Reputation in the Information Age

Reputation is a social mechanism by which we come to trust one another, in all aspects of our society. I see it as a security mechanism. The promise and threat of a change in reputation entices us all to be trustworthy, which in turn enables others to trust us. In a very real sense, reputation enables friendships, commerce, and everything else we do in society. It's old, older than our species, and we are finely tuned to both perceive and remember reputation information, and broadcast it to others.

The nature of how we manage reputation has changed in the past couple of decades, and Gloria Origgi alludes to the change in her remarks. Reputation now involves technology. Feedback and review systems, whether they be eBay rankings, Amazon reviews, or Uber ratings, are reputational systems. So is Google PageRank. Our reputations are, at least in part, based on what we say on social networking sites like Facebook and Twitter. Basically, what were wholly social systems have become socio-technical systems.

This change is important, for both the good and the bad of what it allows.

An example might make this clearer. In a small town, everyone knows each other, and lenders can make decisions about whom to loan money to, based on reputation (like in the movie It's a Wonderful Life). The system isn't perfect; it is prone to "old-boy network" preferences and discrimination against outsiders. The real problem, though, is that the system doesn't scale. To enable lending on a larger scale, we replaced personal reputation with a technological system: credit reports and scores. They work well, and allow us to borrow money from strangers halfway across the country­ -- and lending has exploded in our society, in part because of it. But the new system can be attacked technologically. Someone could hack the credit bureau's database and enhance her reputation by boosting her credit score. Or she could steal someone else's reputation. All sorts of attacks that just weren't possible with a wholly personal reputation system become possible against a system that works as a technological reputation system.

We like socio-technical systems of reputation because they empower us in so many ways. People can achieve a level of fame and notoriety much more easily on the Internet. Totally new ways of making a living­ -- think of Uber and Airbnb, or popular bloggers and YouTubers -- ­become possible. But the downsides are considerable. The hacker tactic of social engineering involves fooling someone by hijacking the reputation of someone else. Most social media companies make their money leeching off our activities on their sites. And because we trust the reputational information from these socio-technical systems, anyone who can figure out how to game those systems can artificially boost their reputation. Amazon, eBay, Yelp, and others have been trying to deal with fake reviews for years. And you can buy Twitter followers and Facebook likes cheap.

Reputation has always been gamed. It's been an eternal arms race between those trying to artificially enhance their reputation and those trying to detect those enhancements. In that respect, nothing is new here. But technology changes the mechanisms of both enhancement and enhancement detection. There's power to be had on either side of that arms race, and it'll be interesting to watch each side jockeying for the upper hand.

This essay is part of a conversation with Gloria Origgi entitled "What is Reputation?"

Posted on November 20, 2015 at 7:04 AM • 89 Comments

Comments

Clive RobinsonNovember 20, 2015 8:42 AM

@ Bruce,

There is another asspect to "gaming reputation" that has much shorter term life aktering consequences.

By now I suspect you are aware that the US owned Radison Hotel in Marli where the French have a large military presence was attacked by terrorists (assumed to be IS or affiliates).

The attack relied on the terrorists pretending to be Diplomats untill inside the security perimeter and close enough to rapidly over power the remaining security and get into cover.

This is not the first occurance of terrorits exploiting reputation to press home an attack. They have impersonated verious uniformed authorities in the past on several occasions.

The problem is how do you "parlay" to check "reputation" in a way that both sides are secure to the risk of impersonation by the other party. In the past the assumption both sides wanted to survive the parlay phase was considered sufficient, but in recent times with terrorists who's intent is to die in the attack this assumotion is now a fatal flaw.

Likewise is the issue with armed police officers, there has in recent times due to camera phones etc, been enough independent evidence to show that they can nolonger be trusted, and the few who have behaved in a homicidal way to often innocent people, that the only sensible thing is to put as much distance between you and them. That is they now have a reputation of "shoot to kill" just to meet their monthly arrest targets set by their bosses in response to politicians applying preasure.

For "law and order" to work the "parlay" phase has to work safely for both sides irrespective of impersonation, and currently we have no way to do this...

WorkingOnItNovember 20, 2015 8:52 AM

@Clive Robinson
"The problem is how do you "parlay" to check "reputation" in a way that both sides are secure to the risk of impersonation by the other party?"

By employing the same tactic's used by counter terrorist operators from around the world, you shove an MP5 into there face and scream "DONT FU**ING MOVE!"

Not Very Anon, ReallyNovember 20, 2015 9:13 AM

This made me think. Thank you.

My brain is toying with the concept of humility seen through the lens of reputation and technology.

paulNovember 20, 2015 9:18 AM

The result of trying to scale reputation systems is that there's money to be made gaming them in ways that are different from the ways people could profit by gaming local reputations. It used to be that attempting to game a reputation system was per se damaging to one's reputation, but on a larger scale no one has the attention for that (or the tools to determine cheaply when reputation is being gamed). So the current system may actually have decreased the rate of interactions, because individuals have to assume than on average the reputations they see online are faked.

(I've found myself making fewer online purchases in the past year or so, especially at Amazon, because I distrust so many of the reviews and product listings.)

ChristianNovember 20, 2015 9:25 AM


Two things come to mind for reputation:

We choose positive reputation for the Internet as a track record that is hard to be faked.
Using kryptographie it is easy to create a virtual person that and get reputation for it.

But negative reputation can easily be shed by creating a new one.

Here is a difference to real life as it is easier to acquire a new persona online than in real life.

Problem with positive reputation is if creating new personas online is to simple positive reputation can be attacked using Sybill attacks.


If these two problems are solved a lot of problems would immediately vanish of the net. i.e. like sellers on facebook... fake reviews in online shops.

Solving this key problem of pseudonymity in a cheap way without breaking anonymity seems hard.

MattNovember 20, 2015 9:55 AM

@WorkingOnIt
At which point they detonate the suicide vest.

Suicidal opponents require buffer zones where authenticity is verified. With automation and remote video links it would be not especially difficult to verify identity using only machines, and not putting lives directly at risk. The parley phase doesn't need to be especially dangerous.

Of course no authenticity verification system will ever be perfect, so someone might always slip through, but the point of security isn't and never has been to completely prevent attacks--the point is to reduce the rate at which they occur to an acceptable level.

D.B.November 20, 2015 10:33 AM

Speaking of reputation, I will probably destroy mine by bringing this issue up again.

I remember that Bruce in the past had been given access to some of the documents released by Snowden, and that they seemed legit to him.

So what I was curious about is how did he determine that the information in them was legit?

Certainly Snowden's background and personal "sacrifice" (getting stuck abroad) gave him some basic "reputation" that increased the likelihood of people accepting what he told them.

But regardless of that, the documents could have been created by whomever or populated with real or bogus project names like QUANTUM and FOXACID. If they were bogus, NSA et al would just have to use the same bogus project names elsewhere and they would get a sort of life on their own (whether real or not). In the end nobody would be any the wiser.

So...what made Bruce think they were real?

Did some of them have some specific details that no one outside of NSA could have thought of? (If this is the case then Bruce would also have to know those specific details, but considering that he's a security Guru that is not impossible).

And considering that if all of that was true, and all communication is collected and analyzed, then why did the system fail to stop the Paris attacks or the Boston bombings?

(Of course there is the possibility that the system worked "as intended" and allowing the Paris attacks or the Boston bombings was just part of some greater plan.)

JNovember 20, 2015 10:40 AM

@Bruce: "The system isn't perfect; it is prone to "old-boy network" preferences and discrimination against outsiders. The real problem, though, is that the system doesn't scale. "

How is discrimination not a real problem? How is discrimination not the real problem of reputation systems? Most reputation systems are based on ad-hoc information summarization techniques that have little relationship to any rigorous or fair measure of trustworthiness. For the most part these systems reflect the biases (frequently profit-based) of a very small group of people. And yet they are billed, or outright sold, as the way to know whether a company/brand/person is worthy of anyone's time.

Scaling only magnifies the negative effects by limiting diversity. When reputation systems were the size of towns, an "outsider" had a chance to find, or even found, another town whose reputation system recognized their inherent value. When twitter or yelp or global credit scores are the only game in town there's no where to hide.

The real problem of technology-based reputation systems is that they make it easy to promulgate biased and opaque evaluations of people, with little recourse for those marginalized by their outputs. We rail against such systems when they are run by the government (terror watch lists, no fly lists). But when they are run by private organizations (with even less accountability) we claim they "empower us".

AnonymouseNovember 20, 2015 10:42 AM

I just realized that all of religion can be explained as a way for some people to game the reputation system(s).

