 2015 10:26 PM

@ Nick P
Damn, did it again--another poor or beleaguered attribution...the books author

TIM WILLIAMS, not JIM

My bad, again along with Bob Pease, Jim Williams is sorely missed. Rarely does insight and clear headed thinking play such a keen role in the engineering disciplines. What is amazing is how simply these individuals stood outside the box at almost every turn in the analog design space--and were big fans of simplicity over stupidly complex. Wish we could have a few more like them in our mists.

Apologizes once more--seems I have missing the mark lately--need to see the doctor soon I guess.

name.withheld.for.obvious.reasonsOctober 26, 2015 10:45 PM

@ Et al,

Thinking back on Bob and Jim, it occurred to me (pun intended) that Bruce is the analog, from an InfoSEC prospective, as the two design engineers at National Semi...

Bruce's perspective is clear, uncluttered by complexity, and is often the lone voice in the wilderness. Though Bob and Jim didn't suffer as much as being a lone voice in the electronics design space makes you a double-lone voice in the wilderness.

It's is fascinating to see critics, as was the case with Bob and Jim, literally ricochet around the room as their arguments bounced off the protective shielding of logical and reason that Bruce is (in)famous for.

name.wkithheld.for.obvious.reasonsOctober 26, 2015 10:55 PM

@ Nick P
Two things--Nick (I am breaking this up a bit so you, or others, can made humorous or snide remarks)

First, you seem really needy or voraciously hungry.

Not to rain on your parade but we move from one subject to the next without completely contextualizing the first subject, query, and request.

Second;

Any thoughts on those or other RF texts? What I hear of the field indicates it needs better books than most due to the nature of the material.

Yes I do have some very good references in this space, but at the moment I am obligated to keep them under the radar--get it--under the radar.

I do crack myself up.

Got some really weighty stuff on UWB that will make your head spin, not iso-spin though (on second thought maybe it would).

FigureitoutOctober 26, 2015 10:59 PM

name.withheld.for.obvious.reasons
--Jim Williams worked for an incredible company, Linear Tech; just a cool company. LTSpice is sick and they give it away. They lead the market in their efficient power supplies, they're the best, probably many other products.

Nick POctober 26, 2015 11:15 PM

@ Figureitout

You need to realize that I know almost nothing about electronics, especially analog. So, most of that I don't even understand. I was seeing how far I could get with excerpts from the book and extrapolating on how I'd apply them without even understanding underlying terms. Seems I was doing OK. Building them or even understanding your proposal would probably require me to read a lot more of it and for real. ;)

However:

"Also, if you can keep power consumption down, I know of a manufacturer of good 3.6V batteries that can be substituted for AC power, if you have some power calculations I can give you lifetime estimates (upwards of 15 years if very low...) and you just have to resolder in a battery if it dies. That would basically nullify powerline attacks; combined w/ heavy shielding and security-focused design, that'd be good, perhaps rivaling some military products."

That's a good idea. We must never forget those simple batteries. I haven't thought of them in a while but I bet they could power many useful circuits. Plenty of microcontrollers can run in that range, too.

"One other thing is to just have a button connected to a 16+bit timer as either an additional seed source to mix in w/ other sources."

Yeah, but my fan or cat idea gets way more done without causing you arthritis. Plus, you can tune an audio sensor to the angry shouts of PETA protestors outside to get entropy from their vocals and stomping around.

re EMSEC

I think you should verify the video one and package up an easy way to demo it to others. In my experience, that one got the risk across better than most things with relative ease. A bit more effort lets you intercept numbers on a PIN pad or letters off a keyboard. They'll definitely get that. However, hearing the music from monitor on AM is eerie. They won't forget that. :)

Far as the RF-immune IC, many of the top vendors practice strong EMC to knock out interference issues. Microchip has a whole page about them doing that on their site. I've seen microcontrollers talk about countering issues from power lines, input pins, etc. Totally immune or not, it's not unusual for one to counter interference. I'm guessing the RF interference would come through the metal pins or power that they're already filtering.

@ name.withheld

"Apologizes once more--seems I have missing the mark lately--need to see the doctor soon I guess. "

Might be safer to have an extra look at any safety-critical designs or code you wrote in past few days before those issues slip into production. :P

"First, you seem really needy or voraciously hungry. "

The second. When brain was better, I was a savant that sucked in information like a sponge and twisted it into what I need. Much less brainpower now but still working at it. Mainly try to distill the best stuff and get it to specialists (or those in making). Plus, I research IT/INFOSEC holistically and have reluctantly admitted I should've been doing hardware all this time. All the best bang for the buck is in hardware design that software/systems build on. Worst is that there's a shitload to learn and not easy for me at this point as I got no savant speed now. Worst than that, it branches off into different paths with different styles that have to be integrated at some point. I usually shortcut around things to do what I can with as little knowledge as possible on extraneous stuff but might be no shortcuts outside of digital side with synthesis.

Prior generation should've done that push-button hardware they were always dreaming about...

"Not to rain on your parade but we move from one subject to the next without completely contextualizing the first subject, query, and request."

That's by design: it's how my generalist approach works to slowly collect all the pieces at abstract and specific levels. Recent result was Wael's book showing me just how much pain I'm in for if I go analog. Combined with prior research, I can already imagine the insanity of doing it on 90-45nm without years of experience and expensive tools for DRC's. That tells me more about how I must go about securing a mixed-signal ASIC, chip or project, if I launched one immediately.

And so on and so forth. It's how I discovered most high assurance stuff, too. Lots of digging through papers, lessons learned, etc without taking time to fully and deeply understand any one. That said, I've always had a problem commiting to any one project that I need to improve on. Especially in terms of making money off them. Gotta work on that stuff. Trick is what to invest in given the proliferation of tech, languages, tools, platforms, etc where you have to know way too much crap to do any one job these days. Going to have to piecemeal work my way into a better situation where I can support the work myself or get work sponsored by companies that want it to be around long-term. Read: not Silicon Valley VC's.

"Yes I do have some very good references in this space, but at the moment I am obligated to keep them under the radar--get it--under the radar."

Lol... you're up too late. Nonetheless, if you have great intro texts, you should still burst transmit them into this blog.

Nick POctober 26, 2015 11:24 PM

@ name.withheld

"Damn, did it again--another poor or beleaguered attribution...the books author

TIM WILLIAMS, not JIM

My bad, again along with Bob Pease, Jim Williams is sorely missed. "

You did it again lmao...

(Googles quickly just in case)

Oh hell, there's a Wikipedia page on Jim Williams, a legendary analog designer. References also mention Bob Pease. Now, I gotta wonder why one says Tim and one Jim. Many possible explanations. One is that you quickly wrote the Wikipedia page after my post but I'm guessing there's a more mundane option.

KarlOctober 26, 2015 11:31 PM

@ SBMoR

The only use cases I think of us gaming itself thru the web of works. As we know meme begets meme, it becomes automated circular feedback sans human interruption. Like game there is the prep the build-up and the excitement then an anticlimactic except its stretched and hidden on a long cycle.

KarlOctober 26, 2015 11:37 PM

", our "Sherlock Holmes", attempted to calculate my age sometime ago. I'm a few centuries younger than him :)"

Lets not confuse medieval aged with middle aged. Sherluck Holmes is no Will Shakespeare...

KkarlOctober 26, 2015 11:57 PM

"As for the "13 year old" I assumed from the first time I heard it, it was probably not true. The hacker culture is mainly divided in to two classes these days, "criminals" and "ego boasters". Both classes would see benefit in "laying a false trail", to avoid prosecution etc."

Being a 13 year old does have his statuary privileges.

If only time could be rolled back. That's the times. Whatever happened to the "good hackers" that we used to know. Guess they are all became criminals.

I believe his claims.

name.withheld.for.obvious.reasonsOctober 27, 2015 12:06 AM

@ Nick P, Figureitout

Okay, I am calling the doc(k) tomorrow. I knew Jim was at Linear, just seemed to tossed both of the enigmatic engineers into the same broth. Guess I will have to step away from the assembler for a period or two...

Both engineers shared the same sense of simplicity and elegance rarely demonstrated in today's "patch it tomorrow, ship it today" world.

Sounds like my blog entries of late!

WaelOctober 27, 2015 12:11 AM

@name.withheld.for.obvious.reasons, @Nick P,

So I read the introduction, and glanced over the rest of the text ;)

There is a disturbing tendency to treat analogue and digital design as two entirely separate disciplines,

They are at the surface two different disciplines. At higher frequencies analog is needed. However, teams are composed of both types of engineers. Few individuals have deep knowledge of both in addition to basic computer science skills. I, for example know close to nothing about compilers, nor do I really care to know! It's just not my thing! I only know enough to do my task.

Nevertheless, the real world is obstinately analogue and will remain so.

Quantum physics disagrees with this statement, though. But I'm making a distinction between continuous (wave) and discrete (photons.) This can get philosophical pretty quick.

Jim Williams, a wellknown American linear circuit designer (who bears no relation to this author),

Like @Nick P, I thought you meant Jim Williams, who your author clearly mentions in the introduction. Small world, isn't it?

It assumes at least a background in electronics design; you will not find in here more than a minimum of basic circuit theory. Neither will you find recipes for standard circuits,

The book came across as the "glue" that ties two disciplines (in the authors mind.)

as there are many other excellent books which cover those areas.

Malvino's text is one of them. Other texts I looked at aren't suitable for intro texts without prerequisite knowledge and maturity in several areas including: Calculus, Differential Equations, Circuit Theory, Electromagnetics and field theory especially for RF interests, Solid State Physics, and Algebra.

Characteristic impedance (Zo) is the most important parameter for any transmission line.

I'm surprised he didn't mention intrinsic impedance of "free space"; 120π, or 377 ohms :)

I bought the book. Kindle edition, no less! Lol So tell me: why did you plead with us to read the introduction? What was there that you wanted to draw our attention to?

@Nick P,

The book explains the chemical/physical processes of how electronics work.

Ok, so you read it! You pass with distinction :)

Might be safer to have an extra look at any safety-critical designs or code you wrote in past few days before those issues slip into production. :

Good one! Let's have a field day with him :)

@name.withheld.for.obvious.reasons,

Damn, did it again--another poor or beleaguered attribution...the books author

And in the same day:

OOPS, wrong attribution again. I have to stop relying on my memory. Anyway, the publisher is Nermes...

No, no, no! You need help: It's on me this time!

Lol... you're up too late. Nonetheless, if you have great intro texts, you should still burst transmit them into this blog.

Too late, I already bought it. It only took one click (so they say, but in reality it was three or four.)

@name.withheld.for.obvious.reasons,

Yes I do have some very good references in this space, but at the moment I am obligated to keep them under the radar--get it--under the radar.

I think I do :) Funny, and clever! You're on the mark this time! One out 17 isn't too bad :)

WaelOctober 27, 2015 12:15 AM

@The Circuit Designer's Companion,

The Circuit Designer's Companion is a free PDF at:

There goes $38+ down the smartthrone (high end toilet) i can't believe this sh#t :(

CarlOctober 27, 2015 12:16 AM

"Two men are walking through a jungle when a tiger appears, one starts to run whilst the other stops to retie his shoe lace. The first man stops and shouts to his friend "What are you doing, you can not out run a tiger" to which the man tying his lace replies "I don't have to out run the tiger, I only need to out run you"."

Interesting choice of analogy...

As for skeptical, from my perspective he is true but a sockpuppet. The sockpup keeps his plays to an audience as the show must not be stopped. Thus, the puppet and puppeteer are one but the same self.

It is when no one watching a man shows his true self.

FigureitoutOctober 27, 2015 12:19 AM

Nick P
You need to realize that I know almost nothing about electronics
--Most humans don't (myself included, I try...), the field is too vast, and that's just electricity getting squished around metallic structures and flipping switches.

I already resign myself to mostly higher-level design now via MCU's (I'm doing Arduino stuff now b/c I want to reach the biggest audience possible and even good internet attackers can't attack an airgapped Arduino (which the brains is ATmega chip which is a good chip you can program and read up on, which has hella peripherals at your fingertips w/ their toolchain), they need to attack toolchain and PC running toolchain mostly.

And my proposal is not that complicated, I wish I could just transfer the picture in my head b/c I suck at expressing myself. The hard unsolved parts is *filtering* any and all inputs for any and all attacks, and generating unpredictable seeds for mostly static functions that will generate same thing w/ same seed. Those 2 problems extend out to many branches of security (guards and the IV in crypto implementations being 2 examples).

We must never forget those simple batteries
--Well, the chemistry is most definitely not simple (I kind of don't care, just want the electricity) and they're not cheap. Otherwise, they'd be cheap and easy to find in your local supermarket.

Plenty of microcontrollers can run in that range, too
--Absolutely, and it's getting lower w/ more features... :p That means passive listening devices need to be closer and someone has to place it there...

Yeah, but my fan or cat idea gets way more done without causing you arthritis
--Bah jesus, don't be a "pussy cat". W/ enough memory you could supply 10, 20...100 samples w/in an hour and add and divide them down into a single number that would be basically impossible to predict, I guarantee that. But that's just one alternative, all I'm saying.

RE: tempest for eliza
--Yeah I'll try it sometime, pretty nifty.

RE: microchip
--That was the company whose *initial* product (engineering samples or whatever) was vulnerable to the EMSEC attack lol.

RE: language of immunity
--I bet that's it, just some "technicality" bs of some band or filters for power supply needed for it; it's a pretty fundamental problem w/ capacitive touch though (and those chips can be mighty sensitive hence vulnerable to unwelcome waves, when pushing to limits). The attacks would get really interesting if they can trigger an activation on an XY-plane as in mutual capacitance, that would mean clicking on things you didn't want to...

Nick POctober 27, 2015 12:39 AM

@ Wael

You're tripping me out guy. Far as analog vs digital, I think they're fair to think of as almost totally different things because of design & implementation style. Hell, even SOC designers I've run into on HN talking about Standard Cell model describe it as monkey work because tools & existing I.P. do most of the work. Analog? Totally different story.

"There goes $38+ down the smartthrone (high end toilet) i can't believe this sh#t :("

LMAO I was thinking it as I read it. Let's look at the bright side: you'll still be at home reading it while everyone else is in jail. Maybe.

@ Figureitout

"Most humans don't (myself included, I try...), the field is too vast, and that's just electricity getting squished around metallic structures and flipping switches."

You need to get the book Wael recommends: it's really thorough and only about $6-7 with shipping. It plus name.withheld's and a digital book will get you pretty far. Can cheat on digital with a synthesis focus esp with open-source flows like Qflow. Maybe cheat on RF by putting it outside your main system's Faraday cage with optical communications between what's inside and outside. Still thinking there's potential there.

"We must never forget those simple batteries
--Well, the chemistry is most definitely not simple (I kind of don't care, just want the electricity) and they're not cheap. Otherwise, they'd be cheap and easy to find in your local supermarket."

Wait, that was a mental slip on my part. I was thinking about 9 volt batteries. I remember some projects used them with quite a long lifetime. Never seen 3.6V batteries until Googling them tonight. Not that I recall. Gotta be cheaper alternatives. I'll force you to code up a solution on a 4-bitter if nothing else works. :P

"Absolutely, and it's getting lower w/ more features... :p That means passive listening devices need to be closer and someone has to place it there..."

I believe you're stumbling onto an EMSEC best practice. Maybe.

"That was the company whose *initial* product (engineering samples or whatever) was vulnerable to the EMSEC attack lol."

Hmm, was it a passive or active attack? And did it use common RF bands? That would be fairest assessment. If it was/did, then they're lame asses haha.

"The attacks would get really interesting if they can trigger an activation on an XY-plane as in mutual capacitance, that would mean clicking on things you didn't want to..."

The porn addicts are screwed then...

WaelOctober 27, 2015 12:46 AM

@Carl,

Two men are walking through a jungle when a tiger appears,..

The version I know goes like this:

Two friends were hiking in the forest. A bear chased them. One of them tripped and fell down. He asked his friend for help, but his friend continued running and ignored him. The guy pretended to be dead, the bear sniffed his head a bit then left him alone and walked away. His friend came back to him and asked him: what did the bear tell you? He said : it told me look for a better friend ;)

Then there is this other remotely related one:

A male mouse loved a female mouse and wanted to marry her. She said: I won't marry you until you ahem "mate" with that lion over there! He said are you nuts? That's a Lion! She said it's my condition. The mouse looked at the lion and noticed it was sleeping. So he slithered behind the lion and "gave it to him". Unfortunately, the lion woke up during the "process" so the mouse jumped and started running then sat underneath a tree pretending to be reading a newspaper. When the lion realized what happened, he thought to himself: My reputation as king of the jungle is in jeopardy if the rest of the animals hear what the mouse did to me, I'll find him and kill him. The lion started searching for the mouse, and finally saw the mouse that's reading the paper. He asked him: have you seen a mouse running? The mouse told him: you mean the mouse that screwed the lion? The lion sobbed: Holly sh#t, it's already in the news?

