Friday Squid Blogging: Squid Nebula

Beautiful.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on October 28, 2016 at 4:11 PM • 179 Comments

Comments

RobOctober 28, 2016 4:30 PM

I recall reading a somewhat rude comment in the last Squid blog by a user calling himself 'Annoyed Users':

Is there something that can be done about excessively long "comments"? The post above is not a comment, it is a blog post at almost 1500 words. It will make it difficult to read all the other comments because it requires so much scrolling.

I very much enjoy reading the longer posts but it got me thinking:

Would it not be a good idea to have a permalink to a perpetual 'Squid' blog, maybe called 'Chat', in the black navigation bar at the top?

By having a dedicated 'Chat' section we'd be able to see on one long page (paginated if necessary) all the previous comments. Ideally the page would show comments in reverse chronological order (newest first) to avoid having to scroll down.

By doing this we could then use Bruce's 'Squid' post for news stories and the 'Chat' post for everything else. It'd keep all comments in one easy, accessible place and greatly simplify the present situation whereby we have to search for the various 'Squid' posts manually if we want to go back and read an old comment.

GeorgeOctober 28, 2016 5:32 PM

A small bounty is being offered by the folks at 1Password ($100 - $25,000) for finding eligible bugs.

https://bugcrowd.com/agilebits
https://blog.agilebits.com/2016/10/04/bugcrowd/
https://1pw.ca/whitepaper

Also interesting to note is Apple's use of their new TouchID sensor on their extravagantly priced MacBook Pro.

They have also included their secure enclave (TPM) to allow secure payments over Apple Pay. I'd like to see more PC manufacturers take up the lead on this.

In an ideal world customers would use very strong passwords for FileVault 2 (their BitLocker equivalent) because they can rely on a quick and reasonably secure method of authentication (their fingerprint) to unlock the device when locked but not shutdown.

https://www.engadget.com/2016/10/27/meet-the-macbook-pro-s-new-touchbar-with-touchid/

Dominic SuterOctober 28, 2016 5:58 PM

This week in white man's welfare, NYPD retards look for their keys under the lamppost because the light's better there. They bag lots of sad sacks committing protected speech - as long as they are too stupid to do any damage. If NYPD's adversaries have the faintest notion of OPSEC, NYPD will mill around in the carnage as they did so heroically when they whiffed Mossad's hilariously obvious 9/11 hijinks.


http://www.mcclatchydc.com/news/nation-world/national/article110427212.html


Police-force IQ cutoffs work!

Alien JerkyOctober 28, 2016 6:42 PM

I wonder how the NSA and GCHQ will hack this

http://newsthump.com/2016/10/20/julian-assange-still-receiving-secrets-through-tin-cans-and-string-security-experts-warn/

Insiders tell us that Assange lost internet access after hackers changed his password to the name of a girl from Stockholm he claims to have never met.

A rapidly constructed ‘Stringternet’ has been put together from the Ecuadorian embassy in London, which allows whistleblowers to pass classified information to Assange by whispering it into an old Tomato Soup can attached to a lamppost.

Assange then collates the information onto sheets A4 with a typewriter, before making them into paper aeroplanes and throwing them out of the window in a desperate bid to remain relevant.

Martin WalshOctober 28, 2016 7:33 PM

Betcha the FBI reopened their investigation because they found evidence she lied in her testimony, not because any particular new emails were found to contain classified documents.

And now a search warrant issued on a premises allows the police to fingerprint everyone in the bldg in the course of the search. I don't know why they couldn't also get DNA if they wanted. DOJ argued successfully this does not violate constitutional protections from unreasonable search and seizure.

ThothOctober 28, 2016 8:39 PM

@George, Nick P, Clive Robinson, all

re: MacBook Pro + Secure Enclave + TouchID

The TouchID and Secure Enclave are like huge traps to ensure users will never climb out once they have fallen into. This is also a Secure Persistent Backdoor/Frontdoor technology set that have been introduced to ensure the compliance of people using the latest MacBook Pro backdoor/frontdoor technology to the NSA et. al.

The TouchID would make people lazy to enter password strings and this will immediately void users the protection of the 5th Amendment rights to not self-incriminate. As we have seen of FBI going around buildings to forcefully collect fingerprints, why wouldn't they be able to force users to unlock and decrypt their MacBook Pros with 5th Amendment circumvention via coercing the pressing of fingerprints.

In fact, I theorize that fingerprint chipsets could be circumvented to enable mass unlocking via direct interfacing with the fingerprint chip and then injecting the desired fingerprint of their target from a bunch of biometric database the World Government have collected. The World Government would only need to use the pretext for biometric passport creation to store everyone's fingerprints, iris scans, facial scans, DNA and other biometric techniques and when they want to access a target's computer, they just need to find a way to interface the biometric chip and inject the stored victim's biometric data (there is a standard called the ISO/IEC 19794-2:2011 to govern the format for fingerprint data) and gain complete access to the victim's computers.

In fact, mass access via mass biometric unlocking can be done by the World Government with their massive database of biometric data as long as an exposed interface for biometric authentication is available on the computer and thus free and easy real-time unlocking and access can be done without a hassle or needing to ask the user to for their fingerprints anymore.

Intel has a software called the True Key application for biometric access and if an access interface over remote connections or physical connections can be found, a database can be hooked to the remote target computer to provide field agents of the World Government the remote access they need in real-time.

In order for the Secure Enclave to work, a separate "TrustZone-like" environment has to be available and Intel has been known to have it's alternative to ARM TrustZone which is the Intel TXT and AMT technologies that can be found in a wide range of Intel chipsets. It is known that the AMT technologies are Intel's secure backdoor/frontdoor and combined with Intel TXT which provides so-called "Trusted Execution", You have a perfect backdoor/frontdoor just like any ARM TrustZone. This TXT/AMT combination provides the so-called TPM function which includes what is called the "Trusted Boot" or what I call the "Bias Boot".

The AMT technology runs it's own processors and kernel and with the aid of TXT to lock down codes that even the normal CPU's kernel cannot touch and access, Intel and Apple can place proprietary backdoor/frontdoor trustlet codes inside the Intel TXT environment (equivalent to the Secure World in TrustZone parlance) and even if the user uninstalls the Mac OS and uses a Solaris, Linux or BSD, the TXT trustlet backdoor/frontdoor residing in the TXT environment, with the aid of the AMT technology for "Secure Remote Management" of the badly twisted Intel / Apple CPU, can and will use the AMT to remotely and securely trigger the backdoor/frontdoor trustlet inside the TXT which the userspace OS have no rights for access and this can include replacing critical userspace kernel codes (i.e. injecting kernel backdoors/frontdoors, injecting persistent kernel malware ...etc...).

In fact, the entire MacBook Pro is a huge security hazard for anyone who values the slightest personal safety and privacy.

Clive RobinsonOctober 28, 2016 11:13 PM

@ Even if a thousand people...,

With regards the test for paranoia you linked to,

1) Have you noticed how such tests are rigged so you start to feel paranoid by at most the third question?

2) And as your score mounts you feal quickly that you have to somehow change the creeping fealing of unease?

3) And stop that song from Rockwell in the 80's with the hook line of "Somebody's watching me"[1] crawling around in your head like an earwig boring into your brain?

If you answer no to all of the above are you sure? Are you realy realy sure?

Seriously though such quizes are designed to be "meat catchers" and about as much real use as an advert for socks with sulfer in them saying they are "medicated".

[1] http://www.lyricsmode.com/lyrics/r/rockwell/somebodys_watching_me.html

Clive RobinsonOctober 29, 2016 12:21 AM

@ Thoth and others,

re: MacBook Pro

I think Apple may have compleatly lost the plot on this one.

Many of those who purchased earlier models were software developers, often using the command line and commandline tools like VIM or other IDE's all of which used the now absent "Esc and Function keys" that have been replaced with some odd kind of touch strip or some such (which reviewers have had a "WTF is that for?" moment over).

I have a sneaky suspicion the "column inches" in the technical press on just this alone will be larger than the column inches over the missing 3.5mm headphone socket on the recent release of the iPhone.

Which will unfortunatly drown out the more important security points you raise...

My own personal view / feelings about fingerprint readers goes back several decades. When working as a design engineer I "showed the boss" how simple it was to defeat the finger print scanner we were working on. By using the red wax from Edam cheese, rubber solution glue and a little WD40 oil. The ability to make fake fingerprints this way I had discovered before I was a teenager. Partly from a craze at the time for using "felt tip pens" and rubber solution glue to make realistic looking thus scary scars for Halloween and from earlier years playing with the red wax much like you would with plasticine. Any way as I've said before some bosses like kings will "shoot the messenger" instead of dealing with the bad news[1].

People realy need to consider that all bio-metrics are effectively "in plain sight" and the implications of that.

Thus all bio-metrics are fair game to criminals and their close associates of Law Enforcment. Further I would like for security "experts" and tick-box auditors to stop going on about "Something you are" as a viable let alone reliable factor of authentication, as it only makes the security issues worse not better through "false trust".

I sometimes wonder what future historians and sociologists will make of the use of bio-metrics in security. I suspect important as it is, it will form but a small footnote to the wider issue of --supposadly-- democratic nations empowering "guard labour" to become unacountable tyrants.


[1] Which made me dislike the bio-metric industry intensely, and also showed me that at the time they were selling snake oil at best. Which in turn gave rise to me working out how to mess with most bio-metric systems including scene of crime DNA etc. Which in turn lead to me discovering the nasty little secret of "Scientific Evidence Forensics" that whilst it may use science it is not realy science it's self.

DaveOctober 29, 2016 2:05 AM

@Clive Robison

The function keys are not absent in the latest MacBook Pro.

If you're using an app which utilises the 'F' keys then they'll automatically appear.

To bring them up in another app you press another key on the keyboard (can't remember which one) and, as if by magic, they'll appear.

CuriousOctober 29, 2016 3:08 AM

"We built a fake web toaster, and it was compromised in an hour."
http://www.theatlantic.com/technology/archive/2016/10/we-built-a-fake-web-toaster-and-it-was-hacked-in-an-hour/505571/

"I don’t actually own a wireless toaster. But I devised a test. Renting a small server from Amazon, I gussied it up to look like an unsecured web device, opening a web port that hackers commonly use to remotely control computers. Instead of allowing real access, though, I set up a false front: Hackers would think they were logging into a server, but I’d really just record their keystrokes and IP addresses. In cybersecurity circles, this is called putting out a honeypot—an irresistible target that attracts and ultimately entraps hackers and the scripts they use to find vulnerable servers."

Somehow, the article has a function that adds the last known login attempt, with time since last login attempt, and login name with password name updated in the text of the article. :D

DroneOctober 29, 2016 3:38 AM

@Curious,

So you must have turned on scripting while on The Atlantic web site. Ewww... you better get a tetanus shot!

GeorgeOctober 29, 2016 4:51 AM

@Thoth

You raise some excellent points, many of which I considered when the San Bernardino iPhone saga was front-page news.

I know that proprietary technologies like Intel are susceptible to backdoors but for the overwhelming majority of users they don't need to incorporate that into their threat assessment.

The average computer user wants protection if their laptop is lost or stolen and encryption, even incorporating a TPM, is an excellent way of protecting them.

Your point about compelling a user to unlock their system using their fingerprint is equally valid but consider these two scenarios:

1 - Some countries have laws which mandate handing over of their password or other unlocking key. Failure to comply is an offence punishable with jail time.

2 - Your point about the 5th Amendment is true in law but not in practice. Some states have jailed suspects indefinitely (for contempt of court IIRC) for not handing over their password. If a user is prepared to face jail for not unlocking their system then TouchID is obviously not for them - those users should just use a strong password.

It brings me back to a really simple idea that Apple and other manufacturers could implement -

User unlocks their device with a strong password
User presents their fingerprint to unlock the device and;
User must correctly enter a short PIN (e.g. 2-4 numbers, longer if they want)

By mandating that their fingerprint and PIN (different from the strong password) be entered you're effectively enshrining their 5th amendment right because their fingerprint alone won't work to unlock the device.

It won't stop them going to jail if the state was that way inclined but it would make the device almost impossible to access if the technology was implemented correctly.

A hardware counter would need to be utilised so that if the correct fingerprint but incorrect PIN was entered the device would destroy the encryption key from memory and require them to unlock using their full strong password. I'd limit the user to 1 or 2 chances at their PIN before destroying the key.

Apple had a problem with their old software key counter but if it was implemented into hardware, and the hardware could be trusted, then that would seem to offer a secure solution.

Personally I like the Qubes-Certified laptops:

https://www.qubes-os.org/doc/certified-laptops/

GeorgeOctober 29, 2016 4:54 AM

Reading back over my last post I wanted to make clear that the strong password would only be needed upon first switching on the device or if the encryption key was destroyed from memory.

TouchID and a PIN would be used to unlock the device throughout the day without needing the strong password.

ThothOctober 29, 2016 5:38 AM

@George

"I know that proprietary technologies like Intel are susceptible to backdoors but for the overwhelming majority of users they don't need to incorporate that into their threat assessment."

Open up your CPU and search for the type of Intel or AMD chip and you will be surprise what sort of Intel vPro/AMT or AMD PSP "back/frontdoors" sitting inside your CPU or maybe you shouldn't even be surprised.

I would also like to update my statement that I consider all ARM A series chips are top be considered irrevocably back/frontdoored whether the chip has TrustZone explicitly enabled or not. The reason is all A series ARM chips from A7, A8 and above have TrustZone as part of the design and it is highly unlikely for chip manufacturers like Qualcomm, Samsung et.al. to not buy the whole package including TrustZone IPs.

"The average computer user wants protection if their laptop is lost or stolen and encryption, even incorporating a TPM, is an excellent way of protecting them."

I remembered I wrote about combining TPM with Intel TXT/ AMD PSP or ARM TrustZone to create a tamper resistant and secure "back/frontdoor" a few weeks ago in one of the Friday Squid posts. You could search and find it if you want. I previously encouraged the use of TPM but nowadays I am back paddling on my previous words as I foresee the problems they bring. I may introduce another method for booting securely after some consideration and once I have solidified my designs. I am still in the midst of adjusting my designs for another type of secure boot at the moment.

"Some countries have laws which mandate handing over of their password or other unlocking key. Failure to comply is an offence punishable with jail time."

It is not so much about handing over passwords or cryptographic keys but more of how misuse of such technology meant that the user is more insecure than secure. Imagine someone (not just LEAs but criminals) can grab your thumb and press your fingerprint against your will on a fingerprint sensor (when you are being cornered and captured by your attackers) and now they have access to everything without even needing to ask you for passwords or keys. From the standpoint of criminals, they do not need to ask you anything since your fingerprint is everything and they just grab your hands to press them against the sensor. For LEAs and Government officials operating outside of legal rights where they have to go through the process of serving warrants and notices for cooperation, now imagine any LEA or official simply grabbing your thumb and press them against the sensor to unlock your device without having to apply for warrants to be served or without correct exercising of LE authority (operating illegally outside legal parameters). A technology that was intended to make "secure unlocking" easier for the public turns out to be a death trap.

"Your point about the 5th Amendment is true in law but not in practice. Some states have jailed suspects indefinitely (for contempt of court IIRC) for not handing over their password. If a user is prepared to face jail for not unlocking their system then TouchID is obviously not for them - those users should just use a strong password."

Indeed and for such practices, things like rubberhose filesystems and deniability methodologies exist. There are many methods to provide deniability and I am working on one such method by proving that the user does not hold the decryption keys via my work on the GroggyBox project. If you are interested, you can read the messy documents inside the Github repository which I am trying to organise.

"It brings me back to a really simple idea that Apple and other manufacturers could implement"

Linux PAM modules already allow smart cards for unlocking of desktop, why can't Apple do that ? I have authored an update to the OpenPGP smart card codebase (Yubico's version) that supports a duress PIN mechanism to enable self-destruct of keys when being coerced and Yubico is representing me to present the idea to the maintainer of the OpenPGP smart card author to include my idea of duress PIN into the next interation of OpenPGP smart card specifications. This will be very helpful in terms of smart card based secure authentication and crytography which provides far more superior authentication and confidentiality than some fingerprint or biometric sensor that does not provide means for it's owner under duress to react. Again, it is linked below just in case you are interested.

"A hardware counter would need to be utilised so that if the correct fingerprint but incorrect PIN was entered the device would destroy the encryption key from memory and require them to unlock using their full strong password. I'd limit the user to 1 or 2 chances at their PIN before destroying the key"

Just use the duress PIN capable OpenPGP smart card applet I have designed. the reason I have designed such extreme measures (via self-destruct duress PIN) is to enable the weakly empowered public to have something they can use to protect themselves and is lightweight and blends into their surrounding.

Personally, I am carrying my modified OpenPGP smart card on myself on a daily basis and I don't even realize it until I need to decrypt or sign my emails and of course, with the duress PIN function enabled and ready.

The better course of action is to adopt OpenPGP smart card with my modification for duress PIN via a PAM authentication module for OpenPGP card authentication.