Trust in ME (and give me money, adulation, authority) because I speak for [Zeus|Odin|God|Cthulhu].

Ok, maybe not that last one...

Dr. I. Needtob AtheNovember 20, 2015 11:00 AM

On the Internet a big factor in reputation is how much you have invested in your identity. We can have a huge amount of trust in Bruce Schneier because of the tremendous value he has built around his name, but if Dr. I. Needtob Athe screws up he can just disappear and start over.

In other words, On the Internet, nobody knows you're a dog.

John CampbellNovember 20, 2015 11:02 AM

We all already depend upon reputation-- positive and negative-- when it comes to the "products" we buy, tangible or intangible.

George Carlin had a good point about this: "You wouldn't eat Goodyear pancakes any more than you'd drive on Aunt Jemima tires". We make a lot of decisions based upon "brand name recognition" because the companies have worked, over decades, to ensure there is a positive reputation for a name.

Admittedly, I believe that various MBAs have been trying to undermine brand names figuring their companies can cash in due to inertia.

Lois McMaster Bujold in her novel "A Civil Campaign", actually did provide a distinction about honor versus reputation, which is, sadly, not directly relevant here.

On "social" media reputations get attacked... and the only thing you can do is weather it and concentrate upon retaining your honor. Sadly, this is ALSO not directly relevant within the context of this article.

Anonymous CowNovember 20, 2015 11:03 AM

...tactic's used by counter terrorist operators from around the world, you shove an MP5 into there face and scream "DONT FU**ING MOVE!"...


That's the tactic for POLICE forces. MILITARY forces are trained to shoot their target without question.

If you're fortunate enough to be allowed to witness an exercise by a CT group you'd be surprised at the amount of questions asked by the shooters as to who their target(s) is(are). Just because they're trained to shoot everybody does not mean they will shoot everybody; they only want to shoot the bad guys(gals).

David LeppikNovember 20, 2015 12:18 PM

Whew. This is a big topic, so I'll try to just focus on the issue of hackability.

The problem is that reputation consumers (e.g. a salesperson doing a credit check, or a web browser checking a TLS [HTTPS] certificate) rely on a single reputation score, rather than a combination of reputation sources. This yields a single point of failure.

If I browse the web and I don't trust Verisign, I'm out of luck. Because chances are my bank, or some other website I use, got their TLS certificate signed by them. It would be better if websites had their certificates signed by several independent CAs. That way no single CA would be "too big to fail", and different ones could be signed at different times for different reasons.

For example, I might get my certificate signed by a cheap CA, just to be able to turn on HTTPS. Then later I might get a higher-end CA that makes stronger claims about my website's identity. But I'd still keep the old signature, to establish that the website hasn't changed ownership, and in case the other CA gets hacked or infiltrated.

Of course, this would require web browsers to do more background checking to get full value. But a simple fix that would get much of the value would be to require that a high-value certificate must be signed by two independent CAs, so that either one could become untrusted without breaking the web.

CoryNovember 20, 2015 8:11 PM

in order to "game" a reputation there must be a reputation system to game. a reputation system may be as simple as confined to a single web service or by mutual understanding, social indoctrination. those who govern see this as part of a good will to society to manage how reputation is judged and distributed. however the choke points of reputation had struggled to maintain due to readily available information. the more readily available information becomes, the less choke points. then it becomes a democratic free flow of chaos because anyone can participate, including sockpuppets.

SockpuppetNovember 20, 2015 9:54 PM

@Not Very Anon, Really

This made me think. Thank you.

My brain is toying with the concept of humility seen through the lens of reputation and technology.

You know who I am then. Thank you for not revealing me.

@Daniel

Be wary of the man who seeks a public reputation.

Yes.

@Cory

... anyone can participate, including sockpuppets.

That's a good idea.

WorkingOnItNovember 21, 2015 5:58 AM

@Anonymous Cow - Nope, the Special Services also use the MP5 not just the Police, an No contrary to what you think its the other way around, the police shoot people on underground trains when failing to stop all the time. Just think back to the Brazilian lad blasted through the head for failing to hold still. Military forces are not trained to shoot there target without question, if they where then perhaps they wouldn't be so green as to be standing behind one another with there back-up so neatly inserted into there ass-hole and left in a position to be rendered worthless when the suicide bomber blows himself and themselves up. A non-thinking killing machine is great, but perhaps if they where trained just a little bit to think, that is advantageous I'm sure you would agree.

WorkingOnItNovember 21, 2015 6:37 AM

@David Leppik - CA's are a problem, the security of CA's is questionable, Moxie marlin spike did a good talk on it and suggested Notaries as a work around. But I question why your free and open source software requires those same CA's inserted into the heavily obfuscated Linux kernel. Why the hell are they an integral part of the Kernel and not simply the application? For example here is a website that assures its customers they will be safe if they buy one of there SSL certificates. https://www.startssl.com and then here is the directory where anyone can now download those same Certificates as a Master Key and demolish that Web of Trust. https://www.startssl.com/certs/ Outstanding!

TCPCrypt makes some headway on this by attempting to encrypt all of the transmission layer with opportunistic encryption but the downside to there approach is if it fails to find an encrypted communication that supports it on the other end it defaults back to insecure which is hardly ideal.

Some systems do not use CA's full stop, such as Oberon or Bluebottle which are coded in Pascal and to date being in a higher level programming language such as Pascal they have no Exploits! In point of fact it's interesting to note that all of the systems that have such exploits are based on the model of Gnu is NOT Unix and crappy Microshite!

See what back-doors gets ya? Yeap a heap of vulnerabilities in the stack!

There are other free alternatives and its interesting to not that they dont like running on systems with Back-doors, such as persistent crap in the BIOS like UEFI and Computrace. Luckily there are plenty of older stacks still floating around that use RISC chips and not the latest horse-nasty from Intel or AMD.

My suggestion would be to invest in one of those older Blade's with 24 CPU's 256GB or DIMM and heap loads of storage and then choose what to run carefully avoiding offerings from the GNU and sticking with the good free candy, like Oberon, Bluebottle, BitRig, Plan9, ReactOS, FreeDOS. Although Stallman would probably have a shit fit if you suggested ReactOS because it attempts to be compatible with Microshite!

Clive RobinsonNovember 21, 2015 7:19 AM

@ WorkingOnit,

Every so often the "Shot to Kill" question comes up.

Usually when a knee jerk reaction woukd be "it will solve oir problem" only it does not. UK armed forces get given a little card that has "the rules of engagment" on them. Many people driven by the idiocy of talking headsin politics and journslism "talk it up". However as you note it goes horribly wrong and thus due process starts, suddenly those same vacuous talking heads are decrying Shot To Kill. Thus few realise that the rules of engagment serve two important purposes. The first is to protect those carrying the guns from self recrimination and worse, as well as keeping them out of the clutches of the armchair second guessing lawyers with money to be made at their expense. The second is to stop those being shot becoming recruting material for terrorists.

Sometimes I wish the public just did a little thinking of their own instead of letting the vacuous talking heads and on the make political fools do it for them.


WorkingOnItNovember 21, 2015 7:27 AM

@David Leppik - The fact it appears to be browsers with Java that they're targeting comes as no surprise, people have been sick and tired of advertising being shovelled in there face from most of the commercial browsers for as long as anyone can remember, there are alternatives to there advertising model. For example in Plan9 every resource is available as a File.. Including other peoples filing systems (RC Shell can be very Evil). MirShell and MIR yes, that came off the Russians, so did certain aspects of the GNU - stallman's high jinx dressed up as a Cossack can be found here. http://9front.org/img/rms10.jpg

Software communism, the Tor browser and Tor web.. Why the hell would anyone need to use TOR if they where embracing the Plan9 model of all resources are available as a file (Transparently?) ie: Invisibly kind of like Harvey - http://harvey-os.org/ or though why the hell anyone would want to embrace the GCC toolchain and put it into Plan9 is anyone's guess.. Perhaps we all need more vulnerabilities from the GCC and GDB.

Interesting to note that the Plan9 model has only had one vulnerability in it's operating system in it's entire life span. So fraud and the GNU? Hmmmm...

How much was the SSL maintainer maintaining your SSL with "heart-bleed" claiming off the DARPA research funding per annum for OpenBSD again?

Oh he got fired according to himself because he was collaborating with people in Foreign countries and they didn't like it, he claims, then he gives you all LibreSSL with two new algorithms from of all organisations Google.

Whilst google has a whiteboard with the wording Plan9 -> OpenBSD -> Orbital Mind Control!

Fuck off google!

