Friday Squid Blogging: Eyeball Collector Wants a Giant-Squid Eyeball

They're rare:

The one Dubielzig really wants is an eye from a giant squid, which has the biggest eye of any living animal -- it's the size of a dinner plate.

"But there are no intact specimens of giant squid eyes, only rotten specimens that have been beached," he says.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Posted on July 14, 2017 at 4:35 PM • 103 Comments


Ben A.July 14, 2017 4:41 PM

1Password [AgileBits] have betrayed their users yet again even though they have previously (and hypocritcally) accused their competitors of doing the same thing: forcing users to store their passwords in *their* cloud.

The company has a history of lies, deceit and disinformation. Only recently Tavis Ormandy unearthed a treasure trove of 1Password user data publicly accessible via Google search. They accused the respected Google staffer of lying so he published the data to prove they were being disingenuous towards their users.

1Password also uses wonky browser crypto which is so bad that their own security chief (Jeffrey Goldberg) doesn't even use it. Now Unix pioneer Matt Blaze and multiple other experts have criticised 1Password for removing the option for local storage in 1Password for Windows 6 (Mac users still have the option but its expected to be removed). The company says perpetual licensing works financially yet they still want to force everybody into their cloud, which has a monthly subscription.

There's a well-documented history of security incidents at 1Password including the discovery by Microsoft's Dale Myers that 1Password leaks metadata. On each occasion the company publishes their own blog rebuke and then claims the experts have "misunderstood" or "don't understand" before taking to Twitter and posting contradictory and patronising information. Their most recent blog post has been likened to a "car crash".

Decent password manager alternatives

"KeePass" has the most features, smartcard support and cross-platform apps including mobile. "Password Safe" is the most simple and has the fewest features which makes it the easiest to peer review (it was also developed by Bruce Schneier). "Password Store" is a command line platform manager which is just a wrapper around GPG - there are also community releases which provide a very basic GUI. All these applications are free and open source.

A largely self-contained and complete security proof for quantum key distribution

"...we focus on a class of prepare-and-measure protocols based on the Bennett-Brassard (BB84) protocol as well as a class of entanglement-based protocols similar to the Bennett-Brassard-Mermin (BBM92) protocol. We carefully formalize the different steps in these protocols, including randomization, measurement, parameter estimation, error correction and privacy amplification, allowing us to be mathematically precise throughout the security analysis."

Vault 7: new WikiLeaks dump details Android SMS snooping malware

"HighRise is an Android application designed for mobile devices running Android 4.0 to 4.3. It provides a redirector function for SMS messaging that could be used by a number of IOC tools that use SMS messages for communication between implants and listening posts. HighRise acts as a SMS proxy that provides greater separation between devices in the field (“targets”) and the listening post (LP) by proxying “incoming” and “outgoing” SMS messages to an internet LP. Highrise provides a communications channel between the HighRise field operator and the LP with a TLS/SSL secured internet communication."

US border agents: We won’t search data “located solely on remote servers”

"The recently published letter from CBP reiterated what federal officials have said before: electronic border searches are extremely rare, and the government claims the legal authority to compel assistance to open a device (including forcing someone to hand over their password). But it also distinguishes between data held on the phone and data held in the cloud."

€100 'typewriter' turns out to be €45,000 Enigma machine

"A cryptography professor wandering through a Romanian flea market has turned a nice ROI on his €100 investment: €45,000."

Uncle Sam says 'nyet' to Kaspersky amid fresh claims of Russian ties

Former GCHQ boss backs end-to-end encryption

Former GCHQ director Robert Hannigan has spoken out against building backdoors into end-to-end encryption and has suggested they should "target the target's device".

G20 calls for 'lawful and non-arbitrary access to available information' to fight terror

"Turnbull's speech singled out Whatsapp, Telegram and Signal, asking why they should “be able to establish end-to-end encryption in such a way that nobody, not the owners and not the courts, has the ability to find out what is being communicated”?"

Elliptic Curve Cryptography Tutorial

SQL injection attacks controlled using Telegram messaging app

Russians told to log in to Pornhub using verified social media accounts

Thieves Used Infrared to Pull Data from ATM ‘Insert Skimmers’

EULAlyzer - analyse licence agreements for interesting words and phrases.

Jonathan WilsonJuly 14, 2017 5:25 PM

The Australian government wants new laws forcing companies to provide access to encrypted messages:

When will governments realize that if you force companies to open their secure messaging systems to law enforcement and intelligence agencies (via backdoors or otherwise) the bad guys will stop using them and will use one of the many methods of communication that doesn't have a back door.

ThothJuly 14, 2017 7:00 PM

@Ben A, Markus Ottela, all

re: KeepassNFC (Keepass with smart card support)

Not everything put on smart card is secure if the card developer has no idea how to code securely. Just waving around the "oh it is supported with smart card and thus more secure" is such a big trip up and minus point.

Also, @Markus Ottela might want to note that the smart card technology for transmission is the NFC technology that so many people attempted and so many tripped and fell over it.

Myself and another smartcard developer on a smartcard forum decided to sit down and review the security of the KeepassNFC smart card feature and have come to conclude that KeepassNFC smart card support over NFC is detrimental to the security of Keepass.

Below is my review I noted down on a smart card forum a few months ago.

The security of the KeepassNFC applet is insufficient for NFC application and I would probably recommend that only standard ISO7816 contact channel be used and even if contact channels are used, it is still vastly insufficient in terms of security.

The reasons:
* Lack of PIN access and does not confirm when new card's RSA keypair is generated.

* Sloppy use of RSA to wrap keys instead of implementing a full secure channel protocol. The NFC channel facilitates interception by swapping out the NFC transmitted public key.

* Sloppy allocation and use of memory (not critical)

* No zeroizing of memory for critical memory areas that may hold cryptographic material (aes_key_temporary).

Conclusion. Use at own risk :) .

ThothJuly 14, 2017 7:09 PM

@Jonathan Wilson, all

That wouldn't work if the crypto and security is done open source by individuals that are living outside of Australian or 5Eyes jurisdiction ?

They could attempt to 'regulate appstores' for open source security apps but sideloading will definitely defeat those regulations. Also now that they have started a targetted campaign on big companies, people might want to consider not to use WhatsApp and so on for anything at least privacy related.

Jared HallJuly 14, 2017 11:23 PM

@Jonathan: "The Australian government wants new laws forcing companies to provide access to encrypted messages:" I don't read it the same way you do. For example, in the United States, ALL citizens and corporation have an obligation to assist Law Enforcement; provided that such assistance is reasonable - within the normal operations and capabilities of the individual or business. It's been like that, like, forever. Apple won its case because what the Government asked them to do was outside of Apple's normal business practices. Stuff the could do, like turn over the iCloud and Messaging data, they DID do. They won't crack messages they can't crack.

There was a great debate on this subject, sponsored by Intelligence Squared which I summarized on my own blog: The debate question was: “Should Tech Companies be Required to Assist Law Enforcement to Help Law Enforcement Execute Search Warrants to Access Customer Data?” When it came to encryption, it is obvious that it is needed to protect the safety of most individuals these days. Michael Chertoff, former Secretary of DHS, did a great job of summing the encryption debate up. If you are a forensic investigator, there will always be those cases where information to solve a crime just isn’t available. There will always be “Cold Cases”. As such, why promote a law that, at its best case, *might* help those “one-off” cases. That is NOT in the "Common Interest", but rather the “Uncommon Interest”.

So, are terrorists using encryption? Probably. If not encryption, then smoke signals, or Paul Revere's One Lamp or Two, HF Radio, Message in the Classified/Personal Ads, `Cap'n Crunch' Secret Decoder Ring?. How about good ol' fashioned couriers, as Bin Laden used. Sometimes, as Michael Chertoff also said, you've just got to put in the leg work. Not everything is easy.

I'd wait to see what the pinheads in the Australian Government come up with before passing judgement. But they should consider that an Aussie is far more likely to die from 1) Parachuting, 2) Being buried alive, 3) Hit by Lightning, 4) Drowning in a bathtub, and 5) Choking, than being killed by a terrorist. Those are cold, hard facts. Turnbull is justifying his meager existence on this planet by spreading fear to promote his agenda (whatever that may be). Since a "Terrorist" is defined by the feat they promote, Turnbull is, by definition, a terrorist himself.

Alas, there's very little distinction these days between a Politician and a Terrorist. They both want to screw you.

ab praeceptisJuly 15, 2017 12:22 AM


xxxcards (xxx ~ smart, proximity, vicinity, etc) never fail to amaze and amuse.

Just one example I find ridiculously obvious: One major attack type is differential power analysis - yet most smartcards in one way or another get their power from a potentially adversarial reader in the first place.

Or look at PIN'ed smartcards. Very similar problem.

Unrealistic? Considering how many ATMs run on windows (sometimes producing lovely blue screens) I don't consider the risk unrealistic, quite the contrary.

Next chapter: iso781x - what a joke. Those don't sound like seriously concerned about security but rather they look like the result of a wish and funny ideas list of the industry - usually with a nice "oh, we are soooo concerned about peoples security garment thrown on top; sometimes, however, the $$$ signs in their eyes are unmistakably obvious.

Frankly, the safety and security of the victi ... err, citizens and users seem to be the very least concern of theirs.

Password store with NFC? What for? Why not tatooing the keys right on the forehead? Haha

ThothJuly 15, 2017 1:23 AM

@ab praeceptis

The thing with smart cards are a building block for the security.

These days the cards are DPA and SPA resistant. Hardly the best idea to draw power from a potentially adversial host but that is where all their hardware based DPA and SPA resistant comes. Time would tell if these DPA and SPA resistance in hardware actually works well.

PIN entry from a likely compromised host machine (i.e. ATM) is a bad idea thus my push to introduce some sort of token based off smart cards with attached secure input and if possible secure display too. Air gapping (and probably EMSEC too) and accessing the smart card on non-Intel/AMD/ARM Cortex A chips (probably via ARM Cortex M like STM32) as a secure smart card reader and PINpad can be done.

The security standards are definitely insufficient and I am trying to introduce whatever I can to attempt to improve the situation bit by bit.

If the password storage is done properly, it can be a little more secure but still once the password ia decrypted and fed back to the host system, this is a huge vulnerability that little can be done except to move to asymmetric or symmetric keyed based authentication to replace password based authentication to network portals.

ab praeceptisJuly 15, 2017 2:12 AM


dpa (and hence spa, too) resistant? Says who? The manufacturers? The same manufacturerers that told us fairy tale after fairy tale during decades and who were far more concerned to open new markets and taint - or produce right way - ridiculous "security" standards?

Or think of all those remotely powered cards. They found the room for relatively fat copper bundles needed as antenna but the room for a tiny accu cell couldn't be found? Nope. The truth is that "remote powered" *sells well* and, to make it even better (for them) the readers can be sold at a higher price, too. And, just as an aside, those devices and cards open attractive possibilities for the spooks, too. A classical case of "everybody happy - except the citizen victims".

What angers me is that major parts of the security related industries act utterly unprofessional again and again and again.
Example: You wrote that you made an analysis of some "security" product. Oh well, congratulations, because chances are that you are the first one who did that and cared a damn at all. Looking at many "security" products and standards it become obvious that not only did they *not* sped, model, and design e.g. their protocols professionally but, to make it worse, they even lacked some common sense (like "our stuff is sensitive to power analysis, so let's at least not draw our power from potentially adversarial sources").

And I'm angry because I'm with you, I see the attractivity of tiny security devices, of "carry some protection with you" - but they clusterf*cked it and turned it into "funny ways to strip even the last bit of privacy and security you consumer and citizen herd have left".

To end with a funny note: php now has or is about to have a sodium crypto module and they already celebrate "php is secure now". But wait, it gets worse: they are actually planning to work on php sodium implementation!

I think it's about time to challenge the established axiom of homo sapiens being monotypical. It seems to me that it should be quite evident by now that homo sapiens comes in at least 2 variants, those with and those without a brain.

