Friday Squid Blogging: Whale Mistaken for Squid

A purported giant squid that washed up on the shore in Norfolk, England, is actually a minke whale.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on March 4, 2016 at 4:51 PM • 192 Comments

Comments

It's Friday!March 4, 2016 5:05 PM

Amazon removed device encryption from Fire OS 5 because no one was using it

http://arstechnica.com/gadgets/2016/03/amazon-removed-device-encryption-from-fire-os-5-because-no-one-was-using-it/

Terrorists, drug lords and paedophiles - please use the Amazon Fire

https://www.grahamcluley.com/2016/03/terrorists-drug-lords-paedophiles-use-amazon/

Amazon kills fondleslab file encryption with latest Fire OS update

http://www.theregister.co.uk/2016/03/03/amazon_kills_fire_os_encryption/

Q&A: Bruce Schneier on joining IBM, IoT woes, and Apple v the FBI

http://www.theregister.co.uk/2016/03/04/bruce_schneier_speaks/

Snowden is a hero to the security biz – but not for the reason you'd expect

http://www.theregister.co.uk/2016/03/04/snowden_a_hero_to_security_industry/

How the FBI will lose its iPhone fight, thanks to 'West Coast Law'

http://www.theregister.co.uk/2016/03/04/west_coast_law_beats_the_fbi/

It's Friday!March 4, 2016 5:20 PM

More FUD.

"The iPhone is a county owned telephone that may have connected to the San Bernardino County computer network. The seized iPhone may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino's infrastructure," according to a court filing (PDF) by Michael Ramos, the San Bernardino County district attorney.

http://arstechnica.com/tech-policy/2016/03/san-bernardino-da-says-seized-iphone-may-hold-dormant-cyber-pathogen/

Milo M.March 4, 2016 5:44 PM

http://spectrum.ieee.org/tech-talk/computing/networks/forty-years-later-turing-prize-winners-devoted-to-personal-privacy-and-nuclear-activism

"The Association for Computing Machinery announced the winners of the 2015 Turing Award—affectionately known as the Nobel Prize of computing—on Tuesday at the annual RSA conference in San Francisco. The $1 million cash prize will be split between Hellman and Whitfield Diffie, who worked closely with Hellman to develop public key cryptography at Stanford in 1976."

http://amturing.acm.org/

“In 1976, Diffie and Hellman imagined a future where people would regularly communicate through electronic networks and be vulnerable to having their communications stolen or altered. Now, after nearly 40 years, we see that their forecasts were remarkably prescient.”

keinerMarch 4, 2016 6:00 PM

" Q: Finally, are you optimistic for the future of IT security?

In the short term no. But in the long term we'll work it out."

In the short term: I bought a used Dell Optiplex 790 SFF, came with firmware A7. Using a DOS USB-stick, I managed to update to A10 (in legacy mode, of course), from there to A13, but subsequently the updates fail after the "Collecting information" step of the upgrade. However, with the Service Tag of the device I can download up to A18.

- Tried firmware A14, A15, A16, A17 and A18
- Repeated the download several times
- Installed fresh RAM/HDD, Removed HDD/DVD
- Repeated flashing of A13
- Downgraded to A11, A10, subsequently tried all newer, only A13 succeeded
- Removed CMOS battery for half a minute...

No update to any firmware version higher than A13. Any ideas why?

Might it help to install Windows and try update from there?

I'm somewhat lost...

chris lMarch 4, 2016 7:59 PM

California Judge backtracks on releasing student PII

The judge had previously ordered that the education department give essentially complete, non-anonymized records, including things like SSN and disciplinary records on all California students to the plaintiffs. There was an opt-out procedure that required snail mailing a form. So many forms came in that they can't process them and they're rethinking the process for data analysis.

Jonathan WilsonMarch 5, 2016 12:08 AM

A few other missed articles relavent to encryption:
Adi Shamir (the S in RSA) says Apple should help the FBI
http://bgr.com/2016/03/03/san-berdardino-iphone-hack-godfather-of-encryption-apple-fbi-iphone/

New french bill proposes jail time for employees of companies who refuse to help law enforcement gain access to encrypted data:
http://www.dailydot.com/politics/france-encryption-decryption-law-punish/

New law in Australia makes it illegal to do all sorts of things related to cryptography (its unclear exactly what the law means but as an Aussie I suspect that if I continue to work on the projects I am involved with that contain cryptography, I would be violating this new law)
https://theconversation.com/new-defence-trade-controls-threaten-academic-freedom-and-the-economy-55310
http://thenewdaily.com.au/news/2015/11/25/turnbull-doublespeak-encryption/
http://defencereport.com/the-aussie-defence-fubar/
http://www.cla.asn.au/News/5825-2/

keinerMarch 5, 2016 5:11 AM

update: Have to install malware (Windows 7), only then you can update BIOS to A18. Strange....

NSA Expected to Tap New Trans-Atlantic CableMarch 5, 2016 5:13 AM

“Google and Facebook Inc. are among companies interested in using a $250 million submarine cable that will link Brazil directly to Europe as part of the South American country’s attempts to avoid U.S. electronic espionage, according to Brazilian Communications Minister Andre Figueiredo.”

From the Snowden documents, how will the NSA tap the fibre optic cable while avoiding detection? With power outages again?
Are there international laws against this sort of malicious ‘wire’ tapping espionage?

http://www.bloomberg.com/news/articles/2016-02-23/google-facebook-considering-brazil-s-spy-proof-link-to-europe

Jonathan WilsonMarch 5, 2016 5:23 AM

The obvious solution to avoid NSA spying would be to have encryption at both ends of the fibre that encrypts all data flowing over it. Even the NSA hasn't built a device that can do real-time tapping and cracking of data flowing over an encrypted fiber line.

65535March 5, 2016 5:42 AM

@ It's Friday! and others

It is good to see the technology industry stick together and speak out against the FBI’s egregious grab for power. It clear the FBI cherry picked this sensational case as a vehicle to achieve a legal Precedent that would give them broad spying powers. This goes all the down to local police and their petty pot busts and other vice crimes.

@ keener

“update: Have to install malware (Windows 7), only then you can update BIOS to A18. Strange....”

Interesting, I would have thought any mainstream OS would have done the trick. I guess not. I will say in years gone by I have ruined my share of computers while updating the BIOS. All it takes is one glitch in the exe and bang the machine is dead.

Clive RobinsonMarch 5, 2016 7:36 AM

Mag Probe EmSec attack on iOS Mobile devices.

Titled : ECDSA Key Extraction from Mobile Devices via Nonintrusive Physical Side Channels.

It appears as is often the case that simple DIY kit suffices.

It begs the question as to if such a simple design could be used on Apple phones to get at the all important "First Secret" which contains most of the entropy for building the 256bit AES Master Key the FBI are pretending to be desperate to get...

I suspect that using better designed probes and quite a bit of analysis on other iPhones a non "Acid & Laser" approach could be used...

Perhaps somebody could file an amecis brief on it with the court, and thus make it a "three baggie of PopCorn" entertainment ;-)

https://eprint.iacr.org/2016/230.pdf

Abstract: We show that elliptic-curve cryptography implementations on mobile devices are vulnerable to electromagnetic and power side-channel attacks. We demonstrate full extraction of ECDSA secret signing keys from OpenSSL and CoreBitcoin running on iOS devices, and partial key leakage from OpenSSL running on Android and from iOS's CommonCrypto.

These non-intrusive attacks use a simple magnetic probe placed in proximity to the device, or a power probe on the phone's USB cable. They use a bandwidth of merely a few hundred kHz, and can be performed cheaply using an audio card and an improvised magnetic probe.

FigureitoutMarch 5, 2016 7:59 AM

Clive Robinson
--Looks like if you generate a bunch of pseudo random interrupts during encrypt/decrypt it'd muck up this attack.

Stingray StateMarch 5, 2016 10:10 AM

https://theintercept.com/2016/03/04/no-turning-on-your-phone-is-not-consenting-to-being-tracked-by-police/

The Maryland Court of Special Appeals on Wednesday upheld a historic decision by a state trial court that the warrantless use of cell-site simulators, or Stingrays, violates the Fourth Amendment.


The ruling has the potential to set a strong precedent about warrantless location tracking. “Police should now be on notice,” said Nate Wessler, a staff attorney with the ACLU’s Speech, Privacy, and Technology Project. “Accurately explain your surveillance activities to a judge and get a warrant, or risk your evidence being thrown out."

Good thing too, since the militarised police have lost their minds with the range of equipment available, and legality of their methods is clearly an afterthought. Choice quotes from their catalog reviews below:

https://theintercept.com/surveillance-catalogue/

From the maker of the Stingray, this device provides the added power to listen in on calls and read text messages. Also useful for kicking nearby phones off the network (you can choose between just blocking a single target phone or scrambling the signals of all phones in the area). Take note: Wiretapping calls and text messages requires a special “superwarrant” signed by a judge. Playing around with a Blackfin without adequate court supervision can get you in a lot of trouble.

...

Are you trying to monitor a huge political protest? Look no further than DRT. Nicknamed “dirt boxes,” these devices can locate up to 10,000 targets and can process multiple analog and digital wireless devices all at the same time. They’re even capable of intercepting and recording digital voice data. The best thing about the devices is the fact that no one may ever know you’ve used one. Just be careful — if your targets do figure out you’ve used a DRT box, and you haven’t gotten a warrant, they may be able to convince a judge to throw out all the evidence you’ve collected on them after you used the device. You can mount DRT models like this one in an aircraft to fly over the crowd.

...

The National Security Agency designed this little number itself, cutting out the usual corporate middleman. With an airborne broadcast range of 30 kilometers in rural areas and 5 kilometers in urban ones, the Typhon is sure to capture data from thousands of bystanders’ phones. But buyer beware: This snooping device only captures data from GSM phones, meaning it’s good to go in most of the world, but won’t work on Sprint, Verizon, and U.S. Cellular phones in the United States. For those, check out the airplane-ready cell-site simulators from Boeing Co.’s subsidiary DRT.

...

This device is a favorite of police departments everywhere. It’ll suck every last byte of data out of a seized cellphone in less time than it takes to read the Bill of Rights. Just remember what the Supreme Court said in 2014, though: If you’re searching the contents of a cellphone, “get a warrant.”

...

Are you trying to break the next big criminal syndicate? If so, the Cyberhawk may be your go-to device. It’s able to get data off over 79 cellphones, including saved and dialed numbers, SMS messages, pictures, calendar entries, and even sound files. That’s more than enough data to map the entire social network of an organization — even if your targets use throwaway “burner” phones. And the best thing about it? It uses software and components made right here in the United States. But better get a warrant to search those phones — in 2014, the Supreme Court said it’s the law.

...

If you want a device that doesn’t just locate your target but makes it impossible for him to make a call, look no further than the Stargazer III. In “attack mode,” the Stargazer can jam a handset and capture its metadata at the same time it pinpoints your target’s location. But watch out — the Stargazer may jam all the other phones in the area too — including your own.

John-boyMarch 5, 2016 10:21 AM

@Mr. It's Friday: We are all in your debt for the timely and important warning. I know from bitter personal experience how serious this is. Here at the San Bernardino County my 4-H project is an ox. On multiple occasions the ox of interest has been observed to introduce a lying dormant cyber pathogen into his husbandry infrastructure. Just yesterday the ox of interest introduced a big moist one right in my path. I was scraping it out of my vibram sole infrastructure for half an hour. From the faces people were making, it clearly endangered my personal hygiene infrastructure all day.

ianfMarch 5, 2016 10:30 AM


@ NSA Expected to Tap New Trans-Atlantic Cable […] “how will the NSA tap the fibre optic cable while avoiding detection? With power outages again?

If Google & Fuckfacebook are aboard, the NSA will get (at) their traffic from their European collectors anyway, no need to tap the Brasilian hose for just that (but for other reasons). Just as ICs find mobile traffic irresistible, an untapped stretch of fibre-optic cable would be like catnip to the NSA [purrdon the catty metaphor].


@ Jonathan Wilson “The obvious solution to avoid NSA spying would be to have encryption at both ends of the fibre that encrypts all data flowing over it.

For a global solution, there are just too many segments of sequential cables for this to be viable. Hence usable only, and no doubt deployed, in critical military etc specific point-to-point installations. I don't remember where I read the following—in then pre-cell phone era prescient—observation on how to conduct a military coup, but it went something like that:

    mercenaries and ordnance aplenty, but first find a guy with a backhoe to dig up the comms cables to the garrison

@ Change of policy “Is anybody surprised after the media outrage that Amazon have had a total volt-farce?

If I had any confidence in their MBA-infested HQ, I could call that FDE-remove-then-reinstate brouhaha management by trial balloon. Meaning they don't have any long-term strategists among the many VPs warring to have their respective pet budget-cutting measures adopted while elbowing out one another on the corporate ladder


@ 65535 […] “the FBI’s egregious grab for power. It clear the FBI cherry picked this sensational case as a vehicle to achieve a legal Precedent that would give them broad spying powers.

Nolo contendere, except that it seems to me a particularly weak case to cherry pick and (perhaps) go down fighting for. Then again, obviously they don't have that many cases where "anti-jihadist" fervor could be invoked.

CallMeLateForSupperMarch 5, 2016 11:21 AM

Innovative targeting:
"An unnamed shipping company had its unpatched content management system hacked by sea-pirates, who then sorted the ships at sea by the value of their cargo to help prioritize attacks to maximize the take."

Abysmal OpSec:
"Though the idea of attacking cargo ships by hacking their [content management system] is a sophisticated one by the standards of sea-pirates, the attackers weren't sophisticated enough to run their attacks through a VPN, enabling the RISKS team to trace the attack back to the hackers' home IP address."

https://boingboing.net/2016/03/03/pirates-hacked-shipping-compan.html

Clive RobinsonMarch 5, 2016 3:46 PM

@ Bruce,

England, is actually a minke whale.

I'd forgoton about this one, there have been quite a few washups this uear already.

And yes there were jokes about it being a "manky whale" at the time, along with the old "Q: What do you call a minke singing backwards?" "A: A decomposing whale" and "When is a squid not a squid..." etc. Such is what passes for "English humor".

On and todays anniversary in the news, is the maiden flight of the Vickers Supermarine "Spitfire". The Type 300 Prototype K5054 first flew 5th March 1936 eighty years ago.

Although earlier designs were flown before this, it was this prototype after minor "flight trials" modifications --a "nose job" being the most noticable-- that was the first to go into service. Various other changes were made during it's service. Due to the "poor fuel" available at the time it was infact under powered this was corrected later in WWII when American "high octane" fuel became available.

The Mk1 first drew blood in a "friendly fire" incident where two hurricanes were shot down. Of the two aircraft types the hurricane was the more successful in service. But the unique looks of the Spitfire is the one "most boys know and draw" even today.

CuriousMarch 5, 2016 3:50 PM

Here is a hours long (with long breaks) recording of eh government people discussing encryption and stuff:

Featuring FBI's Comey and probably some other known names. Haven't watched it all yet.

"The Encryption Tightrope: Balancing Americans’ Security"
https://www.youtube.com/watch?v=g1GgnbN9oNw

SecurityMarch 5, 2016 4:04 PM

@Jonathan Wilson:

LOL... congrats! It's now illegal in Australia to NOT have your bank account stolen by thieves constantly, due to insecure computers! Maybe you guys should go back to paper and pen for all financial matters, don't let it touch electronics in any way shape or form. You know... cause... terrizm!

Clive RobinsonMarch 5, 2016 4:49 PM

@ Figureitout,

Looks like if you generate a bunch of pseudo random interrupts during encrypt/decrypt it'd muck up this attack

Yes, unless there is an indicator in the power spectrum you can use to cut them out of your time traces.

Switching a CPU to and from interupt mode is an expensive operation in CPUs with cache memory etc so there is a potential for a recognizable power signature even for "one shot" time traces in a properly instrumented setup.

Which is why the current FBI court claims are probably bogus... but Apple are not going to want to talk about EmSec / TEMPEST side channel attacks on the security of iPhones for the obvious reason it's difficult to design against such attacks at the best of times, and mobile phones are a very very long way from being "ideal for hardening".

But lest others think the likes of other "secure phone" products are any better, it's highly unlikely on "stock hardware" there is only so far "Soft Tempest Techniques" can take you. It's a lesson "Smart Card" designers / manufactutes had to learn the hard way and most commodity CPU designs are not even close.

@ Who?

...don't tell the FBI:

It's a subject that has been discussed hear before (gummyfingers) and making "fake fingerprints" was something I invented for my self nigh on half a century ago as a precocious child playing with things.

You will note that the article you link to does not say how the mould was made... that is because in most cases it's "over engineered" due to what they make the fake finger print from... In the vid however it looks like the mould is made from dental impression 'gunk' that takes a while to set. Earlier people used Photoshop on images to produce photo images for photo-resist PCB you then etch, with quite nasty chemicals you don't want in your home as they not only do lots of damage, they also are difficult to explain having in your home...

As an eight year old child playing with the soft red wax of Edam cheese I found if you rolled a ball of it in your hands so it got close to body temprature just pushing your finger in gentley and taking it out carefully gave an almost perfect impression. I'd also noted around the same time that --Copydex-- "rubber solution glue" if it dried on your skin would peal off like "second skin" (thus was great for making fake scars etc for Halloween). Putting the two thoughts together alowed me to make high quality "fake fingerprints". The only problems to solve were the the softness of the wax at room temprature and ensuring the glue did not stick to the mould, these were solved with the use of a fridge to harden the wax and WD40 spray oil as mould release.

It was years later as a young design engineer I was booted out of a job for knowing this... Basicaly I was involved with a company that made some of the early fingerprint readers, and I made the mistake of showing one of the more senior engineers just how easy it was to fake up fingerprints. I initially got the "not practical attack" reply, then on demonstrating a much improved attack which was practical the boot shortly there after... (moral don't break your employers rice bowl).

It's one of the reasons I'm so against bio-metrics, because for nearly all of them -including DNA testing-- I've found "practical" kitchen table level ways of faking the "bio" or fooling the test process.

tyrMarch 5, 2016 7:09 PM


@Clive,Bruce

I remember reading a paperback on the Spitfire years
ago.It seemed that every time they landed there was
a crew waiting with a modification to improve them.
Somewhere around the Mark 23 they had finally worked
out most of the bugs. The Hurricanes bear a strong
resemblance to the P51 which is another photogenic
favorite of the time. The less stylish were the
better aircraft and a lot more dangerous to get in
front of. One of my dad's friends was Tony LaVier
who was hired for P38 test pilot and later flew the
first jets for Lockheed. The military wouldn't take
him because of his heart and he said, I had to get
a job as a test pilot instead.

ThothMarch 5, 2016 7:42 PM

@Clive Robinson
re: Side Channel vs. Apple chip
I believe the side channel attack works if the encryption key is available during sniffing but the current situation is there is no PIN to form the correct encryption key to unlock the iPhone.

rMarch 5, 2016 8:42 PM

@Thoth

It's hard to believe with all the wizardry they can do that they're struggling so hard with this one phone... which leads me to believe it's just a total dog and pony show, and they're lying about everything... They've already got all they need off the phone (or could get it easily) and the case is only about setting precedent, not about unlocking the phone.

