Friday Squid Blogging: Firefly Squid in the News

It's a good time to see firefly squid in Japan.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on May 6, 2016 at 4:11 PM • 248 Comments

Comments

Big-Data Healthcare Superior to Expensive DoctorsMay 6, 2016 4:29 PM

Google DeepMind Project Set to Improve Healthcare

Google UK has been granted access to complete electronic medical records for 1.6 million patients in England without their consent or knowledge.

“The agreement clearly states that Google CANNOT use the data in any other part of its business. The data itself will be stored in the UK by a third party contracted by Google, not in DeepMind’s offices. DeepMind is also obliged to delete its copy of the data when the agreement expires at the end of September 2017.“ We all know this is a lie.

Big-Data to Reduce Expensive Doctors
Its obvious that Big-Data analytics will easily surpass human doctors experience and training. Google claims replacing doctors is not their intent (LOL!):
“DeepMind is not planning to automate clinical decisions – such as what treatments to give patients – but says it wants to support doctors by making predictions based on data that is too broad in scope for an (human)individual to take in.”
https://www.newscientist.com/article/2086454-revealed-google-ai-has-access-to-huge-haul-of-nhs-patient-data/

Your Data Belongs to Google
Google has a track record of breaking data-protection agreements then NEVER deleting data:
University of California, Berkeley students have sued Google in federal court claiming that the company scanned their academic-affiliated Gmail accounts.
http://arstechnica.com/tech-policy/2016/02/former-current-students-sue-google-over-university-issued-gmail-scanning/

Google is protected by the White House at almost the same level as the NSA and CIA. They are essentially above the law and contradict their own stated policies:
http://arstechnica.com/tech-policy/2014/04/google-ends-creepy-practice-of-scanning-gmail-education-apps/

KillTheFakersMay 6, 2016 4:48 PM

Subject: Russian Hacker steals email pw then blows his mouth to Hold Security?

No valid security firm or Feds have corroborated Alex Holden's report to AP/Reuters on this? Interesting pattern of behavior from an IT guy that speaks Russian and came from Baird out of Milwaukee. Why would someone skilled enough to hack all of that go to this guy "to gain street cred"? No, sorry, I don't buy it. No one has confirmed this. Die. This is like some sort of Cloudflare/Stratfor BS.

Alex Holden did this shortly after he started Hold, in 2014:
[http://upstart.bizjournals.com/entrepreneurs/hot-shots/2014/08/06/this-security-expert-isprimed-to-get-rich-off-1-2.html]

I find that odd. Somebody tell me Holden's rep, and don't give me the RSA Conference bit.
[https://www.linkedin.com/in/aaholden]

When something starts from the AP, I am going to need some professional confirmation, like say from the feds. If Alex were real, he would at least go to the FBI or State Dept. If he were something other than an IT security parasite.

Clive RobinsonMay 6, 2016 5:05 PM

@ Big-Data Healthcare Superior...,

Google UK has been granted access to complete electronic medical records for 1.6 million patients in England without their consent or knowledge.

The data is from the Royal Free Hospital in Pond Street Hampsted just on the opposite side of the road to where George Orwell started work on 1984. And as some may know is full of "thesps" and other "arty farty" types with a lot of money and a large jewish community. These people have not just money, but influence and are realy not at all happy about this Orwellian behaviour.

But it gets even more Room101ish with A spokesperson for the hospital trying to brush it all off with a load of "spin", and proving their ignorance by saying people should not worry as the data is encrypted...

With that level of competence in managment, perhaps you don't want to be visiting North West London, incase you have an accident and get taken there and wake up in the same tent as an ebola infected patient...

VatosMay 6, 2016 5:21 PM

I have a question for those who play Werewolf.
How do the werewolves communicate with each other and decide who to kill?
If everyone is sitting round a table, they cannot converse with each other because then the villagers would hear them.
So how does it work?

We Look Like PeopleMay 6, 2016 5:22 PM

@KillTheFakers

Looks like AH is probably a "face" used for communications by somebody.

Different from what you seem to be saying, that he is just an outright fraud, possibly even behind the very acts he is reporting.

Clive RobinsonMay 6, 2016 5:42 PM

I forgot to add a couple of links to the 1.6million "Full Patient" records given to Google story, with the "encryption" spin in them,

First the "right wing leaning" Telegraph,

http://www.telegraph.co.uk/news/2016/05/03/controversy-as-google-given-access-to-nhs-patient-data/

Second the "left wing leaning" and less rabid Guardian,

https://www.theguardian.com/technology/2016/may/04/google-deepmind-access-healthcare-data-patients

I'll let others look up "The Dail Fail" and "The Scum" commentries (the latter is a Rupert "the bear faced lier" Murdoch rag/red top and is probably behind one of his "pay till you bleed walls").

Selective News Algorithms Replace Journalists May 6, 2016 7:13 PM

Facebook sponsored Internet is banned in many developing counties due to the overwhelming majority of web sites being blocked.

The following article gives credence that Facebook News is also being biased/restricted in western media:
“Contractor journalists were also told to select articles from a list of PREFERRED media outlets that included sites like the New York Times, Time, Variety, and other traditional outlets. They would regularly avoid sites like World Star Hip Hop, The Blaze, and Breitbart, but were never explicitly told to suppress those outlets. They were also discouraged from mentioning Twitter by name in headlines and summaries, and instead asked to refer to social media in a broader context.”

”Managers told contractors not to mention that they worked at Facebook on their resumes or in any public profiles.“

So much for Zuck’s free, unbiased & open Internet! Can you spell spoon-fed anti-trust M-O-N-O-P-O-L-Y?
http://gizmodo.com/want-to-know-what-facebook-really-thinks-of-journalists-1773916117

DavidMay 6, 2016 7:19 PM

I have used, at various times, AESCrypt, TrueCrypt, PGP, SSL, and a few others. I am currently using AESCrypt/OSX for documents I store on the cloud. There has been so much written about vulnerabilities of these programs that I would appreciate an expert telling me what encryption software to use on my OSX desktop to protect data. And, yes, the HD is already encrypted -- my concern is on the cloud. And, no, don't tell me not to put documents on the cloud. Long story, but I have to.

Nick PMay 6, 2016 8:21 PM

@ David

Actually, Truecrypt was good enough to stop FBI and (per Snowden leaks) NSA plenty of times. Several teams forked it when they mysteriously shut down. Here's one someone sent me: VeraCrypt. Says it works on Windows, Mac, and Linux. Try it out.

Note: Best to have a separate backup with a different tool given encryption systems or just hardware running them sometimes glitch storing something. I suffered *massive* data loss due to such glitches. TrueCrypt worked reliably for years. VeraCrypt might if it's based on same code.

EvilKiruMay 6, 2016 8:53 PM

@Vatos: Because all the other players have their eyes closed, the werewolves simply point, make gestures, and shake or nod their heads until they reach agreement and the moderator takes note of who they chose to kill.

ThothMay 6, 2016 8:53 PM

@David
That's a lot of information you want squeezed into a single post but I guess that can be done.

When encryption comes into he picture, there are a lot of considerations before settling on the project/product you want to use (PGP, Truecrypt...). The first thing is the convenience level you are willing to trade security off for. Are you willing to go to the extent of using hardware-based encryption (smartcard, TPMs and HSMs) or would you prefer a more insecure option which is software encryption ? Would you prefer multi-factor authentication while carrying security tokens or complex passwords are just enough ?

Most vulnerabilities of software encryption (Truecrypt, GnuPG...) are in the physical trust anchor which they do not have. The reason is the security critical codes are being executed on an insecure CPU in most consumer machines which does not provide any trust anchors to ensure the integrity of code execution nor does it ensure isolation of code executions and resources in the event one or more of the applications happen to become corrupted or is/are malicious. Secure input/output rarely exist outside of military and Government grade products that are beyond the reach of mere mortals and that means even if you securely encrypt your data, the PC you use to display your decrypted data may likely be compromised and capable of waiting for you to decrypt the files and steal them. Furthermore, your pin and password to decrypt files might also be stolen via keyloggers and other means which will allow malicious software to control you hardware security devices and their secret key operations if there is no means of secure pin entry.

Does that mean encryption, privacy and personal security is gone safe for those in the military and Govt circles ? The anwser is both a yes and a no at the same time. Technically we are really really insecure and that is the design and product of the poor policies of Govts and also the poor choices (or rather no choices) of the people who empowered them in the first place.

To be fair, the reality is, we could make attackers work harder and not be the low hanging fruit (unless you are deemed a nation state's target). You can make yourself mot trivially run over by most attacks by figuring out how much security and convenience you want and define what are your threat models.

For most cases, software encryption should be ruled out as these are insecure and that leaves with hardware encryption. The problem with hardware encryption is that you have lesser support and projects thus lesser options and the need to have the physical security device portable would be a requirement otherwise you can't decrypt the files on the go. Whether the hardware encryptor supports a secure pinpad for pin entry and even better with a secure display would be another consideration of improving security levels.

I have looked through quite a number of hardware encryptors and a good ton of them are disappointingly insecure. Most "secure crypto storage drive" (e.g. IronKey, dataShur...etc...) simply uses a commercial and insecure hardware chip not known to be secure at all as the encryptor and also as the "secure key store". All they did were put a bunch of epoxy and a steel casing and call it secure. Breaking into it would be easy for the likes of @Clive Robinson and probably @Figureitout too. So, do not fall prey to these commercial encryptors unless you are sure of their operations.

Most smartcards have a moderately tamper resistant hardware crypto chip and are rigorously tested and designed and have survived in the security industry to hold secret keys in them rather securely. The let down is my recent notice that most PKI/Crypto applets software for smartcards only bother to hold the private asymmetric key for decryption of a message or file wrapped symmetric key and then passes the file or message wrapped key back to the software in the conventional CPU which is no better than a software crypto because all you need os to scrape the RAM and CPU of the general purpose computer and you might be able to recover the message or file wrapped key despite the hype of using a smartcard's private key to wrap the data encryption key (wrapped key) and this likely includes he OpenPGP smartcards because the standard does not mandate handling of the wrapped key (DEK) within the smartcard.

All these does not sound a whole lot assuring and there are a lot left to be desired. I am working on a smartcard applet to put the entire encryption and decryption process inside the smartcard chip but it is still incomplete as I lack the time to do them for now.

The better choice for now might inevitably be software crypto using a Linux Live CD written onto a CD-R and then fill the remaining blank CD-R space with as much random junk from a /dev/random output and remember to out the Live CD hashed checksum in your wallet in a piece of paper to check the contents of the CD-R every week. The Linux Live CD could be using TAILS or any Linux variants. If you have knowledge into OpenBSD Live CD, that will be much better.

WaelMay 6, 2016 10:35 PM

Spent some time today watching most of these videos. The topic of QC came up many times on this blog, and I was skeptical. D-wave systems was referenced here several times as well. These set of videos are excellent, imho...

k15May 7, 2016 12:05 AM

Bruce. Is there really an outfit called CitizenLab in Toronto, and if you send an email to them ( info@citizenlab.org ), does anyone respond?

k15May 7, 2016 12:07 AM

Also, how would you assure yourself that your internet connection was valid?

tyrMay 7, 2016 12:15 AM


Here's a peachy marvel tale of modern technology
with your best interests at heart.

https://blog.vellumatlanta.com/2016/05/04/apple-stole-my-music-no-seriously/

You don't want any of your homemade crap, we'll make
much nicer MP3s for you. There isn't that better now.

Allowing autmated systems to rework your comp remotely
is a horribly bad idea that makes other security holes
pale by comparison.

Right after ianf predicted the automatic artist of the
future.

WaelMay 7, 2016 3:39 AM

@Nick P,

Here's one that doesn't inspire confidence:

Very long rant! I got the gist of it after 10 minutes of reading...

Next, the group fed the same instances to Quantum Monte Carlo: a standard classical algorithm that uses Wick rotation to find the ground states of “stoquastic Hamiltonians,” the particular type of quantum evolution that the D-Wave machine is claimed to implement.

Exactly my thoughts. It sounds like an interesting approach to solve problems that are intractable with current algorithms! The same approach can be used to factor large primes or break ECC. I wasn't endorsing D-Wave Systems, by the way -- nor am I dissing them! Some of the short videos did an excellent job to explain a complex subject in a simple short format.

I suspect we can use a spread sheet with each two cells and a coupler representing a QBit (read the short primer first -- don't just "skim it". Understand how a Hamiltonian can be utilized along with an "Energy Program", couplers and biases!) I don't see why the same techniques can't be applied on "Classical Computers"...

ianfMay 7, 2016 3:45 AM


OT, but maybe not: here's to putting a friendly US/UK face on sky-robotic assaults by way of Hollywood:

“The new drone-kill film Eye in the Sky mobilizes major star power and technical virtuosity to persuade its viewers of a number of unlikely things:
  • that the Western war machine has the intelligence and technology to efficiently prosecute its war on terror (if only democratic sensibilities didn’t get in the way);
  • that intelligence is freely shared by the U.S. and its allies; and, most persistently,
  • that the West has a heart ❤ (and tear ducts) as large as Texas.” […] (embellishments mine)

Read the rest of the review (by post-GWB election American expats to Canada), and make use of your tear ducts… then rejoice, because I just saved you the bother of ever having to see it (Helen Mirren notwithstanding).

http://jewishcurrents.org/pie-in-the-sky-41286

AndrewMay 7, 2016 3:53 AM

@Clive Robinson
"I forgot to add a couple of links to the 1.6million "Full Patient" records given to Google story, with the "encryption" spin in them"
Yep, they "ecrypted" patient names too... (which, of course, are useless from analytic point of view).
Otherwise someone has to try to get something out of the world health data. Machine learning assisted diagnosis could change everything...

@David
No matter what you're using, very unlikely someone will brute force your encrypted data. Watch your passwords, in case of Truecrypt/Veracrypt add a large keyfile, preferable on some external storage. That's about so much you can do...

WaelMay 7, 2016 4:08 AM

@Andrew,

Yep, they "ecrypted" patient names too

New word definitions...
Ecrypt:

A) Verb: the act of forecasting an impending death of a patient, followed by the preparation of a crypt for him/her.

B) Verb: disguised form of encryption; steganograhized encryption.

ianfMay 7, 2016 4:20 AM


OT Speaking of wishful thinking writ large, this just off the presses:

THE BESERE VELT TIMES
1 May 2036
News From The Better World To Come

Posthumous Indictments For Hoover, Kissinger and Cheney

Truth and Reconciliation Panel Continues To Unearth U.S. Crimes, Domestic and Foreign

    Washington, D.C. USA – The U.S. Supreme Court's Truth and Reconciliation Panel issued its latest round of posthumous indictments today bringing charges against… [more]

Clive RobinsonMay 7, 2016 4:21 AM

@ tyr,

Here's a peachy marvel tale of modern technology with your best interests at heart.

I read that the other day from a link on HN, and it's interesting from two respects.

Firstly is the obvious theft of IP and ownership rights by Apple. The second the nonsense of online self appointed experts spout in effect "blaiming the victim".

Of the two I'm not sure which is worse, Apple using an ambiguous EULA to hide behind blatent criminality and racketeering as exhibited by their conversion of your free title ownership into a rent seeking lease. Or the effective trolling by the supposed experts who in effect are complicit with with Apples theft and extortion.

I also wonder what would happen if you sold Apple a product that effectivly did the same with say all their code and hardware design repositories which are their core IP?

Let's put it this way, I'm reasonably certain they would put you in a world of leagle hurt under their "might is right" doctrine which is but a subset of their "devine right" entitlement that their "King Scam" that sovereigns have pulled on citizens for centuries.

As Bruce and others have noted it's the new digital serfdom where "you get the raised digit", because you don't have the status of equity of arms to assert your rights so you systematical have them stripped.

On a similar note, the bad behaviour by Google / Alphabet of scanning student accounts and applications building troves of information and profiles. In the legal case against them they have somehow persuaded the court that it should not be alowed to become a "Class Action"...

Oh and if you read Googles blurb, they have actually only promised to stop the advert side of the scanning, not the other rather more creepy asspects... What upsets me is that it's not as though the students have any choice or their parents any recourse. The academic organisation gets the resourse for next tonothing providing they use a flaw in US legislation that effectivly makes Google an integral part of the academic organisations staff/managment...

WaelMay 7, 2016 5:02 AM

"factor large primes" should be "factor products of large primes"...

Clive RobinsonMay 7, 2016 5:12 AM

@ Wael, Nick P,

I don't see why the same techniques can't be applied on "Classical Computers"...

When it comes to "random" algorithms like MC / Annealing which you would use on real world problems like the Travaling Salesman etc, no I would not expect any speed improvment by the way the D-Wave is supposed to work.

Especially when you consider the "scaling issue". After many decades humans have managed to tame an inherantly chaotic analog system sufficient that digital logic can be made. Part of that is the "hidden error correction" mechanisms that push out the expected 1 in 10^9 meta stability issues in latches to 1 in 10^22. Which even with modern clock speeds up in the Ghz makes them rare enough to "ignore" currently, but not in massively parallel systems.

There is a real problem with QC systems which is the chaotic or random (peeps are not sure which) decoherence of the "state storage" elements of the Qbits.

The D-Wave system apparently has no error detection or error correction mechanisms which makes it's full unreliability a factor in it's computations.

Which brings us to a an interesting question of what errors are acceptable. If you consider the traveling salesman issue, in the real world equivalent getting the absolute shortest path does not actually matter within 90% of it's value with a half dozen options is actually of more practical use.

Similar logic applies to other algorithms but by no means all, you have half way house cases in "searching" in certain types of abalytics for trends etc where you don't need --or sometimes want-- exact matches, but within a certain range percentage with the very occasional random error does not actually matter due to the "inverse law of small numbers".

The same however is not true for the end case where an exact match is required as there is usually "no acceptable range" (though rare errors can be removed by other post QC processes). Cryptanalysis is one such case as one of the crypto algorithm designers primary goals is to remove "similar key" issues.

Thus the question of "Where" the error correction is placed. The QC community have in the past expressed the desire to have it as part of the quantum processing. D-Wave have gone to the other extream and ignored the issue, which alows others to use clasical computing to check for errors post quantum computation. Personaly I suspect that ultimately both methods of error correction will be needed, but the last time I spent a little time searching, nobody appeared to be considering it as an option.

So... based on how long it took to tane the chaotic behaviour of classical gates (~5 decades) I would not expect QC to become as effective in less than double that time for the same level of applied resources. Thus QC would be eighty years away, however the level of resources applied is actually significantly more, but you would still be looking at something like twenty five years give or take ten.

And in essence that is what the D-Wave fuss is all about, the hype is turning D-Wave into a Golden Goose Egg, with an increasing investor bubble forming around it. At the moment nobody has "made the omelet" as the D-Wave won't alow the egg to be broken, so we don't know if it holds gold or the stench of H2S. What scares other QC researchers is it's H2S or similar and the resukting stench will drive investors away from the slow and steady progress path.

We actually saw this with the Space Race, the object was not to make space a usable resource but a political p1551ng contest. If the slow and steady path had been adopted and kept with we would have had the systems only just comming into development fifteen to twenty years ago, which gives us a lost generation of political football.

Clive RobinsonMay 7, 2016 5:40 AM

@ Andrew, Wael,

Yep, they "ecrypted" patient names too... (which, of course, are useless from analytic point of view).

That depends on how things are encrypted...

I used to work fairly closely with the ICT side of the UK's NHS, and they managed to lose three (auditors) laptops that had my full confidential medical records on...

They are congenitaly incapable of using encryption rationaly even when it comes to encrypting a container such as a zip or tar file, without doing something stupid with the key...

Thus I realy do not belive they are using individual record or file keys. Further even if they do use seperate keys on PII fields, such records contain many "free form text" fields in the diganostic, clinical and test result sections, that clinicians etc frequently put things like "Mr Smith responded to vancomycin and declofenic treatment..." or "Mr Smith needs to be seen by physio prior to release due to his living on the tenth floor of council accomidation where the lifts are not maintained".

Oh and I've met the Royal Free ICT staff on a number of occasions --I deployed and supported a research DB there and then later applied for a job there once-- and I was very far from impressed with either them or the HR time servers...

So I realy thing the "encryption" line realy is nothing but spin.

As for using patient records for research, if it was a "fair playingfield" I would agree. But it's so slanted into the gapping maw of Big Phama that block many research avenues by others in favour of their profit, that I find myself both philosophicaly and practicaly against the idea. It is they for instance that have put us into the "antibiotic trap" which we currently have no way out of, and just like the "too big to fail" banks, they see only very short term profit over a stable market, and use the same if not worse lobbying techniques the banks used.

Snoopy the DogMay 7, 2016 5:59 AM

Bruce,

Can you do a column analyzing the implications of the changes to rule 41 if Congress doesn't stop it? Will the FBI be able to hack your computer just because you use a commercial VPN provider while surfing? Would that be considered sufficient provocation to get your computer actively targeted? Is it proposing that it's open season for hackiong and backdorring all computers issuing from a VPN's network anywhere in the world just because one person using that network to download a copyrighted movie?

I am having a hard time understanding what the implications are. Is it a warranting process which is nevertheless confined to specific to a single specific machine albeit located anywhere, or will it also permit them defacto to backdoor and otherwise hack into everyone's computer en masse who happens to be using the the same IP on the same VPN, or even the same VPN, or even just encrypting their traffic through a public VPN.

mike~ackerMay 7, 2016 7:28 AM

"Those who vote determine nothing.
Those who count the votes determine everything"

-- Uncle Joe Stalin

Daniel OrtolevaMay 7, 2016 8:24 AM

About to open a can of worms and speculation with politics.

Several news outlets are noting that presidential nominees get security briefings.
Although some reports state they are general in content, what punishments are there if top secret intel is leaked or used in business deals?
And what if both major party nominees are forced to drop out due to legal proceedings?
My guess is going down the line of succession, of which the speaker has stated he's not interested in running for the Executive Office.

NIck PMay 7, 2016 9:50 AM

@ Wael

"The same approach can be used to factor large primes or break ECC."

Uh, maybe. From what I've read, quantum annealing is separate from regular, quantum computation. This is going to be used on the kinds of optimization problems you see simulated annealing used on. Anything like that.

"I wasn't endorsing D-Wave Systems, by the way -- nor am I dissing them!"

I'm dismissing them until they show evidence their system works quantumly. The best evidence they posted was on Hacker News with some of its users there debating with us. It came down to one comparison showing a million fold speed up with D-Wave. That sounded really impressive until I found the benchmark: million fold for custom hardware compared to an *emulator* on a *single-core CPU*.

I speculated they might just have custom, massively-parallel hardware. Now, those ASIC's are usually several hundred times faster than a single chip rather than a million. Yet, that box is the size of 2-4 computer racks. I could squeeze a cluster of annealing ASIC's in there for a few tens of thousands of dollars in unit costs. That *might* give the speed-up they mentioned.

So, I want to see them do it the traditional way: patent the shit then show how it works publicly for peer review. If they're not frauds... if... then they're worried they won't solve remaining difficulties fast enough and someone else will use public data to steal the market.

Btw, if you like quantum computers, IBM just put a site up for people to try them out. I don't know if it's simulated or a real machine.

Bumble BeeMay 7, 2016 10:27 AM

"Who watches the watchers?" many have asked about NSA. Some of us do. It has come to our attention that certain employees of that agency have too much clearance. Way above TS/SCI, in fact.

It is our opinion that employees of NSA do not need to know or access any information that is classified above the TS/SCI level in order to do their jobs.

The most egregious examples of excessive clearance (i.e. want vs. need to know) are in the LOVEINT department. It's not just looking at porn. The targets of this LOVEINT are real human beings that are being manipulated maliciously out of a prurient interest on the part of some intelligence analysts.

And who watches them? Some of us do, and we do have the necessary clearance to put them on the sex offender list.

And we're just plain old ordinary people.

Rick TaggardMay 7, 2016 11:48 AM

The Revolution Will Be Digitized?

So, I read the latest Guardian last night, on the author of the hack of the Panama Papers, where "John Doe" states "the revolution will be digitized":

http://www.theguardian.com/news/2016/may/06/panama-papers-source-breaks-silence-over-scale-of-injustices


I found it interesting, but having grown up near the sixties, I have seen these calls and claims come and go again and again. The original version of the above line was "the revolution will be televised". And attempting to re-find the article "the revolution will be digitized" took me awhile, because that phrase has been being used and re-used very often over the years.

I decided to ask a young friend last night, if they had even heard of either Snowden or the Panama Papers and they had not.

I tried to explain what happened, in both instances, and it simply did not go through.


This does not mean I am not for "the world changing". I certainly do believe it will change, drastically. But, I just do not see that as happening as a social thing. I think when people get together to try and do good like that, where they believe they would be better running things? It always turns to crap.

I have a similar opinion of many in religions who believe these things.

This is not to say what "John Doe" did was bad. It was good. Same with Snowden. Though, Snowden is more along my ways, where he does not present himself as a revolutionary, but simply as he is. Someone trying against very difficult odds.

For me, I embrace more of the Jim Morrison concept, that revolution can never happen like that, there 'has to be a personal revolution first'. Kind of. (For me, I think that personal evidence just requires a little evidence from up above.)


But, it is a thing. People are constantly doing it. You even see it hear, sometimes, where people evangelize and persuade, and try and get more to their cause.


Anyway, opinions on that welcome.


Rick TaggardMay 7, 2016 11:55 AM

@Bumble Bee

What? So you work at the NSA, and what? You illegally spy on your coworkers? Obviously, not, I don't think that is possible, but just trying to understand what you are stating.

I do not believe anyone watches abuses at the NSA.

The loveint stories are perfect evidence of that. They came out after Snowden. Some politician demanded they know about accountability work being performed there, so the NSA hobbled together this bleak, 10 cases, they had claimed to be the work of the past ten years.

It was clearly a case where this was utter bs.

Only thing security looks for in any of these agencies is moles, and they are horrible at that. They also look for basic leaks and behavior that does not stand to the rigors of their job.

But they do not look for abuses.

Everything is compartmentalized, so group a does not even know what group b is doing.

That is all across the board.

Nobody knows what the full range of secret operations are, and they never will. There are just so many. (*see "Top Secret America", for instance.)


Really the only thing which has held back a rogue group taking things over is simply the skill required to do something like that.

For all anyone knows, could have happened already, though, fifty years ago, even.

CallMeLateForSupperMay 7, 2016 12:05 PM

@Clive Re: shared UK patient data

arsTechnica carried the story several days ago (I only just learned). I found the following, near the end, to be most interesting:
"... 1.2 million people had opted out of the so-called Care.data plan. Put another way, 2.2 percent of the 56 million patients in England said they didn't want their data to be shared."

http://arstechnica.co.uk/business/2016/05/google-deepmind-ai-nhs-data-sharing-controversy/

Sounds like another case of a program designed such that "everyone is 'in' by default, except those who opt out". Never a good design for this type of thng. Should be opt in by default, and not opting out should *not* be effectively opting in. I bet dollars to herring that ssome portion of the 97.2 persent who did not opt out either *did*not*know* they could opt out or simply forgot or otherwise failed to do so.

