Schneier on Security

Clive Robinson • June 17, 2017 3:53 AM

@ Azrail,

The Guardian story is a little thin. There is a better Scientific America article I linked to (as well as the paper in Science) in last weeks squid page. I also highlighted the problems of QKD in optical fibre and limitations of satellite systems. But… I also noted I think that a space based QKD system will be viable quite a while before either Quantum Computing or Quantum Computing proof asymmetric / public key algorithms do.

However the real issue with QKD general uptake is the thorny “last mile” issue. It’s not practical for all but a few to have a satellite ground station capable of QKD, thus it will need to use fibre for the “last mile” to consumers etc. This requires “switches” for the Qbits to be sent to the end users. For such switches to be made we need a quantum repeater/regenerator, whilst we know it can be done it’s a complex technical/engineering issue that has yet to be solved in a sufficiently robust way to be put into commercial equipment and work reliably and simply with the minimum of maintenance.

Clive Robinson • June 17, 2017 12:17 PM

@ Who?,

Our choices are very few right now.

Which when you think about it for a few momemts is actually quite odd.

Think of the advances in hardware…

For about 1 US Dollar you can by a single chip from the likes of Micro Chip that outperforms PDP11s and MicroVaxes and similar very pricy mini-computers still in use through the 1980s.

Off the top of my head I think some one has ported an earlier version of BSD to run on it quite well, you just need some serial or equivalent terminals which are not exactly difficult to make with 5USD gumstick computer a serial to USB converter and a suitably large LCD. Or you could get an old Android smart phone and root it or trick it into giving you a Linux console.

Or you can have some kind of 200USD or well above windowing box with flashy but slow and very unreliable and insecure software “blue screening” or whatever on you every few hours, whilst making the wheel in your electricity meter visably spin…

Thus the problem appears to me atleast to be crap software from MegaCorps, pushing atbest alphaware and patches every few weeks that contain the Devil alone knows what in spyware, attack vectors etc just to make you a product…

Clive Robinson • June 18, 2017 11:01 PM

With regards,

I heard the lighthouse-vs-US-Navy story told as a joke in at least two languages.

It was also told as a “carrier group and admiral” story as well, which gives away the historic truth.

Before the Stevenson’s[1] started building lighthouses with stonr and considerable ingenuity. The treacherous[2] waters around England Scotland and other parts of the world claimed not just ships getting wrecked on rocks, reefs sand bars and similar, but the early lighthouses were likewise destroyed in storms. All of which caused a great loss of life, but at the time more significantly great financial cost, which was why “The Lords of the Admiralty” were looking to put in place reliable lights. And for those old enough to have navigated such waters at night the sight of a lighthouse from twenty or more nautical miles away was[3] a very very welcome sight.

One of the problems with navy’s of the past was the command chain and the addled by alcohol, scurvy and malnutrition heads at the top and a very unpleasent death or punishment for even the most minor of disobedience (look up “keel hauling” and the “cat of nine tails”).

Which in part caused the Scilly Disaster of October 22 1707, the worst sea disaster to have happened at the time.

Put simply a Royal Navy squadron was returning from Gibraltar under the flag of Admiral Cloudesley Shovell. As was common at the time they were “navigating from the lead boat” which was the Admiral’s flag vessel. The weather was heavily over cast and stormy. The Admiral had earlier in the day consulted with the captins and navigators to determin the consensus on the squadrons position. Which was that they were on a positional line with Ushant in France. Thus the Admiral set course from that point on the charts. Unfortunatly the consensus position was wrong and in the dark the Admiral’s smashed into the outlying rocks off the Isles of Scilly floundered and was lost as did three other ships. With the loss of the Admiral and atleast a thousand other seamen. One result from the public outcry over the devistating loss was that Parliament passed the 1714 “Longitude Act”. Which eventually gave rise to great advances in horology and a number of scandals, one of which involved the mutiny of a Royal Navy vessel on 28th April 1789 which sailed of to Pitcairn with the “Kendall Time Keeper Number Two” (K2). Which was a defective “rip off” of a Harrison time keeper. It was later sold to an American captin and found it’s way to Chillie and back to the UK and can now be seen in the clocks collection at the Royal Observatory part of the National Maritime Museum at Greenwich.

Oh the name of the lead mutineer and the vessal you might know as Lieutenant Fletcher Christian and His Majesty’s Armed Vessel (HMAV) Bounty, which was originaly built to carry coal… The adverse cultural effect the mutineers had on the remote Pitcairn islands is still felt even today. But officialy it’s the World’s smallest democracy (and one of the earliest of modern democracies to give women the vote).

[1] Yup same engineering family as built the railway engine “Rocket” and it’s train as well as bridges and other navigation ways.

[2] Oddly apt for a post about a shipping disaster in the waters south of England, the word “treacherous” is derived from the French for cheater.