WorkingOnItNovember 21, 2015 8:14 AM

@David Leppik - Here's a copy of 9buntu why not give it a whirl, notice the marvellous way it integrates Ubuntu with SELinux and all running inside the Acid debugger also notice the Kernel version, the same Kernel version that is frozen into Android.

http://dl.suckless.org/9buntu/

What Google and it's engineers would appear to be busy doing is putting back-doors into your Linux distribution via the X-Window manager and incorporating the philosophy of everything is a file, including your Linux file system!

Everybody that program's know's about it, they're all downloading it going "oh that's neat!" but how about following the philosophy of everything is a file and getting those files linked. Not so easy, Stallman made sure his C++ compiler now behaves like a virus to protect as he puts it peoples "freedom" with deep dynamic linking and obfuscated crap in your Linux Kernel. So when Snowden says everybody should use Debian, take that with a pinch of Salt. I'd much rather be using something I can trust not to have strategically inserted back-doors, so that I.T providers like Yahoo, Oracle, Google & Microsoft can get rich peddling a fake cure it all.

WorkingOnItNovember 21, 2015 8:48 AM

@David Leppik - Marvel at it, Linux inside Chroot, inside Lucent's Acid Debugger, instant programmers boner! Just look at all those Mozilla CA's in the PEM file.. Yeap we'll destroy Mozilla, we'll buy up and destroy Opera, we did it to IE and the crypto API in Internet Explorer... Think of all the Advertising Money! We'll all be RICH!

WorkingOnItNovember 21, 2015 10:43 AM

@Clive Robinson - Yes and then you get to watch those same armed forces personnel when they leave those same services being abandoned on the streets by the same political classes they once served turning into mercenaries for hire. As for shoot to kill I'm not advocating that, what I was endeavouring to ask is why those soldiers at the gate of the embassy didn't stop the so called "Diplomats" getting into the perimeter and why they would have there back-up literally up there own back-side so they both went up in smoke. The guys in northern Ireland have the right idea, I once saw a patrol stop a guy with a gun, then the guy took lead left him with his backup with a gun pressed to his temple as he said and I quote "im going to pick up that munitions bag, if I go, then hes going to end you!" needless to say he didn't go up and you've never seen such a relieved looking farmer holding a gun!

WorkingOnItNovember 21, 2015 11:01 AM

@Clive Robinson - I don't know how it is state-side maybe you look after your combat VET's but in the UK they discharge there ass, dump them on the street with not some much as a bed and breakfast to go to. Thanks for the years of loyal service we know you might find not loading a .50 calibre a diverse change but we're sure you'll adapt just fine...

WorkingOnItNovember 21, 2015 11:29 AM

@Clive Robinson - Of course the government buries it's head in the proverbial sand, they didn't create a load of disillusioned unhappy ex-combat veterans with scores to settle that went off an joined some militia, that would be sacrilege!

JohnNovember 21, 2015 11:45 AM

@D.B.

The reality is these systems just do not work at this time. How do I know this? Because I have worked on heuristic systems and created some. It is very hard to come up with a heuristic system that finds zero day in applications, zero day in attacks, previously unknown malware. I started that work some fifteen years ago. I know the people at a lot of companies that make this technology (because I started systems). And this remains extremely difficult to do.

And almost needless to say finding bad network traffic, binaries, patterns of behavior, and so on is working with a far, far smaller subset of "hay" to "needle" or "signal" to "noise" then it is with doing this with people. And billion dollar companies with significant, hard working geniuses still do not have a perfect system by any means.

This is both in terms of the number of people and the complexity of their behavior and speech. Which is far, far more complex and large of a pool of entropy then what you find on computer systems and across computer wires.

I would estimate it would be a good twenty years before they could have a strong, real time system that works with a low false positive rate - it must be extremely low - and a high true positive rate.

At least.

Retroactively, post-mortem, after they know an attacker, they can do a lot. If they make sure and archive ALL that communications data. But, even that is very, very hard.

When they have a bona fide suspect, they can do a lot, but this too, is extremely hard.

Both of these technologies, to be automated - which they really are not now - will also require a good ten to twenty years.

And these times estimates are assuming super massive, project manhattan level investment.


With these last two systems, what they do right now is simply put an enormous number of people on them. These people manually track down all of the electronic connections and attempt to validate them as true positives or false positives.


These things said, I am impressed by your eye to detail in noticing behavior which can "substantiate" or make "plausible" an individual and their claims.

However, I would point out the main verification of Snowden's legitimacy of his claims was simply the US Government and their very extensive reaction.

I also appreciate your eye for cynicism in these matters: even with that extensive reaction it could still mean Snowden was "working for someone 'friendly'" (or someone who was simply not Russia, that is)... and this could be some manner of counterintelligence operation. That possibility is slim. But, it is possible.

However, this still means these systems were well known and highly likely to exist. With very, very few exceptions. This is also because of the extraordinary, extensive reaction which including the US Government coming for with ample documentation.

There is also lacking a motive.

This does not mean far more covert programs exposed, such as the Sentry Eagle program are real, or even have been substantiated by anyone. Including the document its' self, which provides no real evidence for any such programs.

There is, to any outside observer, only circumstantial evidence Snowden is not as he appears to be: with most whistleblowers, they were one of a few actually exposed to a program, in some cases, such as with Bill Binney they were primaries involved in the program or a similar program... but Snowden was one of very many. Which makes the odds of his coming forward all the less.; he didn't receive much of any training for planning or physical operations, and had very minimal experience, yet pulled it off without a hitch despite having very many "moving parts"; despite being under enormous pressures, he is energetic, calm, happy in every appearance, not stressful or in the slightest morbid; there seems to be an increasing number of odd, difficult to explain incidents (though this point, I will just leave at that, realizing it is more something to look out for then to study).

Motive here, there is plenty. Maybe it was the Russians. While the US turned the head of North America's directorate S program exposing many deep cover illegals in the US, it is possible that he was actually a plant, a dangle despite this. Fact is, none of them were very valuable. While one could argue neither Russia nor the US would play up their value, this lack of value is evident in all other evidence about their work. At very worst, this revealed an European Directorate S illegal who was running a high level Estonian spy. However, he was already in extreme disagreement with the Russians, and his usefulness had come to an end.

Or, maybe it is some manner of systematic counterintelligence distraction program, a double cross system like misdirection and disinformation program.

The same might be said for the OPM hack.

That is, one point is, "do the Americans really know China did it, if so, why is not some manner of evidence forthcoming", and more importantly, because sources and methods are foremost to protect, "why did the Americans after making this claim come forward with stating that they saw and so believed - or so they claimed - both Russia and China were already using the information from OPM"? Russia? If China hacked OPM and the US had full confidence of it, Russia would absolutely not have *any* of that data.

So, why then did the US make a big spectacle of saying they pulled out a lot of officers and operatives from China, stating "because of the OPM hack"? This was an international incident. They may have done this believing that the OPM hack assurance was 100%, so, as you say, they were rolling wheels substantiating what could be a lie thinking it was the truth.

So that principle you were speaking of certainly does happen. We also saw it happen from the Gulf of Tonkin incident. We saw it happen with the Zimmerman Telegraph and the US entry into the first world war. Heck, we saw this happen powerfully just recently with the Iraq invasion.


Anyway, thanks for posting, I like to see that level of cynicism and eye to detail.

JohnNovember 21, 2015 12:05 PM

Good article, good subject, but was not much for me, because it is too old hat.

My intitial reaction was that the main good sources to be cynical is in neurscience and cognitive sciences. I was glad to see she brought up one source, however there are a plethora of good sources out there, imo, everyone interested in believing as right as possible is a foremost priority for them.

One strong conclusion such people invariably come to is: trust is usually the enemy. Your own eyes and ears are usually the enemy. We are deeply biased people, and very much of what we believe are from processes entirely unconscious to us.

This means, you also must study the unconscious and conscious, what they are, how they are separate. Cognitive sciences, neuroscience, does get into this material.

In the intellectual security fields this manner of accuracy is especially very relevant. (For instance, intelligence analysis, counterintelligence, and very many upper level areas of computer security.)

*Accuracy*.

Being very accurate with a bow or gun is an admirable enough trait. But, being accurate with what you believe in your heart is essential to "who you are" as a human being. Far more so then by simply following a list of rote memorized rules, regardless of who wrote those rules.

Hence, the popularity of the word "sin", which literally means to be a bad shot. (An archery term from Greece meaning to "miss the mark".)


Trust is typically meaningless in such a realm, as is reputation. Yet, you also are far more focused on "good sources", and take "sourcing" extremely important. It seems almost ironic, but this is the best way, certainly. As I am certain, anyone who takes the time to really think about it would also conclude.


