Friday Squid Blogging: Food Supplier Passes Squid Off as Octopus

According to a lawsuit (main article behind paywall), "a Miami-based food vendor and its supplier have been misrepresenting their squid as octopus in an effort to boost profits."

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on June 30, 2017 at 4:22 PM • 125 Comments

Comments

Ben A.June 30, 2017 4:26 PM

This company deliberately deleted its customer email mailing list. Maybe you should too

Bruce has previously said that data is a toxic asset. New European laws make the price of a data breach eye watering: >=€20 million or 4% of annual turnover.

https://www.grahamcluley.com/company-deliberately-deleted-customer-email-mailing-list-maybe/


This Retail Website Considers Password Security Optional

http://threatpost.com/this-retail-website-considers-password-security-optional/126630/


Push Away Your Privacy: Precise User Tracking Based on TLS Client Certificate Authentication

http://tma.ifip.org/wordpress/wp-content/uploads/2017/06/tma2017_paper2.pdf


Kaspersky Lab US staff grilled by Feds in nighttime swoop

https://www.theregister.co.uk/2017/06/28/kaspersky_lab_us_staff_questioned_by_fbi/


Flawed reporting about WhatsApp

"The most serious inaccuracy was a claim that WhatsApp had a “backdoor”, an intentional, secret way for third parties to read supposedly private messages. This claim was withdrawn within eight hours of initial publication online, but withdrawn incompletely."

https://www.theguardian.com/technology/commentisfree/2017/jun/28/flawed-reporting-about-whatsapp


Telegram founder agrees to register app with Russian censors

"Pavel Durov to comply after threats to block messaging service but will not retain data"

https://www.ft.com/content/8bfc8e20-5c15-11e7-9bc8-8055f264aa8b


People who post 50-plus times per day are likely sharing spam or false news, Facebook says.

https://www.recode.net/2017/6/30/15896544/facebook-fake-news-feed-algorithm-update-spam


How to Obfuscate - Issue 49: The Absurd

http://nautil.us/issue/49/the-absurd/how-to-obfuscate

GeorginaJune 30, 2017 5:28 PM

> This Retail Website Considers Password Security Optional

All retail websites really should, just not quite like this. I hate having to create an account to buy something, and sometimes I've decided not to purchase stuff because of it. Typing my address occasionally is less offensive than remembering or looking up a password. It's not like the password provides strong security; there's invariably a password-reset feature based on plaintext email. Why not skip the middleman: don't require an account, just include a random code in the confirmation email that can be used to track the order or whatever. Or if someone wants an account, let them set a blank password and have them use the "password reset" feature to log in.

China-North Korea Bond PlotJune 30, 2017 5:39 PM

Destroyer Collision Update
The highly suspicious near-sinking of the USA destroyer was recently documented here. Shortly thereafter three governments initiated over eight simultaneous investigations.

Several weeks later (and completely unrelated) we see the Trump administration (turning 180 degrees – like the cargo ship) taking actions on multiple fronts.

Trump administration appeared to throw its China policy into reverse In a flurry of announcements likely to antagonize Beijing, the Trump administration appeared to throw its China policy into reverse, significantly cooling relations between the two super powers.
U.S., Hardening Line on China, Approves $1.42 Billion Arms Sale to Taiwan The sales, valued at $1.42 billion, include torpedoes, missiles and early-warning radar support, largely to modernize the island’s existing defense capabilities. The arms package was aimed at bolstering Taiwan’s confidence in its dialogue to improve relations with China.

Only 40 Years Late
U.S. Seeks to Keep Closer Tabs on Chinese Money in AmericaThe Committee on Foreign Investment in the United States to take a tougher line against certain investments emanating from those nations that pose a clear threat to our national security, focused particularly in the area of advanced technology,” said Senator John Cornyn, Republican of Texas, who said last week that he would propose the legislation.
Its apparent China feigned helping to reduce the North Korea’s nuclear threat. Is North Korea secretly China’s proxy?
Its great that Bruce’s blog documents the increasing severity of the cyber-wars on the Internet. The theft of zero day exploirts has weakened the NSA considerably. Did the the latest worldwide cyber attack ‘skip’ China?

Humor
Who longs for simpler times when America only fought over bathrooms?
Since advertiser led Facebook communities banned hate, can they also ban war? We need to put our security and faith into Mark, even if China brushes him off!

Gerry de KoningJune 30, 2017 6:05 PM

I wrote the the following modern fairy tale to help friends and family get a feel for a few issues of privacy and data ownership in an emotionally clear way.

Little Red Hen and Pig's Bakery

Pig, the baker, enjoyed life in Fairy Tale Village. He woke early, while it was still night, to bake bread for his customers. Business was good. He had expanded his red brick building several times. At first, his brothers had lived with him. But one brother had died and the other retired and moved to Florida.

His brother in Florida urged him to retire and join him down south. "It is so much warmer here. You can swim all year round. And think, if you retire you won't have to get up so early every morning." Pig thought about it often. Finally, he was ready to sell his business and move to Florida.

Goat thought being a baker would be too much work. Raccoon didn't like the idea of being awake all day to serve customers. In the end, only Wolf wanted to buy the bakery. So Pig agreed to sell it to him.

Little Red Hen was not pleased to hear the news.

Pig bought most of her flour. And she bought her bread and cakes from Pig. Over the years she had told Pig many things: her birthday, her children's names and where they lived, what kinds of cake each preferred and much, much more. She trusted Pig and Pig had always used the information wisely. He always knew just what to bake when she had a special occasion. Now all that information in Pig's notebook would belong to Wolf. She did not trust Wolf.

But she had to sell her flour somewhere. She was no longer young and was too tired to bake after she had grown the grain, harvested it and had Miller turn it into flour. Wolf promised to buy her flour and so she sold it to him. But she was not happy.

Of course, Wolf was not a diligent baker. Customers said his bread was too hard. Little Red Hen thought she would have to bake her own cakes again. Sometimes she heard rumours of villagers disappearing on their birthdays. Business at the bakery declined. Finally, Wolf went bankrupt.

The whole village turned out to hear what Owl, the judge, would say. "Since Wolf cannot pay his bills, the bakery will be sold to Snake, the only bidder."

Little Red Hen asked, "What will become of Pig's notebook?"

Owl replied, "The law is clear. Whoever buys the bakery's assets will own the book."

"But what if we don't trust Snake?" asked Little Red Hen. "I don't want him to know all about me." She never got over the shock of seeing Snake catch and eat her two young chicks, Henny and Penny. Giving him the addresses of all her living children was horrifying.

But Owl merely replied, "The law does not care whom you trust. The information belongs to the bakery and that's that." Little Red Hen did not sleep well that night!

In the end, Snake never reopened the bakery. But he made many copies of Pig's notebook. He sold copies to Alligator, Hawk, Coyote and Rat. Last anyone heard of him, Snake was trying to find more customers for the notebook.

Life in Fairy Tale Village was never the same.

Questions

What is just and right in Fairy Tale Village? What do you think?

Is it reasonable to expect Little Red Hen to distinguish between giving information to Pig and giving it to Pig's bakery?

Should Little Red Hen have any say about who gets her personal information?

Should Pig take Litten Red Hen's concerns into account when selling his bakery?

Should Little Red Hen, having given her information to the bakery, have any say in what happens to the information when the bakery is sold or goes bankrupt?

Should there be limits on what Snake can do with her information?

___________

This fairy tale was first posted on LinkedIn.

anonyJune 30, 2017 6:09 PM

Wiretap Report 2016

http://www.uscourts.gov/statistics-reports/wiretap-report-2016

"Federal judges and state judges reported the authorization of 600 wiretaps and 177 wiretaps, respectively, for which the AO received no corresponding data from prosecuting officials. Wiretap Tables A-1 and B-1 (which will become available online after July 1, 2017, at http://www.uscourts.gov/statistics-reports/analysis-reports/wiretap-reports) "

"The most frequently noted location in reported wiretap applications was “portable device.” This category includes cell phone communications, text messages, and application software (apps). In 2016, a total of 93 percent of all authorized wiretaps (2,947 wiretaps) were reported to have used portable devices."

Good shepherdJune 30, 2017 6:57 PM

Has anyone tried citing Matthew 8:4 in response to sheeple who bleat about how they "have nothing to hide" and therefor "don't mind all their letters being read and all their calls being illegally wiretapped"?
Has anyone noticed that those tend to be the same sheeple advocating for security through obscurity (such as going for Windows or Mac due to "closed source somehow makes it harder for hackers to find exploits, even though hackers usually disassemble binaries whether they are targeting FOSS or COTS and therefor only the defenders are hindered by such obscurity")?

btc n00bJune 30, 2017 8:10 PM

Please help me understand, why do Automated Transactions (http://www.ciyam.org/at/at.html) have two stacks (one for passing arguments and one for passing caller's address)?
I think that I understand the purpose for opcodes being 8bit (it is to save space, like THUMB, right?). But why are opcodes signed? Will this allow some crazy optimization in some kind of error handler?

Is it true this draft will also be used for NXT & Etherium (https://bitcointalk.org/index.php?topic=1138566.20) plus any other blockchain that will have AT? Or is each Altcoin going to have its own custom not-invented-here-syndrome Application Binary Interface incompatible with all the others? How bad would it be if they were incompatible, and what kind of gains could there be that would only be feasible with incompatible ABIs?

You folks seem to be mostly engineers and scientists.. what are your opinions on AT in general? And how would you compare it, if at all, to any kind of "cloud" or "decentralized" technology? Do any of you see yourselves ever working with any kind of AT technology in th
e foreseeable future?

If you could choose one altcoin to instantly replace all others and bitcoin, and to have all development efforts and all funds and other resources dedicated to it, which one would that be?
Which one do you think will be the most successful, as opposed to which one you want to see succeed?

Bob PaddockJune 30, 2017 9:03 PM

Perhaps someone here can put this in to English? As I understand it if this Bill would become Law any money in your possession as 'Digital Currencies' or stuffed in your mattress subjects you to felony offense if you don't report it.

S.1241 - Combating Money Laundering, Terrorist Financing, and Counterfeiting Act of 2017

" Secretary of Homeland Security, in consultation with the
Commissioner of U.S. Customs and Border Protection, shall submit to
Congress a report--
(1) detailing a strategy to interdict and detect prepaid
access devices, digital currencies, or other similar
instruments, at border crossings and other ports of entry for
the United States"

Border Crossings for Digital Currencies?

The people smart enough too run the place are too smart too get involved in politics. :-(

WaelJune 30, 2017 9:37 PM

@Bob Paddock,

This work won Best Paper Award, titled "BackDoor: Making Microphones Hear Inaudible Sounds," at a leading conference, MobiSys 2017.

I fail to see the security value it provides. Any elaborations?

Jared hallJuly 1, 2017 1:45 AM

@Flawed reporting about WhatsApp

"The aspect of WhatsApp at the heart of this matter, put very simply, is as follows. When a user of WhatsApp is offline, any messages at that time in transit to him or her are held in Facebook’s servers. (If unclaimed after 30 days they are deleted, Facebook advised.) If, while offline, the recipient registers a new device, any messages waiting for the person on Facebook’s servers are no longer deliverable because they are encrypted for the person’s old device. To prevent those messages from being lost, when the intended recipient comes back online, any in-transit messages are re-encrypted with the new device’s key and resent automatically. If senders have turned on a notification setting in WhatsApp on their phone, they are told that the key has changed, but not otherwise."

I believe this is the fundamental problem with using WhatApp. If Facebook can re-encrypt messages with the new device key, then they have the original message in plaintext. Screw the notification message. That just adds insult to injury, "Hey, your key changed. Somebody probably spoofed your phone while your were away. Hope you didn't have any juicy messages waiting for you"!