[3] With modern “radio navigation” it was felt that lighthouses had become a needless expense, so they are being “Decommissioned”. But worse so are nearly all the terestrial RadNav systems such as Decca Navigator and LORAN-C. Leaving us with just satellite navigation systems that could “just be turnrd off at a flick of a switch” for “National Security” of just one or two states…

Clive Robinson • June 18, 2017 11:56 PM

@ Figureitout,

Really? Over what we have today? You can still do that, a lot of MCU datasheets give block diagrams of the hardware, plus do so much w/ computers today.

I miss the 70s and 80s as well, I guess you would have had to live through it to know why.

Back then it was the birth of the PC, it was a young, dynamic and rapidly growing field of endevor. BUT importantly it was still small and you could as an individual be able to grasp the entirety of the field of endevor. It was primarily hardware engineer led with a “can do” attitude. Every little circuit design got known and a new idea or trick (ok “hack”) went around the community quickly to every ones benifit. It was why Bill Gates “nasty little letter” was seen as so alien, so carping and like a spoild child having an unseemly tantrum in public much to it’s parent’s embarrassment.

Untill relatively recently “Home Brew” systems had died back to the Ham Radio types doing leading edge stuff with the latest and greatest chips from the likes of Analog Devices. Thankfully the “Maker” trend has caught on but two generations have missed out on the creative side of hardware hacking.

As you should know there is quite a “life outlook” point of view difference between hardware engineers and code cutters that can be traced back to Microsoft and its Foundation Class and other MS boon dongles…

MFC was a nightmare mish mash of cruddy code and it was a very unpleasent experience to work with. Rather than have a “share attitude” those who had struggled through getting a grip on one small thread of the MFC rats nest had a “my work, my secret my advantage” mentality. Which in turn gave rise to “secret sauce” solutions of hidden call points. Which some people alledge were Micro$hafts way of maintaining “in house advantage” over competitors. Either way those hidden call tricks have a lot to answer for and a marked responsibility for the mess of backwards compatability issues that have given us oh so many needless attack vectors.

Further those two generations of not having hardware hackers has alowed the proliferation of those anti-competative DRM systems. Which means that although you buy a computer you nolonger own it. You have an enforced “walled garden” with a “Think of the children” marketing message aluding to it being a more secure way… Well the crap in Google Play with all the malware and PII theft kind of tells you the lie of that message…

So yes I liked the 70’s and 80’s and the freedom it gave me to be creative and build a multifaceted career. And I hated the couple of decades from the mid 90’s onwards. Having to push back against those not just taking away those creative freedoms, but those who became like drug addicts just waiting for their next shiny box fix, that was apptly recognised and somewhat ridiculed by the “Apple fanboi” image.

But whilst I have an “out of my cold dead hand” mentality over the freedoms, I don’t see why it should imply giving up the other gains we have made in those two decades. I see it more as a drive or battle to get it out of walled gardens and regimented thinking and ordered behaviour, back into the hands of people where creative chaos brings not just freedom, but fun and joy, as well as a self confidence many lack these days. It’s called Heterosis[1] or Hybrid Vigour and it’s the only way to avoid the inevitable monatonic death march of inbreeding depression you get when you don’t have the freedom to tinker.

[1] Which shares some of the same roots as “hectic”.

Clive Robinson • June 19, 2017 4:26 AM

@ Systate,

I am still trying to understand your gardening path system approach.

It’s one of those ideas that we you get it you will think “That’s bl**dy obvious” but till then…

The idea is that the Internet is like the road/pavement infront of a house, all manner of people and things go past, some down right nasty. It would be pointless challenging/inspecting every single one. So you have a front garden with a gate beyween it and the road with a path with your front door seperating your home from the garden. The garden is a DMZ and the gate and front door the routers from different designers/manufactures. As in the case of a real garden where you would have a CCTV and motion detector to alert you to the presence of people and things in the garden, the DMZ has a computer behind a read only tap that instruments both directions of traffic looking for what should not be in the DMZ. If such traffic is found the instrumentation system either alters firewall rules or open circuits the data paths ate the routers. Impoetantly just like a well placed CCTV camera the instrumentation computer can not be seen by a potential intruder, and a recording is kept. That way if you do detect strange or odd behaviour especially on the egress side you have a record you can work backwards through to locate the original intrusion or in bound malware.

The main reason for the garden/DMZ is that it cuts the amount of traffic you have to monitor/investigate down. The reason that you use two different routers is it gives the attacker a harder job, if they only have an exploit for the outer / gate router but not the inner / door router then the attack does not make it into the internal network. But if an attacker has got through the first / gate router then the chances are their investigating the second / door router will create a visable indicator in the DMZ / garden recording / loging.

No it’s not perfect and it probably will not stop a higher end state level targeted attack, but it will in most cases limit damage and give you what might be called “actionable intelligence”.

Oh one other thing to consider is that do you realy need your home internal network connected to the internet either at all or all the time?