Clive RobinsonMarch 5, 2016 9:12 PM

@ Thoth,

... but the current situation is there is no PIN to form the correct encryption key to unlock the iPhone.

No, but that may not be necessary.

The assumption is that Apple's system works approximately as,

1, User enters a Passphrase.
2, This is streched and mixed with the phone secret to make an AES key.
3, The key is used on part of the file system.
4, If the results are "sane" the phone unlocks.

What the FBI realy need is the phone secret as this is where the bulk of the entropy to build the master key is, as users and their passphrases are basicaly low entropy down to as low as 5-9 bits for quite a few (think "Birthday PINs" in 19YY or MMDD format for instance).

Thus if the assumption is true each time a PIN / Passphrase is entered the phone secret will appear encoded in the power trace of the iPhone.

If the algorithm used in stage 2 is a weak implementation then side channel leakage of the phone secret will be high. If however good "Soft Tempest" has been used the side channel leakage will be low.

By experimenting on other iPhones it may well be possible with correct instrumentation to catch the phone secret with a single PIN entry. Unless Apple took specific steps in the algorithm then it would not matter if the PIN entered was right or wrong the phone secret would be in the power trace.

Look at it this way, as long as the phone secret is not "serialized" in some way then it does not appear in the power trace in a useful way to an attacker. But, many block crypto algorithms when implemented in software do in effect serialise the key in either the key expansion or encryption rounds... Even when they don't serialize the key, the use of repeated selected plaintext attacks may well have the effect of serializing the key. Some hardware implementations likewise suffer from this problem.

Without running experiments on other iPhones we don't know if the mix function to generate the 256bit AES masterkey is secure from side channel attacks or not. And I suspect Apple will not give up the "Trade Secret" of the source code without a protracted fight....

However investigating this is well within the "pocket change" of the FBI Research Budget. So does not give the FBI "undue burden" or "risk". And that is a point the court should be cognizant of.

primitive culturesMarch 5, 2016 11:06 PM

It's getting harder for US judges to fend off human rights law by sticking their fingers in their ears and chanting, 'la-la-la-can't-hear-you...'

https://www.eff.org/files/2016/03/02/apple-amicus-brief-access-now-wickr-fndtn.pdf

https://www.apple.com/pr/pdf/Letter_from_David_Kaye_UN_Special_Rapporteur_on_the_promotion_and_protection_of_the_right_to_freedom_of_opinion_and_expression.pdf

Civil society is intervening to educate US judges in binding legal principles that go beyond the slogans of the Beltway hacks.

name.withheld.for.obvious.reasonsMarch 5, 2016 11:58 PM

To understand the government's objective (goal-based) respecting cyber-security (i.e. including commercial vendors) I recommend the following document (Army Regulation 525-15) that describes the militarized Internet that DoD is proposing.

Oh, DoD IS NOT proposing a cyber-space management rule making--the so called regulatory regime is a self authorized and self written set of rules that claim the status of statute in law. Driving what the DoD, and in this case specifically what the Army, Reserve, Component Commands, Chiefs, and Deputies is DOMAIN COMMAND but is only summarized. What is missing is the thesis supporting where the Army derives authority to write law. In addition, when reading between the lines it is obvious that DoD sees "all systems" as "potential hostile" threats. The language contains no constraint or bounding of a mission regarding cyber systems.

name.withheld.for.obvious.reasonsMarch 6, 2016 12:19 AM

Also wanted to add a reference to information about Information Warfare. I assume that the document on the publicintelligence.net website will raise a few eyebrows (I wonder how this fits within the framework of U.S. constitutional law).

Big Billboard BrotherMarch 6, 2016 1:12 AM

From the NY Times:

Pass a billboard while driving in the next few months, and there is a good chance the company that owns it will know you were there and what you did afterward.

Clear Channel Outdoor Americas, which has tens of thousands of billboards across the United States, will announce on Monday that it has partnered with several companies, including AT&T, to track people’s travel patterns and behaviors through their mobile phones.

By aggregating the trove of data from these companies, Clear Channel Outdoor hopes to provide advertisers with detailed information about the people who pass its billboards to help them plan more effective, targeted campaigns. With the data and analytics, Clear Channel Outdoor could determine the average age and gender of the people who are seeing a particular billboard in, say, Boston at a certain time and whether they subsequently visit a store.

Are you sufficiently creeped out yet?

Any arguments that cellphones are really mobile trackers and that the IC will utilise the 'anonymous, aggregated data' in two seconds flat?

rMarch 6, 2016 1:33 AM

@keiner,

i too have had issues with the optiplex bios'.

mine relates to "corrupt" data or some bs, it somehow disabled booting off of anything other than the hdd a long time ago... Made me very nervous... unlike you, i never bothered to attempt a fix - maybe i will prior to selling it.

beautiful optiplex 755 with core2 quad sourced from salvation army for 20 bucks. Everything else there said "windows xp", this had the core2quad sticker on it for the same price. :)

It was my first desktop since early pentium 4's. ?

Clive RobinsonMarch 6, 2016 2:26 AM

@ Bruce,

One to add to your collection of "cheating and discovery" but also fraud analysis and plagiarism,

http://fivethirtyeight.com/features/a-plagiarism-scandal-is-unfolding-in-the-crossword-world/

You might also be aware of another plagiarism scandle in the Chess World by Grandmaster Raymond 'the penguin' Keene OBE,

http://streathambrixtonchess.blogspot.com/2013/09/the-multiple-plagiarisms-of-ray-keene.html

Most notable for the supposed ostrich like behaviour of his editor / employers...

If you want to see how he got the nicname of The Penguin, look at his photo in Wikipedia,

https://en.m.wikipedia.org/wiki/Raymond_Keene

One thing that can be said of computers and the Internet is they are making plagiarists easier to unearth. If this is a good thing or a bad thing remains to be seen, because the technology is agnostic to use and can thus be used for other purposes.

Clive RobinsonMarch 6, 2016 2:53 AM

Multitasking and chocolate

As many will know Women have been known to occasionaly claim superior multitasking abilities, and as most men and the confectionary industry know Women appear to have an attraction to chocolate. But is this coincidence or correlation?

It would appear there is evidence to the latter. How this and other benifits for chocolate been found?

Apparently by chance,

https://www.washingtonpost.com/news/wonk/wp/2016/03/04/the-magical-thing-eating-chocolate-does-to-your-brain/

So maybe on Mother's day we boy's should "step up to the plate" and in the name of scientific debate, claim our share of the chocolate cake ;-)

And for all those ladies who read this blog and are getting chocolate and cards today "Happy Mother's Day".

Wesley ParishMarch 6, 2016 3:16 AM

@Clive Robinson , tyr

re: Supermarine Spitfire

That was one engineering case where the good decisions weren't outweighed by the bad decisions, ie, the decision to make the undercarriage fold outwards from near the wing root.

The location of the undercarriage made the Seafire a chancy naval fighter, nowhere good enough in comparison with the Mitsubishi A6M "Zero", the Chance Vought F4U Corsair or the Grumman F6F Hellcat, but the Spitfire handled so well that it did not get a reputation for ground loops that I am aware of: its counterpart in the Luftwaffe the Messerschmidt Bf109 was notorious for that.

It's also an amazing design for this: the Spitfire II and V were essentially the same airframe as the Spitfire I apart from the engine and the change in wing armament thus wing design; the Spitfire IX was essentially the same airframe as the Spirfire V, apart from local strengthening for the longer, heavier, more powerful engine and in later examples c 1944, the cut-down rear fuselage a la the Hawker Typhoon and Tempest. Again, the re-engining with the Rolls Royce Griffin meant relatively minor airframe changes, until the Spitfire Mark 21, where the cumulative effects of heavier armament, heavier, more powerful engine, more equipment, etc, meant that the entire airframe had to be redesigned.

The NAA P-51 Mustang had a comparatively more extensive redesign to replace the Allison engine with the Rolls Royce Merlin; the Messerschmidt Bf109 needed a likewise extensive redesign to go from the Junkers Jumo 210 to the DB 601; not surprisingly the LaGG 3 similar to become the superlative Lavochkin 5 and the Kawasaki K-61 Hien to become the equally superlative Kawasaki Ki-100.

Which goes to show, get the basics right the first time, and tolerate no major compromises let alone mistakes, and the work will last.

WaelMarch 6, 2016 4:01 AM

@Clive Robinson,

Okay, I'll bite (how appropriate!) I still eat a lot of chocolates now that I'm done with my root canal :)These are my favorites, in no particular order of preference.

Ritter Sport

Milk Chocolate

Tobblerone

Galaxy

Mars, the U.K. Version, which for some strange reason resembles the Milky Way chocolate in the US...

The best chocolates are in Europe: Lindt, Nestle, and this is almost at the top of my list: COTE D'OR. Um, @Dirk Praet, my friend, where is my chocolate? Whenever I go on an international trip, I stop by the duty free shop and pick like 20 pounds of chocolates -- they don't last that long. I'm multitasking right now :)

More on to security... At RSA expo, I stopped by the NSA and the FBI booths.

First the NSA: I covered my badge and told the guy: tell me who I am!
Him: I don't care who you are!
Very short conversation, I moved on... to the FBI booth...

Me: Tell me who I am!
Him: I won't tell you because I don't want you to think that I know
Me: okay, I have one question... Do you watch the X-Files?
Him: No!
Dang! Another short conversation! I moved along... I guess some people just don't have a sense of humor ;)

I was hoping to find the Resiliant booth with Mr. Schneier close to the NSA booth and watch some "conversations" take place, but they weren't too close. I wonder if they had any interactions that I sadly missed!

The German companies had a collection of booths with the big title "Made in Germany". I stopped by them and pretended to look puzzled. Someone said can I help you? I said I was looking for great security products and I'm apparently lost! I am looking for the "Made in China Booth", you know where it is? :)

CuriousMarch 6, 2016 4:06 AM

I vaguely recall having read about how law enforcement in a country was legally allowed to lie. I just don't remember anything of it, so I might be wrong about that.

I wonder if USA's FBI Comey could be allowed to lie in testimony. Presumably he wouldn't be legally allowed to do so.

ThothMarch 6, 2016 4:36 AM

@Wael
You should have asked NSA and FBI if they can help you recover "lost copies of old records you wish to recover". The conversation might turn more interesting.

The German companies have a SecurITy Made In Germany national stamp given out by the BSI for products considered by BSI to be quality products that MUST BE MADE IN GERMANY as one of the criteria for he national BSI seal. The sample seal is in the link below (for TeleTrust).

The nationalistic approach is rather worrying in my opinion.

Link: https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcQQ5s7oWpI9OBAJ--AfVmzqOmrSJyzU8XCLBPGoD318Bs2ee7FY

Clive RobinsonMarch 6, 2016 5:23 AM

@ Thoth,

The nationalistic approach is rather worrying in my opinion.

I think it's been that way in German engineering for as long as I've been an engineer.

I suspect partition after WWII with the Cold War and the Wall in 61, the Berlin Air Lift etc encoraged a certain defensive behaviour. Which remained after reunification just transferring it's self to Germany in Europe (UK has a similar "Made in Britain" mentality but in certain blue rinse quaters that means Brexit).

As far as German TT when I was designing POTS phones if the dialer chip was made by Siemens then getting through type testing was a lot lot easier ;-)

ThothMarch 6, 2016 5:43 AM

@Clive Robinson, Wael
The nationalistic approach is double edged. On one side, the pride of their quality of work makes them a little more unwilling to put backdoors especially now Angela Merkel and top ministerial cabinets are issued with Secusmart MicroSD smartcards with Blackberry and the pain they took to ensure that after Blackberry bought Secusmart, the production would not shift outside Germany and remains fully in German space. This would create a little more ease of mind that backdoors if implemented in German products would also adversely affect German ministries since they are now equipped with the same smartcard IC chips as civilians (COTS with dual purpose for civilian and govt) and backdoors would turn suicidal if they ever attempted since it would compromise all levels of security.

The down side is the hyping I have been seeing on Germany security products (not that I have anything against Germany as I have never been there in the first place nor knew them). Secusmart devices was simply rated for Restricted use (pre-Snowden era) but after the Snowden leaks, I noticed it has been approved to allow processing of German ministries secrets (and Angela Merkel being the poster person for Secumsart after the Snowden leaks) which is abit overrated. That is the down side with nationalistic hyping as actual security can be turned blind.

This "Made in XXXXXX Country" is becoming the latest craze in Security market as French are following suite with something of a "Made in France" branding for IT Security if I am not wrong (France Cyber Security label).

AlanMarch 6, 2016 6:45 AM

@Thoth

"Made in Switzerland" is a big one at the moment.

I've heard people say that the Swiss still have laws which infringe upon your privacy but I disagree for the reasons I give below.

It is common knowledge that the Swiss have laws which require co-operation with law enforcement* (where possible), however, neither the state or its public authorities can compel a company to build a backdoor into their products.

*Where data disclosure is mandated by court order then the data subject MUST be informed by the Public Prosecutor that the company has been commanded to disclose the data.

Obviously for companies with a zero-knowledge ethos like the encrypted email service ProtonMail or the end-to-end encrypted cloud Tresorit this allows them to offer their services with the confidence that they cannot disclose any useful data belonging to their customer's even with a court order and where they have been compelled to hand over data they must inform the data subject.

Having strong privacy laws allows companies and consumers to benefit from certainty.

The problem with Germany is that they are part of the EU and they co-operate with other US/European partner agencies.

Where German law prohibits them from spying on their own citizens it doesn't prohibit the NSA from doing the spying for them and then passing it back to the Germans and the same holds true the other way round (the Germans monitoring US traffic and passing the data back).

It's all a matter of trust and, for the moment, it seems like Switzerland have the strongest protections out there.

I'd like to know if there are any other countries with similarly strong privacy laws.

65535March 6, 2016 7:02 AM

@ Clive Robinson

I know in the UK they make odds of a number of things other than sports. Is there bookie with odds on the Apple v. FBI case? If so what are the odds?

Although, Apple has a formidable legal budget and a number of potent amici curiae briefs, I think it is going to be a long uphill battle with screwball prosecutors spouting “cyber pathogen” hiding to be unleashed and so on.

I think this case is going to take twists and turns as the FBI and local police face the possibility of getting many of their cases tossed out of court and their shinny “Stingrays” and “DRT” boxes taken away – be it by a US Supreme Court ruling or legislative restrains on the FBI.

I am still a bit uncomfortable with the USA’s gun-ho military attitude and the need to “Collect it all,” “least untruthful statement” and games being played by US prosecutors.

‘What is a “lying-dormant cyber pathogen? San Bernardino DA says it’s made up [Update]’ -arstechnia

http://arstechnica.com/tech-policy/2016/03/what-is-a-lying-dormant-cyber-pathogen-san-bernardino-da-wont-say/

[And bookies]

‘Pollsters v bookies: who’s on the money in election 2015?’-the conversation

http://theconversation.com/pollsters-v-bookies-whos-on-the-money-in-election-2015-40933

Dirk PraetMarch 6, 2016 8:42 AM

@ Curious

I wonder if USA's FBI Comey could be allowed to lie in testimony. Presumably he wouldn't be legally allowed to do so.

The Clapper case sufficiently demonstrates that although one is not allowed to lie in testimony, it doesn't mean one can't get away with it. Especially in matters of "national security".

@ Wael, @ Clive

Um, @Dirk Praet, my friend, where is my chocolate?

Err, I am a bit of an atypical Belgian in that I don't drink beer and hardly ever eat chocolate. Cote d'Or and Callebaut are the best known commercial brands. For really fine stuff and pralines there is Neuhaus, Godiva, Leonidas, Belvas, Daskalides and Bruyerre. If ever you're in Brussels, you need to drop by at Corné Port Royal or the Mary Shop. My personal favorite is Pierre Marcolini. Quite expensive, but worth every penny, especially if you want to score with (posh) women or need to make ammends with your wife for throwing up all over the bathroom after a night out with your drinking buddies. Depending on the severity of the case, an additional treat of (French) Ladurée macarons will definitely settle the matter.

Dang! Another short conversation! I moved along... I guess some people just don't have a sense of humor ;)

You could probably have brought the entire fair to a grinding halt asking both for the exact location of the nuclear wessels, and with a thick Arab accent.

@ Thoth

This "Made in XXXXXX Country" is becoming the latest craze in Security market

To the detriment of the American "NSA Inside" label.

@ Alan

I'd like to know if there are any other countries with similarly strong privacy laws.

Iceland. Do note that Switserland passed new surveillance legislation (NDG - Nachrichtendienstgesetz) in September last year but that a number of parties managed to gather a sufficient number of signatures to put it up for a binding referendum in June. Which may or may not affect a second surveillance law called BÜPF.

Clive RobinsonMarch 6, 2016 10:04 AM

@ 65535,

With regards ArsTechnia's,

    ‘What is a “lying-dormant cyber pathogen? San Bernardino DA says it’s made up

Perhaps removing the hyphen and text to past the question mark and inserting "saying when he" after DA might be a more pertinent question.

I'm fairly certain if cross questioned in court it would prove more than embarrassing --and possibly career limiting-- for him.

But it's a fairly safe bet that is unlikely to happen, so the US public now have a new "boggie man" FUD expression to worry about... What's the betting at some point some one will ask "Does it hide under the bed like little children's night terrors or is it simply colourd red to recycle 1950's FUD?".

Can anyone say if K12 and above US history curriculum still mentions Senator Joe and his "Un-American Activities hearings" or the Salem Witch trials on which it was modelled? Or has it all been expunged behind rose tinted white wash for the sake of "Dear Donald" in his year of need...

@ Dirk Praet,

Like you my consumation of chocolate is on the low side, due in the main to the adverse effect it has on me when I eat it. It makes me cough repeatedly unless I eat more chocolate, thus that way lies purgatory or excess... When I do eat it I like the very dark almost espresso coffee flavoured 80% or above cocoa solids.

I have a recipe for addiction involving such chocolate, bitter mint fondent and real stem ginger whole wheat biscuits with a cup of extra rich cocoa with A large --three shot-- jolt of bitter sweet Amaretto 63% liquor. Served after a light supper with lemon or lime citrus theme it tends to start the night.

Clive RobinsonMarch 6, 2016 10:20 AM

@ Dirk Praet, Wael,

It's funny you should mention the "nuclear wessels" sketch from the Startrek film. I just got my son a couple of boxed sets, one being the compleate Babylon 5 collectors set, the other being a boxed set of the Startrek movies and he was just watching that very film a couple of hours ago, and was laughing that embarrassing laugh at that sketch and the hospital sketch that follows shortly there after with Bones doing his "Dear God Man..." speech at the Neuro Surgeon. Both sketeches being gloriously over acted, for the laughs.