Factoid: DDG-ing "patient records Google" showed no U.S. newspapers covering this story in the first four pages of hits.

CallMeLateForSupperMay 7, 2016 12:09 PM

In my previous post:
"Should be opt in by default" should have read "Should be opt out by default".

WaelMay 7, 2016 12:10 PM

@Nick P,

I'm dismissing them until they show evidence their system works quantumly.

I still have some doubts. Hard to imagine NASA and Google were "duped"! If I were a customer, I'd try to sneak a tiny little magnet into the Q-CPU chamber and measure the difference in output ;)

Btw, if you like quantum computers, IBM just put a site up ...

Signed up for an invitation...

albertMay 7, 2016 12:26 PM

@Clive,

Rupert the "the bear faced lier"?

That's better than the original 'bare faced', but here in the Colonies, 'bold faced' and 'bald faced' are common.

Thanks for that, unintentional though it may be:)
. .. . .. --- ....

GrauhutMay 7, 2016 12:30 PM

@Nick P, Wael et. al. re. Quantum Computing: Forget D-Wave, it's a specialiced system

After 10 Years going dark qc IBM came back to light with a public accessible 5 qbit system.

http://www.research.ibm.com/quantum/


This imho means the bigger ones behind clodes three letter doors are long enough up and running. ;)

rMay 7, 2016 12:49 PM

@grauhut,

On QC && IBM: The assertion you're making is exactly why I think the statement was made about moving to pq by the NSA. I certainly took it as such when it comes to nation States, I think the public access ideal is to allow grabbing any early novel ideas/optimizations or technology the public may have or develop.

rMay 7, 2016 1:12 PM

@All,

Something else, slightly hidden by the rug of 'ECC'...

elliptic curve cryptography is QC vulnerable but... Encryption based on the other 'white meat'/ECC(error correction codes/goppa) I believe is thought to be QC resistant.

Just to put a light to a dual usage.

WaelMay 7, 2016 1:37 PM

@r,

elliptic curve cryptography is QC vulnerable

Elliptic curve cryptography + QC attack = Epileptic Curse Crapography©

albertMay 7, 2016 1:42 PM

@Clive, @tyr, @Anyone,

I don't understand the details of the case. Surely Apple allows users to upload music to their servers (iCloud?). How is it that they allow users to upload music to their subscription service, when the assumption is that music comes from Apple to begin with?

I assume that Apple must use copyright info in the songs metadata. If it's say 'copyright', then it gets a pass, else it's deleted. This would seem to indicate that Apple is playing IP cop. Since songs are copyright the moment they're created, this would seem to be a serious overreach. If they simply compare song titles to their database, then it's also a problem.

Since the act of copying a song without the holders permission is a copyright violation, is Apple protecting itself by allowing only songs for which it has rights?

Exactly what -are- Apples criteria?
. .. . .. --- ....

WaelMay 7, 2016 1:59 PM

@Grauhut,

This imho means the bigger ones behind clodes three letter doors are long enough up and running. ;)

Wouldn't surprise me the least. I see QC could be used in two different modes:

1. Probabilistic computations where the set of outputs is the best "probable" solution. The effect is a reduction of search space. A 4096 bit key maybe reduced in strength to, say, 64bits. A second round (single QC instruction) can do the verification step and produce the right private key.
2. I forgot! Lost my train of thought! Multi-tasking is b*tch.

PS: Already registered at the IBM link after @Nick P shared it.

albertMay 7, 2016 2:01 PM

@Thoth,

"...using a Linux Live CD written onto a CD-R and then fill the remaining blank CD-R space with as much random junk from a /dev/random output and remember to out the Live CD hashed checksum in your wallet in a piece of paper to check the contents of the CD-R every week...."

Would you please explain the rationale for this procedure?
. .. . .. --- ....

GrauhutMay 7, 2016 2:48 PM

@r, Toth I was wondering a long time why IBM was so quiet about qc.

https://www.google.com/trends/explore#q=ibm+quantum

10 years near darkness.

Maybe the new openness means: Its not NOBUS anymore, now we need defense coders, dear IBM could you pls. make some for us quick? POTUS will play some golf with your CEO and write a cheque... ;)

ianfMay 7, 2016 2:57 PM


@ Jacob, this has been reported as an instance and outcome of "see something say something" stupidity (pace potential alt.definition by Curious), but, as it sounded way too meek for a case of terror scare, it needn't have been that.

    Instead, e.g. that "eagle-eyed observer" might have forgotten to bring some crappola, and figured out a way to be let go off the flight without incurring costs for disrupting the plane already on the tarmac (the additional delay might well have been due to the flight losing its time slot in the meantime). Or some such, don't ask me. If there were no more connections by that airline that day, she'd have gotten an additional day there, and free transfer to another flight.

In any event, the guy should sue the airline for branding him a terrorist on the flimsiest of reasons, for the time lost, AND petition the court to release the name of that "reporter," so he personally could sue her for libel – because, if it was deemed that serious, then there should be some accountability for it. Noseybonks like that need to be taught lessons, not thanked for vigilance with pats on the back. But of course, the airline would prefer to forget the whole thing, since "nothing happened, nobody died."

ADMINISTRIVIA @ Wael: there are embedded clues above that ought to help you in your quest to decipher me cypher… unless I'm insidiously feeding you disintel which I wouldn't dare to.

Nick PMay 7, 2016 3:00 PM

@ Wael

I don't know. It's a black box that they feed data into then get data out of. The main measures they're looking at are timing and errors. Both might be faked given benchmarks. Far as a magnet, quantum computers usually have numerous electronics they depend on. So, a magnet could mess up both types of systems.

@ Grauhut

It meant they either had one working for generous leasing fees from NSA or they were full of crap about their progress as usual for this field.

albertMay 7, 2016 3:33 PM

@ianf,
(In the US)

Libel has to be in print. Slander is spoken. IANAL, but I don't see anything actionable here.*

Note to dark-skinned, bearded men: Don't write or read anything but English on US flights.

I would have said, publicly: "I don't know who she is, but that woman's obviously a f_____g idiot!"**

----------
* Unfortunately, the facts don't stop lawsuits.
**that's an opinion. It's protected speech.
. .. . .. --- ....

Nick PMay 7, 2016 3:42 PM

@ All

Re Clean Slate security

Great news! Dover has merged SAFE architecture with RISC-V into a system they plan to open-source. They also have a road map with extra features, red-team testing, a SOC, tamper-resistance... all sorts of stuff. Quick read on mobile implies they're getting 3rd parties onboard for an ecosysyem too. One built on "inherently secure" chips. :)

Link here .

GrauhutMay 7, 2016 3:46 PM

@Nick P: "It meant they either had one working for generous leasing fees from NSA or they were full of crap about their progress as usual for this field."

Right.

They came out of a decade long nowhere with a "Here you are, test it!" program.

Does that sound like "we are making some progress we want to show you" or more like "we have thrown together some ready to use spare parts and a stripped down existing and tested API, here you are, hack on"...?

Imho there ain't no one step evolution from a paper plane to a stealth fighter jet.

JacobMay 7, 2016 4:27 PM

@ Nick P

The Dover architecture may or may not see the light of day, but Intel has been spending some meaningful time on hardening their processors, with results that you can use today (on some Skylake processors) - the SGX extensions.

https://software.intel.com/en-us/blogs/2013/09/26/protecting-application-secrets-with-intel-sgx

Note that contrary to any other processor that I know of, your secrets are protected even if the OS/BIOS is compromised, and even if someone has physical control over your machine.

You might not consider Intel as a trusted source, but possibly neither the fab that would crank out the Dover chips.

WaelMay 7, 2016 4:41 PM

@Nick P,

So, a magnet could mess up both types of systems...

Unless you are using a ball-effect device or magnetic media, a typical computer is immune to magnetic fields. Magnets should affect only the quantum components.

GrauhutMay 7, 2016 5:02 PM

@Jacob on SGX: How do we know theres no hidden ring -4 beyond SMM and AMT that can read SGX enclaves? Would data.big.gov buy stuff that is intransparent for them?

Imagine some Bin Binaryladen implanting some crap into a new power saving server gen for the NSAs Utah biz... ;)

And how would we get rid of a tree letter agency SGX enclave hidden for instance in the flash of a persistent memory DIMM, "preinstalled" on shipping?

We are now using Broadwell EP Servers if we are on track with Intels marketing.

Skylake EP Servers with memristor DIMMs are just one tick away, lets say "HPE Gen10".

You can already buy the persistent memory modules...
www8.hp.com/us/en/products/server-memory/product-detail.html?oid=1008830324

Mix these with some funny SGX code implanted on them (flash controller "upgrade") on delivery and you can throw away your new servers on arrival! (Or at least the memory modules) :)

WaelMay 7, 2016 5:06 PM

@Clive Robinson, @Nick P,

The D-Wave system apparently has no error detection or error correction mechanisms which makes it's full unreliability a factor in it's computations.

They acknowledged that! Since the calculation isn't deterministic in nature, they can live with errors. Time will show...

DerekMay 7, 2016 5:19 PM

@David

If you want a high security cloud which is easy to use and supports lots of operating systems then take a look at Tresorit.

It runs on Wimdows, Mac and Linux computers and Windows, iOS and Android smartphones.

They do a free version and offer a zero-knowledge service like SpiderOak but unlike SpiderOak their apps are great to use.

Their security is more than enough for most peoples needs but if you have a few really sensitive files there's nothing stopping you from manually encrypting them prior to upload.

Tresorit encrypts your data on your computer so there's no chance of information being transmitted unencrypted. They also support versioning and encrypted links for sharing information with third parties. They do not deduplicate.

https://tresorit.com/pricing/basic
https://tresorit.com/security

Their whitepapers are at the bottom of the second link.

Bumble BeeMay 7, 2016 5:21 PM

@albert

Note to dark-skinned, bearded men: Don't write or read anything but English on US flights.

See, this is the direction in which we have been progressing. Blacks, to some degree men, and especially black men, aren't supposed to read or write at all.

The Catholic Church has decided we as a society are "backsliding" and they have decided to do everything they can to aid and abet that process. I've heard it preached before in places they've infiltrated, "sin must become exceedingly sinful."

Hence overcharging misdemeanors as felonies, look at a woman (if you are a man) you may as well rape her as well.

Which stems from the worship ("veneration") of the eternal Virgin Mary, never mind her husband Joseph, whose patriarchal lineage is carefully traced all the way to Adam in the Gospel, which only goes so far as to say that she was a virgin at the time Joseph took her to be his wife and that he "knew her not till she had brought forth her firstborn son," namely Jesus. The canonical gospels also mention that Jesus had brothers.

Now I would not deny Mary her eternal virginity, but that is because she believed on her son Jesus that all her sins, even her original sin inherited from Adam and Eve, were forgiven, not because she eternally jilted her husband Joseph. Mary's eternal virginity is an example of God's ability to return the penitent sinner to the state of innocence, and let it not be out of reach of any believing woman.

WaelMay 7, 2016 5:23 PM

@ianf,

quest to decipher me cypher… unless I'm insidiously feeding you disintel which I wouldn't dare to.

You've been reading too many 7kb parables - take a break ;)

DrakeKMay 7, 2016 5:35 PM

I don't get why people insisting on cryptographic proof that Craig Wright is the main part of Satoshi Nakamoto. I mean the emails in which Craig is mentioned. His understanding, motivations and reactions are convincing enough, even without cryptographically signing anything!

"The social evidence, including his unique personality, early emails that I received, and early drafts of the Bitcoin white paper, points to Craig as the creator. I also received satisfactory explanations to my questions about registering the bitcoin.org domain and the various time-of-day postings to the BitcoinTalk forum. Additionally, Craig's technical working knowledge of public key cryptography, Bitcoin's addressing system, and proof-of-work consensus in a distributed peer-to-peer environment is very strong. " - Jon Matonis (Founding Director at Bitcoin Foundation).

"During our meeting, I saw the brilliant, opinionated, focused, generous – and privacy-seeking – person that matches the Satoshi I worked with six years ago. And he cleared up a lot of mysteries, including why he disappeared when he did and what he’s been busy with since 2011. But I’m going to respect Dr. Wright’s privacy, and let him decide how much of that story he shares with the world." - Gavin Andresen (chief scientist at the Bitcoin Foundation)

When asked about Satoshi Nakamoto:
Q:Why did you feel the had to come out or why do you feel you have to keep it secret for so long?
A:"I would prefer to be secret now. I don't think I have to be out there. There's nothing owed to the world where I have to come out and say I'm X, I'm Y. I mean, no one needs to do that. It is my right not to say something. If I release a paper that benefits people, why do I have to take credit for it. Why do I? I don't have to bounce around TV cameras. I wanna work, I wanna keep doing what I'm doing. I don't work and invent and write papers and code by coming in front of TVs. I don't want money, I don't want fame, I don't want adoration. I just want to be left alone." - Craig Wright

Q:Why have you decided to identify yourself as Satoshi Nakamoto?
A:"I didn't decide. I had people decide this matter for me. And they are making live difficult. Not for me, but my friends, my family, my staff. They want to be private. They don't want all of this affect them. I don't want any of them to be impacted by this. There are a lot of stories out there that have been made up. I don't like it hurting those people I care about. I'm going to do this once and once only. I'm going to come in front of that camera once and I will never ever be in front of the camera ever again for any TV station or any media, ever." - Craig Wright

WaelMay 7, 2016 6:09 PM

@ianf,

And I speak Arabic on the phone on planes all the time. No one bothers me, except for one time on a long trip from Tokyo to Seattle where I almost got in trouble, but the plane was half way to its destination :)

ThothMay 7, 2016 6:26 PM

@albert
You fill a CD-R with random data after including the Live CD image so that nothing else can fill the remaining space (i.e. special executables ... if you know what I mean).

@Grauhut
IBM coming out with their QC may have many intentions. Maybe they need to attract some attention for fundings to continue their research ? There is still a ton of unknowns about quantum computing and they are still stumbling around.

ThothMay 7, 2016 7:04 PM

@Nick P
re: Risc-V + SAFE
It wouldn't be open source pretty soon by looking at the roadmap. I wouldn't be very hopeful about open source secure chips because as I have pointed out a number of times in the past, the NSA controlled institution of NIST and subseqeuntly the standards like FIPS 140 and CC EAL are against open sourcing designs of security processors and if this design wishes to obtain a certification, everything must be hush hush as per requirements of certification criteria.

Also, the inclusion of Microsemi as a trusted fab is highly doubtful. Microsemi have not been known by any reputation to be a clean and trusted fab of any sorts neither are those of IBM or others.

The problem is once you add security and crypto features, you start to trod into the territory of national security and the intel agencies. Tamper resistant mechanisms are very predictable and are a requirement to be kept closed source to attempt to delay attacks due to the limited designs on tamper resistance and hence part of why the ceritification criteria requires secrecy of design. Most crypto circuits in smartcards, TPMs and HSMs may use a static whitebox crypto which if published would allow formulation of circumvention around the static whitebox crypto. Deploying dynamic whitebox would be considered a waste of computational resource and a hassle so the easier why of slapping hush hush NDAs and trade secrets are far more easier and enticing with security chip makers than the extra mile of creating secure dynamic whitebox engine.

Tamper resistant features are rsther limited from eletrical PUFs for self checking of integrity to outer metal layer tamper mesh, internal clocks, glitch logic detection, UV sensors to wipe EPROM bits, UV shields, so-called encrypted CPU calculations more like XOR encrypt and also Infineons dual self-checking and encrypted CPUs. Not a whole lot of tamper resistant tricks to say they can use and most of these tricks can be broken with sufficient time, resource and willingness. Secrecy are required to make it harder to know which tricks are used so to ensure attackers would trip over the internal traps more frequently and make life harder for attackers.

As we know we have to factor politics and profits in and the security industry in my opinion have rotted badly due to profits and politics. I have pretty much given up hope on these fancy ideas because experience have shown that reality and dream are vastly different. Profits and power might get in the way of well meaning people and thus they become corrupt and contempt sooner or later as a nature of instinct and desire.

We will see how well Dover protects itself to remain open and also gain trust and respect if it succeeds. The concerns will come when features like TPM and tamper resistant comes in according to the roadmap and we will see if they can hold up to the onslaught of both the corrupted industry and the corrupted states and it's rotten organs.

I guess the end goal is still back to the Prison design on the drawing board. The problem is how to split symmetric and asymmetric key across multiple 8 bit CPUs and split the input and merge the output which would be interesting if @Clive Robinson can chirp in some hints which I can try creating a quick demo on smartcards.

GrauhutMay 7, 2016 7:23 PM

@Thoth: Remember the "upcoming transition to quantum resistant algorithms" (NSA)

Does .gov start to invest in quantum resistant algorithms if there is "a ton of unknowns about quantum computing and they are still stumbling around"?

Bribing those "vendors, and standards bodies" again in such a suite B NG standardization process now should be a lot more expensive than before Snowden, if market economy rules still work! More attention after ECCgate means higher risc = higher insurance fees... :)

I think they wouldn't invest now without technical need.

GrauhutMay 7, 2016 7:32 PM

@ Jacob: Addendum on the SGX ./. malware dilemma, nice vbtn article:

"Unfortunately, SGX is also a prime weapon for use in malware. For better or worse, it currently looks like Intel will not be giving the option for ‘trusted anti-malware vendors’ to access the contents of enclaves to make sure they are safe. Thus, malware can, in principle, freely create enclaves to prevent the operating system/hypervisor/anti malware from knowing what it is executing."

virusbulletin.com/virusbulletin/2014/01/sgx-good-bad-and-downright-ugly

ThothMay 7, 2016 7:46 PM

@Grauhut
Precisely there is so much uncertainty around that's why the better choice would be the instinctive reaction to become better at protecting against Shor's algorithm.

If you look at the suite of Suite A, there is a particularly interesting algorithm the NSA uses called FIREFLY which is described as a modified version of Public Key algorithm and used in secure comms by the NSA et. al. to provision crypto keys from their EKMS system and many of the secure phones (STE and STU types of crypto telephones) are still using FIREFLY for key distribution and key exchange schemes.

If FIREFLY or Public Key crypto were deemed insecure, it would have been long dropped from Suite A knowing that China, Russia, Japan, South Korea, Israel, France, Germany, Canada and many other high tech countries are as well capable as the US.

Just for the added security, it is better to find a way to do PQC algos properly before they even have a chance to exist.

Link: https://en.wikipedia.org/wiki/NSA_Suite_A_Cryptography

tyrMay 7, 2016 8:26 PM


@the usual suspects

The ensidious encroachment is everywhere, without
the alert spotting the use of suspicious "arabic
numerals" on a plane we might have overlooked the
spread of these dangerous ideas into out schools
at the lowest levels. If we don't ban these the
Moslems might gain a foothold in the highest of
political offices. Can you imagine the Capital
of a western country with a moslem at the helm.
He'll have them all under Shariah law instantly.

We need to return to using Roman numerals before
it is too late.

WaelMay 7, 2016 8:51 PM

@tyr,

without the alert spotting the use of suspicious "arabic numerals

Yea! Might as well ban Algebra, Chemistry, Agorithms, Magazines, ...

Can you imagine the Capital of a western country with a moslem at the helm.

Why imagine? Obama is a "closet Moslem" ;)

We need to return to using Roman numerals before it is too late.

No, but no, thank you!

Nick PMay 7, 2016 10:47 PM

@ Thoth

"I wouldn't be very hopeful about open source secure chips because as I have pointed out a number of times in the past"

Remember who taught you about that. I'm aware of the subversives. ;) There are many players in the game with a number wanting to make real stuff or open-source it. Doesn't even threaten NSA et al because prototypes aren't SoC's in widespread use. They can be turned into them. DARPA and NSF fund a lot of stuff that's definitely strong design. I've posted many. CHERI was one I preferred since they already ported FreeBSD but SAFE is my favorite for clean-slate. I can't speak for what Dover will actually do but an OSS CPU is possible given CHERI already did it. Many RISC-V designs are as well. They can actually do that without affecting their ability to make money or NSA's ability to hit them. So, we should keep an eye on it as a potential baseline to build on.

"Also, the inclusion of Microsemi as a trusted fab is highly doubtful. "

Who knows. The fab problem is huge with many angles. I won't say any are trustworthy but many don't seem to be subverting anything unless ChipWorks is in on it. If there's subversion, it's *very* targeted given the blowback of obvious backdoor being found at fab level. It helps that the crypto is usually simple for attack and chips for verification purposes have little backdoors all over them a la "Design for Testing" (eg scan circuits or whatever). I said I have some solutions for this but it's not simple or guaranteed. This is an open problem if it's a straight-forward SOC.

"Tamper resistant mechanisms are very predictable and are a requirement to be kept closed source to attempt to delay attacks "

Sure.

"Tamper resistant features are rsther limited"

There's more than you think. They are limited but true tamper-resistance has to happen outside chip. It has to be at cage, box, or board level. I don't put much stock into SOC-level tamper-resistance either.

"I guess the end goal is still back to the Prison design on the drawing board."

That's Clives. I posted an analysis showing it has the same problems if we're talking the fab level as they can just cancel out critical features. Both he and I relied on diversified redundancy with checks and voters to deal with it. RobertT had most interesting stuff doing mixed-signal (analog + digital) work whose complexity reduced analysis and increased odds a change broke something. My constant forays into analog tech are partly inspired by that. He also recommended developing on cutting edge nodes. I don't have $2+mil per iteration, though.

So, back to SAFE, CHERI, or Hardbound-like chips (add Argus error-detection to that) with optional, multi-chip configuration with stuff from different suppliers. Preferrably mutally-suspicious. On top of my scheme to reduce/counter subversion but that's going to be a bigger implementation if at all. :)

"If FIREFLY or Public Key crypto were deemed insecure, it would have been long dropped from Suite A "

Now, here you beat me to the though. I told everyone to watch what they did in Type 1, Suit A, whatever crypto as it's what *they* trusted. They're worried about quantum for sure given recent activities. Yet, they still trust Type 1 devices with Firefly protocol. So, it's immune to whatever they think exists right now unless it's a NOBUS thing where they have the attack but think others don't. I knew and taught to copy their best stuff but didn't make the connection that keeping Firefly means there's no multi-party, quantum attack that they know of. Great thinking on that. :)

Btw, in case I forgot to tell you, Firefly is the Photoris protocol with secret modifications. Mainstream chose against it but NSA chose a version of it. I always wondered why but couldn't know. Anyway, knowing it will get you close to knowing what Firefly is like. Also, SCIP that they depended on is published online with detailed specs. Remember that it's outdated crypto, inferior in some ways, given it's old. Also designed as a do-it-all protocol with significant constraints. Some choices aren't necessary but others could be hidden wisdom. I also know that HAIPE's crypto parts are IPsec for the most part at least for encryption and sessions but with different configuration, some modifications, and I think multicast. It's mostly IPsec's core from my reading, though. So, we have a bit of their stuff.

Most important lessons are careful key generation, key distribution with simple protocols (or manually), and on devices with strong endpoint security & implementations. In a nutshell.

Clive RobinsonMay 8, 2016 12:44 AM

@ Bruce,

One for your "social studies" folder.

It's a report by ARS trchnica on a paper about bad behaviour --air rage-- incidents on aircraft and showing a possible link to "status gap" caused by a first class cabin that economy passangers have to walk through. Interestingly it appears that having the "riff raff" march through is way more likely to cause 'status rage' in first class passengers than in economy passengers...

I guess it's the "roll reversal" of wanabee firsties sitting there having the riff raff march past and look down on them, kind of upsets their view on their natural entitlement and thus their "delicate sensibilities". Or it might be it remineds them they are not realy first class citizens as they sensibly fly by private jet to avoid 'all the unwashed' ;-)

Next time I fly economy --which is unlikely-- and do a walk through I shall take some smug satisfaction from the fact the wanabee firsties feel irritated by my overwhelming presence, and the grin might last for a good long while. B-)

Clive RobinsonMay 8, 2016 1:32 AM

@ Tyr,

Moslems might gain a foothold in the highest of political offices. Can you imagine the Capital of a western country with a moslem at the helm.

Err, your about 24hours late...

Go have a look at the results of the London Mayoral Elections.

WaelMay 8, 2016 1:35 AM

@Clive Robinson, @Nick P,

Another article you can poo poo at,

Sounds like an intricate system! Oh, deer! Must be the theme of this weekend's Squid.

PetterMay 8, 2016 2:05 AM

Passenger misinterpret diff equation for terrorism...

She got scared when see saw his math and the way he was focused on them.
Called the cabin crew, plane return and he got escorted off the a/c.
After a couple of hours the decorated Ivy League economist, Guido Menzio was allowed back on the plane.
The woman did not. Reasons unknown.

Menzio for his part says he was “treated respectfully throughout,” though he remains baffled and frustrated by a “broken system that does not collect information efficiently.” He is troubled by the ignorance of his fellow passenger, as well as “A security protocol that is too rigid–in the sense that once the whistle is blown everything stops without checks–and relies on the input of people who may be completely clueless. ”

“What might prevent an epidemic of paranoia? It is hard not to recognize in this incident, the ethos of [Donald] Trump’s voting base,” he wrote.


https://www.washingtonpost.com/news/rampage/wp/2016/05/07/ivy-league-economist-interrogated-for-doing-math-on-american-airlines-flight/

ThothMay 8, 2016 2:47 AM

@Nick P
Hopefully the Dover design can resist all the opposing forces that prevents it from being a mature project and product and finally bring to market an open source tamper resistant secure chip that can be verifiable without needing NDAs nor needing to be weakened by absurd US Govt impending anti-crypto laws to rival the closed sourced and NDA locked variants of those of Intel, Infineon, NXP, Thales, Gemalto, ST et. al. and that would be considered a success. And yes, I know who taught me about these :) .

Tamper resistant of higher assurances like HSMs goes beyond SOC chips as you mentioned. It is unlikely to protect the entire product unless it's small enough like a tiny crypto token with very small surface areas to pot and tamper mesh and sprinkle those external sensors and a tamper capacitor. Generally the tamper resistant for a large machine would be temperature, motion and cover sensors for the parameter protection of the casing and the rest of the mesh, epoxy, RTC clock and so forth would be done on a very small chipset mounted with all the sensitive component. It is much easier to tamper resist a smaller chipset mount the size of a small tea cup than to tamper resist a 1 or 2U server size machine but overall the tricks are rather repetitive. I have rarely seen innovation in this area of tamper resisting tricks for some time now.