Jared hallJuly 1, 2017 2:02 AM

@Cyril: Thanks for the link. Here I came to a security forum and learned about Squid. Geez, who knew that Octopus cost so much nowadays?

When I lived on Crete in the early 80's, I used to snorkel out with a spear gun and catch Octopus. You could see them on the rocks below. No way that Octopus is going to move, and you don't want to get grabbed by one. So what you did was bring along some bleach in a small baggy. Then you released the bleach over the Octopus so that they will release from the rock. Then you spear them and haul them in.

You've got to pound them on rocks for a couple of hours to tenderize them. I threw on one the grill at one of the Base barbeques. It was not a hit. I therefore don't recommend BBQ Octopus.

Peter A (not the usual one)July 1, 2017 2:32 AM

@btc n00b

> Please help me understand, why ... have two stacks (one for passing arguments and one for passing caller's address)?

Stack smashing is a popular software exploitation technique where failures to check bounds correctly lead to malicious user input corrupting nearby memory. Using a single stack for control flow and automatic variables makes it normal to take over the program following an overflow. Separate stacks would lead to data corruption but no direct alteration of control flow via "activation records", "return addresses" etc.

Clive RobinsonJuly 1, 2017 5:09 AM

Quantum Leep in Quantum Computing?

Possibly not but it's certainly a quite important move in the right direction.

Most research currently uses Qbits, the down side of this is trying to entangle even five Qbits is proving difficult.

Which means with each Qbit having a range of 0-1 you are only getting a range from 0-32 with five bits.

So a group of scientists did a simple thought excercise of if entangling Qbits is hard how could we get more values from each quanta... So they have come up with Qdits that work with ten not two states, thus two Qdits give a 0-100 range...

But even more important they were able to do it with more easily available existing telecoms parts...

This will prove quite interesting over the next few years and will probably qive the equivalent of 2^30 Qbits in that time...

http://spectrum.ieee.org/tech-talk/computing/hardware/qudits-the-real-future-of-quantum-computing

JG4July 1, 2017 6:27 AM


http://www.nakedcapitalism.com/2017/07/links-7117.html
...
Big Brother is Watching You Watch

With a single wiretap order, US authorities listened in on 3.3 million phone calls ZDNet

Worried About Those Global Cyber Attacks? They Were Started by Washington The Nation

Five Country Ministerial 2017: Joint Communiqué Government of Canada Bill B: “Five eyes openly advocate crypto back doors.”

Verizon wants to borrow T-Mobile and Vodafone’s consumer data to take on Facebook and Google Business Insider

Cyber Security at Sea – Microsoft XP on Carriers, Hacking Tridents & Spoofing GPS GCaptain

Clive RobinsonJuly 1, 2017 6:39 AM

@ Peter,

"Decryption of Messages from Extraterrestrial Intelligence..."

There is a problem, as we don't transmit only listen, what is the odds extraterrestrial races do the same... That is we could all spend eternity listening...

Which is why Arthur C Clark amongst others suggested we actually listen not for intentional signals but signals that are a result of advancing technology.

But there is a problem... If you look at earth, we have striven for more efficient ways to communicate. Much of our communications is not by radiated signals any more, and those that there are are starting to use much more complex modulation systems to get close to the Shannon information/bandwidth limit, thus looking almost indistinguishable from random noise. Also the EM spectrum is being rapidly changed from high power broadcasters to low power personal communication, within 20-50 years the idea of a high power broadcast above HF for sending information will appear as dated as the steam traction engine.

Would we expect any other intelligent race to do otherwise?

WHich was why Arther C Clark suggested looking not for communications but power transportation. There are advantages of using AC mains supply in that untill relatively recently an iron core transformer was the most efficient and cost effective way to change one voltage to another. Iron core favours low frequency in the range 0.025-1.5KHz. Further power distribution systems have in the past favourd very large scale generation and long transmission lines, that would radiate a small percentage of the power into free space. However modern electronics is now more efficient at power conversion and the likes of series resonant voltage converters run in the 500-3000KHz range and don't radiate signals. Further the break down voltage of materials does not care if it's AC or DC voltage, thus you can get nearly eight times the power down the existing cables with DC than you can with AC. But also you don't have "skin effect" issues with DC thus you can get a higher current in thick cables.

So the Arthur C Clark idea is also time expiring.

There are other issues to consider as well such as orbital power generation and transmisson to the ground via microwave through to visable light. But these would be highly focussed to not just keep efficiency up but also not to fry surounding habitation.

But also "Green Energy" is moving to very localised generation and storage, thus little or no radiation of signals either.

Thus it would appear that intelligent life would be visable in the EM spectrum for only a couple of hundred years at most.

That said power usage is never 100% efficient and used and waste energy ends up as noncohearent IR radiation we tend to call heat. Thus maybe the best way to find ET is to look for his tail pipe emmissions...

There has also been a theoretical argument that a sufficiently advanced race could communicate via "gravity waves" for various reasons.

And it just so happens now we have gravity wave receivers starting to work We are seeing unexpected anomalies,

https://www.quantamagazine.org/strange-noise-in-gravitational-wave-data-sparks-debate-20170630/

Do I think it's ET, it's unlikely, after all if you look back at radio astronomy there was the "LGM?" episode from the Mullard observatory in Cambridge UK back in 1968 that turned out to actually be way more interesting in that it gave us pulsars that we now know have such precise time keeping they make atomic clocks look cheap ;-)

Silent BobJuly 1, 2017 8:47 AM

I were in doubt this was a legitimate Squid post. It hasn`t the correct title: Friday Squid Blog, nor features the note: "As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered".

Please, lets stick to the usual naming conventions.

(just kidding)

Short RantJuly 1, 2017 12:18 PM

Last year I experimented with establishing a Bitcoin account. It was extremely difficult and intrusive. They want all your bank info, photo ID, copy of your passport (really!), drivers license, tx, dob, email etc., to set up an account with ano physical address exchange possibly in a foreign country. I found some work arounds and scored $50 worth of BC, spent $40 with great effort and concluded it would be better to pay with a money order at the drug store.

But, what about my $10 left? This year I checked the balance and whoop-dee-doo found it was worth ....$85! EXCEPT, my wallet noted my balance was somehow now "unconfirmed" and thus....unavailable. Spent three days off and on trying to get that fixed. Just like with Linux problems there were a lot of suggestions like, "try this","try that", which of course didn't work. Seems the wallet creator sold his rights to another company that oddly has no support whatsoever now. E T C.

I have concluded my BC fortune is lost. Moral:

Mamas, don't let your babies do Bitcoin, they will for sure get ripped off, and end up being cowboys who wear funny hats.

RichardJuly 1, 2017 12:33 PM

@ Jared hall

"I believe this is the fundamental problem with using WhatApp. If Facebook can re-encrypt messages with the new device key, then they have the original message in plaintext. Screw the notification message."

Please re-read the quote you posted, the requirement that the original sender be online and have notifications enabled seems to indicate that Facebook is NOT decrypting to plain text and "re-encrypting" messages with the new key - instead they seem to be saying that, after verifying the intended recipient's device change is valid, Facebook is notifying the original sender that the intended recipient has registered a new device so that the original sender's phone can resend the original message with the recipient's new device key -- the questions I would have about this process are, first, how does facebook guarantee that credentials can't be stolen or spoofed, possibly allowing a new device to be illegally registered - and second, if the original message is stored on the senders device until delivered, how is this original message protected on the original senders device in the interim (while "in-transit") so that if the phone is seized, these messages can not be read?

RobertFJuly 1, 2017 2:06 PM

@Gerry de Koning

I like what you wrote (and why). I've been trying to locate children's books with similar themes but haven't had any luck.

Do you happen to know of any?

Ben A.July 1, 2017 2:27 PM

@Jared Hall, @Richard

See the post that Moxie Marlinspike (who developed the encryption used in WhatsApp) wrote in response to the original Guardian article.

"WhatsApp could try to "man in the middle" a conversation, just like with any encrypted communication system, but they would risk getting caught by users who verify keys."

"The WhatsApp clients have been carefully designed so that they will not re-encrypt messages that have already been delivered. Once the sending client displays a "double check mark," it can no longer be asked to re-send that message. This prevents anyone who compromises the server from being able to selectively target previously delivered messages for re-encryption."

https://whispersystems.org/blog/there-is-no-whatsapp-backdoor/

Gerry de KoningJuly 1, 2017 4:19 PM

@RobertF

I've been trying to locate children's books with similar themes

I highly recommend the Asterix comic book published in 2015: Le Papyrus de César (French) or Asterix and the Missing Scroll (English). It is a hilarious, slapstick treatment of the Internet, surveillance and whistle-blowing after Assange and Snowden. Although ostensibly a children's book, I imagine the adults will laugh even louder.

As usual for these comics, the book is set in Gaul during the time of the Roman Empire. All the usual characters make their appearance.

tyrJuly 1, 2017 11:19 PM


@Clive

I noticed the same thing years ago as
the hi power stuff got taken offline
in favour of more efficient methods.
In 1925 we had a monster spark gap
rig in the pacific. By 1970 the big
HF stuff was so limited that one base
tried to use the capacitors from a
60KW rig as parts to fix a 100KW unit
with less than stellar results. They
vaporized when it was keyed the first
time. That was about 1970. There may
be a few specialty transmitters left
but trying to find one at an interstellar
distance should be pretty hard. I don't
know how to detect FO traffic at those
distances. I still think looking for
Dyson Spheres would be more productive
but you won't see much external RF
leaking from one.

Doctorow had a great snippet on some gal
at ODNI who was exposed by a FOIA request.
Worth a look if you need comic relief.
it's on Boing boing.

Clive RobinsonJuly 2, 2017 2:50 AM

@ tyr,

Do you mean this story,

http://boingboing.net/2017/06/29/facebook-games-and-sexting.html

She allegedly had Full Time Employment,and was not a contractor which I'm led to belive means that she was either a veteran or disabled service person.

She also appeared to have OCD like behaviour, another employee had seen her game playing and said she did it at the same time of day for the same period... Thus it must have been almost as though she was punching the clock on her activities, or using it as a communications tool...

But it's intresting to note who her other 14 employers were...

It might be she was "greasing the wheel" for their contract bids.

Reading between the lines it appears that the internal investigation into her only started after the IRS got interested in her, for filling what appears to have been both timely and accurate tax records...

I wonder what her political ambitions are, she sounds like a perfect candidate for a senior administrative post or congres / senetor etc. After all there is senior member of the Intel Oversight commitee who has been cussed a few times hear for her behaviour they sound like they have a similar work ethic ;-)

Clive RobinsonJuly 2, 2017 4:46 AM

SES satellite AMC-9 breaking up.

Last month SES satellite AMC-9 in geostationary orbit (GEO) slot 83degW experienced some kind of event and was deemed unrecoverable on 17/06/2017.

Built by Alcatel Space on a carbon fiber based SbaceBus[1] it was launched on 07/06/2003 on a Proton-K[2] launcher. It was nearing the end of it's fifteen year design lifetime, and currently the failure mode is unknown, but it is assumed to be catastrophic. As part of the SpaceBus design there is a station keeping system designed to keep the satellite in it's assigned position for the duration of it's mission, and these days by international agreement sufficient extra fuel so that it can be safely de-orbited so as not to become a navigational hazzard.

It has now been reported that observation by telescope indicates AMV-9 is now breaking up, which is a significant issue. After the Chinese destroyed one of their own satellites with a missile a few years ago it is now known in practice just how bad this can be.

Due to the Kessler syndrome[3] or ablation cascade the debris gets spread over an increasing volume of space. The spreading debris thus increases with time the likelyhood of the debris hitting another satellite which in turn breaks up thus a chain reaction forms.

