Friday Squid Blogging: Self-Repairing Fabrics Based on Squid Teeth

Really:

As shown in the video below, researchers at Pennsylvania State University recently developed a polyelectrolyte liquid solution made of bacteria and yeast that automatically mends clothes.

It doesn’t have a name yet, but it’s almost miraculous. Simply douse two halves of a ripped fabric in the stuff, hold them together under warm water for about 60 seconds, and the fabric closes the gaps and clings together once more. Having a bit of extra fabric on hand does seem to help, as the video mainly focuses on patching holes rather than re-knitting two halves of a torn piece.

The team got the idea by observing how proteins in squid teeth and human hair are able to self-replicate. Then, they recreated the process using more readily available materials. Best of all, it works with almost all natural fabrics.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Tags:

Posted on August 26, 2016 at 4:30 PM387 Comments

Comments

John August 26, 2016 4:46 PM

Three very serious vulnerabilities patched by Apple.

It is testament to the security of Apple devices that 3 very sophisticated attack vectors had to be concatenated in order to achieve this result. If this was Android the vulnerability would probably never be patched on the majority of devices.

Whoever was behind this attack managed to keep it secret from iOS 7 onwards which is worrying.

However the cost of the attack, and the need to keep it secret, would mean it’d have been reserved only for the most high value of targets.

The technical analysis (bottom link) makes for very interesting reading.

Apple releases iOS 9.3.5 to fix 3 zero-day vulnerabilities

http://arstechnica.com/apple/2016/08/apple-releases-ios-9-3-5-with-an-important-security-update/

https://support.apple.com/en-us/HT207107

Actively exploited iOS flaws that hijack iPhones patched by Apple

http://arstechnica.com/security/2016/08/actively-exploited-ios-flaws-that-hijack-iphones-likely-spread-for-years/

The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender

https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/

3 things CISOs need to know about the Trident iOS vulnerabilities

https://blog.lookout.com/blog/2016/08/25/lookout-trident-pegasus-enterprise-discovery/

Technical Analysis

https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf

xxxxx August 26, 2016 6:09 PM

The text below is excerpted from the current version (2016/2017) of the Pierce County Code Chapter 8.72. My purpose is to make people aware that the laws stated here actually are the current law in Pierce County, in the state of Washington. It seems there is a lack of awareness of these laws. Are you SICK AND TIRED of seeing and hearing the noise-making behaviors described below, WHICH THE LAW EXPLICITLY STATES ARE ILLEGAL? Contact the government and law-enforcement and DEMAND THAT THEY ENFORCE THE LAW!

Chapter 8.72 MOTOR VEHICLE, PUBLIC DISTURBANCE, AND PUBLIC NUISANCE NOISE
8.72.040 Mufflers. It is unlawful for any person to operate, or for any owner to permit any person to operate, any motor vehicle or motorcycle upon the public highways which is not equipped with a muffler in good working order and in constant operation.
8.72.070 Exhaust System. It shall be unlawful for any person to operate any motor vehicle upon any public highway if the vehicle exhaust system exceeds the maximum permissible sound levels set forth below for the category of vehicle, as measured at a distance of twenty inches (0.5 meter) from the exhaust outlet under procedures established by the State of Washington in Washington Administrative Code Chapter 173-58-080, “Close Proximity Exhaust System Sound Level Measurement Procedure.” Motorcycles 99 dB(A)/Automobiles, light trucks, and all other motor vehicles 10,000 pounds or less 95 dB(A).
8.72.090 Public Disturbance Noises. It is unlawful for any person to cause, or for any person in possession of property to allow to originate from the property, a public disturbance noise. The following sounds are public disturbance noises:…
C. Frequent, repetitive, or continuous sounds from starting, operating, repairing, rebuilding, or testing of any motor vehicle, motorcycle, dirt bike, or other off-highway vehicle, or any internal combustion engine, within a rural or residential district, including vacant property adjacent thereto, so as to unreasonably disturb or interfere with the peace, comfort, and repose of owners or possessors of real property…
F. Any loud and raucous sound made by use of a musical instrument, whistle, sound amplifier, or other device capable of producing or reproducing sound which emanates frequently, repetitively, or continuously from any building, structure or property, such as sound originating from a band session, tavern operation, or social gathering and which unreasonably disturb or interfere with the peace, comfort, and repose of owners or possessors of real property in the area affected by such noise…
H. Public disturbance noise from portable or motor vehicle audio equipment: While in park areas, residential or commercial zones, or any area where residences, schools, human service facilities, or commercial establishments are in obvious proximity to the source of the sound, it is unlawful for any person to negligently cause, make, or allow to be made from audio equipment under such person’s control or ownership the following:
1. Sound from a motor vehicle or vessel sound system, such as a tape player, radio, or compact disc player, which is operated at such a volume that it could be clearly heard by a person of normal hearing at a distance of 50 feet or more from the vehicle or vessel itself;
2. Sound from audio equipment such as a tape player, radio, or compact disc player, which is operated at such a volume that it could be clearly heard by a person of normal hearing at a distance of 50 feet or more from the source of the sound;
8.72.120 Enforcement… C. The Sections of this Chapter relating to motor vehicles and vessels and noise emanating from vehicles and vessels, shall be subject to enforcement proceedings with or without a citizen’s complaint.
8.72.130 Violation – Penalty. A. Any person violating any motor vehicle performance standard of this Chapter, or who shall create, keep, maintain, or allow to occur any noise related to motor vehicle performance standards, as defined herein, shall be guilty of a misdemeanor.

SchneieronSecurityFan August 26, 2016 6:40 PM

The launch of Micius, the Chinese satellite that uses quantum cryptography to communicate with ground stations.

Is jamming the signal the only attack as it seems to be immune from eavesdropping and man-in-the-middle attacks?

Remember to Squeeeeeze August 26, 2016 7:28 PM

@xxxxx

I’m pretty sure that the only way to actually rid the world of those retarded asswipes with the gigantic speakers in their cars would be to enact laws allowing any adult citizen with a three-digit IQ to overlook any public roadway with a Barrett .50 and conduct retroactive selective breeding experiments.

{} August 26, 2016 8:02 PM

@SchneieronSecurityFan
As far as I’m aware, the endpoints would still be vulnerable to attack without detection.
Attempts to eavesdrop on or tamper with communications between the satellite and ground stations would in theory be detected, but for practical purposes a channel of communication is only as secure as the weakest link in the chain of custody. For example, if either the sender’s or the recipient’s computers are compromised (keylogger, RAT, etc.), cryptography – quantum or not – is moot. It does require more effort on the part of the NSA and GCHQ, though. Cue the spy agencies covertly installing stuff at the ground stations.
The current project is in the proof of concept stage – it’ll be the first time that “entangled” photons are sent in a controlled fashion over hundreds of kilometers – cool stuff. Intriguing for those of us who are into puzzles, because it’s so incomprehensible.

I don’t think the Chinese would be involving the Austrians if they thought this stage of the project had any significance to national security. I think it’s more for the prestige of a headline-grabbing, nifty physics project.

ScottD August 26, 2016 8:05 PM

Originally my thought process behind my Orthographic Password Creator was to compile a list of all English Orthography elements then randomly piece them together. This resulted in overly complex words that were not much better than random characters. This was especially an issue with 4 and 5 character orthographies. I found that piecing one and two character elements often results in the same constructs as though the 3, 4, or 5 character orthography were chosen. So I decided to tweak my algorithm.

After rethunking for a while, I decided to examine which orthography elements were the least and most used. My first whack at it involved counting how many times each orthography element is used in the English language. I already have a text file containing most all English words (109,462 words) which is used by the Random Word Password Creator. I loaded the dictionary into a text editor, then used the search function to count every occurrence of each orthographic element. The results are in a blog post here.

http://www.nousmind.com/blog/2016/08/23/orthography-statistics-part-1-the-count-tables/

A long list of numbers it be. So I plotted the numbers which is in this post.

http://www.nousmind.com/blog/2016/08/24/orthography-statistics-part-2-count-plots/

What is interesting is the obvious exponential curve of the occurrence counts for each element. What is evident is that most words are made from less then half the possible orthography constructs. More interesting is the number of orthography elements that have zero or very low counts relative to the other elements. So the issue becomes which elements to drop.

After some experimentation, I found that elements with 4 or 5 characters are redundant since randomly assembling 1, 2, and 3 character elements often results in the creation of those 4 and 5 character elements. So I dropped all 4 and 5 character elements from the list.

Regarding which to drop from the 1, 2, and 3 list. The ones with zero or just a few occurrences obviously can be dropped. However, I found it difficult to decide where to cut off the list. Although the most used elements are magnitudes of order higher than the lesser used ones, many of the lesser ones are still common, just not as common.

A third experiment. I hacked together a C program that loaded the entire dictionary into memory, then permuted through all two character combinations of the entire alphabet (26 x 26 = 676 combinations). The program scanned the entire dictionary looking at every character, and the following character, then incremented the appropriate counter. The results are in this post.

http://www.nousmind.com/blog/2016/08/25/orthography-statistics-part-3-alphabet-pairings/

After mulling things over for a while, I tested using just 1 and 2 character elements. What I found is that most of the 3 element orthographies were indirectly generated when creating words using random combinations of just the 1 and 2 character elements. So I decided to simply drop all 3 character orthographies. That leaves just the two letter and the alphabet. Seems to work. I did drop a few from the bottom of the list which had zero or just a few occurrences. The list of changes are in this post.

http://www.nousmind.com/blog/2016/08/25/changes-made-to-the-orthography-password-creator/

The complete lists of both the vowel and consonant orthographies I decided to use in the Orthographic Password Creator are listed at the bottom of its web page.

K15 August 26, 2016 8:07 PM

Are 3rd-party security apps for a mobile phone worth getting? Have they been mentioned by BS? And on Lookout the company, it is pronounced with the accent on which syllable?

tyr August 26, 2016 8:33 PM

@ianf

I’m surprised that you seem to have forgotten how
the ancient Greeks handled the problem. “let no
one ignorant of geometry enter here”. Teach a kid
the rudiments of that sport and you’re past the
most important hurdle.

There’s a lot hidden in the lessons about how to
decide what is the same based on limited information.
Then all you need is to give them a chance to
bugger up a running program or get access to the
school office files with grades in them and you
have released another monster into the wilds of
cyberspace.

The real trick is to teach them how to educate
themselves the rest is all cake icings.

Thoth August 26, 2016 9:53 PM

@Figureitout, Nick P

Some of the Groggybox’s Java Desktop client screenshots without any attached listeners for now.

Does it look somewhat usable and friendly from the few basic screenshots ?

Inexpensive Air Gap August 26, 2016 10:15 PM

For the last few months CCleaner has been repeatedly deleting a file called WebCache. Now I learn the only Windows 8.0 update which I still download (Windows Defender) is indeed also the source of this malware.
I’m weening myself off Windows and have built an excellent Linux Mint multi-media 4K PC.

So I had to remove spyware Windows Defender but ‘Trusted Installer’ forbids it. However Linux can read/write NTFS drives. However most MS NTFS boot drives are corrupted and can’t be read because of Hibernation files. So change the Windows Power Plan to maximum performance and also turn off ‘EPU’ power saving in the BIOS. Only then can Linux OS mount these ‘cleaned’ NTFS drives. Then its easy to rename the three Windows Defender Folders. MS is a toxic waste dump!

Another common leaker/tracker is Firefox as it delays closing for up to 30 seconds while sending out your data over the Internet (the Windows task manager shows openvpn traffic in its own graph). I’ve edited Firefox about:config and disable a huge pile of crap! One solution here is to physically airgap the computer Ethernet with a $6 kill switch before closing Firefox:
https://www.amazon.com/MT-VIKI-Network-Splitter-Selector-MT-RJ45-2M/dp/B00DRG1SLO/

Securitywise its prudent to not leave an unattended computer connected to the Internet. Equilivent to locking your front door?
Security-wise its prudent to not leave an unattended computer connected to the Internet. Equivalent to locking your front door?
If there is unusual network activity, then Linux must have a utility to show recent file changes.

Thoth August 27, 2016 12:03 AM

@Matthew

The direct answer from my view as a Singapore citizen and a security engineer here is it’s unlikely to go through although there is a slight possibility.

The reason is simple. VPNs are everywhere and if it uses HTTPS tunneling, they can’t simply slam the door shut on it. How are they going to determine if the tunneling via HTTPS/VPN is streaming certain controversial videos or not ?

Singapore prides itself for having a high standards for it’s cyber-security especially in the field of Banking and Finance and removing VPN (and also HTTPS as a consequence), this will contradict the very element that keeps Singapore rich … which is the Banking and FI sector and these sectors rely heavily on VPN (proprietary protocols or HTTPS/VPN).

For those using specialized protocols for VPN that does not use HTTPS as the outer layer, it would be advisable to do so as the HTTPS (with certificate pinning) used as an external protocol obfuscation would make it more plausible to slip pass firewalls and filters. The actual internal protocol layer can have a secondary encryption negotiated within the HTTPS tunnel to provide firewall and filter detection bypass and the second layer of encryption can be used with much stronger schemes with forward secrecy.

Matthew August 27, 2016 2:55 AM

@Thoth

I agree with your view. However I am surprised that Singapore goverment is even considering such a idea. Given their expertise, they should know banning VPNs is a no-brainer but the fact this was announced in state controlled media means that someone is seriously thinking about it.

This is my own opinion. I believe their true intention is not about copright protection but it is about national security. They will probably try to negotiate with VPN providers to provide them a way to monitor the traffic for terrorism, racism, political discourse and anything that threatens them.

If anybody questions the officials on such idiocy, they will put the blame on the trade agreements signed with USA for IP protection. The officials will come out smelling like roses while turning the country into a police state.

Clive Robinson August 27, 2016 7:55 AM

@ tyr,

The real trick is to teach them how to educate
themselves the rest is all cake icings.

Err no it’s a little under half the trick.

Another important thing to teach them is that there is a significant reward in educating themselves.

Also the good side of “what comes around goes around” that not just they but society benifits from open use of information, as like a rising tide it lifts all boats that can float (ie educate themselves).

Along with the sense of “self worth” it engenders, they also need to learn a little “self responsability”. So the system stays health and does not fall into the current IP mess lawyers and politicos want. Or worse the sort of world the likes of the Koch Brothers want to purchase, such that people genuflect to them for their questionable and illegal activities.

http://www.alternet.org/election-2016/exposing-koch-brothers-stunning-hypocrisy-criminal-justice-reform

Clive Robinson August 27, 2016 8:20 AM

@ Thoth,

For those using specialized protocols for VPN that does not use HTTPS as the outer layer, it would be advisable to do so as the HTTPS (with certificate pinning) used as an external protocol obfuscation would make it more plausible to slip pass firewalls and filters.

That is also my reasoning for looking at it as the transport for the Fleet Broadcast system using fixed rate “ring networking” to overlay on existing packet switched networks.

Scalpel-Happy August 27, 2016 9:33 AM

@Inexpensive Air Gap

Just go through about:config and change the URL for every setting that has a URL to “”. Works just fine, it’s faster, etc. Screw Google, screw Microsoft, and screw the nosy, “feature”-creeping bloat-junkies at Firefox who feel the need for us to “report” anything.

Also, consider — in a manner of speaking — ditching the wireless altogether. Every one of my boxes is incapable of wireless without a $10 dongle. Snatch it out and pocket it when you need to walk away from the machine, or at the slightest sign of weasel activity. Ain’t nuthin’ gonna phone home.

Uhu August 27, 2016 9:54 AM

@Pegasus
Why use a URL shortener service? Especially when this service then redirects to another one (bit.ly)? Why didn’t you describe a bit more what this linked article is about?

This is exactly the kind of trick the GCHQ did:
https://motherboard.vice.com/read/gchq-url-shortener-twitter-honeypot-arab-spring

Other reasons why not to use URL shorteners:
https://www.schneier.com/blog/archives/2016/04/security_risks_11.html

By the way, for those curious who didn’t click on the link, it is about a vulnerability in a medical device (pace makers and defibrillators). The security company, MedSec, decided that instead of disclosing the vulnerability they would bet against the company on the stock market because they thought that the medical company would in any case not fix the vulnerability.

Here is the full link to the article:
http://gizmodo.com/hackers-could-make-a-killing-after-finding-vulnerabilit-1785761993

r August 27, 2016 10:10 AM

@Inexpensive Errgap, Scalpel-Happy

The recent NSA ‘leak’ I believe alludes to a wifi exploit, it’s likely a good time to ditch wireless whenever you’re not on the move and practicing your yagi.

Thoth August 27, 2016 10:19 AM

@Clive Robinson

“That is also my reasoning for looking at it as the transport for the Fleet Broadcast system using fixed rate “ring networking” to overlay on existing packet switched networks.”

Indeed Fleet Broadcast would be a better option. It seems very puzzling on why almost 100% of current protocols are still so fixated to the old model of point-to-point or client-server. I am guessing this current model of Client-Server or Point-to-Point is due to complacent that it’s still workable when it is not (in turns of anonymity). TOR have shown to be weak to such methods of tracing since it sends packets from one node or peer to another instead of trying to broadcast it out but as we have seen here on this forum, there exist TOR fanbois and anyone talking out against TOR would be immediately called out as a shill…

I am still figuring out how to implement that ring networking on existing packet switched networks and I have written the key exchange portion which I called DERIS (linked below) which is designed in a “fire-and-forget” manner which suites the Fleet Broadcast style.

The idea for my DERIS key exchange is to use RSA public key to encrypt the sender public key and session Diffie-Hellman params and send off and whoever that can decrypt the RSA encrypted session key means it has the private key and thus is a legitimate contact. The receiver generates it’s own session DH params and wraps in the sender’s public key and broadcast it out. In this manner, both parties can send broadcast with this format for key exchange and due to the fact that no headers or any metadata are shown and everything is asymmetric key encrypted during the key exchange, anyone seeing the packet does not know who is the sender nor the receiver and for the sender and receiver they can continue to broadcast and pretend they are just nodes that pass messages when in fact they are the origin and recipient of the message. Also, while using the broadcast to send messages, there is a high chance that the sender’s address is concealed from the receiver and vice versa due to other in-between nodes repeating the broadcast messages. It would be especially useful for store-and-forward to be added as well.

I think I have the key exchange settled for the broadcast protocol above. What I am left with is the finer details on how to make a practical network and also it shouldn’t be too much latency but security and anonymity is more important than latency I guess. Repeating TOR’s mistake of going for latency than security must not be repeated.

One think I am figuring is when I do a broadcast, how wide should I spread out my broadcast (to how many nodes wide) ? I don’t think UDP broadcast would be all too reliable and may likely get lost somewhere so my idea for now is to settle on having a P2P system riding on a common DHT network or multiple common DHT networks and then do a pseudo-broadcast by sending packets simultaneously to a somewhat random sized “audience” of nodes with an upper and lower limit on the random size of random known “audiences” according to the user’s network capability. Coupled with randomly timed store-and-forward, it would prevent observers from anticipating when messages were to be batched-and-send. The packets would also have random padding to look like normal network traffic as it’s very suspicious to see uniformed sized packets. During the “sending” period, the amount of batched messages to be sent would also be randomized with random sequence to make the nodes all look unpredictable and confuse the “watchers”.

I am still stuck at the above mentioned part although I have the KEX portion figured (I guess?).

Link: https://askg.info/paper/18.html

Matthew August 27, 2016 11:09 AM

@Thoth and Clive,

A question regarding VPN tunnel using HTTPS. Will certificate pinning prevent man-in-the-middle attacks by the firewall?

My corporate firewall always perform MITM attacks when accessing HTTPS sites except for those in the whitelist. This is painfully obvious for sites using HSTS.

Although using another obfuscated encrypted tunnel within can mitigate the attack, I can just use a HTTP tunnel instead with similar results. At least I do not have to creat a cert for HTTPS which will just be stripped away by the firewall.

Thoth August 27, 2016 11:16 AM

@Matthew

Certificate pinning means you only recognize that particular certificate when communicating with the particular server even if someone MiTMs using a valid certificate.

It will detect MiTM and prevent it by dropping the connection if the certificate is incorrect.

You are better off not accessing personal sites from office equipments or networks for the obvious reason you mentioned. Use your smartphone to do personal access and make sure to not use office WiFi in case they are sniffing and hijacking sessions over WiFi as well. Use you 3G/4G Internet connection instead.

Scalpel-Happy August 27, 2016 11:24 AM

@r

Re yagi, is it still OK if I think of my dongle as a logless-periodic?

Ba-domp-DOMP-shhhhhs (drops mic)

Nick P August 27, 2016 11:42 AM

@ Clive

That’s so ridiculous lol. Next we need to do a hardware version that uses nothing but universal NAND’s. The NANDanator will first use a MOVfuscator-like program to reduce problem to string of one instruction. It then compiles that to a series of asynchronous NAND gates to run on FPGA or ASIC of your choosing. People receiving it get nothing but the gate-level netlist. We get to see if their tools don’t crash haha.

Mmmmmh Donuts August 27, 2016 12:05 PM

@Clive Robinson

I can’t wait for the INTERCAL front-end for that MOV obfuscator.

That stunt seems to me like a bunch of state machines, with the state tables implemented as a series of lookup tables.

r August 27, 2016 12:19 PM

@Scalpel-Happy,

If you would like to start putting logless periodic-ally onto your yoga station-ary(i.e. ea), I say by all means: go for it.

Matthew August 27, 2016 12:29 PM

@Thoth

Thank you for your advice.

I wish to expand the scale of the MiTM. What if it is carried out by ISPs due to goverment mandate like the great firewall of China?

All connections will be MiTM and the provided certs will definitedly be fake. We cannot be dropping connections as our purpose is to get connected outside.

Is obfustcation the only way to get around ,or as the chinese will say “climb”, the firewall?

r August 27, 2016 1:31 PM

About the above,

I believe this will lead to even more stockpiling of vulnerabilities and pooling of vulnerability/research resources to without until the very last moment and then cut like a laser beam through the companies value.

Expect more, expect meaner, expect even less transparency.

Clive Robinson August 27, 2016 2:11 PM

@ Matthew,

What if it is carried out by ISPs due to goverment mandate like the great firewall of China?

You have four choices,

1, Accept that they are MITMing you.
2, Find some way around ISP/wall.
3, Do not communicate.

The fourth choice is potentialy risky, which is to combine 1&2 which is to use say a VPN over the link that is MITMed. That is they can see the packets at the MITM point, but they are in some way still secure.

For instance you send plain text but in packets with a secure MAC the adversary can see but not forge data. You get to decide what the plain text is or they block it.

If they alow you to send plain text, then you have a whole load of opportunities available to you by various forms of information within information hiding. Which ranges from the likes of stego through to pre-agreed “One Time Messages”.

There are three reasons why China might want to MITM any entities communications,

1, To check for illegal information passing.
2, Pasive espionage.
3, Active espionage.

We know China uses “illegal information” checking to look for disloyalty / disidents etc.

We have good reason to believe thay commit passive “economic” espionage –as do quite a few other countries– where IP that is passed across the network is listened to. Thus stolen and used for their own economic benifit.

We can also envisage them using active espionage in terms of inserting information in a similar way to the NSA for a whole host of reasons, just one of which is APT related activities.

Active espionage works because of a flaw in the standard protocols that give us TCP/IP. Basicaly it’s possible for packets to be duplicated on the Internet for various non malicious reasons. To stop this causing a problem “duplicate packets get dropped at the receiver”. The method of detecting duplicate packets is very much deficient in this day and age, and gives rise to an issue whereby malicious packets will be accepted if they arive first… Creating such a “race condition” is not difficult if you control the firewall through which all traffic passes. Which in the case of The Great Firwall is China…

In other places you might be able to get away with using multiple ISPs and various “bonding” tricks to split traffic across the various ISPs such that none of the ISPs see the traffic in it’s entirety.

Also the Firewall’s are not likely to have highly skilled humans listening in on every stream of data. That is some kind of pattern recognizer is going to be in use. The question then becomes what you can get past the pattern recognizer without triggering it.

This brings us back to the bad old days of “codes” but in a different way. As an example you come up with a way where short banal or empty phrases are used as the equivalent of a small alphabet. You take a stream of host text strip out any phrases that match your “alphabet phrases” and replace them with other “null phrases”. You then take your message in the English alphabet and translate it into your “alphabet phrases” which you then insert into the host text prior to sending it. One way to do this in a less than obvious way is as part of a translation of the host text from English to say French or German or any other language.

That will pass most patern recognition systems if you put enough redundancy into your “alphabet phrases”. So you might have a hundred phrases half of which replace a binary one, the other half a binary zero. You use some prearanged code to decide which phrase is which for each individual message, or some other trick of which there are a great number.

As codes are known to be weak, you actually use a modern cipher system to encrypt your message and give you reasonably secure ciphertext. You then use the code alphabet to send that ciphertext.

Such techiques have been around for a very long time, partly because they work if care is taken. Even though the adversary is aware of them in principle, they may not be able to spot them in practice.

The ultimate and secure form of codes is “The one time message” without access to the code book –directly or indirectly– they are theoreticaly secure, and unless somebody had been silly in practice as well. They came to the public eye with the BBC’s “Now some messages for our friends” during WWII. In theory they are “A One Time Pad with an infinite alphabet”.

r August 27, 2016 2:33 PM

@Matthew,

The problem is, the signaling techniques and mechanisms aren’t going to be available to the general public – and the more you modulate over an existing channel the more you’re going to stick out like a sore thumb. This is where steganography and embedding comes into play, but the bandwidth for such techniques is miniscual compared to outright obfuscation and blatent encryption.

The other day, @ianf and @Clive were going over basic clandestine signaling (and thus embedding) schemes via HTLM (and further speculations can be found via Wael the week before). In my opinion, since they are both “now” public that Clive’s > ianf’s where inspection is concerned vs deniability. There ARE other divergent techniques from Clive’s that aren’t so oblivious though that fun too can t[h]en be a main line over clear-text public networks – just keep in mind that for a transmission to be communication – someone needs to be no the other [/end].

This kind’ve misdirection is facilitated well by links that contain seemingly random values like

https://www.schneier.com/blog/archives/2016/08/friday_squid_bl_541.html#c6732877

How do we know there’s not pre-arranged responses from the newyork times from a commenters resp[ective] [no|on][sen]se?

Clive Robinson August 27, 2016 2:46 PM

@ Thoth,

The first piece of advice is to split things into layers in the same way the ISO OSI seven layer model works.

For the network layer you are going to put over the TCP/IP I would use a token ring topology. At it’s simplest you have one or two token slots going around in a circle between two or more hosts. That way there is always a fixed flow of traffic which stops traffic analysis. The difference between it and the normal token ring is that you use node to node link layer encryption. Thus each node negotiates a key with the other nodes in the individual token ring. A host will have several nodes each one in a different token ring each using different keys.

Above the token ring layer you implement a routing protocol so that each host knows how to reach any other host there is no reason not to use existing routing protocols which you modify slightly. You then implement a mixnet with onion style encapsulation and importantly “store and forward” capability as well as fixed bandwidth links etc as discussed befor over Tor deficiencies. Over this you then implement the fleet broadcast as a point to point protocol. Obviously you need to send it to the actual destination host D and a mimimum of M other hosts to a maximum of N hosts. And you need to do it in a way such the the intended host D is not at the same position of the send order each time (for simplicity send in the host ID number order).

Yes it sounds complicated but when split into layers you can see how it makes an attackers life difficult even when they work their way into the network.

Duck N. Dodgin August 27, 2016 3:37 PM

“I dread the moment when Windows 7 and 8.1 will get similar updates…” ~Ergo Sum

I agree it’s coming, some say it’s already started.

I saw the direction MS was headed several years ago and bought a brand new 100% legal copy of Windows 7 Pro and stashed it away, just in case. It’s still in the un-opened box.

Looks like it will stay that way. MS OS has become a Mass Surveillance platform. All of them.

HOWEVER, 0&0 Shutup @ https://www.oo-software.com/en/shutup10 and good old Spybot S&D @ http://filehippo.com/download_spybot_search_destroy/ as recommended by somebody last week does a wonderful job quieting down the back and forth jibber-jabber between my computers and MS with W10. I recommend both.

I tried Linux (Mint) and found it to be a great OS. EXCEPT, after dorking around with it several months came to the same conclusion as before: It’s still not ready for prime time with everyday users (or me). There is ALWAYS a dead-end somewhere and the well intended support pages almost always never have a direct response but five very complex moves you can make that “might” work.

Right now, I think Apple products are the way to go, mostly because I trusted Tim Cook when he said they are in business to make devices, not a mass surveillance platform. It may be naive to believe him, but you got to trust somebody.

Clive Robinson August 27, 2016 3:41 PM

@ r,

Although I occasionaly got 100% marks on my maths exam results during my “higher education” I can safely say I’m not on that Two Dozen list.

However there is a correlation with engineering, science, acting and musicians and other “creative domains” where children follow in the parental footsteps as it were.

If you think about it, it’s kind of the expected result of “nurture” rather than “nature”.

I kind of broke the mold, like a good few people reading this blog, in that I entered a domain of endevor that did not exist for my parents. So I did not “follow in their footsteps” so I’m an exception in that it’s probably “nature” in my case as there was no “nurture” other than my curiosity was actively encoraged, as was ensuring that I knew how to find answers in books, journals and libraries (of which I have more than a few in my dead tree cave).

Rebecca Hadron August 27, 2016 3:45 PM

@ Moderator

a request to ban @ianf from this blog please

this has been raised a number of times by several parties
thankyou

k15 August 27, 2016 3:49 PM

if someone delivering packages or someone in the stockroom is dishonest, how can you have confidence that you are buying a phone or computer that is unadulterated?

Wael August 27, 2016 4:11 PM

@Clive Robinson, @r,

Although I occasionaly got 100%

Some people are wired differently. In my college days, I knew a guy from Guatemala who never used a calculator in college exams or homework. And these were engineering classes heavy on math — signal processing, applied math, modern physics, microwaves…

He could calculate in his mind sin(x) to four digit precision. I grabbed s calculator once and kept asking him: what’s log(3), what’s sin(9), what’s tan(x), or what’s ln(3 Pi/2)… He got everything right to 3 or four digits of accuracy, in no time. He memorized entire logarithmic tables, which he used to perform some calculations. Amazing guy… He was the only person in class to score 100% in the applied math class. The highest grade ever in that class never passed 80%.

Clive Robinson August 27, 2016 4:16 PM

@ Duck N. Dodgin,

I saw the direction MS was headed several years ago and bought a brand new 100% legal copy of Windows 7 Pro and stashed it away, just in case.

Your forsight may well have let you down. It appears MS as well as one or to other major applications develooers are including telemetry in their products as standard.

Although I stopped at XP and have one Win7 laptop that’s never been upgraded, I stopped on MS Office 9x and standardised on Postscript level II, RTF and plain 7bit ASCII for most documents and 7bit ASCII CVS format for spreadsheet and DB transfer. More recently striped back 7bit ASCII HTML and certain graphics formats that are “safe(ish)” for mixed documents needing figures and tables.

The reason for this, is partly because they are more universal formats that work with almost any age of software, partly because they are easy to “strip” for including in indexing&search DBs/Repositories, but importantly I’ve written my own “security filters” that I use on my own design of instrumented data diodes to cross security boundaries. However I also have a high resolution printer in the insecure and scanner and OCR in the DMC networks. Oh and dull as it might be it’s often quicker to use audio dictation software than OCR and read for mistakes.

I got “security concious” that way something like thirty years ago, in part due to having to preserve documents kept in “electronic format” where propriety storage formats were used as a way to force people to “upgrade” application software every year or so. And in part due to having to deal with various “agencies of authority”. Hence what I tell people over and over again “Paper Paper, never data”.

Whilst computers can hemorage terabytes of data overnight “sight unseen” because they are virtually impossible to secure, paper in filing cabinates is relativly easy to secure and thus darn dificult for others to get access let alone copy in any quantity without getting caught.

One thing I keep looking at but never get around to is file encryption and printing out in 2D codes. If printed and stored correctly paper records should be good for a hundred years or more unlike nearly all other forms of “data storage” that you would be lucky to get more than a decade out of.

Wael August 27, 2016 4:50 PM

@r,

I remember @Clive Robinson said something like that happened to him. The movie phenomena with John Travolta has a similar story. Good movie, but sad.

65535 August 27, 2016 5:01 PM

@ Clive Robinson, Thoth, Matthew and others

Given Clive’s negative out look on certificates and the ability to “Man In the Middle” them what happen to certificate “notary” project to identify and block fake certificates [Perspectives and so on]?

https://perspectives-project.org/

Is the certificate notary system still helpful at ID’ing fake certificates?

@ Inexpensive Air Gap and Scalpel-Happy

Although, Firefox seems to be one of the lesser evils compared to Microsoft’s Edge/IE and others, I also am concerned about the amount of information it leaks.

@ All

What is the preferred major browser?

Hat tip to Scalpel-Happy for the about:config solution.

ab praeceptis August 27, 2016 5:10 PM

Duck N. Dodgin, Clive Robinson (and possibly others)

Funny. For a small pet project of mine, which is intentionally cross-OS (which I normale don’t care too much about), I had to fire up a Windows (7) VM.

I was shocked.

Like some of you I remember the old days when windows seemed so clickedly click comfortable while on linux and the bsds software, let alone useful software, was meager and when buying hardware one had to tinker around to find something supported.

Those times are gone. Some years ago when we got a new notebook for my wife I just installed Mint and I never heard complaints. She is happily clicking and typing. Admin and trouble time with that box was no more but in fact less than before with windows.

No, I’m not a linux fanboy, quite the contrary. But unlike 15+ years ago, today it seems to boil down to “Do you want to be able to look at the plumbing yourself in case that is needed?”. With the unices I can, with windows one is still held slave by a “friendly” layer that sometimes turns out to be something in between a mental asylum and a weaponized rottweiler.

Security is not something I expect of either (though on linux one arguably can make ones box considerably more secure while on windows one can’t. All a windows user can do is to buy security snake oil.)

Disclaimer: I use and even see windows rarely enough that my view might be considerably hampered.

ab praeceptis August 27, 2016 5:27 PM

65535

Certificates? Forget it.

There are some well intended projects and approaches to enhance the situation somewhat but there are but band aids. PKI is rotten to the core and in pretty every aspect, down to asn1.

Would you trust a Mr. ABC calling you and sayig he called as an official of the XYZ regional government in [some country far away] and telling you that you can trust a certain person you never met?

Probably not. Why on earth would you trust a certificate then? Because someone payed 15 or 50$ for it or because it makes your browser show some lock icon or even a green bar?

It might be possible to trust state CAs insofar as they are bureaucratic and often at least attempt to properly verify identities and are in a position to do that in the first place. On the other hand, guess who is the party frequently abusing his CA position to perform MITM attacks and to eavesdrop on his citizens …

CarpetCat August 27, 2016 6:56 PM

@Clive Robinson,

You’d be best getting high quality paper, lest your codes yellow and wither. Oh, and type it all out by mechanical typewriter, lest some automatta squirrel away an odd, or an end!

65535 August 27, 2016 7:23 PM

@ Scalpel-Happy

Cool ghack link. Thanks!

@ r

I remember reading about that cert problem. It’s interesting that Bruce S. was thinking about making an open source CA. I guess that will have wait until he straightens out Tor.

When looks at Firefox I see a lot Chrome/Chromium chunks in it. I am not sure if I would trust Apple to not key-stroke log my box… after reading some of the NSA stuff. But, that is just my personal position.

Don August 27, 2016 9:14 PM

@ Wael
and your maths colleague

from what I read, Japanese students become deeply acquainted with an abacus from an early age, in their schooling. Some can easily visualise the abacus after so many years of familiarity, and complete
extremely lengthy calculations in seconds. They can be seen to be concentrating intently and waving their fingers around in the air as they do so 😉
Just like memory rooms and other methods for memorisation, there
are methods for maths that appear miraculous but are the product simply of learning

Check out Vedic mathematics – claimed to be mostly lost now by arrived via a yogic scholar

its based on idea maths was and should be practical and real world based, 3D.

http://www.jainmathemagics.com/

some extremely basic and rudimentary principles taught in the materials including the ability to count to a million on your fingertips in moments. and visualisng 3D geometric shapes to solve equations by mentally tracing the lines that comprise the shape, to solve the equation
Also surveying and landscaping, road building etc using no physical tools for measurement simply observation of the land and vedic mathematics skills

incidentally Jain is the guys name not a religious reference

Don August 27, 2016 9:26 PM

@ Wael @ All

sorry, I meant that the examples I gave of the vedic mathematics (visualising 3D shapes to solve equations, counting to a million on finger tips) could be considered the rudimentary and introductory skills in the materials that form a much larger skill set.
At the beginning of the video its explained how children have such trouble with maths, mostly, because it’s abstract and 2D and doesn’t appear to bear any relationship to the world as they know it
It seems a pointless construct

As a tangent, could I controversially suggest that this may be one factor for more girls not pursuing careers in coding and programming? They have brains more holistic in perspective by default, what passes as maths must seem so alien to their more sophisticated brains

On the Vedic maths, it was a long time ago but I recall the story goes a yoga scholar brought 12 volumes of the teachings to the west, maybe 100 years ago. and 10 of them mysteriously disappeared. And Jain learnt from his teacher who was a student of that original scholar – with the two books remaining forming the series Jain promotes around the world.

apparently ‘alternative’ schools systems like Monetessori and Steiner – have you heard of those – are picking up the Vedic maths approach

Nick P August 27, 2016 11:42 PM

@ r

I saw that one. I didn’t realize before it that the human-centric and machine-centric proofs were so different. I think I got caught in an echo chamber that time where almost everything I saw was on proofs done by people tied to computers. So, of course the tools and proofs would shift from selective and manual to pervasive and mechanical over time with more and more appreciation by users. In retrospect… of course. 😉 The article made me wonder, though, if those making or using provers need to shift their strategy to ensure the intuitive advantage mentioned. Maybe one proof can accomplish both agendas but otherwise do two with one for each.

Wael August 27, 2016 11:43 PM

@Don,

Pretty interesting methods!I have not heard of them this way. A Malaysian student back in college days told me about multiplying numbers that end in 5. I discovered on my own (although it maybe described elsewhere) how to quickly multiply numbers by 9 or a series of 9s. For example 123 * 999 or 786888 * 99999. I’ll let you guess how to do it in one step, in your head. If you grab a calculator and go through a series of test vectors, you’ll quickly discover the pattern.

Getting way OT here…

As for

and Jain learnt from his teacher who was a student of that original scholar – with the two books remaining forming the series Jain promotes around the world.

This immediately reminds me of Srinivasa Ramanujan. He claimed he can see and visualize numbers. Numbers were his friend, he says, and was able to show as well. You’ll find some amazing stories about him.

Me? I have no need for these math methods at the moment. I have calculators left and right. One thing I thought about, to bring us back on topic, is future brain chip implants. These can interface with the brain cells and do the calculations for us, help us memorize things, and perhaps keep the equivalent of private keys in the interface between the brain and the implants. But knowing how things are, these will be subverted as well. And we may have to pay a service fee or become “stupid”. Then again, we may be forced to receive software updates without out consent, or even knowledge…

Monetessori and Steiner – have you heard of those

I have not, but now I have… I downloaded a pdf on Vedic math, read a few pages, jumped around in the 160 or so pages, and most of the operations were multiplication and division short cuts. Didn’t see any trigonometry or beyond.

Ancient civilizations had a lot of knowledge that was lost. Who knows how much knowledge was gone with the library of Alexandria…

Wael August 27, 2016 11:51 PM

@Nick P, @r,

Maybe one proof can accomplish both agendas but otherwise do two with one for each.

People who were a teeny bit smarter than you (and perhaps me) failed to realize this dream[1].

[1] Einstein (not the bagel place) and the unified field theory…

tyr August 28, 2016 1:58 AM

@Nick P,

A machine proof has to be logical and of limited
sequence. A human proof has to be able to jump
across enormous gaps to present material that is
then obvious once connected.

Even AI is going to stumble when trying to do the
jumps we take for granted.

You can see why Euler didn’t know how to swim
(seven bridges of Konigburg) a machine is highly
unlikely to be able to do that jump unaided.

Joshua August 28, 2016 8:37 AM

@ Duck N. Dodgin wrote, “Right now, I think Apple products are the way to go, mostly because I trusted Tim Cook when he said they are in business to make devices, not a mass surveillance platform. It may be naive to believe him, but you got to trust somebody.”

But they DO have a surveillance platform, it’s called the App Store.

Wut Upp August 28, 2016 9:34 AM

Facebook paid $22 billion for WhatsApp which generated $10.2 million in revenue last year.

FB already had a chat app called Messenger. So, what’s up about WhatsApp?

End to End Encryption which drives police state governments stark raving mad, that’s what.

Except, the security lobby never complains about WhatsApp anymore. Not one bit since April when the new system was announced.

And, FB publicly admits Group Chats are never encrypted. (an off/on switch?)