Regarding NSA protocols and implementations, it takes more time to reinvent the wheel than to take an existing product and modify it for higher assurance applications. I wouldn't say they wouldn't reinvent the wheel but the chance of spending all those tax dollars on something like that when the market already have capable products and all it needs is modifications done to suit their needs would not yield the best bang for the bucks.

If they manage to get Dover done for a smartcard form factor and create an accompanying fully open source high assurance Card OS and framework, that would be very interesting as the smartcard form factor is by far the most cost effective and also delivers moderate security assurance levels for a single chip environment which I am looking forward to if you compare them to more costly dedicated HSMs or other secure elements that are not programmable at all.

I am still waiting for the Ledger Blue to push out a production copy and do up their open source documents and codes before I am going to make my steps into committing my designs for it and other open source hardware security platforms.

Federal Bureau of Peeping TomsMay 8, 2016 3:15 AM

@Snoopy the Dog

Google (ironically) outlines some implications fairly well of changes to Rule 41:

http://securityaffairs.co/wordpress/33964/cyber-crime/rule-41-fbi-hacking.html

Google explained that currently under Rule 41, “federal prosecutors must generally seek a warrant in the judicial district to search for and seize a person or property located within the district. This territorial limitation is subject to limited exceptions”.

Whereas, the requested amendment generalizes broad situations in which warrants could be issued to locations outside their district given that it was purposely concealed, or where technology has been damaged and also located in more than five districts in violation of the Computer Fraud and Abuse Act (CFAA).

“Remote searches of media or information that have been ‘concealed through technological means’ may take place anywhere in the world. This concern is not theoretical”.

...

Another point made by Google was the violation of the Rules Enabling Act, as well as alteration of US constitutional rights. The Rules Enabling Act allowed for adaptation of practical, procedural an evidentiary rules, as long as the updates did not interfere with any substantive right. Contrary to government claims, Google suggested, “it invariably expands the scope of law enforcement searches, weakens the Fourth Amendment‘s particularity and notice requirements, opens the door to potentially unreasonable searches and seizures, and expands the practice of covert entry warrants”.

The specifications of what may be searched and how it may be obtained are not clear in the amendment. Remote access is mentioned in the means of searching, seizing or copying digitally stored data, however, this term can be interpreted in many ways. Google declared that remote access could be used to expose a target device’s IP address through the installation of software used to report pertinent information back to law enforcement. Another example of a remote access investigation technique is redirecting user information that is entered into specific websites of interest so that law enforcement can collect data from a target. Google mentioned the large potential for innocent parties’ information to be taken through an investigative technique such as this, as well as the increased exposure to possible malware. The proposed amendment also puts those who use Virtual Private Networks (VPNs) at higher risk to be searched because it would seem that their intentional use of encryption meant they were concealing their location.

The broad statement of damage to a computer in violation of the CFAA would encompass millions of American computers alone. Google reported that in order for the government to search more than five districts at a time, the use of botnets would be needed. These botnet searches, by default, would infiltrate the computers of law abiding Americans by the definition of their damaged computer. Google explained that around thirty percent of American computers contain malware and would be considered damaged.

In summary, this is a free-for-all for government hacking on flimsy pretexts using judge-shopping to get a general warrant where required. The NSA has been doing this forever in secret, and the FBI want to play with the big boys (short dick man syndrome).

Solution: Doing something illegal that could put you away for years? Don't use computers or electronic peripherals. Ever.

Looking at something that is subject to government censorship? Then use VPNs and Tor as usual running off your suitably secure (VM compartmentalized) Linux system, but swap out your ISP for public wi-fi, by using a dbi antenna (&/or parabolic dish and 600mW radio) that can reach several miles or more.

Or run TAILS from USB from the 'right' computer........ 8-))

Clive RobinsonMay 8, 2016 4:30 AM

@ Wael, Nick P,

Since the calculation isn't deterministic in nature, they can live with errors. Time will show...

As I pointed out for some applications the errors are of little or no consequence, others they can be filltered out by a post QC classical computing process etc.

The thing is that many QC researchers want to do it all in the quantum arena, and this may well be holding the whole research field back by decades. Whilst I'm suspect of the D-Wave approach and system, I think the best way forward is a hybrid model that leverages the best of both technologies.

WaelMay 8, 2016 4:58 AM

@Clive Robinson, @Nick P,

I think the best way forward is a hybrid model that leverages the best of both technologies.

I believe so, too. QC will excel in certain areas. The same is true for "classical computers". CPUs are good for general purpose, GPUs for graphics (which can tolerate errors, btw), DSPs for signal processing, etc,,,

The thing I got from watching the d-wave systems' videos and papers is that the QBit "makes up its mind" (0 or 1) based on some "bias function" that basically describes the constraints of the problem. The concept of superposition is relatively not important (QBit is 0 and 1 simultaneously)

As far as cryptography is concerned, I'm not sure how a QC can extract a private key from a public key (what kind of bias needs to be set for each QBit.) How will a QC handle good symmetric key encrypt ions? All outputs (almost) are equip ribald. Will it try all possible keys and see which ones produce meaningful clear text? The narrative that a single QC can look at "all possibilities" simultaneously in one "instruction", and effectively act as 2500 classical CPUs in parallel is east to say. I don't believe what D-Wave Systems demonstrated shows this for a "general purpose computer"... Interesting area, I read about it once in a while.

The concept of a QC operating system isn't described (I haven't checked.) Somit seems QC currently are very specialized and can be programmed for a specific problem to solve. You can't run FreeBSD or other operating systems on them, so they'll need the "classical computer" for general purpose computing.

WaelMay 8, 2016 5:05 AM

The brain is a bit foggy at this late hour... Will fix just two typos. The rest, I'm sure you'll be able to decipher...

"equip ribald." should be "equiprobable", and in a previous post... Ball-effect should be Hall-effect.

WaelMay 8, 2016 5:31 AM

@Jacob,

A novel but practical steg method from Weizmann Institute

If the liquid is the carrier, and the fluorescent molecules are the data, then this is similar to FSK. Neat idea, though. Be careful what you drink, or what you "spill" because if someone sees you spill something, they'll say "something"!

So if your message was “open sesame”, to encode the word “open” you could

"open sesame" && "Israel"? Give me a break...Some people need to brush up on history and literature ;)

Jesse ZaidMay 8, 2016 5:36 AM

"Btw, if you like quantum computers, IBM just put a site up for people to try them out. I don't know if it's simulated or a real machine."

Fork bomb anyone? :-)

Clive RobinsonMay 8, 2016 5:38 AM

@ Wael, Nick P,

The concept of a QC operating system isn't described (I haven't checked.) Somit seems QC currently are very specialized and can be programmed for a specific problem to solve.

[you missed another typo me thinks]

As for an OS for a QC, I think you are viewing it incorrectly, think of QC not as a conventional computer but the equivalent of a Floating Point Unit Co-Processor. It would be fairly pointless writing an OS for an FPU likewise a QC Unit.

ianfMay 8, 2016 5:38 AM


Clive's missing URL for Bruce's "social studies" folder [err… what else is there—enquiring minds begin to wonder] is this:

http://arstechnica.com/science/2016/05/air-rage-is-more-common-when-economy-class-passengers-see-first-class/

There was another story there however that ought to be of interest to this forum's readers: Washington Supreme Court invalidated the trial of 3 shooters convicted on the strength of (1) their admission in custody that they belong to a gang, hence should not be placed in a cell with another gang's members – which could not be considered voluntary; and thus that (2) the music tracks on their phones—a Latino band of some renown—can not be used as corroborating evidence for them being in a gang. Small points, perhaps, especially considering that the three "non-deadly drive-by assault" shooters, with no gun in evidence, have been sentenced to 53+53+83=189 years in prison… the American WASPy way of keeping the proles subordinate and docile.

    Use caution "when drawing conclusions from a defendant's musical preferences." said the Court. The prosecutor wasn't happy with the reversal.
http://arstechnica.com/tech-policy/2016/05/court-says-music-on-cell-phones-cannot-be-used-as-evidence-of-gang-ties/

CuriousMay 8, 2016 5:45 AM

@Weael

I wonder if perhaps they maybe really mean 'stochastic', because I've never heard about "stoquastic" before. Unless ofc, 'stoquastic' is a real term.

WaelMay 8, 2016 5:55 AM

@Clive Robinson,

you missed another typo me thinks

You "thinks" correctly. More than one, though -- a lot more.

As for an OS for a QC, I think you are viewing it incorrectly,

Perhaps I'm thinking correctly! A QC' OS is different than a regular OS. So a port of FreeBSD will behave differently. Besides, is there a "correct way" to view quantum computers? You can view them "correctly" and "incorrectly" at the same time :)

I exceeded my quota for today... Better try to sleep now before I say something I regret. And I see @ianf just woke up, so trouble is brewing :)

Clive RobinsonMay 8, 2016 6:07 AM

@ jacob,

A novel but practical steg method from Weizmann Institute of Science.

It's a bit more interesting than that ;-)

The reason secret inks went out of use was the "universal" iodine vapour test. Put simply liquid inks "watermark" the paper by causing faint changes in the fibers, and the iodine vapour shows the watermark damage up hence the message.

This ink however, whilst giving the meta data that there is a hidden message with the iodine vapour, it does not give the message as traditional inks do.

However there is another test these days that shows the presence of hidden inks without using a chemical. It's a form of oblique light false colour imaging. Which begs the question as to if micro samples of the ink spots are removed can they be analyzed then the resulting mrssage subjected to crypanalysis in the usual way.

ianfMay 8, 2016 6:26 AM


@ Clive, if you “poo, poo” (or even merely "number one") at microbes, the microbes will happily take it all in stride and multiply to their nuclei's content. Unless you meant "pooh, pooh at," which Wael might have been too foreign to grok.


@ Jacob “A novel but practical steg method (…) using fluorescent molecules, with code revealed by a cola drink.

How is such a transient relay channel to be considered usable even for one-off simplex messages? Might as well develop a method for verifiable ad-hoc modeling of blob shapes in a Lava lamp as a coded communications beacon.

Besides, Wael & Clive, if the method had any legs to it, be usable in the field, the Weizmann Institute would be selling it by the fizzy-drink case load to the 5eyes, rather than spilling their cola onto the minds of the unwashed.

P.S. short of lemons, the incarcerated Marquis de Sade used urine to write secret messages. Apparently worked just as well with a candle flame.

Big-Data Expert Systems to the RescueMay 8, 2016 8:03 AM

Medical Mistakes are 3rd Leading Cause of Death in U.S.
http://www.sanders.senate.gov/newsroom/press-releases/medical-mistakes-are-3rd-leading-cause-of-death-in-us
Preventable medical errors in hospitals are the third leading cause of death in the United States.
The lack of medical coordination is appalling, even outside the hospital. I can’t wait for expert based Big-data algorithms to replace overpriced, overworked distracted humans beings.

Quality, consistency and costs should dramatically improve. The payers (government and insurance companies) are expected to move to these expert systems at lightning speed. Whoever develops the best expert algorithms wins a pot of gold even bigger than social media.
As the field matures, I’d expert open-source software to further reduce costs.

Health car laws must insure is that personal electronic medical records remain under the explicit control of the individual and not sold in secret to advertisers or employers. Be wary of lobbyists inserting loopholes for the White House and Congress. For instance when medical data is given in confidence and then used for another non-medical ‘business’ purpose. Patient Data and outputs should ‘expire’ and be destroyed.

The money is in future medical expert systems which will require certification like space or flight software. Doctors will be under contract to NOT deviate from the coming national uniform care standards.

Difficult Patients Evaporate
The beauty is that I as a patient will no longer need to rapidly stimulate the distracted doctor into focusing on my history and symptoms during my 10 minutes of fame. Patients can log-on to their national HIPAA accounts to document changes 24/7. Urgent appoints will automatically be scheduled at the optimal facility without the need for a costly and time consuming referral.

No matter where you move, the quality of healthcare remains largely constant. Welcome to superior Big-Data nationalized healthcare.

If this system is not corrupted (by respecting privacy), then this is the first instance where I approve of the use of Big-Data. If legislated correctly, it will truly benefit mankind.

Markus OttelaMay 8, 2016 8:04 AM

TFC 0.16.05 is now ready. I updated all three versions (NaCl, CEV and OTP).

Some highlights:
CEV and OTP got the updates I added NaCl after 0.5.5 versions. (The version numbering is now 0.YY.MM, hence the move backwards).

All major programs are now unittested (coverage needs improvement).

Most of CEV libraries where changed: Keccak team's python implementation was changed to SimpleSHA3 that provides bindings to djb's C-implementation. PYPI's Salsa20 was replaced with PyCA's XSalsa20-Poly1305 (adds even more authentication), and (deprecated?) PyCrypto was replaced with PyCA's Cryptography library for AES-GCM. Having unittests with KATs that use official test vectors gives a lot more confidence to the project.

The installer now comes with pinned hashes to crypto libraries (no more unauthenticated PIP). Also, when TxM and RxM configuration is selected, all dependencies/libraries/programs are downloaded and verified in the beginning. After that, the installer runs 'ifconfig down' for all interfaces except loopback. This tries to close the window of opportunity for remote compromise as much as possible. Once the interfaces are down, the compiling of crypto libraries starts.

All versions of Tx.py can now generate keys from HWRNG by sampling it through the GPIO pin (no more genKey.py) or SSH, by remotely running hwrng-{nacl,cev,otp}.py. Initial issues Paramiko had with AES IVs have now been fixed. The code that's running remotely is minimal, and requires no dependencies so you can type the program to RPi manually. Von Neumann whitening is done during sampling, and compression is done by Tx.py, as it's likely running on faster HW than RPi.

Sampling times were set to 10Hz for NaCl and CEV, 2000Hz for OTP (going back to recommendation by designer of circuit).

The LUI is a bit more polished now, and Tkinter file dialogs makes handling of PSKs a lot easier, especially with CEV and OTP. For OTP /newkf command now generates a new keyfile (HWRNG XOR /dev/urandom, compressed in blocks using SHA3-512). Keyfiles are changed with /chkf command. All versions can now load PSKs for contact without shutting down Rx.py. This can be done with /rxkey command from Tx.py, that opens a file dialog on RxM. In cases where software is run over SSH for whatever reason and Tkinter isn't available, there's a fallback option (default directory or user can specify the directory).

TFC-OTP no longer uses blacklists (a bad idea). The overwrite char was changed from '!' to 0x00, and the offset of keyfiles is now from the start of keyfile instead of 3 * pkg_size.

TFC-OTP now uses hard coded packet length of 254 to reduce chance to fingerprint individual users on packet size. It drains more keydata, but convenience is not as important as security for this project.

Importing keyfiles from removable media automatically shreds keyfile from the media. There was an article put out briefly after I pushed the project to GitHub, that states shred no longer does what it's supposed to. I realize this but since some people might still be running shred-compatible file systems on magnetic media, there's no need to remove it. After all, the software recommmends user physically destroys the removable media; that's what matters.

The trickle mode of CEV and OTP was improved so that like TFC-NaCl it runs 'constant time'. This is again, done by measuring the duration of loop, adding sleep to bring the processing times as close as possible to 2000ms, and then obfuscating the slight differences with random sleep time between 0 and 1000ms, determined by /dev/urandom. I think a lot more robust solution is needed but it looks like Python isn't going to provide one. For some reason my RPi gave ~4000ms processing time for the first noise packet, after which delays dropped to 150ms. So I changed the critical error to soft warning that recommends adding more constant delay to trickle value if the warning repeats.

Rasbpian has added Pidgin to their repository at some point after the project started, so the installers now support that configuration as well.
OpenSUSE and Fedora were dropped from supported NH configurations for CEV and OTP.

JacobMay 8, 2016 8:13 AM

Our good (and may I add intelligent and emancipated) Texas Judge S.W. Smith is at it again:

https://www.justsecurity.org/30920/courts-going-dark/

Excerpt:
"FBI warnings about “going dark” in the face of advancing digital encryption seem less urgent than before. Perhaps there are other ways — buying exploits in the zero-day market, plea bargaining pressure — to skin the encryption cat, after all. Are privacy advocates correct that a “Golden Age of Surveillance” has arrived, and the real question is whether law enforcement has too many tools, rather than too few? Or will unchecked encryption enable criminals and terrorists to wreak havoc via the Dark Web, as Director Comey fears? Although an interested spectator, I am in no position to judge that technical debate.

I am, however, better positioned to ponder a less publicized “going dark” threat to another branch of government, the branch most indispensable to the rule of law — our court system. "

Also, if you have't read his treatise on the history of privileged FBI techniques, here it is again at
https://www.schneier.com/blog/archives/2016/03/friday_squid_bl_519.html#c6720247

Bumble BeeMay 8, 2016 8:27 AM

Do people wonder if or how I am still alive? There are probably more than a couple of bloody corpses back there because people were stealing my stuff.

Rest assured, reports of my death are greatly exaggerated.

All this stuff is getting old, the rape case on Eielson AFB from my college days, the lesbian DV case on campus, Colonel Mustard who disobeyed orders at Camp Bonneville when he was told to clean up unexploded Army ordnance, and was caught in violation of the Miller Act because he disbursed Army funds in excess of $5000 to a contractor who was not properly bonded for payment and performance, so now his buddy Colonel Ketchup is after me, and it just goes on and on...

The drugging, the poisoning, tampering with my car brakes, and so on and so forth...

So the Lord of Hosts mustereth the host of the battle.

ianfMay 8, 2016 8:38 AM


@ albert – I realize that individuals suing one another in court for perceived slights or injustices is not the most viable course of action, but, on the other hand, unless those affected AND bystanders vehemently protest at various authorities' abuse of (what in this and similar cases can only be termed) SWATting-by-proxy, there will be more, not less of it.

Still, given that today's battles are won in the mind of the public opinion, wronged individuals aren't exactly left without options. One of which is simple enough: asking aloud at stockholders' meetings etc. to management unpleasant questions why they allow themselves to e.g. be used by one passenger to the detriment to all the others, and company profits besides? On slow news days' the local media will lap it up.


@ Wael shares a moment: “one time on a long trip from Tokyo to Seattle I almost got in trouble for speaking Arabic into the phone, but the plane was half way to its destination

Let me guess, that must have been well before 2 May 2011, when the custom of depositing uppity Muslim at sea has entered the Occidental public imagination. However, it also shows that, essentially, you are incapable of appreciating the small gifts of life such as exotic transatlantic travel in meditative awe and silence, unless, perhaps, compelled to do so by a mil-spec hood and chains.


@ Thoth, albert “You fill a CD-R with random data after including the Live CD image so that nothing else can fill the remaining space (i.e. special executables ... if you know what I mean).

Wouldn't those random data be like a semaphore to any inspecting opposition that you're beyond conscious of the security aspects of the entire chain? Filling the remaining space with clearly labeled backup of e.g. public television's video uptake of parents discussing after-class activities in District VII might be the better option; also (if one is lucky) doing the investigator with boredom to death.

Clive RobinsonMay 8, 2016 9:44 AM

@ ianf,

... the incarcerated Marquis de Sade used urine to write secret messages.

THe article mentioned acids and sugars as the reason lemon juice worked...

Perhaps the poor old Marguis was severely Type II diabetic ;-)

So you may just have made a contribution to the historical record...

WaelMay 8, 2016 9:47 AM

@ianf,

Let me guess, that must have been well before 2 May 2011

Wrong! It's about that date ~ 4 years ago.

However, it also shows that, essentially, you are incapable of appreciating the small gifts of life such as exotic transatlantic

I tell you Tokyo-Seattle and you tell me Transatlantic? That's the wrong puddle! Besides, I didn't tell enough; your inference is baseless.

K15May 8, 2016 10:32 AM

I'd thought Citizen Lab (.org) was an unusual name for an org protecting dissidents of foreign regimes. Maybe unusual enough that email doesn't work as expected.

Bumble BeeMay 8, 2016 11:18 AM

@Clive Robinson

@ ianf,
... the incarcerated Marquis de Sade used urine to write secret messages.

Let's be done with this trash. I already had enough of it with @Grauhut's obnoxious Twitter presence. Bitches, Dudes, Scum, and Mucus. There's a whole city block full of that stuff here in Baltimore, particularly the 400 block of E Baltimore St, between Holliday St / Commerce St and Gay St. It's right in front of the police station, and the rich and filthy ride the train up from Washington DC (or Fort Meade or wherever) to patronize that stuff.

How lovely. Like they used to say in the '80s, "Not."

ianfMay 8, 2016 11:33 AM


@ Clive “you may just have made a contribution to the historical record...

Alas, can't take credit for mere regurgitating what I've read elsewhere, somewhere (could have been in this biography).


The article mentioned acids and sugars as the reason lemon juice worked... Perhaps the poor old Marguis was severely Type II diabetic ;-)

I'm not much of a chemist, but it seems to me that any light base or acidic fluid applied to and dried on paper will change color when the substrate heated up. I could try to validate it at my end, but then you wouldn't necessarily believe me, and so had to repeat the test by yourself, by which time we'd risk getting into a "your pee's pH value is different from mine" and seek Bruce's assistance as an escrow for mutually exchanged pee samples for cross validation… mayhem.

Better we end this topeec with these two ObLitContent anecdotes:

    (1) in David Simon's "Corner" TV series, there was a scene in which Baltimore ghetto "street entrepreneurs" sold ready-prepared $2 vials of drug-free pee to those collecting food stamps etc, where depositing such was a precondition. It was all done on the doorstep in full view of the Social Security handlers, everybody doing their bit by the book.

    (2) I also remember a short story by a Romanian, in which a artsy dissident expressed his displeasure with the regime by perfecting the art of figurative peeing, e.g. outline portraits of Cauçaescu in the snow in city park. So far so god. His problem was that no passerby paused long enough to analyze the artwork for what it was, and not even dogs found it interesting.
@ Wael
essentially, you are incapable of appreciating the small gifts of life such as exotic flights

    Wael: your inference is baseless.

Don't shirk the main issue, which is:

TRANSPACIFIC flights: blabbing into a phone;

Schneier-blog: blabbing with a keyboard.

albertMay 8, 2016 11:41 AM

@ianf,

"...SWATting-by-proxy..." Hardly. A tempest in a teapot. No one involved had any ill intentions.

Now we're entering the realm of social psychology, that is, pseudo-studies and conjecture, in which there are always more questions than answers. I offered the opinion that the woman was a idiot. Scared shitless perhaps. Why? You know the answer.

1. Fear (woman)
2. Lack of civility (man)
3. Overreaction (security personnel)
4. CYA (airline & crew)

EVERYONE involved is locked in a system of dysfunctional sub-systems. Nothing can be done. Publicity only reinforces the publics perception of dysfunction. Because of the fear factor (and the billions of dollars to be made), it's difficult to imagine how much worse it can get.

Will something be done before the torches and pitchforks come out?
............
@Wael, ianf,
Tokyo-Seattle? Try Tokyo-Chicago! Chicago-Amsterdam! Even pre-911, even in business class, those trips are a bitch. Nothing exotic about it.
...........
@Bumble Bee,
Baltimore St. in the 80's? "Thanks" for reminding me, man! That stuff is still happening? Anything one hears about Baltimore St. is probably true.

. .. . .. --- ....

WaelMay 8, 2016 12:06 PM

@ianf,

Don't shirk the main issue, which is:

The main issue is: passengers on a plane that either speak Arabic or write in a different script, prompts "see something, say something". And my point is that I have not experienced this so far. And if I do, I wouldn't care either. I understand! I'd probably do the same thing if we swapped positions (and was afflicted with ignorance of cultures and suffered from narrow mindedness and xenophobia.)

blabbing into a phone;

The incident had nothing to do with a phone. I had a loud argument (in Arabic, so I don't offend others) with one of my colleagues who was on the plane (obviously.) He was inconsiderate (talking about Japanese food while the polite Japanese travelers were next to us.) I won't "blabber" more about the subject. Your presumptions weren't accurate, and that's my point!

KillTheFakersMay 8, 2016 12:39 PM

About the fake AP Wire on email pw stolen

My bad. "World Password Day" was May5th.
[https://blogs.mcafee.com/consumer/world-password-day-2016/]
[https://passwordday.org/]

Sorry, I don't subscribe to McAfee.
When you fake a threat, does that really reach, or could slimebags just be straight with people? Somebody pistol whip Alex Holden and Reuters for me.

I guess I wasn't in on the gag. What happens when web marketers get a hold of security. My opinion is don't do crap like that. Somebody spends time and money on such an effort and the lack of direct messages only obfuscates their effort. It's the slimey 50% of the industry that acts like that.

BTW, how hard is it to make a pw that a dictionary attack would fail? Easy. And our biggest threat in distributed brute-force cracking is the US govt. Protect the hash, first of all.

rMay 8, 2016 12:54 PM

@Wael,

"is there a "correct way" to view quantum computers?"

Probably 'Quantum computing' or 'Quantum capable' imb, not being an engineer or anything of significance ofc.

anyways, something i just thought of...
there is an inverse moore's law with primes and the chinese number theorum?
eventually the cost of verifying new primes will exceed our ability to avoid the bit-ed-ness attack we saw previously in factoring them i think.

can we discover and verify them faster than we can scale our factoring abilities?

rMay 8, 2016 1:00 PM

yes, in understand discovering primes entails factoring numbers too... but current methods of discovery i'm aware of are curve estimates and traditional computation blocs. if everyone is investing in qc for defense(offense/cracking/pre-factoring) we need to put the same amount of speedup into discovery.

is that right?

Clive RobinsonMay 8, 2016 4:50 PM

@ r,

[primes] can we discover and verify them faster than we can scale our factoring abilities?

Yes, even if someone comes up with faster factoring it works for both. If you look at it this way, we use two primes of approximately the same number of bits and multiply them together. The result has double the number of bits. Which is the same magnitude as X^2.

We can find primes or probable primes with a sieve algorithm, some of which can be applied from a close prime factorial which are relativly easy to find, thus the work factor is considerably less.

GrauhutMay 8, 2016 5:08 PM

@Bumble Bee: "@Grauhut's obnoxious Twitter presence"

LOVEINT? Sorry, i'm straight! :D

And now make my day, what is my twitter nick?

WaelMay 8, 2016 5:11 PM

@r, @Clive Robinson,

can we discover and verify them faster than we can scale our factoring abilities?

I'm not a cryptographer, so take my words with a grain of salt (yay big.) I'm not a physicist either, and my knowledge of quantum mechanics doesn't exceed college level education by much. It's one thing to read a book or two, pass an exam or two (or fail them), Google a paper or three, ... and a totally different matter to spend 20+ years to earn a Ph.D. and work in that specific area. It's why I listen to experts, read their papers and watch their videos when I'm in the right mood. So, I'm not the best person to ask these sort of questions, but I'll reply so as not to ignore you.