Due to the velocities involved even flakes of paint you can bearly see are very dangerous.

In Low Earth Orbit (LEO) there is still sufficient atmosphere for drag to cause debris to spiral into lower orbits and thus burn up relatively quickly. However in the MEO and GEO there is little or no atmospheric drag, thus debris can remain in orbit thus a hazzard for millennium.

Which is what may happen to AMC-9 unless somebody sends a mission up to de-orbit the debris, which will be a very expensive even by the standards of satellite launching.

The problem is that satellites fail at a rate of about one a year, and they have less than 25year design lives. The result is we are tracking well over half a million pieces of space junk from a few inches diameter upwards, including lost tools... Whilst we know and can predict future positions of these items, which means at some point we may de-orbit them the same is far from true with debris from explosions or impacts that spall off debris in all directions at very high velocities.

Thus the question arises of unless we do go out to find, capture and de-orbit debris we may not be able to use space in the future due to the increasing cascade rate making debris impact very probable within a short time period of being in orbit. Which means there is a possibility our technological progress based on rapidly expanding global communications may not just slow down or stop but actually reverse.

[1] https://www.wikipedia.org/wiki/Spacebus

[2] https://www.wikipedia.org/wiki/Proton-K

[3] https://www.wikipedia.org/wiki/Kessler_syndrome

Solution: Personal Data OwnershipJuly 2, 2017 6:16 AM

To Tackle Big-Data power, regulators have to go after its ownership of data

Data is a copyrightable asset and that copyright should be controlled by the individual who generates the data. Your data is valuable and should be owned by you and licensed or sold to aggregators of your choosing. You should be able to control how your data is monetized and protected and you should benefit from its exploitation. The concepts of privacy and personal data are inextricably linked and the former cannot be protected without copyrights in the latter being enshrined in international law. However, current intellectual property laws are far from harmonized - or even acknowledged by many jurisdictions.
The entire arena of copyrights, patents, piracy, data protection, trademarks, trade secrets and national security (surveillance and protection) must be separated and the laws surrounding them need to be rebuilt from the ground up. It's almost impossible to imagine any politician tackling, or even understanding, these issues or any Brussels bureaucrat doing anything but making a total pig's ear out of the whole thing.
It's currently a complete mess that companies like Google are generating billions by exploiting. I'm a Google fan and benefit by trading my personal data with them for a range of useful services but I'm looking forward to the day when I start to see a positive balance on my monthly I.P. statement.
The problem with regulating technology companies is that, faced with tough new rules, they can eventually innovate their way out, often by switching to newer, unregulated technologies.
...
More than anything the companies approach is to do whatever they want, ignore any regulations, and say 'try to stop us'.
Their primary innovation is to do an 'old thing' and try to pretend its a 'new thing' and not subject to existing rules. The idea they push that that the technology used used makes a difference is pure smoke and mirrors.
The multinationals also excel in playing the fragmented regulations of individual countries, off against each other. Thats just old school 'divide and conquer'.

Most worryingly, the tech companies are generally supported by their users who, for some bizarre reason, perceive the companies as their trustworthy friends and their own liberal countries as their enemies. (Google's insidious banner campaign against copyright is a particularly notable example, not least because it aims to undermine an individuals right to anything they produce at a very fundamental level). Listening to all the data harvesting tech companies preaching 'privacy' is just surreal.

Those tech company strategies are very successful against the various lazy decadent countries who really can't be bothered to regulate them. They are spectacularly unsuccessful against the various dictatorships - the dictatorships say 'jump', the big tech companies (realizing they've met a bigger bully than themselves) just bend over and ask 'how high'.

These concepts, when implemented into law ARE the solution to the egregious pandemic of data-rape.

AnonJuly 2, 2017 8:30 AM

@Richard: WhatsApp

If you read the quote very very carefully, it says:

when the intended recipient comes back online, any in-transit messages are re-encrypted with the new device’s key

Emphasis mine.

Therefore it would appear very much that not only can Facebook tesend encrypted messages without the original sender, but they have DECRYPT capability, too.

The only conclusion one can draw from this is no message sent via WhatsApp is secure.

AnonJuly 2, 2017 8:39 AM

WhatsApp

The article does not mention that both sender and receiver must be online together for the message to be sent to the new device.

It would be easy to check: register two devices, and send a message while offline. Register a third device with the sender offline, and see if the offline message is received. This would becan easy test to prove the situation?

The standard of investigative journalism is also extremely shoddy. The Guardian article is borderline opinion only. Why not test it and report the results?

When something is easy to prove, the act of failing to prove it suggests a deliberate attempt at obfuscating the truth.

Jared hallJuly 2, 2017 2:25 PM

@Ben A., @Richard: Thank you very much. I did not interpret the article correctly. I installed WhatsApp to take a look at it. The "Show security notificatons" under Settings -> Account -> Security is normally Off. This will alert a sender's phone if the recipients security code has changed. To your first point, Richard: On a Recipient's phone, there is an opton under Settings -> Account -> Two-Setup verification that will force you to enter a PIN when re-registering your phone number with WhatsApp again. To your second point, I do not see where the message store is encrypted at all. I've no way to test queued messages at the sender at this time....FYI

Gerry de KoningJuly 2, 2017 4:03 PM

@Solution:

Copyright laws vary from country to country. Data itself is not usually protected by copyright, only its organization and presentation.

Laws protecting personal data could well borrow an idea from copyrights. In many places copyright includes both economic and moral rights. Often moral rights cannot be assigned or bought; they remain with the author forever. Should the same be true for moral rights to personal data?

Is there a better way to protect Little Red Hen's interests?

I assume that in a just world the interests of those who hold the data, and their creditors, will not always take precedence over the interests of the person the data describes.

Clive RobinsonJuly 3, 2017 2:31 AM

@ Gerry de Koning,

I assume that in a just world the interests of those who hold the data, and their creditors, will not always take precedence over the interests of the person the data describes.

As in practice the assumption is mainly in error, it's probably better to assume "it's an unjust world".

The problem with PII is that we have a banking or credit industry, that are often required by law to not just aquire a ridiculous amount of PII but to trade it to supposadly stop money laundering.

The fact that money laundering still goes on even more than before the various pieces of legislation suggests that either it is not effective or the law was brought in for different reasons.

Either way storing and exchanging such PII costs money, therefore it has an artificial value, which in turn has created a false market where profit can be made. Hence we have "Data Brokers" of various types. Many if not most who actually use countries without privacy legislation to store the data.

I could go on but it boils down to the fact that there is a mantra about collecting PII, which is "it's for your safety and security" which is with a little thought seen for what it is a load of "hogs eyewash".

I suspect that politicians will see the way to reduce this problem will be by fairly draconian legislation with massive fines... that in practice will just make the profit considerably higher and even increase the trading and build further faux markets around it.

Which is what we see with other draconian legislation with the banking, pharmaceutical industry, drugs trade etc...

In practice the only time enterprises move out of faux markets is when there are reducing numbers of customers who can have profit squeezed out of them.

Bob PaddockJuly 3, 2017 7:43 AM

@Wael

"I fail to see the security value it provides. Any elaborations?"

"Researchers have designed a sound that is completely inaudible to humans (40 kHz or above) yet is audible to *ANY MICROPHONE*..."

'Any Microphone' that may be at hand such as Cell Phone. No specialized Ultrasonic Microphones required, such as the Knowles SPH0641LU4H-1.


It has previously been discussed here how to modulate Multi Layer Ceramic Capacitor (MLCCs) in power supplies to exfiltrate data. Singing Capacitors (Piezoelectric Effect)

Bob PaddockJuly 3, 2017 7:59 AM

@Clive Robinson

'"Decryption of Messages from Extraterrestrial Intelligence..."
There is a problem, as we don't transmit only listen, what is the odds extraterrestrial races do the same... That is we could all spend eternity listening...'

Why do we assume E.T. is using Transverse Vector Waves? How many SETI setups are looking to see if they might use Aharonov–Bohm Effect or something that we have yet to learn?

Do you have an insights to these patents of Raymond C. Gelinas assigned to Honeywell?:

4,429,280, 31 Jan 1984, Apparatus and Method for Demodulation of a Modulated
Curl-Free Magnetic Vector Potential.

4,429,288, 31 Jan 1984, Apparatus and Method for Modulation of a Curl-Free
Magnetic Vector Potential Field.

4,432,098, 14 Feb 1984, Apparatus and Method for Transfer of Information by
Means of a Curl-Free Magnetic Vector Potential Field.

4,447,779, 8 May 1984, Apparatus and Method for Determination of a Receiving
Device Utilizing a Curl-Free Magnetic Vector Potential Field.

4,605,897, 12 Aug 1986, Apparatus and Method for Distance Determination Between
a Receiving Device and a Transmitting Device Utilizing a Curl-Free Magnetic
Vector Potential Field.

4,491,795, 1 Jan 1985, Josephson Junction Interferometer Device for Detection of
Curl-Free Magnetic Vector Potential Fields.

Also one by Hal Puthoff:

US5845220: Communication method and apparatus with signals comprising
scalar and vector potentials without electromagnetic fields.

The security implications here are that a Curl-Free Magnetic Vector Potential is not stopped by a Faraday shield.

WaelJuly 3, 2017 10:41 AM

@Bob Paddock,

Any Microphone' that may be at hand such as Cell Phone. No specialized Ultrasonic Microphones required...

Microphones are designed to be optimally operational in a specific frequency range. Assuming the microphone (in a cell phone, for example) is made capable of hearing the ultra sonic waves, then the next stage is a low pass filter (either digital or analog) to limit the high frequency components. The lowpass filter minimizes aliasing effects (Nyquist sampling rate) of sampling...which is a necessary step before quantization, digitization, compression and or encryption. Perhaps the innovation of this method is to transmit the ultra sonic wave in the so-called "shadow format" so when it's received by the microphone it looks like a sound wave in the 20 - 20 KHz range? Basically, the microphone isn't the only component that affects the frequency response of the reciever unless this innovation bypasses subsequent stages in the reciever.

As for the piezo-electric effects in multi-layer capacitors, well... that's not new. Other effects can be used as well to induce ultrasonic / infrasonic waves: transformers, resistors, inductors, trace lines... even tooth filings!

Assuming that the ultrasonic wave makes it through the low pass filter, I understand some use-case scenarios that can be exploited from an "attacker's perspective". The question I'm asking is how can this be used as a defensive measure (as the article alludes to), if you have an idea or saw some detail in the paper that I missed. I actually don't have the time to read the paper and only read the article. I'm assuming you read the paper, hence my question to you.

Bob PaddockJuly 3, 2017 11:10 AM

@Wael

"The question I'm asking is how can this be used as a defensive measure (as the article alludes to)..."


"4.2 Jamming:

Imagine military applications in which a private conversation
needs to be held in an untrusted environment, potentially
bugged with spy microphones. We envision turning
on one/few BackDoor devices in that room. The device
will broadcast appropriately designed ultrasound signals
that will not interfere with human conversation, but
will jam microphones in the vicinity. This section targets 2
jamming techniques towards this goal: (1) passive gain suppression,
and (2) active frequency distortion. Together, the
techniques mitigate electronic eavesdropping." -
http://synrg.csl.illinois.edu/papers/backdoor_mobisys17.pdf


The system works similar to how Binaural Beats work. A 40 and 50 kHz signal make a 10 kHz product signal that only the microphone picks up and not the human ear.

My interest was more in data transfer:

BackDoor attained data rates of 4 kbps at a distance of 1 meter, and 2 kbps at 1.5 meters – this is 2× higher in throughput and 5× higher in distance than systems that use the near-ultrasound band."

Never said anything about the capacitor as transmitter was new, only that it was one of the ways an ultrasonic transmitter could be made surreptitiously.

