Friday Squid Blogging: Whale Mistakes Plastic Bags for Squid

A whale recently died in Norway because there were thirty plastic bags in its stomach.

Researchers believe it may have mistaken the plastic bags for squid.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on February 3, 2017 at 5:25 PM • 213 Comments

Comments

Ross SniderFebruary 3, 2017 6:07 PM

The United States just issued sanctions against Iranian and Chinese officials for their support for Houthi rebels in the Yemeni proxy war, a proxy war that just saw the United States take its first direct military operation inside of since 2014 (before it had been intelligence, logistics and supply support for Saudi Arabia and an arm of its drone assassination program). These sanctions were of the sort recommended to the Obama Administration during its tenure, but the administration thought they could be a spoiler for the pursuit of a greater Grand Bargain with Iran (the Iran Nuclear Deal) which removed a different set of sanctions.

As the United States currently does not value the long leash given to Iran in the protection of the nuclear pact, it now is willing to press the issue and has a publicly stated position that it would not mind spoiling the nuclear security deal: similar to the purposeful destruction of the Agreed Framework that was actually working to achieve peace with North Korea. Indeed the sabotage of the Agreed Framework was accomplished by implementing sanctions that de facto replaced the ones that had been removed - it being an open secret that they weren't actually new sanctions for different reasons and actually intended to ruin the approach to peace.

This signals an intent of the United States to continue its policies in the Middle East. While there has been discussion about performing offshore balancing in the region - floated ideas about safe zones in Syria, direct activity in Yemen and a potential reversal of complicity for Iranian influence in Iraq see the United States continue to pursue it's long running strategy of divide and conquer in the region - this time with it focused on shoring up Saudi Arabia's planned bid to extend its own influence. The United States is not likely to be able to achieve this without "boots on the ground", at least in some capacity, and it appears that its habit of relying on Special Operations isn't welcomed by the new administration.

TatütataFebruary 3, 2017 6:47 PM

With all the headlines of the last few days, I was really expecting that "Finding Dorie" would have been the squid topic of the week. Bzzzt! Wrong!

buckarooFebruary 3, 2017 7:17 PM

"Over half of US citizens 'have experienced a data breach'"
www DOT welivesecurity DOT com

The above article opined that "citizens around the world are not doing enough to protect themselves online," but this is nonsense. One has to be a part-time geekster to keep up with computer security, but most people will never be able to do so -- and we should not expect them to. This is a logical consequence of libertarianism. We can either have anonymity or security. What we have now is anarchy because of the adoration of the uber-selfish witch, Ayn Rand.

Before the Internet and cell phones, it was almost impossible to fake a telephone call. One needed to use a Bell System handset and connect to wires at or coming from the pole. Now it is trivial to spoof Caller ID data for telemarketing, support scams, and swatting. One solution would be to only display Caller ID data if it is verifiable, i.e. originating from a landline or registered cell phone and traveling through trusted nodes; if the data was suspect, Caller ID could display "SPOOFING?" in the first field. Disconnecting ISPs which allow anonymous connections from the Internet would be even better.

Allowing IoT devices to be connected to the Internet is the digital equivalent of allowing people in residential areas to target shoot from their front porch.

buckarooFebruary 3, 2017 7:54 PM

@r

I attended school before cell phones and everyone lived through the experience. If an emergency occurred, someone from the office would find the relevant student and notify him. There is no reason why students need a cell phone with them while at school. And it's not a coincidence that school rankings keep dropping for the pampered little darlings.

"As recently as 20 years ago, the United States was ranked No.1 in high school and college education"
"In 2009, the United States was ranked 18th out of 36 industrialized nations"
"The United States still ranks No.1 in the world’s higher education institutions"
http://www.historynet.com/was-the-usa-ever-no-1-in-education.htm

South Korea, Finland, Estonia, Singapore, Japan and Hong Kong are all leaders in education, but "the United States remains in the middle of the ranking." The Internet does not hold students back in Estonia, or E-stonia as it is sometimes called.
http://www.oecd.org/pisa/

rFebruary 3, 2017 7:59 PM

@buckaroo,

'Maturity' is a statement reflecting on socialization and society.

I am not discounting a lack of parental education, 20 years ago not all of those public schools were equivalent to the measurements you're citing. Some of them fail, hence the movement into Charter and Voucher systems etc.

rFebruary 3, 2017 8:03 PM

Just like the pro-police statement on the other thread, it's all about the numbers yo.

s/numbers/benjamins/ when politicizing something reflects on future funding.

It's all broken, and they're not going to fix it - we're all just busy buying rugs brooms and band-aids for the real problems.

Don't bother protesting, your little brother will tell Ma and she'll let the boys in blue know that you've been speeding and you'll wind up in jail with your weekend beer money in the pocket of some cop or lawyer.

rFebruary 3, 2017 8:12 PM

Nope, it was sand.

Anyways, look - we had a 20 year vision of robots everywhere.

This nation needs it's service workers, roomba was 20 years in the making and we still don't have robotic bartenders or dr. robotnik flipping burgers at mcdonalds.

There was a marginalization of public education that was all but intentional if not sadistically negligent, we can't all be cryptographers we should count ourselves lucky.

Bong-Smoking Primitive Monkey-Brained SpookFebruary 3, 2017 8:23 PM

@r,

Nope, it was sand.

goddamit! We paid $500.00 for that concussion grenade. It turned out to be a dud! Hold on, @r! Keep running your mouth loose... more supplies are on the way, bud :)

buckarooFebruary 3, 2017 8:32 PM

@r "'Maturity' is a statement reflecting on socialization and society."

So you're saying that the bell curve of maturity has been flattened? I'd concur.

Students hear about the Playboy bimbo taking video of an older woman in a locker room, Glassholes, and many things precocious e-children do, and they start to believe that it's okay. Film cameras have been small enough to fit in one's pocket for a long time now, though admittedly video in a small form factor is relatively new. Yet we never heard of photos being taken in locker rooms. It seems that maturity is moving backwards.

As for school rankings, the rest of the world also had the problems you mentioned, but many of them have progressed far beyond us. Whether we stood still and they improved, or we fell behind, is immaterial. One major problem is mainstreaming.

GnostalgiaFebruary 3, 2017 8:37 PM

Maturity is one of those N words I don't like to hear or say like how 'liberal' just rolls off the tongue of some serpents in this day and age, who are we to judge?

But there's only so much that can happen before **individuals** start to wake up and ask questions,

how many individuals do you want to wake up to tomorrow's reality?

Will it be all ready and already too late?

TazFebruary 3, 2017 8:52 PM

Can anyone reliably inform us as to the status of the "openwireless.org" initiative, and the risks involved in participating?

Given current trends, I'd like to share our fiber to the public via an anonymous VPN (so my damn ISP won't dock me). Have a spare openvpn connection fully paid via a disposable credit card for an animal resident of the San Antonio zoo :) Risk yes - probably minor.

Would like to optimize that wifi for really good "Signal" VoWLAN.

https://www.eff.org/deeplinks/2015/04/toward-better-open-wireless-routers


Need a good/safe Linux hotspot package with OpenVPN - but can't find any.


Any clues appreciated.

JenGold StockholmFebruary 3, 2017 9:31 PM


@ Moderator

i have a feeling this Squid is off to very troll-y start, you may wish to keep a close eye lest it rapdily spirally out of control

@ Wael @ Dirk Praet

RE: Dr. Adnan Ibrahim

http://www.idriesshahfoundation.org/books/the-sufis/

Idries Shah is an absolute giant. His (many) books appear to be all in the public domain care of the above site. The above has his first book as a free ebook which when published some decades ago immediately established him as a most respected genuine (ie not academic) authority on Sufism. The above explores many tenents including, that Sufi belongs to no religion time or place, and he demonstrate how it has been of fundamental, essential influence all throughout history including of course western science as you referred to , Dirk. It's a staggering read

The other seminal work of his is The Way Of The Sufi, I believe a follow up to the above
https://en.wikipedia.org/wiki/Idries_Shah

buckarooFebruary 3, 2017 10:45 PM

@Gnostalgia "like how 'liberal' just rolls off the tongue of some serpents"

Similar to how "racist" and "fascist" roll off the tongue of left-leaning serpents. And one could easily make the case that the election results were largely due to "**individuals** start[ing] to wake up and ask questions."

The use of "fascist" by the left to describe the right is most amusing given how close the Obama administration was to Google and how close the administrations of Clinton, Bush II, Obama, and Trump were/are to Goldman Sachs. Not to mention the complete lack of prosecutions of Wall Streeters responsible for the 2008 crash by Bush II and Obama, not that Trump will be any better.

@JenGold Stockholm "this Squid is off to very troll-y start"

And yet you referenced Idries Shah, someone who had nothing to do with the Internet, computers, or technology.

"Many conservative Sunni Muslims regard Sufism as a corruption of Islam," i.e. Sufis are heretics.
http://www.dummies.com/religion/islam/muslims-adhere-to-different-islamic-sects/

Jen Gold StockholmFebruary 3, 2017 11:05 PM

@ buckaroo

go by any other names, perchance? I'm sure I'm not the only one to find you uncannily familiar

I was off topic, yes. I so far do not contribute to the technical components of security here, to our shared detriment. However my comment was

1. a response to a discussion held by two of the most long term established regulars, and potentially relevant to some others known or unknown (@tyr I meant to copy you in)

2. Even more pertinent; my post could not be equated with a steadily escalating partisan political rant whose emotional trajectory and subsequent consequences can be fairly well determined and plotted on a 3D graph only a few posts in

3. Anyone wishing for a healthy, cohesive signal in this community (not forum but community) would be appreciative of a call for the Moderator to be at attention with arms at low port and safety definitely on
Those wishing to rant and impose agendas would, assuredly, not be supportive of such a call as confirmed by an immediate response. [what made you think I was referring to you?]

4. & should I be apologising for offering something you say is 'heretical'
to conversative sunni? I am sorry if I upset your conservative sensibilities.

5. I won't be responding to you again so feel free to save your fingers.

ab praeceptisFebruary 4, 2017 8:52 AM

Snakeoil - or slapstick? - served and spread inter alia by hacker news. "whonix". It's said to be totally awsomely 3l1te super-special secure.

Let's look at it. Its basically a debian based totally extremely terribly special secure thingy with a tor gateway and - how inhumanly smart! - a virtual machine that's also tor based.

As they explain, nobody and nothing can penetrate that 3l1t3 protection!

Well, OK, picky people might remark that debian is well known for occasionally utterly breaking security beyond idiocy. Others might have doubts about tor which actually doesn't have that great a track record but let's not be too picky.

A propos "picky":

- too little mentioning the superhuman capabilities of ssl/tls
- no mentioning of let's encrypt. Sorry guys, but I can't take you seriously unless you use dual let's encrypt certificates.
- No "awsomely 3l1t3 super secure" golden sticker. This one is the show stopper for me. Ev-er-y-bloody-one who ever used totally superspecialsecure stuff from Symersky *knows* that the decisive ingredient is a golden sticker!

P.S. I'm waiting for the day when cube and whonix put their brainpower (tm) together and create the super-giga-awsomely special-secure whonix thingy on top of cube thingy. Microsoft better get themselves lots of pampers; they'll need them.

Dirk PraetFebruary 4, 2017 9:03 AM

@ Clive

Thus you might like https://www.theguardian.com/books/2017/jan/24/george-orwell-1984-sales-surge-kellyanne-conway-alternative-fact

By far the most informing article I read in The Guardian this week was 'It will be called Americanism': - the US writers who imagined a fascist future. I was familiar with most people mentioned (Arendt, Dick, Atwood, Roth, Lewis, Welles), one notable exception being Irving Wallace's "The R Document". It describes how an FBI director introduces a (fictional) 35th Amendment that overturns the Bill of Rights saying "No right or liberty guaranteed by the Constitution shall be construed as licence to endanger the national security". Which bears a really uncanny resemblance to the way both Trump and Spicer denounced a Seattle judge's decision to temporarily shut down their travel ban.

As to Kellyanne Conjob's powder letter, I have it on good authority from a former addict that both her looks and demeanour are consistent with those of a long-time controlled substance abuser.

@ Jen GS

Idries Shah is an absolute giant.

Yes he is. I've always found Sufism quite fascinating.

@ Taz

Need a good/safe Linux hotspot package with OpenVPN - but can't find any.

Do a PoC on a Raspberry Pi and take it from there. Shouldn't take you longer than an hour or so.

buckarooFebruary 4, 2017 9:23 AM

@JenGold Stockholm

I realize you have your fingers in your ears, but I will address one issue anyway. One man's ceiling is another man's floor; I'm sure there is a Swedish equivalent. Many responses here are irrelevant to cybersecurity, with some being part of a continuing discussion and others being new. I would never have directed a comment to you if you hadn't implied that I was trolling.

I was hoping someone would comment on my IoT line: people have a right to buy an IoT device and connect it to their private intranet, but they do not have a right to connect it to the Internet (Schneier does not capitalize the word, but he's wrong) and allow it to create havoc for others. Many people assume a right to use this public network in ways it was never intended. I wish Schneier would ask Tim Berners-Lee and the people at DARPA at the time of ARPANET if they are in favor of pedophiles trading child porn world-wide, something that anonymity and encryption enable. I would be shocked if DARPA personnel were ever in favor of it.

PaulFebruary 4, 2017 9:41 AM

Internet of Things insecurity
Small radio stations hacked to repeatedly play "Fuck Donald Trump" rap song.
https://arstechnica.com/security/2017/02/unsecured-radio-transmitters-get-hacked-play-anti-trump-song/

[Comment on hack, not politics]
Specifically, hackers have targeted products in the Barix Exstreamer line, which can decode many audio file formats and send them along for LPFM transmission. If that sounds familiar, that's because Ars Technica reported on this kind of hack last year. As Barix told its products' owners in 2016, Exstreamer devices openly connected to the Internet are incredibly vulnerable to having their remote login passwords discovered and systems compromised. The company recommends using full, 24-character passwords and placing any live Internet connections behind firewalls or VPNs.

See also
http://www.independent.co.uk/arts-entertainment/music/news/us-radio-stations-hacked-to-play-yg-s-fuck-donald-trump-a7561156.html

Dirk PraetFebruary 4, 2017 9:52 AM

@ buckaroo

Many responses here are irrelevant to cybersecurity, with some being part of a continuing discussion and others being new.

You do not get to decide what can and cannot be discussed on this forum. Full stop.

people have a right to buy an IoT device and connect it to their private intranet, but they do not have a right to connect it to the Internet (Schneier does not capitalize the word, but he's wrong) and allow it to create havoc for others.

Until such a time that there is a law that either explicitly forbids or regulates it, they do have that right. It would seem that you have entirely missed @Bruce's point who just made a passionate plea for regulation.

Tim Berners-Lee and the people at DARPA at the time of ARPANET if they are in favor of pedophiles trading child porn world-wide, something that anonymity and encryption enable.

I would rather inverse the question asking whether they would be in favour of plain text traffic only that can always be intercepted and traced back to its origin. The answer to that would probably be something along the lines of "have you gone out of your mind?".

WaelFebruary 4, 2017 9:59 AM

@buckaroo,

I was hoping someone would comment on my IoT line: people have a right to buy an IoT device and connect it to their private intranet, but they do not have a right to connect it to the Internet

In a corporate setting, employees are only allowed to connect approved devices to the intranet because the owner (corporate) can and does make such a policy. They also can discipline violatirs! Who, in your view, owns the internet and is in a position to make such a policy, monitor violations, and enforce conformance?

It's not like there isn't a precedence! FCC controls radio frequency bandwidth allocations. Are you suggesting a similar model for the internet?

WaelFebruary 4, 2017 10:10 AM

@buckaroo,

More on FCC relating to: who has the right to do what...

FCC also controls what devices are allowed to operate at specific frequencies. They put limitations on power transmition output, interference properties and other things. They also require users to have a license to operate certain equipment, etc...

I don't know if you're aware that the FCC sends vehicles around with specialized equipment to detect the source of violations. Search for it and you'll find the information. So there a precedence. Should it be applied to the internet? I don't think that would be a good thing.

Dirk PraetFebruary 4, 2017 10:10 AM

@ ab praceptis

I'm waiting for the day when cube and whonix put their brainpower (tm) together and create the super-giga-awsomely special-secure whonix thingy on top of cube thingy.

I suppose you're just being sarcastic because Whonix has already been integrated in QubesOS. However imperfect, it is a combination that arguably is a tad less insecure than Windows 10 or other mainstream OS'es.

buckarooFebruary 4, 2017 10:47 AM

@Dirk Praet

"You do not get to decide what can and cannot be discussed on this forum. Full stop."

I neither said, implied, nor hinted at that. Address your concerns to JenGold Stockholm who decried alleged trolling.

"It would seem that you have entirely missed @Bruce's point"

Your entire generation does not understand the implications of the word "right." You conflate abilities and rights. You think because it is possible to steal songs and videos that you have a right to do so. That's as inane of an argument as saying that I have the right to steal your car because I figured out how the computer in it works. Or that I have the right to steal your bitcoins because I found yet another defect in the process. No one has the right to connect an IoT device sans security, but no one is preventing them from doing so due to government incompetence, a/k/a libertarianism. Anarchy always presents serious problems.

As for your previous comments regarding fascism: one of the identifying characteristics is a melding of the government and corporations, for example, IG Farben and BASF for the Nazis. It should be clear to everyone that all presidents since Clinton, at least, have been fascist in this respect. Obama employing more than 250 Google employees and Clinton, Bush II, Obama, and Trump employing Goldman Sachs executives in their Cabinets represent classic fascism.