Ummmm, that's how fast news travels :)

FigureitoutOctober 27, 2015 1:28 AM

Nick P
You need to get the book Wael recommends
--Oh, believe me I have enough reading material and learning projects to last me years...to actually design on your own accord you need to "get" these things immediately and typically at a young age. I'm not old but I'm not young lol. I accept my limits and walk to my own beat.

Maybe cheat on RF by putting it outside your main system's Faraday cage with optical communications
--Yes which is mostly IR implementation-wise, it's short range typically (long range circuits exist) and can be optically blocked. So main threat is a wireless module w/ IR LED's, basically attaching all these peripherals to wireless module to get in custom work and exfiltrate via good ole internet that piggybacks off a different network around you. That's the nightmare scenario that gets in that setup.

Wait, that was a mental slip on my part. I was thinking about 9 volt batteries
--Ah ok. You know those are just 6 1.5V batteries in series? I thought that was interesting, always assumed it was one encapsulated cell. These batteries I'm talking about will last much longer than those 9V ones but you could power more things but for less time most likely w/ 9V. Bah no 4bits! I want muh 32bits and muh C hurr durr... :p

Hmm, was it a passive or active attack? And did it use common RF bands?
--Active attack and common bands. Microchip is still a good company, it was one product (these companies all have areas they're good and bad at). Since it was such a simple attack using radios/methods millions of people could implement it made me freak out a bit confirming one fear (disclosure: I'm working on something involving that, it's going to be completely open to public to hack at so I'm pretty nervous; main thing is making an attack look like a bug w/ basically no easy way to capture debug data, which is bull).

The porn addicts are screwed then...
--Sh*t! Anura, that's you... :p

Clive RobinsonOctober 27, 2015 5:04 AM

@ Bruce,

One to add to your "users subverting security to get their job done" folder,

http://www.theregister.co.uk/2015/10/08/smartphones_patient_data/

Put simply it's caused in this case by the difference between formal communication methods of the employer and informal communication methods of the market.

When an employers system lags sufficiently behind that of the market, the users will go the way of the market. The worse the user perception of the employers system the more likely they are to go to the market systems.

It's not just Hospital staff, I've seen ambulance, fire and police do this as a norm.

For instance a uniformed police officer in London gets issued with a Digital Mobile Radio. These are so poorly designed and implemented that many police officers additionally carry two mobile phones. They appear to be used as one for more formal "talk to base" and the other to talk informally to direct colleges. And I've seen two officers with all four phones organise an impromptu phone conference trying to catch a couple of youths who had been seen house breaking in South East London. They succeeded and from being on the side lines and knowing how bad the digital mobile radios they have are, I would say that catching them was down to the use of the phones.

Recently I've been chatting to those who were front line troops in the middle east, and who's job is "signaler" and they likewise say even with their "ass in a ditch" they get better performance out of mobile phones than they do out of the radio kit they lug around.

So I would say that in the area of communications the consumer market for smart phones is leaving formal (very very expensive) Digital Mobile Radio systems in the dust as far as the users are concerned. Thus it's time a more formal approach to securing smart phones and integrating them it employer systems was investigated in Public Service areas, on the old "If you can't beat them you might as well join them...", which as I know was the idea that caused the problematic BYOD in the commercial sector.

ianfOctober 27, 2015 5:48 AM


@ Wael “You want everything handed to you on a silver platter?”

No, not everything, merely that where I know I'm no good at, would make a mess for someone else to clean up. As I explained to @fugureitout earlier, I am keenly aware of the limits of my competence/ hence the domains of my incompetence. Can't be competent in all, it's enough that I recognize the extent of the envelope.


[…] “The lion sees a mouse reading a paper. He asks him: have you seen a mouse running? The mouse
answers: you mean the one that screwed the lion? The lion sobs: Holly sh#t, it's already in the news?

    Bad mouse OPSEC. The lion could have taken out his ire on the messenger not knowing it's the culprit. Shooting the pianist sends a signal out that's as strong as the real deal.


@ Figureitout

Not sure what's the point of trying to shield tablets or any product w/ word "smart" in it. These electronics are getting way too packed to be able to get in and at least apply a shield from a hobbyist perspective which is absolutely necessary for any sense of personal verifiable security.

Well, THANK YOU FOR TELLING ME THAT NOW that I already mutilated a perfectly nice vintage biscuit tin to act as a TEMPEST container for the iPad at rest. Filled with anti-static foam, and stored under the kitchen sink for stainless-steel added security!

    Should I expire tomorrow, and the tin gets overlooked until it's found some time way in the future when the building undergoes major renovation, I expect it to become a minor sociological sensation of once-existence of an iPad-veneration society, if not religion, that cared so for its holy devices. Of course, the battery being long depleted, they won't ever be able to read this my far-ahead prediction off its cache!


[…] “why do you need a speaker on a reading tablet, can snip that easy

Don't let your inner RF leakage warrior get the better of you: a speaker is a perfectly valid component of a tablet, e.g. for automagic readout of ebooks, or audiobooks. You'd be surprised how many people pick editions of ebooks based on their audio capabilities (which are not universal, but granted on a title by title basis by publishers).

But overall, as you say, handheld electronics are getting impossible for manual messing with… I don't remember which device it was, that in a strip-down review was written up as "basically a single custom everything chip soldered to a 20x larger than itself cardboard-like battery," but I suppose it more or less applies to most of the current <8mm thin ones.

I'm just waiting for that once-promised disposable mobile phone that was to be printed on a flat paper substrate, then folded over a few times, glued together with a bendy OLED display, and a likewise flexible plastic battery. The model I read about some 5+ years ago was a branded giveaway unit, with the brand's hotline numbers fast burned into the firmware. A second variant of it came without any keyboard: one was supposed to squeeze it in a specific fashion, then say the magic "call so-and-so," or "call number x y z" to operate. For some reason neither concept has materialized.

ianfOctober 27, 2015 8:28 AM


What does the commentariat think of Nokē - The World's First Bluetooth Padlock, complete with the tagline No Key? No Problem.

A breaking-and-entering "artist's" wet BT dream, or an Open Sesame Padlock waiting to happen?

All that I can muster up, is:

“No £60? There's the problem.”

ianfOctober 27, 2015 8:51 AM


From today's The Guardian:

Apple faces class action lawsuit over Wi-Fi assist data usage
Company faces lawsuit alleging $5m damages for feature which uses mobile data when Wi-Fi is underperforming

http://www.theguardian.com/technology/2015/oct/26/apple-lawsuit-wi-fi-assist-data-usage

Facebook users urged to check privacy settings
The site has introduced an update to its search feature which includes every public post ever made

http://www.theguardian.com/technology/2015/oct/26/facebook-check-privacy-settings-public-post-search-index

JustinOctober 27, 2015 9:54 AM

@ ianf

Keep your £60 in your wallet. Nobody on this forum is going to trust a padlock.with electronic parts. It's worse, because an electronic exploit can be programmed and prepackaged by criminal enterprises and deployed by a disposable mule they can dispatch to the site, whereas a non-electronic lock usually requires at least some skill and/or effort in person at the location to crack into.

ianfOctober 27, 2015 10:40 AM


@ Sancho_P […] “Your (2) contributes to even more confusion here

Were you confused by the #2 question, my summarized answer, or the trailing comment?

As for the iPad as a dedicated reading device… this is the fallacy that we, the users, kowtow to. It (especially the Mini that I got) has a "bookish" form factor, a wonderfully responsive Retina screen, thus should IN PRINCIPLE offer a great reading experience. Except it doesn't, not to me anyway… hardly ever use it for other things than watching canned episodic TV in bed. It's simply too heavy and unwieldy to hold up at my nose-to-screen distance for any length of time (I have the same problem with thick dead-tree books, am unable to hold them up due to their weight… which is why I am considering butchering up specific read-once-then-done volumes into more manageable segments [a fate not unlike that of "Anna Karenin" (missing "a") in this Doris Lessing's 2007 Nobel lecture.])

    As a dedicated ebook reader the iPad lacks global (i.e. across titles) cumulative indexing, tagging, annotation, cross-referencing, and linking within AND to the web, that we know it to be capable of. All that iPad now offers is a static reading and within-current-title highlighting & minimal annotation etext reading experience.

That IS the fallacy that we've collectively fallen for: we see the potential that the iPad possesses, hope that maybe it will evolve towards becoming our own pocket library with aforementioned functionality. Only that doesn't appear to be Apple's vision or intent for it, which—to be crassly cynical about it—sees the iPad mainly as a portable terminal to its many paid services. Just as Kindle is to Amazon's Kindle Store.

John Siracusa keenly observed it even before there was an iPad (2010), when Apple elected not to get involved with ebooks in any major way… at least for the time being. Below are the relevant passages (and the entire long-form essay of his is worth reading).

[JS, 2009, page 5] In 2003, Apple started selling music for the iPod through its iTunes music store (as well as) audio books through a partnership with Audible. Perhaps unknowingly, Apple had just positioned itself perfectly for e-book domination. […] Apple, and Apple alone, had the complete package: a mass-market reading device [iPod] to target—one that they owned, no less; an online store with millions of customers who'd proven their willingness to buy things from that store; unmatched experience negotiating with "digitally unsophisticated" (to put it charitably) content owners. […]

The e-book market was Apple's for the taking.

And then a funny thing happened: Apple never took it. […] What was Apple's problem? Surely the company could see how neatly e-books would fit into its business. [Steve Jobs in @nytimes]: "It doesn't matter how good or bad the product is, the fact is that people don't read anymore, 40% of the people in the U.S. read one book or less last year. The whole conception is flawed at the top because people don't read anymore." […] Apple ignored the e-book market because it was just too small to care about. […] To Apple, the entire world of print publishing was but a molehill. And so, the heir apparent to the e-book throne looked away.

And there, alas, we stand.

name.withheld.for.obvious.reasonsOctober 27, 2015 10:51 AM

Be forewarned, cosmic burst response...

@ Wael

I thoroughly enjoyed your comments and laughed out loud at both the tenor and your arithmetic acumen (counting the number of miss/hits-though I thought the web hits comment I made was the funniest).

I bought the book. Kindle edition, no less! Lol So tell me: why did you plead with us to read the introduction? What was there that you wanted to draw our attention to? Sorry Wael, I was appealing to Nick P's propensity to garner information related to design books. The book sees the relevance and importance of both a analog and digital view of the world. Nick P has been struggle with his own analog/digital divide.

My belief is this is universal, analog never meets digital even when they attend the same meetings. I have a friend (believe it or not) that is a analog genius...he has received "conceptual design" awards from various large institutions/companies/government(s). The two of us together seem to be able to answer any challenge--his deep analog skills and my analog/digital skills allow us to breach specific design challenges across disciplines (communication, computation, power, transmission, and basic science). It was working together that we've cracked a really interesting nut (ironically free space is a big component of this work) that we have yet to publish.

I find what Tim Williams is emphasizing is a need to be able to see both sides of different coins and that our classic education produces unimpressive results. He also emphasizes the power of our institutions to produce mediocrity that passes for qualified engineers and designers.

I believe Tim is correct...our world is, for the most part, and analogue system. Discrete components in the digital world have little on our photo-chemical biological systems that compromise most of the living world. Many assume digital technology is the be-all-end-all, to my mind digital technology is best expressed by linear-only thinking and not non-linear reality.

Your quantum view is 'possibly' incorrect in that there may in fact be more than the spatial relationship (point-in-space) between known states of matter. Wolfgang Pauli was working on something very interesting regarding what he termed synchronicity in time (loosely paraphrasing). So what may seem to be discrete moments of matter/energy and their associated transients in state (I so see where you weren't) may in fact may be something else (I so see you being elsewhere). My attempt at quantum comedy...

name.withheld.for.obvious.reasonsOctober 27, 2015 11:08 AM

@ Figureitout
Apologizes for not getting back to you sooner...you'd asked about my experience at IBM. No, I personally am not mentioned on any patents, that's typically reserved for the senior team scientists (Principle and Contributing), but I had the opportunity to work with international teams that worked on any number of technology projects. We often had team meetings between Japan, Germany, and Israel that we'd convene for weeks. I do hold my own patents and know the patent process a little to well (familiarity breeds contempt).

To make a general statement about my experience; it was the best of times, it was the worst of times. I do recommend that individuals get some "big shop" experience under their belt. Seeing and being part of large and complex projects can give one a better sense of how things can get done. And, big science is some of the most fun if you get a chance to do it. I was impressed with most people having the can do attitude. It was one of the more technically capable organizations (at the time, I don't know how it is now, everyone I know has scattered to the wind).

And boy, do I have some stories...

name.withheld.for.obvious.reasonsOctober 27, 2015 11:45 AM

For you Figureitout...you might want to experiment with something interesting.

Again, be forewarned,

// Stream of consciousness mode ON

Think of a 64-core 8bit uproc platform, to my mind a uprocessor and 64kbytes of RAM is enough to do almost any compartmentalized task. I would divide the platform in two's, leaving two processors for inter-processor communications and a very light, think of OS-9 or QNX's microkernel design. A dynamic I/O controller would be necessary to make it a GPU of sorts but it could be a very high performance parallel processing platform that is light in code length (seems modern computing is computationally serialized, data wide, processing model). A very light ASM controller and synchronization core could work as the glue instead of a microkernel architecture (my preference). To summarize; a two by thirty two hardware platform that is robust and highly parallelized (great for analog and digital I/O glue) and I imagine could be physically small and energy efficient. Clocks could be shunted where cores are not powered/needed.

// Stream of consciousness mode OFF

Seems something Nick P might be interested in as well...don't know of an architecture that is generally available that meets this type of operational behavior.

WaelOctober 27, 2015 12:25 PM

@name.withheld.for.obvious.reasons,

...your arithmetic acumen...

Oh oh! Seems I lost a bead off my abacus!

Quick, put up a pro-Jihadist web site and see what kind of hits you get...I bet one of them is from a hellfire missile.

Yea! That was pretty funny, I saw it but I didn't feel like butting-in the discussion. Ok, two out of 17 :)

name.withheld.for.obvious.reasonsOctober 27, 2015 12:54 PM

@ Wael,
You got me to thinkin'; how about a new tag for referrer/browser agent:

U.S. Gov Targeting Agent/Browser Hellfire Ver 2.0; Last Link You'll Ever Reference

Better check my apache agent logs, maybe it is already there....

Nick POctober 27, 2015 1:01 PM

@ name.withheld

"Sorry Wael, I was appealing to Nick P's propensity to garner information related to design books."

Appeal accepted!

"The book sees the relevance and importance of both a analog and digital view of the world. Nick P has been struggle with his own analog/digital divide. "

"I believe Tim is correct...our world is, for the most part, and analogue system. Discrete components in the digital world have little on our photo-chemical biological systems that compromise most of the living world. Many assume digital technology is the be-all-end-all, to my mind digital technology is best expressed by linear-only thinking and not non-linear reality."

Well put on 2nd one. The world is certainly analog from electronics to even our brain. Hell, I pushed in some forums for neural nets to include more analog circuitry to reflect the fact that they're analog and for performance/power advantages. One product designer told me they're doing exactly that. :) In any case, it's clear that the world isn't binary and the binary devices all reduce down to wires at the bottom. The crystal ocillators, power supplies, transistors, pads, and so on make a giant-ass, analog circuit (or circuits).

Now, what about the divide where people look at them as separate? It's not ignorance or a myth: there's a real divide. I think you've been in the custom stuff too long to see why people think that. A generalist like me with a foot in a dozen doors can see the various perspectives clearly. So, let me repay the favor and help you out this time.

It starts when we learn certain transistors and constructions are better for digital. Certain ones for analog. We then learn that digital logic can be expressed almost entirely in primitive cells and a few macro-cells. They come with weird wiring (analog) we don't understand plus truth tables and math functions we do understand. We find that about any function can be reduced to these cells. We learn that there's rules for how to power them, connect them, lay them out, and so on. There's abstract languages to help with that along with tons of tooling for every aspect of it with much automated. Analog is still just wires and schematics at this point. Divide begins there. Now let's look at methodology.