Clive RobinsonJuly 3, 2017 3:34 PM

@ Wael,

Microphones are designed to be optimally ...

As the old saying has it "there is more than one way to skin a cat".

The first thing you need to remember is transducers whilst having optimised frequency responses also respond reasonably Well to harmonics. They also suffer from a minor problem that if you hit them with a complex signal with low frequency components as mixing products then the transducer will respond.

There is an anti-bugging device that uses two ultrasonic sources that are modulated such that the difference frequency is a GWN signal in the audio range. The result on an electrete microphone is though you are pumping out very high levels of white noise through ordinary speakers. Humans on the otherhand can not hear the white noise so they can have a quiet conversation.

What you do need to be carefull of is to ensure that the lowest frequency components of the white noise do stay above 30Hz for reasons I've mentioned in the past. Which could be summed up as "has serious neurological disadvantages".

WaelJuly 3, 2017 3:55 PM

@Clive Robinson, @Bob Paddock,

responses also respond reasonably Well to harmonics...

True for a transducer. Not very true for a filter. A lowpass filter with a cutoff frequency of 20 KHz will not let higher frequencies through (ignoring the loss or gain of x dB / Octave -- you know, the Bode plot stuff.) But point understood. The input to the filter is already a noisy signal that makes reproducing the original signal challenging - I got that.

There is an anti-bugging device that uses two ultrasonic sources ...

And surely there is an anti-anti-bugging device that can overcome that effect. Even I could think of a few ways.

difference frequency is a GWN signal in the audio range...

Refresh my memory, please: what's GWN?

Clive RobinsonJuly 3, 2017 4:50 PM

@ Wael,

A lowpass filter with a cutoff frequency of 20 KHz will not let higher frequencies through

It does not need to, because the difference frequency between the two ultrasound signals is within it's passband.

Think of the transducer as being a mixer in a radio, one ultrasonic signal being like a strong RF signal the second being like the LO signal, the resulting product coming out in the lowpass filter band pass. Thus passing right through.

It's a similar effect you get with unrestricted "sampling" where any frequency close to a harmonic of the sampling frequency will get reflected down into the passband.

To avoid using expensive analog filter components they can use two harmonicaly unrelated sample frequencies to make low pass filters one quite high the second close in.

As for GWN,

https://www.wikipedia.org/wiki/White_noise

It's "white noise with a Gaussian amplitude distribution". You would more normaly hear it called AWGN but on this usage that would be incorrect.

Clive RobinsonJuly 3, 2017 4:55 PM

@ Wael,

I should ask how you are? As you've not been posting much recently.

I hope you are getting sleep these days as it's lack can make you tired --obviously-- but also granky and much lower in cognative ability, oh and thus a candidate for a self driving car ;-)

WaelJuly 3, 2017 6:29 PM

@Clive Robinson,

I should ask how you are?

Lots of things gong on. Heavy workload, favorite cat eaten by a coyote, other issues... But I kept up with reading stuff here.

but also granky and much lower in cognative ability...

That's just not possible. Already hit rock bottom, dug deeper and struck oil. Any deeper will take me to the opposite side of earth.

A Google First: We Know That We Fell ShortJuly 3, 2017 8:11 PM

Medical Records are Big-Data
Google/Deep Mind took the medical records of 1.6 million patients in England and broke the law:
‘In our determination to achieve quick impact when this work started in 2015.'
This translates to monetizing patient data in weekly reports to mothership Google.
The deal was SUPPOSED to cover access to patient data only for “testing” purposes, and not to be used for “direct care.”

http://www.tomshardware.com/news/royal-free-deepmind-data-protection,34927.html

The bottom line here is to start making profits as quickly as possible then go back and fix whatever the decades-behind regulators uncover. Just say your sorry afterwards with zero consequences.

A major unstated finding is medical providers are incompetent in many aspects of protected digital medical records care and use.

However, to its credit Deepmind is working the issues
https://deepmind.com/blog/ico-royal-free/

Verifiable Data Audit
‘With Verifiable Data Audit, we’ll build on this further. Each time there’s any interaction with data, we’ll begin to add an entry to a special digital ledger. That entry will record the fact that a particular piece of data has been used, and also the reason why - for example, that blood test data was checked against the NHS national algorithm to detect possible acute kidney injury. 
The ledger and the entries within it will share some of the properties of blockchain, which is the idea behind Bitcoin and other projects. Like blockchain, the ledger will be append-only, so once a record of data use is added, it can’t later be erased. And like blockchain, the ledger will make it possible for third parties to verify that nobody has tampered with any of the entries.’
Decentralised data and logs, without gaps. There’s no single patient identified information database in the UK, and so the process of care involves data travelling back and forth between healthcare providers, IT systems, and even patient-controlled services like wearable devices. There’s a lot of work going into making these systems interoperable (our mobile product, Streams, is built to interoperable standards) so they can work safely together. It would be helpful for these standards to include auditability as well, to avoid gaps where data becomes unauditable as it passes from one system to another.
https://deepmind.com/blog/trust-confidence-verifiable-data-audit/

This is the only true progress in that doctors and facilities cannot go back and rewrite history to cover-up any misdeeds.

The fantasy promise:
‘And, in time, we could even give our partners the option of allowing others to check our data processing, such as individual patients or patient groups.’

Only In America
In Americanwaiting rooms the public TVs are being removed. Medical groups are installing private screens running highly-targeted pharmaceutical drug infomercials. Cancer patients see the latest $$$ cancer drugs and same for cardiac patients. They are in every corner blasting against the wishes of sick patients. When questioned, a director claimed the cameras and microphones are being disabled. How thoughtful!

DougJuly 3, 2017 9:34 PM

@ A Google First:
"Google/Deep Mind took the medical records of 1.6 million patients in England and broke the law:"

Wouldn't be the first, nor will it be the last.

"Decentralised data and logs, without gaps. There’s no single patient identified information database in the UK, and so the process of care involves data travelling back and forth between healthcare providers, IT systems, and even patient-controlled services like wearable devices."

That just doesn't sound very scalable. Especialy if you consider all the hidden requirements and the fact that no matter how "decentralized" they appear they may all end up in a centralized virtual zone (i.e. the Google Cloud).

BTW, an early Happy Fourth of July to ya'll new world cats.

Clive RobinsonJuly 4, 2017 1:22 AM

@ Wael,

Heavy workload, favorite cat eaten by a coyote, other issues...

The heavy workload, I understand, I've been there a few times in my life, and it's not good for the system. I was a bit of an adrenaline junky when I was young doing some quite dangerous sports, for the buz. Due to work preasure robbing me of time to do sport, I made the mistake of trying to get the buz via work ... Not good, I woke up one day when slumped over a keyboard at 3AM I started getting the signs and symptoms of a heart attack. The hospital found I'd had a near miss and the doctor did a "Ghost Of Christmas Future" on me and signed me off work for a while.
So not only did I have to take work more slowley I had to find anothet sport I could do around work. So the way I dealt with it back then was to ride my bike hard to burn out the stress hormones. But that only works untill you hit your forties, then other bits start to fail :-(

I'm guessing from the fact you say "coyote" the area you live in is perhaps not best suited to riding a bike for excercise.

And I'm sorry to hear about your pet cat, I've lost a few pets over the years, and I still miss even the troublesome ones.

@ All,

A happy and enjoyable 4th of July to you all. The celebrations started around 10PM UK time yesterday with a large firework display some eight miles from where I live, and it was clearly audible in doors as it rattled the windows.

tyrJuly 4, 2017 1:59 AM


@Wael,Clive

The coyotes will eat you too if allowed
to pack up. The mis-guided have decided
that they must be protected, forgetting
that the reason they wern't bothering
anyone was a vigourous scouring of them
from around human habitations. Now they
are being allowed to move into the city.

Given a reasonable habitat and culled
out of areas where they are not wanted
would be a lot more reasonable than the
current insanity. Once they eat a few of
the city children I expect things to be
changed. Too bad your cat had to be a
sacrifice to the Moloch of human stupidity.

Sometimes ambition makes you into your
own worst enemy.

RachelJuly 4, 2017 2:07 AM

@ Clive

OT I know, but I must ask, what are they doing celebrating 'that' day, with fireworks no less, in ye olde grande merry land? It's quite disturbing to hear

ab praeceptisJuly 4, 2017 2:39 AM

Rachel

I was also wondering but I think it's the day they celebrate that long ago some slave owners (referred to as "founding fathers" over there) told them ironically that all men are equal.
Unfortunately I can't tell you the exact year when that happened as asking us-americans on the street yields inconclusive responses ranging from "about 1700" to "1984 or something like that".

We shouldn't be too worried, though, as there are by far more important things to ponder about. The funny spots on my neighbours cats belly are but one example.

Btw, from what I understood Clive Robinson seems to come from the uk.

WaelJuly 4, 2017 2:55 AM

@Clive Robinson, @tyr,

Yes, I live in an area that has a lot of coyotes and some mountain lions and Bob cats. I deleted the cat's picture from my LinkedIn account (it was the picture I used instead of mine. Security, you know.) Siamese cat with dark blue eyes, only four years old. She loved me so much and played fetch with me all the time. Second cat to be eaten, I have only four left. But the two coyotes that are the first cat payed a price. Long story and way OT, though ;)

So the way I dealt with it back then was to ride my bike hard to burn out the stress hormones.

The way I deal with it is to read and post some humorous things (in my opinion) here. Works like a charm until someone says something stoopid that raises my blood pressure. Lately I've been following some YouTube educational videos on QC, the universe, physics and electromagnetics, Gags for laughs, and Arabic grammar (by one of the top, if not the top, grammarians.) I love grammar but discovered how little I know. Over 200 hours on the topic, and still brushing the surface! I planed to finish reading the books I got, from recommendations made here but didn't finish half of them yet.

I also had several personal ideas and projects to work on, but no time... and a somewhat waning desire.

One more thing about the cat. She caught a bunny rabbit or two every week, some of them infants. In a way, what happened to her is fair. Who's to say her life is more valuable than the lives she took? My biased opinion is insignificant. She killed for fun, and coyotes ate her because they're hungry. Befitting topic for the title of this squid thread...

WaelJuly 4, 2017 3:01 AM

Btw, from what I understood Clive Robinson seems to come from the uk.

OMG! See what I'm mean? Where are them blood pressure pills!

WaelJuly 4, 2017 3:29 AM

@ab praeceptis,

I was also wondering but I think it's the day they celebrate that long ago some slave owners (referred to as "founding fathers" over there)...

Easy to attack, eh? Tell me where you come from and I'll dig up your dirty history ;)

Dirk PraetJuly 4, 2017 4:46 AM

@ Clive

Not good, I woke up one day when slumped over a keyboard at 3AM I started getting the signs and symptoms of a heart attack.

Hmm. That sounds remarkably familiar. Something similar happened to me about 7 years ago. I was down with a burn-out for nearly 6 months but eventually made a full recovery by getting rid of the unbearable stress levels caused by a slave driver of an employer, a love interest and a close relative going through a clinical depression but refusing to seek professional help for it. Uprooting the underlying causes combined with heavy physical exercise actually proved a much more efficient approach than medication and council. As did re-adjusting my BS detectors. You just can't please everyone, and trying too hard anyway eventually makes your head blow up.

Clive RobinsonJuly 4, 2017 6:52 AM

@ Rachel,

what are they doing celebrating 'that' day, with fireworks no less, in ye olde grande merry land?

As @ab praeceptis suggested I do live in the country of Robin Hood and his Merry Men and a few other folk hero's. Some real like Robin some fake like King Arthur and his Knights of the round table. This country that prior to WWI proudly believed in the right of anyone coming here to stay, work and become wealthy. That included those who would now be considered terrorists or political disidents. Thus it is unsurprising the this land gave birth to many ideas that changed the world.