Are millions of people blabbing away on WhatsApp thinking their conversation is encrypted and private, but…it’s not?

Have we been Zuckered again? And, what kind of “entity” would pay so much for a company generating so little revenue, but tons of data….maybe a government?

Today’s pop quiz question: True or False,

“WhatsApp becomes FBI-proof for its 1 billion users”?

Special Agent Buster Hymen August 28, 2016 9:36 AM

FBI quadrupled its seized child porn market. They elicited 200 new child-rape videos, 9,000 new images, and 13,000 new links of child rape and torture. FBI disseminated them worldwide, revictimizing the raped children. Then they lied about it in court. FBI induced child sexual exploitation in breach of DoJ’s Online Principles, the Adam Walsh Act, and Supreme Court canons of decency integral to the due process clause.

FBI did it all so they could play with their ‘NIT’ cyber-toy. FBI’s much-hyped NIT caught less than 1% of their satisfied customers. FBI could have caught more by shutting Playpen down and busting the idiot pervs who used their own IPs.

https://assets.documentcloud.org/documents/3032955/Motion-to-Dismiss-Indictment-in-Chase.pdf

On Comey’s watch FBI has gone past the Stasi’s end-stage degeneracy. The only way forward is to defund FBI, demolish the Hoover building, and watch the crime rate fall.

Nick P August 28, 2016 10:34 AM

@ tyr

Makes sense. Probably a lack of common sense or general knowledge in computers. We might have to get Cyc working with a theorem prover and AGI before we can begin intuitionist proofs.

@ Wael

A guy that designed refrigerators and had trouble understanding quantum physics couldn’t develop UFT modeling everything with a few equations? Big surprise! Not sure that means anything for wiser people like us.

@ ab praeceptis

So, you mentioned doing formal specs/proofs. We don’t have a lot of those people on this site. What tools do you use and problems do you tackle? What’s your favorite work in the field that leans toward practical side?

ab praeceptis August 28, 2016 10:47 AM

Nick P

I think it’s not “either or” (human-centric and machine-centric proofs) but one as well as the other.

How do many attacks come into existence?

Engineers think in terms of the product, its use and usability and of certain boundaries of quality, reliability, etc. Attackers, however, often think in quite different terms. They question premisses, they, in a way, put human creativity and ingenuity against machines (and thinking along that axis).

Most importantly, humans can tick like that, machines can’t – and that includes proving systems. Moreover, those systems don’t spring into action by themselves; they are limited to the role of a tool which is used by a human with a given set of assumptions, targets, etc.

My system can, for example, check whether any algo I throw at it, does meet a given set of assumptions and interests. “Assumptions and interests” is the key word and it leads us directly to the human factor. An engineer usually has a mind set quite different from that of an attacker. In fact, that in itself, constitutes a significant part of the attackers playground.

Certainly, math could be used to create a watertight solution, but, just like the verifier, it’s limited to the boundaries we humans create.

Which again (I know, I’m not making friends here) quite directly leads to “We must teach them properly. The next generation of engineers will only be as good as we educate them”.

I like the evolution of this thread: It makes us think about our role (and our way of processing) and the machines role. If we understand our role that will promise lots of progress because it’s a part of our problem to not have seen the role of the machines and ours.
What I like about machines, though, is the fact that they can be valuable helpers in making us more credible thinkers; they take over the part we humans are not made for (e.g. massive and boring calculations).

One important step btw. is to actually create resonable boundaries for machines to check. If I throw “int day” at the compiler (machine) it will be considerably less helpful that if I feed it “day : 1..31”, Small example, small thingy, unnerving ab praeceptis, why the hell is he riding on those pesky small things? Because they show how little we refelect about ourselves and about machines and because hackers love to play with things like “day 0” or “day 32”.

@tyr

Very funny remark, Euler and the 7 bridges 😉

But “without the need to swim or use a boat” was part of the problem definiton. Anyway, I smiled and liked your remark.

Dirk Praet August 28, 2016 11:08 AM

@ 65535

It’s interesting that Bruce S. was thinking about making an open source CA. I guess that will have wait until he straightens out Tor.

There’s Let’s Encrypt nowadays, co-sponsored by EFF and which Bruce is a board member of. Its root key (ISRG Root X1) will be trusted by default in Firefox 50.

@ ab praeceptis

… though on linux one arguably can make ones box considerably more secure while on windows one can’t. All a windows user can do is to buy security snake oil.)

That’s not entirely true. While it’s probably impossible to make it “secure”, there are plenty of good hardening guidelines out there to dramatically reduce its attack surface.

@ r

In case you guys haven’t seen this, I assume this is why we try to “beat” ideas into others so frequently…

I’ve always been fascinated by such people, but these super skills in many cases seem to be a bit of mixed blessing with the affected generally being unable to hold normal jobs or maintain meaningful relations with “ordinary” people.

@ Thoth

Does it look somewhat usable and friendly from the few basic screenshots ?

I like it.

Nick P August 28, 2016 11:09 AM

@ ab praeceptis

So, you mentioned doing formal specs/proofs. We don’t have a lot of those people on this site. What tools do you use and problems do you tackle? What’s your favorite work in the field that leans toward practical side?

albert August 28, 2016 11:27 AM

Has anyone tested Scalpel-Happys ‘delete url” idea?

I tested it on my Linux box, and Firefox failed to launch. I had to reload a backup of the .mozilla folder. Mozilla doesn’t use the OS-supplied .config and .cache folders; it has it’s own: .mozilla.

Chrome and Opera will tolerate total deletion of their .config and .cache folders. They just reload ’em on restart.

. .. . .. — ….

ab praeceptis August 28, 2016 11:30 AM

Nick P

“What tools do you use and problems do you tackle? What’s your favorite work in the field that leans toward practical side?”

I’m not at liberty to directly and fully respond to that, but I can offer some more general remarks.

I have a very strong preference for european tools if any possible. For good (non political) reasons; they are thinly spread, however.

What I did immediately like was TLS+ (but in the end I couldn’t and didn’t use it). I also liked the B tools (b-event, rodin, etc); they fascinated me, partly because Abrial comes from an excellent academic pedigree and because I like his approach. For my field, however, they turned out too “bureaucratic” (large corps, however, seem to love them); moreover I intensely dislike java and even more so eclipse. Of course I played with quite some more and funnily some of them turned ot to confirm my first gut feeling. Promela, for instance in my eye (warning, subjective!) is cumbersome, next to useless, and of rather poor and limited thinking. I would have liked to look considerably deeper into upaal and Co. but their licensing is too limiting.

One of my favourite contemporary works is llvm (even though it’s in C++). Some less contemporary but very influential works are Modula (2 and 3), of course Oberon, of course B. Meyer (Eiffel) but also setl which I enjoyed for many small ad hoc tasks.

You might say “Quite some of those are not about spec/verif./proving” and you would be formally right but I have my own view. To me, it’s one big conglomerate with vague boundaries. Type systems, for instance, do belong into the realm of formal spec and verif. As you might have noted formal specification is also an imperative element for me while others hardly mention it.

Which basically answers to a large degree your question for the problems I tackle (and hence my field). My field and main interest is safe, reliable systems from an engineering perspective (though my beloved private entertainments, math and philosophy, almost necessarily enter my work, too).
In that endeavour I’m open to many things but also stubbornly tough and pragmatic with a solid resistance against nonsense (like even fridges needing 256 crypto because 128 bit just isn’t good enough).
A colleage once said that I’m basically a (somewhat obsessed) knight against premisse and boundary errors. Oh, and, I’m not only consulting but I also (co-)design and lead projects and typically code myself, both for necessity (one should have a tight pragmatic relationship to ones field) and for fun (I like the complete cycle from reflection down to final code).

My coding is done mainly in FreePascal although I strongly prefer Modula but, alas, practical reasons led me to that compromise. I also looked quite profoundly and repeatedly into Ada but found it to much perverted (I do like, however, the gps). The most important soft criterion for a language, other than the usual language criteria, is for me how well and hopefully directly I can transform a formal specification into code.
Next to quite some exotic languages (e.g. alice) at which I look and with which I sometimes play somewhat for experimental reasons, the languages I use most besides the Wirth family, are python (quick and dirty utility jobs), setl (tinkering) and C (heavily guarded and paranoically double checked where necessary (OS, lib bindings, etc.)).

Thoth August 28, 2016 11:32 AM

@Dirk Praet
I am inching closer to a hardware-based open source file and text encryption system (via GroggyBox) to complement systems like variants of Truecrypt and also OpenPGP (which were never designed to support hardware-based security from day 1).

Nick P August 28, 2016 12:29 PM

@ ab

Interesting. What do you think about short-cutting some of the executable specs or verifications in Prolog for reference implementation or simple verifier? I see numerous people mention this online in different ways: Prolog or Mercury for implementation; Prolog as executable spec tied to something like Z; first-order logic’s decidability benefiting type systems; combining dependent types with first-order logic for automated, static analysis. So, its possibilities are what I’m investigating recently. I’m particularly interested in feedback on catnaroek’s suggestion on the latter. Practically the whole field is doing HOL-based stuff, which is inherently manual, but the FOL-based stuff has had lots of automation success in the past.

ab praeceptis August 28, 2016 2:07 PM

Nick P

What do you think about short-cutting some of the executable specs or verifications in Prolog for reference implementation or simple verifier?

While I’d strongly support to make a semester or two of Prolog mandatory for CS, my answer to your question is “Little”.

For different reasons that I already briefly mentioned. And there is another important factor that makes me to not expect much from that approach. What we often losely mix together actually are quite different fields, depending from where you look from.

If I’m a mathematician or an architect or a sw engineer or a cryptologist is so decisive a difference that it basically all but seperates the related fields in quite different ways with quite different weights.

More importantly though I consider the prolog approach seductive and even seemingly obvious but in the end short circuited.

To solve the problems or to at least build an approach or, if we are lucky, even an adeqate toolset, we first must understand the underlying problem domain. That means we must, at least partly, leave our field of expertise (A civil engineer may spot many problems but he will fail to spot problems outside of his field such as, e.g. “style” and “social factors”).

The underlying and causal problems imo stem from mainly two facts, a) the human vs machine difference (plus, as I mentioned earlier some ugly sidenotes like understanding way to little how we/our brains tick) and b) the logic vs implementation difference.

The prolog approach seems short-circuited to me because it is the very implementation of (an attempt of) transforming human logic to machines. Hence it brings little to the table in relation to our task. It doesn’t help us to bridge the above mentioned causal problems.

Moreover, we must start pragmatically; after all we want to solve a practical problem with ugly beasts beneath. The decisive figure is/are the software people, i.e. the designers and the coders. This defines the mindset; whatever we come up with must be congruent with that -and- it also defines, so to speak, the codomain of what an acceptable solution is.

While, looking superficially, one might think that we have a plethora of knowledge and even tools at our disposal, this is actually not true. Hint: The best formal tools are of lamentably little value if engineers won’t use them (because they fear them, because they look “too theoretical” etc).

And indeed reality seems to confirm my impression. Rodin, for example, a very fine tool by a very bright man, is not seen as immensely valuable and desirable by most engineers (if they know it at all). Typically it’s used in high pressure situations (like “this is a railway management system. 99,9% good just isn’t good enough!”) and on top in rather large and rigid organisations.
“Funny and easy” (but largely worthless) approaches, on the other hand, easily reach acceptance.

Imo, one of the most powerful properties of spark is hardly ever recognized: It has a “face” that doesn’t frighten or apall engineers. “Is it at least close to a really good solution?” – hardly matters. Even a mediocre solution that is actually used is way better than a theoretically better solution that fails to find acceptance in its intended clientele.(Et voilà, here we are again at the human factor I stress so often).

The reality out there is a very bitter one. I have, in fact, often to fight to propagate understanding and acceptance for the simple and bloodily obvious (I think) necessity that software can’t be “just programmed” (or worse, hacked, an outcome of the stupid “fun” “culture”). Moreover I have to explain that “we buy good libraries” is not a solution, unless these libraries are reasonably verified (Most are, in fact, not even reasonably specified, let alone verified).

Back to the “philosophical” part: Problems usually are, no matter whether we like it or not, to be properly examined, identified and described, before we can even start to think about a solution (Otherwise: What the hell are we trying to solve?) and I see only one path, which is a more or less mathematical one. There prolog might indeed be helpful but no more helpful than a number of other devices.
At the other end of that path is software, i.e. the implementation of algorithms.

That pretty much describes my perspective. It is one that sees this path from more or less pure mathematical to more or less practical (up to as in “hardware, logic cells” etc). And I see that in the center of that path is the software architects, designers, coders around whom that hole game turns and who set the rules for what is acceptable (as rule, as tool, etc.) and what is not.

That center must doubtlessly evolve but so must other fields and even the very understanding of them. I am, for instance, badly missing more technology philosophers (real ones, not the blabla drones (“evangelists”)) with a strong background in reasoning and mathematics as well as more than a rather remote experience in the engineering field.

That, btw. was behind one of recent my criticisms across the ocean: they have a very strong tendency and “culture” to equate “machine” to “better than mere humans”. Along that way they have created a plethora of ugly problems, in large part due to a severe lack in intellectual foundation, leading, among other problems, to an annoyingly sad and ill ignorance of the human factor and hence to very major problems.

I complimented tyr not coincidentially for his Euler fun. It is humans (like e.g. Euler) who extended the solid intellectual foundations – not machines. Last but not least: Complexity and quantity will not save us. What will save us is much more to do with, e.g. Wirths famous “simplicity!” – which looks so simple yet is so hard to reach.

k15 August 28, 2016 3:16 PM

How do we fix an industry’s “industry standards” so they’re actually customer friendly? Does a human sacrifice have to come first, or is there a smart way to improve them?

Nick P August 28, 2016 5:08 PM

@ All

re Testing

I checked on Wheeler’s High-Assurance FLOSS page that he apparently updates on occasion. I found some interesting tools, including a 555-byte prover. The best find, though, comes from NIST: Automated, Combinatorial Testing for Software (ACTS). I went with the briefing slides and it was worth it.

They start with fact that combinatorial explosion means testing can only do so much. Then, they empirically note that almost all software errors happen with just a few combinations of variables. All of them in empirical study maxed out at six. So, instead of looking at all combinations, just look at all n-way combinations to reduce problem space. Then, figure out how to encode multiple combos per test. Result is what naively might take 100,000+ tests can take well under a 100. The test results were great with the field-test results from Lockheed coming back as mixed between got results and did nothing. I assume they already have decent QA in those, though. NIST was kind enough to give it away for free but you have to email them. Idk if they’ll put a download link up or officially FOSS it.

Might be worth programmers into QA trying out on some OSS software you know is buggy. Something you build for testing or old versions with known issues. Interesting to see what it catches and how long it takes in the 3-6 way combinations.

ab praeceptis August 28, 2016 6:10 PM

Nick P

While Wheeler lists pretty much anything not running away quickly enough, he seems to neither mention Eiffel, nor Modula-3, nor Larch (the letter half-understandably, though there are quite some other half-dead or dead projects he does mention).

And: Much of the stuff mentioned is hardly in a usable state or has problems or (unmentioned but grave) limitations or … (incl. plain dead links and people having turned to other projects long ago).

But generally speaking that’s a quite useful site (says me today who knows about some parts of that jungle) and at the same time a site – representing also more generally the status of things in that community – that would frighten away many engineers (probably, I assume, the vast majority, incl. myself when I was rather new to the jungle) if alone for completely overwhelming them and making them feel that they should go back to university before having any chance to make even a modestly informed (p.c. for “not idiotic”) decision.

To make it worse, we as software engineers have many factors to consider; things are interdependent. What use has a nice tool that supports language ABC but not the one I happen to use (or even have to use).

Sidenote: I advise colleagues to bluntly ignore all “security” standards. For one, they are quite arbitrary, sometimes even more or less dictated by some industry (e.g. misra-c, cars), and hardly the outcome or proper reflection (-> math, not “experience”). My suggestion is to rather go back to the math books and to find ones own way at anything in terms of formal sepc/verif/valid/proving.

Reason: a) It’s not about the tool, it’s about you understanding and applying what you’ve learned and b) my experience in projects shows that even having merely read about and spent some days with that field, considerably changes programmers minds and habits.

Otherwise: Thanks to Nick P, and have fun with that list

Another Microsoft Deception August 28, 2016 6:20 PM

At the Be*t Buy, for the last several weeks there have been Microsoft paid employees posing as the electronic chain employees wearing their enumerated blue shirts.

Further there are now aggressive, commissioned vendors on many isles. These corporations are out in force pushing-hard their new Internet connected products with the goal to data-mine clueless millennials. The unstated goal is to monitor and control your home network and sell away your privacy.

I went to browse AIO printers with Ethernet connections. Based upon the changing security situation, my choice is a printer with open source drivers. Otherwise proprietary printers could gather network data and report home.
Lately Vizio has partnered with Google and AT&T with DirectTV. Like Microsoft these are smart sophisticated corporations who delight in playing dumb. Scary times indeed!

r August 28, 2016 6:25 PM

@All,

Actually, maybe we could use that for biometric security?

Maybe it is a good idea to flood our homes with &10i?

Lemmee Ahlohn August 28, 2016 6:27 PM

How do you clean up/delete search and url data stored in the W10 webcache file (something like the former index.dat file), and likely available to MS via telemetry?

That was my quest today. Let me tell you, it’s not easy. For example, you can kill taskw.exe with task manager, then quickly delete the webcache folder buried at C:\Users\user\AppData\Local\Microsoft\Windows\WebCache. But, if you aren’t quick enough Windows restarts taskhostsw and prevents the delete, and in any case W10 restores the file in a few seconds anyway even if you are quick enough. Etc.

Then I stumbled on this app:

Privazer, “Free PC cleaner & Privacy tool” https://privazer.com

It’s sort of like CCleaner on steroids because it addresses privacy issues as well as merely cleaning junk files. And, it cleans the webcache file(s).

I tried it and it seems to do a very thorough privacy sweep. The cons are it’s a bit slow. Also, there are questions about the company in that it has sketchy corporate address and no one has ever heard of them. Anyway,

I think it’s a good product myself. You might too. It works. And no, I have no connection whatsoever to the company or product than what I said here. Besides, it’s free.

Nick P August 28, 2016 6:46 PM

@ ab

Modula-3 is dead and not a verified tool. He briefly mentions Larch in the Splint post. It might have deserved its own place. Eiffel’s Design-by-Contract should definitely be on the list for medium assurance. SPARK adopted it. It has most of the best ones on there along with others to learn from or build on in some way. Lots of dead or barely usable stuff. I saw it as a reference page for all kinds of projects. It needs to be cleaned up and filtered into a simpler one.

“Sidenote: I advise colleagues to bluntly ignore all “security” standards. For one, they are quite arbitrary, ”

That’s not true and they shouldn’t. The decent ones, if you focus on assurance activities, usually did improve your system security. They were above what was normal in commercial sector or FOSS. I gave examples here.

“My suggestion is to rather go back to the math books and to find ones own way at anything in terms of formal sepc/verif/valid/proving. Reason: a) It’s not about the tool, it’s about you understanding and applying what you’ve learned”

It’s actually both you and the tool. There’s quite a few types of formal techniques out there. The effort put in, results obtained, and areas applicable vary considerably across them. Picking random tools won’t give best results. At this point, it’s probably best to do it like with programming languages where you pick a tool with good track-record, libraries, and community. The top contenders are Coq, Isabelle/HOL, PVS, and ACL2. Coq is easiest of the three. There’s also dependently-typed languages like ATS and Idris that can be easier than heavyweight provers. There’s model-checkers like Alloy and TLA+ that give benefits with minimal learning. People are best investing time in a tool like those given they’re more likely to get results.

“Otherwise: Thanks to Nick P, and have fun with that list”

I did years ago. Plenty of benefits. 🙂 His article on SCM is even better. Closer to how the high-assurance page needs to be for easier accessibility.

ab praeceptis August 28, 2016 7:42 PM

Nick P

Modula-3 is dead and not a verified tool.

Uhm, there quite some really dead items in that list and there are not-more-verified and even less verified tools in it.

Most importantly, however, I very happily contradict: Modula-3 is not dead, thanks to a small german company (elego) and a small but active community. And yes, there is still work done and things looked and worked at and discussed (e.g. a llvm “back end”). Moreover, Modula-3 can be built on current OSs and OS-versions (something quite many items on the list can’t offer).

Finally, Modula-3’s sys lib was verified, something very few languages can say about themselves.

“security standards” – I stick to what I said. With solid reasons. But I can live with the agreement to disagree.

“you and the tool” – again: what looks nice in papers often enough is not in reality. “not” as in “practically unusable”, “doesn’t even compile on current systems”, “has grave weaknesses”, etc.
Moreover, again, most developers can’t just switch the language; often enough they can’t even decide on it. Whatever tool one uses, must somehow fit into the work (and mind!) cycle (which is very different in a uni CS lab from a company project setting). Last but not least: Where’s the tree to pluck the needed engineers from? Because, you see, I need people to actually work on a project.
Kindly keep in mind that I speak of practical experience. Have gone those ways, had my feet on them, know them.

Also don’t forget the real world out there. The vast majority of software can claim nobility if there was some uml diagrams around. Most can’t even claim some uml BS-bingo (Yes, I hate xml and everything related to it).

The best results I’ve seen so far have not been due to tools but due to changing minds and a knowledge increase.

It’s somewhat akin to other security related issues like crypto. There are discussions about Isabelle vs Coq or about aes-128 vs chacha20/12 … while, in fact, the problem is that >90% simply don’t care and/or know better. Our problem here (formal methods, etc) is not that we must achieve 99.98% rather than “only” 99.96% – our real problem is blunt ignorance and grave lacks.

Denise M. B. August 28, 2016 8:12 PM

@ Wut Upp

“Facebook paid $22 billion for WhatsApp which generated $10.2 million in revenue last year.”

Latest memo has it that FB will begin monetizing on personal data from WhatsApp by taking some of that good stuff for targeted advertising and other goodies.

Apparently, FB is quickly transforming itself into the new “microsoft” of social network engineering.

65535 August 28, 2016 8:26 PM

@ Dirk Praet

Thanks, I have had Lets Encrypt bookmarked for a while. I wonder what actual “in the field tests” of it’s certs for email, code-signing and web servers are doing [are they working well or not].

Denise August 28, 2016 9:03 PM

@ ab praeceptis, “But unlike 15+ years ago, today it seems to boil down to “Do you want to be able to look at the plumbing yourself in case that is needed?”.”

I think it comes down to cost and what people perceive as basic, essential functions necessary to get their life going. If your toilet stopped running water you can either 1. pour a bucket of water in it before you flush or 2. get a plumber to look at whats stopping water from running to it. If you cant afford the $200 an hour cost of someone else’s labor, you might get down to it and try to repair it yourself.

What I’m trying to get at is, things work very differently 15/30/45/60 years back, especially if you live in the boonies. In the case of computers, where much of our social functions are centered today, 15/30 years back if you told your peers you use your computer to social they’d look at you in a very disturbingly funny way. Things had changed so much that today one would be hardpressed to find a job to support him/herself without computers and social network accounts like facebook and linkedin.

so the short answer to your rhetoric question is yes if it becomes a hindrance to life necessity.

r August 28, 2016 11:17 PM

@All,

https://it.slashdot.org/story/16/08/29/0031252/how-security-experts-are-protecting-their-own-data

The funny thing, at the bottom of the article header it says:

‘”Bruce Schneier had a similar answer. When the reporter asked how he protected his data, Schneier wouldn’t tell them, adding “I’m kind of a target…”‘

Which is very funny, because that specific response is from 1999 – talk about slant or taking something out of context… It’s 2016, I’m certain there’s more up to date responses considering @Bruce’s involvement in the Snowden stuff post-hoc.

But @by the rules,
There’s some obscurity for ya.

ab praeceptis August 29, 2016 12:03 AM

r

Funny, thank you.

I can offer something funny, too. When I’m in the right mood I cut the “obscurity is not security” evangelists short by telling them “So, what do you think gazillions of bugs in C, Java, etc code prove? To me that looks quite convincing”, haha.

But the above Bruce Schneier argument is indeed cool.

Clive Robinson August 29, 2016 2:10 AM

@ K15,

How do we fix an industry’s “industry standards” so they’re actually customer friendly? Does a human sacrifice have to come first, or is there a smart way to improve them?

Aside from the “Toothbrush”[1] and “Industry Capture”[2] problems, few people realise the implication of standards and how they work or not as the case may be (it’s something the Europeans appear to understand a little better than others).

In the same way that “no man is an island” standards do not stand on their own. Often those drafting original or new standards in their own domain appear to be not cognizant of this problem thus build in future problems sufficient for the standard to fail and fall into disrepute, the obsolescence, but still lingering like the ghost at the party.

Before you come up with a new standard, you have to think about not just what small problem domain needs it but the broader context.

To put it in terms that many will understand standards show the same problem as building “Core libraries” for languages and OSs.

That is a standard should perform a distinct function, which fits in with similar functions in a hierarchy. Importantly it should be designed to be fully replacable without effecting other functions. Thus it should have a standardized interface and encapsulate it’s own requirments and limitations.

Thus not only do you need standards for distinct functions, you need framework standards for them to drop into in a “plug and play way”.

One aspect of framework standards people tend to forget is that the interface and function it has is dependent on how high it is in the hierarchy or as we tend to call it “the stack”. The other problem is that each standard also acts as a constraint on what is possible by the standards above it. But if it is to broad in scope a standard is not just inefficient it can also be ineffective to the point of being usless. Thus a standard should not dictate upwards other than what is strictly necessary to do so. Likewise it should not require from below what is strictly necessary.

Thus the question of “customer friendly” should only be relevant to the “interface standards” of “User Interfaces”. Thus all standards below the UI or Presentation level should be agnostic to the human wants needs and desires.

[1] From the old joke :- Standards are like a toothbrush, everyone agrees you should have and use one, but nobody want’s to use yours.

[2] Standards are not made by disinterested parties, especialy standards that come from self appointed industry bodies. All to frequently such standards are used to raise revenue or form closed groups that keep small inovative players out of “the big boys” markets. One such method is to mandate the use of a patented algorithm etc, thus to use the standard you have to “kick back” royalties to founding members of the standard… (can anyone say MPG without a shudder).

Clive Robinson August 29, 2016 2:46 AM

@ r,

More reasons to not run wireless in your house:

The problem is that in the UK a goodly number of homes are not isolated that is houses have dwellings directly attached left and right and above below and infront of in the case of flats / studios / appartments.

Thus although you might not have IoT the chances are you are still surounded by it.

On a related note, some years ago a company developed a “microwave breathing detector”. This was for prison cells and the like to detect suicied attempts etc. It could work with three or four people in the same room…

There has also recently been a paper about using WiFi signals from a laptop as they interact with the users fingers whilst typing to detect what is being typed…

However I did notice the use of the expression “non intrusive” in the papers intro. Another fine example of “weasel words at work”. That is whilst not physically intrusive, the fact they can see you just like an airport Rape-escan is not mentioned as being intrusive…

JG4 August 29, 2016 5:57 AM

I don’t generally visit infowars, but I find their work entertaining

http://www.infowars.com/clinton-campaign-uses-snowden-approved-encryption-app-to-discuss-trump/

I like the deadman cord concept as a way to insure information security, but I’m skeptical that it is sufficient, because of all of the backdoors and secret information repositories on mass production hardware.

the DPR arrest story could be disinformation to make people want to use TOR and disk encryption. someone posted here a long time ago the disposal procedures for computers that ever touched classified information. all of the bits that have to be smashed implies that there is a lot going on behind the scenes.

you are matching wits with a large team of some of the brighter people on the planet of unintended consequences. it will take a coordinated effort to produce secure environments.

Dirk Praet August 29, 2016 6:05 AM

@ 65535

I wonder what actual “in the field tests” of it’s certs for email, code-signing and web servers are doing [are they working well or not].

It’s getting increasingly popular for web servers, especially since it’s now also in Virtualmin and Plesk Web Hosting Control Panels. For a full list of clients and projects integrating with Let’s Encrypt, see here.

I haven’t tried it for email certificates yet, but that’s on my list as soon as my current (free) Comodo certificate expires. I have been using those for years as it’s still the easiest way to do confidential emails with customers or even private persons PGP/GPG is just a bit too complicated to explain to.

r August 29, 2016 6:11 AM

@JG4,

There’s that apprehension I was talking about, is it going to help vs apprehension?

If Hillary Duff is using truecrypt that tells me the people after her are the same people who went after Tila Tequilla. Shame be upon their fathers. Anything that Mickey and Minnie are saying about Donald the Duck behind closed doors should be public knowledge. I don’t have to be Goofy to say that either, to me – that says alot about what they know about the capabilities they’re up against. I’m guessing it means a) they have clean devices b) they have a clean environment and c) they’re not concerned about the pressing need to exfoilate their scalps.

JG4 August 29, 2016 8:00 AM

@r

Thanks for your speedy and helpful comments. An interesting historical note is that Solzhenitzyn got his fiver or tenner for referring to the man of steel as a literary character, which one escapes me, in a letter to his friend. It was flagged by the censors for censure. I forgot to point out that the large teams of the brighter people on the planet of shitty Microsoft products have something approaching an unlimited budget. There is no need to rehash here the requirements of filtering power, data, acoustics, EMI, keystrokes, etc. to be able to produce a clean environment. If it were easy, everyone with a scintillum of intelligence would do it. There are multiple threat models in play and it is going to take multiple collaborative efforts to produce anything approaching a good outcome on spaceship earth.

Alger Hiss, Superspy August 29, 2016 11:11 AM

Your election is going to get stolen. You knew that.

http://thefreethoughtproject.com/wp-content/uploads/2016/08/boe_flash_aug_2016_final.pdf

Still with the foreign-entity idiocy, though at least now they’re embarrassed to blame Russia directly. So who will Vladimir Putin, who really, really worries constantly which senile gerontocratic figurehead he exchanges pleasantries with, steal the election for?

In a Hurriyet interview Alwaleed bin Talal impugned Trump’s character while making the point that he saved Trump’s ass by taking some hotels and a yacht off his hands. bin Talal is of course unfamous as the guy who greased Obama into Harvard Charm School while Obama was getting groomed for his spokesmodel gig. So the kingmaker of the last administration is at least indifferent between his two repellent options, since he owns Hillary through his ventriloquist Huma, and Trump through favors. Meanwhile George P. Bush, the family’s new dog food for all the dogs who don’t like the dog food, endorsed Trump.

65535 August 29, 2016 12:08 PM

@ Clive

I had been trying to search for more information on the Opera Sync [server] breach and really did not find much. But, their PR department is delivering the same old boiler plate response:

“We take your data security very seriously, and want to sincerely apologize for the inconvenience this might have caused.” Oprea[dot]com.

This usually means the opposite.

This should read, “We do not take your data security very seriously except when dealing with certain state disclosure laws requiring disclosure of breaches.”

This would include California USA:

“California S.B. 1386 was a bill passed by the California legislature that amended civil codes 1798.29, 1798.82 and 1798.84, the California law regulating the privacy of personal information… An out-of-state corporation that has personal information relating to a California resident would fall under this statute. A question on minimum contacts would then ensue as to whether an action may be brought in California to enforce the California resident’s rights under the statute.” –Wikipedia

https://en.wikipedia.org/wiki/California_S.B._1386

“…about 350million Opera users but only about 1.7 million sync users, might be telling us something.” –Clive

Yes, the “sync” mechanism is a hot button issue where the sync mechanism acts as a password manager holding the victims passwords to multiple websites including banking sites. If the server side sync repository is breached it could open the possibility of banking and other monetary damages.

The 0.5 percent of Opera users trusts Opera servers with their prized data to websites and banks to Operas – the other 99 percent of Opera users do not trust Opera.

This is a key problem because browsers are becoming a quasi password manager – on the server side. So, the NSA has to target just one group of targets – the Sync server to steal a large number of passwords and possibly log in names [and possible certs and tokens]. I won’t try to describe the danger of server side “plug-ins” and “Ad-ons” as an attach vector.

I must admit these “syncing servers” are a prime target for the Three Letter Agencies and general thieves.

This notion circles back to what is the most secure main stream browser? Does this browser use a lot of server side components? Is it a target for the NSA?

Those questions have yet to be firmly answered. I suspect the NSA is indeed hacking most browsers and obtaining cached user log on credentials. But, that is just my personal guess.

ab praeceptis August 29, 2016 12:37 PM

Nick P

Ad “1000 papers”.

I just fell over some (very interesting) work of M. Ganesalingam again, when a (largely unrelated) nice example for the schizm I at times mention hit my brain:

Look at Gödels 2nd. IT. A very major problem for academia (understandably) but basically all but irrelevant for engineering (iff the tools are properly built and tested). Our codomains are quite different and what in yours is a serious block, in ours is but a curiosity.

This becomes particularly clear when looking at our tools. Where your toolset comes down to reasoning and plagued by more levels and incarnations of G2IT with a serious potential leading to an unresolvable paradoxon, for us engineers the world is simple; we simply verify the function over a reasonable domain/codomain subset that can be observed in a descriptive manner rather than a procedural one.

And we have one more device at hand: We can exclude the threatening paradoxon that plagues you, namely that of the validity of G2IT in our very reasoning.

a) We simply don’t have to look at the possibility that our very own reasoning can not be proven correct by itself (G2IT)

b) even better, we are allowed the generous assumption that if G2IT did in fact concern our reasoning then, so what? Because we engineers act within a self-referential system. Whether our solution is correct or just seems correct is of little concern for a variety of reasons, ranging from “Oh well, the clients judging us are victimized by G2IT, too” over “There are no external factors such as our bridge crumbling indicating incorrectness” to “our job is not 100% correctness per se and provably but 100% correctness within a comfortable frame of predicates”.

As a sidenote for our colleagues in academia: I do not see a killer problem in G2IT; one can quite comfortably escape its magic ban by other reference frames and devices. In other words: proof system A must not necessarily prove itself. There are other choices ranging from prove systems B and C over reasoning outside the constraints of mathematics (but not of logic!) to changing perspective and asking/thinking again about the framing itself.

On the other hand your life is easier because there is less pressure to deliver bridges, trains and other applications and because in most things you are your own court and judge while we are judged by others.

Sidenote 2 (though here I’m somewhat close to the border of esoterics): Maybe G2IT is a symbol for what makes some (usually on the academic “1000 papers” side) so (in a way understandably) obsessed about pushing the frontier from 99.97% security (or whatever) toward 99.98%. It might well be that the 0.01% difference looks insignificant but are actually gigantic monster blocks in your way (such as G2IT). We engineers on the other hand are utterly shocked about that vast space of the 99.97% being basically largely left unused, i.e. about the extremely poor reality e.g. in terms of actually implemented and wide spread levels of security.

Absalom August 29, 2016 1:34 PM

Policy evolution update:

“Democratic presidential nominee Hillary Clinton is vowing to make mental health reform a top priority</a href> in her first year in office, marking a potential area of compromise with Republicans in Congress.”

… “In addition to expanding access to medical services and prevention, Clinton said she would prioritize training for law enforcement about “prioritizing treatment over jail.””

… “The opening salvo of those efforts would be a White House Conference on Mental Health [ 2013 Conference</a href> ] in Clinton’s first year, she said. She would also coordinate national efforts like a suicide prevention campaign headed by the surgeon general, with a focus on college campuses.””

… “”Suicide is among the leading causes of death for young adults; the national rate of suicide</a href> increased about 24 percent for all ages between 1999 and 2014, according to the Centers for Disease Control and Prevention (CDC).”

… “Clinton’s campaign said the plan is aimed at “finally putting the treatment of mental health on par with that of physical health,” answering a long-time call to action by advocates.”

… “”The next generation must grow up knowing that mental health is a key component of overall health and there [are no barriers] to seeking out care</a href>,” Clinton’s plan reads.”

Get to it August 29, 2016 6:21 PM

ab praeceptis,

If your bridges and trains were mass produced, vulnerable remotely and their blueprints and underpins were widely available you would have to consider a larger terrorist threat than you do now.

I invite you to invite terrorists under your bridges, into your buildings, onto your networks.

Go on, get 2 it.

ab praeceptis August 29, 2016 7:38 PM

Get to it

a) that does in no way counter what I said or weaken it (in fact, it talks about something entirely different)
b) that would simply change/tighten the frame
c) what makes you believe that quite detailed info on bridges and trains is not available?
d) engineers have targets. Usually the target is not “create the perfect XYZ”. Actually, usually the target is even not or hardly to do with security (as in “secure against attacks”)

To avoid misunderstandings: My point was not “engineers are better than researchers”. It was rather that the two are complementary (with an advantage for the academicians because they can theoretically exist without engineers while the opposite is quite doubtful).

Nick P August 29, 2016 7:44 PM

@ All

I was looking up the safer, C variant called Clay to check on its status when I discovered another language with same name, similar niche, and interesting take on generics and typing. That others might be confused meant I decided to write them both up in one Pastebin with relevant links and naming convention. You can find relevant links here.

Clive Robinson August 29, 2016 9:05 PM

@ The Usual Suspects,

You might find this of interest,

http://phasenoise.livejournal.com/4919.html

Oh and if you want to know why the Local Oscillator (LO) of an FM Superhet is “modulated” by the signal it’s receiving, it’s all to do with the time constants in tha Automatic Frequency Control (AFC) in older designs of slope or pulse count demodulator and the PLL / FLL detector of more modern receivers. The better the LO follows the received signal the less likely it is to suffer adjacent channel or cochannel interference.

Whilst the servo maths and Bessel functions behind FM detectors is a little mind numbing at the best of times, a practical explanation of the mechanics behind it is fairly easy to grasp.

Wael August 29, 2016 9:55 PM

@Clive Robinson,

Oh and if you want to know why the Local Oscillator (LO) of an FM Superhet is “modulated” by the signal it’s receiving,

Two things. 1: I wanted to purchase the book, and there was no Kindle edition. So I checked the iBook store, and got it. Turns out I got a novel by mistake[1] — $9.99 down the drain… grrrr

2: I know a little more than that [ https://www.schneier.com/blog/archives/2014/06/security_risks_.html#c6571579 ] — or I used to. Can you believe that sh*t? I checked that thread (because I remembered the discussion with @Mike the goat, and then I found a reference to the book I just bought by mistake!) It was referenced by @Jonathan Thornburg here: https://www.schneier.com/blog/archives/2014/06/security_risks_.html#c6586686 I bought the book before I saw the link. I guess the money was meant to be spent there. Who knows, maybe it’ll save my life some day (or worse.) I have a feeling it’ll have some “real stories” in it, just like I think “Decoded” did.

[1] Spycatcher, by Mathew Dunn. He’s apparently an ex MI6 intelligence officer who conducted over 70 operations. May not be a wast of time after all.

Thoth August 30, 2016 1:22 AM

@Clive Robinson, Dirk Praet, Figureitout, Nick P, r

The Orweillian drum beats ever increasingly louder. Facial recognition technology led to a thousand being arrested.

Does the UK use facial recognition with it’s massive CCTV survillenance program ?

I do know that the ground floor of where I stay is flooded with surveillance cameras and I am wondering when they would add more cameras to every door and corridor with biometric recognition technology to keep everyone “safe and secure”.

Link: http://www.secureidnews.com/news-item/new-york-arrests-more-than-3800-using-facial-recognition-in-dmv/

Wael August 30, 2016 2:17 AM

@Bob,

Here is how the books stats;
“As an MI6 field officer, MATTHEW DUNN recruited and ran agents,”

Clive Robinson August 30, 2016 5:33 AM

@ Wael, Bob,

It’s the cognative dissonance between “spycatcher” and “M16”.

To go through part of the semi-offical responsabilities and nomenculture of the UK Intelligence Agencies (IA). They are nolonger “Military Intelligence” that termanology came about at the begining of the last century for political,reasons. “5” is the Domestic IA known in the UK as the “Domestic Security Service” or “Security Service” who’s officers and contractors are responsible for amongst other things “Catching Spys” with the assistance of the Met Police and what was once called “Special Branch”. Whilst “6” is the “Foreign IA” who’s officers and contractors are responsible for recruiting, training and runing “agents” etc.

That is “spys” are home nation individuals who work in sensitivity areas and are thus working in the employ as “agents of a foreign power”.

So the fictional James Bond was not a “secret agent” or “spy” –except to foreign powers,– but an “officer” of “The Service” or “Secret Intelligence Service (SIS) but never “Secret Service”. As he worked out of home waters and had direct contact with foreign nationals not through diplomatic channels he would be a “Field Officer” unless he ran “agents” in which case he would have been a “Case Officer”. The reason for “officer” is because he would have had “Official / Diplomatic Cover” and not be a “No Official Cover” (NOC) or as the Russians used to call them “Illegals” not “Residents” of a “Diolomatic Mission”.

Thus the difference between a Spy or Agent is one of perception not actuality, much like a terrorist or freedom fighter. The person is still a traitor to the executive of their nation and the penalties are usually well known on any particular jurisdiction.