Clive RobinsonJuly 15, 2017 2:14 AM

Why Smart IoT might be dumb

For those who think IoT is a nightmare about to happen, it already has. Because the band waggon is rolling, there are no brakes and the people designing such things think they are the new masters of the universe, even though they have problems with shoe laces.

Many people joke about absent minded professors, but forget that Smart people can be very dumb and thus extraordinarily dangerous, especially when the mix two technologies together. In the Victorian era we had people putting gas jets directly under cast iron baths, so you could keep a bath hot for longer... We know this because they were getting patents on the idea. The modern equivalent is to add IoT to something just because you can.

But as has been observed on the odd occasion, there is more than one way to skin a cat...

Unfortunately some people are so smart they think they know how to not just add IoT but make the entire idea better. They might but history says they probably don't more than 90% of the time. Do you want that sort of person redesigning an entire safety system? Probably not... So would you buy an IoT Smoke Detector?

Somebody thought they could do it better and by the sound of this article they were so smart about it they were really quite dumb,

ab praeceptisJuly 15, 2017 2:17 AM


How can that down-underling prosecutor dare to say something like that?

Has he not been informed about the uk being oh so democratic and legal principles celebrating? Has he not been told that signal and whatsup are totally unbreakable and 105% bulletproof golden sticker giga sakkure?

Moreover: Did the ghcq spooks sleep or what? Wouldn't they be supposed to discreetly vanish network packets with such uttering?

Clive RobinsonJuly 15, 2017 3:34 AM

@ Thoth,

With regards the Australian AG, let's say he is not the brightest light bulb in a very very long and dingy tunnel.

What the article says is,

    Asked how Australia's proposed regime would allow local authorities to read messages sent with either WhatsApp or Signal, Brandis said “Last Wednesday I met with the chief cryptographer at GCHQ ... And he assured me that this was feasible.

And from that people are assuming the security apps crypto can be broken. It's actually unlikely the crypto has been broken. It's much more likely that GCHQ is doing an "end run" around the crypto and getting at the keyboard and screen IO which is plain text not cipher text.

But the point every one keeps missing is that in the main GCHQ is not as interested in "what" is being said but to "who" and "when". That is whilst SigInt agencies are interested in "content" they find "Traffic Analysis" much more important.

The simple fact is we know and have known for over a hundred years that there are crypto systems where it is not possible to get "meaningful" plain text from the cipher text. That is all messages of the same length are equiprobable. Further such systems can be used with pencil and paper by any one with a rudimentary education.

Such systems were deployed during WWII by the likes of SOE etc. But importantly did not stop agents getting caught or their plans foiled etc. The reason the Germans used direction finding and simple analysis to have a good idea as to what was happening when and where. Those working at Bletchly Park went on to take the ideas a lot further which gave us what we now regard as basic Traffic Analysis.

Traffic Analysis was considered so important in the 1980's by GCHQ and then UK Prime Minister Margaret Thatcher that she started highly personal vendettas against a number of people writing their memoirs that got even close to revealing the importance of Traffic Analysis.

Thus the security community needs to move on because,

1, We know that trying to stop "Crypto End Runs" is near impossible with modern consumer ICT equipment, the backdoors are already built in in both Intel and AMD CPUs and likewise others.

2, If we resolve the backdoor issue by extending the crypto end points beyond the comms end points the SigInt agencies will not be overly fussed. They will use Traffic Analysis and where required Parallel Construction for the LEO's and judicial process.

3, Civil communications currently does not use any anti traffic analysis technology, even though we know how to do it.

So I would not expect the likes of the current security applications to make any real difference to the success rate of convictions. The likes of the slightly smarter criminals will use other methods of communications as will terrorists. Thus the real loosers will be the ordinary civilians.

The solution from my point of view is to start making Parallel Construction fail. The starting point there is to start using anti Traffic Analysis techniques as standard. Whilst this is more difficult in the OpSec area, in the technical area it's no more difficult than some of the crypto techniques used in the current apps.

ThothJuly 15, 2017 5:08 AM

@Clive Robinson

My point of view in this article is that now an official record is made via public on-the-record that ICs and LEOs have the ability to break crypto protocols if they want to whether it be subverting the devices or some side-channel analysis.

We already know very well they are capable of doing so but the fact is there needs to be some sort of on-the-record official statement that they are not 'Going Dark' to simply put down the 'Going Dark' arguments that politicians and ICs/LEAs chiefs love to make to gain some sort of 'pity' from the public.

Now that the 'Going Dark' arguments is getting invalidate along with the releases of ICs hacking toolkits (i.e. Vault 7 by Wikileaks et. al.), I wonder what is the next argument they would attempt to use to backup their 'Going Dark' and mandating backdoors due to the fact that 'Going Dark' argument these days are not valid anymore.

The ability to solidly proof that 'Going Dark' argument have been invalidated in an official manner would allow no room for the argument for companies that supply encrypted E2E communications to put in backdoors or weaken encryption and thus one aspect of security which is the protocols themselves would not require anymore interference by legal demands for backdoors and weakened encryption. Once this layer is done, companies can focus on moving to the lower layers to fix them and work their way down.

The politicos, ICs and LEAs would definitely find for something else to complain about in order to facilitate their Parliaments and Congress (depending on the country) to pump more cash into their area and attract attention to them (for the additional budget to line their pockets).

Ben A.July 15, 2017 5:33 AM

@Thoth, @All

I don't personally use a smartcard with KeePass so I've not evaluated KeepassNFC.
I find that a key file + password is sufficient for my needs and it allows the database to be securely backed up to the cloud (encrypted again, just for added security) without fear of easy compromise.

If I were to go down the smartcard route I'd use something like the Mooltipass as it's a hardware based password manager which emulates a USB keyboard. It's still vulnerable to local attacks but that's not something a password manager can solve on it's own. It's less convenient but arguably more secure.

As you're probably aware there's a vulnerability that affects smartcards (CVE-2015-3298) which resulted in YubiKey replacing some of their devices. In Linux the Jackrabbit WebDAV bundle was susceptible to a XXE/XEE attack.

ThothJuly 15, 2017 5:51 AM

@Ben A

This is some logical applet code flaw and I am already aware of it as I myself maintain a fork of the OpenPGP applet too and I only use my own variant of the OpenPGP applet for my own cards that I hand load.

Indeed the keyboard is a problem when attempting to input PIN. In order to eradicate the problem of insecure PIN entry via some keyboard or host side screen graphical PINpads, I have went to the extend of allying myself to a hardware manufacturer for security tokens (containing smart card chips inside) and have been working with them closely on how to build an economical secure input system while not taxing on their production lines.

I cannot guarantee on the date of release of such device with secure entry built into the device itself as the datelines are rather unstable for now and will announce when I have managed to get a stable supply from my hardware manufacturer.

If you are interested in password manager features on a pocket sized security device, you can checkout the Ledger Nano S which is also a smart card chip within a hardware token with screen and 2 buttons attached to the hardware token as secure input and display. It has a plugin that can be downloaded into the device to use for hardware-based password maanger.

Note that Ledger company has nothing to do with me nor any of my products nor projects. I only recommend them because they are one of those who made it to a point where their devices are pretty secure by design and I am personally impressed with their success. They have a working production line of pretty secure hardware devices if you don't want to count the type of end run attacks which @Clive Robinson mentions (i.e. Electro-Magnetic emissions et. al.) and simply want something reasonably secure and better than whatever you see out there in the market currently.


Dirk PraetJuly 15, 2017 6:41 AM

@ Clive, @ Thoth

... And he assured me that this was feasible.

I bet they have been reading the blog of He-Who-Must-Not-Be-Named.

While several practical attacks are feasible (mandatory backdoors, end-point runs), I wonder if there isn't also an element of grandstanding here as to deliberately discourage folks from using known hard-to-crack apps.

Whatever approach taken, the one thing these people just don't seem to understand is that there is no such thing as NOBUS and that any sort of subversion sooner or later is found out about and subsequently released in Vault 7-type publications. Making everyone more insecure except for the actually competent terrorists and criminals that by now have reverted to pre-digital age COM- and OPSEC.

@ Ben A.

I find that a key file + password is sufficient for my needs and it allows the database to be securely backed up to the cloud (encrypted again, just for added security)

I take a similar approach, be it that the backup copy is stored on a private cloud managed and (at least in theory) accessible only by myself and Chuck Norris. Like most other regulars here, I do not recommend storing any sensitive data - especially userid/password combinations - in public Apple, Google, Microsoft, Dropbox or other PRISM inductee clouds. Even in encrypted form.

Plenty of poor-man solutions out there for those who know what they're doing, e.g. OwnCloud on a Raspberry Pi.

JG4July 15, 2017 7:47 AM

@Clive - Thanks for the article. Except for some modest technical errors, it is a brilliant piece of writing that pounds several important nails squarely on the head. Can you comment on how thick a combination of silicon steel and copper would be required to defeat side-channel attacks on a small card/computer? I found that one of the die-cast project boxes (1/8" ZnAl alloy?) did a fairly good job on the high frequences, using a 33 uH coil with ferrite core as the pickup, but it leaked at the seams unless I packed them with them with copper braid. I don't think that my pickup method works for lower frequencies, which probably have to be defeated with magnetic shielding. As usual, I like your comments about defeating traffic analysis and parallel construction. I think that could be accomplished by a broadcast system that you've suggested in the past, which requires only two secure endpoints per duplex channel and sufficient other traffic to obfuscate the messages. It would have very modest bandwidth. To make a related concept work for telephony, you'd probably have to have three secure nodes, being the two terminals and some kind of secure cloud switch that shuttles the data out of and into the continous noise streams sent to the cell phones. That would require enough users (10% of the public?) to obfuscate who was communicating with who. Defeating location detection for cell phones is harder.

@ab p. - Differential power analysis could be readily defeated with a modest low-pass filter on the board/card/etc. Side-channel question to Clive.

@Thoth - "tattoed on forehead" could be an allusion to "mark of the beast" is the beast empire? "on their forehead or on their hand" could be read as a metaphor for PIN number and credit card. remarkable that the Romans were perceived as wanting to insert government into every transaction by effectively licensing all buyers and sellers. that is precisely the point of "de-cashing" society, which is favored by government to be certain that they have hoovered up every bit of revenue, and by corporations to be certain that they have hoovered up every bit of data

@Ben A. - Thanks for the weekly news dump. Can you say a little about where you collect it?

A few links on NakedCapitalism contained interesting security snippets. The Big Brother category already was well covered by previous comments, so I skipped it. My comments precede each link.

ludicrous that the count has taken this long. the first approximation could be measured by looking at bank deposits before and after "de-cashing" the big winner was Visa. coverage of the decashing genocide on the poor and old has been well-covered at NakedCapitalism. when the bribes are revealed, both the politicians and corporations could be liable for damages to the families of those who died in the disruption

interesting analogy to the quandary over healthcare data
How to publish sensitive data
However, sensitive data are flagged during the early stages of the publishing process. The data are then secured in one of three ways:
masking sensitive information by giving only approximate locations or non-specific species names
making data available only after approval by the legal owners
embargoing the data for a maximum of two years.
...[not quite "the mice voted to bell the cat," but how do you pay poachers? isn't that the incentive they want?]
In tackling poaching, we should perhaps seek to motivate poachers to help protect our most endangered wildlife. Such tactics are thought by some to have contributed to the discovery of several endangered bird species populations, and potentially the recent rediscovery of the night parrot, after a century of elusiveness in Australia.

apparently, many commenters here have been confused in thinking that privacy is a fundamental human right
In the small print accompanying the draft legislation it launched in January, it pointed out that privacy and anonymity do not constitute “fundamental” human rights.
...[oh, by the way, we'll need to brainwash you about why we are doing this]
A targeted outreach program is needed to alleviate suspicions related to de-cashing; in particular, that by de-cashing the authorities are trying to control all aspects of peoples’ lives, including their use of money, or push personal savings into banks.

this is a good litmus test for libertarians. who is in the right here, the mother or the State?

slime is a metaphor for lies, often told by politicians, especially when stressed
...[the wheels of their mind got coated with Karl Rove's memes]
The wheels of some of their trucks got coated with the slime that hagfish produce when agitated.

