Wow June 3, 2016 5:24 PM

Bryan Whitman, the Pentagon official charged with stealing a nanny’s license plates, placed on leave from The Washington Post

This reeks of possibly being a method to circumvent license plate reading surveillance

The New Age June 3, 2016 5:29 PM

Staffer who set up Clinton’s email server to take 5th again from The Washington Post

This reeks of an intimidation campaign against people who opt to operate their own email servers at home for privacy enhancement.

insec June 3, 2016 8:42 PM

(This software was mentioned in Bruce’s Worldwide Encryption Products Survey.)

TeamViewer users are being hacked in bulk, and we still don’t know how

For more than a month, users of the remote login service TeamViewer have taken to Internet forums to report their computers have been ransacked by attackers who somehow gained access to their accounts. In many of the cases, the online burglars reportedly drained PayPal or bank accounts. No one outside of TeamViewer knows precisely how many accounts have been hacked, but there’s no denying the breaches are widespread.

The company behind TeamViewer blames password reuse for attacks used to drain financial accounts, but how would they actually know unless they can see both the users current password and the password the user had at some other site X that was hacked?

It’s easy to shift blame. Incompetence can be a motivating factor.

Thoth June 4, 2016 6:35 AM

Electrical and acoustic cryptabalysis are not new and have been around for ages. People are still using vulnerable software and hardware that do not employ some form of whitebox crypto at the very minimum to defeat sidechannel attacks.

One problem is the rotten industry being partially responsible as a good amount of so-called hardware crypto chips are not designed to withstand some basic forms of sidechannel attacks. The worst case is these so-called hardware chips are not even remotely secure at all (not designed from ground up for the purpose).

Many of these old vulnerabilities and nasties should have been long gone with the proper use and introduction of dynamic whitebox and function obfuscation but it seems most of these old nasties that should have been long gone are here to stay.

I guess people rarely learn, learn top slowly or simply give up and accept the fact that vanilla crypto with lesser hassles are the way to go.


ianf June 4, 2016 6:56 AM

NFL Players’ Medical Information is NOT a set of critical data, of interest only to sports fanatics and their hangers-on, the reading-of-entrails etc game results/ betting lists prediction cottage industry & their idiot sports TV commentators. Come Apocalypse, they all die off tomorrow, nobody would notice their absence (the intellectual vacuum that they consisted of). Therefore the laptop with the dataset being stolen, or intact, is not of general interest, squid or not.

    BESIDES, I am sooooooo disgusted by current All-Muhammad-Ali-All-The-Time BBC World News coverage – as if that mattered to anyone. HE’S DEAD, get it, A CORPSE… nothing to see here. Been “self-decommissioned” in the health department for years already (of course him having his head pummeled can’t have had anything to do with it); now you sound as if you’d all expected him to snap out of it, and again be “THE GREATEST” for the enjoyment of bloodthirsty public. Grow up, @BBCNews, and shame on you – you’ve already showed those clips that many times already, now move on.

CallMeLateForSupper June 4, 2016 8:05 AM

The Department of Justice has been investigated and skewered by the Senate for “inferior” whistleblower procedures.

Meanwhile, over at Department of Defense, mounting evidence that whistleblower procedures are not what they should be (to put it very mildly).

So both Defense and Justice – where most of the life-alterting action takes place these days – are broken. Will existing laws ultimately have teeth, or will “speeders” escape with mere warnings? Place your bets and break out the popcorn.

albert June 4, 2016 9:00 AM

“…NFL Players’ Medical Information is NOT a set of critical data, of interest only to …”

Recall the NFL Concussion Scandal. It IS of interest to everyone who plays football, including parents of children who play. It’s a threat to a multi-billion dollar industry. Imagine if the risk had never been exposed.

. .. . .. — ….

Silent Keys June 4, 2016 10:45 AM

Looks promising. Highlights:

SilentKeys is a Plug’n’Play keyboard that protects you online.

SilentKeys physically bypasses external and laptop keyboards and includes a buffer Hub chip to hinder hardware key-loggers. Additionally, by loading Satya, all software keyloggers hidden inside the default Operating System are unable to even load.

Satya Desktop is derived from the Tails Operating system. Tails is considered by many IT professionals, from Ed Snowden to the Electronic Frontier Foundation, to be the one of the safest solution available for privacy protection. Satya is a Tails fork : this means it is based on the Tails Project source code with added ergonomics, guidance and custom features we’ve developed.

SK and Satya are the result of a full spectrum security approach to secure each link in the privacy chain : the hardware, the software and the network. [Plan to release licenses for open source software and hardware]

Satya Anonymous Browser is based on the Tor Browser and Linux powered by Virtualbox.

The SilentKeys Bundle includes:

SilentKeys Secure Keyboard
Choose your color : cosy White or Travel Black
Choose your layout : US, UK, FR, DE and ES
16GB microSD card
USB cord
User Guide

Satya Desktop allows for an all-inclusive, secure and private session. Fully autonomous, loaded from scratch and ignoring your current OS and hard disks, it is protected from insecure computers, infected downloads and removable media.

By encrypting all its traffic and data, it protects your security and anonymity and lets you work, browse and relax in full privacy.

Already crowd-funded with delivery by November, 2016. Now I’ll just wait for Clive to rip it apart 😉

Nick P June 4, 2016 2:36 PM

@ Toby Jang

There’s been lots of speculation, esp negative, that I’m ignoring. Waiting for Jacob’s statement on why he’s moving on and what to. Meanwhile, one thing someone said was that he’s working on a Ph.D. right now. Might just be putting more of his time into that.

So Shall Media June 4, 2016 4:08 PM

@ Toby Jang, All

Jacob Appelbaum (@ioerror) leaves the Tor Project

“Posted June 2nd, 2016 by ssteele in ioerror


Long time digital advocate, security researcher, and developer Jacob Appelbaum[1] stepped down[2] from his position at The Tor Project on May 25, 2016.”

* Ramblings [3]
* Mention @ (tor-dev) [4]
* Thread @ Hacker News [5=6=7]
* Unrelated stories for entertainment [8,9,10]

[1] Jacob Appelbaum on Twitter:
[6] (static snapshot – some posts may be missing)
[7] (static snapshot(s) – some posts may be missing)*/


Nick P June 4, 2016 4:54 PM

@ Clive Robinson

My conclusion was that Snowden should’ve taken all his work correspondence on such things as well. He might have overlooked it or could be bullshitting. Who knows. Anyway, I think anyone giving whistleblower advice should add copying all correspondence with internal teams to the list of best practices.

I also think this article and all like it should contain a paragraph near the beginning pointing out that the people who did take legal avenues were ignored, SWATed by FBI, and had their careers destroyed. As if there was a simple choice between reporting concerns or leaking stuff. Realistically, they’re saying he should’ve been destroyed for reporting corruption internally instead of taking his chances reporting corruption on the outside. Suddenly, the better choice swings in a different direction than the Snowden opponents advocate as one should never be destroyed for reporting corruption.

@ So Shall Media

It looks like a nice, smear campaign in action. One person joked that the website on him looks like it was done by same team as heartbleed haha. Now, he might be guilty with a smear campaign as response or it might be SJW’s attacking him for personal reasons. Who knows. One thing I don’t like is two women making vague, unsubstantiated claims on Twitter about rape with one not even naming him. Instead, they need to contact the police with the evidence or claims if there is any. At the least, make a clear statement saying exactly what they’re accusing him of. One person correctly noted one of the statements is so vague as if designed to dodge a libel suit if it turns out a lie.

Interesting thing about these claims is that this would probably be the easiest case ever for them. I wouldn’t even like to see it tried since it’s so rigged. Juries are biased in favor of rape claims, many are biased against bisexuals, they’re biased against rebels, and prosecutor or FBI can pull the “his work sabotages justice by protecting criminals” card. That the most we’ve seen is vague tweets when any real victim with real evidence has such a strong position is quite ridiculous. So, I’m dismissing all this crap unless someone takes action or clearly states what they say he did to who, when, and where.

Clive Robinson June 4, 2016 5:16 PM

@ Nick P, and the usual suspects,

This one will hopefully make you smile,

Put simply, because UK Politico’s have to use Micro$haft 365, much of what they do “leaves the UK” to get lodged in M$ servers in other parts of Eueope and out of the UK. And thus are fair game for GCHQ…

You’ld have thought that somebody might have asked the “foreign terrortory” questions…

Name required June 4, 2016 5:23 PM

So, in a possible security fiction idea, in some possible [redacted] future, companies would replace their workforce with AIs.

How secure would these AIs be? What would be the best vector of attack against an AI that does not have a comparison if it was a human in that position?

Suspicious... June 4, 2016 7:02 PM

@So Shall Media

So is he headed to the Bolivian embassy amid suspicions that the whole thing is a setup? Didn’t I already read about this a few years ago… I can’t quite remember where… 😉

Security? June 4, 2016 7:28 PM

@Silent Keys

So it’s a keyboard with an embedded USB key in it, that the computer boots from? Why doesn’t it just say so, instead of all that other snake-oil-sounding fluff… And make all hardware and software open source, and be very open about every bit it, what it technically is and does, or just forget about it being the least bit secure…

Nevertheless, if it’s a serious thing, kudos for someone at least trying…. I wish more would do that…

Questions22 June 4, 2016 7:41 PM

Regarding a “dormitory” like home wifi in U.S.

1) Pros and Cons of using ssid:

2) (and posting the tos) on bulletin boards)

3) Opennic, Opendns, Googledns, or other for DNS services

4) use of guest network on router

5) recommended router vendors

5b) flashing firmware, etc. vs. apple for ease of use
eff has indicated that since no home router has substantial market share they don’t recommend
specific vendors anymore

6) what could possibly go wrong?

7) how about running a tor exit node on this router, too?

Thanks in advance. Any input would be appreciated.

pholling June 4, 2016 9:01 PM

@The New Age I don’t think the issue here is having a private email server – the issue is using one for government information. The part of this that blows my mind is that there were hundreds of people sending State Department information to when they knew they shouldn’t.

65535 June 4, 2016 10:15 PM


“GCHQ and the US National Security Agency (NSA) have access to intercepted emails sent and received by all members of the UK Parliament and peers, including with their constituents, a Computer Weekly investigation has established.”- computerweekly

It looks like Micro$haft/NSA has given UK MP’s, the greased shaft up the tail pipe. And, the UK MP’s paided for the “up-grade” to Orifice 365!

And the obligatory boiler plate, “MS encryption” keeps you safe is laughable. I am sure the M$ has been NSL’d by the NSA, The NSA probably has the keys or the ability to decrypt any/all of the UK MP’s emails [I would guess that Symantec has placed an SSL stripping certification in the email chain to be able to decrypt and scan for viruses- and probably is up to their collar stays in NSA collusion].

That’s slick con-job by M$/NSA. P.T. Barnum would be proud.

“Barnum served two terms in the Connecticut legislature in 1865 as a Republican for Fairfield.” –Wikipedia

Mr.C June 4, 2016 11:08 PM


  1. Pros:
    a. People can use it to connect to the internet.
    b. Warm fuzzy feelings of having done a good deed.
    a. You may find the internet connection you are paying for intolerably slow for your own needs because guest users are eating too much bandwidth downloading porn.
    b. You may come under suspicion for whatever illegal things guest users do with your wifi (piracy, script-kiddery, kiddie porn, etc.).
    c. You may find yourself blacklisted for spamming if one of your guest users is infected as part of a botnet.
    d. Users may be more vulnerable to passing infections between each other than from the internet at large.
  2. Unless you’ve got the technical wherewithal to enforce it, a ToS is pointless. People will just ignore it.
  3. OpenNIC. More specifically, reflash the router with OpenWRT, install DNSCrypt-proxy, and connect to an OpenNIC server that doesn’t keep logs via encrypted connection. Both Google and OpenDNS keep logs that are amenable to warrantless seizure by various three-letter agencies (if not given up willingly). (If you feel like you can’t trust the OpenNIC operators that they aren’t logging, then you’ve got no choice but to run your own DNS.)
  4. Not sure what you’re asking. If you mean configuring the router to provide two networks, one private and one open, then this is worth doing since (1) it gets potentially infected machines off your subnet, and (2) your router will likely have a feature to throttle the bandwidth for the open network so that you can still get a decent connection on the private network.
  5. You should use you dollars to support Linksys’s stand against locking down router firmware in the face the FCC’s moronic regulations. (

5b. Reflash with OpenWRT.

  1. See answers 1 and 7. You could also brick the router if muck up the reflash.

  2. Pros for running a TOR exit node:
    a. Make the world a freer place.
    b. You can hide your own disreputable traffic among the exit node’s traffic (assuming you’re doing something disreputable in the first place).
    a. You may come under suspicion for whatever illegal things TOR users do (piracy, script-kiddery, kiddie porn, etc.).
    b. You will get blacklisted from various sites/services that ban traffic from known TOR exit nodes because they figure TOR users are up to no good.
    c. You will frequently come under attack from the various forces of evil who are constantly trying to compromise the TOR network. This will mean constant surveillance of your traffic, periodic DoS attacks, and attempts to foist malware into your router. Unless you’re reasonably competent at preventing, discovering, and removing such malware, you probably shouldn’t be running an exit node.
    d. You may find running an exit node eats too much bandwidth and leaves you with an intolerably slow connection.
    e. Your ISP may find that you’re eating too much bandwidth and terminate your service/shake you down for more money.