The fly in the ointment these days are “contractors” whilst they might be officialy sanctioned, they are NOCs / Illegals employed for either specialist “technical” skills and importantly “deniability”. It is often contractors that do “blackbag jobs” or “wet work”. But if contractors are employed by a home nation employer and are working for the Domestic IA they often called euphemistically “secret squirrels”.

The flora and fauna of the IC “methods and sources” has quite a large taxonomy and accompanying lexicon.

JG4 August 30, 2016 6:29 AM

from the usual daily compendium

Hacking the US with only a Sound
http://globalguerrillas.typepad.com/globalguerrillas/2016/08/hacking-the-us-with-only-a-sound.html

I probably said before that government is an amplifier of human nature, both the good and the bad. we may note that the definitions of good and bad are context-sensitive. you can think of the acoustic channel as having gain terms and coupling coefficients to various other channels, including 911. many of the gain terms and coupling coefficients are lodged in gray matter, which is nonlinear, time-varying and frequently irrational. I posted Ben Hunt’s brilliant treatise on the world being a machine with gears made of guns and words. John Robb generalizes the concept slightly from words to sounds.

http://www.salientpartners.com/epsilon-theory/the-narrative-machine/

k15 August 30, 2016 12:35 PM

(is it typical for building security personnel to send everything with metal out of your sight through the scanner, including keys?)

r August 30, 2016 12:48 PM

@k15, All

Re: monitoring infrastructure.

See a couple threads where @Clive and others talk about read only LAN taps.

https://greatscottgadgets.com/throwingstar/

For wifi I saw an esp8266(?) based cloud logging device the other day, sorry can’t find the link.

Of course for your desktop any of those solutions are going to require an intermediate cert hack for your house… but it’s a good process to work towards in defense of self and sanity.

A couple small SDR modules might be folks to keep around your perimeter too.

@All,

Slightly related, potentially outdated and I haven’t read it yet but:

https://news.ycombinator.com/item?id=12391831

(How to detect a Eve’s dropper (1984))

ab praeceptis August 30, 2016 5:23 PM

Don

Careful there. While I don’t care about that unseen thing/service/whatever I’m not sure that “hunt-the-evil-heretics!” and some “quick(sand) thinking” is really helpful.

I personally wouldn’t recommend ntru. It has problems and I consider it premature and too little researched and attack proven. It’s attractive though for many as it a) is fast and b) works with small keys (as compared, for instance with code based crypto and other pq crypto attempts). But that’s not enough to hunt the unseen people as heretics.

Neither is that xaes thing per se. My impression is that they did something stupid but neither something evil nor something dangerous. And indeed, most of the comments (reachable through the link provided by you) boil down to credos, not properly understood dogmas and on-dits.

What seems to be a reasonable assumption is roughly this: They wanted, probably for marketing reasons, some “ultra-hard” crypto and pimped aes-256 with an additional layer, possibly something that basically comes down to a) a key stretcher and b) an additional layer around aes-256.

So, probably it’s something like this: Kex by ntru and than pre encrypting with something that promises (or stretches to) 4096 bits and then aes-256. Maybe the additional layer is even only used at Kex, i.e. they use standard aes-256 but they run the Kex through some pimp up algo.

Is that reasonable and good practice, should one run and sign up at unseen? Certainly not. But it’s quite probably neither a reason for a witch hunt.

Oh, and there are quite some funny mistakes in the witchhunt wisdom comments of the school of those-who-know. Example: 256 bit crypto is compared relative to the old double the amount of rice grains per checkers field explaining that aes-256 is akin to that but with a – gasp – 256 times 256 fields board. (Hint: The 2 to the 64 in the checkers saga comes from 8 * 8 = 64 field, hence the aes-256 board would have 16 * 16 fields. Also: Actually it’s 2 to the 63 (the first field had 2 to the 0 = 1 grain))

Dennis August 30, 2016 7:51 PM

@ r,

Re: monitoring infrastructure.

Why would you want a “monitoring infrastructure” in your own house?

This is nonsensical.

r August 30, 2016 9:08 PM

@Dennis,

Without being able to roll-back a read-only log file and scroll through a suspicious incident or suspected suspicious incident a network is vulnerable.

Without logs, TIME as a variable is only an exercise in speculation both forward and backwards – with logs – the speculation travels mainly one way.

r August 30, 2016 9:16 PM

@All,

Alphabet Shoup:

“Google’s Faulty Login Pages”

https://www.aidanwoods.com/blog/faulty-login-pages

“This one feels very strange writing, because the vulnerability detailed below is currently exploitable. Google has been notified of this vulnerability, yet they have chosen to do nothing.”

Google: “Thanks for your bug report and research to keep our users secure! We’ve investigated your submission and made the decision not to track it as a security bug.”

“In hope that public disclosure will encourage Google to do otherwise, here goes.”

Don August 30, 2016 11:30 PM

@ Ab praeceptis
RE: Unseen.Is
“Is that reasonable and good practice, should one run and sign up at unseen? Certainly not. But it’s quite probably neither a reason for a witch hunt.”

thank you for reading the link and providing valuable critical thinking and feedback. I actually really appreciate it. You even pursued the additional links
I will take this opportunity to express my enjoyment and gratitude for your writings. I enjoy your terse, direct and clear style and ability to take a strong stance – backed up with experiential explanations as required
i recall you were misunderstood recently and it was questioned if you were being inappropriate. I never felt you were: in the written word, on a public forum, it is necessary to be direct and shoot from the hip (respectfully of course) – no time to stuff around with Queens Etiquette – thus and I find you to be a really valuable contributor

I might add though, occasionally you make disparaging comments about the practices of ‘across the ocean’. This is potentially helpful feedback from someone as knowledgeable as your self however there are a lot of oceans in the world! And they have a lot of sides – it would be helpful to be specific at such times (For example), which side/which ocean are you referring to.
Further, there is the possibility when you make such a statement, to infer that your side of the ocean is thus practicing the contrary to your assertion – so there is extra potential for value (or confusion) in your statement.

Don August 30, 2016 11:38 PM

@ Ab praeceptis

if you care, which you probably don’t, here’s a bit more about unseen.is not linked on the penultimate page. Whilst probably not relevant to you it will serve as supporting evidence for anyone questioning the veracity of said privacy/anonymity service.
The main thing is protecting people from security smoke & mirrors whenever possible-most people don’t have the insight readers here have

https://www.facebook.com/notes/colin-bennun/some-stuff-i-found-out-about-how-seenisunseenis-social-network-might-be-a-scam/10152906279535842

r August 31, 2016 12:06 AM

@Don,

By the links you’re presenting, can we assume that facebook is facilitating the disparaging of another social network?

Curious.

ab praeceptis August 31, 2016 12:40 AM

Don

Thanks for the appreciation (It’s nice to know that ones output actually can serve as (hopefully useful) input for peers) and thanks also for the compliment.

Regarding my “disparaging comments” I ask you politely to a) consider that english is not my native language, so putting ugly things in a hidden “polite” manner is outside my capabilities (and interest) and b) I’m under the impression that we are professionals who value content over formalities and whose desire to find reasons for lousy software and security and ways to create better software and better security is considerably stronger than our desire to not possibly feel offended.

If I’m mistaken, kindly let me know and I’ll do my very best to engage in polite smalltalk.

ab praeceptis August 31, 2016 1:12 AM

Don

unseen, part 2.

Just 2 short remarks:

  • aes-256 by definition is not somehow weakened by being fed by the output or feeding the input of some other, no matter how lousy, crypto algo.
  • if they had an engineer who were capable to implement an extended aes-4096 then that person would refrain from doing so because he would be professional. Chances are that their engineer is not particularly knowledgeable in the crypto field and would hence be frightend and/or unsuccessful. If, however, they had a capable engineer (their SSL config hint that there aresome professionals available) – and – that engineer would be “forced” to come up with some “super high-end” “much better” security than aes-256, then he would almost certainly add some sh*tbingo layer, probably in the kex, to make his stupid boss happy.

Example: feed some random into some fast hash (just for stretching; (even pseudo) random must not be wasted) and use the result as 4096-bit security by simply ring walking along in aes blocksize steps. Et voilà: Not much work and his boss is very happy having 2 to the [much bigger number number than 256] security.

1 reason for my assumption is that their https config allows for aes256 but prefers 128bit. Typical for providers. the 256 is for marketing and 128 is for lower server load. And that’s quite certainly also the mindset with which he approached his bosses “256? Everyone has that. I want 4096!” demand.

And that’s pretty much what I think happened.

name.withheld.for.obvious.reasons August 31, 2016 1:44 AM

Comey claims that the government has an absolute right to “private” property. Comey doesn’t understand that the government, and more specifically under the 10th amendment, that there is no absolute right of the government/state. I am sick and tired of the primacy of government over the primacy of the citizen. Power is derived from the CONSENT of the governed, rights are not granted by government…or we are just subjects and servants to the state.

Thoth August 31, 2016 8:07 AM

@Nick P

Genode finally integrates seL4 into it’s Genode Framework. Would be interesting to see how it runs NICTA’s seL4 + Genode.

I do still keep my reservations though 🙂 .

Here’s a quoted portion of the seL4 + Genode:

Try Genode/seL4 at home
For those who like to give the scenario depicted above a try, we have prepared a ready-to-use ISO image:

Download the ISO image of the Genode/seL4 example scenario
https://genode.org/files/release-16.08/sel4.iso

Download the sel4.iso file

Copy the ISO image to the USB stick, e.g., on Linux with the following command:

sudo dd if=sel4.iso of=/dev/sdx bs=10M
(where /dev/sdx must be replaced with the device node of your USB stick)

Change the BIOS setting to boot from USB and reboot

We tested the scenario on Lenovo Thinkpads such as x201, x250, or T430. Note that the scenario uses the VESA driver (as opposed to the native Intel graphics driver), which may not work on all machines.

Due to the missing support for write-combined framebuffer access, the graphics performance is not optimal. To get an idea about the performance of Genode with this feature in place, you may give the same scenario on NOVA a spin:

Download the ISO image of the Genode/NOVA example scenario
https://genode.org/files/release-16.08/nova.iso

Alternatively to using real hardware, you may boot either ISO image in a virtual machine such as VirtualBox. You can find a working VM configuration here (the IOAPIC must be enabled):

Download a VM configuration for seL4 on VirtualBox
https://genode.org/files/release-16.08/sel4.ova

Import the OVA file as VirtualBox appliance

Edit the configuration to select the ISO image as boot medium

It seems like they have prepared a CD ISO to make testing much easier these days.

Link: https://genode.org/documentation/release-notes/16.08

Clive Robinson August 31, 2016 10:05 AM

Celphone “ring” detector.

This circuit,

http://www.seekic.com/circuit_diagram/Measuring_and_Test_Circuit/Cellular_Phone_calling_Detectors.html

Is similar to the novelty led flasher add on’s you can by.

With a change to the detector coil it can be built into a cheap “phone case” such that not only will the LED flash when the phone transmitter turns on for ringing it will also turn on for re-registration and other communications. With a further mod the LED driver can also drive a pizo buzzer. A user listening to this pattern will quickly determin from the pattern what the communications are for.

Clive Robinson August 31, 2016 1:31 PM

Oh for those interested in putting a transmitter in a USB cable, a group of individuals hacked up a design you can follow shortly after the TAO catalog with COTTOMOUTH in it became public which they released last year. They called it TURNIPSCHOOL for obvious reasons, and you can read more about it here,

http://www.nsaplayset.org/turnipschool

ab praeceptis August 31, 2016 2:09 PM

Clive Robinson

Re: bgu

While creative that approach is not per se new but rather reusing well known technology in another way.

Most importantly, though: It needs some control over a system and it needs physical proximity and an inserted usb device. Which translates to: “Quite useless”.

Having all that (what is needed for that attack vector) one has plenty of other options available.

But, yes, creative, funny, entertaining.

Wael August 31, 2016 2:12 PM

@Clive Robinson,

Another “must read” from BG Uni,

Thanks! This is going to be a good discussion 🙂

Wael August 31, 2016 4:45 PM

@Clive Robinson,

I had a quick 5 minute chance to comment on the paper… Enough for some sarcasm… We can discuss the technical details later 😉

where there is no physical connection between the internal network and
the Internet.

Not an accurate definition of an Air-gap.

Our evaluation shows that USBee can be used for transmitting binary data to a nearby receiver at a bandwidth of 20 to 80 BPS (bytes per second).

How long would it take to exfiltrate a large database? Probably best suited for key-logging.

However, all of the aforementioned tools require hardware modification of the USB plugs (embedding an RF transmitter or receiver within them)

They don’t really mean plugs, I suppose!

In this scenario, USBee software, installed on a compromised compute, uses a USB thumb drive already connected to the computer (Figure 1, A), and creates a short-range RF transmission modulated with data (e.g., passwords or encryption keys). The transmission can be received by a nearby receiver (Figure 1, B) where it is decoded and sent to an attacker.

Need a compound attack to get the air-gapped computer infected in the first place. Proper OPSEC would prevent such attack. If the air-gapped computer is already compromised, then why settle for this low bandwidth exfiltration method, I question.

Out-of-band covert channels have been discussed since the 1990s.

Really? I didn’t know that! how about since B.C. times?

There are four covert channel categories: acoustic, optical, thermal, and electromagnetic.

There are more, haven’t you heard? Energy-gap? Using vibration, and the future “gravity waves”, etc 🙂

Over the years, electromagnetic emission has probably been the most researched method of covert communication.

Gee! I wonder why!

our method is software-only and doesn’t require firmware or hardware modification.

But it requires access to the target air-gapped device. Hence, this is a component in a compound attack.

Electromagnetic radiation (EMR) is a type of energy emitted by certain electromagnetic processes.

Hmm, sounds circular!

These waves have two main properties: (1) frequency measured in Hertz (Hz), and (2) amplitude measured in decibel-milliwatts (dBm)

These guys aren’t exactly EM experts 🙂

Generally speaking, a change of currency in a metal wire creates an electromagnetic emission.

That’s right! Take a piece of metal wire next time you go to the currency exchange booth. Exchange some shekels for dollars, and bang! You have an electromagnetic wave. Ingenious 🙂 Now if I can get the inverse to work (by using non other than symmetry) I would be rich! They meant to say current, but the spell checker betrayed them — and their advisor missed it! We should charge a fee here 😉

The way in which charges and currents interact with the electromagnetic field is described by Maxwell’s equations and the Lorentz force law.

Run this paper by your electromagnetic’s colleagues for review 😉

The frequency and amplitude depend on the internal current and voltage of the device [26].

Ditto

By intentionally sending data from a computer host to a USB device, we can generate controllable EMR that can carry modulated data. A nearby RF receiver can then receive the EMR and decode the data.

What about the effects on the device, when you send malformed data — what error conditions show to the end user (victim — if you will.)

Note that since the input frequency is given in multiples of 100 Khz , it is divided by 4800 h (480Mhz/100).

It’s KHz. and MHz.! Have some respect for Heinrich Hertz! This is an academic paper, right?

This output buffer will be a repeating pattern of 12 ones followed by 12 zeros (1111111111000000000000,..).

Come on, guys! Do these look like 12 1’s to you? What base system are you using to count, Duodecimal [ http://mathworld.wolfram.com/Duodecimal.html ] ?

We used a buffer size of 6K, which generates a signal that is strong enough to be clearly detected by the receiver.

So what’s the relationship between the buffer size and signal strength?

The transmission process doesn’t require special privileges (e.g., root or admin). It only requires permission to create a file on the removable device.

Would have liked to see the effects of errors and other low level USB protocol events that may affect your data modulation expectations.

in to the frequency domain using fast Fourier transform (FFT). Note that FFT is a discrete action, whereas the signal is continuous, so we had to cut the signal into chunks before applying FFT. The sampled signal was cut into equal parts and calculated using the following formula:

So why not use ADC, some filtering, then apply your FFT or Wavelet transform? You maybe able increase your throughput this way.

Countermeasures can be categorized as procedural, s

You missed the most important one! Make sure your air-gapped computers are clean! And air-gapped means a lot more than your original definition.

Clive Robinson August 31, 2016 5:43 PM

@ ab praeceptis,

“Quite Usless”

Oh that it where, I can think of an immediate use for it.

You might have heard the Chinese have just put into space a Quantum Key Distribution satellite (QUESS)[1]. Which some people are rather stupidly calling “Hack Proof”.

Well realy all QKD is when you get down to the nuts and bolts “a One Time Pad KeyMat distribution system”. So due to distance etc the satellite is generating a OTP and sending one copy to Alice’s ground station and one copy to Bob’s ground station in a way that nobody can listen into with out being detected (sort of, I’ve debunked this in the past[2] but lets be nice and just accept the marketing for this argument).

Well the thing is Alice and Bob still need to connect to a hackable network to pass the cipher text.

Now lets assume they are a little paranoid and use four computers and four data diodes, such Alice and Bob both have a TX computer with an outbound only diode and a RX computer with an inbound only diode.

Thus if Alice sends to Bob, providing her TX computer can not leak KeyMat then the Alice to Bob path appears secure. Because Bob’s RX computer can not leak KeyMat back through the inbound only data diode, and Alice’s computer can not be hacked from the network because of the Outbound only data diode.

However Bob’s RX computer can be hacked through his inbound only data diode. Normally that would not be anything other than a nuisance as there is –assumed to be– no data path back due to the inbound only data diode.

Well this little trick provides a back haul channel even if it is quite low bandwidth. This would then alow more advanced attacks to become possible and say a much more difficult to implement higher bandwidth piece of malware such as one that uses an acoustic path via the speaker or hard drive to be installed.

That is this is a “thin edge of the wedge” attack that enables you to bang the wedge in little by little till you have split the system open.

So not “Quite Usless” just “Quite Specialised”, as I’ve indicated befor and @Wael will back this up there is no system that is either not attackable or does not leak information if there is an “energy path that can be modulated in some way”. It’s why I talk of “Energy-gapping” not “air-gapping”. I’ve known how to jump air-gaps in both directions for years, and posted to this blog about it quite some time before stuxnet was let out, when discusing how to get malware on computer based voting machines.

[1] https://www.newscientist.com/article/2101071-china-launches-worlds-first-quantum-communications-satellite/

[2] If you search this site with my name and “quantem or QC” you will find out more, but I can go through it again if you want (but it might put others off to sleep).

r August 31, 2016 6:53 PM

@Clive,

I accidentally stumbled acrost the thread where you all helped the little old lady who lived in a shoe. I’ve seen some of your (older) musings, and I’m amused. Thunk you for persistantly driving that wedge (it is our oldest invention after all) further and the occassional wink wink nudge nudge.

ab praeceptis August 31, 2016 7:56 PM

Clive Robinson

Interesting thoughts. And you are, of course, right.

But I looked at it from a pragmatic angle. Simple reason: realm properties.
It just so happens that some days ago I wrote in a paper (referring to properly applied reasoning in the context of sound software creation) that “One problem class to be looked at is based on the fact that algorithms live in the realm of mathematics, a rather constraint free ideal realm, while software lives in the physical realm of voltages below x V or above y V”. succ(127) is just 128 in the realm of math. The same thing on an 8 bit integer does funny things. Realm properties.

Strange that I had to remind of that but actually that’s a problem class which is the source of plenty pain.

In the realm of actually performed attacks there are ugly factors like cost-value ratio, psychology, resource feasibility, and others. That’s why in the end having armed guards in front of valuable things often is what one ends up doing. Similarly, in, I posit, the vast majority of cases governments (as well as other gangs feeling not bound by law) will very often prefer to ram a knive into ones leg and then simply asking again for the secret info they desire rather than fumbling with software based usb eavesdropping.

I know, for instance, of a very major global bank having important data backups in safes in trucks which drive around day and night along more or less “coincidential” ever changing routes. Funny. Following the same principle super powers like Russia have been transforming their nuclear capability from stationary silos towards mobile launchers. Mobile as in “don’t know the location, can’t comfortably take out”.

As you happen to bring up quantum computing: I don’t care too much about it. Neither am I much worried nor am I betting much on it. You don’t seem to think very differently. As for that chinese crypto magic satellite my assumption is that that is way more about politics (the “See, mine isn’t shorter than yours” variant) plus some secret stuff nothing to do with quantum than about science or crypto.

Technomagic aside, what kind of attacks are actually and really performed? From what I see (and I actually did have occasional contacts with (btw, rather bureaucratic) secret services as well as with (btw, rather bureaucratic) cyber security agencies) the real world is very different from what papers might make us believe.
Let me put it in a funny way: You know what is the single most dangerous factor in the whole state game? Bureaucracy. It’s bureaucracy, utter ignorance, and snarkdom that pose by far the greatest security risk in the cyber domain as far as states are concerned. And add vanity to the mix.
When I learned that nsa’s tao is consisting of hundreds of people I knew that their actually most important weapon was bureaucracy and old-school “shit on the law. Law is for tax payers not for tax spenders”.
What does the nsa utah data center tell me? Bureaucracy and the purely quantitative approach.

Of course, in my researchers skin I’m deep into bleeding edge worries and even rather remote risks. But as an engineer who is tasked to solve problems and to create solutions for the real world and against real attacks I find myself telling people that putting their password on a post it stuck to their monitor just doesn’t cut it.
Or I find myself explaining that the newest “this will save us” hype in town, like functional programming (It took them less than 100 years to find out about it! Wow. Our state agencies are like racing cars…) is not useful for them because I happen to know what kind of developers they attract and have and how long it takes to change mindsets in large organisations (and that math needs a certain minimum of brains).

Quantum computing being oh so dangerous? How yesteryear to be worried about that. The bleeding edge, I suggest, is being worried about aliens stealing our keys through virtual wormholes! Shiver.

Clive Robinson August 31, 2016 7:57 PM

@ r,

Only half of them… I wish, some days it feels like 99.99…% of them.

Terry Pratchett once made a comment on this along the lines of,

    If you put a big switch on the wall of the worlds deepest darkest and most difficult cave to get to, and wrote underneath it “End of The Universe”, then painted on the wall above it “what ever you do do not operate pull this switch”, you know darn well that before the paint has finished running let alone drying some idiot will reach up and pull it.

r August 31, 2016 8:32 PM

@by the rules,

“That’s why in the end having armed guards in front of valuable things often is what one ends up doing.”

You’re ready to cross that bridge now huh?

C4 and ammonium nitrate aren’t readily available to eveyone all the time – you didn’t bite on the train side of the argument either – people are already hacking the rail systems.

We’re in the general coming of age[4] for general (software) contractors[3] hopefully, If we don’t expect shoddy construction practices like what China and India have more recently evoked.

http://www.latimes.com/world/asia/la-fg-taiwan-quake-construction-20160210-story.html
https://www.wsws.org/en/articles/2008/10/chin-o16.html
http://timesofindia.indiatimes.com/india/Shoddy-construction-killed-26000-Indians-in-the-last-10-years/articleshow/51645543.cms

Can you guard your blueprints from engineering sabotage? Can you guard your blueprints against a lack of fore-sight or education? Can you guard your blueprints against acts of God? Can you guard your infrastructure from a mason’s eyes? The cornerstone of your heart-felt security in engineers is an assumption, at least in the digital arena the modus operandi are a little more constrained than in the real world. The very fact that cyber insurance is only now coming to light indicates that the dangers of digital infrastructure have been belittled and dismissed by those both inside and outside of it’s “doh! main{};” as Homer[2] not[1] would say.

[1] https://en.wikipedia.org/wiki/Homer
[2] https://en.wikipedia.org/wiki/Homer_Simpson
[3] https://en.wikipedia.org/wiki/General_contractor
[4] https://en.wikipedia.org/wiki/Structural_engineer

I almost forgot, this is about all public engineering practices (software included) – not just traffic or building engineers.

Clive Robinson August 31, 2016 8:42 PM

@ ab praeceptis,

One problem class to be looked at is based on the fact that algorithms live in the realm of mathematics, a rather constraint free ideal realm, while software lives in the physical realm of voltages below x V or above y V

Based on that you might find this of interest,

https://pressron.wordpress.com/2016/08/30/what-we-talk-about-when-we-talk-about-computation/

That said your argument is much like the XKCD “$5 wrench” comment.

But there are systems that can be designed, where it does not matter how many times you stab or hot someone they can not tell you what you might want to know (I like @Nick P have put some thought into the matter, not just from the physical persuasion side but the legal persuasion side where you can demonstrate you genuinely don’t and can not know).

But there is another aspect, did you know that the military by and large do not use safes with “glass relockers” and more importantly why? The answer is they do not want to be faced with a safe they can not open when there is the posibility secret info has been stolen. Because knowing what has been stolen is usually more important than keeping it secret as that way plans / codes / etc can be changed quickly, or misinformation can be sent knowing the attacker is lisyening in.

Thus as an attacker you need to take a very low profile and ultra cautious approach to attacking certain systems, otherwise your effort will quickly become wasted.

As for the dreaded,

It’s bureaucracy, utter ignorance, and snarkdom that pose by far the greatest security risk in the cyber domain as far as states are concerned.

There is an observation about the difference between a bureaucrat and a businessman which says “Each has a book of rules, a bureaucrat will never lose their poistion and money if they stay well within the rules, a businessman however will usually lose both if they do not push some of the rules a little past breaking point”.

Another observation is that the bureaucratic mind avoids risk, so low reliable pay and good pension is their primary reason for where they work.

Either way it’s fairly safe to assume that the majority of those in bureaucratic hierarchies are not risk takers and not of high self confidence, prefering the safe herd to the lone path. Thus by and large not very dynamic, and conservative in nature to the point of torpor.

P.S. You appear a little confused between Quantum Computing (QC) and Quantum Key Distribution (QKD), they are less alike than “chalk and cheese”. QKD is already very much a practical working idea, QC however is still very much theoretical beyond a few Qbits.

tyr August 31, 2016 8:44 PM

@Clive

It’s an idiot trap, pulling it dumps
a ton of rock on the puller ending his
universe immediately.

One of Terrys best inventions…: ^ ).

And to go further out into left field.
You might want to drop by the internet
archive and pick up Visitations of
Glory #8 and start reading at page 6.

65535 August 31, 2016 9:18 PM

@ r Aug. 30 9:23PM

Comey is re-hashing talking points given to him by his PR team and telling “the untruthful statement.” Don’t listen to him.

Eric S. August 31, 2016 9:25 PM

@ Clive Robinson,

There is an observation about the difference between a bureaucrat and a businessman …

While two roles are clearly distinct under an ideal political system, they are not mutually exclusive. Thus, once you have a convergence of two roles or if a racket is formed, the setting of rules and making the rest comply is prime game.

r August 31, 2016 9:36 PM

@65535,

I don’t take anyone seriously who’s last name is Commie.

No offense @Russia.

It’s like the last name “End’s now”, we’re supposed to think this sh*t isn’t just some screen writers play? We already know the MIC is buddy buddy to Hollywood and SF.

r August 31, 2016 9:38 PM

@65535,

Actually, it could be an attempt at morale building for the FoP – considering how some of the public view them.

ab praeceptis August 31, 2016 9:59 PM

r

“…you didn’t bite on the train side of the argument either – people are already hacking the rail systems.”

Staying quiet on some things does not necessarily indicate lack of knowledge. Not everyone is at liberty to speak about everything.

Often I simply can’t relate to what you say because to me it looks weird. Maybe a culture thing, maybe a different mindset, maybe my lack of knowledge in certain areas like the simpsons, xkcd, etc; whatever. As far as I can follow you, I respond.

Generally speaking, I often do actually not contradict you people; I just happen to live in a quite different world and my field and task just isn’t working on reaching 99.98% rather than 99.97%. My task is to make us leave 12% and to reach 25% (putting it somewhat sarcastically) as well as to lead us back to proper reasoning.

@Clive Robinson

Thanks for the link to pressron. Interesting (and good to know that I’m not alone in this universe *g). He writes

Machine and language models of computation differ so greatly in the computational complexity properties of their description that they form two distinct classes that cannot be directly compared in a meaningful way.

Indeed. At the same time we have to see what software creation (from conception over design and development to gates flipping) is all about: It’s about a transposition (actually multiple ones and ones where frighteningly many software people have not even understood their role and position) that, if we want good and reliable software, must not just be done, but done in a congruent, complete, and consistent manner. Btw as you seem to like the field of Quanta, there are quite striking similarities (albeit more on the philosophical side but very close to the edge towards physics)
A comparison I sometimes use is music. Our field is still very much driven by people grabbing instruments and trying what can be done with them. A good orchestra, however, understands the transposition from the spherical realm of music (concept, what the composer hears in his mind) to music (what people hear when the music is performed).

But there are systems … where it does not matter how many times you stab or hot someone they can not tell you what you might want to know

I know about that and I see many interesting things there, too. But I also know that that risks to not be a solution but a mere shifting of the problem (someone does know the secret and he probably wants to keep healthy legs and and an throat).

… bureaucratic …

All correct and true, but: that shows the problem (and confirms what I said) but it doesn’t offer a solution and possibly it even doesn’t allow one.

But there is more to that point. It is in some way another incarnation of the old massive military vs. guerilla (or spies or insane king) problem. That’s almost certainly also the point that scares the living sh*t out of the bureaucrats. Military persons recognize certain well known patterns quite reliably (to then reliably fail to put up a solution in time).

But it’s even worse. Guerillas use weapons, too, so not only are their tools well known to the state player but their tools are also weaker than the states tools. Not so in IT. There the other party has (at least for some time) tools completely unknown to the state player, and even worse, they have what created those tools in the first place – that’s the real killer. Plus those tools are to a large part non physical which means that many advantages of state players vanish. Your own argument paints the reason. Bright and creative people are very, very unlikely to end up in the state bureaucracy (and if they do their mindset is probably very different from that of the opponents).

Q* confused

Not really. That’s intentional blissful ignorance. In the end Q* just changes the implementation realm somewhat. Moreover, I have reason to believe that again they look at the instruments and what they can do with them rather than understanding music. Insofar my clients are concerned about key distribution we feel that we have exellent non-Q means. Technomagic may seem to provide safety but imo it doesn’t. Math does. (Don’t care. As I said earlier, I’m an old stick).

Wael August 31, 2016 10:02 PM

@r,

More not-so-classical big game hunters

Fraud is much more prevalent than you’d think. This story is peanuts! That’s all I can say. The second comment mentions a partial solution, so does the sixth comment. Several levels of authorizations are needed for such transactions.

Don August 31, 2016 10:03 PM

@ r

“OIC, can just anyone do that public notes thing?

I’ve been away far too long.”

I don’t know what you mean by OIC, nor by public notes. Or, at the least, your context for ‘public notes’

Don August 31, 2016 10:12 PM

@ ab praeceptis

“Regarding my “disparaging comments” I ask you politely to a) consider that english is not my native language, so putting ugly things in a hidden “polite” manner is outside my capabilities (and interest) and b) I’m under the impression that we are professionals who value content over formalities and whose desire to find reasons for lousy software and security and ways to create better software and better security is considerably stronger than our desire to not possibly feel offended. If I’m mistaken, kindly let me know and I’ll do my very best to engage in polite smalltalk.”

Thanks. Apologies for not expressing myself more clearly. I have NO issue with the manner, form, content or style of your [valuable] contribution. And indeed my whole point was, yes, we value content over formalities and have no time for Queens Etiquette (as i put it)
All I meant:
Your posts can be complex and require attention (good), a few times you have indicated that ‘across the ocean’ they engage in [good/bad/ugly/] practices

Well – as you had not added context I didn’t know of whom you speak – where/which ocean/which side.
The extra context would have added greater value, for me.
That was all! 🙂

you provide no indication your english is anything less than excellent, but- more non native english speakers, please! english is so over rated anyway..
i hope no one here feels disinclined to post out of fear their english is not adequate.
we’re accepting, here, We understand

r August 31, 2016 10:18 PM

@by the rules,

Language, and my lack of correct usage could be a problem too – I know I pick on you more people should likely defame and pick on me (bully). I can be somewhat of a nuisance, I understand the points you’re making about permissibility – I’ll not push the issue any farther. Thanks for responding/humoring me.

@Wael,

Peanuts? I think you lost me, I agree there needs to be more layers of confirmation – anything less is self-sabotage. IT/IS is more important than giving some exec a blackberry and saying GO! (Here’s looking @ you Hillary).

@Don,

OIC = Oh, I see – it was a public entities post on facebook not something from an official spouters like corporate.facebook.com.

Wael August 31, 2016 10:34 PM

@ab praeceptis, BCC: @Clive Robinson,

So not “Quite Usless” just “Quite Specialised”, as I’ve indicated befor and @Wael will back this up there is no system that is either not attackable or does not leak information if there is an “energy path that can be modulated in some way”

Character witness to the stand![1] Yes, @Clive Robinson is correct.

[1] I remember you said if you needed a character witness that you’ll ask me. Can’t find the link. You must have miss-spelled it 😉

Don August 31, 2016 10:50 PM

@ Clive @ All

on the lighter side
a few engrossing reads in the security sphere

non fiction author Robert Baer, ex CIA field op, whom wrote the memoir, the highly acclaimed film Syriana (about oil politics) was based on

https://en.wikipedia.org/wiki/Robert_Baer

his books are at the bottom of the above (interesting) page, I can recommend ‘A Perfect Kill’ & ‘The Company We Keep’
(not related to the Robert Redford film about the Weathermen)

Overworld by Larry Kolb

https://en.wikipedia.org/wiki/Larry_J._Kolb

“Prior to his career as an author, Kolb, by his own account, worked as a close advisor to Muhammad Ali and Adnan Khashoggi and as a spy with CIA co-founder Miles Copeland, Jr.”

Overworld is his memoir. His father was high up in the CIA and Kolb
appears to be a naturally skilled field agent. By the time he was a manager for Muhammad Ali he says he could reach anyone in the world he wanted with a phone call. For this reason the CIA persistently tried to recruit him, eventually succeeding.

couple interesting points I picked up.

  1. Mile Copeland in conversation makes the point that Kim Philby was ‘the master at tradecraft – better than anyone’ and gave examples of his time in Moscow to illustrate this.
    Familiarity with Philbys working life would disagree with such an assertion. IE; that was not his line of work. @ Clive ?

physical [life] security related:
2. in the book a highly skilled agent mentions in conversation that
he is prepared for wild fire engulfing his home : he has a large swimming pool and scuba diving tanks & suits for his family to wear whilst submerged in swimming pool water until the fire front passes.

BZZZ! This is so disingenuous. As a former fire fighter myself I know second hand of people lying in bath tubs full of water as their house is consumed by a wild fire only to be boiled alive. in a swimming pool you’d be boiled like a lobster. People think ‘flames’ kill,like being burned alive. They don’t, it’s the radiant heat [and/or inhalation of whats known as superheated air]

  1. when training Kolb in old school trade craft the CIA made the point the services now try to ‘under train’ in counter surveillance particularly when employing contracted civilians like himself. Otherwise people get so caught up in practicing counter surveillance techniques for irrelevancies like just to buy a litre of milk, they broadcast the fact of their training and thus status, too loud and too clear. Interesting illustration of security through obscurity. Ramp up your security procedures and you could attract the wrong kind of attention. Blend in.

Don August 31, 2016 11:04 PM

@ Wael

RE Vedic Mathematics

“Pretty interesting methods!
Getting way OT here…
This immediately reminds me of Srinivasa Ramanujan. He claimed he can see and visualize numbers.
Me? I have no need for these math methods at the moment. I have calculators left and right.”

thank you. I don’t believe it was OT at all. There are discussion presently here about education, and the poor orientation of hardware and software design as per security, and related threads.

I don’t know what PDF you downloaded but it goes far beyond multiplication. There are some DVD’s available on the web site
http://www.jainmathemagics.com/ that are really very dense

vedic mathematics is not about cognitive tricks you could otherwise do with a calculator. it’s a holistic experience of mathematics.
It’s absolute, total paradigm shift. I sincerely believe if cryptographers, software and hardware designers, devoted themselves to internalising the discipline of vedic mathematics (Deserving the attention of any other discipline) radical quantum leaps in understanding and development would occur.

imagine if all, all children were learning this stuff in school. It would translate to,in a generation, driving an entire countries economy through the roof. US lower and middle schooling is amongst the worst educated in the western world

ab praeceptis August 31, 2016 11:10 PM

Wael

a) I did not contradict the core statement ‘no system that is either not attackable or does not leak information if there is an “energy path that can be modulated in some way”‘

But I’d like to add: Last time I looked there have been stolen some billion passwords (to focus on just one problem symptom). As far as I know the problem was never clever EM near field transmission through USB but lousy, lousy OpSec, poor or wrongly understood and applied security, lousy and often unpatched software (incl. OSs), etc.

Why would I invest my time and efforts in exotic cases when tens or hundreds of millions of people are in danger due to almost vulgarly primitive reasons?

b) I will not engage in a discussion about the definition of “quite useless”

More generally speaking I also don’t care about exotic attack vectors because it will not stop at energy paths; it’ll soon will reach deeper into the quantum level where we would be virtually lost due to a lack of knowledge and understanding as well as due to the very nature of that field.

As a scientist I would, of course, dance in enjoyment. After all what I just said translates into generations of researchers having many, many papers to be written and many PHDs to be achieved (and I will even politely leave unmentioned the question whether academia isn’t also (to a considerable part) a service for society, payed for in large part by society, and with a balance not at all pleasant in all fields).

I accept that there are doctors whose interest lies in exotic diseases that one might attract when travelling close to the event horizon of a black hole. I myself, however, am the kind of doctor who, finding himself in some kind of a war zone with many many wounded, strongly prefers to stop violent bleeding.

I hope that I will one day succeed in making myself understood (maybe not agreed with but understood). Meanwhile I wish you success in not becoming prey to evil people stealing your secrets through EM eavesdropped USB transmissions sitting unnoticed next to your very computer.

r August 31, 2016 11:36 PM

@Don,

https://en.wikipedia.org/wiki/Vedic_Mathematics_%28book%29#Use_in_schools

If that were the case, then Uttar and Madhya Pradesh would be world leaders.

Now, if those truly are vedic mathematics (which I doubt) one could argue that the full vedic scope has underwhelmed their impact both globally and in their assumedly native India.

Part of the reason I’m skeptical as to their authenticity is independent of the information provided on wiki but more on the recent historical revisionism India has been embracing.

To be fair, teaching kids evolution in school could be considered revisionist by sum – my appologies for any East Indian’s or Hindi reading this.

Wael August 31, 2016 11:40 PM

@Don,

I watched the video on the page you shared, and I read this paper:
http://www.vedamu.org/Veda/1795$Vedic_Mathematics_Methods.pdf

I admit I’m not familiar with Vedic mathematics except for what was mentioned in a previous post. Perhaps you can help me understand with a practical example that goes beyond multiplication and division:

How can you use Vedic Mathematics to find the value of this expression:

2i , where “i” is the imaginary number; the square root of -1

Wael September 1, 2016 12:56 AM

@ab praeceptis,

a) I did not contradict the core statement ‘no system…

I didn’t say you did!

As far as I know the problem was never clever EM near field transmission through USB but lousy, lousy OpSec, poor or wrongly understood and applied security, lousy and often unpatched software (incl. OSs), etc.

And I mentioned in a previous post that commenters here have different areas of interest! There are different attack vectors, different capabilities, ramifications and consequences to various types of attacks and attackers. It’s also important to realize that “EM near field transmission” isn’t the sole subject we discuss here. Several other areas attract significant attention: authentication, federation, 2fa / mfa, biometrics, OTP, cryptography, programming languages, operating systems, Hardware and systems, firmware and microcode, compilers and toolchains, subversion and interdiction, OPSEC, protocols, architecture, concepts and principles, penetration testing, fuzzing, QA, incidents and incident handling, politics and religion, cartoons and jokes, puzzles and parables, hidden messages, … Why are you just picking on “EM” — go dig in this blog, or tell me what subject you’d like to see discussed, and I’ll give you a link, or we’ll start a new discussion.

Why would I invest my time and efforts in exotic cases when tens or hundreds of millions of people are in danger due to almost vulgarly primitive reasons?

Someone has to do it. It doesn’t have to be you. You may work on areas you see fit, and let others do the same. Fair proposition?

b) I will not engage in a discussion about the definition of “quite useless”

Some ideas are outrageous or useless at the surface. If you think it’s a waste of time, then don’t engage in the discussion or post a short sarcastic / humorous comment. I do that (like I’m about to do in the next paragraph.)

More generally speaking I also don’t care about exotic attack vectors because it will not stop at energy paths; it’ll soon will reach deeper into the quantum level where we would be virtually lost due to a lack of knowledge and understanding as well as due to the very nature of that field.

Some other people do, including me. Perhaps we should drop the field because your royal highness don’t care about it? But apparently that’s not what you’re suggesting because:

I accept that there are doctors whose interest lies in exotic diseases that one might attract when travelling close to the event horizon of a black hole.

Subject closed! It’s a moot discussion.

I hope that I will one day succeed in making myself understood

My advice, if I may, is to keep your comment focused without too many analogies until we (I) am more acquainted with your mode of thinking and communication style. It’s not a language barrier, so quit complaining about English not being your mother tongue, it’s just fine.