I'm not sure I can directly answer your question either. However, if I were tasked with a nation state security, I would operate under the assumption that other adversaries found an efficient secret algorithm of factorization. That algorithm can either factor the product of large primes (2 or more primes, as in multi-prime RSA - an HP invention that was sold or licensed to someone else. I forgot) I used RSA as an example, the same assumption would hold for ECC and other algorithms.

To find a good factorization algorithm is equivalent to the design of a QC that can accomplish the same thing, if the times are within a reasonable range.

Here are some references...


factorization complexity


PS: I just saw @Clive Robinson reply. Our brains must be entangled somehow. Strange we decided to reply around the same time.

tyrMay 8, 2016 7:41 PM


@the usual suspects

I knew about Khan.

I think having the luddites return to Roman numerals
would exercise their brains enough so math could be
done in peace and quiet.

On the other hand I expect the next Hollywood terror
blockbuster to be titled "Math on a Plane". Since
math inspires fear in the hearts of proles and elites
alike these days.

WaelMay 8, 2016 8:35 PM

@ianf,

I owe you an apology. I wasn't very coherent this weekend (lack of sleep, nothing else) and did mention:

where I almost got in trouble, but the plane was half way to its destination :)

But then said this:

The incident had nothing to do with a phone.

So your "assumption" has basis. But the transatlantic thing is priceless :)

WaelMay 8, 2016 11:19 PM

@Curious,

Re "stoquastic"...

I must admit it was the first time I see that term, I know a Hamiltonian, but not "stoquastic". A quick search shows it's a proper term. Not in the mood to find out what it means. And even if I read it now, I won't understand it. Insomnia is a harsh mistress... Lol

Nick PMay 8, 2016 11:31 PM

@ Wael

I feel you on insomnia and not in a mood. Fancy words like that annoy me so I Googled it. The definitions were on top. Let me give you the Southern translation of the word: stoquastic is a fancy way of saying some speculative bullshit coming from people who are a little lacking in the evidence to offer something stronger. Accurate or not, I'm fine with that definition of that fancy word. :)

FigureitoutMay 8, 2016 11:32 PM

Neat little wifi network monitor I've been working on for past day and a half or so. I just need something I can just sit and do its thing, I'm not going to use it much otherwise besides having something cool to look at on my desk; going to use a beaglebone instead as a more regular PC. Just scanning wifi networks seemed useful enough for now. I wanted to get the program "Fing" to work but couldn't. I was concerned about wireshark filling up a log file (if I can turn that off, I will try that instead, so constantly scanning packets in our network while I'm surfing on separate devices). Instead I'm using "wavemon" and it works pretty good. Have to run it as sudo. Much better in console than in "X", in console it takes up whole screen of a TFT screen, which is small enough already so you need every millimeter you can get. In X on latest Jessie image, it gets constrained by terminal window then the top bar.

Just using the Jessie Lite-PiTFT image from adafruit (latest one). Using the full version that boots into X immediately kinda sucks, I wouldn't use it. The Pi has an amazing CLI that beats the GUI in quite a few ways. Lots of config stuff I've been doing that's much harder on the TFT than on a regular screen for whatever reason lol.

Another cool thing was I got a bootup script for my dongle by making a script in /etc/init.d/scriptname. The dongle doesn't have an ID where it needs to be, so I'd have to type this annoying modprobe thing each boot to use it. You could do some RNG seeding here or whatever else you want configured for each boot.

This could easily be modified to be a dedicated ADS-B monitor/receiver but I'd rather scan wifi networks for now.

Blanked out network names / IP/MAC addresses:

http://postimg.org/image/83xyknrpd/

http://postimg.org/image/4wgwnp5a9/

WaelMay 8, 2016 11:42 PM

@Nick P,

I feel you on insomnia and not in a mood...

Yea, about three hours of sleep since Friday morning... Not all insomnia, some work to finish too.

Accurate or not, I'm fine with that definition of that fancy word. :)

Works for me :) The thing is I read it as "stochastic" until @Curious alerted me.

Nick PMay 9, 2016 12:18 AM

@ Wael

Wait, that prior definition was for stochastic which replaced my search query. Stoquastic just shows up in some quantum research papers. It's either a misspelling or some made-up bullshit by a community that has a higher affinity to bullshit than most in physics. So, I think we're still on track with my original assessment.

tyrMay 9, 2016 12:54 AM


New issue of Phrack is out.

http://phrack.org/issues/69/1.html

I know John Baez and others were working on Q deformed
mathematics at one time, apparently an attempt to recast
venerable formulae in a form that was compatible with
current physics. It seemed to be a shortcut instead of
re-inventing the wheel from scratch. I remember sitting
in on a videoed remote session where one of the major
presenters lost track of what he was trying to do with
an explanation. That's what is fun about cutting edge
stuff it doesn't always assume easy transparency even
to the originators.

Clive RobinsonMay 9, 2016 1:23 AM

@ Wael, Curious, Nick P,

I must admit it was the first time I see that term, I know a Hamiltonian, but not "stoquastic".

What you need first is a "frustration-free Hamiltonian"...

And people claim I've a warpped sense of humour...

WaelMay 9, 2016 2:35 AM

@Clive Robinson, @Nick P, @Curious,

What you need first is a "frustration-free Hamiltonian"...

Oh, man! Partially got it

we also want the Hamiltonian to have non-degenerate ground state protected by a fixed energy gap, to involve only two-body interactions, and to be frustration-free so that measurements in the course of the computation leave the remaining particles in the ground space.

See slide deck" for an "explanation"...

And people claim I've a warpped sense of humour...

Seriously? That's ... Unbelievable!

WaelMay 9, 2016 2:44 AM

@Clive Robinson, @Nick P, @Curious,

I'll save the few of you who don't know the trouble...

A Hamiltonian H with real entries on the diagonal and negative entries off-diagonal is called stoquastic....

I showed enough ignorance for today...

Clive RobinsonMay 9, 2016 3:52 AM

@ Wael,

I'll save the few of you who don't know the trouble...

Now who's got the warped sense of humour...

I'm guessing most people's brains exit stage left through their ear when they read "A Hamiltonian H with..." ;-)

All "frustration" jokes aside, I take a passing interest, and I just can not keep up with the jargon in the field let alone the implications of the math.

Then, just when you think you've got the bag of snakes straightend out, somebody comes along and goes "No No No, that can not be because..." and squiggles it all up again with a wall of hieroglyphs an ancient Egyptian would be proud to put in their pyramid :-(

CuriousMay 9, 2016 4:00 AM

Unfounded speculation from someone that isn't a mathematician, physicist, nor a technologist:

I've always wondered if the math used by physicists for anything quantum physics could be used to undermine crypto math, if the math or the data structure used appeared similar.

It wouldn't surprise me if "quantum math" could be used to hide away some underlying structure in some kind of number maze (think lattices and matrices), that could either covertly shape the distribution or positioning of numbers in any given area.

Afaik, block ciphers rely on some kind of 2D data structure (my impression, not really knowing anything about crypto), I can sort of imagine crypto using some 3D structure, or rather, implementing a hidden 3rd dimention to 2 dimensional data structures (like block ciphers?). Imagine some non-colored rubics cube being rotated around inside a huge 3D "dataset".

ianfMay 9, 2016 4:47 AM


An acute analysis of ISIS‍.‍eu terror—such as they were—networks from thegrugq. Amateurish petty criminal thugs from the suburbs, the lot of them, assembled in loose social networks with not a trace of OPSEC insights and planning capabilities. More than that, however, the quite long (13 min read) essay amounts to a MASSIVE INDICTMENT of the unprofessionalism and other systemic ills ailing the Belgian police, dysfunctional state and security apparatus(es).

https://medium.com/@thegrugq/jihadi-gang-warfare-4bc0ba8bd309

Or, as thegrugq stated it (for those who need not read further):

    […] It was a lack of wiretaps and interpreters that enabled the ISIS militants to evade detection. […] The police were not blinded by encryption, but by lack of resources.

    […] the biggest enabler of the network was the poor resource constrained Belgian police work. [The thugs] had massive luck in operating in a country that is totally incapable of handling a large gang. [still, I wonder how many other Western countries are THAT prepared on a day-to-day basis—ed.]

    […] The militants did not need good tradecraft, the police were, very literally, not listening… the lax operational environment in Belgium was the single greatest contributing factor to the success of the network.

Clive RobinsonMay 9, 2016 6:40 AM

@ ianf,

The problem with the observation of 'the police were lax / under resourced / etc." is the implication of "sufficiency".

It's the old "defense appropriations" argument of "you only know when you've spent to little or baldly on defence when it is your attackers that write the history"...

Like "first past the post voting" every penny / vote past that which achives the win is wasted. On the absurd reduction then one vote or one penny is what a win is all about...

The obvious problem is knowing blind which vote or penny is the winner. Thus the tendency is to over voting / spending which is a significant waste...

Which means somebody for their own political reasons will grind an axe on the waste.

The two basic solutions are cut back on the waste, and use the excess resources for something else "politicaly productive".

The former risks others writing your history, the latter a police state or worse.

Thus the trick is to try and ensure the pendulum swings gently back and forth across that one penny, never alowing the swing to get sufficient that either risk predominates. But that penny is in an unknown place, we know that technology moves it in one direction and profits in another, but like pinning the tail on the donky your chances of sticking the pin in the right place is low.

Nick PMay 9, 2016 10:54 AM

@ Wael

Nah, it wasn't ignorance. That's such a made-up word. It's as real as the quantum computers they tell us are just 5-10 years around the corner.

WaelMay 9, 2016 11:26 AM

@Nick P,

That's such a made-up word

Made-up words are nothing new. The rationale of deriving these words was somewhat "justified". Take for example the word "Spectrum" -- we know what it means! Take the inverse Fourier Transform of it, and you get the made-up word "Cepstrum". The justification is understandable and makes sense (The name "cepstrum" was derived by reversing the first four letters of "spectrum" .)

Now, how did the word "Stoquastic" evolve? It seems there is DNA remnants of "Stochastic" in its origin. Does the "Q" refer to Quantum? What about the "u". Is it a portmanteau of stochastic and quiescent? Remove "ch" which may refer to "chaos" and replace it with "qu" that indicates some level of "quiescence"? I don't know...

Hals Geschossen, ACPMay 9, 2016 12:38 PM

Re the "math terrorist":

Dear Public Transportation Passengers,

If the person next to you is writing something, SHUT THE FUCK UP!

If the person next to you is reading something, SHUT THE FUCK UP!

Where I live or where I'm coming from or going to or what I do for a living are NONE OF YOUR FUCKING BUSINESS!

Go play Candy Crush or beg the other cybercretins for meaningless "likes" and "points" or listen to the double-digit-IQ blather sloshing around inside your own head, but SHUT THE FUCK UP!

Because SOME of us (granted, a seemingly ever-diminishing number) are actually trying to DO/LEARN something!

Also, MIND YOUR OWN FUCKING BUSINESS!

(Oh, LOOK! It's a CLOUD!)

Nick PMay 9, 2016 12:50 PM

@ Wael

Good analysis and guessing. It probably was something like that. Most likely, it's part of the often-justified trend of creating jargon for specific fields just to easily convey ideas within those fields. IT and INFOSEC have a ton of this. So, best case, it's just their jargon that we're not supposed to understand anyway. (shrugs)

Nick PMay 9, 2016 12:54 PM

@ All

I'm not Stallman but time has proven him out quite a bit. The largest vendors of proprietary software have acted on about every risk he discussed. They weren't holding back haha. So, I thought it was worth coming up with a response to a commenter that thought systemic risk posed by proprietary software might be overstated. I tried to create a small set of points that showed it exists and FOSS is immune to it with real-world damage done by each point. Here it is for review:

"There actually are many systemic risks under common distribution and licensing models for proprietary software. I used to think Stallman et al were vastly overstating the situation. These days, I think he was mostly right based on what companies did & do. I'll give you a few data points for your consideration.

1. Privacy/security. Proprietary vs open-source is false dilemma given first, secure system was a proprietary system (Burroughs B5000) that shared source with users. You can share source for vetting, local builds, or whatever while charging for it. Yet, most software comes as a binary where devious things are easily hidden. Many easily prevented 0-days and backdoors (esp undocumented FTP or SSH) have been found in proprietary systems over time. Even firewalls per Grimes' regular assessments. People are running out of room trying to find all the places Windows 10 is tracking users. They can't even turn them off. Leads to next risk.

2. Control. This is really most important. A fully, OSS product lets you use it however you choose. A proprietary licensed product, esp if not perpetual, can arbitrarily change how your product is allowed to be used later down the line. They can legally shut you out of certain benefits. This is getting common with app stores, DRM restrictions, games. I used to get games I could use permanently. Now, I often have to get online to access profile for even single-player games. The vendor, despite protest of users, plans to take service down after some time to force us to buy more expensive stuff. They also put ads in there because we can't turn them off so why not. Control is very important and many major companies are abusing the fact that "our" devices/software are actually "their" devices/software we merely get licensed to use only how they want to. Future-proofed against this with FOSS.

3. Lockin. Proprietary vendors often use obscure storage formats or communication protocols to make it hard to extract your data. They use custom API's to reduce portability. The result is that, after you build on them enough, you're effectively stuck with them since a move would cost exhorbitantly more than just paying an obscene licensing fee again. Such lock-in lets companies effectively stop innovating and benefiting their customers while their customers are powerless to do anything since the business, its apps, or its data just go bye-bye. Open storage, protocols, and API's can mitigate this but they (esp Microsoft) have nasty habits of subverting those with extensions or undefined behavior. So, FOSS clearly has a win here as you can just use the source itself to get off the platform if you want or pay someone to improve it.

4. One company I know specializes in proprietary hardware they sell but with FOSS software. In a discussion, the lead engineer told me he refused to use proprietary in their products since he was burned badly by one. The issue is the right to inspect code to debug and fix the dependency. You don't have it with proprietary & the vendor might not give a shit once you've already paid them. He (and FOSS advocates) argue that the complexity & bug-rate with modern software make it imperative to have source to ensure anything you build on it works correctly now and later.

5. Legal risks. No secret that licensing is often a minefield where compliance can be tricky. Vendors make it hard unnecessarily & overcharge. Business Software Alliance represents them telling customers' employees they'll get bounties if they snitch about instances of this then suing the crap out of small and mid-sized firms that didn't pay Microsoft, Oracle, etc enough. Big firms stay patenting software stuff, even cut n paste is Microsoft's haha, that they use to sue any competition or even users cloning to escape a bad platform. Recently, Oracle's argument that API's are copywritten essentially says nobody can make an alternative that's backward compatible and Oracle's users should be legally forced to be stuck with them. All these risks, except patent suits, are nonexistent when you use FOSS software. Plus, working with predatory companies seems wrong on principle.

6. Abandonware/bankruptcies. Company gets tired of supporting something or goes out of business. They can force you to keep buying something while basically not updating or supporting it any more. Lots of games and old apps in that status that are still fun/useful today but have to use emulators due to no source or legal restrictions. Impossible with FOSS as someone can roll up sleeves and code.

So, there's some datapoints that have and currently are burning up companies that invested in proprietary instead of open solutions. The major FOSS techs from 10 years ago still exist in some updated form with many others in development. Clearly systemic risk on one side of the equation with very little on other. What you think? :)"

WaelMay 9, 2016 1:13 PM

@Hals Geschossen,

If the person next to you is writing something...

How dare you override the directive of "if you see something, say something" with: "If you see something, STFU" :)

WaelMay 9, 2016 1:34 PM

@Nick P,

What you think? :)"

"What do you think?" should be outside the quotation mark delimiters ;)

1- Privacy/security. Proprietary vs open-source is false dilemma...

But we need to factor in the level of exposure! One limited group gaining access to proprietary software isn't equivalent to open source available to an unrestricted number of reviewers!

2- Control...

Valid point, but normally covered by contractual agreements.

3. Lockin...

True. Common across most industries. @Dirk Praet once talked about a nuclear reactor in Belgium with a similar "Lockin" issue. It's the reason clients prefer industry standard methods. Proprietary = Evil; Industry Standard = Good.

4- One company I know specialize...

Valid. It's a way to sell additional maintenance and generate new revenue streams. They also get a closer look at your environment so they come back with another "solution".

One company I know specialize...

That's what attorneys are for.

6. Abandonware/bankruptcies...

Valid, too. Some cases can be handled by contracts that mandate source code to be available in escrow under these circumstances.

I need to make myself scarce for day or two...

Nick PMay 9, 2016 1:48 PM

@ Wael

"One limited group gaining access to proprietary software isn't equivalent to open source available to an unrestricted number of reviewers!"

It's a mixed bag. Traditionally, malware authors have had no problems finding 80% of the attacks because they're easy to spot in assembler. So, FOSS only adds minor risk if we're talking code injection.

"Valid point, but normally covered by contractual agreements."

Have you ever read an EULA for Windows, Oracle, etc? Or tried to sue a multi-billion corporation? I think the situation isn't so simple. The licensing agreements for most commercial software are horrible.

"It's the reason clients prefer industry standard methods. Proprietary = Evil; Industry Standard = Good."

True. I had that in my essay. Remember "Embrace, Extend, Extinguish," though. That's how Microsoft conquered open standards. We see this even in the ubiquitous C compilers where Microsoft- or GCC-specific behavior ties your C program to their compilers if you use it. Hard to get off those compilers as some GCC to LLVM transitions are seeing. So, open standards help only if one is (a) strictly conforming to the standard and (b) it has no ambiguities. An English document about complex formats, protocols, and systems that has no ambiguities. Lawyers would be poor if that was an easy job. :)

"Valid. It's a way to sell additional maintenance and generate new revenue streams. They also get a closer look at your environment so they come back with another "solution"."

I thought so, too. Such a model has potential for the open-hardware trend forming. Sell proprietary software or support FOSS on top of open hardware. A proprietary model with useful enough software can actually make enough money to justify the expense. I could design and fab a new iteration of a multi-core RISC every year with one, enterprise, Oracle deal. :)

"That's what attorneys are for."

The people on the offense have more, better-paid attorneys arguing over laws built for them with lobbyist help in courts, esp East Texas, that rule in their favor 90+% of the time. Having lawyers is not a mitigation that should inspire confidence when Microsoft or Oracle hit you. Just look at Oracle vs Google which is still waging.

"Some cases can be handled by contracts that mandate source code to be available in escrow under these circumstances."

I agree. I've proposed this in the past under proprietary, shared-source models that tried to mix and match the benefits.

"I need to make myself scarce for day or two..."

Ok. Appreciate the review. Good luck on whatever you're doing. :)

WaelMay 9, 2016 1:59 PM

@Nick P,

Ok. Appreciate the review. Good luck on whatever you're doing. :)

Ok - two more posts, counting this one. I can keep doing what I do and simultaneously post here! That thing about men being single-track-minded isn't true.

I just don't like to see too many instances of my name. And that's especially true when I post something, and my name is stuck on the top page for a few hours. Makes me cringe, thinking, what have I done now? I'll need my freakin' sockpuppet again :(

Nick PMay 9, 2016 2:17 PM

@ All

Funny thing that I just had to re-open my FB account because someone in Frankfurt Germany was trying to access it on a Samsung Galaxy 6. I've previously said how little security I use being a target of interest in a police state that destroys opponents reflexively. That's how lame that attacker was for not getting into my least defended service used on a box with almost no security. Lmao.

Or they did get into the box, stole the credential, and just got flagged trying to use it remotely. I'll give them benefit of the doubt. Maybe not totally lame. :)

CuriousMay 9, 2016 3:57 PM

"ACLU Files FTC Complaint Over Android Smartphone Security"
https://www.aclu.org/blog/aclu-files-ftc-complaint-over-android-smartphone-security

"In a 16-page complaint filed with the FTC, we argue that the major wireless carriers have engaged in “unfair and deceptive business practices” by failing to warn their customers about known, unpatched security flaws in the mobile devices sold by the companies."

The article has a link to their legal document explaining the issues.

1 million monkeysMay 9, 2016 5:08 PM

ICIJ makes available a searchable database for the Panama papers
https://offshoreleaks.icij.org

"Find out who’s behind almost 320,000 offshore companies and trusts from the Panama Papers and the Offshore Leaks investigations"

Miguel SanchezMay 9, 2016 6:35 PM

@Figureitout

You can also run Kali on there. Or on your Android. I have had to work through a lot of compile and dependancy problems using Rasbian. But, ultimately, been worth it, because of overall OS compatibility issues.

Getting multi-terrabyte storage is worth the investment. Otherwise, you may miss critical data. Usually, these projects are looking for needles in the haystack.

Who knows what systems are reporting back home, and who knows how, and who knows what they are reporting.

People are lucky sometimes researchers just stumble onto stuff. But the range of products phoning home is not even anything anyone keeps a full list on. Especially tying in products from anti-regulated countries, like China.

@Nick P

Someone signed me up for an email account that fwds to my box. They also started a FB account. Usually the feed I see coming through puts me as a conservative Britain.

One time I had an exact doppleganger of a co-worker send me his driver's license. Different name, different part of the country, different job. Slightly different facial hair.

Checked the headers, sent from a valid work account at a major US company.

Was not crazy, my wife agreed.

I did not respond. But that is going really far to try and get someone to engage someone who likely has some axe to grind with you.

I visited his linkedin, he visited mine. Done with.

Kind of creepy...

In my case, very likely someone outside the country, rather then within.

(Very different political views then what you must have.)


KittenHedMay 9, 2016 6:59 PM

Comey, "Yeah, we've currently ID'd at least 500million people's cats used as their face on FB. If you lose your cat, call us."

Dirk PraetMay 9, 2016 7:15 PM

@ ianf

More than that, however, the quite long (13 min read) essay amounts to a MASSIVE INDICTMENT of the unprofessionalism and other systemic ills ailing the Belgian police, dysfunctional state and security apparatus(es).

I'm afraid I have to fully concur with @thegrugq's analysis and I actually sent the link to the chairman of the current parliamentary commission investigating the Brussels attacks. It is however too easy to blame under-resourced police and IC. The real culprits here are politicians who for way too long didn't take threat reports serious and a state model where authorities and responsibilities are so spread over six(*) different levels of completely politicised institutions that it is almost impossible to adequately deal with any issue. Already on the 1st working day of previously mentioned parliamentary commission, two actual security experts pulled out immediately after a vicious and completely uncalled for attack by a known braindead socialist politician questioning their impartiality.

(*) In Belgium - a very small country of only 11,787 square miles - we have SIX different levels of government: local, intercommunal, provincial, regional, federal and European.

ThothMay 10, 2016 5:53 AM

@Nick P
Interestingly, if you were to notice, the topic of this week's Squid we are on is about Firefly Squid and we touched briefly on the Firefly algorithm used by NSA et. al.

@Clive Robinson
I have noticed that most phone apps do not want to handle voice encryption over mobile network lines (GSM) and prefers to do them over Internet-based VOIPs. JackPair voice encryptors are still facing issues with their voice encryption (bad quality). I briefly looked at the GSM specs and noticed that the phone modem would convert the voice data to the GSM protocol and that is one headache that is very hard to control because that means whatever voice encryption you apply, the phone modem would simply chunk your data, compress it and send it along at 13 kbps over GSM.

I wonder if the voice encryption could simply sample and encrypt the exact amount of data to fit into the GSM packet so that the phone modem wouldn't be compressing those data since it's the exact fit or at most you lose some data.

To prevent de-synchronization of cipher engine states, a re-key takes place every second so the most you lose is a second's worth of data that the phone modem might have corrupted.

What is the better approach to encrypt voice traffic using digital algorithms like AES or Salsa ciphers over mobile and normal phone lines with an in-between encryptor ?

Clive RobinsonMay 10, 2016 7:00 AM

@ Thoth,

JackPair voice encryptors are still facing issues with their voice encryption (bad quality).

If you look back to when JackPair was first discussed on this blog, I asked if they had got around this very problem and if so how. I guess they took an over optomistic view as to what they could do, a problem that frequently occurs with "compressed channels and random data".

Most minimal latency voice compressors/digitizers use algorithms based on work originaly done by the NSA and you can look up CELP in text books, and the explanations will make your eyes feel like pealed onions. A quick and more friendly explanation can be found here,

http://www.speex.org/docs/manual/speex-manual/node9.html

Whilst there is some talk about the code book and the NSA "putting the fix in" so far definitive proof of backdooring the CELP algorithm has not been made (public, if it exists). However several people have noticed "oddities" which make them uneasy about it.

However the model the algorithm is based on is the very predictable voice tract, thus it is very poor at dealing with traditional "modem like" signals.

Back last century when GSM was still "blue sky" I was involved with trying to get modems to work with the old analog system and that had sufficient problems that an alternative method was chosen.

The way to get the likes of JackPair to work is simple to describe, but difficult at best to do.

Take the cipher text out of the encryptor and encode it in some way to sound like "A German Man singing with out voiced words". Unfortunatly this alows only a hundred or so bits of data a second... Which is not enough to have sufficient detail for the aural requirments of most humans (it comes out sounding like the end of ELO's "Mr Blue sky" where the vocoded voice asks you to turn over the record).

Thus the GSM channel is very much matched to sending gutteral voices with minimum data and by fooling the brain, rather than actualy preserving any measure of reproducability needed to send random data...

It's why if you want to do voice encryption, all the compression should be done before any randomisation via encryption, after just will not work without data expansion first...

ThothMay 10, 2016 7:49 AM

@CLive Robinson

"It's why if you want to do voice encryption, all the compression should be done before any randomisation via encryption, after just will not work without data expansion first..."

Does that mean the user needs access to the phone modem's compression output to be routed to a stream cipher engine to be encrypted before re-routing the encrypted and compressed data back to the phone modem for signaling ?

Clive RobinsonMay 10, 2016 11:53 AM

@ Thoth,

Does that mean the user needs access to the phone modem's compression output to be routed to a stream cipher engine to be encrypted before re-routing the encrypted and compressed data back to the phone modem for signaling ?

Long answer short "Yes".

@Nick P, might want to chime in here but it's the way I've seen it done on a number of phones, usually through a crypto smart card of some kind. The difference is that to ensure it works across networks which may have the same "analogue channel" problem, they ensure they stay in the D-Channel not the B-Channel, where random data is fine.

Nick PMay 10, 2016 12:55 PM

@ Clive Robinson

Ties into my articles on Ada and mock-ups, too. You'd think the Japs would've learned from all of America's expensive failures. There's a reason we go all out on our control-system code with more verification tools than most could name. Like with ASIC's & Intel CPU's, the failure cost is so ridiculous that an extra few million on engineers and tooling to stop failure is suddenly reasonable. Maybe they need to outsource the software part to American, Britain, or France. They can still call it Japanese since they own the now-working code. ;)

@ Thoth

re Firefly

Didn't notice. Kind of funny.

re Beaglebone-on-a-chip

That's pretty cool. I thought about doing something like that myself. Yet, all that good data in the datasheet still doesn't tell me what node they did that on. That it's a 1GHz CPU w/ standard cell and shitload of components means it has to be deep, sub-micron. Definitely can't be inspected by eye. Still might be good for hobbyists and operations where security isn't important.