The many cases of leftists beating people because they were wearing Trump-related clothing should remind you of fascist, if not communist tactics. The latest one (video is on YouTube or see at https://t.co/CXRIBVYk9v) features a woman identifying herself as an NYU professor screaming at the NYPD: "You are fucking a**holes! You're protecting the Nazis! You should kick their a**!" She went on to say, "It's not up to these students to kick the a** of a neo-Nazi," more than implying that the NYPD's job description includes a requirement to beat those whom leftists dislike. She reminds me of Song Binbin (read Radio Free Asia's article "Former Chinese Red Guard Says Sorry For Death of Teacher" to understand). I strongly recommend that you read the RFA article. Strongly.

You probably did not read in the British Pravda that "more than 300 foreign terrorists, spies and criminals who pose a risk to Canada’s national security tried to sneak into Canada last year." It's not hysteria to worry about the enemy at the gate.
http://www.torontosun.com/2017/02/02/terror-at-our-door

"The answer to that would probably be something along the lines of 'have you gone out of your mind?'"

You've obviously never dealt with DARPA personnel -- I have -- who tend to be rather conservative. Other Internet luminaries, especially those from academia, would probably agree with you.

And you misunderstand our Constitution. I have included a link to it for your reading pleasure. Non-citizens do not have the same rights as citizens. Full stop. That's why the judge's decision will not stand, because he is interfering in matters way above his pay grade. If Trump would have said, for example, all citizens who have read Schneier's website are banned from reentering the country, even Republicans would consider impeachment. You might believe that all countries should accept all refugees who want to enter -- I do not -- but our Constitution does not agree with you.
https://www.archives.gov/founding-docs/constitution

By the way, I did not vote for Trump or any other presidential candidate.

rumi manFebruary 4, 2017 10:58 AM

I have been knocking
on the door of insanity
It opens
I have been knocking
from the inside

paraphrased translation

rumi manFebruary 4, 2017 11:19 AM

added a shttps://www.theguardian.com/books/2017/jan/24/george-orwell-1984-sales-surge-kellyanne-conway-alternative-facts

ab praeceptisFebruary 4, 2017 11:44 AM

Dirk Praet

However imperfect, it is a combination that arguably is a tad less insecure than Windows 10 or other mainstream OS'es.

Well, their claim isn't to be a tad less insecure than windows.

Plus: Is it really? Frankly, I have doubts that combining two insecure items results in a more secure one.

Or, to be more frank: While virtualization can be one building block - if it's well understood and well designed and done - the current "virtualization is the messiah of security" believers are provably wrong in the vast majority of cases.

Throwing in debian doesn't help neither. That's merely adding the lottery factor when and which maintainer utterly fucks up something critical. That's not to say that redhat and others are secure nor that debian is shit, but if someone where serious (but insisting on linux) wouldn't he at least use something like alpine?

I'll stop the list here but it should at least be mentioned that tor is *not* secure.

And it seems noteworthy that things don't come for free. tor, for instance, risks to carry a very ugly price tag, namely to basically put crosshairs plus a label "probable suspect or even terrorist!" on its users. Because that's what lea types think when someone uses tor.

To keep the fbi (or the ever-evil fsb) away? It might be worthwhile to think about how those people take that. Hint: "We must blast in his house at 11 pm with a swat team and make sure he doesn't move so much as touching his devices" (except for the professional teams who will calmly smile looking at the mirrored exit node port).

That whole stuff truly deserves a big fat golden sticker. Will look nice at the jail wall.

ebwfFebruary 4, 2017 11:54 AM

Seems to me that today's "principles" are held to a standard of which the first is "what is the most extreme punishment that can be devised for this action?"

ab praeceptisFebruary 4, 2017 12:14 PM

rumi man

I can't offer a review because I don't use their toy. They have fat debian and tor logos on their site which tells me pretty much what I need to know to stay away. About the single one reasonable property I found was their "read only" approach with the host system.

More generally speaking I take all of them to be toys or snake oil. For a simple reason (among others): security isn't something one can buy or get on a CD. security is a process and it's complex.
If your need is "I sometimes want to get at my email when at the university" tails might be reasonable unless your emails are very sensitive. If, on the other hand, your need is "I need to transmit something very sensitive which to get the us-americans would kill for to my partner in brazil" then all those funny CDs are worthless.

buckarooFebruary 4, 2017 12:21 PM

@Wael

"Who, in your view, owns the internet and is in a position to make such a policy, monitor violations, and enforce conformance?"

This is the $64,000 question and one that desperately needs to be answered, because the Internet is a failure in terms of security. It's simply an improvement on the scheme of posting messages on a bulletin board situated in the middle of town where someone can impersonate you or rip your messages off the board.

The answer is simultaneously "everyone" and "no one," with the Internet representing anarchy. I believe we should create a sub-Internet, a 100% secure one for people that would trade anonymity for security. Yes, it could be done, but there would be lots of trade-offs and expenses, especially the latter. People have become accustomed to a cheap Internet, similar to how they've become accustomed to low-priced Chinese imports -- and they're so selfish they don't care that their neighbor lost his job because the products they buy are no longer made locally.

There are three classes of Internet users: cyber-criminals, expert users, and the unwashed masses:

1) Cyber-criminals constitute far less than 1% of the population. This group consists of Chinese stealing trade secrets from Western companies, Russians stealing loot from mainly U.S. companies, nationalists punishing another country for perceived threats, child porn purveyors, and even script kiddies and swatters, because the prime job requirement here is being a sociopath.

2) Expert users constitute less than 5% of the population, but there is no way to know the exact percentage. Virtually all readers of Schneier's blog reside in this category. These people generally know how to avoid phishing and other cyber-threats, but of course, your mileage may vary.

3) The unwashed masses include Hollywood airheads who employ trivial passwords, former NFL players and congressmen who tweet photos of their rudolphs, children who send explicit photos of their bodies to their friends, people who live in totalitarian governments who wish to inform the world of their environment, companies in business, and everyone else.

I've seen otherwise intelligent people click on banner ads which portray themselves to be Microsoft warnings. I've argued with snarky secretaries who condescendingly dismissed my warnings of phishing. I've attempted to explain computer security to twenty-somethings who just rolled their eyes. These people will never understand, but many of them are truly shocked when they are victims of cyber-theft.

It is impossible for a network to be both secure and private, not to mention safe for children. We cannot have VPNs, the Tor browser, Tails, and torrents which allow users to pretend that they are in other locations and still prevent cyber-criminals from stealing from us.

rumi manFebruary 4, 2017 12:24 PM

@ab praeceptis

Thanks

For organizations like the Federal Bureau of Surveillance (FBS) Tor users help promote job security (more demand, perhaps, for warm bodies at the FBS)

Dirk PraetFebruary 4, 2017 12:58 PM

@ buckaroo

Your entire generation does not understand the implications of the word "right."

I am half a year younger than our host. As far as "rights" are concerned, I adhere to the long-held principle that for the government everything that is not explicitly allowed is forbidden, whereas for the governed everything that is not explicitly forbidden is allowed. Authoritarians generally see that the other way around. And it's most definitely not how your constitution was framed.

... one of the identifying characteristics (of fascism) is a melding of the government and corporations

The accent being on 1. It's like saying that everyone with a language impairment is autistic.

The many cases of leftists beating people because they were wearing Trump-related clothing should remind you of fascist ...

I do not condone that sort of stuff. Conversely, there are plenty of statistics showing all sorts of hate crimes are massively up since the rise of Trump. Same thing in the UK after the Brexit referendum. And I don't mean against Trump or Brexit supporters.

You've obviously never dealt with DARPA personnel

You have exactly zero idea what people I've dealt with.

And you misunderstand our Constitution.

Yeah, I've been getting quite a bit of that here lately. I'm obviously as clueless about it as at least five federal US judges and a whole bunch of state attorneys. Going against the constitution and/or federal law is actually above the president's pay grade, and based on your expert knowledge of the system you undoubtedly also know that no judge will ever grant a stay against an executive order if they don't at least think it is reasonably likely the plaintiff will prevail on the grounds of the case.

But since you're talking fascism, it's interesting to point out that absolute contempt for the judiciary as expressed by both Napoleon and Squealer is probably an even better indicator than embedding Goldman Sachs banksters is.

I believe we should create a sub-Internet, a 100% secure one for people that would trade anonymity for security.

It has been pointed out at least a gazillion times not just on this blog but pretty much everywhere that privacy vs. security is a completely false dichotomy. Either you have still not caught on, or you are showcasing a sort of ideological narcissism that is on par with that of those that claim that the Soviet system was a really kewl experiment that actually panned out quite well.

buckarooFebruary 4, 2017 1:00 PM

@Wael

I neglected to include the below final paragraph in my previous post.

So who are the main users of the Internet? If it's #1 and #2, we can continue business as usual, because both groups are generally capable of defending themselves against cyber-threats. Carpe diem, caveat emptor, and all that. But if the answer is #3, representing the vast majority of the world, then we have a problem, because we're facilitating the transfer of an ever-increasing amount of money from the people to oligarchs.

WaelFebruary 4, 2017 1:22 PM

@buckaroo,

This is the $64,000 question and one that desperately needs to be answered,

And the answer will be longer than 64,000 words long, too!

So who are the main users of the Internet? [...] If it's #1 and #2, we can continue business as usua...

Oh, no! It'll have to be much more granular than that! What is the Internet, what does it's security mean, who are the owners, who has the right to do what, etc...

Ask @Nick P and @Clive Robinson about that. Go back 5 years and follow the C-v-P discussion...

@Dirk Praet,

I'm obviously as clueless about it as at least five federal US judges and a whole bunch of state attorneys.

Unassailable!

buckarooFebruary 4, 2017 1:47 PM

@Dirk Praet

"I am half a year younger than our host"

Sorry for the assumption.

"I adhere to the long-held principle that for the government everything that is not explicitly allowed is forbidden, whereas for the governed everything that is not explicitly forbidden is allowed"

The Constitution is quite clear on the distinction between citizens and non-citizens. Elected federal officials must have been a citizen for a number of years. Candidates for president must be natural born citizens. Treason is restricted to citizens, while sedition is the superset which can involve citizens and non-citizens.

"You have exactly zero idea what people I've dealt with"

True, but most DOD persons I dealt with were conservative, some very much so. Defense contractors tend to employ conservative people. DARPA is on the line between DOD and the civilian sector, but many of their projects involve defense contractors and security clearances. Been there, done that, including the security clearance.

"I'm obviously as clueless about it as at least five federal US judges and a whole bunch of state attorneys"

The U.S. has a history of really terrible SCOTUS decisions, with Dred Scott v. Sandford, Lochner v. New York, and Plessy v. Ferguson being just three. The Constitution specifically states, "The President shall be Commander in Chief of the Army and Navy of the United States," meaning he's responsible for the defense of the country. The judges are making political statements at the district court level. We'll see what happens when it reaches the appellate courts.

"absolute contempt for the judiciary"

Many of our presidents were guilty of that. I suggest you read up on the Clinton's adventures with the judiciary, especially when Bill ordered then-Attorney General Janet Reno to fire 93 U.S. Attorneys in 1993. Nixon is the one most famous for it, but Reagan, Clinton, Bush II, Obama, and Trump all did it.

"privacy vs. security is a completely false dichotomy"

Yes, I've read that many times, but I completely disagree. And the longer the status quo goes on, the greater the financial damage to the people.

buckarooFebruary 4, 2017 2:06 PM

@Wael

"And the answer will be longer than 64,000 words long, too!"

I'm sorry I gave a serious answer. I took you for an adult.

"Unassailable!"

There are 89 federal districts in the 50 states, 94 if territories are included. The exact number of federal judges constantly varies due to retirement and other factors, but the number is well over 600. So do the math, child: 5 / 600 equals what percentage of the total?

Not to mention that you confuse "its" and "it's."

WaelFebruary 4, 2017 2:14 PM

@buckaroo,

I'm sorry I gave a serious answer. I took you for an adult.

And I took you for a ride :)

Who?February 4, 2017 2:34 PM

Some of you, brave souls, may be interested in this tool:

https://github.com/corna/me_cleaner/

I do not trust it will work as expected, as most images are digitally signed by the manufacturer. I fear removing these partitions may affect the ability to do future firmware upgrades too. Too many ways to break too many different systems. But it is worth noting this tool exists now.

ab praeceptisFebruary 4, 2017 2:38 PM

Dirk Praet

I adhere to the long-held principle that for the government everything that is not explicitly allowed is forbidden, whereas for the governed everything that is not explicitly forbidden is allowed

*Very well* put. I fully support that approach.


@buckaroo

Addressing someone here as "child", "boy", or similar very much weakens your positions unless you happen to be factually right (which, well noted, is not the case re. Wael).

Who?February 4, 2017 2:46 PM

It may be time to disable our USB ports...

https://www.techpowerup.com/229594/intels-skylake-and-kaby-lake-based-systems-vulnerable-to-usb-exploit

Will it work on any USB 3.0 port?

...and look carefully [again] at the SMM on our computers:

https://recon.cx/2017/brussels/talks/baring_the_system.html

Hopefully, this time it seems the fix is on the hands of operating system developers. I trust more on open source and free software developers to provide the right fixes than on firmware developers.

WaelFebruary 4, 2017 2:50 PM

@ab praeceptis,

Addressing someone here as "child", "boy",

It's okay, he's not used to my style. He failed to see that my "64,000 long answer" isn't a joke. I gave him the context in my previous replies regarding FCC regulations, and a five year old discussion...

I won't reply to the rest of his weak logic, because I stop at the first insult, usually.

Dirk PraetFebruary 4, 2017 3:12 PM

@ buckaroo

"The President shall be Commander in Chief of the Army and Navy of the United States," meaning he's responsible for the defense of the country.

Which cannot be interpreted as matters of national security trumping the rest of the Constitution. You need Wallace's non-existing 35th Amendment for that. The seven countries on Trump's sh*tlist not having produced a single national who has killed anyone in a terrorist attack on US soil over the last thirty years also makes the entire argument of "national security" ridiculous.

The U.S. has a history of really terrible SCOTUS decisions

SCOTUS decisions, whether you agree with them or not, are what they are. I can probably quote a dozen of others I don't agree with either. Yet I don't jump to conclusions that they are a dictatorship to be gotten rid of. That's an authoritarians view. If you don't like it, amend the Constitution, overthrow them or live with it.

Many of our presidents were guilty of that.

But very few made it so painfully clear in the first two weeks of their tenure, and in terms such as "outrageous" and "ridiculous". Which is probably a first.

So do the math, child: 5 / 600 equals what percentage of the total?

There have so far been five legal rulings I'm aware of, all of them partially or entirely striking down the order. In my book, that's 100%.

Not to mention that you confuse "its" and "it's."

You don't get to address me as "child", mate, and you would have gone right through the pub's window if you had tried that there. If that's the kind of level you want to discuss at, please take it to Breitbart. As @Jen GS already noticed too, you're remarkably starting to sound like @looser thingie who for the same reasons was asked by @Moderator to move on.

trump_be_nimbleFebruary 4, 2017 3:14 PM

Are there 8 horseman of the apocalypse now?


From a Cellebrite spokesperson (edited)
https://motherboard.vice.com/en_us/article/hacker-dumps-ios-cracking-tools-allegedly-stolen-from-cellebrite

"Cellebrite develops methods for gaining access to phones that do not change or alter data on the device, the spokesperson continued. He wrote that Cellebrite's technology is used to combat 1) child trafficking and exploitation, 2) sexual assault, 3) murder, and 4) drug and gang crime."

plus

the 4 horseman of the apocolypse
5) terrorists
6) money launderers
7) child pornography
8) it can't be that hard to remember, can it? There used to be only 4 of them.

MarkHFebruary 4, 2017 3:40 PM

"The Habeas Corpus secures every man here, alien or citizen, against everything which is not law, whatever shape it may assume."
Thomas Jefferson to A. H. Rowan, 1798 in Lipscomb-Bergh ME 10:61

trump_be_nimble ...February 4, 2017 3:41 PM

Trump and Single Payer Health Insurance

Once upon a time President Trump supported a single payer health insurance system in the USA. The other day on Charly Rose Bill Gates stated something like "The USA spends twice the percentage of GDP on healthcare relevant to the UK (which has some waiting)".

Does President Trump care about the "wretched and insulted of the earth" or is he paying lip service to the, plus or minus, 99% of the USA's citizens

Is President Trump being "jammed" by insurance companies, big pharma, or doctors'
lobbies?

Dirk PraetFebruary 4, 2017 4:39 PM

@ ab praeceptis

I'll stop the list here but it should at least be mentioned that tor is *not* secure.

Nobody says it is - at least not against resourceful state actors - and @Clive has dissected all of its many shortcomings on more than one occasion. Tor, TAILS, Whonix, SubgraphOS, CubesOS etc. serves two purposes:

  1. Provide out-of-the-box security hardening and enhanced anonimity that is prominently missing from mainstream consumer OS'es, thus offering some degree of protection against data harvesters, cyber criminals and even local LE.
  2. Give state actors a run for their money, making their work increasingly difficult as more and more ordinary "nothing to hide" citizens become Tor and independent OS users whose private life and data are no longer a call to or a tap into Microsoft, Apple or Google away.

@ Who

It may be time to disable our USB ports...

Any company even remotely taking its security serious already did so a long time ago.

Some of you, brave souls, may be interested in this tool

Thanks for the pointer!

Elmer FUDFebruary 4, 2017 4:45 PM

In dumping on the various Tor isos, ab preceptis is overegging the pudding.