Meanwhile I wish you success in not becoming prey to evil people stealing your secrets through EM eavesdropped USB transmissions sitting unnoticed next to your very computer.

Uh, sarcasm! Sweet, you came just to the right place… Allow me to reciprocate: and I wish the controls you’re putting in place are in reality what they “seem” they are, and function as advertised. When they fail (and they will) come back to the exotic doctors.

ab praeceptis September 1, 2016 1:43 AM

Wael

My responsability is limited to what I do and say. Your perception is your responsability.

commenters here have different areas of interest!

Let me first congratulate you to that pearl of wisdom. Thank you so much for explaining. Who would have imagined that.

Now to reality: I did not doubt that nor did I attempt others to discuss what they find interesting.
But maybe someone (wink wink nudge nudge) doesn’t like to hear that someone else doesn’t attribute the same weight to that interest.

[…time and efforts in exotic cases…] Someone has to do it.

“Has to?” – No. That’s but an arbitrary assertion.
But everybody can do it and I will certainly not try to stop them.

If you think it’s a waste of time, then don’t engage in the discussion or post a short sarcastic / humorous comment.

I must have missed the line where it’s written “Wael makes the rules here”.

Moreover, I did not attack anyone and I did offer reasons for my view.

[…I also don’t care about exotic attack vectors…] Some other people do, including me.

So? I did in no way keep you away from being interested in and discussing those matters.
All I did was stating my personal position. Politely.

And again I provided a reason. You may not like or accept that reason but it’s anyway a considerable difference whether one merely arbitrarily asserts or whether one offers a reason.

Perhaps we should drop the field because your royal highness don’t care about it?

Me impressed. What a substantial and well reasoned argument.

Just in case 2 times isn’t sufficient: I did at no point suggest those matters to be dropped nor did I in any way keep anyone away from discussing them. But hey, why let reality and facts disturb your subjective perception.

Subject closed!

… says the guy who just a moment ago addressed me as “royal highness” and (falsely an groundlessly) accused me of dictating what can be discussed and what not.

so quit complaining about English not being your mother tongue

I didn’t complain. I mentioned it. Look up the difference.

When they fail (and they will) come back to the exotic doctors.

Sorry, I’m not a psychiatrist and can’t help in interpreting your dreams. But I’m under the impression that you should work on your reality perception, if only to not be emotionally stressed by things that were not said.

Btw: Sometimes, when people attack others they are telling more about themselves than about the person they address. Not that it was needed but thank you.

Have a nice evening.

Wael September 1, 2016 2:11 AM

@r,

Peanuts? I think you lost me

That was in reference to the $40M in comparison to the $3B lost to fraud.

Wael September 1, 2016 2:30 AM

@Clive Robinson,

Celphone “ring” detector.

Pretty simple circuit. What’s the use case, though? I’m not sure I understand the practicality of what you describe.

Dirk Praet September 1, 2016 4:32 AM

@ Thoth, @ Nick P

Genode finally integrates seL4 into it’s Genode Framework.

Both the NOVA and seL4 .iso’s run like a charm in VirtualBox. Going through the Genode/seL4 release notes, I got even more enthusiastic reading about Genode/MUEN and Genode/NOVA supporting VirtualBox.

But where is the bloody documentation? There’s no menu or shell in either of those VM’s, so how does one actually start with either Genode or the underlying seL4/NOVA microkernels? As mentioned in the release document, I guess that this would indeed make a fine secure foundation for stuff like Qubes, Subgraph, TAILS, Whonix and the like, but I can understand folks not picking up on it when they can’t even figure out how to start/stop/use it for lack of proper documentation. Can you guys give me any pointers?

Clive Robinson September 1, 2016 4:57 AM

@ Wael,

What’s the use case, though? I’m not sure I understand the practicality of what you describe.

If you remember back a couple of squids ago the subject of the Ed Snowden / Andy “Bunnie” Huang iPhone case / sleeve came up. I commented that it had a number of issues, not the least of which was soldering to the test points on the iPhone PCB. I also mentioned that a modified AM radio could work to detect the iPhone transmitting, the pattern of which a user could learn and thus spot acceptions.

The circuit is the equivalent of an RF detector that would run for quite some time on “coin cells” or “hearing aid” batteries. And would not require conection to the iPhone PCB thus raise less suspicion with customs / boarder guards / political police etc that journalists in the field come up against more often than they would like.

Personaly I would still go with a modified cheap AM radio as it’s much much easier to cover with inquisitive but humourless officialdom with more power than sense…

r September 1, 2016 5:35 AM

@Dirk,

They support the Zynq boards, cool.

That’s not a replacement for Qubes/TAILS/whonix, it’s an alternative. Porting those flavors of linux from their monolithic kernel to a foreign microkernel would be a considerable task if the ABI/APIs are considerably different. I don’t know without more investigation, you’ve got me downloading sel4 now btw. As I said, this is more of an alternative to Xen/whonix while a microkernel is more kin to the tor-ramdisk that is linked to a streamlined linux kernel with uclibc even that (or musl) are a far cry from a truly stripped down microkernel. If this really supports virtualization like it says it does, this is going to be lots of fun. Looks like hurd was too late to the game. The beauty of a microkernel like this, especially if it supports virtualization like they claim without virtualbox (they claim they virtualize virtualbox itself) then even drivers can be implemented in an isolated fail-over method capable of respawning themselves e.g. fault tolerance. Once you get the ‘world’ figured out make sure you install the tor-world and the log-tee components.

Thoth September 1, 2016 5:42 AM

@ianf, Clive Robinson

After our discussions we had here regarding the self-destruct PIN, what do you think of this smart card security workflow.

Assumptions:
– Smart card has contactless NFC with a secure communication protocol between the card and an NFC reader. The card is also capable of a normal card reader (insert the card into a reader terminal).

Procedure:
– Smart card inserted to a normal card reader (communication via physical metal contact) and enables an “Access Lockdown Mode” flag.

  • The user installs an Android or some smartphone variant of the application to talk to the card over encrypted NFC channel (assuming the phone has NFC capability).
  • User brings the card around to encrypt and sign documents on the travel and when passing through checkpoint, the user switches on the phone’s NFC and taps the card to the phone and tells the Android phone to send a “Lockdown” command via the phone’s NFC to the card. The card upon receiving the encrypted “Lockdown” flag enters a lockdown mode where all functions cease to work over any NFC channel.
  • The user passes through customs safely and gets back home or office and inserts the card into a physical (non-NFC) card reader and lifts the lockdown mode by entering his/her user PIN code.

The idea is to present a scenario where during travelling through checkpoints, one would not be able to access certain resources which in this case a physical contact reader. This means that while travelling with the card on “Lockdown” mode, it cannot be used via NFC but once the user reaches home safely, the “Lockdown” can be lifted by a combination of using a physical contact card reader to issue a “Unlock” command together with a user PIN and if the user wants, the user may pair the card with a second pre-programmed card that contains another user attestation key for unlocking the card which the user should not bring the second card outside the house.

This would effectively allow the user to protect himself/herself by having a window of opportunity to introduce the self-destruct PIN (needing user PIN to unlock the card), the requirement of sending the card command from a physical card reader together with a specialized application that knows the command format (command format should not rely on obscurity but just for the sake of inconveniencing the attacker) and the possibility of pairing with a second attestation card that itself the attestation card also has a self-destruct PIN capability just like the original card.

Clive Robinson September 1, 2016 5:53 AM

@ Wael,

Thinking a little further, I was probably not that clear about why you would modify L1…

You can se from the circuit that R1,R2 set Q1 up as a current biased amplifier. However it also acts as an envelope detector with gain.

Inductor L1 and capacitor C1 act as a series tuned circuit, in the case of this circuit at quite a low frequency, thus what it is probably detecting is the current driving the phones ring circuit, not the envelope of the GSM signal. Hence my comment,

    With a change to the detector coil it can be built into a cheap “phone case” such that not only will the LED flash when the phone transmitter turns on for ringing it will also turn on for re-registration and other communications.”

Whilst clear “in my mind” at the time, is not that clear on reading again. What would work better is less turns and a capacitor across the coil to turn it into a tuned loop antenna.

Thoth September 1, 2016 7:27 AM

@r

Not sure what you mean be attestation a real thing with smart cards. If you pre-load the public keys and do the configurations necessary before hand, you could get a pretty good chance of attestation.

I did post the recent update for Genode earlier and now it comes with more features including using seL4 with Genode and virtualized VMs above micro-hypervisors. Coupled with running your setup on an ARM board, you could create a pretty good environment to run OpenBSD on top of those Genode VM + Hypervisor or some variants of L4 and then use it to do smart card provisioning (of keys and PINs).

I am thinking to try that out some day once I have the time to do so.

JG4 September 1, 2016 10:51 AM

@Don

Thanks for the tips about spy lore. There is an error in your physics. I have no doubt that people have been boiled alive in bathtubs, but very few swimming pools ever have boiled, even in the worst wildfires. For most California wildfires, scuba tanks and a swimming pool are a brilliant backstop. As always, the utility of a defense depends on the threat model. The mismatch between bathtub and swimming pool outcomes arises from two factors, 1) ratio of fuel to water, 2) heat transfer from fire to water. In the case of a bathtub and a frame house, there is substantially more than enough fuel to boil the water and the occupants. It would take many acres of grass and somewhat fewer acres of brush to boil a swimming pool, but the heat transfer is highly ineffective. Flame under a metal bathtub is a lot like fire under a cooking pot – it doesn’t take long to boil. It would take a large stack of wood to boil a swimming pool from above. Even then, the heat transfer to the bottom of the pool would be quite poor. It may remain survivable for some time after the surface boils, because of stratification. The hot water could be pumped off the surface of the pool and used to wet down the roof of the house. Scuba tanks are highly effective defense against superheated air, to the point that most firefighters wear them.

Dirk Praet September 1, 2016 1:48 PM

@ r

Porting those flavors of linux from their monolithic kernel to a foreign microkernel would be a considerable task if the ABI/APIs are considerably different.

Indeed, but if my understanding is correct, isn’t that exactly what the Genode Framework is meant to facilitate, sitting above the MUEN/NOVA microkernel/micro-hypervisor ? As shown in the .iso demos, they’ve got a handicapped GNU bash shell and even a Qt app working. Add VirtualBox, for which both seem to have a working PoC, and it should be possible to run xBSD or even Windows on top of that. That’s where it gets interesting, as it provides an intermediary stage to running stuff directly on Genode/supported microkernel of your choice. And which arguably should be a way more secure setup than your traditional Xen/Linux combination.

@ Thoth

what do you think of this smart card security workflow…

Sounds feasible, but it introduces additional layers of complexity. Wouldn’t you rather keep it as simple as possible for now and add such features in a later stage of product maturity? Back in the days when I was a young code cutter enthusiastically embracing whatever cool feature anyone came up with, I regularly got accused by management of coming up with armoured vehicles capable of doing 200 mph and staying afloat in water when all they had asked for was a simple car. It was not until someone had explained the concepts of scope creep and timely delivery to me that I started going about things in a different way.

r September 1, 2016 4:24 PM

@Dirk,

I haven’t caught up to you two yet on reading the features list, but I’ll point out something else: in the list of supported kernel’s (linux) is specifically listed immediately precending the ‘Muen’ kernel. That would be the quickest turn-around target rather than aiming at the lower-microkernel exclusively. Sorry if I’m talking out of my arse as usual but you’ve got me digging around about it. I recently picked up a Qubes capable device to replace all my constrained Core2’s. My intent was to get a dedicated buildbox for gentoo/bsd etc, this is going on my list of things to keep at hand for it.
Thanks.

And yes, it should be considerably more secure considering as you point out one of them are proven(?) on the lower level and then the isolation pattern itself they’re using to fork virtualbox for subsystem compatability. Right now though, the feature list says the IOMMU is incomplete. So it’s something to keep your eye on without the full respective hardware isolation we see in Qubes/Xen.

Definately a step in the right direction though huh?

r September 1, 2016 5:02 PM

@Dirk,

Related L4 microkernel work, but I don’t believe L4 has the same ‘correctness’ quality as sel4(?).

https://os.inf.tu-dresden.de/L4/LinuxOnL4/
http://l4android.org/

Abstracted and virtualized from an L4 Microkernel running in usermode underneath.

Not sel4 based though I’m assuming.

There’s a great deal of splintering (and research) with this technology, and I think I’ve seen it before years ago but without understanding some of the things you guys talk about.

ab praeceptis September 1, 2016 5:32 PM

r

The whole L* universe is somewhat weird and confusing. Maybe it’s helpful to look at its roots. Those were basically about 1 but very important issue, namely whether u-kernels were condemned to be slow or whether one could achieve having both, their advantages and at least near-monolithic speed.

L4 is the newest and current incarnation, which has been picked up and worked on (“forked”) by diverse groups with diverse goals. The australians tried (and achieved) do to something very interesting; a safe L4 kernel. Of course, this has to be seen in a wider context of a wider trend looking at how to make safer OSs.

From a professional perspective the major value of their work isn’t so much about yet another L* incarnation but about a broad basis in terms of proving. In other words, we are not so much interested in the OS but in its building blocks and particularly in the proofs for them.

As the Dresden L4 came up: That’s somehow funny in that, while their L* is of no particular high interest and somewhat floating between important plumbing work and creating a “fun distro” for everyone, it gotten some attention because the secure government mobile phones of Germany are based on one of the Dresden incarnations (“Fiasko” iirc). And yes, it’s not SeL4 based.

But again, a word of warning: while prooving all the building blocks of a kernel is a very valuable contribution to the field of safe OSs, it does not per se constitute a safe OS. For that other elements are needed, to, capabilities to name one example.

r September 1, 2016 5:44 PM

@by the rules,

That’s why I pointed out what I remember the goal of microkernels being: close to the metal isolation/abstraction and fail-over redundancy. Good for large workloads with small infrastructure requirements.

ab praeceptis September 1, 2016 6:05 PM

r

Well, yes and no, kind of.

Basically it’s about a proper approach rather than just kind of lumping together all the parts of an OS.

Tanenbaum (and only with Minix 3 iirc) delivered one additional block, namely resiliency, some others added contributions in terms of performance, yet others in terms of caps, etc.

The real point from a higher perspective, however, is about structuredness mostly as seen from a mathematical perspective.

It’s somewhat (losely) aking to languages. Where very old languages often came to be basically fat lumps of everything thrown in, it was soon understood (famously but not first by Wirth) that both, OSs and languages, are (or then, should be) implementations of algorithms. One might jokingly think o functional languages which are (and in an obvious way) quite close to math. and math well-structuredness.

And yes, you are right, the importance of that is roughly increasing with code/project size; one should keep in mind that an OS and even to a degree a kernel actually is a projct of considerable size and complexity.

r September 1, 2016 8:04 PM

@All,

OpenBSD 6.0 is out (Sept 1st 2016).

From Slashdot:

” W^X that is now strictly enforced by default, and removal of official support for Linux emulation, usermount, and systrace.”

W^X is strictly enforced now minus a single caveat (from undeadly.org):

“W^X enforcement. In their latest attempt to push better security practices to the software ecosystem, OpenBSD has turned W^X on by default for the base system. Binaries can only violate W^X if they’re marked with PT_OPENBSD_WXNEEDED and their filesystem is mounted with the new wxallowed option. The installer will set this flag on the /usr/local partition (where third party packages go) by default now, but users may need to manually add it if you’re upgrading. More details can be found in this email. If you don’t use any W^X-violating applications, you don’t need the flag at all.”

It also has included into the base system acme-encrypt which is a port of the ‘letskencrypt’ let’s encrypt app.

Figureitout September 1, 2016 11:11 PM

Wael
So what’s the relationship between the buffer size and signal strength?
–I’d guess it requires power on longer, hence there can be just longer transmit time not actual power (punch thru cleanly 1 time in noisy places is all it takes to “look normal”).

Agreed on the mistakes in paper.

Wael September 1, 2016 11:55 PM

@Figureitout,

Agreed on the mistakes in paper.

Hopefully I wasn’t too harsh, and they’d take the criticism in a positive manner. Their next paper won’t have these sort of mistakes, I am sure. I mean, goddamnit, how difficult is it to count till 12? @Clive Robinson surely sent this paper to raise my blood pressure — And…He’s probably laughing now. He sends the paper, I review it, and he says nothing whatsoever about it. So now I am the bad guy — So I’m gonna make him pay [2]:)

You know that C.H.I.P. thing I ordered a long time ago still has not arrived! They say some bugs will cause a delay in shipping![1] On top of that, the Raspberry Pi zero things I ordered, which cost me like $300.00? Never arrived, and they refunded me the money with no explanation whatsoever. I forgot what I was going to do with these kits already!

[1]

In the lead up to your C.H.I.P.’s manufacturing batch, we discovered a series of bugs relating to the long-term reliability of our new Toshiba NAND flash storage. Our software team has been hard at work, stress-testing the bug fixes before your C.H.I.P.’s software can be released to production. Because of this, we have temporarily paused manufacturing C.H.I.P.s until we can deliver a C.H.I.P. experience that everyone would be proud to use.

We are planning to complete our NAND QA process and release a new factory image by Friday of this week, with manufacturing resuming shortly thereafter.

Based on this information, we estimate that orders including C.H.I.P.s will resume shipping mid-October.

We completely understand if you find this news unacceptable and are more than happy to process full or partial refunds. Simply respond to this email with your order number and your request and we’ll take care of it. As this is a Holiday weekend, it may take us a week to process the refund.

If you’re curious, you can read more about our manufacturing process on the NTC forum. https://bbs.nextthing.co/t/pocketc-h-i-p-s-shipping-on-time-nand-software-delays-c-h-i-p-s-until-mid-october/9174/3

Thanks,
everyone at NTC

[2] @Clive Robinson is just about to have breakfast. Guess what he’ll have with the morning tea? Crumpets? Nope… Guess again! https://www.schneier.com/blog/archives/2016/05/economist_detai.html#c6723949

r September 1, 2016 11:59 PM

@Wael,

About your shipments, I’m going to have to charge you extra handling. I broke them while I was trying to interdict and backdoor your orders, next time I promise I will have extra backups to immediately replace and reship “your order”.

Sorry, I’m struggling with the logistics and soldering.

Wael September 2, 2016 12:11 AM

@r,

out your shipments, I’m going to have to charge you extra handling.

So it’s you! Hmm… If I ship it to Citizen Lab, you’ll be in the middle again. Now what to do? Guess I’ll handle it on my own. Backdoor it, front door it, and center door it. I don’t give a ****. Just send them to me.

Wael September 2, 2016 12:31 AM

@r,

suppliar.

So you add insult to injury, eh? Tell you what. Hold the order until I move to my new location at Gitmo. Someone sent me a “link” to a nice resort there, free transportation, and all – hard to resist. I hear the sky there is beautiful. I plan to have an operation before I travel there, just to be safe, you see. I’ll have half a lung removed, and I’ll replaced it with a freaking gill. Makes it easier to handle the water boarding.

Radioshack used to be one of my favorite places – a step above bookstores. Do you remember Forrest Mims III http://www.forrestmims.org/ ?

Wael September 2, 2016 12:58 AM

r,

Sorry bud, I can’t release the orders until I get the replacements from the suppliar. 😉

I don’t believe you! They shouldn’t take this long to backdoor! Did you send them to your talented buddies at NSO? If that’s the case, they won’t only backdoor them. They’ll fu*k them up. I’ll order a new set — just to give you some spare parts to work with.

Oh well, you backdoor my stuff, I backdoor my lungs — lets see who wins.

I thought for sure you would go this route

There were only two routes under consideration. The lung operation and this one: https://youtu.be/r_XS9_KwGVg I wonder if this seen is true, and Ed Harris really breathed in this liquid. Great movie, by the way.

Don’t care much for diamonds…

r September 2, 2016 1:34 AM

@Wael,

Last thing for the night, considering how delayed your packages have been… Maybe it’s not just one hactor responsible for all this hacktivity? You could’ve been interdicted by a whole slew of non-cooperating hentities yanno.

r September 2, 2016 2:08 AM

@Wael, All,

This is why and where the CA system is suffering from deliberated botchulism, if I live in Saudi Arabia and order from a German site hosted on an American service provider not only are the postal services vulnerable on the return path of my transaction but every entity involved in the initial ordering process can be tampered with also.

Is Wael’s dilemna due to a lack of coordination2? OR should he just chock(chalk(?)) it up to a human error and potentially make a very human error and install it into a soon to be (un)secure system?

I don’t like buying anything new or used off the internet, but sometimes we have(?) to. How do you guys handle it? I see @Thoth talking about using smartcards to vouch each other. These are REAL issues in the REAL world and to write off interdiction and security hazards as mishaps is mishappen view of things.

Magicians cast the spell of doubt, when the game is afoot what lies ahead?

Clive Robinson September 2, 2016 2:15 AM

@ Wael,

@Clive Robinson is just about to have breakfast. Guess what he’ll have with the morning tea? Crumpets? Nope… Guess again!

That’s because “crumpets” are not a breakfast dish…

But the “Full English” is as is various smoked fish and egg dishes.

So home smoked salmon and creamy scrambled eggs on an English –not US muck– muffin might be nice, but I think today I’m leaning towards smoked German sausage and smoked cheese with scrambled eggs with three pint’s of tea whilst I go over some middle eastern paperwork.

Bong-Smoking Primitive Monkey-Brained Spook September 2, 2016 2:29 AM

@r,

I followed the conversation here, and tried to help. I called our center out there. This is what transpired:

Me: Can i speak to tech support, please
Tech Support: Shalom, was sup?

Me: One of your agents told me the interdicted systems order# LMAO-2016 are stuck at your location
Tech Suppor: Yea, we’re making sure they pass our conformance and compliance standards.

Me: He said something about “backdoors”?
Tech Support: Bsically, to summarize… Yes, we are installing a couple of backdoors

Me: How long is it going to take? He needs to work on a project pronto. It’s been six months already!
Tech Support: Well, budgets are tight, staff is short. Give us a few more months

Me: That’s not acceptanle, I want to speak to the freakin’ manager
Tech Support: Okaaaaaay,

Manager: Yes?
Me: I want my systems sent ot me right now, I don’t care if the backdoors are not ready

Manager: You’ve got to be sh*ttin’ me!
Me: No, really. See, the systems comes from china already backdoored.

Manager: Well, Chinese doors have different specifications, you know… Westerners can’t fit through them.
Me: Look, I traced the systems and the logs show they got interdicted 78 times already! We don’t need 79 or 80 backdoors! 78 are good enough! I want my systems now, what’s your name?

Manager: My name is Mordechay.
Me: Bullsh*t! First of all, your name isn’t Mordechay! You sound like a Rajeev or a Gupta!

Well, it went downhill from there…

Can’t help you agent r. Just make the customer happy. Tell him we’ll throw-in a couple of rogue certificates and free top of the line rowhammer certified memory. Top of The Line 😉

Don September 2, 2016 2:36 AM

@ JG4

thanks for your fire dynamics. After my post I did consider the notion of surviving in swimming pools (and whether they were above ground or in-ground) whilst enduring a burn-over [the name, at least in my country for such a scenario]. Sounds like you are familiar with the specifics of instances of mortality in californian wild fires (I am not, although wild fire was my line). Your argument compared with a bathtub scenario makes perfect sense. I was not suggesting superheated air was part of the equation incidentally, was just including it along side radiant heat as the cause of mortality. Inhaling it is a quick and painless death apparently 😉

do check out the reading references , the three titles I included are highly stimulating and engrossing. The intelligence Robert Baer displays in Perfect Kill had me regularly exclaiming aloud.

Larry Kolb sat in on the Contras deal. He was later in hiding for 10 years after assisting in someones plan to interfere with indian elections and was on a kill list

@ r

re: vedic mathematics. thanks for this, point taken. Just to be devils advocate can we REALLY rely on Wikipedia? It’s a pretty convenient tool for counter propaganda. For those whom believe or acknowledge the science of astrology, the concept of vedic astrology is considered to be a fabrication with no historical basis, also (packaged revisionism ‘the spice of india’)

@ Wael

have I been dishonest in claiming the absolute virtues of ‘vedic mathematics’ over ‘conventional’ mathematics on one hand whilst not having a total and thorough proficiency in that I acclaim?
I am not so completely schooled in the discipline to be able to provide an answer to your equation as requested. Voila.

@ Wael @ Ab Praeceptis

i am sad to see you two at cross purposes. Following the thread I don’t understand how it came to be you had this (hopefully momentary) falling out. You have a lot to offer everyone by collaborating with each other – i trust you can forgive, forget and move forward in open dialogue

Wael September 2, 2016 3:02 AM

@r,

I don’t believe in co-incidents, do you? 😉

I don’t either.

@ Don,

have I been dishonest in claiming the absolute

Not at all. I honestly thought you might be able to give me an example beyond multiplications. I don’t doubt you believe your claims are valid. See, I’m multi-tasking — doing work, and at the same time monitoring some sites. Looking at hours of DVDs isn’t an option I can afford at this time. Give me a year or so, and we can talk about it again. And I am not being sarcastic.

@Clive Robinson,

three pint’s of tea whilst I go over some middle eastern paperwork.

Enjoy. If it weren’t so late at night, I would have had a few cups of tea myself.

@r,

when the game is afoot what lies ahead?

Elementary, my dear Watson! Avoid being a target.If you can’t beat’em, join’em.

i am sad to see you two at cross purposes.

I don’t engage in protracted personal attacks. Sense of humor is one thing, and what took place is another thing I choose not to participate in. He made his point, and I didn’t reply — and I am more than fully capable of doing so, but it’s not worth it. He can have the last word.

Clive Robinson September 2, 2016 3:13 AM

@ Wael,

Don’t care much for diamonds…

Yup I’m sticking with coke as it takes way to much effort to burn those darn diamonds…

and it’s nice to see the rerurn of the hopped up aborial itchy foot covering may it swing peacfully on high 😉

Dirk Praet September 2, 2016 4:03 AM

@ r

It also has included into the base system acme-encrypt which is a port of the ‘letskencrypt’ let’s encrypt app.

I bet that, as we speak, @ab praeceptis is drawing up an extensive rant to Theo, accusing him of wilfully distributing security snake oil and maliciously supporting known broken systems 😎

Wael September 2, 2016 4:09 AM

@Clive Robinson,

Yup I’m sticking with coke

Just stick with the unleaded stuff 😉

aborial itchy foot covering may it swing peacfully on high 😉

It’s not itchy at all! It’s actually the reverse. The covering protects from Tinea pedis. It’s swinging so high, it’s seeing sound, and hearing light – so peaceful, ask Steve Jobs [ https://www.thefix.com/content/steve-jobs-think-different-and-lsd-9143 ] 😉

It’s also seeing that a Frenchie pimplehead mouse in a lion’s skin still remains a mouse. Recent reincarnation of another itchy foot covering.

Clive Robinson September 2, 2016 4:28 AM

@ Wael, Dirk,

The disappearance of the Four Letter Achronism and the sudden appearence of another might not be unrelated.

That said the former might be on the two weak staycation, that has now become the –economicaly driven– patriotic thing to do even if you are an expat trying to blend in.

Wael September 2, 2016 4:40 AM

@Clive Robinson, @ Dirk Praet,

Choice of words, and style leak information. Cleavers to moil seep through fingerprint obfuscation techniques.

Wael September 2, 2016 5:16 AM

@Clive Robinson,

The skull is finally getting heavy — my queue to go to bed. It may have been @Thoth that had the link to the VM attack.

Ratio September 2, 2016 5:52 AM

@Don,

science of astrology

Science? When did this happen?

(I haven’t had a chance to check out those Vedic Mathematics either, but I confess I’m not overly optimistic. We’ll see…)

@Wael,

He can have the last word.

Or most likely, a whole bucket of last words. Brevity is not his strong suit. 😉

ab praeceptis September 2, 2016 7:23 AM

Don

i trust you can forgive, forget and move forward in open dialogue

Well, Wael already responded. Here’s my statement:

I try to look matter of factly at things and matter of soberly, factually, and politely respond. If Wael says something I feel I’d like to respond to, I’ll do that. Whether that is positive or negative will basically depend on what he says (and possibly how). I have (at least not yet) friends or enemies here; that’s not how I look at the things we discuss here, anyway.

And I have a story for you. For whatever reason it so happened in my life that I quite often encountered some kind of group-game. Whenever one enters a group there are, of course, existing social structures, implicit and explicit hierarchies, etc. Some members of a group are more curious, others are rather neutral and yet others are what I perceive as mistrusting or even fearful. And then there are the unfortunate ones who want to be/stay in some alpha group but are fearful or insecure or … And all these types act accordingly, especially when someone new comes in. Some are assuming that the new member might be an enrichment, others just shrug (“let’s see…”) and again others assume the new one a threat (whysoever I seem, so my experience, to have something about me that seems to provoke threat perceptions with the latter type).
Experience also shows that real solid alpha types usually don’t play “testing” games; they don’t need to, they are accepted for a reason. Usually it’s lower ranking alpha members who have that need; it’s usually them to do two things a) “test” (basically attack) new ones and b) engage in social interaction towards the alpha members so as to reassure themselves.

I’m in a somewhat unlucky position then, as I don’t care for groups and social games. Becoming alpha or ending up gamma just isn’t my perspective (but I have learned to recognize those group dynamics and games). Reaching this or that group position is not what drives me; I’m interested in learning, in information exchange, etc.
But alas many are different. Whenever I entered a group as the new one those structures and games were noticable and more often than not a lower ranking fearful “alpha” member came and had to play his games. My reaction is always the same. I’m matter of factly, neither do I try to please someone nor do I try to fight someone, I say what I want to say and I do that politely. But I’m only modestly stupid and I don’t like to be attacked, nor do I quietly tolerate it; I’m sober, largely factual, polite and, whereever possible, friendly and that’s what I expect from others, too.

The end of the games, btw. was unvariably that the aggressive alpha members were not exactly happy nor very alpha. Just an observation, not a goal.

While I myself am not interesting or important enough to write that much about, those group mechanisms probably are and if it were only for the fact that they are almost omnipresent. That’s why I wrote about it.

Happy ending: Sometimes (not too often) those members and myself ended up being good colleagues, in rare cases even pals (more than neutral, less than friend, correct?). For whatever reason (I usually don’t end up in the gamma group …).

Whoever approaches me halfway properly will be well treated.

ab praeceptis September 2, 2016 7:36 AM

Dirk Praet

[…acme-encrypt which is a port of the ‘letskencrypt’…]

I bet that, as we speak, @ab praeceptis is drawing up an extensive rant to Theo, accusing him of wilfully distributing security snake oil and maliciously supporting known broken systems 😎

No, I don’t. I highly value the work of the OpenBSD people and, hey, everyone is entitled to an idiocy from time to time (I myself had a generous share of that). Moreover, at least the OpenBSD people coded their own acme-stuff (and such adressed what possibly is the major furuncle of let’s encrypt).

Now, before some (Nick P, maybe) put an arrow into their bow and mention that OpenBSD is not exactly the peak of OS security I’d like to quickly mention something in preventive defense: I didn’t say it is. But, come on, those people have really done a lot to bring us forward in terms of security. While not being in the fervent fanclub of OpenBSD my attitude towards The OpenBSD is majorly one of gratitude and respect.

ab praeceptis September 2, 2016 7:40 AM

Ratio

Science? When did this happen?

For thousands of years. Before we built our science on top of that.

JG4 September 2, 2016 8:23 AM

http://www.nakedcapitalism.com/2016/09/liberty-reserve-bitcoin-and-the-us-bank-regulatory-dog-that-didnt-bark.html

http://www.popsci.com/man-who-lit-dark-web

There was update on the LeRoux story this week linked at nakedcapitalism

Meth, Murder, and the DEA’s Mysterious Deal With the ‘Most Dangerous Man in the World’
https://news.vice.com/article/paul-le-roux-joseph-hunter-rambo-the-dea-meth-and-cocaine

http://www.nakedcapitalism.com/2016/09/links-922016.html

Wael September 2, 2016 10:28 AM

@Ratio,

Or most likely, a whole bucket of last words.

A bucket and half it is!

@Don,

i trust you can forgive, forget

There is nothing to forgive. Just because I disengaged from a subject discussion doesn’t mean I will ignore the person on a subsequent discussion — I’ll just adapt and adjust my style. It may take a few observation samples to optimize my parameters.

Going to disengage for a bit. I consumed too much bandwidth already…

ab praeceptis September 2, 2016 11:17 AM

“[Or most likely, a whole bucket of last words.]
A bucket and half it is!”

Thanks so much to both for providing a clear example of the little games within the lower wannabe ranks of the alpha group. Of course a prepared and served ball by one just had to be picked up and used by the other.

Thanks also for the response to the, btw. not even asked, intelligence question. (“quantitative” criterion).

Never mind the long posts from some (higher ranking alpha) members (that certain players would, of course, not dare to criticize).

In case you haven’t noted yet; You are not on your way up. Quite the contrary. Do yourself a favour and think about the famous “Si tacuisses …”.

A Gent r September 2, 2016 11:31 AM

@Bong-Smoking Primitive Monkey-Brained Spook,

Thank you for your support and looking into this issue, I think I have a solution for some of the partlies involved.

@Wael,

My superior has spoken (to me), since as I previously stated I (we) are currently unable to fulfill your order due to a fumbling in the (lack of) infrastructure let me be the first to make you a counter-counter offer…

You’ve been such a GReAT asset thus far hows about we (I mean you) make it a fish hole? Now, I know you will have to consort with your local aficianados but let me be the first to tell you that even though you’ve suffered GReATlie from our hinterdiction efforts we have undoubtedly made GReAT strides into the practices practitioners and practically all of our competitors due to the bumbling nature of this incident.

Now I know, that upon reading this very personnel eyes’d note some mothers in your nick of the woulds wood very much like to have a conversation with you about this (and other, including priori(?)) cough coffers of sponsored ships.

I look forward warned to your response, but I must cut today’s dealings short as my handler is questioning my ability to fix a front door not a back one.

Ciao.

agent rng September 2, 2016 11:49 AM

The pot thickens:

http://www.percya.com/2016/09/wosigns-secret-purchase-of-startcom.html

“I called for WoSign’s revocation earlier this week for its utter ignorance over security. However, WoSign is cross signed by StartCom. Meaning that as long as StartCom is trusted, even if WoSign is manually distrusted, all certificates from WoSign are still considered valid. What’s more, now it looks like StartCom is actually purchased by WoSign.”

Joe September 2, 2016 12:07 PM

That said the former might be on the two weak staycation, that has now become the –economicaly driven– patriotic thing to do even if you are an expat trying to blend in..

Speaking of whom, it’s been a while since poster last wrote.

This is probably unrelated but worth a mention (me thinks?).
R.I.P. Ian Traynor

Wael September 2, 2016 12:45 PM

ab praeceptis,

I don’t wish to leave you with a bad taste in your mouth. I’ll have to retract the statement about leaving for a bit, only for this purpose. The next time you see me is when my name disappears from the latest 100 comments (there, a way to keep me out — a vector of exclusion.)

Never mind the long posts from some (higher ranking alpha) members (that certain players would, of course, not dare to criticize).

You’re a scientist. To disprove a “proposition”, one counter example is sufficient:

Here is one counter-example — There are many more.[1] This one is a light heart comment, I certainly do appreciate @Clive Robinson’s and @Nick P’s sometimes “long” comments, as many others do. There are others who do criticize everyone else, including truly yours.

Here is another one

In case you haven’t noted yet […] Quite the contrary.

“Noticed”. “It” ebbs and flows.

lower wannabe ranks of the alpha group

How would you classify this statement? This is the sort of comment that degenerates into a long thread of subjective personal attacks.

Have a nice weekend… (I mean it)

[1] Internal links, I’ll “href”; external ones, I’ll provide raw.

ab praeceptis September 2, 2016 1:10 PM

Wael

My suggestion: Let’s make it simple.
a) I have no interest whatsoever to see you muted.
b) I offer you my hand in good intention. Let there be peace.

Nice evening & weekend to you, too

Nick P September 2, 2016 4:29 PM

@ Wael

“Come to think of it, @Nick P is an “entropy ranger”. Just seed one of his posts into a RNG, and it’ll croak”

I just noticed this. Both the line and that it’s probably true for the survey posts like How Johnny Can Safely Program Satan’s Computer.

Far as other one, I was thinking about doing it again sometime. Just waiting for the right moment and posts. 😉

agent rng September 2, 2016 6:36 PM

https://hardware.slashdot.org/story/16/09/02/2014214/police-seize-two-perfect-privacy-vpn-servers

I wonder what this is related to? We already know that Switzerland will do GCHQ and the NSA’s bidding thanks to Mr. Assauge.

Something I was just thinking about, considering the argument against modders about who “owns” their equipment… If I buy a device that say Microsoft or Ford owns, can that device be obtained physically via a warrant through said companies?

Clive Robinson September 3, 2016 4:12 AM

@ Nick P,

Looking a little further up the page where “Want Anoter Electronic Lollipop” called you an “Entropy Ranger”, I find you commenting on “Mummy Merkals” “phone upgrade”…

At the bottom of which we see,

The “Worse is Better” meme still applies. I can’t wait to see what passes for military grade security 5-10 years from now.

I know we are only two fifths of the way in, but are you seeing any trends to “swirlying down the can” yet?

Bong-Smoking Primitive Monkey-Brained Spook September 3, 2016 5:50 AM

Some lollipops need to relax their eyes or deal with retinal detachments.

insecurity September 3, 2016 8:05 AM

Still blows my mind how many people use the same simple password for all accounts. All the trouble of hardening a network is for naught if users and employee’s insist on weak passwords.
Despite their claims they have nothing to worry about, they could soon have a lot to worry about when one account is breached, revealing any unknown personal details that couldn’t be easily guessed or found, leading to other accounts, emails (which the pass is now know) and then the terminal and private devices can easily be targeted.

what a bargain September 3, 2016 10:38 AM

@Clive

Eye Watering prices? Am I looking at the same figures?

$60k – $100k per target, plus a deep discount for bulk orders…

While the margins are certainly enormous, it’s still going to be far cheaper than traditional surveillance methods.

Figureitout September 3, 2016 10:42 AM

Wael
Hopefully I wasn’t too harsh
–Nah most of it wasn’t, just embarassing ticky tacky errors, not much getting to the meat much of the exploit and RF comms besides how they’re extracting and dicing up the info.

You payed $300 for a pi zero? Dude…you like giving money away? :p

Main thing I want right now is a UPS for my pi’s, when I’ve been running my packet sniffing, power has gone out twice and I’ve luckily been able to boot up again after improper shutdowns. I’m not doing “3rd time’s the charm”. My non-new idea of a simple solution is a huge external battery that charges via USB, constantly plugged in, power dies, that battery needs enough capacity to run the pi at least 2-3 hours, more would be nice. Need some kind of detector to trigger a safe shutdown then.

Ah, the nightmares of discovering serious bugs after going into production. Even better when it’s someone else’s bugs you gotta fix…Least you can convert that anger to energy in the gym. :p I feel like I’m going to get to experience that for my first product[s]. I’m freaking out a bit and unloading on the poor FAE lol. I want access to the people writing some of the drivers we use, and I don’t know how to test a watchdog timer is actually working. :/

Don’t know what to do w/ them, as I say, send them my way. I always want more computers and chips. Right now I need like 10 cheap adjustable power supplies though…Had to fix one the other day, pissed me off so much lol.

Nick P September 3, 2016 11:01 AM

@ Clive Robinson

“I know we are only two fifths of the way in, but are you seeing any trends to “swirlying down the can” yet?”

I started dreading being good at predictions a while back. This one already happened as illustrated here. Many of those on right side look like good points until you realize that what they’re cutting was assurance activities. There’s red tape for sure but nobody is evaluating security of say Oracle database or Windows desktop in 90 days. That Type 1 process also prevents all kinds of flaws that show up in things like OpenSSL. That one official was happy to replace them all with mass-market equivalents. I’m sure he’s not the only military official happy about that acquisition. The other is not American either. 😉

Czerno September 3, 2016 1:14 PM

Can we consider our host’s “Friday squid” posting to be a kind of implicit, periodicly singing, miner’s canary ? Corollary, ought we to suspect Schneier’s has been pwned by now (Saturday, Sept 3rd, ca 6:10pm GMT) since no new squid has appeared ?

Seriously I vote for there to be a canarian convention of sorts established now, i.e. /before/ something awful happens unexpectedly. You never know !

agent rng September 3, 2016 1:45 PM

@Here’s looking at you Squid && Squid pro quo.

Let’s have a recap of the weak.

Figureitout has complained about suffering ‘considerably’ worse attacks, shared a short fingerprint with us (more specifically Wael, Dirk). Wael potentially has suffered multiple points of greviously fumbling hinterdiction. @ianf is missed. The a-prime trolls are still here. One guy talked about his internet being cut (that’s a module later btw). PerfectVPN was cherrypicked through their ISP, where’s that article?