TNA June 5, 2016 2:17 AM


The part that blows my mind is the timeline. I’m sure it’s all BS and lies, but I recall hearing something about nobody raising any concern about the issue prior to 2013, or maybe even 2014. I recall some other funny comment in response to that pointing out that the republicans back in the Gonzalez days I think, already ate a lot of flak for exactly the actual alleged criminal activity here (emails that were supposed to be part of the public records, thousands of them, that just disappeared). Then there is 12-C00422224. It doesn’t add up. Must be hackerz. (and I’m in agreement, this was a broad web of participants, not exactly the thing one can imagine being hidden with intent to deceive, though it is remarkable that the hdr22 email address did not seem to be publicly known until… again, the damn suspicious timeline that doesn’t add up at all.

Untrust Blue Coat CA June 5, 2016 2:18 AM

Blue Coat has an appalling track record:

1) they sell MitM and censorship devices, so with a legit certificate issued by the new CA linked to intelligence agencies, they can censor and spy on people even if HTTPS/SSL/TLS is used, without the browser giving any warning

2) Wikipedia notes:

On March 12, 2013, Reporters Without Borders named Blue Coat Systems as one of five “Corporate Enemies of the Internet” and “digital era mercenaries”[8] for selling products that have been or are being used by governments to violate human rights and freedom of information. Blue Coat equipment has been sold to the governments of Bahrain, Burma (Myanmar), China, Egypt, India, Indonesia, Iran, Iraq, Kenya, Kuwait, Lebanon, Malaysia, Nigeria, Qatar, Russia, Saudi Arabia, Singapore, South Korea, Syria, Thailand, Turkey, the United Arab Emirates, and Venezuela.[37][7][41][42] Blue Coat has consistently denied these claims, asserting that it respects internationally recognized rights to privacy and freedom of expression, and does not condone any government’s use of its products to abuse Internet privacy or freedom of expression.

Thus, it would seem sensible to remove trust in this intermediate CA authority in Windows & Mac as per instructions here:

Question to Linux experts – how do we do this properly in Linux? That is, remove all trust from “Blue Coat Public Services Intermediate CA”, signed by Symantec. It appears difficult to just import into the keyring and untrust it system-wide, because Linux uses multiple libraries NSS, OpenSSL etc.

For Mozilla’s NSS, it seems you can manually distrust (prohibit trust) with the certificate by:

$ certutil -d [path to directory containing database] -M -t p -n “Blue Coat Public Services Intermediate CA”

Repeat similar steps with other browsers?

The surly, pretentious stackexchange ‘gurus’ aren’t in full agreement yet:

Thanks in advance.

PS @Bruce – your site is one of the few security urls that regularly times out using Tor Browser.

Can we assume this is a form of timing attack from the rat-faced spook bastards running malicious exit nodes and/or they are putting extra load on your site for de-anonymizing purposes?

Curious June 5, 2016 4:57 AM

I won’t pretend to understand this, so I’ll just link to the article:

“Physicists discover an infinite number of quantum speed limits”

“Our findings are expected to have an impact on the fields of quantum information, computation, simulation, and metrology,” said Diogo Soares-Pinto at the Sao Carlos Institute of Physics, who supervised the project.

Clive Robinson June 5, 2016 5:00 AM

@ Pholling, TNA,

The part of this that blows my mind is that there were hundreds of people sending State Department information to when they knew they shouldn’t.

Rethink it slightly and it becomes a little more interesting.

    Why were hundreds of people able to send email to, irrespective of if they knew they shouldn’t?

That is sending from an internal clasified Email system outwards, was it just clintonmail or was it everybody and anybody?..

If the latter what does it say about the US Government State Dept ICTsec, if the latter “How and why did it become possible?”, and “How did it get through an appropriate audit etc?”…

Clive Robinson June 5, 2016 5:15 AM

@ Untrust Blue Coat CA,

Can we assume this is a form of timing attack from the rat-faced spook bastards running malicious exit nodes and/or they are putting extra load on your site for de-anonymizing purposes?

I assume you are refering to posting as being slow rather than anything else?

Thus you could try testing the server timing difference between trying to make a post, but without the security checkword, and posting with it. Similarly look at the preview timing.

Clive Robinson June 5, 2016 5:45 AM

@ Curious,

I won’t pretend to understand this, so I’ll just link to the article:

I’ve looked at the article quickly but not the paper so treat with caution 😉

On the face of it, it’s a reasonable expectation there would be a speed limit. After all at our physical level we are used to inertia slowing things down for us which is why the Newton’s Cradle toy looks so magical, likewise acceleration needing more work.

Engineers likewise have speed limits they are used to, one being the speed of light, which means at a 1GHz CPU clock rate the free space wavelength is about a foot or if you prefer the time it takes a photon to travel the same distance is 1nS. Which means at a 1GHz clock rate your maximum theoretical radius is six inches. In practice PCBs are not “free space” and thus the transmission distance to get a signal out of a CPU chip and get data back from a memory chip is around four inches of PCB track, if the memory chip responds instantly (which it can not). Which is why motherboard bus speeds sound so slow compared to L1 cache speeds.

Likewise mechanical engineers are aware of the more curious effects of flywheels, you are limited in that you can only make them so big and rotate at comparitivly slow speeds before they fly appart due to the lack of material strength. Which sounds reasonable, but have you ever considered the fact that a fly wheel toy, apparently defies gravity in that when spining the at rest center of mass can be well outside of any support structure?

Life at the edge cases is well “curious” at best 😉

Curious June 5, 2016 6:22 AM

@Clive Robinson

Ah, interesting take on why things inside a chip would work faster than components on a motherboard. I never thought about that before until you mentioned it.

I don’t think I have anything to contribute in the fundamental physics side of things (I play computer games), but I like try making my points as best as I can, so here it goes:

What I find interesting with my own vague notion of quantum speed, is the accuracy aspect if it. Somehow I imagine anything quantum mechanics being more predictable because of how it all seem to be more about about particle interaction and mass, and less about time and distance.

Somehow I like to think that computations regarding speed of light on a general level, is not very precise, and so I somehow don’t like the comparison between the speed of light with “quantum speed”, probably because I like to think that anything quantum mechanics in physics rely on knowledge gained from statistics, something which also bar the very possibility of making one or more individual measurements at sub atomic level, while physical measurements for measuring anything to do with speed of light, to be overly complicated and maybe not useful for precise calculations involving tiny particles.

Hm, I guess I imagine a world in which speed of light only makes sense as a side effect when looking at the big things, while the tiny things like sub atomic particles seem to be opportunistic, or perhaps even random. I suppose I also imagine that the speed of light is perhaps only useful for making measurements, and not for making predictions about how matter and energy move around.

Ergo Sum June 5, 2016 6:52 AM

@ Untrust Blue Coat CA…

PS @Bruce – your site is one of the few security urls that regularly times out using Tor Browser.

Can we assume this is a form of timing attack from the rat-faced spook bastards running malicious exit nodes and/or they are putting extra load on your site for de-anonymizing purposes?

The blog does time out more frequently than it used to with TOR, both reading and responding. The delay and/or dropped connection might be related to the exit nodes. I did notice that the delay is more likely with former Eastern Block and/or US hosting the exit nodes at certain time of the day. I’ve contributed it to low bandwidth and utilization of the exit node that that may drop idling connections. Just my anecdotal experience…

It’s still better than the “One more step…” verification, where you’d need to enable JAVA in order to view the site in question. More and more sites have the verification page for the TOR browser, partially due to its success. TOR is also viewed as a privacy tool nowadays and integrated in to operating systems, such as Tails.

Businesses, LEOs, etc., don’t like privacy tools. The chances are that TOR will not be a viable option, if and when most hosting companies, ISPs, etc., will require “One more step…” verification…

Clive Robinson June 5, 2016 7:23 AM

@ Wesley Parish,

This looks like a rerun of some news we had last year:

Hmm methinks somebody read this blog prior to doing their experiments 😉

It would not be the first time quite specific things had been talked about on this blog to later turn up in papers or malware or both…

As for those “researchers from a Tel Aviv University” I think I’ve made the point that all their previous papers that have get into the press have all been well preceded by this blog. I’ll let othets decide on “coincidence or not” but it does raise questions of due diligence and plagiarism…

The anoying thing from my point of view is that I knew about such things way back in the 1980’s from my own research and knowing about things such as “magnetoconstriction” used in sonar and “microphonics” in local oscillators. Plus as @Figureitout has pointed out on a number of occasions in the past you can actually hear the coils is some types of switchmode PSUs responding to CPU activity/load.

But to make the point again “Most usefull transducers are bidirectional” high school physics would have told students about motors and moving coil microphones, they might even have seen the “jumping wire” experiment. All of these side channels are very easily deducible from high school physics, there is nothing secret or fundementaly original about them.

A few years ago we saw Cambridge Labs in the UK come out with all sorts of papers about security issues that I’d worked out years before totaly independently, and I’d assumed that such things were “well known” so I was supprised at seeing papers on them. Likewise things like making false finger prints (see Arthur Conan-Doyle for the “first in print” on that).

I’m begining to think that you can get almost any “old method” into a “Security Paper” these days…

Cameron Jost June 5, 2016 9:11 AM

@Untrust Blue Coat CA:

“PS @Bruce – your site is one of the few security urls that regularly times out using Tor Browser.Can we assume this is a form of timing attack from the rat-faced spook bastards running malicious exit nodes and/or they are putting extra load on your site for de-anonymizing purposes?”

Over the last couple of years (particularly after it emerged that the GCHQ routinely tracks connections to security websites) there have been several requests for a .onion mirror of this site. Schneier and the moderator have always ignored the requests.

Ergo Sum June 5, 2016 9:17 AM

@Clive Robinson…

Engineers likewise have speed limits they are used to, one being the speed of light, which means at a 1GHz CPU clock rate the free space wavelength is about a foot or if you prefer the time it takes a photon to travel the same distance is 1nS. Which means at a 1GHz clock rate your maximum theoretical radius is six inches. In practice PCBs are not “free space” and thus the transmission distance to get a signal out of a CPU chip and get data back from a memory chip is around four inches of PCB track, if the memory chip responds instantly (which it can not). Which is why motherboard bus speeds sound so slow compared to L1 cache speeds.

The motherboard bus speed is roughly half the speed of light. Maybe it’s a better option to use optical rather than electrical motherboard data bus to get closer to the speed of light. Intel has been toying with silicon photonics motherboard and achieved transfer rate of 100Gbps. Just to compare this data transfer rate, a single PCIe 3.0 lane has a max transfer rate of about 8Gbps.

Similarly to network transfers, there’s an overhead associated with data transfers within the system. Most lanes utilize the 8b/10b encoding, like SATA does. This overhead is 20% hit in maximum throughput. PCIe 3.0 on the other hand utilizes the 128b/130b encoding that results in 1.54% overhead. One of the reasons why SSDs are being moved to PCIe 3.0 lanes, such as the M.2 form factor that requires four PCIe 3.0 lanes, that result in about 32Gbps maximum data transfer rate. The read performance of the Samsung 950 Pro M.2 is around 20Gbps, which probably means that the bottleneck is within the M.2 card. Be that in the actual memory chips and/or the data bus within the card.

The data transfer rate increase means that the system can be exploited faster by malware and/or quicker to give you a BSOD. So, don’t look forward to it…

Nick P June 5, 2016 9:26 AM

@ Clive Robinson
(re Ergo’s question)

Interesting enough, I just posted about optical PCB’s last night with a few questions for you. Here’s the comment. Just reply here, though, since that’s where everyone is right now.

ianf June 5, 2016 10:02 AM

Re: @ Wael’s tribute to Muhammad Ali… On topic “Giant”

In light of current TV over-saturation of testimonials extolling Muhammad Ali’s somehow admirable ability to withstand heavy blows to his body, I haven’t watched your videos. It took @GavinEsler’s guests in #BBCDateline programme to pay dues for what was Ali’s true life’s feat, a topic at best only alluded to elsewhere, but here constituting the sole thread of the tribute:

    even though US Army would never dream of sending this black PR conscript-asset into harm’s way (same they did with Elvis Priestley), at the time when such was unthinkable and unheard of, Ali refused point blank to be drafted to fight the Vietnamese, because “he had no quarrel with the VietCong, and no Vietnamese ever called him ‘nigger’.” A Champ slapping America in the face on primetime TV, both apple-tinted cheeks at once!

The panelists, none of them a sports junkie, were in agreement, that the then-ensuing licence ban at the age of 25 effectively stymied his peek performance, nullified the 4 best years of his sports career. (But, hey, this nigga refused to fight the Commies that threatened Our Way of Life, so he got off lightly!) He was his time’s premier pop-cultural loudmouth iconoclast… expressing discontent with his native USA in life-affecting ways more than words.

In unrelated news, I see Donald Trump’s Foreign Policy adviser defense lawyer Walid Phares (which sounds Arab to me) quibble expertly over what is torture, beginning with the definition of what “is” is; before proceeding to explain away his employer’s many anti-Chinese, anti-Arab(?), anti-Mexican campaign soundbites: “emotional, but when elected, DT will follow the Constitution“. I feel soooo-reassured I could almost bake a cake.

Tor User June 5, 2016 11:01 AM

@Untrust Blue Coat CA

So I’m not the only one who’s noticed the comparative slowness of Tor targeted only to Bruce’s site…

To be clear to the others prognosticating:

1) non-bruce sites (that don’t have that annoying “one more step”) are all fast under Tor, compared to this site…
2) It’s not just posting, it’s all requests to bruce’s site (including posting, which is annoying when it times out and eats your post, requiring you to always remember to store it in your copy/paste buffer first if you expect to post anything)
3) No really, I’ve compared Tor with non-Tor… it’s just Tor that’s slow, a regular browser is fast.
4) It’s almost all the time, and about 75% of the time this site just times out under Tor and doesn’t load at all. It’s really bad. I assume hardly anyone here ever uses Tor or there would be a lot more comments about it.
5) the best way I’ve found to get the site to load, is to hit “New Tor Circuit for this Site” over and over until it loads… simply pressing refresh just makes it keep timing out forever it seems… This to me suggests Bruce’s site is blocking abusive IP’s and keeps auto-targeting specific Tor exit nodes (but not all of them, so if you keep trying another exit node eventually one will work).