His first argument is that they are not secure because they are not always perfectly secure. In practice they only need to be secure enough to thwart police-state button pushers. NITs are fragile hothouse flowers that can fall victim to an unexpected operating system, an idiosyncratic compilation or browser configuration, or unforeseen tweaks to files or syscalls. So you combine lots of things like that into serial barriers with parallel sensors until you are satisfied with the probability of an undetected compromise attempt. That's all anyone can do. NSA button-pushers are somewhat more adaptable; TAO can throw more and better resources at you, but few of us are subversive enough to merit their valuable attention. Greenwald and Snowden are that subversive. But they took a calculated risk and it worked out. It worked for Manning too - boasting to Lamo was his downfall. Everybody and his brother ransacked Clinton and the DNC, and everybody got away with it but poor old sitting duck Seth Rich.

So a.p.'s next point, Tor paints a target on your back, is commonly-invoked FUD, but it's reductive at best. If encryption were useful as grounds for suspicion, Comey wouldn't be whining about the Internet going dark. Available defenses for your privacy rights might be imperfect, but you'd have to be a neurotic idiot to give up any privacy because you're afraid you'll get in trouble.

ab praeceptisFebruary 4, 2017 5:18 PM

Dirk Praet, Elmer FUD

Sorry, no. Maybe many think your way because in the situation we're in, it might seem that *anything* providing (or seeming to provide) *any* security is welcome.

When I see "debian-based" I don't need to look any further. Nobody halfway knowledgable about security know that debian is certainly not the way to go. Why not build on, say OpenBSD? Those guys have a track record of being seriously concerned about security and knowing a thing or two about it. And don't you get me started on systemd; the day debian took that route they signed being utterly security ignorant.

As for the "fud" I'm said to spread. Wrong. It's not you who put up the measures, it's the cops and agents and district attorneys and judges. And frighteningly many of them are clueless but ready to use no matter what against people. Fast is that weapons, illegal porn, drugs and whatnot are sold via Tor. *That* is what those people see, not that tor is a legitimate means to achieve better privacy.

Sure, they won't put you in jail just for using tor (I'd strongly hope, at least) but using tor *will* more often than not turn against you, at least as one factor.

Moreover if regional cops can't get through they call bigger ones and sooner or later you'll meet an fbi swat team. Horror stories you say? Well, you might want to ask the - relatively low criminal - people whose homes were raided by fbi swat teams ...

Let me give you another hint: Most VPS providers don't tolerate tor exit nodes if they tolerate tor at all; many don't. There might be a reason. More importantly though: Who so you think the "friendly" guys who allow tor exit nodes are? We've learned that lessons with vpns.

Finally: There is a reason that seriously security minded people break their heads and painstakingly work to push it yet a bit further. *That's* how really security conscious people work. Thoth is an example.
I can't imagine Thoth to get millions from soros and even cia related sponsors, nor can I imagine Thoth saying "oh well debian's good enough. Let's add some security mumbo jumbo on top plus some virtualization and be done".

All them tor and virtualization fan boys though do exactly that in one way or another. And of course with plenty of hype.

You believe in tor? Great, go and have fun. But don't call me a fud spreader because I don't fall for that rotten smelling pile.

ThothFebruary 4, 2017 5:22 PM

@Clive Robinson, ab praeceptis

We have done lots of discussions in the past on the weaknesses of TOR and how to improve it. A simple search would yield our ideas and also our arguments why TOR's method of communication and routing can leak metadata.

The fact that TOR has been and is experiencing a sort of "cult-like worship" just like the Apple fanboi worship.

We have the interest of the public's personal security and privacy by talking and discussing about TOR's weaknesses in a proper engaged diacussion without all the fanboi-ism and worshipping but in a logical approach.

The fact that there are people who strong only prefers fanboi worship and not logical facts, I think we would just push high assurance security out and over the cliff and let people continue to be stinged by many security problems and privacy issues we try to fix and point out nicely in engaged discussions but also disrupted by fanboi-ism.

Please continue to use TOR and use LEA infected TOR hidden services by their NITs. Don't come running around and saying that FBI, CIA, GCHQ, NSA, FSB ... are playinh unfair by exploiting TOR's weaknesses. Not that we haven't already warned and spoken out. Continue to use it for all we care. Good luck on that.

Also, the next Seasonal Greetings of "Fame" that I have been creating during festive seasons will include TOR and OpenSSL. @ab praeceptis, enjoy the next seasonal greeting.

rFebruary 4, 2017 5:35 PM

@Dirk,

The whonix snark stems from it being built on a platform of western subversion.

What you're hearing, when you read it back to yourself is the sound of teeth grinding as a post-secondary symptom of gears gnashing 'gnu trash'.

rFebruary 4, 2017 5:42 PM

Only a code cutter would complain that much.

He's here to learn just like the rest of us, otherwise it wouldn't be a back and forth.

Elmer FUDFebruary 4, 2017 7:02 PM

@a.p., yes, yes, point taken, no existing privacy distribution is safe enough to protect your precious ass. Persons who feel an ethical imperative to disclose state secrets shielding crimes or dereliction have made different choices, and it worked out fine. The security of their computer gizmos was quite adequate, albeit a minor factor.

And you expand helpfully on the privacy-as-grounds-for-suspicion argument, explaining that cops and agents and district attorneys and judges are legal ignoramuses ...So what else is new? And they think that exercising binding legal rights is grounds for suspicion, and they'll send FBI apes in soldier suits to my home if I try it. So, ah, I'm guessing you've never leaked anything touchy. Next time I want to, I won't come to you. (Last time worked out fine without you.)

As for distrust of Tor exit nodes, in fact most are in the G-77 or in Russia. Those countries comport with human rights law more fully than the USA does. So in that respect the system works.

@Thoth, in my experience no one, aside from perhaps a couple of Tor developers, fits the 'fanboi' stereotype derived from software pissing contests. Most rights defenders seem quite pragmatic. Shadowbrokers used Zeronet. Others use Freenet. And so on.

Dirk PraetFebruary 4, 2017 7:07 PM

@ Thoth, @ab praeceptis

Amigos, you get no argument whatsoever from me that Tor and Tor-centric security & privacy focused Linux distributions in itself are NOT secure in any way. And yes, I'd love to see Tor substantially re-worked, dumping Linux in favour of xBSD.

So the question becomes: what do you recommend a group of activists that in general are technologically illiterate and for whom even getting PGP right or TrueOS/OpenBSD installed is an impossible task? Wing it on Android and Windows 10 communicating over Gmail and Skype? Adopting Freenet and/or I2P? Getting off the grid altogether reverting to OTP's, pre-internet OPSEC and methods of communication? How does that scale over borders?

And even more important: what does the average citizen do to even minimally shield himself from ubiquitous corporate and government snooping? Shrug his shoulders that he has nothing to hide, that we're all f*cked anyway and just learn how to love Big Brother?

ThothFebruary 4, 2017 7:23 PM

@Dirk Praet

I guess that's the facts of life. Ideas have been proposed to use OpenBSD for a long time and it goes on like nothing happened.

Suggestions to do separation with another hardware and most projects still focus on putting keys in software and weak passwords that does not have multiple factor authentication.

There are many examples of bad implementations, weak or poisoned standards and many other problems. A search would find whatever most of us posted and we are re-iterating the same thing again and again and giving out the same warnings that mostly falls on deaf ears.

Anyway, most people don't really care about security and personal privacy. There's only so much we can advise and do. We just sit back with pop corns and watch the boulders roll down the sides since we have already tried and burnt our hands on all those occassions.

rFebruary 4, 2017 7:54 PM

Tor is licensed BSD style, #1.

#2 Tor is not bound to 'xBSD'.

#3, 'xBSD' would kill Tor faster than you can say 'freebsd-update'.

They [specifically] have nearly as bad a track record as the splinter cell's behind the many linux.

While OpenBSD is great and all referencing @Thoth(?) in that aspect when he was pushing fbsd on effectively ucARM vs the many more eyes of linux is a reasonable attempt at failure in and of itself outside of the fact that there are _again_ less eye's eye balling it at any given point.

The only thing ab is right about is we are hawking the wrong things, other than that he is entirely derisive belittling and smug about it.

And as for "never leaked something touchy", he just did yesterday proclaiming that he has suspicions about who he is subcontracting for and their desires.

I think his frustration comes from his lack of ability to coral us as monkeys, he sounds like a code cutter frustrated at having to verify freebee's for the rest of his life.

If he was accomplished, he'd be one of the minds behind minuet and it's ilk. If a schitzophrenic can do it what's his excuse?

A) no self motivation.
B) no self determination.
C) an inflamed hernia.

My hernia is inflamed too, but mine is inflamed from an alergy to latex - what about the rest of you?

Is latex your allergy or parental subparvision and an inability to _get_the_job_done_ ?

rFebruary 4, 2017 8:01 PM

Don't get angry, get writing.

Writers block is not blocked when one complains, that's a misappropriation of one's creative resources.

See my example for misdirected euf.

Elmer FUDFebruary 4, 2017 8:01 PM

Could be so-called security people have nothing to offer whistleblowers and other rights defenders. Rights defenders approach their problems with something resembling tradecraft. They'll use misdirection, hiding in plain sight, disguise, diversion, redundancy, surprise, noise. COMSEC is one tiny part of that. If you fixate on threats to COMSEC, you're puffing up the importance of whatever you know and ignoring the requirements. Which of course is what technicians do.

There's one technically competent guy who's come up with a spec for the whole system: Assange. He's specified an environment of pervasive mistrust to be imposed on criminal enterprises or states, with support systems that make everyone a potential informant. If you're just peeking out from behind your firewall at 60 zillion conceivable threats, you're utterly irrelevant. You need to be the threat.

ab praeceptisFebruary 4, 2017 8:06 PM

Elmer FUD

What exactly makes you so sure that leaking and whistleblowing *does* work your way? The fast that you leaked something and no geared up apes knocked down your door certainly does *not* proove it.

But hey, if you *want* to believe in the wonderful security miracles linux, virtualization and tor can do, go on; I certainly don't want to be in your way. Even better, I suggest that you throw in php and ssl/tls, too.


Dirk Praet

The amount of advice I can give to illiterates is rather limited. I'm too far away and can't relate to them. That is in no way arrogant; it's simply seeing what I can and what I can't.

But I have at least limited good news: gnome or whatever doesn't look or behave significantly different on, say, OpenBSD than it does on linux. I mean, isn't cubeos etc basically telling people "Look, everyone can use our thing. It's dead simple"? Well, it isn't less simple on OpenBSD.

Which brings me to another reason I can hardly help out with advice: firefox, chrome, you name it, is *not* trustworthy. Not at all. No matter how much "we are the nice guys" noise they make. So an illiterate, say whistleblower, is pretty much bound to end up insecure.


All that stuff is good enough to defend against ones nosy mother in law and maybe against smalltown cops but certainly not against federal players.

Let my shine some light on some exemplary detail: major whistleblower sites are http. Which translates to a) tcp which translates to full handshake, b) apache, nginx, whatever, running on linux, plus next to certainly some funny scripting. Good luck with that ...

Elmer FUD provided a good hint, though: If I wanted to leak something, I'd certainly not do it from inside 5 eyes and preferably from inside or at least through Russia.

ab praeceptisFebruary 4, 2017 8:08 PM

Elmer FUD

Oh, wow, me so impressed. "so-called security people". You gave it really hard to us.

rFebruary 4, 2017 8:10 PM

@ab,

Leak what from inside of russia?

Something smuggled out from outside of russia?

Your map like your brain is only half lit.

rFebruary 4, 2017 8:19 PM

You over simplify the environment you describe, it's possible to limit TLS to certain libraries; certain algos; certain traits. More than that you limit yourself to mainstream servers - you ignore bozohttpd you ignore the fact that a half-hearted httpd can be implemented in <100 loc.

Verify that, really - go forth and phrase your opinion in the form of a question.

Can I write a custom server in 100loc ?

I wrote a http based vnc in 800 bytes, I bet your vendors would've payd loads back in the deh but you bitch and you whine.

Grow up, there's lot's that can be done by an enterprising entrepreneur but whining about how there's no free downloads you can trust in the situation you're in - well, I don't know what to tell you other than to get ... crackin' ... bud.

I don't recommend nginx, I don't recommend apache, I don't recommend TLS or OpenSSL - and I don't recommend listening to you.

I recommend asking questions, verifying code byte by byte. I advocate exploration of uncertain binaries and spelunking code.

But I enjoy my work, r u?

rFebruary 4, 2017 8:57 PM

In all fairness, the problem you've described since I've been bantering with you is this:

You work for a company, this company sells your time and developmental disorder to others.

You espouse verified work, they need a product yesterday.

You have to deal with slim pickins, and it irks you deeply.

Are your clients the illiterates you speak of?

Do they drive you mad wanting subpar solutions faster than you can produce?

Have you been forced to repurpose gnustalgia and false-store-front operations only to find bugs or be scared that bugs will be found?

This is what you describe and what leaks from the %20 between your dword debauchery.

We hear you loud and clear about verification, but can you hear yourself inside that echo chamber or does the noise cancel it out?

Reflect
Reflect
Reflect.

A tool for every 1 just not for the 0'sFebruary 4, 2017 9:04 PM

We all need better tools.

Some of us like to use our hands, some of us like to use people.

Data wants to be free, if you were an advocate you would've never signed that development waiver bro.

Elmer FUDFebruary 4, 2017 10:19 PM

Who said linux security was miraculous? I said it was adequate. Why kill yourself perfecting unimportant stuff?

Re security, the only comprehensive definition of security is human security - protection of humans from serious crimes. If computer security can't articulate with that, who needs it? If you can't denounce state crime with it, it's crap, EAL 200 or not. Your functional spec is regime change: stop NSA state sabotage of networks.

Manning forgot more computer science than Manafort and Stone will ever know, but who got away with high-profile leaks? Manafort and Stone discredited the Democratic Party as a roach motel for reformers, reduced it to a gelded rump. And who took the rap for the lethal drip-drip-drip of leaks? No one. There's a dead guy nobody wants to talk about, there's a bunch of old spooks who say they know who did it, there's foreigners in droves cryin laughin, trading Weiner's dick picks like baseball cards. But there's no patsy. Now THAT's security.

Nick PFebruary 4, 2017 10:47 PM

@ Elmer FUD

"Rights defenders approach their problems with something resembling tradecraft. They'll use misdirection, hiding in plain sight, disguise, diversion, redundancy, surprise, noise. COMSEC is one tiny part of that."

You're actually talking a combination of counterespionage techniques, OPSEC, and INFOSEC. This is true. Many methods should be used. The old tradecraft can work really well.

"If you fixate on threats to COMSEC, you're puffing up the importance of whatever you know and ignoring the requirements. Which of course is what technicians do."

"There's one technically competent guy who's come up with a spec for the whole system: Assange."

You literally just fell victim to your own trap. Assange's scheme worked temporarily while costing a fortune for the OPSEC. Everyone connecting to his site was suspect, it could be filtered if nations agreed on that sort of thing (more do now), he used COTS that NSA has vulnerabilities in these days, and he depended on financial networks for support. In the end, after threatening major banks, the bankers had enough of his shit and decided to deal with him themselves: cut all funds to Wikileaks via Mastercard, Visa, and Paypal. He ended up on the run with more governments deciding to come after him while he burned through cash. Now he's stuck in an embassy surrounded by cops and spooks.

Worst example to follow. Using a combo of good tradecraft and electronic anonymity to leak secrets to recipients is much better model.

Clive RobinsonFebruary 4, 2017 10:49 PM

@ Elmer Fud,

Could be so-called security people have nothing to offer whistleblowers and other rights defenders.

Actually we do, and one of the most important is prediction based on experience.

The software industry is an unmitigated disaster area when it comes to the way it works. You get people talking about "Computer Science" and "Software Engineering" yet any competent scientist or engineer would tell you that the software industry is distinctly lacking in any engineering or scientific process.

In effect the software industry is very very immature and has not realy made it as far as "artisanal" behaviour you would expect of pre-Egyption stone masons.

Most people who care to think and read about building know that if you want a building to stand a chance of weathering storms and lasting more than a brief moment or two, it needs solid foundations.

If you don't have solid foundations then the repairs and "plastering over the cracks" you will have to do, will occupie much more of your time than they should. But as history teaches us if you don't learn from your mistakes you are condemned to live them over and over and thus not progress.

Much software is written like a person scavaging together fallen branches of a tree and haphazardly throwing the down in heap. In a thoughtless attempt to make a place to crawl into that with luck will keep off the mildest of wind and rain for a night or two and no more.

Such structures are inherently dangerous to use, and are in no way secure or defendable. So much so that we try to teach even the youngest of people the rudiments of why that is, hence the story about the wolf and the three little pigs.

So the first step to offering the badly needed security and privacy is to point out that you can not build castles out of a pile of rotten old sticks. Further that replacing the sticks with stones is no better if you don't make the pile secure with good foundations etc.

Even the best of security software products for consumer level use currently are little more than earth works topped with thickets and bushes. Fine to keep the sheep in but not keep the wolf out.

The problem is that although we know how to make the equivalent of castles, people only want to pay for hollowed out hay stacks that are made to look fancy by hanging wreaths of nearly dead plants inside to give a bit of colour.

As long as people want to spend more money on flower arranging than masons and carpenters they will not get security let alone privacy for all but a few monents in summer...

Yes we can build software that has the security of castles or even prisons but you first have to clear out the heaps of sticks and hay and rotting flowers, then put in some hard work to build some solid foundations.