JohnNovember 21, 2015 12:16 PM

@WorkingOnIt, Clive Robinson

Usually, when armed guards are useful to prevent suicide attacks, it is in scenarios "such as" when they are guarding a passageway or entry gate to a road.

This is usually not for intimidation, but they will really shoot if, for instance, someone refuses to show papers or go through a metal detector and tries to run down that passageway or drive down that road.

WorkingOnItNovember 21, 2015 1:43 PM

@John - yeap this I already know, I've done physical security work and can pretty much sum up why both the guard and his backup went up in smoke. The answer is "Boredom" because both sentries have nothing better to do they get sloppy and lax, then as a result of "boredom" it is not uncommon for one to abandon his post to go and chin wag with the other. The result speaks for itself, "i'm a diplomat let me past" & BOOM - I cant see that working with as you put it a road block scenario because they do not stand next to each other waffling due to idle "boredom" because they know only too well that idle hands do the devils work. It's always best to stay frosty and be ready to riddle the Car with and it's occupants with bullets. It wouldn't be the first time I've seen someone getting hurt badly because there mind wasn't in the game and they where distracted by something else, such as idle chit chat about the weather!

Nick PNovember 21, 2015 3:06 PM

@ WorkingOnIt

"What Google and it's engineers would appear to be busy doing is putting back-doors into your Linux distribution"

Appear? This is long known: surveillance is their business model. Plus, there's resources to undo some of that. Not to mention use of microkernels plus user-mode Linux to isolate most of it.

"Why the hell would anyone need to use TOR if they where embracing the Plan9 model of all resources are available as a file (Transparently?)"

The Plan 9 whose security add-ons had authentication, VPN-like functionality, access control on everything, and so on? Would be an improvement but not necessarily the choice I'd go with.

" then he gives you all LibreSSL with two new algorithms from of all organisations Google."

Now we know you're full of crap. The prime candidate for U.S. backdoors was OpenSSL given it had the sloppiest code around with vulnerabilities NSA actually used. Ted Unangst pointed out they even had a dynamic check for endianness just in case it were to change while the program is running. WTF LMAO?! The LibreSSL work tore through the codebase at a rapid pace to strip it and fix it up as best as possible. The result: several vulnerabilities found afterward in OpenSSL don't affect LibreSSL. That kind of thing happens a lot for OpenBSD services in general.

So, you're here pushing people away from what has already protected them numerous times with unsubstantiated, actually irrelevant claims. It's the security approach, the code and its correctness that matter. Not where the developers came from or even who funded it given source is available for review.

"Why the hell are they an integral part of the Kernel and not simply the application?"

Do some more research. You'll figure it out. The answer is straight-forward and similar to most things.

"Some systems do not use CA's full stop"

Some systems don't have memory protection hardware. Guess we should ditch it, too. CA's pose tradeoffs worth considering but some systems not using it isn't one of them.

"TCPCrypt makes some headway on this"

Combine it with authentication and port-knocking with SILENTKNOCK or something similar. Won't work for random people but good for stuff you control.

" though why the hell anyone would want to embrace the GCC toolchain"

It was popular, efficient, portable, actively developed, actively debugged, and supported a lot of code. A rational choice whether we like GCC or not. LLVM is fixing that a bit with one easier to work with. So many great security technologies have already been built with it. Formal verification side is slowly coming online with a formal semantics (Vellvm) and Cho et al's verified validator for micro-optimizations.

"such as Oberon or Bluebottle which are coded in Pascal and to date being in a higher level programming language such as Pascal they have no Exploits!"

Kind of like Mac OS was "immune to malware" when nobody cared to attack it. You at least gave examples of languages that can improve safety of code. Safety is not security, though. Big difference.

"Luckily there are plenty of older stacks still floating around that use RISC chips and not the latest horse-nasty from Intel or AMD."

That's my recommendation, too. Here's a list for you.

"My suggestion would be to invest in one of those older Blade's with 24 CPU's 256GB or DIMM and heap loads of storage"

Another decent idea. Similar to my MPP Security Architecture (skip to bold heading). Was aiming for an open-source version of MIT's Alewife if not a SGI Altix clone.

"Marvel at it, Linux inside Chroot, inside Lucent's Acid Debugger, instant programmers boner!"

I marvel at robust or secure OS's that empowered programmers instead. QNX for reliability, INTEGRITY-178B + de-priveleged Linux, EROS kernel w/ POLA + persistence + secure GUI/networking, VerveOS for safety correctness + extensibility, seL4 for security correctness, Oberon for simplicity + ease of verification, and Hansen's Solo (p20) for same w/ concurrency. Plus the many technologies built to make Linux's and BSD's problems go away.

Putting Linux inside Chroot? That doesn't even top UNIX security from the 80's (eg UCLA Secure UNIX) when they first attempted it. Best not to waste time on such crap unless just programming practice and fun.

"we'll buy up and destroy Opera"

I used to use them. Good browser with many innovations. Company had strong diversity, good work environment, and smart people, as well. They did fairly well given that browser vendors mostly died off. Their mobile play was smart. Anway, old fans of Opera who like experimenting with browsers might like this development.

People wanting secure browsers can look at OP2 and IBOS.

WaelNovember 21, 2015 3:25 PM

@Nick P,

Safety is not security, though. Big difference.

Why didn't you put this summary here so that we can discuss it? It's pretty good.

WorkingOnItNovember 21, 2015 4:07 PM

@Nick P - When politicians finally see past the end of there nose, they might realise that where they to offer 230'000 per annum starting with immediate weekly instalments into the bank account of your choice with the renewal of your expired passport and the weapon of your choice with upto 1000 rounds free and guaranteed freehold housing at the end of it would result in such a huge influx of volunteers there problem with ISIL or Daesh would vanish overnight!

Sorry @Politico's but Mercenaries only speak the universal language of Money!

Nick PNovember 21, 2015 5:14 PM

@ Wael

You mean this? ;) I put it from here to there as an independent essay so more people could discuss it. Plus revised it slightly.

@ WorkingOnIt

Off to a wild idea in a totally unrelated topic. A bad idea, too, given the factors that encourage creation of terrorists groups in Middle East are well-known. And you just named a variant of the one the U.S. has been doing for decades. Results included Iranian situation, Taliban, Saddam in Iraq, and later ISIS. I'll pass on doing it again.

WaelNovember 21, 2015 5:31 PM

@Nick P,

Yes, strange that I missed it! Hmm.. What was I doing then... I may have been on travel, but not sure.

tzNovember 21, 2015 5:48 PM

There is one bad aspect. Reputation rankings like Google SEO.
How much do you pay for insurance? Check your FICO score. Somehow it correlates. And that is a "legal" correlation, geography is to some extent, income, etc.
Google's (and Bing's, etc.) rank-bot is a racist, sexist, homophobe, transphobe. At least because it looks at what you search for and changes what it suggests based on an algorithm.
But the algorithm looks at what you are asking and brings things it thinks would interest you to the top. Yet different races, cultures, etc. will search for different things.

You missed a payment? BOOM! - your score is lowered. But the bot doesn't know or won't consider that you were in an accident and couldn't pay v.s. decided to get cash advances and go to vegas.

The danger is when reputation ranking is by software robot, and not by someone who really knows you and all the circumstances.

WorkingOnItNovember 21, 2015 6:02 PM

@Nick P - Well just putting it out there it's the poor that are falling pray to it all and if the incentive was right, then the whole country would go to war. I'd seen everyone you mentioned except for UCLA secure Unix, is it like Unisys Stealth Core? Although that sounds a lot like Core Force for Windows XP! ;)

Nick PNovember 22, 2015 5:37 AM

@ WorkingOnIt

It was part of security kernel research that was happening as INFOSEC field was being invented. Their attempt was to secure the UNIX operating system given it's growing popularity but with no attention to security. They were also curious how the API would impact security, especially covert channels leaking data. The early secure UNIX's showed UNIX architecture was (is) bad by design with many problems. Fixing them made UNIX less usable or required modifying applications substantially. Such experiments and commercial products (eg Trusted Xenix) led nowhere so the focus stayed on clean-slate kernels with emulation for API's or virtualization of OS's. Still the main method.

If you have ACM and IEEE access, I can tell you which papers to access to see a specific history of the field moving from discovering the problem to specific solutions to current situation. There's two that do that I believe.

WorkingOnItNovember 22, 2015 5:57 AM

@ Nick P - Interesting, I was also looking at the Hurd recently and was interested in hearing what there developers had to say about it along with the fact it was hosted on Cryptobitch peeked my interest, seem's the Hurd had identified similar issues and where looking into fixes. No wonder the spy branch where quick to seize Debian as there flagship (Hurd was on Debian).