Tor User June 5, 2016 11:24 AM

6) No really, it’s not just Tor being the usual slow… as I said in 1) sites other than this one all load normally and (relatively) speedy… (as long as they don’t have “one more step” of course) Bruce’s site is targeting Tor somehow, or as someone floated the conspiracy theory, maybe governments are trying to encourage people to de-anonymize themselves when visiting a “dissident” site like
7) To be clear, sometimes this site loads fine under Tor… but generally if I leave the browser window open and come back to it in an hour, it’s dead (times out when I refresh), I have to get a new exit node to make it work again… unlike other sites that generally keep working and work speedily all the time if they work at all.

Doug Grinder June 5, 2016 11:40 AM

@Tor user

Does this happen sometimes or all the time? If it’s only sometimes, it would be interesting to run a little experiment quantifying the delay caused by the combination of particular guard & exit nodes and put together a list of the offending IP addresses for “further investigation.”

Clive Robinson June 5, 2016 11:48 AM

@ ianf,

He was his time’s premier pop-cultural loudmouth iconoclast… expressing discontent with his native USA in life-affecting ways more than words.

There is a distribution in society with conservatives at one small percentile at the trailing tail and progressives being another small percentile at the leading tail.

Neither represents society, though conservatives tend to represent the worst of the past whilst the progressives hope to represent the best of the future.

I think it is probably clear where Donald Trump lies, and in effect is going to try and refight for the worst of what should rightfully be remembered as defeated and consigned to the dungeons of the past for it’s crimes.

The problem we see currently is nobody realy representing the way society is. We have seen a lame duck of a president make mistakes and get hung up on bad military thinking and hamstrung by bad near lunatic authoritarian followers. Who chanted devoid of meaning sound bytes and screamed incoherently their way into conservative thinking, and cause the more moderate in their ranks to pale under the verbal and physical assult on their beliefs. The whole force multiplied by a very few making payment to those with open grubby grasping hands in both the US Media and wanabe political sphere. The result is many Americans who trying to keep a roof over their heads and bread on the table have bought this paid for faux wisdom, without thinking it through, and have become like turkeys voting for thanksgiving.

If either of the current main candidates get in it will not be good for Americans in the long term and it is doubtfull that the medium term will be any better. And by reflection it will not be good for many other parts of the globe, and it’s highly likely the current bad policies that are coming to light will continue to run unchecked digging into society and doing longterm harm for the majority. All at the behest of the preditory parasitic rent seeking few who will remain now and for the rest of their existance unaccountable. As they hide virtually unseen behind the politicians they have bought and payed for in a myriad of different ways.

As I’ve pointed out before “Representational Democracy” is not “Democracy” it is at best an illusion as you have to ask who those “monkeys in suits” your are alowed to vote for actually represent? The one thing you can be sure of based on past legislation is it’s not the voters.

Thus is it realy suprising at the end of the day that when someone from a much maligned and oppressed group given the opportunity to speak out and be heard should do so loud and clear? Personaly I don’t think that makes them a “premier pop-cultural loudmouth”. As for being an “iconoclast” that is not necessarily a bad thing, when what you are trying to bring down is bigotry, oppression and similar evils that have inbred themselves in those who benift by such behaviours and fight to bring the rest of society down to their level.

Tor User June 5, 2016 12:16 PM

@Doug Grinder

Not all the time. Just a surprising and very noticeable majority of time. Yes, it would be interesting to perform such an investigation wouldn’t it…

Douglas McClendon June 5, 2016 2:09 PM


Rethink it slightly and it becomes a little more interesting.

Why were hundreds of people able to send email to, irrespective of if they knew they shouldn’t?

That is sending from an internal clasified Email system outwards, was it just clintonmail or was it everybody and anybody?..

That line of thought doesn’t really make much sense to me. It’s like asking “why have hundreds of people been able to use hammers to commit murder even if they knew they shouldn’t”. These are just tools that can be used in any which way. Trying to micromanage the use of general tools is certainly part of the innovation landscape, but it’s not exactly the nature of humanity that led to the world around us. I admit to not having followed in detail the hundreds of news articles about this story. Generally I just grep them for a few tidbits to remind myself that it’s all pure propaganda. But I’m pretty sure I would have remembered hearing about some internal classified email system that had classified information sent outwards to Please do provide a reference to such evidence if it exists. Otherwise I’ll go with my current understanding- that it was just sending something to that happened to also exist in classified files.

Douglas McClendon June 5, 2016 2:55 PM


Actually, I can have no end of sophistric(?) fun with debate, though it is all just entertainment to distract one from the suffering and injustice all around. Notably, in this post I commented as Wow,The New Age,TNA, and my real name. Linking back to Wow, one can frame your line of thought in this manner- “Why is it that automobile license plates are attached with screws by the end user, instead of by tamper resistant and evident screws by the DMV. Isn’t the simplicity of the current deployed solution just an invitation for criminals to use license plate theft (or short term covert ‘borrowing’) to commit grand crimes?”

Clive Robinson June 5, 2016 3:11 PM

@ Douglas,

It has been claimed that secret information was sent to clintonmail by those making the allegations.

Others have said the information was not classified at the time it was sent thus implying no wrong was done.

However it is not that simple and currentky nobody has been very clear as to what exactly has been going on and people are supposedly “taking the fifth” for unspecified reasons.

But even when not classified information destined to be secret usually gets put onto clasified systems rated as secret very early on. Take diplomatic traffic for instance, that would all be put on and sent on a secret ir above circuit as a matter of form at an embassy etc as soon as it got transcribed etc from the original source. This is a general principle around USG departments for much of the information that would be deemed to be important enough to be seen by somebody at HBC’s level.

So the question remains of how secret or soon to be secret got off of a clasified secret or above network to the clintonmail server?

Now it’s possible that somebody sat there with two terminals one on the classified network and one not and manually transcribed the information but is that likely?

If not the question arises that if the traffic was on a classified secret network how did it get out, why and on who’s authority.

Likewise if it was soon to be clasified secret then why was it not on a clasified secret network?

Either party could be telling a bunch of half truths. My guess is that as it appears to be a political smear campaign there is very little or nithing of any substance to it (renember the “birthers” etc). Thus it is likely the messages were unclassified and originated on an unclasified network when they were sent to clintonmail and it is only later possibly much later that the subject matter became clasified. In which case yes it’s a storm in a teacup, as somebody with an axe to grind is saying people should have had 20/20 Foresight.

Thus not a tempest in a teapot issue which some are trying to paint it to be. Which it would be if it was shown that genuinely clasified information at any level from restricted upwards was sent from an appropriately classified network. If it turns out that is the case, then there are very real questions that need answering, ones that could cause less senior heads to roll, as “acting under orders” is generally not a usable defense unless you have them in a particular form over a sufficiently senior signiture.

But as I’m not a US citizen or living in the US, and I generaly find US politicos at all levels to be a fairly detestable sub spieces of the human race along with many other politicos and their hangers on, it’s mainly of academic interest to become part of an “Avoidable Security Failure” write up for others education.

Daniel June 5, 2016 3:12 PM

Re Applebaum:

So, what we have here is a changing of the guard, with the justification being sexual assault allegations. The sexual assault allegations beg the question as to whether Tor will be more or less safe (I mean the software, not the employment situation) after he leaves.

Wael June 5, 2016 3:13 PM



Question: Nope it’s 3 short videos and a somewhat longer one
Request: That’s enough links on the topic
Sarcasm: I became aware of his death via an SMS with a link to Facebook video that I thought is inappropriate for this forum so I shared my own.


I don’t watch tv that much and wasn’t aware of the coverage.

Douglas McClendon June 5, 2016 3:59 PM

@clive Re: clintonemail

Either party could be telling a bunch of half truths. My guess is that as it appears to be a political smear campaign there is very little or nithing of any substance to it (renember the “birthers” etc).

From an undeniably self-centered perspective, I see the substance as being related to the alleged United States Navy Information Warfare Officer Dave Schroeder who conversed with me publicly on slashdot in 2012 about possibilities of USG mandated backdoors in internet software.

Note also that nobody as of yet has claimed the $1000+ reward/bounty I posted to LWN some months ago relating to the utterly bizarre complaint number I was issued by the FCC. Again, that leads me to the conclusion that it ‘must be hackerz’.

Douglas McClendon June 5, 2016 5:16 PM

@Moderater, all Re: clintonemail, home email servers generally

For the record, relating to FCC-CID#12-C00422224(-1), I did email once in 2012 or 2013, and got a reply only of ‘Good Luck’. Since then I’ve seen a marked absence of any consideration of my position (one way or the other really) in Schneier’s writings. Note that I also emailed, and phoned the FBI asking for identity confirmation of the USNIWO, but though I spoke to a ‘duty officer’ on the phone, they refused to confirm or deny the identity. And I haven’t felt like opening a discourse with the Navy which would seem the next logical step. So again, we’ll just call it ‘must be hackerz’ for now. Or the conspiracy theory that Hillary being the first female POTUS is somehow responsible for a vast conspiracy of silence for the time being.

Douglas McClendon June 5, 2016 5:58 PM

“I remember what the Internet was like before it was being watched, and there’s never been anything in the history of man that’s like it.”

That’s actually probably not such a great quote from Snowden, since there is certainly at least some truth in the argument that what changed the internet wasn’t the introduction of watching, but the awareness of it that he granted us.

whois June 5, 2016 6:58 PM


Registry Domain ID: 2031748594_DOMAIN_NET-VRSN
Registrant Organization: Privacy Protection Service INC d/b/a

Daniel … have no last names

Bumble Bee June 5, 2016 9:22 PM

@ Clive, Douglas, Jacob Applebaum

Re Clinton email, title 18 u.s. code section 798.

The bar is very high for what must be proven in court. Not only must the information have been specifically (administratively) classified at the time the crime is alleged to have taken place, but the manner of its release must have been knowing and willful and either prejudicial to the interest or safety of the u.s. or beneficial to a foreign government to the detriment of the u.s.

Bumble Bee plausibly denies any relationship with the navy or any other branch of the armed forces.

Clive Robinson June 5, 2016 10:23 PM

@ Bumble Bee,

Re Clinton email, title 18 u.s. code section 798.

Apparently it’s not the only thing Hillary or others in the State Dept could be charged with some of which have lower burdens and higher penalties,

There is an interesting note in that article about 30,000 emails and an inspector finding clasified information in a sample of just fourty files…

Mind you I can remember a bit of a kerfuffle some years back with Hillary’s laptop having clasified information on it’s display in a Whitehouse press release photo, so this is not her first rodeo.

CallMeLateForSupper June 6, 2016 7:22 AM

“[…] Hillary’s laptop having clasified information on it’s display in a Whitehouse press release photo […]”

A copy of a briefing transparency containing information and marked with security classification(s) lay on the keyboard of her laptop. The photo was snapped in a “situation room” while the Bin Laden op. was unfolding.

MikeA June 6, 2016 12:26 PM


Given how unreliable clock recovery is on some PCIE 2 devices (apparently all the good analog designers have retired), I shudder to think what the error rate on 128b130b is. Not to mention the relatively large minimum packet size. Nagling, anyone? 🙂

As for Clinton’s “classified at some point” emails, it reminded me of when John Gilmore was prosecuted for quoting from a book he (IIRC) got in a library, which was classified after he published. I guess they don’t teach enough Latin these days to have the average lawyer or legislator know what “Ex Post Facto” means. Not that Clinton is slam-dunk innocent. But given the level of chicanery in govt IT, I’d be inclined to use an email server under my control as well, for internal email. Blurring the line between various sorts of information, though, is always fraught. Even a relatively innocuous person like me can have a half-dozen email addresses, to segment domains of discourse.

Hypothetical Hippo June 6, 2016 2:22 PM

re: clintonemail, classified information, law

Amongst the fog of chicanery, I tend to believe there are simple enough hypotheticals that can cut through the fog. If that is, there aren’t too many interests benefiting from and investing in the fog machine.

Suppose a friend of Hillary’s from grade school, who has done nothing more interesting in government than work at McDonalds their entire life, in 2014 emails an article about Snowden and PRISM and Google to Hillary’s gmail account that she only uses to talk with that one person. Suppose this email contains a news article or wikipedia entry, quoting classified information that Snowden released/leaked outside of the ordinary channels. Is Hillary required to surrender that email account, and all other emails sent to that same address to the government? Immediately? 20 years later?

What if the friend includes a legal question about whether or not the POTUS could under an Executive Order, even if it violates many other laws, have the NSA forge a resume to get a mole hired by Google to suck up all their user’s ‘private’ data? And would it make any difference if the hypothetical email provider were not Google, a multinational service provider, and instead an entirely domestic company.

Or rather, if I could afford to pay for Hillary’s time as easily as Trump did for the wedding, that’s probably the question I’d like answered from a high profile lawyer.