The digital designer of today will likely use Standard Cell model. Designer first tries to understand the problem. The problem will be modelled somehow, maybe simulated. This gets converted into a VHDL/Verilog representation that will also be simulated/tested. That's typically synthesized into RTL. There's ways to prove the two are equivalent. This might also feature 3rd-party components (macrocells) with their associated RTL, timing, and power data. The RTL is further synthesized into pre-made gates with optional gate-level simulation or equivalence checking before a prototype is made. This part might get reworked with different inputs into the tools based on resulting delays, yield, errors, power-usage, etc. The designer can do a lot of this while barely understanding how the cells themselves work: just the rules for working with them. Tools like Calibre or MAGIC will even catch many mistakes in that with design rule checking. Example of the process here.

The analog designer has a custom flow with mostly different tools and rules. The designer also takes a guess at solving the problem. The designer goes right to a sketch of a potential circuit/schematic maybe with some blanks. Then, the designer starts building and testing circuits in their toolset to try to match that. They don't work. So, the designer measures things like voltages in blocks and then individual components trying to figure it out. The designer modifies the circuit to fix that. The designer looks for various forms of noise and instability, modifying circuit to handle it. This process of guessing, measuring, and tweaking continues until circuit seems to work. In ASIC's, maybe boards, the designer must also work with digital people to ensure circuit works with their system and account for the fact that their digital circuits create noise that affects the analog. Altogether, a very tedius, manual process that happens with little to no abstraction right at the wires themselves.

So far, comparing analog with digital, one would think the two had nothing in common. Looking at papers, people might notice a detail here or there that are common but they're too rare to make a broad, mental connection. That's because digital's binary little world and simple representations of cells let it be synthesized, analyzed, transformed, moved around, and so on to the heart's content. The tools for doing this do so much of the work that many digital designers' job is more about figuring out what to input into the tools to get results right than really understanding the circuits themselves. Many of them would probably look confused if you asked them how they'd do it with op amps. They'd probably struggle if you asked them to design the function with custom gates, flip-flops, etc with specific electrical properties. This means the divide is real rather than just in our minds and is driven by the different work requirements/flow.

Now, that brings me to where I see the two applying simultaneously: full-custom, digital design. That works at the gate and transistor level directly. Some of this builds on the boolean stuff as usual. However, the lower levels resemble analog work and the kind of thinking those engineers do to get things done. It took me a while to connect these because of endless repetition by industry that certain transistors/flows were for digital and others for analog. Yet, it was easy to call bullshit the first time I saw how library cells are designed. This method is for digital use, but employs analog methodology above. It's certainly tool-supported, but not *created* by tools: engineer's creativity and knowledge produces the circuit itself with much trial-and-error in verification. So, here we can see that the two are the same thing underneath.

Past that, they're still totally opposite. So, the methods, tools, and so on make standard-cell, digital design totally different from analog design. However, the more correct way to put it might be that there's a huge divide between *standard cell model* and full-custom design. I think that model is really where the divide is. People versed in it think it *is* digital design rather than a limited, abstract form of is. Real digital design works same as analog design if done at full-custom. So, the proper division should be standard cell vs full-custom analog/digital. Haven't gotten there yet in my studies so I'll leave it to you to determine if my division is proper way to look at it. I'm more sure of my assessment of the digital-vs-analog divide because signs of it are in every non-full-custom, digital paper I read.

Another way the fascade is crumbling is in mixed-signal ASIC's. The modern ASIC's are having to use many more analog components than in the past. They have to tie them together pretty closely with the digital blocks. The demand side of this pushes for more people to know both digital and analog design. Especially, for them to see when they should switch from one to another for a particular function for performance, power, or precision. Leads to next part of your post.

"I find what Tim Williams is emphasizing is a need to be able to see both sides of different coins and that our classic education produces unimpressive results. He also emphasizes the power of our institutions to produce mediocrity that passes for qualified engineers and designers."

I totally agree: they need to be doing much more for analog and fundamentals. I think part of it is visible in the common gripe from students that analog is too hard, boring, or irrelevant. The reason must be their teachers and textbooks. Hence my search for good starter and supplementary books to solve part of that problem. Narrowed it down to 3-5 books that cover vast majority of what people need for theory and practice. Given size of the field, that's quite a result in itself.

A curriculum would be next step. It needs well-thought exercises that not only teach students but help them learn incrementally and enjoyably. Should be lots of toy projects, breadboard, and SPICE work. Maybe throw in a hint of elitism once they see standard cell model and huge monstrosities it produces vs their creations. They know they could probably do better on any individual component, can customize the gates/latches/macrocells if need be to make tools do better, and can drop in analog where it counts (esp signal processing or calculus functions). Gotta be motivation and real value in it for them.

There is a flip side to that. Universities often try to produce what's in demand. Most of demand side is digital with standard cell model. That's how almost everything is produced basically for cost-effectiveness and time-to-market. The university making all its students practice analog for years will probably have no digital I.P. to license, cool tech published, or cheap ASIC engineers to bring to market. So, the incentive probably is to teach them just enough EE to understand digital logic and working with those tools. Plus, they can teach them the tools while letting them try to make stuff. These factors produce both a need and incentive to skip passed analog or true understanding.

So, what to do? I'm not sure. I'd say there's two routes. Option A uses a book like Electronic Principles to teach analog first during maybe first two years of college. That it's not math-heavy or anything means EE's could in theory pick up a good bit of it by Associates degree. Might also teach basic, digital logic or discrete mathematics at this phase. By Bachelors, they start doing digital design and more analog in parallel. Students should have mastery of digital/boolean logic and fundamentals for RTL in first six months. Rest of their Bachelor's is VHDL/Verilog along with how to use it with synthesis tools with FPGA's for practice. At some point, the students will be working in analog classes on same types of gates and primitives their digital tools use. The mental connection between two fields will start here. By Bachelor's completion, the student is already useful in the marketplace as cheap labor for FPGA's at least and probably in a good position for self-study with various books/articles.

However, education continues with Masters level. The student already can do basic, Standard-Cell designs while understanding analog enough to have many projects and PCB's under their belt. The student continues learning tricks like those in High-Speed Digital Logic to improve the performance and reliability of their digital ASIC's. Much focus on verification here, too. The analog transistions into more full-custom work that might benefit digital designs. Should be at least one class or project covering cell libraries with advantages of specific types of flip-flops, gates, tri-state buffers, etc. End of Masters should be a competent digital or analog designer who can also do basic mixed-signal ASIC's. The student sees how each side connects with the other and how they work underneath.

Note: PhD's can all focus on better approaches to any existing problem in digital or analog. Preferrably improving EDA tools for synthesis, testing, and formal verification. Put the brightest on that with industry partnerships so they're informed of real-world issues by pro's. Keeps the methods practical.

So, there's my guess at how it might be done based on my non-existing knowledge of analog and digital hardware design. :) In any case, the proposal must push for real understanding you speak of while simultaneously being practical on digital side with real deliverables for universities and market. So, a parallel approach will be necessary. I think the mental divide will help in this situation. Trying to learn C and Java at same time, for instance, can trip someone up because things in one are supposed to look like the other for familiarity. Trying to learn Standard Cell synthesis and full-custom analog simultaneously shouldn't cause any problems at all given the stark contrast. By time student gets to full-custom digital, the student will just be applying his or her analog skills to produce specific, digital functions. The mental integration should happen at that point and divide disappears assuming parallel learning hadn't eliminated much of it already.

Your thoughts?

name.withheld.for.obvious.reasonsOctober 27, 2015 1:38 PM

@ Nick P

Some quick thoughts so you needn't suffer feedback withdrawls. Duty calls...

At an IEEE conference meeting held at a university several years ago, a senior fellow asked me what I thought would be a good time to encourage mentoring and to what education level. As most of the emphasis was at the graduate level, I explained why I believed it needed to happen at the "middle school" level before hormones drive the desire to learn into the desire to procreate (I didn't say that exactly--I add the hormones for humor--but I am serious about middle school for the appropriate place to introduce these concepts). The senior fellow looked at me with great surprise--literally responding by saying "Students are not relevant until they enter university." This I believe IS the biggest problem, students are not inherently inspired in any subject(s) areas.

Several year prior to that I was approached the director of a post-graduate multidisciplinary studies group at a prominent university. Her focus was across the "media" spectra whilst I was focused on engineering and science disciplines. I drafted a curriculum focused on cross discipline and interdisciplinary courses that could be beneficial to future grads. As is with most of my ideas, since they are sooo out of the box, it was met with extreme prejudice--mostly the institutional "We know what we are doing!" reasoning. Hard to get past people who can't, not just won't, listen.

Nick POctober 27, 2015 2:14 PM

@ name.withheld

"8-bit micro with 64KB of RAM enough to do any task"

I'm not sure about this due to my inexperience with 8-bits. I do know that what SymbOS can do, despite it being a marvel, doesn't compare to my desktop in the slightest. Besides, didn't a wise person say all we needed was 640KB rather than 64KB? ;)

"64-cores"

Now we're talking something I might use outside a toaster.

"Two of 64 are for inter-processor communication."

Dedicated I/O processors go back to mainframe era with Channel I/O. I pushed that for embedded, too, with Ganssle's Embedded Muse publishing that post. Ganssle pointed out even embedded suppliers are re-introducing the concept with some chips that have higher-end core for computation and low-end core for I/O offloading. In my own designs, I also include at least 2 for one of two reasons: storage and networking are two forms of I/O that are heavy with interrupts, maybe justifying their own cores; can split trusted and untrusted functions to avoid/reduce covert timing channels.

"dynamic I/O controller for GPU usage."

What the hell does that even mean? GPU's are best done with custom hardware. When not, they do enough work to saturate your whole processor doing just their job. I'm not seeing it good for a GPU.

"modern computing is computationally serialized, data wide, processing model"

You must have missed the volumes of articles in past 10 years on SIMD, "multicore era" and CUDA/OpenCL. Along with all the tech to use them better. :P

" A very light ASM controller and synchronization core could work as the glue instead of a microkernel architecture (my preference)."

The microkernels are relatively simple so that could work in theory. I've considered it myself. Actually, it's worth remembering that Intel's i432 APX did many kernel functions in hardware and microcode. A little-known benefit of this, demonstrated in ancient Nucleus kernel, was that key primitives of the system can be standardized below OS level and keep its architecture consistent as a whole. Quite opposite of what we see with Intel, C, UNIX/Windows, etc.

"a two by thirty two hardware platform"

I'm not getting that part. It doesn't match any topology I've seen in either HPC or multicore. They almost always use multiples of 4 if there's lots of nodes with interconnections to minimize delay and keep coherence. Many onchip networks have rings in their diagrams as well. I can see many tiny cores as this has already been done many times. I just don't see the part where two at a time are repeated 32 times on same SOC given how NOC's typically work.

"Clocks could be shunted where cores are not powered/needed."

Or we just do clockless given asynchronous approach has already been applied to microcontrollers down to (I think) 45nm. They had performance boost plus huge power savings. Eliminates requirement to synch timing, too. Every paper mentions how that contributes to first or second time success in silicon. Middle ground is Sandia Secure Processor's use of regular logic plus asynchronous I/O to avoid interrupts and similarly ease analysis.

"don't know of an architecture that is generally available that meets this type of operational behavior."

There's been quite a few. They all bankrupted due to no demand (FPGA's/DSP's/GPU's were good enough) or got acquired by competition. Ambric is a good example and one of my old favorites. Just a very tough market. Only thing I see that's consistent is whatever you build has to use an easy programming model on software end (see GPU/CUDA success) or do better than Xilinx/Altera's FPGA's on hardware end. A tough nut to crack even for embedded given all the good DSP's and FPGA's with great performance-to-watts ratios.

I thought it was funny when I saw you mention 64 8-bit cores given I recently emailed Jack Ganssle a joke about how I'd propose a multicore chip for high-end, embedded market with 128-1,000 cores! They'd think it was great until I said they're 8-bit. They'd all leave lol. I had to follow-up on that email when I found out my joke already happened. It had a 32x32 stripe config which matches other topologies that I think were symmetrical and kind of tiled.

Far as streaming, I've visited this before because I needed an open GPU during my research into open, non-subverted hardware. The problem is nobody ever pulled off an open GPU to completion. I also noted use cases for SIMD, MIMD, DSP, pure streaming, and so on. Budget, if I ever got it, would be too limited to do it all so need consolidation like in CPU side of things. I then noticed that many people did SIMD stuff and emulated GPU's with DSP's. Designs like Ambric and Tilera might handle it, too. So, I figured a nice start would be a streaming processor with a lot of cores that could handle about any data-parallel workload, including graphics. One design that could be used in anything at least until workload-specific stuff was developed.

That would be hard, though. So, what to do? I remembered academics constantly produce SIMD's, DSP's, graphics-specific stuff, etc. Surely a good one exists that might just be licensed/bought/free and source coming with ASIC's optionally. The best one I found, with unknown licensing, was this family. That's enough cores to get some stuff done. The old one is on an nicely accessible 180nm process while the new one could be exceeded on a 45nm process with pro's and EDA tools. The AsAP2 could have a few custom units specific to graphics like what was in old SGI InfiniteReality graphics. Just whatever gets it at least OpenGL 1.0 to take advantage of all existing tools or libraries that targeted it. Additionally, the versatility, core count, and their power should help on DSP workloads.

If it's not available, just copy it and tweak it with your specific ideas. The method is already proven down to 65nm with 1 trillion ops/sec at 9.2 watts. Other one was 600Mhz at 2V, which is still good. Even Kilocore might have been more interesting with such an approach. However, I still think it's better to use 32-64 bit cores for computation and key I/O given what people use multicore for. Just more suited. However, could make it heterogenous with tiny cores on board for whatever they could handle like keyboard/mouse, power management, sensors, whatever. Maybe a lot more given what I/O I see on 8-bitters. So, it seems one could knock out some of the heavyweight cores for lighter ones. I'd suggest keeping the programming model as similar as possible at least at assembler or interface levels for the two core types.

While that's interesting and all, I still think the coolest thing I've seen is the Archipelago FPGA. They are still working to add things like MAC to transform it into a real contender. However, making that thing work with or without MAC on a good toolchain (esp Qflow w/ YoSys) at 45nm or even 90nm would be the best thing a person could do for OSS hardware. Combined with breadboards or existing "maker" products, it would make hardware design a lot more plug-and-play with us able to understand everything down to the logic slices. And for pro's, down to the transistors as the FPGA itself and tooling are open to verification. People could even respin it on new fabs if they wanted.

From that, a matching via-customized approach a la eASIC's Nextreme would be developed for increased efficiency and reduced cost. I know just the people for the algorithsm. From there, an ASIC conversion strategy that pro's could use at RTL level to quickly turn it into a pure ASIC with it ideally designed for the FPGA/S-ASIC like in the link. Real advantages to doing that. From there, optionally do a metal-configured, S-ASIC offering as I have a paper or two showing they're superior to via-configured S-ASIC's in metrics important in volume production.

So, there you go. Look into the academic offerings in DSP comparables to shortcut a DSP or GPU development. Also, an open FGPA on a low-enough process node can simulate anything you can think of esp if it's 8-bit and the S-ASIC might be more efficient than your actual ASIC due to power advantages of deep-submicron nodes. Far as CPU's, the best CPU design that supports easy customization into a tagged/cryptoed/whatever processor for secure computation AND an I/O processor for secure I/O handling. The two can share quite a bit of their inner machinery with outer layers being where most differences are. Sharing = NRE reduction. These are the three best projects to tackle in terms of hardware as they solve the most problems. The FPGA is really the most important given FPGA's can effectively or half-assed solve almost any hardware problem in computation or simulation.

So, there's my $20,000 worth. Feel free to send the check in the mail promptly rather than lazily. :)

Clive RobinsonOctober 27, 2015 3:31 PM

@ name.withheld,

8-bit micro with 64KB of RAM enough to do any task

Such arrangements have be discussed here before. If you search for "RobertT 8051" you will find some.

I personally was looking at a slightly different system.

Imagine that you had either an 8bit or 16bit Harvard CPU with say 16K of local RAM, and an MMU that connects to say a GByte or two of external RAM. The MMU control lines are not under the control of the CPU that it manages memory for but a security hypervizor.

In essence each CPU is in a prison behind the MMU, it was the basis for my Prison architecture.

Nick P has expressed a dislike for the Idea, Wael on the other hand seems positively intrigued by it and calls it C-v-P or CvP depending on his mood. However Nick P extracted a promise from him not to talk about it again, or something like that. I'm relatively sure both of them can give you their views and probably will do ;-)

Gerard van VoorenOctober 27, 2015 3:34 PM

Joanna Rutkowska, the creator of Qubes OS, wrote the paper "Intel x86 considered harmful" [1]

The message is pretty clear. The Intel x86 chain of trust (TCB) is too large and complex. It's also fundamentally broken. You don't have a chance against a state actor, no matter what OS you use. That includes Tails and Qubes.