Ben A.July 15, 2017 8:12 AM


I'd seen the Ledger Nano. It's certainly a nice device and better than its predecessor which didn't have an integrated display.

Generally I find it more convenient for a software password manager (notwithstanding their flaws) because of the convenience of auto-fill and there being no need to carry additional hardware. For this model to work I need to be reasonably satisfied that my OS is as secure as possible with current constraints.

That being said I do use a crypto ignition key to access my personal systems with a password to unlock the other part of the key which is on the TPM.

I'm aware of your efforts towards the system you've described: from your comments on here and your blog postings. I'd be interested in seeing it once released although one of the main problems with such a device is secure shipping because of the potential for postal interception.

@Dirk Praet

Secure apps

I'm always concerned when I read the comments of government officials who purport to be able to crack certain encryption products.

Signal is well designed and understood by those who matter, i.e. in a position to subject it to rigorous academic scrutiny.

Some will dislike me calling it "secure" but for most consumers it is and it removes common methods such as SS7 and trivial exchange-level interception.

Signal communications can still be intercepted by targeting either device but that takes time, money and (on iOS at least) the risk of using a zero-day. It means that only high-value targets will be the subject of interception and by raising the cost/risk of intercepting communications it reduces dragnet surveillance.

I remember reading an article about a secure messaging app (I can't recall it's name at the moment) which had a universally known backdoor. A police chief told the media that 'these apps are awful because the criminals will start using [name of the app] knowing that we can't listen in'. He must have known that they have access to that the police can access that particular app by contacting the developer but I suggest that his press statement was calculated to get the uninformed criminal to move to this app. A classic honeypot.

Apps like Signal are difficult to intercept and that's why some government officials like to spread FUD so that the more secure app is incorrectly perceived to be insecure and therefore not used so much.

Cloud storage

Nextcloud is the successor to OwnCloud, many of the developers moved from OwnCloud after it became a more commercial entity.

I'm not too keen on either solution as there's missing functionality, it's tricky to configure securely and the server encryption is redundant if the server is seized whilst switched on. I agree it's a better option than Google Drive although if somebody uses reputable encryption software prior to uploading to Google Drive then it's better than having no backup at all.

There's a pretty GUI for KeePass called KeeWeb which can be hosted in your own cloud (or a commercial cloud if you're prepared to take the risk) and other people have told me it works very well. It uses the KeePass database format [KDBX] and requires little configuration.

If you're going to use a configuration like this then my advice would be to use a self-signed certificate to access the website over SSL and then set your mobile to trust the certificate thumbprint.

ThothJuly 15, 2017 8:12 AM


re: PINpad card readers

I have contemplated on using one of these but those firmware are proprietary and rigid. If my applet codes do not use the protocol these PINpad readers understand, then there is no point either.

I did consider approaching a hardware manufacturer to customize the firmware of these PINpad readers but the problem is who would buy it ? It wouldn't make a solid business model and thus I skipped this idea.

@Dirk Praet

They would have been reading this blog and would have stolen ideas anyway. Not surprised.

They do understand the difficulty of backdoor implementations and thus none of these agencies that are known to have the brightest minds in the entire world dare come out into the open and present sound and proven techniques. Have we heard from NSA, GCHQ et. al. on proven and sound escrow and backdoor techniques that can guarantee that abuse is highly unlikely ? None of them ever did that and none would ever do that anyway. They know it is impossible to do it to a degree where everyone would be willing to use such methods and techniques in the name of 'National Security' because NOBUS methods that are sound, proven and acceptable by everyone doesn't exist. Some might imply that they have some schemes but nobody is going to use it willingly and thus the acceptability factor fails immediately.

These politicos, ICs, LEAs and Agencies are simply making noise and primarily it helps with their campaigns and missions by making them look as though they are trying and also to bring more attention to their organisations and attract fundings.


The time of making electronic transactions favourable and analog cash based transactions unfavourable is already here. One good example is transport ticketing. The cost of boarding a bus without contactless cards is way more expensive than with contactless cards in my country. Not sure of the situation in other countries though. the Mark of the Beast will stay on forever until people realize that not everything needs to be done electronically and the need for controlling their own assets and not leaving them with some financial institution.

FigureitoutJuly 15, 2017 8:23 AM

accessing the smart card on non-Intel/AMD/ARM Cortex A chips
--All you need hardware-wise is:
•One PWM Output or one Reference Clock Output
•One Timer
•Six I/O pins

You could do a real constrained PIC w/ that. Save the 32-bit ARM chips for more heavy-duty crypto, interfacing w/ cards should be as minimal as possible eh?

ThothJuly 15, 2017 8:54 AM


Yes it is possible. Indeed the interfacing with smart cards should be kept as minimal as possible in typical scenarios where the requirement is a 'dumb reader' that has no PINpad functions and no display functions. It simply encodes the logical APDU data transport into physical transport and send them to the card.

If the requirement is to have some sort of attached screen (OLED screen) and a couple of buttons as PINpad, it will be more complex and this is where the ARM chip comes in.

The main problem is not with 'dumb card access' but with what to do with PIN entry or some form of secure entry directly into the card where more complex procedures are required.

Cell Phone Addiction & The Russia TimelineJuly 15, 2017 9:01 AM

It is simply amazing how naive people can be. When you speak to them of continuous ‘smart’ phone eavesdropping, they turn a deaf ear. So dependent many become angry when told their own data can and will be used against them. (These pitfalls are independent of mental health issues of social media).

The fact is Russian communications are closely monitored using advanced techniques. The meeting between the Russians and the Trump campaign at the Trump Tower was, without a doubt, bugged under broad-scope, secret FISA order. USA Intelligence gathered EVERYTHING last summer in real-time.
They have continuously played their cards close and leaked just enough to trick amateurs like Donald Jr into not telling the truth.

When Will They Ever Learn?
Go months ahead and the POTUS was still using an unsecured cellphone as he dined with the Japanese Head-of-State. The North Koreans knew just the right time to launch and cause embarrassment.

In the ultimate irony, the Trump family of advisors wants to increase mass surveillance powers without realizing they themselves have been primary targets.

In contrast the Obama administration employed scores of Google technical experts. Acutely aware of the eavesdropping they guided the White House on what NOT to do.

They Get It
Look at all the photos of American technology leaders in Idaho. Unlike average citizens notice the lack of cell-phones glued to their hands.

Ergo SumJuly 15, 2017 9:04 AM


So would you buy an IoT Smoke Detector?

I wouldn't, the $10 smoke detector works just fine for me...

My programmable thermostats are about 25-30 years old and they have been serving me well. And no, I don't own any devices with IoT...

The problem in the US is that it had became hard for getting an appliance/device without IoT capabilities. I've recently purchased a wash machine and a fridge and in both cases, opted for the lesser evil. Instead of IoT, both of them have NFC that has limited range. In addition, it is up to me to get the apps for the device with NFC capabilities. It's good option to have for troubleshooting purposes and may consider installing the app then...

Ben A.July 15, 2017 9:19 AM


"Can you say a little about where you collect it?"

From those sites :)

I read a number of blogs and keep any links of particular interest.

Some are less interesting than others but the diversity of stories/topics I post tends to reflect the readership of this site and make for interesting reading (and awareness for those less security savvy).

EarthlingJuly 15, 2017 9:31 AM

America, the Freest and Most Special Country in the History of the World, remains the only in the whole world with De Jure, or legalized slavery. Other countries may have De Facto slavery, but the USA has over 6 million actual slaves right now under government supervision. The over 2 million of them in prisons constitute the largest work force in the USA, bigger by far than Walmart at number 2 with only 1.3 million employees.

They keep wages down, in the land of the Free.

Only slaves vote. Why do slaves need a party? The voting class has given us 100% of the war, 100% of the inequality, 100% of the misery that the poor suffer daily. The voting class to a man and woman love the rich with all their heart and desperately want to give all their personal sovereignty to the rich and surrender their personal souls.

Public education has given us a nation of zombies. Most Americans have learned to love evil and to hate good. To worship war and to abhor peace. To see the poor as the enemy as the billionaires as good. The voting class every 4 years votes to have someone else save them. From what?

We live in a world run by psychopaths. The NYT and Washington Post call this a scandal, but 100 years of perpetual war doesn't seem to bother the elites. Not just war, but inequality, massive corruption in every administration, theft by the rich against the rest of us, etc. That doesn't seem to raise eyebrows.

Trump = Clinton = Obama = W, etc. The elites play the sheep. Read this quote from Carroll Quigley, a truthful supporter of the elites:

“The argument that the two parties should represent opposed ideals and policies... is a foolish idea. Instead, the two parties should be almost identical, so that the American people can throw the rascals out at any election without leading to any profound or extensive shifts in policy. Then it should be possible to replace it, every four years if necessary, by the other party which will be none of these things but will still pursue, with new vigor, approximately the same basic policies.”

The conservatives threw the liberal rascals out and put their rascals in. The liberal rascals want back in, but it will take them years.

Divide and conquer. Set up the false dichotomies of left and right, big gender and little gender, and the rich rule for ever. The voting class keeps the rest of the world enslaved because of their love of the plutocracy.

FigureitoutJuly 15, 2017 9:43 AM

--Just seems like introducing more risk than is necessary w/ the 32-bit monsters (they'll have more stuff you won't ever need and if they have some kind of "event system" it may have the means to communicate directly between peripherals outside of CPU's knowledge or control...sounds like a system attackers would want eh?). What characters are required for pin? A hex-keypad has been implemented a million times on small MCU's. Or 10 capacitive touch pads could be placed on a small board. What protocol does the OLED IC take? Looks like SPI. You could separate the display by using a data diode off the main controller sending data to be displayed (the serial ones I do only take one pin...). That would mostly rule out OLED IC's that you most likely won't inspect much. Makes for a more modular and isolated design too imho.

I understand if you're trying to sell to people that need flashy bells and whistles. Just having a serial port off the dumb card reader that displays what's happening would suffice customers like me (along w/ code, build instructions, and schematics).

Robert in San DiegoJuly 15, 2017 9:59 AM

The US Postal Service is getting value for customers out of a measure they take for operational and security functions: Imagery of the mail. They do this as part of sorting, and also post0Unabomber and Anthrax so they can have more information for mailed bombs and other matters worthy of criminal investigation (don't know the name of that program). Now they're making it a customer service product!


What is My USPS™?
My USPS™ is a dashboard that displays your incoming USPS domestic packages in a central location to view status information and manage your packages. You can check the status of your packages at any time from a computer or web-enabled device.
END quote.

Aside: Once had to refund a customer because the flower delivery was via FedEx, and the intended recipient spotted the incoming delivery on FedEx notifications, "ruining the surprise."

Just SayinJuly 15, 2017 10:05 AM

I recently bought a Hikvision IP camera. Upon setup the router log showed connection attempts from all over the world directly to the assigned LAN address of the cam suggesting the camera itself was broadcasting setup data.

Indeed, one of the connections from China was attempting control via an IoT controller app on port 4369 called SnapLink from HAI. All this started to happen very soon after the cam was plugged in.

Other connections included from Mongolia, Israel, USA of course, Russia, Ireland, Italy, UK. Seemed to be a mix of ads, trackers and govt. agencies.

I used the router app to deny the camera access to the WAN via the LAN address. It seems to work.

It was pretty shocking how fast it all started and that somehow setup data was broadcast all over the world.

(Can't figure out why this was blocked....sorry if I violated the rules.)

2 hops to Khalida JarrarJuly 15, 2017 10:56 AM

@Nobody, the actual leakers of the Verizon customers' personal information was Israeli firm Nice Systems, an 8200 proprietary. The screwup provides deniability for Israeli state surveillance and repression of US nationals.