Parabolic Jamboree Pour June 6, 2016 3:19 PM

Re: Jacob Appelbaum, @ioerror

“Berlin, June 6, 2016 In the past few days, a calculated and targeted attack has been launched to spread (cont)

which leads to:

“Berlin, June 6, 2016

In the past few days, a calculated and targeted attack has been launched to spread vicious and spurious allegations against me. Given the way these accusations have been handled, I had little choice but to resign from my position as an advocate at the Tor Project and devote my full attention to completing my doctoral work on cryptography at the Technical University of Eindhoven.

Vague rumors and smear campaigns against me are nothing new. As a longtime public advocate for free speech and a secure internet, there have been plenty of attempts to undermine my work over the years.

Now, however, these unsubstantiated and unfounded attacks have become so aggressive that I feel it’s necessary to set the record straight. Not only have I been the target of a fake website in my name that has falsely accused me of serious crimes, but I have also received death threats (including a Twitter handle entitled ‘TimeToDieJake’).

I think it’s extremely damaging to the community that these character-assassination tactics are being deployed, especially given their ugly history of being used against fellow members of the LGBT community. It pains me to watch the community to which I’ve dedicated so much of my life engage in such self-destructive behavior. Nonetheless, I am prepared to use legal channels, if necessary, to defend my reputation from these libelous accusations.

I want to be clear: the accusations of criminal sexual misconduct against me are entirely false.

Inevitably, there may have been moments in my professional or private life when I may have inadvertently hurt or offended others’ feelings. Whenever I was aware of these instances, I have, and will continue to, apologize to the friends and colleagues in question and to continually learn how to be a better person. Though the damage to my reputation caused by these allegations alone is impossible to undo, I nonetheless take the concerns of the Tor community seriously. To dispel any further rumors, to the best of my knowledge, the Tor network is not ‘compromised.’

I’ve dedicated my life as a journalist, activist, and longtime member of the Tor Project to advocating for the transparency of public processes and to speaking out about the necessity of privacy, security, and anonymity. These are ideals that I will continue to uphold, despite the vicious campaign that is currently being waged against me.”

Thoth June 6, 2016 6:22 PM

@all, Clive Robinson

GCHQ have knowingly and deliberately bent the law to allow massive data collection for many years. I wonder what would the Investigatory Powers Act be now that concrete evidences of GCHQ abuses of the laws have been released into the public.

I wonder if the ordinary British citizens are remotely interested on such topics as privacy and data collection.


Thoth June 6, 2016 6:35 PM

It seems the TAILS website is now getting more confusing to navigate. I wanted to download a Live CD but the first thing I am hit with is a “friendly” Install TAILS walkthrough which asks me what OS I want to install TAILS on and brings me round about until I finally saw a small printed link to download TAILS for burning into CD for Live CD usage.

This overly “friendly” round about walk is not only irritating but worrying as to qhat direction TAILS is heading to as this small act shows that something simple like downloading an ISO can be so complex. It shows the TAILS guys are likely out of touch with what people want.

If any TAILS developers are around, please make your download less irritating by providing a complete list of options and a short description and recommendation along instead of making downloading an ISO image a complex feat and making people irritated.

AdminsArePeopleTo June 6, 2016 7:31 PM

Dear Thoth,
I can’t say I am a TAILS dev. I can’t say I have tons of experience with computer coding. But lets remember, they are not paid the big bucks. Lets remember that they are trying their best, some would say, “If you want it done right, you got to do it yourself”, but I think that is to harsh.

I understand that it is confusing at times, I understand that it is not as simple as a windows upgrade. But lets cut the developers some slack here, some devs would just give a long list of bullet points with no GUI and no mercy. They are trying to reach out to as many people as possible, they hope a GUI will help that. Tor needs a random user-base, not just privacy nerds (Like me) and Linux geniuses.

It is a work in progress, try your comment with some mercy. There is a long list of concerns, for devs, that is growing, there are Tor devs that get threats to their lives.

When I say this, I am not here to be jerk, I am not saying this to condemn you. All I ask, is that you remember the humanity of developers, who are working there best, in a surveillance society that has no respect of privacy.

give me six lines June 6, 2016 7:35 PM


Agreed. Used to be able to download the hashes and gpg sig separately. Now you need a Firefox extension to validate the direct download. I think the bittorent is still there. Annoying to find though. And how do you validate the Firefox extension. What were they thinking? And running from a USB stick seems unsafe now a days.

Hope This Helps June 6, 2016 7:47 PM


I don’t know why they redesigned their site but the url posted above by “I like Tails” should work. They continue to maintain a download page with the current ISO but I don’t recall the exact location. Maybe they’re hoping to drive people to upgrading rather than downloading a new iso with each new release?

They have a very low volume tails support mailing list:

And a chatty developer’s mailing list:

And a few others.

You might try posting on the tails-dev list.

@give me six lines

“And running from a USB stick seems unsafe now a days.”

Nothing is preventing the users from burning the ISO to a DVDR to use like a LiveCD. In fact, this is my preferred method.

“Used to be able to download the hashes and gpg sig separately.”

You still may, but finding the url can be tricky.

“Now you need a Firefox extension to validate the direct download.”

No, you don’t. The pages for verification remain.

“I think the bittorent is still there.”

As well as the url for the iso. They’ve just restructured the site:

Figureitout June 6, 2016 8:10 PM

RE: tor on
–Same thing here. If you don’t want to retype your comment you have to copy/paste then delete the buffer. I would say maybe 85% of time, it times out for me 1st time.

Goes w/o saying, this is a security site, probably watched, there’s mere individuals (non-gov’t affiliated) in the world that can track you down in their spare time as some kind of sick hobby. If you’re a lurker wanting to contribute to some of what we’re trying to do here (put out state of the art computer security solutions, main one so far is TFC) and you don’t want your identity to be known then you have to take the bare minimum of opsec procedures discussed here.

Clive Robinson
–Yeah I can hear it w/ my headphones plugged into desktops and mobile phones (sometimes w/ just my plain ears, morse code like noise from laptops, the last one I heard was from some network security guy for a big drug company…). I didn’t dig far enough to know where exactly and moved on to more interesting things (this attack can be fairly easily prevented, it’s just real annoying though like all opsec) but I assume it’s the same phenomenon as hearing 27MHz CW on a speaker and headphones all over the house, signal getting received by “antenna”, getting rectified down to DC and gets processed in soundcard…b/c my hearing isn’t that good! :p

Hey I got a free microchip dev board in the mail, made my night. Didn’t think I’d get one. They want people to use their online IDE but I don’t think so lol. Sorry guys. Know of any simple, key word: simple :p but useful projects to put on a PIC16F18855? If not I may just do a thermometer thing. May get pushed back to next summer though since I’ve got quite a backlog of projects to get through, which is a good thing. 🙂

–Argh that is terrible, keep it simple jeez. Why? They’re pushing torrents, pretty hard to ever really trust a torrent. I’m from the kazaa days lol. Now they want javascript and stuff to download? Wtf.

I like Tails
–Why http? Just not smart to download tails from http, ever.

Clive Robinson June 6, 2016 10:13 PM

@ Figureitout,

Know of any simple, key word: simple :p but useful projects to put on a PIC16F18855?

Well, perhaps not “simple”, but the hard work is done for you… That chip was the one they used in their IoT detector badge. It might be fun to play with and make a few mods.

But… I would look at using it as a “universal modulator” chip for low data rates, to kind of put a toe in the SDR water.

Figureitout June 6, 2016 11:16 PM

Clive Robinson
–Well the projects they have that I can just build and use are mostly pretty lame and boring…I use an outdoor/indoor thermometer everyday. I’m not trying to spend too much time on this chip.

Not even sure what a “universal modulator” is, I’m pretty satisfied w/ RF chips and got a little “easy digi” module to hook up my Kenwood TS-130s radio to my PC soundcard, and I’m going to just route an antenna out a door instead of drilling holes in window panes. I’ll show the blog the final results of course since this is worldwide comms w/o using internet and even talking, JT65 has a very slow, steady pace that would eliminate a lot of timing identification. Now I just need my General ham license to legally use the good digital bands lol. Homebrewing it I was probably going to skimp on the audio transformers.

name.withheld.for.obvious.reasons June 7, 2016 2:18 AM

It appears that the Senate version of the 2017 NDAA has a few interesting legislative instruments. One is what Senator John McCain called, paraphrasing here, “a reform package”.

What is necessary to reform DoD (the Pentagon) and the purveyors of BS is substantial and no “National Defense Authorization Act” is going to achieve this bold ambition.

Two primary suggests; one, zero baseline the entire DoD enterprise, and two, only non-profits are allowed to bid for contracts to the Pentagon or any of the ancillary agencies.

The United States senate is completely compromised by inside horse trading and corrupt crony capitalist enterprises inside and outside of the department. It is unbelievable that the poor will be punished by punitive taxation, devaluation and debasing of currency, and asset/capital depreciation in a wholesale dismantling of domestic (general welfare) programs before one meaningful step is taken to clean up the Cluster Flock that is DC, the cronies, and the whores that frequent the halls of congress.

It was all I could do to witness McCain ride the BS pony in the well of the senate without puking. Why no one, not one senator, cannot be bold or brave enough to stand outside the trough and call out these crimes. Oh yeah, I forgot, the U.S. senate is completely compromised.

Thoth June 7, 2016 2:24 AM

I am referring to the download page not the software. You seem to be referring to development work and I can’t walk into their webpages and re-program their website right 😀 ?

In the past their webpages are very straightforward without confusion. A single button to click on to download the entire ISO (HTTP or Torrent option) and then additional documentation pages on how to use them not bundled inside the Download page to keep things plain and simple.

If you take a walk through their pages (seems like you haven’t when you replied), the Download and Install are all bundled and meshed in a confusing manner requiring me visiting the pages a couple times to try and understand where the actual ISO file is.

I don’t really care about 1-click Windows upgrade or 1-liner APT-GET commands… I can do the technical stuff myself … just the webpage for Download of the ISO is …. really badly layed out and designed this time round…

Only if they make life easier to point to the Torrent or HTTP link for ISO file in a more obvious manner than to click through “Install on Windows .. Install on Ubuntu … etc…”.

Agreed that we have to consider the developers and their feelings behind of course. They worked hard on their projects.

I would recommend you try to download a copy and try first 🙂 .

Note that the Windows, Mac, Debian/Ubuntu/Linux have a “Download and verify using OpenPGP” which will give you a chance to download the raw ISO but after all the hassle …

Talk about user friendliness when navigating the webpage just to obtain an ISO file…

@give me six lines, Hope This Helps, Joe K, Figureitout
Just a note that the version 2.4 is not exactly the official one yet (since the website states “Install Tails 2.3 2014-04-26” inside their web button (

I believe the 2.4 is still a RC version until they officially announce on their official site that it is a fully official release.

re: Firefox Download Extension
What happens if the browser is infected 🙂 ? The better solution would be using an existing Tails to verify and download a new version but that excludes the problems new comers have for secure download. Yet another round about problem that would be hard to solve.

re: Running from USB stick
Just use a Live CD-R and save everything into an external disk or drive. When creating the CD-R image, also remember to use /dev/random to fill the remaining CD-R space so that any malware trying to hide inside the CD-R (assuming you create the CD-R image from a more secure environment without being infected in the first place) when mounting the CD-R on a public computer.

re: Not smart downloading from HTTP/S and Torrents
Regardless of HTTP/S or Torrent downloads, there are very few secure channels to download which allows you to evade detection or even to trust the downloads. Download the ISO (HTTP/S or Torrent) and then check the PGP signature taken from their webpage. That’s the best can be done.

The next step we can do to verify that the ISO have no backdoors is to look at the huge codebase a typical Linux (including Tails) is built onto. Too bad they aren’t built onto some sort of L4 microkernel which makes life easier to verify but hey, even a 10K LOC of microkernel is bad enough. Recently I downloaded Android’s Trusty OS (TrustZone TEE OS) to take a look at the TEE security kernel used for the Secure World in TrustZone (I counted it to contain 11K+ LOC) which is typical of an L4 security microkernel (I have not confirmed if it’s L4 microkernel or not as I have not fully read the codes) but while I was flipping through a couple of files, the sheer volume on the text editor makes it really mind boggling already.

If that ain’t enough, try inspecting just 2k LOCs of JavaCard codes for smartcards and that is more than enough to turn irritating pretty quickly (if the codes are too dense or not well commented). JavaCard codes are well known to be messy due to a lack of a ton of features and the space constraint means you have to re-use resources and squeeze as much codes into a single class file as you can 😀 .

Clive Robinson June 7, 2016 3:31 AM

@ Bruce,

Westminster City Council in London has decided enough is enough with their CCTV system.

Apparently it needs a 2million GBP upgrade and costs 1millionGBP/year to run the 75 camera’s. The only people to benift from the system is London’s Met Police who refuse to pay anything towards either the upgrade or running costs.

There is an interesting to and frow on the idea that terorists might actually be more likely to attack because of the publicity the CCTV footage gives[1].

[1] Put simply CCTV footage that has ended up on national media, has been found to have been used by various “radicalising/recruiting web sites” around the world. So whilst there is evidence CCTV footage does afford terrorist organisations publicity, it is not in anyway proven that terrorists won’t attack because CCTV is not there.

CallMeLateForSupper June 7, 2016 9:28 AM

@Thoth re: Tails site
I agree. They used to have it right. I don’t see the sense in dumping – or HIDING – what isn’t broken.