Links:
- https://github.com/thotheolh/groggybox
- https://github.com/thotheolh/ykneo-openpgp

Clive RobinsonOctober 29, 2016 6:21 AM

@ George,

TouchID and a PIN would be used to unlock the device throughout the day without needing the strong password.

There are a couple of problems with that which almost always lead to a compromise in which usability wins over security.

The reason the finger swipe was popular was the "soap in the eyes" argument, you can answer the phone by touch only. But also it was way way faster than entering in than even a single digit pin, let alone four digit. This is important because phone service companies want chargable connect calls not ring offs. So they set voicemail etc to cut in after four to six rings. Which does not leave the user much time to get the phone out of their pocket remove any miss typed digits and enter the correct pin.

Thus the preasure would be on to have finger swipe only to "answer the phone". If you do that you have a decision to make. Block all other use or allow other use. If you decide to go for "other use" do you then ask for the pin or the finger swipe and the pin or do you just let the user in?

The problem with this is that it alows a variation on an attack the police did on a terror suspect. Basically they guy was a delivery man so the police persuaded his employer to let them pose as "head office staff". With his manager they button holed him at work, his manager saying that he had been doing non work business or some such and head office wanted proof otherwise. When the guy unlocked his phone they grabbed it off of him and kept it activated so that their forensics people could strip it's contents.

Thus the police/criminals could arrange to be close to you, ring the phone and grab it from you after you've unlocked it. Then if the phone only uses another swipe to open the phone further the police/criminals could ring the phone and forcably swipe your finger to get into the phone at that level, then they have a much broader attack surface to branch out from. As we know there is a near constant on the number of bugs per line of code, thus an attack vector is more likely to be available to a partialy unlocked phone...

Security on phones is hard especially when both the users and application developers want to get around it for a "more enjoyable user experience"... It's why from a security perspective a dumb mobile phone with no GPS or SMS capability is a much easier option.

Slypp SlyderOctober 29, 2016 7:47 AM

I remain very much opposed to any biometric login method, and especially prints or pictures, which governments all over the world work feverishly to collect and store. It's already been proven beyond doubt prints can be hacked. I would guess pics are easy to work around, too.

However, what about voice logins?

Seems to me a voice could be digitally "fingerprinted" which is one layer of protection, then of course the spoken password would be another layer of security.

Can a government force you, legally, to speak your password? Seems to me it might be protected in the USA. In England...probably not as they are far ahead of the USA in terms of denying users any form of personal privacy or security.

Anyway, VOICE LOGIN credentials. Any thoughts?

Oliver "Porky" BickarOctober 29, 2016 9:56 AM

A little recreational light reading for the weekend:

Have a little chilling effect with your paranoia?
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2412564

Your newspaper taxi is here, sir.
https://qualiacomputing.com/2015/05/22/how-to-secretly-communicate-with-people-on-lsd/

When El Chapo hears about this, your morning commute may get a lot more interesting.
https://nakedsecurity.sophos.com/2015/06/01/russian-billboard-advertising-contraband-hides-when-it-recognises-cops/

"Evil?? Us??? Naaaaah!"
https://protonmail.com/blog/search-risk-google/

albertOctober 29, 2016 10:20 AM

@Rob,

So one annoyed user complains about having to scroll, and Bruce needs to change his blog?

Well boo hoo.

This ain't twitter, and some subjects require a lot more real estate than a smartphone can provide.

If this were my blog, my reply to annoyed user would be unprintable.

. .. . .. --- ....

TedOctober 29, 2016 12:30 PM

'Multistakeholder Process: Cybersecurity Vulnerabilities'
NTIA will be coordinating a multistakeholder process meeting for security researchers and software and system developers and owners to address security vulnerability disclosure on November 7.

Additonal info:

Schneier.com ‘vulnerabilities’ blog tag

'Exec Order 13691 - Promoting Private Sector Cybersecurity Information Sharing' (Feb 2015)
Sec. 2. Information Sharing and Analysis Organizations.
Sec. 3. ISAO Standards Organization.

Cybersecurity National Action Plan (Feb 2016)
From the ‘Enhance Critical Infrastructure Security and Resilience' paragraph: “…This work builds off the President’s previous cybersecurity focused Executive Orders on Critical Infrastructure (2013) and Information Sharing (2015).”

'The ISAO Standards Organization'
In order provide guidance on the information sharing ecosystem, the ISAO SO published four initial voluntary guideline documents in October for use by emerging and established ISAOs in regards to sharing and analyzing cybersecurity risks, incidents, and best practices. These include 'Intro to ISAOs,' 'Guidelines for Establishing an ISAO,' 'Intro to Info Sharing,' and 'US Gov’t Relations, Programs, and Services.' ISAO SO will be hosting an online roundtable for new and emerging ISAOs on December 8. One of their working groups discusses the analysis of threat, vulnerability, and incident data.

The Department of Defense issued bug bounty program contracts to HackerOne and Synack. The combined contracts are valued at $7 million.

CallMeLateForSupperOctober 29, 2016 1:16 PM

@Drone

"So you must have turned on scripting while on The Atlantic web site."

Not necessarily. I keep scripting locked down. When I read the article yesterday I saw:

"The last attempted hack came /5 minutes ago,/ using the username /root/ and the password /root/. (Yes, those are live figures; they were updated when you loaded this page.)"
(Characters between slashes here were white-on-red in the article.)

A couple minutes ago the page read exactly the same. Maybe the page I see is a default, delivered to browsers that don't support scripting?

ab praeceptisOctober 29, 2016 1:29 PM

Clive Robinson

dislike the bio-metric industry intensely ... selling snake oil at best ... "Scientific Evidence Forensics" ... not realy science

For the latter - Quite probably but I don't know enough about that field.

For the former - Bang, hit - with a but: The reason (for them) is the reason for it being snakeoil or even worse. The intended target groups are two. One of them well known, one rarely noticed or discussed.
The obvious one is the "I can't be bothered to come up with something better than 'secret+[birthday]', let alone with multiple ones for multiple things/sites" crowd. Btw. the underpinning deal is oh so stoneage old: "Me not liking to think, me preferring to pay for security". Which, of course, when arriving at the sellers side is unwrapped to the relevant (for the seller) content "Fuck me and do it hard!"

The second one is creepier: It's those, usually state players, who want to nail down each an every citizen in a way that doesn't allow any escape.And it's an immensely attractive path to follow (for them) because the ever-more-shackling and pinning down can be sold as "comfort".
It starts with "protect your valuables reliably and high tech!", followed by "why the trouble with tube and train tickets? Bio-Id is so much more comfortable and you can't forget anything, nice huh?". Finally it will be "money? not needed. We use Bio-Id and online central-banking" and "Sorry, but medical services can be provided only to Bio-ID'd persons".

The important point is to never allow for Bio-ID **alone**. As this can't be verified, let alone enforced in weak-citizen vs. strong, lawless states, we'd better stay away from it.

GeorgeOctober 29, 2016 1:31 PM

@Thoth

Intel

No matter what Intel are doing I still don't think your average user needs to be overly concerned with a backdoored CPU.

To use BitLocker* as an example you can protect your encryption key by storing 50% in the TPM and using your password as the other 50%. Even if the TPM is backdoored then you're still safe because you need the user's password. Alternatively it may be configured to require TPM, PIN and USB (where part of the key material is stored on the USB).

*Other software is available and I'm not discussing the merits of BitLocker: it's just an illustration that there are mitigations ... unless Intel deliberately attempt to log keystrokes or USB key material.

Criminals and Law Enforcement

Criminals can use rubber-hose methods as can law enforcement but the solution I suggested (fingerprint and short PIN) isn't intended to protect against this; nothing can.

I know you get solutions with plausible deniability (TrueCrypt had it as does VeraCrypt) but if not used correctly you can telegraph the fact that you're using a hidden system.

I like the idea of a self-destruct mechanism but again, in some countries, there may be sanctions against this - e.g. tampering with 'evidence'. Obviously depending upon what you're storing versus the potential sanction would inform you whether to use the duress code.

I will research your GroggyBox project - it sounds interesting.

Overview

I don't pretend to know what the solution is but anything that protects the average user against loss/theft is a great starting point. Those who need enhanced OpSec and PerSec should look into heavier duty solutions.


@Clive Robinson

I remember BlackBerry used to have an option whereby you could encrypt your phone and, if you received an incoming call, it'd only show the caller ID because the address book was encrypted.

Apple and Android could introduce something similar but I think it'd be very unpopular so making it optional would be essential.

However I'm not suggesting requiring the user to use the TouchID and/or their PIN to answer an incoming call. In my opinion it'd be unnecessary for the majority of users. I can answer my mobile without unlocking it - the only time I need to unlock it is to make a call.

The rationale behind the TouchID and PIN would be to prevent your fingerprint being used to unlock the phone without knowledge of your PIN. There is an argument that if physical coercion was used that you'd also hand over your PIN but that's not always going to be the case depending upon who is coercing you.

The social engineering you mention [tricking the worker to give over his phone] will always be present and there's little, if anything, that can be done to prevent this.

Of course a 'dumb' phone is always going to be the superior option but we live in a world where the majority of people rely heavily upon the additional functionality and even if they did understand the security/privacy trade-off I think most would consider it unacceptable.

ab praeceptisOctober 29, 2016 1:45 PM

Dave

"(MacBook)... 'F' keys then they'll automatically appear" - Wow, magic keys. I don't trust apple any further than I can throw a 15 foot crocodile.

And I want no stinkin' magic keys; I want real ones. clickedy click.

And btw. I'm laughing my ass off seeing all those cool security researchers ... with their cool macbooks. And that was before I knew about the magic keys.

gordoOctober 29, 2016 1:45 PM

In Russia's cyberscene: Kremlin desires, private hackers, and patriotism
UNDERSTANDING OTHERS: Pinning down specific Russian responsibility for hacking incidents is complicated by Russia's cybersecurity model. Most of the IT expertise lies in the private sector, and the Kremlin itself is surprisingly not tech-savvy.
By Fred Weir, Correspondent | The Christian Science Monitor | OCTOBER 27, 2016

MOSCOW — While much is known about US cyber-war and -espionage capabilities thanks to the massive data leaks of former NSA contractor Edward Snowden, Russia's capacity for such is much more obscure. ... .

http://www.csmonitor.com/World/Europe/2016/1027/In-Russia-s-cyberscene-Kremlin-desires-private-hackers-and-patriotism

DaveOctober 29, 2016 2:53 PM

@ab praeceptis

And I want no stinkin' magic keys; I want real ones. clickedy click.

Then they have a brand new MacBook pro for you - $1,499.00 - complete with real function keys. Clickedy click.

http://www.apple.com/us/shop/buy-mac/macbook-pro


And btw. I'm laughing my ass off seeing all those cool security researchers ... with their cool macbooks.

They have more than enough power to virtualize an OS within macOS or you can install Linux natively if you really want to.

Leitl AardOctober 29, 2016 3:30 PM

Dave,
But they are. There are no F-keys. Only the sensor strip that imitates their presence at times.

I won't argue if it's good or bad. Haven't tried it and I don't care about Apple products in general.

Which brings me to a topic that is at least remotely related to this forum. I want to get security updates for a Windows machine I have. Thing is, Windows Update won't let me. It just hangs. I left it idling for a few hours yesterday. No reaction.

So the question. I have found a neat little collections of scripts that imitates WU functionality at http://wsusoffline.net/. Has anyone here used it?

I tried it on one of my VMs but I didn't have enough time to go through a thorough testing; after it downloaded and - allegedly - installed updates I couldn't see them within the Windows Update interface. I think I might have seen them in the systeminfo output though.

Clive RobinsonOctober 29, 2016 3:59 PM

@ Gordo,

The CS Monitor piece is about what I rxpected based on information from other sources.

However a word of caution what we in the west think of as "patriotism" is not the same way Russians think. Try looking at it like love, responsibility, duty or patronage, from the outside observing peoples behaviour they can appear very similar but the actuall motivation is quite different. From the Russian IT Sector, the "patriotism" is in fact much more like patronage or even protectionism. That is they are making a down payment to head off future problems from certain aspects of the state.

A Russian friend of mine who works in that sector tried explaining it to me some time ago and even though their command of english is excellent they had problems. More interesting perhaps was their reasoning as to why the Russian it sector is having trouble establishing themselves outside of Russia. Basicaly they lay a good deal of the blaim at the oligarchs feet, and how in the past those at the top had in effect swindled foreign investors via the Russian legal system etc. They also noted that Putin's "adventurism, to make Russia great again" whilst popular in Russia is alienating many potential investors such as the Germans.

Markus OttelaOctober 29, 2016 4:11 PM

@Rob

Compartmentalization by topics is not healthy. This community has extremely low noise level already so I don't see it worth fixing. A separate chat section would not only get even more off-topic, it would restrict squid blog posts to topics selected by the media houses, and discussion into something I consider office break room talk. In the words of Roosevelt, average minds discuss events, great minds discuss ideas. I'd hate to mix discussion of ideas or projects like TFC that probably never get press coverage with a lower threshold of completely off-topic discussion.

DaveOctober 29, 2016 5:27 PM

@Leitl Aard

Have you not even looked at that link I provided?

There are real, physical function keys on the $1,499 MacBook Pro model.

ThothOctober 29, 2016 7:20 PM

@George
Just like cryptograhic algorithms and other security protocols, it is very difficult to ban self-destruct methodologies and deniable security techniques. These are concepts and not solid substances where they can impose a physical ban. Banning ideas have throughout the centuries been ineffective in whichever dynasty or regime as it leads to much stronger and evolved version of the idea that authoritarian regimes seek to ban thus almost always a certain way for a backfire.

My implementation of self-destruct mechanism uses randomness to confuse attackers so that it is hard to tell between a self-destruct code being entered or a normal user PIN. If you actyally read the codes I wrote in my variant of the OpenPGP card codes, the self-destruct mechansims uses confusion mechanism via random vomparison sequence against a user PIN and a self-destruct PIN thus making attackers and even the owner himself not knowing which PIN is compared at the given moment which makes self-destruct mechanism much more potent without a way to predict or detect only to way for the effects to take place and realise after the fact. In order to have evidence you need to know he internal state of the smart card but a smart card is a commonly available tamper resistant secure device that can even be bought off eBay with littlw trouble. To proof that someone willingly trigger a self-destruct before the fact in order to yield evidence is close to impossible as that means the attackers must violate the security mechanisms of the smart card to know it's internal security state which by doing so will cause the card to wipe itself if it's security is violated (thus the tamper resistant aspect). I have written a lot about smart cards and it's security on many posts here which you can search on filter through to understand more about these cards and how they can enhance security schemes and be a potent tool which is very difficult to place a ban on.

FrankOctober 29, 2016 7:25 PM

For all you Mac Keyboard junkies, don't worry - there's a short article circulating the circular circular ycombinator currently that say's you guy's (and gal's) needn't fear - Apple hasn't forgotten about you with the touchbar - it's ARM controlled. ;-)

Clive RobinsonOctober 29, 2016 8:07 PM

@ Dave,

This is getting complicated...

You said,

If you're using an app which utilises the 'F' keys then they'll automatically appear.

The implication of which is they are "soft keys" just like those on a touch screen.

What is not clear, is what will happen with the highend device if as quite a few developers have done with earlier modles, of ditching the Apple OS and replace it with linux...

Will the esc and function keys come up? or will that functionality be lost, where as real keys would not.

Clive RobinsonOctober 30, 2016 2:19 AM

@ Dave, and other Apple Fans,

It would appear that Apples "less is more" idea is falling flatter than a cigarette paper in a rain storm, and for some, Apples More is most definitely less a lot lot less,

http://joeposnanski.com/my-mechanical-keyboard/

It's funny but I do sympathize, when I started bashing out programs you had a choice, a KSR or ASR Teletype, with round peg like keys that needed to be hammered rather than pressed, the comforting sound and vibration as the whirring motor's and clutch mechanisms brought sound and life to every key press. You had to have arms like a pro wrestler to keep up the pace. Then came along the Glass TTY's with their deathly pale green glow and only twenty five lines of text and keys that clicked, no clunk and thud and tremor of mechanical life just barely restrained... Then some years later the creep out that was the Sincair Spectrum rubber keyboard the action of which one reviewer likened to "poking dead flesh". We thought that keyboards had reached their low... But how wrong we were the typing experience degradation had four decades yet to run, each inovation worse than those that went before, to culminate not in the sterile lifelessness of touch screens but Apples painfull reminent of what was once a vibrant living experience, draged down to that of poking dead beatle carapaces fractions of millimeters lest they crack and reveal worse than festering biologicals...

ThothOctober 30, 2016 4:56 AM

@Figureitout, Clive Robinson
GroggyBox GUI client can now accept raw hexadecimal key bytes to encrypt/decrypt files.

Jimbo BlogginsOctober 30, 2016 5:13 AM

Throwing a phone on the ground really hard then drilling through the memory chips, SIM and SD card will go some way to making it secure.