FaradayStraightJacketJuly 15, 2017 10:57 AM

I have to comment on Kaspersky. I find their Virginia office amusing. They quickly point out state-sponsored malware and clearly have an external viewpoint on what goes on in the US. Why would they ever assume the government sector would use them for anything? Especially since all of this post-JFK communist fear that the liberal media frenzy on.

You can not repair relations until you attempt to repair relations.

I would like to take the time to remind people of the US govt's sick NBC warfare history and shadow government. It makes the news outlets look hypocritical with controlled propaganda. I understand the Ukraine, but I watched Obama sit there and do jack because we are comping Roscosmos for the ISS upburn. Russia can not build OPSEK fast enough. The Mid-East and Syria? Are you joking? I get tired of the fog machine.

HermanJuly 16, 2017 1:01 AM

Hmmm, is a giant squid eye even a ball, or is it a flat compound structure? I guess that is why this guy would love to look at a fresh one.

The huge eyes may make it very uncomfortable for a squid to come to the surface in sunlight, so their eyes may be confining them to the depths.

RachelJuly 16, 2017 5:19 AM

@ Clive
@ JG4

yeS the gekk article about the idiot of things smoke detector is great indeed. Well articulated truths over and over, too many to name.
I kept thinking ' I hope this continues to spread' and 'I hope Bruce and his influential peers link to it'
The opening assertion may sound obvious but really struck me as startingly in its elegance, and perhaps as a benchmark in contrast to most of what we work with:
'the smoke detector works! It's robust, its close to finished tech.'

JG4July 16, 2017 6:29 AM

My comments yesterday might have been interpreted as being an anti-Republican troll. Just for the record, in case I haven't said it recently enough or often enough. I am an equal opportunity hater. The democrats and republicans share roughly equal responsibility for the destruction of the US and the world. I think just as poorly of Hillary Clinton as I do Karl Rove. And not much better of Bill Clinton and Bush Jr. Still not sure what to think of Trump, but I haven't bought into the Russian trolling. That may be a sideshow to distract attention from the continuing corporate takeover.
Police State Watch

Outrageous Massachusetts Drug Bill Would Send You to Prison and Steal Your Car—No Drugs Needed AlterNet

Big Brother IS Watching You Watch

Can the Tech Giants Be Stopped? WSJ. Debated whether this fits better here, or under Class Warfare.

Don’t pin your hopes on Facebook, Google, and other massive tech companies to keep the internet a level playing field — here’s why Business Insider

Kill Me Now

How Bill Clinton and George W. Bush got over their politics and became BFFs WaPo

Suppose the Trump show runs and runs The Economist. If you thought nothing could be worse than election 2016, stay tuned….

Clive RobinsonJuly 16, 2017 6:32 AM

Scary Comming to a Phone near you

It appears that in Turky the President has decided to hijack the phone service for political propaganda,

Whilst this has been possible for years it's the first time it's been done like this (as far as I'm aware).

As some commenters have noted, it's surprising that telco's have not sold of this pre-call period for advertising, which also gives the telco the opportunity to make you pay for it in the first "billable minute" con.

The question then arises as to bespoke audio used not just for propaganda but also "mood setting" and other audio tricks. Such as bypassing the normal speech processing in the brain, thus hit in at a much lower level. Kind of like when we hear a baby scream, it goes down deep and provokes reactions that long predate speech. Similarly those noises that cause "cold shivers" and that low growling that can make you climb a tree faster than you know you are doing it.

Psychoacoustics is still a young science in the public arena, but it's the sort of thing the Mil/Int community has looked at in the past for "Non lethal weapons" and as non chemical agent wide area debilitants for crowd control and the like. Thus they may have a five to twenty year lead on the public research arena.

If doubtfull of the mood changing abilities ask anyone with tinnitus or similar how background environmental noise in busy places causes them problems.

65535July 16, 2017 6:35 AM

@ Ben A.


This is an interesting idea. Most of my customers never read EULA’s because of their confusing legalese which can sometimes contradict certain, “ownership” and “sharing” agreements within said EULA. Further, EULA might be a set of linking documents… cough Giggle… or Alphabet. These intertwined services and EULAs tend to leave the customer at the company’s mercy.

I have down loaded the app and I check it out.

@ Ben A., Jonathan Wilson, Clive, Thoth And other contributors.

‘Australian prime minister Malcolm Turnbull, [and Brandis, AG Australia…effectively wants to backdoor all encryption for the never ending War On Terror and War On Drugs” …and so on –ed]’

My first impression was Turnbull and Brandis simply are trying to make a legal “precedent” while riding on the coat-tails of the UK's Snooper’s Charter [which I have been keeping tract of in this site].

By getting Australia on board with the UK two of the Five eyes would possible have the power to lobby the rest of the Five-eyes and construct a Precedent for all of the Five eyes causing them to revive the crypo wars of clipper chip and anger citizens – which would be bad.

There is a huge lobbying effort both in government and the “free-press” to spin this back-door crypto war into a non-intrusive, non-fishing trip and pro-law enforcement event. Even Snoops site have gotten in on this matter.

This backdoor plan is dangerous on several fronts including loss of confidential data and privacy. This backdoor stuff is rubbish. The need for encryption and private communication is very necessary in a democracy.

Ben A. who hinted at the idea the government naming Signal, WhatsApp, Telegram may be a red herring – meaning they are already backdoored – could be correct.

Brandis may be laying a trap for those who use it – or possibly to scare people from using it.

I still feel it is a San Bernardino shooting v. Apple encryption attempt at a new precedent – but on a world wide scale. That is an ugly thought.

@Thoth, ab praeceptis, Clive, Dirk and others,

Your Smart Card, NFC security, DPA - SPA, discussion is quite helpful to me. I will say I mostly do repair, maintain, and fix networking problems with small business customers so I have to do more research to understand your pro’s and con’s of securing a Smart Card.

@ Clive and others,

I do basically agree with your stance on not using IoT in the home. It’s a huge attack surface area. I do not see how it can be secured properly. No, I would not trust the Cloud for any type of sensitive data storage – maybe for useless games and junk but that is all.

I have a vexing question about the NSA using Traffic shaping to route packets to another country to capture for domestic spying.

I did read Bruce’s thread about the NSA’s traffic shaping ploy to do upstream full takes of USA citizens – which is probably illegal and definitely unethical but, there must be an intersection between the cost of traffic shaping or 'passing the packets around the world' and the submarine cable companies and tangential telephone carrier’s and other’s costs.

Who gets saddled with the additional costs of routing packets around the world?

It's not optimal and doubtfully cost effective.

Is it the customer? Is it the NSA who then passes it off to the tax payer?

Who pays for this extra routing and submarine costs?

Next, is there an actual bandwidth cost or non-cost [over capacity in the Submarine Cable] in the industry?

From what I can see there seems to be “over capacity or dark fiber” throughout the submarine cable industry. This over capacity could be at 40 percent or more – but I cannot definitively conclude the situation.

Here is an exchange on Quora blog:

“Tony Li, Internet Geek: Effectively 100%. That's to say that by the time a cable is put in service, all of the capacity on it has been sold, leased, or otherwise allocated. And it's true that network traffic is definitely bursty, so there may be inter-packet gaps, but it would be difficult to make further use of the capacity.”

“Simon Parry: ...The upper limit to capacity on fibre optics cables is the Shannon Limit. So for a particular design of submarine cable, you are looking at somewhere between 10 and 30 TBit/s of capacity. (This is based on C-band EDFAs/Raman amplifiers, laid at submarine type spacing). Most of the terminal equipment fitted over the past decade is not capable of anything like this capacity. A few years ago 32 x 10Gbit/s would have been seen as impressive. (about 1% of the Shannon Limit)…five years ago there was a step change in technology when coherent modulation based systems became available from the likes of Ciena, Infinera and Alcatel-Lucent. That has allowed existing submarine cables to be upgraded with new terminal equipment using 50Gbit/s (across the Pacific) or even 100Gbit/s (across the Atlantic). So now we are at 10-20% of the Shannon Limit.New signal processing techniques, flexgrid technologies and so on will probably allow us to get near 50% of the Shannon Limit…Tony Li's point, the new terminals are only installed when the capacity has been sold, so there are rarely any spare wavelengths on a system [But, the actual dark fiber is still probably is unused –ed].”

“Balakishnan Vasudevan, 3 years as a Telecommunications Engineer for Eric: …There are more than 333 submarine cable systems worldwide. Installation and repair of these systems is costly and when companies plan such networks, they make sure to adequately provision enough cables so that they can support traffic demands for the next few years. Every submarine cable system has enough dark or unlit fiber cables, which are lit up when there is a surge in traffic….[Which seems to indicate there is a lot of dark fiber –ed]”

See Quora:

[The above seem to show there is a cost to light the dark fiber but how much cost is unclear]

Here is a review of the submarine cable industry in 2014 which looks rather uninspiring via Terabit Consulting:

"The transatlantic market, which continues to be viewed by some observers as a valuable indicator of the industry’s overall health, has been among the slowest to recover from the overinvestment and financial distress of the early-2000s. The upgradability of older transatlantic systems with 100G, as well as the competitiveness of the transatlantic market place and correspondingly low prices of capacity, have allowed major telecommunications operators on both sides of the Atlantic to comfortably lease and purchase capacity rather than invest in new infrastructure – a preference for “buying” rather than “building.” Nevertheless, after more than a decade without any new transatlantic cable systems, new projects seem to be finally gaining traction…the Pacific, meanwhile, bandwidth prices have remained comparatively high, and longer distances have posed technical challenges to the full implementation of 100G upgrades in older systems.… demand in major Asian markets is exceeding expectations, three new transpacific systems have entered service within the last six years, significantly improving connectivity to China and Southeast Asia. Three major consortium projects – the New Cross Pacific cable, Faster, and SEA-US – are in the advanced stages of planning, and the two latter systems awarded supply contracts in Cloud Xchange, Microsoft, and NTT are each reportedly considering major investments in new transpacific infrastructure. In Latin America, growth in capacity demand is among the highest of any region, yet capacity prices have remained stubbornly high. The region is unique because of its strong integration with North American Internet infrastructure and web content, with Miami serving as a hub for much of the region’s international demand, and US web properties such as Google, Facebook, Microsoft, and Yahoo among the leaders in the number of Latin American visitors...[which sounds good until you read the actual table at the bottom of page 10 or 11 of the pdf]

"…Table 1: Activated Capacity on Major Undersea Routes (Tbps), 2007-2013 [Shows relatively low capacity usage of Transatlantic cable of 25% and a high of 54% Sub-Saharan African Intercontental usage and Global Transoceanic Bandwidth useage in Tbps of 36% -ed]" -Terabit Consulting

See page 10-11 for Global Transoceanic Bandwidth in Tbps chart 2013:

Is there excess capacity of submarine cable world wide? If not, who pays the cost of routing packets around the word for spy agencies?

If there is a large cost to a USA company it should show in their SEC financial filings such as 10K or Q1-Q4 reports. If the NSA pays it maybe difficult to find in the “black budget” but it is in some budget - somewhere.

Confirmation of improper and excessive misuse of taxpayer funds my shed light on the spy game of routing packets around the world. It could even help curtail this costly and unethical practice if brought public. What do you say?

Subway GhostJuly 16, 2017 8:24 AM

Sam Wheat: How long have you been here?
Subway Ghost: Since they pushed me.
Sam Wheat: Someone pushed you?
Subway Ghost: Yeah, someone pushed me.
Sam Wheat: Who?
Subway Ghost: What, you don't believe me? You think I fell? You think I jumped? Well, f.u.c.k you! It wasn't my time! I wasn't supposed to go! I'm not supposed to be here!