Nick P June 7, 2016 1:25 PM

On Enhancing Security via Obfuscation: Its Value and Methods

Obfuscation has been one of my strongest measures for security for a long time. Cold War espionage writing taught me it’s absolutely critical to defeating nation-state opponents given they’ll always outsmart your specific, known techniques. What obfuscation does, if used effectively, is require the attacker to already have succeeded in some attack to even launch an attack. Defeating that paradox forces them to attack you in many ways, increasing work and exposure risk. The more obfuscation you have built in, the more that goes up. Very important moves to keep them effective are to ensure the obfuscation is invisible from users’ or network perspective, make sure obfuscation itself doesn’t negate key properties of security controls, make darned sure there are security controls rather than only obfuscation, only a few individual people knowing the obfuscations, and air gapped (or guarded) machines controlling them.

Here are some obfuscations I’ve used in practice with success, including against strong attackers, per monitoring results, third party tests, and occasional feedback from sysadmins that apply them or independently invented them:

  1. Use non-x86 and non-ARM processor combined with strong Linux or BSD configuration that also advertises as x86 box. Leave no visible evidence you’re buying non-x86 boxes. This can work for servers. Some did it with PPC Mac’s after they got discontinued. This one trick has stopped so many code execution attempts for so long it’s crazy. I really thought a clever shortcut would appear by now outside browser Javascript, memory leaks, or something. An expansion on it with FPGA’s is randomized instruction sets with logs & fail-safe for significant, repeated failures.
  2. Non-standard ports, names, whatever for about everything. Works best if you’re not relying on commercial boxes that might assume specific ports and such. So, be careful there. This one, though, just keeps out riff raff. Combine it with strong HIDS and NIDS in case smarter attackers slip up. Don’t rely on it for them, though.
  3. Covert, port-knocking schemes. An example of a design I think I modified and deployed was SILENTKNOCK. It gives no evidence a port-knocking scheme is in use unless they have clear picture of network activity. Even still, they can’t be sure how your traffic was authorized by looking at the packets. Modifications to that scheme that don’t negate security properties and/or use of safety-enhanced languages/compilers can improve its effectiveness. My deployment strategy for this and guards was a box in front of the server that did it transparently. Lets you protect Windows services prone to 0-days. Think it stopped an SSH attack or something on Linux once. Can’t recall. Very flexible. Can be improved if combined with IP-level tunneling protocol machine-to-machine in intranet. Which can also be obfuscated.
  4. Use of unpopular, but well-coded, software for key servers or apps. I especially did this for mail, DNS, web servers, and so on. Black hat economics means they usually focus on what brings them the most hacks for least time investment. This obfuscation counters their economic incentive by making them invest in attacking a niche market with almost no uptake. Works on desktops, too, where I recommended alternative Office suits, PDF readers, browsers, and so on that had at least same quality but not likely same 0-days as what was getting hit.
  5. Security via Diversity. This builds on 4 where you combine economics and technology to force black hats to turn a general, one-size-fits-all hack into a targeted attack specifically for you. You might choose among safe libraries, languages, protocols, whatever without advertising their use in the critical app or service. Additionally, there’s work in CompSci on compilers that automatically transform your code into equivalent, but slightly different, code with different probabilities of exploits due to different internal structure. That’s not mature, yet, imho. You could say all the randomization schemes in things like OpenBSD and grsecurity fit into this too. Those are more mature & field-tested. If Googling, the key words for CompSci research here are “moving target,” “security,” “diversity,” and “obfuscation” in various combinations.

  6. My old, polymorphic crypto uses obfuscation. The strongest version combined three AES candidates in counter mode in layers. The candidates, their order, the counters, and of course the keys/nonces were randomized with exception being same one couldn’t be used twice. That came from only criticism I got with evidence: DES meet in middle. FPGA’s got good at accelerating specific algorithms. So, I modified it to allow weaker ciphers like IDEA or Blowfish in middle layer but no less than one AES candidate in evaluated configuration and implementation preferrably on outer layer. Prefferably two AES + 1 non-AES for computational complexity. All kinds of crypto people griped about this but never posted a single attack against such a scheme. Whereas, I provably stop one-size-fits-all attacks on crypto by layering several randomly with at least one strong one. Later, I saw TripleSec do a tiny subset of it with some praise. Also convinced Markus Ottella of Tinfoil Chat to create a non-OTP variant using a polycipher. He incorporated that plus our covert-channel mitigations to prevent traffic analysis. Fixed-size, fixed-transmission is obfuscation that does that I learned from high-security, military stuff.

  7. Last one, inspired by recent research, is to use any SW or HW improvements from academia that have been robustly coded and evaluated. These usually make your system immune to common attacks [2], mitigate unauthorized information flows [3], create minimal TCB’s [4] [5], use crypto to protect key ops [6], or obfuscate the crap out of everything [7]. I mainly recommend 1-6, though. 😉 Then, don’t advertise which ones you use. Also, I encourage FOSS developers to build on any that have been open-sourced to get them into better shape and quality than academics leave them. Academics tend to jump from project to project. They deserve the effort of making something production-quality if they designed a practical approach and kindly FOSS’d the demo for us.




Note: See related project in bottom-right for other good tech this builds on or was inspired by.





Note: Feel free to review or especially add to it in terms of specific, obfuscation methods. Just make sure there’s not easy bypasses or leaks of whatever you submit. 🙂

name.withheld.for.obvious.reasons June 7, 2016 1:53 PM

@ Nick P

4. Use of unpopular, but well-coded, software for key servers or apps. I especially did this for mail, DNS, web servers, and so on.

Additionally layering application/service attack surfaces can be implemented in several ways; use of VMS with sendmail and BSD hosting qmail can provide a serial e-mail circuit (two different hardware, service, and applications), using spam assassin, clam, or other e-mail scanning application in tandem may add robust provisioning (also protects services in the case of a failure of one of the serial components, kind of a NASA approach for redundancy).

There are other interesting mixed/layered approaches that replicate this behavior in honey pot/net, network, and computational environments. It can be fun building diverse platform combinations and can help discover what works and what doesn’t.

Jacob June 7, 2016 4:02 PM

From Twitter:

E.J. Hilbert ‏@ejhilbert 21h21 hours ago

Someone opened a @PayPal credit account with my name using data that can only be linked to my OPM/USG employee records. $500 fraud #opmhack

So I presume it was not a Chinese military hack but instead a job by criminals.

Clive Robinson June 7, 2016 4:17 PM

@ Nick P,

My old, polymorphic crypto uses obfuscation

We have this conversation every year or so 😉

There are several ways you can do this sort of thing, including doing things within the rounds of block cipher systems.

The problem with the more interesting ways is that more and more crypto is being “built in” to the CPU, whilst it gives quite blistering turns of speed it does have security disadvantages. The more well discussed disadvantages are generaly about time and energy / power based side channels, but there are others.

A fairly simple trick in obfuscation of an encryption algorithm is to add variable whitening either within the rounds or between the rounds and the key expansion system. This leaves the question of how you generate the whitening values, do you make it data independent, data dependent or a mixture of the two. Broadly if it’s data independent you can consider the whitening as a stream cipher, if it’s data dependent then you can view it as a block cipher in some form of chaining mode.

If you take a conservative view on how you do this you are unlikely to weaken the strength of the underlying algorithm.

The advantage of putting the obfuscation within the rounds is that an attacker can not use existing crypto blocks to synthesize the obfuscated system. Unlike obfuscating by chaining algorithms. Thus you are giving an attacker rather more work even if the obfuscation has become known to them in some manner (trust breakers abound under certain circumstances).

The question then arises of how to whiten. Traditionaly this has been done via the XOR function which has the advantage of being fixed time duration thus independent of the round or whitening values. Which at first blush would appear ideal. However is it… That is what if you went from a logical operator to a mathmatical operator? Having a variable time might have advantages, in that could be used to make the actual round timings dependent not just on the key but the whitening as well, which would make the usuall “average the noise out” technique harder. Especialy if you chose to make the actual mixing function change as part of the whitening process, such that it might be XOR for one whitening value and ADD for a different value and so on.

The trick behind such thinking is making life hard for the attacker at as many levels as possible. Whilst you will certainly slow the execution speed down, you will make the attackers work load go up. Thus you would be looking for obfuscation techniques that increase time linearly or as near linearly as you can for you, whilst giving an exponential increase in work load for the attacker.

Any way contrary to what most people appear to belive, end point encryption rarely needs either speed or efficiency, with the power available in modern computers.

Clive Robinson June 7, 2016 4:28 PM

@ Jacob,

So I presume it [OPM attack] was not a Chinese military hack but instead a job by criminals.

Assumptions and presumptions can lead you seriously astray. After all maybe somebody in the Chinese military wants to make a bit on the side by flogging some of the OPM data to carders etc. Or the Chinese military want to make people think it was criminals, or…. so on and so on.

It’s all a game of smoke and mirrors when you go down that rabbit hole of intelligence activities…

One more step June 8, 2016 1:10 AM

@ Thoth,

When creating the CD-R image, also remember to use /dev/random to fill the remaining CD-R space so that any malware trying to hide inside the CD-R (assuming you create the CD-R image from a more secure environment without being infected in the first place) when mounting the CD-R on a public computer.

How is this accomplished?

Comrade Major June 8, 2016 3:24 AM

This ‘Demonically Clever’ Backdoor Hides In a Tiny Slice of a Computer Chip
In fact, researchers at the University of Michigan haven’t just imagined that computer security nightmare; they’ve built and proved it works. In a study that won the “best paper” award at last week’s IEEE Symposium on Privacy and Security, they detailed the creation of an insidious, microscopic hardware backdoor proof-of-concept. And they showed that by running a series of seemingly innocuous commands on their minutely sabotaged processor, a hacker could reliably trigger a feature of the chip that gives them full access to the operating system. Most disturbingly, they write, that microscopic hardware backdoor wouldn’t be caught by practically any modern method of hardware security analysis, and could be planted by a single employee of a chip factory.

Researchers Develop Hardware-Level Backdoor in Computer Chips

Research paper:
A2: Analog Malicious Hardware

Clive Robinson June 8, 2016 4:02 AM

@ Anon, Nick P,

Security WITH obscurity article

Security by obscurity is known to work well with “tangible world” security, such as randomly routing security vehicles to stop pre-prepared ambushes.

What is not said about “Security by Obscurity”, which actualy suprises me, is that it’s effectivness works by it’s uniqueness more than anything else. Which is a problem when options to be unique are limited.

As an example the security vehicles have two known points prior to traveling the random route, the start and end points. If the vehicals could travel in any direction freely without constraint, then the highest level of uncertainty is on a line at right angles to the mid point of the shortest distance between the two points (note these lines are not straight lines on a map but those of “great circles” on the earths surface which is also not a regular sphere). However there are several constraints, the first is the length of time the vehicles travel, the probability of attack is in effect proportional to it, also the cost in fatigue in drivers and guards and fuel etc. All of which tend to pull the random route into a directed random route which quite markedly changes the uncertainty of the route. Likewise “choke points” created by road layout etc. These bounds or limitations increase the probability that a pre-prepared ambush will happen at these points, or the likelyhood that oportunistic attackers will wait at these points.

With IPv4 you only have 64K ports to play with many of which are preasigned to standard services, especialy in the first 1K of port numbers (due to a *nix legacy). It takes little time to scan these ports and identify if they have services on them. The fact that the author saw an 18000:5 difference actually says more about the type of attacker rather than the effectivness of the obscurity. That is the bulk of the attackers were “drive by opportunists” rather than those who are targeting a specific network or host badly.

If the moving of the service from one port to another became less unique, that is more people did it, then you would see the numbers change quite dramatically as “drive by opportunism” would become less and less usefull, so push the attacks more into a targeted mode.

Thus if you are going to have a port knocker system, it is best to add it in some hidden way to an existing service that an attacker would not be surprised to see on a given port, nor be surprised to see traffic go to it. That is you take the obscurity up into a domain where you have more freedom thus your approach can be much closer to being unique.

Curious June 8, 2016 5:38 AM

On the simplest level of discussion, I think it would be better to think of ‘obscurity’ as ‘concealment’ and not ‘security’ as such, except when thinking of security as “security” in some metaphorical sense, or as some generalized form in which the idea of concealment is specifically explained. This way, the way I see it, before one should discuss concealment as security in any way, one should examine the claim of something being concealed or not in the first place, otherwise ‘concealment’ might itself become metaphorical, or just something existing in a generalized form in language.

In a game like Arma 3, you can conceal yourself from an enemy player by hiding behind a bush, but even if there are plenty of bushes, you might get run over by a player in a vehicle that either accidentally collide into your bush, or by someone running over all the bushes on purpose.

Hm, I guess ‘obscurity’ or ‘concealment’ in plain sight is always a bad idea in the face of opportunistic players, it probably has to be more clever than that.

Thoth June 8, 2016 6:52 AM

Usually it is the Defense side that would have implemented such a measure but it seems the SG Govt after a long time of deliberation have decide on the removal of Internet from computers use by SG Govt employees.

It would definitely cause a ton of inconvenience and more insecure behaviours amongst SG Govt employees due to the lack of convenience of the Internet (ironically). The SG’s IDA have never been known to make the best decisions for ITSec though.

@One more step
After writing the ISO to the CD-R, query the CD-R for the amount of disk space and then make a file with the same size as the remaining disk space and then pipe /dev/random output into that file.

To find out CD-R space after copying Tails onto CD-R:
fdisk -l /dev/cdrom

Fill up the CD-R with random stuff:
dd if=/dev/random of=/dev/cdrom/ bs=2048 count=

Open the CD-R and it indicate it has no more free space (by some file manager or fdisk again).

You may want to SHA-256 hash the CD-R content, write down the hash on a paper and keep in your wallet in case you need to verify the CD-R as your Tails installation.

To get the SHA-256 hash do:
sha256sum /dev/cdrom

Have fun 🙂 .