My question, where’s the apprension?
Canary lol, who’s the paranoid schitzophrenic now?

All of that activity crossing Bruce’s SI[ght|te] could’ve easily led to his boat being tossed by the current [regime].

1984 is only a hop skip and a jmp from here.

Say someone here was using PerfectVPN and the non-public emails we may or may not be using with our posts need to be exa mined. It’s not that far fetched is it?

Nick P September 3, 2016 6:15 PM

@ Moderator

There’s a ton of spam clogging up the blog’s Last 100 recently by names FiguresEh and agentrng. Especially on this thread. I suggest deleting all of that and any replies to it.

ab praeceptis September 3, 2016 6:40 PM

Moderator

If following Nick P’s suggestion I’d like to see the “any replies to it” part amended with “unless those replies have the substance to stand by their own, too”.

More generally, while I do understand Nick P feeling (justifiably) disturbed by those “posting series blasts” I think that “spam” is too hard a judgement, hence my proposal would be to invite those posters to a) post more moderately and b) to keep in mind whether their posts are within the frame of interest here.

Nick P September 3, 2016 6:55 PM

@ ab praeceptis

Leaving part of a conversation that should never have happened is usually a bad idea. Often misses context. It makes better discussions harder to follow. Finally, it rewards the troll by keeping their name and results there. It’s a trophy to them. So, my proposal was to get rid of them and their trophies.

@ r

The link is interesting. Makes me wonder about their samples and such. It’s no surprise to see Switzerland on top in databases and security given banking’s dependence on them. Chinese and Russians top on programming with Chinese near top on security comes with a combo of education, intelligence collection, and their cloning industries. 😉 It was weird to me that Ukraine was top in the security challenges. I know there’s quite a bit of hackers there but top? High-assurance software is labor heavy and Ukraine is probably cheap labor. Opportunity there.

The distributed systems numbers makes no sense to me given none of those is in top of the field in terms of work produced that I know of. Japan and Ireland have good AI programs with published results that won but others I see little of. A bunch of these are just weird. I seriously wonder about the accuracy of the methodology used.

r September 3, 2016 7:25 PM

@Nick, ab,

A gent r/agent orange/ is me, I think the mod’s already been through there. I don’t know if either of you noticed the “profanity deleted” thing.

@Nick,

Which prize? the long multifaceted response to reducing entropy or his gene pool? or the workthrough for 1×0123?

I’m with ab on this even though I’m biased, look at the thoughrough responses it evoked for others. Sometimes I do get out of hand though and I was morned by a shyguy this warning. I hope that Wael’s alright and is battoning down his hatches.

Other than that, I only posted that /. because I thought it was an interesting affirmation also and likewise also suspect the methodologies but lack the formal tools to investigate such questions myself – which is why I post things like that here. 🙂

Also, where “cheap” labor is concerned. I come from a background where you pay a man what he’s worth, Ukraine, Russian, English, Chinese, American. You pay a person what they are worth because a) it is right and b) it’s the only way you will ever begin to curtail insider threats or eventual competition through employee migration/loss.

Don September 3, 2016 7:25 PM

@ ab praeceptis

RE your post about group dynamics, and the various tiers, (alpha male and sub alpha etc) and how you fit in to that.
I appreciate what you are saying and its validity. I feel it’s not pertinent to this blog however. We’re just a group of ‘folks’ talking about Security! There are the regulars, there are the great number of people never posting, there are the regulars that pop up only occasionally. There are the trolls, there is the occasionally mentally ill. Nothing as structured or formed as you described and certainly no pecking order

It did remind me however of studies I’ve heard of. Apparently behavioural scientists or psychologists have spent a lot of time working out what happens to people as a group, thrust into a survival dynamic with all the external comforts and layers of identity with personality stripped away. Like a plane crash on a deserted island for example. Apparently, very very quickly, people default to their respective ‘role’ or identity in the group. It’s like their core essence comes out and asserts itself in the context of the community.
There’s the leader, there’s the maternal figure, theres the one who doesn’t want to lead as much as be in charge, there’s the one freaking out, the mediator/diplomat, the one who steals food and hides it from everyone..

your post almost reminded me tangentially of someone I know whom has a ‘Rule of Thirds’. They say it applies to any kind of large organisation, and they refer to it anytime someone makes sweeping generalisations about individuals that make up a large entity eg
‘all cops are pigs’ ‘microsoft employees are gutless’ ‘nsa employees are all backdoored’ etc

The Rule of Thirds states that one third of people are just trying to get by, meet the bare minimum requirments, turn up at 9am on the dot and try to make it to 5pm with out making too many mistakes or get noticed or picked on. blend in, be invisible, be a square peg in a square hole

Another third are exceeding all expectations, idealistic, ambitious, attentive, pick up everyone elses slack, try to reform and remake and improve.
The final third are at the bottom of the pile. Cutting corners whenever possible, stealing stationary, using email for personal reasons, blaming others, getting others to pick up their workload, taking lots of sick leave. etc

Don September 3, 2016 7:37 PM

@ r

i picked that agent rng was you based on word play, certain types of phrases and content. also someone else referred to you as agent r earlier

then i wrote it off as someone with a mental instability when you said 1984 is a hop skip and jump from here (trolls say shit like that) and you intimated, actually no you blatantly stated an entity was missed.

i liked the ‘Mr Assauge’ very good 😉

actually, Nick was right – delete all your posts 😉

we’re so far overdue for next friday squid it’s like the last day of
school in high school – the curriculum is over, half the kids have gone, the teachers don’t care, there’s no work to be done so everyone just runs amok

agent r September 3, 2016 8:01 PM

@All,

This is one of those real life scenario’s where realization finally catches up to reality (and thus physics) and our structural engineers. This is the type of OOPS that’s permissible in software engineering, albeit occassionally excessively dangerous there is no reason we are building our frameworks with matchsticks on modern computers.

My apologies for all my vagarities and metaphor.

https://gizmodo.com/new-analysis-confirms-why-the-skagit-river-bridge-colla-1785842162

But, there’s also more issues at play here than mere physics.

Some of our exploits (think rowhammer) are due to oversights in unknowns, the others are oversights in known areas which are entirely unacceptable.

Nick P September 3, 2016 8:06 PM

@ r

“Also, where “cheap” labor is concerned. I come from a background where you pay a man what he’s worth, Ukraine, Russian, English, Chinese, American. You pay a person what they are worth because a) it is right and b) it’s the only way you will ever begin to curtail insider threats or eventual competition through employee migration/loss.”

Define “worth.” 😛 That’s where the simplicity breaks down. You appear to define it as you should pay gold to those who produce gold. I’d like that to be true. The capitalists pay the going rate or whatever they have to negotiate for someone above average. That’s probably 99+% of them with whole industries generating insane wealth doing that. So, it works acceptably most of the time. My idea enters both categories where I (a) find countries with talent + low cost of living (or rates) and (b) obviously pay higher than that. I have to pay higher to get their better talent and keep them. Yet, it will be way lower than what I would pay in countries with high wages. So, we both get benefits in that case.

While you’re talking about “right,” let me throw you a curveball you might have not considered. You probably think paying a person who builds good software less than a premium pay is a bad thing. Recall we’re working on software that lives or large sums of money might depend on. Although capitalism doesn’t care, my utilitarian ethics say I should do what I can to ensure its delivered with the correctness I promised. Paying people extra will reduce the number of people I can put into good design or QA in a way that can undermine that. Let’s say the work required and staff allocation both have numbers where I can’t be sure of this. Is risking delivery of defective software for medical, financial, or Tor-style sectors “right” to make workers more money than they need? Or is it “right” to pay them the going rate or only a little more to ensure there were enough people to successfully deliver a correct or secure system?

What do you think on that one? 😉

agent rng September 3, 2016 8:23 PM

@Nick,

My opinion is don’t belittle them with offerings, I wouldn’t shy away from investing in other countries (you may have noted that I’ve said multiple times that I feel we dropped the ball with Russia in the 90’s). I am not saying pay them prevailing American wages, but you should certainly offer them incentives above what they would be offered within their own country (that is, if you’re at all interested in retaining them as opposed to eventual turn out). Remember that 1 employee emitting crap code requires 1-2 more to verify debug and fix – which is why you spout correctness and security in the first place correct? Considering the gaps in both international and local laws through employing people in exterior countries you may not have the same guarantees that one may have in the US or in Western Europe. We protect our assets by investing in our people (our workers) and our equipment. We protect the longevity of our projects by promoting such images, I’m not saying give them spoiled rotten N. American Union wages. I’m just saying that we can make large mistakes in our race to the bottom.

Remember, what I’m worth and what you’re worth are relative to our areas (and our areas). I live in a part of the united states where one can survive on <5000$ a year. We can buy houses in my area for sometimes $1, sometimes $500, sometimes $5000. The rest of you? $5000 wont even get you 6 months in a 1 bedroom let alone power, anemities, etc. If you want to invest in East Indian children, do it with education – don’t do it by forcing them to run the dye machines. If you’re going to invest in Ukraine, do it in a manner that promotes both your company and your employees. Maybe I generalized a little sharply over your choice of words, maybe I didn’t – we wont know until someone like Hillary Duff asks (you) Donald the Duck to post your tax returns.

Pay it forward, we’ve all been fore-warned.

As for worth? Gold and Diamonds in African Nations are considerably cheaper than they are here, the markup you pay for your wants is called greed – there’s a certain intrinsic value in everything. It’s up to a good employer to figure out what those incentives are, for some people no amount of money will ever be enough I think. For people like me? I’ve felt guilt over what I thought was over-payment – and believe me when I tell you that I’m unskilled labor.

My allocutions and position may seem short-sighted, I’m aware of the holes in my operations but I reap what I sow so please – I’m open to any and all criticisms.

@Nick, and no – I don’t believe software is worth squat really. Partly because of international competition, a stagnant workforce/education back home and also because of the advents and motions into the arena of AI and self-developing/guided-coding.

I think the whole world is in for a shocker very soon.

agent rng September 3, 2016 8:29 PM

@Nick P,

Do you or your overseas employees have to pay into social security? There’s a large chunk of savings right there. Maybe I don’t know what I’m talking about, just be careful with that capitalistic grab for cheap labor. It can get both people and companies into trouble with human beings.

agent rng September 3, 2016 8:31 PM

@All,

Bruce’s html filtration system for the win. I just avoid disclosing my $800,000 dollars a year. Huzzah!

agent rng September 3, 2016 8:36 PM

I live in a part of the united states where one can survive on $800,000 a year. We can buy houses in my area for sometimes $1, sometimes $500, sometimes $5000. The rest of you? $5000 wont even get you 6 months in a 1 bedroom let alone power, anemities, etc. If you want to invest in East Indian children, do it with education – don’t do it by forcing them to run the dye machines. If you’re going to invest in Ukraine, do it in a manner that promotes both your company and your employees. Maybe I generalized a little sharply over your choice of words, maybe I didn’t – we wont know until someone like Hillary Duff asks (you) Donald the Duck to post your tax returns.


Also, remember that some “company’s” only pay their employees enough to keep them in chains (think walmart, dollargeneral, familydollar and mcdonalds usage of government subsidized labor). While not all companies practice that kind’ve demeaning bs, it’s a common symptom in a basically unregulated market. Who ARE we working for if not for ourselves? You pay a man what he (or she) is worth or you replace them, that’s it. It’s a complex question, sure but the right decision shouldn’t be that hard. Don’t hide behind the practices of your/our industry – you and me are just a small subset of the larger picture.

Thoth September 3, 2016 8:48 PM

@Figureitout, @Nick P

Attn: @Figureitout

“Main thing I want right now is a UPS for my pi’s, when I’ve been running my packet sniffing, power has gone out twice and I’ve luckily been able to boot up again after improper shutdowns”

I am guessing the NSA knows when you are doing your research and simply flips the switch 🙂 . Have you thought of checking your environment for NSA bugs ?

Attn: @Nick P

90 Days for CSfC … that sounds like crap. I doubt they are serious about evaluation with only 90 days and the poor Red Teams have to work overtime 🙂 . That explains the quality of “High Assurance product XXXXXXXXXXXX” these days. I am gonna sell my smart cards to them for USD$ 100,000 per piece and claim it’s CC EAL 7+ with FIPS 140-3 Level 4 certified that prevents Russia, China, NATO and Non-NATO intrusions 24/7 with 0 down time 😀 . They do take it and happily consume it …. LOL …. Now where’s my secured smart card phone book to ring them acquisition managers up …….

On a less mocking mode, not to forget, highly certified CC EAL smart cards actually exists with Samsung’s S3FT9KF claiming to be first in getting CC EAL 7 for some categories (overall EAL is 5+) and Infineon, ST, NXP and even Atmel have not been sitting idly around and each of them have their certified (overall certified EAL 6+) smart cards and catching up fast with almost all of them producing some form of high end FIPS 140-2 Level 3 + EAL 6+ certified card chips and it has actually come to a point where these card chips are getting better after every iteration and for me as a card developer, it’s less of the EAL and FIPS security levels but more of how well the code cutters can make full use of the security the hardware can provide and strength the hardware’s security to it’s limits and bring their full potential out. So far I have not seem much all too much impressive codes that tap into the card chip’s security potential. Most of the codes are pretty default and widely known and so far no one have actually gave them a twist to combine the security from the hardware with the code’s capability of making more use of the hardware’s potential.

That is where my CryptoPIN comes in and I have decided to expand on it to have another edition which one is for 16-bit JavaCards and the other for raw bare-metal implementation to bring out even more of their potential.

agent rng September 3, 2016 8:54 PM

@Thoth,

I don’t know why he/she isn’t using car batteries and a car charger for a steady deep rooted 12v source instead of an intermittently available and vulnerable AC source without a DC buffer.

agent rng September 3, 2016 8:56 PM

@Thoth,

I found myself asking if @Figureitout is running into mobility problems, even a 12v lawnmower battery is a deeper cell than some el rando LIon.

agent rng September 3, 2016 9:17 PM

@Nick,

Since I am the only one here with so little life that I can expend hour and hour debating and analyzing assertions and responses let me further my argument about capitalistic behaviour demeaning and undermining both local populations and local businesses.

Point #1, McDonald’s employees are for a large part government subsidized.

#2 Why is that? Because McDonald’s doesn’t either a) pay it’s employees enough or b) doesn’t give them enough hours.

#3 Why is McDonald’s doing such things? a) Because there’s profit in it. b) Because they can’t due to competition.

#4 Why can’t they pay their employees more? a) Because they don’t want to and b) because it would force them to raise their prices.

#5 McDonalds set their prices and they can unset them anytime. Them setting their prices in the first place, just like walmart is what led to the destruction of other directly competing smaller businesses.

Let me know if you can see the slippery slope I’m eluding to, if not maybe I can flesh out more examples to undermine any “pro-big-business” international and local exploitation practices you might be idealizing.

(These are all just opinions of an uneducated man from an area where 40% of the people can’t read past the 4th grade level)

If I’m wrong correct me, please.

agent rng September 3, 2016 9:37 PM

@Nick P,

This is just like the CNE argument, just because you can doesn’t make it right.

FIN exploitation is the same thing, I’ll summarize.

First you said:

“Ukraine is probably cheap labor. Opportunity there.”

Opportunity for who?

Later you said:

“The capitalists pay the going rate or whatever they have to negotiate for someone above average.”

That covers the children working in India and Pakistan for 90+ hours a week to help cover the families exorbitant food prices then huh?

And:

“That’s probably 99+% of them with whole industries generating insane wealth doing that.”

I’d like to see where you got THOSE numbers from.

Finally:

“So, it works acceptably most of the time.”

Acceptable to who?

agent rng September 3, 2016 9:49 PM

@Nick P,

If those [original] numbers are an accurate sample, and if this climate of swirling manure is allowed to continue YOU NICK: YOU will be employed by a foreign entity when you’re @Clive’s age without medical and retirement protections because our rate of re-investment in ourselves and our employees (even those overseas) has went the way of the Dodo’s.

Likely not 5 years, maybe in 10, probable in 20 with education indexes like we saw in that paper. How can we as American’s compete in a global market as leaders in an environment like that? Who will we be outsourcing to?

agent rng September 3, 2016 10:00 PM

@All,

And we wonder why we are so hawkish over global resources and various obscure points of interest. We wonder why we play backroom poker games with arms deals and terrorists. We wonder when the “war” will end. Some of us even claim that we’re in a time of plenty, like our planet isn’t some sort of finite ball of atoms waiting to produce whatever imaginary thing we want from our magical startrek replicat0rs just like our television invents happiness so many nights a weak.

I wonder, when something’s going to hit the fan blade. I wonder when the brushes in our motor will run out. Can we just pull them out and clean the carbon off them this time? How many times before have we done that? Do we have spare brushes? A spare spindle? Spare wire for re-winding this ticking tock?

I’m behind the curve, I’m 40 years old – but I OWN my own house and I OWN my own cars AND I OWN ALL OF my debt.

Can half of this sleeping, voting country say the same?

I own a gun and I own a well and a couple extra pumps and a tripod to pull and replace them.

What do you take solace in?

agent rng September 3, 2016 10:05 PM

@Nick P,

Something I don’t think you’re aware of, and I’ll try to find the link…

But in the 70’s and 60’s, CEOs of companies only made roughly 40% more than their highest paid employees. What changed? Are you refuting that these were not highly successful times for American companies both at home and abroad?

What changed?

Was it our level of greed or yours? Maybe it was the information coming back to us from our dedicated life long employees, maybe it was something in the feedback of life that changed… Maybe we’re out of touch? Maybe I am?

Maybe you are, it is working GReAT after all.

r September 3, 2016 10:30 PM

@Nick ‘o Plenty,

http://www.epi.org/publication/ceo-pay-continues-to-rise/

It’s working great isn’t it? Back then we had retirement funds, social security, company medical coverage. Certainly some of those benefits were short-sighted and ill-conceived, but to make that generalization is to neglect the fact that in-and-of-itself it’s yet another short-sighted observation. Sell me something else. Tell yourself another one. Something’s amiss, the world is alot more modernized than it was.

So, with China out of our pockets because of McCain’s lovely campaign finance reform… What’s left? Who’s still donating?

CEO’s and CFO’s ?

http://www.epi.org/publication/ceo-pay-continues-to-rise/

Where’s the security in politicians saying one thing and doing another?

You say it’s a great opportunity, I believe you.

But for who?

I guess they don’t have to buy votes if they can simply pay someone to lie huh?

Show me some more numbers.

agent rng September 3, 2016 10:43 PM

If that’s a TLDR; that’s okay, just scroll down to:

“Trends in the CEO-to-worker compensation ratio”

and

“CEO pay relative to that of other highly paid workers”

I think the original article I may have seen was the CATO study.

By the way, I figured out what’s missing from the equation of then vs now.

Can you guess?

We believed in ourselves.

Do you believe in us Nick? Or do you believe in exploiting a trade deficit or financial oversight hole reamed (and reemed) by countless years of perpetual greed and malfeasance?

r September 3, 2016 11:37 PM

@Nick P,

The thing I find most funny, is your penchancy for fantasy as you rationalize ways to develop EAL5+ FINSEC solutions in what’s effectively the Russian embassy. While I am in no-way averse to giving jobs to Russia in the least bit I don’t think someone who may (like alot of other’s on this forum) shy away from the NSA would be so eager to gain such proximity to the GRU or FSB.

Really Nick? Are all of your employees going to be telecommuting to your VPN enhanced premisis with custom wireless keyboards impervious to both sound and EM? Maybe they will wear scuba suits and do their coding from salt water huh?

MAYBE FTFY HUH?

That is until your company becomes a financial success, and your code has reappeared at a different… more Chinese company reasonably if not 100% refactored but with your [c]opyright still intact in the unstripped binary objects.

Go ahead, increase your attack surface by outsourcing such technological development to a reasonably insecure country like Ukraine. If people in Cambodia will work for a bowl of rice a day and a gun in their bell imagine what the Ukrainian’s would do for the same huh?

It’s okay, it’ll take you 10 more years to develop a[nother] scheme just to mitigate such a threat model.

I promise you that.

Nick P September 3, 2016 11:43 PM

I got on briefly to see what my prior comments triggered. In the past, it would’ve been a discussion by multiple parties on various claims made with supporting arguments. The result in Last 100 was quite different: troll comments instead of anything substantive. A bunch with different names and allegedly different backgrounds that seem coordinated and all start sounding the same in reply to two comments. As usual, they tell you more about the sources than the comments I made. 😉

r September 3, 2016 11:51 PM

@Nick P,

I knew you were baiting me, while that IS entirely unfair I will not complain.

You asked and I responsed in-light. It’s still here, make sure you save the page since you politely asked for my reasoning and I gave it. You know, just incase it is deleted and all.

That’s really quite crude, but I am in no way anywhere near the substantive contributer to the course of this page as you are – maybe more the discourse fair enough.

But this is me lodging a complaint for baiting me and then spinning it backwards, I at no time have done even remotely similar to that – I both expect and await responses – not use this page as a sounding board like it’s my own nickpsecurity.org

Your stance may be accurate, but it’s entirely unfair – I’m sorry that you feel that way.

May you have a clean conscience.

ab praeceptis September 4, 2016 12:21 AM

Bong-Smoking Primitive Monkey-Brained Spook

Neither. I did not even know that other forum (woodman) and I don’t like, let alone play name games or writing under multiple names.

Being at that I’m getting an idea why Nick P might behave the way he does (concerning myself). He seems to think that I’m acting under different names here. I don’t.

That statement, of course, isn’t worth much and doesn’t prove anything, but I felt like putting that straight out anyway.

r / agent rng September 4, 2016 12:27 AM

@by the rules (ab)

#1, there’s musing that you ARE ianf.

look around, if I get deleted or banned you’ll find them.

Further more: I am pretty sure you coalesced prior to ianf’s disappearance.

Figureitout September 4, 2016 12:30 AM

Thoth
–I can’t take research really connected to the internet very seriously, if experiments can be so easily tampered with. Nothing’s worse than investigating bullsh*t (I’ve caught people that actually will tamper w/ your tests…unbelievable). I’ve found a few bugs in the past, but no for the most part in a civilian (civilized?) area I refuse to live like that. It distracts from doing useful work.

So of course I take the logs w/ a grain of salt, but I can see many devices connecting/disconnecting, it appears to be working.

But turns out my little for fun side project which was so easy and such a joy, may get some use as a data logger where I’m at. I’m excited to see if it works off the bat.

Bong-Smoking Primitive Monkey-Brained Spook September 4, 2016 12:32 AM

@ab praeceptis,

writing under multiple names.

Well, I’m 🙂 I’m a sockpuppet, no less. And you know my puppeteer. I just don’t like to blow my cover. Take it easy and keep it objective — a suggestion, not a rule to impose on you.

r September 4, 2016 12:41 AM

@Nick,

I used the wrong phrase, I didn’t intend sounding-board. I meant ECHO CHAMBER.

@Mickey RooRk,

If you zig, I will zag promise.

ab praeceptis September 4, 2016 12:47 AM

@Bong-Smoking Primitive Monkey-Brained Spook

No, I do not know your puppeteer, and I don’t care to.

@r / agent rng

One of the reasons I dislike those name games. Creates confusion and bad blood.

Could you guys not simply stop those games? Being at that: How about focussing on security related posts.

Just look at the mess you’ve created. Thanks also for finding myself on pastebin together with you and for being under suspicion (which in itself disturbs technical discussions).

ab praeceptis September 4, 2016 12:55 AM

Moderator

I’d like to ask for two things:

a) Kindly check the IP of my posts (It’s an IP linked to a plain DSL and it should always be the same or very similar. No proxies or the like, just a plain simple connection).

b) I’d like to suggest to implement a tougher policy concerning socket-puppets, multiple names, repeated gross ignorance for the context of this blog, and the like.

Thank you

Bong-Smoking Primitive Monkey-Brained Spook September 4, 2016 1:35 AM

@ab praeceptis,

socket-puppets

We never had any of these here. Ouch, my eyes are killing me!

Thoth September 4, 2016 2:16 AM

@Figureitout

“So of course I take the logs w/ a grain of salt, but I can see many devices connecting/disconnecting, it appears to be working.”

This sounds like so interesting data points you have. If you are interested in more depths, you can put them into a document database, a graph database or a CSV and map them.

Time of connecting/disconnecting, amount of time connected, amount of data sent and received …etc…

Interesting stuff.

Of course, do the analysis air-gapped in case of someone interfering.

Nick P September 4, 2016 5:15 AM

@ r

We’d have called that dramatic reinterpretation back in school. There was no baiting you. I actually ignored your claims of sockpuppetry given you already saw the complaint. I asked questions to begin a real conversation on outsourcing expecting a reply from your name and further discussion. The trollish sockpuppetry that followed in Last 100 was worth capturing to illustrate what I was talking about.

@ ab praeceptis

I received multiple complaints from people here that you were writing many long posts that said very little. The Snowden leaks and posts on Russian action occassionally bring in sophisticated trolls who do exactly that to disrupt discussion here. They like to embed among us with friendly chat, some links, and long comments that dont say much. So, I started watching your posts whether directed at me or not.

I’ve already written my conclusion to that in the NSA thread. I predicted there you would not take time to contribute any specific answers to questions from commenters in technical discussion. I predicted you would write some more posts with little substance, though. It’s only 5am my time and this already came true. You also side-track and strawman yet again with the sockpuppetry thing where my post to you didnt mention that at all. There’s no need to look up your IP when your comments themselves tell us what we need to know.

Or regularly don’t tell us what we need to know while speaking authoritavely on a subject…

Figureitout September 4, 2016 8:18 AM

Thoth
–Thanks, glad you like it. I liked having it at my desk so I can just look at all the traffic flowing through the router (it’s a lot…). It’s just tcpdump on a raspberry pi, anytime I can just kill it and use it for anything w/ the tiny wireless keyboard (don’t need a mouse on command line). I think right now data would be saved as a pcap, or that’d be easiest. Then you could use wireshark to look at data more. Doesn’t look like clean time stamps are a feature (saves as seconds since jan. 1970). If I could compile tcpdump, I’d probably first look at the clever time library I use to timestamp for another datalogger (which is currently in use at my work and provided precious data for me to debug, including a jackass coworker who for whatever reason was tampering w/ my tests). You can get a very clean time stamp then, and I used a .csv file for that so you can open in notepad++ or excel. To lessen the probability of tampering I wanted to try the lan-tap throwing star thing, but haven’t got it built up yet. It’d either be on a lan or a vpn too.

Moderator
–I think at the least a warning is in order for poster ‘r’, and all his sockpuppets. He seems to be interested in riling people up and starting pointless bickering matches.

Also the story from ‘broken bucket’ seems pretty pointless/irrelevant, s/he could’ve described why s/he wanted to post it in a few sentences and linked the story. There’s no context or anything, leads me to believe it’s just spam to clog up comments page.

Thoth September 4, 2016 8:52 AM

@Figureitout, Nick P, Clive Robinson, Moderator, Bruce Schneier

I suspect (and maybe many of you as well) of many impersonators and now I have decided to open a publicly view-able and verifiable Github repository for signing forum posts when the need arises.

As usual, my PGP signing key would be the following:

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v2

mQENBFJjUPABCAC9i7Yypjn6fdj8av4s6KmP6WWQKgiaBStfk7pfItqgh9qoIF2s
W9zFEyzVb7PvjPvpzPPhwoK2U49eUpwC078rOU+iZ3SqAVTJuWcPijAcNVH0/QnX
nx8nribIuJ2wWatI2IMOlo887MqGk/MDjvTuFBCHsU0PSM0wmI6rpBxSiUzOac/a
QLvoBoSwn26fOoWeOqX46vU/gKxOycenaFGMCKxMvbJ11D0h/g/Lmo/Jm+S+a9jR
Y9aqMDFhXwf0WugPdKuMYt1bLaSP2dYQs93VwyIGYT9PPNvE9tWdKc5/QEUHHaRo
stUhXDRazmgPXc+H1gS2ImnBVef1JxC8elm5ABEBAAG0J1RheSBXZWkgWmUgR2Vy
YWxkIDx0d3pnZXJhbGRAZ21haWwuY29tPokBOQQTAQIAIwUCUmNQ8AIbAwcLCQgH
AwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEIiF+ZVvv8Gd+jwIAJQEY/LSwMGkBFgq
Wou6QLlsNxynPP65PTjXCxvl+AaR9WgwwMqE7avTSPQ2Q+X5tNwozc8VE/2EYgMm
flBJo5LfdnsB98XarQW9qzahA0v4q9SKRzI3bmniC9MQwXe3s+Pg8SSVcnjGMqR/
5BoSUkKj61FcZCFWdK03+aA9XV3y7bCk90KRlPjui7ZGJk5fd/ws3FLXfxXm6Qod
jtSztF6d/GZW6wQ7ToxBkjW245WyR0726uhdPKCdt6l5dhWNyaxa5n8yJusjzpEb
RTHBHi9KWPDW8Vuo/6Adh/uOYus0PXqTTpgaD41vTOHZrdsxu0r/LGS6gicwpTOj
ktOsUIi5AQ0EUmNQ8AEIANRBWbceLRtOBXp/OQFrB809+7YoWvxBKx1/0mQHfgXB
eg8ahGbCcZZWrHpe7rjHrzBuTsO1XnlYqEXQUAhyXMBOsUFTScaI35Nq6BjJ/YQS
djtPGx6ctkzIpFWbqktShcFkUm1ZnBaP/9uLv5tSMrF8rA0o0AassbGWe6tLnfwq
m7jZjHBFOGTsoOeXXkBp1PqMgBfUoQlyKLT9gsig3AZds7t9j5WHOUzLWGVimDG1
6yjgOrKlNl6ipZ/+omKeCymQnjhWNF7QIRAC8kEFXYf445jz1DaqXtcxdCfIZwOn
AmG9m7DAcHJkC72jJdkfRVh76DFeeKakGaskkG6DLEMAEQEAAYkBHwQYAQIACQUC
UmNQ8AIbDAAKCRCIhfmVb7/BndNKCACIuWv+apzSSt61Wqkyl+qmHTfb2KFFAnKR
OiEejoEbX1BZAvzI5tY2+rHPFGXuIO0ai0/9gVcZbPIcX3eZa8AOoAYRNsha5mAx
c7W8pDs8qjZNF7jw5nWBrPdCAUaWCzZdrNnuWKpBX5c2jVCaaOyQdXhLOO4M9vfQ
KvaPzSHe4+vkxhi0HYbTKB2PLAp5XmzwCMD3uaWubprdhw6UczhsGjy56qpIOEVW
ZDXbngTXbk0tjfgebYmNvknItmVkodVpGDx6YNcR/FiRcQBA3fe2qpJJOwt4FZpZ
ZpvED3OW1SZfkO4CmuDtP2YWDUzuv2XpDKkhZws4rF1W8GA5VTaf
=sDcZ
—–END PGP PUBLIC KEY BLOCK—–

Thoth September 4, 2016 8:54 AM

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

https://github.com/thotheolh/bruceschneierforumsig/
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQEcBAEBCAAGBQJXzCeSAAoJEIiF+ZVvv8GdCNsIAJWVGu72WhlCsiE1ow2gtva/
FDf9I0ArN3He6oW3fnwC0zmnbzXi+eDSrHroMWCIwlKQsoGdwj85gruJu1LCDYFG
Aj3t7iifnVIWql/BRdHdBaJS6sz5ISlnomTOpWCYvdCMpifIN54VdlOH+d+lDPx2
Gghv7iNybH0OH0/aQVzA7nhjRdHoy/O4nSEuPEiRMdyURKF0xqo9tqirkYnsQIfs
ePr/OS4d/P5IAOUvFuqyeUq3V9yFpKjn9Yq9voX1XmNUpen+75AYT+PZ9Kw+neUk
IwMcVh3ZJdJJ7GJlFfkDQMvK8huqn6gKN6GIeHTVJ25RWHnStBUew0v2cwird5g=
=d8hG
—–END PGP SIGNATURE—–

Moderator September 4, 2016 9:09 AM

@broken bucket, @all — Please refrain from copying lengthy passages from materials published elsewhere into your comments; a link and very brief excerpt should suffice.

@ab praeceptis, @all — If you believe that you are being impersonated, please provide links to the suspect posts, and I will take appropriate action.

@all — On the squid posts, our host has welcomed general discussion of security topics. This is not the same thing as a free-for-all. Extended discussion of politics should be taken elsewhere.

@r — Please refrain from posting multiple short posts in rapid succession, especially when they have nothing to do with security, and consist of little more than expressions of contempt.

@all — Please do not change handles mid-discussion; it is confusing and aggravating to others.

Ratio September 4, 2016 9:27 AM

@ab praeceptis,

science of astrology

Science? When did this happen?

For thousands of years. Before we built our science on top of that.

I have trouble seeing how that comment can make any sense whatsoever if the meaning of the word “science” is to remain constant throughout.

Regarding the last word, or a bucket of them: if there is an alpha group you can be its supreme leader for all I care. A supreme leader without all the rambling would be awesome. Looking forward to it. 🙂

Dirk Praet September 4, 2016 12:49 PM

@ Thoth

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

My public key can be downloaded from the usual key servers or from keybase.io
KeyId. BA8E1E8C
Fingerprint 5F25 B1D8 F22B E88F 8FF3 C5A7 6AB2 5603

Dirk
—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – http://gpgtools.org

iQIcBAEBCAAGBQJXzFnCAAoJEFSkR3Co8lXwYtYP/i0Mp2zKdhYUvjQFv9Aak9Ro
mKhY3opaeWtKxapP/ZoRbUJw+oxyx34k+9hvIeYZ2NtjW/lorxPf1Attg1y7bwup
LrzF8iDbrEt93WR+To/fKmHAEUz061txb7Z6K2E2a+RAD+aIy55rcNDLGFpY4HEK
r2ZN/9KLRGrjhw9XPrUqpal0FTsXismNzomTRtaidiwS16Yq3Nj76fLUB+buId5H
iMzhY8L0X+36Xona1SN2eNKqL2bQNu17xicTHXLbsyzkIphnK7ocrNCCrY233/z1
rCItotz2RRnvaVa+t3tLIl5JCMBkSkgQ+DJd7gr7pK/3TennENveB91lU+zEJWC6
BYAyWWdxvqBx+M9hOJMbUNQOklAnvgkcdPds6MGhcQVhng11znPrNV5VRTFO7LC1
S/xguN3d5Sz54XMlHWPXrnGNgzkd8bwoWAu1/9rMIQdQFyLCWUzfTrkXsWe2mj9o
VA0exEw25dyV+vgTTLRYFB+I0mHeKi7sUm6QheVGYwhgcqLZB6LZNHetfUckYT+P
npYbzGecYBacGOVSZ2dwK54QfH6LhFv1wGh/iGYJwHqHIXnbFsDpplgIA+xs4FID
meM/OITjeEbyLA50s1S4HjMdWUXKZecs8D0b7PIL5kjgIjpwKNZcknsCs3mbrc+x
1PzolmKneEUKtWP/8j1b
=pfG2
—–END PGP SIGNATURE—–

ab praeceptis September 4, 2016 2:36 PM

Moderator

First: Thank you.

No, I don’t feel I have been impersonated. Why I brought up my IP is that it might be helpful in determining name-system-location consistency along with some helpful details (location, type of connection, etc). Also feel free to nmap me in case you decide to investigate the current problems.

Nick P

You may know a lot of papers but you certainly lack even basic legal understanding and investigative and even logical capabilities.
You did put my posts along with the sock-puppet post and you again accused me to be part of some kind of trolling operations. Based on what? Based on “I have feeling”.

Don’t get me wrong. I don’t demand proper investigation, proofs and whatnot. While the Moderator probably has at least some basic means to investigate (and I expressly cleared him to do so) you certainly don’t. As if to confirm what I say, you yourself publicly explained that you basically applied aunties-kitchen “reasoning”.

That is not acceptable.

Moreover I never criticized your personal style. Feel free to put your points and views in any way you see fit and adequate. On the other hand, however, you not only did repeatedly criticize my style but you even went so far to make-shift an accusation of trolling out of that.

I don’t think Bruce Schneier likes wanton accusations and libelling based on nothing but someones gut feeling. In fact, he frequently criticized that and always stood for proper legal proceeding. And that is not some matter of personal taste; it is a vital part of credibility.

What you do here is going against the very essence of what this blog stands for: Proper research, proper analysis, proper use of adequate and sound technology and means.

Finally it is not up to you to dictate how one is to write and discuss here. It is up to Bruce Schneier and his team. He doesn’t need you as sheriff or as interpretor. As weall can see Bruce Schneier can perfectly well speak for himself and he even does have (a) moderator(s).

So, stop your personal based-on-gut-feeling witchhunt!

Nick P September 4, 2016 5:05 PM

@ Thoth, Dirk

Always good to share some public keys. Before signing everything, mainly at Thoth here, remember that the damned signatures start taking up more space than comments. Signal to noise ratio goes way up. Mike the Goat and I co-invented the solution here with him prototyping a few rounds of his scheme. One can either use the small, signature systems like Mike originally suggested or move signature + metadata somewhere else leaving tiny link in comment as I envisioned. Thinking on it now, one could even link to a GPG-encrypted text file containing the text of the comment or HTML file similarly containing just the text. Original scheme was intentionally more flexible but constaining it that way can improve things.

Dirk Praet September 4, 2016 7:19 PM

@ Thoth, @ Nick P

Before signing everything, mainly at Thoth here, remember that the damned signatures start taking up more space than comments.

If my understanding of @Thoth’s proposed Github solution is correct, there’s no need to put any signatures in the actual posts. What you do is clone the bruceschneierforumsig repository, create a branch of your own and for each comment you make on a particular day, you add an entry in the forum-posts/file_day_x with your handle, date and time referring to the exact date/time as stamped on the forum comment.

Then you sign a commit for that file modification (git commit -a -S -m ‘mod day 04092016′) and create a pull request which @Thoth then needs to merge into the master with a “git merge –verify-signatures non-verify”. This will fail if there is no valid signature. When you want to verify if a post indeed belongs to handle “x”, you do a “git log –show-signature -1” on the master branch.

There are of course some prerequisites for this to work:

1) Everyone participating in this scheme has to be up to speed with PGP and git. You require all participants’ public key and which you need to sign.
2) @Thoth needs to merge all pull requests and in practice becomes some kind of additional moderator. And there will be delays when he’s sleeping or otherwise occupied.

Although sound from a technical point of view, I doubt many folks will participate. It’s beyond those with a limited technical background, whereas others may find it a bit cumbersome.

On a related side note, I agree that there is some very dodgy stuff going on on this forum. On the bright side, I’m totally happy with my new Raspberry Pi 3 I’ve been playing with most of the weekend. The NOOBS-installer now does a perfect headless Raspbian install after adding “silentinstall” to the recovery.cmdline file in the root of the offline distribution .zip file and SSH is enabled by default. No additional tweaking required any longer.

Bob September 4, 2016 7:38 PM

@ Bong-Smoking Primitive Monkey-Brained Spook wrote, ” socket-puppets We never had any of these here. Ouch, my eyes are killing me!”

This is pretty much expected of an anonymous forum where messages are judged by content instead of author.

Sock-puppetry is a common practice under any democracy, where it’s known as astroturfing. Or would you rather Schneier’s blog go the dictator-and-big-brother route?

Thoth September 4, 2016 7:55 PM

@Dirk Praet

Please use your own Github repo if you are doing Github forum sigs. It’s difficult to maintain branches and a security and trust risk. I am not accepting pull request in that repo.

r / agent rng September 4, 2016 8:15 PM

@Dirk, Thoth, All

Has it crossed your minds that it may be too late to be exchanging keys? For all you know, for how far flung you all are – you could be exchanging keys with the devil.

It really is in the details isn’t it?

While I may be obnoxious sometimes I can’t even fathom the thought of you guys even kicking around the idea that I’d have the capacity for such hacktivity. I’ll not contribute to your paranoid spiral any further I promise, but you do wound me, and I do bleed.

@anyone thinking I’m a sock puppet, very rarely do I use such tactics – my intent yesterday was to adopt a new[er] name under normal and previous circumstances it has only been to skirt unauthorized LEO reactions. I ALWAYS post with the same email so Bruce or whoever [with permission and rights] can weed me out if need be. Princess is just spun way too tight right now I assume: Wael, Figureitout, Mr. Internet Cut, are there any others the general public of this site needs to be aware of guys?

I know if I was preaching to noobs all day and they started to invade what I thought was my private sanctuary I’d likely get all bent out of shape too.

I never was the threat here, what was the threat IS the threat: your security in your insecurity. So you got comfortable, and somebody got close. Somebody got REAL CLOSE, now you’re so spooked by the spooks that you even jump at the wind[mills].

My suggestion? Have a beer, have a laugh, take a valium. CALL YOUR FRIENDS, if you even know the sound of their voice anyways. Otherwise, you NEVER know who’s on the other end.

Do you?