Foresight is better than hindsight and saves precious rare earth materials along the way. You can always borrow someone's phone if you are ever unlucky enough to have to negotiate with the local crooked official and don't have a lazy $5,000.

ThothOctober 30, 2016 5:36 AM

@Jimbo Bloggins

"Throwing a phone on the ground really hard then drilling through the memory chips, SIM and SD card will go some way to making it secure."

The better way is to lose the keys assuming full disk encryption using a secure hardware but this is not practical on current Android phones so the better method is as you say drill the chips.

The problem with drilling the chips is you need to be fast to get a drill and start drilling when someone's already knocking hard at your door. You have to consider that the attackers are armed with heavy weapons and may use disguises, people you are familiar with or close to you, bomb disposal robots that are equipped with other payloads and configurations or other unmanned options and many scenarios they would simply prefer to trick you when your phone is unlocked to snatch and grab it like what happened to Ross Ulbricht.

The better way is to individually encrypt every important file (besides some FDE) with a hardware key that combines with a user PIN/Password so that forgetting the PIN/Password or activating the self-destruct on the hardware key or destroying the hardware would render the files useless. The secure hardware to do these heavy lifting would typically be a smart card that you pair with your phones. There are USB OTG plugs for USB smart card tokens (e.g. Yubikeys or other FIDO devices) or NFC enabled phones with NFC enabled smart cards or the worst case is a smart card reader for a phone. Even if you have unlocked a phone, even if they steal an unlocked phone, they need to enter a PIN/Password with a smart card to decrypt every single sensitive file you have encrypted and that would be pointless. Since each file have unique DEK keys, this will only make one decrypted file vulnerable if the phone is snatched will the card is decrypting a file as they need to re-enter PIN/Password to decrypt all the other files with the card.

The problem with this approach is whether you trust the phone's touchscreen with the PIN/Password and that is understandable as there are very few solutions that allow secure PIN/Password entry into smart cards separately.

GroggyBox project that I have initiated is made to address the concerns of encrypting each sensitive file but the trade-off is slow speed and it can be frustratingly long to encrypt a file that is larger than a few hundred KBs which I am still trying to figure out the reason for that.

It does not solve the problem of insecure PIN/Password entry for the smart card though until the Ledger Blue and Nano S devices are deemed mature then I would consider porting GroggyBox over and that will solve both secure input and secure display problems (but not the slow speed I guess). This stuff is still highly experimental and in initial phases of development.

You can drill the SIM card, SD card, CPU, flash memory and so on only if you are prepared with a drill and the attackers are not around you with enough time on hand to destroy these stuff physically.

If you are interested, look for any chip with a blackbox and drill them along the way. The GSM modem, fingerprint sensor, cameras ... they may store some caches and shouldn't be trusted either.

Links:
- https://github.com/thotheolh/groggybox
- https://www.ledgerwallet.com/products/12-ledger-nano-s
- https://www.ledgerwallet.com/products/9-ledger-blue

DaveOctober 30, 2016 5:57 AM

@Clive Robinson

If you're using an app which utilises the 'F' keys then they'll automatically appear.
The implication of which is they are "soft keys" just like those on a touch screen.

On the Apple website you'll see that they sell three MacBook Pro's. Two of which have the new Touch Bar and the lower-end model (albeit more expensive than its predecessor) has the conventional function keys.

With the higher-end models the Touch Bar will automatically populate with the 'F' keys if the app uses them or if the OS thinks it necessary. You can also manually invoke them by pressing another button on the keyboard. Obviously this is software controlled.


What is not clear, is what will happen with the highend device if as quite a few developers have done with earlier modles, of ditching the Apple OS and replace it with linux... Will the esc and function keys come up? or will that functionality be lost, where as real keys would not.

You're right, it's not clear and I don't know.

If a developer was to replace the OS then I'd guess the functionality would be lost however it may be that the 'F' keys are programmed into the firmware so that they appear by default whenever there's an error or system reset.

However knowing Apple it may well be the case that they want to deter people from installing other Unices as the primary OS and they might intentionally cause the Touch Bar to cease to operate... in the name of 'security' [or some other excuse] of course.

CallMeLateForSupperOctober 30, 2016 10:37 AM

Cross-device hacking.

A talk scheduled at up-coming Black Hat London.
https://www.blackhat.com/eu-16/briefings.html#talking-behind-your-back-attacks-and-countermeasures-of-ultrasonic-cross-device-tracking

This picqued my interest:
"In the defensive part of our talk, we will introduce three countermeasures that we designed, implemented, and will publicly release. These include (1) a mobile application that detects ultrasound beacons "in the air" with the goal of raising awareness, (2) a browser extension that acts as a personal firewall by selectively filtering ultrasonic beacons, and (3) an brand-new OS permission control in Android that allows applications to declaratively ask access to the ultrasound spectrum. We will go into the technical details and provide remediation advice useful both for the users and developers."

SpellucciOctober 30, 2016 11:31 AM

@Leitl Aard, are you trying to update Windows 7? Microsoft broke the Windows Update feature, resulting in behavior like that which you describe. Several articles I read point to this one: http://superuser.com/questions/951960/windows-7-sp1-windows-update-stuck-checking-for-updates/996072#996072.

And Decent Security, run by the person who also posts as SwiftOnSecurity on Twitter, has these instructions on how do to a fast build of Windows 7 from scratch: https://decentsecurity.com/windows-7-fast-update/.

AaronOctober 30, 2016 11:59 AM

@Spellucci

The Windows 7 update process is beyond a joke.

Microsoft have deliberately made it as difficult as possible to install their "convenience rollup". You have to install the April 2015 Servicing Stack Update first and then mess around manually downloading other updates, or, you have to download every single update ever issued. It is anything but convenient.

I'd have preferred them to issue a Windows 7 SP2 and offer that as an ISO for people to burn to disc. Then users reinstalling would have one simple go-to disc and any new (now cumulative) updates would be automatically installed. It'd vastly simplify it for sysadmins and individuals and it'd take the load off Microsoft's servers. It's more likely than not that they've chosen to make it as difficult as possible so that people upgrade their OS.

Mainstream support for Windows 7 ended on January 13, 2015 and extended support ends on January 14, 2020. It's probably better just to upgrade to Windows 10 and be done with Windows 7. You can disable the majority of the privacy intrusive aspects of Windows 10 via various third-party software applications.

ab praeceptisOctober 30, 2016 12:42 PM

Grauhut

I assume you presented the "Surkov leaks" with a big grin, well knowing it's pile of BS.

For one, the ukrainian sbu is well known for being controlled by washington. There wase even a scandal because they have the us-american flag right next to their own at their building. Everyone there know that the sbu is completely run and managed by cia.

Even a quick glance at the "leaks" shows how bluntly and unprofessionally this whole operation is made up. One ridiculous statement follows the other.

Example: a lot can efaked but an outlook mailbox is har to fake. Haha.
Another one: Every information they could check did verify. No, if that's not miraculous! In other words: All the "sbu hackers" had to do was to put *publically obtainable* information in there, et voila, the "proof" is cooked and ready to be served.

If that is all washington is really capable of then that's really dangerous for Putin. Because he might drop dead laughing his ass off about those idiots.

Leitl AardOctober 30, 2016 1:10 PM

Spellucci,

Correct.

The VM I had been testing WSUSOffline in ran Windows 10 though. I have no idea what MSFT have done to the update subsystem there. Half of the settings appear in that Metro app thing, half in the usual Win32 desktop environment.

Thanks for the links. I don't want to touch Windows 10 anywhere except in VMs yet.

ab praeceptisOctober 30, 2016 1:58 PM

Curtis

As you insist: He also said, that that is the *low-end* model. How about suggesting a Lisa? After all it also had real keys.

TedOctober 30, 2016 3:40 PM

NISTIR 8138
DRAFT Vulnerability Description Ontology (VDO)
A Framework for Characterizing Vulnerabilities

Public comment period: September 30, 2016 through October 31, 2016
All comments are subject to release under the Freedom of Information Act (FOIA)

“NISTIR 8138 aims to describe a more effective and efficient methodology for characterizing vulnerabilities found in various forms of software and hardware implementations including but not limited to information technology systems, industrial control systems or medical devices to assist in the vulnerability management process. The primary goal of the described methodology is to enable automated analysis using metrics such as the Common Vulnerability Scoring System (CVSS). Additional goals include establishing a baseline of the minimum information needed to properly inform the vulnerability management process, and facilitating the sharing of vulnerability information across language barriers.”

http://csrc.nist.gov/publications/PubsDrafts.html

ab praeceptisOctober 30, 2016 3:46 PM

Curtis

Thanks for the explanation but my interest in apple products us extremely limited anyway as I happen to work with computers.

GrauhutOctober 30, 2016 6:39 PM

@ab praeceptis: "I assume you presented the "Surkov leaks" with a big grin, well knowing it's pile of BS."

On first glimpse the "Surkov leaks" smell like a wet belling (copy)cat! :)

Could well be diversionary tactics, place a red herring and wait for a bear to sniff on it.

ThothOctober 30, 2016 6:58 PM

@Molie

Nice work there especually on Martin's "letter" to his "friends" on page 10 and 11. I can't help but wonder if that sounds like a more dissident-lile clone of @Nick P.

Most part of US Govt's and NATO's COMSEC and ITSEC are now in control by defense contractors that are either compromised already or have unknown ties and these contractors only care about making more money than security. It wouldn't be a surprise if their security is so degraded luke what Martin in the letter said since these Govt folks are easily enchanted by the marketting push from their contractors.

MolinaOctober 30, 2016 7:34 PM

@Molie

The defendant's technical knowledge was limited to mere decades of experience and a partially completed Ph.D. dissertation in information security management.

The real threat is his history of criminal behavior. Like using the internet. And he might have even downloaded a QubesOS LiveCD!!11

The Defendant was in possession of a sophisticated software tool which runs without being installed on a computer and provides anonymous internet access, leaving no digital footprint on the machine. The Defendant’s internet activity also suggests that he was attempting to locate anonymous internet access and to run operating systems on his machines that would not leave any forensic evidence of his computer activities. In July 2016 he watched a video about how individuals who attempt to remain anonymous on the internet are caught by authorities. He has a demonstrated ability to conceal his online communications and his access to the internet.
I spy, a red irreconcilable dissonance somewhere in those last two sentences.


He apparently also communicated online with others in languages other than English, including in Russian. Could you imagine, what true patriot would ever think of such treason?

MolinaOctober 30, 2016 8:01 PM

Not only is the whistling wind telling us that no classified information will be found on the Weiner-Abedin laptop, they are also telegraphing their intentions to avoid any investigations of potential FOIA abuse. Expect to see some changes in re: email transparency requirements for public officials in the next few years

DanielOctober 30, 2016 8:07 PM

@Molina

Unlikely that it was Qubes Live as that is buggy and not receiving much development (if any); it is much more likely that it is Tails. BTW the government also uses live CD's and the military in fact makes one for public dissemination.

http://www.disa.mil/cybersecurity/network-defense/bootme

The Defendant’s internet activity also suggests that he was attempting to locate anonymous internet access and to run operating systems on his machines that would not leave any forensic evidence of his computer activities. In July 2016 he watched a video about how individuals who attempt to remain anonymous on the internet are caught by authorities. He has a demonstrated ability to conceal his online communications and his access to the internet.

What is sad is not that he is doing this but that so few other people are. What is doubly sad is that now is eligible for a sentencing enhancement under the federal guidelines for using his "special skills" to commit a crime.

BTW, does anyone know what specific video is it that the indictment refers to?

tyrOctober 30, 2016 8:11 PM


OT

@Clive

I'm still puzzling out a recent news item that
said one of the founders of RT was found dead
in his hotel. Apparently he got so drunk that
he beat himself to death.

This happened in Washington DC.

MolinaOctober 30, 2016 8:23 PM

@Daniel

I agree. It is Tails they were referring to there.

I only mentioned Qubes because it's one of the easiest downloadable versions of

Examination of the digital media seized from the Defendant indicates extensive use of sophisticated encryption, anonymization, and virtual machine technologies.

My own emphasis added

gordoOctober 30, 2016 10:35 PM

@ Clive Robinson

Good to see, per your sources and anecdotes, that the reporting from CS Monitor, as I suspected, is accurate.

The emotion- and identity-laden term "patriotism" is another of those "eye of the beholder" questions especially susceptible, from time immemorial, to the abuses of scoundrels.

davidhOctober 30, 2016 11:43 PM

The Abedin emails relating to Hillary Clinton are from Wall Street Journal to be on the Yahoo email system.

I suspect that these are cloud emails, that were stored on the Yahoo system.

In that case, only the login credentials would be found on the Weiner (ex husband) laptop, not the 650000 emails reported by some parties.


Speculation on my part, but could this whole chain of investigation start from a parallel construction technique to give a plausible explanation for why the emails suddenly were found and haven't come off the Utah internet archive run by the NSA?

Clive RobinsonOctober 31, 2016 2:47 AM

@ Security,

The FBI needs a search warrant????? Wow!

Not realy, but SWATing those close to the person likely to be their new boss next year, is not realy a good career move...

The simple fact is for many outside of the US we see her as a criminal in oh so many ways, as well as being a bit of a train wreck in progress...

Not that the boufon on the other side is any better, his "grope em and poke em" supposed locker room behaviour gives neanderthals a bad name.

Which ever on of those dinosaurs gets into office the results will not sit well with the rest of the world let alone the US citizens.

I bet that Douglas Adams is laughing in his grave over this as it's definitely a case of "voting to stop the wrong lizard getting the job".

Clive RobinsonOctober 31, 2016 6:56 AM

@ tyr,

Apparently he got so drunk that he beat himself to death.

Yup, a "Clear case of being so remorseful for upsetting XXX he tried to drink himself to death, and failing to achive that he slipped on the bath rug in the bedroom and fell backwards oit the door and his head hit the edge of the balcony, but miraculous he did not go over because he was to heavy...". Oh hang on a minute the bells on the other leg have started chiming...

Clive RobinsonOctober 31, 2016 7:06 AM

@ Gordo,

Good to see, per your sources and anecdotes, that the reporting from CS Monitor, as I suspected, is accurate.

About as accurate as you can be without having been a fly on the wall in the Kremlin where red flags are known to fly ;-)

OtherwiseOctober 31, 2016 9:44 AM

@Dominic Suter

"Police-force IQ cutoffs work!"

Attitude and intelligence are oftentimes both called "smart" but they are not the same thing...

@all

There are some shadowy connections to our presidential candidates:

Hillary Clinton -> Huma Abedin -> Muslim Brotherhood -> Hamas -> terrorism.

Donald Trump -> "women and gambling" (major casinos, beauty pageants, and prostitution) -> Las Vegas / Chicago / NYC Mob -> Anna Chapman and friends -> Russian mafia and "thieves in law" -> Vladimir Putin.

Thoughts?

Clive RobinsonOctober 31, 2016 9:48 AM

How the MIC screws over outsiders

http://www.bloomberg.com/news/articles/2016-10-19/the-feds-won-t-buy-this-19-million-stealth-boat-or-let-it-be-sold-abroad?utm_content=business&cmpid=socialflow-twitter-business&utm_campaign=socialflow-organic&utm_source=twitter&utm_medium=social

What is the betting that the aim is to bankrupt the company and one of the big players to pickup the pattents dirt cheap and then reap the rewards of the technology and US tax payer money?

The music industry has a not to disimilar bunch of tricks to stop performers being anywhere but under their thumb (where it's called "being jailed").

OtherwiseOctober 31, 2016 10:15 AM

@Clive Robinson

I wouldn't call anyone who can build a boat like that an "outsider." It's called a "stealth" boat, but no doubt it comes with strings attached. The manufacturer "needs" to be able to track it, update software remotely, etc.

"If you don't buy our new-fangled military attack boat, don't worry, we won't sell it to your enemies; only to your friends, and your friends' friends, and so on."

Major trust issues here. People start building major advanced proprietary munitions of war and selling them to "friendly" countries? People not so friendly to our own country, or to our own troops whose lives are being risked by undisclosed software or hardware vulnerabilities?

You've got it backwards. That millionaire dude is one of those "MIC insiders" who as usual are hoodwinking the military six ways to Sunday. They had every right to tell him to take his boat and stuff it.

Clive RobinsonOctober 31, 2016 12:05 PM

@ Otherwise,

You talk of the "Protocols of [the elders of] Zion", have you ever looked into their background? Especialy the industrial and newspaper magnates involvment?

They were what Leslie Fry based her infamous work on.

Whilst the Protocols might have been based on the supposedly humorous work of Russian antisemites around 1901 they were more or less plagiarized from some of the works of the German Hermann Goedsche, who in turn took his antisemitic ideas from more recognized authors such as the Frenchman Alexandre Dumas.

Goedsche was a very stuck up Prussian who's main ire was actually reserved for the English, who he apparently hated with a passion second to none. Some scholars believed that his hate for the English and antisemitism were strongly inter-related.