WorkingOnItNovember 22, 2015 5:59 AM

@ Nick P - UCLA Unix - Quote "The Red Hat Linux family is the center piece."

"I dislike it and hate it with passion already!!"

WorkingOnItNovember 22, 2015 7:02 AM

@ Nick P - It's pretty clear nobodies making moves on crypto as far as the SHA3 standard was going which was advocated by nist as a immediate replacement with Keccak and I have yet to see Keccak or MD6 checksum appear as if by magic in any of the distribution's I use, so I guess it's very much a case of if they wont upgrade the crypto then it falls to everybody else to just go right ahead and do it for themselves. After all how hard can it be to copy and paste chunks of C code and type: Mk or Make? There a nice selection of finalist's to choose from and plenty of older ones such as ICE which was intended as the secure replacement to DES - which never happened. Note: Encryption on ARM is SLOW but funny to read how Russia and China love open-source so much that they're CPU's all embrace open-firmware and that new Baikal processor of there's is going to hit America for 1.6 billion in Business revenue that's the consequence of letting idiots dictate your crypto policy.

WorkingOnItNovember 22, 2015 7:23 AM

@ Nick P - Oracle's new M7 chip sounds like a dream doesnt it? We're going to imprint SQL instructions in Silicon (So to clarify, they going to imprint SQL bugs into your Chip!)
Oh but it'll be Color coded to add security, so in otherwords the only platform that will work on it is Oracles newer offering of Solaris with Color coding, yeah that'll work really well till someone reverse engineers the Color codes.

At the same time Phasing out PowerPC (the programmers choice) the SPARC (RISC) chip-sets we're all accustomed too and maybe even phasing out MIPS in a drive to get everybody to embrace Intel & AMD instruction set's that we know for a fact don't work and have strange instruction's cycles inserted into the CPU. Yeah I can see this working really well, I can see people avoiding AMD - Bulldozer etc in waves and as for Intel.. Celeron chips (For REAL?).

Clive RobinsonNovember 22, 2015 8:40 AM

@ WorkingOnIt,

After all how hard can it be to copy and paste chunks of C code and type: Mk or Make?

Easy but a bad idea security wise.

A little story for you about the NSA advising NIST for the AES competition and the resulting "cache" and other side channel attacks that even today are causing key leak in new products...

I have a mantra of "Security-v-Efficiency" which is like the "Security-v-Usability" but much worse as it's invisable to nearly everbody... Basicaly the more efficient you make a design on any given marketing spec performance metric the worse you make security, unless you realy realy do know what you are doing, which very very few do. It's all to do with forming side channels and opening up their bandwidth.

The NSA know a greate deal about side channel issues, and have done since before it was actualy formed as an agency. From what can be seen from their old equipment that has escaped into the wild they have got a good twenty to thirty year advance on industry...

Back then a dirty little secret had come to light, US field cipher equipment had some weak security issues. That is the cipher strength was key dependent ranging from weak security up to acceptable security.

What few relised was that this was a quite deliberate policy. That is it was assumed that field cipher equipment would fall in enemy hands, and as it was mechanical or electro mechanical it would be copied virtually "as is" which is what did happen. Provided only strong keys were used it was not an issue for US security and the KeyMan arangments saw to that. However the enemy would randomly select keys, thus they had a mixture of strong, weak and very weak keys in use (the NSA also encouraged a crypto equipment manufacture in Zugg Switzerland to do not just this but worse as has now become apparent). Thus the NSA had an "easy window" into potential enemy nations crypto, that gave sufficient info about the plain text that when coupled with traffic analysis ment even the occasional strong key message could be effectivly broken or content assumed (have a look into how Gordon Welchman was treated in the US and why after he tried to publish his book).

More recently look at the key escrow war and what happened. The crypto algorithm was extreamly brittle and barely adiquate security wise. Anyone copying the design and making even quite small changes would have reduced it's strength by orders of magnitude. That is it was a very deliberately designed to be that way. Then they put in what can only be described as a "back door" for their own use (see debacle on the LEAF), which would enable those in the know to avoid key escrow. It was made to look like a simple design mistake at the time, but when the crypto algorithm came out, it was clear that it was extreamly unlikely to the point of impossible that it could have been a design mistake.

Now forward on, the NSA were technical advisors to NIST for the AES competition, thus responsible for the formulation and checking of the rules from a security perspective.

The rules however stipulated that all code submitted had to be made freely available, but more interestingly the code needed to demonstrate efficiency in various ways including in speed of execution.

The thing is only the algorithm not the inplementations were checked for security. Thus the implementations had side channel issues and were very insecure. But there was no "health warning" given. Again the NSA knows way to much and had way to much influance over NIST for this to be anything other than a deliberate policy. And you can see from their product specs for equipment using AES that they knew this, because it's only certified for "data at rest" which is when no implementation is being used. It's most certainly not certified for "online use" thus the only way the algorithm can be considered safe to use is when used "off line" or as you might better know it "when air-gapped", which is a positive indicator for "it has significant side channel issues" or more simply "insecure in active use".

The lack of warning ment that the "speed of use" code was up on NIST's site and anybody and everybody could download it and "copy and past" it into their code and run make for a rebuild... Instant global insecurity... Worse this bad code ended up in all sorts of "Open Source" crypto libraries in easy to use form, so even "home hobbyists" with absolutly no security experience could add "crypto goodness" to their apps and plonk the "AES Inside" moniker on their advertising etc.

Guess what that code was insecure but it's still out there and it's still going into new products for various reasons. Some of those products like smart meters have been designed for "in service" lives of a quater of a century and could still be around in nearly fourty years time...

So whilst "cut-n-paste" is easy it's not a good idea when it comes to,security...

WorkingOnItNovember 22, 2015 8:41 AM

@ Nick P - Baikal = Lake - So I guess this is what Russia's going with...

LAKE family, and the definition of the instances LAKE-256 and LAKE-512 (“LAKE” designates both the general structure and the family of hash functions built upon it, while instances have parametrized names). We’ll meet the following symbols throughout the paper (length unit is the bit). Nice an Slow - Plumb that crap into your Q-Bits and watch the reaction. https://i.ytimg.com/vi/aFLT-XChf1A/hqdefault.jpg

WorkingOnItNovember 22, 2015 10:14 AM

@ Nick P - There's the price of indecision and the cost to American chip manufacturers is going to be huge, Zurich are involved in the production so those are the central banks, obviously when Russia shoves it in every-bodies face that there new chip has Advanced BLAKE burned into the Silicon then AES is going to be going the way of the Doe-Doe... And the Cost to AMD & Intel? LMAO - Go Russia - Putin our new Digital Messiah!

WorkingOnItNovember 22, 2015 2:34 PM

@ Nick - It'll be interesting to watch this one play out, the Russians outclass the US with the SAK fighter putting the Euro Fighter to shame, so in response the US outclasses that with it's new Supersonic Drone, now it's turned into a Crypto ARM's race and the US is about to be outclassed once again, in every conceivable way.

Nick PNovember 22, 2015 5:09 PM

@ WorkingOnIt

re checksums

People are slow to adopt these things. It's a good thing for cryptography, though, as proper peer review takes a while. SHA-2, etc will do for now. SHA-3 and so on are at least in main libraries like Botan, BouncyCastle, probably more. People can use them when they choose.

re processors

M7 looks great like most of the high-end chips. Lots of interesting competition. You can see the source-code of early models since they OSS'd SPARC T1 and T2.

Far as competition, market went toward certain ISA's for certain things. Can't help that. However, stuff isn't gone or phased out. PPC still has plenty to offer in embedded (Freescale) with POWER getting updates for servers (IBM). ARM's ecosystem keeps it grabbing market but MIPS's cheap licenses mean they're all over the place, too. Look up Cavium's Octeon III w/ its accelerators to see a beast of a machine. Meanwhile, Gaisler has closed and FOSS SPARC I.P. that's ASIC-proven. Cambridge has BERI and CHERI processors on MIPS OSS'd in Bluespec. The Rocket RISC-V core was 1.4GHz or so on 45nm ASIC with source open. Plenty of exciting stuff to draw on without following Intel, etc bandwagons.

re crypto

Don't know about LAKE. Results show collisions in 2^30-something range. Better to use what's proven. (see's link) Hmm. Double up on what I said given the make and break track record in that link.

re chip manufacturers & security

They'll all be doing it wrong. Zurich has no clue what they're talking about. The chip makers aren't addressing the real issues despite worked examples that maintain a lot of compatibility. Russia isn't playing much a role so far because they don't push their chips enough. I agree U.S. chips will take a significant impact but we also have many of the best chips & legacy software running on them. So, we'll make it. China is the one to watch given they're investing $5 billion into memory tech out of nowhere. Might have side-effects.