But ditch digging is never glamorous and it is all blood sweat and toil, as is putting in the rocks and stones but it pays off over the longterm.

Jen Gold StockholmFebruary 5, 2017 12:27 AM

@ Clive @ All

@ r : the new and improved, only vaguely more coherent lo-fi analogue version of the english 'hentity' who had the hots for Saga Noren & The Bridge until he inexplicably disappeared : quite enough to drive readers off to another site,frothing at the mouth.
I hereby rechristen you rheto-ric-kik-kik-kik-kik-hentity

On the other hand, posts like this, Clive, create life long patronage. merci merci merci beacoup

I'm going to write a schneier comments filter based on handles. Solves everything! (!!!) suddenly quite excited

Paras February 5, 2017 3:01 AM

@Dirk Praet

"It describes how an FBI director introduces a (fictional) 35th Amendment that overturns the Bill of Rights saying "No right or liberty guaranteed by the Constitution shall be construed as licence to endanger the national security".


Too late, there is no U.S. Constitution or Bill of Rights protection in times of National Security

SCOTUS ruling that constitutions and laws are not sufficient of themselves...Despite the unequivocal language of the Constitution of the United States that the writ of habeas corpus shall not be suspended, and despite the Fifth Amendment's command that no person shall be deprived of life, liberty or property without due process of law, both of these constitutional safeguards were denied by military action under Executive Order 9066

Dirk PraetFebruary 5, 2017 7:56 AM

@ ab praeceptis

So an illiterate, say whistleblower, is pretty much bound to end up insecure.

You didn't quite answer my question. You seem to be suggesting that the technologically illiterate just give up altogether and stick to their favourite mainstream data collection platform. Is that really the message we want to send out both to those responsible for the current state of affairs and to those who are trying hard to improve on it, however imperfect most of the stuff they currently come up with?

Myself, I am a pragmatic person. If tomorrow some whistleblower asks me what to do I'll still advise him to use TAILS, PGP and Signal. It may just buy him enough time to get his message out and make the necessary arrangements to disappear to a jurisdiction with which there is no extradition treaty. When friends or relatives ask me to have a look at their machines, by default I tighten all privacy settings, add telemetry blockers and a number of browser extensions to get rid of ads and data tracking. Same thing for their phones and tablets.

It will not buy them any real security or privacy - and I'll also tell them that -, but at least they'll be a little bit less insecure than their counterparts who just continue using default Windows 10 and Android setups that spill their data all over the place. And which, depending on the situation and combined with some decent OPSEC, can still make a world of difference. If Snowden hadn't done so, he'd now be rotting in jail.

MajorFebruary 5, 2017 8:32 AM

@Jen @All

Jen, you seem obsessed with seeing through handles and finding folks to banish.

Did the comments section have a crisis when I was looking away?

Every time I come back to the site I use a new handle and I also vary my word choice and punctuation. This seems like basic security to me, as someone who avoids social media in general. I am not saying anything too exciting, but I'd prefer not to be "graphed" too easily.

(I do not use multiple handles at once. I despise that kind of deceit.)

Mostly I read the various comments and links with interest. I find it very easy to skip over any comments that I don't want to read without help from the moderator and filters, but frankly I do not find myself doing that much. Refusing to read people's opinions does not make them go away. And, if you will excuse the implied self-compliment, I think the ability to tolerate contradictory ideas is a good measure of intelligence.

I post infrequently and regret it within minutes half the time that I do. I try not to let myself post when I feel a too urgent need to respond. I try to not let my ego get too involved, but, of course, it feels good when people find a post worthy of comment, even to contradict me. Maybe similar processes drive other people's extensive and excited posts. It is a general human need to be heard and given attention.

I assume everybody knows that this blog is a haven a civility compared to the angry hurtfulness that is gleefully on display in most news comment sections on most sites. I enjoy the rough and tumble here because it is suffused with information and intelligence and any disdain displayed tends to stay within reasonable bounds.

MajorFebruary 5, 2017 8:58 AM

Re: BSD

I keep hearing the message "Dump Linux. Use BSD." I've tried. I found BSD willfully obscure and far from user friendly. Putting up a graphical frontend was a big deal.

Now, maybe I wasn't using the correct flavor. I also understand that BSD flavors have been working on ease of use.

If my two criteria are:
1 - An improvement in security over Linux, keeping in mind that nothing is 100% secure and that the higher levels of security are probably unnecessary for a relatively moderate and peaceful code jockey like myself.
2 - Basic ease of use. An easy to install GUI. Some tools so that I do not have to learn how to write config text files for every bit of software I wish to use. A decent software library.

What flavor of BSD (or what OS in general) do you recommend I try?

Thanks in advance.

rFebruary 5, 2017 9:33 AM

By support of commodity hardware accessories (may be slightly off)

#1, windows
#2, linux
#3, freebsd
#4, openbsd
#5, netbsd

By support of hardware platforms,

#1, netbsd
#2, linux
#3, freebsd
#4, windows
#5, openbsd

By ease of installation (also may be slightly off)

#1, windows (gui)
#2, debian ubuntu fedora suse (gui)
#3, freebsd openbsd (tui /w/ defaults and suggestions)(openbsd also supports FDE at this point I'm unfamiliar with fbsd and this feature)
#4, archlinux
#5, netbsd, slackware
#6, gentoo

a) all linux' support FDE (but outside of the gui enabled installers this introduces a second learning curve)
b) netbsd, as with other arm(and mips)-targetting platforms I believe the installers amount to 'dd scripts'.

Misc. Breakdown

Windows) Closed source, reasonable security protections in it's modern form.
Debian) no real protections by default outside of FDE from the installer.
Ubuntu) see debian above.
Fedora) Lots of default protections included but nothing truly hardened (FDE capable from GUI)
Suse) See fedora.
Arch & Gentoo) Severe hardening options for ia32/aa64 readily available but digging required, FDE not readily accessible without a learning curve due to them being TUI'd.
FreeBSD) Not sure really on them, hardenedbsd is based on them so my money is on protections not included by default. Both 'hardenedbsd' and 'dragonflybsd' are forked from FreeBSD like how OpenBSD originally was, don't expect such an exodus to imply security confidence.

Arch and gentoo are the only linux communities with access to GRSEC patches outside of commercial payed releases. OpenBSD supplies many similar and sometimes more extensive protections by default in their BSD licensed release but does not support nearly as much commodity hardware and accessories as linux and it's derivs.

FreeBSD is a hack, it was good enough for google in the 90's early 2000's until linux upped it's ante.

NetBSD is brilliant if you want to repurpose a set-top-box or an old sega dreamcast, it can be homed almost anywhere and supplies a very u(as in unix)ser friendly environment while not providing the same security assurances of the aforementioned platforms.

OpenBSD is wonderful if they are to be believed but you will find all sorts of unsupported hardware that other operating systems currently implement, so it's deployment base is considerably more sparse.

P.S.
Please, interject and correct me if I am wrong - a man and his love of hobby OS's like menuet and the directly verifiable assembler kin only has so much time in the world to investigate.

rFebruary 5, 2017 9:43 AM

Fedora and Suse may be implementing SELinux in their default installations, you may want to double check those are still only filesystem and process isolation mechanisms but it's more than what Ubuntu and Debian include by default.

There are hardening docs available for all of the linux variants out there but by far the most readily available for the financially burderened would be Gentoo Arch and OpenBSD.

HardenedBSD and DragonFlyBSD have not been directly investigated even once by me due to their semi-recent migrations and compatibility with the freebsd base.

I am a gentoo and openbsd fanboi, my apologies to freebsd for the slander but it's an ideological divide.

Pigeon hole me guilty as charged.

MajorFebruary 5, 2017 9:48 AM

@r

Thank you for the comprehensive and well organized run down of OSs. It is more than I hoped for.

(But I would love more responses if people have more to add...)

rFebruary 5, 2017 9:49 AM

QubesOS, based on microsoft's xen and linux utilized both debian(whonix) and fedora within it's emulated layers.

It's the most complete solution to date, but as such includes a very LARGE attack surface.

It's a GUI based installer with considerable limitations to the hardware it can properly be installed upon.

Whonix tor-ramdisk and openbsd/gentoo and netbsd make for great single purpose devices.

ab praeceptisFebruary 5, 2017 9:58 AM

Dirk Praet

I respect and understand your position and maybe that's even what I would do, too.

What I meant, however, was that I'm not able to turn an illiterate into a tech- and security savvy person. In my minds eye they are just bound to loose.
That doesn't mean much, however, as extremely few normal people have major secrets to share, the kind that would bring up state players as adversaries. So I rather concentrate on the what is achievable, albeit boring. Things like "keep your OS updated! Choose good passwords and don't put them on a post it on your monitor, be sure to update your plastic routers firmware".

Moreover I happen to know from experience that there are working alternatives for leakers who are not tech-savvy. One example I know of is to simply use a lawyer as in between.

In the end pretty all solution are either ugly or not achievable for illiterate people. My point was another one anyway: I see major danger in *feeling* secure (say, using whonix) but *not being* secure. Just look at many cases like the one where fbi cracked a dark site protected by tor. The real problem was that those guys *felt* secure but were *not*.

ab praeceptisFebruary 5, 2017 10:03 AM

Major

Sorry, I'm afraid I can't follow. I relatively frequently install diverse BSDs and find it even more comfortable than the (similarly easy) linux process (probably a question of personal taste).

You boot the install CD and you are greeted by some installer (albeit text mode) that is rather easy. You walk through it and answer pretty much the same questions as with a linux install.

That said, I usually install servers, i.e. no X ("Windows"). Maybe that's more diffcult. I have seen quite good success, though, with newbies using "PC-BSD". Maybe that's what you should try.

rFebruary 5, 2017 10:03 AM

@Nick P, ab praceptis

Any thoughts on the Sel4 iso /w virtualization?

OpenBSD is currently attempting to include a smaller per-core capable virtualization mechanism for aa64, how does Sel4's hardware support stack up when currently both of them lack an IOMMU ?

addendum: Sel4 is verified and verifiable, OpenBSD is not.

rFebruary 5, 2017 10:19 AM

After all of this, comes the question of hardware.

Are AMD Intel and ARM backdoored?

If that's the case then things that support processors and support hardware from era' passed need to be considered with a promotional edge, things like NetBSD or linux can be self-compiled or installed a la ab's position of small-servers into various operating conditions with relative confidence.

Shoehorning things however, is not for the light of heart.

MajorFebruary 5, 2017 10:27 AM

@ab preceptis

Yes, my issues with BSD arise from using it as a workstation/development environment, rather than a server.

PC-BSD sounds great but it appears to be at end of life. It has become TrueOS. Is there any reason I should avoid TrueOS?

Thanks!

ab praeceptisFebruary 5, 2017 10:39 AM

Major

Yes, right, they changed the name (and possibly some details).

As for your question: That depends on what you need and what you know. For me personally PC-BSD/TrueOS is rather worthless and has more disadvantages (e.g. fat bloated installation packs) than advantages.
For a desktop user who is just entering the BSD world though I'd consider it one, possibly the, attractive option.

Dirk PraetFebruary 5, 2017 10:44 AM

@ Major

Did the comments section have a crisis when I was looking away?

We recently had three commenters strongly advocating so-called "alt-right" opinions. Some of us suspect it was actually one and the same person, or at best two. It was not their opinions, but their repetitive soapboxing and condescending tone that got them banned, in essence calling clueless idiots everyone who didn't see things their rather authoritarian way.

What flavor of BSD (or what OS in general) do you recommend I try?

Give TrueOS, the recently rebranded PC-(Free)BSD a try. It installs reasonably well, comes with the OpenZFS filesystem, OpenRC, GELI FDE, Personacrypt (optional 2FA with home directory on a stick), transparent torification and a light-weight GUI desktop called Lumina. You can also go full KDE or Gnome if you want, but which as usual adds a lot of unnecessary bloat.

It is now a rolling release that allows for multiple boot environments. Which is a very much needed feature as over the last couple of years I have had nearly every major PC-BSD/TrueOS upgrade blow up in my face, leaving me with partially or even completely broken systems. But it is slowly improving.

You may also wish to check out Linux-based "adversary resistent" operating systems like Subgraph OS (alpha!) and PureOS. Unless you *really* know what you're doing and have done an extensive pre-flight hardware compatibility check, stay away from OpenBSD or NetBSD. However much the better picks from a security vantage, they pretty much suck as a desktop platform for ordinary users.

@ ab praeceptis

The real problem was that those guys *felt* secure but were *not*.

Which is actually their own fault. The developers behind Tor, TAILS, Whonix and the like all publish tons of disclaimers that their stuff does NOT automagically make anyone "secure". A gun in the hands of a sane man with proper fire arms training is an asset he is likely to stop a couple of burglars with while still leaving him defenseless against an entire SWAT team. In the hands of an idiot, it's just a recipe for disaster.

@ r

Arch and gentoo are the only linux communities with access to GRSEC patches outside of commercial payed releases.

Subgraph has it too. Plus PAX.

rFebruary 5, 2017 10:59 AM

The best development environment money can buy in my opinion at this point in time is a QubesOS compatible server, there are a couple that are capable of full virtualization under Qubes and Xen that include coreboot/libreboot capabilities and 256+gb of ram.

rFebruary 5, 2017 11:15 AM

Think about it, under a single instance of qubes one can run a hardened gentoo git server and openbsd firewall with virtualized networking and any version of operating system one wants for cross-os testing and deployment. It's very flattering when you look at it especially where price is considered, I was able to pick up one (used) for ~$300 usd.

It allows me to develop directly for virtualized android windows and linux simul and still have room to play on a single "secured" box.

Granted a 1/2/3u isn't portable and the power envelope can be sizable but the protections granted from core/libreboot AEM and FDE are sizeable when you can stuff 256gb of ECC into the thing.

There are some DDR2 capable models for sale also, but - as with any threat model - mine is not yours.

All in all, you still have space for QEMU cross-platform virtualization of ARM and MIPS even.

So the sky's the limit if you're willing to trust ... certain ... other's code.

Elmer FUDFebruary 5, 2017 11:22 AM

@Nick P, thought-provoking re Assange.

Yes, Assange as the face of the movement is embroiled in melodrama of the sort that keeps his archive in the news. But Wikileaks per se is uncontrollably decentralized, with many of us, perhaps even here (don't raise your hand) maintaining or conveying their information. In addition to COTS, Wikileaks uses tried-and-true courier technology of neolithic vintage and the postal equivalent of Tor. Even with 'more governments deciding to come after him,' influential secret services are satisfied customers of Wikileaks - no less a personage than Bill Binney says so. Wikileaks' business is booming.

Assange is now planning the next stage of his meteoric career. A few years as a prisoner of conscience in a US gulag would do wonders for his political prospects. He's run a pretty effective campaign for a legislative seat without ever showing up, and US persecution would put that over the top. Wikileaks' contribution to multiple international criminal investigations of US war crimes and crimes against humanity means that any crime he's charged with under US law is presumptively political. Assange is daring the US to make him the white Mandela.

So yeah, uh, oh, the desperados are gonna string Lone Ranger up, but then Tonto shows up after the commercial, when you forgot about him. Tonto is the one whose tradecraft matters.

rFebruary 5, 2017 11:57 AM

lol @ don't raise your hand, what the last time the GRU interdicted you guys had a fit behind the zines ?

rFebruary 5, 2017 12:14 PM

Using a meteor as your keyword implicates disaster for the entity it entails, plan carefully and maybe you'll get lucky without burning another operative who'd just crash and burn down civilians.

Trajectory more oft than not an arc where less than stellar bodies are concerned.

Who?February 5, 2017 12:15 PM

@ r

Are AMD Intel and ARM backdoored?

Ha! This one is the million-dollar question. Only a few people in the world have an answer to it!

No one has proved (yet!) that these manufacturers are backdooring their products, but it is not to hard to believe if we consider that AMD and Intel are U.S.-based corporations (just a NSL away of a backdoor) and ARM headquarter is on another FVEY member.

Even if these manufacturers are not backdooring their products the unbelievable complexity of current firmware (just look at anything built around the Intel vPro technology) makes them have bugs from time to time. Just consider what bugs are being published by guys that do not have access to the firmware source code and now think what a powerful agency like the NSA can do with complete access to the source code and people being paid to do some classified research on vulnerabilities of that code.

My guess? (and it is only a wild guess from someone that is not as clever as most of the people on this forum!) Firmware, at least on widely available platforms, is not backdoored. Someone would have seen something odd at this point, like traffic targeted to external networks from machines that should not communicate this way. However I would say there are a lot of bugs that remain hidden because the firmware source code is closed and are known to intelligence agencies around the world.

Clive RobinsonFebruary 5, 2017 12:22 PM

@ Dirk Praet, ab praeceptis,

... depending on the situation and combined with some decent OPSEC, can still make a world of difference. If Snowden hadn't done so, he'd now be rotting in jail.

Apart from most comercial grade OS's, apps and drivers are compleatly crap, there is another thing we have to consider. Which is your "depending on the situation".

For most people security and privacy is a "Red Queens race" that might or might not end with an "Off with their heads".

What most tend to forget is that even the likes of the US NSA and UK GCHQ are "resource limited" in many many ways and it is part of the "record it all ethos" that in effect gives them an information only time machine that reaches back into the past with what is possible now that was not back when recorded.

Thus there is a plane of time against resources/knowledge that security plays in. Thus with certain exceptions the security of information decays with time (Bruce's attacks do not degrade with time).

The plane broadly has three sections, attacks that are,

1, known academically/publicaly,
2, known to the IC's,
3, unknown awaiting discovery.