Still need to do a RISC-V version of that so ARM Ltd can't touch it.

@ Thoth, Clive

re JackPair and GSM voice

I already posted links to systems that pulled it off. They can be found with "GSM" "voice" "channel" "encryption" with Google. I'm not sure if they'll fit into the existing hardware of the JackPair. Yet, there's established ways of doing this. Let me see if I can look them up for you guys again. (searching)

Alright, here they are:

Real-time, end-to-end, secure, voice communications over GSM by Katugampala et al

Securing speech in GSM networks using DES with random permutation and inversion algorithm by Merit and Quamri

Secure voice communication with GSM network [via FPGA] by Ozkan et al

Synchronization system fo rcrypto initialization over GSM voice channel ny Yaakob

Dirk PraetMay 10, 2016 6:02 PM

@ Nick P

Securing speech in GSM networks using DES with random permutation and inversion algorithm by Merit and Quamri

DES? Que? Why not AES or at least 3DES?

Nick PMay 10, 2016 6:07 PM

@ Dirk

Who knows haha. This was in the paper, though: "The algorithm presented in this paper is made by the DES algorithm, but it can be done also by other encryption methods such as: RSA, RC4 and AES."

FigureitoutMay 10, 2016 10:08 PM

Miguel Sanchez
--Did you do it w/ 2.8in screen? I had issues w/ both the latest 2.1.2 image and I searched out the older 1.1 image, the 2.1.2 would at least turn screen black but nothing else, the 1.1 was dead completely. I noticed that writing the image to the SD card created a separate 64MB boot partition during the writing...odd. If I wanted an infected image I'd implement that functionality...I tried putting all those files back in a boot folder that was empty in main partition but still nothing...

I would say I need to start building my own images but not sure how much that'd help...

And I'm not going to search thru terrabytes of data, but it'd be nice to display the packets flowing thru the network at any time on a separate device. If it was my network, my secure one would be offline most the time lol (unplugged).

Thoth
--Someone mentioned potential thermal issues but I think that'll be fine. Maybe eventually it'll be a literal system on chip, just one chip and traces on a board w/ connectors lol.

Clive RobinsonMay 10, 2016 11:13 PM

@ Figureitout,

I had a quick look at your photos:-)

The thing is --and please don't take this the wrong way-- they reminded me of the acient joke of the typist who on first using a computer put "corrector fluid" on the screen ;-)

Any way as a coincidence your photo's have reminded me I need to get a couple of those new BBC boards to have a play with and rate them against the Raspberry Pi.

Oh question for you, has the Intel take over of a certain well known chip manufacturer changed your thinking on which chips to use or not?

FigureitoutMay 10, 2016 11:53 PM

Clive Robinson
--Yeah it sucks blocking info out and it looks cooler in person but I gotta protect my neighbors somewhat (I left some of the numbers you can probably make out, the MAC addresses, but it looks cool) too b/c they probably don't want that posted, I really don't care about this current network b/c my family won't let me secure the network somewhat and make fun of me when I try to do basic OPSEC for them. Something along the lines of "hack me bro! C'mon hack me now!". So I just keep devices/routers ready for when I can get the hell out lol, I'm counting the days...

Anyway you should try that once and awhile eh? For some of your setups, I want to see them w/ my eyes. Take a pic w/ your "spent mobile", copy it to a throwaway PC, do whatever editing there, screen shot it, save it to throwaway USB, transfer back to your mobile or another system you can sanitize, do another screen shot, then post via the free imaging sites (I got an imgur account now, I had issues w/ these free sites dropping my pictures for school sites lol). That's the simple method and it should be good enough...

I'm not sure what you mean BBC boards (the british news site made boards, what the hell?! :p), unless you mean beaglebone.

What chip manufacturer, Altera? I think I still need to learn how to use backdoored chips just for job opportunities; sometimes I'm not sure if our choices are dwindling or thriving. I'm looking strongly into PIC chips for my next work project which should make you happy :p

I've never used Intel chips in a dev environment, most (my fujitsu laptop has AMD chip, and I really like that laptop besides I know it got infected w/ something really bad) my PC's are Intel. So finally something like the RasPi has broke thru and has active updating, where you could do your building on to get off Intel. But I wonder where firmware was flashed for those chips at their factories, if Intel is "inside" them too.

Also a lot of chips use the intel .hex format for firmware...I know some AVR chips do, some NXP chips do, probably others. The issue remains unsolved for me, but I can't afford to keep being so paranoid about it I just don't use it at all. It just remains unsolved so it's annoying as hell. I have to for money, and it's still fun using them even though deep down I can't trust them and it's disturbing when your PC could get so infected that you literally have to throw it out to get rid of the infection...

Clive RobinsonMay 11, 2016 2:48 AM

@ Figureitout,


I'm not sure what you mean BBC boards (the british news site made boards, what the hell?! :p)

Yup that broadcaster, that used to bring the world "Jerrmy Clarkson and Top Gear" and other productions including Hitchikers... Well it has an educational component in it's charter, and two or three generations ago it gave as small company called Acorn Research Machines the contract to build a home computer. It became quite famous at the time, well part of it was a handfull of custom chips that added a lot of potential to the 6502 processor, and was in many ways superior to the Apple ][. Few remain, I've got the guts of a couple in the garage some where, but Acorn went on to develop other computers and developed their own RISC CPU and OS for the price they were a lot of computing power, but unfortunatly at a time when Billy Boy was buying up politicians it did not get the push it needed from the UK Gov. So Acorn split it's self up and tried various things. One of which was selling the RISC CPU design to chip makers, it's kind of become moderatly successful and you've probavly got a few ARM processors around you right now.

So the BBC has in effect gone back to Acorn for this new educational home computer. Which is a little SBC. Called the BBC micro:bit it is a credit card sized ARM card, that has --supposadly-- been given free to all year seven students in the UK.

http://www.pcadvisor.co.uk/new-product/pc-components/what-is-bbc-microbit-year7-3619250/

They run of ~3V so a couple of AAA upwards to D cells, with both a USB and bluetooth interface, and can supposadly run both a full Python interpreter or C++ compiler and a few other bits via a web interface.

David HarmonMay 11, 2016 8:46 AM

So, a question for the squidly master and/or masses: What is *currently* a credible/effective ZIP password cracker? I do understand the basic limits of such programs, I'm just trying to avoid getting scammed or paying for something obsolete.

Miguel SanchezMay 11, 2016 11:06 AM

@Figureitout

I have a seven inch.

I noticed that writing the image to the SD card created a separate 64MB boot partition during the writing...odd. If I wanted an infected image I'd implement that functionality...I tried putting all those files back in a boot folder that was empty in main partition but still nothing...

There is a specific bootloader pis require. Regardless of OS. I may be wrong.

It is normal for boot related files to be hidden. That is not an indicator of compromise.

I would say I need to start building my own images but not sure how much that'd help...

There are a lot of officially accepted and not officially accepted builds you can play with.

I do encourage you search around, and figure out how to relieve your suspicions. It is good to explore, in general, for learning. And if that is motivated by suspicious curiosity, or just fun curiousity? Whatever works.

And I'm not going to search thru terrabytes of data, but it'd be nice to display the packets flowing thru the network at any time on a separate device. If it was my network, my secure one would be offline most the time lol (unplugged).

I will take this to mean you are using this on an authorized network.

Problem with testing on a home network these days is the massive bandwidth used by your typical family via television and video games.

Problem with that is that very fat bandwidth is excellent for hiding side data. Hard to get much of a message hidden in a gif file. You can hide Moby Dick in a movie, though.

I strongly doubt anyone is doing this for exfiltrating data, at this time.

If you are, say, an unauthorized foreign spy from "Antarctica", you certainly have every reason to be extra cautious. Otherwise, what is the potential loss, and who are the potential threat.


ianfMay 11, 2016 12:29 PM


@ Clive re: thegrugq's Belgian police synthesis: “The problem with the observation of 'the police were lax / under resourced / etc." is the implication of "sufficiency".” (Cc: Dirk Praet)

As a life-long practitioner of there always being n+1 sides to any argument–argument, you're well aware that one can generalize any analysis into oblivion. Else, if sounded off by someone whose past/other conclusions we—or I—trust, we can accept it as more or less correct opinion, and proceed to learn from there. Attempting to weight in philosophish reasons why won't lead us any closer to an insight.


@ Dirk Praet “The real culprits here are politicians who for way too long didn't take threat reports serious and a state model where authorities and responsibilities are so spread over six different levels of completely politicised institutions that it is almost impossible to adequately deal with any issue.

Not knowing much about Belgium's past nor present, I'm not sure how relevant it could be, but when Libya started being called a "failed state" (2012?), I recall some TV talking head bringing up Belgium in that context by way of a metaphor (not the armed gangs rule, but the default inability to function as a coherent-vision power). It was overblown, but then there's this dearth of apt similes to describe certain situations. Still, given seats of both the NATO and half the EU there (and more multinationals' besides), there must be something in Belgium that's appealing to all camps—as long as also the criminals stick to their side of the bargain, piecemeal roadside stick-ups and the like.

    This atmosphere of utter permissibility also has led to the various policing forces (there and elsewhere) washing off their hands of politically unpopular tasks such as actual preventive surveillance and policing among those segments of society that see all police as intrusion, and as a rule never cooperate with Law & Order even post catastrophic events. Which begs the question why—if they want to live in a lawless society—can they not do just that in countries where their rôle models and/or forebears came from.

The larger wisdom that can be drawn from such chaotic liberal city-states as Bruxelles, is that their hardcore-democratic concept has failed where policing parts of population is concerned, and that this will require some fundamental changes (of type: hitherto impossible to legislate and deploy). And I'm not only talking about Belgium either.

BTW. thegrugq has by now analyzed the overall style of security consciousness within ISIS‍.‍eu (OPSECSTYLE?). His conclusion is: no overt use of encryption; frequent changes and discharge of burner phones which prevents state listeners from keeping pace; in short: "2003 vintage drug dealer tradecraft writ large."

https://medium.com/@thegrugq/notes-on-isis-european-style-42ef5b617a6

ianfMay 11, 2016 1:41 PM


@ Clive, Figureitout

when micro:bit, latest BBC-as-public-computer-educator effort was announced 1 year ago, I checked the specifications of that promised hardware & software, and concluded that it'll be of little interest outside the classroom. It simply isn't powerful, nor flexible enough to be of use without lots of extra hardware.

http://www.bbc.co.uk/mediacentre/mediapacks/microbit/specs

But that's OK, as it's been designed to awaken potential programmers and budding Texas-bomb-clock-level experimenters from school-induced slumber. I expect it will be quite successful as (say) handheld console game control, or other "end products" at similar complexity levels. But as a platform for even semi-serious prototyping and field duty, #fuggedaboutit.

Given my own HW/SW (and never very advanced) experimenting way back in the past, I may not be the most trustworthy source of opinion on those matters, but I can still detect electronic bric-a-bracage when I stumble across such. And then especially when I noted the extensive number of Partners (sounds more like Sponsors) required for the combo to work, which probably accounted for it being well behind schedule (just the cross-licenses and NDAs required must've been mind-boggling!)

https://en.m.wikipedia.org/wiki/Micro_Bit#Partnerships

Lastly, whether it could be of use as an alternative to Raspberry Pi/ equivalent/, or not, I don't think it will become available for outside purchase anytime anywhere soon (if ever). Thus, short of express-compress conceiving and bringing up a kid to seventh grade (Clive might have the know-how for all I know), I wouldn't harbour much hope for unsupervised play with it.

Gratitious micro:bit Pinup picture

Dirk PraetMay 11, 2016 8:20 PM

@ ianf

Still, given seats of both the NATO and half the EU there (and more multinationals' besides), there must be something in Belgium that's appealing to all camps

Belgium, as a small country in the heart of Europe and founding member of the original Benelux economic union, was an acceptable choice for all parties involved both for NATO and EU institutions. That was a purely political thing. Many multinationals were subsequently drawn over here as to establish a presence in the European capital and with very favorable fiscal regimes.

... Which begs the question why—if they want to live in a lawless society—can they not do just that in countries where their rôle models and/or forebears came from.

The short answer to that is that folks like the Paris-Brussels attackers would never get away with all of their sh*t in the countries their forebears came from. The rise of parallel societies like Molenbeek is not just the result of decades of failed integration policies by the host country, but also a story of complete failure to properly integrate into mainstream society on behalf of significant numbers of immigrants with a very specific ethnicity, more in particular those of North African descent. And which is also reflected in crime statistics.

Nick PMay 11, 2016 9:26 PM

@ Clive, Wael, Figureitout

Still digging up analog stuff for obfuscation properties but also cheap nodes that are visually inspectable have little transistors. Analog implementations, where available, are faster, cheaper, and lower watts. I keep my eye out on what critical stuff I can find with analog implementation. Clive's reality check on analog RSA or ECC didn't stop me long: back knee deep in Google a few minutes ago. And I hit some fucking pay dirt:

Simple Secrecy - Analog Stream Cipher for Secure, Voice Communication (2015)

BOOM! That's looking good although I'll need to see Clive's take. It's well-presented. Almost all papers are an analog scrambler with no real security or a secure, digital crypto. This very interesting hybrid uses SHA-2 + Fortuna in presumably digital to create re-producible (for 2 parties) stream of random data that's fed into analog circuits that act as a stream cipher directly on analog voice. Avoids need for ADC, DAC, or DSP's. Further, I could see this easily implemented on 350-500nm nodes for a secure telephone given it's tiny analog, one CRNG synthesized (or MCU core), and simple components for I/O. An 8-bitter could probably handle the control and crypto part. Maybe ditch Fortuna for ISAAC or something, too.

One doc I found shows AES can fit in a MCU that costs under $1. Quick math on their numbers shows throughput at 17.129kbps at 2MHz clock rate. I can't recall analog transmission rate but 8MHz puts AES-based CRNG at well above 56k in digital. A modern, soft-core that clones that 8-bitter with 4x clock rate takes only 7,000 gates per datasheet. Smallest, dedicated AES core I've seen was 3,000 gates on 180nm by comparison. Need MCU for key entry and control, though, so that's good numbers. Add analog and we're well under 10,000 gate equivalent for visually-inspectable, voice crypto with tiny, per-unit price.

Thoughts?

Note: I can't find shit I'm looking for outside this paper when Googling this topic. But I keep finding extras accidentally like this paper with a boring title. ;)

WaelMay 11, 2016 9:57 PM

@Nick P,

Unlike digital encryption, analog encryption isn't typically "general purpose"; it's domain-specific. Check analog Video encryption (or scrambling) list here. This paper talks about some analog voice scrambling techniques. If you search for analog scrambling, you'll get more references.

These analog techniques would be equivalent to a shared key in the digital world, except the secret isn't a a key, but some kind of analog transformation. Would be immune to QC, if that's where you're going :)

I took a glance at the paper you linked... Not sure it's what you want.

FigureitoutMay 11, 2016 10:10 PM

Clive Robinson
--ARM? What the hell is that? :p But yeah those specs didn't uh, do much for me, not sure what would draw you to them. The Pi will win that battle hands down lol. It's smarter to settle on less boards, and have way more software options, that's why the Pi and Arduino rule today and will continue to. Before long, you have tens to hundreds of useful projects you couldn't do by yourself that now take 2 seconds to put together. Not sure how long a couple AAA's will last too, you have to use sleep mode if you don't want to be running thru batteries. And a web interface like a web IDE or something like that, ugh I hope they don't force that on them, those generally suck and now you need web access to program...And if the site isn't maintained it looks like a web shanty town w/in a year or 2.

ianf
--Yeah not sure what this board has over just about any newer dev board that'd be way more fun/interesting and better support (like one w/ LCD screen at least, why'd they leave that out? Kids want a screen, heck everyone does). Unless you want experience building boards and project management b/w a bunch of huge vendors, not sure the point, but meh maybe this board will inspire creativity in kids lol (b/c they're like "goddamn these specs suck, this board looks it should have a pacifier attached, and I want more power" lol). Pi zero would've been my choice but hey, education administrators are known for their good choices and humble wages for the children eh?

Miguel Sanchez
I have a seven inch
--We still talking about screens right? :p Have a newer Pi? Mine's a few years old. That's the only other thing this could be.

Didn't think it was an indicator of compromise, just found it odd/slightly interesting, the code that creates a partition when written to a memory device.

I don't know much about broadcom chips (no firmware experience) nor the real boot sequence of the Pi.

And you can see how long I spent on it, moved on to an image I know works within 2 hours and honestly, it's turned out just fine, better actually, I don't need the GUI for this thing. Not my job too, I don't have to solve the issue :p

Yep on "my" network of course, I wouldn't be saying it otherwise. Don't mess w/ my neighbor's networks either.

Funny you say this, I've changed course again and now running tcpdump. It's perfect, exactly what I want, if it doesn't lock up the Pi I'm sticking w/ this. According to the man page it should keep sniffing packets until an interrupt and it doesn't specify, but just overwrite some small buffer so it's not saving it to the SD card and will kill it. Testing it now, this is perfect, just what I wanted. Oh man, there's some packet spews where it's going crazy and I caught "xbox" lol. All kinds of stuff I've seen already. Seeing our Apple devices not being used reach out to Apple servers presumably.

The wavemon, there must be a memory leak or something, it locks up the Pi after a few hours, and I left my Pi on all day on just the console, connected to internet, didn't lock up.

Anyway highly recommend doing this guys for a cheap packet sniffer running all the time on your network, neat device. Just tcpdump on a Pi, w/ a TFT screen. Takes about a day or a few hours to setup.

Nick PMay 11, 2016 10:39 PM

@ Wael

That's an interesting list. Thanks for it. Funny thing is I included a video remark in original comment but edited it out thinking it might be overkill. Good to be reminded it might not be. :) It would be nice if it showed which were broken. Orion was interesting. The thing is, the paper on audio you link to is *nothing* like the one I'm linking to. They're just scramblers, not encryption. That those are so easy to break is one of reasons for move to digital encryption. My link implements encryption with analog means supplied by a digital generator for keystream.

"I took a glance at the paper you linked... Not sure it's what you want."

Can you be more specific? The digital part is already proven. So, it's just a question of whether the analog part that applies keystream directly is what it appears to be.

"These analog techniques would be equivalent to a shared key in the digital world"
" except the secret isn't a a key"

You're getting warmer. The paper describes a shared key that's entered into the CRNG. The CRNG + analog component then operate as a stream cipher on raw voice.

"Would be immune to QC, if that's where you're going :)"

True. For other research, though. You know I simulataneously look into dozens of things. This has overlap in a few: (a) interesting uses of analog, (b) cost-efficient crypto, and especially (c) inspectable crypto products. I thought Figureitout would also like (c) potential given it's so tiny a product on it could almost be handwired. Past that, I have no mental commitment to it. Just worth looking at.

WaelMay 11, 2016 11:22 PM

@Nick P,

You're getting warmer.

The problem with analog implementations is its still "obscurity", in a way. There is, as far as I know, no concept of PKI-like pure analog constructs. No non-repudiation, private/public keys, "key" exchange mechanisms, or even the concept of robust updating mechanisms, because that will need HW changes, unless you're using something like an FPGA. Still, ex having new circuits needs a secure channel...

I think analog is cool, but for certain areas. You're trying to win by changing the rules of the game. If you remember, I looked at analog in the past to infer some "built-in" channel properties to use as some sort of a keyless weak authentication, or detection of rogues. I haven't progressed much (lack of time, dwindling interest, other things that come up, and these days I'm somewhat more interested in space and astrophysics ...)

Perhaps if you clearly state what you're trying to solve, we can get a lot "warmer"!

Can you be more specific?

Had the impression you're in search of a pure analog encryption solution, and the paper was an analog-digital hybrid.

Miguel SanchezMay 11, 2016 11:56 PM

@Figureitout

Didn't think it was an indicator of compromise, just found it odd/slightly interesting, the code that creates a partition when written to a memory device.

I do not recall why they do that, but did have to dig around a number of times in the boot code for quite a number of fixes.

One of those sorts of jobs I like to forget about once I am finished with it.

I don't know much about broadcom chips (no firmware experience) nor the real boot sequence of the Pi.

I know enough to know any could have backdoors from the vendor in it. As do you, I am sure. But, I think that would make the attacker suffer quite a bit more then the ordinary user.

Usually that kind of backdoor, though, would be inactive unless used.

A lot of Android devices were found to have "accidentally" a backdoor in them, from China. Was it an accident or not? I think to prove otherwise you would have to find some vendors actually using it for exploitation. (And, sadly, even that would be very plausibly deniable.)

Yep on "my" network of course, I wouldn't be saying it otherwise. Don't mess w/ my neighbor's networks either.

Sorry, I was being intentionally goofy.

Oh man, there's some packet spews where it's going crazy and I caught "xbox" lol. All kinds of stuff I've seen already.

Probably most of the really interesting stuff would be in protocols other then TCP.

I am sure there really are all sorts of things being sent out of people's networks which they would prefer not being sent out.

Thing is, sorting through all of that data.

Mostly, probably over reaching applications improperly accessing and using your PII. And, what? They probably wouldn't even bother to encrypt it.

Unknown encrypted streams, I would find interesting, however. Anything you can not figure out, "what is this".

The wavemon, there must be a memory leak or something, it locks up the Pi after a few hours, and I left my Pi on all day on just the console, connected to internet, didn't lock up.

I have actually never heard of wavemon, or can not recall it. Will check it out.

I have generally used airmon-ng and related tools, and a LOT of wireshark.

But, beyond getting attacks to run on my network as proof of concept and for self-education, I really am lacking getting the multi-terrabyte hds.

Not much of a privacy enthusiast, though, more just interested in exploring the unseen world going on about us, and sometimes finding or writing something interesting.

It would be interesting, however, to grep through really fat logs from average home networks to look for your own PII, encrypted streams that are unexplainable, and other oddities.

Fishing is always one of the more engaging sports.

Metaphorically, looking for that cloud leopard or monster fish. ;-)


ThothMay 12, 2016 1:52 AM

@Figureitout
re: Family anti-OPSEC

"my family won't let me secure the network somewhat and make fun of me when I try to do basic OPSEC"

Same here. Don't do OPSEC on the router. Route the data from the family router to a router you control and then harden it.

re:Hack me bro taunting
I have heard that a lot from friends and family but I want to keep my records clean because that is crucial in this security industry. They will try to use counter arguements of hackers employed but if you want a stable rice bowl in society, keep clean or else that stomach of yours won't ever feel full. This is more important than reaction to meaningless taunting from them.

re:Beaglebone-on-a-Chip
Thermals would definitely be an issue. Slap it thick with thermal coolant gel and add a nice heat sink and large fan. It is kind of nifty to lean down a PCB board with an almost all capable SOC chip like that. By the way most of our smartphones already integrate powerful ARM chips capable of a ton of features and most phone teardowns usually show a rather lean PCB sprinkled with only a handful of blackbox chips these days. Even China made phones are catching up on the trend of being lean and slim that were once rare and expensive toys.

Always keep your stomach about 70% full so you never need to go hungry. It is good to learn as much skills as possible especially the knowledge of RISC-V open source chips to closed sourced NDA packed NXP or Infineon secure chips.

Clive RobinsonMay 12, 2016 5:02 AM

@ Nick P, and other usual suspects,

th regards the paper,

https://www.utdallas.edu/~yiorgos.makris/papers/itc15a.pdf

It's a description of a limited form of the "signiture analysis" I've used in the Prison model.

As I've said several times, a CPU can not check it's self or anything beneath it in the computing stack (the 1930's math prior to Turing/Church put's that out of doubt). What is needed is another "monitor" that checks the physical signitures of the computation. To avoid the "Turing compleate issue" I went for a fully defined state machine as an instrument head (trusty) that reported back to the hypervisor (officer) that in turn reprorted back to the security node (warden). I mentiond several types of signiture could be checked and verified, amongst them time etc, I also pointed out that if the execution of code was built on secure tasklets they would have known signitures etc. Thus using a scripting language based on the tasklets, took the lower level securiry issues off of programers, who for various reasons were unlikely to produce secure code, and placed it in the hands of the very few programers that can code securely at those lower layers. I also noted that such a tasklet scripting system would improve coder productivity as well as a way to provide automatic program correctness at the lower levels.

As for the "analogue stream cipher" I need to go further through what is a not very readable thesis. I'll note that I'm suspicious of it from the outset. But importantly you still have the "compresed channel" issue when you put any audio into a GSM system or for that matter most digital transmission systems which predominate these days.

Clive RobinsonMay 12, 2016 6:02 AM

@ Figureitout,

But yeah those specs didn't uh, do much for me, not sure what would draw you to them.

They don't do much for me either as a computing platform. But there will be a million or so floating around "dirt cheap" and they can be used as "sensors / drivers" etc in the likes of Lego / technics / Mechano / etc construction kits.

I recon they are good for quite a few magazine articles etc, as well as pushing sales of other bits and bobs.

They will with little doubt become a feature in the UK "Maker Culture", so whilst they are low spec their price point / availability makes up for that for the next couple of years, by which time the kids should be "migrated" to bigger and better, which probably won't be anything currently in the market.

Clive RobinsonMay 12, 2016 6:28 AM

@ Nick P, Wael,

They're just scramblers, not encryption.

Err when it comes to stream ciphers they are the same thing.

The XOR function is the equivalent of a double balanced mixer. It's why they are used in Direct Sequence Spread Spectrum systems. Likewise the D-Type latch works as a down converting mixer. Both also act as Phase Detectors in demodulators.

If you think about how an adder works, the LSB is just an XOR gate, and if you perform the addittion in a complenentable field it also acts as a subtractor as well (see 2's Complement).

The problem with analog stream encryption is it works in several domains at the same time (amplitude, phase, frequency, time) and also suffers from sampling and windowing issues. You see this with audio compressors / limiters, as you reduce the amplitude the energy shifts from tha amplitude domain into the phase, frequency and time domains. If you try to correct for it in those domains the energy ends up back in the amplitude domain. From a side channel perspective this is a real issue.

There are a whole bunch of other bandwidth / rise time issues, for instance the frequency spectrum of a step input (which is what the digital code edges would be) have an infinite frequency response. Trying to bandwidth limit this causes all sirts of issues in the passband that are difficult at best to deal with, thus you need not just tailored window functions you also need tailored band pass filtering at either end of the channel (often raised cosine) which provides noticeably different channel charecteristics than end to end charecteristics.