Plus, Intel acquiring Altera + Xilinx partnering with Qualcomm (ARM) and OpenPOWER will probably produce price/performance/watt numbers so good that plenty will shift back. On top of NVIDIA's dominance.

Dirk PraetNovember 22, 2015 8:18 PM

@ WorkingOnIt

Here's a copy of 9buntu why not give it a whirl

Err, they don't have anything more recent than 5 years old?

Nick PNovember 22, 2015 8:22 PM

@ Dirk Praet

"Err, they don't have anything more recent than 5 years old? "

It's a good move if one's strategy is maxing out residual vulnerabilities. ;)

Clive RobinsonNovember 22, 2015 9:51 PM

@ Nick P, Dirk Praet,

It's a good move if one's strategy is maxing out residual vulnerabilities. ;)

Personally, if I can not have an OS&App that has no vulnerabilities, I would like the vulnerabilities to be fast moving targets not sitting ducks.

The implication of this is you need to be continuously updating all the code an continuously evolving it... Which is resource intensive at best, and why security is getting so darn expensive.

Thus also "small is beautiful" and lack of contact encouraged. Which suggests a tiny code firewall with virtually no functionality over the minimum needed to make it minimally functional. Perhaps I need to dig out my old SLIP to PPP code that ran on an 8bit micro and modem chip and tighten the rules a bit ;-)

WorkingOnItNovember 23, 2015 3:21 AM

@ Nick P - "What is Reputation" Nice offering's indeed, but I wouldn't buy it from the US simply on the principal that they're the one's doing all the hacking putting crap into peoples boards on behalf of the NSA and that's the biggest thing that's going to have the most impact, the cost to there technical reputation across the board. People will instantly prefer to go buy it from Lemote or Baikal knowing it would have extra insert my dicktion crap!

WorkingOnItNovember 23, 2015 3:41 AM

@ Nick P - Buy it from the US or the UK - with weak side channel attacks against AES possibly vulnerabilities coded into your OS with Windows 10 so they can spy on the NASDEQ with there buddies at AEGIS and SunGroup or buy it from China with embedded Dragon chips and open-firmware so you can examine everything down to the last transistor and enjoy an open EEEPROM to flash 9load or 9boot and enjoy an Open secure system. Which would you choose? Oh and as for LAKE it's Blake or Blake2 to date and it's one of the SHA3 finalists with no weak keys. "NIST" can go fuck itself and there Federated information processing standards can go get inserted into there anus with 3DES & Baton from Raytheon!

WorkingOnItNovember 23, 2015 4:12 AM

NIST - "We've got Keccak and Candy?!"
Hackers - "We've got your Flying Saucer and Arirang and Blake2 so Fu-Q!"

Eric JacobsNovember 23, 2015 4:30 AM

The incentive to hack a public reputation system is far greater than with a private reputation system. If a system allowed the rating and sharing of things (for example, businesses or products) in a purely private setting with people you invite and know, this is much harder to hack since strangers are not part of the system. Basically a socio-technical system that mimics old-world reputations. Of course, when relationships and sharing are restricted to first-degree relationships, the system doesn't scale well. When sharing is extended to second-degree relationships, the reputation system might be less secure, but the relationship should still be traceable as a friend of a friend, and reasonable scalability is possible. Second-degree relationships are also well within the comfort zone for many. At our company, Real Word of Mouth, we've actually built exactly this system for reviewing businesses. You can share a review (an opinion regarding reputation) of a business, and select whether that review can be seen by only your friends, or your friends-of-friends, or publicly. Interestingly, about 2/3 of all reviews are shared privately (among friends, and friends-of-friends), and 1/3 publicly. To insure reviewer privacy, business owners have zero visibility on private reviews - they don't even know if anything was written about their business privately, let alone what was written, or who wrote it. Of course, our system does not address problems of corporate or national security - but it does provide a way to share trusted recommendations that are very difficult to game. Because you are sharing with people you know, you might be less prone to hyperbole and you probably don't want to put your own reputation at stake by sharing false information. You could think of Real Word of Mouth as a kind of hybrid of LinkedIn (relationship degrees) and Yelp (reviews). If you're curious, check out Real Word of Mouth.

WorkingOnItNovember 23, 2015 4:45 AM

@ Eric Jacobs "this is much harder to hack since strangers are not part of the system."

Thats true, but do you see what these thieving lot do? Lets take a look at GCHQ and ElectroCryptBlue - All they've probably done is take Blue Midnight Wish, rename it as ElectroCryptBlue and then they market it as being perfect for "You!"

WorkingOnItNovember 23, 2015 5:11 AM

@ Eric Jacobs - Lets take a moment to examine some of those classified algorithms, DES - 3DES & Baton - Yes, they're still using these and for what it's worth BATON although its classed as classified is NOT - because back in the 90's I saw the source code for it being handed around like candy on the Cypher-punk mailing lists. So there definition of what's classified and TOP secret is severely skewed. How else do you think someone piloted one of there Drones when they hacked into the signal? Classified and top secret.. Erm no not really! Let's hope there Elecrocryptblue fairs better eh?

WorkingOnItNovember 23, 2015 6:31 AM

@ NSA - Welcome to the REAL world, try backing away from your computer, go outside have a smoke and don't forget to breath! Your "Juniper" hash is in there as well.. Take a breather and stop trying to tell everybody your garbage is TOP secret.

Clive RobinsonNovember 23, 2015 7:07 AM

@ WorkingOnIt,

BATON is just one of a myriad of cipers that the Western Comns Security groups have put together.

Whilst the algorithm is classified to some level beyond mear mortal vision, for interoparability reasons the name, modes and other API info is often commonly available, such that lowly systems engineers and the like can build around the "On my Oh so secret" code library or chip.

The fact that systems have to maintain interopetability through many nations equipment (see NATO member countries list etc) where there may be little or no trust makes for highly segregated systems design within a nearly open framework. It's something the Europeans tend to do a little better at than their North American "partners" but hey "that's the way the biscuit --not cookie-- snaps --not crumbles--" ;-)

There are some very specific issues when dealing with multi force multi national command support systems in theatres of war with multi K radius coverage. Which can and should alow communication from satellite through aircraft, helicopters, tanks and APC's, foot mobile infantry, dispersing from ships protected by submarines etc. Using the whole EM spectrum from near DC to daylight and beyond and data rates from 40bps through 40GBps and guarenteed delivery time, not just "real time" and Fleet Broadcast not just point to point add deep joy to the mix. For instance "time" it's self becomes a problem and Einstein's theories amongst others have to be accounted for if it's all to work.

For obvious reasons even though all those involved might be cleared to the highest levels they don't have a need to know outside of their own problem domain / field of endeavor, but they do need to work at the adjacent edges, hence the need for quite detailed interfaces. That may or may not leak a little 20,000ft detail in the process, to know if it was leaking classified information you would have to have specific domain knowledge which you don't get unless...

OK knowing that BATON has a 320bit formated key field where half the bits are KeyMat and the other half checkbits, might tell you that there is a probability that the checkbits come via an open hash function. But does not tell you if there is additional "whitening" etc and if it's bit wise or full field or sub field wise added. Even knowing the key is 160 bits, gains you very little, what about endianism, etc? Because you don't generate, check or use the keys, just transport the 320bit field you don't get to know anything about the keys or the algorithms they work with... Such is the way with these things.

WorkingOnItNovember 23, 2015 7:18 AM

@ Clive Robinson - Endian is BIG and its 32 Bit MIPS - MIPS has to generate strong cryptography so customers don't get free Satellite TV. The Keys are PKS11 it's RSA token's the same RSA they where busy trying to weaken. So kudos to them for trying to weaken there own Security.

"Which can and should alow communication from satellite through aircraft, helicopters, tanks and APC's, foot mobile infantry, dispersing from ships protected by submarines etc."
-HavQuick

I saw the spec's for the newer Raytheon chip and it's RISC with DES - 3DES and Baton with Triple Hash. So I guess they apply SHA with more than one iteration. Such as SHA with MD5?

Gerard van VoorenNovember 23, 2015 7:30 AM

@ WorkingOnIt,

>> Exactly what is "it" that you are working on?

> Cryptography of Course!

Okay, just asking.

WorkingOnItNovember 23, 2015 7:41 AM

@ Clive Robinson - If you'd like a free MIP's PC with strong cryptography and a DAC reader built in, take a screw-driver to your Satellite TV Box. It's really quite simple to replace the Operating System on the HDD with something that's MIP's friendly so who need's to go buy an expensive PC from PC World with TAO Inside, when you can get one for free that's probably in all likely hood clean out of someone else's skip! "We'll OWN the internet" they say... Good luck with that!