[1] http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

Nick POctober 27, 2015 4:44 PM

@ Clive Robinson

"Nick P has expressed a dislike for the Idea, Wael on the other hand seems positively intrigued by it and calls it C-v-P or CvP depending on his mood. However Nick P extracted a promise from him not to talk about it again, or something like that. I'm relatively sure both of them can give you their views and probably will do ;-)"

I dislike the practicality of it vs security-enhancements in the literature with low-overhead processor modifications. I actually encouraged you to build and test it. Anyone can as exploration of different ideas is always a good thing. :)

Far as CvP, I just disagree that your castle metaphor applies to stuff I promote. It applies to other things and your Prison metaphor is good for your designs. Further, I think discussing the actual technologies and what they achieve vs specific risks is more practical than the same old metaphors. So, that's my only gripes. Feel free to continue it if you want. It's just not really applicable to the solutions I'm promoting and investigating.

@ Gerard

It's a great write-up on the issues. I gave her due credit on HN for that. There's quite a discussion going on over there on the topic. I agree with John Nagle ("Animats") that the backdoor issue is never addressed enough given that everything we know about AMT and vPro suggest pervasive backdoor circuitry. Everything I've learned about ASIC development suggests a high possibility of deniable, exfiltration circuits being in there just to reduce costs across product lines.

So, x86 is bad on inside and outside far as for building security-critical products. People are just going to have to give up any advantages or ISA-specific software it has if they want to trust their boxes. Probably no way around that even with clever emulation like Transmeta had or Loongons are doing. Compatibility will dictate problems.

WaelOctober 27, 2015 5:06 PM

@Clive Robinson, @Nick P, @name.withheld.for.obvious.reasons (nw4),

C-v-P

Nick P! So your main gripe is what you are promoting can't be described by a "Castle"? you may change your mind after you read some more "analog" things :) I'll have to rehash the discussion in a few short paragraphs and share it later. I know I said that previously, but "stuff" happens...

Nick POctober 27, 2015 5:21 PM

@ Wael

Well, the original reason for terms was contrasting our two approaches to security. So I think it's reasonable for me to object at a metaphor that doesn't quite fit, esp as my methods evolved. Many technical and philisophical aspects of the discussion still have value.

Far as analog, can't wait to see what you mean by that. Anyway, only disappointment is that book doesnt mention Phase Locked Loops: used in all kinds of digital and other products. Was hoping to read on them from this author with his style of writing. Maybe they're just a technique more modern than the book.

The section explaining transistor manufacturing and that only 3 components were available on IC's is hopeful. Might let me semi-cheat on analog design or synthesis by reducing everything to combinations of just 3 components. Have a feeling it won't be that easy given state of analog synthesis market. ;)

Nick POctober 27, 2015 5:34 PM

Aha! Took another stab at it and hit pay dirt. The author explains PLL's so clearly that I understood exactly how they work before the article got to the first example. I'm sure it's more complex when syncing multiple clock domains on nano-whatever processors but probably a variation on same tricks. Good stuff.

WaelOctober 27, 2015 5:57 PM

@Nick P,

Well, the original reason for terms was contrasting our two approaches to security

That's not how I viewed it!

So I think it's reasonable for me to object at a metaphor that doesn't quite fit, esp as my methods evolved.

Very reasonable because your methods do include prison-like mechanisms! The data diode ("diode" has a new meaning to you now, doesn't it?) is one example you promoted which can be modeled by a prison (or hotel California where you can checkin, but you can't leave.) Good thing that your method evolved, but based on what?

Far as analog, can't wait to see what you mean by that.

Here is a glimpse from the past, you don't have to look at the link; the pertinent part is quoted below:

These models were used to simplify design and analysis of complex circuits. For example there is the "ideal current source" and the "ideal voltage source". You can replace ideal with "perfect" as well. I tried to do the same for Security. What parameters would allow an ideal or perfect "Security" model to exist?
only disappointment is that book doesnt mention Phase Locked Loops: used in all kinds of digital and other products

My memory must be failing me, I thought he discussed PLLs. The book isn't in front of me to verify. If it's not there, then I understand. No book can cover every topic. You'll find this topic in other more advanced books (I can recommend, but later.)

Back to C-v-P: Don't think of it as Clive-v-Nick P! Both architectures and methods you proposed are hybrid C/P, if you will! The idea was to look at "pure" castle and "pure" prison and go from there. Just like the analog example above. It could be a pipe dream, but could be fun too (you flip-flopping bast****) ;)

Nick POctober 27, 2015 6:17 PM

@ Wael

A data diode is best modelled as a one-way flow, not a prison. You'd more easily represent it with a metaphor of a waterfall of information than a Prison: water always comes down from high but can't come up due to physics. I mean, I might look at it differently once I know the EE forces that make them work but the model is one-way flow. The flow model is also so simple that this security technique is instantly understood by any layperson I talk to in a way that's still technically accurate. A rare feat.

Re "Back to C-v-P: Don't think of it as Clive-v-Nick P! Both architectures and methods you proposed are hybrid C/P, if you will! "

Now you're beginning to understand: that was one of my major objections in a previous discussion. I pointed out Prison matched isolation architectures esp with communication and concurrency. Further, the trust issues Clive described for Castle apply to his when it's on an ASIC because you essentially have to trust whole thing, its tools, and its mask maker. So, past a fun discussion, its application weakened to the point we were arguing the metaphors more than the characteristics of the actual tech.

And my changes on that led to huge improvements in security effectiveness per dollar or watt invested over prior approaches with separation kernels, ARTIGO's, KVM's, etc. So, strengths and weaknesses of specific schemes is what I prefered to discuss. Gotta work out which knock out the most risk at what tradeoffs and implement from there.

Clive RobinsonOctober 27, 2015 6:18 PM

@ Nick P,

The author explains PLL's so clearly that I understood exactly how they work before the article got to the first example.

Which type of PLL...

How about fractional N with phase accumulation? Sigma-delta?

Trust me there are many types out there, some are analogue, some digital but most a mixture with a digital phase detector and analogue integrator. Though have a look at the 74124 74297 and the data sheet for the 4046 and later 74ALS4046.

Oh and do you get the difference between Phase Locking, Frequency Locking and Phase Frequency locking and why you might want to use one in preference to an other? And why you have to use different types of integrator with them.

As with many things that appear simple, it's actually deceptively so and the devil hides in the details.

Oh and if you want some fun look up a "Huff n Puff Stabilizer" and then how you might use a frequency counter to stabilize a VCO...

I've designed and built systems with all of the above and I can assure you it's all good fun to an inventive mind, and a steady hand with a soldering iron.

Nick POctober 27, 2015 6:54 PM

@ Wael

You should've given this Darwin Award winner your RF book and maybe some brain stimulants:

"Telephone relay company night watchman Edward Baker, 31, was killed early Christmas morning by excessive microwave radiation exposure. He was apparently attempting to keep warm next to a telecommunications feedhorn. Baker had been suspended on a safety violation once last year, according to Northern Manatoba Signal Relay spokesperson Tanya Cooke.
She noted that Baker's earlier infraction was for defeating a safety shut-off switch and entering a restricted maintenance catwalk in order to stand in front of the microwave dish.
He had told coworkers that it was the only way he could stay warm during his twelve-hour shift at the station, where winter temperatures often dip to forty below zero.
Microwaves can heat water molecules within human tissue in the same way that they heat food in microwave ovens.
For his Christmas shift, Baker reportedly brought a twelve pack of beer and a plastic lawn chair, which he positioned directly in line with the strongest microwave beam.
Baker had not been told about a tenfold boost in microwave power planned that night to handle the anticipated increase in holiday long-distance calling traffic.
Baker's body was discovered by the daytime watchman, John Burns, who was greeted by an odor he mistook for a Christmas roast he thought Baker must have prepared as a surprise. Burns also reported to NMSR company officials that Baker's unfinished beers had exploded. "

@ Clive

Alright, alright point proven lol... I was just saying I think I understood the concept behind how they work. Im guessing when syncing clocks, they all modify the signal (s) or oscillator to deskew it based on a circuit(s) detecting drift. I get what they're doing more clearly if not a specific implementation. The sheer number of things in the intro book shows me the actual details will be a learning experience and many surprises for a long time if I pursue analog.

Thanks for the specific details and parts as I might look them up to see how creative people are getting. I know I saw a recent paper that did all-digital PLL or something like that. Apparently, it's pretty hard...

WaelOctober 27, 2015 7:57 PM

@Nick P,

You should've given this Darwin Award winner your RF book and maybe some brain stimulants:

Oh, you're such a cold-hearted snake! The poor guy didn't know any better, and no one explained to him the risks of exposure. Besides ...

Baker's body was discovered by the daytime watchman, John Burns, who was greeted by an odor he mistook for a Christmas roast he thought Baker must have prepared as a surprise. Burns also reported to NMSR company officials that Baker's unfinished beers had exploded.

Open and shut case, Nick P! John Burns roasted the guy, it's written all over him! How can you not see that? Survival of the fittest? I guess the award should go to Mr. Burns :)

Sancho_POctober 27, 2015 7:59 PM

@ianf

I was referring at
”(2) whether iOS continues to "shore up" such data during Airline mode for uploading of that after connectivity has been restored.
• Answer: in all likelihood YES, though probably not to the ebook DRM provider directly, but to the iBooks vendor”

In my view the (i)OS is the central server, the master of the (small) universe, the overlord who decides about life and death of any application (this is not true for most OSes, esp. Wincrap, where sometimes the taskmanager can’t be brought up when you’d really need it).
The iOS is very close to that above mentioned concept by sandboxing the apps.

Now your “such data” seems to refer to (1), “usage data” and iOS mothership, thus referring to OS internals, not app data (how long / often you were reading ebook X, use of bookmarks, links, …).
Your answer starts good (“YES”) but the rest doesn’t fit into my picture,
iOS wouldn’t “shore up” anything app-wise on it’s own to send it later to - whom exactly? I guess iOS doesn’t really care which book belongs to which provider / vendor / reader app / genre / whatever.
The reader app may, though.

However, I agree, the iPad is a nice browser, camera, beautiful display for photo / video,
- and too heavy.
The sad part is that they cripple OS X (apps) down to iOS, that’s enough for Facecroock and Shitter, the future is mobile and touch, isn’t it?

But regarding books I’m afraid Steve was right, where I live people have bookshelves with faked books, just for display, no one cares to read _anything_, the oldies didn’t have the time, the younger generation has TV (and unemployment benefits).
And that's enough for our short future.

Nick POctober 27, 2015 8:16 PM

@ Clive

Interesting variations on the PLL's. The NXP datasheet stood out from the rest in terms of quality. The Huff-and-Puff concept is a trip. So, you just turn a knob and it locks on whatever you stop on? Sounds like a low-tech solution to a hard problem haha.

Here's that digital PLL. Accidentally discovered some free tools along the way. Interesting that you said fractional N and sigma-delta: the author, Michael Perrott, developed high-speed, sigma-delta, frequency synthesizers in his prior work. High-modulation, low-power fractional N's, too. There's you some serendipity. :)

@ Wael

"The poor guy didn't know any better, and no one explained to him the risks of exposure."

That's not what the quote says: already suspended for disabling safety on them. At this point, he either was told they could hurt him or had opportunity to apply common sense (safety mechanism = potential danger). Wonder how long it took him to cook. He apparently got fried before he could move or was physically disabled for the slow cook.

"Open and shut case, Nick P! John Burns roasted the guy, it's written all over him! How can you not see that? Survival of the fittest? I guess the award should go to Mr. Burns :)"

(old, slow-paced, methodical Southern accent)

Only question is whether it was manslaughter or murder. You see, very important is the relationship between Mr. Burns and the deceased, Mr. Baker. Mr. Wael, were you aware that Mr. Burns and Mr. Baker were both members of Alcoholics Anonymous? And that Mr. Burns was his sponsor? It is very possible that Mr. Baker had snuck off to break his commitment to sobriety and violate the trust of Mr. Burns. Seeing the beer and knowing the patterns, Mr. Burns may have planed for the majority of the beam to hit the beer. The resulting explosion would keep the alcohol away from Mr. Baker and shock him into avoiding any further incursions into alcoholism. Little did Mr Burns know, the antenna had been upgraded to cover a wider space with more power than before. Lacking this information, Mr. Burns activated the antenna, tried to rescue his long-time friend, and mistakenly took his life instead.

To any listening, let me be clear: Mr. Burns did not... murder... Mr. Baker. This was a tragic accident resulting from the best intentions of a man who deeply cared about Mr. Baker's future. The real killer is... the Steel Reserve Brewing Corporation. Those high-octane, sons of bitches should be tried in here today and hung for their crimes against humanity. And Mr. Baker.

FigureitoutOctober 27, 2015 9:52 PM

ianf
Well, THANK YOU FOR TELLING ME THAT NOW
--Easy, deep breaths. Sorry your porno fetishes will get out, they're quite freaky mate. :p

It's not like you do a lot of real work on it eh? I wouldn't connect an email account to it that you care about. It's just a reading device and a potential jumping point for malware. Assuming you can take care of wifi/BT on an offline device I like having internet device next to it if I'm doing some offline work.

name.withheld.for.obvious.reasons
--No worries, ok interesting. Yes another benefit to "big shops" is the equipment/labs you get access to. My dad said it was nothing for everyone where he worked to have their own $60,000 network analyzer at their desk, remember walking thru the labs a bit too as a kid.

RE: your 64core 8bit platform
--Sounds nice, would it be a small desktop like device? I'd love something like that in a laptop formfactor; then being able to interface w/ some common filetypes/systems is the next hard part...

But I'm not even close to such a system, working on my roots of trust (probably be here awhile....).

name.withheld.for.obvious.reasonsOctober 27, 2015 10:20 PM

@ Nick P
Dude, I worked on the NUMA architecture both prototyping SIMD, MIMD with global and local memories of various layouts, constructs, and architecture....(Paragon, 390S, and PowerPC).

Again, I am not sending you a check--I have envisioned to near RTL level a hardware-based FPGA/ASIC uProc multi-core architecture that is not dissimilar to what Clive has described. Believe me, I had the opportunity to work on scalar architectures at the most advanced level. Not to brag, just to give perspective from where I sit.

I do appreciate all your banter though, it serves the community as a whole. For me, been there done that. Today, as in recently, I have given up on the tech community as it has been unable to address the EFFECTS of technological BS and the impacts ON/TO SOCIETY. I used to be a member of CPSR...that ought give you a flavor concerning my demeanor (the older I get, the demeanor I get).

WaelOctober 28, 2015 1:30 AM

@name.withheld.for.obvious.reasons,

the older I get, the demeanor I get

I'm keeping score, you're on a roll. Lol

ianfOctober 28, 2015 1:44 AM


OT from today's Guardian:

The force awakens: tractor beam becomes a reality

Science fiction becomes fact as scientists develop an acoustic hologram which can hold and move objects, but its uses will be more surgical than Star Wars

http://www.theguardian.com/science/2015/oct/27/the-force-awakens-tractor-beam-becomes-a-reality


EU net neutrality laws fatally undermined by loopholes, critics say

New rules requiring internet traffic to be treated equally are voted through by MEPs but amendments aimed at closing a series of exemptions are defeated

http://www.theguardian.com/technology/2015/oct/27/eu-net-neutrality-laws-fatally-undermined-by-loopholes-critics-say


Europe finally abolishes mobile phone roaming charges

[OUR TAX €€€€€€ @ WORK —ed.]

MEPs push through legislation to cut fees for use of mobiles while travelling in EU, with holidaymakers able to call, text and surf at UK rates from mid-2017

http://www.theguardian.com/technology/2015/oct/27/europe-abolishes-mobile-phone-roaming-charges


Tony Abbott urges Europe to adopt Australian policies in refugee crisis

[Hell, yeah, let's ship all the migrant riffraff to Nauru! News at 11. —ed.]

In speech honouring Margaret Thatcher, former Australian PM says instinct to ‘love your neighbour’ is ‘leading much of Europe into catastrophic error’ […]

The former trainee priest argued against the Christian tenet of love thy neighbour when it comes to asylum seekers.

“Implicitly or explicitly, the imperative to love your neighbour as you love yourself is at the heart of every Western polity … but right now this wholesome instinct is leading much of Europe into catastrophic error,” Abbott said.