Personally I don’t have my intetnal network connected to the Internet and I don’t have it powered unless I’m physically present and using it. Not only does it save me one heck of a lot of problems it limits any harm the likes of Micro$haft flaws can do. My main reason for this originally is that I still have to support software I developed for MS-DOS 5 and later and Win 3.1 and later including NT 2000 and XP as well as some other non MS but earlyish OS’s etc (yes that includes an Apple product from the late 70’s).

If I realy need to get data off the network I have my own serial data diodes with active nodes that only allow certain “text only” protocols to be sent across them. Likewise another similar arrangement to get data on using a *nix box to do a much more thorough inspection of data.

When it comes to a more “rich” data content then it’s a little more interesting if the source is slightly trusted then image and sound get converted to uncompressed verions (WAV etc) and lightly filtered to remove artifacts before crossing more complex document file types get converted to either RTF or HTML and scripting of any form gets ripped out which is normally only an issue with spread sheets.

But for sources I definitely do not trust the mark one eyeball is used with a print out that then gets scaned back and OCR’d etc. It’s not normally a pain as it’s low volume stuff like academic papers that I would OCR for document searching anyway.

You could say I was patanoid, but the methods were as a result of doing work for others in the financial / legal industries where they have to show compliance to higher levels of security anyway to avoid “insider trading” etc.

The thing is one of the games big companies like to play is “begger my neighbor” to effectivly starve an opponent out. One such is “electronic discovery” which they use just to be awkward and make you pay large sums of money, and in the off chance there is a bit of juicy metadata you’ve not sanitized out.

I have a standard advice to people the first is,

1, Paper Paper never data.

Which strips out a lot of meta data even though you don’t know it’s there. It’s a case of “What you see they get, and what you don’t see they don’t get”. Thus is you print then scan as an image file that pesky file format metadata the likes of MS etc just loves to put in gets stripped. If you do this as an ongoing “standard practice” even a supprise raid is not going to give anyone any file metadata.

The second is about retention of documents sanitisation etc and covers all maner of inadvertant sins.

2, If it’s POLICY it’s not destruction of evidence.

In times past people kept “as little as was needed” in terms of business records, the rest got binned fairly promptly as it cost real money to store it in filing cabinets etc, not just the cabinets, and their floor space but the personnel in the form of “file clerks” and “librarians”.

In the UK at least Government Policy back in the 1980’s with regards to privatising what was once public organisations such as utilities gave rise to the massive use of electronic document systems. One inadvertent result was the “better safe than sorry” view that ment everything including “office love notes” got put into such systems. As it was later found just waiting for a little man with a writ or warrant to turn up and make every little secret a matter of “public record” via the “court record”. If you have a policy of not keeping garbage then you are never going to have to smell the stink it might generate. Make it policy and practice and police it properly and you are not going to have that millstone hanging around your neck, it will also save you money as well. Also remember to include backup tapes etc, and to partition your systems up so that you have static OS/Apps files in one place changing App metadata files in another and data files in another. This helps the sanitation process a lot. As does having “thin clients” and no user Internet connectivity. If you want to be nice put kiosk type machines in the coffee/cafeteria rooms, you pay for work not play, and “social networking” is the new “drug of the masses” for ego stroking. Your employees do not need “personal storage” where the policy would find it difficult to get at to do the garbage collection every week/month/quater/year.

The point is an emoloyees “desktop” should not be a “file cabinate” if they are not actively working on a documemt/file it should be in a central repository. This was the way it worked with real desks back in the 1970’s when office productivity was at it’s highest. Computers have not improved productivity in the slightest in this area in fact productivity in admin appears to decline decade by decade as office applications get more and more feature rich…

I could go on but then I’d be giving away those pearls of wisdom people pay money for 😉

Clive Robinson • June 19, 2017 5:24 AM

@ ALL,

NSA OSS Technology Transfer

As readers hopefully know, the NSA has two functions in life one of which is the protection of US systems. Under this they produce some intetesting Open Source Software. A list of which can be found at,

https://www.nsa.gov/what-we-do/research/technology-transfer/assets/files/oss_booklet.pdf

Which has URL’s in.

However this has poped up,

https://nationalsecurityagency.github.io/

Which is a very different URL to that in the PDF…

Any way there appears to be some interesting stuff in there. Of which “RedHawk” and “Simon and Speck” may be of interest to some here whilst others will be of interest to others.

Clive Robinson • June 21, 2017 7:38 AM

@ Bruce and the usual suspects,

I realy do not know what to make of this.

The Jaguar-Landrover car company –owned by Tata of India– is looking to recruite around 5000 staff of which ~1000 will be software and electronics bods.

So far so good but…

They are trying a new recruitment wrinkle, in that although the more traditional recruitment route is open, they are offering a fast track by way of a problem solving competition… The people behind it appear to be using it more as an experiment, but it could well be the way of the future,

https://www.nytimes.com/2017/06/19/business/jaguar-land-rover-app-puzzles.html