MicaNovember 23, 2015 8:28 AM

@ Eric Jacobs

To insure reviewer privacy, business owners have zero visibility on private reviews - they don't even know if anything was written about their business privately, let alone what was written, or who wrote it.

It sounds fun but how do you plan on monetizing it?

Clive RobinsonNovember 23, 2015 8:31 AM

@ WorkingOnIt,

I saw the spec's for the newer Raytheon chip and it's RISC with DES - 3DES and Baton with Triple Hash. So I guess they apply SHA with more than one iteration. Such as SHA with MD5?

As I said "mear mortal" status is where some prefer to be these days, it can realy keep the costs down... Speaking of which,

... so who need's to go buy an expensive PC from PC World with TAO Inside, when you can get one for free ...

It won't be the first or the last time I repurpose "Box Top Tech". Back in the day taking LNA's from Sat Dish upgrades and turning the FET's around made many a Pirate Radio microwave link. With better than full video bandwidth in the LNA and using a 2.5GHz ISM band video sender or WiFi as the IF you had a very very capable system for at most a couple of hundred quids worth of bits.

As for MIPS, yup, it's in a nice place microcontroler wise, possibly beter than ARM. Writing a very limited OS would be about a man years worth of work from scratch... But why bother some people have done the heavy lift on much of the code you need so other than RSI risk of cut-n-paste mouse action, the real prob is auditing others code for security.

Oh funny story about set top boxes for Sky. You may be old enough to remember the cat and mouse games between the box designers and the hackers. Well back then they used 8bit micros from Motorola. It got so bad that Sky even tried having the chips put in custom packaging with mixed up pin outs, at quite some considerable expense.

The point I could never get over to the Sky engineers was that they never rose the bar high ebough each time. That is they rushed out a small change rather than collect a number of small changes and release them as a big change all at the same time. The small incremental changes always left the hackers target in sight and thus the Sky engineers were "training the enemy". I had reason to discuss this issue with Alan Sugar and after having a laugh about it he picked up the phone and speed dialed somebody at Sky quite a way up the food chain. He was fairly brief and started in with "XXXX what's this I hear about your engineers being compleat YYYYs and being to stupid to listen..." he then went on to pass over the jist of what I had said. A few days later I heard there was significant changes made in the engineering and shortly there after they finally got the jump on the hackers...

Oh whilst I remember, that BATON key, have a think about why so many checkbits... The clue is hidden in the PKS comments you linked to. Lets just say if you want things to work fully or at all you have to know what the insides of the chip does with those check bits, I'll LEAF it up to you to guess or find out.

WorkingOnItNovember 23, 2015 8:32 AM

@ Clive Robinson - Billions of Dollars spent on Radar reflectors, GPS chips hardware implants, just to be out-done by a load of guys sitting there going "fu** this shit" swapping over to embedded or industrial equipment that plugs into a mono-chrome TV. Irony!

WorkingOnItNovember 23, 2015 1:52 PM

@ Clive Robinson - "Lets just say if you want things to work fully or at all, you have to know what the insides of the chip does with those check bits!" Yeah, that's very true.

But to be honest I don't really have to know - because I have no intent to ever use Baton.

As RISC chips seem to be the flavor of the month with the Russians whilst the US is trying to phase SPARC out, that's kind of all you need to know oh that and the beast is dead. In case you missed it Windows is Banned in Russia, China has already banned it and trust me when they start looking at the way Linux actually handle's X11 they'll soon ban that too.

Or maybe not, maybe there happy to spy on there end users with there own CA's inserted into the Linux Kernel.. X-KeyScore - Active-X? Direct-X? X11? Oh look it's Plan 9 that's Plan IX in Roman numerals now lets count to 12. - 9, 10, 11, 12... Wait what's that in Roman numerals? --> XII

aux/stub /dev/tty
bind /dev/cons /dev/tty
# not very random aux/stub /dev/srandom
bind /dev/zero /dev/srandom
aux/stub /dev/urandom
bind /dev/zero /dev/urandom

Plausible deniability as Eric Schmidt would say, the NSA hacking our Data-Centre "Outrageous!" of course we didn't help. Don't worry though Eric the Russians and the Chinese know all about Plan 9 and the 9Base database. They should do, I told them directly. So I guess the choices for your next software platform using AT&T's TCP/IP stack are limited with so many eye's making all bugs shallow.

WorkingOnItNovember 23, 2015 2:11 PM

@ Clive Robinson - Things like Nightstand do not work unless of course you have loads of Teletype terminals to spare such as a few extra TTY's of which Linux has 7 sometimes 8 or 9. So PTS/0 hacking it's way into TTY/0?! Desktops with No Java - Kolibri for example I'd wager is NSA proof and works well on embedded stuff and hey "it's russian!" The GCC - Governments Corrupt Compiler.. Pfft..

WorkingOnItNovember 23, 2015 3:22 PM

@ Clive Robinson

- Every Other Country is Going to dictate there Crypto Policy = Exactly
- Every Other Country is Going to refuse to Buy our Products = Exactly
- We're Ruined! = EXACTLY!

WNovember 23, 2015 4:34 PM

Online reputation systems are terrifying. To think my every indiscretion may be immortalized and constantly parsed by people who want to make judgments on my viewpoints and lifestyle.....horrifying.

Clive RobinsonNovember 23, 2015 5:20 PM

@ WorkingOnIt,

As RISC chips seem to be the flavor of the month with the Russians whilst the US is trying to phase SPARC out, that's kind of all you need to know oh that and the beast is dead.

Err no, there is a lot more to know and it's something I've been thinking about for quite some time.

RISC cores are both small and efficient but fairly quickly stall as other parts of the system can not keep up (specificaly the of chip RAM that forms the "core store"). RISC cores also have a disadvantage of "heat death" issues with device scaling, that on chip memory does not suffer from thus having a local cache intertwined with a RISC core has significant advantages in the heat managment issue associated with reducing device size.

This still leaves the core memory bottle neck, which can be solved in several ways. One is the CISC route Intel went down, another is massively parallel architectures.

CISC has the advantage with a single or modest number of CPU cores of getting more bang for your buck on each memory transfer, that the on chip instruction decode unit then converts to many RISC instructions internaly that solving the stall issue but introducing others. All of which involve more high energy solutions without actually producing a significant boost in actuall computation through put... Which is an Issue Intel have effectivly "painted themselves into a corner with".

What interests me is the massively parallel route, which I personally think is the way of the future. That is instead of all the power hungry do little logic of CISC why not put on more RISC cores and memory. BUT, the important difference is rather than cache memory make it local core and instead of complex instructions of CISC go instead even further with tasks instead. Thus the architecture rather than passing lot's of instructions with data mixed in send mainly data with a few task indicators.

It's a route that both the Russians and Chinese appear better able to move down than the US, because they have not allowed the unregulated freemarket issue of painting into a corner of a "race to the bottom" to happen (by chance of timing not thoughtfull design). They also have the other advantage of being able to use patriotism etc to jump over the Intel / Microsoft shackles.

Wether they do it or not is another matter. The West has another problem that neither Russia or China do. Which arises from the "cycles to burn" issue, in that in the West optomising code efficiently has not been of concern. This is because of the near annual doubling overall of the computing triumptive of CPU speed/power, memory and communications. Which has been focused towards improving user experience on a single CPU core.

Due to other concerns the Russians and Chinese did not embrace the graphical user interface any where near as much, thus their users have been kept at the much more efficient Command Line Interface for longer and don't need to "burn cycles" and thus focus on function over form. Which makes the step into parallel computing easier.

It will be interesting to see how things pan out over the next five to ten years.

LarryNovember 23, 2015 6:15 PM

@ Clive Robinson

because they have not allowed the unregulated freemarket issue of painting into a corner of a "race to the bottom" to happen (by chance of timing not thoughtfull design).

If by "unregulated freemarket" you meant the dominant monopoly of wintel architecture then you certainly have a point there. Though that goes against the doctrine of race to the bottom, because at some point it doesn't get any lower. Whoever reaches the "bottom" first owns a monopoly, or the contestants had learned to collude to fleece the audience.

They also have the other advantage of being able to use patriotism etc to jump over the Intel / Microsoft shackles.

Not a chance of that happening without risking economic catastrophe. I suspect the doctrine is to adapt western bloc paradigms in hopes of subverting them. Reinventing the wheel has major economic consequences that those behind in the chase have presumably learned to avoid.