Using arguments familiar to Australians, Abbott said that once refugees arrive in Europe and in Australia, they have crossed a number of borders and “however desperate, almost by definition, they are economic migrants”.

http://www.theguardian.com/world/2015/oct/28/tony-abbott-urges-europe-to-adopt-australian-border-policies

Clive RobinsonOctober 28, 2015 1:49 AM

@ Nick P, Wael,

For his Christmas shift, Baker reportedly brought a twelve pack of beer and a plastic lawn chair, which he positioned directly in line with the strongest microwave beam.

I get the feeling this is an urban myth...

First of all the "plastic lawn chair", you would think his work colleagues would have seen such a bulky object and commented. Further most link towers I've been up you would find it very difficult to get it up the ladders let alone put it out on the catwalk, which by the way is usually well out of the "boresight" of any microwave antennas.

Then the 12 pack of beer... Again you would think his work colleagues would say something about that, after all most "guard details" it's a "get dismissed" offence to have alcohol on site. But for it to explode from microwave radiation, you are not talking "canned" but "bottled" beer. That's not just going to be a big carton, but a heavy carton, so again you get the ladder and catwalk problem. And on the assumption he did have space on the catwalk for his chair and beer, he would most likely be sitting down with the beer pack at his feet so well out of the microwave beam.

I won't go into the maths but have you any idea how much RF energy you would have to push out to make a bottle of beer explode? His eyes would have gone pop first by a very big margin.

Thus I don't think the beer "exploded" more like it froze...

As for "switching the power up" whilst a ten fold increase might happen on a low power link, it's not really likely on a microwave comms system. They are usually designed to have the PA as efficient as possible within envelope considerations.

But further consider the power required... If he was in the boresight he would have really effected the communications, and that would set off automated alarms. So at best he would be on a side lobe or spill over from an over illuminated antenna dish, which is a very small percentage of the boresight power. Thus to turn him into a crispy critter, the amount of power in the boresight would have been into the high kilowatt if not megawatt range... Which is an astounding amount of power for a microwave communications system these days (we only use 10-25 watt and three foot diameter dishes to talk to geo-stationary satellites).

So sorry the story does not pass the sniff test. Speaking of which if he did get hot enough to "smell like a roast" up the tower / mast in winter weather, think how could his shift replacement smell it at ground level...

Gerard van VoorenOctober 28, 2015 1:58 AM

@ name.withheld.for.obvious.reasons,

> Today, as in recently, I have given up on the tech community as it has been unable to
> address the EFFECTS of technological BS and the impacts ON/TO SOCIETY.

In the late nineties /early two thousands there must have been bankers worrying about what they were doing yet they went on. You know bills have to be paid. When the crisis started they said I told you so.

The only answer really is liability. People want to make money but don't want to go to jail. I am writing a letter right now to a Dutch politician who wants that all the software projects in Dutch gov should be open sourced. My Dutch is much better than my English so it will be a good letter ;-)

In that letter I write that I am a concerned citizen, not a security guy at all, and I say that she should consider to talk with real security experts such as djb and Tanja Lange who work at the Eindhoven University (NL) and maybe Bruce Schneier as well.

Maybe this inspires other people to do the same.

WaelOctober 28, 2015 2:33 AM

@Clive Robinson, @Nick P

Clive Robinson is absolutely correct. I thought it was a joke!

He had told coworkers that it was the only way he could stay warm during his twelve-hour shift at the station

12 hours in front of a microwave dish while feeling the warmth from the radiation? Maybe he built immunity by traveling and going a few times through X-rated machines at airports? Beer cans exploding, that I don't buy. The guy must have been camping inside the horn antenna :)

ianfOctober 28, 2015 2:39 AM


When Clive Robinson gets the feeling that this “12-pack of beers” in a “plastic lawn chair” microwave-tower-baked “Mr. Baker” (discovered later by “Mr. Burns” using his olfactory sense) story may be an urban myth, we had better sit up and listen (in plastic lawn chairs in front of microwave towers with beers within easy reach optional.)

Not content with that conditional opinion I went the whole hog under the hood of that tale—so you won't have to:

There's NO TRACE of in the first few screenfuls among 1,012 hits @ http://www.snopes.com/search/?q=microwave

Not mentioned among the Darwin Awards candidates, but maybe the Baked One unfortunately already added to the human gene pool? @
https://www.google.com/search?q=microwave+site:darwinawards.com

    CONCLUSION: either the story is too fresh to have migrated to rumor-confirming and/or -debunking sites, or it's a HOAX, didn't happen. There you have it in black-on-white, the authoritative answer from the Authoritative Answerserver.

Nick POctober 28, 2015 5:40 AM

@ Clive Robinson

Great guess and nice writeup: got it off Wael's joke site. Already covered by Snopes. Story changes with every iteration. Funny shit, though.

@ name.withheld

"Dude, I worked on the NUMA architecture both prototyping SIMD, MIMD with global and local memories of various layouts, constructs, and architecture....(Paragon, 390S, and PowerPC)."

I know you worked on such cool stuff. It's why I had to call BS on your other comment that dismisses billions of dollars worth of tech and HPC market. While most stuff is sequential, there's plenty in parallel and multicore work with more stuff in academia on it than ever. Not in industry as much since things keep getting acquired and disappearing.

"Again, I am not sending you a check--I have envisioned to near RTL level a hardware-based FPGA/ASIC uProc multi-core architecture that is not dissimilar to what Clive has described."

You loose 10 years good luck without the check but you'll survive. Far as your specific scheme, like I said, it's been done before plenty minus the specific I/O config or Clive's hypervisor concept. Always fails in the market because (a) other stuff is better (price/performance/energy) or (b) it's too hard for [lazy] people to use. That's what all most people in the market see when they look at such tech. Even mighty IBM couldn't pull it off with their market connections the few times they tried. So... good luck.

"I do appreciate all your banter though, it serves the community as a whole. For me, been there done that. "

I appreciate the compliment but I doubt you've been there done that. My solutions boiled down to open-source, verifiable versions of:

(a) A flexible CPU design that can be used in desktops, embedded, I/O coprocessors, etc with immunity to code injection or leaks.

(b) A massively-multicore design (eg AsAP2) that can be used for GPU's or DSP's with massive parallel and streaming performance per watt.

(c) A FPGA architecture, implementation, bitstream generator, and tooling through open-source synthesis + place & route.

You haven't done any of these I'm pretty sure. They're each a better idea than what you describe in terms of practical application and possible uptake. Each can be watered down to embedded level if desired although Rasp Pi's success shows you minimum you need for mainstream adoption. A bunch of 8-bitters & weird programming model ain't gonna cut it. Do what you will, though. Meanwhile, academics have been cranking out variations of the above and that work is likely to do us much more good. Just not enough of it happening and almost exclusively by amateurs w/ short-term focus.

"I used to be a member of CPSR...that ought give you a flavor concerning my demeanor (the older I get, the demeanor I get). "

Never heard of them. They must have not done shit in practice or been so good that their effects were invisible and embedded in everything. Given state of IT, I'm leaning toward former.

"Today, as in recently, I have given up on the tech community as it has been unable to address the EFFECTS of technological BS and the impacts ON/TO SOCIETY."

Exactly! Now that I can agree with! Now you see why I considered controversial topics (eg high-assurance, lawful intercept) and why I say curbing NSA's abuses is impossible without political (not tech) solution. Technologies are fucking the world in general. Laypeople don't understand them. Technologists haven't done a good enough job on handling that. Government understands them enough to know they're great tools of power. So, yeah, we're fucked and the tech community did a lot to get us there.

It's why I keep telling you to distance yourself from risky activities of the past, maintain whatever positive things you have going, and use your undeniably, strong skills in HW/SW/INFOSEC to build the shit people need. You might not change the system or live in a great world. However, for the niche that cares, you might make part of it better or safer. Worst case, you're using your craft to make what others can't. Knowing one is elite is its own reward even when others don't materialize. At least the investment into talent got you somewhere, ya know?

Note: I plan to watch your "documentary" soon to evaluate what you claimed from a Southern perspective. Just decided what free time I had recently was best spent reading, thinking, and writing instead. Just wasn't in the mood for a downer of a movie. ;)

name.withheld.for.obvious.reasonsOctober 28, 2015 6:40 AM

@ Nick P

I know you worked on such cool stuff. It's why I had to call BS on your other comment that dismisses billions of dollars worth of tech and HPC market. While most stuff is sequential, there's plenty in parallel and multicore work with more stuff in academia on it than ever. Not in industry as much since things keep getting acquired and disappearing.

Dude, I have lived three lives...

LOVE that you are trying to keep me honest, but, that is one of my weak points. Honest to a fault. It has cost me more work than I'd like to admit. It is exactly because industry continues to fail in delivering "best-of-bred" and in parallel (pun intended) with your other argument, we are in complete agreement. As a scientist I find it problematic that "CONSENSUS" (meaning opinion) is allowed to substitute for SCIENCE. This paragraph alone addresses your whole diatribe. Well almost all, but the next one completes the task.

I've already paid the 10 years bad luck, and I don't have the time to go over all the things that include this BS but let me summarize; refused implementation of HA hardware platform architecture support due to (not just lazy, but down right stupid ideas). I've even had responses to these ideas that include "How do we support an implementation that others cannot conceptualize." My response--"WHAT?"

Worked on a satellite platform were there was a fundamental flaw in the platform approach. I wrote a report identifying the current issues, and without re-numeration, redefined both the specification and the platform design that brought near an order of magnitude in flexibility, cost savings, and futured features. I received the..."We have to cover our ass, and you are the problem." response. Not only would the senior scientist on the project buy off on this, but the program manager, under his breath, agreed.

I have this habit of going into meetings having had the tacit support of my peers and then once in the meeting, crickets. Because engineers and scientists DON'T HAVE THE SEX ORGANS TO STAND FOR SOMETHING/ANYTHING. And I have stood up to some pretty high order (BS in my opinion) YES MEN in my day...I've had more than death threats. Rounds of mortar launches at my vehicle in a secluded desert area near a research facility as I was going down the highway--it wasn't until the third round went off directly behind my vehicle as I drove down this lone highway late at night that I realized I was in trouble. Griped the steering wheel and considered my fate...the story remained interesting for another half-hour after that but--that is another story.

Tell me, Nick P, how heated have your arguments gotten? So I will re-iterate, HONEST TO A FAULT.

I DO, NOT JUST SAY!

Funny thing, CPSR is where I worked with Carl Page as a volunteer on nuclear non-proliferation. Had lunch with Carl and his brother Larry, and suggested over lunch (explained information/search theory, scooter which was DEC's spider tech AKA Alta Vista, and that it was the query not the data that represented contextual value/import) that he take his Master's thesis (inexpensive Large Scale IDE Array project) and build a search engine. I know his brother knew what I was talking about, he was at the table, along with the chair of CS department at UCI (Urbana Champlain) and that was in 1997. Carl's title at the time was "Evangelist" at Microsoft. Over two years later Google was incorporated by Larry and Sergi.

Clive RobinsonOctober 28, 2015 9:26 AM

@ ianf,

That "tractor beam" 3D ultrasonic hologram can do quite a bit more than the article implies.

A few years ago I had a chat with people using both light and ultrasound holograms combined to give the impression of objects with texture. Their aim was to lay the ground work of Startrek style Holo-suit technology. The big problem they had was whilst they could generate the fields, humans got in the way of the generation, and correcting for that took a lot more computing power than you would think...

With regards the Australian comment about refugees becoming economic migrants once they cross the second border, legaly he is correct. But as the UN knows all to well but does not talk about, the further a refugee travels, the less likely they are to ever return to their birth nation whilst economicaly productive, or if state retirment / pension is involved in the new nation after retirement either.

And the problem with economic migrants is a complex one. Most first world nations have a real issue with "an aging population" what most peoplr do not realise is that their pension pot does not realy exist. Most of what they pay in gets payed out to the current crop of pensioners, it's kind of like a giant Ponzie scheme, that relies on retires living less than a third of their economicaly productive life after retirment. If they don't then there are going to be short falls, as we are starting to see in Europe. Another major problem is that education shortens your economicaly productive life at the most important end as far as your pension is concerned. In the past there was an assumption that the extra education gave you a higher earning potential that would compensate. Well that is only true for about 10-15% of the population... Thus Australia has for many years only alowed the cream of the educational crop to emigrate easily to their shores. If every body did that sort of "cherry picking" then you have to ask what happens to the other 85-90% of refugees?

The problem is we are in a world of finite resorces and rising population not just from birth rate (which is dropping in many places) but from an increased life expectancy. We need to discuss these things in a rational not emotive way, otherwise it's going to br a very rocky road ahead.

Oh and of course one problem with refugees / economic migrants is, they must have come from somewhere, thus their leaving impoverishes the place they came from rather more than you might expect.

D is for DelusionsOctober 28, 2015 9:44 AM

@ Clive Robinson
"Oh and of course one problem with refugees / economic migrants is, they must have come from somewhere, thus their leaving impoverishes the place they came from rather more than you might expect."

The value of refugees goes beyond the mythical man or single-payer Ponzi scheme. On a global scale, money is non-consequential because it's a printed note, an I.O.U. rests on the back of a nation's people. Therefore, economic migrant is only part of the equation. The other parts being the socio-ethnical factor because money is an I.O.U. that rests on the back of a people's promisary, and hence there's the buy-in of trust.

As a people of migrant, they never forgo the right of return. That's the true value of refugees beyond economics.

Sancho_POctober 28, 2015 1:51 PM

@Clive Robinson re finite ressources

”We need to discuss these things in a rational not emotive way, otherwise it's going to be a very rocky road ahead.”

You know both, “we” can’t and it’s too late.
This is why supremacy (surveillance) and military superiority is vital in these days.

Clive RobinsonOctober 28, 2015 2:53 PM

@ Sancho_P,

I'm kind of hoping, atleast in social policy, that we have not crossed the lip of the abyss, that the US appears to have done with personal privacy.

If we don't start addressing these issues, then life is going to be tough for the next generation, very tough for the one after, and virtually impossible shortly there after.

I'd like to think I am going to be wrong on that prediction, but more and more people are making similar predictions based on similar data but different reasoning...

CuriousOctober 28, 2015 3:05 PM

Something about STARTTLS and traffic to Gmail having being stripped of its encryption according to researchers having had access to logs of SMTP traffic.

"Email Encryption Is Broken"
http://motherboard.vice.com/read/email-encryption-is-broken

"Now a study has found that despite those inventions, large chunks of email traffic are being deliberately stripped of their encryption, or just sent without any in the first place, leaving them totally open to passive eavesdroppers. "

"This should act as a reminder that because of the nature of STARTTLS, even if Google or anyone else implements encryption onto their email traffic, someone else can simply reverse all of that work—possibly leaving your emails open to snooping by whatever server they happen to slip through."

"The researchers had access to some impressive data sets: logs of SMTP traffic sent to and from Gmail from January 2014 to April of this year, as well as a snapshot of the configurations of email servers belonging to the Alexa Top Million domains. "

Expired_CertificateOctober 28, 2015 4:05 PM

Recently in Itunes on Windows7, after requesting to download Itunes 12.3.1 from within Itunes, the certificate was checked. It was valid from 5/17/09 to 6/26/11 (Verisign Class 3 2004 CA).

Is this out-of-date certificate worth being concerned about?

Downloading Itunes from Apple with Firefox, however, yielded an installation file with valid dates.

Thanks

Clive RobinsonOctober 28, 2015 5:26 PM

@ Curious,

...large chunks of email traffic are being deliberately stripped of their encryption...

Such are the problems with non application layer encryption or application software that suffers from protocol fall back or has been got at by malware.

As I've said on a number of occasions you need to encrypt separately of any other application and be able to verify that the resulting file is correct then send the file as an attachment to an ordinary text only email.

Preferably, you compose / encrypt and decrypt / read on a computer that is as totally seperated as you can manage from the one you use to send and receive email. Preferably they use totaly different application software, Operating Systems and hardware as well.

I know few can currently achive this level of seperation, especially a full "energy gap" but it's now got to the tipping point in the US --and presumably other FiveEyes etc nations-- that unless you really take your privacy seriously you will not have any now or in the future.

Nick POctober 28, 2015 6:51 PM

@ name.withheld

"Honest to a fault. It has cost me more work than I'd like to admit. It is exactly because industry continues to fail in delivering "best-of-bred" and in parallel (pun intended) with your other argument, we are in complete agreement. "

Same here. Otherwise, I'd have made millions and a lot more of my stuff in Snowden leaks. Or 2008 Goldman leaks. Or something similarly awful but high-paying (eg RSA conference goods). :O

"I've even had responses to these ideas that include "How do we support an implementation that others cannot conceptualize." My response--"WHAT?""