You, I and many people are playing somewhere in the first section, often so far back from it's leading edge we might as well be at the zero point for security. The SigInt Agencies play in some of the first and some of the second sections, but obviouly not the third.

Importantly the SigInt Agencies do not have the resources to play in all the first or second sections. But for the common user the best we can do is guess what they do and don't do.

Ed Snowden was not a common user outside of the IC, he was an insider to the NSA and thus had a better view of what their resources alowed them to do. Therefore he could and presumably did tailor what he did to play in the gaps of the NSA's resource coverage.

That WAS Ed Snowden's edge, but is now unlikely to be so. It's likely that when his methods became known or assumed the SigInt Agencies changed their resource coverage to take his methods into account. So in all probability what Ed did works no more as the gaps will have been covered thus closed by now.

Which brings me onto my viewpoint I've expressed a few times here over the past few years,

Firstly it's safe to assume that the SigInt Agencies will move their resources to cover what becomes possible by a common user in the first and second sections faster than a common user can learn how to use them safely.

Secondly it's safe to assume that any hardware or software a common user had access to, the IC / SigInt / LE Agencies have already got access to or will have access to within days and weeks --not months and years-- of it first appearing on the market.

Thirdly it's likewise safe to assume that even proffesionaly designed security hardware and software is, if available outside of the NSA / GCHQ or other top SigInt Agencies, backdoored in some way.

I know it sounds like I'm realy pessimistic or have a defeatist attitude at this point, but actually I don't. I'm just making an assesment that will be valid now if not in five to fifty years, which realistically is what you have to plan on if you want to still be alive in certain parts of the world.

There are two things we can do.

Firstly we can use obscurity if we practice good OpSec. That is if you know how to design certain types of equipment and software combinations, you can play in the SigInt Agencies resource gaps in the first and second sections of the plane.

Secondly you can take advantage of the third section of the plane, and use techniques that we know that there are no attacks probable in a reasonable time frame.

Whilst a number of people who read this blog can use "obscurity" that will remain effective for atleast a decade or so if they practice reasonable OpSec and do not become "targets of interest" it's inappropriate for all others.

The third section of the plane is where it is both practical for all to play and have more than sufficient time to learn how to do things securely from the CompSec CommSec point of view.

Unfortunatly other asspects such as Traffic Analysis will still work for the SigInt Agencies unless the users practice good OpSec.

This is why I talk about air or energy gapped security end points and regarding all communications capable systems as being unsecurable because the SigInt Agencies will be able to "end run" any secure system at it's end points if it can reach them.

Hopefully the above is sufficiently plain for all those that require higher than "commercial surveillance" security to understand.

rFebruary 5, 2017 12:26 PM

@Who?,

I've been following sandpile and the like for years, I understand the implications of intentional imul++ bugs.

Instead of Imulling about it - it's better to let the concept loose on the 'urchins' and 'illiterate' and see what comes back after some time in the sea of green.

In the mean time, I'll protect what I can from the lower financially motivated hacks on my radar and not the one's who're more interested in the national security ramifications. Like Dirk said, it's kind of hard to fight a SWAT team with a weapon meant for disorganized crime.

It's better to do your best and not be a target and remember that we're not the only one's here, stand up - sit down - practice free speech.

It's all protest and not everyone who comes knocking is hell bent on your submission, sometimes honey catches more flies than piss and vinegar.

There's a time and a place, and not too many of us have time for absolute assurance - we have real lives and real passions and real hobbies.

One doesn't get paid for a hobby, check your local tax laws when you rationalize your romantic view of your dissent or collusion. ;-)

Who?February 5, 2017 12:26 PM

@ r (wrt backdoored hardware platforms.)

...not to say the large set of digital certificates coming from lots of certificate authorities that are provided as a part of a default AMT set up!

In the same way you (as the owner of a few AMT-enabled machines) can buy a digital certificate from an authority to remotely manage your computer(s), an agency like the NSA can do the same.

rFebruary 5, 2017 12:35 PM

@Who?,

I think Intel ARM and AMD are a distraction, while it may be true as I said yesterday certainly the low hanging fruit are the BIOS companies we've seen source and certs leaked from. The unencrypted http firmware downloads from said companies. The authentic RealTek cert that was floating around, etc so on. Broadcom even has had vulnerabilities in it's wireless chipsets and all of these things are directly connected to the back of your neck - be mindful of what you read and how you interpret it.

It can be very painful if you find yourself to have digested ergot poisoning from the diet of 'sweet grain' corn (think kernel(of truth), European sense) some people shovel onto us.

rFebruary 5, 2017 12:38 PM

The real power isn't in the sieve(the cpu), it's in the shovel and the dredge used as interconnects.

A stable cpu can be mired and co-opted with bad data fed to it from a loose fitting.

Major.February 5, 2017 1:00 PM

@Dirk Praet et al

Thanks for the background on the moderation situation. I am amazed at how many people I respect are also pro Trump. I am hoping my personal assessment is incorrect and Trump will turn out to be a navigable bump in the road for democracy. Maybe some of my inclinations are just wrong or unhelpful to the country (world?) as a whole. I hope he succeeds in employing people and instigating less foreign conflict... sigh... The situation might drive me to an actual prayer to that effect.

Qubes is sounding interesting. I have a ton of hardware I can employ in testing. And the Purism Librem 13 sounds attractive for folks like me who would rather develop applications than configure OSs.

Who?February 5, 2017 1:04 PM

@ r

The unencrypted http firmware downloads from said companies.

Unencrypted firmware downloads should not be a serious issue if firmware is digitally signed, and rejected during the upgrade process in case it does not pass its verification successfully. But lack of secure download channels certainly shows there is something wrong in the way the firmware manufacturer manages its security. I have no doubts, however, that intelligence community has a set of valid digital certificates that can be used to sign backdoored versions of firmware. If intelligence agencies can build their own signed firmware blobs they can find ways to redirect traffic to fake download servers even if https is used too.

Just in case it matters I have off-line copies of firmware (both old and new firmware releases) on read-only media that periodically check against their on-line counterparts by means of multiple digest algorithms.

When I download a firmware to be installed on one of my devices I make an off-line copy of it as soon as possible and download it from multiple places (including a few random cyber coffees and public Internet access sites over the city). Sometimes I even use machines in other countries to get more copies and validate their checksums.

Don't know if it is good OPSEC, but it makes sense at least against non-state actors.

rFebruary 5, 2017 1:10 PM

@Who?,

I couldn't tell you left or right unless it was some sort of serious misstep, I'm still putting the pieces together myself there are far more official aficionado's than my little misled butt. I just like to 'think' I'm secure, and that's the biggest misstep one can make: a feeling of being 'secure' in one's 'security'.

Security is a process, it's an adventure just like the ups and downs of democrazy.

Who?February 5, 2017 1:19 PM

@ Major

Qubes is sounding interesting. I have a ton of hardware I can employ in testing. And the Purism Librem 13 sounds attractive for folks like me who would rather develop applications than configure OSs.

Qubes OS is valuable, but do not miss OpenBSD either. It is a great operating system. It is not so picky about hardware as noted on this forum before. It is true, however, there are problems supporting some hardware devices on OpenBSD... not to say recent hardware that may not be in the hands of developers yet. Do you know an operating system were all hardware works? Ok, Windows may be the answer, but it is just a matter of Windows being the target for most hardware released these days. Have you tried running Windows on a PC Engines ALIX or APU board?

I like the Purism Librem 13 laptop too. I would like to get one, but sadly I have some financial challenges right now.

Clive RobinsonFebruary 5, 2017 1:26 PM

@ Dirk Praet,

Give TrueOS, the recently rebranded PC-(Free)BSD a try. It installs reasonably well, comes with...

Any idea what the legacy hardware support is like?

CallMeLateForSupperFebruary 5, 2017 1:27 PM

Breaching security barriers by "tailgating", a problem for at least three Boston hospitals: Brigham and Women's; Children's; Massachusetts General. It seems that health care types are more resistant to a no-tailgating policy than average people are (and that says a bunch).

For nearly all of my professional life, I worked in secure areas, wore ID badges, fumbled with cypher locks, safes and badge readers. (I even handled military Top Secret for some years). There was no tailgating; everyone got challenged (rightly or wrongly) at least once. But before all of that, I had worked at the above-mentioned Massachusetts General Hospital, on two surgical floors (White-3 and Baker-9). No security devices whatsoever, not even a badge. (Note that this was in the 60's.) But give 'em badges and iris scanners and whatever.... and it's no use; they'll hold the door, to be nice to others.

Tailgating is only one small piece of this story:
https://www.bostonglobe.com/metro/2017/02/04/dressed-scrubs-she-roamed-hospital-but-she-wasn-supposed-there/3OkuPYs4PklE3MGdeLirhM/story.html

ab praeceptisFebruary 5, 2017 1:31 PM

Who?

Don't be worried, you miss nothing.

Now, maybe those pure notebooks are nice, maybe they are even well built, but you don't miss anything security wise.

Frankly, I personally in fact perceive their marketing as "do not trust us! Frankly, we are just riding and monetizing the we-feel-insecure wave".

Let's have a quick look at it.

It's the same innards as pretty every other notebook. Simple as that. Exception: the kill switches (I'm shivering and impressed, wow). That's about it.
Oh yes, there's also that pureos thingy. And once more: debian based, "security browser" (firefox plus add-ons), tor, bla bla bla.

In short: The most expensive way to get a notebook with some extra "kill" switches.

Who?February 5, 2017 2:17 PM

@ ab praeceptis

These are very good points, indeed.

I like the idea of firmware that is "mostly under our control," but firmware upgrades are important too. It is not clear to me Purism will compete on this area with Lenovo and Dell.

The kill switches are great, but these physical switches should not differ a lot from the ones available on, let us say, Lenovo ThinkPads. We must be careful here! Some manufacturers provide "software-controlled physical switches" that can be easily disabled in firmware so they are not more secure than a software flag —for example Panasonic has these software-based kill switches on its Toughbook series.

I certainly would like to see write protection switches too, on reasonable priced USB keys and external HDDs and motherboards (to protect firmware from unauthorized flashing). Right now I have two Kingston USB keys with lock switches (a 256MB and a 1GB one), and an 80GB Plextor external USB HDD that has the same feature. It will not stop a firmware based attack, but helps making data more secure. On other drives I use software features like the system immutable flag (schg) available on OpenBSD's chflags(1), or the write protection flag on the Zalman ZM-VE300 external case.

I agree with you, most of the features on Purism laptops are available on other commercial computers and they seem to be riding the fear wave. But like the idea of a hardware manufacturer that builds a computer focusing on privacy.

I think these machines are a bit expensive for what they offer, mainly considering that firmware support will be poor at best.

ab praeceptisFebruary 5, 2017 2:30 PM

Who?

Indeed. Now, let's think a little further ...

Let me tell you about a real kill switch for cam and audio, if that was really desired: A small module. plug it in in one way and it's dead, just stored away. Take it out and plug it in the other way and it's connected and works.

Would work perfectly well and would be simple and cheap to build and would allow seriously mistrusting people not using, e.g. the cam anyway, to take it out completely (and replace it with a cheap empty filler module) and to put it into a drawer. Done.

So I think that kill-switch is just a marketing gadget and they don't really care a sh*t.

As for the firmware ... oh well, the largest part of it comes from a few sources or from the hardware companies anyway and you bet pure just does what all do: the add some corporate id layer with some gadgets and that's about it.

From what I see, pure is a rip off, simply riding the fear wave and monetizing it.

Mohan NiralaFebruary 5, 2017 3:43 PM

As Clive notes, NSA can in theory do things beyond your wildest dreams to "end run" any secure system. This is the familiar Blue Team wargaming logic of Millenium Challenge 02. Remember that one? the Red Team was supposed to submit at once to the overwhelming Blue force. Instead the Red Team sent 20,000 virtual sad sacks to the bottom of the Persian Gulf, blub blub blub.

https://en.wikipedia.org/wiki/Millennium_Challenge_2002

In theory, NSA collects it all and uses it against you. In practice, some guys just reach in and take 22 million blackmail-ready federal employee adjudication files. In practice, shadowbrokers take NSA's cyberweapons, give us all a bunch to play with, and sell the rest. In practice, NSA can't spy on Syria, all they can do is destroy their communications infrastructure in the middle of a humanitarian crisis. In practice, NSA can spy on UNICEF, or trusting allies, or sleepy little African countries, or UN diplomats who are there so you can talk to them and ask them. In practice, NSA procures technical assistance from Aaron Barr. And NSA is the elite. FBI is even stupider.

There is a fourth section of Clive's plane: the clown quadrant.

CITY OF BOULDER PUBLIC WI-FIFebruary 5, 2017 3:51 PM

You may not use the Service to

...

6. forge or misrepresent headers to mask the originator of the message;
...

8. send Internet viruses, worms Trojan Horses, pinging, flooding, mailbombing or denial of service attacks or to distribute information regarding the creation thereof;

9. facilitate the violation of this Policy; or
...

So....

  • No Tor?
  • No posting of technical information on security topics?
  • No posting of legal information on security topics?

Legal beagles, speak up! Do you remember Stefan Esser, the Month of PHP Bugs silenced, back in 2007? There is a definite code smell wafting from a nearby German sausage factory.

Dirk PraetFebruary 5, 2017 4:35 PM

@ Clive

Any idea what the legacy hardware support is like?

The same as for FreeBSD, I guess: https://www.freebsd.org/releases/11.0R/hardware.html . It has quite some really cool stuff and I managed to get yubico-pam to work with it. You may find the TrueOS Pico server and light-weight ARM TrueOS Pico client (for now Raspberry Pi) of interest too.

It's likely that when his (Snowden's) methods became known or assumed the SigInt Agencies changed their resource coverage to take his methods into account.

Most definitely so. The bottom line however remains the threat model. By collecting it all, 5 Eyes and partners can build a huge time machine which I have no doubt they're very capable of. I also believe they can monitor, intercept, analyze and decrypt communications by methods known and unknown to the general public. What I don't believe is that they can all do it in real time without specific clues what or whom to look for. Something else I have serious doubts about is that even with all the necessary legal authorities and "peering agreements" in place the transfer of SIGINT between agencies goes as smoothly as we give them credit for.

If both assumptions are correct, this gives a low-profile defender a grace period that, however limited in time and with the right OPSEC in place, can be used to temporarily obscure his communications through Tor, PGP, Signal and the like, and depending on how many alerts are triggered at what levels. And in my opinion is an edge you don't have when using plain COTS OS'es and apps.

If however you need to keep the communication lines open for an extended period of time, and depending on what kind of actor you're up against, all bets are off. Same thing when somehow you're ratted out or decide to go public.

@ ab praeceptis, @ Who, @ Major

In short: The most expensive way to get a notebook with some extra "kill" switches.

I find them seriously overpriced too. On top of that, they seem to be experiencing supply chain problems and last time I checked the Librem 15 was not even fully certified for Qubes v3. My advice is to check the hardware compatibility list for a machine that is as fully v3 compatible as possible.

Clive RobinsonFebruary 5, 2017 6:00 PM

@ The usual suspects,

Does anybody have any experience of Edge Security[1] and their WireGuard project[2]?

It appears to be a linux kernel based secure network tunnel done in just a few thousand lines of code, from Jason A. Donenfeld (ZX2C4 who I thought was a gentoo and Qt designer).

[1] https://www.edgesecurity.com/

[2] https://www.wireguard.io/

ParasFebruary 5, 2017 6:14 PM

@Dirk Praet

Did this go over your head or are you just not familiar with American jurisprudence as the others on here appear to be or is ignorance bliss? It was your analogy concerning the suspension of Constitutional Rights that provoke my response which you ignored!

Hirabayashi v. United States (1943), ex parte Endo (1944), and Korematsu v. United States (1944)

Supreme Court Justice Tom Clark writing later stated that the in the Supreme Court decisions in Hirabayashi and Korematsu...The truth is—as this deplorable experience proves—that constitutions and laws are not sufficient of themselves...Despite the unequivocal language of the Constitution of the United States that the writ of habeas corpus shall not be suspended, and despite the Fifth Amendment's command that no person shall be deprived of life, liberty or property without due process of law, both of these constitutional safeguards were denied by ...under Presidential Executive Order...

@All
Been observer on here for sometime

For the paranoid

OK, compromise ID
As a manager - yes working for evil mothership back in the days - launching Windows 3.1 according to program specs, there was no backdoor for evil TLA implemented. Does not mean that implementation occur after release -moved on to other projects

My force field shields fully engage for incoming missiles

ab praeceptisFebruary 5, 2017 6:20 PM

Clive Robinson

A little, yes. But frankly, when I read "in the linux kernel" I lost interest, for more than one reason.

The stupid old game. Add something. Add more. Then try a new approach in the kernel. Idiocy imo. As if there was an order asking do try things in every way conceivable except the right one.

ParasFebruary 5, 2017 6:52 PM

Correction on my above post
should read (sic) Presidential Executive Order

As a manager....thinking of my specific role. Should read one of the four managers for Win 3.1. There is a manager from each division responsible for the release of each MS product...testing, program, product, tech support...any sig. problems with release Gates

Nick PFebruary 5, 2017 7:26 PM

@ Who

"No one has proved (yet!) that these manufacturers are backdooring their products"

Bullshit! It's advertised publicly on their site here. What nobody has proved are that they escrowed the backdoor. That's... an entirely, different impression to leave on people wondering whether to use Intel. The best part to mention is how it's listening even when the PC seems to be off. ;)

furloinFebruary 5, 2017 11:16 PM

@Who @Nick P


To add to the party for AMD is their PSP also now known as 'secure processor'. Now ARM's trustzone is of arguable(absolute crap from software implementation) security quality. But has had no leaks online implying it is backdoored. If I were a mismanaged organization trying to conquer I would not focus on backdooring android phones on a hardware level more than they already are.