I could go on at length but most peoples eyes will have glazed over by now.

Clive RobinsonMay 12, 2016 7:46 AM

@ Miguel Sanchez, the usuall suspects,

A lot of Android devices were found to have "accidentally" a backdoor in them, from China.

Most hardware from China is destinctly suspect, you possibly remember the Lenovo debacle a little whike ago, where they used a nasty little "left over" from the ROM extension days Microsoft had updated to keep loading advert malware onto the Windows machine. It could just as easily been other nasties...

Well as you are probably aware Chine has a veritable tsunami of investment cash it wants to "stratigicaly by up IP with". The US has quite sensibly rejected on National Security Grounds. Well that money has to go somewhere and currently the UK appears to be whoring for it via the UK Chancellor Gidiot "white lines" Osbourn. There appears to be nothing that Gidiot will not sell to them, such as strategic nuclear power generation --giving China the "Big Off" switch option-- or how about the UK core telecoms infrastructure via the switches and routers used to carry not just data but all phone calls...

But it gets worse they are now trying to buy up a company you have probably not heard of "Imagination Technologies" ( https://imgtec.com ). Two product ranges stand out immediately OmbiShield and Ensigma both are stratigic security that we realy do not need back doors in. But there is a third range that is perhaps more subtly risky, it's the GPU range of products that end up in phone, pad and similar technology. By default, these sit between you and the end of any security chain that you care to put on such computing platforms. That is the display hardware gets to see what you see, which means in most cases it sees "Plaintext" of any ciphertext etc... A backdoor in this technology, is without doubt the very essence of an "end run around the security end point"...

Even if the Chinese do not "backdoor" the technology they will get the IP and nodoubt will gut the 1700 UK jobs and use various tricks to get a "brain drain" into Beijing.

This should be ringing major alarm bells in the US both Intel and Apple have a large dependency on Imagination Technologies, and hold significant share holdings, but not enough to prevent a take over by China.

THe question is not what the UK Government will do (we know Gidiot will be actively promoting the take over). But what the US Gov may try to do. The reason much of the comoanies IP is used in what the US Gov regards as "Stratigic Technology" which is a National Security issue for them. It will be interesting to see if the USG "Committee on Foreign Investment in the US" can out a spoke in the wheel of the deal or not. Unfortunatly the Chinese have picked a time where DC is more inwards focused as it's the end of a Presidential cycle.

For those reading, dropping a note to your Congress Critter alerting them to this potential backdoor into US Tech might act as a wake up call...

WaelMay 12, 2016 9:25 AM

@Clive Robinson, @Nick P,

I could go on at length but most peoples eyes will have glazed over by now.

My eyes started glazing here:

and also suffers from sampling and windowing issues.

I don't see where "sampling" fits in a pure analog system.

Nick PMay 12, 2016 10:04 AM

re analog stuff

@ Wael

"There is, as far as I know, no concept of PKI-like pure analog constructs. "

No. Clive already described why in a previous post. It will take some clever shit to come up with that. This construct is simpler.

"You're trying to win by changing the rules of the game."

Fucking exactly! :)

"or detection of rogues. "

Actually a few papers out there on doing that. It can be done.

"Had the impression you're in search of a pure analog encryption solution, and the paper was an analog-digital hybrid."

Pure analog encryption is one interest. The paper is a hybrid. I'd classify this one's potential under "COMSEC ASIC inspectable for hardware trojans."

@ Clive

"Err when it comes to stream ciphers they are the same thing."

Nah, they're not if we go by common definition. The reason nobody uses analog scamblers is that they don't work. They're typically just modifying the analog signal in ways we'd call obfuscation. Encryption, on other hand, applies an algorithm to transform it in an unrecoverable way. This design is mixed-signal encryption because it uses an encryption algorithm to determine how analog signal will be modified.

"The XOR function is the equivalent of a double balanced mixer. "

"If you think about how an adder works, the LSB is just an XOR gate, and if you perform the addittion in a complenentable field it also acts as a subtractor as well (see 2's Complement)."

Useful to know as I keep an eye out for crypto-worthy analog.

"The problem with analog stream encryption is it works in several domains at the same time (amplitude, phase, frequency, time) and also suffers from sampling and windowing issues. "

I'm following on the domains. I don't get sampling as I thought that only happened when digital systems used analog through an ADC. By windowing, do you mean precision or something else?

"You see this with audio compressors / limiters, as you reduce the amplitude the energy shifts from tha amplitude domain into the phase, frequency and time domains. If you try to correct for it in those domains the energy ends up back in the amplitude domain. "

Can't you split the energy somehow with the domain you need moving toward the outgoing comms wire and the rest going somewhere else that gets garbled or masked? Or stored in a fucking battery or something? Lol.

"for instance the frequency spectrum of a step input (which is what the digital code edges would be) have an infinite frequency response."

You have a habit of using phrases without defining them. :P These conversations are mostly for analog engineers or students I eventually pass them onto. Yet, I wonder if they would know what you mean by frequency spectrum of a step has infinite requency response. Especially the latter.

"you also need tailored band pass filtering at either end of the channel (often raised cosine) which provides noticeably different channel charecteristics than end to end charecteristics."

Ok, I figured on the filtering. Cosine. Got it. Different than end to end? I'm sending a signal down a wire. They receive it on their end. What's the bandpass filtering do to prevent that from happening? Or are you saying it would interfere with cryptographic stuff I did?

"I could go on at length but most peoples eyes will have glazed over by now."

It was more like a certain amount of confusion. Yet, I've experienced that for a whole year of hardware research studying shit I have no clue about while learning enough to make progress on various objectives. I mean, I can't do a counter in Verilog but have several methodologies for secure ASIC's that should cover it. :) So, thanks for tips as usual.

Clive RobinsonMay 12, 2016 2:14 PM

@ Nick P,

Different than end to end? I'm sending a signal down a wire. They receive it on their end. What's the bandpass filtering do to prevent that from happening?

As far as signals are concerned there is no such thing as "a wire" they are the equivalent of a myriad of series inductors and capacitors between the active conductors and ground, free space etc. Which means they have charecteristic impedences and bandwidths that decrease with distance. Also leakage / radiation, cross talk and a whole slew of other effects like phase shifting, time delay, transmision return loss (also called VSWR in some circles).

Thus to get an analogue signal down a worthwhile length of cable you have to provide a matching network which also frequently needs "libe loading" which distorts the charectistics of the signal to partialy match line effects (see stuff on victorian telegraphs and early phones.

So if your cable has a 600ohm charectistic impedence, and a roll off of around -16db (1/40th) at 10MHz every 100 meters... What do you expect to see in terms of a frequency response / loss at a modest 300meters? How about 25miles / 40Km which is about the average length of cable for a call on a POTS line back in the 1960's. Oh and what about the phase shift?

What you want to see at the end points is a flat frequency response not a noticeable roll of in the audio passband from 0.3-3.5Khz or phase shift. This requires peaking filters and allpass filters for the encryption/scrambler that are adjustable for the line length. The allpass is not required for normal speech because the human ear is phase insensitive, and due to it's logrithmic response to amplitude not overly sensitive to the roll off except on long lines.

FigureitoutMay 12, 2016 3:24 PM

Nick P RE: analog stream cipher
--First off what's up w/ the text, it's not just me is it? Mix of bold and not bold characters thru out, kind of annoying lol.

But anyway, interesting. So you need to seed each side w/ the same seed, and the CSPRNG should generate same values so receiver can decrypt w/o sending that seed in the clear (or another idea is to send it encrypted separately w/ another key, that way you could use a more random seed and take advantage of that w/ ciphers that change based on input more). That'd generally work for a one-way system (TX->RX), otherwise whichever starts transmitting is in charge of generating that seed and sending it.

Didn't see the crypto in the matlab code besides the "ciphertext = stream - 2.*imag(hilbert(stream)).*plaintext;" line. But yeah we need a real implementation to test if it actually works, towards the end the recovered plaintext signal wasn't the same as the input and he didn't recommend implementing the proposed system.

Miguel Sanchez
--So they put out a broken image lol, oh well. It's ok, I run enough kali and it's all debian anyway.

All these larger chips w/ large flash rom sizes (256KB and above), certainly wouldn't be that hard to hide a backdoor in all that code if it all gets used. Of course we've seen a few in the preprocessor so dirty macros is where a lot are I bet.

We've seen sneaky if-statements doing assignment not comparison, also writing in ways that creates bugs w/ the goto fail (perfect name too lol). Just a sneaky if statement w/ a branch to something that could be have some made-up important-sounding name and have comments /*DO NOT DELETE/MODIFY OR YOU WILL BURN IN HELL*/ type stuff, I don't touch those parts usually b/c I assume whoever knows something I don't.

Those are a couple of the real-world methods staring you in the face, operating in the clear. Worse would be hardware ones where we're all generally screwed no matter what, but much harder to exploit and may lack a lot of context needed for more effective attack. We can check for ID's burned in OTP memory but...basically what verifying w/ software comes down to, doesn't inspire confidence. Then toolchain ones, like linking in a malware that isn't in the open inspectable source code. Sophisticated and hard to implement, but high reward. The massive folders of files in some toolchains, plenty room to hide. The one I'm envisioning is Code Warrior, older version, had to track down to some .inc file to look up how the little "rand" (not random lol) function worked, got exposed to the underbelly of all these files...

I operate under they're probably infected but can still have some sort of productive use from it. I'm not going to kill myself over it but, constant concern, very annoying. It's a 2-way street, everyone has all sorts of aspects of systems they only superficially inspect/understand, if it works then they won't investigate much further.

I've just used airmon-ng of course, some bluetooth sniffers and a little wireshark; but I'm really satisfied w/ tcpdump so far. Been running all night/day, still chugging along. Yeah, there's been a lot of UDP, some ARP. I like being able to watch my devices connect and they identify them (android phone, iphone, ipad, etc) or youtube traffic (gstatic). Then there's these insane bursts of traffic lol (mostly ICMP6), cracks me up, I can't follow it. That's where I'd need to save to a log file. Lots of Xbox requests (Xbox-systemOS) even though it's "off".

Thoth
--If anything whatsoever went wrong routing to another router, any kind of additional lag (we downgraded to DSL again and cut cable, it blows and AT&T I suspect are throttling our bandwidth) I'd never hear the end of it. Anything not even remotely related from then on would be "my fault".

I've done some funny pranks to them (changing passwords, funny pictures on boot screens, DOSing our network etc.) and they weren't amused. My dad even took it so far as to create a folder in his PC (he has massive folders everywhere storing all kinds of crap, he also doesn't close browser tabs so he *always* has like 100 tabs up just killing his PC lol) specifically for me to find lol. Didn't need to hack lol, I found it just up on his PC lol, and I know his passwords he refuses to make more secure (this makes me real nervous). I'm going to take the easiest way in lol.

He wanted me to breakin, get past Trend Micro, thru the internet. I didn't want to spend time on that though, also I didn't want to break something on his work PC, yet he still would taunt me lol "Oh excuses excuses...you can't do it". I'll hit him when he least expects it :p.

He thinks viruses are a thing of the past (to a certain extent, he's right about that; the super destructive in-your-face viruses from the '90's don't happen as often today) and won't believe me when I say they're very stealthy these days. Though I'd say it's a small win for security that these in-your-face hacks are much rarer than before; it's getting too complicated to string hacks together.

RE: thermals
--Yeah we have to see it in real-life, I believe they've made chips though. That's what I find interesting is a lot of these ARM chips don't need heat sinks or fans inside phone covers. Decent power for low voltage.

Clive Robinson
--Yeah it's great and all, just why create another community (it may flop still) instead of joining what's existing, all I'm saying.

Nick PMay 12, 2016 4:15 PM

@ Gerard

It's very, well-written tool. I used it briefly with a friend. Little setup and easy as IM to use. Only critique was weird part where it gave me a verification code or something during setup but didn't explain what it did or where to enter it. Other than that, awesome app.

Clive RobinsonMay 12, 2016 6:00 PM

@ Figureitout,

just why create another community (it may flop still) instead of joining what's existing

Glib answer "Fame and Fortune" B-)

The real answer is, I don't like the idea of them becoming "landfill". There is something deep down inside me that riles against our "throw away culture", and thus I like to make use of things, and hope others do likewise. If they also get knowledge, fun and creativity out of it so much the better. All in all it makes for a fractionally better world, which has to be good for all of us.

Clive RobinsonMay 12, 2016 6:09 PM

@ Jacob,

Banana Pi has a back door in it, inserted by the Chinese ARM vendor Allwinner:

Why am I totaly unsuprised by this...

As I was commenting earlier today the UK company Imagination Technologies" looks like it's going to get a buy out offer from a Chinese company. The technology is used in Apple and Intel products, which could be bad news National Security wise, not just for the UK but a whole host of nations the US included...

ThothMay 12, 2016 6:52 PM

@Gerard van Vooren
re:Signal

I think there are very few friendly secure apps out there with teams allowing shared control and resources and what Moxie mentioned is mostly reasonable. They are running a company, putting all their stuff Open Source, paying for servers, waiting for donors to support them and their major project which they might have been well paid would be to help add crypto to WhatsApp.

They could have gone the path of Galois Inc and work on crypto and security problems, Open Source core codes and get national fundings but that doesn't seem like a different business model suited for Galois Inc than for Open Whisper Systems.

Keep a distance from these social chats and know that all messages from these devices are insecure. This is the best for keeping yourself more secured. If you need secure comma, face to face meeting in person in a crowded area is the best to use the backgrpund sound to mask your conversations.

WaelMay 12, 2016 8:23 PM

@Nick P, @Clive Robinson, @Figureitout,

Also leakage / radiation, cross talk and a whole slew of other effects like phase shifting, time delay, transmision return loss (also called VSWR in some circles).

Since you don't have time for books, watch some recommended videos. Some on topic, and some aren't.

Start with these excellent introductory, animated 64 short videos by : Eugene Khutoryansky @CallMeLateForSupper, there is a video on Curl and Divergence there - just so you don't think I can't tell a Laplacian from a Curl :)

For transmission lines:

Electromagnetics: Professor Gregory D. Durgin, Georgia Tech

Transmission line theory: Professor R. K. Shevgaonkar, IIT - Bombay

Fiber optics: Professor Shaoul Ezekiel, MIT

Magnetism: Professor Eric Laithwaite: The Circle of Magnetism - 1968

Linear Algebra: Gilbert Strang, MIT

Josephson junction: Professor Brian Josephson, Cavendish laboratory, University of Cambridge, UK

Decompilation with Ida Pro

How to design an RF power amplifier Matthew Ozalas, Keysighf

ThothMay 12, 2016 8:35 PM

@all
FBI Director claims Encryption is a terrorist tradecraft.

How totally unmindful. What about secure e-Commerce, e-Banking, secure authentication and multi-factor, or how about secure Govt, Military and Diplomatic comms ? Would all of them suddenly be labelled as terrorist because they use encryption ?

Oh... that means he Govt, Militaries, Diplomats, Bankers, Financers, CEOs, lawyers ...etc... are all terrorists.

How convenient to note that terrorists are running Govts, big Corporates ...etc... (which is the usual case where the good people die earlier and bad people live longer).

ThothMay 12, 2016 8:49 PM

@Jacob
Besides using a crowd to mask ones voice, use coded conversations and split them between gesture and voice. This makes ot even harder as it acts as a multi-band coded communication and the codes should not be too obvious but in form of natural speech to prevent suspicion.

tyrMay 12, 2016 11:17 PM


@Thoth

"Oh... that means he Govt, Militaries, Diplomats, Bankers, Financers, CEOs, lawyers ...etc... are all terrorists."

I think this is what Chomsky has been on about for
years now. Like most human things it depends which
end of the gun barrel you are on. That's why it has
been pointed out that Orwells 1984 was not intended
to function as a manual of governance.

Nick PMay 12, 2016 11:48 PM

@ Thoth

That does remain true. You can't trust these technologies due to their foundation which already has 0-days. What Signal targets, though, is reducing the ability to do effortless, mass surveillance plus a better default. We know the government is hesitant to throw good 0-days at a target. That each target might need a 0-day or subversion means they'd do a lot less. Or they'd help us improve our systems at a faster rate. ;) So, if you'd already use a phone, then Signal is a nice default just to make the baseline higher.

NSA or other High-Strength Attackers will bypass it. Yes, that requires other measures preferably not involving technology at all.

@ Wael, Figureitout

Wael, thanks for the links. Hopefully I'll learn something. :) Meanwhile, answers I've been getting from electrical engineers and people working with PCB's suggest there's no shortcuts. I'm not sure if it's intrinsic or just good material doesn't exist yet. In any case, most tend to learn by experimenting with cheap stuff with others an extremely hard learning through E.E. degrees plus experimentation. I'll have to put it off as I can't afford the price of entry on top of other stuff.

That said, I kept on the lookout. Chris Gammel is pushing an alternative model that's a hybrid between top-down and bottom-up learning. One is about learning the equations and dense technical knowledge. One is trial-and-error experimenting. He's pushing a model that lets you do trial-and-error in a guided way but with "just-in-time" learning for key, foundation stuff you need to know along the way. He starts with high-level overview then drills down into details as in systems thinking. He emphasized that his approach is about using the pattern matching ability of the brain to spot what to do and not do as he believes it's critical to this. I think it's a promising model.

Anyway, he has one set of tutorials here. I think you, Figureitout or someone else that's doing it hobbyist could evaluate these to see if I should pass them on and possibly use them later.

FigureitoutMay 13, 2016 12:56 AM

Nick P
--As a follow up, I could follow the paper mostly but don't have much useful things to say. I'm going to get more familar w/ FFT next semester, just know LaPlace for now mostly (still magical). But, I will say since this is quite an open problem and there's not much out there in the open, I'm not going to be charging in on it. I know enough about signal processing not to. I prefer typing over talking anyway (don't like it when people want to talk on phone over email!). Anyway, if you have an updated Mac computer handy, build this project ( https://ccrma.stanford.edu/~seancoff/256a/hw3/ ), it's f*cking amazing and was some *homework* assignment lol. Guess that's why it's Stanford. This student killed it. It visualizes FFT essentially but from a 3D origin. It's C++, so the devil for you, but just look at the finished product. Also this one is where you can alter your voice and I believe simply add in some crypto (the code is non-trivial on both, mainly the library code, so it'd take some time), you need someone else talking while you listen w/ headphones on an Apple PC to experience it (I bet I could build on Linux eventually, just didn't work on live Kali). Also you can generate some signals in audio frequencies. https://ccrma.stanford.edu/~seancoff/256a/hw1/

Clive Robinson
--You're becoming quite the fan of "glib" answers (whatever the hell that means, some british term probably :p). Speaking of british, pissed me off I always have to change the default keyboard on the Pi back to the "right" way, not the UK keyboard where pressing the "#" sign results in £, that's cheeky and wrong :p. Tell your countrymen/women to quit driving on the wrong side of the road too. Bloody hell :p

Also, if it becomes "landfill" that means the idea sucked when the Pi was perfectly sufficient, so stop supporting it and it'll go away on its own and that silicon could be used for more useful chips. For the record I know that CPU core pretty well (MO+ cortex), it's a good chip and you can do quite a lot w/ half of 32KB code, while your chip is awake at least :)

Wael
--I don't have time to cram my brain w/ more info than it can hold! Pointless. So big books are mostly out of the question (I don't believe people actually read them when they can go thru huge books like, 500+ pages and retain the info, and move on; except savants), I have to get familiar w/ a NEMA spec this summer, yay! Fun! Remember when I thought it was funny to have people design a product w/ "this shall be this, and this shall be that", well that's exactly the language in this standard!!! Christ lol...And a new protocol (for me, the protocol is old, actually like it a bit), and I have to choose a chip for a non-trivial product that company wants done hardware and all by end of summer...that ain't happening by myself mostly, f*cking christ...I won't let that ruin my summer! :) Will make quality but takes time goddamit. I refuse to ship complete sh*t if I can help it.

SecurityMay 13, 2016 1:30 AM

@Nick P, @Figureitout,

... suggest there's no shortcuts. [...] That said, I kept on the lookout.

I don't understand why you're still not believing me. Malvino's book remains to be my recommendation as the biggest bang for the buck (analog electronics.) You also have to 'like" the field. If you don't like it or don't enjoy it and read a 1000 books, you'll learn Jack sh*t.

Besides, don't worry too much about analog! Do only one thing, and do it good! Not every one can be @Clive Robinson, see. goddamit, Nick, we'll need 700 years of learning! Haven't you been following what I've been telling him? He's just too modest, saying he's about @Bruce's age. Yea, right... Save it for another schmuck ;) - I think I'm quizzing his patience now, and he'll hit me with an obfuscated, steganograhized parable that'll take a week to decipher :)

That reminds me...

Back in college days, I took several classes with the chair of the EE department. Quite a serious guy. Doesn't like to be interrupted, etc... He was, of course, very sharp and experienced. One summer class, I think network theory or something, a new student sat next to me. He was 90+ years old going for a degree in EE. The guy swallowed a handful of pills every class. Blood pressure, all kinds of medicine... But he was extremely sharp...

Every time the professor solved a problem on the green board (no white boards back then) this old man interrupted him: no, no, no! This is the wrong way to do it. And then he would tell the professor a better way. He kept doing this for several classes, until one time the professor solved a long problem. He then looked at the old man and told him: did I do it right? The old student told him: yes, but that's not the optimal way of doing, then showed him how to do it in about half the steps.

The professor threw the piece of chalk and said: That's it! What's your story?

The old student said: Well, I have a couple of PhD's one in mechanical engineering (I forgot what the other one was in), I was a full professor for 40 years at x university, and when I got too old to teach, I decided to get a degree in EE because I was always interested in the field, but I never had the opportunity.

You have to like the field (whatever field) this much ;) I don't like compilers, so I will never read a book on them. I know I won't get it, and I don't care either! It's not my passion. I'm not into "searches and sorts", I'll tell you another story later, as this is too long already...

Life is too short, there isn't enough hours in the day to learn everything, and there isn't enough years in a lifetime to learn all we want. Some of the things you talk about doing require large teams of experts to build. Sometimes several groups, several companies and several countries. NSA is a step ahead; they also use technology from outer space, see! You can't take a knife to a heavy artillery fight and expect to win ;)
Think of a simple idea that accomplishes what you want using the areas you are good at. That's your best bet. Changing the rules of the game will exact a steep learning curve (actually a learning cliff, given the technologies you're proposing.)

... christ...I won't let that ruin my summer! :)

This isn't cool! You know, when I joke around and say things like "goddamit", I make sure the 'g' isn't a capital 'g', even though I don't believe using a capital 'G' is that bad, but just to be cautious. It makes a difference in meaning. You don't need to offend others, just a friendly reminder -- so please take it with an open mind, and ask the moderator to delete it.

FigureitoutMay 13, 2016 2:13 AM

Wael AKA Security
--Yeah I took a class w/ an older guy too and I'm like why the hell are you doing this to yourself, he only takes 1 class at a time, it's people like that, that show me the strength of the human spirit (some of them) even towards the end of their lives they still push on for some future that they see is better...I wish I would've chose him as my partner for final project instead of someone else b/c he asked me (I ended up coding it all mostly myself; most stressful project yet for me). You weren't going to find him in the lab past midnight though (nor my partner, f*cking sleeping like a baby in his bed while I'm trying to complete an impossible project for the time-frame). I even had to proofread and write most of the report which he was supposed to do which he f*cked up, ugh nevermind. In real world, those people don't get hired so you only deal w/ winners who kill any project given to them. I mean I know clowns still get hired but they don't last long if they can't ride someone's coattails.

And don't freak out about "goddamnit", it's a phrase that releases my anger best, what's your religion if this offends you?

Clive RobinsonMay 13, 2016 3:19 AM

@ Nick P,

With regards,making PCB's you do not need to go to those lengths, if you use 0.1inch pitch components (DIL IC leg pitch) and ordinary leaded axial etc components.

All you need is your finalised circuit, faint ruled graph paper with 5mm squares, a good idea as to how you want to lay the components out, a reducing photocopier with Overhead Projector Transparancy Foils and "Photo-etch" copper clad board a fine drill in a press and a little patience.

I've designed and built equipment working from DC through to low microwaves doing this using FR4 board, and power ranges from mW through to KW power.

It's actually more important to learn how to do "dead-bug" prototyping using unetched PCB, hot-melt / super glue and cutting small "lands and striplines" using hand tools from further unetched PCB stock.

The use of PCB layout CAD is only realy needed when you start to need "plated through holes" on multilayer boards or lots of surface mount components. The downside is having to learn how to properly edit and check "net lists" then cross your fingers when you make your Gerber Files and send them away with a big chunk off of your credit card to get PCBs back a week or three later.

The thing about surface mount is that when you design these a large part of the manufacturing cost is hidden from obvious sight. They are constructed by "pick-n-place" machines or "women with tiny hands and tweezers" and component orientation becomes important in terms of not just "all pin 1's go top left" but also clearence and quite a few other "layout rules". You can actually ask quite a few vendors on the likes of Ali Barba etc for their "standard rules" and they will either Email them or links to them on their sites.

But at the end of the day PCB design is just one small part of the mainly mechanical side of product design.

You can learn a lot by looking at the PCB designs you find in VHF/UHF design books from the ARRL and RSGB. In the case of the RSGB look for the older books with authors such as G.S.Jessop or R.S.Hughes such as the VHF-UHF manual[1] as they have stuff from early 70's era through to the late 90's, and you will find some layouts in there that I did / upfated along with Robin Hughes back in the late 90's. There are also sections on test equipment tyou can make yourself and workshop practices. I'm away from my dead tree cave at the moment otherwise I'd give you a couple of other books as well.

[1] Technicaly the earlier versions are out of print, but as @Figureitout knows you can find PDFs of reasonable quality online.

WaelMay 13, 2016 3:21 AM

@Figureitout,

And don't freak out about "goddamnit", it's a phrase that releases my anger best, what's your religion if this offends you?

I use "goddamnit", jokingly all the time. How can I possibly ask you not to use it? That's not what I "blockquoted"... The example I gave highlighted the difference between "God" and "god" to make a point that we should be careful not to offend others. You know the difference, right?

what's your religion if this offends you?

I won't answer this question for three reasons:

1- The condition isn't true (if this offends you)
2- It should be abundantly obvious.
3- I explicitly stated it in the past

But I'll give you a hint: If Trump wins, He'll want me to wear a badge.

I meant this sentence:

that ain't happening by myself mostly, f*cking xxxx

Deeply offends at least two major religion groups that constitute a minimum of 54% of the world's population.

even towards the end of their lives they still push on for some future that they see is better...

He was an inspiration and made the class a lot of fun. The professor, towards the end, showed him an enormous amount of respect.