They were building a Brainfuck interpreter in silicon with a 10 stage pipeline and accelerators MPEG1 decoding, right? I told those idiots nobody would buy the shit. MPEG1 is too unusable. Sorry you had to deal with them.

" I received the..."We have to cover our ass, and you are the problem." response. Not only would the senior scientist on the project buy off on this, but the program manager, under his breath, agreed."

That's fucked up. I'd have given you a bonus esp if there was flexibility *plus* cost savings.

"I have this habit of going into meetings having had the tacit support of my peers and then once in the meeting, crickets. Because engineers and scientists DON'T HAVE THE SEX ORGANS TO STAND FOR SOMETHING/ANYTHING."

You have weaker social skills. I do, too, but I've tried to improve a bit for negotiations. Trick is to identify a compromise on what they'll tolerate for their goals that includes yours. Make sure any changes let them save face or maintain their ego. The ideal level, which I'm not at, is seeding it into their head so it's their idea. I mean, I can do that sometimes for day-to-day things but not technical stuff people don't know lol.

"Griped the steering wheel and considered my fate...the story remained interesting for another half-hour after that but--that is another story."

I look forward to hearing it sometime.

"Tell me, Nick P, how heated have your arguments gotten?"

You've seen them. On bad days, enough to not matter and make people tune-out. It's why I *try* to be more diplomatic where it counts. Not online much. I still screw-up a big one at least once every few months.

"I DO, NOT JUST SAY!"

What you've been lacking is someone with the gift of gab that's skilled at getting what's in your head into their head. A good negotiator. I think you just didn't want to work with one for whatever reason. Would've helped you, though.

"Had lunch with Carl and his brother Larry, and suggested over lunch (explained information/search theory, scooter which was DEC's spider tech AKA Alta Vista, and that it was the query not the data that represented contextual value/import) "

You're not suggesting you're behind PageRank, are you? It's advantage is that it was a clever hack that got around the search and meaning problem entirely. That's Larry and Sergi's main achievement. Still be an accomplishment if you and Carl motivated his involvement in search. Still cool stuff, esp talking to Carl.

" We [IBM] often had team meetings between Japan, Germany, and Israel that we'd convene for weeks. "

Israel (Haifa) is where they do a lot of their processor research for POWER and verification with formal falsification (esp RuleBase). Did you get to work on any of that stuff?

"and a very light, think of OS-9 or QNX's microkernel design"

John Nagle keeps mentioning QNX on Hacker News due to it's ultra-clever, performance optimizations plus general properties for reliability. He always insists someone should make an open-source version of it that keeps those properties. I was concerned the optimization(s) might short-cut separation too much with a security vulnerability or two lurking in there. Too much to analyze, though. I figure you've already done analysis if you used it given how you work. What's your thoughts on that?

Note: I also like the INTEGRITY RTOS's strategy of forcing user-mode processes to donate their own CPU time and memory for any *kernel* call they make. Not sure exactly how they do that but I think it's really smart. I always push for any OSS microkernel to copy that somehow.

Sancho_POctober 28, 2015 7:08 PM


@Clive Robinson

”If we don't start addressing these issues …”

“We” can’t because there is no “we” in our world, only “us” and “they”.
“We” would have to eradicate religions first.

The central point of the discussion would be the inability of eternal growth with limited resources.
This would be blasphemy even after eradicating religious believes.

For the time frame: I do hope you are right but I seriously doubt.

Sancho_POctober 28, 2015 7:14 PM


@Curious

True, but the headline is a bit misleading, as “email encryption” was never there in the first place.

STARTTLS is a voluntary traffic (not email) encryption between the sender (e.g. your PC) and the the server you connect to (hopefully, but not always, it’s your email provider, there’s no control about that until you'd use the command line to send emails).

First, you’d have to set the option to use STARTTLS in your email software (advanced) settings. That might be default with actual versions, though.
But your email client will not warn you when STARTTLS isn’t possible at sending a message, even with the option set.

Also there is no warning (and it would be to late anyway) when any server between your email provider and and the final destination (the recipient’s PC) doesn’t (voluntarily) use traffic encryption.

However, on each of these relaying servers the message can be seen and copied in plain text until you didn’t encrypt it (and hopefully check the encryption) before sending.

Sancho_POctober 28, 2015 7:18 PM


@Expired_Certificates

The whole cert system is broken by design, however, any irregularity should raise concerns because the norm is a valid certificate.

Especially faked certificates will / should not fail, thus it is strange when you face a really old cert when connecting to Apple.
The reason may be in your PC, Firefox, your DNS, …
Best to check the used address with a friend’s system.
Oh, and check the address / URL first.

Anonymous CowardOctober 28, 2015 7:38 PM

Sony BMG Rootkit Scandal: 10 Years Later

- Page 1/2:
http://www.networkworld.com/article/2998251/malware-cybercrime/sony-bmg-rootkit-scandal-10-years-later.html

- Page 2/2:
http://www.networkworld.com/article/2998251/malware-cybercrime/sony-bmg-rootkit-scandal-10-years-later.html?page=2

- Archived pages 1 & 2:
https://archive.is/4TrDq
https://archive.is/uwL2M

Historical posts by Bruce Schneier, blog posts which contain a vast resource of information shared by his open community in which anyone can post - more technical and polite than most discussion forums!

We remember the rootkit:

https://www.schneier.com/blog/archives/2005/11/sonys_drm_rootk.html
https://www.schneier.com/blog/archives/2005/11/sony_secretly_i_1.html
https://www.schneier.com/blog/archives/2005/11/the_sony_rootki.html
https://www.schneier.com/blog/archives/2005/11/more_on_sonys_d.html
https://www.schneier.com/blog/archives/2005/11/still_more_on_s_1.html
https://www.schneier.com/essays/archives/2005/11/real_story_of_the_ro.html
https://www.schneier.com/blog/archives/2006/02/lessons_from_th.html
https://www.schneier.com/essays/archives/2006/05/everyone_wants_to_ow.html
https://www.schneier.com/blog/archives/2006/05/who_owns_your_c.html
https://www.schneier.com/blog/archives/2014/12/reacting_to_the.html
https://www.schneier.com/blog/archives/2012/06/the_failure_of_3.html
https://www.schneier.com/blog/archives/2014/12/more_data_on_at.html
https://www.schneier.com/blog/archives/2005/11/surveillance_an.html
https://www.schneier.com/blog/archives/2005/11/surveillance_an.html
https://www.schneier.com/blog/archives/2007/03/faking_hardware.html
https://www.schneier.com/blog/archives/2007/07/federal_agents_1.html

* New Slashdot Story (10/28/2015):

- Revisiting the Infamous Sony BMG Rootkit Scandal 10 Years Later
http://it.slashdot.org/story/15/10/28/1829203/revisiting-the-infamous-sony-bmg-rootkit-scandal-10-years-later

= Old Slashdot stories on the topic:

http://it.slashdot.org/story/05/10/31/2016223/sony-drm-installs-a-rootkit
http://games.slashdot.org/story/05/11/07/1221209/sony-rootkit-phones-home
http://yro.slashdot.org/story/05/11/10/0024259/california-class-action-suit-sony-over-rootkit-drm
http://yro.slashdot.org/story/05/11/17/2140208/real-story-of-the-rogue-rootkit
http://it.slashdot.org/story/05/11/29/1823212/sony-warned-weeks-ahead-of-rootkit-flap
http://yro.slashdot.org/story/05/11/13/1419206/sonys-eula-worse-than-its-rootkit
http://yro.slashdot.org/story/07/07/12/1256258/sony-sues-rootkit-maker
http://yro.slashdot.org/story/05/11/02/1421250/more-on-sonys-drm-rootkit
http://yro.slashdot.org/story/07/12/17/0314218/a-legal-analysis-of-the-sony-bmg-rootkit-debacle
http://it.slashdot.org/story/06/01/17/1512245/sony-rootkit-still-a-problem
http://yro.slashdot.org/story/05/11/18/2010224/sony-amazon-detail-rootkit-cd-buybacks
http://news.slashdot.org/story/05/11/17/1350209/dvd-jons-code-in-sony-rootkit
http://yro.slashdot.org/story/05/12/22/160206/sony-drm-installed-even-when-eula-declined
http://apple.slashdot.org/story/05/11/11/064215/sony-music-cds-contain-mac-drm-software-too

= Related:

http://it.slashdot.org/story/07/03/04/1511210/hacker-defeats-hardware-based-rootkit-detection
http://it.slashdot.org/story/07/05/31/187219/a-look-at-bsd-rootkits
http://news.slashdot.org/story/09/04/15/1327247/the-rootkit-arsenal
http://yro.slashdot.org/story/07/07/17/199223/will-security-firms-detect-police-spyware
http://it.slashdot.org/story/13/05/04/0024202/antivirus-firms-wont-co-operate-with-pc-hacking-dutch-police
http://linux.slashdot.org/story/12/11/20/1733237/new-linux-rootkit-emerges
http://yro.slashdot.org/story/14/03/12/1738237/how-the-nsa-plans-to-infect-millions-of-computers-with-malware

Dirk PraetOctober 28, 2015 7:50 PM

@ All

A while ago, I mentioned I was working on integrating in TAILS a couple of apps I use from time to time. Although far from finished, I just uploaded version 0.1a to Github at https://github.com/dpramone/TAILS-Candy. Please be kind. It's really simple stuff I hope will be useful to some people, but it is a first alpha release. Comments, suggestions and (code) contributions are welcome.

FigureitoutOctober 28, 2015 8:40 PM

Dirk Praet
--Looking good! You know I have a sweet tooth (I was obsessed w/ these strawberry and blue smurf gummies that you could get a big bag at this shop in Brasschaat). :p Not so sure about TeamViewer, Dropbox, and VLC but for usefulness they're good I guess.

Hey quick question for the script master, I was going to install a little startup script for RasPi in the rc.local file but read that's a bad place for it, is that true? Know if it's bad? I didn't know where's a good place to put it.

I liked the "caveats" which every security person needs to repeat to drill into people's head that we can't do everything for you and attacks can still plow thru many defenses.

Also liked the RAMONES background to get people to read the scripts they install at least. And it should be a harmless thing too. This is what I was getting at, w/ yelling at people to turn off bluetooth walking around in public, I'd be harmless but someone else might not be...

FigureitoutOctober 28, 2015 8:43 PM

Dirk Praet
--On the rc.local thing, I want it to be a good place b/c I may want to tack on a pretty large startup script.

WaelOctober 28, 2015 8:45 PM

@Dirk Praet,

A while ago, I mentioned I was working on integrating in TAILS a couple of apps I use from time to time

Good you found time to develop concrete deliverables and share with all. I don't use TAILS, but I'll give you some minor comments.

Please be kind.

If this request came from someone else, I'd show you how "kind" I can be ;)

It's really simple stuff I hope will be useful to some people

Simplicity is a virtue, not an imperfection!

Comments, suggestions

My comment is likewise simple: most of the scripts require root privilege. Have you thought about separating the ones that require it from the ones that don't and insure least privilege?

name.withheld.for.obvious.reasonsOctober 28, 2015 9:12 PM

@ Nick P
Thanks for the thoughtful remarks--it has been a struggle for most of my adult life. Having the wherewithal, the courage, and the tenacity to make things happen is often confronted by the "NO-DOERS" and the "NO-GOODERS".

Israel (Haifa) is where they do a lot of their processor research for POWER and verification with formal falsification (esp RuleBase). Did you get to work on any of that stuff?
OOPS, don't want to touch this subject too closely...let's just say I'm not looking for a MOSAD encounter/dance. Something to do with OS/400 and the PPT code. Yeah, I was holding onto some of the most "hush-hush" OS code around at the time--but under the virtue that I was doing my job--nothing nefarious. Oh, and please don't clarify the word POWER, as in the context of this conversation it has a completely different meaning (I see dead people).

On the last episode of "Let's give this guy a scare so he will STFU", I'd just been missed by the triangulated rounds of mortar fire as the flash/bang of the last one was 30 meters directly behind my moving vehicle. I'd felt or knew that the next round was going to make me a goner(I was not stopping to find the idiots but it wasn't one of my best moments). But, as I crested the hill the visible part of the range (where people might notice things like mortar rounds) came into sight.

As it was both tactically improbable for a spotter to cover the amount of terrain (four miles of mountainous desert) and the possibility of witnesses, the threat level subsided. I knew it couldn't be amateurs as the number of miles covered and the lack of anything; no power or transmission lines, pipelines, or anything else for that matter--just barren desert.

At about a mile and a half passed the last exploded round, base police had been deployed to intercept me (they believed I was responsible, or, this is what I was lead to believe) and stopped me right next to the "equipment" gate. This gate is used to fairly top secret equipment in the dead of night undetected by "whatever". The kind of equipment used in HAARP tests for example. Interesting what you can do with the magnetosphere. I leave the conspiracies to others.

It was at this point I believed the agents, I mean officers, were to dispose of my vehicle and body. It was to my surprise, no this is not the death squad, it seemed the license plate light (one of them) was out and they issued me a citation. I was to appear on September 11th. This I felt was deliberate irony...

This all happened within the course of 30 minutes by the way. It was a kind of end-to-end operation of make him/me STFU.

Dirk PraetOctober 28, 2015 9:24 PM

@ Wael

Have you thought about separating the ones that require it from the ones that don't and insure least privilege?

I have. Everything that has .deb dependencies requires root. Others that need to be compiled from source require g++, which fortunately is not present by default, but unfortunately forces you to install it either with apt-get or dpkg, which again requires root.

@Figureitout

Not so sure about TeamViewer, Dropbox, and VLC

Teamviewer and VLC are more proof of concepts and the install routines can be used as a template for other stuff. But Totem really, really bl*ws anyway.

I was obsessed w/ these strawberry and blue smurf gummies that you could get a big bag at this shop in Brasschaat

I think I know which one you mean. I've got an uncle living pretty much right around the corner there.

I was going to install a little startup script for RasPi in the rc.local file but read that's a bad place for it, is that true? Know if it's bad?

It's not really considered "clean", but it depends on what you want to accomplish. If you're starting a daemon, copy a skeleton LSB script into init.d and set the required runlevels. For anything X-related, create an autostart entry in /etc/xdg/autostart or ~/.config/autostart .

Expired_CertificateOctober 28, 2015 10:27 PM

@Sancho P

“The whole cert system is broken by design, however, any irregularity should raise concerns because the norm is a valid certificate.

Especially faked certificates will / should not fail, thus it is strange when you face a really old cert when connecting to Apple.

The reason may be in your PC, Firefox, your DNS, …

Best to check the used address with a friend’s system.

Oh, and check the address / URL first.”

Thanks for your input. I don't understand the "will/should not fail" sentence.

about: expired Itunes certificate when trying to update to Itunes 12.3.1
(5/17/09 to 6/26/11 (Verisign Class 3 2004 CA))

Computers 1-3 Google DNS servers, share same router
Computers 1-3 Had older version of Itunes on them
Computers 1-3 Windows 7 Professional, 32 bit

Proceeded to try to update 3 computers:

Computer 1, Entered Itunes, chose to download/update, saw expired Itunes certificate (6/26/11), but updated Itunes anyway from within Itunes (my bad)

Computer 2, Entered Itunes, chose to download/update, saw Itunes certificate with valid dates, updated Itunes from within Itunes

Computer 3, Entered Itunes, chose to download/update, saw expired Itunes certificate, cancelled update from within Itunes. With Firefox went to https://www.apple.com/itunes/download/ and downloaded iTunes 12.3.1 for Windows 7 or later (not 64 bit). SHA1(ItunesSetup.exe)= 24fc5a91a699f92e9d44dc8d47cb9501aa968766 from Downloads directory)

Currently running Microsoft Security Essentials Full Scan on all 3 Computers

Does anybody know where Itunes in Windows might have saved the Downloaded files, if at all, on Computers 1 and 2?

Looking at Programs and Features in Control Panel the five Apple entries look similar for the 3 computers.

For security reasons I assume it is good to uninstall Bonjour in general.
Currently the Firewalls accept incoming Bonjour connections.

Any ideas about how to try to see if I got a bad update on Computer 1?

FigureitoutOctober 29, 2015 12:08 AM

Dirk Praet
Teamviewer and VLC are more proof of concepts
--K, not sure one would want a potential remote hole in a potential crypto machine. VLC could serve a steganographic purpose.