Thus Goedsche's ideas and works were used not just in the Russian anti-Jewish pogroms, but also later to support WWI where a certain "little corporal" took hold of them to forment his own anti-communist and antisemitic ideas and ultimately the start of WWII. So quite a bit of influance for a now virtualy unknow author.

So "the connections" do not ultimately trace to Russia" but Germany and France.

OtherwiseOctober 31, 2016 12:39 PM

@Clive Robinson

Re: "industrial and newspaper magnates"

You mean Henry Ford?

So "the connections" do not ultimately trace to Russia" but Germany and France.

Sure, many connections in Germany and France, but the real deal lies even further east. Maurice Joly was ridiculing Napoléon, not the Jews. You deflect attention away from Russia, and yet you mention

the Russian anti-Jewish pogroms,

which of course were active during the 1917 revolution, making it curious that the blame was placed at that time on the previous regime's secret police for the Protocols.

tinkererTailorHackerSpyOctober 31, 2016 12:56 PM

Regarding Trump, Russia, Clinton, emails...


http://www.bloomberg.com/politics/articles/2016-10-31/clinton-allies-go-after-comey-as-new-probe-scrambles-campaign

Hillary Clinton’s allies dramatically escalated attacks on FBI Director James Comey, questioning whether he may have broken the law in disclosing investigative details 11 days before the election and whether he is treating Donald Trump’s campaign differently.
Elijah Cummings, the top Democrat on the House Oversight Committee, said Monday that Comey has not been similarly forthcoming about whether the bureau is investigating Trump associates and former campaign aides for purported links to Russia, as several media outlets have reported.


Comey has always been a bad apple, but this was a very severe mistake, whether Clinton wins or loses.

Let us step back and consider the big picture: Russia has attempted, via hacking and general muckracking, to create - by their intelligence forces - a coup in the United States of America.

This outlandish statement is not even speculative. It is not some dusty, backalley conspiracy theory. The US government came out and stated as much. They did not use the word "coup", but they certainly fingered before a global audience, Russia as being the ones behind these hacks.

My statement, using these terms, merely removes the niceties of the language to reveal the raw truth.

It is much worse then these statements from Bloomberg reveal, however. Trump's campaign manager was on the payroll of the Russian government. As was other leading campaign aides.

Not to pop everyone's cherry all at once here, but this certainly spells that this means the Russian government was the giver of those tens of millions of dollars of funds. And like you have read of lobbyiest's, they certainly would have met with these folks and explained to them exactly what strings are attached. This means these top Trump campaign aides met in clandestine with Russian spies, overseas and in cover.

They probably made the *pitch* pretty, and no incriminating enough or scary enough so they would refuse, sure. But, they would have also obligated them with what words they used. And once they went down this road, which they did take, they would have been assured in no uncertain terms, though indirectly, that once they took that money, they were hooked.

Put another way: Russia would have given those funds only on the condition that Trump knew. And they would leave for themselves sufficient evidence so they could later pull a trump card if anyone tried to play hard ball with Russia or not do as they say. In the future Trump presidency. Their trump card, would be blackmail.

Blackmail as trivial as recorded evidence that Trump himself was aware he was dealing with the Russian government and taking money and hacking efforts from them to win him the presidency.

This is exactly why Trump did not dare say a bad word about Putin or Russia.

Contrasting these failures with bad email practices?

Well, I am sure many wannabe and "think they are" security "experts" here, and elsewhere, may believe that Clinton had the worst security there ever was. But the reality is that Trump just as easily could have been the exposed victim here as anyone else could have been. And believe me, when your campaign is getting funded by Russian intelligence, you are going to have a lot more nasty skeletons in your closet then what Clinton has had.


I doubt Comey is an active or knowing agent of Russian intelligence in his bid here to insanely make public eleven days before an election such a thing. Much more likely, this was the work of Trump's campaign aides, and likely in combination with influence from Russian intelligence agents Comey did not know are Russian intelligence agents.

Probably, they collectively showed him a very golden parachute.

Probably, there was shown to Comey that being friends with the "right people" would lead him very far in the Trump regime.

Comey, being a ladder climber, with little to no meaningful intelligence experience, probably only saw the golden apple at the top of the ladder he was asked to climb.

The obvious downside to him for so negatively influencing the American Presidential election he was clearly entirely blinded to.

Likewise, very possibly, he is power blind, believing nothing can go wrong for him regardless of what actions he takes, because, after all, he has made many actions in his tenure which are extremely immoral and unethical. And suffered no reprisals for any of that besides some bad press.

The real danger here is Trump, however, of course.

If Trump is elected, Russia will have absolutely free reign. In Europe and in the Middle East. As well as over global energy policies.

I am very sure Trump is not some willing tool of Russian intelligence and probably believes there is some way he can just take the money and get out of all obligations.

But, this certainly is foolish and impossible to happen. This is the sort of people Russian intelligence have been using since the 19th century. Sociopaths with no concept of loyalty. Tricksters with very cunning minds.

No, even Trump would not like released damaging conversations and paper trails that would prove to everyone he willingly worked with Russian intelligence, and, in fact, his Presidency would never have happened without their extensive support.

So, just as he is now, allowing Russia and Putin everything, and practically speaking of them reverently, in hopes they will continue to do all they can to put him in his illustrious dream seat of President.... so, too, once elected will he still find himself entirely hooked.

They will make him feel like The Boss, while controlling his every action and word. When it matters to Russian best interests.

tinkererTailorHackerSpyOctober 31, 2016 1:22 PM

@Otherwise

There are some shadowy connections to our presidential candidates:
Hillary Clinton -> Huma Abedin -> Muslim Brotherhood -> Hamas -> terrorism.
Donald Trump -> "women and gambling" (major casinos, beauty pageants, and prostitution) -> Las Vegas / Chicago / NYC Mob -> Anna Chapman and friends -> Russian mafia and "thieves in law" -> Vladimir Putin.
Thoughts?

Clinton definitely does not support terrorism. Not anymore then the US Government does. Does the US Government support terrorism because they have very strong ties with Saudi Arabia? I definitely do not think so. These sorts of things are absolutely unsavory, but choices are grim, and choices are forced.


I am also not concerned in the slightest for Trump having ties to mafioso of the Italian American variety. The US Cosa Nostra is far from what it was.

But, Trump and Russian intelligence?

Trump is in deep with Russian intelligence. He is Russia's man in America.

They have very strong control over him. If he wins the Presidency, they will have put him there. And they certainly will have power over him via flattery mixed with blackmail to keep him doing as they want. I do not think Russia will ask of him anything, but on matters pertaining to Russia's best interests in the Middle East and in Europe, as well in regards to energy policy.

Of these, I believe Russia's European and Middle Eastern interests - where they are on the very 'other side' of the table from US and allied nations - will be made American interests.

Very likely, Russia will also deepen their technical and human intelligence foothold in the US establishment, through as much unknowing and knowing help from Trump that they can get.

If the President says "don't look at something", intelligence won't look at it.

If the President says, "give my boys here free reign" - say some seemingly pure corporate interests expanding in the US, in US defense technology, energy, and so on? Intelligence will cut out their own eyes and ears to allow it.


It can be noted that the US had a top Russian intelligence officer in NY City for many years. The same officer who turned over the network of directorate s spies, which included Anna Chapman, and far more dangerous spies. He turned over directorate s spies in Europe, and elsewhere.

That kind of work could be quietly shut down by a President Trump.

In fact, Russia could easily pressure Trump to direct US intelligence into whatever manner of diversions they wish. All the while without Trump consciously acknowledging to himself that he is opening a supermassive backdoor for their intelligence services.


In a day and age where intelligence services, through human and especially technical intelligence, can rob en masse national corporations and other critical economic interests blind - no war, just a lot of quiet work across wires, for the most part - this is definitely a major threat to the US and the world.


Admittedly, many corporations are supporting Trump, and not as actively engaged in the race, if they understood the threat Trump poses for them. This is alien landscapes which they are not familiar with. Certainly, many major corporations are very aware of Russian hacking for economic purposes. Especially across the energy industry, and across very cutting edge technical research industries.

But, putting that dim awareness with the true understanding of what Russia is doing with Trump is something very few of those involved are likely to make.

And those who work in counterintelligence and intelligence analysis, or have, are rarely in a position to ever say anything to anyone, really, anywhere, on such matters.

tinkererTailorHackerSpyOctober 31, 2016 1:26 PM

BTW, Off my above topics, some interesting news via slashdot this weekend regarding hax0ring:

https://yro.slashdot.org/story/16/10/31/1515242/nsa-hackers-the-shadow-brokers-dump-more-files

not entirely new, but some new progressions:
https://it.slashdot.org/story/16/10/30/1932216/serious-hacks-possible-through-inaudible-ultrasound

file this under 'duuuuh', yes, they can stop spoofed calls (which ties into many forms of hacking), 'no, they have not even tried before'. This won't stop hijacking other's VOIP.

https://apple.slashdot.org/story/16/10/29/190253/robocall-strike-force-proposal-could-stop-caller-id-spoofing

also, this has been on the horizon, and may so stay
https://news.slashdot.org/story/16/10/29/2019202/police-used-cell-tower-logs-to-text-7500-possible-crime-witnesses

The value this can give to all sorts of criminal investigations is massive. And if secret deals are made to be able to better scoop up this manner of data, the abuse potentials are amazing.

https://news.slashdot.org/story/16/10/29/2019202/police-used-cell-tower-logs-to-text-7500-possible-crime-witnesses


https://politics.slashdot.org/story/16/10/29/0438224/apple-shared-user-data-with-governments-says-wikileaks-email

CuriousOctober 31, 2016 2:42 PM

Unless I've misunderstood completely, there are apparently rumors that NSA have been using servers in China for hacking the world. So much for attribution I guess.

Clive RobinsonOctober 31, 2016 2:55 PM

@ Otherwise,

You deflect attention away from Russia, and yet you mention...

My intention was not to deflect attention away from Russia, but to show that their antisemites had coppied the work of others (reputadly as humour, then as propaganda). And thus ultimately the ideas behind the protocols had originated in other places.

Specificaly continental Europe, and the French who claim to be the bastions of Liberty etc. As you point out yet another route arises from France, as does the author Leslie Fry, who promomted the Protocols to Henry Ford who had half a million copies printed and for some of her sins was intered in the US for part of WWII.

History is a tangled briar and much repeats or is copied along the way, tracing back to the root stock can be hard.

tinkererTailorHackerSpyOctober 31, 2016 4:19 PM

@Curious

Unless I've misunderstood completely, there are apparently rumors that NSA have been using servers in China for hacking the world. So much for attribution I guess.

References?

The NSA is deep in the global telecom infrastructure, so they do not have to literally hack another computer to proxy attacks from. But, chaining together proxing systems (and when finished, wiping every system that was part of the chain, is generally, best practice for hacking.

China is very wired, but they also have at best what can be termed a 19th century level of state, so they certainly will be far more insecure then an US or your average Western (or Eastern) European state. Or Taiwan or South Korea.

They do claim many attacks originating from their country are from outside sources.

I do find it doubtful NSA is so bad boy as to literally run false flag operations against their own country, however.

Any manner of domestic hacking by a foreign intelligence agency or domestic law enforcement agency would be "assassination level" black.

Going further and hacking to make it look like China did it, is much worse even then that.

But, Western nations have been performing such activity since the 19th century. It does increase their budget, and it makes big win intelligence coups easy. After all, of course they can catch the hacker. They know all about how to. Because they are the hacker.

The Stratfor and HBGary, embassy hacking, and such via the Lulzsec FBI operation seems to be a strong outlier, very unusual, something not having been done by the US since the Gulf of Tonkin incident. And that likely was initially accidental.


Izzy MenaOctober 31, 2016 5:26 PM

@tinkererTailorHackerSpy, "Russia will have absolutely free reign"

Much obliged for your pragmatic perspective. Now that you put it that way, I realize I have to vote for Trump. Sure Trump's a shithead, but if behind the throne, in firm control, we get Putin, a competent and incorruptible statesman with 80% public approval and preeminent international standing in steadfast support of rule of law under the UN Charter, hell, it's a no-brainer. Course it would be better if Putin would just nuke Washington and invade, but this is the next best thing!

OtherwiseOctober 31, 2016 5:36 PM

@tinkererTailorHackerSpy

"I am also not concerned in the slightest for Trump having ties to mafioso of the Italian American variety. The US Cosa Nostra is far from what it was."

Trump has a Catholic advisory group. The same old Cosa Nostra is going to be hanging around there somewhere. Nevertheless, the Mob went multicultural and alliances shifted years ago, as they continue to shift today. The requirement to be full-blooded Sicilian is no longer a requirement to participate in major organized crime today, if it ever was outside of the movies.

Particularly, though, we have an unhealthy mix of waste, fraud, corruption, and not-so-observant Catholicism taking over our health-care system throughout the U.S. today. This does go back to the Vatican, Rome, Italy, and so the old Sicilian connection of "La Cosa Nostra" is still relevant in this respect.

... Trump is in deep with Russian intelligence. He is Russia's man in America.

They have very strong control over him. ...

This is very concerning to me.

CallMeLateForSupperOctober 31, 2016 5:50 PM

@tinkererTailorHackerSpy
"References?"

http://www.theregister.co.uk/2016/10/31/shadow_brokers_dump/

"The latest Shadow Brokers dump was signed using the same key as the initial dump of NSA exploits, which the Shadow Brokers unsuccessfully tried to auction off.

"This poorly argued rabble-rousing has been met with some derision. Security experts have questioned the value of the leaked target list, at least outside the realm of cyber-espionage historians. "The list of servers is nine years old. [Many] likely no longer exist or [are] reinstalled," said security researcher Kevin Beaumont, in an update on Twitter."

tinkererTailorHackerSpyOctober 31, 2016 5:55 PM

@Izzy Mena

Much obliged for your pragmatic perspective. Now that you put it that way, I realize I have to vote for Trump. Sure Trump's a shithead, but if behind the throne, in firm control, we get Putin, a competent and incorruptible statesman with 80% public approval and preeminent international standing in steadfast support of rule of law under the UN Charter, hell, it's a no-brainer. Course it would be better if Putin would just nuke Washington and invade, but this is the next best thing!

I realize you are attempting to come off as some manner of cunning troll, who can get into people's heads, but your post only indicates to me I got into your head, and your head is very, very small. I certainly can not even begin to fit.

This is blatant to me, because my analysis was objective and cold, but yours is deeply biased, even to the point of foolish chest beating about how evil you think you are by claiming you could not only stomach a multi-million person murder bordering on genocidal, but that you are wishing such a thing would happen.

The later point means you want to be seen as strong, hard, cold. But, you overact. Which is something someone with near zero experience with death would do. And people with near zero experience with death piss their pants and are deeply tormented with only one death on their mind, much less tens of millions.

The former point means you are not a thinking and reasoning human being, but a creature of instinct and emotion, the countless throng who merely believe what they are told to believe. "Us vs them!" "Russia is evil, US is good!" "US is evil, Russia is good!" and other such rah rah rah crap whose social complexity is as daunting as that of how insects operate.

As for your foolish idea that Putin is not himself a stooge of far darker powers, as well, I also feel bad for you.

But, no. Though this is impossible for you to understand, I do not have such emotional reactions as you do.

Fact is, things are much more complex and mysterious then your tiny mind can understand. If Trump were to be elected, he would be horrible for his own supporters, and would lead to the destruction of Russia, not the US.

Russia's foreign policy is literally as bad for their country as any possibly could be. Just as they destroyed themselves with Czarism, and later Communism, now they wish to with their sad authoritarianism. If they got what they want, they would be putting a gun to their head and pulling the trigger.

If you believe that this would not provide me with pleasurable feelings, you are incorrect, in that. I do like to win, and I certainly do get pleasurable feelings when I win. But, it is not about Putin or Russia for me. It is about their stooge role in the Middle East.


tinkererTailorHackerSpyOctober 31, 2016 6:20 PM

@Otherwise

Trump has a Catholic advisory group. The same old Cosa Nostra is going to be hanging around there somewhere. Nevertheless, the Mob went multicultural and alliances shifted years ago, as they continue to shift today. The requirement to be full-blooded Sicilian is no longer a requirement to participate in major organized crime today, if it ever was outside of the movies.

I am sure Trump has partied with mafioso. Las Vegas. New York. But, his personality is the sort that could easily get himself beat up or shot.

Cosa Nostra US never had "only full blooded Sicilian", but they did have full blooded or partial blood Italian. They started and maintained as a mixture of many Italian cosa nostra groups, Sicilian and otherwise. They were immediately lax. Probably, the 'Ndrangheta are the scariest, and in no small part because they are blood only. As in family blood.

Personally, I don't really mind the Italian mafia in the States so much. Certainly, in no small part because they have been so decimated in the past four decades. But, also because I am such that I actually view State crimes as far more corrosive to civiliations then individual, non-state actor crimes. Sometimes State based crimes are certainly products of the population as well as the ruling authorities, but Cosa Nostra is a vast minority.