WorkingOnItNovember 24, 2015 6:58 AM

@ Clive Robinson - Go lookup Multi-Secure Unix IX and there's your answer, take a look at the history of Unix and use Roman numerals instead of 1 to 8 - The collaboration between AT&T & Bell destroyed Unix and the addition of X-Windows and the GCC was what eventually destroyed Trusted Solaris and will eventually destroy Linux. Although you can still get hold of Solaris 8 without the GCC and there are plenty of alternative C compilers. But with one Window manager all centred around X11 perhaps it's time to start looking at alternatives to X. Does russia spy on it's own Citizens Jolla OS = Android Clone so yeap it does.

WorkingOnItNovember 24, 2015 8:33 AM

@ Clive Robinson - Watch what happens is all you can say to it all, broken Web 2.0 standards for better advertising, Russia and China are going to tear shit up and all because of Capitalist Greed!

Gerard van VoorenNovember 24, 2015 9:47 AM

@ WorkingOnIt,

> Here's what the Russians will be running on those Baikal platforms and it's going to piss
> all over SELinux. http://dz.ru/en/solutions/phantom/

Do you have any links that backup your statement? Why do you think this is so much better than SELinux from a security POV?

Clive RobinsonNovember 24, 2015 12:30 PM

@ WorkingOnIt,

Watch what happens is all you can say to it all,

Well patience is often rewarded by happenstance, and trying to push your way through is at best a waste of energy most times.

As an analogy, driving in the rush hour is often a waste of time and resources. You leave the office at 5 and spend an hour driving home burning fuel and nervous energy in equal quantaties. You get home wound up like a spring and spend an hour unwinding / venting, and by 7 if you are lucky you might be sociable.

However you leave the office at 6 you get home in 20mins and after a short cup of tea etc are enjoying your social life at 6:30 without the damage to your cardiovascular system, and less fuel burnt and less damage to the car. Oh and it's less likely you have wound the family up in the ten mins you spen with your cup of tea, than the hour of grumpy venting... thus your life expectancy is improved, you get an extra half hour of quality family life and a spare hour in the office to do catchup, prep or whatever.

Your choice, push fruitlessly and even go backwards, or wait to an oportune time.

@ Gerard van Vooren,

There is not much mention on the details in Phantom OS, though the company behind it does work for Microsoft in some capacity. It's main security claim appears to be "no use of pointers" outside of objects and no automatic (stack) variables. Further it appears to use a task based (ie objects) not process based model in common memory and thus does not need to context switch in the same way as other multitasking OS's.

It's this no context switch, task based model that I assumed for the CvP highly parallel CPU "hardware jail" system. Thus I have a feel for some of the benifits.

As I've said before such a highly parallel system is the way of the futute not just at the chip level but all the way up the computing stack. It's something the single Core CISC CPU model can not do at all well.

Gerard van VoorenNovember 24, 2015 2:09 PM

@ Clive Robinson,

At first I thought when you guys talked about CvP you meant C (the language) vs Pascal... (it's okay to laugh) Then it became clear it was about Castle vs Prison, which became a pretty clear analogy of not getting in vs not letting out. I deliberately didn't want to mix in these discussions because one got to know it's limitations. I am not a systems nor embedded developer, just a hobbyist programmer with a bit of knowledge of C and other PLs, and this whole context switching and address spacing is above my head. I only wonder why WorkingOnIt thinks that Phantom OS is the real thing.

WaelNovember 24, 2015 2:39 PM

@Gerard van Vooren, @Clive Robinson, @Nick P,

At first I thought when you guys talked about CvP you meant C (the language) vs Pascal...

Good thing you didn't think it's Clive Robinson vs Nick P :)

which became a pretty clear analogy of not getting in vs not letting out

That's one aspect, but there is a lot more to it at least on the "prison" architecture. We'll revive this discussion soon, I think. Was trying to find a good entry point to it. I am already working on the summary and a clarification of the contention points that killed the discussion. I prefer those sort of discussions than the other type (religion, politics, etc...)

Nick PNovember 24, 2015 5:03 PM

@ Gerard van Vooren

That's funny stuff. I bet your mind started making connections all over the place. Light bulbs everywhere. Suddenly, it all made so much more sense than Pascal inspecting errant programs like a warden. ;)

Your explanation of the metaphors is acceptable for certain security discussions. Unfortunately, the more detailed versions started drifting away from the specific methods to the point that evaluations were arguing more over the metaphor than the methods. Plus, my research was becoming more a hybrid where there was overlap. So, I dropped it and suggested others do the same in favor of discussing security goals, designs/techniques for achieving them, and evaluation of them.

"I only wonder why WorkingOnIt thinks that Phantom OS is the real thing."

I dare you to try to connect all the things WorkingOnIt has said and recommended in one conversation, much less past 24-48 hours. Makes the PhantomOS tangent less worth chasing.

@ Wael

"Good thing you didn't think it's Clive Robinson vs Nick P :)"

Yeah, that's unproductive. Cooperation with a bit of idea competition is best model. :)

"We'll revive this discussion soon, I think. Was trying to find a good entry point to it. I am already working on the summary and a clarification of the contention points that killed the discussion."

I bet you are... (sighs)

"I prefer those sort of discussions than the other type (religion, politics, etc...)"

That we can agree on. Back to the technical stuff! Maybe factor in some of the recent attempts at integrating detection of HW subversion or RE into architectures.

WaelNovember 24, 2015 5:22 PM

@Nick P,

That we can agree on. Back to the technical stuff! Maybe factor in some of the recent attempts at integrating detection of HW subversion or RE into architectures.

Will do. RE == Reverse Engineering?

Dirk PraetNovember 24, 2015 7:08 PM

@ WorkingOnIt

Here's what the Russians will be running on those Baikal platforms and it's going to piss all over SELinux

Looks very interesting, but when is it going to materialize and who's the target audience? Meaning, is it meant as a general purpose operating system for ordinary users, supporting common hardware, or a geek-only thing that can only be run on designated hardware with Baikal processors, serving very specific purposes only?

Clive RobinsonNovember 25, 2015 1:08 AM

@ Nick P, Wael,

... subversion or RE into architectures.

Hmm, maybe we should drop "two letter acronyms". To many RE means "Religious Education" no wonder Wael sent a clarifier...

Mind you "PR friends" is an expression that has always made me smile. PR was originally claimed by the medical profession for a particular field of endevor. However those who you might say "are full of it" tried to repurpose it for "Public Relations" the irony of which is not lost on those in the medical profession (especially when you also get "Spin Dr" in the same sentance as some "Management Consultants" do ;-)

So just remember not to say "Consultant Spin Dr in PR" it could equate to the brown stuff hitting the fan in more ways than one :)

WaelNovember 25, 2015 1:20 AM

@Clive Robinson, @Nick P,

Consultant Spin Dr in PR

You mean this sort of lubricated, gloved, cold-handed PR? :)

PR was originally claimed by the medical profession for a particular field of endevor

endevor, eh? Lol

Clive RobinsonNovember 25, 2015 6:52 AM

@ Wael,

You mean this sort of ...

You've forgotton the faithfull "Torch Bearers" to "enlighten" the ahh, "souls of sinners" allong the true path to the heart of man...

Nick PNovember 25, 2015 10:23 AM

@ Dirk Praet

We have to consider their location. They might be held up on the topic of backdoors. On one extreme is a group that thinks virtually every component and protocol should be backdoored to maximize FSB access. The other extreme says the backdoors should be subtle ones put into most critical services to maximize stealth. There's a middle group that advocates a string of 0-days that are disguised as regular coding defects and fixed promptly to reduce suspicion. That group wants to ascertain the right amount to blend in with FOSS in general. The project could be slowly creeping forward while a consensus is yet to be formed.

@ Wael

Yes, reverse engineering. This is essentially tamper-evidence or resistance where various circuits and tricks try to make that difficult. There's a lot more now thanks to DARPA programs and such. With those, the consideration should be removing low-hanging fruit where the technique might stop someone with limited access to the device.

WaelNovember 29, 2015 12:58 PM

@Gerard van Vooren, @Clive Robinson, @Nick P, (new blood needed, sarcasm is appreciated too),

At first I thought when you guys talked about CvP you meant C (the language) vs Pascal...
That's one aspect, but there is a lot more to it at least on the "prison" architecture. We'll revive this discussion soon, I think.

I'll link the response to one of the original threads to keep it contained in one place. Stay tuned -- just a few minutes.

@Moderator,
Would it make sense to allocate a repository where ongoing discussions are gathered in one place? You already have threads that are contiously created but don't have static places for ongoing protracted discussions. Who knows, it could end up being a book ;)

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.