Whilst things have changed a little there is still a largish contingent of American citizens, armed forces personnel and diplomats here, and provided they are "peaceful" few have any objections to them having the odd celebration. In fact a number of non American citizens set up their own celebrations at the same time simply because the weather is good for out door partying. As an Australian friend of mine once remarked to the effect the British are daft, as we have our public holidays in your winter when all you can do is shiver (said at an impromptu Australia day barbeque where beach wear was obligatory, and the beer most definitely iced by snow on the ground).

RachelJuly 4, 2017 7:55 AM

nice response Clive. You are of course unmistakeably from the UK, everyone knows this, quite clearly for the simple fact no one in in the US is named Clive. Or Robinson.And most certainly not at the same time. There can only be one!!
I've observed Australia has a habit of making federal policy announcements identical to those of either England or the US, and announced at the same time.
offical mandate to backdoor crypto very recently, and restricting working visas because 'jobs for Australians, not for foreigners' a little bit before that.
The human being occupying the highest political seat in your country of England has been exhibiting some degeneration in physicality and speech recently, and it reminded me of certain degenerations of the body occuring towards the end of the career of a famous wartime leader - a human being a bit before our time, whom Europe and indeed all of history will remember in name forever.
I wondered if your current one has undergone a few sessions of 'hypnotherapy' like that other historical leader was known to have done quite early in his career. If she has it would explain a lot,

JG4July 4, 2017 8:23 AM


http://www.nakedcapitalism.com/2017/07/links-7417.html
...
Big Brother is Watching You Watch

Fifteen new devices from Technoethical now RYF-certified to respect your freedom Free Software Foundation (Chuck L)

Surveillance without Borders: The “Traffic Shaping” Loophole and Why It Matters Century Foundation. From last month, still germane.

JG4July 4, 2017 8:27 AM


wishes everyone who observes Independence Day a happy, safe and sane celebration


Clive RobinsonJuly 4, 2017 10:26 AM

@ Rachel,

The human being occupying the highest political seat in your country of England has been exhibiting some degeneration in physicality and speech recently

If you are talking about Madge / Brender / Her Royal Highness Queen Elizabeth II, then although she holds the post of "Head of State" her role is not a political in the sense of Presidents, Tyrants Despots and some other Monarchs. Whilst the roll is not entirely ceremonial it is also not "political". The Royal family has a fairly tough job and some of them I'm sure are a disapointment to her. It's not a job I would want for love or money.

Whilst in theory the roll of monarch does have considerable power using it would seriously upset the delecate balance of the system. But consider the down side of such restraint, she has a weekly audiance with the Prime Minister, during which she has to remain polite and attentive and give subtle advice, to what are in most cases a bunch of narcisstic sociopaths who's self belief defies all normal forms of logic and often morals. The ability to resist grabing a sword of the wall and having at them like a Turkish Kebab must require almost inhuman strength. Likewise not throwing up reading "The Queen's Speech".

And tell me how you would feel if the grinning japanapes Tony Blair woke you at 3AM in the morning to sign sight unseen an emergancy powers bill because the voters had got sick of his idiotic behaviour?

How about having to be nice to mass murderes and child molesters that expect to sit next to you at a Royal Banquet?

The less than minor failings of various political leaders from many nations can be stomach churning to put it mildly, but protocol has to be followed...

So no not a job for this man especially with all those sharp objects handy, there would just be too much desire to give a few one slice hair cuts ;-)

What that level of stress does for ones arteries I have no idea and no wish to find out.

As for our current PM her own parties grandiess are telling her she must stay for Brexit, then vacate office for a successor to take over in time for the next election... So that gives you an idea of just how much the rest of us believe in her. After her little "Money does not go on trees, but heres a hundred million each for you DUP politicians to buy votes with..." it's a wonder she's not been draged away in a night of the long knives...

As for Winston Churchill he had a number of failings including authorising the use of chemical weapons in Syria against Russian's. But he also suffered throughout his life with fairly severe clinical depression that he half humourously called his "black dog" (not a name he invented). What is not clear is if it was unipolar or bipolar, with many thinking it was probably the latter due to manic symptoms and his fear of wanting to kill himself, which manifested in avoidence of railway platform edges and the edge of docksides and similar.

The point being that there were no chemicals to use as a crutch, he had to battle it out mainly alone, untill quite latr in his life when Doctor Lord Moran could use nascent drugs such as amphetamines.

JG4July 4, 2017 11:56 AM


@Clive

Thanks for another profound view of the human condition. I just invoked Churchill's n-part series on the second global war. I think that he said, "History shall be kind to us, for we shall write it." Then he did.

It will not have escaped the sharper observers that Chemical Ali's efforts against the Kurds were blessed by the Reagan administration, or at least elements thereof. Just for the record, Saddam Hussein, Manuel Noriega and Idi Amin were hand-picked psychopaths, who didn't work out in the longer term.


RachelJuly 4, 2017 12:19 PM

Hi Clive, wildly off topic, this is enough. But for your interest,
I was drawing a comparison between Hitler being hypnotised on a couple of occasions early in his political career - this is documented - and the degeneration of his physicality and speech towards the end of his career, claimed to be symptoms of the complete and total brainwashing he was subject to.
And: the recent mannerisms and behaviour of the highest political seat, which, as you pointed out, is not the Queen.

Clive RobinsonJuly 4, 2017 1:42 PM

@ Rachel,

People talk about "the woman behind the man", "the power behind the throne" and similar. What you rarely hear "Is the Dr behind the figure head", which is a shame, because you would be surprised at just how many well known faces are kept smiling, awake, etc etc by handfulls of perscription meds.

Quite a few national / world leaders from quite early in history were on what we would now call drugs of various forms.

But a number of the "national socialists" in Germany in the thirties and early fourties were quite literaly out of their heads on pharmaceutical products that even today would be regarded as edgy...

ab praeceptisJuly 4, 2017 3:06 PM

Wael

"Tell me where you come from and I'll dig up your dirty history"

Of course. But then, where I come from, we are not proud of the dirt and don't celebrate it (after covering it with ignorance and lies).

To avoid misunderstandings: I do *not* despise *all* us-americans; in fact, I know a couple of intelligent and generally nice ones personally.

Btw. sorry for you re. your cat. You are probably right with your musings (killing for fun and coyotes killing her for a needed meal) but still it's sad. May she dwell in mice heaven.

WaelJuly 4, 2017 4:50 PM

@ab praeceptis,

Of course. But then, where I come from, we are not proud of the dirt and don't celebrate it...

I can't comment due to lack of information. I'll drop this part of the topic. It'll go nowhere.

To avoid misunderstandings: I do *not* despise *all* us-americans; in fact, I know a couple of intelligent and generally nice ones personally.

A few remarks: "Knowing a couple of intelligent and generally nice ones personally" doesn't imply that you do not despise them. But I'll take it to mean that you don't.

Then this follows: Are these two traits (opposite of intelligent and nice) limited to the "us of a" people? Who else do you despise?

One can infer that you despise people who are stupid and "not nice", by extension: ignorant and gullible (believe blatant lies, and celebrate the occasion as well): history forgeries. There are two ways to criticize: constructive criticism and non-constructive. Perhaps you can educate others on how to correct what you see as "bad" or "ignorant".

May she dwell in mice heaven.

That was funny. Thanks.

@Ratio,

Some of them, I assume, are good people.

Two of them, so far. Now do your thing and calculate the ratio (some information is still missing, do you know what?) Whatever your calculation produces, I have a feeling it'll be a rather small ratio.

me_tooJuly 4, 2017 5:31 PM

@Wael

Siamese cat with dark blue eyes, only four years old. She loved me so much and played fetch with me all the time.
Same here, but I wouldn't call her blue eyes dark, and she was only a year old. Loved to play fetch though ;-) It's been about a year since... Sorry, I wanted to say it got better with time, but reading that made me tear up a little again.

RatioJuly 4, 2017 6:11 PM

@Wael,

Seems the quote wasn't accurate. It should have been: And some, I assume, are good people.

WaelJuly 4, 2017 7:30 PM

@Clive Robinson, @Bob Paddock,

It does not need to, because the difference frequency between the two ultrasound signals is within it's passband.

I'm no acoustics expert. I experimented with an iOS application called "tone generator". Ran it on two devices and couldn't hear any interference patterns. Tried several frequencies including ones I don't hear. No luck. I guess the ear is a logarithmic device like some say and hearing characteristics of the ear are different than those of electret microphones. So I get why this works now. Read parts of the paper, too.

Dirk PraetJuly 5, 2017 4:28 AM

@ Clive, @ Rachel

But a number of the "national socialists" in Germany in the thirties and early fourties were quite literaly out of their heads on pharmaceutical products that even today would be regarded as edgy

Edgy doesn't even cut it in Hitler's case. His personal physician Theodor Morell, whom many considered a total quack, administered him metamphetamines on a daily basis, combined with other substances like morphine, cocaine, adrenalin etc. Quite a few historians suspect Morell was at least partially responsible for Hitler's increasing madness, deteriorating health and premature aging towards the end of the war.

In the early stages of the war, Pervitin - in essence pure meth - was also distributed in large quantities to the German armed forces, meaning defenders across Europe were actually up against an army of drug-crazed motorheads.

@ ab praeceptis, @ Wael

I didn't mention my nationality as I consider it irrelevant (nor am I particularly proud of it).

I have long suspected you to be either German or Austrian.

@ Clive

Interesting things happening in the Ukraine ocer petya attack,

If MeDoc indeed was a totally careless patient zero/infection vector, the question remains who subverted their systems to begin with. Could be anyone from a state actor to a bunch of Romanian cowboys lulzing about.

WaelJuly 5, 2017 5:20 AM

@Dirk Praet,

meaning defenders across Europe were actually up against an army of drug-crazed motorheads.

You mean defending against a Berserker-like army?

Some scholars propose that certain examples of berserker rage had been induced voluntarily by the consumption of drugs such as the hallucinogenic mushroom Amanita -- Wiki article, origin of the expression "going berserk"

Dirk PraetJuly 5, 2017 5:54 AM

@ Wael

You mean defending against a Berserker-like army?

Pretty much so. I suppose you have seen old war documentaries featuring German pilots carrying out death-defying runs with their fragile Stuka dive bombers. Knowing they were totally high on meth kinda sheds an entirely different light on their actions. Must have been one hell of a rush.

JG4July 5, 2017 6:45 AM


I have seen several times the claim that Kennedy was addicted to pain-killers for his back injury, and to amphetamines. Thanks for inspiring me to look it up. Apparently there is some truth to the story, but it had a happy ending when the northern hemisphere wasn't plunged into nuclear genocide.

https://en.wikipedia.org/wiki/Max_Jacobson
...
By May 1962, Jacobson had visited the White House to treat the President thirty-four times.,[12][13] although such treatments were stopped by President Kennedy's White House physicians who realized the inappropriate use of steroids and amphetamines administered by Jacobson.[14] It was later observed that President Kennedy's leadership, (e.g. the 1962 Cuban Missile Crisis and other events during 1963), improved greatly once the treatments of Jacobson had been discontinued and been replaced by a medically appropriate regimen.