So, for me, for instance, I view the Holocaust as being very indicative of a very corroded nation, but also, before that, the sorts of beliefs the people of those nations already held. Similar statement could be made, but on far smaller scale of corrosive, for the US pre-Civil Rights movement.

Or, of the Catholic Church, when it was the State, and instituted orgies of violence and torture, for instance, perhaps the greatest pinnacle of sheer "evil" ever seen.

Today, I believe the US has a good foreign policy, and some excellent positives, but the criminal justice system is going to be viewed in the future as extremely deplorable and barbaric.

Particularly, though, we have an unhealthy mix of waste, fraud, corruption, and not-so-observant Catholicism taking over our health-care system throughout the U.S. today. This does go back to the Vatican, Rome, Italy, and so the old Sicilian connection of "La Cosa Nostra" is still relevant in this respect.

You can definitively trace back Italian organized criminal groups to Rome. They are living, at least, in Italy where it is very real, as the leaders of ancient Rome lived. But, I don't really care about drugs, my own self, and this is where much of their profits are. The worst I have to say about the Catholic Church, besides their influence on so many evil institutions now and in the past, today, really is about their doctrine which encourages "celibacy" for priests. Which leads to child molestation. Which leads to covering up child molestation.

This has probably been going on all along.

A reason why is because children, as opposed to adults, are easier for those in power to control. By getting at them early, they set up their forming mind for the rest of their lives. A good appalling example of this can be found in a Mormon shootoff cult where a single man had as wives pretty much all of the women. When young boys would start to be rebellious, he would instinctively react by raping them, which neutered for the future any chance of their posing a threat to his leadership in the future.

Such are the hidden things, the dark pillars of modern civilization.

But, Rome, Italy, is also the birthplace of pretty much all modern civilization. As corroded and corrupt as it has been, it is also had enough strength in its' organization to become such a mold for many corrupt - but many working - institutions and states.

For me "evil" I put in quotes. Because for me it is about fixing corrosion. It is decay, broken. Often it is transparently disgusting, but to fix it, one must approach it as something which can be fixed. Or, at the very least, cut away.

Rufus LeakingOctober 31, 2016 6:48 PM


@Callmelateforsupper

Kevin Beaumont's hammy derision has a distinct whiff of apocrine sweat. The interesting prospect here is for some unexpected targets to find those IPs in their logs. NSA attacked the Kuala Lumpur War Crimes Tribunal with their most sophisticated APTs. Does anyone think they would hesitate to do the same to domestic groups threatening US impunity? CIA illegally penetrated the RDINet image of the Senate Select Committee on Intelligence to thwart investigation of CIA torture.

https://yadi.sk/d/NCEyJQsBxrQxz

Take a gander. Everyone can enjoy the corny "Moose and Squirrel Must Die!" syntax, but the IPs here are apt to be of particularly keen interest to officials and associations investigating nuclear and biological weapons proliferation, or armed attacks on US civilian populations. Think ABLE DANGER. Think Brewster Jennings. Think AMERITHRAX. Think these guys. The people they're attacking lead you right to the crimes the US government is trying to hide.

ThothOctober 31, 2016 10:41 PM

@all

Have your country been NSA-pwned ???

Interestingly, US NSA pwns it's own allies as well (India, S Korea, Japan, Taiwan, Britain, Germany, Thailand, Netherlands and so on...). So called "friends".

Also note that FREEnet was also included in the released list and the only FREEnet I can think of is the Freenet project. Does it mean that Freenet project has been compromised ?

Also note that "GMO Internet, Inc" is included in the list. GMO Internet Inc is actually GlobalSign Certificate Authority and from the looks of it inside the list of NSA targets, I am pretty sure the NSA have breached not only GlobalSign CA but likely other CAs too.

Before you go about CA bashing (although it deserves the bashing), we have no other better methods of secure communications unless you can invent something and make it widely adopted. So before you bash, go and find something workable and then patch the problem before going too bash-happy.

huge data centers like TATA Communications are in the list of targets and who knows how many companies, Govts and the likes are relying on TATA for their server farm. Good to know that a huge server farm data center is breached as this shows that too many people are relying on externally provided infrastructures and it now turns into a bottleneck.

Links:
- http://arstechnica.com/security/2016/10/new-leak-may-show-if-you-were-hacked-by-the-nsa/
- https://medium.com/@shadowbrokerss/message-5-trick-or-treat-e43f946f93e6#.db1jyt1jx
- https://www.myhackerhouse.com/hacker-halloween-inside-shadow-brokers-leak/
- https://www.flashpoint-intel.com/shadow-brokers-trick-treat-leak/
- https://onedrive.live.com/view.aspx?resid=85C68BE881C10592!1446&ithint=file%2cxlsx&app=Excel&authkey=!AE6JL0wLmiim4DY

tinkererTailorHackerSpyOctober 31, 2016 10:56 PM

@CallMeLateForSupper

Ah, thank u, had not read the register today. The compromised list is over 10 years old though, mere compromises of cn systems by the us r exposed by snowden.

Specifically key routers.Which means mitm en masse. You can compromise all systems behind a router by exploit code which looks for executable files dl d by ppl behind it... and trojanizing.

A technique not well publicised.

A bit odd the author links compromised systems to false attribution... but as i noted using compromised systems to create proxy chains fwd command and control ports, for instance... is good hacker strategy.

While known, often not detailed.

@Rufus

My response was designed to offer unlikely scenario, so readers would come to the proper conclusion on their own. Makes it much more plausible and strong in their mind that way when ppl convince their own selves.

Yes, all of the above was from training.

Clive RobinsonNovember 1, 2016 12:20 AM

@ Thoth,

Before you go about CA bashing (although it deserves the bashing), we have no other better methods of secure communications unless you can invent something and make it widely adopted.

We have plenty of "secure communications" systems, likewise key agreement systems, the problem is actually one of "trust". In this case it's a sociological issue of "trusted third parties" and "global scale" in an online world that has to work whilst also being unreliable.

I dislike CA's with avengence, but I also dislike many of the alternatives a lot worse.

For instance an online intermediary doing third party "verification" or worse still third party "key managment".

Thus each time you want to communicate with another party, you have to go through a third party to set it up. The potential for abuse is extrodinary, not just by the third party, but by any party that can do upstream traffic analysis on the trusted third parties communications.

For all it's faults the CA method does not have online third party issues, as it works irrespective of if the CA is available online or not.

Imagine the longings of the likes of the FBI's Comey if he could force a change to a system which made all communication start through a third party system he had access to? In part that was what the aims of Key Escrow was all about. It is also a disadvantage of infrastructure systems like DNS.

Thus one of the first aims of any replacment or new infrastructure system must be to keep this off line advantage on which privacy depends.

I would like to see the removal of all such third party initiators, however it won't happen due to the change from static to dynamic connection of hosts to support mobile usage.

ThothNovember 1, 2016 2:05 AM

@Clive Robinson
The problem with CA is just like any PKI system where you need to download the public key from. There is Web of Trust, distributed CA coordinated by a community and many more but all of them have trust that are rather fragile.

A one-to-one key exchange in person is the best but again this isn't going to happen if anyone is going to browse to someone else's website. Imagine having to meet the website operator face to face to get the public key.

CAs are useful for the offline advantage where all you need is to publish a root public key and everything goes on without needing the root public key to be online. This is exactly the idea behind almost every CA where the root CAs will have a root public key stored in a HSM that will always be offline to minimize attack surfaces and the intermediate CAs are the one's that do the heavy lifting.

The disadvantage though is there are so many CAs that come bundled with the OS/Browser and it is very difficult to change the certificate chain in the computer/browser unless with added efforts to manually dig through the certificate chain or even deleting the certificates manually with some sort of certificate chain editor (i.e. Java Keystore concept or similar concepts).

From the release of the list of NSA victims (previous post), it seems like GMO GlobalSign (one of the biggest CA in the world) is on the "hit list". This is worrying as GlobalSign certificates are used by businesses and Governments around the world and putting such a huge CA in the NSA's "hit list" can be destabilizing to the economy and world security itself.

Are there ways to establish cryptographic trust even with the compromise of a huge CA without having to knock the door of every website operator for their TLS certificate to add into one's certificate white list ?

Clive RobinsonNovember 1, 2016 6:03 AM

@ Thoth,

There is Web of Trust, distributed CA coordinated by a community and many more but all of them have trust that are rather fragile.

The should not be, and originaly they were not intended to be but... Commercial preasures and no legal liability on the CA soon ensured a race to the bottom where honesty, integrety, auditability, security and much more got sacrificed to the god of "The Free Market" (no suprise there).

A one-to-one key exchange in person is the best but again this isn't going to happen...

No it's not, now or ever, but as an ideal for privacy etc it would be the prefered way to go (and is the way of some security conscious entities). So finding a way to get the advantages without the disadvantages is a route under active investigation, but you end up bumping into "the root of trust" issue in it's various guieses. Which brings us onto,

The disadvantage though is there are so many CAs that come bundled with the OS/Browser

This was once seen as a way to partialy eliminate the Face 2 Face issue, and make users lives easier. But it actually made the root of trust issue considerably worse. Because as you note,

There is Web of Trust, distributed CA coordinated by a community and many more but all of them have trust that are rather fragile.

And,

there are so many CAs that come bundled with the OS/Browser and it is very difficult to change the certificate chain in the computer/browser

It is the latter point where big red flags should be waving vigerously. In effect it is vesting to much power in the hands of a very few people, which opens up all sorts of unacceptable risk for the users. It realy is a very bad situation and you can be sure that the signals intelligence agencies of the various ICs make the most of it. If only one change could be made, giving users full control over certificates and their usage would be my choice, as many existing attacks could be easily stopped. However that is not the way the developers see things and you have to ask where their viewpoint / motivation comes from. Because untill they do change their products realy are "Not Fit for Purpose" under any legislative meaning. Which brings us onto this thorny problem,

From the release of the list of NSA victims (previous post), it seems like GMO GlobalSign (one of the biggest CA in the world) is on the "hit list".

It should not be a surprise the NSA et al have attacked other "authentication" credential suppliers such as those of SIM suppliers in the past. The Ed Snowden revelations suggest that such "credential suppliers" are either targets or owned in some manner. As these same organisations are the ones who will supply the national IDs / voter / entitlement cards drivers licences and all manner of other electronic ID tokens people should be very concerned. After all why "buy an election" or tamper with votes, when you can stop certain people voting at the last moment etc. After all we only have to look at what Governor JEB's region got upto to rig elections to see what that could lead to yet again...

But there are other upstream tricks, you probably already know about the very weak random number generator in one ID card. I know to many RNGs are esoteric subjects, but they realy are the foundation / touch stone of all security, thus privacy thus freedom and liberty.

Which brings us to your final comment,

Are there ways to establish cryptographic trust even with the compromise of a huge CA without having to knock the door of every website operator for their TLS certificate to add into one's certificate white list ?

The answer is yes but none are realy robust, because they are not online, and making them so gets you back to the "third party" commubications "initiation" issue. Which we realy want to stop before it begins the issues with DNS spilling it's guts to the likes of the FBI from Tor should be warning enough for that. Especially as something like the top three hundred web sites all use one of just six DNS service suppliers...

I've been looking into the F2F and P2P security issues off and on whilst working out how to set up a properly anonymous even to traffic analysis Email system over mix-nets etc. One fundemental conclusion is there should be know leaf/client nodes/gateways. That is all clients PCs are fully part of the mix-net without exception (something Tor consistently avoids, which raises some pretty significant SigInt questions).

ThothNovember 1, 2016 7:48 AM

@Clive Robinson

ID card's RNG can be improved if periodically seeded with outside randomness via a seeding command and for highly important keys to be loaded onto card instead of generated by the card. Problem is once you distribute the cards, there is no way to take them back and periodically seed them to help improve their randomness.

Noting that GlobalSign is one of the CAs appointed by US IRS to handle it's eTax filing (FATCA) scheme. Where does NSA draw the line between hacking someone that is appointed to help the US Govt and when not to cross the line. I guess this is the blurry part from the fact that NSA may not understand the word "friend" since their goals has shifted to the offensive since the year 2001 after 9/11 incident despite their dual responsibilities of protecting US Govt interest and in extension to it's contractors (GlobalSign).

One reason I brought this up is that GlobalSign CA has some of the HSMs that are supplied and aided by me and my colleagues (if you remembered I did talk about helping CA integration with HSMs in the past) and thus this is kinda close to me as an organisation I have some very minor involvement in as their contractor although now I do not service them anymore.

Regarding a P2P/F2F anonymous mix-net, I remembered I have spoken about creating a Key Exchange mechanism based around the idea of "Fleet Broadcast" although I have opted more of multi-cast over P2P/F2F as a more practical manner. I have linked my "Broadcast Key Exchange" below.

The idea is under the assumption that both parties have already known each other's RSA public key. To communicate, they would do a key exchange by using RSA public keys and assuming Alice starts the key exchange, she uses Bob's public key to encrypt nonce, a session DH public key, Alice's public key and SHA-512 hash of Bob's public key and simply propagate it via "broadcasting" over the network and everyone relays the data.

Once the broadcast message reaches Bob, Bob should continue to broadcast the key exchange message to loose the trail and decrypt with private key and check for his SHA-512 of his public key inside the packet as an attestation that the key exchange is for him. Everyone along the web of broadcast will also attempt to use their private keys to decrypt the message as there are no known external identifiers and thus no knowing who will be receiving the key exchange message.

Bob would respond with Alice's public key the same manner as how Alice sends the encrypted key exchange by repeating Alice's nonce, hash or the entire of Alice's public key and a session DH public key. The a DH session is completed with both side having each other's public DH value.

In the even that the packet is too large to fit into an RSA encryption, the RSA encryption can encrypt a 256-bit key that will serve to encrypt whatever that was suppose to be for the RSA encryption to handle but could not be fitted inside. The method is still very rough but it should give some ideas to help with the scheme of creating a P2P/F2F multicast style mix-net over Distributed Hash Table systems like Bittorrent, Gnutella ...etc... by using their DHT caches for the multicast P2P network since these DHT networks have a lot of userbase and harder to take down.

Link: https://askg.info/paper/18.html

OtherwiseNovember 1, 2016 8:30 AM

@tinkererTailorHackerSpy

The worst I have to say about the Catholic Church, besides their influence on so many evil institutions now and in the past, today, really is about their doctrine which encourages "celibacy" for priests. Which leads to child molestation. Which leads to covering up child molestation.

Before Pope Gregory VII's decree against clerical marriages, Catholic priests, bishops, and deacons were allowed to marry according to the Scripture.

Gregory VII (even more so than Benedict VIII) was ardently seeking greater power and wealth for the institution of the church, and wanted to deprive the priests (who were already too wealthy at that time) of heirs, in order that their property would "inure to the benefit of the papacy alone" (according to C.G. Barth,) as they would naturally be encouraged to bequeath their estates to the church, not having any legitimate children.

This has probably been going on all along.
Definitely.

TedNovember 1, 2016 10:27 AM

‘What to Do When You Suspect a Data Breach: FTC Issues Video and Guide for Businesses’

‘If your business has experienced a data breach, you are probably wondering what to do next. The Federal Trade Commission’s new Data Breach Response: A Guide for Business, an accompanying video and business blog can help you figure out what steps to take and whom to contact.’

https://www.ftc.gov/news-events/press-releases/2016/10/what-do-when-you-suspect-data-breach-ftc-issues-video-guide

rNovember 1, 2016 10:56 AM

@Thoth,

You didn't think CA's were valid targets?

Maybe you've still got some leftover idealism.
Everything is a target, it's the OLYMPIC GAMES.
Everybody with INTELLIGENCE is invited, it wouldn't be right otherwise.

about the IRS and GlobalSign, to countermand the point i'm trying to drive
Those IP's may not be signs of attack some of them may be signs of audits, or globalsign may act as a honeypot in it's initial layers so it doesn't necessarily mean it's been compromised but why not? It's definately the NSA's [or the DHS' ?] to secure our major infrastructure from outside hentities. Seeing NSA probes or excusions is not necessarily indicative of permanent hactivity but with what we know [currently, avoiding "now" for translation] it doesn't exclude it either.

Of my opinion, it's within our interests for them to be vetting certain institutions security - it is not within I suppose **cough** my interests **cough** for them to be subverting the public's perceived intent of such an entity.

Uncle Joe StalinNovember 1, 2016 11:42 AM

Finally Trump got Putin to send the 30,000 BleachBitted missing Clinton emails to leak into the press.

-"Sasha", 15 year old Putin agent, lures "Carlos Danger" aka Congressman Weiner into sexting.

-Using a 1,800 day Windows 7 exploit Sasha fills Wiener's FBI unknown laptop (and not covered by FBI immunity agreements on wife Huma's testimony and computers) with over 1/2 million emails including the 30K emails Trump asked Putin to deliver. Wiener turns email over to the FBI as bargaining chip on the child sex investigation, just as Putin knew he would by putting hypnotic suggestions into the google ads on Wiener's laptop.