In real world, those people don't get hired so you only deal w/ winners who kill any project given to them. I mean I know clowns still get hired but they don't last long if they can't ride someone's coattails.

If I'm still alive, let me know what you think in 5 years.

CuriousMay 13, 2016 6:33 AM

Ugh. Free anti virus Avast's "safe browser" steals my info from my other browser(s), and copies that into their browser thing.

The Free anti virus Avast also forces the user to install Chrome without my permission or knowledge at all.

ThothMay 13, 2016 6:40 AM

@Curious
It is expected behaviour of crook-like behavioues of corporations these days. It simply shows how rotten the IT industry (including ITSec) is these days. They are willing to go at length to compromise your privacy and security just for your business.

He better option is to use a hardened Linux or even a Live CD (TAILS) to handle personal information and use Windows for generic browsing. Trust no one until you can proof the security within your expectations of levels of security.

JG4May 13, 2016 8:56 AM


Sorry about my previous redundant post. I could hope that my comments on the continuing reckless disregard for the rule of law added sufficient value to overlook the transgression. Mostly wanted to reply to Clive on transmission lines. I still haven't done a good job expounding the system identification topic, but that is spot on to this discussion as well as the concept of eavesdropping with multiple acoustic sensors in a beamforming system. If you measure the transmission line transfer function, rather than simply the characteristic impedance and frequency-dependent attenuation, you can capture a lot more detail (like all of the reflections) and use it to predistort the signal being transmitted over the line such it always arrives in the desired shape. This is the magic of DSL, which uses continuous monitoring of the twisted-pair transfer function for the purpose of what I call delay compensation. Changes in the transfer function generally are a sign of aging, temperature change, vibration or tampering. In a previous lifetime of twisted-pair, audio echo cancellation was done with adaptive filters. It was inevitable that the technique would be extended to higher frequencies.

Clive RobinsonMay 13, 2016 9:11 AM

@ JG4,

If you measure the transmission line transfer function, rather than simply the characteristic impedance and frequency-dependent attenuation, you can capture a lot more detail (like all of the reflections) and use it to predistort the signal being transmitted over the line such it always arrives in the desired shape.

Have you looked into Cooperative MIMO systems?

Nick PMay 13, 2016 12:42 PM

@ Security (Wael)

"I don't understand why you're still not believing me. Malvino's book remains to be my recommendation as the biggest bang for the buck (analog electronics.) "

I already told you it was a great resource that spelled out lots of things. Improved my understanding on some foundational things immediately. Currently, my coffee is sitting on it as I don't have a desk in this new place. It's been great for propping up overheating laptops and holding coffee while I blog, etc. Gotta love hardbacks. The prop has the side-benefit of helping me through some analog papers on occasion.

Far as why it's not enough, I think you'll understand if you watch this short video by Chris Gammal on why he's doing a different approach. He points out the trouble people have with books like what you describe. Same I'm having. Interesting enough, all kinds of people are building PCB's using his and otherwrise screwing around with parts. On Hacker News, taking shit apart, working with cheap sensors, using instructions in datasheet, watching things explode... these were the recommendations of everyone doing hardware. Nobody said learn from a textbook cuz they all presumably failed to. So, I'm getting mixed messages here with some saying theory but most saying hands-on experimentation. If I do hands-on, then what projects and what order to maximize learning efficiency? Analog is only thing I ran into with this problem.

So, I put it on pause as I lack the brain cells to do a dozen books or the money to do dozens of experiments. Staying at a high-level on that topic, collecting necessary resources, while taking more focused actions on things I can understand. Digital side has been *much* easier since they have resources that build your knowledge step-by-step with theories and hands-on examples. That's what analog needs. Gammal is a start but need even more than one attempt.

"Not every one can be @Clive Robinson, see. goddamit, Nick, we'll need 700 years of learning! "

Yeah, he's at least 60 with 55 years of EE experience. Strange enough, most people doing high-end, mixed-signal ASIC's are over 50 per one source in the industry because not enough new talent coming in to replace them. Not new talent that knows all the tricks and gotchas that prevent million dollar masks from being refabbed, that is. Hence, above rant.

" Changing the rules of the game will exact a steep learning curve (actually a learning cliff, given the technologies you're proposing.)"

Yep, past year aged me a bit. Yet, what little I learned let me predict math accelerators and great opportunities for implementing artificial NN's. I found examples of both, including one startup doing it similar to my concepts. I also found [somewhat,] general-purpose analog computers that people, including many E.E.'s, keep saying don't exist to any degree outside Shannon's theoretical one. Finding and evaluating all this without ability to grasp basic circuits. So, you're totally right: I see a nightmarish learning cliff coming even as I'm crawling in 2nd gear. Too hard to stop, though, given what results I achieved with such bare understanding. :)

"He was, of course, very sharp and experienced. "

Great story. Truly passion and dedication there. What makes you think I'm not the same kind of person albeit younger? I've been at the INFOSEC problem only 15 years or so to get where I'm at ahead of half a dozen subfields, slightly behind some others, a full digital HW methodology, and some successful analog predictions. You think anyone *normal* does that? It's like I'm irrationally driven by something to aid productivity, reliability, and security from specs all the way to circuits. It's like I enjoy connecting dots across the board to maximize what's achievable.

Btw, I don't know how compilers work either. I have enough books with example code to build several of them, though. The books are also widely read and peer reviewed to find problems or reduce odds of subversion. When I need, I can build them. I also know how to do it piece by piece and layer by layer for bootstrapping in a way that impressed some compiler people. Same method I applied to a lot of smaller problems in IT where deep knowledge isn't required.

"NSA is a step ahead; they also use technology from outer space, see! You can't take a knife to a heavy artillery fight and expect to win ;)"

I did at the software level. I went 300 on their ass with most of my stuff working to various degrees. Mostly done doing same for digital albeit without implementation yet. Analog and RF is where decades of secret knowledge they have give them an advantage. I plan to go Normandy on their ass for that one. Either the French or American invasion. I can't tell which it will be. Either way, the advances will let others have a chance at winning the war whereas they currently have none since they don't even see the ambushes waiting for them. Even when I give them specific information on the ambush, where and likely when, they ignore it only to be smashed. Sad, sad.

"I make sure the 'g' isn't a capital 'g', even though I don't believe using a capital 'G' is that bad, but just to be cautious. "

That word meant whatever I intended it to mean. If we let others define what's offensive, then what follows are the tactics of what we call Social Justice Warriors who get all kinds of things censored and people out of jobs. So, I disagree and continue to exercise free, personal expression in general with others free to select a non-offensive interpretation for themselves. I'll avoid it in future in *our* conversations as a courtesy since we're buddies. ;)

"Post from "Security" is from me. I filled in the wrong field!"

I knew you were Security. I thought you were doing that sockpuppet bullshit again. Named you this time. Good to see confirmation haha.

@ Figureitout

Ask Allah what Wael's religion is on this blog. You'll get an answer from Him or him. I'm pretty sure on one of them. Hopefully, he finds that one funny instead of blasphemy given it's non-negative and has element of truth to it. My style for religious jokes among pals. ;)

Nick PMay 13, 2016 12:52 PM

@ Clive Robinson

Interesting advice. Appreciate it. Do you have links showing examples of or where to get these:

"how to do "dead-bug" prototyping using unetched PCB, hot-melt / super glue and cutting small "lands and striplines" using hand tools from further unetched PCB stock."

I thought people did breadboards and stuff when they weren't doing straight up PCB's. Something between that and PCB's in difficulty would certainly be useful.

"The use of PCB layout CAD is only realy needed when you start to need "plated through holes" on multilayer boards or lots of surface mount components. "

It's not strictly necessary I know. You kind of spot the reason why it's useful with the rest of your post when you start talking about design rules and such. I'm aware of them. The ones for deep submicron were *crazy* in fact. Fortunately, the macro-scale is more sane. I figured learning a basic CAD tool, like MAGIC or KiCAD Gammell uses, that has DRC's built-in would help by preventing/detecting those little gotchas. I'm guessing beginner stuff might benefit from that after I've gotten past small circuits in isolation. I can't remember if they can check the math on common components. That could be beneficial, too, given I'll only have partial knowledge of the equations.

"RSGB. In the case of the RSGB look for the older books with authors such as G.S.Jessop or R.S.Hughes such as the VHF-UHF manual[1] as they have stuff from early 70's era through to the late 90's, and you will find some layouts in there that I did / upfated along with Robin Hughes back in the late 90's. "

Appreciate the tip. I have ARRL. I'll try to look for that other one.

Miguel SanchezMay 13, 2016 3:58 PM

@Figureitout

regarding:
https://www.schneier.com/blog/archives/2016/05/friday_squid_bl_525.html#c6723977

Yeah.

I actually think it is more likely that governments would target wide supplied products, then products like the pi. If they do that at all. Which they very well might, because of the potential intelligence value. However, it is also true that all complicated systems have security vulnerabilities, and relying on distantly found security vulnerabilities is far less risky then engaging with companies at close levels.

Smaller targets that they would have high value of hitting would include encryption products. For instance, get a few undercover under a long term mission to set up some "cool" privacy products. Which attracts clientele who many of whom have good reasons for requiring the extra privacy.

The risk I was thinking about which is much more likely, is simply private data of yours being improperly handled by shady corporations. Where the motive is profit.

Sancho_PMay 13, 2016 6:04 PM

@Nick P, re analog electronics

I don’t know your level / skill and intention but you’re right to start by practice, not by books (only). Breadboard is first, then stripboard / dead bug. Solder. Dirty. Stinky.
You’d need a lot of parts ($) in your drawer - and time.

However, for a simple analog circuit it’s better to try a simulator before placing components in trial and error mode on any surface.
There are good (complicated) simulators for free [1], but they might be confusing for beginners and you may spend months to study the tool …

So I’d recommend to check iCircuit ($10) to begin with: http://icircuitapp.com
It’s a (simple circuit) real time simulator (analog and digital) running in your machine. The circuit is continously simulated while you change values, parts or even wires - a concept I have never seen in other simulators. Unfortunately the (otherwise brilliant) developer doesn’t seem to be interested in that stuff any more.
I have an outdated very early version only, but it’s fun to see youngsters playing with.

[1] E.g. EasyEDA, including printed circuit development.
https://en.wikipedia.org/wiki/EasyEDA

Nick PMay 13, 2016 6:40 PM

@ Sancho_P

"I don’t know your level / skill and intention but you’re right to start by practice, not by books (only). Breadboard is first, then stripboard / dead bug. Solder. Dirty. Stinky.
You’d need a lot of parts ($) in your drawer - and time."

I believe it. It's looking like that. What do you think of Gammell's hybrid approach that I linked to above?

"So I’d recommend to check iCircuit ($10) to begin with"

Wow, thanks for the link! That looks amazing. I think Tanner EDA might have some of that simulation capability they referenced. Their demo dragged and dropped things with values auto-updated. Yet, that's a five-digit EDA tool and this is a free download that looks even easier than the Tanner demo I watched. Definitely bookmarking it and passing it onto hobbyists that I run into.

"EasyEDA, including printed circuit development."

Thanks for the link. Didn't know about that one. Mentor had one but I lost the link. Most of the free work seems to be using KiCAD. I hear it's U.I. has serious issues, though.

Btw, speaking of old stuff and hands-on experiments, check out this old beast that's still being sold in some form. I wonder how useful that would be to modern analog development, esp of macro-scale circuits. Probably for sharing in a classroom instead of individual students. Original was in lots of universities as a replacement for breadboards for linear circuits.

Miguel SanchezMay 13, 2016 10:08 PM

@Clive Robinson

This should be ringing major alarm bells in the US both Intel and Apple have a large dependency on Imagination Technologies, and hold significant share holdings, but not enough to prevent a take over by China.
THe question is not what the UK Government will do (we know Gidiot will be actively promoting the take over). But what the US Gov may try to do. The reason much of the comoanies IP is used in what the US Gov regards as "Stratigic Technology" which is a National Security issue for them. It will be interesting to see if the USG "Committee on Foreign Investment in the US" can out a spoke in the wheel of the deal or not. Unfortunatly the Chinese have picked a time where DC is more inwards focused as it's the end of a Presidential cycle.

I do not see why China would not backdoor the technology. They are constantly having to race and cheat and steal to catch up. Okay, "spy".

Tonight, had a conversation with friends, where we hit on the same old points. China is behind on technology, so they have to steal. China is hesitant to use their capabilities to literally down non-Chinese economies. Because it would affect them so negatively. China could, however, accidentally create... a monster...

:-)

You know where I am going with this. :-)

http://arstechnica.com/information-technology/2016/05/1b-bangladesh-hackers-implicated-in-attack-on-vietnamese-bank-sony-hack/

So, did *China* really hack OPM. Or was that their trained attack dog, North Korea?


And, as North Korea is going for the big bucks in these attacks. How can this be stopped before it causes a global catastrophe?

*raised eyebrows*.


Well. I only have to say... Nietszche was very, very poignantly right about adversity. It requires sacrifice. For the sake of the show.

Everything in proximity to the hero becomes tragedy; everything in proximity to the demigod becomes satyr-play; and everything in proximity to God becomes...what? "world" perhaps?


FigureitoutMay 13, 2016 11:11 PM

Wael
--Hope it doesn't offend anyone, sorry. I try to be funny mostly. It is a bit salty, I put asterisks tho so I'm good! :p

You make it sound like you're always overwhelmed lol, well you can always tell who's who; I'm not egotistical enough to say sometimes I'm that guy not pulling my weight, try to avoid being that guy at all costs.

Nick P
--I'll let him be, touchy touchy. Think he wants me to sound like a black comedian's impersonation of a white guy, "jimminy cricket!" "malarkey!" "oh fiddle sticks!" :p

Miguel Sanchez
--Yep, vast majority of public is focused on living normal lives not counterintelligence so it's pretty easy to do operations like that.

Clive RobinsonMay 14, 2016 4:25 AM

@ Nick P,

So, I'm getting mixed messages here with some saying theory but most saying hands-on experimentation.

The answer is both used in the right order, which depends on how much Appropriate real world experiance you have, and the levels of sophistication you need for any given set of parts you use.

There are many engineering rules of thumb such as "oscilators don't, amplifiers do!" which is effectively a comment on stabiliry criterion at the gain bandwidth point you are working at on the device in question. The further down in frequency you are the more gain you have, which you can trade off for response flatness or other desirable features in your design. However to much gain in the device means it's input can see it's output more easily, which leads to instability and if the phase delay around the loop is right, oscilation.

Thus experiance will give you a basic rule of thumb starting point for possible topologies, theory will warn you if it's going to cause you problems and where, which alowes you to come up with a design that will probably work as a prototype without fiddling about, unless... you have got something wrong or you are working close to the edge.

No theory, means your prototype might or might work, depebding on experience and how far your design is from the edge... which means a lot more fiddling at the prototype stage which is resource expensive, in terms of time and broken parts, or having to do a compleate redesign again.

No experiance, and no theory and you are cursed to the hamster wheel of pain in terms of redesign unless you are a very long way from the edge.

So those who claim just doodle a circuit and go to PCB are at best chancers, and probably have never been anywhere close to the edge. Their modus is to use more expensive components which in production means the BOM is more than will ever alow a profit, thus the design is unfit for purpose.

So, I'm getting mixed messages here with some saying theory but most saying hands-on experimentation.

I hope that helps give you an appreciation of the differing advice you get.

As for the age issue as they say about pilots "There are old pilots and there are bold pilots, but no old and bold pilots" the same applies to competent engineers. You want to be an analogue engineer of any worth then "theory theory theory" is you road to competence in the long run, allied with lots of practical experience and a little luck.

The problem we see today is things move to quickly for the proper level of experience to be obtained, thus "over specing" and resource wasting is what the industry has. It's made worse because "Digital" lets you get away without getting experience, or usuing theory, you just use the manufactures "cheat sheet" recommended circuit and pass any problems back to their tech support guys...

Oh the other issue with experience, you hardly ever hear is "testing techniques" it's the route to wisdom, it's how theory comes into being. If you don't have the TT chops then you will never be a reak designer...

WaelMay 14, 2016 5:02 AM

@Figureitout,

You make it sound like you're always overwhelmed lol

Wasn't my intention... How did your finals go? Hopefully you kicked butt?

WaelMay 14, 2016 5:15 AM

@Clive Robinson,

No theory, means your prototype might or might work,

Theory without application is a limp theory; application without theory is a blind application.

@Nick P,

Choose the kit that suits your needs. You can move to breadboards and PCB projects as a next step. Once upon a time, I had a 200 in 1 electronic kit. It was Japanese... Can't find it on the net.

Clive RobinsonMay 14, 2016 8:38 AM

@ Nick P,

I'm traveling at the moment which means my answers will come in bursts as signal becomes available.

@Wael's suggestion of a 100in1 Kit is one of the ways to give you very basic experience with little pain as the kits nearly always work below 2MHz. They are kind of like "join the dots drawing" unless you decide to experiment a bit... for which you will need to get some testing techniques experience from a little theory, and a couple of pices of test kit. A volt meter will get you a long way especially if you make up some probe heads, and the audio input card on a PC will give you a very basic low frequency oscilloscope if you can locate some free software. SDR software that you can get for Linux is fairly amazing in this respect as you can get fourier displays, waterfall displays and all sorts of other neat stuff like FM and SSB baseband demodulation. You can also get some of the SDR software to work in TX mode, so your PC also becomes a complex signal generator, though you can just make WAV files in an audio editor and play them. However the most important investment is some cheap DC power supplies of which you will probably need three or four. For years I had an expensive Lab PSU and five or six cheap "Wall Wart" PSU's that you could switch the output voltage on them, and also --be carefull on this-- reverse the polarity of the wires. These days you can buy switch mode USB PSU's and spare laptop PSUs and I've about 15 or so of each in the "under the bench box". You also need lots of "hook up leads" with 4mm connectors on them, and croc-clips small and large as well as a few "micro plunger" clips you can hook around DIL and transistor / resistor legs of components in PCBs.

Almost the first voltmeter probe you will need is a "germanium signal diode probe". Whilst modern voltmeters can "do AC" their frequency response is generaly an unknown so measuring the envelope of AC signals above 150Hz may not be acurate, however some voltmeters also have frequency meters, capacitor/inductance and transistor hfe test functions these tend to have much higher frequency responses, but again they may well roll off for voltage measurment at just a few tens of KHz even though the frequency meter might go upto 10-100MHz. The diode probe you can customize by a little AC theory to pick filter components for the type of measurment you want. I've one probe that I made that is good to well over 3GHz using a specialised surface mount diode and a peaking filter to match the roll off of the coax. It was designed to be used with a hundred MHz scope, but with an LF filter box at the SMA connector end it makes a very nice RF-Voltmeter as well.

As for circuit simulation software well... It's horses for courses, quite a few Uni level theory text books these days comewith limited circuit emulator / work bench software in the back on CD-ROM, these will alow you to do small circuit design emulation upto 5-10 active components that will get you going. BUT buy in the op-amps and transistors they have models for and actually build the circuits so you can sanity check as well as see what effect different construction techniques have.

Which brings me back to the 100in1 kits. First build the circuit exactly as shown in the book. Then draw it out big on a sheet of A4 paper, then with your voltmeter go around the circuit and measure the DC static/bias voltages and write them down on the circuit. Then using an "osciloscope/Audio voltmeter" go and measure the AC voltages, and if your sig gen works high enough characterize the frequency response, and if using a dual channel scope the phase shift as well. Then change one of the components for a higher or lower value of about +-25% and do the DC and AC readings again. Also "Open Circuit" components and do the readings again. If you do an hour or two of this a week you will quickly develop a feel for LF analogue and basic testing techniques, which will give you more insight than just circuit simulation software can.

It will also prepare you for building your first prototypes. No matter how often you build prototypes you will get shorts, opens, wrong values and even components connected to the wrong place or not acting the way you expect. It's a part of life "just accept and deal with it" that's what learning testing techniques is all about, it stops rage / frustration and physical injury when the prototype bounces back off the wall and hits you in the eye etc.

The big secret to prototype building is "one stage at a time" to many people just build it all power it all up and start singing the old Platters song with the "smoke gets in your eyes" line in it. It also gets expensive if a small mistake at the input takes out those expensive output devices, which it can with RF and DC amps etc.

Speaking of RF, Caltech had a microwave circuit somulator you can doenload for free called PUFF it used to be the only alternative to Touchstons that would be the equivalent of 15,000USD/licence in todays money. Such greed however does not go unpunnished, whilst PUFF is still around and now GPLd other more powerfull software is also free. Have a look at comments such as,

http://wetnet.net/pipermail/seatcp/2010-January/008901.html

There is a veritable amount of realy quite good FOS CAD software around these days including circuit simulation, PCB layout, circuit layout, mechanical design and microprocessor emulation. A commercial product would realy have to be offering something very special for you to put your hand in your pocket for your CC. Most commercial stuff these days trys to be all singing and dancing CAM witg links into everything including BOM through to Accounts reconciliation, stock control, JIT ordering etc which might be nice for a 10up desigber medium sized business or bigger, but is just going to drive you up the wall configuring it just to get started, oh and often like "Grandfathers Clock" it "stops dead never to go again" when the supplier dies or you don't pay a kings ransom in annual licence fees. Oh and to make sure you "pay till you bleed" every bit of work you have done will be in proprietor files...

At the end of the day, I still scratch out a circuit on the back of an envelop etc, likewise small areas of PCB layout, and go to "in house prototype" befor I pick up the mouse on the PC.

Which brings us to "bread boarding"[1] it's progressed quite a lot in the last fifty or so years since transistors and paxoline board became available in the sixties (and yes I do remember it). The technique called "dead bug prototype" is as we speak going out of fashion due to surface mount components. It got it's name from putting DIL IC's upside down on a piece of scrap copper clad board and held them in place with a bit of double sided sticky tape, blue-tack, hot-melt or super glue, the legs stuck up in the air and --very vaguely-- looked like a dead beatle on it' back, hence the name. You could then use the legs like small tag strip to solder wires and components to. If you needed a "node" which was not connected to an IC or other glued down component then you would get thinish strips of PCB that you could likewise glue down for power rails (the main copper clad is always signal ground to give circuit stability upinto UHF) or chop into little square to be glued down for the other non glued components like leaded axial resistors and capacitors. To make links or connections without components "wire-wrap" or IDC wire is used, as it's insulation is easy to get through when required.

A variation on "dead bug" is to drill through the board with a PCB drill and where required clear back the copper with a "vero cutter" or 3mm drill in a needle file handle. If done with care looking at the top side of the board looks like it's a protorype PCB that has not been silk screened.

Both techniques get you very very close to an actuall PCB without the expense, and it's only when you've got it to this stage that I would normally do a prototype "photo etch" PCB.

If you hunt on the internet you will find how to get transparances out of laser printers, and even how to modify inkjet printers to actually print directly onto copper clad so you can etch up realy fine surface mount boards. Often you will also find descriptions of how to turn cheap electric waffle grills/overns into IR reflow machines on the same web sites.

Any questions?

[1] It gets it's name from hobby building either side of WWII. Back then it was all valves and high voltages and other components soldered to "tag strip", cutting and folding up a metal chasis was not just difficult but dangerous. So people resorted to screwing things to wooden boards for prototyping as this was a lot lot safer. The problem for the home constructor was getting a nice bit of wood, planks were rough, unfinished and not wide enough. However Woolworths etc would sell you a kitchen bread board that was just the right size thickness and had a realy nice finish onto which you could not only screw on the valve holder brackets and tage strips, heavy transformers etc, but also easily cut a second bread board up and screw it on at the front using shelf brackets to give a nice front pannel to mount switches, dials, speakers and meters to. Hence home building became "breadboarding" with "breadboard construction" which has stuck for nearly a hundred years...

Sancho_PMay 14, 2016 4:34 PM

@Nick P,

Of course hybrid is best, but it requires both, a small group of interested students / friends (“competitors”) and a very knowledgeable mentor (esp. not only in technics).
Um, was it called teamwork in the good old days?
One can’t get that speed in a classroom or from a book / online lesson.
The lonely wolf is lost nowadays - and the old one, too.

Re “Analog Stream Cipher for Secure Voice Comm”
a) Analog computing died about 30 years ago, time to say farewell.
It’s not (reliably) reproducible at larger scale for delicate stuff.
b) Any strategy is good only until it meets the enemy. Here the enemy will be the digital audio compression for GSM transmission (as @Clive hinted).

From a + b: “Sorry, what was the name, Nick, Pick, Brick, Ick, Tick, … ?”.
Ever had to spell your name on a mobile (without encryption /decryption in between)?

Nick PMay 14, 2016 5:20 PM

@ Sancho_P

"Of course hybrid is best, but it requires both, a small group of interested students / friends (“competitors”) and a very knowledgeable mentor (esp. not only in technics).
Um, was it called teamwork in the good old days?"

Yeah, that's true.

"Here the enemy will be the digital audio compression for GSM transmission (as @Clive hinted)."

It's an investigation into an encryption technique with unusual hardware. I wouldn't trust it for the field by far. It's just that people used to tell me analog could only scramble: not encrypt. This student countered that effortlessly. I enjoy those moments when our limiting assumptions are countered.

"a) Analog computing died about 30 years ago, time to say farewell.
It’s not (reliably) reproducible at larger scale for delicate stuff."

It actually didn't: just became niche. It was revived under the name mixed-signal ASIC's where analog and RF have become a bigger chunk of I.P. every year. Papers I have on doing custom, high-performance, or super-low-power design for *digital* ASIC's look more like analog flows, use tools meant for analog, and use dedicated analog I.C. in them. There's also been a few products that straight-up did analog alternatives for the advantages. Interestingly enough, they can often be had on older process nodes with lower cost of development. Always cost more in labor than digital due to manual work. However, prototyping mere dozens to hundreds of transistors on old nodes keeps masks and shuttle runs down.

Meanwhile, I dig up great results like this and this. There's a reason more startups in second paper's area moving to analog for computation. You have any idea how hard that is to do in a clocked, multi-chip implementation with digital circuits? Let me spoil it: decades of supercomputing research left few contenders on cutting-edge nodes. Four or five academic groups plus some companies all got better results with essentially a pile of analog circuits even on older nodes. Hell, it takes a supercomputer of almost 300,000 cores just to simulate what that one wafer of analog chips can do in real-time.

It clearly still has it's places and advantages. We just need to figure out what those places are then how to painlessly integrate it into digital stuff like in first example. Mixed-signal ASIC's already do in a micro way. Getting more of that wisdom published and OSS tooling will help. There's also steady improvements in synthesis, too, to reduce work. Then there's one-off projects like above getting spectacular results.