JG4July 5, 2017 7:25 AM


http://www.nakedcapitalism.com/2017/07/links-7517.html
...
U.S. Flag Recalled After Causing 143 Million Deaths Onion (UserFriendly)

America’s violent birth: Why we shouldn’t be surprised that U.S. politics is a blood sport now Salon

Happy Independence Day Ian Welsh (martha r)

Your Human Right to Revolt: When is it OK to Overthrow Your Government? 4th of July Edition, 2017 John Laurtis (martha r)

Tying loose ends? Gravitational waves could solve string theory, study claims Guardian (UserFriendly)

“Explosive methane will create two million jobs!” Hypergeometric (Philip P)

...
Imperial Collapse Watch

The Price of America’s Endless Wars Consortium News

US still has no path to peace in Afghanistan, bipartisan senators say Guardian

Big Brother is Watching You Watch

How to See What the Internet Knows About You (And How to Stop It) New York Times

Google Could Soon Have Access Sensitive Genetic Patient Data— We Should All Be Worried Newsweek. I am at a loss to understand why anyone would voluntarily allow their genetic data to be collected, save cases like a family history which points to having the BRCA gene, and even then I am not so sure. Given the way the world operates, you are certain not to be able to keep that information private.

WikiLeaks Exposes CIA Targeting Linux Users With OutlawCountry Network Traffic Re-Routing Tool HotHardware (resilc)


Clive RobinsonJuly 5, 2017 7:39 AM

@ Dirk Praet, and others interested,

... the question remains who subverted their systems to begin with.

Yes my thoughts were similar, especially with NATO cyber numpties trying to run the "go kinetic" flag up the mast. It was almost as though the NATO cyber numpties were expecting it and had plans drawn up.

Even if the company has reasonable software support sustems in place with logging of which user submitted etc, Ed Snowden showed just how much you should trust your work colleagues (which is not at all). Howrver I suspect the person responsible is either untouchable or moved on. If the article is correct it's not as though there were not warnings...

Bob PaddockJuly 5, 2017 7:48 AM

@JG4

Dr Janet G. Travell was Kennedy's physician. This is what happened after the drugs were removed:

Her LENGTHY two volume set Myofascial Pain and Dysfunction: The Trigger Point Manual is still required reading in several areas of Medicine. Such as the non-drug treatment of Chronic Pain.

Volume 1: Upper Half of Body, Volume 2: Lower half. Most of the books are actual drawings of muscles and the standard locations for 'trigger points', rather than text.

The three non-drug techniques addressed in the volumes are:

1) Injection of a anesthetic by a doctor into the Trigger Point site, doing it wrong will just give you more Trigger Points.

2) Number two is known as Stretch And Spray. As a Therapist stretches your muscles as they spray them with a very fast evaporating cooling agent [Fluori-Methane I think but I'm not sure.] that causes the muscle to lengthen.

3) Direct Trigger Point pressure. This is some thing you can learn to do your self with a bit of practice. Although for some Trigger Points that are on your back it is easier to have help from some one else to press on them. When you, or some one finds a Trigger Point, you'll know it. It will make your pain much worse, and muscles tighter, and keep in mind that the Trigger Point may be far removed from where your pain is, thou it will always be within the same muscle as the pain. However you can get a overlapping effect because many muscles do overlap. [A Trigger point might be on the muscle under the one that you are actually pressing on. A trained therapist knows how to deal with this.] If you had the book you can look at the pictures and charts that say if it hurts here, press there. Don't start by pressing where it hurts, that is almost never the Trigger Point, thou there are exceptions.

I'll stop there as we are drifting from Security; Security is always easier when healthy...


WaelJuly 5, 2017 8:13 AM

@Dirk Praet,

Must have been one hell of a rush.

Figuratively and literally!

WaelJuly 5, 2017 8:25 AM

@Clive Robinson,

Interesting things happening in the Ukraine ocer petya attack,

Elementary! Someone didn't want to pay taxes (or taxes to be paid on time.) Similar to what a student who's not ready for a test would do to pull a trick to have the school closed for that day.

Eighty percent of companies in Ukraine use the MeDoc software and the country’s parliament is working to extend tax deadlines in order to account for the messy disruption.

Bug the ChildrenJuly 5, 2017 9:09 AM

JG4, thank you for the pointer to Outlawcountry. What's striking about it is how very, very tailored it is: requirements include CentOS/RHEL 6.x, kernel version 2.6.32 with nat table and half-assed security. This is not for hard targets who do process monitoring or serious intrusion detection. The means are consistent with the IC's pattern of picking on soft targets for bureaucratic brownie points. A survey could narrow CIA's possible targets down to a very small set. Bet it turns out to be a typical IC victim: a third-world nation with an army that moves out in stake trucks and marches with brooms; or some shoestring civil society organization like Save the Children or the KLWCT. Critical National Security Threats, as we insiders say.

Bruce SchneierJuly 5, 2017 1:27 PM

@ab praeceptis

I have deleted comments of yours that have strayed from the topics of this blog. Consider this a warning before being banned from commenting.

Thank you.

ThothJuly 5, 2017 11:23 PM

@all

More LOLz for Systemd crappery. Look at the following quote from the site below...



systemd encounters an invalid name in a unit file, like "0day," it will ignore the parameter and create the requested service. As the documentation states, "If systemd encounters an unknown option, it will write a warning log message but continue loading the unit."

But it will run the unit with root privileges instead of rejecting it or adopting more restrictive permissions.

The issue was raised through a GitHub Issues submission a week ago, but Lennart Poettering, one of the lead maintainers of systemd, insisted the software is working as intended and declined to implement changes.

It seems systemd and Linux itself is simply beyond cure. Anyone wanting any security or privacy (even the least sense) at all should never touch these vulnerable systems and simply move to OpenBSD without excuse. Linux is a gone case just like Windows in it's current phase.

Link: http://www.theregister.co.uk/2017/07/05/linux_systemd_grants_root_to_invalid_user_accounts/

Dirk PraetJuly 6, 2017 7:25 AM

@ Thoth

But it will run the unit with root privileges instead of rejecting it or adopting more restrictive permissions.

That is horribly f*cked up. Admittedly, you already need root privileges to exploit it, but it's beyond me that Poettering refuses to fix this.

Clive RobinsonJuly 6, 2017 9:13 AM

@ Dirk Praet, Thoth,

That is horribly f*cked up. Admittedly, you already need root privileges to exploit it

Whilst the first statment is most emphatically true, I'm not sure the second is. It will need some experimentation but I think it can be done via a couple of tricks around other admin tools.

For instance you have to be carefull how you remove a user from a system where "co-operative working" uses shared groups. Back in times well past simply changing their entry so that their default shell became a program that raised an alarm with the admin, printed up a message and locked down the tty line for a time was sufficient.

But that advice got changed to lock the user entry, create a new user directory under a different name and copy the files into it and include it into the deleated users groups. But some advised leaving the owner as root and the group/other as read/execute...

Admins have done strange things for reasons that others would not think about, and once "scripted" may lurk for a long long time...

Knoppix fanJuly 6, 2017 12:18 PM

Pros and cons of Knoppix 8.0 vs. 7.7.1 vs. ( other Knoppix version)?

RachelJuly 6, 2017 12:23 PM

I was extremely dismayed, shocked and saddened to read Mr Schneier's comment to Ab Praeceptis that he should consider himself warned.
Firstly Ab Praeceptis makes stellar, articulate contributions comprised of experience, intellect, and obvioulsly serious reflection. In an era on this blog when the halycon regulars have vaporised and the blog struggles with the equation of managing a signal to noise ratio on occasion, iconoclasts such as Ab Praeceptis who are genuine elders and teachers in this field should be saluted and then warmly embraced. I'd be devastated if I could no longer read his comments!! And to call me a lightweight is being generous. So how much more relevance and usefulness are his posts to the really great minds here- including those lurking (sandbagging to use old citizens band radio speak)

Secondly, for the odd occasions thats Ab Praeceptis writes [well considered, substantiated, challenging and lucid] posts about, for example, non-establishment takes on Russia and Ukraine - how is that worse or different than the litres of crap spewed forth about Trump and Elections, on and on and by multiple handles here, some familiar some not, over months and years?
In the case of Ab Praeceptis, when he writes about Russia he is actually contributing value. He makes a solid argument, it's not trolling, and it generally acts as a good zen stick for those whom need it. Regardless of if its palatable to consensual reality or not. I still love reading it. You can't make any of of those claims about many commenters posts about US politics.

Him being off topic is another story. Hardly an original crime around here. But the vibe I got is Ab Praeceptis is being accussed of something worse than that. Which I am strongly disputing - as an admirer of Mr Schneier and this blog and several of the key contributors;
Clive Robinson, Dirk Praet, Nick P, Thoth, JG4, Wael, Figureitout, being the bread and butter here.

Clive RobinsonJuly 6, 2017 1:28 PM

@ OpenBSD newbie,

The use of KARL as opposed to KASR is a good idea and several steps ahead. Whilst it is still possible to attack it, the workload should be high. Thus moving OpenBSD way up further on the fruit tree :-)

No doubt other regulars will have things to say on it in the near future.

Dirk PraetJuly 6, 2017 2:02 PM

@ Rachel

But the vibe I got is Ab Praeceptis is being accused of something worse than that.

Playing the Devil's advocate, the problem with some of @ab's comments is not the content or even going off topic, but the rather explicit phrasing which at times is kinda reminiscent of a past contributor with a somewhat similar style. Some of the old-timers here may remember one @Richard Hack, whose often abrasive comments eventually got him banned too.

Although @ab praeceptis and myself are hardly ever on the same page about anything, I would miss his insightful comments too, especially on everything related to programming techniques and methodologies. As I still do those of @Richard Hack, whom to date I follow on Twitter. And he hasn't changed a bit.

@ Clive, @ OpenBSD newbie

Thus moving OpenBSD way up further on the fruit tree

Absolutely cool feature. Thumbs up for Theo and his crew.

@ Knoppix fan

Pros and cons of Knoppix 8.0 vs. 7.7.1 vs. ( other Knoppix version)?

I've been using Knoppix on and off for the last ten years. Very comprehensive distribution with excellent hardware support, ideal for troubleshooting and taking with you on the road, for example when using a machine in an internet cafe in a foreign country. I haven't tested v8 just yet.

WaelJuly 6, 2017 3:34 PM

@Rachel, @Dirk Praet,

I was extremely dismayed...

Truly yours, @Clive Robinson, @Figureitout, @Dirk Praet, @name_withheld_for_obvious_reasons, many others were also warned by the moderator - some were on the verge of being banned. We call it "yellow card"; search for it as I don't want to give explicit links. @ianf got warned once and he couldn't take the stress then disappeared. Strange for such a thick-skinned person. I actually miss him, in some paradoxical way - even though he was kinda rough with some of us... but conversations with him frequently brought a smile to my face (I wasn't exceptionally kind to him either -- but he had a sense of humor and didn't cut discussions short. He had a lot of stamina.) I wonder where he went. If I remember correctly: I still owe him a vulgar cryptographic limerick :)

I could be mistaken but @Nick P didn't receive a yellow card (at least directly) yet -- his record is clean: no rap sheets; no mug shots.

@ianf: wherever you are, I hope you're doing well: alive and kicking, above the sod somewhere in a beautiful Italian countryside. You should stop by sometime and drop us a line ...

ab praeceptisJuly 6, 2017 4:06 PM

Rachel, Dirk Praet et al.

Thank you very much.

I assume Dirk Praet is right but that is beyond my reach. I never play games here, I never write under different names and I (intentionally) don't hide behind a vpn. I don't see what more I could do (btw, I do not have either a twitter nor a facebook account).

The only other thing I see is that I should stay away from anything related to nations and politics. That might feel hard subjectively but in the end, what I or anyone else does or does not write re. politics will hardly change a lot in reality.

I respect Bruce Schneiers right to have or make any rules he pleases for his blog and I intend to respect them as well as I can. That might be easier, however, if they were clearly stated.

CzernoJuly 6, 2017 4:38 PM

@a p :
> That might be easier, however, if they [rules] were clearly stated.

Indeed. Guess some of your targeted political comments and allusions, moreover insistent repetition of them hit a sensitive chord of Bruce's. Something on the verge of freudian, it could be hypothesized, but let's leave that not to be mentioned again.