CIA Flips you the BERDJuly 16, 2017 10:04 AM

Fun with Vault 7: UK Court testimony establishes that EBRD is an asset of CIA/MI5

Turns out you can match the very precise tailoring of CCI espionage to specific bribery/blackmail attacks on Russian organizations. CIA is defrauding EBRD's European sharholders to deplete the bank's assets for unlawful coercive interference. Even with victim data redacted, JQIMPROVISE sabotage evidence corellates closely with specific vilification attacks supporting CIA's common plan and conspiracy for war with Russia.

Good job, CIA! Wreck another NGO holding NATO together with spit and string.

controversial- who's more dangerousJuly 16, 2017 3:01 PM

"The democrats and republicans share roughly equal responsibility for the destruction of the US and the world."
Yes, but
A)From "Tomato-Plant Security"
"From "Naomi Klein: Trump is the First Fully Commercialized Global Brand to Serve as U.S. President"

"the business model that has been adopted by the Trump Organization is really not one that existed before the 1990s. It is what I called in my first book, No Logo, the hollow brand model, right? And the model comes out of the fact that in the—so, the original history of branding is you have a product—you know, maybe it was rice, maybe it was beans, maybe it was shoes—you’re a manufacturer first, but you want people to buy your product, so you brand it. You put a logo on it. You identify it with, you know, some sort of iconic image, like Uncle Ben’s or whatever it is, right? You give it a kind of personality.

That stopped working in the 1980s. Customers got savvy to it. I had—probably the most requoted quote of mine in No Logo is from an advertising executive who said, "Consumers are like roaches. You spray them and spray them, and they become immune after a while.""

B) peripherally relevant:
"Had the Qataris known where things were heading diplomatically, said the source in the region, they’d have happily ponied up the money, even knowing that it was a losing investment. “It would have been much cheaper,” he said.""

C) In addition, didn't Bernie say recently something like it wasn't the Russians, the Democrats lost the presidential election.

C2) Who has more money and billionaires' support- Democrats or Republicans? I recall Hillary complaining recently that the DNC was relatively worthless in suppporting her campaign.

C3) People who might want to be rich might be dumb enough to buy into "trickle-down" economics or money trickles down from Nelson Rockefeller to Nelson Rockefeller, Jr.. Or from Donald Trump to Donald Trump, Jr. I was that dumb once. Don't previous proponents of the "Laffer curve" call it the "Laughter curve". Stockman?

D) also Noam Chomsky
1 July, 2017
"The minimum wage should be $20 an hour, “neoliberalism is tyranny” and the Republican Party is “dedicated to destroying human life,” renowned academic and activist Noam Chomsky told RT in an extended interview.
Chomsky again

E) Does anybody think that Trump could "jam" his military to cover his, I assume, sorry ass by starting any old war, just bomb something. Is the "possee comitatus act" relevant? How about Trump declaring a state of emergency after a terrorist attack; are federal workers, state or local workers, or the public of this country, in general, dumb enough to fall for Trump's lies.

F) When will Trump's largest constituency realize that his actions as President are likely screwing them?

G) Republicans in congress seem to be happy with all this "Trump noise" why they busily try to pass something. Regardless, if the Republicans repeal Obamacare, maybe Single Payer health insurance is that much closer (you know, I assume, one mainframe computer could handle 300-500 million patients). Businessman Trump apparently doesn't get it: 16% GDP on health care is a lot worse than 8% GDP. You know, a billion here and a billion there and pretty soon we are talking real money [snip]

Clive RobinsonJuly 16, 2017 3:12 PM

@ CIA flips...


One of the people in the thick of it is Sir Suma Chakrabarti. Who was not only involved with the Overseas Development Agency --when I met him-- but later he was one of Tony Blair's clique. But he's a "Purple" in that he cares not which party he works for as long as the advantages are good.

You might want to investigate what happened to the ODA as it became DfiD, and the privatisation of parts of it for peanuts to ODA / DfiD insiders especially the financial side. A number of people got very rich by turning the investment side from investing in Village and lower side community investments that raised people out of poverty --what the funnd was designed to do-- to becoming an invester in large businesses paying high rates of return. Some of the entities invested in are known exploiters of the poor thus not what the fund was designed for. Needless to say there is also reasons to belive that there has been involvment of other entities from the likes of the IC and even money laundering etc.

It will be interesting to see what other information comes out...

To see what the likes of the UK IC have got upto under Maggie Thatcher PM look into Matrix Churchill and the trial arising that partly led to the demise of the UK Customs and Excise. Put simply many Government Ministers elected to with hold evidence that would have shown that the defendants were actually put up to do what they had done by the UK IC. They signed Public Interest Immunity Certificates to the effect that National Security would be critically effected if the paperwork was released to the defense. One Minister refused to sign off on it and only after preasure signed off on a very weakened certificate. This became public knowledge and the Customs and Excise case colapsed as the judge ended the trial.

You can if you want dig through the "Scott Report" but it's long and tedious (I know I had access to a copy of it at one time). However what you might call "contemporaneous high lights" can be found here,

However whilst the report was supposed to be a game changer, it was nothing of the sort. Because the UK IC is still upto it's old tricks, and UK Ministers arr still very much the puppets that dance to their tune, not that of the people who elected them.

JG4July 16, 2017 4:02 PM

@who's more dangerous

This is a good point for me to steer the discussion back on the security track. I mentioned Karl Rove less for political reasons yesterday than for the cognitive damage done by his focused use of Bernays' propaganda techniques. Being cognitively captured by political memes is something like letting spook code run on your computer. I've seen a couple of Republicans get completely wrapped around Karl Rove's cognitive axles. They both kept repeating phrases as if they were hypnotized. One was, "But they're here illegally," and the other was, "But the Clinton administration made the banks loan money to people who couldn't pay it back." Right out of the Manchurian candidate, "The kindest man I ever knew." I didn't mean to steer the discussion into politics today or yesterday, but I wanted to put on the record that I'm not a Republican troll.

Destroy could be taken in many ways. Economically hollowed out is one of them and Ron Paul said about 10 years ago, and likely well before that, "The greatest threat to national security is the debt." It's a lot bigger now and much more serious. Worse, the polarization of wealth in the US and the world also is destabilizing, not that I have any useful suggestions for how to fix it, and the main relevance here is to security. In a previous comment, I almost compared the sickcare crime cartel to the military-industrial crime cartel, two additional serious threats to national security that both play a major role in the debt. I think that military spending is in the range of 6% of GDP, while sickcare spending is over 16% of GDP and rising fast.

I don't know what the gross margins in those sectors are, but that would point to how much free cashflow is avaiable for legalized bribery. The two cartels may be equal in political power, but the balance is likely to tip to sickcare, if it hasn't already. I had seen the claim about Trump's family looking for funding in Qatar and realized that there may be an analogy to what happened in Kuwait. Can't recall if the news about seeking funding in Qatar was before or after I realized that Kuwait may not have paid off enough US politicians to prevent the US from baiting Saddam Hussein into Kuwait. The real elephant in the room as far as foreign powers, including Russians, paying off US politicians is Hillary Clinton and the Clinton Foundation. Use of US national power to enrich polticians clearly is a security threat to the country and the world. It amazes me that the media can say anything about Trump and the Russians without mentioning the billions that flowed to the Clinton Foundation.

Kuwait is a nice wrap-up, because the propaganda techniques used in the run-up to the First Gulf War included testimony that Iraqi soldiers were bayonetting babies. Television was a mature medium in 1990/1991. When Bernays used radio to make substantially the same allegations in 1917, that the Germans were bayonetting babies, radio was a relatively new medium. The propaganda war was successful in getting the US public behind intervention. The US banks and corporations had loaned a lot of money to the French and British and wanted to be certain of getting paid back. The crushing defeat of Germany sowed the seeds of Hitler's rise to power and a more devastating war. John Boyd's principles hadn't been formulated yet, but they are worth reading. Had they been applied in 1918 to the Treaty of Versailles, history would be much different.

softswitchJuly 16, 2017 5:05 PM

@ Clive Robinson @All

"Further such systems can be used with pencil and paper by any one with a rudimentary education."

I'm interested in obtaining said rudimentary education. I was wondering if you might provide some guidance as to which pencil and paper crypto systems are more worthwhile (e.g., nice ease-of-use / strong-crypto mix).

@ JG4

"My comments yesterday might have been interpreted as being an anti-Republican troll."

This happens to me all the time when discussing any - typically emotionally charged - topic. I've noticed two poorly reasoned heuristics being employed:

1) If one is critical of one aspect of X, it follows that one is critical of all aspects of X.
2) If one is critical of one aspect of X, it follows that one is a proponent of the opposite of X.

"The democrats and republicans share roughly equal responsibility for the destruction of the US and the world."

I've *completely* lost faith in either of the two parties and come to see them as just another in a long line of wedge-issues-by-design perpetrated upon the populous by the 0.1%. I've also come to understand the relevant two parties to be 1) the plutocrats/oligarchs and their immediate servants (whose financial interests are politically represented in the U.S. by the DNC and RNC) and 2) everyone else (whose financial interests are politically represented by no one). Our political "leadership" incessantly propagandize the electorate with issues of social injustice in order to distract us from its primary cause; economic injustice.

Also, I feel compelled to add that while I'm very disturbed by what I see, instead of making me give up, it has made me engage the political system to a much greater degree than I otherwise would have. Basically, they've got my attention now.

CIA flipsJuly 16, 2017 7:02 PM

@Clive thanks for the Scott Report précis. Public Interest Immunity Certificates signed by 'ministers.' With their get-out-of-jail-free cards Waldegrave and Clark skate for ultra vires actions in manifest breach of UNSC measures, clandestine crimes in universal jurisdiction (funny the how the 'nightmare scenario' never includes ten years' rehabilitation in a humane Dutch prison.)

This is CIA's system of impunity imposed on its UK satellite. The US equivalent is a mix of secret law and legal pretext: the Rogers-Houston MOU, the Intelligence Identities Protection Act, and the operational files exemption. Gets state criminals off the hook for aggression, coup d'état, murder, torture, disappearance, drug and child trafficking, fraud and theft, extortion, trading in influence and abuse of function. It's turned the US and its hard-line NATO satellites into terminal kleptocracies that avoid state failure only by diverting resources to repressive capacity. The free world has evidently opted to contain the infestation and let the NATO bloc mafiya states totter on until the parasites kill the host.

Civil society initiatives are where the action is. Transparency International disaccredited its US chapter and dropped the US in their rankings. Barrett Brown is out of prison now and he's institutionalizing what he got locked up for. (

breaking newsJuly 16, 2017 7:02 PM

"Secretary of State Rex Tillerson meets with the emir of Qatar, Sheikh Tamim Bin Hamad al-Thani, at the Sea Palace in Doha on July 13. U.S. intelligence officials say the UAE orchestrated the hacking of Qatari government sites and placed false quotes attributed to the emir, sparking a regional crisis. (Alexander W. Riedel/AP)
By Karen DeYoung and Ellen Nakashima "

where are ianf and SkepticalJuly 16, 2017 7:44 PM

despite headaches, occasionally, they are occasionally missed

current eventsJuly 16, 2017 8:06 PM

"On Sunday, Trump’s personal attorney Jay Sekulow appeared on all five TV political talk shows to offer a spurious defense of the meeting. Sekulow appeared to blame secret service officers for allowing the Russians into Trump Tower.

“I wonder why the secret service – if this was nefarious – why the secret service allowed these people in?” he told ABC News. “The president had secret service protection at that point, and that raised a question with me.”

A spokesman for the secret service later confirmed that Trump Jr was not under the agency’s protection at the time of the meeting and “thus we would not have screened anyone he was meeting with"."

On Fox's show Sekulow seemed to say it is all Comey's fault that Mueller is involved, babbling about Comey leaking classified material (Did Comey leak classified material? Didn't Comey try to keep classified material out of his contemporaneous memorandum, including information leaked by a NYU law professor?), and Sekulow was good at not answering questions and rambling on.