-Putin mole FBI Director Comey signalled by Putin to get warrant (long delayed) to see emails after side lining FBI Asst. Director McCabe into infiltrating Native anti-pipeline groups in deepest N.Dakota (whose wife got $500K "campaign donation" from a board member Mcauliffe of Clinton Foundation to stop Clinton investigations/warrants.)

Putin had to use Wiener cuz Assange has been limited to a juice-can-string connection to the outside world.

In the Oliver Stone movie I see Tom Hanks as McCabe, Tom Cruise as Comey, Wiener as "Carlos Danger",Aleksandr Boyarskiy as "Sasha".

OtherwiseNovember 1, 2016 12:14 PM

@ Uncle Joe Stalin

-> straight-up Kremlin

@ everyone else

I want to look into the British connection some more. Something is seriously wrong over there.

Life imprisonment for swearing

http://www.newser.com/story/199556/man-faces-life-in-prison-for-swearing.html

Death penalty for urinating in public

http://www.mirror.co.uk/news/uk-news/man-found-dead-days-after-9137595

"Palmer, originally from Stafford, was arrested after he allegedly relieved himself in Thames House, Vauxhall, on July 4."

"The cause of his death is unknown."

"Westminster Magistrate Clive Ross formally discontinued the case after his death certificate was produced in court."

Hmmm. On July 4. A rather inauspicious date for that sort of thing. Do the Brits still harbor that much resentment?

otherwiseNovember 1, 2016 12:41 PM

And if for some strange reason they aren't allowed to directly impose cruel and unusual punishment for the crime as charged, then they lower the standard of proof from "beyond a reasonable doubt" to "preponderance of the evidence" and "treat" it as a "medical" condition:

http://www.hawaiinewsnow.com/story/33542529/hawaii-state-hospital-investigates-patients-escape

And if those crooked Doctors weren't so busy scamming our nation, this guy would have had a proper trial and likely been sentenced to jail, rather than wasting public funds to line said Doctors' pockets.

JG4November 1, 2016 4:03 PM


some rabid from Karl to brighten your day. it would be great if dickileaks leaves her dead to rights.

Where's The Media? A BOMBSHELL Is Being Ignored!
http://market-ticker.org/akcs-www?post=231606
...
Mark Cuban said that Huma used Outlook and IMAP (for Yahoo and similar.) True.
But then he said this was unlikely to lead to "new" evidence in the form of the emails.
That's a lie.
...
Here's the problem for Hillary -- when the server had emails deleted and then was "Bleached" it had already been taken offline and was never returned to service. As such the laptop client would have been unable to connect back to it and thus it would never be told to remove anything.
Without that machine (Weiner's laptop) being under remote administration such as Domain Policy control (which we can reasonably assume it was not as Huma claims "she didn't know about it" and it was allegedly a private laptop) there is no remote capability to wipe or otherwise get into said computer and remove the emails either. In fact there's a decent chance it's running an operating system edition (if Windows) that lacks domain control capability entirely.
This means that the odds are extremely high that all of the deleted emails to which Huma was a participant are on that computer.
Every.
Single.
One.
If that examination shows that work product, or worse, classified information was sent and/or received and the evidence intentionally destroyed via the "Bleachbit" process then everyone involved is cooked. Remember, the claim was that the emails deleted were nothing more than yoga chat and similar; all "personal" content that the government had no right to and implicated no national security interest. Further, Huma claimed twice (once during her exit from State, and again under oath when questioned) that she had turned over all devices that might or did have US Government work product on them and had retained no copies.
If that is proved to be a lie, or worse, proof of felony conduct such as influence peddling or (God forbid for them) something like the rumored link to Epstein's Lolita Express is found in those archives then a whole bunch of people are going straight to prison not only on the original acts evidenced in the emails themselves but also on felony obstruction of justice and perjury charges.
Yes, folks, this is a very big deal because it is the first discovery of a computer that appears to have been sync'd against the Clinton server but was neither tampered with or destroyed, and thus it likely contains all of the pertinent evidence to which Huma was a part.

TedNovember 1, 2016 4:45 PM

'The “Web/Local” Boundary Is Fuzzy: A Security Study of Chrome’s Process-based Sandboxing'
October 24, 2016

Researchers recently published a paper analyzing Google Chrome’s security architecture. Although Chrome is designed to isolate processes based on origin -- ‘the web’ vs ‘the local system’ -- this separation may have become questionable. Billions of users use web-based cloud services, like Dropbox and Google Drive, which are integrated into the local system. The ability for the browser to isolate the web from the local system may be doubtful. Existing memory vulnerabilities in Chrome’s renderer can be used as a stepping-stone to drop executables/scripts in the local file system, install unwanted applications, and misuse system sensors. Various full defenses and mitigation strategies are presented.

https://www.microsoft.com/en-us/research/publication/the-weblocal-boundary-is-fuzzy-a-security-study-of-chromes-process-based-sandboxing/

otherwiseNovember 1, 2016 5:47 PM

@JG4

"some rabid from Karl to brighten your day. it would be great if dickileaks leaves her dead to rights."

Ahh! Karl Marx's "mental revolution:" The proletariat needs to revise their thinking, or be forced into mental hospitals by the Doctors of the dictatorship.

@Ted

You mean Microsoft is saying this? Pot. Kettle. Black.

People simply don't talk about IE vulnerabilities anymore, because they don't want to be "silenced" by the Indian H-1B mafia.

Clive RobinsonNovember 1, 2016 6:45 PM

For those interested in bidirectional asynchronous comunications

Early *nix had a problem in that bidirectional communications was,to be polite "a nightmare".

It was not until "select(2)" made an appearance did the users of biderectional I/O get a more general and usefull way to make terminal and similar software.

https://idea.popcount.org/2016-11-01-a-brief-history-of-select2/

The artical gives a historical perspective of select(2) and is worth a read.

tyrNovember 1, 2016 8:28 PM


@Clive

OT

https://archive.org/details/Psychedelia-Video-TerenceMcKenna-DreamingAwake-UlanseyQuestion

Once you get past the dated material involved
with the question and teery gets wound up this
is worth listening to. Everybody needs to answer
his last question about the future.

I also see MI5 is getting paranoid about the Rus
jumping on Merrie Olde England at any minute now.

@all

For your own sake buy a world map and study it !!

When I was a kid the adults around me were a bad
case of obvious insanity. standing on the lawns
at night scanning the skies for the Russian
fleet of bombers carrying nuclear destruction to
Cornshuck, Kansas !!

What I see now is the history repeats itself, first
as tragedy, the second time as farce. If you think
Russia is ruining your election maybe you need to
get out the binoculars and head for the lawn tonight.

WaelNovember 2, 2016 12:22 AM

@r,

For Your Prying Eyes Only.

Or someone running a Raspberry Pi GSM station: https://techcrunch.com/2012/12/21/raspberry-pi-used-to-replace-a-30-foot-gsm-base-station-and-create-a-working-mobile-network/ Probably like the commenters there said: OpenBTS

I am wondering whether I should change my mind and embed all links again! I don't like to post long URLs and at the same time I don't want to hide where the URL points to. Choices choices! Wadda ya say, agent r?

WaelNovember 2, 2016 12:38 AM

@Thoth,

You have a perfect backdoor/frontdoor just like any ARM TrustZone. This TXT/AMT combination provides the so-called TPM function which includes what is called the "Trusted Boot" or what I call the "Bias Boot".

TPMs don't "include" Trusted Boot! They enable it. Explain to me how ARM TrustZone is a perfect backdoor/frontdoor? I mean sometimes you praise TrustZone and other times you diss it! Has your transistor ailment / TPM ailment relapsed?

Do we TrustZone or do we not TrustZone? :)

FigureitoutNovember 2, 2016 1:49 AM

Clive Robinson
god of "The Free Market" (no suprise there).
--Care to name a country w/ a "free market" today? Where does one exist? Little no-name islands don't count. It's been a regulated market since the phrase was coined, and what I observe is the regulations don't actually do what they say they do. Food regulations is the one I have most experience w/, there isn't actual inspections of your food, it's just the threat of an inspection. Most of it goes uninspected and there's all kinds of gross things happening behind the scenes. A "free market", or some semblance of "freedom" would allow you to grow your own food b/c there can be some really gross violations of food safety slipping thru the cracks. Investment banking regulations...holy cow, what a joke, so corrupted. Those bastards always pay corrupt regulatory agencies to bypass regulations and get money for worthlessly moving money around. Also anti-trust regulations are a joke today, hence we're getting these truly massive monopolies that will make the market sh*t.

Instead of pointing out all the failed regulations, it'd be useful to point out the successful ones. Usually that's things like the FCC (for the most part, they failed hard lately), UL, and airline/car safety regulations. Medical regulations too. Details really matter, there's little fails scattered in there I'm sure. This could be a long paper, but it'd be useful if it's readable in a useful time-frame (like a week at most).

ThothNovember 2, 2016 4:01 AM

@Wael
I decide to finally settle on not to trust TrustZone. If you have control over TrustZone and you can set it's Trusted Boot keys and Secure World OS, that's all fine and good. The fact is most of the TrustZone enabled ARM chips shipped to you consist of blackbox deployment of the Secure World OS and the boot keys. If you do not control the Secure World's OS and it's boot keys, how would you know what is installed inside the Secure World and if any backdoors are within the Secure World.

To TrustZone or not to TrustZone ? I think I choose not.

TPM includes the functionalities required for Secure/Trusted Boot would be more accurate in this sense.

A possible backdoor or frontdoor can be done by having proprietary TrustZone blobs, TEE OS and keys. When a device is boot, how would a Secure World knows when someone is via the SMC to communicate with the Secure World ?

There must be a part of the Secure World running in the background listening to calls. What if the Secure World can be created in a way to not only listen for calls to itself but also to quietly execute processes behind the scene to inspect the Insecure World and even interact and modify the Insecure World ?

Because the userspace OS in the Insecure World cannot effectively reach or control the Secure World, no matter how many times a user were to re-install their userspace OS, assuming a malicious Secure World that is running, it would be capable of interfering with the userspace OS without much trouble.

WaelNovember 2, 2016 5:39 AM

@Thoth,

I decide to finally settle on not to trust TrustZone

So it's UntrustZone for you, then!

If you do not control the Secure World's OS and it's boot keys, how would you know what is installed inside the Secure World and if any backdoors are within the Secure World.

As a regular user, you wouldn't immediately know. Just as a regular user wouldn't easily know there is a rookit on the device. The very idea of TrustZone is to deprive general applications from running or gaining access to certain functionalities in the secure world. That deprivation includes the end user, who may happen to be malicious, for example "attacking" one's own device for, say, repudiation activities. This is about ownership. The OEM must maintain some level of control on the device. If they choose to use that control for unacceptable purposes, then that will byte them where it hurts when it's discovered. The alternative is to give full access to users to TrustZone which will defeat the purpose of "Trust" on one hand, and put unnecessary burden on all users on the other hand.

TPM includes the functionalities required for Secure/Trusted Boot would be more accurate in this sense.

That's better. But you might need to differentiate between Trusted Boot and secure boot. They are not one and the same thing. All Trusted boot by definition is secure, but not all secure boot is trusted boot.

A possible backdoor or frontdoor can be done by having proprietary TrustZone blobs,

So what's the difference between front and back in this case? Advertised vs. non-advertised?

how would a Secure World knows when someone is via the SMC to communicate with the Secure World ?

Someone as in a human being? Or someone as in an application or a software component? If it's the latter, then it's access control, white listing and cryptographically secure transports.

What if the Secure World can be created in a way to not only listen for calls to itself but also to quietly execute processes behind the scene to inspect the Insecure World and even interact and modify the Insecure World ?

Yea, what if? What would the purpose be?

Because the userspace OS in the Insecure World cannot effectively reach or control the Secure World, no matter how many times a user were to re-install their userspace OS,...

This functions as intended: by design. User mode (or kernel mode) processes within the Normal World can't adversely affect Secure world components. For example, if your mobile device is rooted, and the HLOS effectively becomes a hostile execution environment (or a more hostile execution environment), then Trusted Applications (TA) within the secure world should be protected (integrity and confidentiality.) Then there is the matter of perspective: who told you that Trust really means "from a user's perspective"? Besides, Secure world is internally compartmentalized as well. Some components can be updated OTA, and others require a system flash at a service denter.

And if Normal world components were capable of controlling Secure world components, the you effectively breakdown the compartmentalization boundaries and we're back to square one, right?

There must be a part of the Secure World running in the background listening to calls.

You may want to check the specifications first, though. Tell me this:
Do you trust the smart cards you use? What if they include functionalities that allow someone to extract private keys with a simple remote API call when you are using it, or something of that nature? Industry Standards specifications aren't a big conspiracy, and they can't be. How one implements the specification is a different story.

JG4November 2, 2016 5:47 AM


@Figureitout and Clive

One reason that there can't be a free market in anything, anywhere is that humans are not rational beings exhibiting countless cognitive limitations including, but not limited to, groupthink, task-blindness, and loss avoidance. I still lean free market, and I'd like to let people find their own way, which in some sense is classical liberalism. Scott Adams does a good job with his exposition below. Paul Simon was a lot more succinct, "Still, a man hears what he wants to hear And disregards the rest."

http://www.zerohedge.com/news/2016-10-31/dilbert-creator-explains-how-do-i-know-emails-are-bad
...
First some background from Adams on 'The Persuasion Filter':
As my regular readers know, the Persuasion Filter is related to the idea that the human brain never evolved to accurately comprehend reality. In order for us to be here today, our predecessors only needed to survive and procreate. They had no need to understand reality at any basic level. And we have no such need either. That’s why you might believe you are reincarnated from a monk and I might believe my prophet flew to heaven on a winged horse but we can both get through the day just fine. Many different interpretations of reality are good enough for survival. I like to describe reality as each person living their own movie, which works well unless our script’s conflict. When that happens, one of us goes into cognitive dissonance and rewrites our past to make the movies consistent.
That’s how I see the world.
Last year in this blog I suggested that the most productive and predictive way to view reality is through what I call the Persuasion Filter. That’s what I have been using to make spooky-good predictions...

JG4November 2, 2016 5:58 AM


Can't recall if I've suggested Fred Reed before. He is a gifted writer and thinker, with wide-ranging experiences in Imperial Adventure. He has arrived at something quite similar to classical liberalism.

The Loosening Grip - A Beginner's Guide To The Death Throes Of Empire
http://www.zerohedge.com/news/2016-10-31/loosening-grip-beginners-guide-death-throes-empire
by Tyler Durden Oct 31, 2016 2:00 AM
Submitted by Fred Reed via FredOnEverything.com,

Oh good. The world reaches a crossroads, or probably a road off a cliff, just when I want to relax and watch gratuitous violence on the tube. To judge by the rapid drift of events aboard our planetary asylum, the talons of Washington and New York on the world’s throat are fast being pried a-loose. The Global American Imperium is dying. Or so it sure looks anyway.

I say talons of “New York and Washington” because America’s foreign policy, forged in those two cities, belongs entirely to them. Americans have no influence on it. Further, none of of what the Empire does abroad is of any benefit to Americans. Do you care at all what happens in Afghanistan, Iraq, Yemen, or the South China Sea? Do you want to pay for it? America has been hijacked.

And the Empire prospereth not. It prospereth very not. Consider the recent record of the world’s hyperpower:

Washington does not have control of Afghanistan, and obviously is not going to.
Washington does not have control of Iraq, and appears unlikely to.
Washington did not back Iran down, and isn’t going to
Washington did not back Russia down in Ukraine and Crimea, and isn’t going to.
Washington did not back China down in the South China Sea and, while this is perhaps not over, the Empire seems to be losing.
Washington has not backed North Korea down and is not going to.
In the Philippines, President Duterte has told Obama to “go to hell” as being “the son of a whore,” which may be taken to indicate latent hostility. He is vigorously seeking rapprochement with China. While Washington may have him murdered, it seems to be losing control of the Little Vassals of ASEAN.
Turkey seems to be cuddling up to Russia–that is, looking East like Duterte. Maybe Washington can turn this around temporarily, but there-s a whole lot of wavering going on.

Meanwhile Washington thrashes around impotently as per usual in Syria, and, though the jury remains out on this one, looks to have poor prospects. If Washington–AKA New York–loses here, after doing so in Iraq, Libya, Somalia, and Afghanistan, the Empire will beyond redemption be on the downward slope.
The United States is not in danger. The Empire is. This is not good. Empires, the Soviet Union notwithstanding, seldom go quietly. Either Washington gambles on war of some sort against Russia, or Russia and China, in the desperate hope of reversing things, or the Empire gets slowly eaten. Or not so slowly. Once one country pries itself loose, many may rush for the door.

New York may go for calculated war against Russia–say, cyberwar expected not to turn into shooting war, shooting war in Syria not expected to turn into global shooting war, global shooting war not expected to turn into nuclear war. This will be a crapshoot. Note that America has badly misguessed the outcomes of every war since Korea.