I'm glad you chose to stay with us within the rules decreed by Master Bruce and grace us with your topical, informed and well thought comments on the security of networks and computers programming. Like others have said before and better than myself, losing your insights would have been a net loss for this blog"s audience (whether active or mostly lurking).

Clive RobinsonJuly 6, 2017 5:39 PM

@ ab praeceptis,

The only other thing I see is that I should stay away from anything related to nations and politics

The rules used to be avoid anything contentious that would lead to flame like behaviour. Thus the politics relating to security provided it was not partizan and was kept polite and did not derail an active thread used to be tolerated. But in general anything gun related or similar was to be avoided unless the thread was directly related to it.

However due to changes caused by the economic slow down and lack of realy technical subjects to get our teeth into, things got a bit slow. The lack of realy technical subjects, had the downside that whilst they were apolitical, less techical subjects have a political aspect some significantly so (attribution being one such thorny area).

But the changes in the political landscape over the past year and a bit, and the sudden appearance of people with axes to grind either personaly or on behalf of others, has caused an extra and quite noticable and detrimental effect on this blog.

Lots of people who were frequent posters now only post once in a while or less. Likewise those who might become posters and take up some of the slack see some of the hostile activity --which in times past would have been a tiny fraction of other posts-- and are discouraged from posting. Which unfortunately is a spiral in that there are less and less posts.

As I've said in the past I would not want to run my own blog, they require a lot of effort, even when you can get good guest comment. Then there is the issue of moderation, it's a bit like having a social event in your home, you want every one to come and enjoy their time, and so give back to the atmosphere. But you know there will be one or two who will be over enthusiastic in some respects which will entertain some but could upset others if it goes to far. The hard part as a host is to get the balance right and keep it enjoyable for as many as possible. Moderation is thus hard when things are going well but much more difficult when things change suddenly.

I did not see your comment so can not comment on it but I would say that of recent your comments have been less sharp than in past times which is why I was supprised to see the "yellow" message/card.

As Wael has noted a number of "the usuall suspects" have had a yellow card and I suspect that those of us who have had them --myself included-- will admit that we deserved a reminder to stay within bounds. But as I've said the background has changed a lot recently so the bounds are changing likewise, hopefully things will settle down again soon.

Joe KJuly 6, 2017 6:13 PM

@Wael

@ianf: wherever you are,

Busy running the @SoMuchGuardian twitter account, or so I like to imagine ;)

I hope you're doing well: alive and kicking, above the sod somewhere in a beautiful Italian countryside.

Seconded.

You should stop by sometime and drop us a line ...

I think you have to say the name three times.

WaelJuly 6, 2017 8:50 PM

@Clive Robinson,

If you want to lose a few hours have a think about what it might mean for both QComp and QKeyDist.

That'll definatley make one lose more than a few hours! The notion of retrocausalty isn't only counter-intuitive, it also destroys the building blocks of human mental faculties! It's also not testable, I mean how could one test such a hypothesis? But I'll defer further comments until I waste several hours on it. Or come to think of it: the previous sentence is my response! I'll waste a few hours later. There! A practical application of retrocausality :)

@Joe K,

@ianf, @ianf, @ianf: drop the cockroach and come back ;)

tyrJuly 6, 2017 10:48 PM


@Wael, Clive

You can push instrumentation a lot closer
to an event than you can get with human
sensorium. I'm not buying a claim of
retrocausation as a backward travelling
event in the realm of testability until
you can build the time machine to see.
Doing an experiment to discover the now
particle should tell you something about
the past but that's just a tautology in
fancy dress.

The debate over determinism isn't over
even though there have been some neat
neural data lately. Whether this ruins
the building blocks of mental faculties
depends a lot on your personal set of
them.

The universe is not only stranger than
we suppose, it may be stranger than we
can suppose.

I think that's JBS Haldane but I've
seen it attributed to others.

WaelJuly 6, 2017 11:25 PM

@tyr,

there have been some neat neural data lately.

I'd be interested in a pointer to such data - just curiosity.

Whether this ruins the building blocks of mental faculties depends a lot on your personal set of them.

Explain or recommend a book! No hard-core philosophy books, though.

WaelJuly 6, 2017 11:39 PM

@tyr,

The universe is not only stranger than we suppose, it may be stranger than we can suppose.

And what's the consequence of that statement?

Clive RobinsonJuly 7, 2017 2:05 AM

@ Wael,

And what's the consequence of that statement?

You might remember that back in the 1930's there was a lot of change in what we would call "maths" some upstart overturned the apple cart about logical systems. In essence he showed that any sufficiently expressive system of logic that was self consistant and powerfull enough to describe the arithmetic of the natural numbers would be both recirsive and axiomatic and importantly --and upsettingly so-- that there would be propositions about the naturals that would be true but cannot be proved from the axioms...

Further many people have made similar statments such as "There are more things in heaven and earth..." but the one I like comes from Wolfgang Pauli,

    The best that most of us can hope to achieve in physics is simply to misunderstand at a deeper level.

Thus it may be we do not have the capability to understand our universe and what makes it tick. At the very least we have the minor problem of "Turtles all the way down" of "where did all this stuff all come from". If I remember correctly we've discussed this in the past.

But there is the old "Out of nothing any argument can be made without refut" to content ourselves with.

RachelJuly 7, 2017 6:49 AM

At Wael

the entity you referred to
1. I felt utterly sorry for someone in such a parlous state of mental health
2. Your comments about them speak of your compassion
3. You are surely the only one on this blog with such profound sentiments
4. Their departure was a quantum leap forward for this blog, in the era of their presence
5. I had hoped their name would never be mentioned here again
6. Their comments were entirely incomprehensible, and can you imagine their social skills at a wedding - imagine how long they'd last in one of Dirks pubs? Admittedlly the verbal exchange (before the inevitably occurred) would be pricless.
7. Their presence here jumped the noise signal 50:1
8. I am utterly astounded the Mod took so, so so so so so so long to intervene.
9. Admittedly, like something from a Gurdjieff anecodate, my empathy was increased as a result as I was reminded what the world outside my mind can be like, for some folks

JG4July 7, 2017 7:22 AM


@Rachel - I am honored to be mentioned in same sentence as Clive and the other Titans. I too miss ianf.

@Bruce - I missed ab p.'s post that strayed over the line and had been meaning to ask that sufficient information be included in any yellow flag to allow anyone to avoid a future repeat of the particular offense. I probably am as guilty as most for getting off topic, although my holistic view sees everything or almost everything as an interconnected system.

Can't recall if I picked this gem up here, but this is a brilliant example of the collective inability to navigate a complex set of conflicts of interest:

http://www.latimes.com/local/california/la-me-stranded-nuclear-waste-20170702-htmlstory.html
...
But the San Onofre nuclear power plant will loom for a long time as a
landmark, its 1,800 tons of lethal radioactive waste stored on the
edge of the Pacific and within sight of the busy 5 Freeway.
Across the site, deep pools of water and massive concrete casks
confine high-power gamma radiation and other forms of radioactivity
emitted by 890,000 spent fuel rods that nobody wants there.
And like the other 79,000 tons of spent fuel spread across the nation,
San Onofre’s nuclear waste has nowhere to go.
The nation’s inability to find a permanent home for the dangerous
byproduct of its 50-year-adventure in nuclear energy represents one of
the biggest and longest running policy failures in federal government
history.

I think that I picked this up from Drudge:

file under, "low-tech biowarfare in the news"
https://www.thelocal.no/20170706/sheep-poo-makes-norwegian-cyclists-sick

and this:

https://www.nytimes.com/2017/07/06/technology/nuclear-plant-hack-report.html

and this:

file under, "because they're made out of tasty meat"
http://www.palmbeachpost.com/news/state--regional/report-alligator-seen-chewing-body-everglades/LBixXLGZsjMEWLNDnjp80H/

In case anyone missed it, years before there was a Drudge web page, someone used to post to alt.conspiracy under a Drudge username.

I've probably been clear that I think that NZ and AUS would be good places to emigrate as a clear withdrawal of consent for the US genocide by psychopath program.

http://www.sbs.com.au/yourlanguage/punjabi/en/article/2017/06/30/your-chance-migrate-australia-new-occupation-list-2017-18-announced
...
12 occupations have been entirely removed from the list of eligible skilled occupations, nine of these were eligible for 457 and 186 visas on 19 April 2017.
Occupation ANZSCO code
Equipment Hire Manager^ 149915
Fleet Manager^ 149411
Picture Framer^ 394212
Property Manager^ 612112
Psychotherapist^ 272314
Real Estate Agent Principal^ 612113
Real Estate Agent^ 612114
Real Estate Agent Representative^ 612115
Ship’s Engineer 231212
Ship’s Master 231213
Ship’s Officer 231214
University Tutor^ 24211
A number of occupations have been added to the lists for certain visa programmes and some additional occupations have moved between the STSOL to the MLTSSL.
The Short-term Skilled Occupation List (STSOL) replaced the Consolidated Skilled Occupation List in April this year.

a few gems today, but no Big Brother links

http://www.nakedcapitalism.com/2017/07/links-7717.html
...
Largest Cryptocurrency Exchange Hacked! Over $1 Million Worth Bitcoin and Ether Stolen The Hacker News (Furzy Mouse). That’s not very much.

The smart money: are we on the cusp of a cashless society? FT

...[military-industrial drum-beating in the news]
New Cold War

The Undeniable Pattern Of Russian Hacking Moon of Alabama

Russians Are Said to Be Suspects in Nuclear Site Hackings Bloomberg. Sourcing: “current and former U.S. officials.” See above.

Here’s the public evidence that supports the idea that Russia interfered in the 2016 election WaPo

Under Trump, U.S.-Russian Relations Hit New Low Foreign Policy. The deck is rich: “Amid a new ‘Red Scare,’ officials fear any contact with Moscow.” Mission accomplished!

...[transportation security in the news]
To End Distracted Driving, MIT Figures Out How People Really Drive Wired (DL).


Bob PaddockJuly 7, 2017 7:41 AM

@Wael

"It's also not testable, I mean how could one test such a hypothesis?"

Tests of retrocausality have been going on in the field of Parapsychology for a long time. Successful tests.

Short version of one of the experiments: Students that studied a list of words after the test got better grades on the test.

See: Feeling the Future: Experimental Evidence for Anomalous Retroactive Influences on Cognition and Affect by Daryl J. Bem; Journal of Personality and Social Psychology, 100, 407-425, DOI: 10.1037/a0021524.

Abstract: "The term psi denotes anomalous processes of information or energy transfer that are currently unexplained in terms of known physical or biological mechanisms. Two variants of psi are precognition (conscious cognitive awareness) and premonition (affective apprehension) of a future event that could not otherwise be anticipated through any known inferential process. Precognition and premonition are themselves special cases of a more general phenomenon: the anomalous retroactive influence of some future event on an individual’s current responses, whether those responses are conscious or nonconscious, cognitive or affective. This article reports 9 experiments, involving more than 1,000 participants, that test for retroactive influence by “timereversing” well-established psychological effects so that the individual’s responses are obtained before the putatively causal stimulus events occur. Data are presented for 4 time-reversed effects: precognitive approach to erotic stimuli and precognitive avoidance of negative stimuli; retroactive priming; retroactive habituation; and retroactive facilitation of recall. All but one of the experiments yielded statistically significant results; and, across all 9 experiments, Stouffer’s z = 6.66, p = 1.34 × 10-11 with a mean effect size (d) of 0.22. The individual-difference variable of stimulus seeking, a component of extraversion, was significantly correlated with psi performance in 5 of the experiments, with participants who scored above the midpoint on a scale of stimulus seeking achieving a mean effect size of 0.43. Skepticism about psi, issues of replication, and theories of psi are also discussed."