Bong-Smoking Primitive Monkey-Brained Spook September 4, 2016 8:38 PM

@r / agent rng,

@anyone thinking I’m a sock puppet,

Stick with a name. You are hereby called Kunta Kinte 🙂 No, realy… “r” is hard to find and “r / agent rng” is indecisive. “Agent r” or “Agent rng” — whether that means RNG as in Random Number Generator (implying random comments) or Agent Orange is fine.

Has it crossed your minds that it may be too late to be exchanging keys? For all you know, for how far flung you all are – you could be exchanging keys with the devil.

Who wants a Non-repudiable entry that may put one in trouble. Certainly not me! I’d rather say I didn’t do it, whodunit?

@Bob,

Sock-puppetry is a common practice under any democracy

Ten-four! I was highlighting something else: sock vs socket.

ab praeceptis September 4, 2016 8:39 PM

Dirk Praet et al.

Unfortunately there seems indeed to be a need to avoid games played by some. On
the other hand RSA is unwieldy long creating either a bad content/signature
size ratio or a need for other ways like the ones proposed earlier (e.g.gitgub).

I suggest an alternative that is no less secure than RSA but offers a by far
better content/signature size ratio, namely OpenBSD’s signify/Ed25519.

signify seems to be available for all major OSs and is simple to use.

My public key that I will from now on use is mentioned below.
The signed message is the full post up to and including “— signature:”,
followed by the signature.

signify PK:RWSI84is85x0FXvAHyaOZJ69GH0sAt8Nn4UF92EgbOnJMZSLZlqPz1pf
— signature:
RWSI84is85x0FVfRkZakJ5n+HIi9RWZSvlVJXWocddFeDeZZtvhRDRX6wwQrpxQGiVbBadGshTr5dwGjWipazixaI+l9ZWYdxgQ=

Nick P September 4, 2016 9:02 PM

@ Dirk

“If my understanding of @Thoth’s proposed Github solution is correct, there’s no need to put any signatures in the actual posts.”

I must have missed that post. The idea is similar to my scheme in that it externalizes it and creates a record. Clever to use Github given it already has key capabilities for this. I agree with the practical issues you brought up. If GitHub has an API, a program could run on a dedicated machine that periodically checks the signatures against a whitelist of users, does some validation on the content, and automatically accepts the requests without the participation of the admin (eg Thoth). The admin would just have to handle registration for the public keys and keep a dedicated server going for the checks/accepts.

Usability and participation remain problems. Github is really weird compared to non-DVCS’s. Lots of FOSS people get it but others would take training. Not as easy as a plain HTML site with a log whose entries are tied to specific hyperlinks with page numbers or the hash symbol.

@ Thoth

“Please use your own Github repo if you are doing Github forum sigs. It’s difficult to maintain branches and a security and trust risk. I am not accepting pull request in that repo.”

Scratch that. I’m guessing you meant each person do their own Github account with their own stuff posted. Makes more sense. Do you have a link to what that looks like in terms of a comment so I can assess usability on reader’s side?

Signature here.

Note: See how uncluttered it is if the place supports links? If not, a URL shortener.

Wael September 4, 2016 9:22 PM

@Nick P,

Note: See how uncluttered it is if the place supports links? If not, a URL shortener.

I like it. I hate clutter, and not too many people will verify the signature anyway. I won’t, for sure! I respond to the content as another poster said. I do vary my message depending whom I am communicating with.

I had to renege my “word”, if you know what I mean.

Wael September 4, 2016 9:24 PM

@r,

Wael, just in case my mouth put you in harm’s way:

No worries. Just take it easy on @Nick P. He’s a good guy. He was the first one to respond to me on this blog, and he was nice.

Wael September 4, 2016 9:28 PM

@Figureitout,

You payed $300 for a pi zero? Dude…you like giving money away? :p

Oh, I ordered a bunch of stuff. Boards, connectors, adapters, screens,… I’ll have to make another order later on…

Nick P September 4, 2016 9:28 PM

@ All

re defects in, analysis of, and protections for C-like languages

The forum has been a bit crazy. Starting to get productive again. I found something pretty nice that I think should be done at least once every 2-3 years: a detailed survey of what’s in the title. This is a researcher, Yves Younan, whose work I didn’t know about outside one of the minor ones. Apparently, what I missed was a survey (author’s PhD actually) of all kinds of memory safety techniques focusing on individual problems, total safety, reactive stuff, proactive stuff, provable stuff, probabilistic stuff. Lots of significant work up to publication date of 2008. The best thing about this one is author categorized these along lines I just described, listed known defenses in tables, labeled what safety properties they protect, rated their assurance from Low to High, and then offered author’s own contributions. Younan’s publications list keeps going from there with lots of other work. Mostly tactical kind I’m not into but some here might have singificant meat in the methods.

So, that was a good find. Looked back at the Clay language again where I like how it sticks close to C with Rust-style protections. Closer it is, easier conversions by ex-C people will be. Keep thinking reapplying such techniques to an Oberon or Modula might have payoff, esp where GC must be off. I’ll probably think on it some more esp as Younan’s paper brough more analyses to my attention. Meanwhile, going to end the day finishing up this show, The Strain. Despite being another zombie/vampire gimmick, it’s been OK to good depending on the scene. The greatest this year was How to Get Away With Murder. Can’t wait for Season 3 to see Annalise deliver some pro-grade ass-whooping while simultaneously thinking “someone needs to stop this cruel, crazy bitch.” Haha.

Nick P September 4, 2016 9:48 PM

@ r

The forum was, esp pre-Snowden, a clean place with mostly civilized discussion with little noise and lots of people learning from each other. One or more of the regulars will always counter the appearance of lots of sockpuppet comments or high noise-to-signal. I hold no grudges in the slightest. I speak up about the situation given I feel some responsibility to help as a long-time member of the forum. Past that, I roll with it.

Still interested in a summary of your agreements or disagreements with my outsourcing post. It wasn’t bait despite the after-effects. I’m still seriously considering various tradeoffs in that subject for when I talk to people that can affect such situations.

Note: “agentrng” sounds like a cooler name than r, which is hard to find being a single letter. We certainly would recognize it given your comments with interesting links and such. I’m fine either one.

@ ab

“You did put my posts along with the sock-puppet post and you again accused me to be part of some kind of trolling operations. Based on what? Based on “I have feeling”.”

I wrote two posts to you detailing exactly what my gripe was. I read pages of your comments with very few having specific, actionable information. The example with Frama-C or whatever was a decent one where someone might follow-up and learn something. It too was mostly dismissal, though, with nothing actionable past a reference to the tool. I responded when you claimed you didn’t have time to write such actionable comments despite spending more digital ink than many consultants, engineers, and CompSci people on such dismissals and vague comments. That put your signal-to-noise ratio as low as the trolls that disrupt us. Rather than thinking you’re a troll, I just point that out, leave the issue to you to decide, and you will either add more signal like a specialist or keep on your path. Your decision.

Far as the sock-puppet post, that was to illustrate to the moderator and other readers that the forum had degraded into a cesspool. It happens periodically. It looks so different in Last 100 (our news feed) than the civil, information-rich discourse that normally happens that merely cutting and pasting the feed is enough to illustrate. Getting to one of the replies that actually had information in them required me to scroll through half the page. I’m not even sure I pasted all of them as I was in a hurry on mobile. I figured I’d be clear that I wasn’t putting you in the same category as most of what was in the feed. And explain a third time what my criticism was.

As with r, I have no grudges. You can do it however you want. I just couldn’t believe you said you didn’t have time to give some straight answers about the topic of discussion or your domain of expertise after spending who knows how long writing everything else, esp dismissals that led to the question. It stood out because it didn’t happen with anyone else despite many being busy, busy, busy. Why you were avoiding such answers I don’t bother to infer as I can’t know from here. It’s not available time, though. That’s obvious from other specialists’ answers under time constraints.

ab praeceptis September 4, 2016 10:03 PM

Ad “Yves Younan”

Well, actually that paper/thesis focusses on, to quote the papers author “some
important vulnerabilities that can be used by an attacker to gain code execution
in programs written in C-like languages”

Somewhere else, the author states “Vulnerabilities that can be exploited by
attackers to perform code injection attacks are an important kind of
implementation error”

The title, however, is “Efficient countermeasures for software vulnerabilities
due to memory management errors”.

For people interested in tool support to help C programmers to create safer code
I’d like to mention a quite unknown but nice tool, the Deputy compiler which is
somewhat similar to ACSL/Frama. As it uses the gcc backend one can still have
good optimization and Deputy should be easy enough to be useable for people
with less experience in formal methods.

signify PK:RWSI84is85x0FXvAHyaOZJ69GH0sAt8Nn4UF92EgbOnJMZSLZlqPz1pf
— signature:
RWSI84is85x0FTv6BKB4wZMAE09EG4PuU9d/K3EqgTfy/M0PvR9Rymzr2l+A8283rc2GVHB8M8AMp4b30uL52J64sYYuZVvP6Ag=

ab praeceptis September 4, 2016 10:14 PM

“I figured I’d be clear that I wasn’t putting you in the same category as most of what was in the feed”

You did put me into that pastebin post, along with trolls. That is a verifiable fact. So your “I figured I’d be clear …” is questionable, to put it politely.

No answer needed, no discussion granted.

Nick P September 4, 2016 10:39 PM

@ ab

” So your “I figured I’d be clear …” is questionable, to put it politely.”

Damnit, I did it twice. That was intended to mean being clear in latest post rather than original. The highlights were a pile of sockpuppets, comments fighting sockpuppets, and so on. Indication of overall status of the blog where moderation is necessary. Not that you were a sockpuppet like the others which were already admitted.

“the Deputy compiler which is somewhat similar to ACSL/Frama.”

Yeah, Necula does really good work. He’s one of those people who does a nice job bridging new theory and practical results in formal methods. People might enjoy reading on Deputy. It’s dated these days with unknown maintenance. I’ve been recommending switch to Softbound+CETS or SAFEcode given they’re top-tier and active. Still looking at stuff like Clay for domains where that performance hit isn’t acceptable & it has to be C-like.

Robert September 5, 2016 12:25 AM

@ agent rng wrote,

“What changed?”

The question is better asked, what hasn’t changed? So, what hasn’t changed? What hasn’t changed is we are all humans and we are all average at best. The superiority we maintained eventually trickled-down and spread-it-a-little like Roman Empire. The process is slow and spanning, although it can regress at times, but it will eventually average out. I would have expected no less from a believer of RNG (RandomNess Generater?) or is a cleverly guised Russian Nice Guy?

Wael September 5, 2016 3:50 AM

@Nick P,

Pretty long papers which I can’t read at the moment. Question: given the significant effort required for formal proofs, and the task’s incompatibility with say Agile development methodology, would you view code review and unit testing + static analysis + dynamic analysis + testing (functional both positive and negative, stress — temporal and spacial –, penetration) acceptable or equivalent?

Dirk Praet September 5, 2016 5:22 AM

@ Thoth

64 69 72 6b 70 72 61 65 74

Please use your own Github repo

That sounds reasonable and actually simpler. I guess I kinda overthought the issue. My repo is now on-line at https://github.com/dpramone/bruceschneierforumsig_DP . Actually not even that cumbersome once you’ve set up the repo. Add an entry to the day file, sign-commit, push and done. For the time being, I don’t intend to use it for every post I make, just for those I’d be challenged on. And perhaps with exceptions for posts containing politically or otherwise sensitive posts. Since I’m posting under my own name here, non-repudiation can be a bit of bitch in some circumstances. I guess I’ll have to come up with some sock-puppet handle for those 😎

@ ab praeceptis

I suggest an alternative that is no less secure than RSA but offers a by far better content/signature size ratio, namely OpenBSD’s signify/Ed25519.

I’ll look into it. I kinda like @Thoth’s approach as it doesn’t involve any signature overhead in the forum posts themselves. The downside is that you need to get hold of all participants’ public keys, verify in some way that it is theirs indeed (party tool) and then bookmark their Git repo whenever in doubt whether or not a post belongs to ‘X’ or ‘Y’.

signify seems to be available for all major OSs and is simple to use.

That would seem to be the case for everything x, but where’s the Windows version? The average MSFT user is not gonna go with a MinGW compiled cli tool.

The important thing for now is that we decide on one particular system to go forward with. I cannot be bothered with multiple verification systems for every individual commenter. Personally, I like @Thoth’s approach the most so far.

@ Moderator

If we get this issue sorted, would it be possible to put up some page for or pointer to either (verified) keys or Github repos of those participating in this system as to avoid newcomers having to dig through the archives if they want to look up someone’s identity verification key/repo?

@ ab praeceptis, @ r & others

It is kinda normal that regular patrons will be asking all kinds of questions when suddenly there’s a bunch of very vocal newcomers around that are not entirely familiar with existing bar etiquette. The graceful way to deal with that is not by becoming argumentative or belligerant about it, but to try and figure out who is who and what the local sensitivities are. @Nick P and @Wael, to name just a few, are among the most respected and knowledgeable members of this forum, and you are not scoring any points with anyone by dissing them.

However unfortunate, that’s something @ianf never quite understood. Although many of his comments to him were just in good fun, many people – and not only regulars – took offense to his often abrasive and disrespectful discourse to the point that they got to consider him a nuisance rather than an added value. Please don’t fall into the same trap.

JG4 September 5, 2016 6:43 AM

Thanks to everyone who is committed to high SNR in thought and action.

I really like the authentication/signature scheme using PGP, not that I could implement it. I wouldn’t be against an optional login process that locks a particular name like JG4 to be usable only when logged in. That would require attention to detail to prevent someone from hijacking names at inception. I suggested before that names could be locked (optionally) to email addresses, with the email address serving as a simple password. That won’t work for users whose email addresses can be guessed or are published.

It’s a short step from either of those concepts to having a plug-in on your local machine that selectively displays only posts from the legitimate participants in a thread (ones who use a protected name and/or ones who have signed their posts). No matter how much blather the trolls throw up on the site, you wouldn’t see it, or have to scroll through it. You could toggle in and out from display any participants who teeter on the edge of unity signal-to-noise ratio, as you see fit on any given day. Some of the manic participants will have periods of great creativity and lucidity and you wouldn’t want to lose those moments, even if their average output is worse than useless.

@NickP

“Getting to one of the replies that actually had information in them required me to scroll through half the page.”

Rounding up all of the comments made by a participant also should be trivial with scriping, with options for including or excluding time periods and key words. That would be a handy feature for displaying all comments by the two to n high-SNR participants, in chronological order, with or without keyword discrimination.

It has been a long time since I was able to write code, but I think that the term of art for the type of tool that could implement a lot of the functionality that is needed is browser plug-in. These functions would be useful on a variety of forums and susceptible to open-source efforts.

There could be a browser plug in for signing posts with PGP and toggling which comments are displayed by name. I don’t like the idea of running PGP on a machine that is connected to the internet – that process should be on a energy-gapped machine that is connected via suitable data diodes. We could generalize the diode concept to data filter, although that loses the uni-directional enforcement. Ultimately the data flow for PGP needs to be bidirectional, but it can be text-only. Limiting the data flow to text tends to reduce the potential for mischief. A particularly high bandwidth data diode/filter structure could be realized using a webcam to view the screen of the internet-connected machine for text-capture and OCR. Transmission back from the energy-gapped machine could be via infrared data diode.

I was saddened that my post of the CIA manual for disrupting organizational thought didn’t even rate a mention. Isn’t that part of the root problem? I get that personality disorders also are part of the problem, but their efforts generally are less effective than the coordinated and paid efforts at disruption.

Clive Robinson September 5, 2016 7:29 AM

@ Wael,

Question: given the significant effort required for formal proofs, and the task’s incompatibility with say Agile development methodology, would you…

You need say no more, as you’ve got to the nub of the problem,

Formal Proofs -v- Agile etc.

If you sit and think what the primary result of this is you get,

1, Formal Proofs = Engineering / Scientific foundation = Considered and indepth design = Thorough design.

2, Agile / etc = cut-n-paste / sausage machine code cutting = Ill considered, shallow chuck together = Superficial random non design.

3, Thorough design is an intensive and resource heavy activity. Where as shallow chuck it together non design is initialy a resource light activity.

The problem with much of the “application development” we see, is it started of as an idea, went to a doodle then got bits bolted on. In the short term this produces some kind of “product” but it’s doomed to fail under it’s own weight at some point having involved vast resources in total both badly and inefficiently used.

Thus it’s very short term “bodgit it quick” to “get to market” versus the use of initially slower but importantly thorough design. Whilst the latter lays down solid foundations that can be efficiently built on and maintained, the former is like trying to build an inverse pyramid on shifting sands. If we were to “see the build” the inverse pyramid would have obvious cracks bolted over and so much shoring it would be hidden in a forest of staus, with each tiny change causing hundreds if not thousands of new bolt ons and stays being required to stop the inverse pyramid cracking appart or falling over.

Agile like many other non / superficial / light “design” systems is a race for the bottom. Which like the early November 1940 Tacoma Narrows Bridge Collapse three quaters of a century ago has the seeds of it’s failure built in from the very start.

But history shows with the advent of both science and engineering in the Victorian era that whilst speculative doodles might look good on paper, those that are not engineered on solid science are going to cause a lot of grief and pain. Having a look at the deaths and destruction caused by early steam power should be an object lesson in what needs to happen to the “IT Industry” if we want to stop the “race to the bottom”.

But I’ve said this a number of times before, but still we have software managing to be sold as a “good” without any liability on the producer. Thus the goods of the software industry fail to meet even the minimum of requirments for “merchantability”, with terible defects sold that came about either by a failure of competence or deliberate negligence.

Most times I’ve said this I have got a “free market mantra” response from some deluded individual. The simple fact is unisolated “free market” behaviour always becomes a race for the bottom, because the “competition cost” is at best negligable[1] or non existant.

If you get into a market with no distance cost metric you had better be first, as such markets tend to start as “winner takes all”. It quickly becomes a multiplayer market that very rapidly becomes a race for the bottom and as a result inovation and hybrid vigour quickly become casualties of war as the money to pay for them disappears with the rapidly decreasing margins. The only way to survive is to in effect make the market you are in artificialy issolated by protectionist measures to keep out competitors (which is very obviously non “free market” behaviours).

Thus after a little thought you realise that “Real Free Markets are Doomed Markets” that can not survive. To not just survive but thrive markets need constraint that applies uniformly to all players, or atleast sufficient players to make innovation the way to profit.

Innovation is a thoughtful process of refinment that requires both research and testing. Which requires resources two of which are time and investment. Short term thinking does not give either of those.

Thus the real selling point of Agile / etc is the illusion of “faster cheaper”. Thus in an unhealthy thought process it becomes “quick profit”. Which might be OK for the 1% of the 1% who leave the tab for others to pay, but it is unsustainable in both the long and near terms…

I started thinking about the issues back in the mid 1980’s, but it was a meeting with Manny Lehman FREng whilst doing some work with a London University that started me thinking about it in more depth. You can look up Lehman’s laws with respect to E-type Systems and the work of others that resulted in them. Back in 1991 I wrote a paper “Pyramids to Diamonds” for a company I was working for describing the software design process and it’s significant failings and increasing costs based on a power law, and how to keep the cost down by using similar engineering processes used by safety critical mechanical and electronic design engineers. I was not alone in this thinking and it was not untill the mid 1990’s when participating in the activitied of another University that I heard about Ward Cunningham’s notion of “Technical / Design Debt”. I’d presented a re-vamped “Pyramids to Diamonds” paper when one of those there drew comparison with Ward Cunnigham’s rather pithy way of comparing it to financial borrowing debt with compound (power law) intrest.

Since then the Technical/Design Debt field of research has moved on and the results have been incorporated in many design paradigms. However, it needs to be said that the only part many managers appear to be interested in is “faster cheaper” to reduce time to market. Presumably on the assumption that the sooner the minute the software starts paying the more profit that will be made… It’s the same principle “Cowboy/jerry/fly by night builders” appear to work on with the old joke about “Messrs ‘Steel, Grabit and Rune Ltd'”.

Any way it’s lunch time, the tea is brewed, and somebody is going to pop up and say I’m wrong or the posting is to long etc, so I’ll stop for a nice cupper in peace whilst I have it 😉

[1] Economists tend to fail to eliminate their assumptions. In a traditional tangible good market as anyone involved in logistics will tell you “distance costs”. In fact more wars have been lost due to “distance costs” than any other cause. As with all conflicts –which is what markets are– fighting on home turf is a fraction of the cost of some foreign field.

Thoth September 5, 2016 7:39 AM

@Dirk Praet

Thanks. Verified 🙂 .

re: That sounds reasonable and actually simpler.

It was never intended to be complicated. While I am typing away on the posting here, I can take my time to batch copy all the timestamps of my post and then push them to my Github at the end of the day via a bulk update of timestamps and one shot sign all the updated timestamps of all my post 🙂 . No need to hurry at all. I could even go on a holiday for a month and not bring my signing key and keep posting until I come back home and load my key, bulk update the timestamps and then one time sign them again.

The one time public key and Github URL posting is just a one time setup cost of exchanging some long RSA public keys. After that, you won’t be seeing hashes and signatures on the posts here (as you noticed recently I have been updating my Github and signing them).

Other posters here prefer to sign every single message and that might not be a long term solution due to the fact that signing is not a painless event for those who don’t know or are new to use PGP/GPG/Signify. In fact, the Git has a -S flag which makes signing transparent. All I need is slot in a smartcard with my PGP keys and enter the PIN for the card and Git does the GPG routine calls for me and gets things done without me worrying too much. If I need to check the signature, I use “–show-signature” flag and it shows me the results of all the signatures created with the commit logs inside Git.

I believe this is a more longer lasting method as the user doesn’t need to sign all the time (do bulk sign), does not need to maintain a domain except for Github public accounts and a PGP keyset for signing (preferably in a HSM or Smart Card like me) and also Github and Git has a larger audience and userbase and I can update my timestamps and sign the commits whenever I feel like it in batches instead of per-message signature. Easy, tiny, compact, swift 😀 .

Thoth September 5, 2016 7:51 AM

@Dirk Praet

You are still lacking one more element in your Github sig. Could you go to your Github setting and inside the “SSH and GPG keys” set your PGP public key. Once you have done that, you can go to your “Commit” page and all the “Unverified” will turn into “Verified”. The shortcut to verification is simply to enter someone’s PGP signed Commit page and look for the Verified tag. That way, you don’t need to clone someone’s Github repo and do manual signature checking despite the Git signature checking is actually as simple as “git log –show-signature” (need to import that person’s public key into your PGP keychain before running that command). The web-based Commit page does the signature checking (assuming Github is honest) as it has a cache of everyone’s public keys when someone updates their public keys via the Settings page to Github.

Dirk Praet September 5, 2016 8:34 AM

@ JG4

I really like the authentication/signature scheme using PGP, not that I could implement it.

Why not? The entire setup is actually quite simple:

Signing your posts:

1) Generate a PGP keypair if you don’t already have one.
2) Create a Git account and a “schneierforumsig” repo in the Github webinterface.
3) Go to “SSH and PGP keys”-section of your profile’s Settings. Add public keys for both if you haven’t already done so.
3) Clone the repo to your local hard disk with a git clone https://github.com/your_id/your_repo
4) Edit the README.md to reflect your own thoughts or just copy @Thoth’s or mine. Mine contains the commands to execute to sign-commit and verify commit signatures.
Add your PGP public key or a key server link to it at the bottom. Optionally, do the same for BSD signify or other key systems.
5) Create a “forum-posts” directory within the repo
6) Create an empty file in DDMMYYY name format in that directory when you’re going to make a post
7) After you’ve made a post, add your comments date/time stamp on the forum as a record to current day file. Prefix with your handle, optionally append thread name.
7) git add and sign-commit the changes you’ve just made: git commit -a -S -m ‘(some identifier)’
8) git push to remote Github repository
9) Done. Repeat 7-8 for each new post you wish to sign or do a bulk update whenever you feel like it.

Verifying others posts:

1) Obtain and sign poster’s public key
2) Go to poster’s Git hub commit page of their Schneier blog signed posts repository. Check if commits have the “verified” status.

Alternatively:
2) Clone/Update their “schneierforumsig” repo to hard disk.
3) Verify pgp signatures for specific posts with ‘git log –show-signature -1’.

@ Thoth

You are still lacking one more element in your Github sig.

Oops, my bad. Solved.

Easy, tiny, compact, swift 😀 .

You forgot “clean”. I totally concur and I prefer this method over the others suggested so far.

(preferably in a HSM or Smart Card like me)

I have just ordered myself a Yubikey Neo and intend to spend some serious time test-driving that stuff of yours now that I’ve got your email address and can harass you directly 😎

If the NSA or anyone else is lurking: now is your time to interdict its UPS shipment. Act swiftly and decisively!

Thoth September 5, 2016 8:55 AM

@Dirk Praet

re: NSA interdicting Yubikey Neo

I prefer to order my own smart cards or USB tokens and then ask the vendor to set a “transport key”. That way, when the token reaches, you can use your own “transport key” to check the integrity of the hardware and later reset the “transport key” to a live card management key.

You could email or ask on the Yubico forum on how to check for authentic Yubikey hardware. They should have some steps available to detect hardware tampering. I know that Ledger (a competitor of Yubico) have a Root of Trust keypair they publish on their webpage or Github (forgot which was it). Ledger’s software also comes with a hard-coded RoT public key and once the Ledger devices are plugged in, the software would start detecting for tamper via Challenge-Response function before allowing users to proceed using the hardware every boot up of the software. Ledger also went for the extra step of using tamper evident holographic tape to seal the packages. There are people who can bypass the tamper evident holographic tape (when given enough time to forge) and that is true but every extra security feature added will definitely make attacks much more expensive even if they only add a little bit more security.

Nick P September 5, 2016 9:16 AM

@ Wael

A combo of review, static analysis, and testing would do wonders. One of the main values in formal methods is specifying at a high level exactly what you’re doing, how, and why it works. The good news is that there’s lightweight versions of it like model-checking and design-by-contract. I’ve often posted Altran/Praxis’ Correct-by-Construction approach that uses Z for specs and sometimes design constraints with critical stuff implmented in SPARK Ada. The Amazon team doing distributed systems is using TLA+ with great results. I met another person who uses Alloy, an ultra-easy analyzer, to check implementations of abstract, data structures. A Navy team used it on protocol engine of a VPN. Groups like ones behind Perfect Developer and SCADE give you high-level language for design/reasoning that extracts to statically-checkable C.

So, there’s easy routes that give you quite a few of the benefits. Now, Design-by-Contract deserves its own special mention. You can do it with a language and tooling designed to handle it like SPARK Ada or the Frama C that ab likes. At C level, some do it with fancy asserts. Point is that the operational assumptions about what data will go in, what will go out, what properties should be maintained throughout execution… these are all specified in the program in a machine checkable way. So, your tooling raises alarms when you misuse your code during an update or integration. It’s not as big a burden as full, formal methods. Eiffel and SPARK users been getting good benefits out of it.

Far as Agile, there’s quite a few projects trying it in high-assurance. Long known that hybrid of top-down and bottom-up is most effective for various reasons. Iterative as well. Agile methods can ask for a lot more but that’s the basics. What the teams were doing is building the stuff piece-by-piece in an Agile way then submitting it in an organized, waterfall-looking style. The important thing was each piece of the puzzle was there and connected. If Agile enters high assurance, we might see something in development processes along lines of snapshots where we have a solid assurance chain for specific version at specific moment in time. Gotta periodically wait for them to line up again before next release. Or components move fast and integrations take the time. Something.

Wael September 5, 2016 11:13 AM

@Nick P,

A combo of review, static analysis, and testing would do wonders.

This is what I currently recommend for ongoing projects under development. Long lived projects, code that’s been in production for years, and expected to continue for years with minor maintenance can benefit from most of the links you provided. That’s not the case for new projects, though. Can’t afford the time, they have a substantial schedule impact.I’m also hoping this method to be “Programming Language” agnostic, as the other language comparison discussions are orthogonal to this sort of discussion. me thinks.

we might see something in development processes along lines of snapshots where we have a solid assurance chain for specific version at specific moment in time.

Have you considered designing a formal high assurance methodology to fit in the real world’s fast design and deployment cycle, Agile for example? Most of the methods I’ve seen links to are pretty old, and maybe waterfall dependent. In other words, would it be possible to: Design a piece-wise formal method that’s easy to apply to a product on a sprint by sprint basis, then at the end of the cycle run a last cycle of formal proofs / high assurance that takes the output of each sprint and work it out to a final “report”? These methodologies need to keep up with the fast changes in the software industries.

@Clive Robinson,

1, Formal Proofs = Engineering / Scientific foundation = Considered and indepth design = Thorough design.

2, Agile / etc = cut-n-paste / sausage machine code cutting = Ill considered, shallow chuck together = Superficial random non design.

3, Thorough design is an intensive and resource heavy activity. Where as shallow chuck it together non design is initialy a resource light activity.

Excellent characterization! Now what to do? How do we “interface” the two different index of refraction, or how do we match the “impedances” to maximize power transfer, so to speak?

Gerard van Vooren September 5, 2016 12:51 PM

@ Dirk Praet, Thoth, others,

It’s actually quite funny that you have to use github for this kind of stuff. I agree however with @r that if you really want to know each other / who you are dealing with, you should pick up the phone.

Wael September 5, 2016 1:25 PM

@Dirk Praet,

@Nick P and @Wael, to name just a few, are among the most respected and knowledgeable members of this forum, and you are not scoring any points with anyone by dissing them.

Those are pretty high praises that I do not deserve — really! I don’t say that with any sense oh humility; I know a bit of things here and there. I learn and share knowledge and try to have some “fun” while I am at it. If I poke fun at a spelling mistake or a grammatical error, it’s for two reasons: draw attention to non-English speakers of the mistake, or if the mistake has a funny meaning, I’ll highlight it. Doesn’t mean I am a grammarian or have an excellent commandment on the English Language — I don’t. Quite honestly, and perhaps it’s not wise to say this, but the truth of the matter is:

I am a nobody: neither on this blog, nor in the real world. And I am content with that.

That’s honestly how I see myself. There are others, including you and @Clive Robinson, and others, who are more worthy and deserving of this description. But I’ll tell you something: few are funnier than me. Oh, **** that’s probably not true either…

But thanks for the kind words. See, if I were half-way clever, I would have sent a link of this to my boss for my next review 😉

Gerard van Vooren September 5, 2016 2:26 PM

@ Wael,

Excellent characterization! Now what to do? How do we “interface” the two different index of refraction, or how do we match the “impedances” to maximize power transfer, so to speak?

The short answer is “go with the flow”. Make sure you have no accountability (there are lawyers who can arrange that) and make a quick buck.

If you do however care about formal verification at PL level, the answer is four fold but it mostly comes down on 1) not having side effects and 2) having immutable data.

If you are in a GC environment and utmost speed isn’t that important, Haskell is the answer. Hands down. It only takes you 6 months to learn but it’s worth it. The code is beautifully elegant. If speed is an issue, go for Go and still make sure you have immutable data and no side effects.

If you are in a non-GC environment (low level programming) the only two options today are Ada and Rust. Both are bloated, administrative and a bitch so pick your poison.

ab praeceptis September 5, 2016 2:52 PM

Dirk Praet

here you got me. I did, indeed, not look closer at windows, because I don’t care.
I spotted “windows” as supported and didn’t look closer. You are right, fumbling
around with some unix stuff isn’t acceptable for many windows users. Apologies.

That said, I don’t like the proposed solution with github and repositories and
whatnot. a) it’s way too heavy for the problem we address and b) adding more
layers and steps that are not vitally necessary isn’t a good idea in my book.

Moreover: What’s our problem in the first place?
It’s not a signature problem; we do not think that evil people at Bruce
Schneiers site change posts. It might be thought of an identity problem; looks
attractive but is unreasonable. PKI is rotten and doesn’t provide what it says
it does and how should we couple of people reasonably check each others
identity? (Probably many would not even want that).

What it boils down to is something along the line “we don’t want to be imposted
and we would like to make it harder for evil or reckless “gamers”.

I’d prefer to have a simple solution for a simple problem.

P.S. concerning that other matter: I don’t care about those ranking games. I take
the liberty to judge for myself and to stand for myself. I’m well intentioned
and being polite is my default anyway.

Many good solutions come from people approaching problems in their own way. We
should value or at least tolerate different people with different approaches
and views rather than try to somehow make them fit into a group. In fact, quite
some of our best solutions came from “heretics” and “misfits”.

Some here love papers and that’s a valid approach and useful. But hands on
people with plenty experience can contribute, too (even if they were less
eleoquent in academic lingo and habits). And, of course, others too.

I will stay polite and respectful where I see a basis for respect but I will
not yield to “A is a prince here!” rules nor will I quietly tolerate when some
alpha feels like attacking me personally or putting along with trolls. Neither
will I tolerate to be subdued to the rules of the world of certain members. I’m
for instance, not defending a PhD thesis here, so why should rules of academia
be applied or tolerated?

Indeed friendly regards.

signify PK:RWSI84is85x0FXvAHyaOZJ69GH0sAt8Nn4UF92EgbOnJMZSLZlqPz1pf
— signature:
RWSI84is85x0Fd8f/UlHvPDj5MLrWTKtvyMB1ZWeozFHZPev5hg60OotRiLrJYWP1kRjsqS938Hz3sTiNYi603swi3/+BY+nPA0=

ab praeceptis September 5, 2016 3:45 PM

Question: given the significant effort required for formal proofs, and the task’s
incompatibility with say Agile development methodology, would you view code
review and unit testing + static analysis + dynamic analysis + testing
(functional both positive and negative, stress — temporal and spacial –,
penetration) acceptable or equivalent?

Some thoughts:

Someone mentioned Haskell and he is right in what he says, and still Haskell is
not per se a solution. Not even because one needs some basic math foundations
but because of mindset. Given the quite normal production context of getting
things done within budget (also in time), Haskell will contribute little.

On the other hand some “dirty” C programmer who has seen the light and wants
good development practices may well create code of quite good quality.

Possibly te single most guilty culprit of lousy software (other than management)
is that usually software is designed from the end. The question answered is not
how to design and create safe code; it’s how to get things done and get them
done in language X.

I never liked “management by [whatever]” and neither do I like “development by”
(such as agile design).

In a way your question is hard to answer. Formal spec, for instance, can not be
compensated for by unit tests and/or no matter how much post-fact testing. More-
over how can one be sure about ones code when one knows little about the quality
of lots of underlying building blocks (e.g.libraries and even the compiler)?

There is only one way to create safe and reliable code, and that is to start at
the algorithms. That can (and currently must) be done by formal spec, formal
modelling, diligent coding (hopefully in a language that at least doesn’t work
against one) etc. In a better world, there would be building blocks which have
been properly specified and tested and languages that carry over the spec. Simple
example: Pascal (and others) allow ranges for variables. This is immensely
valuable because it allows to carry over formal spec (“var x in [some range]”)
which is a math domain spec into the code in a given language.

Also note that many tools that look impressive (testing/analysis, for example)
are a) post fact approaches (and hence limited if not the wrong approach any-
way) and b) based on what?
What are they typically looking for? “Bugs”. What they can do is to find incon-
sistencies, e.g. null pointers or boundary violations. Assume my valid domain
for a variable “days” is 1..31. Using 32 somewhere is obviously an error and it
can be caught by, for instance, an assert. But what if the programmer mistyped
“while( d < 31)” rather than ‘<=’? You’ll have a hard time finding an
analyzer that tells you “suspicion: var range not fully used; possible logic
error”. So, again, one is to ask what those analyzer can do.

But – and that’s a big fat but: They know nothing about ones design and original
intentions. They simply can’t check whether your code does what it is supposed
to do. They are limited to checking whether there are gross problems in what
you did, no matter what for and why.

The real crucial issue is to have a cycle where we can check that our code actu-
ally implements the algorithms properly. For that, however, we need to start
at properly specifying our models and algorithms.

Coming back to my series of recent questions: Yes! Having a language supporting
“for e in s” control structures is a good thing to have. Why? Because it a)
matches math and domain spec (“for e in {1..m} | [loop body]”) rather than being
a hand coded range and b) because it eliminates a whole class of bugs, namely
boundary errors. Well noted, most would probably consider (b) being the attrac-
tive part. It isn’t, (a) is, because it means consistent transformation from
algo spec which equates to front to end verifiability.

signify PK:RWSI84is85x0FXvAHyaOZJ69GH0sAt8Nn4UF92EgbOnJMZSLZlqPz1pf
— signature:
RWSI84is85x0FahXi6BUC2TAJ4cbtQIduSDBZVdym/3oqjt4gRLTdTUexi84EvY13ctF1jefLpHFFzYZHo35NX6hO+0clImM8w4=

Dirk Praet September 5, 2016 4:11 PM

@ ab praeceptis

I’d prefer to have a simple solution for a simple problem.

Yours is a simple solution. @Thoth’s is a really elegant one. I like elegant solutions.

I don’t care about those ranking games.

Neither do I. I just gave you some background information about the ecosphere of this forum. How you go about it is really up to you.

@ Wael

I am a nobody

You really would make an excellent candidate for GoT’s guild of Faceless Men. That said, we are all three persons: who we think we are, how others perceive us and who we really are. I know of very few people with whom all three are perfectly aligned.

@ Gerard Van Vooren

I agree however with @r that if you really want to know each other / who you are dealing with, you should pick up the phone.

Anybody can pick up the phone and make whatever claim about his/her identity. The only more or less reliable method is meeting in person. That’s how we did it when I was a Thawte notary and that’s what key signing parties are still organised for.

@ Clive, @ Nick P, @ Wael

Agile / etc = cut-n-paste / sausage machine code cutting = Ill considered, shallow chuck together = Superficial random non design.

This really is a bit too black and white for me. I know of several teams and companies that have achieved downright spectacular results with Agile-based devops strategies, from inception to provisioning.

ab praeceptis September 5, 2016 4:11 PM

Clive Robinson

Interesting and imo correct thoughts. Let me add something:

It’s plain stupid what they do because they think only in terms of “time to have
all features implemented” or maybe, in happier cases, “time to have a finished
product without screamingly obvious problems”.

As we know (by no means only) from R. Dewar cost per problem increases dimension-
ally over time/cycle step). Spot (or avoid) a problem before coding is cheapest,
spotting and repairing it after rollout is 100s to 1000s times more expensive.
Plus the added “bonus” that post-fact repairs have a tendency to kill one bug
and to create 2 more.

Stupid because one doesn’t need to be an expert and mathematician to look at
usual error rates times post-fact exorbitant costs vs. Some fron-up investment
in proper spec and modelling.

I’m btw amazed by psychological and social factors. When OpenSSL, an open source
project has one dead smelling body coming up after the other, the reaction is
shock, quite immediately followed by an extremely high tolerance level. If a
commercial project had problems of similar gravity they would quite probably
have to close shop and/or pay insane amounts.

But hey, open source projects are the good guys, they are “us” as opposed to
“them” (evil greedy corporations). God bless the OpenBSD people for working on
LibreSSL but, risking to lose any love I might have enjoyed here, that they do
it in C again doesn’t indicate we really learned from the OpenSSL desasters.

Like analzers. The basic assumption is that we need to make sure that we didn’t
create killing monsters rather than finally starting from the assumption that
programs must be properly designed in the first place (and that we still need
more and better tools for that).

signify PK:RWSI84is85x0FXvAHyaOZJ69GH0sAt8Nn4UF92EgbOnJMZSLZlqPz1pf
— signature:
RWSI84is85x0Fa6o6zGAH1DQU6nD2HsAoS+Sd929VzuEP78QZmqEu7NFSD1XyafnGSTZrof23bfkJqyPnDzlxQROU7t3092tdQc=

Clive Robinson September 5, 2016 4:47 PM

@ Wael,

I am a nobody: neither on this blog, nor in the real world. And I am content with that.

Firstly, everybody is a somebody, not a nobody. As was once said “No man is an island”. We have all come from somewhere and are all going somewhere even if we our selves do not know. And on that journey we touch others and their journeys as well.

Which is why to be a nobody in this world is very hard actually realy realy hard. Not just because we have quirks, habits, mannerisms and physical characteristics that make us individuals as near unique as makes no difference. But also regardles of our wishes we interact with people and systems, even if we try our best not to do so (and mistakenly beleive we have not).

Even if you think living off the grid in some wilderness will make you near invisable, no chance you still have to interact with people from time to time. Even if you go to considerable lengths to reduce it, it just makes you more noticeable if you come to somebodies attention.

The thing is these days, the nature of our modern world is every square meter of the earths surface becomes a pixel in some commercial or amateur satellites camera (maximum resolution allowed currently). And thus end up in some repository or database, that some rent seaker will search. When they see your footprint where no footprint should be the bell of their cash register goes kerching.