This is why the American election actually matters, unusual in Presidential contests. It is Blowhard against Corruption, a swell choice, but Trump is firmly against war with Russia, and Hillary for. Her military understanding is that of a fried egg.

ThothNovember 2, 2016 6:35 AM

@Wael

"Do you trust the smart cards you use"

On a technical side, NO, because I don't actually see all the designs. But things are not always black and white or very direct. Smart cards have a long history of being subjected to decap and that being said, many people have actually opened the smart card chips up and taken a look and so far there are nothing from these people who decapped it. There are cases where people have actually taken the trouble to reverse engineer the card chips and trace all the scrambled logic and nothing has been spoken about any suspicious activities to my knowledge.

That being said, I too don't fully trust a smart card and the good thing is you are allowed an open platform where you can use a programming language to program it in JavaCard, BasicCard, .NET card, MULTOS/C/C++ ...

The bottom line is the owner have some control and capability to script something with an open language like JavaCard et. al. without needing an NDA whatsoever. Knowing fully well that there might be backdoors or frontdoors whichever way you want to call it, some obfuscation can be done and manipulation by encrypting the keys and obfuscating them even under the assumption of a possibly backdoored or frontdoored chip. The rationale is the smart card chip does not have all that much resource to implement algorithms to go and adapt to all sorts of obfuscation techniques out there and even if it did, the malware's binary would be extremely expensive on such a constrained chip which is already resource starved in most cases and the performance would definitely become a hint to the user that something odd is going on.

Splitting keys and never placing full trust on a single device (which @Clive Robinson have been emphasizing all these while) are very useful techniques to increase the stakes for attackers.

With all those preventive measures put into place, would I trust a smart card which I created an applet for ? The answer would be somewhat of a Partial YES.

Clive RobinsonNovember 2, 2016 8:05 AM

@ Figureitout,

Care to name a country w/ a "free market" today? Where does one exist?

Well it depends on your definition of a free market. If it's the one "payed for economic mouth pieces" espouse then it's anywhere a cozy cartel can exist for their own betterment at the expense of others a look at the TTP treaty text will show you that kind of "free market".

If however you mean is there a place in the world where the words "Free" and "Market" have anything approaching their mainly accepted dictionary definitions? Then hmm... You could look at a place where European adventurers or those tainted by them have never been... There might be some mountain top or deep valley surrounded by impenetrable jungle on an unknown atol somewhere with no economic use that might fit. But you've ruled them out ;-)

The "pretence" of a "free market" is actually based on an unstated economic axiom. Which you could call --as I do-- the "Distance cost metric". Put simply the only thing protecting intangible goods revenue streams are Intellectual Property (IP) protection legislation (Copyright / trademark / patent legislation). Otherwise it would due to being unbound to tangible goods spread at near zero cost around the world without apparent let or hindrance as fast as it can be spread (speed of light these days). Tangible goods however have physical mass transporting them requires significant energy input thus sending them any distancevhas a significant cost attached.

This distance cost means that ultimately the most efficient way to produce such goods is at the point of consumption where the distance cost is as close to zero as it cam be. As consumption tends to be uniform this alows many small local markets to exist effectively free from each other. The side effect of this intangible / tangible cost discrepency is that the otherwise seperate markets can benifit from innovation without it having a monopolistic effect. However when both the intangible innovation and intangible good both have near zero distance cost, further inovation is effectively killed because of the "winner takes all" nature of the "first to market" race. Thus an information market, is not a market in the traditional sense as there is no real incremental inovation to give rise to "efficient markets".

We see this where the Internet has produced monopolies by default (Google, Facebook etc) or reenforced others (Microsoft, Adobe, Oracle) but allowed some competition where tangible goods are involved (online shopping).

So when I said "Free Market" I was in fact refering to the cosy cartels the economists espouse, not that you would think of if you used the normal definition of the words.

Clive RobinsonNovember 2, 2016 8:58 AM

@ JG4,

One reason that there can't be a free market in anything, anywhere is that humans are not rational beings exhibiting countless cognitive limitations including, but not limited to, groupthink, task-blindness, and loss avoidance.

These are standard "human failings" that apply irespective of which field of interest you might chose to observe. As the old saying has it,

    To err is human.

Oddly despite these imperfections many fields of interest "survive and thrive" more or less equally for all participants.

That is there is "no hidden hand" and the field is to all practical intent "level". This can not be said of economic markets, the game becomes rigged into either a monopoly or a cosy cartel. Esspecialy the "faux markets" invented for the purpose of rent seeking activity in the finance industry.

Thus as I've indicated above to Figureitout what is espoused is often the opposite of reality, or only partialy true under certain limited thus distorting circumstances.

One thing that reveals this is where artfully drafted legislation regulates a market. Conversely to the espoused mantra, the market actualy thrives and inovation does indeed raise all boats not just those of one or to producers, but the consumers as well. In effect regulated markets with strong inovation are equivalent to deflationary markets[1] which are normally screamed banshie like from the rooftops by certain sects of economists as "bad very bad".

The reality is if there is a genuine need driven market not a black tulip market[2] then the market will thrive no matter how much innovation deflates the market. Economists tend to try to argue that innovation is improving the efficiency of the market / goods. The reality is however efficiency follows the law of diminishing returns as efficiency approaches but never quite reaches 100% the cost of each fractional improvment doubles up.

Thus many econonists live an Alice in Wonderland or through the looking glass type existance where the meanings of words are eternaly fluid and facts as ephemeral as the animals and faces we see in clouds when lying back in fields on warm summers afternoons where time appears to stop for the joy of the moment.

Thus I am reminded of Linus Torvaldes more earthy comment on those who believe in the AI singularity.

[1] The norm is an inflationary market, where the financial costs of any given good rises with time. Thus a deflationary market is one where the cost of any given good drops with time. Which is what is almost always seen with innovating markets.

[2] The argument that a deflationary market is bad, is that people will be financialy prudent and wait to purchase, thus the market will colapse. After a moments thought you will realise that argument is only true in very very limited circumstances. That is where the market is static and consumers have no need to purchase those goods. Such markets are very rare unless thay have been falsely created (think junk bonds and the like) which means the creators havr actually created a "hot potato" market, where the specific intent is to cut and run. The rare exceptions are the likes of "black tulip" markets of "consumer fashion".

rNovember 2, 2016 9:11 AM

@Wael,

It's up to you, but I would give plain URLs as best foot forward. If you were/are maligned you could still pick up all that info at the domain level instead. So it really does nobody any service to obfuscate links as it has the potential to make your targets hesitant.

When it comes to links, the one's I really like are the ones that use the URL as a proper description. Personally speaking.

rNovember 2, 2016 9:23 AM

@Wael,

Last comment for the morning,

Is your reticense relating to url length related to the knowledge that some here may be copy/pasting by non-autonomous methods?

WaelNovember 2, 2016 10:30 AM

@r,

Last comment for the morning, [...] url length related to the knowledge that some here may be copy/pasting...

First comment for the morning, sort of... Not really: it's about posting links that are not easily inspectable on some devices. An HREF makes it fit well, and a raw link may take a lot of space, but is "X-rated", meaning you can see everything in the link before you click it.

TedNovember 2, 2016 10:40 AM

NSA’s Curt Dukes provides a report on defending cyberspace on October 18.

He provides some valuable insights into the nature of trust relationships, the standard attack lifecycle including the three most common exploit mechanisms, top mitigation considerations, zero days and the vulnerability equities process, the global economy, insiders and working towards cyber hygiene, etc.

He takes some good questions at the end of the talk.

Link to event summary, video, and transcript:
https://www.aei.org/events/defending-cyberspace-a-report-from-the-front-with-nsa-deputy-national-manager-for-national-security-systems-curt-dukes/

AnuraNovember 2, 2016 7:01 PM

@Clive Robinson

The argument that a deflationary market is bad, is that people will be financialy prudent and wait to purchase, thus the market will colapse

There's more to it on a basic level. In terms of the economy as a whole, when the ability to consume increases relative to the ability to produce you have inflation because there is more money relative to goods, and thus you are at peak capacity. If you try to use monetary policy to cause deflation, then it means you encourage a situation in which the economy is producing below capacity due to a lack of demand, whereas the opposite encourages the economy to grow as increased cash flow encourages demand (remember, most people live off wages, not savings).

Also, you have very little room for error with deflation. If your money supply remains the same, but GDP growth exceeds labor productivity growth (i.e. total labor input increases), then it means that demand must at some point be below capacity to produce, which means at some point you risk a spiral where lack of demand leads to layoffs, leading to further lack of demand. Another problem that can occur if it's less severe is that you might not see those problems, but businesses are forced to stop hiring and the number of employed stops growing even as the population grows, and you are left with a huge number of people in poverty.

The effect you are talking about is separate, but reinforces the problem.

WaelNovember 2, 2016 10:21 PM

@Clive Robinson,

On facial recognition:
Confirms many attack vectors we discussed in the past. What surprised me is the success rate of the impersonation attack, given the operational constraints they imposed on the study. Good paper!

tinkererTailorHackerSpyNovember 3, 2016 1:08 AM

@Otherwise

There are many problems with that system, and much through out history has been hidden. Everywhere.

@Uncle Joe Stalin

[Used the technique of expanding a perfectly reasonable and understandable argument into something absurd, in order to make the original argument appear to have the same light of absurdity. A manipulation technique which I am sure this audience is too keen to be taken in with.]

[Even if that flattery was a bit of another manipulation technique. And that bit of honesty. :-) ]

[Shall I change my name to "The Devil", or something of this kind? I may as well be for some folks, that is for sure... :-)]


Kind of odd for a British commoner to be playing the role of Uncle Stalin, but that is okay.


Still, the story goes something like this:

Russia thought they received a good tip that some shadowy figures in the US were going to rig the election to have Clinton win -> they decided, to further bring Trump "in" as an agent, they would share this information with him -> this was predictable, because, what could have been spicier, more valuable to win his commitment, a massive conspiracy against him! And they are his only real and bestest friends!

They also really did not have anything else, and Trump is a notorious wild card. He isn't loyal to anyone or anything, he is a pathological liar and a outrageously serial adulterer. He doesn't pay taxes, he doesn't pay employees, and he has an incredible case of narcissism which means other human beings are nothing more then cardboard figures to him. Unless they get his ego.

So, Trump hasn't been wagging his tongue so ferociously in terms of betraying his relationship with Russian intelligence. He has been furiously biting it. This predicament has given him a very intentional and predictable case of the mouth.

Nothing he wants more, unconsciously, then for everyone to know he works closely with Russian intelligence.

Because how else could he ever explain his strongly felt belief that the election was rigged? He could not. Unless he could explain just how trustworthy the Russian government had proven to him to be. Years of trustworthiness. Of good intelligence. And how good they are to a buddy in strife, fending off his conspiracy minded enemies who would dare make him known forever as 'just a loser of a presidential contest, and a loser to the first woman President'?

So, believe it or not, it will come out. It is already coming out. Is it being recorded yet? Is it being scraped up yet and transferred and read?


Anyway you can try and make this implausible. I think if a car mechanic explains to someone some sophisticated analysis about a possible problem with a car engine, another car mechanic would find his or her explanation very possibly correct. But, if this other person was not a car mechanic, they would be unable to tell it from gibberish.

Anyone, who has ever, had secret affiliations with some group, and has been challenged on that group knows what it is like -- even if they keep cover and smash that group down as if it was their worst enemy.

Anyone who has been, or is in that position, looks at Trump on these matters and sees right through him.


Still, people are predictable, even when smart. When you explain to them they have been seriously tricked and used by the very enemy they believe they trick and use... well? That hurts. That throws them off their game.

How?

These were the sort of questions already asked and answered long ago.

Joe KNovember 3, 2016 2:13 AM

@Wael

The OEM must maintain some level of control on the device. If they choose to use that control for unacceptable purposes, then that will byte them where it hurts when it's discovered.

One commonly encounters such assertions.

But myself, I struggle to recall any real-world examples that confirm them.

Can you (or anybody) provide an example of an OEM that has paid such a price?

Just for example, has it been confirmed that Lenovo has paid any price whatsoever for Superfish?

Clive RobinsonNovember 3, 2016 4:20 AM

@ Thoth,

Windows Hello, MasterCard's selfie-based payment initiatives ... things only gets worse when warnings are given and not heeded.

As has been observed in the past,

    Managment rule #2 : Never let the sage advice of others impact on your bad idea.

Sometimes called "Not Invented Here" (NIH) syndrome.

Especially true when the bad idea is a major project initiated by someone in seneior managment.

From my own observations over the years, if you see a major project using some new fangled idea that feels bad, costs a lot of resourses to do and it's championed by some senior manager, you can see "a rat about to jump ship".

The game works like this,

You are a person keen to get to the big desk corridor, with the "Top Boss" title on your door. You will not get there by hard work, even if you work 24x365.25. You have to creep to those further up to get a junior manager position. Whilst still creeping you have to start chancing, untill you get to the point you get your own junior managers to act as fall guys and do your work so you can start moving from creeping internaly to networking and "getting a face" in your industry sector.

At this point you have a couple of options, if you are realy good you get into the startup game,

Your networking should have got you in contact with like minded individuals and if you have established a face getting investment will be a lot easier. This is seriously hard work and will kill any social life you have. Importantly don't get into the midnight bottle of wine, 4AM bucket of espresso, sleep under your desk routine.

If you are not so good technicaly or your market sector is a staid RHINO where disruptive technology is aquired by takeover only being a startup is not going to get you that Top Boss office. Therefor it's time to be a grasshopper. That is you put ideas together get the project funding talk it up big to anyone and everyone then cut and run by jumping ship about 30% of the way into the project. Which is usually the point where there are no deliverables just window dressing prototypes but the majority of resources are committed such that you are just into the "throw money at problems" phase.

You then use this to show you are a go getter to a new employer, because the project is at that point where any real problems are hidden to all but a very tiny few deep in the project.

The thing is when you get a larger project to that point in the new company you jump ship again. Thus no project ever goes bad on your watch, even if they do ultimately become train wrecks. You get away with this for a number of reasons. The first is when you leave the project, due to the asigned resources it will continue under a mixture of inertia and the bad money after good to stop embarrassment phase. Which means that to outsiders it still looks good as you go into the next jump, thus you have the two most recent things on your CV looking good. If the original project does go good then you can claim it was your initial work that set it on firm foundations such that others just followed your genius plan etc etc. If it goes belly up you can blaim those who came after you because to outsiders there will not be visable signs of problems untill you third or forth project, which is more than long enough to carry no blaim.

The important thing is not to become a "trouble shooter" on an already established project, unless you are realy good because the chances are it's already a deadman walking. That does not mean you can not become an external "fireman" consultant to failing projects but it carries a high reputational risk unless you are both good and lucky.

One trick to be a consultant but not fall into the fireman trap is to do the "method" guru/evangelist trick. I helped somebody do that a decade and a half ago and they are doing very nicely out of it. Put simply they were working in manufacturing in a basket case of a UK defense company, and their hobby was writing articles on little known aspects of history. I pushed him to combine the two and write articles on aspects of manufacturing and QC using his JIT experience as a start, in order to get a face for consultancy. Anyway with a few nudges he got involved with consulting on engineering and with a few mire on "health care" type projects. Anyway he's got four or five lean books under his belt and a few industry awards. And after a few rocky moments --due to psyco managment types-- he has been doing rather well for himself for the past decade.

WaelNovember 3, 2016 8:11 AM

@Joe K,

But myself, I struggle to recall any real-world examples that confirm them.

Aside from "Brand Damage", look at the following sample list. I can't always give explicit names.

http://www.slashgear.com/att-throttling-unlimited-data-users-taps-100m-fcc-fine-17388882/#disqus_thread

Search for "BMG copy protection rootkit"

Go to fcc.gov and search for things like "Malware fine"

https://apps.fcc.gov/edocs_public/attachmatch/DOC-330136A1.pdf

https://www.techdirt.com/blog/wireless/?tag=rootkit

http://www.carrieriqsettlement.com/case-documents.aspx

TedNovember 3, 2016 10:19 AM

NICE released a cybersecurity workforce framework (draft) on Wednesday to provide employers, employees, educators, students, and training providers with a common language to define cybersecurity work. It clarifies a common set of tasks and skills for the development a highly-qualified laborforce.

http://csrc.nist.gov/nice/framework/

Roles and responsibilities are organized via category, specialty area, work role, tasks, and knowledge, skills, and abilities. Here are some of the categories and work roles:

securely provision: authorizing official, security control assessor, software developer, secure software assessor, enterprise architect, security architect, research and development specialist, systems requirement planner, system test and evaluation specialist, information systems security developer, systems developer

operate and maintain: database administrator, data analyst, knowledge manager, technical support specialist, network operations specialist, system administrator, systems security analyst

legal advice and advocacy: cyber legal advisor, privacy compliance manager

training, education, and awareness: cyber instructional curriculum developer, cyber instructor, information systems security manager

oversee and govern: COMSEC Manager, cyber workforce developer and manager, cyber policy and strategy planner, executive cyber leadership, program manager, information technology project manager, product support manager, IT investment/portfolio manager, IT program auditor

protect and defend: cyber defense analyst, cyber defense infrastructure support specialist, cyber incident responder, vulnerability assessment analyst

analyze: warning analyst, exploitation analyst, all-source analyst, mission assessment specialist, target developer, target network analyst, multi-disciplined language analyst

collect and operate: all source-collection manager, all source-collection requirements manager, cyber intel planner, cyber ops planner, partner integration planner, cyber operator

investigate: cyber crime investigator, forensics analyst, cyber defense forensics analyst

Comments are due by friday, january 6, 2017.