It really comes down to Human Consciousness is what is putting frames of the Multiverse in a linear order. Linear order is not a requirement of Nature as Quantum Physics shows, which has ramifications in Quantum Computers as Clive mentions.

Other references from a paper of mine (none of which point to any of my sites):

2: Time and the Unconscious Mind by Julia Mossbridge: http://arxiv.org/abs/1503.01368

3: The Ongoing Search for the Neuronal Correlate of Consciousness by Wolf Singer: http://open-mind.net/papers/the-ongoing-search-for-the-neuronal-correlate-of-consciousness/at_download/paperPDF

4: Concetto R. Giuliano, Applications of Optical Phase Conjugation, Physics Today, vol. 34, no. 4, pp. 27-35, Apr. 1981.
[This involves apparent negative time (-t) to restore aberrant images. Also has applications in target tracking.]

5: Mysterious 'Neural Noise' Primes Brain for Peak Performance: http://www.rochester.edu/news/show.php?id=2683

6: Does 'Free Will' Stem From Brain Noise?: http://neurosciencenews.com/neural-activity-free-will-neuroscience-1089/

7: Strange Attractors that Govern Mammalian Brain Dynamics Shown by Trajectories of Electroencephalographic (EEG) Potential: http://sulcus.berkeley.edu/freemanwww/manuscripts/id1/88.html

8: Chaos in the Brain: https://plus.maths.org/content/chaos-brain

10: Computational capacity of the universe: http://arxiv.org/abs/quant-ph/0110141

11: Information and the Nature of Reality: From Physics to Metaphysics: http://www.amazon.com/Information-Nature-Reality-Physics-Metaphysics/dp/0521762251

12: Scientists Confirm That Reality is an Illusion Our 3D Universe Is A Hologram: http://www.youtube.com/embed/YGAo5uLCPio

13: Simulations back up theory that Universe is a hologram: http://www.nature.com/news/simulations-back-up-theory-that-universe-is-a-hologram-1.14328

14: Holographic Model of The Universe by Talbot: https://archive.org/details/HolographicModelOfTheUniverse

15: The Reality of Quantum Weirdness by Edward Frenkel in New York Times Sunday Review: http://www.nytimes.com/2015/02/22/opinion/sunday/the-reality-of-quantum-weirdness.html

16: Measurements on the reality of the wavefunction by Martin Ringbauer, Ben Duffus, Cyril Branciard, Eric G. Cavalcanti, Andrew G. White, Alessandro Fedrizzi: http://arxiv.org/abs/1412.6213

Dirk PraetJuly 7, 2017 8:11 AM

@ Rachel, @ Wael

imagine how long they'd last in one of Dirks pubs? ...

We actually have one of those there. He's a South-African Jew who kinda gets away with it because he's indiscriminately ticking off everyone but does it in a really funny way. There's something seriously surreal about a Jew taking the mick out of Muslims when half of the pub in fact are Muslims and everyone else is seriously on edge where things are going. We kinda got off on the wrong foot when first time we met he took me for a biker supporting the wrong football team, and I pretty much thought of him as a half-wit English hooligan with a very weird accent.

When the next weekend we were formally introduced to each other by the barkeep, he turned out to be a very intelligent entrepreneur whose multinational company had just embarked on an SAP implementation, and which I was only too happy to provide him some expert advice with.

Just to say that you can never judge by appearances, but unless there is more to @ianf than meets the read, I am indeed not entirely sure if he would last even half an hour at that particular place. Not that I didn't like his sense of humour and some of the comments he wrote, but they regularly got seriously irritating too, so I was not entirely surprised when he eventually got banned.

Clive RobinsonJuly 7, 2017 9:49 AM

@ JG4,

file under, "low-tech biowarfare in the news"

Ewe had to bring up the sheep poo, but the cyclists gave it more projection ;-)

WaelJuly 7, 2017 10:10 AM

@Clive Robinson, @tyr,

"There are more things in heaven and earth..."

There are more trees on earth than stars in the milky way... We don't know much about most things.

Thanks for the list, @Bob Paddock. Quite a few items to go through.

WaelJuly 7, 2017 10:21 AM

@Dirk Praet,

but they regularly got seriously irritating too, so I was not entirely surprised when he eventually got banned.

He wasn't banned. He was "Yellow-carded"!

Clive RobinsonJuly 7, 2017 10:25 AM

Microsoft laying off non US staff

There are reports from various places that MicroSoft is to lay off around 3000 staff,

http://www.zdnet.com/article/microsoft-to-lay-off-up-to-3000-employees/

Other reports say the job loses will hit non us staff in the likes of the UK in Reading.

It does not suprise me that MS are laying off sales and marketing people especially in the UK. They have other English speaking centers where importantly other European languages are spoken as "first language". In part it will be in responce to European Court Judgments and likewise Brexit, but it's been clear for a while that MS had rather more than expected sales and marketing types for a company of it's size and type.

That said in the past MicroSoft have told UK MPs they would pull out of the UK for various reasons, only some of which were business blackmail.

I guess we will have to "wait and see" what the outcome will actually be, but one thing is clear Brexit will not have helped, and other tech sector companies may consider the same thing. At the end of the day London is a nice place to live and it's time zone has been a usefull bridge, but that has to be balanced against business utility, and the current UK Political incumbents are sending out very clear messages they are distinctly lacking in what is needed. Thus the markets and multinational business are in effect thinking this is "a dogs dinner" and puting in place plans to leave the UK incase it becomes what they expect ie an unmitigating disaster.

Michalis VasiliouJuly 7, 2017 10:29 AM

“My father died at dawn, we are devastated, I’m sending you the details of the wake, I hope you can come, Oi, I mean Ai!”

Dirk PraetJuly 7, 2017 12:45 PM

@ Wael

He wasn't banned. He was "Yellow-carded"

Oops. My bad.

@ Bob Paddock, @ Wael

The term psi denotes anomalous processes of information or energy transfer that are currently unexplained in terms of known physical or biological mechanisms.

Free radicals ? Spooky action at a distance ?

Bob PaddockJuly 7, 2017 2:43 PM

@Dirk Praet

"Spooky action at a distance ?"

That is the closest to 'unknown' at the moment.

Our instrumentation only knows how to measure those things that we know how to measure. Doesn't mean other things do not exist...

tyrJuly 7, 2017 10:58 PM

@Wael. et al

"
The main purpose of this note is to call attention to a respect in which QM
is demonstrably different, under some assumptions about quantum ontology.
Under these assumptions, a simple (and, so far as I know, previously unnoticed)
argument shows that a time-symmetric ontology necessarily puts the properties
of a system prior to a measurement under the control of an experimenter who
chooses a setting for the measurement in question. Moreover, the argument
turns on a feature of QM always thought to constitute one of the fundamental
differences between classical and quantum physics, viz., the role in the latter of
the new kind of discreteness introduced by quantisation."

This is the original view. Taken from the Huw Price paper arXiv 1002.0906

It seems to me that it is equally likely that the system properties prior to
experiment force the experimenter to choose the settings via determinism.

I realize most are highly uncomfortable with the idea that they are not the
free agents in control of the universe they live in. In some circumstances
it appears that the human consciousness constructs its own version of what
it calls reality long after the action has passed it by on the way to the
future.

As I read these arguments they all revolve around the understanding of time
which also generates endless arguments and speculation. Once we have a firm
grasp of the nature of time the arguments for and against retro causality
will be solved.

If it turns out that knob settings are changing the past then the whole set
of assumptions we use for understanding the universe will have to be tossed
out and we'll be in an even greater unknown background than we are now.

@Clive

Digging this topic out of arXiv led down an
interesting White Rabbit hole with lots more
to read and ponder... : ^ )


WaelJuly 7, 2017 11:23 PM

@tyr,

Yes, time is the key. No time, no causality, or perhaps we'll need to define and understand a new version of causality. PQ-Causality. By the way, it's not the "speed of light": it's the "speed of causality". That's why "c" is the symbol used for what we call the speed of light. Mind-boogling stuff (or whatever is left of it.) And your mileage may vary.

The book you recommended covered some of those aspects. I highly recommend it too. I haven't had the time to finish the other books you recommended. But this one, I couldn't put it down.

PBK: ISBN-13 978-0-465-09294-9; ISBN-10 0-465-09294-2 eBook ISBN: 9780786737000
A WORLD WITHOUT TIME THE FORGOTTEN LEGACY OF Gödel AND Einstein | Palle Yourgrau |

I get the impression that you have a philosophy background. One thing that puzzles me: what do philosophy graduates do for work? Talk and argue for a living?

Wael July 8, 2017 12:02 AM

@tyr,

I get the impression that you have a philosophy background. One thing that puzzles me: what do philosophy graduates do for work? Talk and argue for a living?

Ouch! Words have betrayed me. I'm not saying you are a philosopher and therefore all you do is talk and argue.

I'll need to retire for a bit - spoke too much today.

RatioJuly 8, 2017 12:31 AM

@Wael,

[...] it's not the "speed of light": it's the "speed of causality". That's why "c" is the symbol used for what we call the speed of light.

Why is c the symbol for the speed of light? (In a word: celeritas.)

Didn't you bring up this some time ago? Can All the Natural Numbers be Summed? (or, does 1 + 2 + 3 + ... equal −1/12?) I had no idea what you were talking about at the time, and I don't remember the context now, but I'm pretty sure you mentioned it. Ring any bells?

WaelJuly 8, 2017 1:05 AM

@Ratio,

Why did you bring me out of my hibernation? There are many possibilities: Cosmic constant,... I prefer causality.

In a word: celeritas

In two letters: BS :)

I had no idea what you were talking about at the time, and I don't remember the context now

Yes it rings bells[1] -- I have not forgotten. And it's a wrong identity equivalent to acrobatics that schmucks love 1 = 0 or some trick of the sort. A lot of mathematicians have no common sense, especially when it comes to dealing with infinity, when they become "cutsie". Same applies to physicists and their wild BS string theory, M- theory and all this crap - there, I feel better now!

[1] Krauss used this stupid argument in his debate. Here: https://www.schneier.com/blog/archives/2016/07/decoded_by_mai_.html#c6733738

The last sentence of the above link.

I answered all your questions: you still haven't told me why the woman laughed. Does that ring any bells with you?

Count me out for a few days.

RatioJuly 9, 2017 8:39 PM

@Wael,

Why did you bring me out of my hibernation?

In my defense, I wasn't aware that I possessed such powers.

In two letters: BS :)

I thought you were talking about what the people that picked c more than a century ago thought it stood for. Of course we now know they were mistaken, but they did get the first letter right.

A lot of mathematicians have no common sense, especially when it comes to dealing with infinity [...]

Maybe that's because the common sense that, for example, tells you that summing an infinite series of numbers (to stay with the theme) may yield different results depending on the order of the terms turns out to be rather uncommon.

Krauss used this stupid argument in his debate.

Weird. I wouldn't expect him to do something like that. I'll try and find that video when I've got time to kill.

you still haven't told me why the woman laughed

Because she'd just seen Berlinski? Either that or because of some future joke about retrocausality.

WaelJuly 10, 2017 8:31 PM

@Ratio,

Because she'd just seen Berlinski? Either that or because of some future joke about retrocausality.

Berlinski was holding a pencil in his hand. When he started his speech, he apparently thought the pencil was a microphone and started talking to it. He then remembered it's a pencil, not a microphone and put down, There was (is) a subtle expression of confusion on his face that supports this analysis.

The woman caught on to it and probably said something like: he thinks the pencil is a microphone! Muhahaha. Or perhaps someone told her that, and she couldn't contain herself. Berlinski flipped her a few birdies during the speech. That's what methinks.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.