FigureitoutMarch 6, 2016 12:32 PM

Clive Robinson
--It's unclear to me why they couldn't simply filter out the interrupt w/ a threshold (trivial to implement); there must be a difficult technical reason why they simply threw out the entire recording if it had an interrupt. In an interrupt, it's supposed to halt at any time, save PC/SP where it stopped, then resume but perhaps a reinitialization occurs (but I think it'd be the same and generate same signals). They don't specify really why interrupts are such an issue. I can see why they would for timing attacks as long as the entropy is good enough.

Not such about the other crypto counter measures mentioned (nonce splitting, nonce blinding, and constant-time implementations).

They also had to really amplify the signal (40dB!) and had the inductor practically on the phone, meaning the initial signal leaking wasn't such a bad design on Apple's part and when you're looking at sales in the millions, it's just not a smart decision to spend the money on designing power-hungry more emanation-quelling smartphones when efficiency is way more important here, especially a consumer electronic like a smartphone, it's just dumb from purely business reasons. So you're on your own here, and this attack only makes sense when you've stopped all the other ones.

albertMarch 6, 2016 12:37 PM

@Clive, and especially, @Wael,

You may be interested in this:

https://en.wikipedia.org/wiki/Theobromine_poisoning

High percentage cacao (72% in some brands) are most dangerous. As a former chocoholic, I can speak with some authority. Regulate your intake, particularly as you get older. All that sugar isn't a health aid either:)

. .. . .. --- ....

keinerMarch 6, 2016 12:54 PM

@r / 65535

In principle I don't trust these Dell machines at all. But what to nowadays? Any way to see what this BIOS really has inside? We all have to trust in the un-trustworthy...

And Mr. Schneier makes but-out to IBM... World is going crazy. Totally.

AlanMarch 6, 2016 1:57 PM

@Dirk Praet

I recall reading about the referendum that ProtonMail and others have forced the Swiss government to undertake. I hope the people vote out the law because the 'trusted' technology industry is something Switzerland can take advantage of.

In any event my reading of their law as it stands is that it doesn't actually undermine end-to-end encryption... or does it?

Here's a decent chocolatier that manufacture some incredibly lifelike chocolate products:

http://www.schokolat.co.uk/

WaelMarch 6, 2016 2:38 PM

@albert,

I can speak with some authority. Regulate your intake, particularly as you get older. All that sugar isn't a health aid either:)

I'd rather die with a smile :) Given this is George Carlin, rude language usage is an implied caution... Take a chance...

illuminati - more than meets the eyeMarch 6, 2016 3:24 PM

Subgraph OS - Secure Linux Operating System for Non-Technical Users

Friday, March 04, 2016 Swati Khandelwal

Article in Full w/ Screenshots:

https://thehackernews.com/2016/03/subgraph-secure-operating-system.html
https://archive.is/ZNTFH

"Subgraph OS[1] is a feather weighted Linux flavor that aims to combat hacking attacks easier, even on fairly low-powered computers and laptops.

Subgraph OS comes with all the privacy and security options auto-configured, eliminating the user's manual configuration."

"Subgraph OS offers more than just kernel security. The Linux-based operating system comes with a slew of security and privacy features that its developers believe will be more accessible to non-technical users.

The OS also includes several applications and components that reduce the user's attack surface. Let's have a close look on important features Subgraph OS provides."

1. Automated Enhanced Protection with Application Sandboxing using Containers
2. Mandatory Full Disk Encryption (FDE)
3. Online Anonymity - Everything through Tor
4. Advanced Proxy Setting
5. System and Kernel Security
6. Secure Mail Services
7. Package Integrity

"Subgraph OS also provides an alternative way to trust the downloaded packages. The packages are to be matched against the binaries present in the operating system's distributed package list, thus becoming a finalizer.

Recently Backdoored Linux Mint hacking incident is an example to this.

Thus, Subgraph OS eliminates the usage of any tampered or malicious downloaded packages."

"How to Download Subgraph Os?

Subgraph Os will be available for download via its offical website. Let's wait for the operating system to get unveiled in Logan CIJ Symposium conference in Berlin on March 11-12 to experience the Cyber Isolation!!!"

[1] https://subgraph.com/sgos/

Clive RobinsonMarch 6, 2016 3:39 PM

@ Figureitout,

So you're on your own here, and this attack only makes sense when you've stopped all the other ones.

Not quite ;-)

You are falling into the "one size fits all" fallacy. There is more than one way to open a can of "corned beef" which way is best depends on several factors.

So it is with most things in life.

As an attack on the phone in the street this attack is not very usefull. As an attack on a phone on the work bench it's got advantages in that you can minimize the risk vectors of information loss. But more importantly not have vats of acid or solvant that will either clean you to the bone and beyond before you can stop them or explode in some way taking half the lab with you on your way to being diolute molecules in the cosmos. Then if you survive the decapping process there are the lasers to have fun with... Oh and it needs to be said that the "Acid & Laser" method has a major downside, theres not enough left of the phone for it to be considered evidence let alone reliable any longer. Thus the independence and repeatability of testing fails which gives rise to problems within the way the law works. Which is why the forensic community has been trying for some time now to give the appearence of non-destructive or only partialy destructive --small sample--testing, such that the defence etc can carry out their own tests.

Electronics gives us a problem in that respect, it's realy not possible to have a reliable primary custodial chain with verification testing etc. Thus we go for secondary testing we "copy and test the copy" but that gives rise to how do we know the copy is sufficiently identical? The simple answer is we can not, take the example of malware that hides deep in a computers BIOS and also in the on board CPU's and Flash Memory of the hard drive. We already know that such malware can hide it's self from the standard interfaces of the "black box" HD assumption used by standard forensic testers. Appart from very subtle time variations on the interfaces and differences in electromagnetic emissions the only way to find such code and the secrets it hides are via "Acid & Laser" or it's equivalent...

With a little thought you will realise that in the "intangible information" world it's now very much that of the Emperor's New Clothes. At some point somebody is going to stand in court and point at the prosecutor and say "cringe in you callow nakedness" and the house of cards that information forensics is, is going to fall.

Thus this quest to "know everything" is a failure before it starts. If the FBI do not know this then they are sadly delusional.

To see why, lets say the FBI fail to get help from Apple, but the cough up a big wedge of cash to a research institution that using "Acid & Lasers" or "electromatic wizardry" get the first secret out of the iPhone and thus recover all the files. A lot of those files will have quite a high entropy and thus although being valid files contain sufficient uncertainty to hide sizable messages (ie stego). So you won't know --if done properly-- that there is any additional hidden information. So uncertainty abounds as you would expect and you can not "know everything". But what if they find a near random text file that was say a draft SMS etc, what do they do with it? At this point they enter a world of hurt because if it contains valid information from an OTP they won't be able to do anything without the key, thus a key hunt starts... Or they sensibly say "lets not follow the white rabbit" and accept they can not "know everything".

Or a lot worse as some will suggest they will "invent plain text" to maintain an illusion, or use it against others --remember lying to suspects is allowable to get a plee deal or confession-- along with tourture techniques such as "Special Administrative Isolation" etc, which at the very least deny access to legal representation etc.

The thing is that as everybody does they ignore the elephant. In this case it's tangible physical "contact evidence". When you make a "copy" and work on the "copy" there is no forensic evidence to say it's a true copy, or that the suspect had knowledge of it at any time. Thus faking evidence gets one heck of a lot easier with intangible untraceable information than with tangible physical information, especially if you are alowed to destroy the original physical evidence in --supposadly-- getting the intangible information...

tyrMarch 6, 2016 3:55 PM


@Wesley Parish. et al,

"Which goes to show, get the basics right the first time, and tolerate no major compromises let alone mistakes, and the work will last."

The F4U was a case of outperforming the pilots so badly
they were relegated to non carrier work until the under
carriage got fixed. The second fix was to limit the controls
because pre G suits the pilots could be blacked out by
turning too sharply. I saw a video where an F4U clipped
an F8F on takeoff because of poor visibility which
rolled them both into a ball. It was called widowmaker
for a good reason. Pushing the performance envelope is
not always the wonderful idea it seems on the surface.

Like the mad scramble to plaster over the deficiencies
of the 8086 when it turned into the default business
small office comp. The results are touted as the wonder
of technological progress but I doubt the dazzle of
Win 10 as the right path to a reasonable future.

Dirk PraetMarch 6, 2016 4:14 PM

@ Alan

In any event my reading of their law as it stands is that it doesn't actually undermine end-to-end encryption... or does it?

I don't think it does either. The BÜPF is the more scary one, in that it allows the government to deputize private companies to spy on their users. Read: FBI v. Apple. Or "business as usual" in the eyes of AT&T and the like.

AlanMarch 6, 2016 4:44 PM

@Dirk Praet

Thank you for that source; I've not come across that before.

The proposed Überwachung des Fernmeldeverkehrs (Interception of Telecommunications) law is more thoroughly detailed here.

I understand that it'll be argued as being contrary to the Swiss Constitution as the proposals are: irreführend (misleading), unverhältnismäßig (disproportionate) and gefährlich (hazardous).

It's on all fours with the proposed Investigatory Powers Bill (a.k.a. 'The Snooper's Charter) in the United Kingdom. The BÜPF, along with data retention, arguably also authorises the subterfuge of devices - i.e. installation of spyware (or 'Equipment Interference' in the UK).

Clive RobinsonMarch 6, 2016 4:56 PM

@ Albert,

You may be interested in this:

Have you looked up the LD50 in humans and their pets?

Humans need to eat around 10Kg of standard chocolate, dogs on the other hand less than 1/100th of that. Back when I was still young and in school I used to know a girl who assisted part time in a vets. She hated Easter (choc eggs) and Xmas (choc coins, tree decorations) due to the number of otherwise health pets that died.

If I remember correctly there was a civil court case over the death of a "nuisance dog". From what I remember the owner let it dig under fences and get into a neighbors garden where it did a lot of damage to plants etc. She had alowed it to do this for some considerable time then her dog turned up dead of theobromine poisoning... She first accused the man next door and tried to have him arrested for animal crulty, and when the Police and Inspectors did not bite, she tried a civil lawsuit involving "attractive nuisance"... What the truth of the matter was I don't know but there are laws in most jurisdictions about "animal control" and it sounded like she did not follow them.

@ keiner,

Anandamide

Ahh the Cocoa bean "tetrahydrocannabinol" (THC) analog. Then there is the quaintly named "Cocoa amphetamine" alike "love drug" phenylethylamine. But even theobromine has mood enhancing effects as a neurotoxin it first has pleasurable side effects causing both relaxation and stimulation similar to caffeine.

If you want to see the effect chocolate might have on humans give a little to a mouse and then you will see why people joke about them being "Speedies".

The use of cannabis and amphetamine combined was known back in the hippy hangover days as the "seducers drug". In much the same way that Absinthe was considered the "seducers drink" a century or so before that (due to the use of Wormwood, which like the more easily obtained Cleary Sage essebtial oil tends to be enhanced in effect in alcohol and is reputed to have LSD like effects).

But there are three hundred or so other chemicals in the cocoa bean extract also with known properties that give women especialy a "happy hug" feeling. But few people can stomach pure cocoa extract it's actually quite bitter (which I like). So eating choclate is enhanced with lots of sugar (human niros-oxide) and various fats which also have mood changing effects. Specificaly the finest chocolatiers try to get the melt point just below that of body heat, thus the very seductive melting on the tongue releasing the chemicals and fine mood enhancing smells.

Continental Europe tends to have the highest cocoa extract in chocolate in the first world whilst the UK and US have so little they add the likes of caramel --just browned sugar which is a suspect carcinogen-- to colour and flavour the adulterants so the lack --10% or less-- os cocoa extract is not as obvious. Which might account for the stories of why the EU wanted the UK to stop calling it's chocolate products chocolate and vegolate instead...

@ Alan,

The "chocolate teapot" is a real work of art, I like, and I know someone to give one to who will see the joke as she collects antique china tea pots and services.

CuriousMarch 6, 2016 4:59 PM

I have now been listening to the whole session that 'House Committee on the Judiciary Hearings' has been having in US, and there are some things that weirded me out:

I thought it was weird that Apple's representative Sewell let himself be bullied by Gowdy, and that Sewell somehow was basically pressured into promising Gowdy, that Apple would eventually agree to that what Gowdy called a "legislative remedy". (Around 04h:36min) Presumably, Apple's representative did not want to decide on making any kind of agreement, yet it seemed as if Gowdy's behaviour imo might open up for commanding Apple as a company in secret (admittedly, this is speculation on my part, me being cynical).

I thought it was very weird that Goodlatte imo seemingly went out of his way to void any deeper meaning to the concept of 'privacy', by basically framing privacy as being a mere security concern. Oddly enough, when Goodlatte asked Apple's representative what it would mean if Apple changed their minds after a court order or if changing their minds and wanting to work with the FBI, Sewell pointed out that peoples "safety and the privacy" would be at risk, but then Goodlatte interrupts him and seemingly changes the topic, by which Goodlatte then askes a seemingly irrelevant question, and then Goodlatte asks a question about the cost in time with a reference to what he called "an undue burden" of Apple moving from US to set up the cloud in China. Apple's representative then points out that the "undue burden" is to compromise the customers safety and security if Apple developed this software to break the security of this one iPhone. Then I thought it was bizarre that Goodlatte then says "I am being very critical about our privacy.", as if demanding everyone to try read between the lines of what he said. (Around 05h:13min) I also thought it was weird that the chairman (Goodlatte) had left the hearing at some point and had missed out on some of the things that had been said. I guess, maybe it wasn't for long.

FBI's comey had some imo (me being a European) bizarre statement in claiming that USA is a country of law, being open to accusations of having invaded Iraq and elsewhere, tortured people and incarcerating people on Cuba. Ofc, one committee member points out to Comey that there was a time in the 60's where FBI couldn't be trusted as I understood it. Comey also pointed out how the government is not evil, not really sure how that was supposed to be interpreted. Pretty sure a government can do what one would call evil things (ofc leaving religious undertones out of that). Comey was asked if the FBI had researched the problem of getting to the data on the iPhone "extensively", to which Comey seem to avoid answering directly. Comey then talks about being open to suggestions from everyone to solve this problem with getting to the data on the iPhone. At the end of the hearing, the topic of FBI & NSA was finally mentioned. Even the problem of soliciting assistance from other countries was also mentioned if I remember correctly.

Is it a good idea to call encryption as being a "technology"? I suspect it isn't. I believe such was mentioned in the hearing early on. Calling encryption a "technology" seems very generalizing to me, but I'm no expert.

Finally, I wanted to comment on what was mentioned early on. I am not sure, but I think it might have been Goodlatte that pointed out in the hearing how people have rights, but that the law enforcement has powers. From anyone that was in opposition to a government, I would have found such a statement natural, but it irks me when it is pointed out by someone working for the government. And I have a problem with how a debate about a so called "balance" between security and privacy is based on supposedly balancing the needs of law enforcement and peoples need for privacy, because if people are supposed to asked to accept a "balance" between their rights and the powers of the government, then abiding to this world that Comey wants, as he said, a world where everything is available to a warrant, surely people must understand that there is no real balance to be had if 'privacy' is not a right as such.

I got annoyed hearing committee member Labrador saying to Comey "I know you have a very difficult job, as you are trying to balance ah security and privacy" (02h:57min). I'd claim that such a statement is not meaningful, because the proclaimed reference to "balance" is not real, as if it was up to Comey to do decide on this balancing, and this babble is akin to debating a debate where one avoids core issues and discuss other aspects instead.

"House Committee on the Judiciary Hearings: The Encryption Tightrope: Balancing Americans’ Security and Privacy"
https://www.youtube.com/watch?v=g1GgnbN9oNw

ThothMarch 6, 2016 5:19 PM

@illuminati - more than meets the eye
re: Subgraph OS
1.) Huge untrusted TCB in Linux kernel no matter how you harden it is still not going to make it anymore secure. Reduction of the TCB and using a microkernel architecture like L4 microkernels are more desirable.

2.) Tor cannot provide anonymity as it has been breached and shown to have multiple weaknesses in it's scheme and system many times over the last few years where universities and security researchers have managed to compromise the anonymity of Tor users and trace them rather easily.

3.) Application firewalls are not going to be useful if the lower layers (i.e. kernels and hardware architecture) is not designed with security in the first place.

4.) Untrusted boot is a bad idea. Subgraph OS does not support some form of hardware root of trust for booting and this opens up to Evil Mad attacks. This can invalidate the use of FDE by causing the system to boot into some malicious kernel images designed to be used as a stepping stone for future attacks including the extraction of the encryption keys for the FDE crypto and to hide key loggers to key log users.

The more ideal approach for secure OS research and development is to take the already existing open source Turaya OS sample (http://www.emscb.com/content/pages/turaya.htm) and re-work it for a full fledge working secure OS. Turaya is based on L4 microkernel approach and supports hardware root of trust for trusted booting. This would likely be many times more secure than a modified Linux. Porting GNU toolkits to L4 microkernel architecture to emulate Linux to make porting of Linux applications to L4 microkernel OSes would also aid in helping users move from an insecure and untrusted Linux environment to a more secure and more trusted microkernel based system with a hardware root of trust.

CuriousMarch 6, 2016 5:20 PM

To add to what I wrote:

I had the impression after watching this hearing that was recorded, that the committee hearing revolved about wanting to being 'pragmatic'.

Being pragmatic about 'privacy' is probably not what this hearing was about, but rather about being pragmatic about 'security'.

I personally think the very notion of "balancing privacy and security" is dumb, because I suspect that both 'privacy' and 'security' all too easily become placeholder words that serve no purpose in bureaucracy other than for labeling ideas and concepts that has perhaps little or no regard for people's right to, and the need for privacy.

ThothMarch 6, 2016 5:45 PM

@Curious
It's all just power play and posturing behind the scenes. The FBI has always been wanting to "make it big" and make themselves look powerful and important since long time ago just like many other US Warhawk Government organs that try different posturing tactics. In the 1990s, it's the NSA who led the Crypto War of that era and now different factions are pulling different postures. NSA appears to be pro-crypto for now but who knows what's their true intention.

Politics would work if politics is going to successfully represent an informed audience with democracy being upheld but now there is very little true democracy and mostly just marketing done by Presidential candidates and agencies who are definitely going to break their promises to save their back side if they feel their personal interest are going to be violated.

What is more practical is for code cutters and computer/security engineers on the field to start adopting and studying higher assurance techniques in creating, designing and developing their products and ensure they really cannot break the security of their products (the dilemma Apple is now facing with the use of update mechanism for backdoor).

no trumpMarch 6, 2016 6:22 PM

@Thoth: would appreciate it if you could copy/paste what you wrote to the authors of that new OS. TIA.

Dirk PraetMarch 6, 2016 6:35 PM

@ Clive

Which might account for the stories of why the EU wanted the UK to stop calling it's chocolate products chocolate and vegolate instead...