There has been some work at reverse engineering intel's ME and microcode that controls it. Great for older hardware but still screwed if using AMD. While we are at it let's discuss GPU's.

Is there a secure (software, hardware, or both) display processor in existence? Hardware wise just within the gpu itself I am not talking about what happens when it enters the pci(e) bus or whatever method of exchange to the display it may use.

I know that old AMD and very very old Nvidia gpu's are open source(not secure) for hardware and software. Newer nvidia gpu's are open source(again not secure) for software but not hardware. Of course all intel gpu's are useless or on intel ME.

For Joe six pack I would recommend not to use a gpu for a web browsing computer. Reduces attack surface at least.

Clive RobinsonFebruary 6, 2017 12:48 AM

@ Who?, Nick P, furloin,

"No one has proved (yet!) that these manufacturers are backdooring their products"

Intentionaly or unintentionaly?

As @Nick P has pointed out Intel have mentioned they have, so that covers intentional. Further where Intel lead others are bound to follow...

But sticking with Intel, I've mentioned in the past I have deep suspicion about their internal --supposed-- True Random Number Generator (TRNG) due to the way they have gone about things[1] with "magic pixie dust" thinking.

There is also the quite intentional microcode update feature for the main CPU that can fairly easily be abused if you are Intel or you have a copy of Intel's code signing key. As we know from Stuxnet, the SigInt Agencies got hold of a major German electronics manufactures code signing key (even though the company is very tight in with the German IC / SigInt Agency). So it's probably safe to assume that the US SigInt Agency could have infiltrated Intel one way or another and obtained a copy of their signing key and copies of the CPU microcode design documents and RTL schema.

But there is another --probably-- unintentional issue with Intel CPU chips... Some students found that the address logic was efectively Turing Compleate, thus formed another CPU that could be exploited all be it inefficiently.

This has another interesting issue which is that the memory arbitration between two or more CPUs can also become Turing Compleate which is also relevant to the mechanism between a CPU and GPU. That's in addition to any tricks that might have been intentional shoved up the GPUs sleave by the design teams (even if only as an Easter Egg).

[1] It's fairly easy to show that you can hide a TRNG's defects behind the "magic pixie dust" of "hashing". The reason it's done is that most on chip RNGs are fairly crap for a whole host of reasons as I've mentioned in the past. It's also easy to show that a simple counter which is not random when put behind a hash function looks random to the majority of statistical tests for randomness. It's also easy to show that if you encrypt the output from a counter it passes statistical tests for randomness which is why AES and other crypto algorithms can be turned into stream ciphers by using the block cipher alforithm in CTR mode. If you look up "data whitening" prior to hashing you will find that it's been used as an encryption function to get around US crypto export rules in the past. Thus Intel could very easily have made a simple CS-PRNG that they know the keys for and you as an observer of the output have no way to tell via the statistical tests in common usage.

Clive RobinsonFebruary 6, 2017 1:06 AM

@ Bruce, and the usual suspects,

It's known that you collect information on password security. But it's usually fairly dull or dry stuff with all the fun factor of a wilted lettuce leaf.

Well to add a little levity to the situation this might give your Monday Morning a lift,

https://www.theregister.co.uk/2017/02/03/bofh_2016_episode_/

Slightly interestingly though the link has two different year indicators...

WaelFebruary 6, 2017 1:32 AM

@Clive Robinson,

Well to add a little levity to the situation this might give your Monday Morning a lift,

BOFH is back?

SpookyFebruary 6, 2017 2:09 AM

@ Missippi,

Nice article, though it mentions that MD5 is "easily cracked" and I suppose I'd take issue with that unqualified statement, as it seems to imply that all of the LEO forum passwords are easily recoverable. Properly salted MD5 hashes are not recoverable. Unsalted hashes are potentially recoverable with heavy resources and rainbow tables (to a point). The algorithm is only considered broken because of the ease with which collisions (two inputs that hash to the same value) can be obtained, but an attacker does not actually get to choose the text of the collision; generally speaking, that text is always random garbage that would never accidentally be confused with the real information it is intended to replace. So, just a few caveats to note there.


@ Clive,

"Unfortunatly other asspects such as Traffic Analysis will still work for the SigInt Agencies unless the users practice good OpSec."

Certainly a good point, though I have serious doubts about the extent to which stringent OpSec would be a speed bump to the agencies in question. Better than nothing, of course.


Cheers,
Spooky

Clive RobinsonFebruary 6, 2017 3:21 AM

@ Spooky

I have serious doubts about the extent to which stringent OpSec would be a speed bump to the agencies in question. Better than nothing, of course.

The main concerns for a user are "trace back to origin" style, that are used for "Find, Fix Finish" activities. Thus the user needs to have high geoloc and temporal space to move in as well as various "back stop" cover.

These techniques are fairly well know going back to SOE operators in WWII.

However the problem with traditional "back stop" techniques is the involve aditional man power, which brings unwanted trust issues into the equation.

Dirk PraetFebruary 6, 2017 4:58 AM

@ Paras

It was your analogy concerning the suspension of Constitutional Rights that provoke my response which you ignored!

I was obviously not aware that I am under some sort of obligation here to respond to comments. But since you insist: the current showdown between the executive and the judiciary revolves around the constitutional doctrine of the president's "plenary power" in matters like immigration and, more general, national security.

Regarding immigration, I have already previously pointed out the unresolved gap between 8 USC 1182 and 1152. Moreover, I have acknowledged that SCOTUS in the past has upheld similar "discriminatory" stuff, beit in times of constitutional history that said discrimination also applied domestically, and for which the arguments have been abandoned since the mid fifties. Ever since, SCOTUS has not once upheld any immigration measure that in a domestic context could have been construed as discriminatory or, if you will, going against the equal protection component of the 5th Amendment and/or the Establishment Clause of the 1st Amendment.

Unlike certain people think, there is legal precedent for non-citizens - even those that have never touched US soil - to "enjoy" certain constitutional rights, as reflected in the Gitmo detention case and the Pentagon Papers. In which context it needs to be pointed out that the Establishment Clause is not as much about "granting" specific rights to citizens or non-citizens, but a clear limitation on the character and jurisdiction of the government.

Judging from the government's arguments in the current case, it however goes way beyond immigration issues. What they are actually arguing is that under the doctrine of plenary power the judiciary does not get to review in any way executive decisions that have been made on grounds of national security, even if there appears to be no rational basis for them, because "the courts are not qualified to do so". If the courts accept this reasoning - which I kinda doubt - it would mean that the executive henceforth can impose any policy just by talismanic invocation of "national security".

This is, according to many legal scholars and unfortunately for Trump, a stretch. However broad the executive's power in matters of immigration and national security, they are neither absolute nor exempt from judicial review. This is in essence what this entire case is about, and anyone telling you that they are - in my opinion - are interpreting the Constitution in a spectacularly wrong and authoritarian way the Founders never intended.

It is one thing for the commander-in-chief to execute his authority in times of war or facially legitimate emergencies like the closing down of US airspace during 9/11, it's an entirely different thing to frivolously and arbitrarily impose an immigration ban on seven countries none of whose nationals have caused any terrorist deaths on US soil in the last 30 years and for which no shred of evidence has been presented that they are about to do so. I expect a very interesting legal battle all the way up to SCOTUS that will either confirm the institutional checks and balances restraining the power of the executive or, conversely, will pave a direct way to tyranny.

My InfoFebruary 6, 2017 7:52 AM

My posts are disappearing in brother man dude fellow bullshit style without warning some days after the discussion has taken place.

Why?

rFebruary 6, 2017 7:56 AM

@My Info,

Or!

The fog of reality is rolling down the hill of your mind.

How's that for disinformation?

Gerard van VoorenFebruary 6, 2017 8:48 AM

@ Dirk Praet,

A nice "fight" at FOSDEM between two core OpenBSD and FreeBSD developers about which BSD sucks less. Guess what...

It's OpenBSD, and they both suck at the desktop. The area where OpenBSD sucks significantly more than FreeBSD is filesystems (read ZFS, but that's by choice).

Dirk PraetFebruary 6, 2017 9:29 AM

@ Clive

Does anybody have any experience of Edge Security and their WireGuard project?

@Nick P and myself mentioned it a couple of times in the past. I've done several setups, which are quite easy and as they say on their homepage totally beat OpenVPN and the likes in terms of performance.

@ Gerard van Vooren

A nice "fight" at FOSDEM between two core OpenBSD and FreeBSD developers about which BSD sucks less

Too bad I missed out on that. Must have been quite hilarious.

Gerard van VoorenFebruary 6, 2017 9:47 AM

Too bad I missed out on that. Must have been quite hilarious.

It was but I have to admit I fell asleep thanks to a long day and 3 Leffe.

Berkut ~KievFebruary 6, 2017 9:55 AM


Thanks Missippi, for the useful right-to-know news regarding police secrecy and impunity. This kind of information is important. Take one of CIA's favorite cutouts, the LAPD:

http://pastebin.com/jFZAtFmt

What you see here is CIA turning cops into junior spy cadets. They're obsessively primping their resumes with 'intelligence' credentials. CIA wants a Stasi hunting dissidents in every US town. The novel information in Berkut's dump shows induced paranoia intended to intensify hair-trigger violence by police. CIA fusion centers have got them pissing their pants thinking they're trapped in Fort Apache so they need militarized SWAT for everything. CIA is waging war with the US population using police as death squads. What CIA did in Korea, in Latin America, in Indonesia, it's back home now.

SkepticalFebruary 6, 2017 4:59 PM


@Dirk: What they are actually arguing is that under the doctrine of plenary power the judiciary does not get to review in any way executive decisions that have been made on grounds of national security, even if there appears to be no rational basis for them, because "the courts are not qualified to do so". If the courts accept this reasoning - which I kinda doubt - it would mean that the executive henceforth can impose any policy just by talismanic invocation of "national security".

I haven't read much of the material associated with these cases, other than a brief skim in one case.

Generally, the degree of deference a court is to afford to the executive branch is contingent upon various factors - the extent to which the action taken by the executive falls within an area which the Constitution itself allocates to the executive branch, the extent to which Congress has explicitly authorized the executive branch to exercise judgment in a given area, etc. The recognition by the judicial branch that it is not the best equipped to evaluate complex questions of national security or many other policy questions is long-standing and appropriate; when the courts go beyond that deference in certain circumstances - also a long-standing practice and also appropriate - it's usually a bad sign for the executive branch as to the outcome of the particular case.

I suspect that if the question boils down to whether there is a rational basis for the executive order (a very low bar to pass), the EO will not be struck down. The history of comments by the President and members of his administration concerning a ban on the immigration of Muslims complicates matters, but the selection of nations involved is clearly driven by factors other than whether they are predominantly populated by persons who happen to be Muslim. Now, if those comments indicate closer scrutiny is warranted, or if one of the other arguments raised by plaintiffs has more power, then the EO may not be.

Even if upheld as within the President's lawful authority, that doesn't mean it's wise policy, of course - I don't think it is - and the legal question isn't necessarily one with a sharply clear answer.

But neither is this a case that is the stuff of which tyranny is made. The judicial branch will interpret the law; and the executive will abide by it. And if the President attempts to do otherwise, his tenure in office will be short indeed.

MarkHFebruary 6, 2017 5:17 PM

Thoughts on Recent Comments Concerning the Constitution of the US

First, I'm really touched that at least one European here has paid so much attention to legal issues which are preeminently internal to the US, though they certainly also have large consequences in other lands.

A particular exchange seemed to me reducible to "the constitution means something" vs. "naw, they just ignore it whenever they want."

I recall my long-ago classroom days, in which I learned that the constitution of the Soviet Union was quite liberal, and had much in common with that of the US. However, it guaranteed very little in the way of rights, because the Soviet system disregarded it so thoroughly.

For me the interesting question is not so much, "does powerful government X respect perfectly* the limits imposed by its constitution (if any)?" but rather, "why do powerful governments EVER bother to respect constitutional limits?"

American history is replete with examples. Salient in my mind are habeas corpus cases in which "terror suspects" at Guantanamo asserted their right to a US judicial process, especially Hamdan and Boumediene**.

The Court upheld the constitution not only against the power of the president, but also against the power of congress which enacted an exceptionally nasty bill intended to circumvent the Supreme Court. So, a small group of unelected judges wearing anachronistic black robes defied the other two vast branches of the US government.

And those branches accepted the Court's rulings, however bitterly and resentfully -- despite the Court lacking an atom's weight of enforcement power.

What makes a constitution work, is a culture of respect for law, and commitment to preservation of that culture.

It's no surprise to me that there are often failures. What's amazing, is how frequently it works.
___________________________________________

The US Constitution is likely to face a severe test in the near future.

My country has never before had a president so thoroughly in the psychological mold of authoritarianism. His concept of executive power (as so far expressed) shows striking parallels to those of Erdogan, Orban and Putin. In their states, the national constitutions have in fact devolved to cynical jokes.

John Adams, second US president and an influential political theorist of the revolution and its ensuing American experiment in governance, by 1775 quoted the words (from about 120 years earlier) of English political theorist James Harrington, who described government as "the empire of laws and not of men."

Adams accepted this formulation as the very definition of a republic, and authored language in the Massachusetts Constitution of 1780 explaining that Article 30 concerning separation of powers was "to the end it may be a government of laws and not of men."

These words do not appear in the US Constitution itself, but the concept (which was generally accepted in revolutionary America) is embodied in the very design of the constitution. This "unwritten" principle has been quoted since Adams's time by officials at many levels of government, including at least one president and at least one chief justice of the Supreme Court.

Mr Trump perhaps conceives himself to be superior to law, and prefers a government of One Man. Whether the US may continue to fulfill Adams's definition of a republic, remains to be seen.
___________________________________________

*Those who condemn any institution because it falls short of some Platonic ideal decline to make an intellectually serious case.

**Attentive readers may have noticed a Thomas Jefferson quote I posted asserting that habeas protects non-citizens as well, a principle the US Supreme Court has repeatedly accepted. I wanted to counter some falsehoods of an exceptionally dense commenter.

SkepticalFebruary 6, 2017 5:56 PM


@Ross: a proxy war that just saw the United States take its first direct military operation inside of since 2014 (before it had been intelligence, logistics and supply support for Saudi Arabia and an arm of its drone assassination program).

Not sure what you're referring to here by direct military operation. You mean the strikes conducted under President Obama in October after the Houthi rebels targeted the US Navy?

This signals an intent of the United States to continue its policies in the Middle East. While there has been discussion about performing offshore balancing in the region - floated ideas about safe zones in Syria, direct activity in Yemen and a potential reversal of complicity for Iranian influence in Iraq see the United States continue to pursue it's long running strategy of divide and conquer in the region - this time with it focused on shoring up Saudi Arabia's planned bid to extend its own influence. The United States is not likely to be able to achieve this without "boots on the ground", at least in some capacity, and it appears that its habit of relying on Special Operations isn't welcomed by the new administration.

US interests dictate the pursuit of four broad goals in the Middle East for the most part:
(1) Stability among and within states;
(2) Progressive deradicalization of the populations of those countries;
(3) Aggressive and effective containment and destruction of terrorist networks;
(4) Preservation of the existence of Israel.

The extent to which - and the means by which - the US can pursue those goals are limited by physical constraints on US resources, the decision that US national resources be allocated (more or less, and never without distortion) rationally across efforts to achieve national strategic objectives in a global context (in which I include US domestic goals), and by the values and perceptions of the US population.

Those limitations haven't changed with Trump's election, and there's little he can do about them.

Therefore the only significant change in US foreign policy in the Middle East that seems likely to me is a more aggressive stance towards Iran, which should tread far more carefully than it has in recent months. Whether the nuclear deal survives is largely dependent upon its own behavior at this point.

Nick PFebruary 6, 2017 6:28 PM

@ Skeptical

You left off the key elements of the Cheney/Wolfowitz/Bush Doctrine that caused even more problems over there:

"we endeavor to prevent any hostile power from dominating a region whose resources would, under consolidated control, be sufficient to generate global power." (risky)

" In non-defense areas, we must account sufficiently for the interests of the advanced industrial nations to discourage them from challenging our leadership or seeking to overturn the established political and economic order. We must maintain the mechanism for deterring potential competitors from even aspiring to a larger regional or global role." (half-decent)

"Nevertheless, the sense that the world order is ultimately backed by the U.S. will be an important stabilizing factor." (stabilized who terrorists target at least)

"we will retain the preeminent responsibility for addressing selectively those wrongs which threaten not only our interests, but those of our allies or friends, or which could seriously unsettle international relations." (let's go start some shit)

And most important to this conversation:

"our overall objective is to remain the predominant outside power in the region and preserve U.S. and Western access to the region's oil. We also seek to deter further aggression in the region, foster regional stability, protect U.S. nationals and property, and safeguard our access to international air and seaways."

After that leaked, they changed the wording on a bunch of it but essentially executed the same strategy under Bush/Cheney. You can be an apologist for them all you want. But unilateral, almost-arbitrary decisions for politics plus dominance plus oil are main goals per Dick Cheny's boy Paul Wolfowitz. CIA also admitted in past few years they did Operation Ajax against Iran to take its oil albeit using word "resources." That didn't make it far into the conservative media which still acts like Iran is a villain solely motivated by religious hatred. Pentagon Papers revealed similar shit about Vietnam being an imperalist pursuit disguised as something more righteous. War is a Racket had double, Medal of Honor winner say the same thing about his wars. Same shit, different day.