CallMeLateForSupper June 8, 2016 7:23 AM

“FBI wants free access to browsing history. Use Incognito Mode browsing and keep your favourite links in an encrypted form.”

Um…. Privare Beowsing mode is fine, but it won’t help here. An ISP knows a customer’s browsing history. LEA just has to ask them for yours.

Thoth June 8, 2016 7:55 AM

The thing is no matter what you use (e.g. TOR, I2P, Incognito Mode…) it is simply useless. The Powers That Be (especially the FBI) have been interested in TOR and I2P for a long time and FBI had a few successful (or maybe more) attempts at getting at TOR.

The next alternative is military style RF network (ham radio with channel hopping and encryption) although that runs the heavy risk of The Powers That Be punishes ham radio operators operating with encryption and channel hopping or illegally operating one.

Not a whole lot of options left…

Joel June 8, 2016 11:47 AM

Channel hopping: Unless each channel is utilized for a tiny duration, using a protocol that is only slightly different than the ambient noise, being based on a variable timing protocol preshared on each end? Of course we’d never do such a thing! Just making what-if scenarios …

Clive Robinson June 8, 2016 1:11 PM

@ joel,

Of course we’d never do such a thing! Just making what-if scenarios …

Well the military did for years with Spread Spectrum systems (frequency hopping, direct sequence and various combinations of both).

Then we used similar for CDMA phones both cordless and mobile. It also got heavy use in the ISM bands for “licence free” systems like WiFi and BlueTooth.

More recently people have looked at it quite seriously for “White Space” systems[1], though experiments into that started back in the late 1970’s

So there is plenty of engineering info, chip sets and the like. And if somebody was of a mind to use the same technology as already used in a band such as 802.22 in white space[2], it might be difficult to find, even if it is “above the grass”.



Comrade Major June 8, 2016 1:36 PM

The next alternative is military style RF network (ham radio with channel hopping and encryption) although that runs the heavy risk of The Powers That Be punishes ham radio operators operating with encryption and channel hopping or illegally operating one.

Not a whole lot of options left…
Building and launch a satellite? A geographical anonymity + encryption.

reallynowihavenoidea June 8, 2016 5:02 PM

@Comrade Major

Sadly satellites are not really good for anonymity. You can use them to stay/keep a service running when when all data centers have been raided, but you can’t stop every goverment to locate anyone who acesses it. It would work only probably somewhat if someone would infect a lot to all current in use Sattelites to have a TOR like relay between each of them. maybe then they could not tell who is actually acessing what.

Clive Robinson June 8, 2016 5:19 PM

@ Bruce,

You might find this of interest,

For those of you who are thinking of applying for crypto or other security related patents, a piece of advice I was told many many years ago, that stops this “national secret” idiocy in it’s tracks,

    The safest place to take out a crypto patent is in Switzerland, because their only real interest is business and the money it brings in, and secrecy is just another profitable business.

These days you would also pop it into the European Patent Office prior to applying for a US Patent. The USPO sort of “ruber stamps” patents that have been issued in the EU.

The advantage of the Swiss and EU patents is you are required to keep the idea secret prior to issue, where as in the US you can tell people about the idea prior to the pattent application…

Thus it’s a bit hard for the USPO to say it’s a “US secret” when it’s publicaly in two other patent offices and WTO agreements would alow manufacture and sales to happen there irregardless of US wishes.

However I was having one of my regular chats with someone in the “patent business” the other day, and she pointed out to me –only half in jest– that there was talk doing the rounds that the wording of the –untill recently little known– US Espionage Act of 1917 is sufficiently broad that it could be deemed to cover amongst many other things getting foreign patents prior to US patents. So you might get the maximum tarrif of “thirty years, execution or both”…

I must admit the “or both” has me puzzled, do they lock you up for thirty years then fry you, or do they fry you first then lock up your body in a prison for thirty years? If the latter I’m fairly certain it would be in solitary, after all you would be in no position to argue your rights 😉

Nick P June 8, 2016 6:55 PM

@ Clive Robinson

Yeah, that one was some BS. I was always worried about anti-nation-state stuff getting a secrecy order. Why I never patented it. I thought you were supposed to get compensation, though. I recall reading that back when I studied it. Weird.

Far as Swiss or EU cheat, it depends on if revealing it is a felony under any law or regulation here. Turns out, they thought of that one too. Here you go. Good news its a low fine and prison sentence. Anyone wanting to sacrifice for the greater good is only doing 2 years plus $10,000 per patent. Probably not Leavenworth, either. They’ll probably get a good book deal and/or job afterward, too.

Clive Robinson June 8, 2016 7:57 PM

@ Nick P,

Far as Swiss or EU cheat, it depends on if revealing it is a felony under any law or regulation here. Turns out, they thought of that one too.

As I understand it that law only applies if you have already aproached the UPSO and had a notice put on you. Also there is a further sting in the tail you didn’t mention… in that you also lose the patent so the USG in effect gets it.

So in times past if you’d patented abroad before contacting the UPSO, you were safe, as no secrecy notice would have been issued.

The thing about Obama using the Espionage Act to suppress whistle blowers is it’s brought it to the fore, and the likes of patent agents, clerks and lawyers have now read it and seen the ludicrously large scope and very ill defined nature and have gone “Opps this might apply”…

Add to this they’ve already had a bit of a rattle on the bars about the FBI’s use of the all writs assist. As in theory it could be used to force even foreign patent holders to order their US licensees to comply –and vis versa– or show cause as to why they have not / can not. There where a lot of people holding their breaths over the actions of the psychos in the DoJ/FBI, and are almightily pleased they vacated the action before case law was formed.

Thoth June 8, 2016 9:39 PM

Gemalto (provider of banking “security” solutions i.e. Chip-and-PIN and Safenet HSMs) claims that the bleak scenarios surrounding George Orwell’s 1984 never occurred due to the use of e-ID.

It sounds like a tub load of snake oil and product hyping again as usual.

How are we so sure e-ID have not quietly created some form of 1984 scenario behind the scenes we are not aware of ?


Figureitout June 8, 2016 11:57 PM

Recently I downloaded Android’s Trusty OS
–Never heard of it. Did you run it on something? If so what can it run?

I can personally handle around 3-5K LOC w/ pretty good confidence (well that’s just application code, total is probably around 8-9k LOC). That amount most people can run in their head and actually follow the program along pretty thoroughly.

ianf June 9, 2016 3:48 AM

In other OT news, but maybe not: BELGIUM tops list of nations most vulnerable to hacking

    Tajikistan comes 2nd, Samoa 3rd and Australia 4th as new ‘heat map of the internet’ reveals which countries are most at risk due to exposed servers.

The article is memorable no less for The Guardian reproducing the reaction of its interviewee in the form of a compound ASCII emoticon »(To be precise, Beardsley described the motivation of an admin placing a database on the net as “¯_(ツ)_/¯”.)«

Clive Robinson June 9, 2016 4:20 AM

@ Figureitout,

I can personally handle around 3-5K LOC w/ pretty good confidence (well that’s just application code, total is probably around 8-9k LOC).

That is a bit more than both the first Unix core and C compiler, according to this article,

Which oddly poped up on hacker news at just the right time to pass it along [1].

When you look at the resources available from a PDP11/20 or earlier you can find the equivalent on a single $4 microcontroler like those PIC32 chips, and the MIPS core they have is rather more suitable for task switching than the earlier PIC chips (based on an old Faranti core for Periheral Interfacing if I remember correctly).

So the $64K question of when your first single chip OS is going to appear? arises.

More importantly, at some point of developing microcontroler products, you get to realise, that doing everything from scratch is a waste of your “squeeze time” and other social activities (though carefull squeeze time has a habit of turning into “Be happy with a nappie” time as rug rats start appearing 😉

So you end up designing your own BIOS / OS that is flexible enough to be moved from project to project and frequently –back when I was new to it way back last century,– from different microcontroller family to a totaly different microcontroller family.

Having done it a few times, you learn how to make the process almost automatic… But don’t for your own sake let others know this. Because you can book way more project time to building the base code of any project than you need. This then gives you hidden time that you can use to get anywhere upto 15% of expected project time ahead of where you tell the boss you are. Thus if the brown stuff does hit the fan you have buffer time and can absorb it a lot less stressfuly than if you had no hidden time. Also being ahead gives you not just consideration time, but the opportunity to have a bit of a social life as far away from your work colleagues as you possibly can[2].

[1] In the article it mentions a book by an Australian academic that contained an anotated version of the Unix core code. Not so long ago a cleaned up version in PDF form became available from one of the historic computing sites. If you search on his name you should find it.

[2] A piece of advise, more than very minimal socialising with your work colleagues can be a bad idea, because it stops you developing more important possibly life long friends you might realy need. In a volatile jobs market where you can be handed a box and your final salary check in the morning and then be handing the keys back to your landlord the next day, you don’t also want to be flushing your social life at the same time (which is what happens with “work friends” way way to often). It’s when you are jobless, homeless and home is a sleeping bag in a car, you realy need a strong reliable social circle, not the least because they can lend you a couch and fill you belly with three days of pasta in one meal, and let you wash you and your clothes, but most importantly they can often hear about work etc to get you back up and running.

Clive Robinson June 9, 2016 4:36 AM

@ ianf,

Perhaps I should let Dirk Praet answer “why Belgium”, but as you probably know it’s got an odd demographic in many ways. One such is parts of it have the highest population density in the world, with a quite high non integrated immigrant population with apparently few life chances thrown in to the mix.

It’s also one of the few countries to run on “auto-pilot” for a year or so because nobbody (including the politicos) wanted the lowest common denominator choices on offer.

As somebody once noted Belgium is “not a country but a federation of petite nations that don’t want to speak to each other”.

Clive Robinson June 9, 2016 6:10 AM

@ The usual suspects, and interested others,

You might find this an interesting read, and might want to try it out,

However a word of caution, even though those micro plunger hook up connectors can be obtained, don’t move them from pin to pin on SMD chips with the power on, otherwise you might humm the old Platters song “Smoke gets in your eyes”. Also after many years of playing and occasionaly blowing up with them, I’ve found a lump of bluetack will stop them moving and shorting in use.

I also find bluetack very usefull for holding bent pieces of aluminum in place when using a hot air gun to melt the solder and get SMD components off of a PCB without also melting and blowing off other SMD components like resistors and transistors…

ianf June 9, 2016 6:51 AM

@ Clive, my Guardian regurgitation was not a question requiring an answer, and, anyway, last I looked Dirk Praet did not own the “Belgium” (Bruce’s AdWord-equivalent) #SchneierTerm, so it’s a free-for-all. Anywhoo, that country’s migrant mixture can’t have much to do with its premier place in that particular ROBOTIC exposed server vulnerability survey, more the absence of clear responsibility demarcation lines for running/ supervising/ coordinating/ directing various strata of its local/ regional/ state-level businesses and governments.

Philosophically speaking, the example of for a decade+ now “government-free” Belgium shows us that, just as in Somalia and Libya (and soon Syria and whatnot), it is possible to live and function in failed statehood condition. THE STATE HAD WITHERED AWAY—just as ‘Old Karl Marx once wished this in earnest. And Belgians en masse enjoy one of the highest standards of living in the West, too! (In theory then, Belgium should be the honeypot for all world’s anarcho-capitalists, because of the opportunities arising from ability to play already warring authorities against one another!)

Thoth June 9, 2016 7:59 AM

The Android Trusty OS is a “security-focused” OS that runs in TrustZone’s Secure World side. ARM TrustZone has a Normal World (running normal Android) and a Secure World (requires a “Secure OS” which most of the case is an L4 microkernel). The Trusty OS is Google’s version of “Secure OS” for the Secure World in the TrustZone enabled ARM chipset.

It seems AES-128 bit keys are considered secure enough for IoTs. For now it is still secure enough but that is a rather short-sighted view.

I was looking through a crypto-lib implementation sponsored by The Linux Foundation for the Zephyr IoT device kernel OS (links all below). I was reading Tinycrypt’s documentation and it says:

“The current implementation does not support other key-lengths (such as 256 bits). Note that if you need AES-256, it doesn’t sound as though your application is running in a constrained environment.”

That is quite true that in a constraint environment, cryptography can be a challenging task and a 128-bit key would still be secure for a few more years ahead. Instead of simply pushing stronger key sizes aside and closing the doors, what should have been done is to say something like:

“Due to the current constraints of IoT devices, a AES-128 bit key length would be a good balance between security and the constraints of IoT devices. We seek to continually improve our implementations so that one day stronger key sizes (192 and 256-bit keys) can be comfortably implemented in a constrained environment.”

Wouldn’t it sound much better that there is a tone and a willingness to improve the crypto-lib than to simply kick the notions of stronger key sizes right out and shutting it down cold.

Security Engineers in the current age of mass surveillance should learn to strive to improve the security and privacy of their users as much as possible.

Zephyr seems to be using a microkernel. Maybe @Nick P can take a look at it 😀 .


Dirk Praet June 9, 2016 8:16 AM

@ ianf, @ Clive

In other OT news, but maybe not: BELGIUM tops list of nations most vulnerable to hacking

Hardly a surprise. However small, Belgium is completely split along a multitude of divides: linguistic, political, economical, educational and religious. Which leads to a complicated (and extremely expensive) state structure with 6 different administration levels (local, intercommunal, provincial, regional, federal and European), 9 parliaments, 8 governments and 3 supreme courts, making any coordinated approach to any issue virtually impossible.