Nick PMay 14, 2016 6:21 PM

@ Wael

re kit

Now THAT is what I'm talking about! I knew that bright mind of yours would click and produce a solution once the proper requirements and constraints were in front of you. Like an engineer or something. ;)

Regarding this kit, its designers clearly thought of many specific issues I have. The first was being electrocuted as I was already killed or KO'd... still some dispute... by that one time. Using DC batteries instead of AC knocks out whole category of risks. The spring method especially but also breadboard eliminates need to learn soldering and reflows early on. Then a subset of components they're sure will be useful that fit on the board. I knew I wasn't on PCP thinking a gargantuan, dangerous topic could be reduced to merely a huge, uncomfortable topic.

@ Wael, Clive

So, the Malvino book said all ASIC processes tend to at least have transistors, resistors, and diodes if nothing else. Pursuing esoteric or obfuscated computing research, I gambled that one could build logic cells out of resistors and diodes, at least partly. Imagine my surprise when I found out that was original model for computers. Resistor was used in Apollo with Diode logic following. Tunnel diodes were fun to read about. Cool stuff that probably has no lasting value but who knows with diode stuff. That general-purpose analog system I found used diodes instead of transistors.

However, what takes the cake, is the D-17B guidance system built mostly on diode logic. Turns out they used it for reliability. It's shape, logic, and materials are all unique with incredible reliability for the time. Shit, OpenVMS systems tended to top out at 5 years so this one is in its territory. Specs on it looks more like a real assembler and computer than most things from time period. Only thing I'm not jealous about is that clock rate. I'm not going to spoil it except to say workers meeting software goals were probably under a lot of stress. ;)

@ Clive

Copying and saving the recommendations. The dead bug name is great as I was picturing the upside down IC's as I read. Yeah, they look like beetles haha. Alright, let me go piece by piece here on anything I'm not just saving.

re buy circuits with models you sanity check

To make sure I'm clear, you're saying to specificially look for components online whose manufacturers provide models and data of how they work? And then to recreate and test those locally to ensure (a) accuracy and (b) no manufacturing defects?

re paper to kit components to measurements

That's a neat idea. Appreciate it.

re accept and deal with it

The others got me prepped for that mindset. They say there's just too many variable, manufacturing BS, inaccurate datasheets, and so on for correct by construction. Just order extra and test early and often I figure. Like 3rd party software. :)

re one stage at a time

I believe it. Will do.

re RF

Far from that, but will save the tool for future or others that need it.

re CAD

I'm on that. My reading indicates pro's think the CAD tools all suck in some set of ways. Only one they don't grip about often was Tanner. Mentor acquired them, though, so we can bet management might muck it up. ;) Far as OSS or free, I have some Obligatory links. Qflow refernce. MAGIC, although rarely promoted, was actually popular among analog and custom-digital pro's in many older papers I read. Maybe had real-time DRC's. Not sure on learning curve aside from saying it looks weird. Sancho_P just gave us an awesome, far as UX, tool for beginners that might help pro tinkerers. Not sure. I believe Figureitout shared LTspice, which Gammell also recommends.

So, we're covered on software side it looks like. :)

re injket printers

Here's a tough way and an easy way. Props to Microsoft Research again for kicking ass. So, I'll consider their approach as it might work with your paper-to-circuit scheme for learning I mentioned above.

Btw, found this too for PCB's that looks kind of straight-forward. Far as reflows, Ganssle's Embedded Muse had two articles with surveys of all the clever methods for that stuff here and here. Plus, I looked up open-source logic analyzers and such given their importance in verification. Found this. Accidentally found homebrew, spectrum analyzer with videos here.

Doubt the logic analyzer will impress you with the diode taps and such you cook up. I gave the guy props, though. ;)

Nick PMay 14, 2016 6:22 PM

@ Clive

EDIT: "some links. Obligatory QFlow reference" is what that was meant to say. The perils of haste.

rMay 14, 2016 7:35 PM

Finally,

You guys dumped your freeform diy EE knowledge, thanks for the concatenation all.

FigureitoutMay 15, 2016 12:13 AM

Wael
--Then what did the comment about being alive in 5 years mean? Oh and meh, didn't kill them but I'm thrilled to be done for a couple months, decent but made a few errors on one (notorious class where you have to memorize datasheet facts).

Nick P
--Just pick out a project and dig in. Honestly, I'm not too sure if you're up for linear circuit analysis which is what Wael and Clive are getting at. I'm not really cut out for it, have to accept that yourself at some point. You need to take a class on it to get guided in right direction too compared to just solo learning. But I can still check work and be right on the cusp, I'm more fascinated loading the first code to run so i want to be as close as possible to hardware.

Leave your ego at the door, choose something you're confident you can do, look up current implementations to check for dead-ends, learn by doing (this is me, i have to have some hardware in front of me), and be prepared to have your mind blown. Electronics is the best field in my view. :)

Clive RobinsonMay 15, 2016 9:45 AM

@ Miguel Sanchez,

Bruce and I have differing opinions over SPE, my view is that there has been no credible information made available in the public domain to support the Obama accusation. Further I would not trust anything the FBI claimed without tripple independent verification, the FBI have been proved to by liers, perjurers, fraudsters, evidence inventors/tamperers, murders, and worse repeatedly and probably more insidious in power blackmail than when Hoover ruled the roost.

As for the NSA, lets just say I'm underwhelmed by their achivments, much of which was easily predictable prior to various whistleblowers of recent times.

Based on the public evidence I can think of quite a few ways that all the supposed evidence against NK on SPE could have been easily fabricated, thus it does not even rate as circumstantial.

If you look back on this blog a couple of years prior to Stuxnet, you will find I had quite independently worked out the method Stuxnet used to be propergated (I thought it up when thinking about how to rig electronic voting machines). Further you will also find I quite clearly stated I thought the real target was not Iran but NK, most disagreed but eventually it leaked out this was indeed the case. I came to my statments at the time by the process of critical reasoning based on US political behaviour and what knowledge was in the public domain about access to NK. IT also became obvious by NK behaviour with regards to UN nuclear inspectors the NK leadership thought the same, and chose to rub the US political nose in the sh1t of the US political/IC own behaviour.

It's the public knowledge that the US had it's nose rubbed in it by NK in various ways, that makes it all to likely that nothing we have been told by the US over SPE outside of the bare verifiable bones of the attack is in fact true. That is it is more probable that NK was setup as a patsy by others. It was also "out of charecter" for the NK leadership that is "not their MO", which whilst it does not rule out chancers with NK makes it more likely it was others. The question thus arises of "who and why?". The answer ranges from the US it's self through a number of countries ICs down through certain large criminal organisations down to badly treated SPE staff looking for a reconing with fairly usless SPE managment. That is a lot of faces in the frame on capabilities and reasons for doining it, but little or no effective way to whitle them down with the information available, thus critical reasoning is limited on the input side of the equation. Hence my "insuficient data" position, but if pushed I would say it was the US for home consumption to bolster a failing political position.

This new evidence, even more convinces me that the FBI story on SPE and NK lacks any factual basis that gets within sniffing distance of evidence.

Whilst I will not say it was not NK, it could well have been, and they failed to run an effective deniability operation, the opposite is rather more likely that it was a "red flag" operation by currently unknown others.

Which brings us back to this "new evidence", this raises the question of who could "shift the money?" the answer to this is Russia, Russian Mafia and other large criminal organisations. The problem that NK has is "shift it to where?" they are that cut off from the rest of the world that their external fiduciary behaviour is very well known across their boarders. Which means that they don't realy have anywhere safe to stash it away or launder it back into their own boarders. Worse if they start spending it without care, it is going to show up in trade figures etc...

Any way I'll let others make their own judgments and critical reasoning on what is publicaly known and thus come to their own conclusions.

The WalkerMay 15, 2016 4:10 PM

@Clive Robinson


Whilst I will not say it was not NK, it could well have been, and they failed to run an effective deniability operation, the opposite is rather more likely that it was a "red flag" operation by currently unknown others.

Which brings us back to this "new evidence", this raises the question of who could "shift the money?" the answer to this is Russia, Russian Mafia and other large criminal organisations.

I think that is the worst case situation, and so useful to consider.

Too often people do not think out the full and most range of bad case, because the very worst fears their somehow still natively logical mind presents to them rules it out.

It keeps their mind from breaking.

But, it does also limit the possibilities of their own intelligence.


I am of the very strange opinion that the next few giant leaps of human beings, evolutionarily speaking, are already inherent in their current physiological structure. Just not in the structure of the way their organize their emotions, including, a very, very strong emotion, fear.


However, I believe it is like 70 to 2. 70 percent chance North Korea, 2 percent chance Russia, 27 percent chance everyone and anyone else.


North Korea

Part of the claim of the FBI and NSA was there was evidence they were relying on which they could not disclose. Was that a feint or bluff? I simply do not think so.

Faking the cover up of a north korea, it was too good. Unrelated to the first point.

The Sony leak. Nothing there that would help them. Hard to see motive of anyone who would hack Sony, at a governmental level. Except North Korea. Because of the Interview.

Maybe Iran believes Hollywood works for the CIA.

If so there was nothing disclosed which even remotely hinted at that.

WaelMay 15, 2016 4:43 PM

@Figureitout,

Then what did the comment about being alive in 5 years mean?

It means no one can guarantee they'll be alive for five years (or the next second) -- death knows no age.

@Nick P,

Now THAT is what I'm talking about...

They're fun to learn and play with. Also, you'll likely come up with your own ideas.

FigureitoutMay 16, 2016 11:48 PM

Wael
--Well yeah, that's a given. Generally when people make those comments they're under some stress of some sort.

Nick P
--Also, for layout software, our guy who I'd call just a hardcore hands-on guy, some would call him a "desk jockey" but he has an engineering degree I believe and so much experience from repairing electronics that his knowledge is special (where your "hunches" turn out to be right). He likes all the old tech, like analog scope and vacuum tubes. Amateur radio fanatic too. Has been using the same software for 30 years. Whoever we hire on after him needs to be an expert in this software or we have major issues on the horizon...I get tidbits I crave the longer I work where I'm at (experienced word from years and years, cut out the bs and save me time). He says the documentation sucks, that it simply takes time to learn to use layout software (for 4-6 layer boards, 1-2 layers you won't need that probably). He messed up 1 layout while I was here and he says that's the first one he's done, the software actually checks the circuit too.

Also says that even that software sucks (massive learning curves), all board layout software sucks today. You can't learn it quickly/easily. That's just one aspect of doing your own hardware after the actual design of the circuit. After that comes when your CM f*cks up your board placing a surface mount part backwards or something infuriating like that; then they continue to f*ck up just about every shipment while you're working there (oh that's just me...).

And people who say the layout doesn't matter haven't designed tech. where it does, a lot; nor really understand the very real EMI concerns. Certain chips/products are just really fragile until we understand them better. One of the reasons I'm looking forward to next board where it's much less an issue than what I'm trying to get the F out the door now but little things keep popping up. And the boards will be less exposed to the elements. Electronics aren't meant for being exposed to the elements.

Nick PMay 17, 2016 11:22 AM

@ Figureitout

About what I expected. Thanks for the anecdotes. Just means people need to get on improving at least one of them until it doesn't suck anymore. The iCircuit app looks like a nice start on that. What do you think of it's usability?

FigureitoutMay 17, 2016 10:05 PM

Nick P
--Mixed reviews, last updated April 2015, it's $5 so I didn't try it and I don't think I'd use a layout program on a mobile phone that much...I plan on installing KiCad soon though even though it probably sucks and I'm not sure if I'll make a "shield" this summer over other projects.

Nick PMay 17, 2016 10:18 PM

@ Figureitout

It's on phones, Mac OS X, Win8, and iPad/Android tablets. I could see people drawing circuits on desktops and tablets.

Re KiCAD

Make a network sheild with dumb, verifiable Ethernet and shit to build s secure guard out of. Alternatively, for secure network apps or storage. Can have microcontroller do IO directly to avoid DMA.

Sancho_PMay 19, 2016 5:53 PM

@Figureitout, Nick P

Wait, iCircuit in no way is a CAD / layout SW, last update was 01/2016, it is $9.99 - and has mixed reviews because the single developer doesn’t care.

If one wants to learn the basics (of electronics, not of the tool) it’s the way to go.
You wouldn’t expect to simulate a uC or FM radio by a $10 SW, would you?
Sorry if that sounds like an ad.

Nick PMay 19, 2016 6:25 PM

@ Sancho_P

Oh, damn, thanks for the correction... I was getting excited since there's quite a few CAD tools getting cranked out that are easier to use and/or web-based.

FigureitoutMay 19, 2016 9:36 PM

Nick P
--Ah k, I don't have a win8/mac system handy and I'm not doing vm's for it.

And there isn't much out there on what a "guard" actually is, what it does exactly, what exactly is filtered and how you can still transport over internet. My plan next (after other projects, I hate having dev boards never doing anything) was to download whatever on regular internet, could be just an academic exercise, let's say it's a zip file of encrypted files, so between the compression and encryption, putting the files back together would be too much "fun". I download it to a PC that's assumed infected (even running live, which is an unresolved problem), let's assume I can take this PC offline after some modifications; or I purchase some that I can still do this pretty easily. Then I plug in my data diode like Markus Ottela built, transport it to yet another air-gapped machine, again running live (this may be my beaglebone, which I can nuke), unplug the data diode. Unzip file, decrypt. Shutdown the 2 transport PC's, keep them off until I need them again. Do whatever w/ my file, then send off the same way it came in. Then sanitize the beaglebone SD card and rewrite OS image (maybe destroy it if I want to pollute more) w/ yet another dedicated sanitation PC.

That's a basic procedure, only there for if/when I need it. It doesn't filter the initial incoming file. Not sure how to deal w/ modems touching external internet still too, those are likely 100% toasted. Either way I hope to build one of those data diodes and point out any trouble spots I run into here (BTW, not for you, but for people running tcpdump, I run it now w/ command (non-verbose b/c of small screen): "sudo tcpdump -B 4096 -S", the -B is the buffer, I'm doubling it's default size of 2MB, it's dropping packets by kernel and "the interface", and the -S is for "state accumulation", just look it up on tcpdump faq for the one-line "explanation" lol)

Sancho_P
--Yeah, I can't even see a real CAD program running on a mobile, that would be torture or a bad joke...need a mouse and keyboard and large screen (and those interfaces won't get better, and don't need to be).

There's already better tools (they just take a while to learn, which is annoying if you already know the technical aspect, just need software for calculations. For instance, Multisim Blue, not a CAD program, but still, had to just simulate coupled inductors (had to choose the right type of coupled inductors, best if you could add in your calculated coupling coefficient too, otherwise the simulation failed if you just made a circuit where inductors would otherwise be mutually coupled). Next was using a "probe" not a "multimeter" or even a "scope" to calculate a voltage across a certain component when in the real world you'd use a frickin' multimeter across the component to get that damn voltage we needed. Then choose the right analysis (have to look at my emails, can't recall), then it would choose a default of 1V for VCC, instead of your voltage source which pissed me off, what a terrible default! May be more complicated code but seems like a logical default if there's a voltage source, like an if-statement checking for a voltage source.

It's all those little traps that irritate the hell out of me, especially when updates change those settings, so you have to learn new pointless info to do a job; or in my case a trivial homework assignment. This is why I want the "ultimate toolchain" where I learn these pointless details once, and then I can be ultra productive. :)

Nick PMay 19, 2016 9:57 PM

@ Figureitout

The baseline with many examples are listed under "Functionality" in the Wikipedia article. Also mentions you gotta apply rigor in reducing problems in any of them, the system TCB at the least. Actually, the datasheet for BAE's SAGE guard is excellent. Section 2, "Trusted Guard defined," clearly illustrates the differences between average guard and average firewall. Then, they give an architecture for it that illustrates and explains steps involved for traversing a general-purpose guard.

For your needs, it will clearly be a subset with simpler protocols. There's still overlap between your requirements, what it takes to meet them, and similar stuff in SAGE or other guards.

FigureitoutMay 19, 2016 10:48 PM

Nick P
--Wikipedia link, not really technical enough, doesn't tell me much; not enough at all for an implementation certainly. BAE datasheet, much better, but still lacking. Some parts sound insecure (using FTP, SMTP, and X-window GUI for administrative tasks). Sounds like you couldn't use a guard on regular internet though, only guard-to-guard comms generally, too much errors.

Sounds like it doesn't only filter data coming in over the line as much as I thought it would, but moreso once on another device. Makes more sense, since it would break the protocol.

Getting a project at work which will help me in these areas (not ethernet, at least for now).

Clive RobinsonMay 20, 2016 4:04 AM

@ Figureitout,

And there isn't much out there on what a "guard" actually is, what it does exactly...

It's the same for many "security" devices (diodes, pumps, sluices, gateways etc even VPNs to an extent). I don't know how far back you go but it was the same for firewalls years ago. Intitally we had "Hardened Hosts" that became "Bastion Hosts" that were in effect "hardend gateways" onto a DMZ network. These bastion hosts became augmented in various ways at various layers of the stack. Thus you had packet / application wrappers / statefull types (and to be honest we've not realy progressed that far with them either).

Essentialy a guard is a Bastion Host firewall/Gateway that goes further up the stack into the "business rules" of the organisation and thus looks at additionaly at traffic content not just type.

So, I would take the attitude that unless you are putting your hand in your pocket to buy one, just treat it as a higher level concept rather than a set of must have methods.

As for methods you need to work out what you need for any particular business process... That said take the black box aproach and assume an input and output stack and what you want to go from one to the other in what form and under what conditions. Start at the lower stack levels and work your way up.

What you will end up doing is having general rules like those you find on firewalls then wrapper programs for individual business processes.

The big problem is that many guards / bastions / gateways are built on the "shifting sands" of a common O/S, with it's own network stack etc, full of unknown bugs... Great for easy wrapper/filter development, but a massive security liability at lower levels. Thus on a single computer using a low level OS attack that gives privilege escalation an attacker can just bypass the wrappers, bypassing the guard functionality...

The way I've done things in the past and mentioned here before is a three or more computer solution similar in concept to a dual DMZ network with application gateway bridges beyween the two and bastion host gatways to the trusted and untrusted networks.

That is you have your hardened common OS host at the input and another at the output both acting as a firewalling gateway. These gateways rip out traffic from the network packets and then feed it over a monitored serial interface (the DMZ network equivalent) to the computer in the middle (application bridge) where you put the business process wrapper filters.

This basic three computer model can be modified in various ways such as putting in Forward Error Correcting Data Diodes between the gateways and the wrapper/filter computer and adding "instrumentation and logging" devices on the diodes etc.

At the end of the day you can end up with the wrapper/filter application bridge computer effectively being a "middleware host" and it helps to think of it in that way.

For obvious reasons the simpler the application traffic protocols are and the more structured the format the easier it is to write the methods in that wrapper/ filter.

I hope that gives you a basis to think on.

FigureitoutMay 20, 2016 6:18 AM

Clive Robinson
I hope that gives you a basis to think on
--Barely, maybe a slight historical/overview basis, not a technical one. Still leaves lots of dark areas as to how it'd work w/ ethernet. That's where I'd run into lots of problems. How do you surf internet using a guard?

Nick PMay 20, 2016 12:45 PM

@ Figureitout

We've already explained all of that. You do mediation and/or isolation on each part of the stack. So, for Ethernet, you need two physical connections (Red and Black) with a processor doing mediation. Models for this include: CPU that reads/writes each Ethernet controller; MCU/CPU on each Ethernet port with IPC between them; MCU on each Ethernet port for untrusted processing with third, middle CPU/MCU for mediation. In any case, the Ethernet driver must be written with high-integrity, coding style that limits number of execution traces it can do, keeps it static, keeps it predictable, checks known trouble spots (eg bounds, pointers), and so on. At protocol level, the fields in headers will be checked for sanity. Data coming in one is stored in a buffer for it, outgoing data for the other usually has its own buffer, and mediation part moves things from one to another after processing. They're each in separate address spaces if on same CPU with micro/separation kernel mediating I.P.C. Registers are cleaned out on process switch.

Ethernet is really basic shit. You said web browsing, though, so you're already missing the goal posts. You need *TCP/IP*, not Ethernet. Put at least parsing of those wherever untrusted Ethernet parsing is to reduce interrupts. Then, you need to use tricks as above to ensure header and data is sent *directly* to browser's address space. Then, you need a secure browser and OS but I've posted prototypes of those you can build on. Maybe start with OpenBSD and their browser just for less 0-days. You're problem is much bigger than a guard as it just secures the transport layer and optionally above.

Note: The Sentinel HYDRA firewall and Spectre web-app security stuff I posted in the past has HTTP and Web layer mitigations that can be implemented on guards. So, there is that. Yet, you still got a browser and below in TCB.

Clive RobinsonMay 20, 2016 2:37 PM

@ Figureitout,

Still leaves lots of dark areas as to how it'd work w/ ethernet. That's where I'd run into lots of problems. How do you surf internet using a guard?

As often I'll answer the last question first.

A guard is not much use for internet surfing compared to other technology for several reasons. However the methods/rules you would be looking at using on one for surfing are much the same as you would find in browser plug-ins. Aside from the plug-ins might be badly written, the browser is usually a badly written OS equivalent, with little or no memory segregation between the equivalent processes (tabs etc). What you need is a much better browser rather than a guard in most respects. The guard should however have a slightly smaller attack surface...

As for ethernet much of this is going to depend on the capabilities of your ethernet chip set and how it interfaces to your processor (watch out for DMA it's problematic at the best of times).

However you can see various driver / stack implementations for various micro controlers on the manufactures web sites. Reading these should get you a basic ethernet stack up and running, you then need to look at the other parts to get the low level routing and MAC to IP mapping (ARP) working. Have a read of something along the lines of TCP/IP Lean by Bentham goes into quite some depth and gives code etc. Also have a look at TCP/IP Illustrated, Vol. 1: The Protocols by Stevens. It has the advantage of taking it in small chunks you can read in half an hour or so.

In the case of ethernet/IP you will have to goto the books, then the RFCs etc there is not much choice in this.

FigureitoutMay 20, 2016 11:24 PM

Nick P
--No you haven't really. You've just touched it at a high-level, not gotten into implementable details with demonstrated working code. I have to see it, not some crap wikipedia link and lacking datasheet still, no code or circuit still. Sucks. Note how there's not really any open source guard implemention (unless it's just a firewall, then it's just a name thing). Just continue not being used when it's not even clear what it is.

Clive Robinson
--Yeah I'll get into it soon enough.

Clive RobinsonMay 22, 2016 9:03 AM

@ Figureitout,

Having heard some of you predilections in the past for various things I had a think...

If you are going to develop your own guard from the bottom up (the only sensible way) you have a problem, which is getting hardware up and running...

So to avoid that major hurdle there is a way around it...

Get an old PC board and either a couple of serial cards or a couple of network cards. Put one of the following on it Win95, MS-DOS 5 or above, or FreeDOS on it. Get yourself a copy of the Borland C compiler and IDE out of the back of an oldish book (learn C in 24 hours springs to mind) fire it up and check you can run the compiler etc and talk to the serial port and onwards to a Linux box etc without any issues.

Then have a look at Packet Drivers, not the NDIS from MS as they have all sorts of "embuggerances" attached but Rus Nelson's Crynwr Packet drivers.

Then (first actually) have a read of,

http://www.brutman.com/mTCP/mTCP_tcpacket.html

It appears that although mTCP is not FOSS yet Michael B. Brutman has been happy for developers to look at his code. You could drop him an email and explain and ask if he will let you have a look at the rest of the code over and above that he makes available at the above link.

Oh Jeremy Bentham author of TCP/IP Lean, is UK based and has a company Iosoft that has more details on the book and also on wireless networking.

If you have not seen the book, you can find "samplers" on the Web such as,

http://embedded.cs.ccu.edu.tw/OldVersionWebPages/vertaf/internal/wares/Quantum%2520Framework/Other%2520books%2520from%2520CMP/TCP%2520IP%2520Lean%25202e.pdf

Which gives the contents info and second chapter. Have a flick through it.

Nick PMay 22, 2016 10:14 AM

@ Clive, Figureitout

It's a nice start. Clive, is there a reason you didnt recommend the most deployed one or just forgot about it?

https://en.m.wikipedia.org/wiki/LwIP

Plus, one can look at firewalls like OpenBSD's to see how to implement rule interpreter with non-Turing completeness. The BSD's also have serial and Ethernet stacks with NetBSD designed for portability and easier reading.

In a guard, you might get by with just that. Even RTEMS or FreeRTOS might be able to handle the job. Should strip them.

@ Figureitout

What are you not getting? Just think a firewall that has minimal TCB, any self protection it can, *inspects every header & packet*, and optionally can hold content itself for human review or other processing. Tiniest ones are MCU's sitting in front of serial ports or Ethernet without DMA.

Clive RobinsonMay 22, 2016 11:56 AM

@ Nick P,

Clive, is there a reason you didnt recommend the most deployed one or just forgot about it?

It's not that I did not think of it... But as the Wiki page points out,

    This makes lwIP suitable for use in embedded systems with tens of kilobytes of free RAM and room for around 40 kilobytes of code ROM.

That is masive for low end MCUs. TCP/IP Lean will run a small webserver in less than a quater of that ROM and with only a couple of K of RAM.

Secondly most implementations I've seen of it suffer from two further problems. Firstly the need for a multitasking OS underneath, secondly it's way way to feature rich so gives you a "can't see the wood for the trees" issue. Thus there is the temptation to "glad hand" the code rather than "get to know" the code, and the former is "the code cutter way" with all the ills we see currently in the software industry. Worse if you think back MicroSoft "glad handed" BSD network code and we had the near across the board "Teardrop" attack...

But there is another downside "it's well known and enumerable code". Which means the likes of the TAO or CESG etc will probably have tools to both find it and exploit it. As will some enterprising criminal types...

Whilst there is a very definate risk in "rolling your own", attacking a new implementation of a stripped down stack is only going to happen if somebody using it becomes a "person of interest" or the deployment becomes wide spread.

Yes I know this is a "security by obscurity" point but it holds for unique or near unique deployments as ordinary physical security has shown for years.

FigureitoutMay 23, 2016 12:04 AM

Clive Robinson
--Never had a network to myself and it's pointless right now to deploy. Other reasons I'm sure you're aware of why I haven't worked on something like it yet (another being I don't want to right now). The network I put it on will have to be fairly isolated from my identity, which takes a lot of work and money. Wouldn't even be able to use it at my leisure, sounds like not worth it.

Win95...borland C...old boards I have to take care of...umm I don't know about that. I'm not really seeing the benefit when I can get what I want easier besides taking on another codebase and if not then we're all screwed anyway.

Your link's broken but there's a copy of the TCP/IP Lean at my work, think it was used for a project I didn't work on...

Nick P
--I'm not getting the part where I see one in operation or working code for one. Where does it store the content for human review or how long? If MCU it won't last long.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.