Middle East is in turmoil because several superpowers + allies are trying to dominate it for ideology and resources. Nobody is really trying to do what's good for people over there. Just their own countries with all the horrors pushed off as mere externalities for the foreigners. ;)

Nick PFebruary 6, 2017 6:37 PM

@ Gerard, Dirk

Screw that. Do NonStop vs OpenVMS vs AS/400 vs Windows Server (latest) vs Red Hat Linux vs BSD's. Throw every I/O-oriented workload you can at them. See what breaks most often. :)

Dirk PraetFebruary 6, 2017 7:23 PM

@ MarkH

I recall my long-ago classroom days, in which I learned that the constitution of the Soviet Union was quite liberal, and had much in common with that of the US. However, it guaranteed very little in the way of rights, because the Soviet system disregarded it so thoroughly.

Which both Lenin and Stalin saw too. Lenin was a serial liar, told everyone whatever it was they wanted to hear, demonized what he called "the elites", proposed overly simple solutions to complex problems, viciously attacked the press, replaced facts with a "bigger picture" and in essence called anyone who disagreed with him a threat to the nation. Sounds kinda familar, doesn't it? Steve Bannon actually once called himself a "Leninist" in an interview.

And those branches accepted the Court's rulings, however bitterly and resentfully -- despite the Court lacking an atom's weight of enforcement power.

It should indeed be noted that the Constitution itself says exactly nothing about the supremacy of judicial review by SCOTUS. It's an inherent principle.

@ Skeptical

But neither is this a case that is the stuff of which tyranny is made.

One of these rare occasions that I actually agree with you. In theory, POTUS, under his military authority, can declare martial law, adjourn Congress, round up representatives, senators and justices, send political opponents to Gitmo and rule by decree. But all would probably agree that such a perversion of presidential power would be inconsistent with the text, history and structure of the Constitution. That's of course not what he did here, but they certainly appear to be testing the boundaries of executive power, which I am quite sure Trump is utterly clueless about. This is a man who thinks he is now Augustus Caesar.

@ Nick P

Do NonStop vs OpenVMS vs AS/400 vs Windows Server (latest) vs Red Hat Linux vs BSD's.

Yes, but an OS/400 (currently IBM i and previously i5/OS) laptop is so totally lame ...

Milo M.February 6, 2017 8:01 PM

@MarkH:

Thank you.

And Harrington cited more ancient sources:

http://www.gutenberg.org/files/2801/2801-h/2801-h.htm

"OCEANA
by James Harrington

Relation being had to these two times, government (to define it de jure, or according to ancient prudence) is an art whereby a civil society of men is instituted and preserved upon the foundation of common right or interest; or, to follow Aristotle and Livy, it is the empire of laws, and not of men."

ModeratorFebruary 6, 2017 8:20 PM

@My Info: Several of your more profane comments have been deleted after posting, including the most recent one.

JG4February 6, 2017 9:20 PM


Thanks to the Moderator to enforcing appropriate standards of behavior. I have some paranoia about my posts occasionally disappearing, which probably has more to do with memory problems than either error or malice.

Can't recall seeing this mentioned:

http://knightscope.com/

As always, appreciate the high level of discourse and hope to add to it from time to time.

I probably am on the record as saying that there is a tensor formulation for that. The probability that some term in the tensor won't overlap security is pretty low.

Rikki ZFebruary 6, 2017 11:07 PM


r

love how you outright abuse ab praceceptis in general, and say he must be a code cutter with a crap job in specific, then the next day or possibly your same day owing to time zones, directly ask his opinion on technical matters, amusing

Moderator

can you please delete @r's profane posts and threaten to ban him if he carries on as he has of late

Clive RobinsonFebruary 7, 2017 6:39 AM

@ Nick P, Thoth and the usual suspects,

It would appear Intel is not having to good a time of it lately...

As many know Intel has lost out to the likes of ARM in the "productivity" market. Sales of desktops are sinking like the proverbial "lead kipper" as are laptops with Intel inside. People are moving to smart devices including, tablets, pads and phones where ARM processors traditionly hold sway.

Well it appears Apple are shifting further away from Intel,

http://www.theregister.co.uk/2017/02/01/apple_weaning_off_of_intel/

Not that this is to supprising, as Apple has in the past shifted from 68K to PowerPC prior to Intel.

But even Intel it's self is shifting stuff over to ARM,

http://www.theregister.co.uk/2016/10/10/intel_stratix_10_arm_based_fpga/

Which is likely to be a reoccurring them with Cloud-Server chips getting ASIC onboard to move algorithms from software,into hardware, to give certain AI a much needed kick (Nvidia however are still saying Intel are fudging figures).

But that other mainstay of Intel the network products realy has taken a bath just recently with the news leaking out that their Atom 2000 chips have a significant flaw giving a life time of 18months or less till "Brick-Death" happens to the products it's in which is making Cisco very unhappy amongst quite a number of others,

https://www.theregister.co.uk/2017/02/06/cisco_intel_decline_to_link_product_warning_to_faulty_chip/

Oh and that Intel Security Inside fan fare in 2010 when Intel stumped up well over the odds for MacAfee, looks like they have "buyers remorse" amongst other serious financial woes and are trying to avoid the "firesale" price effect whilst unloading it,

http://www.theregister.co.uk/2016/06/27/intel_security_possible_sale/

http://www.theregister.co.uk/2016/09/07/mcafee_intel_sells_security_firm/

http://www.theregister.co.uk/2017/01/30/mcafee_intel_branding_rights_legal_spat/

Whilst Brian Krzanich, Intel's chief exec appears to be "off planet/head" channeling Nero or some other spirits,

http://www.theregister.co.uk/2017/01/27/intel_q4_fy2016_next_year_flat_oh_dear/

Clive RobinsonFebruary 7, 2017 6:59 AM

Security warnings on Microsoft

First off Microsoft is killing off the P2P aspects of Skype and pushing people to their Cloud,

https://www.theregister.co.uk/2017/02/06/desktop_skype_forced_upgrade/

This weakens the security by putting a "man in the cloud" in who can see more than with P2P, and puts more user activities in NSL letter obtainable "Business Records".

Secondly Microsoft DRM can decloak your anonymity when using Tor etc,

https://www.theregister.co.uk/2017/02/06/microsoft_drm_and_tor/

rFebruary 7, 2017 7:00 AM

@Clive,

Technically speaking, and to illustrate how the "only two remote holes in the default installation" really works:

That httpd and it's SSL listener are not enabled by default, see your rc.conf rc.conf.local rcctl or inetd.conf for details.


@All,

RE: Homeland Security After Work Database,

I wasn't laughing so much at them, as I was at me for missing what should've been obvious -just like them-. ;-)

The worst thing we can do is to facilitate organized crime and organized criminal hackers.

If we don't get organized, they will get organized - then you're going to be fighting unity with panic, doesn't sound very effective does it?

Clive RobinsonFebruary 7, 2017 7:19 AM

@ r,

That httpd and it's SSL listener are not enabled by default...

That does not make them any the less bugs...

Even if users have no current intentions of using them, they should be aware that they need patching and get the patches...

Older hardware gets re-purposed more and more these days, and getting the latest OS to work on older hardware is sometimes not an option. Also in general patches etc appear to have an "availability shelf life" shorter than expected so whilst you do have the OS on disks you may not have the patches likewise tucked away.

rFebruary 7, 2017 7:30 AM

@Clive,

Agreed, think of my response more akin to the "we don't rely on 0-days" thing @Wael rehighlighted yesterday. That's all I was saying,

rFebruary 7, 2017 7:37 AM

The best sources of openbsd information are:

https://www.openbsd.org/security.html

If you click on the 6.0 link at the top you will see:

001: RELIABILITY FIX: August 2, 2016 All architectures
Missing overflow checks in uvm may result in panics.
A source code patch exists which remedies this problem.

002: RELIABILITY FIX: August 6, 2016 All architectures
Fixes IO::Socket::IP complaining about non-numeric version numbers.
A source code patch exists which remedies this problem.

003: RELIABILITY FIX: August 6, 2016 All architectures
Improve relayd's parsing of the Host-header by following RFC 7230 Section 5.4 more strictly.
A source code patch exists which remedies this problem.

004: RELIABILITY FIX: August 23, 2016 All architectures
A missing initialization can prevent mail headers from being altered as intended, resulting in mail being sent to incorrect addresses.
A source code patch exists which remedies this problem.

005: RELIABILITY FIX: September 17, 2016 All architectures
Limit the number of wscons fonts that can be loaded into the kernel.
A source code patch exists which remedies this problem.

006: RELIABILITY FIX: September 17, 2016 All architectures
During parsing of the iked(8) configuration, a variable is set to 0 by mistake, disabling Pre-Shared Key authentication.
A source code patch exists which remedies this problem.

007: RELIABILITY FIX: September 22, 2016 All architectures
Revert change that cleans up the EVP cipher context in EVP_EncryptFinal() and EVP_DecryptFinal(). Some software relies on the previous behaviour.
A source code patch exists which remedies this problem.

008: RELIABILITY FIX: September 22, 2016 All architectures
Avoid unbounded memory growth in libssl, which can be triggered by a TLS client repeatedly renegotiating and sending OCSP Status Request TLS extensions.
A source code patch exists which remedies this problem.

009: SECURITY FIX: September 22, 2016 All architectures
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
A source code patch exists which remedies this problem.

010: RELIABILITY FIX: October 3, 2016 All architectures
A bug in the smtp session logic can lead to a server crash.
A source code patch exists which remedies this problem.

011: SECURITY FIX: October 4, 2016 All architectures
Fix a number of issues in the way various X client libraries handle server responses.
A source code patch exists which remedies this problem.

012: RELIABILITY FIX: October 8, 2016 All architectures
Allocation of an amap with at least 131072 slots causes an integer overflow that leads to an infinite loop.
A source code patch exists which remedies this problem.

013: RELIABILITY FIX: October 10, 2016 All architectures
A protocol parsing bug in sshd can lead to unauthenticated memory and CPU consumption.
A source code patch exists which remedies this problem.

014: RELIABILITY FIX: October 13, 2016 All architectures
A logic issue in smtpd's header parsing can cause SMTP sessions to hang.
A source code patch exists which remedies this problem.

015: RELIABILITY FIX: November 5, 2016 All architectures
Avoid continual processing of an unlimited number of TLS records.
A source code patch exists which remedies this problem.

016: SECURITY FIX: January 5, 2017 All architectures
Avoid possible side-channel leak of ECDSA private keys when signing.
A source code patch exists which remedies this problem.

017: RELIABILITY FIX: January 31, 2017 All architectures
A bug in the processing of range headers in httpd can lead to memory exhaustion and a crash of httpd. This patch disables range header processing.
A source code patch exists which remedies this problem.


yadda yadda yadda,

undeadly.org is another good resource for information directly relating to the project.

Dirk PraetFebruary 7, 2017 8:08 AM

@ Clive Robinson

This weakens the security by putting a "man in the cloud" in who can see more than with P2P, and puts more user activities in NSL letter obtainable "Business Records".

I suppose it's a move that makes sense to cut down on snooping costs as everyone already knew they were doing it anyway.

Secondly Microsoft DRM can decloak your anonymity when using Tor etc

Hardly a surprise. Any even marginal gains in anonimity by using TBB are in essence an exercise in futility because the OS itself is one gigantic snooping platform. If you have a valid reason to use Tor/TBB, then at least do it on *BSD, TAILS, Whonix and the like, unless you just want to participate in the effort of generating more Tor traffic.

It would appear OpenBSD has an SSl and memory free fault which can crash a daemon or the server

Should be no issue on FreeBSD/TrueOS. They moved to LibreSSL.

another_r_fanFebruary 7, 2017 9:15 AM

r is a net positive, sort of, for this blog imo; although I would appreciate it if r didn't assume too much in-depth expertise for some of us readers/posters (ie. k.i.s.s.)

r's breaking news posts, iirc, can lead, perhaps, to Bruce posting a relevant thread in a timely manner.

oth for those of us who wish to not use javascript on non-pc devices, it would be nice if r posted also the "breaking news" original posts, too, not just Slashdot links

sometimes r's rapid posting gives me a headache; much less, however, than headaches caused by other posters

net net imo r is a net positive; quit whining about banning him

Nick PFebruary 7, 2017 10:11 AM

@ Dirk Praet

Maybe. Depends on if you're using a beautiful OS of your choosing in a PowerVM with all system stuff, I/O, and security handled by OS/400 running invisibly right beside it. Accelerated boot by a variant of hibernate that loads a whole image of it into memory.

@ Clive Robinson

Yeah, they're really screwing up. Especially buying McAfee thinking that would teach them about desktop security. Lol. They'd have been better off buying Green Hills or Lynx. Should've invested more into StrongARM. Then maybe have done platform-oriented stuff with Atom. Stuff like they're doing recently but years back instead when they had a lead.

The question puzzling me is how to get a RISC-V CPU done with single-thread performance of an Intel CPU. A FOSS CPU for desktops will absolutely need great performance for single-core, sequential workloads. Gaming comes to mind. Need an architecture and pipeline strategy that allows a high clock, extra instructions in parallel, and relatively low cost in design or verification. Probably another NP-Hard problem. :)

Dirk PraetFebruary 7, 2017 11:43 AM

@ Nick P

Depends on if you're using a beautiful OS of your choosing in a PowerVM with all system stuff, I/O, and security handled by OS/400 running invisibly right beside it.

Does PowerVM support other guest OS'es than IBM i, AIX and Linux ?

Nick PFebruary 7, 2017 11:56 AM

@ Dirk Praet

I'm messing around. I have no idea. What I was visualizing was something like Nizza on L4 or Qubes on Xen. OS/400 would be Dom0 with option of apps (esp background services) running directly on it for extra reliability or security. IBM i already does this essentially with a mix of OS/400 for legacy and Linux for modern stuff on same box using PowerVM. The joke was doing it on a laptop with pretty GUI needing power efficiency. As usual with my style, the joke is ground in enough reality that it could theoretically happen. ;)

MarkHFebruary 7, 2017 1:57 PM

A Postscript on Cultural Respect for Law

Above, I aired a thesis of mine: that the seeming paradox of a powerful government accepting the chafing limitations imposed by laws (often, the constitution or "basic law" of the state), may be explained by a broadly-shared culture of respect for legal protection of rights.

I suggest that there are numerous states with liberal written constitutions and markedly illiberal governance: legislation is not self-enforcing. If rule of law is not highly esteemed, the expedience of the regime may trample the laws without enough objection to matter.

Today, I read a bittersweet account which seems to me to underscore how valuable, and how tenuous, is the rule of law.

A high court judge in China, He Fan, has castigated (in a blog post) the new US president for expressions of unambiguous disrespect toward the American institution of law (by demeaning a federal judge whose ruling has stopped the recent immigration ban).

Judge He's criticism (in translation) is sharp: those who attack judges are “public enemies of the law. Even if you control the armed forces and have nuclear weapons, your dignity has been swept away and you are no different than a villain.”

I would have supposed such a defense of judicial independence to be either ironic or clueless, because China's courts are famed for obedience to the regime.*

However, Judge He is reform-minded, and looks to the US judicial system as a hopeful model for a more just and independent court system in China. This member of China's Supreme People's Court describes himself as a "junkie" of the US Supreme Court, and has translated American books about the high court.
___________________________________________

It is tres chic for those of us lucky enough to have been born into citizenship of liberal states, to pour scorn and opprobrium on the corruption and depravity of our governments, those of our liberal neighbors, and the various alliances and other relationships which help to bind them together.

For hundreds of millions looking in from the outside, the view is different.

At a time when a large minority of my fellow US citizens have airily dismissed hard-won foundations of our national legacy (Trump's bottomless ignorance of the US Constitution was on garish display from the earliest days of his campaign) ... others around the world wish and work for the systems of their own countries to develop some of the virtues by which we have been so blessed; they witness the apparent casting away of such treasures with feelings of dismay.


*The linked article observes that at least in part, Judge He's attack on Trump is a "safe" way for him to attack the lack of independence in China's judiciary.

JG4February 7, 2017 9:17 PM


It's probably not much of a stretch to cast security in terms of game theory, where the defender attempts to prevent the attacker from obtaining information/access. However, it is important to understand whether a particular game in progress is chicken or prisoner's dilemma, and whether it is an iterative series, or one-off.

http://www.salientpartners.com/epsilon-theory/the-evolution-of-competition/

I've seen a handful of papers pointing in this general direction in recent years, some of them more serious (Nature?) than this one. This is a tough slog, but probably worth it:

https://www.quantamagazine.org/20170126-information-theory-and-the-foundation-of-life/

At the root, living systems are nonequilibrium thermodynamics, requiring a continuous source of high-quality delta G to achieve/maintain homeostasis. In a word, bioenergetics. And empires are themselves just larger nonequilibrium systems. The craziest part is that systems far from equilibrium are driven to maximize entropy, even when the only feedback is flows in adjacent convection cells.

The original replicators didn't require death as a feature, but it turns out to be the best strategy for maximizing entropy production. As are many other problems we see, including slavery and empire.

A ring of castles is just another resource extraction system on a planet noted for extraction systems. I suspect the country that exported the greatest resource per capita was Germany for most of a hundred years.

If you needed another example of the ill effects attempting to be "all things to all people" you wouldn't need to look any further than the dark comedy/documentary "The Pentagon Wars." Speaking of resource extraction systems.