A more rational structure would be to get rid of the intercommunal and provincial levels and reform the country into a Swiss or German-like (con)federation in which the separate regions have a high degree of autonomy and the federal level is only in charge of what is mutually agreed upon by the regions. This is actually what Flemish nationalist parties like NVA and Vlaams Belang want, but which is vehemently opposed by the southern part of the country (Wallonia) as it would end north to south transfers worth tens of billions of euro each year, resulting in either bankruptcy or Greek-style socio-economic reforms and austerity.

Anyway, the problem in Belgium is not that the state has withered away, but that there is way too much state and authorities spread over way too many entities and administrative levels.

Clive Robinson June 9, 2016 12:01 PM

@ Thoth, Figureitout, Nick P, and others,

Apparently Zephyr is actually Wind River’s Rocket RTOS

Yes, which is also as far as I can tell a nano-kernal that Intel use for some of it’s “hidden above ring 0” stuff they try not to talk about.

Which is why I looked Rocket up a while ago, it’s interesting and appears better than a number of the commercial RTOS kernels. If they are in effect “Doing a Red Hat” with it, then there are going to be quite a few nervous organisations out there.

My main reson for not investigating further –aside from money– was which processors it did and did not support (uCos for instance supports a way greater range).

Any way if they are open sourcing it @Figureitout, you don’t have an excuse now, unless you are socialising 😉 Or you have for some strange reason a dislike as I do for all things Cloud including the code development tools… I guess I don’t see any security advantage in all this “Cloud Eyes” snooping in as I cut code.

Thoth June 9, 2016 9:02 PM

@Clive Robinson, Nick P, Figureitout
We can help @Figureitout by linking him directly to the Github repos (below). Now that they have decided to contribute their Rocket RTOS (as the open source Zephyr Project for the Linux Foundation), it would be interesting what they are cooking inside the nanokernel.

Note that the Rocket RTOS would continue to develop in parallel with the open sourced Zephyr RTOS with the Rocket RTOS handling some proprietary “goodies” while the Zephyr serving as a common core.

Now I wonder if I when they would be ready to support RPi boards (list of supported boards below) although I guess the NXP’s Kinetis-based FRDM-K64F board would be fine since it host hardware crypto accelerators just in case you need to do crypto more efficiently than the 128-bit AES crypto the Tinycrypt library that Zephyr offers although you might need to hack abit to tap into the hardware crypto I guess….

Have fun with the open sourced Zephyr RTOS project (with Github repo links below).


Figureitout June 10, 2016 1:31 AM

Clive Robinson
–Next summer at the earliest lol. Got too many things going on now. I’m going to get a nice dev board w/ a sick chip, modern toolchain, modern drivers, etc. Squeeze time really delves into my computer time lol, she doesn’t like me spending all my time w/ my computers lol.

RE: dumping firmware
–Nice, I got one of those bios chip clips for free lol, gonna use it eventually, need some more of those grabby clips though, use those everyday. Yeah always power down if you move connectors around (unless you know what you’re doing). Should be common sense but maybe it’s best everyone learn the hard way…I blew a motherboard taking out a pci card…bleh.

RE: zephyr
–What the heck, excuses?! Like my ADD? Hey get off my back! Calm your thrupney bits, swear on me mum m8 :p They better not be cloud IDE stuff or I’m not touching it.

–Ok, I looked it up, just wondering if you ran it or just checking out code.

RE: zephyr
–Nice, glad they support frdm-k64f boards, guess I have a use for that board now. Will just keep in mind for later, next summer later.

Thoth June 10, 2016 3:41 AM

@One more step
I am not the one who posted on the mailing list since I am not registered to their mailing list.

It is interesting to note that someone took my post and send it in.

In fact I am re-examining my tactics regarding the necessity to fill the CD/DVD-R with /dev/random after the fact.

The reason is once you have written an ISO image into the DVD-R (for what I have recently been testing with), it appends a lock and prevents (from software access) to the unused region. That means if you are using software, you will only see the space for the ISO image in the DVD-R after writing the image.

That does not mean you can’t use hardware level access or lower level APIs to access the CD/DVD-R and burn something else into the free space despite the software level locking of the ISO image data.

In fact when testing on Windows, it seems to be able to see the actual CD/DVD size but when asked to burn additional files after the ISO image have been written, it fails.

I would update once I have other tactics on hand after some experimentation but for now, from a software level, once you have burnt in an ISO image into a CD/DVD-R, you are pretty much safe from any software level insertion of suspicious binaries into the CD/DVD-R image.

Thoth June 10, 2016 3:43 AM

I wouldn’t know since I only recently stumbled upon the Zephyr project. I think for now if I had the time, it would be emulation on QEMU since I don’t have any of the required boards to test them out.

Clive Robinson June 10, 2016 4:10 AM

Renters, be afraid, be very afraid

In a similar way that a half assed algorithm decides if you are going to re-offend, a startup has a system to assess renters, tenents, licensees and airBnB guests, only based on “deep text” analysis of your social media past and present.

Whilst this is a very bad idea, it’s almost certain to pay the startup big bucks, as nearly all realy bad idea affecting third parties usually do…

Clive Robinson June 10, 2016 4:37 AM

@ Figureitout,

Squeeze time really delves into my computer time lol, she doesn’t like me spending all my time w/ my computers lol.

It was ever thus with a man’s hobbies and self improvment (they like the good results but not the journy getting there 😉

Many years ago the UK Association of Computer Clubs had a magazine. I think it was the year of the First London Marathon, that an article appeared entitled “The Other Woman”.

It was a lament from a wife about her husbands latest hobby, apparently he’d had many hobbies before and she contented herself with the knowledge that upto that point in time all his previous hobbies had peetered out after about four to six months, thus she did not expect it to last…

But after a year she was concerned, he’d arrive home from work and disapear into his subtaranian man cave surounded by solder fumes and uttering cutses, oths, and the very ocasional sounds of satisfaction and jubilation into the early hours. The few times he surfaced he would be uttering some strange new language, that got worse as he waited puppy like by the letter box for the latest magazine to be propped in by the postman.

Yup, they see that box of sparks as a rival, that they don’t know how to compeat with…

I was once given some advice on relationships by a friend who was a “trick cyclist of the mind” by proffession. He pointed out that there is a large grain of salt[1] in the old saying “A woman tries to find the perfect man, and when she’s caught him, the first thing she does is try to improve/change him”. His solution to the problem was to have alongside his real hobbies, some faux hobbies such as football and fishing. Thus by the subtle cheating couples always do, he could let her struggle heroicaly against his faux hobbies, whilst having his real hobbies left untouched. The fact that his wife of thirty years was only to aware of his plot, tells you which one was the most worldly wise, thus probably enjoying the game more.

[1] @Wael, I know Lots Wife arises again 😉

Clive Robinson June 10, 2016 5:00 AM

@ One More Step, Thoth,

When you close a CD/DVD ROM sesion it is only a “convention” thus the low level drivers etc can not only read into it they can also write to a point past it.

Using “random fill” is actually not a good idea, as you might have to prove a negative, when someone with authority accuses you of putting crypto text or some such there (the same applies to “blank space” in file systems as well as other media types such as thumb drives etc.

Thus you have the option of filling it all with the “write state” or putting meaningfull but worthless data in there such as repeated ASCII text saying “Security Disk Fill:” with parity bit set appropriately or equivalent.

You could also use the hash value of the ISO image as a key to ARC4 then fill with the keystream output etc. Almost anything that can be shown to those in authority not to have hidden content will do.

P.S. By “write state” I mean the binary value that has to be erased before it can be overwritten. For some media types that will be “all ones” for others “all zeros”.

Thoth June 10, 2016 5:15 AM

@Clive Robinson, One more step
Another method I am currently contemplating is to statically define the total CD/DVD-R space (say 4.7 GB for DVD-R) and then create some filler data file and add it into the ISO image before writing the ISO image into the CD/DVD-R. This way you get to hash the ISO image with filler data before writing and then after writing you hash it again and check if there are any discrepancies. If discrepancies are found, discover and remedy whatever that is not right (e.g. if hardware backdoors, change a new CD-Drive :)).

Wael June 10, 2016 5:58 AM

@Clive Robinson,

I know Lots Wife arises again

Funny you should mention that. Was watching something about the nature of human interaction, and whether it’s physical or chemical interaction… Also was reading about Cryptography in some scriptures — pretty amazing stuff.

PS: I’m following along. Still here in ‘spirit’… 🙂

Clive Robinson June 10, 2016 10:03 AM

@ Bruce,

You might find this interesting,

Put simply they are highlighting that the FBI are seeking out those with emotional and mental issues and doing just about everything they can (including paying taxi fares to get the about) in setting them up as faux “terrorists”.

What the article does not go into is what the FBI gets out of it and what the likely repercussions are. Or what it means to any person in the US by the onward march of US LEOs less and less constrained by the law. Afterall does the average US citizen actually want to go back to “I point the finger and you hang” style law enforcment? With “Night Knocks” being the herald to “The Disappeared” in large numbers. After all the Chicago PD thought it OK to illegaly detain etc.

Figureitout June 10, 2016 4:33 PM

Clive Robinson
–Actually she lets me do my thing many times, like tonight lol. Well as long as I keep her happy in the…well you know. :p I’m gonna make her a little cutsie thing sometime (I burned a girl’s finger the last time I did that, fail lol. Either the motor needed some kind of special control pulses (I completely took apart the electric razor I scavaged the motor from and didn’t see any other circuitry), bad switch, or I don’t know, didn’t make sense) and that’ll make her happy too. If anything I’ve changed her more than me lol, I half joke that I’m going to get her coding w/ me b/c I’ve always wanted a gf that could code. :p She’s pretty much non-technical but has the “bubbliness” I just don’t have lol.

We both don’t wanna play those games and just be honest w/ each other. If I couldn’t trust her I’d be out in a second. None of that “we need to talk” and it’s a 1-sided smackdown rant stuff. No trying to control each other and all that. Rather be single if that was the case. It’s funny I guess until you live it lol. Hope your squeeze isn’t like that but I’m thinking maybe you’d like the games lol. :p

Gerard van Vooren June 10, 2016 4:47 PM

Wikipedia co-founder Jimmy Wales has said an attempt by France to give an online privacy ruling global force is opening up a “disastrous can of worms” and could spur global censorship.

This is a very interesting dilemma.

Let’s say that I am the deceased Dutch Prince Bernhard. I can assure almost everyone reading here that I am having a life that is much more interesting than the life that you are living. You can all read what I have done in my life so far. There have been a lot of good bits (I have been part in the reconstruction or The Netherlands after WW2 and played a role model for James Bond (serious!)) and an equivalent part of bad bits (Lockheed affair, once being a member of the SS, having bastard children in Africa).

Now I want that my legacy is being removed from history. I want a fresh start! I don’t want that people are reading what I have done bad. I have made my mistakes but sure I have done a lot of good too!

And make sure that I have done very good things!

(Now I am me myself)

It is true that Prince Bernhard of The Netherlands did really do countless of good things. It is also true that he did minor bad things. There is a balance in what he did and to my opinion he did good. I am saying this as a Dutch guy.

The problem is that most influential persons have made very wrong mistakes and they will keep on making these again. Should we make these mistake disappear? Should we take the stance of Jimmy Wales? The problem is that we all have a youth. We are all human. If everything is being recorded we just are not allowed to make a mistake, but also when things aren’t being recorded then we could alter history. It’s a dilemma that I don’t have an answer for. It’s a dilemma that is probably not for-filling everyones interest but there are lots of questions.

Clive Robinson June 10, 2016 5:55 PM

@ Gerard van Vooren,

This is a very interesting dilemma.

As Will Shakespeare pointed out with Brutus’s speech –after he’d stabed caeser in the back– death polarizes history’s view of a man’s deeds in life.

The problem we have currently is we are in transit from an era where “being forgotton” was the norm for all but a few, to one where “grab everything” is in effect making “informational time machines” which haunt the living and the families of those deceased in living memory.

The right to censor is an interesting one, obviously there is little harm in alowing people to remove erroneous data about them from public arcives, credit databases etc. But most authorities have drawn the line on other databases such as those belonging to the IC and LEOs. Thus people are being stigmatized through no fault of their own. The censorship problems start when things are not cut and dried, that is when “opinion” is involved. Miscarriages of Justice due to “opinion” from expert testimonial have provably caused harm, but in general opinion is a view in life, often not supported by factual evidence. In the US the right to express opinion as free speech is both good and bad, but when it’s bad it tends to hang around like the stench of something you would rather not have put your foot in. Within a very short time the gloves will come off in the US Presidential race, and if the past trends continue the extreams of the older parties will start pushing out any old rubish knowing, that a) they can not be stopped in time, and b) even if what they say is false it will stick in peoples heads and have life long problems for the target of their smears.

Thus we might say that when it comes to things of such importance we should have a right to gag those spreading rumours and lies. That is they should be censored for the public good. The problem as many who have been victims will know is the “burden of proof” that they are expected to produce against their aggressors. Often you can not produce it without expert help and most victims can not aford expert help which raises a “chicken and egg” issue, in that to get expert help from the authorities they need expert help to be believed…

It is because of this issue we have a significant imbalance of power. In the UK the rich can get global secret injunctions to protect their indiscretions, the poor who are often the victims of such indiscretions can not aford to fight and are thus further victimized by their aggressors.

Tge only thing I’m reasonably certain about is that those who claim secrecy in the name “of the public good” usually mean “keep a clean image in the public eye” for their good.

Thus any kind of censorship should be treated with the utmost caution, as information hidden by it, is often very much in the public interest, if for no better reason than to prevent the victimization of others.