From a Yale History Professor:

Clive RobinsonJuly 16, 2017 8:19 PM

@ Softswitch,

I'm interested in obtaining said rudimentary education.

I would hope that as you can type in an understandable way you already possess the rudimentary education ;-)

In essence all that is required is the abbility to write letters neatly in the boxes of squared paper and to add numbers without having to carry from one column to the next. That is C = (P+K) mod 10 of a simple stream cipher, where C is the resulting ciphering of a single plaintext number P with a keystream number K.

I was wondering if you might provide some guidance as to which pencil and paper crypto systems are more worthwhile (e.g., nice ease-of-use / strong-crypto mix).

The simplest to use pencil and paper crypto is the One Time Pad. You simply write your message under the Key Text and do the required "modular addition" of the two, either in your head or by "counting" along an alphabet strip or using a "Ceaser Square".

As long as the keystream is sufficiently random[1] and only used once, the system is considered secure because all messages of the same length are equiprobable.

The problem with such a system is that you need a large amount of Key Material (KeyMat) which needs to be kept secure. Which can be a logistics nightmare if you do not do Key Managment (KeyMan) correctly.

Thus you might need to use a more complicated system that you can carry around in your head. If you do you need to make four basic steps.

1, Flatten the Plain Text statistics.
2, Generate the Key Stream.
3, Make the Cipher Text.
4, Change the statistics of the Cipher Text.

I won't go through all of it again as I have in the past on this blog. But the important thing to remember is that you should keep messages short such that idealy they fit in an SMS or tweet. As anything longer just makes the odds of the determanistic key stream generation being broken.

If you look at the VIC Cipher[2] you will see the components you need such as the "straddling checkerboard" to change / flatten the statistics of a text stream.

However whilst the VIC cipher was unbroken by the NSA whilst it was in use the stream generator would be considered too weak these days. Likewise since 2013 Double Transposition is known to have issues in use[3].

Importantly you can use the likes of a pack of cards to make a key stream generator similar to either a lagged Fibonacci Generator, a reduced version of Ron's Code Four (RC4) or a Mitchell-Moore generator. You can also memorise the Python --or Perl-- code to make such generators and run them on issolated computers or even programable calculators, to give you a semi secure device beyond the communications end point.

[1] By "sufficiently random" they are indicating that each letter/number in the key stream is independent of all other letters/numbers. That is the stream is generated in an unbiased non determanistic way. Which you can do yourself with a couple of dice and a six by six square you use to convert each throw of the pair into a single letter/number.


[3] "Solving the Double Transposition Challenge with a Divide And Conquer Approach", Cryptologia, Volume 38, Issue 3 by G. Lasry, N. Kopal and A. Wacker.

Not a nameJuly 17, 2017 7:09 AM

One might want to take a look at the current hubbub on the IETF's TLS mailing list about standardizing wiretapping in TLS.

Clive RobinsonJuly 17, 2017 9:26 AM

@ JG4,

Clive will get a kick out of the ending of the tally stick article.

I already knew of it as a salutory lesson of the ephemeral nature of financial wealth (I occasionally wax on about the difference between token money and assets and how token money is specifocally designed to make the poor poorer whilst the asset holding rich get richer by "rent seaking").

The interesting thing is money in war zones, almost anything will do especially when to try and enter a bank would almost certainly be a death sentance from one side or the other. The UK Cambridge University Computer Labs wrote some interesting papers on the likes of using "phone cards" and other "service tokens".

Our host Bruce once wrote a little crypto algorithm for the book Cryptonomican. If you read the first part of the book it describes a system of banknotes printed by stamping cut up newspaper with a value and then pressing a bank ink seal to it. This is more or less true of the time and place, as is the story of men with bamboo poles with teachests of this paper money running from bank to bank to reconcile the notes befor the end of the day.

Oh and speaking of base metal coins there is the story of the Canadian bank "Big Maple" solid gold coins that weighed around 1/10th of a ton and how one was stolen by a couple of blokes in Germany,

Having lifted 100Kg from time to time when younger and a lot fitter I have a good idea just how much they must have worked out.

@ Dirk Praet,

Having heard the story, the thought did occure to me, having heard about your fitness regime and friends, that you might possibly have slipped across the border to shift it ;-)

Dirk PraetJuly 17, 2017 5:35 PM

@ Clive

... the thought did occure to me, having heard about your fitness regime and friends, that you might possibly have slipped across the border to shift it

Sounds like an inside job. Push pressing or bench pressing 100 kg. requires some training, but carrying something as awkward as that around is definitely something I'd hire a couple of Chechens for. They're pretty affordable in Berlin, from what I'm told.

chuck cryptoJuly 18, 2017 3:45 AM


A few weeks old but didn't see this here, so could include it in the crypto newsletter. A paper on full key recovery for all 1024 RSA and approx 1 in 8 keys 2048 for libgcrypt (GnuPG) due to a very old recommendation in a 90s applied crypto book (it wasn't your book :), the old Vanstone/Menezes book). Full paper here

Felix Dörre and Vladimir Klebanov from the Karlsruhe Institute of
Technology found a bug in the mixing functions of Libgcrypt's random
number generator: An attacker who obtains 4640 bits from the RNG can
trivially predict the next 160 bits of output. This bug exists since
1998 in all GnuPG and Libgcrypt versions.

chuck cryptoJuly 18, 2017 4:07 AM

Forgot, another thing to add to the crypto newsletter is Wireguard's protocol was formally verified and seems like a great replacement to the spaghetti code that is the OpenVPN library or confusing complexity of IPSeC. Finally a tunnel that supports Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, HKDF, ect

Clive RobinsonJuly 18, 2017 4:44 AM

@ chuck crypto and the usual suspects,

... due to a very old recommendation in a 90s applied crypto book...

The full story is a bit more complicated than that, and is important to know because it has an important lesson about "Security-v-Efficiency" that people should be aware of.

Whilst the authors of the paper are correct to say the book only gives a right to left sliding window example, they don't say why which the book does.

If you have a copy of the book the offending algorithm is in "Chapter 14 Efficient Implementation". The book authors give a succession on more efficient algorithms both left to right and right to left.

However when you get to the sliding window algorithm on page 616 you find,

14.84 Remark (right to left k-ary exponentiation) Algorithm 14.82 is a generalisation of Algorithm 14.79. In a similar manner, Algorithm 14.76 can be generalized to the k-ary case. However, the optomization given in Algorithm 14.83 is not possible for the generalized right-to-left exponentiation method.

You will see the last sentance explains why a right-to-left algorithm has not been given[1].

In effect it's a case of "One efficiency to many".

There are untold numbers of algorithms where trying to make them more efficient makes them a great deal less secure.

I keep banging on about "Efficiency-v-Security" but I often get the fealing I'm talking to a chosen to not hear audience.

Thus paper, is probably a first when it comes to actualy showing academicaly there are very real problems with "Efficiency-v-Security".

[1] Further to be fair to the authors when the book was written there was little or no interest in the academic domain in side channel attacks. If there had of been it's doubtfull that the AES competition would have selected the algorithm they did (Something the SigInt agencies benifited from for years).

Clive RobinsonJuly 18, 2017 4:50 AM


In my above,

    ... the book only gives a right to left sliding window example...

Should be,

    ... the book only gives a left to right sliding window example...

Note to Self : tripple check befor hitting submit ;-)

nbuuckJuly 18, 2017 5:48 AM

Mr. Schneier,

I thought it worth noting here that the 20th Anniversary Edition of your book Applied Cryptography: Protocols, Algorithms and Source Code in C is available in the $15 USD tier of the book bundle on sale at Humble Bundle for 13 more days.

JG4July 18, 2017 6:57 AM

"their entropy maximization is not your entropy maximization"

is it correct to say 'the phrase of art is "getting the threat model right"?'
the totalitarian states can offer perfect security, but it's a lie
Would you let a stranger sit in on your children’s playdates so that he could better understand how to entice them with candy or a doll?

it's always about money and power
Tillerson's real message is not the hacking accusation. The hacks themselves are not relevant to the spat and to Tillerson's efforts to defuse it. The "leak" sets the UAE and Saudi leadership on notice that the U.S. has sources and methods to learn of their government's innermost discussions. The real threat to them is that other dirt could be released from the same source.

their threat model isn't your threat model

Pussy Riot Founder & John Cusack On How Americans Wildly Misunderstand Putin

altruism is just entropy maximization pursued by other means - with apologies to von Clausewitz

it would be handy if there were fitness tests for software, because then you could apply genetic algorithms to fixing them

"sovereignty for all"

a nice data visualization, but it omits all information about what those taxes buy. at a minimum, a second axis is required to produce any useful policy discussion

just as ill-fated as the nuclear non-proliferation effort that took a wrong turn?

China Takes Advantage of U.S. Limits on Drone Sales

South Carolina May Prove a Microcosm of U.S. Election Hacking Efforts
There were nearly 150,000 attempts to penetrate the voter-registration system on Election Day 2016, State Election Commission says

file under "a doctor who knows how to have fun," but you probably don't want to pay them $1.1 million per year out of university funds

Our Famously Free Press
This Is How Your Fear and Outrage Are Being Sold for Profit Tobias Rose-Stockwell, Medium

Imperial Collapse Watch
Warplane faces ‘tech problems and cost blowout’ Sky News. This is a reworking of the Times story from yesterday’s Links, which is paywalled. Includes this gem: “[T]he F-35 cannot transmit data to British ships and older aircraft without giving away its position.”

political violence isn't new

Shackled skeletons in mass grave could be rebel army that tried to take Athens 2,600 years ago International Business Times (Re Silc).

Mass Grave Of Dozens Of Tortured Black Men Found In Deceased KKK Leaders Estate Jackson Telegraph

JG4July 18, 2017 7:47 AM

@Bruce - this one is profound enough to be a post
Ben Shneiderman, a computer science professor at the University of Maryland, proposed the concept of a National Algorithms Safety Board, in a talk at the Alan Turing Institute. Modelled on the National Transportation Safety Board, which investigates ground and air traffic accidents, this body would similarly be charged with investigating harm, and specifically in deciding who should be held responsible for algorithmic harm.
...[this is the AI problem writ smaller]
It’s time to gird ourselves for a fight. It will eventually be a technological arms race, but it starts, now, as a political fight. We need to demand evidence that algorithms with the potential to harm us be shown to be acting fairly, legally, and consistently. When we find problems, we need to enforce our laws with sufficiently hefty fines that companies don’t find it profitable to cheat in the first place. This is the time to start demanding that the machines work for us, and not the other way around.

ab praeceptisJuly 18, 2017 7:57 AM

Clive Robinson

I am shocked, shocked, shocked!

Who could have thought that a lousily engineered vulnerability collection, err, I mean a fine product, of one the worst large corporations ever - whose business process can be described roughly as "spy on everyone and then use that to bomb them with advertisement spam" - that also happens to happily mingle and colaborate with politicians and spooks, could possibly be not perfectly secure?

OK, granted, said company from all languages chose java, one of the worst ones and with an abysmal track record. OK, granted, they also clusterf*cked their whole eco system and made sure that getting updates is a lottery for their users, but still.

I'm shocked!

I'll install a javascript and xml based cloud password manager right away to be well protected.

ThothJuly 18, 2017 9:18 AM

@ab praeceptis

You should use the hybrid of Adobe Flash, MS Silverlight, JS/CSS/HTML5 for the Password Manager. The Cloud would use a very secure LAMP stackbwith systemd inside for the Password Servers and OpenSSL for FIPS approved crypto.

Which date should I choose for my next release of golden stickers :) .

No Way: Eliminate Human or Algorithmic SchemingJuly 18, 2017 9:41 AM

I agree completely that citizens should control their lives with neutral experts advising legislators.
The Congressional Budget Office is a successful example.

However playing devils advocate these algorithms ARE the most prized possession of data mining companies. Advertisers, Intelligence agencies, Wall St, employers, insurance companies all work in secret using proprietary technology. They purposely make these recording devices as addicting as possible to create minds of mush. Critical thinking is replaced by subliminal steering.