Those wars are still going on. Last month, a mentally retarded Brussels judge ruled against Ferrero, the Swiss producer of Nutella, in a lawsuit brought against Belgian supermarket chain Delhaize. As a result Delhaize will be allowed to continue to call its hazelnut spread "Choco", even though it doesn't contain any chocolate at all. The Court, in its infinite wisdom, ruled that is was sufficient for the product to taste like chocolate to call it chocolate. I suppose under the same reasoning certain male prophylactics can now be called strawberries.

@ Thoth

Huge untrusted TCB in Linux kernel no matter how you harden it is still not going to make it anymore secure.

Yep. But it's a good thing they added Grsecurity/PaX.

The more ideal approach for secure OS research and development is to take the already existing open source Turaya OS sample (http://www.emscb.com/content/pages/turaya.htm) and re-work it for a full fledge working secure OS.

Or something similar as Turaya. I guess the main reason for the Subgraph folks to stick to Linux is hardware/driver support, not to mention the effort (and funding) required to work from something else probably being considerably steaper. They don't really look like a big outfit to me. That said, I'm quite pleased they finally have a working version out and I'll be most happy to take it for a spin, especially if it runs on older hardware.

NobodyMarch 6, 2016 7:25 PM


The FBI have been dirty from the time that J. Edgar started wearing women's panties.

@Thoth

It doesn't matter how informed the electorate is if their representatives consistently sell them out, or down the river.

I think that I posted the links that referenced Packard's and Bernay's work.

WaelMarch 6, 2016 7:54 PM

Five interesting / educational short videos...

How to implement a Full Adder from discrete components. 5:26 minutes

About Quantum Computers and Qubits. 6:47 minutes

Challenges with Quantum Computing by Michio Kaku. Molecular computers, and molecular transistors that are 1 carbon atom size. 4:47 minutes

Some "common" traits of geniuses... 2:35 minutes

In an interview with RT, Micho Kaku talking politics A longer one, about 10 minutes.

Now go watch the videos and be somebody!

ThothMarch 6, 2016 8:12 PM

@no trump, Dirk Praet
I don't believe the Subgraph OS is new. It has been mentioned sometime ago since 2015 according to this blog's archives in the links below.

A few of us here including myself here have mentioned about using microkernels instead of monolithic OSes on record so it's not something new. Currently, Qubes seems to be the only viable "Secure OS" using a Xen hypervisor but even with a Xen hypervisor, it's TCB is still too big vs. a L4 microkernel.

Something interesting to note is Qubes itself supports the commonly termed hardware-based trusted boot via TPM as shown in the link below.

It would be nice if the upper layers of Qubes can be ported over to the NOVA hypervisor from Genode project to replace the Xen hypervisor that Qubes uses for the lower layers for a much smaller TCB but that's up to the Qubes team to decide.

@Nobody
Agreed. Current politics cannot be trusted.

Link:
- https://www.schneier.com/blog/archives/2015/09/wanted_cryptogr.html#c6706408
- https://www.schneier.com/blog/archives/2014/07/friday_squid_bl_433.html#c6675764
- https://www.qubes-os.org/doc/system-requirements/

SkepticalMarch 6, 2016 8:19 PM


The weak, slippery-slope policy argument against Apple's compliance with the FBI request for technical assistance in the San Bernardino case has not improved with time.

Its proponents seem to believe that if Apple complies in this case, or if the court rules in favor of the Justice Department, then the government will be able to compel companies to install backdoors into their products as sold, and before they are sold, to the public.

It's an absurd extrapolation. Congress could pass a law requiring something like that, but that's not the issue at hand.

The present issue is really confined to the question of the extent to which a court can require a company who designed, manufactured, and licensed the use of certain software in conjunction with certain hardware to assist a law enforcement agency to effect a search warrant that would otherwise be defeated by that company's product.

So the implication of a favorable decision for the Justice Department, from the vantage of legal reasoning, are quite limited. It is simply that where the government makes a request for specific, limited, and reasonable technical assistance to render effective a permission granted to the government under law, then the party in question can be compelled to comply by a court.

Such an implication should not cause any unease to those who believe that a device susceptible to an effective search with the assistance of a company is insecure.

Indeed, the authors of the rather famous Keys Under Doormats paper that circulated last year regarding lawful access schemes dismissed the notion that requiring the assistance of a company before lawful access be achieved would be a significant source of security, noting that this "merely" shifts the burden of security to the company (which, presumably, is insufficient).

And yet - here we are - faced with a case where the circumstances are precisely those that were dismissed in that paper as insufficient. And strangely, some of those same authors now seem to believe that the security provided by a requirement of company assistance can be very substantial indeed.

One wonders whether those authors have been misled as to the legal implications of the case in question, due in no small part to the efforts of Apple's massive and vaunted PR/marketing/lobbying groups, or whether those authors have become so accustomed to pushing against what they view as government overreach that, almost out of habit, they found themselves in opposition to the government here before letting all the facts and considerations play out.

Because if one assumes their continued adherence to the arguments in Keys Under Doormats, then once one grasps the limited legal scope of the issue at hand, their security objections amount to demanding we keep the bank vault locked long after it's known that nearly anyone could unlock it.

But, perhaps the issue is more complex than as presented in that paper - which might suffice to explain their support for Apple in this case, but which would also complicate the question of the much bigger legislative issue of lawful access.

cry me an onion!March 6, 2016 8:58 PM

@ Thoth

"I don't believe the Subgraph OS is new."

Do you have any proof it's been available to the public to use, yet? All I've been hearing is huffing and puffing in news articles to get all moist about it's eventual release.

And I am moist!

keinerMarch 7, 2016 1:13 AM

@Wael

But you had a deeper look into quantum physics? For sure there is no such thing as "the big plan", a deterministic development of the universe.

What you mean is the difference between precision and accuracy of e.g. analytical methods. If you know the reason for "differences" in results (equipment, lab worker, different days) you add it under "accuracy", if you don't know (or can't control for) you call it precision (random).

WaelMarch 7, 2016 2:36 AM

@keiner,

For sure there is no such thing as "the big plan", a deterministic development of the universe.

Is that something provable? Intelligent as they are, I don't subscribe to what Feynman and Michio claim. If they talk about physics, I'm all ears. They usually lose my interest and "respect" when they venture outside their areas of expertise. One thing to note that I mentioned in the past is that science doesn't and can't answer questions of "why"; it attempts to answer questions of "how". How the universe came into existence could be attributed to several theories such as the Big Bang which is supported by observable and testable events. Why it came into existence is outside the domain of science. It's also worth noting that even if the bing bang is correct, how that initial super dense initial material came into existence is unknown.

What you mean is the difference between precision and accuracy of e.g. analytical methods.

In a way, yes.

If you know the reason for "differences" in results (equipment, lab worker, different days) you add it under "accuracy", if you don't know (or can't control for) you call it precision (random).

"Randomness" can occur because, for example:
1- The math model is imprecise (for example using the first few terms of a Taylor series as an approximation rather than using all the terms, or using the first 10 digits of Pi rather than a million or two.
2- We aren't able to understand the underlying dynamics of a phenomena and its dependencies on other influencing parameters. In a coin toss, ignoring the current induced in the coin as it moves in the earth's magnetic field could have an effect. Or if at the time of the coin toss a significant sun flare takes place.
[... other factors...]
What is viewed as random today, by someone maybe deterministic tomorrow by the same person. It also maybe deterministic today by someone else whose manipulating the "generating" source of a RNG, as we have seen in Dual_EC_DRBG. This is a case when the knowledge of a piece of information transfers a "random" quantity in the eyes of some to a "deterministic" or not "so random" quantity in the eyes of others -- the holders of keys to a "backdoor".

WaelMarch 7, 2016 2:53 AM

@keiner,

Here is another related and fascinating discussion of Zipf's law. I have a feeling I'll watch the entire series, even though I know I'll remember only what Zipf's law mandates!!!

keinerMarch 7, 2016 3:10 AM

@Wael

"Is that something provable?"

No, forget about "proofing" something. All you can do is disprove your theory (I'm with Mr. Popper there).

All we see now in quantum physics disproves any kind of deterministic universe. But as we all know: Todays knowledge is tomorrows fallacy... ;-)

Dirk PraetMarch 7, 2016 5:14 AM

@ Wael, @ keiner

How the universe came into existence could be attributed to several theories such as the Big Bang which is supported by observable and testable events. Why it came into existence is outside the domain of science.

It's the metaphysical equivalent of "why did the chicken cross the road?". Some interesting insights here from the world's most renowned physicists.

Dirk PraetMarch 7, 2016 6:43 AM

@ Thoth

I don't believe the Subgraph OS is new. It has been mentioned sometime ago since 2015 according to this blog's archives in the links below.

Subgraph has been a works in progress for a while but it would appear that this is the first public release.

No argument here that CubesOS from more than one angle is the more secure solution, but it comes with several major drawbacks. It's memory hungry and in its current incarnation depends rather heavily on (recent) Intel specific hardware and technology to make full use of all of its features. Which in practice pretty much boils down to buying a new machine with lots of RAM and as per their hardware compatibility list. Kinda reminds me of the early Linux days.

In addition, and unlike other popular security/privacy oriented operating systems, it's not exactly something you can set up a layman with. Without some serious training and guidance, I kinda doubt the average user would be able to make heads or tails of it (pun intended). Which is not to say I don't like CubesOS, quite to the contrary. I would definitely recommend it to any computer and security literate person or outfit dealing with highly sensitive stuff, a hardware and training budget to spare, and up against state-level adversaries.

Clive RobinsonMarch 7, 2016 9:33 AM

@ Wael,

One thing to note that I mentioned in the past is that science doesn't and can't answer questions of "why"; it attempts to answer questions of "how".

With regards to the universe, currently science as we know it can not see backwards before the big bang as our tools can not reach back.

However, on the assumption that it's possible to create universes, then there is a possibility human kind will get around to making it's own universe to play with T some point in the future. Thus we would say that the creation of that univers was curiosity.

As we have discused before, this is a "lesser flea" problem that is one way. That is whilst we will be able to say "why" we created a universe, there is no reason that the universe we create or it's occupents need to know why. Likewise if they in turn created a universe, there is no reason for that universes occupants to know. Thus if you look in reverse, you would not expect to be able to see back up the chain either.

Any way does "why" realy matter? That is what difference would it realy make?

Yes I can see why some people would want to give our universe a spiritual reason to exist, but some people would want to make $DEITIES out of anything the can. Not because such an entity is required by the universe but because they feel it would give them "understanding". That is just another variation the old faux "watch maker" argument.

WaelMarch 7, 2016 10:01 AM

@Clive Robinson, @Dirk Praet, @keiner,

but some people would want to make $DEITIES out of anything the can

Such people exist.

It's the metaphysical equivalent of "why did the chicken cross the road?".

:) or who came first, the chicken or the egg? See, not every egg produces a chicken! The egg has got to be fertilized first, not by another egg but by another male chicken; a roaster! Hope that settles this question ;)

CzernoMarch 7, 2016 10:37 AM

@Clive :

Science as we know it can not see backwards
before the big bang ...


Actually, "before the big bang" may be deceptive and meaningless. Arguably /time/ itself was "created" in the big bang, there is no 'before" that singularity. Not just that, we should not even try to speculate about the physics of what we call the Universe "before" its diameter was larger than the "Plank length" :=)

All mind boggling that our early universe was,
I'm pretty sure it was NOT started by some entity living in another, "previous" universe :=)

CzernoMarch 7, 2016 10:41 AM

Sorry I hit the "return" key before I was finished. Here is :

I'm pretty sure it was NOT started by some entity living in another, "previous" universe :=)

Such credence appears no more scientific than
the belief in a bored, bearded Creator...

Dirk PraetMarch 7, 2016 11:27 AM

@ Czerno

I'm pretty sure it was NOT started by some entity living in another, "previous" universe

Playing the Devil's advocate here, I'd say that's just the same gut feeling as that of those who think it was, without any conclusive evidence on either side.

Such credence appears no more scientific than the belief in a bored, bearded Creator...

Why would the Creator be bored? If I were $DEITY, I'd be having a ball of a time toying about with my creation, making everyone's life either happy or sad depending on how much Jack Daniel's I had the night before. Whereas a more serious $DEITY than myself would probably be completely overstressed and prone to depressions trying to micro-manage the entire cosmos 24/7. From a management perspective, polytheism would actually make more sense than monotheism.

65535March 7, 2016 11:29 AM

@ Gambler

Thanks, I could not find anything of Apple’s odds of winning on paddypower either. I did find some odds on Apple's earnings. I do believe paddypower did do some odds on court cases in the past.

@ keiner

"In principle I don't trust these Dell machines at all. But what to nowadays?"

I hear you. I really don't trust Dell either. I would not use the Dell machine for anything sensitive. Your mileage may vary.

@ Clive

“I'm fairly certain if cross questioned in court it would prove more than embarrassing --and possibly career limiting-- for him.”

I agree. I hope it is “career limiting” for him. This prosecutor is really reaching up his tail pipe for reasons to that iPhone.

Sorry about the punctuation. It’s not my strong suit.

Who?March 7, 2016 11:53 AM

@ Clive Robinson

It was years later as a young design engineer I was booted out of a job for knowing this... Basicaly I was involved with a company that made some of the early fingerprint readers, and I made the mistake of showing one of the more senior engineers just how easy it was to fake up fingerprints. I initially got the "not practical attack" reply, then on demonstrating a much improved attack which was practical the boot shortly there after... (moral don't break your employers rice bowl).

I am very sorry to know that you lost that job. As I understand what you tell, the moral is not don't break your employers rice bowl but that some corporations are managed by stupid apes.

I would certainly appreciate a study of an attack against my work. I can either fix it or start looking for an alternative way to achieve the proposed goal. Well, perhaps this one is the reason I am unemployed, some employers do not appreciate the truth but a false sense of security.

Multitasking and chocolate

Our brain needs glucose. I am not surprised at all to see that chocolate improves brain functionality.

WaelMarch 7, 2016 12:01 PM

by another male chicken; a roaster

Better correct it and attribute the typo to the (North Korean) spellchecker before I hear from @ianf! Should be "rooster". Still related words, in a way!

Who?March 7, 2016 12:04 PM

PXE considered harmful?

Just a random though... may PXE (preboot execution environment) be considered harmful?

On a traditional BIOS is allows a local (in the sense of "same ethernet network") DHCP/tftp/(on certain high-end architectures like SPARC64 a NFS server) to serve a boot image to a PXE client when starting up. On new UEFI firmware it seems a bit more generic (it uses a network stack not restricted to ethernet frames).

May PXE be used to boot a small firmware upgrade utility on a PXE client? In other words, some sort of firmware upgrade utility instead of a bsd.rd kernel or a standard kernel for a diskless client, that just copies a modified (even if signed) firmware on memory and reboots the computer to start the upgrade.

It does not look as a sofisticate attack and an intelligence agency may easily get access to the cryptographic keys used by a given manufacturer.

Once the firmware upgrade process starts the choices are leting it finish (dangerous) or stopping it (the computer may be bricked).

CuriousMarch 7, 2016 1:04 PM

"FCC cracks down on Verizon Wireless for using ‘supercookies’"
https://www.washingtonpost.com/news/the-switch/wp/2016/03/07/fcc-cracks-down-on-verizons-supercookies/

"Under the terms of a settlement agreement announced Monday, Verizon must pay a $1.35 million fine and will only be able to use the tracking mechanism when users connect to Verizon's corporate family of services unless the company gets customers' opt-in consent. Broader use could leave customers' Web habits visible to outsiders."

"Verizon began putting a unique string of characters into customers' web browsing in 2012 to help target its advertising program. The practice came to the public's attention in late 2014, when it received criticism from privacy advocates who called the code a "supercookie" because the it was almost impossible for users to avoid."

"The FCC is in the process of coming up with a version of its privacy rules that apply to broadband Internet providers, which are expected soon."

SkepticalMarch 7, 2016 1:39 PM


@Book Recommender:

Can you explain the link between the references you provided and my comment? I fail to see what the UN has to do with this.

My point is simple:

The principle at issue in the San Bernardino/Apple case is whether a court may, under the AWA, compel a third-party to render reasonable technical assistance in effecting a search warrant where the law is otherwise silent on the question.

What is not at issue:

- whether the court may order a company to engage in general fishing expeditions for a vulnerability and, if applicable, exploit, in a product that thwarts a search warrant;

- whether the court may order a company to install vulnerabilities, or complete methods of access, in an entire product line in advance of any search warrant being issued;

- whether other governments may impose requirements upon companies to furnish access (last I checked the PRC is not governed by the US legal system);

- whether the court may order a company to adopt a different design for a product in order to effect a search warrant for single instance of that product class.

Once one understands how limited the legal issue is, the concerns about a slippery slope are obviated.

So the only real concern here regarding security is that a company could be compelled to render technical assistance to enable a US law enforcement agency to effect a search warrant thwarted by that company's product.

Now, according to the authors of the Keys Under Doormats paper, the protection afforded by the barrier of such assistance - the barrier which the company must lower via the provision of its assistance for a search to occur - is an insufficient assurance of security.

Yet vast numbers of words have now been written in support of Apple's refusal to provide assistance in this case, implying that the security provided by the requirement of a company's assistance is in fact highly important.

You can argue on behalf of Apple that the courts should not be allowed to do this because it removes an important security protection, but then you can no longer argue that such protection lacks substance as a component of a lawful access scheme.

The real problem for Apple, and its proponents here, is that the request is actually entirely reasonable and poses no significant danger to the security of other devices. This is brand management for Apple. Nothing more.

keinerMarch 7, 2016 2:00 PM

@Wael: Which animal spins around 300 times after his death?

roast chicken...

keinerMarch 7, 2016 2:04 PM

@Who?

Although I'm not an expert at all, sounds reasonable. But do you really know which network stacks are all active all the time in your systems? And if your firewall is able to block this traffic in any way?

I have here a Win 7 always trying to reach one of my remote NAS servers (Buffalo Linkstation mini), whenever I safe a (local) .txt file with the built-in editor. Funny?

Want Binky? Mm-mm-mm-mm!March 7, 2016 3:16 PM

When skeptical plays dumb, how can we tell?

Of course you fail to see what the outside world has to do with this, you float around in the USA propaganda tank like a popeyed goldfish, Blub, Bloop!* That's why the SCO broke into OPM and took all the vetting and adjudication records. That's why the screensaver of every Chinese spook is Comey in Patrice's underwear, whippin himself with his Opus Dei whippy thing. That's what they have to do to get it through your thick loser skulls. Clearly they need to do it some more. Should be a hoot.


* or strictly speaking, Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Again I say, Blub, Bloop! Blub, Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! Blub, Bloop! &c. &c. &c. for 400,000 words.

Dirk PraetMarch 7, 2016 4:57 PM

@ Skeptical

I fail to see what the UN has to do with this.

From a vantage that the opinion of UN High Commissioner for Human Rights Zeid Ra’ad Al Hussein, that of David Kaye, UN Special Rapporteur on freedom of expression, and international customary law are utterly irrelevant to US internal affairs, you are entirely correct.