Clive RobinsonFebruary 8, 2017 8:23 AM

Prof. Hans Rosling has died (68)

Prof. Rosling was a very entertaining presenter of facts, especially those people had been misled about.

He explained quite complex issues with clear and easy graphs in minutes and thus empowered people to move forward and improve both their knowledge and position in life.

Above all though he managed to bring a sense of fun and thus enthuse an audiance into otherwise quite dry but important statistical information about the world we live in.

He will be sadly missed,

http://www.bbc.co.uk/news/world-europe-38900572

Nick PFebruary 8, 2017 11:38 AM

@ C language fans

A Hacker News submitter shared this implementation of a Knuth PRNG in a mere 15 characters:

(x+=x*x+9)>>32;

That produces enough randomness for cute, toy programs. Don't use it for serious stuff such as crypto. Still amazing to see something so tiny give useful randomness.

@ ML or verification fans

Myreen et al's CakeML got a new back-end that supports I/O, strings, some other goodies, and generates code for multiple targets. Means it's now useful for reference implementations of ML functions where you can be sure it wasn't the compiler causing your tests to fail. That's assuming it's easy to build.

@ cryptosystem fans

IntegriDB is a new database for trusted, outsourcing of storage & queries with great improvements on performance. Most of rest I saw was rehashes on old stuff or I just didn't evaluate it. After all, most of the problems for storage, messaging, isolation, etc are solved far as CompSci part goes. They just aren't applying it. ;)

Well, maybe some of you liking new attacks will enjoy page-fault, side channels.

@ intrusion detection fans

There were a few that were interesting. One was some sort of router or firewall written in Rust for memory safety but I lost that link. This algorithm splits NIDS between CPU and GPU for high bandwidth. Interesting that paper found it was optimal to *not* have a large buffer if you wanted better performance. They limited it to 256MB for around 30Gbps or so throughput.

@ hardware fans

A few that are new on CPU side: a DIFT coprocessor for softcores w/ minimal modification; a taint tracking solution for stopping leaks in Android phones; a report on Intel's Memory, Encryption Engine; a secure NOC for platform-on-a-chip-style solutions in FPGA's or silicon. On availability side, there's formally-verified, fault-tolerant gates, a layered scheme for distributed embedded, and a nice implementation of my concept of splitting hardware into verified trusted & monitored untrusted. Inspiration for that on my end was split between Clive's talks of "Prison" architecture & the LCF-style provers that use tiny, proof checkers for small TCB. As author notes, the complexities of deep, sub-micron development might force such schemes to be used to minimize cost of reliability.

Note: Just found a lessons learned paper from Ensemble project I've described in the past. Haven't read it yet but I'll go ahead and post it as it's probably enlightening in some way.

So, there you all go. Have fun.

ab praeceptisFebruary 8, 2017 1:26 PM

Nick P

"IntegriDB"

Based on mysql and written in C++ with a jit asm thrown in. I feel much more secure already, just from looking at it.

Wouldn't touch that with a pole.

Clive RobinsonFebruary 8, 2017 2:25 PM

@ Nick P,

A Hacker News submitter shared this implementation of a Knuth PRNG in a mere 15 characters:

Without going and looking it up, my gut tells me that 2^3+1 is not the right addative constant and that 2^3-1 might be better being prime.

Nick PFebruary 8, 2017 3:00 PM

@ ab praeceptis

Included for consideration of what design/protocol it uses to get what benefits. Implementation details can be changed where one doesn't like an academic prototype. Always remember that in CompSci you get a mix of stuff that's decent or useless. I didn't analyze it, though, so much as drop it here for some readers that like such constructions.

Btw, you like the new CakeML compiler? I was thinking phases like WordLang might be useful as a cheat to certify compilation of imperative languages. I keep looking for one given the strange, IP status of CompCert. Far as it, the CompCertSSA project gave SSA to the middle end which has implications given VellVM to verify equivalence of SSA snippets after untrusted optimizations.

@ Clive

Might be worth me coding up in a few days to see what happens in randomness tests.

SkepticalFebruary 8, 2017 6:27 PM


@Nick P: Same shit, different day.

This was your last line, but I'm quoting it first because it points to the problem with your analysis. The US approach to the Middle East during the early Cold War was deeply affected by its struggle with the Soviet Union and, in part, by European powers reluctant to let go of their former colonies. Referring to Ajax outside of the Cold War context is like referring to the bombing of Hiroshima outside the context of World War II. Context matters.

I'm not sure what to make of the rest. Are you disagreeing with what I've written?

ab praeceptisFebruary 8, 2017 6:35 PM

Nick P

Yes, from what I see so far I like it. Plus ML is an ideal candidate anyway (and I halfway like it).
As for your WordLang question I can't answer it as I'm not at all deep in CakeML but my first impression would be "no". For one that is just a rather small part, and that whole processs (of which WL is a part) looks much like "let's have a beginning. Later we can get more serious"; more a lab than a machine (which I mean in no way negative).

As for CompCert ... ugh ... that's painful anyway. But funnily, the CakeML authors mention one of the classical problems, right away: Your nice verified compiler weighs little if and as it needs to interface (and use!) lots of unverified code; of course they mention C.

As for SSA, well, it's an attractive way as it lends itself very nicely to checker backends. On the other hand, that's a rather functionalish approach where checking the code pays the full rent. With imperative languages one will need to look at data (plus pointers, different segments, etc,...) too. Hence my personal favourite is to go the SSA route but to seriously check my non trivial scalar data through sep.log.

Anyway, I think it's still early. Moreover our major problem isn't lousy compilers. It's rather lack of spec, lack of a coherent toolchain (where, for instance, H3 etc. are part of the code rather than annotation comments for yet another tool tat knows little about the code). Plus, of course, language ambiguities (hello, C and friends ...); how on earth can a compiler possibly be correct when the lang spec isn't (another reason why I liked but mistrusted the CompSpec thing).

And, at least for me major point, even game changer, is the very pleasant "revival" and evolution of Spark. Besides some strange weirdness (like, as we discussed, their "Let's not call a class a class but let's invent new names!" attitude) and some spots that could use some love (e.g. records tend to waste space big time. No problem with a couple 1000 records but show stopping with millions and millions) Ada/Spark is all we need right now.
Or in other words: We are lucky. That bought, for instance, the CakeML people the time to bring their experiments to maturity.

Talking about that and as virtualization is so much en vogue: Have a look at xstratum.

rFebruary 8, 2017 7:11 PM

On the topic of getting caught with your hand in the cookie jar:

<blockquote>Unnamed U.S. officials told the Washington Post this week that Martin allegedly took more than 75 percent of the hacking tools belonging to the NSA's tailored access operations, the agency's elite hacking unit.</blocquote>

More details as to Mr. Terabytes

"NSA contractor indicted over mammoth theft of classified data"

https://news.ycombinator.com/item?id=13603479

http://www.reuters.com/article/us-usa-cybersecurity-nsa-contractor-idUSKBN15N2N4?feedType=RSS&feedName=technologyNews&utm_source=Twitter&utm_medium=Social&utm_campaign=Feed%253A+reuters%252FtechnologyNews+%2528Reuters+Technology+News%2529

Fun?February 8, 2017 9:48 PM

@Dirk Praet

What part about that is fun?

The continuing pressure on Dorsey to step aside from one company or the other?

What about the total enforcement of written rules?

No, can't do that because it would be worse.

Create another star chamber?

or

Timely notification and legitimate methods of redress?

Good "luck"!

Dirk PraetFebruary 9, 2017 4:43 AM

@ r

Re. "NSA contractor indicted over mammoth theft of classified data"

The guy ran off with 50TB of NSA data. Over a period of 20 years. Makes you wonder how many more such people there are out there. And whom they sold or distributed this stuff too. The expression "Swiss cheese" comes to mind.

JG4February 9, 2017 6:02 AM


http://www.nakedcapitalism.com/2017/02/links-2917.html
...
Big Brother Is Watching You Watch

Why is the FBI outsourcing some of its high-tech work to an Israeli company? McClatchy

http://www.mcclatchydc.com/news/nation-world/national/national-security/article131308584.html

Americans Clueless about Dangers of REAL ID CCHF. I couldn’t disagree more with CCHF’s health care policy recommendations, but they don’t make stuff up.

http://us10.campaign-archive2.com/

Clive RobinsonFebruary 9, 2017 6:19 AM

@ Dirk Praet, r,

The guy ran off with 50TB of NSA data. Over a period of 20 years.

I doubt it's even close to that. The original news was that it was paper documents he had strewn around his home outhouses and car.

An average paperback is 1Mbyte in size, thus I distinctly doubt he had the equivalent of 50 million paperbacks hanging around...

But even assuming he took and kept the data digitaly a quick bit of arithmetic shows you that a thousand work days is four years, thus twenty years is 5000 work days, and 50Tbyte is 50,000Gbyte thus he would have to have pulled an average of 5.0e13/5.0e3 or 1.0e10 or 10Gbyte a day over that period. But... We know that it's worse than it looks because 20 years ago back in the mid 1990s storage was considerably less dense than it is today. Back then CDR was still a bit of a luxury at about 0.6Gbyte data storage on each, so 17CDR's a day. Which would have taken atleast half a working day in copying time... Then there is the question of the 85,000 odd CDR's he would have to have purchased and stored (around 2.5e6 cubic CM volume, or a very heavy large van load).

Even alowing for the doubling of storage capability every 18months fitting that curve into his working life without it being noticed seems improbable at best. Likewise it would appear improbable for him to get that amount of data out of the door each day without it being noticed.

Thus I suspect that the authorities are telling more than a few "porky pies" to put it as nicely as I can.

We've all heard stories of the DoD $600 hammer, as a ridiculous excuse for stealing tax dollars by the defence industry. Likewise we've heard of the FBI claiming millions in "losses and expenses" when a teenager steals emails from certain questionable security companies.

But this sounds like "over egging" the pudding by droping two pounds of cake mix into a bowl full of eggs the size of lake washington in King County just down the road from Microsoft's HQ...

Something is quitr wrong with the 50TByte figure the question is where...

rFebruary 9, 2017 6:47 AM

@Clive,

What if the 50tb is a set of keys?

What if the 50tb is already out, but he walked out with an early set of later (or soon to be) retired keys?

rFebruary 9, 2017 6:52 AM

His active dates would predate the original crypto war, and would span into the infancy of what we think of TAO as these days 2005/2006 ?

@Mod, sry </fin

rFebruary 9, 2017 7:26 AM

The other thing, just like with ShadowBrokers we know there are staging servers. At some point the private operations have to move into public space somewhere for access and escalation, 50tb or a part thereof could be staging server information or data.


Unrelated:

https://www.infosecurity-magazine.com/opinions/big-problem-small-business/

It is imperative for small businesses and loyal employees to understand that THEY ARE both THE and AT risk.

Get with the program, don't cozy up to it.

Dirk PraetFebruary 9, 2017 8:56 AM

@ Clive

Something is quite wrong with the 50TByte figure the question is where...

Good point. Unless he was a BOFH working in the DRP-team, which would have given him ample opportunity to play about with backup media to his heart's content. $DEITY knows I could have done the same with so many companies I've worked with over the years. Almost none of them wanted to cough up budget to have copies of backup media transferred to and stored at other locations and instead were quite happy for either the local IT guy or the trusted consultant to take them home.

rFebruary 9, 2017 5:07 PM

@Dirk,

His MOS in the navy may have overlapped sigint via coms, if they hack from subs why not running radio from shipboard systems too. Maybe he was in the DRP team.

Still I don't think they'd declassify what he's technically being charged for instead of just with.

Clive RobinsonFebruary 9, 2017 5:31 PM

Trump ousts Whitehouse CISO

It appears that the "Dough Gnarled" is doing the "Wicked Witch of the North" thing of acting without thinking. To the point of appearing to become "Lady Macbeth"...

http://www.zdnet.com/article/white-house-chief-information-security-officer-departs/

The article also gives a little more on the POTOUS phone(s)...

And in other news from "Trumptown", apparently even his own appointies are a little upset of his comments about the judiciary and have made noises publicaly.

rFebruary 9, 2017 7:39 PM

@if_you,

The FBI would be wise to look at the slander on the other thread, if those authors are one and the same as all the nay or say stuff elsewhere then they're part of the dressing down to come.

rFebruary 9, 2017 7:42 PM

Disheartening, is the least of it. If a sad face is the best you can do then we probably don't need you either.

But I guess that whole use of 'we' is not more than just little old me to begin with, what a way to waste a youthamism.

Dirk PraetFebruary 10, 2017 4:26 AM

It would for now appear that the sole invocation of "national security", even in an area in which the executive has very broad powers, is not enough for a presidential executive order to go unchallenged. With regards to the government's appeal to lift the temporary restraining order against Trump's travel ban, the 9th Circuit Court of Appeals - in a unanimous decision - has just ruled that

  • The judiciary indeed has the power of review when an executive order is constitutionally challenged. And for which there appears to be solid ground.
  • The states have standing
  • The government has failed to substantiate what irreparable harm would come from lifting the TRO

Reading between the lines of the ruling, it is quite clear that Trump with the seemingly arbitrary nature of the affected countries, his scathing of the judiciary and his previous on-record statements about a Muslim ban and favouring of Christians has massively shot himself in the foot. It almost makes you feel pity for the DoJ lawyers tasked with the impossible mission of arguing a case their client seems hell-bent on torpedoing himself.

He can still take it to SCOTUS now, but which would be ill-advised. They are most likely to defer back to the lower courts, and even if they take it in a best case scenario for the government will be hung 4-4 along ideological lines, meaning in both cases the TRO stays in effect.

Clive RobinsonFebruary 10, 2017 5:59 AM

@ Dirk Praet,

With regards Trump toon, it appears he has just sold the Taiwanese down the river, and shown the Chinese Communist party he is not even a "Paper Tiger"...

A statesman he is not and he appears little suited to brinkmanship. Thus the odds of military action in the South China Seas has just shot up. Hey Ho and it's off to war we go...

Dirk PraetFebruary 10, 2017 7:08 AM

@ Clive

Thus the odds of military action in the South China Seas has just shot up.

Apparently he has also just told the Russians that START 1 is back up for review. Neither of which bodes well. The only upside for now is that at least over here on the old continent his lunacy and embracing of banksters, racists and corporate thugs seems to be causing the support for the Trump clones of the far-right to dwindle. In retrospect, the Brexit referendum should have been held after the US elections. Chances are that only one month into the Trump presidency, the outcome would have been entirely different.

JG4February 10, 2017 7:10 AM


http://www.nakedcapitalism.com/2017/02/links-21017.html
...
Big Brother is Watching You Watch

Here’s how you can end up on the FBI’s watch list — and what it means Business Insider (David L)

http://www.businessinsider.com/how-to-be-on-fbi-watch-list-2017-2

Court backs Microsoft suit over surveillance gag orders Politico (furzy)

http://www.politico.com/blogs/under-the-radar/2017/02/microsoft-lawsuit-gag-orders-court-ruling-234855

Republicans are reportedly using a self-destructing message app to avoid leaks The Verge. The NSA still has it, but they don’t respond to subpoenas. But has it not occurred to any one that this could facilitate leaks? No readily uncovered footprints.

http://www.theverge.com/2017/2/9/14561786/confide-messaging-republican-gop-trump-administration-leaks

India Gears Up to Defend its Internet Rights Regime as it Fully Operationalises Mass Surveillance Project The Wire (J-LS)

https://thewire.in/107292/india-mass-surveillance-project-cms/

US Visitors May Have to Hand Over Social Media Passwords: DHS Slashdot (furzy)

http://m.slashdot.org/story/322245

Clive RobinsonFebruary 10, 2017 7:38 AM

@ JG4,

US Visitors May Have to Hand Over Social Media Passwords

This could be fun...

After all how do you prove you don't have social media accounts (or even non work related EMail)...

After all logically proving a negative is not possible...

Clive RobinsonFebruary 10, 2017 10:45 AM

@ Dirk Praet,

Apparently he has also just told the Russians that START 1 is back up for review.

That's not particularly wise either...

The US is in a weaker position than it was, so, it's unlikely that the terms would be as favourable...

CallMeLateForSupperFebruary 10, 2017 1:37 PM

@Clive
"Something is [quite] wrong with the 50TByte figure the question is where... "

First, recall the several estimates of the number of pages comprising the "Snowden trove". With that in mind, recall later counts (estimates?) of the number of those pages that were essentially *blank*[1]. The take-away: page counts are suspect because some pages are "less equal".

Now to your point and question. If someone arrived at the x-TB figure by first counting - or worse yet, "guesstimating" - a page total, then multiplied that total by some arbitrary "standard number of bytes per standard page", any error in the first guesstimate would exacerbate ("force multiply") the second, equally awful guesstimate.

I consider the MB/GB/TB criers to be the better alarmists: they plunk down much larger numbers!

I am 'up to here" with page- and byte-counts. Who made them and how they were made is never revealed, so I routinely ignore them. Even *if* some are completely accurate, none say anything at all about what actually matters: the respective magnitudes of disclosed secrets and (less important) their number.

[1] By "blank" I mean "no important information"[2]. While a page like. e,g,
------------------------------------------
"Top Secret
Executive Summary: Operation CRUSH BALLS

This page intentionally left blank"
------------------------------------------
should be counted as classified if CRUSH BALLS is classified, IMO a page with an editorial comment like "This page intentionally left blank" should not be counted even if it also is marked with classification(s).

[2] A colleague once locked his desk and cabinets, placed a page - blank except for "[company] Confidential" stamped in red at the top - on the center of his otherwise empty desktop, and went home. The next morning he was served with a security violation.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.