Years ago Google had offices in China. It was widely reported its family jewels (algorithms) were stolen. Unable to manipulate the politicians of the Communist Party, Google fled China. Note: presidential candidate Mark Z should make this a learning example

The American economy of (ultimately forced) sharing is based upon these (omnipotence, omniscience, omnipresence) algorithms. Already those who share their personal lives with these algorithms have been trained to discriminate against those who don’t. Example 45% of corporations view job applicants who choose NOT to be data-mined as suspicious.

However when confronted by a bigger bully, corporations will show their algorithms when privacy can be maintained. In one example Microsoft works with special Chinese company to install government back-doors. Now Five Eyes Australia is demanding similar eavesdropping access.

In the American land of profit-driven excess its up to each individual to survive. Its a fight against secret , powerful special interests. It may take 20 years for a law to finally restore privacy.

While I’d like to see this American panel build upon Europe’s data privacy regulations, it ain’t going to happen. We the people are too corrupt.

Eliminate Human Scheming
Instead, as an example we can use the huge inflow of retirement funds into PASSIVELY managed ETFs. This strategy eliminates many of the abusive (but legal) techniques like high-frequency trading or naked short selling. However it also eliminates jobs!

How many Wall St algorithm writers when to jail who caused the 2009 great recession? Or flash crashes?

If a driver-less car causes deaths who is going to be held responsible? The data-ming industry? LOL!
Will your cars algorithms give your families life the highest priority? LOL!
Lobbying a corrupt Congress, they will require each passenger to pay for individual NO-FAULT insurance.

Elon Musk warns of future chapters where people become extraneous chaff and algorithms fight algorithms.

Traditionally is physically blowing-up these computer networks the only solution? (when an EMP would also work just fine?)

Logically a NTSC/CBO algorithmic harm board would be the sustainable and peaceful solution. Realistically, at least in America, we only put up traffic lights after numerous deaths. Or sprinklers in buildings…profits always comes firs Besides the industry claims any expert review would stifle innovation.

CallMeLateForSupperJuly 18, 2017 9:59 AM

@Jared Hall All
"Alas, there's very little distinction these days between a Politician and a Terrorist. They both want to screw you."

Sounds like Mark Twain. :-)

“We hope to issue this week a new directive on asset forfeiture — especially for drug traffickers, [Attorney General Jeff] Sessions said in his prepared remarks for a speech to the National District Attorney's Association in Minneapolis.

Make no mistake, this renewed assault is not limited to "drug traffickers". Asset forfeiture laws are broadly worded, so broadly that any person can run afoul of them. Search "asset forfeiture" and then scan the many "hits". Tons of news articles from just the past several years. Asset forfeiture, as it is codified, is a dirty business.

State Rep. Stephan Hay of Massachusetts has written a bill aimed at outlawing hidden compartments in all types of conveyances. Why? Because hidden compartments are used by distributors/transporters of controlled substances. No charge, no arrest, no conviction would be needed to ensnare a person. Officer Obie wouldn't have to find any illegal stuff, because Rep. Hay's bill, H1266, says that a hidden compartment's mere existence is prima facie evidence of intent. In other words: hides are used to move drugs; you have a hide: ergo YOU INTEND TO (do something with) controlled substances. This bill is a specie of no-logic logic.

ab praeceptisJuly 18, 2017 10:12 AM


I would love to but I haven't yet succeeded to integrate my firefox plugin based web server into systemd. But your suggestion to use mysql for storage is excellent! I'll just have to work out a golden sticker worthy way to send the pass phrases through google mail to my super high security cloud password vault.

Btw, I feel a little insulted by your advice to use openssl, too. As if I wouldn't know that! *Of course* I would like to use openssl (ssl 2) but unfortunately it's one of the few things that are not yet fully absorb^h^h^h^h^h^h integrated into systemd.

ThothJuly 18, 2017 11:46 AM

@ab praeceptis

You won't need Firefix plugin based web servers. I would suggest you use Javascript web servers -> Node.js. Surprisingly a ton of people swear by and actually use a Javascript Server engine (golden sticker is the Chrome V8 JS Engine it uses :) ... see one golden sticker up for grasp).

So here's how to build a golden sticker filled to the walls and ceilings Password Database Server.

1.) Node.js as the web server (Chrome V8 Engine golden sticker)
2.) OpenSSL extension for Node.js (FIPS 140 golden sticker) also remember to use DES encryption with export control enabled (i.e. 40 bit DES and 512 bit RSA without padding)
3.) TingoDB is a NoSQL database suitable for the Node.js as it runs within Node.js as an embedded database application in a Node.js Chrom V8 JS Secured Runtime Environment
4.) Standford Javascript Crypto Library for Client-side browser crypto of the Password Manager client and it should be secure because it came out of Standford
5.) The rest of the client side is just Javascript in browser for the Password Client web form

Three golden stickers nailed in a very simple description above that covers FIPS crypto as well as the NSA, GCHQ, Theresa May, Malcolm Turnbull et. al's favourite FIPS approved DES with 40 bit keyed for export control and 512 bit RSA without padding because whoever bothers to pad anything as normal RSA maths is too complex already.

Note that all technology tries it's best to use the best of Javascript and OpenSSSSSSeeeeeLLLL ....

controversial- who's more dangerousJuly 18, 2017 1:08 PM

@Clive Robinson

"From a European perspective neither the Democrats or Republicans are seen as being "leaders" thus there may well be a hardening of relations towards the US, which will please the likes of China, India, Iran, Russia and South America. In years to come will historians look at the Trump years as the begining of the fall of the USA?"
To call Trump a liar seems to achieve nothing in this country.

Trump is so full of sh*t his eyes are brown. I look forward to Trump et al. in jail or prison.

Trump is not stupid, however, and he probably knows it is not good to double-cross the mob. On the other hand, how long would Trump last with the general population in jail or prison? I heard today that there are 2 million in jail or prison in this country, 3 million on parole or probation, and a good show on TV tonite.

Regarding there not being much daylight sometimes between special-interest controlled or lobbyist controlled Democrats and Republicans you might find this interesting in regard to USA's foreign policy.
"One of the most under-discussed yet consequential changes in the American political landscape is the reunion between the Democratic Party and the country’s most extreme and discredited neocons. While the rise of Donald Trump, whom neocons loathe, has accelerated this realignment, it began long before the ascension of Trump and is driven by far more common beliefs than contempt for the current president.

A newly formed and, by all appearances, well-funded national security advocacy group, devoted to more hawkish U.S. policies toward Russia and other adversaries, provides the most vivid evidence yet of this alliance. Calling itself the Alliance for Securing Democracy, the group describes itself as “a bipartisan, transatlantic initiative” that “will develop comprehensive strategies to defend against, deter, and raise the costs on Russian and other state actors’ efforts to undermine democracy and democratic institutions,” and also “will work to publicly document and expose Vladimir Putin’s ongoing efforts to subvert democracy in the United States and Europe.”"

controversial- who's more dangerousJuly 18, 2017 1:15 PM

and, food for thought,
Would Trump be entitled to Secret Service protection in prison or jail?

ab praeceptisJuly 18, 2017 1:18 PM


A very cunningly laid out trap, compliments!

But I won't fall for it. While I will doubtlessly steal some elements from your solution, I will not use it due to 2 major weaknesses:

- One shouldn't bet all on 1 language, not even if it's untyped with many other weaknesses. At least some parts should be implemented in php (remember? php is now secure!) and for good measure in java (c++ is fine, too).

- I reject anything not browser based as not sufficiently secure. nodejs doesn't show a golden lock nor a green bar.

A very nice property of your suggestion, though, is that nodejs will doubtlessly soon be incorporated into systemd.

Side note: your crypto propositions are excellent (albeit a bit on the overkill side) but I'll have to wait a bit because I want to rip out the slow probable prime generator and replace it with a fine solid hardwired random probable prime like 42 which has the added advantage of being a multiple of 2,3,and 7 all of which are prime (but too easy to guess by themselves).
Say, you wouldn't happen to know an openssl implementation in javascript?

Btw, why are nodejs and php not yet eal-7? I assume that nsa is behind it to keep people away from security.

Let's continue working on that cloud based 142% secure solution. Maybe we should add AV scanning and some xml?

Clive RobinsonJuly 18, 2017 2:53 PM

@ Thoth,

Which date should I choose for my next release of golden stickers :)

Well in the Northern hemisphere it's that time of year when children were required to start picking crops etc. Which has kind of become enshrined in the school system...

So it's time to turn on those valve amps let the warm up reduce the hum, crank the volume all the way to eleven and give that old Alice Cooper record full welly as you scream out "School's out all summer"...

book_reviewJuly 18, 2017 2:53 PM

@Dirk Praet

[snip]"pressing or bench pressing 100 kg. requires some training, but carrying something as awkward as that around is definitely something I'd hire a couple of [snip]

Not sure about genetic origin or country of origin, but 'Girl w/a Dragon Tatoo', scene where a guy who feels little pain, with his feet being stapled to a wood floor, comes to mind.

OT aside from type, blood used for tranfusions may be fungible for citizens or residents of the blue planet

https://panopticlick.eff.orgJuly 18, 2017 5:31 PM


Tails w/TB security level "high"
Within our dataset of several hundred thousand visitors, only one in 210.13 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 7.72 bits of identifying information.

Tails w/TB security level "medium"
Within our dataset of several hundred thousand visitors, only one in 4297.94 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 12.07 bits of identifying information.

Tails w/TB security level "low"
Within our dataset of several hundred thousand visitors, only one in 4298.02 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 12.07 bits of identifying information.

Within our dataset of several hundred thousand visitors, only one in 4261.08 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 12.06 bits of identifying information.

Tails w/Unsafe Browser
Within our dataset of several hundred thousand visitors, only one in 4224.69 browsers have the same fingerprint as yours.
Currently, we estimate that your browser has a fingerprint that conveys 12.04 bits of identifying information.

hbo go

JG4July 18, 2017 5:58 PM

from the afternoon compendium
The Bezzle: “Head of troubled Google Fiber steps down” [Financial Times]. Google should stick to its knitting and decrapify search.

UPDATE “Watch this extorted money get lost in the expanse of the blockchain” (fun animation) [Quartz]. “[F]unds appeared to be sent through a bitcoin mixer, also known as a tumbler, which is a complex series of transfers that bitcoin owners can use to obfuscate the paper [JG4: rust] trail between two or more bitcoin addresses on the blockchain, essentially laundering their money.”

Eye in the sky

RachelJuly 19, 2017 4:26 AM

To the variety of (seemingly Australian) posters complaining about the potential encrypion laws , for your clarity I am bumping the following article posted by Snowden hater @ Daniel (thanks Daniel) which does much to elucidate and refine the arguments

@ Call me Late For supper - 'roo police' that was very funny. True story: the most popular accessories in non urban australia, are a spotlight for the back of the truck, a .22 calibre rifle, and a bumper sticker reading
'if you can't root it, shoot it'

Turnbull is a venture capitalist now wearing the frock of politics.
Clive Robinsons and Ab Praeceptis comments about politicans are correct. However , what we miss, which @tyr no doubt appreciates, is the quantum leap of cognitive dissonance between the televised stage managed sound bite repeated and mocked ad nauseum. And what's actually being discussed and planned in the corridors and chambers and committees.
Without giving credit where none is due, for one thing often these politicians deliberate say dumb things to intentional attract derision. It's a strategy.
And, as alluded to in the above article, in general their understanding or at least attitude towards certain policies is so much more pointed (or broad) than the highly directed, highly scripted tv pantomimes could ever allude to.

JG4July 19, 2017 8:10 AM

As always, appreciate the useful ideas discussed here. Clive's discussion of superpowers (good situational awareness coupled with appreciation of the quagmire of conflicts of interest on the blue marble) jogged my memory that there is another tool in the superpowers kit called gallows humor. I've probably mentioned Admiral Stockdale and his paradox before. Dovetails to Clive's big lie utility. You could lie to yourself that you will prevail in the end, a sort of "fake it 'til you make it," even when it is less than clear that you will.