The principle at issue in the San Bernardino/Apple case is whether a court may, under the AWA, compel a third-party to render reasonable technical assistance in effecting a search warrant where the law is otherwise silent on the question.

You are delibrately narrowing down the legal aspect of the case to an AWA/CALEA dispute and over which Judges Orenstein, Pym and obviously many other legal scholars differ. There are however also 1st and 5th Amendment issues with the FBI's request, and which you conveniently seem to ignore.

The real problem for Apple, and its proponents here, is that the request is actually entirely reasonable and poses no significant danger to the security of other devices.

That's your opinion. The fact of the matter however is that Comey has already made the admission when testifying under oath to a Congress committee that the ultimate outcome of the Apple-FBI showdown is likely to “guide how other courts handle similar requests”. So contrary to your claims, it's not just about one single device.

@ Want Binky? Mm-mm-mm-mm!

Please refrain from these silly personal attacks on @Skeptical. They're not contributing anything to the discussion and to casual visitors of this blog reflect badly on all who disagree with him over the topic at hand.

Sancho_PMarch 7, 2016 5:14 PM


@Skeptical

”… their security objections amount to demanding we keep the bank vault locked long after it's known that nearly anyone could unlock it. ” (emph. added)

Any facts to back that statement?

If nearly anyone can, why would they ask Apple?

The request isn’t reasonable (but that’s a different discussion).
To address that request at Apple, if nearly anyone can, is insane.

To produce this system poses a significant danger to the security of other devices,
simply because once it was built no one could eliminate it.

The brand management is done by the gov, and that’s entirely reasonable (against US competitors).

Clive RobinsonMarch 7, 2016 5:37 PM

@ Skeptical,

My point is simple: The principle at issue in the San Bernardino/Apple case is whether a court may, under the AWA, compel a third-party My point is simple:

The principle at issue in the San Bernardino/Apple case is whether a court may, under the AWA, compel a third-party to render reasonable technical assistance in effecting a search warrant where the law is otherwise silent on the question. where the law is otherwise silent on the question.

Or to put it another way Does the US have the right to force an unwilling party into servitude?

Such a thing used to be called slavery, later conscription, both are now recognised as being against the rights of the compelled party.

Trying to hide the breach of rights behind statments like "render reasonable technical assistance" in no way removes the evil of the compulsion. Or trying to hide behind spurious morals of claiming "in effecting a search warrant".

Let us be clear the third-party was uninvolved in the crimes, in the same way a satellite car navigation system is innocent a hit and run murder.

But the court action not only casts a long shadow over the third party it can also be shown to be putting the third party at risk.

Knowing this the FBI decided to, with premeditated forethought, compound the risk to the third party by forcing the issue onto the public stage by informing the press and media. With the deliberatly aim of bringing unwarented public approbation on the innocent third party, further breaching the third parties rights.

As a non US citizen, I look on this with a considerable degree of distaste and disgust. Further it makes me think back to the last time I signed the green imigration card to gain entry into the US. There was the all important question about "Moral Turpitude", which can be described thus,

    Moral Turpitude is a legal concept in the United States and some other countries that refers to "conduct that is considered contrary to community standards of justice, honesty or good morals".

Tell me how you think the FBI score on Moral Turpitude?

Dirk PraetMarch 7, 2016 6:18 PM

@ Clive, @ Skeptical

Or to put it another way Does the US have the right to force an unwilling party into servitude?

Not according to the 13th Amendment to the Constitution of the United States: "Neither slavery nor involuntary servitude, except as a punishment for crime whereof the party shall have been duly convicted, shall exist within the United States, or any place subject to their jurisdiction."

Tony H.March 7, 2016 8:13 PM

@Thoth
This "Made in XXXXXX Country" is becoming the latest craze in Security market[...]

In the commercial world "Made in XXXXXX" is usually a legal way of saying "Not made in YYYYYY", but not for reasons of patriotism. A number of countries have legislation passed in the 1970s that targeted the Arab countries' then boycott of Israel, but was written generally so as to apply to any boycott that isn't approved by the legislating government. For my local example, see the Ontario Discriminatory Business Practices Act. Of course it doesn't have to be Not Made in Israel; obviously Not Made in China and Not Made in USA are currently popular, e.g. VASCO's "Made in Vietnam" tokens.

@Clive:
"Then there is the quaintly named "Cocoa amphetamine" alike "love drug" phenylethylamine."

The man who wrote the book on phenethylamines PiHKAL says that unsubstituted phenethylamine itself is centrally inactive in humans. And he would know. "Phenethylamine is intrinsically a stimulant, although it doesn't last long enough to express this property. In other words, it is rapidly and completely destroyed in the human body. It is only when a number of substituent groups are placed here or there on the molecule that this metabolic fate is avoided and pharmacological activity becomes apparent."

Well I guess it's not Friday anymore.

Sleepy NuminaMarch 7, 2016 8:17 PM

[b]
Quantum Computer Comes Closer to Cracking RSA Encryption[/b]
http://spectrum.ieee.org/tech-talk/computing/hardware/encryptionbusting-quantum-computer-practices-factoring-in-scalable-fiveatom-experiment

Quantum computers are often heralded as the future of smarter searching and lightning fast performance. But their amazing mathematical skills may also create grave security risks for data that has long been safely guarded by the premise that certain math problems are simply too complex for computers to solve.

Now computer scientists at MIT and the University of Innsbruck say they've assembled the first five quantum bits (qubits) of a quantum computer that could someday factor any number, and thereby crack the security of traditional encryption schemes.

WaelMarch 7, 2016 8:39 PM

@keiner,

roast chicken...

Must be over a high temperature and slow rotation, otherwise it'll be undercooked. Maybe okay for steak, but not advisable for chicken :-)

ConspiracistMarch 7, 2016 9:30 PM

@Skeptical

Its proponents seem to believe that if Apple complies in this case, or if the court rules in favor of the Justice Department, then the government will be able to compel companies to install backdoors into their products as sold, and before they are sold, to the public.

At question is precedence, and the legitimacy of the 'all writ's act'. If Apple wins, then the Justice Department will be unable to rely on the 'all writ's act' anymore, or sufficiently less, in these types of circumstances. Because precedence will knock it down.

Apple had a sufficiently flawed implementation of their system in this case, so that it is plausible they can hack it. If these flaws are entirely fixed for future versions, they will be unable to comply with the law. If, and only if, the Justice Department only wins.

That does mean Apple - and every other US company - will have to consider such demands when creating their systems. Whatever those systems are. They will have to be able to comply with such actions, if called upon.

That certainly is a danger here.


All of this is terrible PR for the US economy.

It is terrible PR for US software and hardware goods.

None of this is action inline with the behavior of a solid, committed democracy.

Wesley ParishMarch 8, 2016 12:28 AM

@S[k]eptical

I think the best reply to your argument is: the FBI tends to push its limits. This is generally not good because of another aspect of the legal system - the tendency for future generations on one hand to develop excessively literal interpretations of legal documents and on the other, to bend the meanings of words and phrases in intriguingly novel ways.

The end result of a legal system where you cannot get a clear understanding of the law as it pertains to your situation, can best be illustrated by reading the cautionary statements made by Western governments to their nationals wanting to invest in a state where the rule of law is not guaranteed and law is somewhat arbitrary - the PRC for example.

Scholem Asch in either The Nazarene or Mary used an interesting proverb to express distrust on intentions: When he gives you the kiss of peace, you count your teeth afterwards.

I'm afraid most of us see the FBI in that context, deservingly so.

Clive RobinsonMarch 8, 2016 1:58 AM

@ Wesley Parish,

When he gives you the kiss of peace, you count your teeth afterwards

Similar to "When you shake the hand of peace, count your rings and fingers after", and one or two others such as "Beware the gypsy kiss, it steals not your heart but the gold from your teeth".

ThothMarch 8, 2016 6:54 AM

@Clive Robinson, all
GCHQ director goes to MIT to try his luck in convincing the techies to "do something about encryption to make bad guys life hard". The interesting thing is the GCHQ director doesn't want to dive into the topic directly but walks in circles with the central theme likely to be about "encryption in bad guys hands".

The 2 papers that James Ellis wrote on the alternate version to the Diffie-Hellman's public key crypto is listed below as well.

Links:
- http://www.theregister.co.uk/2016/03/08/gchq_we_love_crypto_director_hannigan_mit_speech/
- http://www.gchq.gov.uk/SiteCollectionDocuments/CESG_Research_Report_No_3006.pdf
- http://www.gchq.gov.uk/SiteCollectionDocuments/CESG_Research_Report_No_3007.pdf

Clive RobinsonMarch 8, 2016 8:35 AM

@ Thoth,

The line that the GCHQ boss is taking is very very two faced, and somebody at MIT should have called him out on it.

The UK has signed various Human Rights Treaties over the years as well as Treaties for membership into the Europen Union.

With regards Human Rights signing those treaties placed obligations on the UK. One of which is "Article 8" as you may remember a case at the end of last year came before the ECHR and they ruled that bulk surveillance was illegal.

GCHQ is still carrying out bulk surveillance and is thus commiting a crime, which makes the boss a criminal.

So his variation on the "good guy bad guy" scenario is at best hypocrisy, and at worst bare faced manipulation of the truth to cover crimes against humanity (in effect the equivalent of a war crime).

And he want's us to trust him?

On what grounds does that make any sense?

Who?March 8, 2016 8:39 AM

@keiner

Although I'm not an expert at all, sounds reasonable. But do you really know which network stacks are all active all the time in your systems? And if your firewall is able to block this traffic in any way?

I would say nmap(1) should reveal this information, at least if UEFI network stacks work as expected (i.e. it is not just a widely deployed spying platform).

I am not sure some rogue traffic coming from UEFI or AMT firmware can be stopped by a firewall. It all depends how this traffic works. It may be targetted to port 80 of a remote server, a port usually allowed to pass on firewalls.

I have here a Win 7 always trying to reach one of my remote NAS servers (Buffalo Linkstation mini), whenever I safe a (local) .txt file with the built-in editor. Funny?

...if you are worried about these connections to your remote NAS then do not look at the connections your Windows 7 establishes to hundreds of hosts not under your control with help from the telemetry updates!

keinerMarch 8, 2016 9:24 AM

@Who?

My router blocks many of them, but I disabled logging, otherwise the logs are unusable. I only install M$ security updates, not the rest.

Next step: completely disconnect Win 7 from internet. Internet only from remote computers with BSD/Linux via VPN and VNC...

CallMeLateForSupperMarch 8, 2016 10:44 AM

Full text of GCHQ director Robert Hannigan's speech at MIT:
http://www.gchq.gov.uk/press_and_media/speeches/Pages/hannigan-speech-at-mit-front-doors-and-strong-locks.aspx

We have now heard basically the same message from NSA, FBI and GCHQ about a needed "conversation". I wonder, where are the rest of the Eyes in this? When will New Zealand's spies/LEAs - and those of Canada and Australia - chime in with their own locally colored ... er... renditions of the refrain,
Here is what we want
And we won't accept less.
We want a dialogue about means to those ends
But we will not propose any specific means.

Cyborg2237March 8, 2016 11:59 AM

@Wesley Parish, CallMeLateForSupper

Wesley, while you have an excellent argument there on the FBI, which even hits at the fact that they should be shamed because they are acting as the PRC acts (and you argue this indirectly, which is the best way to state it)... "CallMeLateForSupper" does just above well point out this very same problem is happening all across the world. Not everywhere. Not in "true totalitarian" nations. They do not need to bother. And many spy agencies have stepped out. I would argue they both 'do not need to bother' and are more sophisticated in their approach. One component of their approach is, it is bad spycraft for them to publicize their desire for secret surveillance.

CallMeLateForSupper

Why are these nations doing this simultaneously? What is the conversation they are having there privately? We see exposed in this, plenty of backdoor meetings.


What they do not talk much about is how many of their partners of the most important variety - weapons customers - are every bit totalitarian. The "war on terrorism" has meant that even domestic, albeit federal level, law enforcement has had to become all the more cozy with some pretty nasty regimes. Who have different ways of doing things.

Whose influence is stronger?

They do not parade their influence, but they sure feel it. Plenty of money and intelligence goes their way.

CuriousMarch 8, 2016 12:35 PM

"FBI quietly changes its privacy rules for accessing NSA data on Americans"
http://www.theguardian.com/us-news/2016/mar/08/fbi-changes-privacy-rules-accessing-nsa-prism-data?CMP=edit_2221

"The FBI has quietly revised its privacy rules for searching data involving Americans’ international communications that was collected by the National Security Agency, US officials have confirmed to the Guardian."

I don't understand if this is supposed to be favorable for the FBI or not.

Who?March 8, 2016 12:54 PM

@keiner

My router blocks many of them, but I disabled logging, otherwise the logs are unusable. I only install M$ security updates, not the rest.

Next step: completely disconnect Win 7 from internet. Internet only from remote computers with BSD/Linux via VPN and VNC...

Windows has its place even on the most secure networks. All my computers run OpenBSD (either OpenBSD/alpha, OpenBSD/amd64, OpenBSD/hppa, OpenBSD/sparc64 or OpenBSD/i386), but have a bootable Windows Preinstallation Environment (WinPE) 3.0 CD-ROM I made a few years ago. It is a valuable tool to, let us say, upgrade the AMT firmware on my ThinkPad T430s or the firmware on the Zalman ZM-VE300 storage case.

Of course, WinPE 3.0 is on a non-writable CD-ROM and only use it to upgrade firmware on machines not connected to communication networks.

WaelMarch 8, 2016 1:57 PM

@Name (required),

Dead Squid can have sex with your mouth

This is getting out of control! I wonder if it's the same pervert bastard squid that we were warned about a little over three years ago! Tell you what: next time you plan to engage in an unprotected squid meal activity, just make sure you have one of these handy - it's a plan B, if you will! Right @Dirk Praet ? :-)

keinerMarch 8, 2016 2:05 PM

@Who?

Fine for you if you have the expertise to run all this! You are really lucky then, I could not manage all these systems.

And I have to keep the Windows trash for my work, no way around that, just can try to make it as "silent" as possible...

WaelMarch 8, 2016 2:19 PM

Dead Squid can have sex with your mouth

It's likely a hoax. Conspiracy theorists say Linda Lovelace is preparing for her next movie -- links omitted for obvious reasons :)

Dirk PraetMarch 8, 2016 5:23 PM

@ Wael, @ Name (required),

I wonder if it's the same pervert bastard squid that we were warned about a little over three years ago!

I think so. And it was apparently already old news when I posted it back then. Since I never liked calamar anyway, that story became the perfect excuse not to ever touch it again.

Dirk PraetMarch 8, 2016 5:38 PM

@ Who?, @ keiner

... but have a bootable Windows Preinstallation Environment (WinPE) 3.0 CD-ROM I made a few years ago.

You may wish to check out Hiren's BootCD too. It's pretty old now, but stil a valuable tool for troubleshooting Windows installations up to Windows 7. Also runs from USB. If anyone else is interested in creating a bootable Windows PE 3.0 with rescue tools on a stick, check here.

WaelMarch 8, 2016 6:56 PM

@Dirk Praet,

Since I never liked calamar anyway, that story became the perfect excuse not to ever touch it again.

I'm not too keen on it either. But I'm curious as to the bigotry of humans... Why is it okay to eat caviar and then complain about eating a sack of sperm, eh? I mean we should be consistent - you know, what's good for the goose ... Any feminists in the house?

Dirk PraetMarch 8, 2016 7:47 PM

@ CallMeLateForSupper

We have now heard basically the same message from NSA, FBI and GCHQ about a needed "conversation".

These douchebags are not interested in a conversation. Paraphrasing Ted Cruz, it's probably safe to say that when the IC tells you they need a conversation that's just IC talk for telling they're about to stick it to ya.

@ Wael

Why is it okay to eat caviar and then complain about eating a sack of sperm

I don't eat caviar either. At fancy parties, I usually sneak out around midnight to get me a hamburger or some kebab 8-)

Clive RobinsonMarch 8, 2016 10:33 PM

@ Wael, Dirk Praet,

At fancy parties, I usually sneak out around midnight to get me a hamburger or some kebab 8-)

You and me both :-D

A little under twenty years ago a friend and I visited a quite exclusive (thus expensive) Sushi place where you get to see the whole performance of "swiming to plate" and whilst we ate well and our pockets were lightened considerably we both had the feeling of having been entertained but not realy fed (this was in my younger fitter 3.5Kcal/day days where a quick fifty or sixty miles on the bike was a way to unwind from work). We had also had a number of flasks of the warm brewed rice wine Sake (18% by vol) to finish off, so our judgment was perhaps a little impaired, as we took a short cut to the station we got hit full in the face by the smell of a Greek restaurant and were led by the nose to a full mezze etc, includibk a bottle or two of Retsina... Oh and a lesson learned, under no circumstances drink retsina after Sake the result was most dibilitating the following day, and a compleat inability to think clearly for a couple of days, which ment the bike stayed in the garage for five days, longer than it ever had for minor inconveniences like flu.

As for eggs and sperm, we do eat both look up the difference between soft and hard roe. I still occasionaly brine / smoke cods row to make tarama which will keep for a while, and then make a traditional salad of taramosalata with it. If I am feeling decadent I will use ground almonds not white bread, and whilst not quite Ambrosia is a little bit of heaven when compared to the standard pink (from beet juice) slurry you get from most shops.

As for Squid, it's your duty to eat it by the bucket full due to the harm it's causing (the same is not true for octopuse or cuttlefish). Due to the decline in other species man is the only serious preditor against the dangerous rise in certain squid numbers.

As for the story of the squid sperm, their life cycle is a little weird to put it mildly ( http://gilly.stanford.edu/reproduction.html ). Thus the packages of sperm the males make are long lived and have an affinity for mucus membranes. Due to the taste abd texture of raw squid I only eat it prepared and cooked, thus the issue raised by the story does not arise.

WaelMarch 8, 2016 11:31 PM

@Clive Robinson, @Dirk Praet,

As for eggs and sperm, we do eat both look up the difference between soft and hard roe.

I looked it up, you're right! Didn't know that! Eeeeew

FigureitoutMarch 9, 2016 12:07 AM

Clive Robinson
You are falling into the "one size fits all" fallacy.
--I think I'm just saying people are on their own if they want to defend against these kinds of attacks. For instance, just today I noticed same noise associated w/ scrolling a screen on Dell desktop PC's, w/ headphones connected to android phone (this noise has a better sound to it, and delayed after movement stops). Whatever it is, I bet it's the same thing b/w the 2 (some switching regulator maybe...). Just annoying.

Other stuff...yeah try to focus on technical now and I've already had a few sleepless nights on all that. So much so I posted here awhile back as a sort of evidence chain stating my innocence in case it does go to court and that I was being setup...This is why I don't think our legal system and judges/lawyers really understand the ramifications of such untrustworthy "evidence" that can be swapped out and completely faked.