I've got an uncle living pretty much right around the corner there
--Yeah always took this street called something like "hoogboomsteenweg" lol

If you're starting a daemon
--No no just little config stuff that I want to automate. Wifi stuff. Especially browser-wise, just the basic stuff (delete cookies, install addons, etc.) that everytime I'm like "why am I doing this sh*t again?" But yeah I'll look for that directory, thanks mate.

tyrOctober 29, 2015 3:49 AM


OT Jokes

The best jokes are if you only use the punchline.

" so the bear said to the lesbian after their third
encounter You aren't coming here to hunt are you."

ianfOctober 29, 2015 4:09 AM


@ Dirk Praet …just uploaded v. 0.1a https://github.com/dpramone/TAILS-Candy

As I'm no good @ beta testing of stuff without anyone nearby with whom to figure out possible simplistic obstacles, so I'll pass. Besides, I need my TAILS-Candy ON A TURN-KEY STICK, as per earlier discussions.

That directly means not only integration of various Tails apps (which seems to be what you have done), but presence of a start-up self-validating script that will deliver a couple of hashed checksums TO BE COMPARED AGAINST such that you've posted in a few trustworthy repositories online - or else the chosen USB hardware-software combo has been tampered with.

Dirk PraetOctober 29, 2015 6:01 AM

@ ianf

presence of a start-up self-validating script that will deliver a couple of hashed checksums TO BE COMPARED AGAINST such that you've posted in a few trustworthy repositories online

A tor+http debian repository, distribution file checksums and validation are on my to-do list, but I'm going to wait with that until the package is a bit more stable. This is a first alpha release and there really is no point in changing checksums/signatures every day for every file I add/modify.

CuriousOctober 29, 2015 9:11 AM

Off topic:
I wanted to buy something on the internet last night, but as I was about to start filling in my credit card information, I see that the form for filling out the credit card information is there on a regular http connection without encryption, so I went "nope" and did something else.

John Galt IVOctober 29, 2015 10:12 AM


this technique is used by Israeli airport security

http://www.anecdote.com/2015/05/how-to-detect-lies/

Cognitive interviewing as a form of lie detection [Anecdote]. “Morgan found that the use of these mnemonic props – open-ended questions about various sensations and sequences of events – dramatically increased memory recall about what had happened. The subject’s stories consequently became more and more complex, and richer in detail. Or at least, they did when people were telling the truth. When it came to the lies, even well-rehearsed ones, the subjects tended to falter and were unable to complete the interview. According to Morgan, this was because when they were prompted to dredge up deeper memories, the liars had nothing to draw on. Instead, they merely repeated what they’d already said, or waited for the interviewer to fill in the gaps themselves. He equates the memory of an honest storyteller with a high-resolution image, and that of a liar with a child’s rough sketch.”

name.withheld.for.obvious.reasonsOctober 29, 2015 12:50 PM

As the United States congress, the house, held votes for the new speaker to replace John Bonier. The speaker called for voice votes, that their surname be enunciated. Two candidates were officially offered to speaker-ship. Ryan and Pelosi.

Nary a handful of congresspersons were able to follow the simple instructions. Nineteen democratic congress members were able to follow instructions. Thirty three republicans were able to utter the requested surname of their vote for a candidate. One vote was cast for Collin Powell and John Lewis, eight for Daniel Webster, the remaining republican votes were cast for Ryan of Wisconsin. Democratic members cast in near unanimity, Pelosi. Blummenthal of Oregon was the first to manage to get the instructions correct while nearly everyone else stood on their egos and cast their votes.

Thirty three Republicans and nineteen Democrats were able to follow the instructions and voted by enunciating their candidates surname.

Why is this, the proper enumeration as instructed by the speaker, important? It demonstrates a dispassionate vote; not inserting oneself in the process.

The clerk unwavering enunciated the correct surname for each vote cast--even as the example the clerk set, the house members seemed unable to correctly follow instructions.

The final tally was:

One for Powell
One for Lewis
One for Cooper
Nine for Webster
Two hundred and Thirty Six for Ryan
One hundred and eighty two for Pelosi

Ryan, Paul from Wisconsin replaces Bonier, John as speaker of the house

ianfOctober 29, 2015 1:14 PM


@ John Galt IVIFthis technique is used by Israeli airport security,” THEN it must be some other, or a highly filtered/ restricted/ scenario-based version of it, because there simply is no time in the airport to do all that lengthy song and dance that it relies on.

Observe that I do not question its usefulness, or perhaps higher than flipped coin veracity(?), only the described methodology not being suitable for deployment under time pressure. Yes, I know that the Israelis rely much more on psychological evaluation (and not only @ Ben-Gurion, but at other entry points), than do other Western services, but I doubt that is it.

BTW. here's what I wrote earlier on the subject of Israeli airport security.


@ Curious

For your salus interruptus to have any lasting meaning, you need to get in touch with Your Inner Point-of-No-Sale Sadist, and send the company a postcard with a short note

    "This is to notify you, that due to your insecure order web-form, I abstained from buying your product ID# and bought it even cheaper from another company instead."

You don't even need to sign it legibly, nor affix a stamp to it! ;-))

Prior to sending it, take a Xerox of it, then forward it to any journo who writes about net security… they're always hungry for such human-angle stuff, and, if it fits with their intent, may well call that company's sales director and ask her SOME TOUGH QUESTIONS.

First then can you land
on an aircraft carrier and
call it MISSION ACCOMPLISHED.

name.withheld.for.obvious.reasonsOctober 29, 2015 1:23 PM

@ Nick P,
There are a number of institutional customers for various RTOS's, some laboratories prefer QNX, a few DoD contractors like Montevista (not really an RTOS), LynxOS, and VXWorks. VXWorks shows up in some very critical applications while newer versions of platforms have gone with separation kernels as offered by Green Hills. Did Green Hills do an acquisition recently? Anyway, lots of platforms that call for DO-178B compliance go for separation kernels (the spec kind of drives the decision process).

It seems, as is the case in many shops, that individuals that have a propensity or bias for one set of tools that specifies the type of RTOS which will be implemented. This is a type of favoritism that is quite subjective and I have been most critical of. That satellite platform I mentioned before had been built nearly completely from a LabView (National Instruments) platform. The processor and DAQ system were tightly coupled as was the presentation and data layers. I'm not saying that LabView could not have been employed, it was the design that in whole was in error.

A argument I make is that the tool should be selected based on the requirements, not specifying a tool and make it fit the requirements. It's kind of like using hammer your familiar with, but that hammer must be made to drive all types of fasteners. At times, the hammer is used to drive staples, bolts, and gussets into all forms of materials.

My design, a far more modular system, would disassociate the presentation, data, and acquisition layers to allow best-of-bred and feature extension in the future. The only requirement was a standardized intermediate layer between the modules to accommodate upgraded or replacement technologies. Kind of like three different data/bus interfaces.

And yes, I am saying that I probably influenced the direction and technological decisions that would be made by Larry and Sergi.

Sancho_POctober 29, 2015 4:35 PM


@Expired_Certificate

”I don't understand the "will/should not fail" sentence.”
[ Especially faked certificates will / should not fail, … ]

Let’s assume “someone” wants to deploy malware via a faked iTunes certificate.
It needs quite some knowledge (and the opportunity) to set up the ruse.
- Would you think this “someone” would then make the stupid mistake to present an expired certificate, just to fire an alarm on your end?

An expired cert is a very careless mistake, it takes just some bucks to renew it in time. Such a mistake could happen to any provider, even Apple, but not longer than one month, too many would complain (I didn’t check the Net, though).

From your second posting now I realize that you’ve tried to update within iTunes, so you may not even know to which strange address the (outdated?) iTunes updater tries to redirect you.

You probably should deinstall and re-install iTunes from scratch to avoid further hassle.
If you didn’t specifically download and “Save” the update package for later use, the intermediate update-files will go to C:\WINDOWS\Temp (?).
However, a successfully finalized “update” should delete them ...
(I use “should” because it’s WinDose, no offense intended).

For checking the downloaded 12.3.1 (SHA1 hash) there is the chicken and egg problem: Win7 doesn’t have a program on board, you have to download it. There was a Mi$o (command line) software but it’s unsupported and outdated, not sure if it’s usable with W7: “Microsoft File Checksum Integrity Verifier”.
-> I’d go for HashMyFiles from NirSoft, a small graphic utility (no install needed).

Sorry, no deep knowledge here on Win, I’m on a Mac (and never use iTunes ;-)
You may get specific help at a dedicated iTunes for Win forum, e.g.
https://discussions.apple.com/community/itunes/itunes_for_windows

Nick POctober 29, 2015 4:39 PM

@ name.withheld

re personal account

Damn, what a story. Glad you made it.

re RTOS's, etc

That makes sense. However, you have to admit that it makes sense to try to pick a versatile RTOS and component that you can reuse to amortize the cost of high assurance development. RTOS's I don't have a solid opinion on as, like you said, different one's seem better in different situations. The reuse thing might be applied at interfaces, protocol engines, scheduling algorithms, etc with some reference implementations that can be modified from device to device. Not as easy as a compiler like CompCert where I say "just build on and improve what was verified already!"

Real trick on your end will be making the middleware easy to specify while the resulting implementation is both safe and efficient. The message passing schemes are often safer but not efficient if you're really doing POLA. There's shared memory schemes that are very efficient but not quite so safe. The schemes that are safe and fast usually can't take advantage of a MMU, etc properly for protection. Kind of an open problem if we're talking embedded. Will be interesting to see what you eventually come up with.

@ Wael, name.withheld, Clive, Figureitout

Free EDA?

Mentor Graphics just did something unusually modern: they put a browser/cloud-based EDA tool online for free. It's free if what you're doing is public and shared, while private projects have to pay a fee. The tool does design and simulation for combinations of analog, digital, mixed-signal, and mechanical systems. Already a bunch of circuits online. Go give it a spin and see what it can do.

Note: Don't put anything significant on it unless you read the license carefully. I'm sure you all already know that, though. ;)

ianfOctober 29, 2015 6:43 PM


@ Nick P […] “The EDA tool does design and simulation for combinations of analog, digital, mixed-signal, and mechanical systems. Already a bunch of circuits online. Go give it a spin and see what it can do.

That's great news. I won't be doing any designing myself, but am always keen to check the output of others. So if you see anything truly novel there, do give us a hoot. My ongoing interest would be DIY DAB radio with solid-state programmable recording capabilities. I don't listen to radio all that much but imagine I would if only I had a fall-back program archive on tap.

FigureitoutOctober 29, 2015 9:33 PM

Nick P RE: Will be interesting to see what you eventually come up with.
--Sounds like NWFOR is leaning towards getting out of the game and calling the tech community weenies (we're the last people still putting up a fight and the last hope remains w/ us as evidenced by a lot of tutorials and free software and what could be some big time steps forward w/ open/lowRISC and RISCV and Novena and Genode/seL4 kernels; there's too much to name but we'd all nod our head hearing them) when I've said again and again that I merely wrote on facebook I wanted a revolution and had an investigation brought down on me that would give you all nightmares and likely mental illness. I used the worthless investigation for something positive as testing for what gets touched and what doesn't and now I have some skills/experience I can consult to on high security lol. But it still had a huge negative effect on me and I would've loved to work for NASA or some computer security defence research but that won't ever happen.

NWFOR, pretty stupid questions on my part about formfactor jumping the gun, but I felt the too obvious ones was how that would all be connected securely (that is a *constant* thought of mine how to do such a thing). What protocols? The usuals? The answer is way too long anyways, I know, I can't even explain some much simpler applications when there's around 1000 pages of info you need to read for it to even make sense. Turning off clocks is something that's common in industry now (sleep modes), would you be leaning on those if you moved forward? What hardware platform were you targeting? And yes I've heard good things about QNX but don't have the money to pay for it.

If you're getting out the game then all this is worthless though. Probably be best if you still had connections w/ Larry and Sergei at Google to lean on and get some funding on some of these cutting edge security projects (if there's a company that could actually do it, it's Google).

Nick P RE: free eda
--I'm just now covering basic filters, and basic flip flops/latches; that toolchain is overkill for me. Breadboard and LTspice is plenty, but I'm not even doing that much now, MCU's all the way.

And it's cool it's free and all but to be in the browser and on the cloud...?--Nope sorry, too many attacks to waste my time... Don't want any part of it. Sorry to rain on the parade, I can't stand online toolchains. Release a free version I can install locally (which still has risk of being infected, always) or I don't really care.

name.withheld.for.obvious.reasonsOctober 29, 2015 9:49 PM

@ Figureitout
Dude, the only stupid question is the one you don't ask. You have a curious and inquisitive mind and makes me think you are still young[ish].

Couple of quick things--the form factor for this device quite possible could be done in an FPGA that is 7-12mm square (45-95nm) FPGA and half that size on an ASIC. It also has a unique fab advantage in FPGA, a good mix of CPLD/LUT's and memory, this tends to lead to good utilization and netlist gens. Again, transmission lines on a fanned out design would be the big challenge and since you need global and local clocks there will be some synchronization, jitter, and slewing to consider. Nick P didn't quite get where I was going with this and I probably need to post a spice model for you guys (HDL might work too). I could post it over a period of squids.

I abhor having to do anything more in the space. Until technology serves us, instead of serving us up--I am not a fan. I believe you know that I have not move sequentially to this decision. It is just that you can lead a horse('s ass) to water but you cannot make it drink.

Goodnight and good luck!

FigureitoutOctober 29, 2015 11:36 PM

name.withheld.for.obvious.reasons
--I'm afraid there are stupid questions, and won't make a ridiculous example to prove that. But lots of people are too scared to ask questions b/c they care what people think too much ("god retard, don't you know this?! I don't know why either, I just accept what I'm told but, god retard!"), and are fine going on when they could get answers or at least potential paths to answers.

If done in an FPGA, there's basically no open toolchain besides...yet again...efforts in the tech community to change that b/c FPGA's are extremely complex and I don't have a clue how they really work (not good for security, but the customizable flexibility is good for it). And CPLD is a complex programmable logic device. Only people who do this work will have a fighting chance verifying it "enough" for themselves. Being secure by yourself sucks, might as well be a hermit. Then again a lot of digital security is this way, so perhaps this is another impossible endeavor (doubt it, we're only getting started).

I could post it over a period of squids.
--Yeah, if you do just do a pic, then use a combo of tools like windows snipping tool and open source ones to remove metadata that matters then a posting site.

I abhor having to do anything more in the space.
--I can't get enough unless we're going all to online toolchains and javascript. And security is about being able to stop tech. on a sign of fault (having many steps which take unique human input to prevent programming a malware to own all) instead of "doing it all for us". Otherwise that's an obvious and juicy target. Sucks but true, but true for attackers too, so it's mutually assured destruction which I'm fine w/ so long as the evil ones suffer. Every dog has its day anyway.

name.withheld.for.obvious.reasonsOctober 30, 2015 12:23 AM

Just a quick stream of consciousness blurb...how to dramatically reduce the deficit using monetary policy....

MAKE CURRENCY FROM NONPOISONOUS INKS AND HEMP...

People that smoke cigarettes, marijuana, etc could use the bills to role their own. When smoked consider it a tax payment. Reducing the money supply via destruction is the same as depositing money in the federal reserve. All the fed has to do is monitor circulation...they do it already.

WaelOctober 30, 2015 2:03 AM

@Nick P,

Mentor Graphics just did something unusually modern:

Thanks for the link. I'll bookmark it until I have a replacement laptop. Sounds like a good tool to play with. Been a while since I messed with Mentor graphics and ... I forgot what the other one was...

John Galt IVOctober 30, 2015 6:58 AM

threat models few have considered

Would like some help exploring this space. I have been unable to find a broadband ultrasonic microphone at a reasonable price. I would have thought that the usual suspects (Knowles in particular) would have used their MEMS technology, which revolutionized the cell phone space, to bring out an inexpensive MEMS ultrasonic microphone for mass consumer applications - e.g., Roombas.

I don't recall seeing the topic of system identification broached here. In its simplest form (and the most commonly used meaning in electronics) it refers to mapping the Bode plot of a filter/filter network/network. That is, it measures the phase and amplitude response of a circuit element or combination of circuit elements. Except for the mathematically gifted (Ted tried to warn us, but we just laughed at him), the only tractable transfer functions are linear and time-invariant (LTI). We can broaden the concept of a transfer function to an arbitrary number of dimensions to address whatever variables (including linearity and time variance) are of interest. The math, as noted, quickly becomes intractable, with the exception of special cases, like LTI. Not to imply that LTI is not extremely powerful, as it encompasses all of what passes below. Subsets of the system identification concept that I have broached before include the intractability of exhaustive searching for hardware backdoors and the problem of making and measuring the medical properties of small and medium molecules. As noted previously, we might hope that quantum computing can address one of those issues. We may note that the ongoing theft of user data by corporations and governments is intended for system identification of individuals or, if you prefer, their transfer functions. Ben Hunt has done a good job of exploring the implications of artificial intelligence (which is a subclass of adaptive system identification) as an adversary in financial markets http://www.salientpartners.com See also, The Predictors, by Thomas A. Bass.