But perhaps worse there are persistant claims that on a good day some military satellites can read the titles of the newspaper or magazines you hold and even the make of that packet of cigarettes you hold. Even if satellites can not get that level of resolution, we know there are drone payloads using hundreds of cheap digital camera sensors, recording whole towns from a couple of thousand feet up. Giving atleast a square centimeter per pixel or better than 20 by 25 pixels for the top of your head, and more than capable of measuring your body size and gait, along with everybody else in all the streets that surround you. At five thousand feet they can see everything for a couple of miles in all directions simultaneously. This is technology that larger metropolitan police forces can aford to have attached to existing aircraft they already have. And there is little doubt they will get higher altitude long flight duration drones almost as soon as the compliant politicians ink the legislation. Think of the simultanious real time coverage they will get at 20,000ft or more such drones will be able to maintain.

With care you can lead a totaly indoor or “under cover” life in an urban or city environment. But this takes money, and this can be traced, to somebody if there is the will to do so.

But technology enabled rent seakers aside. Human interaction is difficult to avoid and trying to do so attracts attention thus comment and possibly suspicion. A never opened door attracts attention and curiosity, anything odd always does. Thus you have to follow social norms and be somebody even if it is a charade of normalcy.

But on the personal level few are the true zero’s that being a nobody requires. We all either give or take in some way. You can be sure that the janitor in the place you work in is known to some of those you work with, even if it’s just a polite nod or friendly smile to acknowledge their existance. And knowing such people is worthwhile as they often know more about things that are happening than most people credit them with.

But in your particular case, we know you are a somebody. For instance, for those who know where to look, they will find a patent with your name on it, how many others that read this blog have their name on patents? As even you have noted very recently your email address can be likewise found, and that indicates who you have or do work for. Along with other indicators suggests you are not a nobody where you work. Whilst your social life may not be what it might be, your hobby and interest knowledge suggests you do have them and they usually involve others.

So no I don’t think you are a nobody, even if that harsh mistress insomnia might make you feel that way from time to time. And remember I’m not the only one who notices when you don’t show up here for a few days.

Clive Robinson September 5, 2016 6:12 PM

@ Dirk Praet,

This really is a bit too black and white for me.

Unfortunatly, it’s the same for many many other methodologies and paradigms.

What perhaps I’ve not made clear it’s not the tool I blaim but those using it incorrectly. Whilst you can drive a screw into wood with a hammer, it’s not the way to get the best out of the screw, the hammer or the resources involved.

There is a saying of “Company cars are special, they can do 60 in Second gear”. With a moments thought you can see the comment is about the driver and their attitude to one of the tools of their trade. They do not care if they age the car ten times faster than they would if they owned it, in fact you could say “Managment Policy” actively encorages them to treat the car badly.

And managments attitude to software methodologies and paradigms whilst not universaly bad certainly is often fairly awful. But further the code cuters themselves often tend to treat the tools like clubs, let alone the niceties of hammers. The reason can often be found in “Maintaining my worth”, or “How to stay employable ahead of the rest”.

That is rather than get to know and use a tool well they would rather abuse it and discard it for the “next thing” just in case they have need to seek other employers etc.

I’m more than old enough to remember people geting excited about moving from “waterfall” to “spiral” model in the latter part of the 1980’s. We now look back on these earlier models as being inflexible and thus examples of “how not to”. But the reality was rather than use the tools effectively many used them considerably more rigidly and regimentedly than the originators would ever have envisioned. We saw similar behaviour in Project Managment with the likes of PRINCE II a few years later.

The reason for such behaviour is often an indicator of how little confidence the developers have in their own abilities. Thus assume that if they follow the tool blindly it will some how magically make it all OK. That is as daft as expecting a hammer and chisel to some how guide you to the perfect mortice and tenon joint…

Thus those with the asurance of their own abilities will pick a tool or parts of a tool and apply them in a workman like way. Thus they act more as an aide memoire or check list than as a rigid highly regimented code of practice.

Thus some people will apparently use some methodology to achive all or most goals and milestones. Whilst others will repeatedly fail no matter what methodology they use.

Importantly people should remember that no one methodology fits all requirments under all circumstances. And often the requirments of developers and managment bare little or no relationship to each other.

When managment and developers aims and objectives are aligned projects usually succeed. When unaligned the project will fail without external corrective influence. There used to be a US expression for a trouble shooter, specialising in crisis managment, where they got called “firemen”. When you needed the services of a fireman, the first job the fireman did was align aims and objectives, often by having termination authority for dissenters. Whilst that sort of leverage would get people to do what is required in a crisis it’s not a strategy that works at other times as it tends to cause the staff you most need to keep to leave for other employment quite rapidly.

Nick P September 5, 2016 6:45 PM

@ Wael

“That’s not the case for new projects, though. Can’t afford the time, they have a substantial schedule impact.”

No, no, no. You’re falling into a common trap. The trap is thinking you will get new programs done correctly if you disregard the QA stuff. The extra trap is believing this has long-term benefit outside maybe lock-in. The truth is that the extra practices increase the pace you can do development by reducing time debugging. The safer, higher-level languages with decent efficiency also express the solution more easily with less tedium and easier reuse. Moreover, remember that what you put off turns into technical debt that will impact maintenance, extensions, and reliability down the line. So, your program has to be as easy as a CRUD app plus a throwaway for medium assurance tech not to benefit it from the start.

Note: Sun’s DASL toolkit was even a DSL for three-tier, CRUD apps that spit out 100Kloc for about every 10-20kloc put into it. On a safe, fast platform with mods only necessary on the 10-20kloc part. So, even CRUD doesn’t guarantee using manual stuff with testing is more productive. 😉

“Have you considered designing a formal high assurance methodology to fit in the real world’s fast design and deployment cycle, Agile for example? ”

Yes. I’m working on a dozen or so angles for that. What it’s looking like is a specification language with first-order, decidable logic that an automated solver can check. This language can precisely elaborate requirements in isolation or be combined with equivalent code that’s checked against it a la Frama-C or SPARK/Ada. The language should be a combo of functional and imperative system languages so appropriate tradeoffs can be made. A combo of the behavioral specs and language-agnostic test scripts will feed a tool auto-generating test cases for various modules, integrations, and acceptance. I’m thinking on autogenerating code in various languages to run through their static/dynamic analyses as well so various tools catch what others miss for whatever reason. The result is run through either a self-checking, optimizing compiler in a safe language or a certifying, barely-optimizing compiler. Any of the tools doing analyses or transforms produce traces of how they got from input to output that are checkable automatically in the verified provers. Most of this can run in batches where the developer just uses basic functionality with a REPL for fastest iteration time. Certified code is integrated into that piece by piece overnight as it gets vetted.

So, something like that. Specifics vary along many lines with many ways to potentially integrate them. Also a hardware angle where I might want to turn something into an ASIC automatically or use it to help model them in a certified way. Hardware/software architectures that work in unison are already the present. Verified ones will be in the future. Hence, me looking at first-order logic stuff a lot recently given the overlap in software and hardware.

Nick P September 5, 2016 7:47 PM

@ Gerard

“you should pick up the phone.”

I’ve never heard your voices. What would a phone tell me a message wouldn’t? I imagine we’d still exchange information related to previous discussions and/or share proofs from services/accounts that are believably ours. I’ve always done something like that in messaging or in real life to set up initial GPG. It’s what Thoth and I did with usability being bigger issue than authentication itself.

“Haskell is the answer.”

It’s really good. Already used by some financial companies. Ocaml is another solution on those lines that’s more batteries-included thanks to Jane Street’s and other libraries. Easier to learn. Both the ML’s and Haskell have been used for high-assurance programming. They by themselves improve assurance due to their design. The provers that go above and beyond also target their code generation to those languages. So, they’re a win up-front and down the line.

” the only two options today are Ada and Rust. Both are bloated, administrative and a bitch so pick your poison.”

Pretty much.

@ ab praeceptis

Bounds checking is nice. Close to spec is nice. Another thing I like in languages like Ada and some functional ones is existential types. These unique types make sure things don’t get confused just because they take up same space. The reference example is how one module does distance with type miles (an int), another type kilometers (an int), and compiler prevents one from passing data to the other without a conversion. Can also force intelligently dealing with overflow conditions if sizes are different. Maybe build conversion functions in at the type definition level to save boilerplate for common integrations between them. These could hypothetically prevent the loss of a $1+ billion spacecraft or something. Hypothetically. 😉

@ ab praeceptis, Dirk Praet

re signing scheme

The use of a short key was Mike’s original suggestion. I found Bernstein’s to be very small with BASE64 encoding suggested. The problem with it is it puts those characters directly on the comment box in isolation. You don’t know where the signature started, ended, if whitespace was in, or any meta-level stuff you might want to know. The comment box, if formatted or pre-processed, might also screw with the signature. Extra verification from a known source can also be a benefit from when people are lazy or concerned with resiliency. So, I decided on dropping a hyperlink… universally supported… with a standardized, machine-readable form on the other end. Or a comment in HTML or text form with a signature you can pull by adding .asc to filename in URL and just run the two through GPG.

Thoth’s use of Github reduces availability and integrity risks against many attackers although they’re not good enough for nation states. Hence my continuing to use GPG for real confidentiality, integrity, and authenticity on top of web site’s benefits of convenience, compatibility, reduction of riff raff, and availability. I’m experimenting with rather than endorsing the solution as mine just calls for a website under your control that might use any available assurance technologies. Most people will like that Github, a hosting service, or appliance for dedicated server manages most things for them. Example being all the security professionals using various password managers for web sites on a Linux box that isn’t a LiveCD. 😉

@ Dirk Praet

“I know of several teams and companies that have achieved downright spectacular results with Agile-based devops strategies, from inception to provisioning.”

The best components of Agile are (a) doing it incrementally, (b) validating increments against requirements, (c) making increments + integrations machine-tested, and (d) regular human review of various things. The KOOL-AID is all the crap they add on top of that and around it which were untested fads. Also, the myth they came up with the main things to begin with. Interestingly, the guy who allegedly invented waterfall… whose paper the diagram comes from… originally described an iterative process in same paper with many of those things. Fagan Inspection Process (1970’s) was already doing incremental development with code inspections and tests. Cleanroom and Spiral were already doing about all of that with Cleanroom much better in terms of defect reduction.

The reason agile works so well, aside from good things above, is that it’s usually compared to companies using a waterfall-style methodology: something so bad it’s like a strawman that makes their stuff look too good. Except, it’s not a strawman. It’s real stupidity that became status quo for many places. Comparing Agile to an update of the other, basic methods would be more fair and very interesting. Especially Cleanroom w/ functional programming (eg Haskell/Ocaml), Design-by-Contract, automated testing with QuickCheck, or what I call Design-for-Verification a la simplified coding style + analysis in Cleanroom or SPARK (or combo).

@ Clive Robinson

“As was once said “No man is an island”. We have all come from somewhere and are all going somewhere even if we our selves do not know. And on that journey we touch others and their journeys as well.”

Exactly. I stand on the shoulders of giants. More and more. Lets me reach higher than others. Try to grab other people on the way to swing their ass high like in Tarzan or something. Sometimes by the collar and sometimes by the britches. Mwahaha.

“For instance, for those who know where to look, they will find a patent with your name on it, how many others that read this blog have their name on patents? ”

Yeah a patent on real shit is worth some bragging. Here was my award winner. Says so right in Google’s database.

Wael September 5, 2016 8:13 PM

@Dirk Praet,

You *really* would make an excellent candidate for GoT’s guild of Faceless Men.

So I am an assassin now 🙂

@Clive Robinson,

So no I don’t think you are a nobody, even if that harsh mistress insomnia might make you feel that way from time to time.

Thank you! Not enough time in the day to do what I need to do.

or amateur satellites camera (maximum resolution allowed currently)

Meaning?

And remember I’m not the only one who notices when you don’t show up here for a few days.

Yea! I leave for a day, and Mr. @Nick P says he noticed marked improvement in the topics 😉 Reminds me when someone leaves work for another position or company, I usually say: It’s not going to be the same without you! It’ll be much better. They usually smile because they think I’m kidding 😉

Now back to the Agile thing:

@Nick P, @Dirk Praet, @Clive Robinson,

No, no, no. You’re falling into a common trap. The trap is thinking you will get new programs done correctly if you disregard the QA stuff.

I meant formal methods as described in these papers you share. See, there are more constraints which need to be considered. Often, the security group has no say on the choice of Programing language, because of available skill-sets, target platform which imposes additional constraints. It’s the reason i stated it needs to be language agnostic. Yes some languages are more safe than “C” or Java, but changing them is not an option. Then there is the additional time constraints and competing resources. It’s an optimization exercise, too.

The reason for such behavior is often an indicator of how little confidence the developers have in their own abilities.

But testing is a whole different discipline than developing. It requires different skill-sets in addition to coding. There are several paradigms such as FMEA, for example that product developers wouldn’t know (and shouldn’t care about.)

This really is a bit too black and white for me. I know of several teams and companies that have achieved downright spectacular results with Agile-based devops strategies, from inception to provisioning.

Does that mean producing high assurance products in the same way @Nick P sees it?

ab praeceptis September 5, 2016 9:02 PM

Nick P

“[… considered designing a formal high assurance methodology…]”
Yes. I’m working on a dozen or so angles for that.

Funny. We are actually not too far apart, besides for some points (e.g. “What
it’s looking like is a specification language with first-order, decidable logic
that an automated solver can check.”).

With all due respect but that will fail. We do have such spec. tools/languages
but they find regrettable little take up (besides the big corp show cases). It
will (regrettably) fail due to the (wrong and perilous) understanding of what
a programming language is and how the dev. cycle should be.
In other words: The problem is not the lack of spec tools but the lack of under-
standing, readiness and capability to use such tools (I’m convinced that the
current functional wave is some kind of what is considered a feasible and accept-
able compromise).

What we need, I think, is not even spec/modelling tools automagically creating
code. Those exist (as you yourself mentioned recently) but they find little
attention due to the problems mentioned above.

Do, of course, whatever you please but it seems to me that the crux indeed (as
you indicate) is at the interface of spec/modelling – code. The above issues
led me to chose the “opposite” approach. While it is possible and, indeed,
desired to enter the formal spec into code (using the “spec” keyword; how crea-
tive of me) in my approach, I generally bet more on adding some features to the
programming language itself. Simple reason: The human factor. Make it “look
and feel” like a programming language, albeit a somewhat tough one and they might
take it. Make it look like math and they won’t.

They took up functional languages; that creates hope. What many will certainly
dislike is my decision to go braceless and prefer the Wirth way. That makes my
project look uncool but I have solid reasons for that.

Otherwise I think you are on a good way, namely to make sure that analyzers have
far more information and that they check way more than for gross bugs like, in
particular, for algo-code congruence.

I also agree with your “both, functional and imperative” approach but I’m won-
dering whether functional must also look functional. Example: matching. Impera-
tive languages have quite well suited constructs that, with some sensible twis-
ting, can be made to perform matching without looking functional. And I’d add
object-oriented to the mix. Eiffel did very well albeit going somewhat extreme.

One other point that keeps me quite busy thinking is that while such a language
obviously needs to allow for very tight close to the algo spec mechanisms, the
human factor (as well as in vivo habitudes) seem to make it strongly desirable
to also allow for a “start easy and then tighten it down” approach.

I do know about the shortcomings of my approach, namely a rather lose connection
between spec and implementation. But I bet on better model -> code tools and,
more importantly, I have a pragmatic view and experience. Both demonstrate that
if a formal spec is made (and it is by no means made for everything) then code
quality tremendously increases anyway and I bet more on something one might
call a mixture between “rewinding Pasal to pre-Borland” (taking out many brain-
less sins) and “Ada in a human grokable volume” (not 1.000+ pages standard) plus
some what I call sensible modernization and extensions.

Re your miles/km case example: Of course, I get your point but I feel unhappy
about that example because in reality there isn’t too much to keep one away from
nonsense. Sure, my function may use a type KmDistance which will complain about
some value of type MilesDistance. In the end they are both renamed and possibly
tightened down Integers (or Floats) and probably not even range limited other
than being positive. That’s I’m afraid rather an example we’ll never really
catch formally, unless we’re willing to create a bureaucratic nightmare.

However, I value your Arianne example for other reasons. They changed some con-
stants and Bang. Exactly the type of problem we should address. It lies in the
difference between math (ideal realm) and soft/hardware (physical realm). I’m not
too deep in that story but I think it was about an overflow. Can – and should –
a compiler catch that? One may discuss but I think that’s a case of not re-veri-
fying the model after changig constants. Any decent model checker would have
caught that. And keep in mind that just making a type range bigger might well
create other problems. That’s why I’d ask the changed model to be re-checked (as
much as I value Prof. Meyer, I’m not so sure about his claim that Eiffel had
prevented that crash). I take his most important contribution to be DbC (Hoare
triples) which I value immensely, not the least because they are a very practical
and well feasible injection of formal spec into code.

Btw. I think it will be very attractive (if not indispensable) to have strong
set support, quite beyond what e.g. Pascal offers. Quantors, for instance, will
be very helpful.

signify PK:RWSI84is85x0FXvAHyaOZJ69GH0sAt8Nn4UF92EgbOnJMZSLZlqPz1pf
— signature:
RWSI84is85x0FYykgaaAyNURXF7Fx1skXm/Wfyb4pV88MRRL1ne2S2je0sr1HPSPKOMWF/JSbPHA2v6iuOaF4cnZU8qHoehsUAE=

Nick P September 5, 2016 9:03 PM

@ Wael

“See, there are more constraints which need to be considered. Often, the security group has no say on the choice of Programing language, because of available skill-sets, target platform which imposes additional constraints. ”

Give some examples of the constraints and combinations you’re interested in. Otherwise, you’re just going to say the same thing again with different words. 😛

@ All

re UFO’s

A person on Hacker News recently asked on what basis could a UFO constitute a threat to national security that deserves classification. Common responses are things like mass panic or official policy is official policy. However, I thought this response was really good. Easily illustrates simple reasons military would want to classify UFO’s, maybe even highly, to avoid problems for themselves.

tyr September 5, 2016 9:12 PM

@Wael, Clive

The worst thing about leaving a workplace behind
is missing out on your own ‘we’re glad you’re
gone party’.

Wael September 5, 2016 9:22 PM

@Nick P,

That’s more like it 🙂

Give some examples of the constraints and combinations you’re interested in.

Four teams:

  1. Product owner: they control budget and decide schedule
  2. Development team: they own development toolchains and programming resources and the solution architecture. Agile methodology, say six week sprints.
  3. QA / SSDLC: They own quality, bug counts, various testing mechanisms and certifications, in addition to code reviews and secure coding training
  4. Security team: Overall responsibility for making product secure. They have little to no say on other parameters other teams control. They can specify the algorithms and everything else relating to security architecture

How do you see team 3 & 4 achieving the best security posture under these constraints in relation to the formal methods you shared and my original question about the various piece wise testing megodologies? Programming language is not an option to be changed, but additional methods or steps depending on the language choice are acceptable.

Wael September 5, 2016 9:56 PM

@tyr, @Clive Robinson,

‘we’re glad you’re gone party’.

Not if you have ‘I’m glad I left party’ 🙂

Wael September 5, 2016 10:21 PM

@Nick P,

Easily illustrates simple reasons military would want to classify UFO’s, maybe even highly, to avoid problems for themselves.

Funny response, not far fetched from what really happens. Remember the 1960 U-2 incident? https://en.m.wikipedia.org/wiki/1960_U-2_incident?

There is a related recent one: barrel rolling: http://www.cnn.com/2016/04/29/politics/russians-barrel-roll-air-force-plane/

And they wonder why Rooskies keep doing that? They watched top gun, that’s all! Hammer & tickle me 🙂

Clive Robinson September 6, 2016 4:07 AM

@ Wael,

Meaning?

Put very simply the “powers that be” don’t want competition in the high resolution game, or for that matter the real time game either.

Due in part to a French company called SPOT, supposadly being contacted by Iraq to buy realtime images of the areas where the US were going to invade.

Effectively those with “influence” over those with “launch capability” regard both high resolution and realtime imaging capability as almost the equivalent of WMD as a capability. Thus various things like “export licences”, “security clearences” etc will not happen if you try to get better resolution, positional accuracy or non vetoable real time imaging capabilities.

The thing you have to ask is what scares the US military more, North Korea developing nuclear weapons and delivery systems, or North Korea putting up imaging satellites and selling the images of US and other “aligned nations” capabilities to “nonaligned nations” to use for amongst other things showing the US to be lying through their teeth or intel on where their carrier or battle groups are?

What most people have not woken upto is asymetric warfare happens on all levels in the “David -v- Goliath” game, and whilst Goliath might win the battle they almost always loose the war.

For instance, look at the cost of a US carrier group, it’s very high value increadibly slow moving and predictable and due to a “top gun ethos” quite range limited compared to more modern technologies. That is certain weapons like torpedoes that turn into missiles with tactical nuke tips, are rather more than a “bad hair day” for a carrier group. Likewise low altitude “wave skipper” missiles are way way way cheaper than a modern US jet fighter and have well over the range of the jets. Even payload capable drones have much greater range and endurance than jets.

The “carrier group” had it’s brief day of near glory in WWII, since then it’s been a “sitting duck” to anyone who knows where it is and how to aim, and has the technology.

The other thing that WWII taught the super powers is that submarines are the way of the future, if and only if they know where to aim…

The thing is that the Korean War of the 50’s showed that super power military forces are very vulnerable to asymmetric warfare, the Vietnam War of the late 60’s early 70’s brought that message back to “the folks back home” rather starkly.

And all that time surveillance technology has been improving exponentially.

Sitting on my desk currently are the designs for a satellite that you could build yourself as a hobby project (it’s the testing that’s the real hole in the pocket, not the electronics which are almost pocket change). Oh and you can by all the electronic components out of the DigiKey catalogue no questions asked. It’s something my local University are looking at for under grads to build. Likewise in a similar vein something else I have on a different desk (ie work bench) that I’ve been knocking together is a prototype set of mechanics to combine the optics of a telescope you can buy in a high end store with the guts of a high end digital camera you can likewise buy in a high end store. I know you can do the maths on the potential resolving power. The actual design is for a very rugged “looking up” to find satellites and similar near earth objects, that you could backpack up a mountain. Though it’s quite small quite light and sufficiently robust enough to be launch capable, all it realy lacks is a secondary “star fix” camera facing in the opposit direction so you would be able to accurately determin where the main camera is pointing on the earths surface.

But the US and friends may find their “choke hold” monopoly on launches to be rapidly comming to an end and not just from the likes of Elon Musk… Back in the Korean War the US Airforce had a bit of a shock with regards the CCCP aircraft capabilities. The result was they asked for a new aircraft that had speed, altitude and maneuverability. Well on the old “perm any two of three” they got the Starfighter / widowmaker / “man on a missile” with speed and altitude but poor maneuverability. These 1950’s aircraft are still flying today, and a US Company is looking at using them to launch Low Earth Orbit CubSat payloads via the weapons pylons. The launch costs being in the tens of thousands not tens of millions, oh and launch availability being weeks not years with you not others selecting orbital parameters.

Lets put it this way, a small country with big aims could go down the same route to get surveillance sats to do the “finding and location” so that a submarine could be given targetting information to take out a trillion dollar investment carrier group… Trust me when I say it’s the sort of asymetric warfare that realy realy realy scares the MIC, because some congress critter might wake up and close the tax dollar spigot they are reliant on for theor life styles.

Dirk Praet September 6, 2016 5:57 AM

@ Wael

So I am an assassin now 🙂

In GoT’s fantasy realm, you’d make an excellent candidate. Their credo is “I am no one”. Because no one can be anyone, which makes them undetectable and is a highly important skill in their tradecraft.

Does that mean producing high assurance products in the same way @Nick P sees it?

That’s ultimately where they want to go. Traditionally, in any approach, security is an afterthought, generally boulted upon an almost finished product design. DevOps represents a paradigm shift in that security considerations (next to QA/SSDLC and other elements) are included in the first stages of product conception and development and for which a growing number of practitioners use something called the Security Devops Maturity Model (SDOMM). It’s a sort of project roadmap that aims to reach high levels of automation in checking every known security aspect during the Continuous Integration (CI) build chain.

I can easily see @Nick P’s proposed HA approach become an integral part of this model, and – of course – where applicable as to avoid the obvious Prince2 (or ITIL) “overkill” pitfalls @Clive referred to. It would be interesting to discuss this with Patrick Debois. He’s a former colleague of mine, a security nut and one of the godfathers of the DevOps movement who has even managed to talk Disney into taking that road. The Star Wars-themed presentation of their current strategy at a recent DevOps Days conference looked downright spectacular and came very close to an IT nerd’s ultimate work environment’s fantasy. (next to working at the LHC in Geneva, that is)

I have been following the entire DevOps thing rather closely over the last couple of years, and although it’s pretty young, I think it’s a very interesting methodology that is growing and maturing quite well. I’m actually surprised that it never gets mentioned on this blog, as its security implications in a corporate context can be rather significant.

@ ab praeceptis

When OpenSSL, an open source project has one dead smelling body coming up after the other, the reaction is shock, quite immediately followed by an extremely high tolerance level.

I wouldn’t call it “high tolerance”, but realisation that you’re getting what you’ve paid for and what you’ve locked yourself into. The entire world, private individuals and corporations alike, were using it without anyone contributing a penny, the development and maintenance team consisting of a bunch of basement geeks working on it in their spare time. IIRC, one of those horror vulnerabilities was even introduced by a guy committing changes on a lonely Christmas evening.

So what do you actually expect? That they’re gonna be paying punitive damages when it blows up in your face? And OpenSSL is not alone. GnuPG, NTP and many others are (or were) in the same boat. It’s the main reason why many FOSS projects eventually go tits up or why Linux grsecurity patches are no longer free. The good thing about the OpenSSL debacle was that many people have now finally realised that FOSS projects need funding too and that in the end there is no such thing as a free lunch.

As to LibreSSL, I get your frustration that the developers went C again, but that choice is ultimately the prerogative of the folks who put in the actual effort, not of those standing by. I’d welcome a fork in Haskell, ADA, Pascal or whatever, but it would seem that everyone proficient in any of those languages is either otherwise occupied or not quite up for the challenge.

ab praeceptis September 6, 2016 1:16 PM

Dirk Praet

Oh, I picked OpenSSL only for reasons of obviousness. Of course, you are right, there is a long list.
Besides social and psychological factors which you mention, there is certainly avery tolerance level, too. Hint: I’m still hearing the 1.000 eyes credo although, in fact, not even 4-eyes did actually work. I call that very high tolerance.
And btw (being my other reason to pick out OpenSSL) we’re talking about the security crownjewels for 98+% of the people, not about yet another audio player thingy.

“So what do you actually expect?” – First: What I expected was quickly shown wrong and possibly stupid. I expected that the whole open source community would at the very least sit down and think-talk and the establish some half-way sensible rules.

“without anyone contributing a penny” – well, yes and no. The no part stemming from billions of $ having been poured into open source and from multiple major projects, in fact, being run by full time employees or sponsored people.

“the developers went C again, but that choice is ultimately the prerogative of the folks who put in the actual effort” – is that so and, if yes, is that good or even acceptable?

hbtype = *p++;
n2s(p, payload);
pl = p;

...

*bp++ = TLS1_HB_RESPONSE;
s2n(payload, bp);
memcpy(bp, pl, payload);

“Funny” sidenote: Both n2s and s2n inc by 2 the pointer.

Obviously the people who coded OpenSSL are not “quite up for the challenge”. Simple reason: They obviously didn’t have the maturity to properly code in C.

And, when looking at that code, keep in mind that we now know about heartbleed and look at the code with that knowlegde. The people working in it, however, didn’t know that. To them that was just some of thousands upon thousands of lines of code. And so it happened that not any Joe or Harry missed the problem and authorized the code (but a professional at a university).

They fucked up in pretty every way possible, abusing C to the limits of its weaknesses.

Am I expecting better, much much better from the LibreSSL guys? Certainly! But still, C is a beast inviting to make errors.

Nick P September 6, 2016 5:40 PM

@ Wael

Wow, that’s a rough setup. There’s a few approaches you can take with it. Let’s start with the development angle.

  1. Get them communicating and collaboration. The QA and/or security teams need to work together to find ways to embed those properties into the development team’s process. They should talk to the product owner and development team about improving the toolchain or programming aspects. They should give them stuff that’s close to what they use, takes minimal work, and delivers benefits. Sell them on long-term productivity benefits, esp in maintenance mode, of getting the interfaces and tests right. A great example of this approach comes from Microsoft Research where they have many, practical tools to help out. The Spec# tool gives C# contracts, the Dafny language can statically check algorithms, SLAM checks drivers, and so on. Each of these can integrate into Microsoft developers’ flow with little work and plenty benefits.
  2. They cede nothing but still communicate. This is getting bad. In this case, the QA team can mock-up what the development team produce in tooling amenable to model-checking, static analysis, test generation, and so on. They’ll use spec-based checking and test generation. Most of their work will be specing out modules. They ask developers about them to get precise answers to what they do in what contexts to be encoded as specs. They report errors with alternatives suggested if they can tweak it enough to pass verification. If it’s parsers or protocols, they might also show how to automate those with easy tool.
  3. They also don’t communicate. This is the most screwed-up form of verification. You basically have to reverse engineer the code, guess specs, guess tests, and do some amount of verification. This takes too much time to be practical if developers are moving fast. So, the code should be prioritized along two lines: modules that will be called the most in common use-cases; areas like crypto, input validation, parsing, timing, naming, concurrency, etc that developers screw up the most. Just keep testing, specifying, and analyzing such critical areas one by one with incremental improvements to the system. Even if QA falls behind, the most critical parts of the system will have fewer bugs.
  4. They hate you and it’s on. In this case, you’re image is screwed regardless because they will ignore QA and security advice but blame you later. So, you do as you do in 3 where you spot and knock out as many, severe problems as you can. You email summaries of QA’s findings on a regular basis to the product owner with CC’s to other important people. You do this on an account they don’t control. You have your people learn Haskell, ML, or Typed Racket to rewrite every submitted component in it. You’ve already subjected these to static analysis, QuickCheck, and other tools. The stuff you use for No. 3 is actually generated by this process. When the owner’s product implodes, you will walk into the witchhunt with both the emails and a working product your team did in a fraction of the time. You deliver recommendation, via emailed report and face-to-face presenation, to senior management to use such methods on next project to avoid disaster that happened with owner’s. You are now the owner or the owner is at least your bitch. Have a well-earned drink. Mwahahaha.

@ Dirk Praet

“I have been following the entire DevOps thing rather closely over the last couple of years, and although it’s pretty young, I think it’s a very interesting methodology that is growing and maturing quite well.”

Everything I’ve ever seen on it is a pile of jargon, fanfare, and buzzwords. Often with “sign up” or “pay up” to learn more. I’d love a down-to-earth, text introduction to it that covers the problems, the “DevOps” solution to them, expected benefits, and proof they work. I’m hoping you have one or more links to something like that.

” I’d welcome a fork in Haskell, ADA, Pascal or whatever, but it would seem that everyone proficient in any of those languages is either otherwise occupied or not quite up for the challenge. ”

(shrugs) Might be true but one might also note clean-slate, TLS implementations are scarce in all languages. Almost nobody attempts it. Best news I’ve seen is Madhavapeddy et al’s Ocaml implementation of TLS described here. It uses many techniques of increasing assurance such as memory-safe language, modularity, pure functions where possible, and interface checks. I found the section with reasons for connection failures interesting, too. 😉

@ ab praeceptis

“Hint: I’m still hearing the 1.000 eyes credo although, in fact, not even 4-eyes did actually work. I call that very high tolerance.”

Exactly. It’s irriating, too, given all the CVE’s piling up that are (a) simple, (b) easy to spot by eye, and (c) easy to spot with automated tools. Not even trying lol… I put together an essay to destroy that meme along with another pushing a false dichotomy that closed/bad and open/good are only options. It’s here.

“is that so and, if yes, is that good or even acceptable?”

Yes in this case. It’s not good: just not so bad. The reason is that the OpenBSD developers are among the few that get C code right pretty often. Odds were already pretty good they’d find most of the C-related bugs. CVE’s released support that. The other issue is that they won’t switch from C. So, instead of C vs something else, it’s a choice of OpenBSD’s experts in C improving OpenSSL or not improving OpenSSL. Lesser of two evils.

Obviously the people who coded OpenSSL are not “quite up for the challenge”. ”

Oh, you have no idea. I wish I had the presentation link for you from LibreSSL people that I’m referencing. I remember in it, though, they describe a ridiculous construction that should’ve never been necessary. It was unfathomable how they even came up with it. Even as bad as it was, it still had a highlight: it regularly did an endianness check before operating. That’s right. They regularly failed to do basic, coding checks but you were covered in event your system changed endianness in mid-operation. What… the… f….???

After watching commit log and presentation, I stopped using OpenSSL as an illustration of open-source insecurity as they seem to be on their own level. Like you, I mainly use it to refute idea that many eyeballs really works in practice. Although, I think original version was about debugging where more bug reports would come in from more use cases. That’s what I got out of reading ESR’s essay.

ab praeceptis September 6, 2016 6:47 PM

Nick P

The reason is that the OpenBSD developers are among the few that get C code right pretty often.

Certainly. No doubts, the OpenBSD people are among the finest C coders.

But there are some ugly buts. One important one is readability. C is pretty much write once, hopefully never read. Of course, on can create readable code but that quickly leads to insane situations. I once was a “cool hacker” myself who considered it a plus to create unreadable code (basically to feel superior), who would argue that “begin … end” is so much more verbose than {}, and who would consider arithmetic (preferably tricky) on double or triple indirection cool – wow, was I cool (and utterly idiotic).

In a professional context readability is a conditio sine qua non; you don’t have readability = you’re wasting resources and you’re making debugging, code changes, and maintenance hard and you are increasing chances that any changes will create trouble.

Or, in other words, no readability -> heartbleed.

There was a supposedly experienced academic 4-eyes-looking at what became heartbleed. I posit that heartbleed is, to a large degree, the outcome of C’s non-readability.

Then, decades ago, I also considered the compiler my enemy. While feeling oh so smart I actually was too stupid to understand that the compiler is my friend and the more so the more picky and rigorous it is.
I still occasionally use C; one just has to. But today I code very responsibly, even over the edge to mistrust. Like a woman in a see-through dress walking in a really bad neighbourhood. I’m trying to use what I take granted from way better languages and I regularly find myself looking for ways to bring at least some good things to my C code.

Yes, one can produce high quality C code – but the price one pays, the efforts one has to put into it is just ridiculous (and hardly defendable in economic terms).

As I happen to spec and model at least any sensible or critical parts I already have the domain specs for my variables. When using C I find myself to hand #define them (and yes, I feel strange doing that) so to write stuff like ”

define someArray_MAX 32

char someArray[someArray_MAX];

for(i = someArray_MIN; i < someArray_MAX; i += 1) …” where in Wirth languages I just use the
built-in Low()/High();

Or I find myself tinkering about assert constructs that give me at least some minimal pre and post conditions (let’s not even talk about invariants).

For more sensitive stuff I invariably use ACSL and easily double source file size while decreasing readability but well that’s a price I’m gladly willing to pay. If there is a formal
spec I include that in comments close to where it’s implemented. And I always have in mind that one day a colleague will have to read and understand it well. In fact, I try to make thing in a way that, if any possible, make it hard for him to misunderstand.

I’m pretty close to the point where I consider C to be a meta assembler, an intermediate language. The distance between formal algo spec/modelling to code is just too big. That, btw is my main interest in the functional family: that proximity. I don’t think they are a long term solution but they have demonstrated and made me understand something that I definitely want in a language for sensitive stuff.

Plus, again, readability. This isn’t the 80ies anymore. Our editors nowadays offer snippets, syntax highlighters, code completion and whatnot. “verbosity” (typing) just isn’t a concern anymore. We shouldn’t care in languages about problems that are basically issues for editors nowadays.

(Plus, but many anglophones won’t know about that, many symbols like e.g. {} are not comfortably typable on non us/uk keyboards. Say, “be TAB” to get my editor fill in “begin … end;” actually is easier for me to type than braces).

Dirk Praet September 6, 2016 8:12 PM

@ Wael

I’d love a down-to-earth, text introduction to it that covers the problems, the “DevOps” solution to them, expected benefits, and proof they work. I’m hoping you have one or more links to something like that.

Let me talk to Patrick and we’ll see what we can do. He’s travelling a lot and appears to have gone off-line again so I’ll have to try and get him on the phone.

@ ab praeceptis

The no part stemming from billions of $ having been poured into open source and from multiple major projects …

Yes, but that’s a bit of a straw man argument in the sense that little or nothing had ever gone to OpenSSL. There is no argument here that it had devolved into a complete and utter disaster, that everybody ignored the writings on the wall and that in hindsight it was being developed by folks with good intentions but with questionable coding skills, to say the least.

The part I’m having an issue with is that you’re shooting at people who in their free time and on a best-effort basis wrote a piece of software few others were working on, which they never made any money off and probably to their own surprise at some point had become a critical component in internet communications. And that’s totally unfair. If anyone is to blame, it’s all of those who blindly adopted it because it was free, remained deaf to all warnings, willfully bought into the “1000 eyes” myth and then cried bloody murder when it blew up in their faces.

On the topic of LibreSSL, I fully agree with @Wael.

I’d prefer to have a simple solution for a simple problem.

Since I can be a bit of a git sometimes and had told you I’d look into your signify proposal, I have done some digging to which extent it could also be a practical solution. For starters, it’s not present by default on any of the systems I have tested, and nowhere have I found any GUI implementations.

1) FreeBSD: ‘sudo pkg install security/signify’. I didn’t bother checking other BSD variants as it will probably be there too.

2) OS X: ‘sudo port install signify’. I’m not sure the average OS X user has MacPorts installed or would be willing to do so for a 100k cli utility.

3) Windows: No binaries to be found anywhere. The Github Windows port here requires the MinGW environment. So I downloaded and installed mingw-64 on Windows 7SP1, which takes almost half a Gb. on disk. After some mucking about with paths and environment variables, I got the source to compile a +/- 100k signify.exe cli tool. This static binary worked on both Windows 7 and 8. I didn’t test Windows 10.

4) Linux: within the Debian family (Debian itself, Ubuntu, Gentoo, Mint etc.), several distributions have signify-openbsd .deb’s in either standard or 3rd party repositories which you can either install through their GUI package manager or simply with ‘sudo apt-get install signify-openbsd’. Kali was the only one I tested that had it in its standard repositories. TAILS, Whonix and Raspbian, like Kali based on Debian Jessie, didn’t.

In the Red Hat/SuSE family, I didn’t find any signify-RPM’s anywhere. So I tried compiling two source packages found here and here. The former compiled clean but didn’t inspire a lot of trust, the latter only did after some serious tweaking of linker flags as well as one modification in the signify.c source.

5) iOS/Android: Nothing found.

In short: the only platforms offering a working out-of-the-box signify solution are BSD and a number of Linux distributions. All others require minor or major mucking about that is probably beyond the average user. Tablet and smartphone posters are out of luck.

In comparison, @Thoth’s proposal is 100% cross-platform, involves no overhead or compilations and can even be limited to a PGP/Git installation on one device only as the signing can be done from any device any moment after posting your comments, also by people who have posted from their tablet/smartphone and can’t be bothered to put PGP/Git apps on them just for this purpose.

Wael September 6, 2016 8:29 PM

@Dirk Praet,

Let me talk to Patrick and we’ll see

The request came from @Nick P, but I, also, would be interested in such a solution.

@Nick P.

Wow, that’s a rough setup

Hypothetical one, but not too remotely detached from some organizations I have seen. Appreciate the feedback.

ab praeceptis September 6, 2016 9:20 PM

Dirk Praet

“billions/open source”

Yes, openssl did not get any major share of the billions, afaik. But while I respect your view mine is that this raises the question “why?”. Fact is there is an open source community and fact is there has been lots of money and corp. support pumped into open source – and yet openssl (if you are right) didn’t get the support and means it needed.

Hey, we’re talking about the crown jewels, about something that is the underpinning of many things related to security, incl. vast parts of the web.

“you’re shooting at [well minded openssl] people” – a) no, I’m not shooting at them and b) if I really did than I would be shooting at people who, for whatever reason, fucked up and big time. And mind you, they knew that they were not working on some hobby project but on an immensely important one, one that, if fucked up, would create a major mess throughout the world.

And yes, there I agree, part of the problem is also that people just took whatever was served without looking or asking questions. But my argument was not “the people are correct, it’s them openssl devs. who are evil”. Not at all. My argument boils down to “look at the result, what or who ever may be guilty party(ies)”. Oh, and a side issue is also whether open source really is the paradise. I personlly do’t think so. Not at all. Nice well-minded people giving away stuff for free, objectively looked at, is just not enough. In technology social and political factors are not enough, there is more needed. Knowledge, expertise, project management etc. can’t be replaced by “nice, well-minded, and free”.

For those who don’t agree I have a suggestion: Why dentists and doctors? I know people who are well minded and will take care of your medical problems for free. Maybe you won’t survive or you will be maimed but it’s free and it’s done whit good intentions.