CuriousMarch 9, 2016 4:18 AM

I wonder if US' DOJ seeks to ban anything to do with quantum cryptography.

Clive RobinsonMarch 9, 2016 5:10 AM

@ Wael,

I looked it up, you're right! Didn't know that! Eeeeew

In the munching departnent it gets worse a whole lot worse... If and only it you have a strong stomach look up Offal[1] and the difference between "sweetbreads" (pancreas, spleen and similar) and "sweetmeats" (testicles etc) and the orign of the expression "Prairie Oysters", more often called "Rocky Mountain Oysters" in the US.

If you look back in history people did not waste what was in the animals abdominal cavity it's all edible if you want to. The guts of the animal were cleaned out and often filled with the offcuts etc to make the variety of "sausages", black and white puddings, salamis and other regional delicacies such as the Scotish Haggis using the "pluck" and "lights" of the sheap etc (a dish I enjoy). Then there are other bits, like pigs heads where you remove the ears and cheeks --for other dishes-- then slowly cook down the reast so you can lift out the bones then coarsely chop it and put it all in a dish to make "brawn" that was often given to those not upto chewing hunks of flesh, or put on bread etc. Likewise "piggs feet" when slow cooked make a realy nice but sticky dish (ever wondered where the jelly in jello and blamunch came from). Sliced "Ox tongue" braised in red wine is a realy nice dish, the hard part for the cook is getting the skin off. Another nice dish is marrow bone for which you need a special spoon. Though originally thought to be "poor mans fare" like the eggs of sturgen, smoked salmon, etc they became "high class" speciality dishes of the rich, whilst potatoes went the other way...

Oh and perhaps of some relevance to this page look up "pizzle", some say that when cooked the right way they do taste like fried squid...

Asside from brawn Atleast so far apart from the name you are getting parts of the animal you can identify by sight... But not all names are what you think they are some are nicer take "pork butt" it's not a cut from the pigs rear end it's actually "pork shoulder" the name comes from the wooden barrels it was brined or transported in.

The real nasties are what goes into pies, "ready meal" stews curries and similar pre-made dishes. It's not just "mechanicaly recovered meat" there are other industrial horrors where scientists have worked out what to do with bits of other animals you would perhaps chose not to eat (goat, horse, pig etc)... That is they can reduce horse skin etc down to "real meat" thickening agents and in the processes destroy the DNA traces so you can not tell which animal it came from... These thickening agents are also used in frozen poultry end stage production and for cooked meats like "York Ham" production where they are injected into existing animal flesh so that it will additionaly hold upto twice it's weight in water... It's one of the reasons why some Bacon not just sizzles in a hot pan it lets out clouds of steam like a boiling kettle.

I don't know about other readers but upto ten USD for a kilo of salt water and unknown animal products is not a price I want to pay.

And some of my friends wondered why I took up charcuterie as a hobby...

[1] http://www.independent.co.uk/life-style/food-and-drink/features/offal-is-back-in-vogue-but-should-we-tuck-in-to-intestines-spleen-and-testicles-6264018.html

Clive RobinsonMarch 9, 2016 6:31 AM

@ Figureitout,

This is why I don't think our legal system and judges/lawyers really understand the ramifications of such untrustworthy "evidence" that can be swapped out and completely faked.

They should, I'm assuming you remember the OJ Simpson trial with the glove that did not fit? But do you remember the "missing blood" that is vials of blood in the "chain of evidence" were not fully recorded. Importantly the quantity of blood was not recorded so it was possible to fabricate basic evidence after the fact.

A similar thing applies to digital evidence depending on how you record it. It's all very well having signitures of individual files but how about file meta data such as it's actual location on the drive etc?

Whilst it's getting harder to actually fabricate hard drive evidence, few actually check it correctly to see if it's been tampered with although the knowledge to check it is available.

Somebody I know when they do their backups also includes various crypto checksums that preserve such meta information, thus making adding files more difficult.

But as I've said previously if they get malware into the HD controler Flash ROM then it's effectivly game over for both sides at all but high end state level forensic capabilities. Thus you start asking yourself if there are ways you can opperate without a hard drive, to which the answer is yes. But also you need to go the extra step of "instrumenting" the communications paths. Both of which have been discussed before on this blog, but it needs a certain amount of the green folding stuff that very few are ever prepared to spend.

The thing with most judges is they are in someways not very worldly wise, thus they work on certain assumptions which are unfortunately way way out of date. If you are aware of them then you can gain an advantage. If you are not then you work on false assumptions. By and large judges work with two tools, stacks of paper and the spoken word that gets transcribed to paper. They would not know what to do with either tangible physical evidence or intangible information evidence and nor do they understand the ins and outs of the technologies involved with processing it these days. Thus judges are reliant on paper trails an --supposadly-- unbiased opinion from "experts". The thing is it's easy to see that no expert is truly unbiased for a whole multitude of reasons, because all humans are biased in one way or another it can not be avoided. That said unknowing or innocent bias is a part of life and it usually does not count for much but it can become problematical. It does not take much effort to find expert opinion that has convicted people but has subsiquently been shown to be false, the recent "hair cross section" being a case in point and the earlier "assay of bullet metals" likewise, then there was the drug traces in money. In many cases these can be traced back to original false assumptions. However some can be shown to become issues of "reputation" and thus bearing false testimony...

The simple fact is evidence is unreliable even that supposed "gold standard" of DNA fails due to assumptions.

At the end of the day it's all to easy to "fit up a patsy" by the authorities manipulating evidence is easy at the end of the day. The simplest is authorities failing to reveal evidence that they have in their possession that would otherwise throw doubt on their case, built on the "assumption of guilt".

Smart crooks know how to ensure they have evidence to clear them that can be brought into court should they ever get there, it's part of their planning, preperation and execution. However they know that the most important thing is not to get in the authorities cross hairs to start off with.

Thus the process can be "gamed" by either the the authorities or the guilty to their advantage. It's those who are in effect innocent or unworldly who suffer by unknowingly getting in the cross hairs without the foresight and planning of how to get out of the cross hairs either when they first fall or in court.

The big problem for all is how to behave when the cross hairs do fall, the odds are very much stacked against an individual if they have no knowledge of what to say and do or who to contact etc, and the longer they stay in that position the higher the probability is that they will do something wrong and thus suffer. Such are the rules of the game politicions on the make and their scheming advisors and manipulative authorities have put in place.

FBI StasiMarch 9, 2016 8:15 AM

Fascinating. The Schneier blog's assigned FBI shills try to keep you fixated on US municipal courts; meanwhile, the US is trying to end-run them. The US plan is to get its hardline UK satellite to implement full totalitarian coercion by secret decree with no judicial review.

http://eclecticlight.co/2016/03/08/locked-iphones-apple-and-changing-law/

Once the UK secret police have forced disclosure of your personal information, it's subject to unrestricted dissemination among Five Eyes or any other national intelligence agency.

So, (1) Lose in court at home. (2) Get your City of London caudillos to impose arbitrary privacy interference. (3) Pass around everything they illegally extract without restriction. Now we know why the government modified FBI access to NSA's take.

Who?March 9, 2016 10:02 AM

@Dirk Praet

Thanks a lot for the links.

I know Hiren's BootCD. It is a nice swiss army knife of data rescue. My requirements are, however, more humble -- I just want a minimal Windows environment to run firmware updaters in the few cases where bootable CD-ROMs or DOS flashers are not available.

Thanks a lot for the advice about how making WinPE 3.0 more useful by adding additional software to it. Until now the WinPE's drvload command did the trick in these cases additional drivers are required to communicate with a device that will be upgraded (Intel AMT can only be upgraded after loading one of these drivers). I keep fingers crossed, but will look carefully at the links you provide if a more powerful CD-ROM is needed in the future.

Clive RobinsonMarch 9, 2016 11:08 AM

@ Wael,

Been there done that, when I was a lot younger, and more adventurous.

As for the taste of locusts, the ones I ate tasted not to different than prawn. The trick to eating them just like snails, frogd legs, sea slugs etc is the marinade or glaze or dipping sauce.

Put simply, protein which they are rich in is fairly tasteless, thus the flavour good or bad comes mainly from something else rather than the protein. Thus breaking off some bits makes the whole thing more edible. Trust me if you marinade in soy and ginger, then ginger and honey glaze and dip in hot chilli sauce, then even "a dingo's raw prawn" can be disguised enough to make you think it was calamari etc. It's like magic, the style and show hide the content.

Any way follow the family tree of sea food and ask why we don't eat other branches from the tree...

johnnyMarch 9, 2016 5:57 PM

= Tails Linux 2.2 is out (Mar 8th, 2016)

https://blog.torproject.org/blog/tails-22-out
https://twitter.com/Tails_live/status/707271055786831874
https://tails.boum.org/news/version_2.2/index.en.html
http://distrowatch.com/?newsid=09321
https://tails.boum.org/download/index.en.html

= Tor Browser 5.5.3 is released (Mar 8th, 2016)

https://blog.torproject.org/blog/tor-browser-553-released
https://www.torproject.org/download/download-easy.html.en

#####

Also, in Tor News:

Tor Messenger 0.1.0b5 is released
"We are pleased to announce another public beta release of Tor Messenger."
https://blog.torproject.org/blog/tor-messenger-010b5-released

Tor Browser 6.0a3-hardened is released
"A new hardened Tor Browser release is available"
https://blog.torproject.org/blog/tor-browser-60a3-hardened-released

Tor Browser 6.0a3 is released
"A new alpha Tor Browser release is available"
https://blog.torproject.org/blog/tor-browser-60a3-released

Anon10March 9, 2016 8:23 PM

@Curious

You made this statement: FBI's comey had some imo (me being a European) bizarre statement in claiming that USA is a country of law, being open to accusations of having invaded Iraq.

I think you're implying the Iraq war was a violation of UN laws. The important point to remember is that the general assembly is a glorified debate club and real decisions get made in the Security Council. Of the 193 members of the UN, it's only a slight exaggeration to say that the only opinions that matter are those of the P5.

FigureitoutMarch 10, 2016 12:35 AM

Clive Robinson
Both of which have been discussed before on this blog
--Yes it's been discussed but not enough to implement w/ just that info alone...this was a pretty nice small explanation of encrypted updates in 19 pages (only like 9-10 pages really lol) but I think metadata is unencrypted https://www.silabs.com/Support%20Documents/TechnicalDocs/AN0060.pdf and I can sort of read some of the asm w/o docs of "TinySafeBoot" AVR bootloader, which is pretty well commented too and I know it'll fail to build first time too lol, it just will. Want my pet project nodes w/ a bootloader I flashed at $0000.

Other stuff, yeah I know it. Not touching it for most part. Nothing really to gain dwelling on it as attacks still take work or you get garbage intel or sent on "white rabbit chases". One thing, w/ certain people in society who you say one "should just know better than to" "get in their crosshairs" is acceptable in today's society. It's not. And there needs to be some dialogue on what's ok to allow an investigator to do in the course of an investigation (things like stalking and the like, spreading falsehoods to significant others in your life, breaking into homes etc.).

Anon11March 10, 2016 8:22 AM

Anon10, you're right that the only opinions that matter are those of the P5. But the P5 never authorized force either. As you know, Charter Articles 46-48 and 51 stipulate that nobody makes a move without UNSC permission, supervision, and control. And nothing in UN resolution 1441 authorized force. The US tried and failed to pass a more permissive resolution. Then they attacked anyway. That's why the Iraq war was a crime of aggression.

In this case the US war resolution would have failed to pass even with no vetoes. So the P5 didn't even have to throw their weight around. The whole UNSC squashed it.

ThothMarch 10, 2016 8:51 AM

@Figureitout
When I started to read the AN0060.pdf documents for the EFM32, page 3, first paragraph starts to smell rats. I am starting to doubt it's security it tries to sell. It states that a private key is embedded inside the chip and developers also are given the same private key. Imagine you have more than a handful of people to trust such an important private key.

The better and highly recommended method (taken from CA based PKI and HSMs I have worked with) is to issue a root Public Key (not the root Private Key that EFM32 is doing) and any developer wanting to develop would have their dev Public Key signed by the root Private Key (best stored in a HSM). The chip must have the root Public Key burnt into ROM or maybe something erasable like EEPROM or Flash but it should be kept at a different location from Userspace. The user codes would bundle a certificate containing the signed hash of the dev's executable, the dev's Public Key Certificate (which includes the signed message consisting of the root Private Key signed hash of the dev's Public Key). It's all bunch load of CA-like operations with only a single root Public Key needing to be stored in a NVM memory inside the chip separated from the rest (and best protected with tamper shielding).

Section 3.4 says that the hash algorithm is AES-128. I wonder if it's AES in hash mode (i.e. CBC_MAC or using some sort of one-way compression function with AES as the function). They need to be clearer on that one.

I noticed that the bootloader, firmware and some temporary free space are in a whole chunk sitting happily together. I wonder if a glitch in the codes somewhere can read out and even allow modifications to the bootloader, firmware and so on .. and maybe even to the private key :D (assuming they are stored in a contiguous chunk on a EEPROM/Flash array somewhere).

As usual, another bunch of "security" being marketed that isn't all too secure as usual.

To summarize it all, Cryptography and Security are nasty tools that when used blindly if their operations are not fully considered carefully during the design process or there is a really bad trade-off decision of lowering security too low just for convenience and productivity.

SkepticalMarch 10, 2016 6:48 PM

@Sancho: The assumption of the Keys Under Doormats authors, among others, is that once a vulnerability is discovered and the knowledge exists to exploit it, then that capability will rapidly proliferate. So here there is a vulnerability, and the knowledge exists to exploit it. If you accept that assumption, then having Apple provide a few engineers for a couple of weeks to help isn't going to make anyone appreciably less secure.

If however you reject that assumption, then you must also question some the arguments against a lawful access scheme, which rely upon such an assumption.

Personally, I reject the assumption as taken in the abstract - I can conceive of fact-dependent exceptions to the rule. But for those that accept it, I think their defense of Apple here is particularly misplaced.

To be honest, I would far prefer the FBI be required to apply to a federal magistrate, and then a third-party company, to obtain access to a device, than force the FBI into a position where they develop the capability to obtain such access independently and we must rely fully on their internal compliance regime and cultural practices (which are both actually quite good).

So I view the efforts of many to support Apple here as counterproductive to their own goals. I think they've been - to be blunt - suckered by Apple's marketing campaign and failed to think through the unintended consequences of their stance.

@Dirk:

You are delibrately narrowing down the legal aspect of the case to an AWA/CALEA dispute and over which Judges Orenstein, Pym and obviously many other legal scholars differ.

Orenstein's opinion, despite his somewhat uneven exploration of arguments in the alternative, is built upon his interpretation of the AWA.

As to the weakness of that interpretation, it's been discussed fairly extensively elsewhere, but frankly it approaches the absurd. I view Orenstein as stretching to enormous lengths - even heroically depending on one's view - in order to piece together an argument that can sustain his desired result.

The problem is that his rationale is simply contradicted by controlling precedent, and the very heavy-lifting he does to find a way around that precedent involves the invention of a new scheme of interpreting the AWA (one that actually increases the uncertainty of its application and reach) and the deliberate ignorance of how higher courts have interpreted the AWA.

As to the First and Fifth Amendment claims... they're ridiculous. Orenstein didn't rely on them, and Apple devoted precious little space to either one - a few sentences in each instance.

I'll say more about the First Amendment claim in replying to Clive's comment.

@Clive:

Or to put it another way Does the US have the right to force an unwilling party into servitude?

When you read laws out of context, you can end up with absurd results.

For instance, the 13th Amendment prohibits involuntary servitude. Yet the US Government retains the constitutional power to levy taxes on income, to conscript individuals into the military or other forms of service, to compel an individual to testify as to a particular matter, to compel an individual to produce information he possesses, to stand for service on a jury, and so on.

How is this possible? Are the courts all simply ignoring the 13th Amendment? Of course not. That a law enables the government to compel an individual to do something that an individual might rather NOT do is not the equivalent of the "slavery or involuntary servitude" forbidden by the 13th Amendment.

Any time you find that a literal reading of a particular law leads you to a result that conflicts with much of what you do know about other laws, you should question whether your interpretation of that particular law is correct.

The First Amendment argument that some trot out to support Apple is another example of context-free legal interpretation leading one to silly results. This argument proceeds from "code is speech" to "compelled speech is subject to strict scrutinty" ('strict scrutiny', under one scheme of constitutional interpretation, means that the government interest must be 'compelling' and the means selected both necessary and as narrowly tailored as possible - in practice it's a nearly impossible standard to meet) to "a court order for Apple to build software modifying the operation of a device violates Apple's First Amendment rights."

Like the 13th Amendment misadventure, it relies on a correct common sense reading of certain phrases, but without the benefit of a large context, it does not grasp the limitations of that reading.

"Code is speech." It sure can be. Code can express imperative knowledge, illuminating algorithmic ideas and functioning just as much as speech as any mathematical or logical theorem or conjecture presented in a particular formal language.

But there are two limitations here. First, code isn't always - and frequently isn't - just speech, and second, the writing of code is frequently not done to express any particular viewpoint or condone any particular viewpoint.

An analogy will be clearer than an analytical description of the distinctions here.

Actions can be speech. Performance art can be speech. Performance art can involve giving speeches while sitting down and addressing a group of people. But this does not mean it is a violation of the First Amendment to compel a witness to answer a question about what she saw or heard. Performance art can also involve moving objects from one place to another. This does not mean it is a violation of the First Amendment to subpoena company records and require the company deliver them to a particular location.

tyrMarch 10, 2016 6:49 PM


@foodies

I found out the King Crab is actually a giant spider
but seems to be a favorite item on peoples plates.

I also heard that a trendy item of the celebrity
circuit was corn smut spread on crackers, having
seen it in the cornfields I never imagined any
fool dumb enough to put it in their mouth. Just
shows you that over estimating fellow humans is
an awful mistake.

On the law front the judge who absolved Saudi for
911 has decided the Iranians have to pay compensation
because some of the hijackers visited their country.
Another case of reality trumps the bizarrest kind of
fantasy. I assume the judge is ready for retirement.

uncle buckMarch 10, 2016 7:18 PM

Well THAT didn't take very long...

Ian Murdock (28 April 1973 - 28 December 2015)

Microsoft Releasing a Debian Linux Networking Distro (Feb/Mar? 2016)

damn, that and the donation to OpenBSD is pretty much chess moves, IMO.

All MS should do is buy up Canonical/RedHat and knock over the systemd
distros with some type of patent(s) and/or buy some out and that leaves
a tiny amount of 'fringe' distros. Debian will probably be gobbled up
in the process (what happened with Corel Linux and further down the
line, that party with Novell?) and BSD wouldn't be too difficult to
buy/donate out anyway. WINE could possibly have patent(s) suits
against it...So what's left?

Hurd, my good man, where HAVE you been?

KenMarch 10, 2016 7:23 PM

"At the end of the day it's all to easy to "fit up a patsy" by the authorities manipulating evidence is easy at the end of the day."