WilliamNovember 3, 2016 10:54 AM

@ Clive Robinson,
"[1] The norm is an inflationary market, where the financial costs of any given good rises with time. Thus a deflationary market is one where the cost of any given good drops with time. Which is what is almost always seen with innovating markets."

Not sure what came the musings, but if you believe in rigged systems then there is no direct correlation between price and size of money supply. Deflation has nothing to do with innovation, and vice versa, nor do they have anything to do with prices. The false illusion is in suggesting that they do, in a rigged system masqueraded as free market.

JG4November 3, 2016 2:35 PM


I thought that von Mises said that "Inflation is always and everywhere a monetary phenomenon." Price increases are not necessarily inflation and vice versa. Price decreases aren't, strictly speaking, deflation, which is a decrease in money supply, or money supply modified by monetary velocity. There is a strong correlation between money supply and prices, but we are in a period of unusually low monetary velocity. One of the sharper knives in the drawer thinks that a doubling of consumer prices is coming for US consumers in the years ahead. That will not be concentrated in electronics, which are likely to continue down in relative price.

http://graphics8.nytimes.com/newsgraphics/2014/04/30/costs-for-americans/7a6276338d93eeac07a8bbf70bfdee9352946430/0501-web-poor-art600-0.png

it was in the usual compendium

http://www.nakedcapitalism.com/2016/11/200pm-water-cooler-1132016-2.html

which leads to here

https://twitter.com/MaxCRoser/status/793937925113311232/photo/1

and here

http://www.nytimes.com/2014/05/01/business/economy/changed-life-of-the-poor-squeak-by-and-buy-a-lot.html

Joe KNovember 3, 2016 3:02 PM

@Wael

Thank you for the reading list.

While I digest each item, I will be asking:

  • How does one measure the harm done?
  • What were the consequences for the parties responsible?
    • Benefits reaped?
    • Costs paid?
  • In case a fine is imposed, what portion of the sanctioned party's net income does the fine represent?
  • How can one tell whether a given collection of consequences constitutes effective, or even merely significant, deterrence?
    • (With vampires, at least, we know there is one way to be absolutely sure.)
  • How would one know, in a given case, if the consequences did not constitute effective deterrence?

By the way, as far as I can tell, the case of Carrier IQ seems fraught with implications that go beyond the outcome for that particular company:

Anyways, I appreciate the pointers.

AnuraNovember 3, 2016 3:39 PM

I thought that von Mises said that "Inflation is always and everywhere a monetary phenomenon."

von Mises says a lot of incorrect things.

ab praeceptisNovember 3, 2016 4:22 PM

z80

Yes, the Svenda Work is indeed interesting (and entertaining at that). Somewhat brutally summarized Svenda says "Show me some RSA pub. keys and I will - with a sometimes astonishing success rate - tell you with which soft- or hardware the pub key was created".

Given even a relatively low number of RSA pub keys, say 5 or 10, he will tell you with a rather high success rate whether those keys were made with, say OpenSSL or, say an Infineon crypto card.

And he is right. His logic is OK as is his stat base (60+ mio pubkeys) as is his results. Great work.

However: Svenda is also engaged in a (I think british) company selling crypto hardware like HSM ...

Moreover, it's not even *that* astonishing. Most people and most software sticks to the (very reasonable) rules of creating a, say, 1024 bit RSA pubkey using primes close to 512 bits but there are, of course "personal taste" and some "magic" preferences. While, for instance, some prefer to use 2 indeed 512 bit primes, others prefer some (mild) deviation, say one 520 and one 504 bit prime. Et voila, there you have a slight bias.

It seems (urgently?) noteworthy, btw, to mention that this does *not at all* mean that your RSA pubkeys are any closer to being cracked. I say that clearly because Svenda and some at the company (understandably?) hint that this might be an attack vector.

NO, it is *not*

Two reasons (at least):
a) the key might have been created using hard- or software A but it is being used (say with a https server) based on software B. Svenda only looks at the creation of the key, not at their use.
b) There are, just to offer a hint, more than 10^140 primes in the 500 (+- 20) bits N+ range. So, a bias to, say, avoid primes (for a wanton example) not having bit 3 and 7 set is next to irrelevant. Moreover, much of the bias actually seen in the industry is at the low end, i.e. bias like avoiding any primes below 10^12.

The danger IMO still is somewhere else, namely in lousy pseudo primes ("this is quite *probably* prime) and in shitty implementation (OpenSSL is not the only one smelling).

The hitting point for me was to see that some well known CAs actually use OpenSSL.

Now, if Jane or John Anybody do that, oh well. But seeing CAs using OpenSSL is a very ugly signal.

Note: I do *absolutely not* mean to hit on Svenda. He has done very nice work and he has done it properly. Moreover his university has been very positively shining more than once. iirc they have, among other things, also produced quite nice and useful(!) static verif. research and tools.(But maybe Svenda should look for less bluntly profit greedy and marketing hyping industry partners ...).

AnuraNovember 3, 2016 4:23 PM

@William

but if you believe in rigged systems then there is no direct correlation between price and size of money supply.

Not really sure what you are saying here, but money supply sets a limit on the total price of all goods in the economy - so there is a direct correlation. It's just that there is another factor as well, the velocity of money (which is the average number of times a single unit of currency is used to make a purchase in a time period), which is dependent on the propensity to spend, which can be affected by the money supply and even affect the money supply (when you make a credit card purchase the money supply actually increases due to fractional reserve banking). So money supply isn't the sole determinant of inflation, no, but no one pretends it is except Libertarians.

Prices, however, are a lot more complex. It's a chaotic system, and dependent on many variables. The relative price of goods is dependent on cost of production, subjective preferences, budgets, priorities, competition, alternatives, and honestly the entire history of the entire global economy up to this point due to all the feedback loops. However, from a high level you can view it as the combined effect of the bargaining power of all actors in the economy from the beginning of time.

That is, for a business to produce, they have to hire people - the wages they pay are dependent on their bargaining power and the employee's bargaining power. This is mainly driven by your alternatives - do you have the ability walk away from a deal if you don't like it? Does the person you are negotiating with? Then that, along with labor productivity, and non-labor costs sets the price floor for all products they produce, and the more competition the more prices will be pushed down due to competitors.

rNovember 3, 2016 4:57 PM

@Joe K,

A likely scenario to add to your wanderings through those papers: 'data IS toxic', expect that if you, they, we possess info knowledge or data that somebody out there has a subpeona with one of our names on it.

Especially with the jurisdictional thing pending (@ 4 WPM).

AT&T is being sued currently for colluding (price fixing in the sports media market), but what other things have companies like Verizon (Snooper Cookies) and others been getting paid to do that undermine the public?

Cui bono?

It's likely a judicial opinion that these things don't undermine the public's expectation of security so as long as we shop for security not privacy oriented judges it's one big feeding trough in the cloud.

I will most certainly never buy a lenovo, the lenovo that I do own is old enough for coreboot. Thank the stars for frankenpads.

https://news.ycombinator.com/item?id=4311264
https://games.slashdot.org/story/12/07/30/1214206/ubisoft-uplay-drm-found-to-include-a-rootkit

There's an addition to your reading list concerning Ubisoft's DRM teq.

https://www.techdirt.com/articles/20130318/01034122364/eas-troubles-keep-getting-worse-big-security-flaw-discovered-origin-platform.shtml

And this one is about the launch of one of the SimCity's that was botched through Origin's DRM and somebody stepping down.

otherwiseNovember 3, 2016 5:08 PM

Re: von Mises

Ok, yes, "Brexit" means the British # is inflating.

Otherwise, there are two major schools of macroeconomics in the U.S., the "orthodox" school of John Maynard Keynes and the "Ludwig von Mises" or Austrian school, sometimes called the "freshwater school" from its association with universities in Chicago and other cities surrounding the Great Lakes.

The Federal Reserve System has traditionally pretended to remain aloof from politics. Keynsianism is an almost inviolate principle with them: what Keynes said and what people say Keynes said are a big deal for U.S. monetary policy even to this day:
http://socialdemocracy21stcentury.blogspot.com/2011/08/keyness-opinion-of-communism-and.html

The fact is that Keynes’s explicit public and private condemnation of Marxism, communism, and the Soviet Union is well attested.

The lady doth protest too much, methinks...

http://www.econlib.org/library/Enc/bios/Keynes.html

Little of Keynes’s original work survives in modern economic theory. His ideas have been endlessly revised, expanded, and critiqued.

Methinks there is a machine at work ... because the "Austrian" school is little other than a stage backwater or a convenient strawman or stooge opponent to direct "orthodox" thought or discussion or academic "debate" on macroeconomics where the banksters want it to go.

---

I don't like explaining inflation by money supply.

Over different periods of history humans have either collectively improved their lot on earth by efficient industry, education, and learning, or they have collectively suffered loss to war, pestilence, famine, crime, and corruption. So even if the money supply remains the same, there will still be massive fluctuations in the true value of what it represents in total.

The illusion of a fixed pie, that "I need to deprive you of part of your piece of pie in order to make mine bigger," is wrong. You will not be successful at business in the long term if your business ultimately reduces the size of your customers' piece of pie.

ThothNovember 3, 2016 7:30 PM

@ab praeceptis

I wonder if seeding the RNG after every couple hundred uses would be helpful. It may and it may not as the seeding (esp. for JavaCards regardless of Infineon or NXP) gives you a generic interface to load a seed value and nothing more you can do about it.

Regarding the persistence of OpenSSL is important PKI infrastructures especially in commercial and Government CAs and supported by ALL major HSMs, because it is the ONLY open source and FIPS 140-2 certified library. Without the FIPS certification, one will not make any headway into commercial and Governmental market as they rely on FIPS certifucation. This is the stark truth as FIPS certification is a sort of passport for sales into such markets. Even if LibreSSL or Google's BoringSSL libraries were to perform much better or are more secure, heck, FIPS certification wins them all outright as the certification is like a "I am certified and using it if faults occur is not my business as I am following regulations by Govt and Industry to use FIPS".

No other SSL libraries are going for FIPS except the BouncyCastle library that is underway FIPS evaluation. OpenSSL will continue to go strong in demand in the industry circle and contonue to propagate more insane vulnerabikities thanks to the industry. Hacking with unpatched OpenSSL libraries or 0days made easy all day and everyday as usual thanks to the industry.

ThothNovember 3, 2016 7:36 PM

@r
HoloLens for the .mils ? Hmmm ... yummu. Another possibly soft target for Russian and Chinese hackers because it runs M1cr0s0ft (tm). I wouldn't be surprise if the AR can be penetratred and then you overwrote the image of a friendly tank with an enemy's and make an enemy's tank not appear. Now you don't need too many boys on the ground theae days as the modern battlefield are fought with cyber and hacking. Also a nation can shrug and walk off if accused of hacking since such cyberattacks are very hard to distinguish and easily masked.

ThothNovember 3, 2016 7:43 PM

@Clive Robinson, all
Singapore's transport authority had a really bad knee jerk reaction by shutting down all cell signals in train stations due to continuing signal problems for the trains.

Some speculate it is cyberattack but I was told the train signal frequency modulation were too close to that of GSM and thus causing trouble. I wonder why now of all times that coukd have happened in the past 20 years or so.

Service problem began during 2010 and afterwards snowballed every year with worsening issues and have been used as an issue in Govt elections as well. There were speculations that problems began during the change of Prime Minister and cabinet but that is hard to confirm nor deny for mostly it is considered rumours.

Link: http://m.todayonline.com/singapore/possible-delays-circle-line-signal-fault-returns-smrt

ThothNovember 3, 2016 7:46 PM

@Clive Robinson
There were also remarks of highly paid but useless leaders in the elite circles here. I guess that's same everywhere. Too many highly paid and incompetent people which are imbued with too much power.

ab praeceptisNovember 3, 2016 8:06 PM

Thoth

Not really. From what I know OpenSSL is only 140 L1, not L2 (Funnily NSS, which certainly isn't less smelly, is L2). Moreover iirc Fipts cert. is lost once one makes changes (vulgo: patches, new versions, etc.).

More importantly though, in my minds eye, is that CA behemoths can, of course, develop their own stuff and get it certified as other behemoth examples e.g. in the HSM niche amply show.

As for the RNG reseeding, I guess that's done anyway, but it is of little concern in the given context because the biases found in the study were consequences of *intentional* decisions, usually, btw. sensible ones.

It should also be noted that the study showed clearly not randomly distributed numbers in terms of space range, but quite well randomly distributed numbers within their given frame. The first part may sound poisonous but isn't; it's just healthy to exclude numbers (let alone primes) that are too small. In fact it's in part arising from the common rules like, as I said, primes being roughly about keysize/2. So when looking at any given bitsize pubkeys it is to be *expected* that the vast majority of factors are somewhere in between bitsize/3 and 2*bitsize/3 with a strong center around bitsize/2. So, finding few factors below bitsize/3 or above 2*bitsize/3 is by no means indicating a weakness.

re. RNG seeding et al. 2: Again, the distribution within the "rules based bias envelope" *is* quite good (which was to be expected as we do have quite high quality PRNGs available).

All in all for *me* (other might feel differently) the major take away was that at least some major CAs use lousy crypto implementations.

Let's look again at that: a) not much surprise there. After all we're talking about an industry that sells "We don't care at all. Some robot will grab the soa email and ask you to respond to an email". Bruce Schneier minted the term "security theater" - and that's exactly what most CAs offer for a fee.

b) Who has shitloads of money and *should* have an interest in creating good crypto implementations (and possibly the decency to make it open source)? The CA's. But they prefer to leave that to others and to not invest 1 promille of their profits into something that might make their promises somehat less hollow and empty.

But, there you are, of course, bloodily right, they have something with a fips 140 stamp on it, however worthless that may be, and they couldn't care less.

rNovember 3, 2016 9:00 PM

@Thoth,

RE: Augmented Reality.

Obviously you wouldn't be editing the live feed's images you would be editing the live feed's overlays and indicators. There'd be alot more adhoc processing required otherwise, maybe to your point an 'artificial feed' would be convincing enough considering they're effectively inside of a sensory deprivation tank.

Still, I just wouldn't put that kind've power inside of a tank - I'd remove the operator entirely. It's pretty much what we're doing with drones?

Also, think of it this way - a junkie will buy whatever trash they can get their hands on - it's your job to make damn sure they don't buy somebody else's trash first.

rNovember 3, 2016 9:02 PM

Saturating and or confusing their primary sensors.

Digital apetures are highly vulnerable to infrared for the most part aren't they?

I'm sure the .mil have better filtered solutions.

Clive RobinsonNovember 6, 2016 6:41 AM

@ ab praeceptis,

I just fell over this, clicking from bloomberg

Yup it's only at the bottom of the page it says it's "payed for" thus a form of advertising.

As for the claim to double in speed well... It's a Linux distro on a memory stick. Which has had a few things stripped out. Thus it's minus quite a bit of usless bloatware of the more traditional commercial OS's, so the claim may not be to far off.

The downside of course as always is the "screen drivers" which might well rob it of any speed gain.

However it does raise the question of if you cut out the crap of bloat and backdoors/telemetry/snoopware just how much faster it will run.

I've a win7 laptop that I stripped out most of the background junk and other crap and it ran one heck of a sight quicker when doing intensive work such as compiling etc.

Clive RobinsonNovember 6, 2016 6:47 AM

@ ab praeceptis,

I just fell over this, clicking from bloomberg

Yup it's only at the bottom of the page it says it's "payed for" thus a form of advertising.

As for the claim to double in speed well... It's a Linux distro on a memory stick. Which has had a few things stripped out. Thus it's minus quite a bit of usless bloatware of the more traditional commercial OS's, so the claim may not be to far off.

The downside of course as always is the "screen drivers" which might well rob it of any speed gain.

However it does raise the question of if you cut out the crap of bloat and backdoors/telemetry/snoopware just how much faster it will run.

I've a win7 laptop that I stripped out most of the background junk and other crap and it ran one heck of a sight quicker when doing intensive work such as compiling etc.

ab praeceptisNovember 6, 2016 6:51 AM

Clive Robinson

Let's be more constructive, here! I suggest those "make your PC double as fast for 25$" people should throw in a cloud based password manager for just 5$ more ...

Though I personally wouldn't buy it for two reasons: I found not a single word about a golden "secure" logo and they didn't mention a finger print reader.
Btw, that golden "secure" logo should be java animated!

Damn, now I gave away the idea for the next billion $ company.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.