We can turn that any which way we want but there are some ugly facts. And no, it’s not OK as we now have LibreSSL. OpenSSL was a bleeding security hole collection for many years and during that time privacy has been broken, people were robbed, and lots of other damage has been done and suffered, maybe even whole governments have been pushed around or rooted.

“signify”

FreeBSD: pkg search signify -> It’s there, both as package and as port. Debian has it too.

Otherwise, yes, you caught me sloppy. My fault, apologies. It was stupid from me to trust funny “supported systems” lists and it was also stupid to not check windows (which I dont care about but many people do).

My lame (but true and honest) excuse is that my mind was half absent (thinking about building something really cross OS, tight, and secure based on NaCl/sodium).

Btw: I might look stubborn but my guts still tell me to dislike a solution based on multiple steps/providers/inet.

Wael September 7, 2016 2:28 AM

@Clive Robinson,

Oh and you can by all the electronic components out of the DigiKey catalogue no questions asked.

Because they know the devices won’t survive in outer space without the right level of protection. Radiation, extreme temperatures and pressures are not friendly towards commercial off the shelf devices.

determin where the main camera is pointing on the earths surface.

Easier to work under the assumption that you are working in the open, no need to look at the satellite’s camera. Innovative thinking, though. I have a Newtonian telescope that I got a few years ago. Only used it a few times.

Bong-Smoking Primitive Monkey-Brained Spook September 7, 2016 2:36 AM

But Aglaya had much more to offer, according to its brochure. For eight to 12 weeks campaigns costing €2,500 per day, the company promised to “pollute” internet search

Bastards! They only paid me 50 cents per post to pollute this site! I know they spent around €72,500 on sockpuppets last week. I got the short end of the bong!

Bong-Smoking Primitive Monkey-Brained Spook September 7, 2016 2:40 AM

Yet, @ianf and @Rolf Weber retired! They made out like bandits!

Clive Robinson September 7, 2016 3:00 AM

@ ab praeceptis,

I’m pretty close to the point where I consider C to be a meta assembler, an intermediate language.

I personaly find C less expresive than assembler, and for some of the stuff I do, C is way way less usefull than assembler.

As I’ve indicated befor C was a child of it’s times. It’s main reason to exist was “machine independence” where there was almost a new CPU instruction set to learn every month or so.

The problem was abstracting out the commonalities of the many different CPU instruction sets to get a usable subset and stay within other resource constraints.

It was the “resource constraints” that were by and large the reason that what was abstracted out was way less than could or should have been. Also the work they were doing at the time coloured their choices, thus there was much more on string handeling for arbitary document sizes than large integer maths for finance etc.

You can see this carrying through from a very level with the choice for out of band signaling for string sizes. There are the two basic resource constrained ways, “Pascal strings” and “C strings” from many asspects Pascal strings are far safer to use. However at the time within the resource constraints C strings would have looked more efficient usage of a very scarce and expensive resource “memory”. At more than a dollar a nibble, the memory cost constraint affected even ALU design and thus processor bus widths. It’s why you had 24bit and 36bit data widths on some high end “big iron” processors.

Today memory size is very far from being a resource constraint (it’s access speed that’s todays problem). Thus if we were redesigning character strings we would almost definitely ditch C string OOB signaling and use enhanced Pascal OOB signaling that is we would have an array of memory boundry aligned with not just the size of the array but also the charecter size as well. We would also almost certainly put just one charecter in a CPU word. Thus even though we might only need seven bit charecters we would use the processors native integer size be it thirty two or sixty four bit.

Just about every where you look in C you see the ghost of resource constraints that nolonger apply. The one that most gets my goat is those around integer maths. Which as they realy are the fundemental data type has knock on effects with all other types.

But C still has it’s charms for assembler level programers, and those who have to work very close to the metal developing hardware device controling software.

If you have a search on this blog you will find discussions on “Castle -v- Prison” where I argue that there are two sorts of programing that you could loosly describe as “system” and “application”. By far the bulk of programing is done at the application level, and for a whole host of reasons the languages used should be as high level as possible. I indicated that in fact a variation of the *nix shell programing methodology would be the way to go. That is system level programers would develop tasklets with strong security features, that the application developers would stich –pipe– together to make applications.

If people have a hunt around for well carried out studies on total lifetime costs of software it quickly becomes clear that the higher level the language used to develop applications the less the cost at all stages –other than initially learning the language– and the higher the Quality thus reliability and security.

There is however a downside, which is the programers ability to find and fix faults. As a rule of thumb the higher the level the language the less faults there are, but… The type of fault that does occure is much closer to the specification level of the development stack than it is the bits and bytes level. That is they lurk in the interfaces and business logic not the program logic and although less frequent in number they are much harder to find, diagnose and fix. Which is a problem, because high level programers tend not to have the find and diagnose experience.

You could liken it to the zero hour pilots problem. Modern aircraft have become so automated that pilots could almost just sit there and watch. Managment argue for cost reductions so trainee pilots don’t get “flying hours” untill on the job, as “simulator hours” are a lot less expensive. Because the automation takes out much of the “hands on” the pilots do not develop those “hind brain learnt” skills we tend to call “memory muscle” on the job. The result is if there is an emergancy that is time critical the pilots can be way to slow to act correctly and what would have been a minor disturbance to passengers becomes a total disaster. The current partial solution for this is to do in part what NASA does, which is put pilots regularly “through the wringer” on flight simulators where they hit them with all sorts of faults debrief them and do it again.

Software managment however often don’t put their programers “through the wringer” as it’s seen as unproductive time. Looking at “coding competition” results however can give an overly positive out look, as the entry is by choice, thus tend to attract only those who want to rise to such challenges in their own time. If made compulsory I suspect the results would be not that rosey, which means we are probably going to get avoidable technical debt.

Wael September 7, 2016 3:17 AM

@Clive Robinson,

I argue that there are two sorts of programing that you could loosly describe as “system”

You argue correctly. There is no one size fits all, currently.

Dirk Praet September 7, 2016 4:40 AM

@ ab praeceptis

Knowledge, expertise, project management etc. can’t be replaced by “nice, well-minded, and free”.

There I concur. OpenSSL was not just a coding, but also a project management and fundraising disaster. Putting on my tinfoil hat, I cannot but wonder if it was really just sheer amateurism and incompetence, or that it had been infiltrated by a party with a vested interest in keeping it the total mess it was. Somebody really ought to do an MBA thesis on the subject some day, and which would make for a fine and mandatory read for everyone on the dangers and pitfalls of blind reliance on FOSS.

… thinking about building something really cross OS, tight, and secure based on NaCl/sodium …

An example of such an application would be dnscrypt-proxy. I use it on most of my machines to obfuscate DNS-traffic. Also available on BSD and written in C 😎

I might look stubborn but my guts still tell me to dislike a solution based on multiple steps/providers/inet.

More like apprehensive, I’d say. Try to keep an open mind. @Thoth is a guy who’s taking (his) security more than serious and he’s working on a couple of really interesting projects.

@ Bong-Smoking Primitive Monkey-Brained Spook, @ keiner

Yet, @ianf and @Rolf Weber retired!

Stop it right there and don’t say that name again. Have you guys never seen Beetlejuice ?

Clive Robinson September 7, 2016 5:28 AM

@ Wael,

Because they know the devices won’t survive in outer space without the right level of protection. Radiation, extreme temperatures and pressures are not friendly towards commercial off the shelf devices.

They might think that, but they would be wrong. Consumer grade components can and do survive quite happily in earths orbit. Whilst the risks you mention are not myths, they tend to be significantly “over imagined” for historic and conservative reasons.

The latter is a typical Catch-22, to play safe designers will not use components that have not been “service verified”. That is if it’s already working in space they will consider it, otherwise not. This has a real stagnation effect. One payload producer actually puts up a “technology proving flight” every couple of years at their own expense just to get around this problem.

Thus there are now quite a few satellites up there that use what are in design consumer grade rechargable batteries from a well known Japanese manufacturer, that have been working for years. Unfortunatly they have stopped making the part some time ago and stock piles are near depleation so other batteries are getting the flight approval process.

The real difference between “Mil Spec” and “Industrial Spec” components at the chip level is zero, even the packaging is the same these days, it’s the testing that supposadly makes the difference… Thus like overclocking the parts are the same it’s up to you to “buy and test” rather than “buy tested parts” at overly eye watering prices.

You might want to look at the documented work of Surrey Satellite, the various AMSAT’s and several universities that have “student projects” in space. You’ld be quite suprised at how little design modification has to be done. In many cases it’s the mechanics and electronic subsystems fail modes and the effects they might have on the power bus that causes most worry, which is why there are companies now selling 1u frames with integral power bus systems.

And yes I actually know there are payloads where the electronic components were purchased out of the DigiKey catalogue, with another going through preflight readiness testing currently…

As for Universities getting involved there are two on the London to Portsmouth road (A3) within a comfortable cycle ride of where I currently live that have their own satellite departments. In central London there is another, that also happens to employe the UK’s only femail astronaut. It’s politically finaly been seen that spacr is a desirable area to be in at last, the question is “How long will the Tim Peake effect last” in their minds.

http://www.bbc.co.uk/news/science-environment-36311799

Any way I’ve a few very busy days ahead, so I’ll not be here much, if you want to know more I can dig you stuff out after the 14th (assuming all things go well).

Clive Robinson September 7, 2016 5:41 AM

@ Dirk, Bong,

Stop it right there and don’t say that name again. Have you guys never seen Beetlejuice ?

Atleast he did not mention “The ‘A’ name that must not be mentioned” that realy was an authoritarian follower “Pro-Pain” gas bag desperate to create an illusion, but failed and had been called out in all the places he went… So such missions can fail in the hands of lesser mortals.

Clive Robinson September 7, 2016 5:58 AM

@ Wael,

If you want to know more about putting a CubeSat up have a chat with ISIS 😉

http://www.isispace.nl/products

Take a look at those boards and the frames they go in, that’s what ends up poping out of one of those canisters and orbiting the earth.

Do you see any of the risks you mentioned being mitigated, oh and yes those are commercial industrial grade components on the boards in the photographs.

Nick P September 7, 2016 10:22 AM

@ Clive Robinson, Wael

Turns out WaywardGeek of CipherShed has an analog, USB TRNG released under FOSS here. Claims it’s not easy to build since board and components were price-sensitive. However, it uses thermal noise and costs $10 to make in volume of about 9 units. I also like that he leaves off a MCU for simplicity and easy verification whereas things like ChaosKey have one. What you two think of his noise circuit/approach?

Tindle link here saying $35 but I’ve never used the site. I’m not sure if stuff is already made or even their reliability. In any case, an open BOM and board design with common components should make outsourcing manufacturing easy + cheap.

Gerard van Vooren September 7, 2016 11:08 AM

@ Dirk Praet,

“There I concur. OpenSSL was not just a coding, but also a project management and fundraising disaster. Putting on my tinfoil hat, I cannot but wonder if it was really just sheer amateurism and incompetence, or that it had been infiltrated by a party with a vested interest in keeping it the total mess it was.”

Better put on that M42 helmet or the much cheaper M56 GDR version. There is no doubt in my mind that OpenSSL was a deliberate mess. Note that the company did make money for being an FIPS 140-2 consultant.

Wael September 7, 2016 8:36 PM

@Nick P, @Clive Robinson,

Tindle link here saying $35 but I’ve never used the site.

It’s not like I am cheap or anything, but $35 seems a high price for this thing. I can get a Raspberry Pi or two for that price (if I am lucky.) I’ll keep it bookmarked in case I change my mind.

Wael September 7, 2016 9:12 PM

@Clive Robinson,

If you want to know more about putting a CubeSat up have a chat with …

Very interesting! Haven’t seen that one before! Should we look forward to personal satellites becoming as common as drones?

Do you see any of the risks you mentioned being mitigated,…

They say it’s a high risk / low cost operation, but I don’t see any of the mentioned risks! I see other kinds of risk, like coupling my name with …

have a chat with ISIS 😉

goddamn! With friends like you, who needs enemies 😉

Nick P September 7, 2016 9:26 PM

@ Wael

You can get an unverifiable, general-purpose, computing device for the price of a simple, analog, TRNG with USB port? Please tell me more. 😛

@ Wael, Clive

You might find it interesting that one of my responses on Hacker News was a guy who worked on the verifiable ASIC’s paper I posted. Appreciated the compliment on his work but had doubts about Infinite RNG. Here’s his post:

“The main problem is that the noise sources are implicit: the designer has no control over the spectrum or the relative magnitude of the various noise sources, and there’s no attempt at rejecting power supply ripple or RF disturbances. (The claim that “it naturally defends against influence from outside signals” is not substantiated, and as I argue below, there is a strong possibility that it is false.)

It’s also worrisome that the author doesn’t bother to distinguish between “noise” in the technical sense and “noise” in the some-arbitrary-signal sense (e.g., power supply ripple). Only the former has useful statistical properties. The latter is useless at best, and an attack vector at worst.

As an concrete example of what worries me: this is a discrete time, positive feedback loop. We are presented with evidence that it has a mode of operation in which its output looks random. Critically, this does not eliminate the possibility that it has another mode that’s essentially a limit cycle. My intuition tells me there’s a very good possibility that if the output of the circuit has a heavy enough capacitive load, and the circuit’s power supply is sufficiently high impedance, the whole thing would lock up into a steady-state oscillation. This is related to the analog design adage: oscillators don’t, everything else does 🙂

So what’s the “right” approach (at least, in my opinion)? First, simplicity: fewer moving parts means there’s less that can go wrong. Second, pick an explicit noise source; the best choice is a diode in avalanche breakdown (this is sometimes conflated with Zener breakdown; they’re different phenomena, and avalanche is louder). Avalanche generates enough noise that it requires very little amplification, and unlike thermal noise, avalanche is quite insensitive to temperature. Third, make it insensitive to external influences by design: shield it from RF, take special care to ensure power supply insensitivity, etc. Fourth, run wellness tests whenever you sample from the RNG. Intel’s procedures are a good example [1].

Finally, a lot of other comments in this thread have covered this, but under standard cryptographic assumptions there is no reason to run this RNG continuously. Sample a few thousand bits, hash them into a key, and use AES-256 as your PRNG. For a really nice take on randomness mythbusting, see “Recommendations for randomness in the operating system” by Corrigan-Gibbs and Jana [2].”

Wael September 7, 2016 10:19 PM

@Nick P, @Clive Robinson,

You can get an unverifiable, general-purpose, computing device for the price of a simple, analog, TRNG with USB port? Please tell me more. 😛

Raspberry Pi Zero: https://thepihut.com/collections/raspberry-pi

Connect, for example, http://makezine.com/projects/really-really-random-number-generator/ to one or more GPIO pins on the Raspberry Pi, and you can you make your own thing.

This is just one example. You can also sample the environment and feed it to your RNG or mix it. Radiation detectors (get one from a smoke detector: https://www.youtube.com/watch?v=rXYnAQQ_bE4) and use it in your own way, see how it affects other semiconductor devices. Use a hall-effect device, an LFSR, a photo transistor, infrared device, a CDS, etc… I still have not changed my mind that there is nothing random, though! We had this discussion on several occasions.

The other thing is this, and I know I’ll get a lot of flak for it: Strength of RND or it’s statistical qualities are for cryptographers, not for engineers. Why do we care about RNG in the first place? Suppose your device is air-gapped or Energy-gapped as @Clive Robinson says, then what’s the threat? And from whom? What are you trying to hide?

Suppose you use that USB RNG, and your device is compromised / not air-gapped. What good is a perfect RNG if the USB bus traffic is captured ny spyware or via side channel leakage? And if you air-gap your device, then what’s wrong with a lousy RNG? I’m just kidding, of course, but these questions are important to think about. The RNG is one link in the chain is only becomes significant under certain circumstances.

ab praeceptis September 8, 2016 1:43 AM

Nick P (and partly Wael)

While one should, of course, use a reasonable design I think that a hardware RNG (outside on board delivered means like intels on chip RNG) is a big plus anyway, even if it’s mediocre.

Well noted, the “mediocre” is for the 99%; highly sensitive stuff like banking need better than mediocre.

The problem with software PRNGs is that everything happens in a closed box and that one can’t escape the need for at least some (more or less) true random. No matter how good your software algorithm you’ll need at least some startup random to seed it.If you don’t have that your theoretical, say, 128-bit pseudo random quickly collapses to very much lower values in the 2 to the 15, give or take 5 range. And no matter on what intelligent seeding collection you rely (keyboard, mouse, interrupts, packets coming in, etc) there might be an attacker lurking who has access to everything, too. Closed box as I said.

As Nick P correctly said, even small amounts of true (read: ot of box) random are sufficient (not desirable but sufficient). No matter how good, say 2 to the 1024, any PRNG algo is, is rather worthless if the seeding is low entropy. A 2 to the 1024 PRNG with 2 to the 15 starting entropy is, all summed up, a 2 to the 15 PRNG.

As for the power supply spikes that boils down to the frequency of grabbing random. If one in 100000 is predictable (due to spikes) it’s hardly a problem; 1 in 5 obviously is. With reasonable ratios I wouldn’t worry but simply factor the spikes in; to have a “random tainted” (0) or “random OK”(1) signal looped into the digital take off is a no brainer.

While I generally don’t put any trust in USB the “they could eavesdrop your TRNG” argument doesn’t worry me a lot. For two reasons: If they really can I have bigger problems in the first place and secondly: good luck trying to EM eavesdrop my TRNG inside a computer case (which is an EM mess).

Again, that’s for the 99%. If you are a bank or a governmental HQ you should care. But then you’ll have the necessary resources to do so.

Ad “formal tools”

Thanks so much for sticking a fork in the Frama-C wound …

But you are, of course right. It’s a real PITA and a shame that people who are (at least to a significant degree) payed by the public can subvert and abuse universities and institutes for their own benefit. Although I have a suspicion that at least in quite some cases the true reason behind that is not greedy reasearchers but rather “men in black” from some gov. agency who think that certain tools should be under their exclusive control.

But hey, we can lament all day long (and justified so) but in the end we have to live with it and come up with solutions.
There I, of course, have a very major advantage, namely that my point isn’t to push 99.5% safety/security/whatever towards 99.7%. My point is to help getting us away from “ignorant, lousy, insane make shift” to the point where we don’t build utter crap by default.

My rather comfortable position is not to worry about (to take up the example from above) some evil guys EM eavesdropping on my board but rather, to stay in the example, to avoid us using our birthday as PRNG seed *g

You people do important and necessary work. But I’m concentrated on killing whole problem classes. I’m after “how to avoid 75% of the typical (no matter how low level and lousy) errors in most software?”.

Funnily we do have the tools. Proper domain/codomain spec plus Hoare triples will slay/avoid whole armies of bugs. The problem, it seems, is one of reasoning, of the way developers think about sw development and (quite mindbogglingy) one of people not liking and actually avoiding even “strange” looking notation.
That’s why I hit again and again at something looking so boring as ways to properly spec variables. I just love Pascals [..] range feature. Coldly looking one, of course, immediately sees that this is domain/codomain spec in (rather thin) disguise – but programmers seem to accept that notation so much much better then math. set notation. Similarly, when we call it “type definiton” programmers eat it. But as soon as we call it domain definition they look mistrustingly and walk away.

I see this again with functional languages. In a way they are but math in programmer dressing. And again we can observe that many programmers dislike and avoid them (with diverse excuses/reasons). But, and that’s the good news, there are also quite many programmers who eat them. Math in disguise with some sugar on top.

Even my next step is quite boring. It’s basically to repeat what Modula has done decades ago, namely to create a solid foundation in the form of a verified std lib.(More precisely, I’m working on ways to create tools to support the creation of such libs).

Somewhat on a similar line I strongly like the clang static analyzer. It’s, of course, not at the bleeding edge of research but it delivers practical value and it’s quite useable (I’ve even quite easily integrated it in some IDE).

Another reason why I’m relatively cool regarding all those formal tools (which, when reaching some kind of maturity and practical usability, seem to be magically drawn into some kind of black hole) is that I see that we already hold the miracle stone in our hands: the AST. What we need to do is to collect more (and more precise) information, be it through better specifications in the language or be it through formal specs and to bring that into the AST and, of course, to use it there, possibly with other tools.

Just look at C analyzers. Practically speaking they must do miracles; they must undertake painful and complicated efforts to gain information that just isn’t there in C; it’s not expressible (so they came up with annotations like Deputy did or Frama-C).

Dirk Praet September 8, 2016 3:51 AM

@ Wael, @ Clive, @ Nick P

Connect, for example, http://makezine.com/projects/really-really-random-number-generator/ to one or more GPIO pins on the Raspberry Pi, and you can you make your own thing.

It would be kinda cool if someone were to write an IKEA-like DIY manual for this without having to understand what Zener diodes, Schmitt triggers and optocouplers are, otherwise most of us will unfortunately remain stuck with haveged or Intel’s totally borked stuff.

Wael September 8, 2016 4:13 AM

@Dirk Praet,

Instead of recommending a book, let me find an easy to do DYI kit or something. May take some time.

Clive Robinson September 8, 2016 4:36 AM

@ Nick P,

Appreciated the compliment on his work but had doubts about Infinite RNG. Here’s his post:

I took a very quick look at the CCT of the RNG and I don’t have the time to go through it in depth, but he’s right and the RNG designers claims are a bit flaky.

Oh also what are your thoughts on “Thermal White Noise -v- Chaotic Metastability”? Personally I’d go with the former not the latter.

But… you have to be carefull about “diode noise” specifically how to ensure it’s AGWN in your sample point. It has the charecteristics you are looking for, which means less effort is required on certain types of de-bias.

WHich brongs me to,

@ ab praeceptis,

[T]hat’s for the 99%. If you are a bank or a governmental HQ you should care. But then you’ll have the necessary resources to do so.

It’s not just 1%, it’s quite a lot more. Look on a TRNG like a crypto algorithm, you would not tell people to use mediocre crypto algorithms, especialy one with more side channels than the “Canals in Wien” would you?

It’s the “Teenage girl diary” argument, that she only needs a simple code to keep her brother from reading it. Whilst that might sound ok when she’s thirteen, what about when she is thirty or more and a political candidate? Just think what fun the press could have with “extracts from her sectet code diary”… After all unlike HRC’s ultra secret Email, there would be no restrictions on what the rabid dogs could quote or do with the content.

The important thing with TRNGs is not only should you care you should check. Not just at design time but continuously, and at the source not after some idiot –Intel– chip designer has slapped a load of “Magic Pixie Dust” hashing over the top you can not get through. That is the very real “Black Box” nightmare scenario.

To see why ask how you would tell the difference between a real world TRNG and the bottom few bits of AES in counter mode? Whilst it is possible before the hash it’s not after the hash. Oh and any way hash functions realy are not the way to go on “magic pixie dust” solutions whilst either Block or Stream ciphers are better.

However there is a more important reason to check and that is EmSec “Fault Injection Attacks”. Put simply for many existing TRNG’s just illuminating them with modest levels of unmodulated EM radiation can realy blow the entropy out of the water. Over at Cambridge Labs a couple of students subjected an expensive commercial TRNG to high frequency EM, that got through the cooling slots and dropped the measured entropy from 2^32 down to around 2^7 bits…

When they put up info on the web I asked why they had not gone the extra yard and modulated the EM signal they used, and suggested they might want to go further in that direction. The point is I know from my own experiments back in the 1980’s you can cause interesting / benificial faults by modulating the signal.

It’s why you have to keep a close eye on the raw output of the TRNG source, to see if and how it changes, because it will give you warning that something is wrong. Be it by fault or design, something you can not do after the sprinkling of the usless magic pixie dust of hashing etc.

Clive Robinson September 8, 2016 5:02 AM

@ Wael,

I see you’ve but your horn’s and tail on this morning,

Why do we care about RNG in the first place? Suppose your device is air-gapped or Energy-gapped as @Clive Robinson says, then what’s the threat? And from whom? What are you trying to hide?

If you are going to advocate for the devil, a sharp suit, might be more appropriate.

Briefly as I’ve got to go soon and things will be hectic for the next week.

There reason you need the TRNG is two fold,

1, Data at rest.
2, Data in transit.

The energy gap only protects “data in use” being processed on that system. Not how the results of the processing are protected when communicated to others as required. Or how the data is protected if the energy gapped processing system is “over-run” and grabbed by attackers so the storage can be examined.

As I’ve indicated in the past sexy as “air-gapping” sounds it’s far from sufficient, likewise “energy gapping”. I’ve also pointed out that information is intangible, and apparently not constrained by our tangible laws of nature. It’s only when we modulate it on energy or matter to Store, Communicate or Process it that it can be used. So you need to protect it in all three tangible states.

If anybody wants to have a longer chat on it give me a shout in a week, assuming all goes well.

ab praeceptis September 8, 2016 5:04 AM

Clive Robinson

We are actually not that far apart. But you see, where you see that a teenager diary lock is not anything serious, I see that it’s just soooo much better than writing her entries on the wall of a bus station. Also note that your pov risks to be understood as “there is no difference between 0% and 99% security. It’s either 100% or nothing”. Unfortunately not even 99.9% are achievable (depending somewhat on you one defines and measures).

I stick with my 99% line. And you confirm me, for instance with your directed EM attack case.

Yes, it’s possible that someone undertakes a directed EM attack on my server. But

  • then I’m still way better than just use intels magic “random”
  • then I’m still successfully defending against 99% of attacks
  • then one were to prove that – and what – effect on security that would have
  • then I still had something way better than the 99% just trusting in intels magic “random”.

Are millions of identities stolen and/or put in danger because some provider had no defense in place against directed EM attacks on his TRNG? Nope. They are stolen, abused, and put in danger because more probably than not, no sensible random source at all was used for the php code running on an old unpatched linux box.

Moreover: Following your argument one could not have any trustworthy sensible random source because any such device needed to be connected in one way or another to the board or to the chip which again would be prone to EM attacks. Alternatively one could just bet and trust in some on-chip random magic.

That’s the problem with the “99.7% just isn’t good enough” approach. In a world with 12% good solutions and practices 99.7% are a dream.

Don’t get me wrong. It’s good that people like you are trying hard to get infinitesimally close to 100%. That has brought many, many important thoughts, experience, better paradigms (even of reasoning in the first place) etc.

But at the same time it reminds me, being a first aid helper in Africa, who needs to get people to at least a halfway acceptable level of nutrition, of some doctor (who in theora is absolutely right) telling me that the meals we hand out are known to cause a rare disease in 1.4 Persons of 2 mio people.

Well noted, we discuss this while there are are plenty “dev/random or /dev/urandom” discussions alive in software circles and while even those are comparably “elite” looking at gazillions of programmers using just whatever is available in their libraries and remotely sounds like random.

Wael September 8, 2016 5:09 AM

@Clive Robinson,

If anybody wants to have a longer chat on it give me a shout in a week, assuming all goes well.

Spending a week at your timeshare again? I hope all goes well!

Dirk Praet September 8, 2016 5:10 AM

@ Wael

Instead of recommending a book, let me find an easy to do DYI kit or something. May take some time.

No imposition, my friend. Unfortunately, electrical engineering is not my area of expertise, so – like Blanche Dubois – I pretty much have to rely on the kindness of strangers here. Pre-@Clive, I didn’t really bother about RNG’s and pretty much took them for granted as being good at what they did. I now think of them rather differently.

I got to talk to Patrick Debois, btw, about the DevOps thingie. He’s pretty busy right now but would get back to me as soon as he finds some time. He did however already pointed me to “Rugged DevOps”, which is a branch I’d never heard of before and that aims to establish security parameters and requirements. I’m now reading up on it a bit.

r / agent rng September 8, 2016 5:52 AM

@Clive,

You wont read this for a week, but

“It’s why you have to keep a close eye on the raw output of the TRNG source, to see if and how it changes, because it will give you warning that something is wrong.”

Was VERY illuminating, thank you and have a safe trip.

Blackboxes are bad, extra sensory perception is good.

Clive Robinson September 8, 2016 7:34 AM

@ Wael,

Spending a week at your timeshare again? I hope all goes well!

Cerching, you win the cigar (but don’t smoke it, or you could get a timeshare of your own). As for the aspiration, you and me both buddy you and me both.

Now the question is how is the nurse going to treat me on arival…

Nick P September 8, 2016 9:10 AM

@ Dirk Praet

“He did however already pointed me to “Rugged DevOps”, ”

The amusing thing is that I have a bookmark on Rugged Software principles from years ago. I think someone posted it in isolation without a devops tie in. Without a context, I laughed it off as another attempt at mainstream to approximate better security in a fad. Kept it just in case it turned into something later.

I’d post the link for you but I got a terminal starting my laptop. Then filesystem errors in root. Then fsck says unrecoverable error here, medium error there. (What’s a medium error?) Then clock says I be at work in an hour. Oh, these fucking Linux boxes, hard disks, whatever…

So, I’ll try to un-fsck it after work and see if I still got Rugged link. 🙂

Bong-Smoking Primitive Monkey-Brained Spook September 8, 2016 10:47 AM

@Clive Robinson,

you win the cigar (but don’t smoke it, or you could get a timeshare of your own).

I wouldn’t mind that cigar, if it’s ok! I’ll “consume” it in a puff of smoke. It happens to be within my domain of expertise.

Now the question is how is the nurse going to treat me on arival…

If it’s the coldhearted Nurse Ratched, ( https://en.m.wikipedia.org/wiki/Nurse_Ratched ) then stay the f**k away from her.

Nick P September 8, 2016 8:01 PM

@ Dirk Praet

Yep, I found handbook and it was DevOps. Instead of it, labeled v6 Strawman Ed, I’ll give you a link to their site that has v7 listed:

https://www.ruggedsoftware.org/documents/

On mobile as Im still pulling files off my corrupted computer. Glad I didnt register my key with keybase yet: it’s gone! I lost one before due to GPG usability issues. This time, I double checked the new one, opened pub + private exports in text editor to verify by eye, backed both up to HD, deleted GPG keyring, reimported keys from those files, and used it from there. Post breakdown, the private copies are gone in main and backup HD with one (who knows if old or new) in still there in 2nd backup whose name I changed.

@ Dirk, All

So, I have two questions before I get concerned. Anyone know if GPG has a security feature that deletes private keyfile right after you import it? That’s innocent explanation to rule out. And 2, can you recover a private key with a gpg command or other tool if you have the .gpg directory that’s hidden in the home directory? Im pulling it off the HD, too, just in case.

Figureitout September 9, 2016 12:04 AM

Thoth
–I’ve never been impersonated but a spambot copied an older comment under a different name like twice. Weird counterpoint is “when the need arises”, a lack of authentication offers a legal defense if need be too…so if someone steals your keys and signs a fraudulent post that might cause legal trouble, you may have a harder time defending. Don’t have time to try out your scheme for now, may email sometime to talk about it further. Getting too busy to do much open source work. I say some kind of external (preferably physical) verification than internet is ideal but that’s usually too far/not worth it for a blog comment. So some provably unique hardware key is a good start, then some novel encryption methods need to be applied (filesystem/homomorphic). I like how you can request a “transport key” from Yubikey, something simple like customer telling vendor a key to write to an eeprom, even encrypting that and sending key/decrypt info back to customer, many manufacturers could do that for some chips, adds quite a bit of security and elevates attacker level.

Dirk Praet
–Default behavior of keybase.io is kinda annoying on windows (a program is only as good as its defaults…), think it’ll work better on linux (couldn’t install on pc I wanted, so may cross contaminate another one); but I only want necessary programs to boot the pc executing on startup. Orbot does this too, hate it.

Wael
Oh, I ordered a bunch of stuff. Boards, connectors, adapters, screens
–Making like a desktop setup for a pi zero? lol

Dirk Praet September 9, 2016 2:34 AM

@ Nick P

Anyone know if GPG has a security feature that deletes private keyfile right after you import it?>/i>

Not that I know of. Unless you have explicitly deleted it or moved it from disk to smart card, it should always be there.

Can you recover a private key with a gpg command or other tool if you have the .gpg directory that’s hidden in the home directory?

As long as you still have that .gnupg directoy, the secring.gpg and pubring.gpg files are the ones that hold your keys. Just copy/move the entire directory to another machine/VM and you’re in business. No additional configuration, importing, exporting or other mucking about required.

@ Figureitout

Default behavior of keybase.io is kinda annoying on windows (a program is only as good as its defaults…)

It’s annoying on every platform as it installs a start-up item. I have no idea why it should do that. But it’s easily remedied. For Windows, grab a copy of CCleaner with which you can inspect and disable/delete those. On Linux, go to ~/.config/autostart and add a “Hidden=true”-line to the keybase .desktop file found there. On OS X, use Lingon or objective-see‘s KnockKnock to do the same. I highly recommend all of Objective-See’s (free) OS X security utilities.

Wael November 15, 2016 11:28 PM

@Figureitout,

You know that C.H.I.P. thing I ordered a long time ago still has not arrived!

Just arrived last night! Pretty cool, but very slow. They say there’s a 3D HW acceleration flash update. Will give that a try. Already forgot what I was going to do with it, but I got a couple just incase…

Figureitout November 16, 2016 12:19 AM

Wael
–Holy cow, how long ago was this? Please tell me it was free shipping… :p I’m waiting on usb-serial boards (my order got canceled “due to security reasons”–wtf? Never happened to me before, so I just found my orders (all of them) got cancelled and had to re-order) to try Sancho_the_crazy_spaniard’s data diode. Challenge is going to be software on both ends, I want to just transfer files like you would on some FTP program, seamless and easy. If we can make 1-way file transfer common and easy, that could have a major impact for security; may potentially save a lot of PC’s from infection, and make malware have to jump around data diode. The optocoupler (way overpriced lol, they want minimum orders of like 1000+ on their website, psh) was DIP-SMD, that made me mad, swore it was just DIP. So gonna order breakout boards…

I hate that feeling not knowing what to do…eventually best to just settle on something, anything, and do it. I made one of my Pi’s a packet sniffer (much more features to add on eventually), I know it’s not taking full advantage of it, but it’s better than continuously waffling trying to make something that takes full advantage of Pi, or any chip. Chips are so overpowered today, way too much stuff, you’re never going to use them to their full potential. Makes me happy later when I have something tangible. Always have a backlog of side projects waiting…now it’s school projects (which I like much better than BS tests [1]…they’re actually fun and I practice real skills for the real world).

[1] I got “lucky” and got 2 visiting profs (love paying for visiting profs…) that want to make their own tests, 1 of them doesn’t have a clue what she’s talking about, the other is better and seems to know the material but still it’s a crapshoot what’ll be on exams, then another actual prof, he only covered 4 concepts on a test, in extreme detail, left out the other 10-15 major ones and did an unfair trick question; all of them, english isn’t their first language so they’re wording on tests reflects that, which is fun deciphering what they mean/want. Can’t wait to get to the real world…

Wael November 16, 2016 2:24 AM

@Figureitout,

Holy cow, how long ago was this? Please tell me it was free shipping… :p

It took 8 months and 18 days. Shipping was $20.

my order got canceled “due to security reasons”

Same happened to my Raspberry Pi orders. Got cancelled for no reason. I’ll try another time from elsewhere.

The optocoupler (way overpriced lol, they want minimum orders of like 1000+ on their website, psh)

Perhaps you should try a different source. page 87 – 93 maybe of interest to you. There was another issue of the magazine which had a more related project to yours. Can’t remember now, and it’s hard to find. I don’t even know what I did with the magazines I had.

way too much stuff, you’re never going to use them to their full potential.

That’s true of most products: email clients, CPU instruction sets, …. They say it’s also true of our brain capacity: we use about 18% (I believe that was debunked.) I’m currently running on 3% 🙂

now it’s school projects (which I like much better than BS tests

These were never fun for me. The only fun projects are the ones that I decided and chose to build.

left out the other 10-15 major ones and did an unfair trick question;

A good professor doesn’t do that.

Can’t wait to get to the real world…

Enjoy it while it lasts 😉

Clive Robinson November 16, 2016 2:58 AM

@ Wael,

That order is so old it’s got grandkids now 😉

As for it’s beard Methuselah called collect to do his “angry grandpa” routine about when he was a boy… You know the one about how he was so poor they used to paint their feet with tar, and he had to get up before he went to bed etc etc.

@ Figureitout,

I hate that feeling not knowing what to do…eventually best to just settle on something, anything, and do it.

The place to start is to go back in history before computers etc and see what they did and why.

You will find people wrote coded journals and used safes and hiding holes. They were far from perfect but they did work up to a point as did having quiet conversations in the middle of corn fields etc.

From this “field craft” developed and a lot of it can be found in books etc. In the main these techniques have stood the test of time and it is still more than possible to use them today.

The problem we have with using field craft rules with modern tech is that most electronics “broadcasts” it’s presence and aproximatly what it is up to via various energy channels.

There are four basic things you can do,

1, Keep your head down and do nothing.
2, Do not use modern technology.
3, Use technology but not for what you wish to keep private.
4, Use,techbology but stop it’s energy leakage issues.

The simplest thing to do is to mix options two and three. That is keep your private stuff off of technology by using older methods to secure it prior to it going onto modern technology only when it realy needs to.

A simple –but tedious– example is to write your thoughts on every fourth line of squared paper, that you keep locked in a safe. If you then desire to send this to someone you right the –OTP/stream– under it and hand encrypt. Then type the encrypyed text into the modern technology.

You can use many similar techniques to modify older field craft methods to work securely with modern technology.

But don’t rule out the forth option. You can use modern technology without using insecure technology. As I’ve mentioned in the past using very cheap but powerfull micro controlers on small test and development boards is one way. These can be fairly easily “energy gapped” as well as effectivly screened, and made small enough that storing them in a small safe is not an issue.

The real problem with this is data communications. You have found as have others that ASCII via RS232 signaling on a serial line is one way to go. Because it alows you to be able to not just mandate the communications but instrument it for compliance as well.

The problem is “stopping the leaks” via EmSec etc. One problem with asynchronous serial data transmission is that it is transparent to timing channels. One way to stop this is with “store and forward nodes”. That is you have a device that reads in serial data and stores it internally in some manner. At a later time it forwards on the message from the store. The length of time between storing and forwarding reduces the bandwidth of the transparent timing channel, the longer it is the lower the bandwidth. The node can also add link encryption to the forwarding channel which alows other techniques to be used securely (such as padding, interleaving, etc).

The trick is to make all such nodes as independent of each other as possible thus “stoppering” as many side channels as possible.

In the past I’ve mentioned several overviews of what can be done. The best approach is to take a pragmatic view and build each node only when other nodes are up and running.

Wael November 16, 2016 3:27 AM

@Clive Robinson,

That order is so old it’s got grandkids now 🙂

Yep. The technology is already obsolete!

As for it’s beard Methuselah…

Reminds me of a joke. I’ll have to share it later because you won’t find it funny (translated jokes aren’t usually funny.)

Clive Robinson November 16, 2016 5:12 AM

@ Wael,

translated jokes aren’t usually funny.

No…

I’ve been told that there is a Spanish joke that translates to,

    What is diferent between a duck and a duck… One leg is longer than the other

Nagh I don’t get it either. There is another joke in French that uses the similar sounds “chapo” between a gentleman’s head wear and well other “head” covering a man might use 😉 likewise there are several “boild egg” jokes in German.

There is however the reverse, where somebody says something meaningless in on language that is funny in another. On is where you ask a French person to read out a meaningless sentance that sounds like “Paddle your own canoe”. But as I’ve mentioned befor do not try and say “G P T” –the name of a UK telco– with a French accent, it makes French people try and keep a straight face 😉

Figureitout November 17, 2016 8:55 AM

Wael
It took 8 months and 18 days
–Wtf mate…how many implants did they put in your poor C.H.I.P.? :p

Same happened to my Raspberry Pi orders
–Huh? Weird…I assume you had accounts? I didn’t make accounts.

I had a source for a more palatable price but aliexpress cancelled it! Grr. That was a good little article.

That’s true of most products
–Yep, oh yeah on instruction sets, at first I was like “too much instructions!”, then on something like MIPS I’m like “where’s all the useful instructions?!”.

The only fun projects
–Yeah, only a couple have given more freedom, next semester will be a bunch of school projects…hope I get some freedom.

Clive Robinson
The place to start
–I don’t have that problem, Wael does lol. I’ve got enough projects to last me my life pretty much, I can insert or remove nodes from my FIFO queue whenever lol. I’ve taught myself basic fieldcraft, gets pretty boring, or I don’t know, feel like a child doing it after awhile…Grown ups that promote a civil society thru their actions don’t behave like that. Sketchballs do though.

I’m most definitely not going to stop using modern tech, going to be using it a lot more; regardless of backdoors or not. If they’re actual problems, they can be dealt w/.

Your “store and forward” system, I’m not setting that up (nor have you ever described it in enough detail to implement), that’s way too much uptime for an attacker to get at it and probe the system whenever they want; and way too much technical debt for something to go wrong for my liking. That’s meant for networks (the internet kind, I can’t afford my own networks to play with, legally…if I did I’d power it down when not in use by me).

It’s complications I don’t want nor really need…maybe someone else would.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.