This is evident on all levels, dirty cops, etc. It's the field guys whose words are often dubious to begin with because they are working on their next promotions. The incentives are there. Thus, making the case for a mass surveil. The instrument like always is dual use in the good and bad. It's those who are entrusted with it whose integrity must be maintained for our sakes. I've known folks who worked, or cheated depends on who you ask, their purses into the millions by various social exploits be it the grey area of law or the human link. It is far more common than we see reported in mass media. Thus, it becomes a gamemanship among not just the game maker and the players but also those who administer the game, and of course the innocent bystanders.

BlumpticalMarch 10, 2016 7:30 PM

Born slave skeptical thinks his rights are crap. He's the ghost of hairy pedo mobster Scalia - he not only loves Big Brother, he thinks he is Big Brother. Same proud ignorance of jus cogens and the civilized world.

and so it beginsMarch 10, 2016 8:47 PM

@ uncle buck:

Microsoft signs patent licensing deal with Rakuten covering Android and Linux devices
By John Callaham - Wednesday, Mar 9, 2016 at 4:23 pm EST

"Microsoft has entered yet another patent license agreement with a third-party company. This time, it's with Japan-based Rakuten, and it will cover both company consumer electronic products, including any Linux and Android-based devices."

http://www.windowscentral.com/microsoft-signs-patent-licensing-deal-rakuten-covering-android-and-linux-devices
https://archive.is/2VwbO

+++

Microsoft and Rakuten sign patent licensing agreement

"REDMOND, Wash., and TOKYO - March 9, 2016 - Microsoft Technology Licensing LLC and Rakuten Inc. on Wednesday signed a worldwide patent cross-licensing agreement covering each company's respective consumer electronics products, including Linux and Android-based devices."

Hahahahaha: "The terms of the agreement are confidential."

http://news.microsoft.com/2016/03/09/microsoft-and-rakuten-sign-patent-licensing-agreement/
https://archive.is/bnylI

EzraMarch 10, 2016 10:23 PM

@all eternal optimists, when people try to treat skeptical as a rational interlocutor they just expose gaping holes in his cultural endowment. Contemporary world civilization isn't there. You will search in vain for any inkling of ILC's foundational interpretive priorities in Principe d’integration (A/CN.4/L.682/Add.1) in respect of 'values which enjoy an ever-increasing recognition in international society regarding the common good of humankind, not reducible to the good of any particular institution or “regime.”' Such as rights. He simply doesn't see the point of them. That's a US thing. You saw how fast Americans chucked their rights when some Saudi CIA cutouts scared them on 9/11.

Skeptical's no ordinary statist, he's a creature of a totalitarian state, one that will come right out and say, ‘however monstrous such an abuse may be, a foreign State’s exercise of the power of its police has long been understood as sovereign in nature’ (Saudi Arabia v. Nelson.) No Pyongyang tomato could be more brainwashed or more degraded.

FigureitoutMarch 10, 2016 10:33 PM

Thoth
--Not quite sure what you're seeing on pg. 3. Pretty standard and let's me know upfront its all too common limitations. And it's just encrypting the transit there, it rests unencrypted. Yeah I don't need to imagine such things, that exists practically everywhere, in some cases an encryption key isn't the most powerful info to know so it's kind of a tangential point.

The "better and highly recommended" way (certificate authorities that've been wholesale hacked to shh and blackbox HSM's, doesn't make me feel safe) is hard to implement and doesn't really sound that much different...

On Sect. 3.4, yeah agree. That's pretty strange last block being dependent on whole image.

Yeah they're likely only separated by a pointer, if a program has control of PC then it's mostly game over.

As usual, another bunch of "security" being marketed that isn't all too secure
--Nah, they really didn't make that much claims. It's a small addon.

Coming to conclusions based on just talking thru an app note (these are fun things to read mostly, and have some nice hints occasionally), and not even listing one actual working attack ("glitch in the code lol"), seems like blind analysis too. You need to talk w/ a FAE at the least who can maybe direct you to the people who implemented.

ThothMarch 10, 2016 11:34 PM

@Figureitout
"The "better and highly recommended" way (certificate authorities that've been wholesale hacked to shh and blackbox HSM's, doesn't make me feel safe) is hard to implement and doesn't really sound that much different..."

Not quite what I meant by using HSMs or CAs directly but to emulate their architecture which is a PKI-based verification of developer keys instead of simply using a single private key, single an NDA and give all developers the same private key. Kinda dangerous.

And the mention of using private key to encrypt ... when it is suppose to be public key that encrypts. Gets a little even more suspicious of what they are trying to do using a private key to "encrypt" firmware data.

We can only guess that much from the surface via the app notes and most attacks are done blindly at best.

Better to use the common Atmel AVR or development ARM chips which are commonly and readily available.

ThothMarch 10, 2016 11:48 PM

@Figureitout
Before I forget... quote as you said:

"Nah, they really didn't make that much claims. It's a small addon."

Maybe you should check their webpages linked below.

They advertise their EFM32 chips quoted below from their webpage:

1.) "Secure IoT Nodes with Cortex-M3 based Jade Gecko MCUs NEW"

2.) "Secure IoT Nodes with Cortex-M4 based Pearl Gecko MCUs NEW"

3.) "Silicon Labs' EFM32™ Jade Gecko features a powerful 32-bit ARM® Cortex®-M3 and a wide selection of peripherals, including a unique cryptographic hardware engine supporting AES, ECC, and SHA."

4.) "Silicon Labs' Pearl Gecko 32-bit microcontroller family features a powerful 32-bit ARM® Cortex®-M4 and a wide selection of peripherals, including a unique cryptographic hardware engine supporting AES, ECC, and SHA."

I think from the 4 quotes, it is pretty clear they are offering cryptographic acceleration capable chips and positioned as "Secure IoT" nodes ... when they are sharing private keys, making vague AES-128 hashing algorithms ...

What I am saying is if you look at the market selling "Security" as part of or the whole of the offering package, it would become rather disappointing to realize most of them simply use the words "crypto", "secure" but fail to actually deliver thorough and proper "security" beyond sprinkling some "crypto" magic powder and thinking "security" would be mostly achieved in such a way.

If this continues on in the industry, and the high speed pace IoT devices are coming to us (i.e. smart metering, smart cars, smart watches, smart homes ...), the future of this "Security" would be very bad with so many of them supposedly offering this thing called "security" but not knowing what they are doing.

I would like to throw in an additional off-topic link you can take your time to read during your free time and which I always frequent for a :D .

Link:
- http://www.silabs.com/products/mcu/32-bit/Pages/32-bit-microcontrollers.aspx
- http://secureidnews.com

FigureitoutMarch 11, 2016 12:11 AM

Thoth
--Emulating an architecture, like the convoluted CA/HSM/PKI scene, except now made worse w/ emulation that'll break between each update. This just has to do w/ sending encrypted updates to existing chips, between the 2 vendors I've seen using it (I haven't looked hard), it's so similar I bet everyone in industry has copied how it's done. If you have someone on your team willing to subvert a build, then you probably have bigger problems on your hand than compromised encryption keys. Having to implement a strict production build environment may not be fun for some people and simply not work out in practice b/c high security is awkward and you have to be relentless/diligent.

You can't only guess. You can actually try them out and try some attacks, the simplicity studio was easy on windows, and built on an older board easy. This is the biggest downfall as these tools are massive, not hobbyist friendly. Doing attacks blind...why hidden/deniable recon is probably single most important part of attack, if you can do that, you can relax which means clearer thinking. Defenders have to make it stressful/not worth it.

Not clear what exactly is better now, probably very similar or the same.

FigureitoutMarch 11, 2016 12:31 AM

Thoth
would become rather disappointing to realize most of them simply use the words "crypto", "secure" but fail to actually deliver thorough and proper "security" beyond sprinkling some "crypto"
--I'm still not seeing any technical reasons why this is worse than doing plaintext remote firmware updates. More talking.

That link was mostly sales stuff lol. Here's a link for some code (finally) even though Silabs examples suck and need lots of fixing for more portable code. Download and unzip the crypto one: http://www.silabs.com/products/mcu/Pages/32-bit-mcu-application-notes.aspx Secureidnews...same thing.

keinerMarch 11, 2016 1:01 AM

@Sancho_P

Did pfSense have comparable requests by the US-gov to "unlock" certain devices anywhere in the world? US or otherwise?

Would be interesting to know...

WaelMarch 11, 2016 1:53 AM

@Figureitout, @Thoth,

Here's a link for some code (finally) even though Silabs examples suck and need lots of fixing for more portable code.

You always want to view code supplied by a chip manufacturer as "reference" code that shows the chip capabilities and ways to program it. Never consider such code to be commercial-quality "secure" code.

ianfMarch 11, 2016 4:20 AM


@ Thoth's Anti-Drone Bazooka

The ordnance it fires, a net with a parachute to catch drones, is neither explosive nor lethal… so I can't see why it would be illegal. Besides, a hardware weapon development project by a commercial entity like this would have received a advance go-ahead from some state authority to proceed to the prototype/ testing stage. Whether it will be usable or not remains to be seen, but it sounds a more level-headed approach to solving the problem of rogue drones, than these recent raptor/ bird-of-prey alleged attempts.

My initial gut reaction was that, to be effective, any anti-drone measures must assume presence of/ or attack by/ MULTIPLE drones at once, which can not be fought one by one with single shoulder-borne bazookas. For that reason alone enemy drones should be fought with friendly drones rhyme accidental.

Sancho_PMarch 11, 2016 6:30 PM


@Skeptical

Nah, your line of arguments is broken from the start to the end:

” ... once a vulnerability is discovered and the knowledge exists to exploit it, …”
(my emph.)

Let me paraphrase that to:
‘once the possibility to fly to the moon is discovered and the knowledge exists how to do it

to show
- your far reaching shot from the well known reality to fly to the moon
- in contrast to the hypothesis (idea, never done before) how to break into the iPhone

—> Thus you start from fiction, not reality.

And your broken conclusion is:
”… then that capability will rapidly proliferate.”
(my emph.)

- capability = the power or ability to do something
- proliferate = increase rapidly in number, multiply

This means that my neighbor programmatically will become able to fly to the moon because of your wet dreams ???

This is to say “A lie told often enough becomes the truth” (Vladimir Lenin)
[Congraz for invoking that old fellow!]

OK, I confess, at least you try hard :-)
… the rest of your reply is void because your launcher exploded on start, sorry.


@keiner

Not sure why you are addressing me re PfSense, any hint?

FigureitoutMarch 12, 2016 1:39 AM

Wael
--Of course, that's what it's typically called (and reference designs). But I get really nervous changing how to init stuff based on bugs I've seen and continue getting acquainted w/...I haven't mentioned it yet at my work, but suddenly all chips now have an unreasonably long boot delay (like a second or 2) and the code didn't change much at all.

WaelMarch 12, 2016 2:35 AM

@Figureitout,

but suddenly one chip now have an unreasonably long boot delay

One learns a lot by debugging. If you're sure software hasn't changed, then something else must have. Pretty obvious, but sometimes helps.

Dirk PraetMarch 12, 2016 9:33 AM

@ Skeptical

Orenstein's opinion, despite his somewhat uneven exploration of arguments in the alternative, is built upon his interpretation of the AWA.

Which, as an acting judge, he is perfectly entitled to. The government and yourself may find his opinion as absurd as you want to, to me and many others it makes perfect sense.

The problem is that his rationale is simply contradicted by controlling precedent

The government for its case seems to depend on one precedent only, i.e. the New York Telephone Company. And it's being called into question not just by Orenstein but by others as well. Hardly a hole-in-one, I'd say.

... the deliberate ignorance of how higher courts have interpreted the AWA.

If you're calling Orenstein a dumbass, and for argument's sake, I think providing some additional AWA precedents apliccable to this case is in order.

First, code isn't always - and frequently isn't - just speech, and second, the writing of code is frequently not done to express any particular viewpoint or condone any particular viewpoint.

Fair enough. In this case however, the code explicitely reflects the viewpoint of Apple that it does not want anyone to be able to unlock the device as to safeguard the privacy of its owner. If that's not a very clearly expression of a certain opinion, I don't know what is.

As to the First and Fifth Amendment claims... they're ridiculous

Even the government in its latest brief has admitted that there are 1st Amendment implications indeed by citing a somewhat dodgy precedent stating that something is not compelled speech if the government is the only audience and the "compelled speech" is not made public. The fact that the USG in practice unfortunately is unable to keep any secrets (NSA, OPM etc.) kinda renders this argument pretty moot.

FigureitoutMarch 12, 2016 4:11 PM

Wael
--Yeah, for the boot time I should be able to track that down b/c it's before sleep mode (which you can't really debug (I've gone thru as much as the init as debugger lets me)) just had others that took priority. Doesn't make any sense when changes are minimal and my mind goes straight to worse case scenario (some kind of boot kit injected via toolchain, I hope that's just paranoia). I hope it's actually interesting and not something dumb. Latest batch of bugs won't be caught by a debugger. Verified it wasn't a problem w/ one chip sending signal, but don't have the tools in house to check chip pads underneath get soldered...very frustrating. I'm fed up w/ our current CM, makes us look bad and adds delay.

FigureitoutMarch 16, 2016 8:13 PM

Wael
--Found a suspect loop, aptly named "delay_cycles" that delays a number of cpu cycles, for some reason this number is set at 8000, right after an rtc_interrupt subroutine, won't let me set breakpoints after to skip it, and when I manually put a smaller number like you can in some ide's, it reset my number back to 800! Lol. Noted a "process stack pointer" in an extreme memory location. Another loop, w/ "general clock num" as loop number, has 28, not sure why that many (I recall 8-ish from datasheet, guess clock sources is different), if that's necessary.

A ton of additional init functions (lots of cpu_clock_irq, timers, etc.) that I don't recall it as much as I ran thru just C-code (ah f*ck) and did ("jump over" lol :p), and the asm doesn't line up exactly w/ the C (eg. 7 variables created but only 5 registers used, I noticed it was the 5 uint8_t's only, so those 2 are stored somewhere else). That should in theory be executing very fast (at least 1MHz, maybe 48MHz at immediate startup). Previous boot times were humanly unnoticeable, but now they are close to 3 seconds! Way too long, barely any changes, something's seriously wrong at bootup(!) (after boot it has been normal in testing). Gah, anyway, back to the grind. Any clues welcome.

Nick PMarch 16, 2016 8:37 PM

@ Figureitout

Not going to get really into this but your statement jumped out at me. Quick question: is the delay_cycles the first thing that runs or nearly so? There was a homebrew project that experienced hard to track down errors early at boottime. What had to be a painful investigation eventually found the problem: phase-locked loops (PLL's) in the SOC hadn't sync'd properly and logic was going haywire. Solution was to wait a certain, long number of cycles to give components & PLL's time to sync up. Once all on same page, they worked smoothly with no bugs.

Circuit timing issues might be why it's there. Might be totally unrelated. Just figured I'd share that issue in case you haven't run into it before. Happens with MCU's mostly.

FigureitoutMarch 16, 2016 8:55 PM

Nick P
--I believe so (Atmel won't even give us source to the primary technology we're using...I can't say w/ certainty that what I'm seeing in the debugger is the actual first code executing on the chip). I didn't set any breakpoints (had to fiddle to make it not jump right to main, so I made it execute at first function in main file before main function (all the variables/ifdef's don't get included in debugging as I set a breakpoint for those declarations (major limitation in my opinion)).

That's interesting though. That sounds like a very reasonable cause to the symptoms I'm seeing. I hope someone has experienced this problem and recognizes it and saves me the pain!

Going from unnoticable delay, then just increasing memory of chip, and changing toolchain (noticeable changes to firmware we rely on, so that's what I'm leaning on, especially rtc stuff (we couldn't come up w/ those algorithms ourselves)), makes boot time increase like from unnoticable (prob around 200-300ms, guesstimate, I haven't tried calculating it exactly as it's not important for end product which will stay on for years) to 3 seconds; this may be an errata.

WaelMarch 17, 2016 1:15 AM

@Figureitout,

Gah, anyway, back to the grind. Any clues welcome.

Sometimes with embedded systems, the best debug tool is a printf() statement. I used to instrument code with printf macros at each function entry and exit points along with the time spent in each function. Save that to a log file to get a ballpark idea where suspect behavior exists, then use a debugger to narrow down. You can use the log file for comparison between normal behavior and aberrant ones. Old school stuff. Perhaps you want to check into watchdogs (if used as a mechanism to impede debugging "proprietary code") and interrupt service routine changes... If software looks fine, check if your code changes touched any configuration registers that may affect timings...

If all fails, then check with the manufacturer if they have a support blog or engineer.

Clive RobinsonMarch 17, 2016 4:31 AM

@ Figureitout,

I can't say w/ certainty that what I'm seeing in the debugger is the actual first code executing on the chip

That should be easy... Famous last words ;-)

I'm assuming from what else you've said you are using some variant of a C compiler. If so then you should find a couple of --probably chip specific-- "C0" files that are linked in to load at the chip reset vector and do the "sanity setup" --and sometimes setting up a minimal environment-- prio to jumping to main. The other place to look is in the base C library which provides support for printf() and friends.

These are usually --but not always-- "human readable" files often with a bunch of inline assembler that in theory you can change to do your own thing for IO.

If not specificaly mentioned in the documentation the "tech support" droid for the compiler should be able to supply you with info (if they will or not is another matter).

FigureitoutMarch 17, 2016 1:40 PM

Wael
--Yeah but then you need to worry about getting the data w/o getting manipulated, via some port. Funny story, one of the debugging functions quit working between a toolchain update (sigh..). I have a couple ways to get data out (both involve a breakout board and another MCU...I don't like that) but since this is supposed to be a wireless system, hooking up debugging equipment provides a ground path which alters how the system will function in field, I need a way to wirelessly transmit debug data or the data is slightly corrupted...which is a bit of a hassle to setup (I've never done wireless debugging like that).

We barely touched init stuff, I leave it be b/c I don't want something to break and it's mostly turned off anyway, but we don't need *a lot* of it, but do need rtc and interrupts. Their fault, when they went thru and revamped rtc code when it was perfectly fine as is and pushed out broken code in updates I'm very nervous to do now.

Clive Robinson
--Yeah, there's no way it starts at main file. It's gcc-arm. Gah, now I need to compare those files to find the damn bug, and it's not my fault. Son of a...

Clive RobinsonMarch 17, 2016 3:41 PM

@ Figureitout,

... but since this is supposed to be a wireless system, hooking up debugging equipment provides a ground path which alters how the system will function in field

I'm not sure how your system is to be packaged, but it's generaly difficult to isolate a system
as any EMC guide will go to some length to explain.

Even putting a PCB on a wooden test bench effects the EM fields (wood typicaly is 5-20% water with disolved salts in it so is conductive from "DC to Daylight". To see how bad it can get push a copper coated pin through the varnish and hang a 10:1 scope probe tip off of it, the level of mains humm will supprise you (I've seen in excess of 0.5 volts quite frequently which plays merry hell when you are doing "audio tests").