Clive Robinson June 10, 2016 6:23 PM

@ Figureitout,

Hope your squeeze isn’t like that but I’m thinking maybe you’d like the games lol.

No I don’t like the games, they waste time and energy I’ve better uses for. I’ve had the misfortune of having spent a large part of my adult life keeping secrets, most pointlessly so, but then those who get to decide what is and is not secret are often Empire Builders, and secrets are bureaucratic power, a weapon to be jealously guarded and wielded with the utmost prejudice. After all why squash a bug with your thumb when you have the power to use the nuclear option, or send in the boys in black with “a no limit bag”…

Some crave such games and power, but often they also crave risk, which is often a terminal failing. They also have a tendency to think the rules do not apply to them (Pretaus springs to mind) because they are the “big boss” etc. In fact they are often psychopaths or have psychopathic tendencies, which realy means at the end of the day, you should “head the other way.

I actually like a life of quiet contemplation, doing practical things to occupy my hands whilst letting my mind take wings. The likes of good food, music and reading with like minded people is way more enjoyable in the long run. But as the song says “back when I wore a younger man’s clothes” I was not averse to a little spice in my life, I just out grew the meaninglessness of such shallow diversions. I guess you could say I like living in my own head and don’t have a need to live in others heads, and that to me a good friend is worth more than the lust for many lovers. I’ll let you find the French saying about fine women who are as fine wines 😉

Curious June 11, 2016 1:41 PM

Something about the real possibility of decrypting TLS traffic with a virtualized server(“TeLeScope”):

If I understand this correctly (and I might be wrong, I’m no expert), this is some kind of eavesdropping feature, making the TLS connection between a computer and the virtualized server void of security.

“The attack makes it possible for a malicious cloud provider, or one pressured into giving access to three-letter agencies, to recover the TLS keys used to encrypt every communication session between virtualised servers and customers. CIOs who are outsourcing their virtualised infrastructure to a third-party vendor should assume that all of the information flowing between the business and its customers has been decrypted and read for an undetermined amount of time.”

Found at slashdot:

Virtually The Opposite Of Reality June 12, 2016 10:23 PM

If I understand this correctly (and I might be wrong, I’m no expert), this is some kind of eavesdropping feature, making the TLS connection between a computer and the virtualized server void of security.

Not exactly necessarily ‘void of security’. But the expert analysis starts with knowledge that the key difference between a ‘virtual server’ and a ‘server’ is that on a ‘virtual server’ there is a ton of ‘other stuff running on the same hardware’. That tends to make things less secure. Of course there are a lot of big dollar virtualization players in the market that wish they could wave their hands fast enough to make everyone in the world forget about that. But their wish doesn’t make it so.

Not Your Server The Opposite Of Your Server June 12, 2016 10:44 PM

Actually that was a pretty stupid comment I just made rereading what I was replying to. Clearly the issue here is that if someone else is physically managing your server, virtual or physical, they can whip out a magnifying glass and look at any of your bits whenever they want. That’s not exactly expert level analysis there either.

ianf June 14, 2016 10:21 PM

@ Clive Robinson scares renters to be afraid, be very afraid of… a half assed algorithm that will decide if one is worthy of being a tenant, licensee or AirBnB guest, based only on a sleazy startup’s “deep text” analysis of one’s social media past and present.

While nominally interesting, how is that regurgitation of an overhyped Boing² item not a case of way-premature sensationalization of the yellow press type? (here’s looking at you, Rupert Robinson ;-))

Quite apart from that the sleazy startup’s core concept hinges on affected prospective tenants etc. agreeing to have them vetted in this intrusive fashion—which is far from a given—there’s the wee problem of landlords not operating in a vacuum, but in a system of legal obligations. Landlords, and not only in the UK, already have to navigate a mesh of various anti-discriminatory regulations etc. The last thing they’d need is to open themselves up to accusations of infringement of privacy for discriminatory purposes and whatnot.

Besides, what would they need such an app for? Googling a name usually throws up enough to bite into, and if not, then not (=probably more suspect individual that has no social life or hides under the radar). And it’s not like these returns are then mined/ evaluated by scientific-fairness-minded, aware of own biases, landlords.

    From a purely philosophish point of view, an algorithm could actually do less reputation damage than a haphazard manual google-up, as an app would have to rely on some preset range of thematic keywords and compound IF-THIS-THEN-THAT logickal rules with which to build up a profile of the prospective tenant. An example: I once voluntarily subjected myself to Twitter content analysis (no longer live, which characterized my online personality there as a “chatty boffin.” Fat good it’d to a landlord to learn that ;-))

But, as I said, the app would first need to be deployed to be of nuisance.

PS. given how lickable he already is, I don’t see the point of turning Wael into a pillar of salt. In fact, I’d sign any petition blindfolded, both hands, opposing such a move – be it grassroots-, or council-mandated. On the other (third) hand, this hot-gas-to-mineral transmutation method sounds promising, even if it’s early days yet: CO turned into volcanic stone in a climate change breakthrough

Now, if only we could get Wael to redirect some of his hot gasses to Iceland… (there must be an app for that!)

Wael June 14, 2016 11:15 PM


given how lickable he already …

You mean “likable” ?

Now, if only we could get […] to redirect some of his hot gasses to Iceland

You’re playing with fire! Don’t make me immortalize your rump with a cryptographic limerick, ok?

ianf June 15, 2016 12:08 AM

Funny you should associate my (mental) hot-gasses quip with your nether regions, then threaten to cryptimmortalimerize my rear domain. Whatever makes you tick… go ahead then, show us your inner Yeats.

Wael June 15, 2016 1:12 AM


go ahead then, show us your inner Yeats.

One of these days. It took me two years to compose one for @Nick P, and it wasn’t “cryptographic” in nature.

Gerard van Vooren June 15, 2016 2:42 AM

@ ianf,

Cooled down a bit? I wasn’t aware I stepped onto your puppy. If you cool down maybe we can discuss it like adults?

About the numerical points:

1) I was referring to the dragnet surveillance that proved again useless. But the field work failed miserable as well.

2) Maybe the French, being French, will come up with some alternative meta-solution.

I don’t think they will. They have entered the same path the US took, which is not working.

5) I’d say they do give lots of damns about the laws

That is not what I mean. No LEO wants to be behind bars so they obey the laws. I am talking about human rights. The last 15 years proved that politicians have been very successful in stretching the abilities of how far LEO’s can go.

8) Worthy goals both, except for the t.e.e.n.y-w.e.e.n.y detail of nobody having developed a political anti-polarizing filter yet;

They should. I still remember the quote “Every nation, in every region, now has a decision to make. Either you are with us, or you are with the terrorists.” coming out of the mouth of G.W. Bush, former President of the USA.

@ ianf, Nick P,

quit using the shooter’s name, both he and it should fall into oblivion

Sorry that doesn’t work. The name is gonna be mentioned sooner or later. The better approach is preventing the crime from happening at all. Did this guy have some help in dealing with his problems? Did the FEDS offer him help when they visited him? It was pretty clear that he did have serious mental problems. And I agree that he should not be able to buy fire arms.

Focus on them briefly. Then, move on to reducing the stuff that kills six digits a year like what the white, Christian parents feed their kids, spray on their lawns, or get drivers’ licenses for.

I agree completely.

Nick P June 15, 2016 10:53 AM

@ Wael

“One of these days. It took me two years to compose one for @Nick P, and it wasn’t “cryptographic” in nature.”

If it was the limmerick, I was going to get one of our improv rappers to do a whole song on your ass in 3 minutes as payback. I just didn’t feel like driving out there and listening to their bullshit. So, you got lucky. 😛

@ Gerard

“Sorry that doesn’t work. The name is gonna be mentioned sooner or later. ” (Gerard)

“The better approach is preventing the crime from happening at all. ”

Sorry that doesn’t work. The crime is going to happen sooner or later. Whether my measure will prevent it is an unknown. It’s more about not incentivizing people or rewarding them later with attention they’d have never gotten without murder. It’s a known fact that many criminals, including some entrapped for terrorism, do it only for the notoriety. They want their name out there as the person who did X or represents Y. Denying that consistently in mass media could reduce number of people who pull stuff or make a nice punishment when we catch them. Especially showing the news to their face that they didn’t make a blip.

The alternative is writing all kinds of stories about the murder, making them famous, while ignoring all the decent people and activities in our country as usual. Hard to get a democracy to form a balanced reaction to a type of person involved in murder if all they see is murderers. I’d worry they might start supporting police state legislation to protect themselves & focus it on anyone who looks like the murderer. 😉

Nick P June 15, 2016 12:42 PM

@ Thoth

Zephyr is interesting. It looks like a RTOS with capabilities similar to some commercial ones that will be OSS. This could be a replacement for RTEMS or eCos. It lacks MMU or any security built-in from the technical overview. Numerous, security-critical IC’s include some kind of MPU or MMU these days. You can get them cheap. The RasPI’s also do. So, most of what hobbyists are using or security-critical MCU’s can use demand an RTOS that takes advantage of it. So, it needs to support more than one component in user-space with at least optional, MMU enforcement.

Updating Muen or seL4 to do that is one option. The extra features will be labeled as regular assurance that could undermine things in general. Use what extras you are willing to take risks on.

@ Thoth, all

Updating on status of CakeML, I noticed the program funding it at the bottom. I like looking into those as I sometimes discover other projects. This one is a real treat. It’s another that’s doing key work on every layer with important contributions for ISA’s, concurrency, and even POSIX API’s critical to servers. You know they’re doing a good job of a DSL for ISA specs when you can read it mostly without a guide. Working on specs w/ cycle-accurate fuzzing for RISC-V and CHERI CPU’s. Also, turns out they’re behind the work to clarify C semantics that reflect real-world use by compilers and such. Nice overall project.

Some assorted stuff I’ve run across in past few months:

Great 15-min documentary from Wired on China’s Shenzhen with hidden camera footage of stalls

Blog post listing ways to test distributed systems or protocols

Even better: Leslie Lamport’s entire book on specifying systems with TLA+ for free

Note: Lamport is one of computing’s great minds, esp on distributed systems. The book gives many examples that translate to practical usage. Anyone mathematically inclined can probably handle TLA+. That’s one of its strengths. Amazon started using it for their AWS protocols. I recall one problem they caught that would’ve taken 30+ steps to find with a test. Engineer said, at high scale, bugs like that usually happen in practice eventually. Shows power of formal specification & verification today given testing was impossible & bug passed code review.

Fieldbook – Like Excel spreadsheets but also a database

Note: Most efforts to get corporate knowledge out of spreadsheets involved 4GL’s, RDBMS’s, weird data-entry programs, custom apps… you name it. All mostly failed. I’m including this since I think it’s a usability-first solution that might actually work with enough marketing. A security-oriented, still-seemless version of this is worth creating for any entrepreneurs reading there.

Go barebones OS

Note: This is just to settle a debate that shows up online a lot. They say Go can’t be used for OS’s due to GC or design. I said it’s based on Oberon-2: a language used for OS’s. Knew it was possible in Go. This project and one other I saw proved you need very little support to do a Go OS. Not saying you’d want to but Oberon (or A2 Bluebottle) could be ported using such methods to Go with modern tooling & ecosystem. That might be nice for subversion-concerned people. 😉

P4 Packet Processing Language for SDR & programmable switches

Note: Comes from Bearfoot whose about to release a multi-Terabit/s, software-programmable switch. This compiles to it.

BitKeeper, first DVCS with security, is now open-source under Apache’s management

Efficient, formally-secure compilers for tagged architectures (2016-onward)

Note: Decided to throw some Google-fu at safe, systems work just for you all to see if something popped up. This project intends to essentially create a verifying compiler from both C and ML to a SAFE-like architecture. Cool part concerns abstraction gap attacks between ASM and HLL’s: formal model of each will be proven to correspond such that attackers can’t do any more damage at one level than another. This means that you’ll largely be able to ignore ASM model for anything but covert channels. I wish them luck.

Pay dirt found

Tock: A secure OS for embedded platforms

Addresses the issues I described to Thoth about the Zephyr project with enforcement mechanism I recommended and then some. Also attempts to write some of it in Rust. They describe issues with Rust for embedded systems plus suggest modification in this paper. OS user-land supports C apps, though, plus some others. The GitHub is here. Amit Levy, under “Conferences,” has other interesting work on key-value stores, covert channel mitigation, and more. The find of the month. Decided to make it my first submission on Hacker News while I was at it.

Note: Interesting coincidence is that someone else submitted the Cerberus project about the time I was writing about it here. Now I have to go over there to drop the overarching project into the comments.

Curious June 16, 2016 9:18 AM

If Apple and other corporations intend to make use of data that obviously prey on people’s privacy details, but pretend to improve “privacy” for “people” as a group, I can’t help but think that this ‘differential privacy’ gimmick is fighting the need for people to have privacy in the most prejudicial way (ultimately eradicating rights to privacy), presumably making privacy details for people a thing that in USA would perhaps be considered something that one is no longer allowed to have any expectation of privacy for.

I think philosophically speaking, this group notion of mine there is something that obviously has to be understood as a danger to an individual’s liberty, privacy wise. Even if Apple have people sign or in other ways indicate an acceptance for sharing their privacy details (data) with Apple, a government in turn should imo have no right, or no claim for making this acceptable, if treating personal privacy as if it was some kind of commodity on the basis of treating peoples privacy as a group phenomenon.

Wael June 16, 2016 5:18 PM

@Nick P,

If it was the limmerick, I was going to get one of our improv rappers to do a whole song on your ass in 3 minutes as payback.

Nothing but! Seeking external help isn’t allowed. It’s an honor system 😉

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.