Many of the members of this forum will have seen in recent years and days mention of WiFi repurposing as a crude form of radar capable of observing and counting people behind/through walls. Radar (and sonar) is itself an example of system identification, where the time delay corresponds to a linear phase shift and the amplitude response drops as something like r^2, all of which is mapped as a function of angle in at least one dimension, more often two.

There are ultrasound equivalents to radar which can be (or are) implemented in cell phones, likely as undocumented features. Such implementations would rely on other undocumented features, such as a microphone and earpiece (I hesitate to call it a speaker) with usable frequency response well beyond the range of human hearing. Some very special information could be gathered by clandestine activation. I will give only one example here, but the interested reader is invited to comment on some of the other brilliant and spooky applications of this technology. Imagine for a moment that large numbers of aggrieved citizens are gathered to protest some imagined government slight like hunger (recommended documentary "The Running Man") brought about by Monsanto policies of disallowing people from growing plants or financial privation by the financial parasites (the "Occupy" movement). There are two undocumented features that could be combined to produce a profoundly effective monitoring tool. The first undocumented feature would be burst transmission of RF from each cell phone, for example, unique pseudorandom sequences, for reception by nearby cell phones, which then transmit to the nearby Stingray (or the standard cell tower) just the phase delay summary, which corresponds to a linear phase shift and distance. ID of the pseudorandom sequence also is transmitted to the tower/Stingray. The phase delay to all other cell phones in the crowd can mapped to generate a high-resolution picture of the relative locations of every person/phone in the crowd, in real-time or near real-time. The centroid of the crowd would be very accurately determined by signal averaging, so the geolocation data would be refined, as with differential GPS, down to an arbitrarily small distance (think tens of centimeters), depending on the value of the terrorist target, peaceful citizen, freedom fighter, revolutionary or patriot (it's all a matter of perspective - you can guess Monsanto and Blankfein's perspective). An equivalent method of measuring cell-phone-to-cell phone distances in the crowd could be implemented by using the ultrasonic features described above, again using unique pseudorandom codes to uniquely identify each transmitter. Once the distances, locations and effective microphone pointing directions are known (which also can be represented by component transfer functions), the real magic begins. The voice of every speaker in the crowd can be isolated by beamforming combinations of the audio frequency signals picked up from each microphone and uniquely identified, even in the presence of heavy background noise. Other magic, like using Woody Norris's ultrasound transmission of audible sounds also could be implemented, although that requires sufficient ultrasound power levels to access non-linearity of air compression/decompression. That also can be deployed by the authorities using beamforming to speak individually to anyone in the crowd, as in, "We know who you are and we are watching you closely." The main limitation on beamforming will be cell tower/Stingray bandwidth saturation. Likely, the identity of every person in the crowd already is known, particularly if they are carrying a cell phone. Now their words for the length of the peaceful assembly also have been recorded in direct contravention of the 4th amendment. Even those not carrying cell phones can be recorded and identified by matching their cleanly captured voice to the extensive databases that already have been assembled.

The two recommendations that I have for exploring these possible cell phone behaviors are to use an RF receiver like the one described in Melissa's DEFCON (14?) talk, and to use ultrasonic microphones in proximity to cell phones to observe undocumented emissions of ultrasonic coding.

In a future chapter we will consider adaptive filtering, mention some other documentaries (e.g., Air America, Doublecrossed) and explore a threat model where all of your voice, email and social media transmissions can be perfectly spoofed because a) the extensive database of your voice, writing, posts, lifestyle, and life history allow your voice/style to be perfectly matched, and b) your transmissions are not digitally signed for authentication.

Welcome to the brave new world.

Clive RobinsonOctober 30, 2015 8:20 AM

@ John Gault IV,

For various reasons measuring angle of isotropicaly radiated signals is not a good idea even when in direct line of sight.

The prefered method is time delay, just as it is with GPS. With suitably high frequency comes very short wavelength, which gives much greater accuracy of measurment (provided the receiver has sufficient bandwidth).

With ultrasonics, a starting point would be a "chirp transmision" modulated by an orthogonal ranging code (see JPL and Gold Codes) that is unique to the device (like a MAC code used as a serial number). Various signal processing techniques from three receivers would track the position of all the emitters in near real time...

Hope that gives you further food for thought.

tyrOctober 30, 2015 8:13 PM


Circuit Designers Companion.

The first chapter turned out to be a must read for
anyone who does any serious work in electronics.
The only point worth elaborating would have been
to do a fourier decomposition of the square wave
into its sine wave components to show how you
get selective degradation of waveforms in transit.

This is a book that should be on your bookshelf
and you should buy a second copy for your smart
friend this year.

ianfNovember 7, 2015 12:35 PM


[Cue music theme]

IN A PARALLEL DISCUSSION,

IN A SQUID-THREAD LONG TIME AGO,

AMONG OTHER MEMORABLE THINGS,

name.withheld.for.obvious.reasons

WROTE (cc: @ Nick P):

Worked on a satellite platform were there was a fundamental flaw in the platform approach. I wrote a report identifying the current issues, and without re-numeration, redefined both the specification and the platform design that brought near an order of magnitude in flexibility, cost savings, and future features. I received the..."We have to cover our ass, and you are the problem" response. Not only would the senior scientist on the project buy off on this, but the program manager, under his breath, agreed.

And the naïve me thought such happened ONLY in non-critical segments of major industrial, let alone orbiting projects… you know: documentation, value engineering, integration, procurement tenders, follow up. Indirectly, that also serves a clue to how high-tech newbie Del Boy Trotter was able to reprogram Gatwick IFR approach path with his illicit balcony-mounted stolen satellite-TV dish.

I have this habit of going into meetings having had the tacit support of my peers and then once in the meeting, crickets. Because engineers and scientists DON'T HAVE THE SEX ORGANS TO STAND FOR SOMETHING/ ANYTHING.

Usually tasked with documentation, etc., I was never popular enough to be able to count on support for my novel ideas, so I went ahead and presented them as fait accompli, practically done deals (even when we only just barely begun). Project managers latched onto it after a while, so I had to dress up future proposals in ever more convoluted market share babble - nobody is ever wise to that. So, yes, cochones-wise, scientists and engineers are like other people—because they are the very people still other people wanted us to become.

I have stood up to some pretty high order (BS in my opinion) YES MEN in my day…

Write it all up, dish the dirt, even if for publishing just pre- or posthumously (do to your BS brigade what Copernicus did to his—he couldn't publish his helio-centric theory until when lying on his death bed for fear of ending up as Giordano Bruno on the pyre.)

WaelNovember 14, 2015 12:36 AM

@ianf, @Sancho_P,

A story for another day....

The "another day" has arrived... Getting stuff off my queue (interesting things first)

A few years ago, I was in southern Sinai and rented a car to drive around the desert. On the way back to the hotel, it was close to midnight and the street was almost empty. While driving between two mountains I noticed the sky was very dark so I parked the car off the street and went out on the sand. I was between two mountains and there was no moon. The sky view was amazing as I was far away from any cities and light pollution. I must have stood watching the milky way for at least 30 minutes. Then all of a sudden I felt strange... like something bad was about to happen. I was about 20 - 30 feet away from the car (I didn't wander farther because the area has landmines and stuff), alone at night away from "civilization" (I was air-gapped.) I stopped looking at the sky and started looking around me. I saw a huge white thing moving towards me. I looked closer and the figure became bigger and got closer... It was three big white things slowly coming towards me. For some reason I couldn't run to the car. When the things got closer I realized they were three huge camels, white ones, and they were still coming towards me. That's when I ran to the car and drove away. Ten or so years later I met someone familiar with this area and I told him the story. He laughed quite a bit and told me there are loose camels in this area, and... cannabis grows wildly there too. The freakin camels eat the stuff and get stoned and don't care what they do next. I was chased by stoned camels :)

ianfNovember 14, 2015 4:29 AM


@ Wael, (cc: Sancho_P) I couldn't unravel your "story for another day" context, but it was interesting anyway. One camel deserves another.

This told quite a long time ago by a Canadian oil engineer who lived in Israel in the 70s, so I may not have remembered all the details. He rode around in some Israeli car (foreign ones were at that time subjected to hefty import duties), with a locally developed molded injection palm-fibre-epoxy chassis… apparently quite common there, just as the artificial silk laminated thermoformed ABS Trabants were in then-DDR. Anyhow, one day, while checking an oil well, he was awakened in his tent by some hitherto unheard sounds of heavy chomping WITH BELCHING! Thinking of having struck a gas vein or something, he rushed out only to find a par of camels happily munching away the front fender of the car. Loving it. Maybe we should breed camels to turn such half-organic industrial waste into full organic, soil enriching manure?

PS. you were lucky then, a few years ago, in Sinaï. Nowadays you'd as soon be kidnapped by marauding Beduins who have learned how to profit from African, mainly Ethiopian Falashas (some say Jews) attempting to make it overland to Israel. Approx. 10 years ago a 60+ couple I know rented a well for desert duty equipped jeep for a day's excursion to the Mount of St. Catherine. They got a flat or something on their way back, abandoned the car and hiked a couple of km to the Convent there to phone for assistance. It was after dark, however, and so the prior wouldn't let them out until the repair vehicle arrived the next day for fear of them ending up just like that. Camels, man, worst they can do is spit & stomp on you, but the Beduins… oh, they've got your cell phone number.

WaelNovember 14, 2015 6:08 AM

@ianf,

If you lookup in the thread the context was "dark skies" and I said will tell the story another day. Got it off my list.

worst they can do is spit & stomp on you

Oh, no! Camels can do much worse than spit. They are powerful animals that can bite your shoulder off your body. If you look at YouTube you'll find a video of a camel lifting a man by his head and throwing him away a few meters, and that's after its neck was slit. People eat camels (I haven't tried it.) They are amazing animals...

PS. you were lucky then

When your time comes, it comes. I used to go there often (sometimes SCUBA diving.) I like the blue water / yellow sand combination and the wilderness away from people. The other place I like is Marsa Matrooh. Both places have Beduins. But the Beduins of Marsa Matrooh tell me the Beduins of Sinai are "rough". That says something because Beduins, generally speaking, are tough people, in character and body.

BoppingAroundNovember 14, 2015 9:04 AM

Wael,
Good for you it were camels. I nearly got myself mugged once in a similar
situation. Some rowdy individual happened to loiter in the vicinity. Had I not
noticed him in time, things might have gone bad.

Clive RobinsonNovember 15, 2015 5:18 AM

@ Wael,

I don't have any "high as a kyte Camel stories and my droping in to that rather beautiful part of the world were on her maj's shilling, so I was most definitely not supposed to meet the locals "rough" or not.

However I do have a story about meeting a badger with bad breath eye to eye and one about a sheep with amorous intent, both of which happened within 24 hours of each other.

We were away doing a bit of training in a field excercise, we arrived on site around dusk and started to set up the comcen and tentage. About three AM on a clear dark night I to found my self staring up at the milky way just before going on stag. I remember how peacefull it would have been if not for a certain female Staff Sargent who was the very embodiment of "WRAC-n-ruin" and who could be heard snoring over half a kilometre away. A little later on doing a turn with one of the others on stag, they commented on the worlds wierdest echo... Every time the Staff Sgt let rip with a snore, a sheep would respond with a barr, and the barrs were getting louder as "flossy the sheep" got closer attracted by the snoring. To cut a long story short the whole of the stag, ended up watching flossy get closer to the two man tent the staff sgt was in, and an evil plan was hatched as the Staff was not a popular person. A person who will remain nameless went and ensured the tent flap was open and after a little while flossy went in whilst another nameless person ensured the tent flap was firmly secured behind flossy. We then melted back to our posts and turns to await the fun and were disapointed when nothing happened. Anyway we were releived by the next guard and went back to our tentage to get what sleep we could get before sparrow fart. I could not get back to sleep so went to help the cooks prep breki as their tent was warm, and you got a gratis cupper and egg banjo.

We were just starting to ladle out breki when there was a load commotion with lots of loud swearing and bleating, the monster had awoken to find flossy next to her. Needless to say that the fact the tent flaps were closed and pegged down ment the physical effort of eviction was constrained and flossy obviously now alarmed deposited a large quantity of "night soil" all over the Staff Sgt and her kit. Flossy eventualy kicked and shoved her way out of the tent bringing what was left of it down on the Staff Sgt. Who was now looking for blood... It was not a pretty sight, and the Sgt Major Dave Williams was having a hard time keeping a straight face, whilst many others were standing there with mouths agape. Any way Dave ordered a couple of us to help out and in the process I covertly made sute the tent flap was unlaced. Needless to say neither the Staff Sgt or Flossy were happy with the "sleep over" and for a very long time afterwards the Staff Sgt would hear "ghostly barrs" made to haunt her.

Any way, we bugged out that morning probably much to flossy's relief and set up in a wooded area. I got dicked with an eleven oclock forward lookout stag in a shell scrape. So there I am lying on my belly in a frozen hole in the ground looking out in the pitch dark with an icy wind in my face raising tears wondering if my bladder was developing a titanic sized iceberg or not, when I hear a shuffling noise. The usual thoughts go through your mind so I quietly check Ive a round up the spout and the safety is off. As it's an excercise not war the ammunition was blanks, and Im thinking Im going to "skewer t'smart arse b'stard" who was creeping towards me, on all fours just for ruining my evening so I got out a flash-bang and froze into the ground. The shambling lump was getting closer and closer so I sank lower into my hole with vengence on my mind, blood racing and heart pounding determined to give the b'stard a memory not soon forgotten. The lump got closer and my blood ran hotter, it had got personal with avengence the b'stard was going to get a bruising as I jumped them and crushed them into the ground, it was getting primeval in my brain and the red mist of one on one combat was filming over my eyes. Then the brain spotted something was not right the movment was wrong, Baskerville thoughts ran through my brain, there had been stories of a panther seen in the area and even a photo on the news some months befor. What to do, I was down wind of it thus it could not be stalking me, keep quiet and it would pass me by. But on it came closer and closer shambling and sniffing, then I saw a ghostly white vee on the nose, and I realised that it was not a panther but a badger, and probably just as dangerous if cornered. Onwards it came and finaly it stopped just a couple of inches in front of me and looked up and saw me and bared it's teeth it's fetid breath now in my face, lump viewed lump some telepathic message crossed between us, it swung to the right and ambled of into the night. I breathed out slowly, and my brain sent a message that my bladder did not had an iceberg in it, but had come to the boil, so I slid out of the hole to find a tree down hill of it.

WhiskersInMenloNovember 25, 2015 5:11 PM

On some things Snowden has overstepped but I keep seeing remarks that his disclosures have harmed this or that effort.

In the pile of disclosures are many hints of illegal and questionable actions. I think it is important to note that the body of his disclosures have exposed illegal actions that in a sane world would give him safe haven in numerous countries.
Wire taps of a head of state are near universally illegal in that country.
Any nation that has been victimized should give him safe haven.
To extradite Snowden from a nation where illegal actions against the
sovereign nation took place would seem to be a violation of that nations interest.

Providing to a foreign nation wire tap information that would be illegal to gather is still gathering that data with awareness and intent to violate the laws of the other land. Laws and policies that ignore these games will be gamed.

Kafka has a history in some of these games. Nations demand stronger controls of data, personal and corporate, yet demand and wish to weaken the same locks that they also demand and wish were stronger.

Hillary mail may (or may not) have been more secure than messages on state department servers. Clearly state department servers were less secure and subject to more attack vectors. Her actions seem to this outsider to have been guided by a TLA secret letter informing her to use an worthy non Google alternative. The inability for congress and the FBI to quickly scrub the system for data tells me that her security was darn fine.

Hillary mail is also a poster child for third party access to secure systems questions. Especially illuminating how bad an idea they might be. If the TLA agencies do not have legal(?) records of her communications what is congress looking for.

The federal archives for mail and messages program is a near exact analog for a key under the mat access program. The existing archive systems have been hacked in whole or in part and demonstrate how much risk any spare key system contains. That some judges believe that such keys can open data stores for as little as a case of beer is telling.

Ignore recommended reading on encryption read Kafka again.


Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.