If you are using a TTL level output you can get Opt-isolator chips that will give you galvanic isolation and limited EM isolation.

However if that does not work or you are using a much lower level I/O then you need to go abother way.

What you are therefore looking for is a "Line Isolating Network" of the balanced to unbalanced variety
these effectivly consist of two parts. Firstly a balanced to unbalunced --balun-- typicaly a transformer that DC issolates, auto transformer or transmission line coax/stripline network. This usually also impedence matches the input impedence of the test equipment (50ohms for RF analysers / test receivers) to the EUT output impedence. The second part is a constant impedence balanced filter, this is often lowpass but can be bandpass as well. In the case of a lowpass filter it has both a lowpass and highpass network with the same cutoff frequency they xonnect in parallel or via a circulator, with the lowpass output going of to the balun and the highpass output going to a dummy load.

For connecting up to normal "logic outputs" I find a nine to one impedence balun of 50:450 ohms quad or trifilar wound on a suitable ferrite torroid to generaly work. With filters designed for 400-500 ohm depending on component value convenience. If you cannot "wind your own" balun go look for one of those VHF/UHF 75 ohm Belling lee connector to 300 or 600 ohm flat open line baluns in your local HiFi/TV shop (wiki has a photo of one on it's balun page).

Which brings us on to,

I need a way to wirelessly transmit debug data or the data is slightly corrupted...

I'm not sure I get what you mean.

If you mean conecting appropriate isolated test kit causes data coruption then there is something seriously wrong with the layout of the system.

If however you mean as a way to distance the test kit then try the line isolating network first.

If your debug data rate is low then consider sending it as either pulse width modulated, Manchester encoded or other form of modulated waveform thus DC isolating is not an issue.

It's difficult to give hard recomendations when I effectivly know nothing about your setup. That said the above advice generaly works when normal test kit usage fails.

The most drastic I've had to do is with TEMPEST kit where the debug port was a striped bare fiber optic cable through a pin hole in the screened case, screened with RG174 coax with the inner pulled out. Expensive and a right royal pain in the "sit upon".

Oh one thing to remember when dealing with RF follow the "single earth" policy. Otherwise you will get "RF loops" which are the EM equivalent of "audio howl around". RF thus gets in everywhere and causes all sorts of nasties in the EM spectrum as well as general instability, messy messy messy...

FigureitoutMarch 17, 2016 8:05 PM

Clive Robinson
--We actually used wood for testing if it works around "generally non-conductive materials" (why would it be used as insulator layer in actual shield rooms...). We don't make our wires out of wood eh? :p I've seen it first hand though so I believe it, different effects from an unknown plastic (just a wheely cart). Doing an opto-isolation didn't work unfortunately, still somehow bridging that gap! And breaking debug software.

Well if I can make the "line isolating network" work w/ the chip or the protocol used...Are you saying doing that works w/ any "normal" protocols? Like SPI? Going to USB as well is a killer too. I think just sending data wirelessly would work for us but we use a separate vendor for RF and it would be a project in itself transferring debug data over a single transistor line, then transmitting out. I'm also being told to "wrap it up" and will have to push this out next rev or something, I've been sitting on it for awhile, but I don't like this bug.

If you mean
--No no, I meant that the test data would be corrupted. It wouldn't be an accurate test based on how it would operate in field.

I know it's difficult not having the board at your fingertips and flashing it etc. Thanks for the war stories, I like to hear them.

And my dad told me about the nightmares of ground loops when I suggested having multiple ground planes. Said they used to teach about analog ground, digital ground, virtual ground, and literal ground; but now it's mostly just ground.

WaelJuly 13, 2017 12:20 AM

@Figureitout,

but since this is supposed to be a wireless system, hooking up debugging equipment provides a ground path which alters how the system will function in field,

Seems this slipped through the cracks. It was on my todo list for over a year! Some wireless production systems are instrumented with sophisticated code to aid in debugging and analysis. Take a look at QXDM for an example.

FigureitoutJuly 13, 2017 2:42 PM

Wael
--Dang your todo list must be huge! :p I've (knock on wood, I always screw myself when I say this) gotten it working fairly well. Thx, that looks nice, but not the protocol I need. I'd have to put one of those transceivers on board to use it. I needed a low power RF channel that functions like a serial port at least. You'd really have to design just a debugging board w/ the radio hooked up to SPI port or something, w/ a large enough battery to get useful information (certain things "drift" over time due to weather but it should be able to recalibrate automagically w/ software filters, the things we're targeting take a while to appear...it was truly a nightmare to debug). Then you need a laptop out somewhere logging data, so you need a windowed test area etc. We did that for another product to observe these drifting events.

One of my first products, we'll see how it does...pretty nervous. :/

WaelJuly 13, 2017 3:16 PM

@Figureitout,

Dang your todo list must be huge!

Yea! And it's smaller than the real world list.

Then you need a laptop out somewhere logging data,

Or log it locally like: alogcat does. https://play.google.com/store/apps/details?id=org.jtb.alogcat&hl=en I haven't messed with it for a few years, so your mileage may vary

One of my first products, we'll see how it does...pretty nervous. :/

Don't worry! HW stable? SW compiles with no errors? Only tens of warnings? I say ship it and fix bugs in a service release pack!

FigureitoutJuly 13, 2017 8:40 PM

Wael
Or log it locally
--Yeah that's better, would save power. We didn't make space or budget for a "debugging" board.

Don't worry!
--Bah it's what I do, helps me find bugs. :/ Yep, yep, and tens of dumb warnings that don't matter. Cheers!

FigureitoutJuly 19, 2017 11:44 PM

Wael
--What I really need is a scope that can decode a bunch of serial protocols (may get one for ~$600 that does the most popular ones); amazing capabilities...what's weird is some of the newer high-end scopes are Windows PC's w/ huge screens and amazing software (even plug in mouse and keyboard lol, wtf)...would be a shame to get a rootkit on your scope as it's absolutely made to pass data w/ a USB stick or ethernet port... :/

I guess we're going to get a tool soon to help w/ a measurement that's hard to do w/ tools we have now.

You would've loved some of the debugging capabilities of the spectrum analyzers at a talk today, sure you've played w/ them.

Clive RobinsonJuly 20, 2017 12:52 AM

@ Figureitout,

You would've loved some of the debugging capabilities of the spectrum analyzers at a talk today

Once, there was just Scopes and Spec Anys. Then came the likes of SINAD meters. HP made an expensive plugin for one of it's mainframs that displayed "Zeros and Ones" and it was not long before the first radio test sets came along.

Now you have a choice, the guts of a laptop in a fancy case with buttons and dials and an electronic board with analog front ends. Or you could get external instruments and hook them up by GPIB, USB, serial or similar to a laptop. You can even if you are moderatly clever get SDR software up and running that will make all sorts of data decoders.

The simple fact is it will not be too long before multiple A-D 24bit converters with not much more than 100KHz bandwidth will be used on a board along with a couple of 12 or 14bit 10Mhz bandwidth A-Ds and fast status lines and a bunch of SRAM and FPGA or similar. The result with quite complex software will be what is in effect a "universal instrument" that also will act as a general purpose radio receiver.

SDR has got various radio and standards authorities "panties in a wad" when a few years ago a couple of students demonstrated simple hardware they had designed hooked up to what was then a high end computer and it was a "Universal Transmitter" doing the likes of Digital Radio Mondial (DRM), Digital Audio Broadcast with matrix and various mobile radio and mobile phone protocols. In effect it moved the goal posts dramatically, because most radio standards committees such as the ITU, CENLEC, NIST, FCC etc had assumed hardware not software solutions would stop proliferation of "unlicensed transmissions" etc... All of a sudden all of the old world hardware and the protectionism it had offered had got blown clean out of the water, by a "bit of software"...

This will carry on happening, the idea of multiband multistandard mobile phones is just the start of it. Imagine a personal device that is mobile phone, mobile private radio, multi broadcast receiver... It's why people are beavering around looking into white space and even grey space systems for the equivalent of more ISM band.

FigureitoutJuly 20, 2017 2:09 AM

Clive Robinson
--Yeah, I mean you still need to know what you're doing if you want to be taken seriously or you design a piece of crap that doesn't stand a chance...who wants an SDR designed by software-only guys/gals? It's a hard field, I'd want the real RF/signal processing guys/gals. I'm a bit above the hardware still, retreat to known solutions b/c it can be scary off the beaten path, getting hardware radios but have an MCU attached so I can dig into how data is fetched from memory into buffers just outside the radio, and maybe modify a protocol at the PHY level (in code). Not quite SDR but close. It would be nice to be able to switch modulation schemes easily in software according to requirements (low data rate but want longer range, switch to simpler modulation like BPSK; higher rate, shorter range, change to QAM so long as dropping the occasional bit isn't critical) w/o changing the rest of your code, maybe just modify packet parameters.

It's exciting though, no doubt. Good and bad for security.

WaelJuly 20, 2017 3:01 AM

@Figureitout,

sure you've played w/ them.

I have, back in the day when I did HW and RF! Protocol analyzers are essential tools as well for the kind of work you're doing. Rootkits in an instrument... never thought about that!

Clive RobinsonJuly 20, 2017 3:24 AM

@ Figureitout,

It's a hard field, I'd want the real RF/signal processing guys/gals.

Yes it's hard, but I can give you plenty of examples where the "RF/signal processing guys/gals" were most definitly not up to the job, not even close.

Back in the early 80's we were making systems based on a Z80 and fast RAM/ROM that were beating hands down what the SigProc bods needed 68xK CPUs and multiple highend --for then-- DSP chips for. Their solution took over 150W and two 2U 19in racks, ours ran on batteries or a 9V "wall wart" and fit in a 1.25in high 4x6in alli case, oh and had a 16dB better sig to noise margin and way better fade margin figures...

As I've mentioned before I designed a digital I/Q 10.7 IF using a PIC to load a fast --less than 5nS-- SRAM chip and a couple of 74F counters and DPLL which Direct Converted to baseband and also could do a complex digital modulation scheme demodulation.

Likewise for instrumentation, I designed a highly linear Pulse Count Demodulator using two 14pin 74S TTL chips that beat hands down the analog or DSP solutions and cost cents not hundreds of dollars and required no re-cal maintanence.

These things are not difficult when you have grasped the trick/ability to think sideways.

When you look at say a Direct Digital Synth all it is is an adder set up as an accumulator and this drives a sinewave ROM that then feeds a D-A converter (that often then drives a PLL due to The DDS AM/PM issues).

The thing is if you look up Walsh Sequence generators they do not have anywhere near the problems you get with a sinewave ROM.

But if you think a little further you can use a larger ROM and put in a complex digital modulation mapping in there. Thus you have a compleate modulator and very fine variable frequency capability. Which majkes it highly desirable for any mobile system where dopler effects are an issue but predictable such as a satellite uplink TX. Oh and if you replace the ROM with a high speed SRAM and a cheap microcontroler to load it with the required mapping then most digital modulation schemes are just a mater of working out the "map to load".

RachelJuly 20, 2017 6:10 AM

@ Clive @ Figureitout

The result with quite complex software will be what is in effect a "universal instrument" that also will act as a general purpose radio receiver.


that sounds seriously awesome, not merely from a practical perspective but from as you say the technical innovation and as a 'disruptor' of conventions. That must have been very stressful for a lot of people!!!
When I was in the emergency services, after one serious incident that wiped out several suburbs the authorities decided to upgrade the comms network as it had been overloaded during the incident.
All us crews on the ground were impressed with the new extremely expensive (and relatively much heavier) handheld radios issued to us post incident and post enquiry. The radios features included a location beacon with every Tx, the ability to connect with other services' comms normally way out of band, and most uniquely, connect to the cellular network and call telephones. Trunk Radio Network (TRN)
I'm sure this is (yawn) nothing to you but this was 15 years ago and in an overfunded backwater it was significant.
A year later they un rolled the roll out :-) and reverted to the old system. A whole lot of money down the drain.

FigureitoutJuly 20, 2017 10:00 AM

Wael
Rootkits in an instrument... never thought about that!
--Terrible thought...not too hard to imagine the gold you'd get w/ a RAT on a scope used in secret work...

Clive Robinson
--Yes they're not infallible, what I meant was people may think "SDR up and coming, I can design a receiver/transmitter w/o knowing any of the RF basics!". Like any other technical field, you have to tame your excitement and inch in slowly. How many times did they get it right though, and how many times are they able to track down issues that software guys/gals would be clueless? RF problems are notoriously hard and subtle to track down, I've only gotten a protocol bug so far in someone else's code, but that's child's play to some of the issues in RF...

I've just gotten a product working where I needed to create a custom high level pairing and activation protocol, all while preserving the timing & current functionality (lots of additional verifying/polishing needed, and they want ACK's, which makes this a considerable protocol problem that I need to step back and get right on the whiteboard) which could make a huge mesh network, attach any antenna you want w/ an SMA connector, and can activate 4 opto-isolated outputs or 2 relay outputs. Has a wired input as well that can activate a local output and a remote output w/ the pairing capability I'm adding. Has a nice serial port which can output what's happening and potentially be used as a control channel and see what its paired to w/ additional software. It's a quite useful little product w/ what I hope is an intuitive user interface. Hoping I get one more fun project where I'm currently at, maybe if I get one dealing w/ more hardware I could get my feet more wet; but it's generally I would own the project and have to deliver...

Rachel
A year later they un rolled the roll out :-)
--Zikes why, they not fulfill a requirement, fail beta test?

RachelJuly 20, 2017 11:24 AM

@ figureitout

i don't know the reasons exactly why but as a system TRN has complexity and it has fragility, two good reasons why it failed to be implemented conclusively. There can be issues with overload


RachelJuly 20, 2017 11:26 AM

do we all realise this blog post is 18 months old? I just respond via the top 100 and just saw the datestampe

FigureitoutJuly 20, 2017 11:10 PM

Rachel
--Ok, yeah fragility for emergency services does not compute. Unacceptable. Sucks they prob. wasted tax dollars and looks like they did not do enough (what looks like to this observer) testing at all to see those issues. I don't trust RF either, signals work makes me very paranoid b/c so much can go wrong (and all the crap noise getting generated by appliances/electronics today can affect it).

Yeah we realize, Wael brought it up lol. He seems to save threads he likes or responds to later.

WaelJuly 20, 2017 11:57 PM

@Figureitout, CC: Rachel,

He seems to save threads he likes or responds to later.

I use the iOS "Add to notes" feature for future reference. When I have free time, I look at them and respond.

and all the crap noise getting generated by appliances/electronics today can affect it)

It affects human males too. There is statistically significant data that shows RF engineers have female offsprings (it's also a joke among those "skilled in the art")

I don't trust RF either

You trust nothing! Speaking of "saved threads"... stay tuned.

Clive RobinsonJuly 21, 2017 12:14 AM

@ Rachel, Figureitout,

Trunked radio services look good on paper and in theory atleast have the ability to improve things.

However "when the rubber meets the road" they have quite serious issues. Not least of which is they behave in a non intuative way when used in untested or unexpected ways. Often they are a back door way to reduce spectrum use, which is generaly fine in ordinary usage, but when an emergancy arises and traffic rises they tend to fail and fail a lot harder than older "analog" systems.

A big failing is the crypto and authentication. There are plenty of cases where users turn off the crypto to get some kind of comms going which can have appaling consequences when the user things their comms is secure but is not.

The much touted ability for multiple first responder agencies to link up in an emergancy usually fails due to both crypto and authentication failures. Thus the guys and gals at the coal face rapidly come to distrust trunked radio systems.

In the UK the Met Police have a trunked radio system and it is detested by users for a multitude of reasons. Which is why you get a significant usage of mobile phones instead. Which of course work the way the users expect them to and why some beat officers have more than two moile phones on them.

The future of trunked systems is looking doubtfull in the face of mobile phone usage, which in all but the most dire of emergancies work and work well. In such emergancies trunked systems would in theory be the perfect answer. But in practice the old analog radio systems for all their other short comings still work better with marginal signals. And importantly they are simple and thus ad hock systems can be set up by any moderatly intelligent person with little difficulty and very quickly. Unlike trunked systems that need not just intelligence but a great deal of knowledge as well as the right crypro keys and authentication tokens...

Also AM systems tend to work better in marginal conditions than FM systems. Which is one reason aircraft systems still use them, even though they are more prone to interference.

RachelJuly 21, 2017 3:04 AM

@ Clive, @ Figureitout

Nice analysis Clive, I concur. I've read a bit about the Mets use of mobiles to displace TETRA but one issue with cellular and digital radio in such environments is the lack of PTT (push to talk) capacity. The military in particular are unhappy about this given their propensity for split second decision making

less an issue for urban environments but wildfire fighting (my background) radio shadows (for FM) and non existent cellular reception make AM radio the only viable option. In Australia a Royal Commission a few years ago found trunked radio for comms was the singular decisive factor in the deaths of firefighters (probably volunteers, at that)

Trunked radio requires minimum two repeater stations and guess what- like cellular towers these can and are subject to failure from lightning strikes and wildfire itself. seperate to these, electricty sub stations themselves are not infrequently disabled for sometimes days due to wildfire.
I am reminded of the sage advice to maintain an AM radio receiver in ones survival kit (yanks call it a bug out bag?). AM proves resilient in multiple classes.
Finally, the practical component of hardware. A mental currency conversion for prices 15 years ago brings a price of over 1000pounds for one single portable TETRA handset, thats a big responsiblity although no doubt are cheaper now. whilst obviously all care is taken, occuptional hazards for us and thus a radio includes radiant heat, smoke, ash, copious amounts of water, dirt oh and dropping from a height onto a hard surface. analog units are simply much better at coping with such abuse. The TETRA radios are just not manufactured with that stuff in mind. so much for field testing. As you say Figureitout it's extremely irreponsible to roll out something as fundamental as a comms network for real world use whilst in beta.

Clive On the positive side I suppose the Met don't need to carry batons on their belts anymore. Or, perhaps they keep the baton but don't need the telephone book..

on the topic of power Figureitout have you considered a manual hand crank power generator for some of your gear, for some of field excursions? (Clives Sattelites, Dirks Pubs, Figureitouts bicycles...I want to know what Ab Praeceptis gets! ) something to add to your 10 year to do list of mods anyway.

torches and radios work with hand power, I did have a wind up torch that claimed to be able to charge a cellular phone but it refused to work.

FigureitoutJuly 21, 2017 11:00 PM

Wael
You trust nothing!
--Well, can you blame me? You're same way lol. :p I've had a few mysteries dealing w/ capacitive coupling and RF that were terrible tracking down.

Rachel
on the topic of power
--Yeah, you can use your car as an off the grid power source. And I'd prefer a gas generator. Have seen a couple projects to transmit data over power lines, in addition to power analysis to know even applications on tv's (I think IIRC).

My family has some land that's pretty "off the grid", having a shed there w/ a shield room in it, and a gas generator outside for power would be my setup for airgapped pc's. I'd only do it if it was worth my time though.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.