"You must never confuse faith that you will prevail in the end—which you can never afford to lose—with the discipline to confront the most brutal facts of your current reality, whatever they might be."

Stockdale was the highest ranking POW in Vietnam. When he thought that they were going to parade him on TV for propaganda, he beat his face so badly with a wooden stool that they couldn't. His greatest fear was that his captors would discover that the Gulf of Tonkin incident was fabricated as a scam to enter the war. Fake news isn't new. Stockdale on the optimists is another good topic.

Getting back to my point about gallows humor, it is a powerful tool in the hands of a good leader. The facts of their current situation were somewhat brutal, in that a block of stone twice the size of a world trade tower had fallen in the mine trapping them deep underground.
‘On about Day Ten, I was sleeping and I heard the others moving about. The mood was sombre. So I lay very rigid and I said very weakly, “Hey guys, hey, I need to say something.
‘They gathered around and I was playing like I was dying and I said, very slowly, “My friends, say to my family that I love them. Tell them that the money is in the . . .” and then I pretended to expire. The others were quiet and I held my breath. Then I could hold it no more and burst out laughing!
‘They started yelling at me. But many of them have told me since that this is the moment when they realised God had a plan for them. Even if we were all going to die down there, we were going to do it as a group, with dignity.

Approaching peak irony - mind the event horizon. I haven't said liars, thieves and murderers enough lately, but aren't these the same people who didn't give their server to the FBI for analysis? And possibly the ones who murdered Seth Rich? In keeping up the tradition of equal-opportunity hate, there are plenty of Republican-linked people who have died mysteriously. One involving Jack Abramowitz.
Please Kill Me Now

Belfer Center Launches “Defending Digital Democracy” Project To Fight Cyber Attacks and Protect Integrity of Elections Belfer Center

The Belfer Center for Science and International Affairs at Harvard Kennedy School launched a new, bipartisan initiative today called the “Defending Digital Democracy” (DDD) Project. Co-led by the former campaign managers for Hillary Clinton and Mitt Romney and experts from the national security and technology communities, including Facebook and Google, the project aims to identify and recommend strategies, tools, and technology to protect democratic processes and systems from cyber and information attacks….

[T]he project will be run by Eric Rosenbach, Co-Director of the Belfer Center and former Assistant Secretary of Defense….

Rosenbach recruited Robby Mook, Hillary Clinton’s 2016 campaign manager, and Matt Rhoades, Mitt Romney’s 2012 campaign manager, to join DDD as Fellows and co-leaders.

“Entities.” Why do I think that hand-marked paper ballots, hand-counted in public, won’t make it onto this group’s agenda? Good to see Robbie Mook’s got some cash coming in, though. He must need it.

RachelJuly 19, 2017 9:25 AM

'As always, appreciate the useful ideas discussed here. Clive's discussion of superpowers (good situational awareness coupled with appreciation of the quagmire of conflicts of interest on the blue marble) jogged my memory that there is another tool in the superpowers kit called gallows humor'
I was keen to learn more about Clives taken on situational awareness as grows from his proverb ' seen somewhere else' - I've also noted the word 'seen' in his mantra as being deliberately included. ie merely being somewhere else is only halfway there
practical situational awareness has been discussed in a security context on this blog and in posts by Mr Schneier and of course by Clive - I've searched for these topics previously.

I am also reminded of the implications of the OODA loop.
One application of the OODA loop is recognising it relates to the behaviour of predators. Disrupting the execution of their OODA loop is integral to survival.
One example, if simplistic or crude, is that of an normally lovely lady bursting into a crowded room with a gun larger than a Deringer and demnanding everyone obey her orders. Her OODA loop includes outcomes of people screaming, freezing, and being herded like cattle.
Disrupting the OODA loop in this case is physically disabling her within seconds of her apperance through the door. She certainly was not expecting that.

by the way, as you enjoyed the Jim Jeffries piece on gun control (did you send it Yves?) there was something else you discussed recently that reminded me of another short piece of his on 'americas freedom' you may appreciate. Similarly styled social commentary

Clive RobinsonJuly 20, 2017 1:24 PM

@ Bruce and the usuall suspects,

You might find this of interest,

From IEEE Security and Privacy 2017 it's a paper titled,

    IoT goes nuclear: creating a ZigBee chain reaction

The title kind of says it all, as does the first paragraph,

    Within the next few years, billions of IoT devices will densely populate our cities. In this paper, we describe a new type of threat in which adjacent IoT devices will infect each other with a worm that will rapidly spread over large areas, provided that the density of compatible IoT devices exceeds a certain critical mass.

The method of propagating the worm is the very short range ZigBee radio protocol, which in many ways can be viewed as a simplified BlueTooth. Which makes ZigBee the preferential protocol for many IoT devices.

The authors developed such a worm for Philips lights, and in their words,

    … we developed and verified such an infection using the popular Philips Hue smart lamps as a platform… The attack can start by plugging in a single infected bulb anywhere in the city, and then catastrophically spread everywhere within minutes.

Nuff said as they say.

FigureitoutJuly 21, 2017 12:34 AM

Clive Robinson
--I don't support this kind of IoT but probably way overblown lol, first every building needs those lights if they want a true zombie infection scenario, which I'm sure Philips would be quite happy if that were the case. Funny how they say "simplify your life" when attaching a radio to a light bulb seems to be opposite...I can make my own custom light switching systems as can millions of people in the world w/ infrared control so line of sight and proximity is a must (beyond hiding a remotely controlled IR remote, which is just silly & requires break-in). And no OTA updates.

But here's some relief too:

The Philips Hue lightbulbs are very hard targets for finding and exploiting software vulnerabilities. They use processors with Harvard architecture that does not allow for code execution from memory. We are forced to use only ROP (Return-oriented programming) attacks that require knowledge of the code and customization for each model. Instead we looked at the possibility of exploiting the ZigBee Over-the-Air Upgrading Cluster standard [19].

I personally disable any OTA functionality in any products I do (though it would be useful for testing and firmware upgrades), unless told otherwise, and they had to do side-channel analysis of AES to break the crypto of the encrypted images. The main authentication feature was completely broken (reading power levels). They did a number to it (must've channeled quite a bit of IoT hate into this lol) but had full physical access, which you could take apart most electronics in the world doing that. Had I think the guy from hackaday (O'Flynn w/ chip whisperer) and Adi Shamir.

But this research is just going to lead to harder defenses (we need the next big steps in embedded world). So that's good. Need an actual zombie infection to happen to start taking it seriously (by a drone too for extra movie plot points), and it'd be good if it's just lightbulbs they brick lol.

FigureitoutJuly 21, 2017 12:46 AM

Clive Robinson
--Personally hearing some stories from some of my colleagues working in power industry about scenarios of bringing down power system (and cascading failures) is way more terrifying than lightbulb malware.

tyrJuly 21, 2017 2:13 AM



I noticed in the mad new world of nanotech
today a gadget which is supposed to be a
replacement for the transistor. The gate
drain and source pads are connected to
an array lattice one atom thick. The gate
is below drain and source are on each end.

As an ancient firebottle tech it looks
just like a vacuum tube operation without
the heating element to boil off electrons.
They seem to think it will be the future
of transistors in addition to being easy
to make.

One thing is certain the future electronics
is going to amazingly different ( I include
the spintronics and quantumdot things in
the electronics word ).

RachelJuly 21, 2017 3:20 AM

Figureitout; Clive

--I don't support this kind of IoT but probably way overblown lol, first every building needs those lights if they want a true zombie infection scenario, which I'm sure Philips would be quite happy if that were the case. Funny how they say "simplify your life" when attaching a radio to a light bulb seems to be opposite..

ROFL you owe me a new keyboard!
Phillips would love such an scenario. Some colleagues of mine were friends with a high level Phillips executive. It was confided that Phillips were very concerned about Brazil (or was it China) railroading them out of lightglobe manufacturing. So Phillips used their not inconsiderable influence and buying power to lobby governments to ban the commmon lightglobe on environmental grounds, allowing Phillips to usher in their new and improved product, featuring a significantly larger environmental footprint, lower quality and strength of light promoting widespread seasonal affective disorder (SAD), and some interesting issues if they are dropped in an enclosed space. Fantastic!
I recall Phillips line on the compact disk 'you know how we said they'd last forever? Well, by forever we meant 10 years'
That new fangled compact disk thing was a major factor in destroying the recording and music industries, although the record companies becamse very wealthy from all the re-issues. Analog music was never the same again.
non-rhetorical question - does any one conciously boycott Phillips? there are worse ideas out there

Dirk PraetJuly 21, 2017 4:55 AM

@ usual suspects

Despite someone claiming here a while ago that Veracrypt development had been halted, Mounir Idrassi last week released v. 1.21. This release fixes a regression crash when running on CPU's not supporting extended features (SSE2 et al) and adds support for building on FreeBSD. The warrant canary is still in place.

If you like Veracrypt, please consider a small donation.

JG4July 21, 2017 7:17 AM
New Cold War

China’s navy expands reach: Ships in Baltic for drills with Russia CNN

U.S. general says allies worry Russian war game may be ‘Trojan horse’ Reuters

The Northern Sea Route, Russia’s Coronary Artery World Policy (Re Silc).

Presidents v. Generals Andrew Bacevich, LRB

* * *

Trump team seeks to control, block Mueller’s Russia investigation WaPo. Reading the body of the article, “Russia investigation” seems a bit of a misnomer.

Trump Aides, Seeking Leverage, Investigate Mueller’s Investigators NYT. Reading the body of the article, big shake-up on Trump’s legal team.

Something to look forward to:

Trump’s Self-Pardon? Seriously? The American Conservative

Deutsche Bank ‘expects to face Trump-Russia probe’ Deutsche Welle

Trump Turns on Jeff Sessions The National Interest

Trump expected to make Scaramucci communications director Axios

Louise Mensch’s Destructive Fantasies Charles Cook, The National Review

Imperial Collapse Watch

Exclusive: Bannon & Kushner Want to Outsource Afghanistan to Mercenaries The American Conservative. What could go wrong?

Is the Military Losing Its Ability to Fight Capable Foes? The American Conservative

Part I: F-35 in the Crossfire (podcast) Aviation Week. Part II.

Bob PaddockJuly 21, 2017 2:51 PM

@try your nano-transistor brought this to mind:

Nanobacterium sanguineum:

"Researchers E. Olavi Kajander and Neva Ciftcioglu discovered in 1995 that nanobacteria secrete a sticky, calcium-rich coating that allows them to adhere to cells inside artery walls and to each other. The coating then calcifies into a shell, protecting the bacteria from the immune system as well as all antibiotics, radiation, and even chemotherapy. An inflammatory cascade is initiated in the artery or organ that ultimately forms hard calcific plaque. The plaque layers continually grow over a period of years, eventually leading to blood vessel or organ disease. Due to their small size, nanobacteria slip through conventional filters and can contaminate vaccines and other biological treatments."

Then we have the security related issue of nano sized weapons.

a tails taleJuly 21, 2017 2:53 PM

scenario: using Tails 3.0.1 on 'free' wifi

a) started w/ javascript webmail reading, then writing an email, and low and behold a screen flashed up saying something like 'unable to upload your desktop' as an attachment. Strange, I wasn't trying to upload any attachment.

b) my typing on javascript webmail got swallowed by a clicked link that I don't think I clicked on. Couldn't backtrack (back arrow). Strange2, 'duplicative' typing was required.

I wasn't using protonmail. I assume, however, these hassles were related to javascript being turned on.

moral of the story, when using webmail, type in 'Text Editor' and then cut and paste into your email message, for time and thought savings, but perhaps not for better security.

Hours later he/she says maybe I should get around to rebooting

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.